Hi Douglas, I fail to see how turning all devices in a home into a flat link local-addressed architecture meets the requirments in the homenet charter (http://datatracker.ietf.org/wg/homenet/charter/), particularly around home/guest networks plus a few other areas of the charter.
I also fail to see how turning all devices in a dnssd-type deployment into a flat link local-addressed architecture meets the requirements in the dnssd charter (http://datatracker.ietf.org/wg/dnssd/charter/) particularly around enterprise networks (eg campus networks) or mesh networks. Don From: Douglas Otis <[email protected]> Date: Friday, April 4, 2014 8:08 AM To: Don Sturek <[email protected]> Cc: <[email protected]>, <[email protected]> Subject: Re: [homenet] [dnssd] IETF-89 WG meeting minutes On Apr 4, 2014, at 6:10 AM, Don Sturek <[email protected]> wrote: > Hi Douglas, > > As one who follows the WG and having a keen interest in homenet solutions, > I fail to see how TRILL addresses the homenet problem set. > > Producing a flat L2 architecture and then trying to set up specific > service filters to contain the traffic seems like an L3 problem to me. > > Claiming that L3 does not address "security threats" is not a reason to > use TRILL since I would imagine setting "specific service filters" in > TRILL would have the same issues (and without the existing IETF L3 > security solutions we already have) > > Don Dear Don, Typical home networks could use link-local addresses for all internal devices without the filtering concern that effects enterprise level deployments. In addition, the mDNS to DNS proxy scheme expects routable addresses and rather ugly name conversion and base domain assignments ignored in proposed specifications. In comparison, Rbridge which can be introduced incrementally, permits continued use of link-local addressing and firewalls to avoid a difficult task of assessing network boundaries. Devices using default mDNS names would not suddenly become indirectly visible and various network enabled displays that handle HDCP media still function within the home. Even if Rbridge is not a viable solution, I would still request that we look at the security impact of any proposal - even if it is just in the form of a BCP that would be useful for deployment. Regards, Douglas Otis _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
