New ZeroConf Spec
Florian Zeitz
Florian.Zeitz at gmx.de
Thu Jul 27 12:17:48 BST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dan Kegel schrieb:
> I think what you're saying is "hostnames are useless for security with
> mDNS",
> and I agree.
>
> Currently, many applications assume that hostnames actually mean something,
> and use hostnames to identify resources. (For instance, ssh, cups,
> and web browsers.) I think those two facts together mean that
> anyone who uses ssh, cups, or web browsers probably shouldn't use mDNS.
>
At least ssh will notice if the hostname has been bound to a different
IP, so that is not true.
> So, when we switch on Avahi and enter the brave new world of
> meaningless hostnames, how will we know which services to trust?
>
This could be done as easily with a fake dhcp/dns server, as i said before.
If you want to call us all stupid and ignorant please check your own
arguments first, that would also conform way better with the CoC.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFEyKDc0JXcdjR+9YQRAk0aAKCb4wQsvcTJgmPruWOCGdWzGLY/5wCfdQhc
temlukrAcwJKadcAMVFeKKc=
=FG/2
-----END PGP SIGNATURE-----
More information about the ubuntu-devel
mailing list