IETF Logo Mail Archive

Re: [coman] Device Classes?

Carsten Bormann <cabo@tzi.org> Fri, 04 April 2014 13:49 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: coman@ietfa.amsl.com
Delivered-To: coman@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61D3E1A018D for <coman@ietfa.amsl.com>; Fri, 4 Apr 2014 06:49:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id asBUtu0-6wXh for <coman@ietfa.amsl.com>; Fri, 4 Apr 2014 06:49:21 -0700 (PDT)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id BE5DA1A018B for <coman@ietf.org>; Fri, 4 Apr 2014 06:49:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id s34DnAM8007266; Fri, 4 Apr 2014 15:49:10 +0200 (CEST)
Received: from eduroam-pool7-1021.wlan.uni-bremen.de (eduroam-pool7-1021.wlan.uni-bremen.de [134.102.115.253]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id E8C31D0F; Fri, 4 Apr 2014 15:49:09 +0200 (CEST)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <533E9B6B.1080602@gmx.net>
Date: Fri, 04 Apr 2014 15:49:08 +0200
X-Mao-Original-Outgoing-Id: 418312148.618867-5cd400e9dc3218182ff0cb04334063b5
Content-Transfer-Encoding: quoted-printable
Message-Id: <B443FF47-FCF4-4FD7-96C9-07686D75D690@tzi.org>
References: <533BBFB7.2000100@gmx.net> <893C4FAC-437D-4140-9832-A9ABA2D1518A@tzi.org> <533E75A9.5080003@gmx.net> <8D653B3C-E678-4A66-9798-978950977694@tzi.org> <533E9864.4060806@gmx.net> <EBDEF2B4-32C3-4B41-9CAF-C1A836CC6D7B@tzi.org> <533E9B6B.1080602@gmx.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/coman/vFAsr_xE5Apo3UZtOTLDQW2DZE4
Cc: "coman@ietf.org" <coman@ietf.org>
Subject: Re: [coman] Device Classes?
X-BeenThere: coman@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Management of Constrained Networks and Devices <coman.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/coman>, <mailto:coman-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/coman/>
List-Post: <mailto:coman@ietf.org>
List-Help: <mailto:coman-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/coman>, <mailto:coman-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 13:49:25 -0000

On 04 Apr 2014, at 13:45, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:

> Hi Carsten.
> 
> 
> On 04/04/2014 02:08 PM, Carsten Bormann wrote:
>> On 04 Apr 2014, at 13:32, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:
>> 
>>> For me the software update mechanism is extremely important since it is
>>> not just a way to replace the entire firmware but also to provision
>>> certain protocol parameters.
>> 
>> Provisioning protocol parameters is one CoAP PUT to the right resource.  Cf. OMA LWM2M.
>> (They also do define a firmware update mechanism, but that seems to presume the device has space for a complete firmware image.)
> 
> That is exactly the question I raised when it comes to network management.
> 
> I don't understand what network management protocol add beyond what is
> already there with CoAP.

Assuming we continue to use the client-server model of network management, to use CoAP for this we need to define

1) What are the URIs that can be used for management?  How does the client learn them (combination of discovery, URI templates, HATEOAS)?

2) What are the representations being exchanged (data format, data modeling method).

3) What is the security model.

There has been a strong argument that we should not start from scratch with (2) (and probably not entirely with (1) either), even if we are not using the other parts of existing management protocols.

Proposals to address (1) and (2) are, for instance:
http://tools.ietf.org/html/draft-vanderstok-core-comi-03
http://www.tzi.de/~cabo/noms2014.pdf

(My assumption is that ACE will be good enough to cover (3); we’ll have to make sure the lessons learned from management security go into ACE.)

> Of course, you could replace CoAP entirely with SNMP

SNMP is a bit more specialized and will not fit all applications that CoAP is designed to cover.
But, yes, SNMP has been used successfully as an application protocol in certain environments.

>> If you want to do this the SEP2.0 way, you need EAP/PANA.
>> (SEP2.0 is targeting class-2+, not class-1.)
> 
> With devices that are in direct connection with each other you could
> argue that there is no need for DTLS and alike since you will have to
> deal with the pairing procedure at the lower layer. Many devices fall
> into that category.

(Defining single-hop security only is not very useful for the Internet of Things.)

> If that's not the case I believe you cannot assume that no network
> access authentication will be needed.

Indeed, most wireless networks will need network access control.  
Maybe there are ways to authorize (!) access to a network that are more appropriate for the Internet of Things.
But this is outside the scope of COMAN.

Grüße, Carsten

v2.23.0 | Report a Bug | By Email