Re: Getting on with Things
Carsten Bormann <cabo@tzi.org> Wed, 09 March 2016 19:38 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B70412D961 for <ietf@ietfa.amsl.com>; Wed, 9 Mar 2016 11:38:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([127.0.0.1]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1x8G2PGwI_a0 for <ietf@ietfa.amsl.com>; Wed, 9 Mar 2016 11:38:03 -0800 (PST)
Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [IPv6:2001:4b98:c:538::197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C375B12D97F for <ietf@ietf.org>; Wed, 9 Mar 2016 11:38:01 -0800 (PST)
Received: from mfilter34-d.gandi.net (mfilter34-d.gandi.net [217.70.178.165]) by relay5-d.mail.gandi.net (Postfix) with ESMTP id 154D341C094; Wed, 9 Mar 2016 20:38:00 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mfilter34-d.gandi.net
Received: from relay5-d.mail.gandi.net ([IPv6:::ffff:217.70.183.197]) by mfilter34-d.gandi.net (mfilter34-d.gandi.net [::ffff:10.0.15.180]) (amavisd-new, port 10024) with ESMTP id znO_eZw0m6Gt; Wed, 9 Mar 2016 20:37:58 +0100 (CET)
X-Originating-IP: 93.204.214.47
Received: from nar.local (p5DCCD62F.dip0.t-ipconnect.de [93.204.214.47]) (Authenticated sender: cabo@cabo.im) by relay5-d.mail.gandi.net (Postfix) with ESMTPSA id BADFC41C090; Wed, 9 Mar 2016 20:37:57 +0100 (CET)
Message-ID: <56E07B93.30506@tzi.org>
Date: Wed, 09 Mar 2016 20:37:55 +0100
From: Carsten Bormann <cabo@tzi.org>
User-Agent: Postbox 4.0.8 (Macintosh/20151105)
MIME-Version: 1.0
To: Michael Richardson <mcr+ietf@sandelman.ca>
Subject: Re: Getting on with Things
References: <E83FC2B4-867D-44C9-AE1B-F4C414ABD041@piuha.net> <4A95BA014132FF49AE685FAB4B9F17F657DF2330@dfweml701-chm> <EDFB7D0B-2A49-46BD-A84C-0E1FA07793FA@piuha.net> <20160307133944.GB25576@gsp.org> <56DD876C.6050008@cs.tcd.ie> <CAMm+LwiBT9S-twGVzC-7yVBZ9dHA3+8f4ffPv3LyoZ_8+kdqmw@mail.gmail.com> <9059.1457534150@obiwan.sandelman.ca> <56E043FA.5060205@cisco.com> <00e301d17a24$2d48eba0$87dac2e0$@olddog.co.uk> <5725.1457551529@obiwan.sandelman.ca>
In-Reply-To: <5725.1457551529@obiwan.sandelman.ca>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/_ZgyzbNuakEs0a2Ss5K9S4M6ON4>
Cc: 'IETF' <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2016 19:38:05 -0000
Michael Richardson wrote: > I imagine the manufacturer initially says: > Device FOO with Version BAR is believed to be safe on open > Internet at date BAZ. I'd like to have the legal department that lets that statement pass... > then they say: > Device FOO with Version BAR is known to be unsafe on open > Internet as of date BAZ, but is safe with ports X,Y,Z blocked. More likely. But the device knows nothing about that. The device does know what software runs on it. Making that information available in the constrained space in such a way that security automation can act on it is one of our immediate objectives. (I'll probably talk briefly about this in next week's T2TRG meeting, in the context of managing "unmanaged" networks. With luck, we'll have a draft for Buenos Aires.) Grüße, Carsten
- Getting off Things - namely this mailing list tom p.
- Observations on (non-technical) changes affecting… Jari Arkko
- RE: Observations on (non-technical) changes affec… Linda Dunbar
- Re: Observations on (non-technical) changes affec… Jari Arkko
- RE: Observations on (non-technical) changes affec… Dave Cridland
- Re: Observations on (non-technical) changes affec… Randy Bush
- Re: Observations on (non-technical) changes affec… Melinda Shore
- Re: Observations on (non-technical) changes affec… Joel M. Halpern
- Re: Observations on (non-technical) changes affec… Rich Kulawiec
- Re: Observations on (non-technical) changes affec… Stephen Farrell
- Re: Observations on (non-technical) changes affec… Randy Bush
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Security for the Internet of Things and Other Thi… Jari Arkko
- RE: Observations on (non-technical) changes affec… Dirk Kutscher
- Re: Observations on (non-technical) changes affec… Jari Arkko
- Re: Observations on (non-technical) changes affec… Michael Richardson
- Re: Security for the Internet of Things and Other… Michael Richardson
- Re: Security for the Internet of Things and Other… Carsten Bormann
- Getting on with Things Eliot Lear
- Re: Security for the Internet of Things and Other… Theodore V Faber
- RE: Getting on with Things Adrian Farrel
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Stewart Bryant
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Stewart Bryant
- Re: Getting on with Things Eliot Lear
- Re: Observations on (non-technical) changes affec… Brian E Carpenter
- Re: Getting on with Things Michael Richardson
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Medel Ramirez
- Re: Security for the Internet of Things and Other… Phillip Hallam-Baker
- Re: Getting on with Things Gmail
- Re: Security for the Internet of Things and Other… Livingood, Jason
- Re: Security for the Internet of Things and Other… Scott Kitterman
- Re: Security for the Internet of Things and Other… Eliot Lear
- Re: Security for the Internet of Things and Other… Stewart Bryant
- Re: Observations on (non-technical) changes affec… Charles Eckel (eckelcu)
- Re: Observations on (non-technical) changes affec… Dave Crocker
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… Jari Arkko
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… Charles Eckel (eckelcu)
- Re: Observations on (non-technical) changes affec… l.wood
- Re: Observations on (non-technical) changes affec… George Michaelson
- Re: Observations on (non-technical) changes affec… Eggert, Lars
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… lloyd.wood
- Re: Observations on (non-technical) changes affec… Eggert, Lars
- Re: Observations on (non-technical) changes affec… S Moonesamy
- Re: Observations on (non-technical) changes affec… Joseph Lorenzo Hall
- Re: Observations on (non-technical) changes affec… Joseph Lorenzo Hall
- Re: Observations on (non-technical) changes affec… S Moonesamy
- Re: Observations on (non-technical) changes affec… Randy Bush
- RE: Observations on (non-technical) changes affec… Russ White
- Re: Observations on (non-technical) changes affec… Melinda Shore
- Re: Observations on (non-technical) changes affec… Eliot Lear