[homenet] A TOFU approach to naming things in the homenet (with code!)
Toke Høiland-Jørgensen <toke@toke.dk> Fri, 14 April 2017 00:38 UTC
Return-Path: <toke@toke.dk>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CBF31314F1 for <homenet@ietfa.amsl.com>; Thu, 13 Apr 2017 17:38:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=toke.dk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 10X_l4jrPbPX for <homenet@ietfa.amsl.com>; Thu, 13 Apr 2017 17:38:51 -0700 (PDT)
Received: from mail.toke.dk (mail.toke.dk [IPv6:2001:470:dc45:1000::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A5B4128796 for <homenet@ietf.org>; Thu, 13 Apr 2017 17:38:51 -0700 (PDT)
From: Toke Høiland-Jørgensen <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1492130328; bh=YNmoQhSm2vGyGEreMd3Tdamb/Nqz47tAexRnFkt873E=; h=From:To:Subject:Date:From; b=LjPlPQl8MTT1kW2bMJwW18qz8fgCCoiLaBfVV+Lqs7jpfk95sr5uBhNL2KQtUmf0+ GvWsAzNQ1Ai26IF89lDYPLQ5eEiOFWUTRAla/14xwWcTdrfCEuxsefJmVsDiKEsoJf f2/4u5UeKQUo72khhCcaC92b6UUpI9p5LCWGaAFovnONZyScz+BapQcv0jkdfO09nN efWV+pA031vH9YNAuzNJKe80RggjNfU6Z7jmOgt6ZlBg9VNUwj7/LOumXGX/QMd0mj 7WzIKWIM9GlyiLQfwSeaRSK1meFzQh+mVSum4NJJfoy4pivfgTHeC5nl4Sd077Kdag esemAeGE0C+xw==
To: homenet@ietf.org
Date: Fri, 14 Apr 2017 02:38:46 +0200
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <87r30vomax.fsf@alrua-x1>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/jYOg4SLIC7Lh-LTvPq6zfYFYUEg>
Subject: [homenet] A TOFU approach to naming things in the homenet (with code!)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2017 00:38:54 -0000
Hey everyone While following the naming discussions, I have been thinking about how to do one of the things that the current naming architecture draft excludes: Allowing devices on the homenet to register in (public) DNS so that one may find them. And since I also wanted to learn the Go programming language, I decided to prototype something. Enter the 'nsregd' daemon. This daemon will allow a client to claim a name on a Trust On First Use (TOFU) basis using the RFC2136 dynamic DNS update protocol. A client claims a name by sending a DNS update request with a SIG(0) (RFC2931) signature and including the public key corresponding to the signature. If the name in a claim is not already taken by another client, the client's claim will be successful and the daemon will cache the public key and use it to verify subsequent update requests. Once a name has been claimed by a client, that client can add and remove A and AAAA records by means of regular DNS update requests signed with the key used to claim the name. The daemon will forward these updates to one or more configured upstream authoritative nameservers. I'm posting this here in the hope that others will find it useful, either as input to the discussion, or as a tool to play around with. The code is available on Github: https://github.com/tohojo/nsregd The README file has a few more details on how it's supposed to work. Comments very welcome, patches even more so :) Cheers, -Toke
- Re: [homenet] A TOFU approach to naming things in… Andrew Sullivan
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Juliusz Chroboczek
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Juliusz Chroboczek
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Ted Lemon
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Ted Lemon
- [homenet] A TOFU approach to naming things in the… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Ted Lemon
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Toke Høiland-Jørgensen
- Re: [homenet] A TOFU approach to naming things in… Tim Chown
- Re: [homenet] A TOFU approach to naming things in… Ted Lemon