Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
Juliusz Chroboczek <jch@irif.fr> Thu, 08 August 2019 21:50 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C0A71200E5; Thu, 8 Aug 2019 14:50:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LmfLOEinU-Y5; Thu, 8 Aug 2019 14:50:00 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB7C11200C5; Thu, 8 Aug 2019 14:49:59 -0700 (PDT)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id x78LnqHm018390; Thu, 8 Aug 2019 23:49:52 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 40F5A3072C; Thu, 8 Aug 2019 23:49:55 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id 7zaVGnqBgd1C; Thu, 8 Aug 2019 23:49:54 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 1A0883072A; Thu, 8 Aug 2019 23:49:54 +0200 (CEST)
Date: Thu, 08 Aug 2019 23:49:53 +0200
Message-ID: <87wofnminy.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: "STARK, BARBARA H" <bs7652@att.com>, "'babel@ietf.org'" <babel@ietf.org>, "'homenet@ietf.org'" <homenet@ietf.org>
In-Reply-To: <20190808203700.GG59807@kduck.mit.edu>
References: <156500498261.24571.204581663078651704.idtracker@ietfa.amsl.com> <87tvavlqrt.wl-jch@irif.fr> <20190806152958.GE59807@kduck.mit.edu> <87ef1yb6s8.wl-jch@irif.fr> <2D09D61DDFA73D4C884805CC7865E6114E25674D@GAALPA1MSGUSRBF.ITServices.sbc.com> <20190808203700.GG59807@kduck.mit.edu>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Thu, 08 Aug 2019 23:49:52 +0200 (CEST)
X-Miltered: at korolev with ID 5D4C9900.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5D4C9900.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5D4C9900.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/5r9B3y2Pq6WybF9X-9lHN_hmlQ0>
Subject: Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 21:50:03 -0000
> Hmm, so do you think it's possible that HOMENET could land in the "uses
> secure link layers" bucket?
No opinion on the above. I'll only state that HNCP supports running over
DTLS (this is implemented in hnetd, the reference implementation of HNCP).
Section 8.3 of RFC 7787 describes a distributed algorithm for
semi-autonomously choosing a set of trusted DTLS keys.
> (It sounds like it's also possibl e it would use babel-hmac or babel-dtls.)
If Homenet ends up running HNCP in a secure mode, then it could be used as
a trust anchor for Babel. We could do either of the following:
- use HNCP to elect a single Babel-HMAC key for the network;
- generate random Babel-DTLS keypairs and flood the public part
over HNCP;
- reuse HNCP keypairs in Babel-DTLS.
Of course, if HNCP runs insecure, then it would be somewhat doubtful to
use it for key distribution.
-- Juliusz
- [babel] Éric Vyncke's Discuss on draft-ietf-babel… Éric Vyncke via Datatracker
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Eric Vyncke (evyncke)
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… STARK, BARBARA H
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek