New ZeroConf Spec
Dan Kegel
dank at kegel.com
Sun Jul 23 05:08:58 BST 2006
On 7/22/06, Micah J. Cowan <micah at cowan.name> wrote:
> I can't remember if I ended up sending that email or not, but if I did,
> I'll repeat myself... the mDNS spec itself /specifically/ recommends
> (insists, actually) that you use either IPSec or DNSSec if you plan to
> use it on a network where not all the computers are "friendlies",
> implicitly trusted.
>
> mDNS is intended for LANs. If you're using it on a trusted LAN, you can
> feel free not to set up IPsec. If you're using it on anything else, it's
> the smart thing to do, even if it does mean setting up one configuration
> detail.
There are very few networks these days where the computers
are 100% sure to be all "friendlies". IMHO, unless Ubuntu sets up
IPSec by default somehow (say, to create a trusted LAN of hosts
that all know a shared secret), then Ubuntu should leave mDNS / Zeroconf /
Avahi fully disabled by default, and should not prompt the user
to ask whether to enable it.
- Dan
More information about the ubuntu-devel
mailing list