Apparently my comment was clear as mud.   I meant this:
https://tools.ietf.org/html/draft-ietf-opsawg-mud-25

Having a public/private zone pair where the public zone is an image of the
private zone that is constructed following rules, the default rule being
"don't copy," seems very straightforward to me.   It's not clear to me in
what sense it's brittle.   Requiring each device to be configurable with a
way to update a name server Out There, and managing the set of devices that
are publishing their names, seems not merely brittle but also difficult to
operate.   To me, the difference between what you are proposing, Juliusz,
and what Daniel is proposing, is where the control point is.   For you, the
control point is the device.   For Daniel, the control point is the
resolver.   Each of these has different properties in terms of
manageability.   Depending on how each is used, your model may be easier or
harder.

What I have set up in my home assumes the mud model, although that's not
actually implemented yet, and even the topology is a work in progress
because I haven't gone back and fixed everything yet.   The model is that
all of my IoT devices are on their own network, which is firewalled from
the rest of my network and has no external connectivity by default.   If a
device needs external access, it gets access to what mud says it needs
access to (e.g., it can download its firmware updates, but not log in to
facebook).   If it wants to be externally reachable, its mud description
would say so, and would say what would be allowed to reach in and touch it.

This model would work with non-IoT devices as well—if they don't have mud
descriptions, then by default they can reach out to touch anything, but
nothing is allowed to reach in to touch them, and their names are not
published.

What's good about this model is that things can happen completely
automatically.   The end user is not asked to understand security models,
and need take no action other than enrolling devices on the network, which
I think is unavoidable.   The only problem with this is that there's no way
to automatically corral IoT devices to the IoT network.

That said, what I've described here is out of scope for the current
discussion, other than with respect to naming.

On Thu, Jul 19, 2018 at 4:38 PM, Juliusz Chroboczek <j...@irif.fr> wrote:

> > One way to automate this would be using mud.
>
> A bright light shines from the heavens, bathing you in its warm glow.  An
> enormous, white temple stands to the north, taking most of your view.
>
> In order to enter the Temple of Homenet Naming, you must travel up the
> large staircase that stands in front of you.
>
> Exits: North, West, East, South.
>
> (Perhaps you had something else in mind when you said MUD?)
>
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to