Re: [homenet] webauthn for routers
Ted Lemon <mellon@fugue.com> Thu, 13 June 2019 19:51 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C07381206C5 for <homenet@ietfa.amsl.com>; Thu, 13 Jun 2019 12:51:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fzNdU2AHJL8s for <homenet@ietfa.amsl.com>; Thu, 13 Jun 2019 12:51:18 -0700 (PDT)
Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 328991206CC for <homenet@ietf.org>; Thu, 13 Jun 2019 12:51:12 -0700 (PDT)
Received: by mail-qk1-x72f.google.com with SMTP id p144so159077qke.11 for <homenet@ietf.org>; Thu, 13 Jun 2019 12:51:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=F2iMXSZdDKiq4FfuUgnUCdwDKtGMXgFAIkKCy4k7zxw=; b=Cix4BVJocUROkvU7wVuZlxeEYNwSI95VKMA6uNF20Zs+xlNLd+yTpe1Hd1nRs8DLJM B8tl31m3VCmLN5DS1slLKBiExt6fs8MmxYB8j6t1HAt2U2EXb5sH9K9K6uYWluGl5zYk QO6pPZGzC/pVl0+OcPN4CcAdT+rX4JjIHcNHVPbS2ECCc6QOII+JfgiPJwryN+ZzcUF7 WZ7hUv+2qUg7+VW2ieHJYElzhzHmlsIBeLgMq/3KugHHTSH9jqv9vThsZvjn+B7J/QH/ 65wG0eVk17yTtRXcrNXOrwz3SDHq07YNXfduXGIYpkLJJCU9kBpJd6ddr9zbSr1m45Gd i1zQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=F2iMXSZdDKiq4FfuUgnUCdwDKtGMXgFAIkKCy4k7zxw=; b=YdKWbDi1riHCiVUbUW6P7wTmK7kquPYUijK0rH5MgHtCjyQx/ASe7UH3HiqgFQxzMV pQs+3DTXmectgdY5LPJ4sBokfUkz5m7ohn8Pd5dYqRy/lCJSdlVHPqQa5yANRVp8SXn8 8jO90XJubFBQJTiftppfClBf/NDmKV7iFKoioU5zS14Ou54yXjB34K/mSKEV2ciG28TG xm+GYUUWHjwO3dMhjttspxz97XbZ5hEgSd6KfORWgXvHjpozV3RIo5812GIQCjRrZi8h BK/AO5SHsFPXoj5ew7Hzj06C6E7oe/nw27MM5b8CdsshPV4D0rcPYh91CvdBrj5zRnmD QJ0w==
X-Gm-Message-State: APjAAAVj3KtipW0CdUbdYda6+tGFxFmn3bl+/e03WPn/kRZvbnNrFM7v 5IpLoOmucvyXK+MKDxz6QvjVLA==
X-Google-Smtp-Source: APXvYqzdBtKWJZ/WWFlsE32E85qVAcotQjYNKohmI+ynn68iT/CxCVGUpcDq90GBqoJVU9zQonbeUw==
X-Received: by 2002:ae9:ebd1:: with SMTP id b200mr73274770qkg.152.1560455471348; Thu, 13 Jun 2019 12:51:11 -0700 (PDT)
Received: from [10.0.10.34] (c-73-186-137-119.hsd1.ma.comcast.net. [73.186.137.119]) by smtp.gmail.com with ESMTPSA id o38sm386213qto.96.2019.06.13.12.51.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Jun 2019 12:51:10 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <1F477030-124B-4BB7-8023-94017EF5648B@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5DEEB409-D7B1-4C3F-BEB4-DDBEBEF26E8A"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Thu, 13 Jun 2019 15:51:09 -0400
In-Reply-To: <3090e039-30d8-5304-d208-a009504acc58@fresheez.com>
Cc: Michael Richardson <mcr@sandelman.ca>, homenet@ietf.org
To: Michael Thomas <mike@fresheez.com>
References: <CADZyTkkgd8f49V+yoZvPZXx3b-_YRzpgUY1-obroq9QMLnFWNw@mail.gmail.com> <EC7FDA4F-1859-4B35-A8AC-D33E1A96F979@fugue.com> <ff7f2700-3862-59bd-abfb-22589562bddb@mtcc.com> <20218.1560366783@localhost> <288a310b-3b99-748d-74ce-a878ff43ee77@fresheez.com> <6179.1560377924@localhost> <604b4062-f2c5-30af-73ff-2e97b7541a9b@fresheez.com> <30470.1560435490@localhost> <cde3329b-cc06-b4eb-5d87-cf74f21368ea@fresheez.com> <496DBED4-24E6-49FE-B9D3-C2BFC7ACEE98@fugue.com> <20d72a3f-0b8f-c958-2482-25358854a96e@fresheez.com> <384451EC-7938-48B6-B167-1C246385C6D7@fugue.com> <fc40f26f-0dc3-91bb-03a0-7e7d8820e931@fresheez.com> <3461D44E-DD00-485D-B1CB-2F5356653403@fugue.com> <4167255a-9766-d155-cafa-44a27bec9a45@fresheez.com> <6B0BD10A-52A8-4DA6-82E2-BE4196041EE4@fugue.com> <d633bcce-cd61-6e86-ae7c-0aa26c7ed815@fresheez.com> <306AAFBA-39D0-489A-8698-F31A6C4BEC78@fugue.com> <8d490410-8ca4-0d74-488e-5c632f8a00b8@fresheez.com> <C3C5279A-14F6-42D2-B436-F2FD88CACC66@fugue.com> <3090e039-30d8-5304-d208-a009504acc58@fresheez.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/PicYSTkA55BN0xgfeQxD9FHICD8>
Subject: Re: [homenet] webauthn for routers
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 19:51:20 -0000
On Jun 13, 2019, at 3:46 PM, Michael Thomas <mike@fresheez.com> wrote: > Possibly, but I think there are hardware based solutions (eg "press to pair") and pure software based ones. The main point is to have something to point vendors at. They are probably clueless that this is a possibility now. > > Ah. I don’t think that would be useful. The “if we spec it, they will build it” approach has been an utter failure thus far. We should have a clear use case and a clear solution that addresses that use case. We should not specify the kitchen sink and let them pick. If someone has a use case we didn’t address, then that’s demand to address another use case, and we can do it, but we have to be real about this. Right now, the only use case that really matters is OpenWRT, because that is where _all_ of the running code is. So a solution that works there is the place to start.
- [homenet] securing zone transfer Daniel Migault
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Ray Bellis
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Ted Lemon
- Re: [homenet] securing zone transfer Ray Hunter (v6ops)
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Ted Lemon
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Mark Andrews
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] [EXT] securing zone transfer Jacques Latour
- Re: [homenet] [EXT] securing zone transfer Ted Lemon
- Re: [homenet] [EXT] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] [EXT] securing zone transfer Ted Lemon
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] [EXT] securing zone transfer Daniel Migault
- Re: [homenet] number of devices in homenet Daniel Migault
- Re: [homenet] [EXT] securing zone transfer Ray Hunter (v6ops)
- Re: [homenet] securing zone transfer Ray Hunter (v6ops)
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Ted Lemon
- Re: [homenet] webauthn for routers (was: securing… MIchael Thomas
- Re: [homenet] webauthn for routers (was: securing… Michael Richardson
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Michael Richardson
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] securing zone transfer Michael Richardson
- Re: [homenet] securing zone transfer Ray Hunter (v6ops)
- Re: [homenet] webauthn for routers Michael Richardson
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] securing zone transfer Juliusz Chroboczek
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] webauthn for routers Ted Lemon
- Re: [homenet] webauthn for routers Michael Thomas
- Re: [homenet] [EXT] securing zone transfer Ray Hunter (v6ops)