On Mon, Oct 26, 2020 at 04:09:41PM -0400, Ted Lemon wrote:
> On Oct 26, 2020, at 4:05 PM, Jared Mauch <ja...@puck.nether.net> wrote:
> >> If the anwer of the experts is "do not harden implementations of existing
> >> protocols",
> >> but only improve protocols or eliminate security risks from underlays, i
> >> think
> >> that is not a good strategy to show to implementors trying to understand
> >> how
> >> to best harden existing protocols, but i will happily take that guidance
> >> and remove the text about the suggested heuristics.
>
> The point of my answer was not ???don???t do anything to harden it,??? but
> rather ???don???t do _that_.??? :)
And the question from the AD was what could be done. So, do you have any
implemention suggestion ? Are there any sugestions for mDNS ?
(and i do not mean "harden the underlying L2 network" or "create a better
protocol").
Btw: I do agree that for most use of mDNS as it is relying on dynamic ports,
my suggestion would create an undesired trend of allocating static port numbers.
This is also true for GRASP in general, but for the specific use-cases
in mind in my text, which are really inside-network infra protocols, the
argument could be
made that static port allocation was indeed well feasible (as we're talking
about a
very small number here) . But we had not done it because we hadn't vetted the
benefits
of doing such a port allocation.
Cheers
Toerless
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
