You might note that in the technical discussion, I argued _against_ the idea
that this is a problem with LLMNR. Personally, I consider the fact that mDNS
attaches special semantics to .local to be a problem with mDNS.
If the DNSEXT WG wants to document recommended resolver behavior with
respect to the .local domain, it can do so. However, your message essentially
*orders* the WG to do so, as a precondition for publishing any documents on
the topic. That is inappropriate.
Absent any mandatory-to-implement security, we sometimes accept an
applicability statement that explains the environments in which it is safe to
use a protocol without any protocol-specific security mechanism, but I didn't
find that in the LLMNR document either. Is it there?
Yes, it is.
From Section 5.2:
Limiting the situations in which LLMNR queries are sent, as described
in Section 2, is the best protection against these attacks.
From Section 2:
While these conditions are necessary for sending an LLMNR query, they
are not sufficient. While an LLMNR sender MAY send a query for any
name, it also MAY impose additional conditions on sending LLMNR
queries. For example, a sender configured with a DNS server MAY send
LLMNR queries only for unqualified names and for fully qualified
domain names within configured zones.
Is this issue only about whether the MAYs are to be upgraded to a SHOULD
or MUST?
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf