New ZeroConf Spec

Dick Davies rasputnik at gmail.com
Thu Jul 27 12:55:01 BST 2006 

On 27/07/06, Chris Jones <cmsj at tenshu.net> wrote:
> Hi
>
> On 12:34:29 pm 27/07/2006 Sebastian  Dröge  <slomo at circular-chaos.org>
> wrote:
> > application's job to say which services they want and what they want
> > to do with these services.
>
> Then that is where the selection should be. Avahi can receive all the
> notifications malware infested machines care to send, but if they're being
> ignored because they obviously make no sense then there's no problem (avahi
> exploits aside, as I mentioned previously).
>
> To extend my prior quick-look at this stuff, I've just installed the
> service discovery applet on my machine here at work where we have a lot of
> Apple machines and while I can now see lots of printers, machines, itunes
> and so-on services, I can't actually do anything with any of them anyway,
> the only services we have that lead to actual actions are the web pages
> announced by our printers.
>
> So in addition to my questioning of the actual security problems this opens
> up, I have to question how useful it actually is. Which services (other
> than zeroconf ad-hoc networking, which cannot and will not ever be secure
> by its very nature) are people expecting this to provide? Looking at the
> list of options in the applet, I'd say that beyond web pages and printers,
> not much.

The applet is just a toy from what I've seen of it.

What Avahi provides is DNS-SD over mDNS (despite the title of this thread).
The main tasks DNS-SD hanles are fast network service discovery, browsing
etc *without* the need for 'master servers' or well-known ports.

It doesn't have to be over mDNS, you can do this with standard DNS servers -
it's just a pain for your network admins :)

Loads of applications and protocols benefit from dns-sd.
The most obvious user visible one is DAAP (aka iTunes) playlist discovery.
I've also found it a really nice way to advertise NFS shares (OSX Tiger
supports this out of the box).

Theres' a huge list of standard services at

  http://www.dns-sd.org/ServiceTypes.html

-- 
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/

More information about the ubuntu-devel mailing list