On Mon, Mar 19, 2018 at 6:38 AM, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote: > On Sun 2018-03-18 12:08:13 -0400, Viktor Dukhovni wrote: > >> The devices that might use external PSKs will likely be unavoidably >> fingerprinted by source IP address and the target mothership. > > I'm not convinced that this is the case -- it's not at all clear that > IoT devices will be attached to a stable network (so the source IP may > change), and for large deployments, the devices might all share the same > "mothership". But the device might still present significant privacy > concerns (for example, if it's a device that travels with a person, its > presence on the network could be used to track that person).
In addition to locative privacy threats, the nature of the IoT device itself might expose something sensitive about the user (e.g., a connected pleasure device, medical device, or solid platinum espresso maker). _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
