On Fri, 11 Sep 2020 12:32:03 +0530 tirumal reddy <kond...@gmail.com> wrote:
> The MUD URL is encrypted and shared only with the authorized > components in the network. An attacker cannot read the MUD URL and > identify the IoT device. Otherwise, it provides the attacker with > guidance on what vulnerabilities may be present on the IoT device. RFC 8520 envisions that the MUD URL is broadcast as a DHCP option and over LLDP without - so far as I was able to see - any mechanism by which it should be meaningfully "encrypted" as to prevent an attacker on your network from reading it. Nick. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
