Re: [homenet] hncp-security-trust

2014-11-15 Thread Steven Barth
I assume that the trust verdicts would be distributed by hncp, but the documenet doesn't seem to say so. Yes, they are. The idea was too limit them in some way since neutral verdicts can be created by (unusuccessful) external connection attempts and thus it must be avoided that established nod

[homenet] hncp-security-trust

2014-11-15 Thread Michael Richardson
section 6.3.3 contemplates sending out verdicts for a period of time until a decision can be rendered, giving up after 10 minutes. I think, that since hncp is using trickle, it can just rely on trickle saying that we haven't got any new information, so just don't say anything. I assume that the

Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt

2014-10-22 Thread Michael Thomas
On 10/22/14, 12:46 PM, Brian E Carpenter wrote: On 22/10/2014 23:54, Ray Bellis wrote: On 22 Oct 2014, at 02:02, Brian E Carpenter wrote: Up one more level: the charter looks pretty out of date in general. Hi Brian, The charter itself still reflects our primary focus. I believe it still

Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt

2014-10-22 Thread Brian E Carpenter
On 22/10/2014 23:54, Ray Bellis wrote: > On 22 Oct 2014, at 02:02, Brian E Carpenter > wrote: > >> Up one more level: the charter looks pretty out of date in general. > > Hi Brian, > > The charter itself still reflects our primary focus. I believe it still > accurately reflects the constrain

Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt

2014-10-22 Thread Ray Bellis
On 22 Oct 2014, at 02:02, Brian E Carpenter wrote: > Up one more level: the charter looks pretty out of date in general. Hi Brian, The charter itself still reflects our primary focus. I believe it still accurately reflects the constraints on our scope. The milestones are admittedly completel

Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt

2014-10-21 Thread Steven Barth
> I agree with whoever it was that said there is not enough explanation > of the threat model in this draft. The result is that I really can't > evaluate whether the proposed solution is complete or adequate. >From my point of view there are two vectors through which you can attack HNCP - as mentio

Re: [homenet] I-D Action: draft-barth-homenet-hncp-security-trust-01.txt

2014-10-21 Thread Brian E Carpenter
Hi, I agree with whoever it was that said there is not enough explanation of the threat model in this draft. The result is that I really can't evaluate whether the proposed solution is complete or adequate. The other thing that bothers me is that we need a secure homenet, not just a secure HNCP.

Re: [homenet] HNCP Security & Trust Draft

2014-10-14 Thread Michael Thomas
. http://tools.ietf.org/html/draft-barth-homenet-hncp-security-trust-01 Most notable changes: * Some clarifications to the consensus based trust scheme * PSK-management now supports key-derivation for different protocols (IGPs, ...) * Underlying crypto scheme changed to DTLS for now * Some

Re: [homenet] HNCP Security & Trust Draft

2014-10-14 Thread Steven Barth
I just pushed a new revision of the draft. http://tools.ietf.org/html/draft-barth-homenet-hncp-security-trust-01 Most notable changes: * Some clarifications to the consensus based trust scheme * PSK-management now supports key-derivation for different protocols (IGPs, ...) * Underlying crypto

Re: [homenet] HNCP Security & Trust Draft

2014-10-06 Thread Steven Barth
Hi Mikael, thanks for your feedback. Being a crypto novice, let me write some text and please tell me if it makes sense in the context of your draft (thanks for writing it, it looks like a good summary). I do not consider myself to be a crypto expert either which is one of the reasons I'd tr

Re: [homenet] HNCP Security & Trust Draft

2014-10-06 Thread Mikael Abrahamsson
On Fri, 3 Oct 2014, Steven Barth wrote: Please note that this draft is in a very early stage so please help to make additions, provide feedback and point out mistakes. Being a crypto novice, let me write some text and please tell me if it makes sense in the context of your draft (thanks for w

[homenet] HNCP Security & Trust Draft

2014-10-03 Thread Steven Barth
Hi everyone, I took the last few days to gather some thoughts about threats, security and trust management in the context of HNCP and wrote it up under http://tools.ietf.org/html/draft-barth-homenet-hncp-security-trust-00 Quick overview over the topics: * Homenet Border * HNCP Payload

Re: [homenet] HNCP security?

