In my experience, there is no single mechanism for establishing what is alternatively called 'pairing,' 'introduction,' 'enrollment,' on in the case of the WiFi Protected Setup a 'mental model.' The techniques have been called "ceremonies" by Carl Ellison and Jesse Walker, and they serve as a replacement for a system administrator in an unmanaged network by automating the process of adding an authorization, such as to a public key, username/password or other credential. The security rests on showing locality and control of the device, which doesn't work well if the gateway or device is in some publicly-accessible location, which is usually not the case in a home. The efficacy of any particular technique depends on the capabilities of the devices that are being paired. Some research at UC-Irvine, for example, suggests that a short authentication string is the most usable method for most people in cases where there is a keypad or display. In other cases, the USB key and p ush-button configuration techniques may be suitable. I am not aware of any studies that push button is a particularly intuitive HCI for most people. PBC uses weak identification and has a lot of vulnerabilities that require various mechanisms such as "walk time" in the WPS specification.
For homenet, I would expect that we would use or adapt the 'mental models' of the WiFi Alliance for our purposes. Or at least we should consider this course. In the case of the NFC mental model, I believe that particular method has been withdrawn by the WFA due to a dearth of shipped implementations that use it. I am also not aware of interoperable implementations of the USB key WPS technique. As I understand it, new techniques can be introduced or deprecated techniques can be re-introduced at the behest of interested parties. Mark _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
