Re: [homenet] [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
Michael Thomas <mike@mtcc.com> Thu, 08 August 2019 18:28 UTC
Return-Path: <mike@fresheez.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDF48120165 for <homenet@ietfa.amsl.com>; Thu, 8 Aug 2019 11:28:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.201, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fresheez.com header.b=iaux0rQz; dkim=pass (2048-bit key) header.d=mtcc-com.20150623.gappssmtp.com header.b=hEfPpG7f
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hW_eaiQY18cJ for <homenet@ietfa.amsl.com>; Thu, 8 Aug 2019 11:28:29 -0700 (PDT)
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 728D0120125 for <homenet@ietf.org>; Thu, 8 Aug 2019 11:28:29 -0700 (PDT)
Received: by mail-pf1-x431.google.com with SMTP id c3so21426582pfa.13 for <homenet@ietf.org>; Thu, 08 Aug 2019 11:28:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fresheez.com; s=fluffulence; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=xPfJ9uFjCcgCbypOBqPOJ8IthEie4npIvcc0WmwHTSU=; b=iaux0rQzxAZxDLkN6ZIq6NKjj9JU52rsDP1MARJ3kXWGZThknibZ6DykGUb8/mlfOX 1NO6sCsXn+MK3JbNhBkZHstO4sATjggentJeCnqwAuYqur4goX+QxR4zpjahjoaGOoUb UiWgvoZGPYUwe70Vdi55lidLrslFqjLovY6kY=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc-com.20150623.gappssmtp.com; s=20150623; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=xPfJ9uFjCcgCbypOBqPOJ8IthEie4npIvcc0WmwHTSU=; b=hEfPpG7fyug0JNsb6PmdT41XsuqQPcNqIN/YXXF4xeGsqpnrXgEtfKxCDX03FYR1qA ytnqIp0gB9wSR2zGAeOiasMGB9QPEa7JBvKBaleG/+uY0wjsSmoyRWR+r92Sj81xfFGw 09qBbp+YHu/DoNbr1s5Ch6G1mvAhX6iSgVx3Mcc2KhRnAzZSQRsfFiRI9ouvyAu7wIUd esZOuMS0gK0AHdtxp1nB4xF/Csf19xKSVFXDNPSnFGtQ+qKC4uolSuJugW6xIlzefJs3 C2isTb255IRe2DJ7l6kBRxP0ZaZNFBJaUBwgJ+kYgNyP0wNUWm7x5+RdvRV/HGAeB9Bg TPGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:references:from:message-id :date:user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=xPfJ9uFjCcgCbypOBqPOJ8IthEie4npIvcc0WmwHTSU=; b=hF5Trz6pSJURU21rd9VCz26KMFDbvx9LFd+FWeuKWkzApdZ45Gd+e7qLGTOnPLF59C 9gltkX6ZbbOW263a1F65GiPu0yV8huSfL7x4LcinfUNZ2wm75iDHIksaSS5cMTWrqjFt ebSEryJC9BuMNZB2tkkeTIXcA//+k1wzbQkwR2pXPHHmb8BtCNMq983FI6i0eZprgaPm YHTMMR1J5WQPuEbL0mImGhNG8kpSbLqmDKBo610R+z5P6NYp9wSnojMnR7iPJuTm1UNa fmL8Q8eBriFbW7LUn95amxpSwXX5wCAg3KVzzgP9BZhyIV++jgM05S2c5NHp4uQWc1Cg iWAg==
X-Gm-Message-State: APjAAAWecbbg/01fRNxclRxWaWtt9IcBAay/ZYa7RGwLwNcDG6UD/1i8 WxQ9LDGUnRAwOLZeqkIwnf5eHN0K/+I=
X-Google-Smtp-Source: APXvYqyqrZx7v3ny0QYJUa0SEObrmhCyStEdkJ4kSabBKmOnGln27n/TSrjdjsxy5Dlml5kZX9s3hg==
X-Received: by 2002:a62:1ac8:: with SMTP id a191mr16939479pfa.164.1565288908513; Thu, 08 Aug 2019 11:28:28 -0700 (PDT)
Received: from Michaels-MacBook.local (107-182-36-91.volcanocom.com. [107.182.36.91]) by smtp.gmail.com with ESMTPSA id f27sm79380357pgm.60.2019.08.08.11.28.27 for <homenet@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 08 Aug 2019 11:28:27 -0700 (PDT)
Sender: Michael Thomas <mike@fresheez.com>
To: homenet@ietf.org
References: <156500498261.24571.204581663078651704.idtracker@ietfa.amsl.com> <87tvavlqrt.wl-jch@irif.fr> <20190806152958.GE59807@kduck.mit.edu> <87ef1yb6s8.wl-jch@irif.fr> <2D09D61DDFA73D4C884805CC7865E6114E25674D@GAALPA1MSGUSRBF.ITServices.sbc.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <f5871adf-1c40-2625-ff6d-4d22e71b6988@mtcc.com>
