New ZeroConf Spec

[Rob J. Caskey]

ZeroConf is on by default in OS X. The iChat prompt, when answered in  
the affirmative, advertises yourself and begins accepting multicast  
chats. Every machine reports a workstation service by default. There  
seems to be the common misconception that enabling ZeroConf means one  
will be automatically sharing photos, their home directory, their  
printers, and their music. Instead, you will be able to see shared  
photos, file shares, printers, and music in the appropriate  
applications, as well as then having the opportunity to advertise  
services, usually in conjunction with opening up other services that  
are needed to facilitate the serving of these files. These additional  
services pose similar risks regardless of whether they are advertised  
by ZeroConf or not.

--Rob

On Jul 4, 2006, at 3:28 PM, Lukas Sabota wrote:

> On Mon, 2006-07-03 at 23:03 -0400, Rob J. Caskey wrote:
>
>> https://wiki.ubuntu.com/ZeroConfPolicySpec is now drafting.
>>
>> This differs from previous specs in that it advocates a change in our
>> one-ports policy.
>>
>> Please discuss.
>>
>> --Rob Caskey
>>
>>
>     I feel that ZeroConf is a really cool technology, and should be
> embraced by Ubuntu.  However, I don't feel ZeroConf services should be
> started by default; all ZeroConf services should be off by default, so
> that no ports are open.
>     However, these technologies should be fairly easy to start, if  
> the user
> recognizes the risk but would like the functionality.  In MacOSX,  
> iChat
> asks in a first-run wizard if Bonjour should be enabled.  Perhaps a
> preference could be added to Gaim, Rhythmbox, and other ZeroConf
> applications that would start the ZeroConf services and notify the  
> user
> that a port is being opened.   When all ZeroConf applications are
> closed, the ZeroConf daemon could be stopped, closing the port.
>     What do others feel about the above plan of action?  Please  
> respond
> with criticism.
>
> God bless,
> Lukas
>
>