On 10/22/13 10:22 AM, Ted Lemon wrote:
On Oct 22, 2013, at 1:06 PM, Michael Thomas <[email protected]> wrote:
At least there is a security model on my home network, such as it is: wired
needs physical
access, wireless needs a password. For roaming, wireless is a closer model. So
at least we
have shared credentials.
You have shared credentials with the wrong thing. They don't serve to
authenticate a DHCP packet you receive on the WiFi. Furthermore, since they
are shared, it makes no sense to use them to authenticate the server—everybody
on the network by definition knows the password, so anybody can prove that they
have it. Passwords of this sort strictly function to prevent unauthorized
access to the network—they can't be used for anything else.
I suppose we could mandate WPA2 enterprise on the homenet, but we still don't
have a way to use that to secure the DHCP transaction.
I didn't say anything about DHCP; I was purposefully vague about what a
configuration/whatever
protocol ought to be. I was only pointing out that there already exists a
shared credential between
my phone, say, and my home router, say. And you could use the initial contact
with the holder of
a shared secret (eg router) to bootstrap a 1:1 key (diffie helman is probably
our friend). So you have
an initial leap of faith, but beyond that you're enrolled. No AAA required.
Mike
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
