(cc's trimmed. I'm not sure the whole IESG wants this in their inboxen.) On 06/10/2014 08:51, Acee Lindem (acee) wrote: > > On 10/4/14, 10:16 PM, "Brian E Carpenter" <brian.e.carpen...@gmail.com> > wrote: > >> On 05/10/2014 09:24, Acee Lindem (acee) wrote: >>> Right - but we still have to agree on the admin or, as you put it, >>> ownership model. At least one of the proposal for autonomic networking >>> is >>> a centralized approach as opposed to configuring a single authentication >>> password on each new device (as one with do with a WiFi network). >> Let me check that I understand. Are you saying that there are two basic >> models for enrollment? >> >> 1. "Hello, I am Brian. Please enrol me; the shared secret is *!&$£@." >> >> 2. "Hello, I am Brian. My public key is 12345, and should already >> be in your list. [Signed with my private key.]" > > That¹s basically the trade-off although there are many variations of #2. > Here is one example: > > http://www.ietf.org/id/draft-pritikin-bootstrapping-keyinfrastructures-01.txt > > The question is what are we willing to accept in the homenet in terms of > both device configuration and device requirements.
Right, thanks. And this is question Anima has to ask for the more general case - of course draft-pritikin is a contender. So, in my opinion, model #1 (a shared secret known to every device) is pretty weak. It might be acceptable for a small home network with a very careful human owner, but not beyond that limit. This is exactly the kind of shared secret that people will write down and lose along with their wallet, or simply throw out in their household garbage. IMHO, for a network of any size or complexity, we need model #2. Brian _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
