On 02/10/14 13:49, Michael Behringer (mbehring) wrote: > My personal goal is that what we do in ANIMA is fully compatible with > and ideally used in homenet. It would feel wrong to me to have an > infrastructure that doesn't work in a homenet. > > The security bootstrap is a good example of what we can achieve, with > reasonable effort.
FWIW, it is not clear to me that the reasonable requirements for provisioning device security information (or bootstrapping if we wanted to call it that) are the same. In enterprise environments we see fewer larger vendors of devices. In the home where we additionally have a large range of vendors many of whom are tiny and leverage a lot of OSS and who could perhaps not take part in the kind of provisioning infrastructure that is quite reasonable for enterprises and their vendors. I do think both want to end up in the same state, where devices are authorised for connection to the network and where there is some keying material usable for security, but I'd be surprised if one approach to getting there worked the same way for both homes and enterprises. S. _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