Date: Thu, 08 Aug 2019 11:28:25 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.7.1
MIME-Version: 1.0
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114E25674D@GAALPA1MSGUSRBF.ITServices.sbc.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/ZPJ0pyalL4vpbJ8LcANSYApZzT8>
Subject: Re: [homenet] [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 18:28:31 -0000
On 8/6/19 11:13 AM, STARK, BARBARA H wrote: > Removing unnecessary participants from the discussion (I don't think its relevant to the IESG review of babel-applicability?), and adding homenet... > >>> How does the HOMENET usage of babel fit into this? I would be >>> surprised if they were expecting secure link layers to be used inside >>> the home, but it does seem like the threat model for HOMENET includes >>> hostile or compromised devices in the home. >> Barbara will correct me if I'm wrong, but as far as I know, the Homenet >> working group hasn't decided on a security mechanism yet. I have heard >> opinions to the effect that Homenet requires asymmetric authentication, in >> which case Babel-DTLS would be necessary, but I wouldn't presume to judge >> whether these opinions represent WG consensus. > Homenet WG hasn't documented its security requirements -- for anything. > The current model for securing home networks is to secure the physical layers. > The normal practice for dealing with compromised devices in the home is to remove or fix them when someone figures out they're compromised. > My personal (individual) opinion is it's extremely important to have tools to discover when a device is causing trouble. On-going protection against such devices (so they can be safely(?) left on the home network indefinitely and people can feel secure????) isn't important or even necessarily a good idea. Not only is this a security problem, it's a huge operational problem. Just a couple of weeks ago I spent an hour or two trying to track down why my internet connection was so slow. The tools to do this in my off the shelf buffer-bloated netgear router are non-existent. Yes, yes, I do know better but like almost everybody else I'm lazy and if ain't broken don't fix it... The advantage I have is that I at least have the ability to track it down, lousy tools or not. Other people, not so much. As our home networks grow this is going to become more and more problematic. Like the time a roku box kept deciding to I wanted to watch tv in a room I wasn't even in over and over. Or when the crappy Hulu web interface keeps running even after I tell it to stop -- deleting the tab is the most effective, I've found. I know that we have most if not all of the tools to address these sorts of problems, but I'm pretty sure my crappy Netgear router is pretty much par for the course. I'm sure that openWRT has a lot of tools to address this too, but openWRT seems pretty wonky to me (feel free to flame me if I'm wrong). What I really want is somewhere, somehow, a what-the-hell-is-going-on-here app that can hunt down and deal with rogue devices and general network health. Oh, it was a friend downloading a game. Mike
- Re: [homenet] [babel] Éric Vyncke's Discuss on dr… STARK, BARBARA H
- Re: [homenet] [babel] Éric Vyncke's Discuss on dr… Michael Thomas
- Re: [homenet] [babel] Éric Vyncke's Discuss on dr… Benjamin Kaduk
- Re: [homenet] [babel] Éric Vyncke's Discuss on dr… Juliusz Chroboczek