> On Jul 25, 2017, at 1:27 PM, Juliusz Chroboczek <j...@irif.fr> wrote: > > Dear all, > > All security wizards are kindly requested to carefully read and if > necessary criticise the following section: > > https://tools.ietf.org/html/draft-ietf-homenet-babel-profile-02#section-4
Based on this paragraph... "If untrusted links are used for transit, which is NOT RECOMMENDED, and therefore need to carry HNCP and Babel traffic, then HNCP and Babel MUST be secured using an upper-layer security protocol. While both HNCP and Babel support cryptographic authentication, at the time of writing no protocol for autonomous configuration of HNCP and Babel security has been defined." ...one might recommend starting with "an upper-layer security protocol" such as CMS, COSE, JOSE or some other layer-3 encapsulation. Mark > > Nasty comments on list, please, compliments by private mail ;-) > > Thanks, > > -- Juliusz > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet