Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Thu, 08 August 2019 20:37 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4BAB1201E2; Thu, 8 Aug 2019 13:37:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u4A2x4ycIfxU; Thu, 8 Aug 2019 13:37:28 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90298120224; Thu, 8 Aug 2019 13:37:09 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x78Kb1p9002702 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 8 Aug 2019 16:37:03 -0400
Date: Thu, 08 Aug 2019 15:37:01 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: "STARK, BARBARA H" <bs7652@att.com>
Cc: 'Juliusz Chroboczek' <jch@irif.fr>, "'babel@ietf.org'" <babel@ietf.org>, "'homenet@ietf.org'" <homenet@ietf.org>
Message-ID: <20190808203700.GG59807@kduck.mit.edu>
References: <156500498261.24571.204581663078651704.idtracker@ietfa.amsl.com> <87tvavlqrt.wl-jch@irif.fr> <20190806152958.GE59807@kduck.mit.edu> <87ef1yb6s8.wl-jch@irif.fr> <2D09D61DDFA73D4C884805CC7865E6114E25674D@GAALPA1MSGUSRBF.ITServices.sbc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114E25674D@GAALPA1MSGUSRBF.ITServices.sbc.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/wPTkKQD5kBVyt_j_Yy9kOsMsBRM>
Subject: Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 20:37:30 -0000
On Tue, Aug 06, 2019 at 06:13:25PM +0000, STARK, BARBARA H wrote: > Removing unnecessary participants from the discussion (I don't think its relevant to the IESG review of babel-applicability?), and adding homenet... > > > > How does the HOMENET usage of babel fit into this? I would be > > > surprised if they were expecting secure link layers to be used inside > > > the home, but it does seem like the threat model for HOMENET includes > > > hostile or compromised devices in the home. > > > > Barbara will correct me if I'm wrong, but as far as I know, the Homenet > > working group hasn't decided on a security mechanism yet. I have heard > > opinions to the effect that Homenet requires asymmetric authentication, in > > which case Babel-DTLS would be necessary, but I wouldn't presume to judge > > whether these opinions represent WG consensus. > > Homenet WG hasn't documented its security requirements -- for anything. > The current model for securing home networks is to secure the physical layers. > The normal practice for dealing with compromised devices in the home is to remove or fix them when someone figures out they're compromised. > My personal (individual) opinion is it's extremely important to have tools to discover when a device is causing trouble. On-going protection against such devices (so they can be safely(?) left on the home network indefinitely and people can feel secure????) isn't important or even necessarily a good idea. > > Babel-HMAC could identify anything trying to talk Babel without a key. If the compromised device has been given the keys (because the user thought it could be trusted and didn't know it was compromised), then neither HMAC nor DTLS will be of any protection. Hmm, so do you think it's possible that HOMENET could land in the "uses secure link layers" bucket? (It sounds like it's also possible it would use babel-hmac or babel-dtls.) I can readjust my expectations accordingly... Thanks, Ben
- [babel] Éric Vyncke's Discuss on draft-ietf-babel… Éric Vyncke via Datatracker
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Eric Vyncke (evyncke)
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… STARK, BARBARA H
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Benjamin Kaduk
- Re: [babel] Éric Vyncke's Discuss on draft-ietf-b… Juliusz Chroboczek