Getting on with Things
Eliot Lear <lear@cisco.com> Wed, 09 March 2016 15:53 UTC
Return-Path: <lear@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EBF712D748 for <ietf@ietfa.amsl.com>; Wed, 9 Mar 2016 07:53:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([127.0.0.1]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wqxWsWQ5H0M0 for <ietf@ietfa.amsl.com>; Wed, 9 Mar 2016 07:53:40 -0800 (PST)
Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BD4812E1B1 for <ietf@ietf.org>; Wed, 9 Mar 2016 07:40:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4162; q=dns/txt; s=iport; t=1457538047; x=1458747647; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=cUsCEp86kCXK6Wj32TjCwi7UaGzfD4zBNyDHTNscbJo=; b=a9r64Tegj3Skvxzql0wNogxvGPUhThQEIb2qQShIJQGaXz59asRvuzhs XhD44Eur8nzF3CME8H8zGsWmmKPbZdPkWoFaH0UeBbgqdCzOOEQ9HfFe2 OYxmIP+CN+BB7vbPvj866+FwOUg87Etx0kO7x7DGVRGWl8sVpU6xk5J8W o=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CQAgBtQ+BW/xbLJq1ehU2rPo5DDoFtMYVeAoF/FAEBAQEBAQFkJ4RCAQEEI1UBEBkKCQ8HCwICCQMCAQIBRQYBDAgBAYggsEOPKgEBAQEBAQEBAQEBAQEBAQEBAQEPCI5udIIygToFh2GPVoEkgW+BZYZDgjeBZBaHMYVRhX2IYR4BQ4NlO4hGgTsBAQE
X-IronPort-AV: E=Sophos;i="5.24,311,1454976000"; d="asc'?scan'208";a="672905485"
Received: from aer-iport-nat.cisco.com (HELO aer-core-4.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Mar 2016 15:40:44 +0000
Received: from [10.61.76.195] (ams3-vpn-dhcp3267.cisco.com [10.61.76.195]) by aer-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id u29FeiWB008538; Wed, 9 Mar 2016 15:40:44 GMT
Subject: Getting on with Things
To: Michael Richardson <mcr@sandelman.ca>, Phillip Hallam-Baker <phill@hallambaker.com>
References: <E83FC2B4-867D-44C9-AE1B-F4C414ABD041@piuha.net> <4A95BA014132FF49AE685FAB4B9F17F657DF2330@dfweml701-chm> <EDFB7D0B-2A49-46BD-A84C-0E1FA07793FA@piuha.net> <20160307133944.GB25576@gsp.org> <56DD876C.6050008@cs.tcd.ie> <CAMm+LwiBT9S-twGVzC-7yVBZ9dHA3+8f4ffPv3LyoZ_8+kdqmw@mail.gmail.com> <9059.1457534150@obiwan.sandelman.ca>
From: Eliot Lear <lear@cisco.com>
Message-ID: <56E043FA.5060205@cisco.com>
Date: Wed, 09 Mar 2016 16:40:42 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <9059.1457534150@obiwan.sandelman.ca>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="U9pm3TEPCRhtMOV9LwQPQJsiiKER2glwt"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/s5HE-jnPok0sgDdqG2OPvz3dJ-w>
Cc: IETF <ietf@ietf.org>, Rich Kulawiec <rsk@gsp.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2016 15:53:41 -0000
Hi Michael and others, This is a very interesting discussion. On 3/9/16 3:35 PM, Michael Richardson wrote: > I tend to agree... the only reason we aren't as "concerned" about non-IoT > things is because we can (in theory) update them, the devices are used > directly by humans who sometimes notice if they are broken (or p0wned), > and the passwords, as weak as they are, can in theory, be stored in the > human, rather than in the system. (In practice: it's better to let the > browser store them) Things being what they are will vary in shape, size, function, capability, and support. It's that latter issue that I get worked up about. There are a number of different connection models that will all be in play, one of them being CoAP, but as common one being where devices "call home". In the latter case there will be no password. In the former, there needs to be a step to somehow initialize credentials. I think the work you're doing in ANIMA is a really good example of that, and deserves a lot more eyes. Many different work flows need to be worked out. I am somewhat less concerned about industrial or enterprise, since we know how to do 802.1X and the 802.1AR, but I am very concerned about the consumer case. But even once that happens, the Thing remains at risk, due to vulnerabilities. What's more, Things that we think are secure today (we don't really know) will assuredly not be in the future, because at some point the manufacturer is going to stop supporting the device. This can take as little as 90 days and as long as 40 years, but it will happen. And then what? Even if the manufacturer is still supporting the device, the ability to update it may be limited, depending on how it is implemented and deployed, and what its duty cycle is. And so the question turns to this: how do we add layers of protection to Things when they may not be in a good position to protect themselves? I've floated an idea in draft-lear-mud-framework-00.txt which talks a little about this. The idea is to learn what the Thing is and then have its manufacturer communicate to a deployment how the thing is intended to be used. This is not meant as the Be All End All of Thing Protection, but to reduce its threat surface. Hopefully substantially. And I'm looking for ways (and dare I say collaborators) to improve the work. Eliot
- Getting off Things - namely this mailing list tom p.
