On 8/6/19 11:13 AM, STARK, BARBARA H wrote:
Removing unnecessary participants from the discussion (I don't think its
relevant to the IESG review of babel-applicability?), and adding homenet...
How does the HOMENET usage of babel fit into this? I would be
surprised if they were expecting secure link layers to be used inside
the home, but it does seem like the threat model for HOMENET includes
hostile or compromised devices in the home.
Barbara will correct me if I'm wrong, but as far as I know, the Homenet
working group hasn't decided on a security mechanism yet. I have heard
opinions to the effect that Homenet requires asymmetric authentication, in
which case Babel-DTLS would be necessary, but I wouldn't presume to judge
whether these opinions represent WG consensus.
Homenet WG hasn't documented its security requirements -- for anything.
The current model for securing home networks is to secure the physical layers.
The normal practice for dealing with compromised devices in the home is to
remove or fix them when someone figures out they're compromised.
My personal (individual) opinion is it's extremely important to have tools to
discover when a device is causing trouble. On-going protection against such
devices (so they can be safely(?) left on the home network indefinitely and
people can feel secure????) isn't important or even necessarily a good idea.
Not only is this a security problem, it's a huge operational problem.
Just a couple of weeks ago I spent an hour or two trying to track down
why my internet connection was so slow. The tools to do this in my off
the shelf buffer-bloated netgear router are non-existent. Yes, yes, I do
know better but like almost everybody else I'm lazy and if ain't broken
don't fix it... The advantage I have is that I at least have the ability
to track it down, lousy tools or not. Other people, not so much.
As our home networks grow this is going to become more and more
problematic. Like the time a roku box kept deciding to I wanted to watch
tv in a room I wasn't even in over and over. Or when the crappy Hulu web
interface keeps running even after I tell it to stop -- deleting the tab
is the most effective, I've found.
I know that we have most if not all of the tools to address these sorts
of problems, but I'm pretty sure my crappy Netgear router is pretty much
par for the course. I'm sure that openWRT has a lot of tools to address
this too, but openWRT seems pretty wonky to me (feel free to flame me if
I'm wrong).
What I really want is somewhere, somehow, a
what-the-hell-is-going-on-here app that can hunt down and deal with
rogue devices and general network health.
Oh, it was a friend downloading a game.
Mike
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