2014-09-30 Thread Tero Kivinen
Markus Stenberg writes: > > I have no idea what littleconf-TOFU setup looks like, so cannot > > comment.. > > Guess I’ll come over and discuss this at some point (not sure how > much you have followed the 100+ message thread here). I have skimmed through some of the emails, but not that well, s

Re: [homenet] HNCP security?

2014-09-29 Thread Markus Stenberg
On 29.9.2014, at 14.57, Tero Kivinen wrote: > Markus Stenberg writes: >> >>> If homenet needs multicast support then it might be good idea to push >>> that document forward. >> How does this solution work with e.g. link-local-only >> littleconf-TOFU setup? > > I have no idea what littleconf-TOF

Re: [homenet] HNCP security?

2014-09-29 Thread Michael Richardson
Ted Lemon wrote: >> If, OTOH, you can say that you would in fact also require origin >> authentication, then that is also of interest. (It'd mean that your >> use case could not be met by the initially chartered work for DICE, >> and that factoid could be helpful in figuring out h

Re: [homenet] HNCP security?

2014-09-29 Thread Michael Thomas
On 09/29/2014 06:24 AM, Ted Lemon wrote: On Sep 29, 2014, at 9:16 AM, Stephen Farrell wrote: If, OTOH, you can say that you would in fact also require origin authentication, then that is also of interest. (It'd mean that your use case could not be met by the initially chartered work for DICE, a

Re: [homenet] HNCP security?

2014-09-29 Thread Ted Lemon
On Sep 29, 2014, at 9:16 AM, Stephen Farrell wrote: > If, OTOH, you can say that you would in fact also require > origin authentication, then that is also of interest. (It'd > mean that your use case could not be met by the initially > chartered work for DICE, and that factoid could be helpful > i

Re: [homenet] HNCP security?

2014-09-29 Thread Stephen Farrell
On 29/09/14 13:58, Ted Lemon wrote: > On Sep 29, 2014, at 3:50 AM, Stephen Farrell > wrote: >> Sooner would be much better than later for that as the DICE WG are >> right now in the process of (re-)considering whether they can in >> fact meet their chartered goals on this topic. > > Unfortunate

Re: [homenet] HNCP security?

2014-09-29 Thread Ted Lemon
On Sep 29, 2014, at 3:50 AM, Stephen Farrell wrote: > Sooner would be much better than later for that as the DICE > WG are right now in the process of (re-)considering whether > they can in fact meet their chartered goals on this topic. Unfortunately I think at this point we are distracted by a d

Re: [homenet] HNCP security?

2014-09-29 Thread Tero Kivinen
Markus Stenberg writes: > > There is also ikev2 version of group key management > > (draft-yeung-g-ikev2), but the draft seems to have expired some time > > ago. I still think it was supposed to be published. > > Ah, interesting, did not know about that. Thanks ;) > > > If homenet needs multicast

Re: [homenet] HNCP security?

2014-09-29 Thread Stephen Farrell
Hiya, I've not really been following this discussion sufficient to comment in general, but just on this part... On 29/09/14 08:39, Markus Stenberg wrote: > DTLS has rather sad multicast story too The DICE WG [1] have also been discussing potential issues with DTLS and multicast. That discussio

Re: [homenet] HNCP security?

2014-09-29 Thread Markus Stenberg
On 25.9.2014, at 14.19, Tero Kivinen wrote: > Markus Stenberg writes: >>> Is there something else that’ll work as transport layer security >>> for multicast, or should we send a request for the IETF leadership >>> to investigate if this is something that needs to be developed? >> >> There is not

Re: [homenet] HNCP security?

2014-09-25 Thread Michael Richardson
Michael Thomas wrote: >> So what about the other way around? To what degrees should my >> homenet trust ISP-maintained CPE? > Sorry, I was talking about the upstream aggregation router, not the > in-home router. That is, if I treat the ISP CPE the same way that I > treat my

Re: [homenet] HNCP security?

2014-09-25 Thread Tero Kivinen
Markus Stenberg writes: > > Is there something else that’ll work as transport layer security > > for multicast, or should we send a request for the IETF leadership > > to investigate if this is something that needs to be developed? > > There is not that I know of. > > I believe msec work is some

Re: [homenet] HNCP security?

2014-09-24 Thread Michael Thomas
On 9/24/14, 7:46 AM, Michael Richardson wrote: Michael Thomas wrote: >> Michael Thomas wrote: >> >> 2) ISP-provided router has to be willing to trust retail purchased router, >> >> or nothing works. >> >> > So what about the other way around? To what degrees should my

Re: [homenet] HNCP security?

2014-09-24 Thread Michael Richardson
Michael Thomas wrote: >> Michael Thomas wrote: >> >> 2) ISP-provided router has to be willing to trust retail purchased router, >> >> or nothing works. >> >> > So what about the other way around? To what degrees should my homenet trust >> > ISP-maintained CPE? >>

Re: [homenet] HNCP security?

2014-09-24 Thread Ted Lemon
On Sep 24, 2014, at 10:00 AM, Steven Barth wrote: > Maybe adding that we should try to use an existing and well-tested mechanism > unless there is a very good reason not to. I don't think there is one, but if you think there is you should tell us! :) __

Re: [homenet] HNCP security?

2014-09-24 Thread Steven Barth
Thank you for all of the discussion on this important topic. Without declaring consensus on how far we should go scope-wise in terms of overall homenet security just yet, I'd like to know if, in terms of HNCP itself from a bits-on-the-wire protocol perspective, can we adopt this proposal prop

Re: [homenet] HNCP security?

2014-09-24 Thread Michael Richardson
Mark Townsley wrote: > Without declaring consensus on how far we should go scope-wise in terms > of overall homenet security just yet, I'd like to know if, in terms of > HNCP itself from a bits-on-the-wire protocol perspective, can we adopt > this proposal proposal from Mikael? If

Re: [homenet] HNCP security?

2014-09-24 Thread Michael Thomas
On 09/24/2014 05:01 AM, Mark Townsley wrote: Thank you for all of the discussion on this important topic. Without declaring consensus on how far we should go scope-wise in terms of overall homenet security just yet, I'd like to know if, in terms of HNCP itself from a bits-on-the-wire protocol

Re: [homenet] HNCP security?

2014-09-24 Thread Mark Townsley
Thank you for all of the discussion on this important topic. Without declaring consensus on how far we should go scope-wise in terms of overall homenet security just yet, I'd like to know if, in terms of HNCP itself from a bits-on-the-wire protocol perspective, can we adopt this proposal prop

Re: [homenet] HNCP security?

2014-09-24 Thread Mark Townsley
> On Sep 23, 2014, at 7:22 PM, Michael Richardson wrote: > > > Mark Townsley wrote: >> My own experience attempting to use IPsec as an add-on security >> solution (a.k.a. "pixie dust) for a protocol isn't all that >> positive. We tried that with L2TP, and in the process failed to kill >> off P

Re: [homenet] HNCP security?

2014-09-24 Thread Markus Stenberg
On 24.9.2014, at 12.07, Mikael Abrahamsson wrote: > On Wed, 24 Sep 2014, Markus Stenberg wrote: >> Big problem with IPsec + ‘any protocol’ is that it does not work _that_ well >> with multicast. Certainly, you can use manually keyed (static) IPsec SAs >> (although in case of Linux, out of the bo

Re: [homenet] HNCP security?

2014-09-24 Thread Mikael Abrahamsson
On Wed, 24 Sep 2014, Markus Stenberg wrote: Big problem with IPsec + ‘any protocol’ is that it does not work _that_ well with multicast. Certainly, you can use manually keyed (static) IPsec SAs (although in case of Linux, out of the box, it does not work either but is easy to patch), but they

Re: [homenet] HNCP security?

2014-09-24 Thread Markus Stenberg
On 24.9.2014, at 8.56, Mikael Abrahamsson wrote: > On paper it still seems IPSEC should be able to do this (I mean, isn't this > what Microsoft does with Direct Access, ie run IPSEC and have keys handled by > AD? From a theoretical level, it seems bad that we can't implement generic > security

Re: [homenet] HNCP security?

2014-09-23 Thread Mikael Abrahamsson
On Fri, 19 Sep 2014, Mark Townsley wrote: My own experience attempting to use IPsec as an add-on security solution (a.k.a. "pixie dust) for a protocol isn't all that positive. We tried that with L2TP, and in the process failed to kill off PPTP on windows clients. I can't tell you how many time

Re: [homenet] HNCP security?

2014-09-23 Thread Ted Lemon
On Sep 23, 2014, at 7:57 PM, Douglas Otis wrote: > Actually, it is better to assume there is a long list of vulnerable home > routers being p0wned by entities beyond their ISP. This is to some extent true, but not something we can really address in homenet. _

Re: [homenet] HNCP security?

2014-09-23 Thread Douglas Otis
On Sep 23, 2014, at 3:39 PM, Michael Thomas wrote: > > On 9/23/14, 1:07 PM, Michael Richardson wrote: >> Michael Thomas wrote: >> >> 2) ISP-provided router has to be willing to trust retail purchased >> router, >> >> or nothing works. >> >> > So what about the other way around? T

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Thomas
On 9/23/14, 1:07 PM, Michael Richardson wrote: Michael Thomas wrote: >> 2) ISP-provided router has to be willing to trust retail purchased router, >> or nothing works. > So what about the other way around? To what degrees should my homenet trust > ISP-maintained CPE? Tha

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
Michael Thomas wrote: >> 2) ISP-provided router has to be willing to trust retail purchased router, >> or nothing works. > So what about the other way around? To what degrees should my homenet trust > ISP-maintained CPE? That's up to you. Seriously. Your ISP-maintained CPE to

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
STARK, BARBARA H wrote: > If the concern is with a man-in-the-middle attack on HNCP messages, > then point-to-point security, using encryption with any key that the 2 The concern is man-in-the-middle "attacks" on HNCP messages by an outsider, not another member of the household. Or, mor

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Thomas
On 9/23/14, 10:59 AM, Michael Richardson wrote: 2) ISP-provided router has to be willing to trust retail purchased router, or nothing works. So what about the other way around? To what degrees should my homenet trust ISP-maintained CPE? Or more succinctly, what are the things the ISP and

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
Randy Turner wrote: > Are we assuming that the home router is purchased retail, and not > "fulfilled" or provided by an ISP? The method to establish trust > relationships would hinge on the answer 1) if there only one home router from the ISP, then there is no problem. 2) ISP-provide

Re: [homenet] HNCP security?

2014-09-23 Thread STARK, BARBARA H
> >> I further suggest that if two routers have wireless that they might > well > >> have a WPA2/PSK available to them, and that they can and SHOULD use > something > >> derived from that key to authenticate each other. Could be over IKEv2, > yes. > > > I _think_ we have to assu

Re: [homenet] HNCP security?

2014-09-23 Thread Ted Lemon
On Sep 23, 2014, at 1:23 PM, Michael Richardson wrote: > With respect, if you leave the trust scheme out of scope, what you are > really doing is leaving all of the security out of scope, because it won't be > deployable. +1 ___ homenet mailing list h

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
Steven Barth wrote: >> And it's extremely unlikely that >> DTLS will be a one-sentence "solution" even if it gets adopted because >> DTLS, IPsec, etc say nothing >> about enrollment and authorization. Those are by far the hard problems with >> homenent security. > I woul

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
Mark Townsley wrote: > My own experience attempting to use IPsec as an add-on security > solution (a.k.a. "pixie dust) for a protocol isn't all that > positive. We tried that with L2TP, and in the process failed to kill > off PPTP on windows clients. I can't tell you how many time

Re: [homenet] HNCP security?

2014-09-23 Thread Michael Richardson
Markus Stenberg wrote: markus> 1) Can we assume secure L2 and/or appropriate device markus> configuration by the manufacturer/ISP(/user)? (This is what I can markus> assume in my own home.) >> I think that we can assume that wired links are secure. >> The only time we care if

Re: [homenet] HNCP security?

2014-09-22 Thread Acee Lindem (acee)
I agree with this direction. This will also let the work HCNP and Security Threats/Requirements to go on in parallel. Of course, HCNP security may need to be revisited once the latter is agreed upon. Thanks, Acee On 9/21/14, 3:22 PM, "Mark Baugher" wrote: > >On Sep 20, 2014, at 12:57 AM, Steven

Re: [homenet] HNCP security?

2014-09-21 Thread Mark Baugher
On Sep 20, 2014, at 12:57 AM, Steven Barth wrote: > > Am 20.09.2014 um 09:17 schrieb Tim Chown: >> I think it would be useful to do, and needn't hold up progress. It would >> give us a common understanding - hopefully - of which threats are being >> covered and which are not. And which are ha

Re: [homenet] HNCP security?

2014-09-20 Thread Steven Barth
Am 20.09.2014 um 09:17 schrieb Tim Chown: I think it would be useful to do, and needn't hold up progress. It would give us a common understanding - hopefully - of which threats are being covered and which are not. And which are handled by layers/protocols outside the scope of homenet's charte

Re: [homenet] HNCP security?

2014-09-20 Thread Tim Chown
> On 19 Sep 2014, at 21:59, Ted Lemon wrote: > >> On Sep 19, 2014, at 4:54 PM, Michael Thomas wrote: >> I guess that's kind of what I've been getting at: should we capture all of >> this in a threats document? >> I'm a little uncomfortable with the formality, but I'm even more >> uncomfortable

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 19, 2014, at 4:54 PM, Michael Thomas wrote: > I guess that's kind of what I've been getting at: should we capture all of > this in a threats document? > I'm a little uncomfortable with the formality, but I'm even more > uncomfortable with the seeming desire > by some to sweep this all und

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 9/19/14, 3:28 AM, Ted Lemon wrote: On Sep 18, 2014, at 6:04 PM, Mark Baugher wrote: As someone on this thread has asked: Has any of this been written down? Requirements, use cases, threat analysis should all help to inform our decision about what format to use. This discussion to some e

Re: [homenet] HNCP security?

2014-09-19 Thread Brian E Carpenter
On 20/09/2014 08:05, Michael Thomas wrote: > > On 9/19/14, 12:38 PM, Ted Lemon wrote: >> On Sep 19, 2014, at 1:22 PM, Mark Baugher wrote: >>> AFAICT, we've been discussing key format or DLTS vs IPsec. That >>> discussion presumes that you have some way for a CPE from ISP-a to >>> securely accept

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 9/19/14, 12:38 PM, Ted Lemon wrote: On Sep 19, 2014, at 1:22 PM, Mark Baugher wrote: AFAICT, we've been discussing key format or DLTS vs IPsec. That discussion presumes that you have some way for a CPE from ISP-a to securely accept HNCP from ISP-b, or the user's new AP/router, and so for

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 19, 2014, at 1:22 PM, Mark Baugher wrote: > AFAICT, we've been discussing key format or DLTS vs IPsec. That discussion > presumes that you have some way for a CPE from ISP-a to securely accept HNCP > from ISP-b, or the user's new AP/router, and so forth. How does that happen? Michael R

Re: [homenet] HNCP security?

2014-09-19 Thread Mark Baugher
On Sep 19, 2014, at 9:37 AM, Ted Lemon wrote: > On Sep 19, 2014, at 11:59 AM, Mark Baugher wrote: >> How could it happen? > > Isn't that what we've been discussing? AFAICT, we've been discussing key format or DLTS vs IPsec. That discussion presumes that you have some way for a CPE from ISP-

Re: [homenet] HNCP security?

2014-09-19 Thread Randy Turner
supplicant knows the private key. Randy From: Michael Thomas Date: Thursday, September 18, 2014 at 3:06 PM To: David R Oran , Rene Struik Cc: , Markus Stenberg Subject: Re: [homenet] HNCP security? On 9/18/14, 8:57 AM, David R Oran wrote: > > On Sep 18, 2014, at 11:46 AM

Re: [homenet] HNCP security?

2014-09-19 Thread Douglas Otis
On Sep 19, 2014, at 7:17 AM, Steven Barth wrote: > Am 19.09.2014 um 16:00 schrieb Michael Thomas: >> And it's extremely unlikely that >> DTLS will be a one-sentence "solution" even if it gets adopted because DTLS, >> IPsec, etc say nothing >> about enrollment and authorization. Those are by far

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 19, 2014, at 11:59 AM, Mark Baugher wrote: > How could it happen? Isn't that what we've been discussing? ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] HNCP security?

2014-09-19 Thread Mark Baugher
On Sep 19, 2014, at 8:54 AM, Ted Lemon wrote: > On Sep 19, 2014, at 10:52 AM, Steven Barth wrote: >> That was not my point. I'm totally happy with having a standardized way of >> doing this but I don't think that HNCP is the place where it should be >> defined since we will probably not be th

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 19, 2014, at 10:52 AM, Steven Barth wrote: > That was not my point. I'm totally happy with having a standardized way of > doing this but I don't think that HNCP is the place where it should be > defined since we will probably not be the only user. HNCP won't be the only user, but given t

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 09/19/2014 07:52 AM, Steven Barth wrote: Am 19.09.2014 um 16:29 schrieb Michael Thomas: Punting on one of the hardest problems would be a travesty. There are plenty of people in IETF that are plenty smart about this subject; we will never get an opportunity to do the right thing again if we

Re: [homenet] HNCP security?

2014-09-19 Thread Steven Barth
Am 19.09.2014 um 16:29 schrieb Michael Thomas: Punting on one of the hardest problems would be a travesty. There are plenty of people in IETF that are plenty smart about this subject; we will never get an opportunity to do the right thing again if we loose this into the wild and say "figure it o

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 09/19/2014 07:17 AM, Steven Barth wrote: Am 19.09.2014 um 16:00 schrieb Michael Thomas: And it's extremely unlikely that DTLS will be a one-sentence "solution" even if it gets adopted because DTLS, IPsec, etc say nothing about enrollment and authorization. Those are by far the hard problems

Re: [homenet] HNCP security?

2014-09-19 Thread Steven Barth
Am 19.09.2014 um 16:00 schrieb Michael Thomas: And it's extremely unlikely that DTLS will be a one-sentence "solution" even if it gets adopted because DTLS, IPsec, etc say nothing about enrollment and authorization. Those are by far the hard problems with homenent security. I wouldn't really wa

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 09/19/2014 02:06 AM, Markus Stenberg wrote: On 19.9.2014, at 11.18, Mark Townsley wrote: My own experience attempting to use IPsec as an add-on security solution (a.k.a. "pixie dust) for a protocol isn't all that positive. We tried that with L2TP, and in the process failed to kill off PPTP

Re: [homenet] HNCP security?

2014-09-19 Thread Michael Thomas
On 09/19/2014 01:18 AM, Mark Townsley wrote: Another lesson learned was exposing two passwords to the user vs. one. In a retail/wholesale LAC/LNS deployment model, it made perfect sense for the L2TP tunnel to have a password separate from the PPP user password (and L2TP fully supplanted L2F

Re: [homenet] HNCP security?

2014-09-19 Thread Mark Baugher
On Sep 19, 2014, at 3:25 AM, Ted Lemon wrote: > On Sep 18, 2014, at 6:46 PM, Mark Baugher wrote: >> The retail model works here. I can imagine a compliant CPE might allow the >> use to "take ownership" of an interior HNCP interface. That's only if the >> provider of that CPE wanted to be com

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 18, 2014, at 6:04 PM, Mark Baugher wrote: > As someone on this thread has asked: Has any of this been written down? > Requirements, use cases, threat analysis should all help to inform our > decision about what format to use. This discussion to some extent made it into the homenet arch

Re: [homenet] HNCP security?

2014-09-19 Thread Ted Lemon
On Sep 18, 2014, at 6:46 PM, Mark Baugher wrote: > The retail model works here. I can imagine a compliant CPE might allow the > use to "take ownership" of an interior HNCP interface. That's only if the > provider of that CPE wanted to be compliant to a future HNCP security > standard. So to b

Re: [homenet] HNCP security?

2014-09-19 Thread Markus Stenberg
On 19.9.2014, at 11.18, Mark Townsley wrote: > My own experience attempting to use IPsec as an add-on security solution > (a.k.a. "pixie dust) for a protocol isn't all that positive. We tried that > with L2TP, and in the process failed to kill off PPTP on windows clients. I > can't tell you how

Re: [homenet] HNCP security?

2014-09-19 Thread Mark Townsley
On Sep 18, 2014, at 12:34 PM, Ted Lemon wrote: > On Sep 18, 2014, at 4:27 AM, STARK, BARBARA H wrote: >> UPnP Device Protection uses X.509 certificates (which can be self-signed, >> and in order not to assume a WAN connection, really should be self-signed) >> and TLS. > > I think that someth

Re: [homenet] HNCP security?

2014-09-18 Thread Randy Turner
smartphone Original message From: "STARK, BARBARA H" Date:09/18/2014 5:02 PM (GMT-06:00) To: Randy Turner , Michael Thomas , homenet@ietf.org Cc: Subject: RE: [homenet] HNCP security? > How do you bootstrap trust relationships without an initial certificat

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 9/18/14, 3:43 PM, Randy Turner wrote: Are we assuming that the home router is purchased retail, and not "fulfilled" or provided by an ISP? The method to establish trust relationships would hinge on the answer I should be able prepurpose an old PC with linux running homenet software. We

Re: [homenet] HNCP security?

