> Hmm, so do you think it's possible that HOMENET could land in the "uses > secure link layers" bucket?
No opinion on the above. I'll only state that HNCP supports running over DTLS (this is implemented in hnetd, the reference implementation of HNCP). Section 8.3 of RFC 7787 describes a distributed algorithm for semi-autonomously choosing a set of trusted DTLS keys. > (It sounds like it's also possibl e it would use babel-hmac or babel-dtls.) If Homenet ends up running HNCP in a secure mode, then it could be used as a trust anchor for Babel. We could do either of the following: - use HNCP to elect a single Babel-HMAC key for the network; - generate random Babel-DTLS keypairs and flood the public part over HNCP; - reuse HNCP keypairs in Babel-DTLS. Of course, if HNCP runs insecure, then it would be somewhat doubtful to use it for key distribution. -- Juliusz _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet