> >> I further suggest that if two routers have wireless that they might > well > >> have a WPA2/PSK available to them, and that they can and SHOULD use > something > >> derived from that key to authenticate each other. Could be over IKEv2, > yes. > > > I _think_ we have to assume some passwords somewhere. > > > - WPA2 PSK on almost all home routers by default (most home network > > access these days is wireless) > > yes, agree. And if they have multiple routers, they likely have the same > WPA2-PSK.
Possession of the WPA2 passphrases authorizes access to that particular Wi-Fi network -- nothing more and nothing less. And they authenticate nothing (because they are shared). If the concern is with a man-in-the-middle attack on HNCP messages, then point-to-point security, using encryption with any key that the 2 endpoints can agree on (such as simple TLS with HTTP digest authentication) makes sense. This is just about making sure the endpoints remain the same over the course of messaging and that nothing inserts itself into the conversation (or overhears the conversation). If the desire is to ensure endpoints can be identified over the course of many conversations, then consistently-used self-generated keys are sufficient. Because WPA2 passphrases are shared, they are useless here. If the goal is to know whether an endpoint is authorized to send/receive a HNCP message WPA2-PSK is also useless. It authorizes no such thing. Users should be free to run HNCP in a manner that requires no explicit authorization. If explicit authorization to run HNCP is desired by the user, then such authorization must come from a person with physical access to the home network and its devices, and such authorization must be specific to the running of HNCP and/or a role in home network configuration. But to be honest, I have no clue what the potential HNCP attacks and vulnerabilities (and security goals) are. What does HNCP security need to protect against? I agree that documentation of overall homenet threats and vulnerabilities isn't what's needed to understand specific HNCP threats and vulnerabilities. But is there a plan to document these for HNCP? Barbara _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
