Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt
On 10/22/14, 12:46 PM, Brian E Carpenter wrote: On 22/10/2014 23:54, Ray Bellis wrote: On 22 Oct 2014, at 02:02, Brian E Carpenter wrote: Up one more level: the charter looks pretty out of date in general. Hi Brian, The charter itself still reflects our primary focus. I believe it still accurately reflects the constraints on our scope. The milestones are admittedly completely out of date! I hope that Mark and I will be able to get some time with our AD in Honolulu to get those updated. Been there, done that, you have my sympathy and understanding ;-). However, I suggest that a security threat analysis would be worth considering as a new charter goal. +1 Mike ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt
On 22/10/2014 23:54, Ray Bellis wrote: > On 22 Oct 2014, at 02:02, Brian E Carpenter > wrote: > >> Up one more level: the charter looks pretty out of date in general. > > Hi Brian, > > The charter itself still reflects our primary focus. I believe it still > accurately reflects the constraints on our scope. > > The milestones are admittedly completely out of date! I hope that Mark and I > will be able to get some time with our AD in Honolulu to get those updated. Been there, done that, you have my sympathy and understanding ;-). However, I suggest that a security threat analysis would be worth considering as a new charter goal. Brian ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt
On 22 Oct 2014, at 02:02, Brian E Carpenter wrote: > Up one more level: the charter looks pretty out of date in general. Hi Brian, The charter itself still reflects our primary focus. I believe it still accurately reflects the constraints on our scope. The milestones are admittedly completely out of date! I hope that Mark and I will be able to get some time with our AD in Honolulu to get those updated. Ray ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt
> I agree with whoever it was that said there is not enough explanation > of the threat model in this draft. The result is that I really can't > evaluate whether the proposed solution is complete or adequate. >From my point of view there are two vectors through which you can attack HNCP - as mentioned. First is auto-border-discovery (if you happen to use it) and second is attacking the protocol itself. For #2 the effects of most of the attacks one can probably think of i.e. spoofing, replay, ... as well as simply pretending to be an HNCP/IGP pariticipating router (i.e. speak the protocols regularly) can both lead to various forms of manipulation of the HNCP state. Since the algorithms on top (at least the ones currently defined) are mostly distributed / consensus-based in nature you can pretty much mess with the state without attacking a specific router's HNCP traffic and by just pretending to be a homenet router yourself. Besides most standard end-to-end security solutions cover authentication, encryption, replay protection etc. so should cover most of the attack vectors on the unicast channel which leaves us with the multicast channel which is explained in the draft. TBH replies like "it's not what I expected" or "not enough explanation" doesn't really help if you don't give an explanation or any other form of pointer on how the draft can be improved or what is missing in your mind. As for security of the homenet: The draft briefly mentions securing other protocols like IGPs and the issues with that and proposes that HNCP manages a PSK for them (since thats what IGPs tend to support in terms of authentication). Besides that I don't really want to cover the whole homenet in this draft since this draft should probably be merged with the HNCP main draft at some point. That doesn't me I'm against a separate generic homenet threats draft if anyone volunteers to write one. Cheers, Steven ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt
Hi, I agree with whoever it was that said there is not enough explanation of the threat model in this draft. The result is that I really can't evaluate whether the proposed solution is complete or adequate. The other thing that bothers me is that we need a secure homenet, not just a secure HNCP. Protecting HNCP will be pointless if the network is insecure for other reasons. So, what we *really* needs is a full homenet threat analysis. That is not to be found in the architecture RFC-to-be and is not in the WG charter, but I think it should be. Up one more level: the charter looks pretty out of date in general. Regards Brian ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
