Re: [homenet] write up of time without clocks
Tim Chown <Tim.Chown@jisc.ac.uk> Fri, 04 November 2016 11:43 UTC
Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A482129C33 for <homenet@ietfa.amsl.com>; Fri, 4 Nov 2016 04:43:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.11
X-Spam-Level:
X-Spam-Status: No, score=-4.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=jisc365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U0k332X1w2JL for <homenet@ietfa.amsl.com>; Fri, 4 Nov 2016 04:43:48 -0700 (PDT)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AC92129C2C for <homenet@ietf.org>; Fri, 4 Nov 2016 04:43:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=MO5B3dnVsJ/FmOSExM4BF/+cGkUaHHGkvW5Uo8Iinog=; b=I0Oi+eE5NeBALvEOik+wF6EV9zV8uQwKZHPosjZUsSw96VvUrrB6FnVRc4Kqtr29A565HzLxMhG3YRP0W6LsRqg0gcZJIpTizArN1cg9kQtZNCOIdtSaYVJs3wexWzUMoOTDWd6pNGk7NViv0APqN9ykUVCMbNFWMAQeB0EmKSc=
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03lp0113.outbound.protection.outlook.com [213.199.154.113]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-24-6xOUY_QVNdyxe4HvF_ujUA-1; Fri, 04 Nov 2016 11:43:33 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.721.4; Fri, 4 Nov 2016 11:43:32 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::d94d:3ff1:7cf5:69a2]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::d94d:3ff1:7cf5:69a2%15]) with mapi id 15.01.0721.004; Fri, 4 Nov 2016 11:43:32 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: "homenet@ietf.org" <homenet@ietf.org>
Thread-Topic: [homenet] write up of time without clocks
Thread-Index: AQHSM3vjF0xnvRX4FUib0aYOSo5BZ6DEFiWAgAAiOHqAAE+YAIAA+TAhgACixgCAADHCAIAAz31UgAA51YCAAEpOAIAABkMAgAAIjoCAAM1WgIAANOmA
Date: Fri, 04 Nov 2016 11:43:32 +0000
Message-ID: <7A9F770B-CED5-4562-8165-DE1C51435EA7@jisc.ac.uk>
References: <24389.1477921009@obiwan.sandelman.ca> <8737jbe53w.wl-jch@pps.univ-paris-diderot.fr> <m1c1aQj-0000HHC@stereo.hq.phicoh.net> <f0c09d91-cb58-5568-d2d6-810131bc450e@gmail.com> <m1c1snP-0000HpC@stereo.hq.phicoh.net> <a7bdc36e-1567-defd-3346-31e30d88db26@gmail.com> <871syt32c1.wl-jch@pps.univ-paris-diderot.fr> <m1c2GGL-0000GMC@stereo.hq.phicoh.net> <2D09D61DDFA73D4C884805CC7865E6114DA2EEBF@GAALPA1MSGUSRBF.ITServices.sbc.com> <c22476f6-a4c9-4b45-846b-e1adf89aaf0b@gmail.com> <B41B07F4-2337-4D9F-B225-CEA584025C81@iki.fi> <2D09D61DDFA73D4C884805CC7865E6114DA2F297@GAALPA1MSGUSRBF.ITServices.sbc.com> <A9415A12-62D5-4AFF-BCB4-341C28BF7C9A@consulintel.es>
In-Reply-To: <A9415A12-62D5-4AFF-BCB4-341C28BF7C9A@consulintel.es>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3251)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:620:0:2d:9431:8b12:d6e4:7761]
x-ms-office365-filtering-correlation-id: f8f996db-6254-4ae4-db47-08d404a7cdd4
x-microsoft-exchange-diagnostics: 1; AM3PR07MB1140; 7:eS3/Bbpn4O6tl4YL0El47mVXh1GEO+XcDW9rH0rgT4El03T/zCvhDGAD7tWGFWsPI0fWEcypU5Cx7o7NRNmnWdNeOOB2c73sR1t5kfijNyslR9LTMFjxeJD+VB4Eq4E/wPRD+28EGbBm0Yd+UmBVspcVOChvtRDw2fC/W6g8eaklnNcJrz0mil/zF39sPIaBIA21VWv8a9s6x9J163yF8v0zU/xHPuedNAOlftiyUiT7Wbf6ubI56Inlw2Uwui/ImaDmkE5jpdMRxzn1TZSwyZA2nBlFEL/qufHDSGRiVWdwm5wPm2SXu+aJpnt0FIr7ItqYPl6LRF/ONJOW5Pdu0NGltEhQfzW8MP3cgth3svk=; 20:bH5YOufjJY5cRoY6VObLdM6Jlgo/EeVOq7S6XFWIlTbOYvC1IjX4fRVrb2TYH1UcdMqOgYl21KAsTThfMxy/WpklsyZhMP51/c5OaO2QoEQQITET5DehM5Oo5/fcgc2jvHQb8bLFRTA2LWY/pcRubJSt5Yn5UktRehiT4I33G+Q=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM3PR07MB1140;
x-microsoft-antispam-prvs: <AM3PR07MB1140B7AD1CD83FFD3FD2C57ED6A20@AM3PR07MB1140.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(215686877069368)(192374486261705)(97927398514766);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001); SRVR:AM3PR07MB1140; BCL:0; PCL:0; RULEID:; SRVR:AM3PR07MB1140;
x-forefront-prvs: 01165471DB
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(111735001)(199003)(189002)(59124004)(24454002)(2900100001)(5890100001)(16236675004)(15975445007)(83716003)(87936001)(8936002)(33656002)(50226002)(5250100002)(5002640100001)(2351001)(86362001)(16601075003)(68736007)(2501003)(105586002)(106356001)(106116001)(36756003)(5660300001)(97736004)(92566002)(551544002)(586003)(102836003)(57306001)(50986999)(76176999)(101416001)(93886004)(6916009)(2950100002)(42882006)(19617315012)(5640700001)(6116002)(19580395003)(19580405001)(3280700002)(189998001)(4326007)(2906002)(82746002)(110136003)(11100500001)(8676002)(74482002)(81166006)(81156014)(1730700003)(7736002)(7906003)(3660700001)(7846002)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB1140; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2016 11:43:32.4430 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB1140
X-MC-Unique: 6xOUY_QVNdyxe4HvF_ujUA-1
Content-Type: multipart/alternative; boundary="_000_7A9F770BCED545628165DE1C51435EA7jiscacuk_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/ehor9FcrpWP1h9lOGGNlQjQAVXM>
Cc: "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, Keith Moore <moore@network-heretics.com>, "rbarnes@mozilla.com" <rbarnes@mozilla.com>
Subject: Re: [homenet] write up of time without clocks
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 11:43:52 -0000
Hi, On 4 Nov 2016, at 08:34, JORDI PALET MARTINEZ <jordi.palet@consulintel.es<mailto:jordi.palet@consulintel.es>> wrote: Exactly. Same as we have regulations like UL, FCC, EC, etc., the same certifications must care about a minimum set of security, upgradeability, etc., features. So the extra cost for the vendors is almost cero if we are talking about the same certifications entities, just new test added to the actual sets. If you don’t comply the certification, your products will not be accepted in customs from a very high number of countries, so you will be somehow forced to follow them. The question here, is homenet the right venue for creating those minimum requirements? Perhaps contribute to draft-moore-iot-security-bcp-00? See https://tools.ietf.org/html/draft-moore-iot-security-bcp-00 This was submitted at the Seoul deadline. Authors copied. Tim Regards, Jordi -----Mensaje original----- De: homenet <homenet-bounces@ietf.org<mailto:homenet-bounces@ietf.org>> en nombre de "STARK, BARBARA H" <bs7652@att.com<mailto:bs7652@att.com>> Responder a: <bs7652@att.com<mailto:bs7652@att.com>> Fecha: jueves, 3 de noviembre de 2016, 21:19 Para: Markus Stenberg <markus.stenberg@iki.fi<mailto:markus.stenberg@iki.fi>>, Brian E Carpenter <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>> CC: Philip Homburg <pch-homenet-2@u-1.phicoh.com<mailto:pch-homenet-2@u-1.phicoh.com>>, "homenet@ietf.org<mailto:homenet@ietf.org>" <homenet@ietf.org<mailto:homenet@ietf.org>>, Juliusz Chroboczek <jch@pps.univ-paris-diderot.fr<mailto:jch@pps.univ-paris-diderot.fr>> Asunto: Re: [homenet] write up of time without clocks Yes, I agree it's possible to do better, but what's the incentive for a bottom-feeding vendor of cheap devices to bother? I hate to say this, but how about legal solutions? My reading of the tea leaves: either the industry creates its own certification plan, or the regulators will do it for us. Here is a data point: https://www.euractiv.com/section/innovation-industry/news/commission-plans-cybersecurity-rules-for-internet-connected-machines/ In the US, both the FCC and FTC are showing keen interest. I'd rather the industry get there first. And, BTW, it's also been suggested that devices list their "end of life" date when they're sold. After which no updates may be provided. And remotely-triggered "kill switch" may be used if a bad vulnerability is discovered after that date. Another recommendation is default passwords be unique per device, and not easily determined from MAC address, firmware revision, etc., and be changeable. That is, it's not just about upgradability. It is also passwords, encryption, and messaging/promises/guarantees that are made. Just like cars now have seatbelts, front and side airbags, crumple zones, and lemon laws. There are a number of industry whitepapers coming out on this topic, and conferences/meetings being held. It's all the rage right now. Barbara _______________________________________________ homenet mailing list homenet@ietf.org<mailto:homenet@ietf.org> https://www.ietf.org/mailman/listinfo/homenet ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
- [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Stephen Farrell
- Re: [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Juliusz Chroboczek
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks Brian E Carpenter
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks Teco Boot
- Re: [homenet] write up of time without clocks Brian E Carpenter
- Re: [homenet] write up of time without clocks Juliusz Chroboczek
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks STARK, BARBARA H
- Re: [homenet] write up of time without clocks Juliusz Chroboczek
- Re: [homenet] write up of time without clocks Brian E Carpenter
- Re: [homenet] write up of time without clocks Markus Stenberg
- Re: [homenet] write up of time without clocks STARK, BARBARA H
- Re: [homenet] write up of time without clocks Paul Duffy
- Re: [homenet] write up of time without clocks JORDI PALET MARTINEZ
- Re: [homenet] write up of time without clocks Tim Chown
- Re: [homenet] write up of time without clocks JORDI PALET MARTINEZ
- Re: [homenet] write up of time without clocks Tim Coote
- Re: [homenet] write up of time without clocks Howard, Lee L
- Re: [homenet] write up of time without clocks JORDI PALET MARTINEZ
- Re: [homenet] write up of time without clocks Howard, Lee L
- Re: [homenet] write up of time without clocks Juliusz Chroboczek
- Re: [homenet] write up of time without clocks Keith Moore
- Re: [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks Tim Coote
- Re: [homenet] write up of time without clocks Tero Kivinen
- Re: [homenet] write up of time without clocks Joe Touch
- Re: [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Michael Richardson
- [homenet] Using HNCP to monitor software versions… Michael Richardson
- Re: [homenet] write up of time without clocks Philip Homburg
- Re: [homenet] write up of time without clocks Michael Richardson
- Re: [homenet] write up of time without clocks Ted Lemon