2014-09-18 Thread Mark Baugher
k Baugher > Date:09/18/2014 5:12 PM (GMT-06:00) > To: Randy Turner > Cc: "homenet@ietf.org Group" > Subject: Re: [homenet] HNCP security? > > > On Sep 18, 2014, at 2:37 PM, Randy Turner wrote: > > > How do you bootstrap trust relationships without a

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 9/18/14, 3:39 PM, Brian E Carpenter wrote: Yes, I agree and that's why self-signed and/or manufacturer certs are of no help. Surely they are of help for secure *identification* of devices? No more so than the naked public key. Authorisation is a separate step. Yes. There is no beli

Re: [homenet] HNCP security?

2014-09-18 Thread Randy Turner
ndy Turner Cc: "homenet@ietf.org Group" Subject: Re: [homenet] HNCP security? On Sep 18, 2014, at 2:37 PM, Randy Turner wrote: > How do you bootstrap trust relationships without an initial certificate > (whether installed at manufacturing or during a customer fulfillment stag

Re: [homenet] HNCP security?

2014-09-18 Thread Brian E Carpenter
On 19/09/2014 09:17, Michael Thomas wrote: > > On 9/18/14, 2:10 PM, STARK, BARBARA H wrote: >>> Self-signed certs bring only confusion, IMO: they are nothing more >>> than a >>> raw key with an unsubstantiated claim to another name, along with a >>> whole >>> lot more ASN.1 baggage beyond what is

Re: [homenet] HNCP security?

2014-09-18 Thread Mark Baugher
re's been some talk about using web of trust, but I don't understand how that would work. Mark > > > > Original message > From: Michael Thomas > Date:09/18/2014 4:17 PM (GMT-06:00) > To: homenet@ietf.org > Cc: > Subject: Re: [homenet]

Re: [homenet] HNCP security?

2014-09-18 Thread Mark Baugher
And all of this was covered in the design for UPnP Device Protection that you referred to earlier and its progenitor UPnP Device Security. I consider HNCP security to be a small subset of the UPnP device requirements. Mark On Sep 18, 2014, at 2:10 PM, STARK, BARBARA H wrote: >> Self-signed ce

Re: [homenet] HNCP security?

2014-09-18 Thread Mark Baugher
On Sep 18, 2014, at 8:57 AM, David R Oran wrote: > > On Sep 18, 2014, at 11:46 AM, Rene Struik wrote: > >> It seems that the cryptographic literature needs to be rewritten now ... >> >> == >> Anything you can do with a cert, you can do with raw public keys, and you >> don't need CA's. See R

Re: [homenet] HNCP security?

2014-09-18 Thread STARK, BARBARA H
in the network). I really see no way to enable security without some user involvement. And as long as the user has the choice to run without security, I see no problem in requiring it. Barbara Original message From: Michael Thomas Date:09/18/2014 4:17 PM (GMT-06:00) To: homenet@ie

Re: [homenet] HNCP security?

2014-09-18 Thread Randy Turner
: [homenet] HNCP security? On 9/18/14, 2:10 PM, STARK, BARBARA H wrote: >> Self-signed certs bring only confusion, IMO: they are nothing more than a >> raw key with an unsubstantiated claim to another name, along with a whole >> lot more ASN.1 baggage beyond what is needed to pa

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 9/18/14, 2:10 PM, STARK, BARBARA H wrote: Self-signed certs bring only confusion, IMO: they are nothing more than a raw key with an unsubstantiated claim to another name, along with a whole lot more ASN.1 baggage beyond what is needed to parse the modulo and exponent. And you don't get usage

Re: [homenet] HNCP security?

