- Conclusion 2: There is no reason for standards to uphold the
distinction between <1024 and >1024 any more.
I agree that the requirement on UNIX-like systems to be root in order
to bind to ports < 1024 is, in hindsight, a Bad Idea - but mostly
because of insufficient privilege granularity. I also think that
trusting a source port as an indication of anything is a Bad Idea.
However, I do think that it's useful for there to be a range of port
numbers that are only bound to a socket if an application specifically
asks for one of those ports, as this would reduce the potential for
accidental conflicts between servers needing to listen to a well-known
port and servers for which any port would do. And it would be
appropriate for standards to respect this convention and assign
well-known ports in the range of ports that would not be bound by
default.
I also think that it would be reasonable for an OS to require
privileges before it would allow an application to bind to certain
ports. But those ports would need to be explicitly enumerated
somewhere, rather than merely being a range of numbers.
Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf