From nobody Wed Sep 2 02:40:12 2015 Return-Path: X-Original-To: dnssd@ietfa.amsl.com Delivered-To: dnssd@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37C561B48FA; Wed, 2 Sep 2015 02:40:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.121 X-Spam-Level: X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NEUTRAL=0.779] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yo6EkaFBcjEK; Wed, 2 Sep 2015 02:40:08 -0700 (PDT) Received: from jenni1.inet.fi (mta-out1.inet.fi [62.71.2.229]) by ietfa.amsl.com (Postfix) with ESMTP id 49A8D1B479F; Wed, 2 Sep 2015 02:40:06 -0700 (PDT) Received: from poro.lan (80.220.64.126) by jenni1.inet.fi (8.5.142.08) (authenticated as stenma-47) id 55DB12D2001FF9DA; Wed, 2 Sep 2015 12:40:05 +0300 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) From: Markus Stenberg In-Reply-To: Date: Wed, 2 Sep 2015 12:40:04 +0300 Content-Transfer-Encoding: quoted-printable Message-Id: <836A089A-3C95-43CC-8A99-B0CB7C2F2CE1@iki.fi> References: <20150902092247.17699.44474.idtracker@ietfa.amsl.com> To: Henning Rogge X-Mailer: Apple Mail (2.2104) Archived-At: Cc: "homenet@ietf.org Group" , dnssd@ietf.org Subject: Re: [dnssd] [homenet] I-D Action: draft-ietf-homenet-hybrid-proxy-zeroconf-01.txt X-BeenThere: dnssd@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Sep 2015 09:40:09 -0000 On 2.9.2015, at 12.26, Henning Rogge wrote: > the name of the reference to the dnssd-hybrid proxy draft is still > called "[I-D.ietf-dnssd-hybrid]". This could be fixed in the next > draft version. Unfortunately that _is_ their latest version[1] (ping dnssd: make Stuart = do something about it, it expired half year ago; would love for my = suggestions to be incorporated too, cough). Cheers, -Markus [1] http://tools.ietf.org/wg/dnssd/= From nobody Thu Sep 3 07:50:58 2015 Return-Path: X-Original-To: dnssd@ietfa.amsl.com Delivered-To: dnssd@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B83FC1B44B7 for ; Thu, 3 Sep 2015 07:50:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.211 X-Spam-Level: X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9NiNJz6ooJsE for ; Thu, 3 Sep 2015 07:50:54 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44AC81B3E43 for ; Thu, 3 Sep 2015 07:50:54 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CAU41396; Thu, 03 Sep 2015 14:50:52 +0000 (GMT) Received: from LHREML504-MBS.china.huawei.com ([10.125.30.107]) by lhreml406-hub.china.huawei.com ([10.201.5.243]) with mapi id 14.03.0235.001; Thu, 3 Sep 2015 15:50:48 +0100 From: Hosnieh Rafiee To: "dnssd@ietf.org" Thread-Topic: Vollenteer reviewer needed for DNSSD threat model Thread-Index: AQHQ5lfrLGMmzxvi20GLkxkJZrZ5vA== Date: Thu, 3 Sep 2015 14:50:48 +0000 Message-ID: <814D0BFB77D95844A01CA29B44CBF8A715A896E9@lhreml504-mbs> Accept-Language: en-US, zh-CN Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.221.82.103] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected Archived-At: Subject: [dnssd] Vollenteer reviewer needed for DNSSD threat model X-BeenThere: dnssd@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Sep 2015 14:50:56 -0000 All, Any comments? Since based on the DNSSD charter, we have to define whether o= r not this version covers all the problem and whether or not this document = is ready for adoption, you're invited to review this draft. Thanks, Best, Hosnieh https://tools.ietf.org/html/draft-otis-dnssd-scalable-dns-sd-threats-00 Abstract: mDNS combined with Service Discovery (DNS-SD) extends network resource distribution beyond the reach of multicast normally limited by the MAC Bridge. Since related resources are often not authenticated, either local resources are inherently trustworthy or are subsequently verified by associated services. Resource distribution becomes complex when a hybrid scheme combines adjacent network resources into a common unicast DNS-SD structure. This document explores related security considerations. From nobody Thu Sep 17 01:34:41 2015 Return-Path: X-Original-To: dnssd@ietfa.amsl.com Delivered-To: dnssd@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4208C1AD291 for ; Thu, 17 Sep 2015 01:34:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.211 X-Spam-Level: X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wn0pl1rRee_d for ; Thu, 17 Sep 2015 01:34:38 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFA031AD289 for ; Thu, 17 Sep 2015 01:34:37 -0700 (PDT) Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CBJ79824; Thu, 17 Sep 2015 08:34:35 +0000 (GMT) Received: from LHREML504-MBS.china.huawei.com ([10.125.30.107]) by lhreml406-hub.china.huawei.com ([10.201.5.243]) with mapi id 14.03.0235.001; Thu, 17 Sep 2015 09:34:33 +0100 From: Hosnieh Rafiee To: "dnssd@ietf.org" Thread-Topic: DNSSD threat model Thread-Index: AQHQ8SOtsjporg/eQU2uR/EvM2MWeA== Date: Thu, 17 Sep 2015 08:34:33 +0000 Message-ID: <814D0BFB77D95844A01CA29B44CBF8A715AA761C@lhreml504-mbs> Accept-Language: en-US, zh-CN Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.221.82.191] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected Archived-At: Subject: [dnssd] DNSSD threat model X-BeenThere: dnssd@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2015 08:34:40 -0000 Dear all, It makes sense to decide weather or not this draft addresses the concerns m= entioned in last meeting at IETF. We 're approaching next IETF, unfortunate= ly, we have not seen any activities in the group. I would appreciate it if you share your comments here so that we know wheth= er we continue with this draft or it is not good. Thanks, Best, Hosnieh https://tools.ietf.org/html/draft-otis-dnssd-scalable-dns-sd-threats-00 Abstract: mDNS combined with Service Discovery (DNS-SD) extends network resource distribution beyond the reach of multicast normally limited by the MAC Bridge. Since related resources are often not authenticated, either local resources are inherently trustworthy or are subsequently verified by associated services. Resource distribution becomes complex when a hybrid scheme combines adjacent network resources into a common unicast DNS-SD structure. This document explores related security considerations.