On Oct 12, 2011, at 8:46 AM, Ole Troan wrote: > I think we can figure out a way of "pairing" devices. whatever layer that > ends up being done at. > it will be much more difficult to protect against hostiles injecting default > routes, or pretending to be DHCP servers and so on.
I think pairing and general network security are largely the same problem. Of course if someone is granted access to the network, they can then inject routes or pretend to be a DHCP server, but that's not the issue I'm concerned with. I'm more concerned with the scenario Jim Gettys talked about in a subsequent message, where a bunch of things clump together and start talking to each other essentially accidentally. And of course I'm also somewhat concerned about attackers, although I think that's probably going to happen less often than accidental clumping.
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