- Observations on (non-technical) changes affecting… Jari Arkko
- RE: Observations on (non-technical) changes affec… Linda Dunbar
- Re: Observations on (non-technical) changes affec… Jari Arkko
- RE: Observations on (non-technical) changes affec… Dave Cridland
- Re: Observations on (non-technical) changes affec… Randy Bush
- Re: Observations on (non-technical) changes affec… Melinda Shore
- Re: Observations on (non-technical) changes affec… Joel M. Halpern
- Re: Observations on (non-technical) changes affec… Rich Kulawiec
- Re: Observations on (non-technical) changes affec… Stephen Farrell
- Re: Observations on (non-technical) changes affec… Randy Bush
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Security for the Internet of Things and Other Thi… Jari Arkko
- RE: Observations on (non-technical) changes affec… Dirk Kutscher
- Re: Observations on (non-technical) changes affec… Jari Arkko
- Re: Observations on (non-technical) changes affec… Michael Richardson
- Re: Security for the Internet of Things and Other… Michael Richardson
- Re: Security for the Internet of Things and Other… Carsten Bormann
- Getting on with Things Eliot Lear
- Re: Security for the Internet of Things and Other… Theodore V Faber
- RE: Getting on with Things Adrian Farrel
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Stewart Bryant
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Stewart Bryant
- Re: Getting on with Things Eliot Lear
- Re: Observations on (non-technical) changes affec… Brian E Carpenter
- Re: Getting on with Things Michael Richardson
- Re: Getting on with Things Carsten Bormann
- Re: Getting on with Things Medel Ramirez
- Re: Security for the Internet of Things and Other… Phillip Hallam-Baker
- Re: Getting on with Things Gmail
- Re: Security for the Internet of Things and Other… Livingood, Jason
- Re: Security for the Internet of Things and Other… Scott Kitterman
- Re: Security for the Internet of Things and Other… Eliot Lear
- Re: Security for the Internet of Things and Other… Stewart Bryant
- Re: Observations on (non-technical) changes affec… Charles Eckel (eckelcu)
- Re: Observations on (non-technical) changes affec… Dave Crocker
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… Jari Arkko
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… Charles Eckel (eckelcu)
- Re: Observations on (non-technical) changes affec… l.wood
- Re: Observations on (non-technical) changes affec… George Michaelson
- Re: Observations on (non-technical) changes affec… Eggert, Lars
- Re: Observations on (non-technical) changes affec… Phillip Hallam-Baker
- Re: Observations on (non-technical) changes affec… lloyd.wood
- Re: Observations on (non-technical) changes affec… Eggert, Lars
- Re: Observations on (non-technical) changes affec… S Moonesamy
- Re: Observations on (non-technical) changes affec… Joseph Lorenzo Hall
- Re: Observations on (non-technical) changes affec… Joseph Lorenzo Hall
- Re: Observations on (non-technical) changes affec… S Moonesamy
- Re: Observations on (non-technical) changes affec… Randy Bush
- RE: Observations on (non-technical) changes affec… Russ White
- Re: Observations on (non-technical) changes affec… Melinda Shore
- Re: Observations on (non-technical) changes affec… Eliot Lear