>>> Just 2136 isn't enfough, because there's no authentication scheme,
>> I don't understand this argument. How is non-secured DDNS any less secure >> than mDNS? What am I missing? > This is an implementation issue, not a security issue--sorry for not making > that clear. In order to preserve the same security characteristics that > mDNS has, we have to ensure that the update actually originated on the > local link, which requires a different sort of listener than is present in > a typical DNS server. Makes perfect sense, thanks for the explanation. > The problem with site-local multicast for mDNS is that multicast isn't a > great solution even on the local wire when that wire is wireless. Mmh, if you're an IGMP listener, then you have the lists of subscribers, so you could in principle convert multicast to multiple link-layer unicasts. But that's perhaps somewhat more of a layering violation than I'm comfortable with. So yeah, your point stands. > Furthermore, if you consider the mdns hybrid proxy stateless, then you can > have a DNS server that is roughly that stateless too. I think it provides > better service continuity if you are willing to retain some state Mmh, okay, I'll think it over. But I reserve the right to grumble. -- Juliusz _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
