IETF Logo Mail Archive

Re: [homenet] A TOFU approach to naming things in the homenet (with code!)

Andrew Sullivan <ajs@anvilwalrusden.com> Fri, 14 April 2017 14:37 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E2F513010D for <homenet@ietfa.amsl.com>; Fri, 14 Apr 2017 07:37:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=BWSFkyI6; dkim=pass (1024-bit key) header.d=yitter.info header.b=DWGQo3eX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1dua47TRmiOQ for <homenet@ietfa.amsl.com>; Fri, 14 Apr 2017 07:37:45 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19DF31300CF for <homenet@ietf.org>; Fri, 14 Apr 2017 07:37:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id C1A19BD996 for <homenet@ietf.org>; Fri, 14 Apr 2017 14:37:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1492180633; bh=g1G4tt6wlpJA/8+GzPeOtLjvvDRf+TybNk5ulYDKkz8=; h=Date:From:To:Subject:References:In-Reply-To:From; b=BWSFkyI6X1kMtXKysuCDHgrG6jHzr5UEoOyLkfTdL9wE97jzxDHVBy9jfq4LTObHD 0iyR/y+MSzEiq5a08Svza+Z2Bhl1Vi/Hke0emqMwtjoRr7HXOYw7bK06P2oPcGT39W dCDc3zGOzQX3QXQ/nKsrpB8o/0J2hGeaVB3Ji47I=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8UiR1IYcII-Y for <homenet@ietf.org>; Fri, 14 Apr 2017 14:37:12 +0000 (UTC)
Date: Fri, 14 Apr 2017 10:37:09 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1492180631; bh=g1G4tt6wlpJA/8+GzPeOtLjvvDRf+TybNk5ulYDKkz8=; h=Date:From:To:Subject:References:In-Reply-To:From; b=DWGQo3eXzHNy98z0kCo2k2dq8SPoxVJ/V23yh1z3QUifh2qpnhAxdDeVqX8Hx4qPA fF3pg45uVJWJo+np86MzNM61FY6zzOJUHUpulkMCURROhddNQ7V+ETRY5ac1BtMJQ2 xWcnaSc+T6FxHEB6jZ5EMg1JIPvK1HbkwePRSzuU=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: homenet@ietf.org
Message-ID: <20170414143708.GD860@mx4.yitter.info>
References: <87r30vomax.fsf@alrua-x1>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <87r30vomax.fsf@alrua-x1>
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/i9UzBnVQDieLSJaFq8DmIgsdsWw>
Subject: Re: [homenet] A TOFU approach to naming things in the homenet (with code!)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2017 14:37:51 -0000

I really like this idea.  Obviously, it's the sort of thing whose
scope had better be pretty limited (e.g. you better know what network
those TOFU requests are coming from), but apart from that it seems
quite useful.

A

On Fri, Apr 14, 2017 at 02:38:46AM +0200, Toke Høiland-Jørgensen wrote:
> Hey everyone
> 
> While following the naming discussions, I have been thinking about how
> to do one of the things that the current naming architecture draft
> excludes: Allowing devices on the homenet to register in (public) DNS so
> that one may find them. And since I also wanted to learn the Go
> programming language, I decided to prototype something. Enter the
> 'nsregd' daemon.
> 
> This daemon will allow a client to claim a name on a Trust On First Use
> (TOFU) basis using the RFC2136 dynamic DNS update protocol. A client
> claims a name by sending a DNS update request with a SIG(0) (RFC2931)
> signature and including the public key corresponding to the signature.
> If the name in a claim is not already taken by another client, the
> client's claim will be successful and the daemon will cache the public
> key and use it to verify subsequent update requests.
> 
> Once a name has been claimed by a client, that client can add and remove
> A and AAAA records by means of regular DNS update requests signed with
> the key used to claim the name. The daemon will forward these updates to
> one or more configured upstream authoritative nameservers.
> 
> I'm posting this here in the hope that others will find it useful,
> either as input to the discussion, or as a tool to play around with.
> 
> The code is available on Github:
> 
> https://github.com/tohojo/nsregd
> 
> The README file has a few more details on how it's supposed to work.
> Comments very welcome, patches even more so :)
> 
> 
> Cheers,
> 
> -Toke
> 
> _______________________________________________
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email