Sorry, cathing up late with the thread.
Thanks, Eliot. Thats good information. The MAC address based limited
link-local address space is a problem for devices running a proxy.
Do you have an idea about some class of devices that has the issue
that you describe and that could be proxies ?
I know about these crazy LED lightbulbs that actually build a mesh
network. Is that what you where alluding to ?
But would those type of devices really be able to do all the
security stuff of ANIM/BRSKI ?
Cheers
Toerless
On Thu, Jul 13, 2017 at 10:58:45PM +0200, Eliot Lear wrote:
> Hi Toerless,
>
>
> On 7/6/17 9:09 AM, Toerless Eckert wrote:
> > On Thu, Jul 06, 2017 at 04:34:05PM +1200, Brian E Carpenter wrote:
> >> It used to be, but the recommendation today is a pseudo-random
> >> value (RFC7217). In any case it's a software choice.
> > brand new recommendations do not equate to be expected
> > standard practice in products. Would be very good to have
> > folks with practical insight into various products to
> > provide more information.
> On this point, I think it's quite likely that we will see a good number
> of devices fielded that will do a lousy job of PRNG, and so it would be
> inadvisable for them to implement RFC7217, lest they test their DAD code
> in ways not really intended. I'm not thinking about iPhones here, but
> energy harvesting devices like some light switches, and a bunch of,
> well,... crap.
>
> The question is whether you should design for these devices. IMHO "no"
> is a perfectly valid answer, but I'm still a bit skeptical about the
> value of 7217 for these class of devices in any event.
>
> Eliot
_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
