New ZeroConf Spec

[Hervé Fache]

On 7/20/06, Florian Zeitz <Florian.Zeitz at gmx.de> wrote:
> Excuse me, but you'll have to explain this to me. From what I understand
>  you receive advertisements from a remote machine be it a rogue one or
> not. After that you know that a service is available. To this point
> nothing bad has happened (unless avahi is vulnerable to something just
> in it's advertisement receiving code).
> Now it's up to you whether you want to use that service or not. This is
> hardly worth than finding an executable on a random place on the
> internet. It's not like the user gets messages like "Hey we found a
> service you should definitely try it out, you can absolutely trust it
> and it's just great". Also the application that uses the service has to
> be somehow vulnerable.
> Of course this can alway be the case, that's why it should be off by
> default, but should be available easy enough.

An example that comes to my mind, please correct if I am wrong, is
printers. A rogue machine could advertise a printer, and you decide to
use it. You then end up printing your confidential document on your 15
years old neighbour's printer...

A machine could pretend being a router, and you end up having all your
data going through your 15 years old neighbour's father who is trying
to get your banking card details.

DNS is why I am interested in ZeroConf. Again, what happens if the
machine you know as, say, 'Everest', is down, and your neighbour's
wife machine is intentionally (or not?) called Everest too, and on the
same network?

I now stand corrected about the fact that the networks meant for local
use are also used for non-local stuff in Australia, so really, how to
make sure that a service advertised is indeed local to YOUR house?
Encryption comes to my mind, more complicated, but a lot safer. Is it
possible to use an SSL layer or something with ZeroConf?

Please correct me if I missed the point(s).
Hervé.