Hello Mikael, There is indeed a quite large common basis between Homenet and ANIMA problem spaces. It appears that Homenet is one of the case that is presented as a possible use-case for the UCAN BoF (draft-carpenter-nmrg-homenet-an-use-case).
IMHO, these similarities will have to be discussed in Toronto. Particularly, one issue is that UCAN is at an earlier stage of specification as well as it seems to target a more general problem. They are proposing a different configuration protocol: CDNP, which can result in the same features as HNCP, but with a very different design. If we had to summarize, HNCP is a database synchronization protocol while CDNP is a generic negotiation protocol, which is practically the same theoretically as you can share data thought negotiation and negotiate through data sharing (which is an approach widely used in the HNCP’s prefix assignment algorithm). Nevertheless, most of the considerations we need to discuss related to Homenet and ANIMA are *not* specific to security considerations. So, back to security, CDNP proposes to establish authorization based on a single CA for large networks and based on automatic processes for small networks (These processes are said to be out of the scope of the CDNP draft). On the other hand, HNCP security as defined in the proposed draft relies on generic trust relationships. These relationships could be established through different means. Centralized, decentralized, managed from the network or from a server outside the network, from one or multiple authorities, etc… This is, IMHO, important in order to offer vendors the largest flexibility in the way they want to manage their customer’s networks. ‘Whether we use CNDP instead of HNCP' and ‘how to secure HNCP’ are orthogonal problems. So I’m not sure this is the right thread to compare ANIMA and Homenet. But if anyone thinks we should enforce the use of X.509 certificates, or have a different approach on how to secure HNCP, we are open to suggestions. Pierre Le 4 juil. 2014 à 14:45, Mikael Abrahamsson <[email protected]> a écrit : > On Fri, 4 Jul 2014, Bonnetain wrote: > >> What do you think of it ? > > I am not good enough in this area to validate that the draft actually does > the right things from a security context, but it looks like we in the homenet > WG are getting very close to what they're doing in the "Autonomic Networking > Integrated Model and Approach" ANIMA > > http://www.ietf.org/mail-archive/web/homenet/current/msg03639.html > > I think we need to decide how to relate to their work, ignore it, try to > steer both work efforts so we have some communality, or split up the work (or > something else). > > -- > Mikael Abrahamsson email: [email protected] > > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
