Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
On 06/10/2014 13:15, Michael Thomas wrote: > On 10/05/2014 05:09 PM, Stephen Farrell wrote: >> Hiya, >> >> On 05/10/14 22:55, Brian E Carpenter wrote: >>> So, in my opinion, model #1 (a shared secret known to every device) >>> is pretty weak. It might be acceptable for a small home network >>> with a very careful human owner, but not beyond that limit. This is >>> exactly >>> the kind of shared secret that people will write down and lose along >>> with >>> their wallet, or simply throw out in their household garbage. >>> IMHO, for a network of any size or complexity, we need model #2. >> Its not a question that needs to be answered now, but I don't see >> how model #2 is consistent with the open-source model of doing >> stuff. (I'm being intentionally vague there as many devices are >> sort-of developed in an open-source manner.) >> >> If there were a way to base things on a PKI for manufacturers that >> worked for open-source communities that'd be really good, but I >> don't think I've seen such a thing proposed so far. >> >> I'm also very very unsure how model#2 might work in the face of >> equipment being end-of-lifed by very small companies or what >> happens after a teeny-tiny manufacturer goes bust. >> >> Were the anima (or homenet) WG to try address those questions, >> I think that'd be great. (And to repeat, I'm not looking for answers >> right now, but just to see that a WG will commit to tackle this.) >> >> > > Are you reading into Brian's message a big P PKI (ie, CA's, etc) for #2? > I didn't read it that way. That is a correct non-reading ;-). I think the assumption is that there would be a local trust anchor of some kind which would be somewhat equivalent to a local CA. That's why the word 'bootstrap' figures in draft-pritikin-. Brian ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
On 10/05/2014 05:09 PM, Stephen Farrell wrote: Hiya, On 05/10/14 22:55, Brian E Carpenter wrote: So, in my opinion, model #1 (a shared secret known to every device) is pretty weak. It might be acceptable for a small home network with a very careful human owner, but not beyond that limit. This is exactly the kind of shared secret that people will write down and lose along with their wallet, or simply throw out in their household garbage. IMHO, for a network of any size or complexity, we need model #2. Its not a question that needs to be answered now, but I don't see how model #2 is consistent with the open-source model of doing stuff. (I'm being intentionally vague there as many devices are sort-of developed in an open-source manner.) If there were a way to base things on a PKI for manufacturers that worked for open-source communities that'd be really good, but I don't think I've seen such a thing proposed so far. I'm also very very unsure how model#2 might work in the face of equipment being end-of-lifed by very small companies or what happens after a teeny-tiny manufacturer goes bust. Were the anima (or homenet) WG to try address those questions, I think that'd be great. (And to repeat, I'm not looking for answers right now, but just to see that a WG will commit to tackle this.) Are you reading into Brian's message a big P PKI (ie, CA's, etc) for #2? I didn't read it that way. Mike, confused ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
Hiya, On 05/10/14 22:55, Brian E Carpenter wrote: > So, in my opinion, model #1 (a shared secret known to every device) > is pretty weak. It might be acceptable for a small home network > with a very careful human owner, but not beyond that limit. This is exactly > the kind of shared secret that people will write down and lose along with > their wallet, or simply throw out in their household garbage. > IMHO, for a network of any size or complexity, we need model #2. Its not a question that needs to be answered now, but I don't see how model #2 is consistent with the open-source model of doing stuff. (I'm being intentionally vague there as many devices are sort-of developed in an open-source manner.) If there were a way to base things on a PKI for manufacturers that worked for open-source communities that'd be really good, but I don't think I've seen such a thing proposed so far. I'm also very very unsure how model#2 might work in the face of equipment being end-of-lifed by very small companies or what happens after a teeny-tiny manufacturer goes bust. Were the anima (or homenet) WG to try address those questions, I think that'd be great. (And to repeat, I'm not looking for answers right now, but just to see that a WG will commit to tackle this.) S. ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
(cc's trimmed. I'm not sure the whole IESG wants this in their inboxen.) On 06/10/2014 08:51, Acee Lindem (acee) wrote: > > On 10/4/14, 10:16 PM, "Brian E Carpenter" > wrote: > >> On 05/10/2014 09:24, Acee Lindem (acee) wrote: >>> Right - but we still have to agree on the admin or, as you put it, >>> ownership model. At least one of the proposal for autonomic networking >>> is >>> a centralized approach as opposed to configuring a single authentication >>> password on each new device (as one with do with a WiFi network). >> Let me check that I understand. Are you saying that there are two basic >> models for enrollment? >> >> 1. "Hello, I am Brian. Please enrol me; the shared secret is *!&$£@." >> >> 2. "Hello, I am Brian. My public key is 12345, and should already >> be in your list. [Signed with my private key.]" > > That¹s basically the trade-off although there are many variations of #2. > Here is one example: > > http://www.ietf.org/id/draft-pritikin-bootstrapping-keyinfrastructures-01.txt > > The question is what are we willing to accept in the homenet in terms of > both device configuration and device requirements. Right, thanks. And this is question Anima has to ask for the more general case - of course draft-pritikin is a contender. So, in my opinion, model #1 (a shared secret known to every device) is pretty weak. It might be acceptable for a small home network with a very careful human owner, but not beyond that limit. This is exactly the kind of shared secret that people will write down and lose along with their wallet, or simply throw out in their household garbage. IMHO, for a network of any size or complexity, we need model #2. Brian ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
