[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: mdns-08 draft

To: Levon Esibov <levone@windows.microsoft.com>
Subject: RE: mdns-08 draft
From: Bernard Aboba <aboba@internaut.com>
Date: Fri, 21 Dec 2001 09:14:47 -0800 (PST)
Cc: erik.guttman@sun.com, cheshire@apple.com, Dave Thaler <DTHALER@windows.microsoft.com>, sra@hactrn.net, namedroppers@ops.ietf.org
In-reply-to: <4AEE3169443CDD4796CA8A00B02191CD0336D609@win-msg-01.wingroup.windeploy.ntdev.microsoft.com>

> Please change the title of the draft to
> 
>  Link-local Multicast DNS
>  
>  In the future, we may define Multicast DNS to be something grander.

Done. See http://www.drizzle.com/~aboba/draft-ietf-dnsext-mdns-08.txt for
the new version. 

> A host configured to not be a "responder" cannot be a "sender".
>  
> > Why?  This is an arbitrary rule.  I can imagine a very simple client
> > that might not need a responder.  Every feature costs.

How about this? 

"A host configured to not be a responder SHOULD NOT be a "sender". While
hosts configured only as senders can detect name conflicts, they cannot
notify other senders of potential name conflicts for their name. Thus
implementation of both responder and sender functionality is encouraged."


> > ---
> > 
> >   If the multicast query is not positively resolved ("positively
> > resolved"
> >   refers in this document to a response with the RCODE set to 0)
> during
> > a
> >   limited amount of time,
> > 
> > Non-positively resolved multicast queries won't get replies.  This is
> > stated later
> > 
> >   A response to an mDNS query MUST have RCODE set to
> >   zero. mDNS responders may respond only to queries which they can
> > resolve
> >   positively.
> > 
> > So, maybe you just want to say 'If the multicast query is not resolved
> > during
> > a limited amount of time...'

Done. 

> [Levon Esibov] Agree. In this case we should explain what "positively"
> means in the second section that you quote above.

Moved. 

> [Levon Esibov] 
> our intend was not to require client to wait for all possible responses.
> I agree that a decision on whether use the first or some or all of the
> responses should be left up to implementers.
> 
> I thought that having MAY in the text doesn't require one to implement
> it this way. Feel free to propose a clarifying text.

How about this? 

"However, after receiving an initial response, the sender is not required
to wait for LMDNS_TIMEOUT for additional responses."

>>"If... senders on that network are configured with the key for the top
>> zone "local.arpa."...
>
> Why is this still here? Shouldn't the last sentence be removed? 

How about this? 

"The mechanism specified in this draft does not require use of DNSSEC. As
a result, responses to LMDNS queries MAY NOT be authenticated. If
authentication is desired, and a pre-arranged security ocnfiguration is
possible, then IPsec ESP with a null transform MAY be used to authenticate
LMDNS responses. In a small network without a certificate authority, this
can be most easily accomplished through configuration of a group
pre-shared key for trusted hosts."



to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

Follow-Ups:
- Re: mdns-08 draft
  - From: Erik Guttman <erik.guttman@sun.com>

References:
- RE: mdns-08 draft
  - From: "Levon Esibov" <levone@windows.microsoft.com>

Prev by Date: RE: Protection of unsecured delegations
Next by Date: Re: Protection of unsecured delegations
Previous by thread: RE: mdns-08 draft
Next by thread: Re: mdns-08 draft
Index(es):
- Date
- Thread