We're probably rehashing the DNSEXT discussion here, but I wasn't part of
the DNSEXT discussion.....
LLMNR allows me to treat names in a different way than mDNS does.
If I have a name that I'm certain I own (this box is, with high certainty,
the only one in the world named HALVESTR-W2K02.emea.cisco.com), LLMNR
allows me to assert that name on a LAN even when the DNS is not available,
or when that name is not currently asserted in the DNS.
mDNS, as I understand it, doesn't allow me to do that - I would have to
assert "HALVESTR-W2K02.local", or "HALVESTR-W2K02.emea.cisco.com.local".
If we separate the concept of "name ownership" from "name assertion
mechanism", and regard the DNS as just one mechanism of name assertion,
then the problem reduces to "how do I prove that I have rights to the
name", rather than "what name should I assert".
I think the LLMNR spec, which only talks about mechanism, is missing a
reference to some other document (which may not exist, being too
controversial to get written) laying out a theory of name ownership, in
which both DNS and LLMNR fit as assertion mechanisms.
Not that I can say, based on this, that one of (LLMNR, mDNS) is better than
the other. But it certainly emphasizes the fact that they're attacking the
problem from completely different perspectives.
--On 31. august 2005 23:34 -0400 Keith Moore
Dave Singer wrote:
The whole idea that 'real DNS' can arbitrarily pre-empt local name
resolution seems, well, wrong, and needs serious study for security
implications for the services using those names, no?
The whole idea that local names should look like DNS names and be queried
through the same APIs and user interfaces seems, well, wrong (or dubious
at best), and needs serious study for the implications of applications
using those APIs and the impact of such names on DNS, no?
IMO, local names and a lookup service for local names would be extremely
useful, but neither the names nor the query interface should look much
like DNS - the names should look different because otherwise there's too
much potential for confusion with DNS names, and the query service should
look different because local name lookup service probably can't make the
same kinds of consistency or stability assurances that DNS does.
Ietf mailing list
Description: PGP signature
Ietf mailing list