> > Well, draft-pritikin-anima-bootstrapping-keyinfra-01 describes a way to
> bootstrap a certificate infrastructure, zero touch. Once every device in a
> domain has a domain certificate, two devices can directly authenticate each
> other, without PSK. Then you can also authenticate a key negotiation
> scheme such as IKE, to negotiate a PSK which you can then use in your
> "normal" authentication scheme. Obviously, would be nice if protocol
> supported certs directly, but it’s not required.
> 
> IKE provides just symmetric crypto key between two parties. Typical
> network has more (and routing protocols use multicast). Multiparty IKE is
> more or less dead (or undead?).
> 
> Remember, we need whole network to agree on the keys, or at least
> everyone on the link if any multicast is used in a way that requires
> authentication or confidentiality. (HNCP is designed to avoid transmitting
> anything important over multicast; are routing protocols? For most part, I
> think not.)

Sorry, I haven't been following all this discussion so I may be missing 
something, but ... I would say: 
Pick a master (on a link, or the entire network); master calculates a random 
key; distributes it to the other nodes using asymmetric crypto; all nodes use 
that key. For rollover use some key chain mechanism such that for a period of 
time old and new key are accepted. Plug those keys into the "normal" routing 
protocol security mechanism. 

What am I missing? 
Michael

_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to