> On Jul 25, 2017, at 1:27 PM, Juliusz Chroboczek wrote:
>
> Dear all,
>
> All security wizards are kindly requested to carefully read and if
> necessary criticise the following section:
>
> https://tools.ietf.org/html/draft-ietf-homenet-babel-profile-02#section-4
Based on
On Feb 20, 2015, at 2:22 PM, Dave Taht dave.t...@gmail.com wrote:
On Fri, Feb 20, 2015 at 12:33 PM, Juliusz Chroboczek
j...@pps.univ-paris-diderot.fr wrote:
I'd be a bit curious to know what people are using for test hardware.
The WNDR3800/WNDR3700v2 is still my favourite. I've still got
On Nov 23, 2014, at 9:38 AM, Dave Taht dave.t...@gmail.com wrote:
I have seen on this list some sort of time related dependency possibly
creeping into hnetd and its crypto, but if your time is, like, the
build time of the firmware, how is that going to work?
Sorry if I'm being dense, but
On Oct 7, 2014, at 10:51 AM, Michael Richardson mcr+i...@sandelman.ca wrote:
Mark Townsley m...@townsley.net wrote:
I suggest that ANIMA focus on professionally-managed networks first,
with Homenet being a secondary consideration, akin to IPv4 is in the
homenet WG.
I like that
, 7:34 PM, Mark Baugher (mbaugher) mbaug...@cisco.com wrote:
I voiced the opinion that someone has to own the homenet, as distinct
from who might own the CPEs and routers on the homenet. In the same
way that some ISP CPEs let the user set the Wi-Fi password, the user or
an agent for the use
I voiced the opinion that someone has to own the homenet, as distinct
from who might own the CPEs and routers on the homenet. In the same
way that some ISP CPEs let the user set the Wi-Fi password, the user or
an agent for the use needs to take homenet ownership (or in the case of
autonomic
On Sep 20, 2014, at 12:57 AM, Steven Barth cy...@openwrt.org wrote:
Am 20.09.2014 um 09:17 schrieb Tim Chown:
I think it would be useful to do, and needn't hold up progress. It would
give us a common understanding - hopefully - of which threats are being
covered and which are not. And
On Sep 19, 2014, at 3:25 AM, Ted Lemon mel...@fugue.com wrote:
On Sep 18, 2014, at 6:46 PM, Mark Baugher m...@mbaugher.com wrote:
The retail model works here. I can imagine a compliant CPE might allow the
use to take ownership of an interior HNCP interface. That's only if the
provider
On Sep 19, 2014, at 8:54 AM, Ted Lemon mel...@fugue.com wrote:
On Sep 19, 2014, at 10:52 AM, Steven Barth cy...@openwrt.org wrote:
That was not my point. I'm totally happy with having a standardized way of
doing this but I don't think that HNCP is the place where it should be
defined since
On Sep 18, 2014, at 8:57 AM, David R Oran daveo...@orandom.net wrote:
On Sep 18, 2014, at 11:46 AM, Rene Struik rstruik@gmail.com wrote:
It seems that the cryptographic literature needs to be rewritten now ...
==
Anything you can do with a cert, you can do with raw public keys, and
And all of this was covered in the design for UPnP Device Protection that you
referred to earlier and its progenitor UPnP Device Security. I consider HNCP
security to be a small subset of the UPnP device requirements.
Mark
On Sep 18, 2014, at 2:10 PM, STARK, BARBARA H bs7...@att.com wrote:
On Sep 18, 2014, at 2:37 PM, Randy Turner rtur...@amalfisystems.com wrote:
How do you bootstrap trust relationships without an initial certificate
(whether installed at manufacturing or during a customer fulfillment stage) ?
One way is through a user security ceremony (viz. Walker and
...@amalfisystems.com wrote:
Are we assuming that the home router is purchased retail, and not fulfilled
or provided by an ISP? The method to establish trust relationships would
hinge on the answer
Randy
Original message
From: Mark Baugher m...@mbaugher.com
Date:09/18/2014 5
On Sep 16, 2014, at 1:29 PM, Tim Chown t...@ecs.soton.ac.uk wrote:
There’s obviously some interesting implications of this. One is that there
are insecure wired links too!
That's a good point. And I wonder about malware on end systems as well.
Mark
On Jul 15, 2014, at 11:45 AM, Markus Stenberg markus.stenb...@iki.fi wrote:
On 15.7.2014, at 21.35, Juliusz Chroboczek j...@pps.univ-paris-diderot.fr
wrote:
I assume you mean that we need to recommend a default policy and also
document the range of other policies that the end user might
On Sep 11, 2012, at 4:53 PM, Curtis Villamizar wrote:
We had a similar discussion before and I pointed out that for security
some form of exchange of keys or certificates was needed.
Having a factory configured root DNSSEC certificate gets one form of
trust anchor. The browser
In my experience, there is no single mechanism for establishing what is
alternatively called 'pairing,' 'introduction,' 'enrollment,' on in the case
of the WiFi Protected Setup a 'mental model.' The techniques have been called
ceremonies by Carl Ellison and Jesse Walker, and they serve as a
17 matches
Mail list logo