Hi Mike,
On 9/15/16 5:36 PM, Michael StJohns wrote:
> Hi Elliot et al -
>
> Sorry, I think you're still missing the point:
>
> * Source Authentication (A) cannot be accomplished securely by
> Symmetric Key Multicast (^B): (A -> ^B)
> * Cyber Physical control functions (C) require source
> authentication (A): (C -> A)
> * Turning on and off lights (D) is a Cyber Physical Control Function
> (C): (D -> C)
> * Therefore Turning on and off lights (D) requires source
> authentication (B): (D -> C -> A) (D -> A)
> * Therefore Turning on and off lights (D) cannot be accomplished
> securely by Symmetric Key Multicast (^B): (D -> C) ( C -> A) (D
> -> C -> A) ( D->A) (A -> ^B) (D -> ^B).
>
> Apologies if I got the formal logic wrong - its been a while.
>
All of this seems about right to me, but with two big caveats:
1. We are, I think, talking about group-based communications and not
necessarily group-based authorization for device control. There is
a difference, albeit subtle. One could reasonably envision
borrowing from lower layers to satisfy device authorization
requirements.
2. The question here is whether this is the right level to address the
problem. And I'll ask my clarifying question again: is there a more
logical place to anchor identity, like above or below this layer?
Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
