On Fri, 3 Oct 2014, Steven Barth wrote:
Please note that this draft is in a very early stage so please help to
make additions, provide feedback and point out mistakes.
Being a crypto novice, let me write some text and please tell me if it
makes sense in the context of your draft (thanks for writing it, it looks
like a good summary).
I like SSH. SSH generates its own public/private key, there are
fingerprints I can put in SSHFP DNSSEC secured posts, etc. Are the
public/private keys considered to be similar to self-signed
"certificates"?
Anyhow, let me propose a scenario:
I get my first homenet router and power it up. It comes with a QR code on
it, and it has a button (or NFC, similar principle). I scan the QR code on
my smartphone (with a special homenet-control-app) which gives it enough
information to connect to the wifi of the router, then I am asked to press
a button on the router to allow my phone to become the administration
device. The QR code contains wifi information and key fingerprint ID so my
phone can decide that it's speaking to the correct device.
Now, after this, my phone app can speak to the router, and when I hook up
another device to that router, it detects the new device, fingerprint ID
etc, and asks me before it's allowed. After I ACK that it's allowed to
talk to my homenet (which previously only consisted of a single router),
they exchange session keys (or something) for management, so they can
continue to talk. Just like with SSH allowing key based login, the
management of homenet devices would rely on the public key for each
accepted device being known to all the other devices, and this is how
things authenticate. This would be the "anchor" that everything else
relies on when it comes to security.
Now, the problem is what to do when I lose my phone and don't have any
backup, so perhaps I need a user/password based login to add new
administration devices, it seems hard to work around.
If someone gets the private key of any of the accepted homenet devices, of
course everything falls down, but I don't see any way around it apart from
having TPM etc.
--
Mikael Abrahamsson email: swm...@swm.pp.se
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet