IETF Logo Mail Archive

Re: [homenet] Security goals

"Howard, Lee" <lee.howard@twcable.com> Tue, 13 March 2012 02:27 UTC

Return-Path: <lee.howard@twcable.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072BB21F87C8 for <homenet@ietfa.amsl.com>; Mon, 12 Mar 2012 19:27:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.63
X-Spam-Level:
X-Spam-Status: No, score=-0.63 tagged_above=-999 required=5 tests=[AWL=-0.167, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AtAPtkKb0-i0 for <homenet@ietfa.amsl.com>; Mon, 12 Mar 2012 19:27:04 -0700 (PDT)
Received: from cdpipgw02.twcable.com (cdpipgw02.twcable.com [165.237.59.23]) by ietfa.amsl.com (Postfix) with ESMTP id 488C721F87C5 for <homenet@ietf.org>; Mon, 12 Mar 2012 19:27:04 -0700 (PDT)
X-SENDER-IP: 10.136.163.12
X-SENDER-REPUTATION: None
X-IronPort-AV: E=Sophos;i="4.73,573,1325480400"; d="scan'208";a="336328505"
Received: from unknown (HELO PRVPEXHUB03.corp.twcable.com) ([10.136.163.12]) by cdpipgw02.twcable.com with ESMTP/TLS/RC4-MD5; 12 Mar 2012 22:26:19 -0400
Received: from PRVPEXVS03.corp.twcable.com ([10.136.163.26]) by PRVPEXHUB03.corp.twcable.com ([10.136.163.12]) with mapi; Mon, 12 Mar 2012 22:27:03 -0400
From: "Howard, Lee" <lee.howard@twcable.com>
To: Fred Baker <fred@cisco.com>
Date: Mon, 12 Mar 2012 22:27:02 -0400
Thread-Topic: [homenet] Security goals
Thread-Index: Ac0AwMZDkreGKFmRQt2gC1dpyBukWw==
Message-ID: <854C4D43-EB21-41DF-9DB4-1CCE761358AD@twcable.com>
References: <AD35BB69-11F8-4AAA-BF7B-D320F646C867@ecs.soton.ac.uk> <EMEW3|cebcb0969667b83ecc4ef8cd422eb095o2A15q03tjc|ecs.soton.ac.uk|AD35BB69-11F8-4AAA-BF7B-D320F646C867@ecs.soton.ac.uk> <0B8FB2ED-E7B8-469E-B76F-26B0A687624E@cisco.com>
In-Reply-To: <0B8FB2ED-E7B8-469E-B76F-26B0A687624E@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Tim Chown <tjc@ecs.soton.ac.uk>, "homenet@ietf.org Group" <homenet@ietf.org>
Subject: Re: [homenet] Security goals
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 02:27:05 -0000

On Mar 11, 2012, at 5:44 PM, Fred Baker wrote:

>
> On Mar 10, 2012, at 5:04 PM, Tim Chown wrote:
>
>> It's good to see some traction in service discovery and naming.
>>
>> We also have a fifth area, security.  The text as it stands says a few
>> things that apply to this area, e.g.
>>
>> a) An assumption of "Simple Security" with default deny on the CER.
>>   This implies PCP or uPnP to support punching holes.  The text
>>    also talks about addressability vs reachability.
>
>> d) Mention of "Advanced Security", which talks about the ability to
>>    install 3rd party policies.  Some have suggested removing this
>>    from the initial homenet spec.
>
> One of these days I'll figure out what is "advanced" about "advanced security". I think the point of interest is that it can be expected to not be maintained (how many people maintain their norton-or-whatever-firewall contracts?) and will therefore allow a lot of stuff through.
>
> I will be doing a talk in opsawg trying to make the firewall story a little less "I don't like this and I do like that", more about what a firewall does and doesn't do and what models one might consider - at least three of them. If there is interest in homenet, I could comment on that discussion.
>
> http://tools.ietf.org/html/draft-baker-opsawg-firewalls
>  "On Firewalls in Internet Security", Fred Baker, 20-Jan-12

Any chance of having such a conversation in the Security Area WG?  I mentioned the debate to Sean Turner (Security AD), and he thought it would be an excellent topic for security experts to discuss.  However, since there had been no discussion on list, I did not get around to writing a draft, so I have nothing to submit for the agenda.

Lee


> _______________________________________________
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet


This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.

v2.23.0 | Report a Bug | By Email