On 09/11/2012 04:53 PM, Curtis Villamizar wrote:
In message <504f9a0b.1080...@mtcc.com>
Michael Thomas writes:
If we're using the property that they need to have access to my home
wifi as proof the device is "mine" rather than "somebody else's", then
lets stop right now with the posture that what we're doing is
"zeroconf" because configuring a wifi password is most certainly not
"zeroconf".
We had a similar discussion before and I pointed out that for security
some form of exchange of keys or certificates was needed.
Here is usually where IETF usually wraps around the axle. I'm not
saying that "has my wifi password, therefore is allowed" is bad, I'm
just saying that it's not zeroconf. We need to be extremely careful
that the best is the enemy of the good. At the point that we're talking
about certs we've almost certainly wandered into something well
beyond "littleconf". If we can get by with "has my wifi password"
or similar, we're still probably on track. Or maybe ssh-like leap of
faith kinds of bare public key enrollment is ok.
In any case, my larger point is that "littleconf" might also involve having
to give a name to some of my devices so that I don't have to remember
that megacorp-light-switch-1279385xxc7 is the front room mood lighting
in addition to giving it my wifi password for the home automation SSID.
Mike
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
