Inline
On Tue, Jul 19, 2016 at 10:10:29PM +1200, Brian E Carpenter wrote:
> On 19/07/2016 21:56, Michael Richardson wrote:
> >
> > Toerless Eckert <[email protected]> wrote:
> > > 1. Most network devices i deal with do not do mDNS.
> > > i do not know enough IoT devices to have opinions about those, but
> > > i wonder how important those are re. existing anima charter.
> >
> > I am not mostly *not* thinking about tiny constrained motes here.
> >
> > I'm thinking about various appliance-like things: the home NAS, the
> > iDRAC/ILO
> > service processor, etc.
> >
> > *THESE* devices might not run GRASP.
> > They *might* want to join the ACP.
> > They *do* want to do secure bootstrap.
> > They already have mDNS.
> >
> > Or to put it another way: I'm thinking about the light controller, not the
> > lightblubs.
>
> 1) the concept of a 'lightblub' is very appealing.
I think those are the nodes in the lighning network i proposed yesterday after
roll *sigh* ;-)
> 2) on balance, I think I agree with Michael slightly more than
> with Toerless. Even though this use case is strictly outside the
> Anima charter, I think we'd look very silly if the autonomic security
> bootstrap could cope with routers and application devices such as
> autonomic energy management boxes, but not with lighting controllers.
Well, if those nodes *DO* want to join the ACP, they *MUST* already
have GRASP, so we're back to undecideable FUD like "is a separate
protocol more secure than a separate instance".
What we need from a proxy to a client is so simple, it's almost not a protocol:
Periodic link-local multicasted announcement of a data structure on the proxy:
[Name, [(method, locator)], receipt and parsing on client side.
If i take an existing mDNS library, i am sure i will have no easy way
to prohibit the client code from multicasting an mDNS query but
instead only listen to those announcement. So i have to hack into the
mDNS library. Which i may not be able to do because it's most likely OS/library
code that i don't even have in source.
If the device has upfront neither mDNS nore GRASP and does not want to
join the ACP but just bootstrap, it comes down to whats easier to code
into parsing the data structure. Pretty sure a CBOR library would win.
Don't think there's even a library just to parse DNS packets, and
inheriting a whole mDNS library in source and hacking it up to just
receive these packets doesn't sound like a good spend of time.
Cheers
Toerless
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
