On Thu, Oct 25, 2012 at 12:08 PM, RJ Atkinson <[email protected]> wrote:
> > On Thu, 25 Oct 2012 09:11:18 +0900, Lorenzo Colitti wrote, in part: > > ...from the border router which discovered the DNS entries > > for tvservice.jp, inject those DNS servers into the mesh > > with a tag that they only be used for tvservice.jp, > > and pass that around in the routing protocol. No? > > I'm not comfortable with overloading a routing > protocol for use as a DNS transport mechanism. > > I'm also nervous about both DNS authorisation > and DNS authentication. Who is allowed to make > which DNS advertisements and how do I authenticate > the received DNS advertisement as both valid and > authorised ? > > (NB: With ordinary DNS, the answer is DNSsec. > With mDNS, DNSsec also probably can work.) > > Surely there is some alternative approach that > doesn't require such overloading and complexity. > > > May I suggest the group look at using ahcp for this (and other) uses? It is also suitable for prefix delegation distribution, ntp distribution as well as DNS. In short, it solves pretty cleanly a number of problems this group has been struggling with. http://www.pps.univ-paris-diderot.fr/~jch/software/ahcp/ Juliusz has recently added authentication to ahcp; probably not yet reflected in the document, looking at the date on it. It also avoids use of multicast, which is problematic on some networks we'll be seeing in the home. It's also running code (we use it in CeroWrt). Regards, - Jim
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
