> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Tim Chown > Sent: 13 March 2013 16:36 > To: [email protected] Group > Subject: Re: [homenet] Next steps for draft-behringer-homenet-trust- > bootstrap? > > On 5 Mar 2013, at 17:52, Michael Behringer (mbehring) > <[email protected]> wrote: > > > Our draft shows a way to do that in a relatively simple and secure way. I > believe this is a fundamental requirement in a homenet; there are other > ways to more or less achieve this goal - that needs to be discussed. But we > should have the discussion. > > If you have text to propose for the arch text, please do so.
There will be cases where two homenets are adjacent, or where a visitor plugs in a device that doesn't belong to the homenet. We need to be able to control that. I suggest a subsection in the security section (3.6) to address this. This could sound something like: -- 3.6.6. Device ownership There must be a way to administratively assert whether a device belongs to a homenet or not. The goal is to allow the establishment of borders, for example between two adjacent homenets or between the service provider and the homenet; and to avoid unauthorized devices from participating in the homenet. The homenet architecture MUST support a way for a homenet owner to claim ownership of his devices in a reasonably secure way. This could be achieved by a pairing mechanisms, by for example pressing buttons simultaneously on an authenticated and a new homenet device. Or by an enrolment process, as described in [draft-behringer-homenet-trust-bootstrap]. -- Thoughts? Michael > Tim > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