On 10/4/14, 10:16 PM, "Brian E Carpenter" wrote: >On 05/10/2014 09:24, Acee Lindem (acee) wrote: >> Right - but we still have to agree on the admin or, as you put it, >> ownership model. At least one of the proposal for autonomic networking >>is >> a centralized approach as opposed to configuring a single authentication >> password on each new device (as one with do with a WiFi network). > >Let me check that I understand. Are you saying that there are two basic >models for enrollment? > >1. "Hello, I am Brian. Please enrol me; the shared secret is *!&$£@." > >2. "Hello, I am Brian. My public key is 12345, and should already >be in your list. [Signed with my private key.]" That¹s basically the trade-off although there are many variations of #2. Here is one example: http://www.ietf.org/id/draft-pritikin-bootstrapping-keyinfrastructures-01.t xt The question is what are we willing to accept in the homenet in terms of both device configuration and device requirements. Thanks, Acee > >Brian > ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK)
On Oct 4, 2014, at 1:24 PM, Acee Lindem (acee) wrote: > Right - but we still have to agree on the admin or, as you put it, > ownership model. At least one of the proposal for autonomic networking is > a centralized approach as opposed to configuring a single authentication > password on each new device (as one with do with a WiFi network). Doesn't that assume that all network devices, ISP CPEs and retail gateways, use the centralized approach? Has the multi-authority issue been solved yet for autonomic systems? Has it been addressed? I don't know. Mark > Acee > > On 10/3/14, 7:34 PM, "Mark Baugher (mbaugher)" wrote: > >> I voiced the opinion that someone has to own the homenet, as distinct >> from who might own the CPEs and routers on the homenet. In the same >> way that some ISP CPEs let the user set the Wi-Fi password, the user or >> an agent for the use needs to take homenet ownership (or in the case of >> autonomic devices, transfer ownership). This cannot be done plug >> and play, there needs to be some ceremony. It's encouraging that >> the vast majority of users in homes, small offices and small businesses >> manage to configure their Wi-Fi Protected Access. Some ceremonies >> work to improve privacy and security. >> >> The home network needs to be owned by the home user(s) or agent (could >> be the ISP or some over-the-top retail solution, etc.). >> >> Mark >> >> On Oct 3, 2014, at 6:39 AM, Acee Lindem (acee) wrote: >> >>> One thing we need to do in homenet is agree on the network >>> administration >>> model. I believe many of us started with the assumption of plug and play >>> but are now accepting the fact that minimal configuration will be >>> required >>> to vet devices on the homenet. If we can agree on similar network admin >>> models and, as Ted pointed out, requirements on connecting devices, then >>> we be may able to use similar solutions. >>> >>> Acee >>> >>> On 10/2/14, 9:33 PM, "Sheng Jiang" wrote: >>> I also think ISP networks and enterprise networks are different from home networks. Although many requirements may looks similar, particularly considering the auto operation target, there are many preconditions are different. It could result on different solution though some components may be reusable among these networks. For ANIMA, we should surely study what homenet is working on and identify the differentia. Only after then, we can produce necessary solution with confusing the world. Best regards, Sheng From: homenet [homenet-boun...@ietf.org] on behalf of Toerless Eckert [eck...@cisco.com] Sent: 02 October 2014 22:41 To: Leddy, John Cc: Michael Behringer (mbehring); The IESG; homenet@ietf.org; Stephen Farrell; an...@ietf.org; Ted Lemon Subject: Re: [homenet] [Anima] Ted Lemon's Block on charter-ietf-anima-00-09: (with BLOCK) Fully agreed. But does this imply that we will make most progress by blocking out a working group that is actively chartered to look at the problems in the market segments Homenet is not addressing ? If the BLOCK is meant to suggest a charter improvements for anima to better define our mutual desire to share whatever is applicable and not reinvent unnecessarily, then where is the proposed charter text change ? Cheers Toerless P.S.: Also, if i may throw in some random tidbit of technology thoughts: I love home networks (and the WG for it), because it is the best place for IPv6 to eliminate IPv4 and start creating fresh, better IP network. I have a lot of doubt that we are anywhere close to going that route especially in larger enterprises, so the address management for IPv4 in those networks is going to be a crucial requirement where i don't think homenet could (or should) be any big help. And i am not sure if i would want to hold my breath for a lot of IPv4 adress complexity reduction in IoT either. But certainly autonomic processes cold rather help than hurt in that matter. On Thu, Oct 02, 2014 at 01:50:13PM +, Leddy, John wrote: > My worry on this topic is that we are referring to ³the Home² and ³the > Enterprise². > It isn¹t that clear of a distinction. This isn¹t just a simple L2 > flat > home vs. a Fortune 1000 enterprise. > > The home is getting more complex and includes work from home; IOT, > home > security, hot spots, cloud services, policies, discovery etc. > Large numbers of SMB¹s look like more high end residential than they > do > large enterprises. > > It would be ideal to have a solution that spans the range of size and > complexity for both residential and enterprise. > Perhaps enabling features/capabilities where required.
