Re: [6tisch-security] bar bof at IETF101, Re: enrollment roadmap
Kent Watsen <kwatsen@juniper.net> Tue, 13 February 2018 22:28 UTC
Return-Path: <kwatsen@juniper.net>
X-Original-To: 6tisch-security@ietfa.amsl.com
Delivered-To: 6tisch-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AC8D12D962 for <6tisch-security@ietfa.amsl.com>; Tue, 13 Feb 2018 14:28:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZbB1McuWXwwN for <6tisch-security@ietfa.amsl.com>; Tue, 13 Feb 2018 14:28:33 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8020412D95F for <6tisch-security@ietf.org>; Tue, 13 Feb 2018 14:28:30 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w1DMON0t019844; Tue, 13 Feb 2018 14:28:22 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=kt/RVhV5yOwrh6hCRTuMVwKfWF65Qu6ctDcGCSMg+xs=; b=EbRmOipZXhJi0rZvJxocJwCp5n/L0MgTKDZbbzXLnDgwAn+jfPhYyp6W/NToffvGw6e/ pB45P3XbpWK0vLMYBMjmdlKSTxsYXJBPTaI0BCe1+i+1P0DTa3RETiqM/qlCNxGv4ou+ i9xsjvx3TQjcWEZXupLIVVWa/JcGgJK5pXuPPuQplDow/ARSC1LKVVXeyDhM1TdEYRYF Vy0cuL5xtjU9O8b9Cs1dWpuSyGf6Wq2co+PuX9cy1s1BwevLVYqfzRJgOHQWCdDrFKaZ fY+s8ZhpTre2/kPb5C52fV7D4t2Thy/FzNTb+u28jJlviIO31zsCSC9LqbzBZJnN94CS 3w==
Received: from nam01-sn1-obe.outbound.protection.outlook.com (mail-sn1nam01lp0113.outbound.protection.outlook.com [207.46.163.113]) by mx0a-00273201.pphosted.com with ESMTP id 2g470dr8hc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 13 Feb 2018 14:28:22 -0800
Received: from DM5PR05MB3484.namprd05.prod.outlook.com (10.174.240.147) by DM5PR05MB3289.namprd05.prod.outlook.com (10.174.191.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.7; Tue, 13 Feb 2018 22:28:19 +0000
Received: from DM5PR05MB3484.namprd05.prod.outlook.com ([fe80::7433:3915:f20d:6747]) by DM5PR05MB3484.namprd05.prod.outlook.com ([fe80::7433:3915:f20d:6747%13]) with mapi id 15.20.0506.013; Tue, 13 Feb 2018 22:28:19 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "consultancy@vanderstok.org" <consultancy@vanderstok.org>
CC: "6tisch-security@ietf.org" <6tisch-security@ietf.org>, Ari Keränen <ari.keranen@ericsson.com>, Eliot Lear <lear@cisco.com>, Nancy Cam-Winget <ncamwing@cisco.com>, max pritikin <pritikin@cisco.com>, kathleen moriarty ietf <kathleen.moriarty.ietf@gmail.com>, Malisa Vucinic <Malisa.Vucinic@inria.fr>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, Peter Beal <pbeal@cisco.com>, Göran Selander <goran.selander@ericsson.com>, sandeep kumar <sandeep.kumar@philips.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [6tisch-security] bar bof at IETF101, Re: enrollment roadmap
Thread-Index: AQHTlnKCo56hcd1ODU2EJN7X+i5OVaOFxQaAgAD0yoCAA9UhgIAYUaCA///SnYA=
Date: Tue, 13 Feb 2018 22:28:19 +0000
Message-ID: <525B20A7-2B18-4729-BC3D-50A75747A4D2@juniper.net>
References: <ec0dc702a4cb72aeba948c2284736f82@xs4all.nl> <499916683ba341268848f31b46ce2e3f@XCH-ALN-010.cisco.com> <22011.1511821577@obiwan.sandelman.ca> <592c2101709744d2bacb767f43677f74@XCH-ALN-010.cisco.com> <27899.1511915851@obiwan.sandelman.ca> <c5ebf5dda3194115afb4811b3d0edaf2@XCH-ALN-010.cisco.com> <10876.1512585577@dooku.sandelman.ca> <abd29309a1544feebd5d8373ce988672@XCH-ALN-010.cisco.com> <5a81cee67661e86e20c6460d6454f5c0@xs4all.nl> <12182.1516949658@obiwan.sandelman.ca> <e51d9d71-42df-dff8-74c4-1570da7d2d83@cisco.com> <8009.1517005007@dooku.sandelman.ca> <bdf0abb5528ef257679616cf3416f288@xs4all.nl> <31409.1518552645@obiwan.sandelman.ca>
In-Reply-To: <31409.1518552645@obiwan.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR05MB3289; 7:ItjW4vXF6lvrBvwFc4TEC1Vo9+6XgkIh30rMgJiAAStnu2CbTEyD47KvPmNFfBPVgp72GV7IbgoX18ykErt7HLxPaLXH4V9vOmXa13FtN1LCdl6kOgkLcr3zUxoHignzbniyUf1v9hjqoy85bFa8VHTbRDCs9mEMfWtYZtp620qo5v4Ulq0QCryUwK8TJxv0Jr3eEZO4sFqqJ0Flt826pffESAbYSf3g91VRY5Vpo5gezcDR3+6cqzMBL9/P9Oe1
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 6bd1f4a5-532d-4d1f-a125-08d5733115b3
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7153060)(7193020); SRVR:DM5PR05MB3289;
x-ms-traffictypediagnostic: DM5PR05MB3289:
x-microsoft-antispam-prvs: <DM5PR05MB3289D0BDD8595773DE526694A5F60@DM5PR05MB3289.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(21532816269658);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(3231101)(944501161)(3002001)(10201501046)(93006095)(93001095)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(20161123562045)(20161123560045)(6072148)(201708071742011); SRVR:DM5PR05MB3289; BCL:0; PCL:0; RULEID:; SRVR:DM5PR05MB3289;
x-forefront-prvs: 0582641F53
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(396003)(39860400002)(346002)(376002)(366004)(199004)(189003)(51444003)(229853002)(36756003)(66066001)(2501003)(76176011)(105586002)(97736004)(6246003)(83506002)(7416002)(54906003)(6306002)(99286004)(58126008)(6512007)(53936002)(5660300001)(316002)(106356001)(82746002)(5250100002)(2950100002)(110136005)(6436002)(966005)(3280700002)(186003)(15650500001)(8676002)(14454004)(305945005)(6486002)(8936002)(81156014)(86362001)(81166006)(93886005)(6116002)(2906002)(83716003)(3660700001)(7736002)(4326008)(3846002)(102836004)(6346003)(68736007)(2900100001)(478600001)(39060400002)(25786009)(33656002)(6506007)(26005); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3289; H:DM5PR05MB3484.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 5ZsjNq9Rxu6xEr59Mk5nJhHWSzTLEas3ZeXK2YDmDT9Pf3Eg8myGcIbXZEUK5e+JJWTS53J/GWZdY8/OA4ZZYA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <72F0FBA2605E7241A3851EE1A0245015@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 6bd1f4a5-532d-4d1f-a125-08d5733115b3
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2018 22:28:19.7166 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3289
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-13_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802130263
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch-security/75P_bGNhTNJ-d2OaZduoBBnQTp8>
X-Mailman-Approved-At: Tue, 13 Feb 2018 14:47:58 -0800
Subject: Re: [6tisch-security] bar bof at IETF101, Re: enrollment roadmap
X-BeenThere: 6tisch-security@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Extended Design Team for 6TiSCH security architecture <6tisch-security.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch-security>, <mailto:6tisch-security-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch-security/>
List-Post: <mailto:6tisch-security@ietf.org>
List-Help: <mailto:6tisch-security-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch-security>, <mailto:6tisch-security-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Feb 2018 22:28:35 -0000
Hi Michael,
I think that your description of NETCONF Zerotouch is inaccurate,
or at least misleading. For sure the Use Cases in Section 1.1
clearly call out the need to support e.g., private networks, and
the draft delivers.
The SVG looks nice! - too bad RFCs won't take color...
A bof @ 101 could be a good idea ;)
Kent
===== original message =====
{see inline. Please scream at me if this CC is also too wide}
peter van der Stok <stokcons@xs4all.nl> wrote:
> bar-boffin is a bit too much for me.
> Prefer wine to beer, but can bring my own bottle (glass).
> Is the suggestion to connect all this to IoT-T2TRG keying cycles work?
oh. Is T2TRG an appropriate place for enrollment-roadmap?
please tell me; I've been unable to spend much time on T2TRT.
Right now putting it into a wiki seems to be the best suggestion for keeping
track of the status of the work. Writing an applicability comparison seems
like a document that has value to publish, but not until the work is done.
I've put it here: https://trac.ietf.org/trac/int/wiki/EnrollmentRoadmap
(why "int" and not iotdir, I don't know. It's what the link on the DT
page says the wiki is...)
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- Re: [6tisch-security] bar bof at IETF101, Re: enr… peter van der Stok
- Re: [6tisch-security] bar bof at IETF101, Re: enr… Michael Richardson
- Re: [6tisch-security] bar bof at IETF101, Re: enr… Kent Watsen