2014-09-18 Thread STARK, BARBARA H
> Self-signed certs bring only confusion, IMO: they are nothing more than a > raw key with an unsubstantiated claim to another name, along with a whole > lot more ASN.1 baggage beyond what is needed to parse the modulo and > exponent. > > And you don't get usage or policy restrictions without a CA

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 9/18/14, 8:57 AM, David R Oran wrote: On Sep 18, 2014, at 11:46 AM, Rene Struik wrote: It seems that the cryptographic literature needs to be rewritten now ... == Anything you can do with a cert, you can do with raw public keys, and you don't need CA's. See RFC4871 for an example. I wou

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 09/18/2014 08:57 AM, David R Oran wrote: On Sep 18, 2014, at 11:46 AM, Rene Struik wrote: It seems that the cryptographic literature needs to be rewritten now ... == Anything you can do with a cert, you can do with raw public keys, and you don't need CA's. See RFC4871 for an example. I w

Re: [homenet] HNCP security?

2014-09-18 Thread David R Oran
On Sep 18, 2014, at 11:46 AM, Rene Struik wrote: > It seems that the cryptographic literature needs to be rewritten now ... > > == > Anything you can do with a cert, you can do with raw public keys, and you > don't need CA's. See RFC4871 for an example. I would have thought it was the opposite

Re: [homenet] HNCP security?

2014-09-18 Thread Rene Struik
It seems that the cryptographic literature needs to be rewritten now ... == Anything you can do with a cert, you can do with raw public keys, and you don't need CA's. See RFC4871 for an example. On 9/18/2014 11:36 AM, Michael Thomas wrote: On 09/18/2014 08:31 AM, Markus Stenberg wrote: whethe

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 09/18/2014 08:31 AM, Markus Stenberg wrote: whether your authorization policy is leap of faithy, or strict ’these are the authorized CAs/individual certs’, there is no way to express same things with raw public keys (or you wind up with new X509, which is in nobody’s best interest). Anyt

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 09/18/2014 08:24 AM, Markus Stenberg wrote: With device certificates, you still have the original authz problem. That is, just because I can identify you reliably tells me nothing about whether I want to participate with routing updates with you. So in that way, they not any more useful th

Re: [homenet] HNCP security?

2014-09-18 Thread Markus Stenberg
Whether or not you do leap of faith, certificates _do_ provide extra value. - you can produce them/validate via (local / cloudy) CA (which may also imply authorization in addition to authentication, or not) - you can have them from hardware (which makes producing spurious ones much harder, assu

Re: [homenet] HNCP security?

2014-09-18 Thread Markus Stenberg
On 18.9.2014, at 18.17, Michael Thomas wrote: > On 09/18/2014 06:49 AM, Markus Stenberg wrote: >> On 18.9.2014, at 16.05, Ted Lemon wrote: >>> On Sep 18, 2014, at 7:38 AM, STARK, BARBARA H wrote: X.509 certificates can be self-signed. That is, the device acts as its own CA. In fact, t

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 09/18/2014 06:49 AM, Markus Stenberg wrote: On 18.9.2014, at 16.05, Ted Lemon wrote: On Sep 18, 2014, at 7:38 AM, STARK, BARBARA H wrote: X.509 certificates can be self-signed. That is, the device acts as its own CA. In fact, this is the recommended approach. Of course. But if there is

Re: [homenet] HNCP security?

2014-09-18 Thread Steven Barth
One advantage of using X.509 certs is that the code to support them is widely available with multiple implementations. I guess then you could go all the way and use the whole DTLS for HNCP unicast traffic (and keep MC unencrypted since its more or less a signaling channel for UC and doesn't c

Re: [homenet] HNCP security?

2014-09-18 Thread Markus Stenberg
On 18.9.2014, at 16.05, Ted Lemon wrote: > On Sep 18, 2014, at 7:38 AM, STARK, BARBARA H wrote: >> X.509 certificates can be self-signed. That is, the device acts as its own >> CA. In fact, this is the recommended approach. > Of course. But if there is never going to be a CA-signed key, there

Re: [homenet] HNCP security?

2014-09-18 Thread Ted Lemon
On Sep 18, 2014, at 7:38 AM, STARK, BARBARA H wrote: > X.509 certificates can be self-signed. That is, the device acts as its own > CA. In fact, this is the recommended approach. Of course. But if there is never going to be a CA-signed key, there is no reason to have a cert at all. Self-sig

Re: [homenet] HNCP security?

2014-09-18 Thread Michael Thomas
On 09/18/2014 04:50 AM, Michael Sweet wrote: One advantage of using X.509 certs is that the code to support them is widely available with multiple implementations. Another is that the same cert can be used for TLS negotiation in embedded web services, etc. to each device. And of course if the

  1   2   >