> ...one might recommend starting with "an upper-layer security protocol" > such as CMS, COSE, JOSE or some other layer-3 encapsulation.
We're planning to use DTLS for both HNCP and Babel. But the authentication mechanism is not our main concern. This being Homenet, we need to generate keys automatically and distribute them securely with little or no user intervention. This is not trivial to do right, and requires carefully balancing the tradeoffs between security and usability. -- Juliusz _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet