Hiya, On 05/10/14 22:55, Brian E Carpenter wrote: > So, in my opinion, model #1 (a shared secret known to every device) > is pretty weak. It might be acceptable for a small home network > with a very careful human owner, but not beyond that limit. This is exactly > the kind of shared secret that people will write down and lose along with > their wallet, or simply throw out in their household garbage. > IMHO, for a network of any size or complexity, we need model #2.
Its not a question that needs to be answered now, but I don't see how model #2 is consistent with the open-source model of doing stuff. (I'm being intentionally vague there as many devices are sort-of developed in an open-source manner.) If there were a way to base things on a PKI for manufacturers that worked for open-source communities that'd be really good, but I don't think I've seen such a thing proposed so far. I'm also very very unsure how model#2 might work in the face of equipment being end-of-lifed by very small companies or what happens after a teeny-tiny manufacturer goes bust. Were the anima (or homenet) WG to try address those questions, I think that'd be great. (And to repeat, I'm not looking for answers right now, but just to see that a WG will commit to tackle this.) S. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet