I agree with Markus. The conflicting goals of self-configuration and security seem to be a recurring theme in homenet. I reread the security section in the ³Homenet Architecture² and it mainly covers with security at the edges (which presumes effective edge detection). There is this statement regarding the internal homenet:
3.6.4. Exfiltration concerns As homenets become more complex, with more devices, and with service discovery potentially enabled across the whole home, there are potential concerns over the leakage of information should devices use discovery protocols to gather information and report it to equipment vendors or application service providers. While it is not clear how such exfiltration could be easily avoided, the threat should be recognised, be it from a new piece of hardware or some 'app' installed on a personal device. This is definitely something we¹ll need to come to terms with to move forward and there may be more than one model. Thanks, Acee On 9/13/14, 1:40 AM, "Markus Stenberg" <markus.stenb...@iki.fi> wrote: >On 13.9.2014, at 5.50, Brian E Carpenter <brian.e.carpen...@gmail.com> >wrote: >> On 12/09/2014 22:23, Markus Stenberg wrote: >> ... >>> 1) Can we assume secure L2 and/or appropriate device >>> configuration by the manufacturer/ISP(/user)? (This is what I >>> can assume in my own home.) >> I'm not sure I fully understand this question, but certainly >> there a vast numbers of insecure home 802.11 setups. This is >> less prevalent than it was a few years ago, but it seems like a >> dangerous assumption if homenet-compliant kit is mixed in with >> older stuff such as wireless hubs that are open by default. > >From my point of view, if you¹re exposing part of your home network via >insecure wireless, only way to secure it would be to run mandatory crypto >over it both to hosts and routers. I¹m not sure this is really feasible >either. Just securing router-router traffic (or parts of it) does not >bring significant benefit from my point of view unless you also >authenticate hosts in such a case. > >While securing HNCP in such a case would prevent some attacks on in-home >network auto-configuration, anything else (e.g. using home resources, >using home internet access, pretending to be uplink and performing MITM, >the list goes on) would be still possible and I do not see the point. > >Cheers, > >-Markus >_______________________________________________ >homenet mailing list >homenet@ietf.org >https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet