IETF Logo Mail Archive

Re: [homenet] homenet: what now? ... next?

"STARK, BARBARA H" <bs7652@att.com> Sat, 02 March 2019 20:37 UTC

Return-Path: <bs7652@att.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 105DD130E7E for <homenet@ietfa.amsl.com>; Sat, 2 Mar 2019 12:37:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OtV7-CnHsEnC for <homenet@ietfa.amsl.com>; Sat, 2 Mar 2019 12:37:14 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 001EC128BCC for <homenet@ietf.org>; Sat, 2 Mar 2019 12:37:13 -0800 (PST)
Received: from pps.filterd (m0048589.ppops.net [127.0.0.1]) by m0048589.ppops.net-00191d01. (8.16.0.27/8.16.0.27) with SMTP id x22KZMGh020762; Sat, 2 Mar 2019 15:37:11 -0500
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0048589.ppops.net-00191d01. with ESMTP id 2qypa63w30-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 02 Mar 2019 15:37:11 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x22Kb9rr027781; Sat, 2 Mar 2019 15:37:10 -0500
Received: from zlp30483.vci.att.com (zlp30483.vci.att.com [135.47.91.189]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x22Kb4po027747; Sat, 2 Mar 2019 15:37:04 -0500
Received: from zlp30483.vci.att.com (zlp30483.vci.att.com [127.0.0.1]) by zlp30483.vci.att.com (Service) with ESMTP id BCE534014685; Sat, 2 Mar 2019 20:37:04 +0000 (GMT)
Received: from GAALPA1MSGHUBAF.ITServices.sbc.com (unknown [130.8.218.155]) by zlp30483.vci.att.com (Service) with ESMTPS id A56BA4014682; Sat, 2 Mar 2019 20:37:04 +0000 (GMT)
Received: from GAALPA1MSGUSRBF.ITServices.sbc.com ([169.254.5.84]) by GAALPA1MSGHUBAF.ITServices.sbc.com ([130.8.218.155]) with mapi id 14.03.0435.000; Sat, 2 Mar 2019 15:37:04 -0500
From: "STARK, BARBARA H" <bs7652@att.com>
To: 'Michael Richardson' <mcr+ietf@sandelman.ca>, "homenet@ietf.org" <homenet@ietf.org>
Thread-Topic: [homenet] homenet: what now? ... next?
Thread-Index: AQHU0Hd96ZMrInlIeEWd9OXPwmlCeKX3rjeAgAADGICAABtiAIAA81ww
Date: Sat, 02 Mar 2019 20:37:03 +0000
Message-ID: <2D09D61DDFA73D4C884805CC7865E6114E0C5ED9@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <894b4181-c4ca-5cf1-adba-1c5fcab0d355@cs.tcd.ie> <90A48EC1-C13D-4B9B-9F04-252C0CC87084@fugue.com> <dbe6e19f-84c2-f2eb-b9ab-d085de7c299c@mtcc.com> <4803.1551485670@localhost>
In-Reply-To: <4803.1551485670@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.10.219.30]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-02_12:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=585 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903020154
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/GNSuqCqBLvj2WRdBzQ2DlpIUv9k>
Subject: Re: [homenet] homenet: what now? ... next?
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2019 20:37:16 -0000

> For the last 10 to 15 years the ISP-provided home router has come to
> dominate the market, with the belief by the ISPs that this is a MUST that they
> control the device.  Many (but not all) at the IETF do not share this view, but
> most non-technical users see the ISP provided router is simply saving the trip
> to
> BestBuy, rather than an abdication of control over their home.   If this
> trend continues, then I believe that ISPs (residential IAPs) will come to want
> to control all IoT devices in the home -- because security -- telling residential
> customers what they can and not connect.

Just to be clear, the main reasons most ISPs require use of the ISP CE router at the edge of mass market customer networks is because:
1. Providing instructions for installation and setup becomes easier, as well as ensuring the installation process is as trouble-free and easy as possible.
2. Improved but simplified security between the CE router and the access network
3. Cost of help desk support is greatly reduced because help desk personnel only have to know how to guide customers through one GUI, and the help desk can get permission from the customer (when on a call with the customer) to directly manage the router if the customer prefers that approach.

The cost of supporting a customer under a bring-your-own-random-CE-router model is considerably higher than the cost of supporting a customer in an ISP-managed/specified/provided-CE-router model.

None of which prevents anyone from putting their own router between the ISP CE router and their home network. That's what I do. The ISP doesn't control my home network and there's no requirement from the ISP that they control my home network. I have not abdicated control of my home network to my ISP.

Home automation services may be offered by an ISP, but I'm not aware of any case in the US (or Europe) where someone who wants home automation / security is required to get it from their ISP or where the ISP has to give permission for someone else (or for the homeowner) to operate such a service. I don't know the rest of the world.

Can we please avoid making these rather insulting and inflammatory claims without evidence? If there's evidence, please provide it. If the evidence indicates the practice is localized (to a single ISP, country, or geography), please note that when providing evidence. Broad claims that an entire IETF-stakeholder group is evil and trying to control everything are not nice.

> I believe that this direction will result in ISPs being 100% liable for attacks on
> critical infrastructure; I don't think that this is a place that ISPs want to be, but
> I'm not sure that they have understood this yet.

I don't know about other ISPs, but I do know my employer takes network security very seriously. And access network security (including preventing theft of a customer's access service) is one of the reasons I mentioned for providing customers with an ISP-provided CE router.

> It's clearly not in
> Amazon/Google/Facebook/Intel/Samsung/insert-another-IoT-
> conglomerate's
> interest to be told by ISPs what their products may or may not do.
> This is an ongoing tussle that that relates in some ways (but not all) to the net
> neutrality debate and the desire my ISPs for a cut of the over-top-pie.
> My answer is that the consumer should be in control, and that ISPs need to
> get out of the home router business entirely.  Home router vendors (or the
> service companies they create) should provide first-level support for issues,
> and actual real connectivity issues should be submitted electronically.  Not so
> different in the way that my furnace maintenance is not provided by my gas
> supplier, but my gas supplier gets to inspect the hookup.

No ISP in the US is in a position to tell these companies what they can or can't do in a device connected to a customer's network. I can't speak for other regions.
There is no evidence that all ISP routers provided by all ISPs in every corner of the world prevent all of their customers from being in complete control of the home network.  
I remain in complete control of my home network and the devices connected to it, independent of the fact that my home network edge router is connected through an ISP CE router. Therefore, I know this claim is false in my case.
In any case, I think this comment is well outside the realm of the homenet charter.

<I'm getting really tired of being regularly insulted with unsubstantiated claims. So I'm starting to fight back.>

Barbara

> When we started this effort we heard of real situations such as Fred's original
> FUN BOF slides on how dual-geek households are forced not to share
> printers due to corporate home firewall requirements.  And that we should
> expect the situation to get worse.  Those slides are close to ten years old.
> I'd like to know if they are still at relevant.  Maybe they aren't.
> If not, why not?
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
> -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email