Re: Security Considerations, IoT and Everything
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 23 November 2016 02:21 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 078EB129508 for <ietf@ietfa.amsl.com>; Tue, 22 Nov 2016 18:21:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VL19630RsFSr for <ietf@ietfa.amsl.com>; Tue, 22 Nov 2016 18:21:18 -0800 (PST)
Received: from mail-ua0-x22b.google.com (mail-ua0-x22b.google.com [IPv6:2607:f8b0:400c:c08::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A48E5129525 for <ietf@ietf.org>; Tue, 22 Nov 2016 18:21:16 -0800 (PST)
Received: by mail-ua0-x22b.google.com with SMTP id 20so31565013uak.0 for <ietf@ietf.org>; Tue, 22 Nov 2016 18:21:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=+cOCYGXK74olkRxZlYizSzB+mt1bsGl6HAtUkzymK9I=; b=wo3hoysiDqsawkaa1wDdmbg8UZCK9S2PXJrYuR+5Rx3SX/kSfygq50+8bfIf0QTvqc gu4e1IMIImYbPid+1IdCVuEKxxV6VBrcG1BH58NSDlYwpMNHDiZMaE40HTRnYHD+X92t 5eKQIHTPAP0bUdszXbVc7Z6H5UvAV40x+W4XIdGWxybSKFy1RWeUtTJDOn0Pp/q6hITM KAeQq+FLJQAypplA+PE3MRxoy3LVLCLdS31bEEnFmkroAGrkpoLIH6V9Ir1svIrU/7Ko DoyqpEtLf/nN+zeQyNsA3lzoOu9G5R23HoFN9uWWtj/tRWbrzZn4O+G9+Pi6Rp0DfarI 5OXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=+cOCYGXK74olkRxZlYizSzB+mt1bsGl6HAtUkzymK9I=; b=N1aBf6pyvlXeVnKNcQuJN/Kh6PJD4jDXu2PXSx7iINJbKuOl+jUNx8OCmmwXjSPgVP hsKL4TEgJH1itTKtvVu9PT4+YTxATkRdKN43qyEjRWY8zHMC7JiqceN5wCLw9Wp0ASjM LsqQuWyTOoX+jIHiZrruK9A/Ck4868GnJtFkDzb9cekNFbHisuf5qS9pfCKGo+E4lI0j 66tep0iMhRVzCUQzJY9mc1rMFMaT3+RErxIL+Irt3CIebdDZ7pN8SFcn0QDxSIRObCqe +yhP3OCcR7FqW33LYVK+VO0goyDPHRpxkLJe4BhMp6sCT9QJMBQPQ9EI79OYetqf3SL5 sckg==
X-Gm-Message-State: AKaTC01S4ADlFAbaPfxmmr4LVd3c7gTwj2Lfr7sDSzFnPTsueWv5M4S52sv95YYwrdaVGO3AZ1bB477aqZ+PIQ==
X-Received: by 10.176.85.24 with SMTP id t24mr583197uaa.21.1479867675723; Tue, 22 Nov 2016 18:21:15 -0800 (PST)
MIME-Version: 1.0
Received: by 10.176.82.143 with HTTP; Tue, 22 Nov 2016 18:21:15 -0800 (PST)
In-Reply-To: <c98df9c6-55cb-8bc5-dd2b-d6189a41a7c0@cs.tcd.ie>
References: <734ef353-487f-4f64-6cfe-f7909e705a41@comcast.net> <ad06fa17-e810-62e9-a890-c7a66ce850c2@cs.tcd.ie> <662c9bc7-29ae-9b8e-fdf3-56f2f17adc34@comcast.net> <c98df9c6-55cb-8bc5-dd2b-d6189a41a7c0@cs.tcd.ie>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Tue, 22 Nov 2016 21:21:15 -0500
Message-ID: <CAHbuEH7ERcMBHtKMt3W8BETEqeHMbBaxqo0PnoWocXsJ125Ccg@mail.gmail.com>
Subject: Re: Security Considerations, IoT and Everything
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="f403045dd960204b060541ee8b9f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/A1c10Rp9f9bSW9rJBEsyshf3DUw>
Cc: IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 02:21:21 -0000
Hi Mike, On Tue, Nov 22, 2016 at 5:48 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > > On 22/11/16 22:35, Michael StJohns wrote: > > On 11/22/2016 4:56 PM, Stephen Farrell wrote: > >> > >> On 22/11/16 20:25, Michael StJohns wrote: > >>> Is it time to revise BCP72/RFC3522 to require we also address threats > >>> *from* the protocols to the Internet as a whole? > >> Yes. As Kathleen said please do contribute to the relevant > >> thread [1] on the saag list. > >> > >> S. > >> > >> [1] https://www.ietf.org/mail-archive/web/saag/current/msg07514.html > >> > > Thanks - missed this on the SAAG list when it first came out. > > > > To be honest, this thread/discussion appears a bit moribund: > > Yep. I hope though that topics such as this will be raised > and dealt with. I guess it'll be slower than we hoped though. > > > it wasn't > > brought up during the SAAG meeting this time AFAICT, In addition to Stephen's response, which covered the other points in your message... There was a presentation slot for this update in Berlin and Yoav went to the mic during open mic to request feedback during this meeting in Seoul. I added a plea for contributions restating the importance of this draft and the need for contributions explaining how useful it is to other areas of the IETF in particular to make sure these requests were heard and it was understood that it was important. Thanks, Kathleen > it doesn't appear > > to actually be a WG item as of yet, there doesn't appear to be much if > > any discussion on the SAAG list (a quick look doesn't find anything > > since July excepts Stephen's note - and that was all related to > > privacy), and the ID and GIT don't appear to have been updated since > > August. The version on GIT seems to be only a references update from > > 3522. It looks like there was maybe a 10 minute - if that - chat about > > this in Berlin. > > > > Perhaps it's time to have a broader (than SAAG) discussion on this as it > > really reaches further? > > I don't care if it's broad or narrow so long as we cover the > ground. If/when folks engage then we'll find the right method > for handling engagement. (Could be on here, on saag or on a > new list - but for now, I think saag is the better option.) > > > > > Mike > > > > ps - on another note, why doesn't the SAAG have a datatracker page like > > rtgwg? > > Saag's not a WG. People suggest it now and then (and others > dislike the idea). Feel free to raise that too (though I'd > far prefer we discuss 3552bis myself.) > > Cheers, > S. > > > > > > > > > > > > -- Best regards, Kathleen
- Security Considerations, IoT and Everything Michael StJohns
- Re: Security Considerations, IoT and Everything Kathleen Moriarty
- Re: Security Considerations, IoT and Everything Stephen Farrell
- Re: Security Considerations, IoT and Everything Carsten Bormann
- Re: Security Considerations, IoT and Everything Michael StJohns
- Re: Security Considerations, IoT and Everything Stephen Farrell
- Re: Security Considerations, IoT and Everything Michael StJohns
- Re: Security Considerations, IoT and Everything Kathleen Moriarty
- Re: Security Considerations, IoT and Everything Yoav Nir
- Re: Security Considerations, IoT and Everything Dave Taht
- Re: Security Considerations, IoT and Everything Rich Kulawiec