Re: [homenet] Ted's security talk at IETF99: DNCP Security
Michael Richardson <mcr+ietf@sandelman.ca> Tue, 01 August 2017 20:48 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2E78129ACD for <homenet@ietfa.amsl.com>; Tue, 1 Aug 2017 13:48:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WmEeLxzU8M5Q for <homenet@ietfa.amsl.com>; Tue, 1 Aug 2017 13:48:23 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66486124B0A for <homenet@ietf.org>; Tue, 1 Aug 2017 13:48:23 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 3A6582009E; Tue, 1 Aug 2017 16:50:11 -0400 (EDT)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 1CA2A8076D; Tue, 1 Aug 2017 16:48:22 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Ted Lemon <mellon@fugue.com>
cc: homenet@ietf.org
In-Reply-To: <6C42A593-3EBC-49BE-9A9F-0CF701FF68BF@fugue.com>
References: <3725.1501514462@obiwan.sandelman.ca> <52E1C5A0-FC0E-46A5-9016-AA95FB3DC1CB@fugue.com> <3184.1501522914@obiwan.sandelman.ca> <5A407EA3-AC8B-44A7-8EC2-8242480027FE@fugue.com> <27345.1501546823@obiwan.sandelman.ca> <AA5A4081-02A3-4A80-BF8B-10C003DE71D5@fugue.com> <10182.1501601902@obiwan.sandelman.ca> <6C42A593-3EBC-49BE-9A9F-0CF701FF68BF@fugue.com>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 01 Aug 2017 16:48:22 -0400
Message-ID: <20840.1501620502@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/F8lOI9d80Z8CLm-Mxn8xK6Vc2XE>
Subject: Re: [homenet] Ted's security talk at IETF99: DNCP Security
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Aug 2017 20:48:25 -0000
Ted Lemon <mellon@fugue.com> wrote: > You agree that it's a different problem right? mcr> The common part is that one might have a similar set of external mcr> (physical) signals. mcr> Should Dave bring his printer to the IETF network, and they happen to mcr> discovery each other via privacy-enhanced dnssd magic (cf: Arthur Clark's mcr> definition of magic), then it would be good that they can prove that it's mcr> really them. > To be honest, I probably missed the point you were making—I just went back > and reviewed this exchange, and I don't actually understand what the > distinction is that you are making between ephemeral and long-lived > relationships. This thread started by being about the problem of getting devices in the home to securely join the homenet. One sees a list of possible routers in the home, and identifies one that should belong, and tells your homenet that it should be allowed to join. (And the router also is told to join your network). The short-term exchange is where you discover the new router and do the out-of-band secured exchange to establish initial trust. Within that initial trust, longer-term credentials (asymmetric keys) are exchanged. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [homenet] Ted's security talk at IETF99: DNCP Sec… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Stephen Farrell
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson
- Re: [homenet] Ted's security talk at IETF99: DNCP… Ted Lemon
- Re: [homenet] Ted's security talk at IETF99: DNCP… Michael Richardson