Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

Thanks, Mark. That was sufficient detail. :) ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

In message <916eeeb9-3709-492b-8e19-5c832b11a...@fugue.com>, Ted Lemon writes: > On Jul 31, 2017, at 1:02 AM, Mark Andrews wrote: > > The delegatation is INSECURE and SIGNED not UNSIGNED. The wording > > here is *important*. > > Can you explain what the distinction is, and what

Re: [homenet] Ted's security talk at IETF99: DNCP Security

On Jul 31, 2017, at 8:20 PM, Michael Richardson wrote: > a) do they really want this kind of traffic? > b) the certs issued will go into their cert transparency list, and I think > that means we lose privacy. > c) to make it work, they have to verify things. IPv6

Re: [homenet] Ted's security talk at IETF99: DNCP Security

Ted Lemon wrote: > That partly gets rid of the security exception on each access to the > web interface: provided the web browser loads the new trust anchor. > I don't know how to make that work without a fake domain tree. Can't we just > use

Re: [homenet] Ted's security talk at IETF99: DNCP Security

On 31/07/17 19:00, Ted Lemon wrote: > I don't know how to make that work without a fake domain tree. > Can't we just use ACME+letsencrypt.org ? I think the protocols would work fine, but I'm not sure there's a current challenge type that'd work here, for LE or any

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

On Jul 31, 2017, at 2:21 PM, Walter H. wrote: > Just a thought of mine, would it be possible to add a section, to make it > possible > to get official SSL certificates for these 'home.arpa.' domains (for free), > so there would not be the need of running a own PKI? I

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

On 28.07.2017 22:11, internet-dra...@ietf.org wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Home Networking WG of the IETF. Title : Special Use Domain 'home.arpa.' Authors : Pierre

Re: [homenet] Ted's security talk at IETF99: DNCP Security

Ted Lemon wrote: mcr> Is there a document for this Ted? I will offer to help. > Your help would be much appreciated, but I don't know why there would > be an election, so there's at a minimum some thinking to do > there. There is no document yet. I think that

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

On Jul 31, 2017, at 11:42 AM, Warren Kumari wrote: > It really is an insecure delegation, not an unsigned delegation -- > calling it unsigned would be confusing to many people. The person I > was discussing it with wasn't aware of the term "insecure delegation" > and assumed

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

On Mon, Jul 31, 2017 at 5:36 AM, Ted Lemon wrote: > On Jul 31, 2017, at 1:02 AM, Mark Andrews wrote: > > The delegatation is INSECURE and SIGNED not UNSIGNED. The wording > here is *important*. > > > Can you explain what the distinction is, and what the problem

Re: [homenet] Ted's security talk at IETF99: DNCP Security

On Jul 31, 2017, at 11:21 AM, Michael Richardson wrote: > The things that Ted wants, such "this the ID of the router", and the like, > and this really the topic of the ANIMA BRSKI protocol. It can be profiled > to work in Homenet, provided that HNCP can elect a registrar.

[homenet] Ted's security talk at IETF99: DNCP Security

So I'm watching via meetecho the meeting. Some minor comment that it seems like many things have happened in homenet that haven't really been on the list. {Or maybe it was just DMARC vs ietf.org forwarding "helping" me. I've had to whitelist the ietf.org mail servers} The things that Ted

Re: [homenet] The HOMENET WG has placed draft-tldm-simple-homenet-naming in state "Call For Adoption By WG Issued"

Ted Lemon wrote: > to put the CFA on hold pending that update. There have been some good > comments already, though; in particular, I think Juliusz' point that it > would > be nice to actually try some of this in practice is good, and is what > I'm We

Re: [homenet] The HOMENET WG has placed draft-tldm-simple-homenet-naming in state "Call For Adoption By WG Issued"

This is an architecture document, not a protocol specification. On Jul 31, 2017 7:36 AM, "Juliusz Chroboczek" wrote: > > I wanted to know if the scope of this is reasonable and is what the > > working group wants to take on. > > I think the scope of this is too wide. It tries to

Re: [homenet] The HOMENET WG has placed draft-tldm-simple-homenet-naming in state "Call For Adoption By WG Issued"

> I wanted to know if the scope of this is reasonable and is what the > working group wants to take on. I think the scope of this is too wide. It tries to solve a number of different problems: 1. naming within the Homenet; 2. publishing names of Homenet nodes outside the Homenet; 3.

Re: [homenet] The HOMENET WG has placed draft-tldm-simple-homenet-naming in state "Call For Adoption By WG Issued"

On Jul 30, 2017, at 9:20 PM, Michael Richardson wrote: >> and then there is draft-ietf-mif-mpvd-ndp-support as a normative reference. > > concerns me most. Unless it's in RFC-editor queue (it's not, it's expired!), > I'm pretty sure it's a very much normative reference.

Re: [homenet] I-D Action: draft-ietf-homenet-dot-10.txt

On Jul 31, 2017, at 1:02 AM, Mark Andrews wrote: > The delegatation is INSECURE and SIGNED not UNSIGNED. The wording > here is *important*. Can you explain what the distinction is, and what the problem is that you see in point five? The reason I ask is that we explicitly