On Oct 22, 2013, at 9:01 AM, Ted Lemon <[email protected]> wrote: > On Oct 22, 2013, at 11:29 AM, Michael Thomas <[email protected]> wrote: >> Since this is homenet, oughtn't we be thinking in terms of getting >> configuration information >> from things that we believe we ought to always trust, like, oh say, a server >> on our home network? >> Regardless of our current attachment point(s)? > > What would the security model be here? How do we know to trust something on > our home network? We pretty much blew this off when we did the architecture > document—the general attitude seemed to be "security is hard, so let's do it > later."
I'm not so sure of that, I think there is a lack of broad-based consensus on what balance to attempt, which is not to say that it was blown off, it's not like there was an absence of debate. > So while I might agree in the abstract that your proposal makes sense, we > have no solution that actually _does_ this. So mentioning it as an > alternative isn't going to get us anywhere. Of course, we _also_ don't have > a security model for the scenario Daniel's draft talks about. So I would > say that both of these solutions are non-starters. If you come down on the side of relatively unrestrictive homenets one imagines hosts security models treating those as hostile environments. > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet >
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
