IETF Logo Mail Archive

Re: [coman] Device Classes?

Andy Bierman <andy@yumaworks.com> Sat, 05 April 2014 17:08 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: coman@ietfa.amsl.com
Delivered-To: coman@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF0711A01F8 for <coman@ietfa.amsl.com>; Sat, 5 Apr 2014 10:08:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id veWcdWQhGapU for <coman@ietfa.amsl.com>; Sat, 5 Apr 2014 10:08:51 -0700 (PDT)
Received: from mail-qa0-f53.google.com (mail-qa0-f53.google.com [209.85.216.53]) by ietfa.amsl.com (Postfix) with ESMTP id E986E1A016A for <coman@ietf.org>; Sat, 5 Apr 2014 10:08:50 -0700 (PDT)
Received: by mail-qa0-f53.google.com with SMTP id w8so4277210qac.40 for <coman@ietf.org>; Sat, 05 Apr 2014 10:08:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=HEcFCsA8IvLWY5JTCRPNrJflKbIFvZHgnP/UHQ5X2Gg=; b=ONepeIsjdCOOdtLB6Yna0yLez+MzHdtlxzEmrmxUu+iMan/OaQOit0zEJJldSTiIBh 8ly8IWxhHL5eTUzpDQbKrabcEGWmhYfrXrSKcvexweLuzUIYwa2vLHCcv3yX79WbtL+H pvstcHc5EGykwKFDL35KRB999g6CZpFQ+7KaIRFxmXsYrqC+aNRo+aSyUwfv8enGchnf ZzmtAaMNiqQMFh310GDgt2aC1E5dWMfUaLWg/ylhkBxes/w4yLwIwT+tfgZx4A05rfUm ll9dHvI/VKF3+HQI9pVkVkDkNieU8haofk+yRPPxiZhPRGiNBrz8vBWMmMWTL24GsaTm BjgA==
X-Gm-Message-State: ALoCoQkQBkSA2XdgIQzyHgVa/sbhVlhh1tbhkQ8cFqEyfopBLjAYn31ZRVJKUk9WDWAXhJXufK3w
MIME-Version: 1.0
X-Received: by 10.140.104.103 with SMTP id z94mr3280828qge.91.1396717725773; Sat, 05 Apr 2014 10:08:45 -0700 (PDT)
Received: by 10.140.41.134 with HTTP; Sat, 5 Apr 2014 10:08:45 -0700 (PDT)
In-Reply-To: <CADJ9OA8Jza1QkAdxEE0g0_igc4Lh066Ten=e1w-rxa9iadfbaw@mail.gmail.com>
References: <533BBFB7.2000100@gmx.net> <893C4FAC-437D-4140-9832-A9ABA2D1518A@tzi.org> <533E75A9.5080003@gmx.net> <8D653B3C-E678-4A66-9798-978950977694@tzi.org> <533E9864.4060806@gmx.net> <EBDEF2B4-32C3-4B41-9CAF-C1A836CC6D7B@tzi.org> <533E9B6B.1080602@gmx.net> <B443FF47-FCF4-4FD7-96C9-07686D75D690@tzi.org> <CABCOCHQRki5grLuTeQX3QRCnUxe14M0UueKN8=eFdO9K-rWLeQ@mail.gmail.com> <CADJ9OA8Jza1QkAdxEE0g0_igc4Lh066Ten=e1w-rxa9iadfbaw@mail.gmail.com>
Date: Sat, 05 Apr 2014 10:08:45 -0700
Message-ID: <CABCOCHSQnWq_MAqLM_T780udAay=H6wis6quNJU9-2d4NUNZBA@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Thomas Watteyne <watteyne@eecs.berkeley.edu>
Content-Type: multipart/alternative; boundary="001a1134f2bee577d004f64eaf4b"
Archived-At: http://mailarchive.ietf.org/arch/msg/coman/8ebZZBCe9bwbSF1Abr9BNnJpjTI
Cc: "coman@ietf.org" <coman@ietf.org>, Carsten Bormann <cabo@tzi.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: Re: [coman] Device Classes?
X-BeenThere: coman@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Management of Constrained Networks and Devices <coman.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/coman>, <mailto:coman-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/coman/>
List-Post: <mailto:coman@ietf.org>
List-Help: <mailto:coman-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/coman>, <mailto:coman-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 17:08:57 -0000

On Fri, Apr 4, 2014 at 9:01 PM, Thomas Watteyne
<watteyne@eecs.berkeley.edu>wrote:

> Andy, all,
>
> If CoAP is already in nodes for the applications running on, you have a
> monitoring/management solution almost for free. Want to monitoring the
> state of some attribute of your protocol? Use CoAP observe. Want to change
> a parameter of your protocol? CoAP PUT. On top of that, the work from
> CORE/DICE/DTLS/ACE, will ensure security, including authentication and
> authorization of management entities.
>
> For nodes where CoAP is present for the application, proposing an
> additional protocol will be a very hard sell.
>
>
It isn't another protocol.
It is a mapping of the RESTCONF data model framework onto CoAP.

A RESTCONF mapping would really just describe what the server was
expected to do wrt/ the content layer.


Andy



> Of course, as pointed out by Carsten, we need to agree on the resources.
> What is the URI, what methods are supported, what's the payload format,
> etc. YANG is a data modeling language which enables exactly that. RESTCONF
> has a RESTful approach to monitoring/management which is aligned with CoAP.
> What we would need is a constrained version of RESTCONF. This could be (and
> should be) very simple.
>
> At 6TiSCH, we have started this work, with YANG based data model [1] and a
> CoAP-based protocol built around that [2], any URI starting with "/6t" is
> to monitoring and manage the 6top sublayer. I believe there would be a huge
> benefit to having a more general solution, to which we all agree, i.e. a
> CoAPified version of RESTCONF. COMAN looks like the right place to do this.
>
> Thomas
>
> [1] http://tools.ietf.org/html/draft-ietf-6tisch-6top-interface-00
> [2] http://tools.ietf.org/html/draft-sudhaakar-6tisch-coap-01
>
>
> On Fri, Apr 4, 2014 at 5:16 PM, Andy Bierman <andy@yumaworks.com> wrote:
>
>>
>>
>>
>> On Fri, Apr 4, 2014 at 6:49 AM, Carsten Bormann <cabo@tzi.org> wrote:
>>
>>>
>>> On 04 Apr 2014, at 13:45, Hannes Tschofenig <hannes.tschofenig@gmx.net>
>>> wrote:
>>>
>>> > Hi Carsten.
>>> >
>>> >
>>> > On 04/04/2014 02:08 PM, Carsten Bormann wrote:
>>> >> On 04 Apr 2014, at 13:32, Hannes Tschofenig <
>>> hannes.tschofenig@gmx.net> wrote:
>>> >>
>>> >>> For me the software update mechanism is extremely important since it
>>> is
>>> >>> not just a way to replace the entire firmware but also to provision
>>> >>> certain protocol parameters.
>>> >>
>>> >> Provisioning protocol parameters is one CoAP PUT to the right
>>> resource.  Cf. OMA LWM2M.
>>> >> (They also do define a firmware update mechanism, but that seems to
>>> presume the device has space for a complete firmware image.)
>>> >
>>> > That is exactly the question I raised when it comes to network
>>> management.
>>> >
>>> > I don't understand what network management protocol add beyond what is
>>> > already there with CoAP.
>>>
>>> Assuming we continue to use the client-server model of network
>>> management, to use CoAP for this we need to define
>>>
>>> 1) What are the URIs that can be used for management?  How does the
>>> client learn them (combination of discovery, URI templates, HATEOAS)?
>>>
>>> 2) What are the representations being exchanged (data format, data
>>> modeling method).
>>>
>>>
>> RESTCONF addresses (1) and (2).
>> It replaces HATEOAS with YANG in order to be extensible,
>> modular, and predictable. The target use-case is programmatic
>> control.  HATEOAS seems more appropriate when human eyeballs and
>> brain power are part of the state machine.
>>
>> IMO YANG would be a better long-term decision than SMIv2.
>> It may seem that features like custom operations are too
>> heavy-weight and over-kill for constrained networks, but it
>> could be just the opposite.  Custom operations allow expensive
>> generic operations to be condensed and 'packaged' to be as
>> small as possible.
>>
>>
>>
>>
>>> 3) What is the security model.
>>>
>>> There has been a strong argument that we should not start from scratch
>>> with (2) (and probably not entirely with (1) either), even if we are not
>>> using the other parts of existing management protocols.
>>>
>>> Proposals to address (1) and (2) are, for instance:
>>> http://tools.ietf.org/html/draft-vanderstok-core-comi-03
>>> http://www.tzi.de/~cabo/noms2014.pdf
>>>
>>> (My assumption is that ACE will be good enough to cover (3); we'll have
>>> to make sure the lessons learned from management security go into ACE.)
>>>
>>> > Of course, you could replace CoAP entirely with SNMP
>>>
>>> SNMP is a bit more specialized and will not fit all applications that
>>> CoAP is designed to cover.
>>> But, yes, SNMP has been used successfully as an application protocol in
>>> certain environments.
>>>
>>> >> If you want to do this the SEP2.0 way, you need EAP/PANA.
>>> >> (SEP2.0 is targeting class-2+, not class-1.)
>>> >
>>> > With devices that are in direct connection with each other you could
>>> > argue that there is no need for DTLS and alike since you will have to
>>> > deal with the pairing procedure at the lower layer. Many devices fall
>>> > into that category.
>>>
>>> (Defining single-hop security only is not very useful for the Internet
>>> of Things.)
>>>
>>> > If that's not the case I believe you cannot assume that no network
>>> > access authentication will be needed.
>>>
>>> Indeed, most wireless networks will need network access control.
>>> Maybe there are ways to authorize (!) access to a network that are more
>>> appropriate for the Internet of Things.
>>> But this is outside the scope of COMAN.
>>>
>>> Grüße, Carsten
>>>
>>>
>>
>> Andy
>>
>>
>> _______________________________________________
>> coman mailing list
>> coman@ietf.org
>> https://www.ietf.org/mailman/listinfo/coman
>>
>>
>

v2.23.0 | Report a Bug | By Email