>>>>> "Mark" == Mark Andrews <[email protected]> writes: Mark> In message <[email protected]>, Michael Richardson writes: >> >>>>> "Mark" == Mark Andrews <[email protected]> writes: Mark> A significant percentage of home machines will roam and those Mark> machines will need to be able to register their current Mark> address in the DNS. I do this today when my Mac roams. TSIG Mark> is unavoidable and cheap. UPDATE itself is relatively cheap.
>> Are you asking for a link-local/mDNS-across-the-homenet leap-of-faith
>> way to do key establishment so that TSIG can be initialized?
Mark> For homes a shared key is fine or if you want a small database of
Mark> keys.
You didn't answer my question! I wasn't asking for justification, I was
asking for clarification of what you are proposing.
I imagine a situation where one plugs into the homenet with your laptop.
Some application/agent on the laptop realizes (via mDNS/Bonjour? via
DCHP? TBD) that this network supports IPv6, and supports persistent
names. It asks you if you'd like to persist your name into the local
zone. It has an option to say, "make this name follow me"(%).
There is a protocol exchange (TBD) with the designated homenet DNS
server(s), and this establishes a TSIG for later use.
Same TSIG could also be used to update the reverse map, but as you
indicate, TCP from the address you want to update is probably good
enough for addresses considered "local".
While this might seems bit out of scope for homenet (to provide names for
laptops which are not at home), it's actually not. Depending upon how
the protocol works, it might be another way to deal with the
mDNS/Bonjour-does-not-cross-link problem. If the TSIG setup protocol
can be mediated(proxied) in a link-layer attached way, then it might be
that we do not need to make Bonjour cross links, as we can just use DNS.
(%)-one need not have a globally reachable name. One might be
registering into .homenet/.lan/.local. This may be for the
benefit of machines which are still at home, and which need to
find your laptop. Or the home user might have a global DNS
name. The difference is really just a matter of NS/DS records.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [email protected] http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
pgpTGjvqFtO2Y.pgp
Description: PGP signature
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
