IETF Logo Mail Archive

Re: [Dtls-iot] Current dtls-iot charter text - discuss...

Don Sturek <d.sturek@att.net> Mon, 10 June 2013 17:02 UTC

Return-Path: <d.sturek@att.net>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D21821F994C for <dtls-iot@ietfa.amsl.com>; Mon, 10 Jun 2013 10:02:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KdeEuuBysuzj for <dtls-iot@ietfa.amsl.com>; Mon, 10 Jun 2013 10:02:17 -0700 (PDT)
Received: from nm22-vm0.access.bullet.mail.sp2.yahoo.com (nm22-vm0.access.bullet.mail.sp2.yahoo.com [98.139.44.178]) by ietfa.amsl.com (Postfix) with ESMTP id 93B1821F9953 for <dtls-iot@ietf.org>; Mon, 10 Jun 2013 10:02:11 -0700 (PDT)
Received: from [98.139.44.98] by nm22.access.bullet.mail.sp2.yahoo.com with NNFMP; 10 Jun 2013 17:02:11 -0000
Received: from [67.195.15.62] by tm3.access.bullet.mail.sp2.yahoo.com with NNFMP; 10 Jun 2013 17:02:11 -0000
Received: from [127.0.0.1] by smtp103.sbc.mail.gq1.yahoo.com with NNFMP; 10 Jun 2013 17:02:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1370883731; bh=bwIOJbl+28HPMs6u0Txg0dQvNUaXjYY+e9vvakRq874=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic:In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; b=OSKUmdjSRwiEHeQjJixG5K6NtOIT6794DbxxZfDT6BFhqEyDTBYNCOdD3CdWu/FNQ10sJ7AVE7bIshtt5vlZGKh1eIuivHtOROuwSOLJr88SN2+xNC2fdLGvMULca4W93KrNVQygc1dGRwMyYvxwLYzA34z619n1gGVjMfNg4rQ=
X-Yahoo-Newman-Id: 272061.78992.bm@smtp103.sbc.mail.gq1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: oNjXGZAVM1n.J8AZbiXxItFOQXtAFoi2pI3BwB_9GUnltHK p7v6MiFedAjGEiPph_b_ko9leso_dmsoO9697qCj9Tp7TEmt2tht3irBz3Uk vg3gcHzHubtcvbsN_E50iQicZnzFP0dU7heQRN4.cMg9j3OVPv8XHPGxwrwy V71G52A56kJ8DcT3rAEBFVJZkoH0gh4UUUEwG63BQgMONKReoc37uPoP0kp6 c3COdm3TeRaef78h9hE9UXGWXlAaeM.huYYsMQNQm4ZzjmWp2kqXehKCOe1b rzqn8U_z..21eItr3QT6fTSqoEzDyAekknH3aEHfXhz_XblsOIBtQZ0Kl76H zC1kWwslRznCep2IKQhej7LuVAbFNSM0TGqzYMx7wtebra9tmYNF3xl7B_uV GbnPWhHkQRUtQv_DiWq4epa2khueC5w7AARpM2YMMKQaSsJW4Dh67LNOqmVG DqenzpDwECjHF1kEjTjxgwJUpFARtp.ry4_y3f_cy6H1Nwxq3iy.97G0vXyY FkmCj.nGexjPrciHHrmxbtUfaUgKUu_i._0ha78WbW1FN6yjL3mPXpMbi91b xJph404comlLont1P6xMxsMtVtly_OiUN2IViS1b6Z0TFAjAuTutZs5cbq0a JYZSR1xBRvmVjwpFO7jLfKnofvHrzEHUlRpSI3ePCUQzqrbI9TfXs
X-Yahoo-SMTP: fvjol_aswBAraSJvMLe2r1XTzhBhbFxY8q8c3jo-
X-Rocket-Received: from [10.1.1.117] (d.sturek@66.27.60.174 with login) by smtp103.sbc.mail.gq1.yahoo.com with SMTP; 10 Jun 2013 10:02:11 -0700 PDT
User-Agent: Microsoft-MacOutlook/14.3.4.130416
Date: Mon, 10 Jun 2013 10:02:07 -0700
From: Don Sturek <d.sturek@att.net>
To: paduffy@cisco.com, dtls-iot@ietf.org
Message-ID: <CDDB540E.216E1%d.sturek@att.net>
Thread-Topic: [Dtls-iot] Current dtls-iot charter text - discuss...
In-Reply-To: <51B5FFF9.9010908@cisco.com>
Mime-version: 1.0
Content-type: text/plain; charset="ISO-2022-JP"
Content-transfer-encoding: 7bit
Subject: Re: [Dtls-iot] Current dtls-iot charter text - discuss...
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dtls-iot>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jun 2013 17:02:21 -0000

To add onto what Paul wrote......

ZigBee IP supports white lists/ black lists for network admission but we
leave it up to the application as to how these lists are created/managed.
 As Paul noted, OCSP or CRL on device certificates is not a scalable
solution (and in many cases not even desired......)

To back up Paul's suggestion, it would be great to see this as an area of
investigation in dlts-iot (or whatever the name becomes!)

Don


On 6/10/13 9:34 AM, "Paul Duffy" <paduffy@cisco.com> wrote:

>Zigbee IP does not mandate use of CRLs or OCSP for device certificates
>(in IEEE 802.1AR-speak ... the UDevID). Supporting these mechanisms for
>device certificates on constrained devices and networks, at mass scale,
>is highly problematic.
>
>Definitely an area for investigation.
>
>
>On 6/10/2013 4:48 PM, Keoh, Sye Loong wrote:
>> Hi Bert,
>>
>> Do you know whether the current IoT Deployments, such as Zigbee-IP
>>checks the revocation list? Do you foresee Revocation a potentially
>>serious problem in the future when devices are being replaced,
>>compromised, and when reselling them?
>>
>> Cheers
>> Sye Loong
>>
>> -----Original Message-----
>> From: dtls-iot-bounces@ietf.org [mailto:dtls-iot-bounces@ietf.org] On
>>Behalf Of Bert Greevenbosch
>> Sent: vrijdag 7 juni 2013 3:56
>> To: Zach Shelby; dtls-iot@ietf.org
>> Subject: Re: [Dtls-iot] Current dtls-iot charter text - discuss...
>>
>> Hi all,
>>
>> I think the following draft fits in the discussion of DTLS-IOT:
>> http://datatracker.ietf.org/doc/draft-greevenbosch-tls-ocsp-lite/
>>
>> This is quite an early approach to tackling the
>>revocation/authentication issue in a scalable way. Section 4 discusses
>>some requirements.
>>
>> The draft certainly is to be seen as work in progress, but it addresses
>>an issue that requires due attention.
>>
>> Best regards,
>> Bert
>>
>>
>> -----Original Message-----
>> From: dtls-iot-bounces@ietf.org [mailto:dtls-iot-bounces@ietf.org] On
>>Behalf Of Zach Shelby
>> Sent: 2013年6月4日 21:58
>> To: dtls-iot@ietf.org
>> Subject: Re: [Dtls-iot] Current dtls-iot charter text - discuss...
>>
>> I know there are several people working on new I-Ds related to this
>>activity, please let us know what you are working on and if any help is
>>needed.
>>
>> On Jun 3, 2013, at 10:23 PM, Stephen Farrell
>><stephen.farrell@cs.tcd.ie> wrote:
>>
>>> Existing work
>>>
>>> http://www.ietf.org/id/draft-hartke-core-codtls-02.txt
>>> http://www.ietf.org/id/draft-tschofenig-lwig-tls-minimal-02.txt
>>> http://www.ietf.org/id/draft-keoh-lwig-dtls-iot-01.txt
>>> http://www.ietf.org/id/draft-keoh-tls-multicast-security-00.txt
>>> http://www.ietf.org/id/draft-ietf-tls-oob-pubkey-07.txt
>>> 
>>>http://www.ietf.org/id/draft-jennings-core-transitive-trust-enrollment-0
>>>1.txt
>> Regards,
>> Zach
>>
>> --
>> Zach Shelby, Chief Nerd, Sensinode Ltd.
>> http://www.sensinode.com @SensinodeIoT
>> Mobile: +358 40 7796297
>> Twitter: @zach_shelby
>> LinkedIn: http://fi.linkedin.com/in/zachshelby
>> 6LoWPAN Book: http://6lowpan.net
>>
>>
>>
>>
>> _______________________________________________
>> dtls-iot mailing list
>> dtls-iot@ietf.org
>> https://www.ietf.org/mailman/listinfo/dtls-iot
>>
>> ________________________________
>> The information contained in this message may be confidential and
>>legally protected under applicable law. The message is intended solely
>>for the addressee(s). If you are not the intended recipient, you are
>>hereby notified that any use, forwarding, dissemination, or reproduction
>>of this message is strictly prohibited and may be unlawful. If you are
>>not the intended recipient, please contact the sender by return e-mail
>>and destroy all copies of the original message.
>>
>> _______________________________________________
>> dtls-iot mailing list
>> dtls-iot@ietf.org
>> https://www.ietf.org/mailman/listinfo/dtls-iot
>> .
>>
>
>_______________________________________________
>dtls-iot mailing list
>dtls-iot@ietf.org
>https://www.ietf.org/mailman/listinfo/dtls-iot

v2.23.0 | Report a Bug | By Email