Are we assuming that the home router is purchased retail, and not "fulfilled" or provided by an ISP? The method to establish trust relationships would hinge on the answer
Randy -------- Original message -------- From: Mark Baugher <m...@mbaugher.com> Date:09/18/2014 5:12 PM (GMT-06:00) To: Randy Turner <rtur...@amalfisystems.com> Cc: "homenet@ietf.org Group" <homenet@ietf.org> Subject: Re: [homenet] HNCP security? On Sep 18, 2014, at 2:37 PM, Randy Turner <rtur...@amalfisystems.com> wrote: > How do you bootstrap trust relationships without an initial certificate > (whether installed at manufacturing or during a customer fulfillment stage) ? One way is through a user "security ceremony" (viz. Walker and Ellison) in the Wi-Fi and UPnP standards: The user pushes a recites a password, pushes buttons, waves an NFC device, etc. to authorize, e.g. sign the router's self-signed cert so other routers will accept its HNCP. That's a root of trust model. I'm sure there are other such models. There's been some talk about using web of trust, but I don't understand how that would work. Mark > > > > -------- Original message -------- > From: Michael Thomas <m...@mtcc.com> > Date:09/18/2014 4:17 PM (GMT-06:00) > To: homenet@ietf.org > Cc: > Subject: Re: [homenet] HNCP security? > > > On 9/18/14, 2:10 PM, STARK, BARBARA H wrote: > >> Self-signed certs bring only confusion, IMO: they are nothing more than a > >> raw key with an unsubstantiated claim to another name, along with a whole > >> lot more ASN.1 baggage beyond what is needed to parse the modulo and > >> exponent. > >> > >> And you don't get usage or policy restrictions without a CA that the > >> *HOMENET* trusts to assert them, nor can that sort of policy assertion be > >> done with device certs since I don't have any reason to believe > >> fly-by-night's > >> routers should be allowed to do whatever it is they claim they want to do. > > No, this would only be true if there were an implied authorization to go > > along with the authentication. > > Yes, I agree and that's why self-signed and/or manufacturer certs are of > no help. > There is no believable authz in them. A homenet would need to run its > own CA, or > use a CA that it delegates authz to. Or does something that avoids certs > altogether > and provides its own enrollment/authz solution. > > Mike > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet