On Sep 16, 2014, at 2:12 PM, normen.kowalew...@telekom.de wrote:
Hi,
Regarding
* draft-mglt-homenet-front-end-naming-delegation
* draft-mglt-homenet-naming-architecture-dhc-options
I think this is useful work and support its adoption.
However, I’d like to see these drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Home Networking Working Group of the IETF.
Title : Outsourcing Home Network Authoritative Naming Service
Authors : Daniel Migault
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Home Networking Working Group of the IETF.
Title : DHCP Options for Homenet Naming Architecture
Authors : Daniel Migault
On Sep 18, 2014, at 12:34 PM, Ted Lemon mel...@fugue.com wrote:
On Sep 18, 2014, at 4:27 AM, STARK, BARBARA H bs7...@att.com wrote:
UPnP Device Protection uses X.509 certificates (which can be self-signed,
and in order not to assume a WAN connection, really should be self-signed)
and TLS.
On 19.9.2014, at 11.18, Mark Townsley m...@townsley.net wrote:
My own experience attempting to use IPsec as an add-on security solution
(a.k.a. pixie dust) for a protocol isn't all that positive. We tried that
with L2TP, and in the process failed to kill off PPTP on windows clients. I
can't
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Home Networking Working Group of the IETF.
Title : Prefix and Address Assignment in a Home Network
Authors : Pierre Pfister
On Sep 19, 2014, at 3:25 AM, Ted Lemon mel...@fugue.com wrote:
On Sep 18, 2014, at 6:46 PM, Mark Baugher m...@mbaugher.com wrote:
The retail model works here. I can imagine a compliant CPE might allow the
use to take ownership of an interior HNCP interface. That's only if the
provider of
On 09/19/2014 01:18 AM, Mark Townsley wrote:
Another lesson learned was exposing two passwords to the user vs. one.
In a retail/wholesale LAC/LNS deployment model, it made perfect sense
for the L2TP tunnel to have a password separate from the PPP user
password (and L2TP fully supplanted L2F
Am 19.09.2014 um 16:00 schrieb Michael Thomas:
And it's extremely unlikely that
DTLS will be a one-sentence solution even if it gets adopted because
DTLS, IPsec, etc say nothing
about enrollment and authorization. Those are by far the hard problems
with homenent security.
I wouldn't really
On 09/19/2014 07:52 AM, Steven Barth wrote:
Am 19.09.2014 um 16:29 schrieb Michael Thomas:
Punting on one of the hardest problems would be a travesty. There are
plenty of people in IETF that are
plenty smart about this subject; we will never get an opportunity to
do the right thing again if we
On Sep 19, 2014, at 10:52 AM, Steven Barth cy...@openwrt.org wrote:
That was not my point. I'm totally happy with having a standardized way of
doing this but I don't think that HNCP is the place where it should be
defined since we will probably not be the only user.
HNCP won't be the only
On Sep 19, 2014, at 8:54 AM, Ted Lemon mel...@fugue.com wrote:
On Sep 19, 2014, at 10:52 AM, Steven Barth cy...@openwrt.org wrote:
That was not my point. I'm totally happy with having a standardized way of
doing this but I don't think that HNCP is the place where it should be
defined since
On Sep 19, 2014, at 11:59 AM, Mark Baugher m...@mbaugher.com wrote:
How could it happen?
Isn't that what we've been discussing?
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
On Sep 19, 2014, at 7:17 AM, Steven Barth cy...@openwrt.org wrote:
Am 19.09.2014 um 16:00 schrieb Michael Thomas:
And it's extremely unlikely that
DTLS will be a one-sentence solution even if it gets adopted because DTLS,
IPsec, etc say nothing
about enrollment and authorization. Those are
A cert by itself is more or less a wrapper but that¹s not the way PKI
works (certs by themselves) - you have certs and trust anchors the anchors
being the method by verifying the identity of the person presenting the cert
you can do proof of possession as well to very the identity
On Sep 19, 2014, at 1:22 PM, Mark Baugher m...@mbaugher.com wrote:
AFAICT, we've been discussing key format or DLTS vs IPsec. That discussion
presumes that you have some way for a CPE from ISP-a to securely accept HNCP
from ISP-b, or the user's new AP/router, and so forth. How does that
On 9/19/14, 12:38 PM, Ted Lemon wrote:
On Sep 19, 2014, at 1:22 PM, Mark Baugher m...@mbaugher.com wrote:
AFAICT, we've been discussing key format or DLTS vs IPsec. That discussion
presumes that you have some way for a CPE from ISP-a to securely accept HNCP
from ISP-b, or the user's new
On Sep 19, 2014, at 4:54 PM, Michael Thomas m...@mtcc.com wrote:
I guess that's kind of what I've been getting at: should we capture all of
this in a threats document?
I'm a little uncomfortable with the formality, but I'm even more
uncomfortable with the seeming desire
by some to sweep
18 matches
Mail list logo
