In message <26689.1331127...@marajade.sandelman.ca>, Michael Richardson writes: > >>>>> "Mark" =3D=3D Mark Andrews <ma...@isc.org> writes: > Mark> In message <19226.1331046...@marajade.sandelman.ca>, Michael Rich= > ardson writes: > >> >>>>> "Mark" =3D=3D Mark Andrews <ma...@isc.org> writes: > Mark> A significant percentage of home machines will roam and those > Mark> machines will need to be able to register their current > Mark> address in the DNS. I do this today when my Mac roams. TSIG > Mark> is unavoidable and cheap. UPDATE itself is relatively cheap. > > >> Are you asking for a link-local/mDNS-across-the-homenet leap-of-faith > >> way to do key establishment so that TSIG can be initialized? > > Mark> For homes a shared key is fine or if you want a small database of > Mark> keys. > > You didn't answer my question! I wasn't asking for justification, I was > asking for clarification of what you are proposing.
Ok. Lets look at a working model that Microsoft has with AD. You boot the machine them a Adminstrator adds the machine to the AD domain using the administrators credentials. One can do essentially the same thing with TKEY and get a TSIG key that can be stored. The home owner would register the machine with the router using TKEY. The credentials used would allow registration on behalf. TKEY support sending additional data in the request we only need a standard description on how to do "on behalf of". Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
