[homenet] Kathleen Moriarty's Discuss on draft-ietf-homenet-dot-12: (with DISCUSS and COMMENT)
Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> Tue, 29 August 2017 19:47 UTC
Return-Path: <Kathleen.Moriarty.ietf@gmail.com>
X-Original-To: homenet@ietf.org
Delivered-To: homenet@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 837111321AA; Tue, 29 Aug 2017 12:47:02 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-homenet-dot@ietf.org, Ray Bellis <ray@bellis.me.uk>, homenet-chairs@ietf.org, ray@bellis.me.uk, homenet@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.59.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150403602253.32177.6734059019373307193.idtracker@ietfa.amsl.com>
Date: Tue, 29 Aug 2017 12:47:02 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/BneoC315B_PrdEPoI9biPvQ7DOs>
Subject: [homenet] Kathleen Moriarty's Discuss on draft-ietf-homenet-dot-12: (with DISCUSS and COMMENT)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Aug 2017 19:47:02 -0000
Kathleen Moriarty has entered the following ballot position for draft-ietf-homenet-dot-12: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-homenet-dot/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thanks for your work on this draft! The SecDir review raised a few important points I'd like to discuss that should be easy to resolve. The first is adding in privacy considerations in his comments for the Security considerations section posted here for convenience (but a response to his full thread might be best): There are also some privacy issues associated to leaking names outside the homenet boundaries. For example daniel_smith.home.arpa reveal the identity of the member of the homenet, my_ipad.home.arpa reveals the devices you own, the application. home.arpa may also used in larger environment such as corporate / private. going from one to the other may also leak such information. The leak can be from the homenet to the outside world in which case one neeed to control the queries sent. But in intruder (or guest) may also access the homenet and proceed to discovery of the names. As a result even though homenet is believe to be a trusted environment, care should be considered while publishing under the home.arpa. as well as whose the information is accessible to. They might be collision as well. myprinter.home.arpa may be found in various environments, and upon discovery you may also - in this example - print confidential information to that printer. In some case you may not even be aware, for example, if your printing information failed home, and is re-activated once you are in another environment. As information may be sensitive it may be encrypted using IPsec DTLS as described by dprive for both authentication and confidentiality. When the trust anchor is configured in the resolver, these must be able to roll-over the key and should follows the requirements for DNSSEC validators. if it is impossible for a resolver to see the difference between an attack and a re-key we are in trouble. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- The other comments raised by the SecDir review should get a response, especially those on section 4 as there are some wording suggestions to better clarify what is intended in the document. https://mailarchive.ietf.org/arch/msg/secdir/E7fjRdo94abFW5nqjVBbLspvkww
- [homenet] Kathleen Moriarty's Discuss on draft-ie… Kathleen Moriarty
- Re: [homenet] Kathleen Moriarty's Discuss on draf… Ted Lemon
- Re: [homenet] Kathleen Moriarty's Discuss on draf… Ted Lemon