IETF Logo Mail Archive

Re: [coman] Device Classes?

Thomas Watteyne <watteyne@eecs.berkeley.edu> Sat, 05 April 2014 17:19 UTC

Return-Path: <twatteyne@gmail.com>
X-Original-To: coman@ietfa.amsl.com
Delivered-To: coman@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CF0F1A03DA for <coman@ietfa.amsl.com>; Sat, 5 Apr 2014 10:19:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HaQ6bHH0nMHy for <coman@ietfa.amsl.com>; Sat, 5 Apr 2014 10:19:28 -0700 (PDT)
Received: from mail-pd0-x229.google.com (mail-pd0-x229.google.com [IPv6:2607:f8b0:400e:c02::229]) by ietfa.amsl.com (Postfix) with ESMTP id 825AE1A02FC for <coman@ietf.org>; Sat, 5 Apr 2014 10:19:28 -0700 (PDT)
Received: by mail-pd0-f169.google.com with SMTP id fp1so4726776pdb.0 for <coman@ietf.org>; Sat, 05 Apr 2014 10:19:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=5AUmF4Uoh68Mqk1BINwiq8fra3F+oK0zFLHFsypibmM=; b=QhVJ98U02WKkv7TPHcovprioPT3lC7Y6QbkMbWqxb/514xz4WuTQo/dOTolF+zFwi6 47m2N7ZMSmJNLCBAuBJ9Wu3DSbvaR+lxbllIPoRni6a6TXU4u24lujDm4znSX5Hwh7XV QwA9hW68CvzW5Xb0P+h+b8D1h1JucLPZPfPKa8Nm/b9+qOeMwvp1dPGSSNFqWFPrzW40 LBLbQavoMcxT2geHlVMljy1hs7ox2wbNVsRcw+1oOUhzUjA2giX5gHy4K6i+gUwo2TbQ 74LNewWSwqL31JhyVIgDd9YUjzpWD8FnUj4xEg/jiYjA10+SOThuZDCyxLW6xaB6Rq+a ZIXw==
X-Received: by 10.66.254.166 with SMTP id aj6mr21779987pad.11.1396718363600; Sat, 05 Apr 2014 10:19:23 -0700 (PDT)
MIME-Version: 1.0
Sender: twatteyne@gmail.com
Received: by 10.66.154.130 with HTTP; Sat, 5 Apr 2014 10:19:03 -0700 (PDT)
In-Reply-To: <CABCOCHSQnWq_MAqLM_T780udAay=H6wis6quNJU9-2d4NUNZBA@mail.gmail.com>
References: <533BBFB7.2000100@gmx.net> <893C4FAC-437D-4140-9832-A9ABA2D1518A@tzi.org> <533E75A9.5080003@gmx.net> <8D653B3C-E678-4A66-9798-978950977694@tzi.org> <533E9864.4060806@gmx.net> <EBDEF2B4-32C3-4B41-9CAF-C1A836CC6D7B@tzi.org> <533E9B6B.1080602@gmx.net> <B443FF47-FCF4-4FD7-96C9-07686D75D690@tzi.org> <CABCOCHQRki5grLuTeQX3QRCnUxe14M0UueKN8=eFdO9K-rWLeQ@mail.gmail.com> <CADJ9OA8Jza1QkAdxEE0g0_igc4Lh066Ten=e1w-rxa9iadfbaw@mail.gmail.com> <CABCOCHSQnWq_MAqLM_T780udAay=H6wis6quNJU9-2d4NUNZBA@mail.gmail.com>
From: Thomas Watteyne <watteyne@eecs.berkeley.edu>
Date: Sat, 05 Apr 2014 10:19:03 -0700
X-Google-Sender-Auth: V2NLFJVDnvTwJMEne_lf4oPccSA
Message-ID: <CADJ9OA--jx5m8M7TwqWogJwvHOwpCi2bPeZK4+XfSOmus1-qMw@mail.gmail.com>
To: Andy Bierman <andy@yumaworks.com>
Content-Type: multipart/alternative; boundary="047d7b160007e9ed3604f64ed598"
Archived-At: http://mailarchive.ietf.org/arch/msg/coman/KmgBGAlmPyW3Hsu7mVXO72UZI24
Cc: "coman@ietf.org" <coman@ietf.org>, Carsten Bormann <cabo@tzi.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: Re: [coman] Device Classes?
X-BeenThere: coman@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Management of Constrained Networks and Devices <coman.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/coman>, <mailto:coman-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/coman/>
List-Post: <mailto:coman@ietf.org>
List-Help: <mailto:coman-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/coman>, <mailto:coman-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 17:19:32 -0000

Andy,
+1.
I'm meant "proposing an additional protocol *not using CoAP* will be a very
hard sell". I personally believe mapping RESTCONF onto CoAP is a good
approach, sorry if that wasn't clear.
Thomas


On Sat, Apr 5, 2014 at 10:08 AM, Andy Bierman <andy@yumaworks.com> wrote:

>
>
>
> On Fri, Apr 4, 2014 at 9:01 PM, Thomas Watteyne <
> watteyne@eecs.berkeley.edu> wrote:
>
>> Andy, all,
>>
>> If CoAP is already in nodes for the applications running on, you have a
>> monitoring/management solution almost for free. Want to monitoring the
>> state of some attribute of your protocol? Use CoAP observe. Want to change
>> a parameter of your protocol? CoAP PUT. On top of that, the work from
>> CORE/DICE/DTLS/ACE, will ensure security, including authentication and
>> authorization of management entities.
>>
>> For nodes where CoAP is present for the application, proposing an
>> additional protocol will be a very hard sell.
>>
>>
> It isn't another protocol.
> It is a mapping of the RESTCONF data model framework onto CoAP.
>
> A RESTCONF mapping would really just describe what the server was
> expected to do wrt/ the content layer.
>
>
> Andy
>
>
>
>> Of course, as pointed out by Carsten, we need to agree on the resources.
>> What is the URI, what methods are supported, what's the payload format,
>> etc. YANG is a data modeling language which enables exactly that. RESTCONF
>> has a RESTful approach to monitoring/management which is aligned with CoAP.
>> What we would need is a constrained version of RESTCONF. This could be (and
>> should be) very simple.
>>
>> At 6TiSCH, we have started this work, with YANG based data model [1] and
>> a CoAP-based protocol built around that [2], any URI starting with "/6t" is
>> to monitoring and manage the 6top sublayer. I believe there would be a huge
>> benefit to having a more general solution, to which we all agree, i.e. a
>> CoAPified version of RESTCONF. COMAN looks like the right place to do this.
>>
>> Thomas
>>
>> [1] http://tools.ietf.org/html/draft-ietf-6tisch-6top-interface-00
>> [2] http://tools.ietf.org/html/draft-sudhaakar-6tisch-coap-01
>>
>>
>> On Fri, Apr 4, 2014 at 5:16 PM, Andy Bierman <andy@yumaworks.com> wrote:
>>
>>>
>>>
>>>
>>> On Fri, Apr 4, 2014 at 6:49 AM, Carsten Bormann <cabo@tzi.org> wrote:
>>>
>>>>
>>>> On 04 Apr 2014, at 13:45, Hannes Tschofenig <hannes.tschofenig@gmx.net>
>>>> wrote:
>>>>
>>>> > Hi Carsten.
>>>> >
>>>> >
>>>> > On 04/04/2014 02:08 PM, Carsten Bormann wrote:
>>>> >> On 04 Apr 2014, at 13:32, Hannes Tschofenig <
>>>> hannes.tschofenig@gmx.net> wrote:
>>>> >>
>>>> >>> For me the software update mechanism is extremely important since
>>>> it is
>>>> >>> not just a way to replace the entire firmware but also to provision
>>>> >>> certain protocol parameters.
>>>> >>
>>>> >> Provisioning protocol parameters is one CoAP PUT to the right
>>>> resource.  Cf. OMA LWM2M.
>>>> >> (They also do define a firmware update mechanism, but that seems to
>>>> presume the device has space for a complete firmware image.)
>>>> >
>>>> > That is exactly the question I raised when it comes to network
>>>> management.
>>>> >
>>>> > I don't understand what network management protocol add beyond what is
>>>> > already there with CoAP.
>>>>
>>>> Assuming we continue to use the client-server model of network
>>>> management, to use CoAP for this we need to define
>>>>
>>>> 1) What are the URIs that can be used for management?  How does the
>>>> client learn them (combination of discovery, URI templates, HATEOAS)?
>>>>
>>>> 2) What are the representations being exchanged (data format, data
>>>> modeling method).
>>>>
>>>>
>>> RESTCONF addresses (1) and (2).
>>> It replaces HATEOAS with YANG in order to be extensible,
>>> modular, and predictable. The target use-case is programmatic
>>> control.  HATEOAS seems more appropriate when human eyeballs and
>>> brain power are part of the state machine.
>>>
>>> IMO YANG would be a better long-term decision than SMIv2.
>>> It may seem that features like custom operations are too
>>> heavy-weight and over-kill for constrained networks, but it
>>> could be just the opposite.  Custom operations allow expensive
>>> generic operations to be condensed and 'packaged' to be as
>>> small as possible.
>>>
>>>
>>>
>>>
>>>> 3) What is the security model.
>>>>
>>>> There has been a strong argument that we should not start from scratch
>>>> with (2) (and probably not entirely with (1) either), even if we are not
>>>> using the other parts of existing management protocols.
>>>>
>>>> Proposals to address (1) and (2) are, for instance:
>>>> http://tools.ietf.org/html/draft-vanderstok-core-comi-03
>>>> http://www.tzi.de/~cabo/noms2014.pdf
>>>>
>>>> (My assumption is that ACE will be good enough to cover (3); we'll have
>>>> to make sure the lessons learned from management security go into ACE.)
>>>>
>>>> > Of course, you could replace CoAP entirely with SNMP
>>>>
>>>> SNMP is a bit more specialized and will not fit all applications that
>>>> CoAP is designed to cover.
>>>> But, yes, SNMP has been used successfully as an application protocol in
>>>> certain environments.
>>>>
>>>> >> If you want to do this the SEP2.0 way, you need EAP/PANA.
>>>> >> (SEP2.0 is targeting class-2+, not class-1.)
>>>> >
>>>> > With devices that are in direct connection with each other you could
>>>> > argue that there is no need for DTLS and alike since you will have to
>>>> > deal with the pairing procedure at the lower layer. Many devices fall
>>>> > into that category.
>>>>
>>>> (Defining single-hop security only is not very useful for the Internet
>>>> of Things.)
>>>>
>>>> > If that's not the case I believe you cannot assume that no network
>>>> > access authentication will be needed.
>>>>
>>>> Indeed, most wireless networks will need network access control.
>>>> Maybe there are ways to authorize (!) access to a network that are more
>>>> appropriate for the Internet of Things.
>>>> But this is outside the scope of COMAN.
>>>>
>>>> Grüße, Carsten
>>>>
>>>>
>>>
>>> Andy
>>>
>>>
>>> _______________________________________________
>>> coman mailing list
>>> coman@ietf.org
>>> https://www.ietf.org/mailman/listinfo/coman
>>>
>>>
>>
>

v2.23.0 | Report a Bug | By Email