> 1) The first sentence seems to not say what to do if a packet comes
> from a 1918 IPv4 address. Even if that's not supposed to happen, it
> could be attempted. What's an implementation supposed to do then?
Both HNCP and Babel use IPv6 for carrying control data. There's no way an
IPv4 packet
On 25/07/2017 22:58, Stephen Farrell wrote:
> I suggest asking the chairs to hit the "request directorate" review
> (iirc only they can see that button?) for an early secdir review.
Good idea - I've just done this.
Ray
___
homenet mailing list
> On Jul 25, 2017, at 1:27 PM, Juliusz Chroboczek wrote:
>
> Dear all,
>
> All security wizards are kindly requested to carefully read and if
> necessary criticise the following section:
>
> https://tools.ietf.org/html/draft-ietf-homenet-babel-profile-02#section-4
Based on
> ...one might recommend starting with "an upper-layer security protocol"
> such as CMS, COSE, JOSE or some other layer-3 encapsulation.
We're planning to use DTLS for both HNCP and Babel.
But the authentication mechanism is not our main concern. This being
Homenet, we need to generate keys
Dear all,
All security wizards are kindly requested to carefully read and if
necessary criticise the following section:
https://tools.ietf.org/html/draft-ietf-homenet-babel-profile-02#section-4
Nasty comments on list, please, compliments by private mail ;-)
Thanks,
-- Juliusz
Hiya,
I suggest asking the chairs to hit the "request directorate" review
(iirc only they can see that button?) for an early secdir review.
For myself, I've not read the draft yet (I will over the next few
weeks) but have two questions while I'm here:
1) The first sentence seems to not say