On 09/29/2014 06:24 AM, Ted Lemon wrote:
On Sep 29, 2014, at 9:16 AM, Stephen Farrell <[email protected]> wrote:
If, OTOH, you can say that you would in fact also require
origin authentication, then that is also of interest. (It'd
mean that your use case could not be met by the initially
chartered work for DICE, and that factoid could be helpful
in figuring out how to handle the DICE work.)
I think we definitely need origin authentication, but I am skeptical that we
need multicast TLS. I guess if we had it it might work, though. But I'm not
convinced it's the right model. So I'd hate to have you guys go off and
invent something cool that winds up not matching the eventual design.
Why might we need *in-session* origin authentication? I'm not
questioning it, just trying to
understand the threats/requirements.
Mike
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
