Re: [Iot-onboarding] [Mud] Some new stuff for mudmaker.org

"M. Ranganathan" <mranga@gmail.com> Mon, 23 March 2020 15:09 UTC

Return-Path: <mranga@gmail.com>
X-Original-To: iot-onboarding@ietfa.amsl.com
Delivered-To: iot-onboarding@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEED83A089D; Mon, 23 Mar 2020 08:09:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eWAZEn4J11Yp; Mon, 23 Mar 2020 08:09:50 -0700 (PDT)
Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53CE33A07ED; Mon, 23 Mar 2020 08:09:50 -0700 (PDT)
Received: by mail-il1-x131.google.com with SMTP id g15so4291456ilj.10; Mon, 23 Mar 2020 08:09:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pGZvfy0bqfDv0qNVglwW4t19TFYMzT0h+tu+CqkGaxY=; b=iQjpFaV6WBLWFlFIDRDsdSAOlqUsBT5qoQ2NB6yA4LJLBgF5BdFuP4fv5Awy3EkYeY HiZN6sTpliw7xcM3XLwKyTk8MSBDm8wj7voN3J++UJe2AdkN+Hd6XmY3/HfZ7ZlJHVMb DyFf5NukHNQnkPAR0BS0HA/J0kMPaIn3zm23tGz1XMR+fcLaHvFJQyqgThZBcxwKJrXc EMJpXNFc9i3hYkcDbmJpI82+aVXstr4UUEsL37qXSl9rWeyHoHoJl6EfGsFxo/N5zvOZ KyJ+T5OyXGJD5FIhq7edHXaGRyTdyazCIYuLXwPLl/ZfxBBqAfpWthRBaXHZUglFspC/ 7gAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pGZvfy0bqfDv0qNVglwW4t19TFYMzT0h+tu+CqkGaxY=; b=RMtrIoA1/xX9BgNYeuTcySTDp2A5CUc5VWNfhMMqZgA8+p7jePrZSp3w0vBnXwndvW oPgCpH7qRqZKlXNHglg+aQT/t4AVC8V/8N4I6IdSO7LCwSLFqtqgJNpDWTLTRt5VNZt4 wtUWlcDx+J+oPHcxUm1J7RNSUZpw3E/HQU/ClAxEbFoa9eblFbuUHZbqRz2hptUoDAht bYSu4hwjWn/cflmBlcv29M/aEzpxHhnErKk8tQIy9sJYl3+imRFdD2xo4arqcJBQGth4 T4bz+ZeqPJvOgvQYXoJtEXBdmIojew5OfPvbMXU3+e3IN0xjbjq/vOqdBqvdkZU2QgP5 XXEg==
X-Gm-Message-State: ANhLgQ1Oabvz+dwRW9ptNwoRi0QlD18OZxrYK6KcEaHULzGeP7bdmrl7 89uaYQM6Ib+EFK6p2TRpu+RrJ90UM2o3Ohzuqno=
X-Google-Smtp-Source: ADFU+vvS48ZS58hzh+sjfHlV3dZIOOStSHvynGRlSw9DJQGwh2swv+MQUjaeNcvk/RTXYLrQkE89Z60wBq2ystY3/R0=
X-Received: by 2002:a92:ad02:: with SMTP id w2mr21441811ilh.55.1584976189145; Mon, 23 Mar 2020 08:09:49 -0700 (PDT)
MIME-Version: 1.0
References: <0DE46278-4708-42B6-8DFF-A8BC67B23F7E@cisco.com>
In-Reply-To: <0DE46278-4708-42B6-8DFF-A8BC67B23F7E@cisco.com>
From: "M. Ranganathan" <mranga@gmail.com>
Date: Mon, 23 Mar 2020 11:09:12 -0400
Message-ID: <CAHiu4JPqXd2emEFCRK2dq0L6OFOcr-UdNkhJ2W+Cx5TUCLrprA@mail.gmail.com>
To: Eliot Lear <lear=40cisco.com@dmarc.ietf.org>
Cc: mud@ietf.org, iot-onboarding@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bb47d305a1870621"
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-onboarding/rDYG6pHSy4aZjFe1OsE1a3UJXhI>
Subject: Re: [Iot-onboarding] [Mud] Some new stuff for mudmaker.org
X-BeenThere: iot-onboarding@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IoT onboarding mechanisms <iot-onboarding.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-onboarding/>
List-Post: <mailto:iot-onboarding@ietf.org>
List-Help: <mailto:iot-onboarding-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2020 15:10:10 -0000

Hi Eliot,




On Mon, Mar 23, 2020 at 10:41 AM Eliot Lear <lear=40cisco.com@dmarc.ietf.org>
wrote:

> Hi everyone,
>
> As part of mudding, I’ve been talking to the SBOM people.  These are the
> folk who are looking to produce a software bill of materials for IOT
> devices.  The question: how to find it?  Well, MUD to the rescue.  I’ve
> added a very simple extension (no draft yet but working on it) that would
> describe just how to get the SBOM.
>
>
 Less travel leads to more MIUDdling :-). There's always a silver lining.

I have a very basic question about the whole notion of mixing SBOM with
MUD. MUD was intended for network access control whereas SBOM is more for
ensuring software integrity. Should this be part of the MUD file or
included (for example) as a pointer in the device certificate so it can be
independent of MUD? Why include this as part of the MUD file?  I'd just
like to understand the motivation.

Stay healthy.

Thanks,

Ranga


>
> --
> Mud mailing list
> Mud@ietf.org
> https://www.ietf.org/mailman/listinfo/mud
>


-- 
M. Ranganathan