On 09/13/2014 10:16 AM, Acee Lindem (acee) wrote:
I agree with Markus. The conflicting goals of self-configuration and
security seem to be a recurring theme in homenet. I reread the security
section in the ³Homenet Architecture² and it mainly covers with security
at the edges (which presumes effective edge detection). There is this
statement regarding the internal homenet:
3.6.4. Exfiltration concerns
As homenets become more complex, with more devices, and with service
discovery potentially enabled across the whole home, there are
potential concerns over the leakage of information should devices use
discovery protocols to gather information and report it to equipment
vendors or application service providers.
While it is not clear how such exfiltration could be easily avoided,
the threat should be recognised, be it from a new piece of hardware
or some 'app' installed on a personal device.
This is definitely something we¹ll need to come to terms with to move
forward and there may be more than one model.
I think we should be clear that hijacking router-router traffic brings a
whole
new class of breaches that home networks are probably not particularly
susceptible
to today. An active man in the middle is a very bad thing and that seems
trivially
doable without some precautions.
This is yet another reason why I keep saying that the goal should be
"littleconf"
rather than "zeroconf".
Mike
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
