On Mon, Oct 26, 2020 at 04:39:10PM -0400, Ted Lemon wrote: > What actually hardens mDNS is that it’s a link-local protocol. > It doesn’t work across links. This limits the attack surface.
Exactly. > But there’s no way to eliminate the attack surface. If I were in Ben’s > shoes, > I’d be asking you to change the protocol to support authentication and > ToFU as a hardening strategy, with some better trust establishment mechanism > as future work based on the existing presence of crypto signatures. But > the current consensus of the IETF is apparently that ADs aren’t allowed to > insist on things like that. :( We must also consider that mDNS is meant to provide that on-link communication for devices that are perhaps not professionally managed, such as my home where I may want to talk to raspberrypi.local or my printer or other on-link device without placing it in some enterprise or other lookup system. This helps prevent remote attacks and discoverability of my devices and provides security this way. - Jared -- Jared Mauch | pgp key available via finger from ja...@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop