As far as I understand it's not a cache (but I have not touched Windows for a long time and haven't developed UPnP devices yet).
It's more similar to how you have a list of all paired Bluetooth devicees, even if they are currently not connected. Or a list of networks configs for every network you connected to, even if it was a public one.
But there are 2 issues:
- it's automatically set by "external" local network "events" (which isn't the case for the things I mentioned above, as long as you don't automatically connect to public networks, never do so)
- it's not bound, which is in general not the best idea but in context of the 1st point is really really bad. I.e. it should have some bound related to it's resource cost and expected usage. (If I have to widely guess a bound of 250 or so would be over the top enough to accommodate all edge cases and not lead to issues, most users would be more then fine with idk. 25 or so). Through what to do if the count is exceeded needs some careful considerations, i.e. you would need to drop the "oldest unused entry" but for that you need to determine and propagate what "unused" means here.
To be fair I wouldn't be surprised if that isn't just a problem for Windows. Like e.g. I have heard multiple times people arguing that UPnP shouldn't be enabled (by Windows/Linux/Mac) as it wasn't designed for a modern security context where you can't just trust your local network a lot.
It's more similar to how you have a list of all paired Bluetooth devicees, even if they are currently not connected. Or a list of networks configs for every network you connected to, even if it was a public one.
But there are 2 issues:
- it's automatically set by "external" local network "events" (which isn't the case for the things I mentioned above, as long as you don't automatically connect to public networks, never do so)
- it's not bound, which is in general not the best idea but in context of the 1st point is really really bad. I.e. it should have some bound related to it's resource cost and expected usage. (If I have to widely guess a bound of 250 or so would be over the top enough to accommodate all edge cases and not lead to issues, most users would be more then fine with idk. 25 or so). Through what to do if the count is exceeded needs some careful considerations, i.e. you would need to drop the "oldest unused entry" but for that you need to determine and propagate what "unused" means here.
To be fair I wouldn't be surprised if that isn't just a problem for Windows. Like e.g. I have heard multiple times people arguing that UPnP shouldn't be enabled (by Windows/Linux/Mac) as it wasn't designed for a modern security context where you can't just trust your local network a lot.