New ZeroConf Spec,
course for edgy and proposed course for edgy+n
Micah J. Cowan
micah at cowan.name
Tue Aug 1 07:45:11 BST 2006
On Mon, Jul 31, 2006 at 06:31:43PM +0200, Martin Pitt wrote:
> Sorry for the lengthy mail, but some detailled half-official statement
> is in order, I believe.
<snip>
> In real life, people *do* make an explicit choice about which
> bank, bakery, or doctor they trust. The same minimal level of *active*
> choice has to happen in computer networks IMHO.
<snip>
> However, I do appreciate the reasoning about our imperfect 'no open
> ports' implementation wrt. to DHCP and DNS. Both technologies make it
> easy to trick an user into joining a rogue network and talk to remote
> computers which aren't the ones the user intended to contact (and not
> more - it is not possible (or, at least, very hard) to exploit DHCP
> responses to get root privileges in Ubuntu, sinde the DHCP client does
> not run as root).
<snip>
> Therefore avahi and .local mdns service discovery turned on by default
> wouldn't compromise our trust model in a significant way, *under the
> condition* that avahi actually does what it claims. Also, applications
> have to default to *not* use the offered services, enabling them has
> to stay an educated choice of the user.
Martin, these are all very good points. Thank you for a very intelligent
summary, and for updating us on what has been decided (as well as what
needs to be).
--
Micah J. Cowan
Programmer, musician, typesetting enthusiast, gamer...
http://micah.cowan.name/
More information about the ubuntu-devel
mailing list