In message <4e955c94.3060...@cs.tcd.ie> Stephen Farrell writes: > On 10/12/2011 09:48 AM, Ole Troan wrote: > >> I've been reading the list with interest and have a question. > >> > >> When various devices in the home figure out which does what, > >> and do that periodically to handle changes, there's clearly > >> the potential that a zombied host tries to try take over > >> stuff with undesirable consequences. > >> > >> My question is whether this group are planning to think > >> about that now, or later, or never? (Or don't even think > >> there's a problem worth attempting to address.) > >> > >> Note - I'm not trying to argue for any particular level of > >> security and certainly not for some unachievable fort knox > >> everywhere, I'm just asking what's the plan? > > > > can we explore some fundamental principles of how and what we need to > > "secure"? > > > > using the electricity network as an analogy, can we make a distinction > > between "safety" and "security"? > > the electricity network in the home is somewhat self protecting with > > breakers and earthing. > > a home network must protect 'itself', i.e. handle any device plugged into > > it, in any topology, external and internal attacks > > and so on. > > > > I don't think it is the networks job to control who has access to the > > pictures of my grandmother or who can print to my printer. that's > > application policy. > > > > is it the networks job to control who has access to the network? no, I > > think that is a layer 2 function. > > > > I think homenet should focus on L3. (and be clear on what it expects from > > the other layers with regards to security). > > Reasonable points. However, if the zeroconf stuff provides an easy > way for a bad device to take over the homenet and get everything > interesting routed via it, that seems like a bad thing. That's > really what I was asking about, not application layer security, > nor layer 2 (though some layer 2 security can probably help a bit > if its turned on). > > Again, I'm not asking for some complex new scheme to be invented > here, I'm just asking whether the group are planning to address > this issue and roughly when. (In the hope that the answers are > something close to "yes" and "as an integrated part of the work":-) > > S.
You concern may boil down to. Should we be worried that Grandma is still running Windows 98? [Or that the same company that gave us Windows 95 and 98 can't get their act together with security after being beat up about it for over a decade.] Application layer security over a sound foundation is the right place for security. A practical consequence of horribly insecure OS code from one major supplier for more than a decade is that firewall functionality is also more than just nice to have in enterprise and home network equipment. OTOH - If the PC user runs flash for example, there is no way the network can protect them from the myriad of security holes that keep popping up and getting fixed all too slowly. ... and then there are the discount brokerages that run flash on their web sites insuring that their users will have flash installed and enabled and probably won't disable it when going elsewhere on the web. [oh well]. The network cannot protect the world from really bad application (or OS) programmers. Recognizing this may be a first step to solving it the right way - with a robust OS and more secure applications. Curtis _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
