On 03/10/2014 04:12, Kathleen Moriarty wrote: > On Thu, Oct 2, 2014 at 9:15 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> > wrote: > >> >> On 02/10/14 13:49, Michael Behringer (mbehring) wrote: >>> My personal goal is that what we do in ANIMA is fully compatible with >>> and ideally used in homenet. It would feel wrong to me to have an >>> infrastructure that doesn't work in a homenet. >>> >>> The security bootstrap is a good example of what we can achieve, with >>> reasonable effort. >> FWIW, it is not clear to me that the reasonable requirements >> for provisioning device security information (or bootstrapping >> if we wanted to call it that) are the same. >> > > This is where we would have overlap with SACM and I2NSF. I've spoken in > Ops and Dan R has helped to try to recruit some folks to help in SACM. It > would be good to not solve this in multiple places. SACM and I2NSF are > de-conflicting what they cover. Provisioning and assessing security > information is part of those efforts already, hence my questions on the > charter as well. > >> In enterprise environments we see fewer larger vendors of devices. >> In the home where we additionally have a large range of vendors >> many of whom are tiny and leverage a lot of OSS and who could >> perhaps not take part in the kind of provisioning infrastructure >> that is quite reasonable for enterprises and their vendors. >> > > There is a push in the vendor space for this type of automation and I'm all > for it, let's just coordinate on it so we don't wind up with too many ways > to do it.
Absolutely. It isn't surprising that Anima proponents are proposing specific approaches to security (or anything else), but there is an overriding sentence in the charter: "Where suitable protocols, models or methods exist, they will be preferred over creating new ones. " Clerarly that calls for coordination and awareness. Brian > > >> I do think both want to end up in the same state, where devices >> are authorised for connection to the network and where there is >> some keying material usable for security, but I'd be surprised >> if one approach to getting there worked the same way for both >> homes and enterprises. >> > > I'd like to see this discusses more, but maybe it's not in this group? > > Thanks, > Kathleen > >> S. >> >> > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Anima mailing list > an...@ietf.org > https://www.ietf.org/mailman/listinfo/anima _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet