Re: [Dtls-iot] Secure Time (again)

Derek Atkins <derek@ihtfp.com> Thu, 13 August 2015 13:36 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 995761A878B for <dtls-iot@ietfa.amsl.com>; Thu, 13 Aug 2015 06:36:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0pbJZ9s2-2Hg for <dtls-iot@ietfa.amsl.com>; Thu, 13 Aug 2015 06:36:26 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691441A875C for <dtls-iot@ietf.org>; Thu, 13 Aug 2015 06:36:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 00970E2036; Thu, 13 Aug 2015 09:36:24 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 31827-10; Thu, 13 Aug 2015 09:36:23 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 4A18CE2034; Thu, 13 Aug 2015 09:36:23 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1439472983; bh=X0StS7gFQyZytlfGxb5wMnNkJZSiK/WwUwGkL0yCEx0=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=HyIeHFD4fqPgOGAhpfftAyqtwagUVqn8uMz/V4j+Ean9uD9NtEYjQ0MiRbRns4Yws FHyRxjd7V7eIQ5icf0HkWG1f3XDrVactf2wt8+F6s7TaBxXKLr92Cp9AkDZzms3+AX kYmJthTgLLeypr2Ag7+UHYOFLjdTjEVzooj4Ym4Y=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t7DDaMmR001808; Thu, 13 Aug 2015 09:36:22 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Michael StJohns <msj@nthpermutation.com>
References: <55C4D1CE.6010802@gmx.net> <55C79A90.5070900@nthpermutation.com> <55C9CFB4.5070702@gmx.net> <CABcZeBPfV9fmu_67sT0ewf+dRy5Ww4_nZUeQyhBQ9+RsHb_g2g@mail.gmail.com> <55CA0692.9000509@gmx.net> <55CA0837.5050008@nthpermutation.com> <55CA0A5C.1020304@sics.se> <55CA0AAB.8070808@gmx.net> <55CA0D93.5020209@nthpermutation.com> <55CA153C.2080001@cs.tcd.ie> <55CA3F65.20002@nthpermutation.com> <sjmvbckr0xz.fsf@securerf.ihtfp.org> <55CB6C5B.7090107@nthpermutation.com>
Date: Thu, 13 Aug 2015 09:36:22 -0400
In-Reply-To: <55CB6C5B.7090107@nthpermutation.com> (Michael StJohns's message of "Wed, 12 Aug 2015 11:55:07 -0400")
Message-ID: <sjmio8jqpih.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/dtls-iot/AB3LP7rcdGJ1CTWFF1yBwFDFCNA>
Cc: Derek Atkins <derek@ihtfp.com>, dtls-iot@ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [Dtls-iot] Secure Time (again)
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2015 13:36:27 -0000

Michael StJohns <msj@nthpermutation.com> writes:

> On 8/12/2015 11:17 AM, Derek Atkins wrote:
>>> They really aren't trying to solve a problem in a manner that would
>>> >have applicability to IOT.
>> I actually attended a tictoc meeting a couple IETFs ago and presented
>> the IoT time sync problem to them.  They were unaware of the issue and
>> considered it an interesting problem to try to solve.
>>
>> We should continue to engage them!
>>
>
> Charter creep is usually a bad thing.    I'm not saying not to do it,
> but it might actually be better to go to NTP (which Karen also chairs)
> and which is probably a better stepping off point than the IEEE PTP
> that Tictoc is working on.  It's probably that NTPv4 could incorporate
> IoT functionality better than Tictoc.
>
> And for nothing else than a cool acronym, standing up an IOT
> integration working group  (e.g. to have a place to talk about all the
> pieces and how they can come together) might be even a better choice
> -> Interim Designs for the Internet of Things -> idiot.

All I did was attend the meeting and state the "need secure time at boot
time" problem with many IoT devices.  I didn't ask for a charter change,
just for them to think about the problem.  I figured that the tictoc
group probably had the most "time protocol" experts in the IETF.

Unsurprisingly they were completely unaware of this issue and were quite
intrigued by the problem.  Whether or not they work on it, I can't say.
I didn't follow up.

> Later, Mike

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant