On 7/16/17 7:24 PM, Toerless Eckert wrote: > Sorry, cathing up late with the thread. > > Thanks, Eliot. Thats good information. The MAC address based limited > link-local address space is a problem for devices running a proxy. > Do you have an idea about some class of devices that has the issue > that you describe and that could be proxies ?
Sure. Just about any device that does a poor job of randomization or have a low amount of entropy. And that, I'm afraid, is a very large swathe of stuff. But again, I think the diagram Brian drew out indicates the problem to be with autonomic node, not the border device, and there the problem will be assuredly more pronounced. > > I know about these crazy LED lightbulbs that actually build a mesh > network. Is that what you where alluding to ? > > But would those type of devices really be able to do all the > security stuff of ANIM/BRSKI ? Good question. I do think that lightbulbs are likely to do okay with this stuff, but smaller devices will probably not, simply as a matter of COGS. There are different forms of sensor networks in which the devices are highly constrained. It may be possible to pre-store a certain amount of entropy, which can ease some of this, but in those cases developers will need to be economical. The use of different forms of interface addresses, including CGAs needs to take into account this parameter. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
