In message <78ce7d95-48c9-4de4-9707-f11ac2a05...@cisco.com> Ole Troan writes: > > I've been reading the list with interest and have a question. > > > > When various devices in the home figure out which does what, > > and do that periodically to handle changes, there's clearly > > the potential that a zombied host tries to try take over > > stuff with undesirable consequences. > > > > My question is whether this group are planning to think > > about that now, or later, or never? (Or don't even think > > there's a problem worth attempting to address.) > > > > Note - I'm not trying to argue for any particular level of > > security and certainly not for some unachievable fort knox > > everywhere, I'm just asking what's the plan? > > can we explore some fundamental principles of how and what we need to > "secure"?
Yes. Please do. > using the electricity network as an analogy, can we make a distinction > between "safety" and "security"? the electricity network in the home > is somewhat self protecting with breakers and earthing. a home > network must protect 'itself', i.e. handle any device plugged into it, > in any topology, external and internal attacks and so on. > > I don't think it is the networks job to control who has access to the > pictures of my grandmother or who can print to my printer. that's > application policy. Exactly. This is a multi-decade old debate. Should the applications be insecure and rely on a firewall? (Microsoft advocated this in the 1990s and it has stuck to a large extent). Or should the network be open and the applications secure? I'm strongly with you on this. The applications should take care of any security that is necessary *for that application*. > is it the networks job to control who has access to the network? no, I > think that is a layer 2 function. No. No. No. Security is not a layer-2 function. Security is an application function. You had it right the first time. Key exchanges and certificates are not layer-2 functions. It is entirely possible that the same computer has pictures of Grandma that I'm OK with you seeing and has a printer hanging off it that I don't want anyone in the world to be able to print on. Same MAC address. So that can't be a layer-2 function. And port filtering at a firewall is a lame excuse for security. The bug in relying on a firewall in an enterprise (a little less so for a home) is that once any one user downloads malware, that malware has access to everthing behind the firewall largely because of the assumption that security is not needed because there is a firewall. Lets not enshine the dumbest practices of the IT world. > I think homenet should focus on L3. (and be clear on what it expects > from the other layers with regards to security). > > cheers, > Ole Curtis _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet