On 7/8/19, Gene Heskett <ghesk...@shentel.net> wrote: > On Monday 08 July 2019 14:48:59 Lee wrote: > >> On 7/8/19, Andrei POPESCU <andreimpope...@gmail.com> wrote: >> > On Lu, 08 iul 19, 13:37:26, Lee wrote: >> >> On 7/7/19, andreimpope...@gmail.com <andreimpope...@gmail.com> > wrote: >> >> > The dangers are not at all obvious to me, possibly because I >> >> > haven't used it much (if at all). >> >> >> >> Read the first three paragraph of the "Security Considerations" >> >> section https://tools.ietf.org/html/rfc6762#section-21 >> >> >> >> Assuming everything on the network is a trusted host is a dangerous >> >> assumption, so paragraph 1 is N/A >> >> >> >> Assuming a trusted host won't get hacked is a dangerous assumption, >> >> so paragraph 3 is N/A. >> >> >> >> All that's left is paragraph 2 -- and uninstalling whatever >> >> software uses mDNS :) >> > >> > Security is not a black/white thing, it's more like a balancing act. >> >> Agreed >> >> > In my opinion mDNS/zeroconf can make perfect sense in some >> > environments and be a complete no-go in others. >> >> Apparently it's not clear that I agree :( >> >> I thought about concluding with something about different people >> making different assumptions & some not wanting or able to set up >> their own dns server & living with the risk, but it seemed like such >> an obvious conclusion that I didn't bother. >> >> Regards, >> Lee > > If referring to my problem Lee,
Nope, this sub-thread is a result of my offering a hyperbolic opinion to someone else. You're very clearly in the "my network, my rules" camp, so I won't be offering any opinions on how you should/shouldn't run your own network :) Regards, Lee