[Iot-onboarding] New MUDdiness

Eliot Lear <lear@cisco.com> Fri, 24 April 2020 13:45 UTC

Return-Path: <lear@cisco.com>
X-Original-To: iot-onboarding@ietfa.amsl.com
Delivered-To: iot-onboarding@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19DC3A0877; Fri, 24 Apr 2020 06:45:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n_eb6gcx94-D; Fri, 24 Apr 2020 06:45:51 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E369A3A0843; Fri, 24 Apr 2020 06:45:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3248; q=dns/txt; s=iport; t=1587735951; x=1588945551; h=from:mime-version:subject:message-id:date:to; bh=htKg5+z9XxgW7WJMjGXSujqZUrHYHm+3cX7OGLqyHAE=; b=Pg9v4gGVdctZAKl/oVYKyRohjfmH+CpvCAg9rq7dgxvO5/P+7RA66Odx ruTey+2fjPw/KfqHUKJTmYUKHoJw53bASlddCQwpy+xpqDXwJJZjnnNr9 PvRV9no5pSu7e881oim87RIXlhaQ3juUl79cXAFDZujaQSZ2XchJb8Igy Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B7AAC97KJe/xbLJq1mHAEBAQEBBwEBEQEEBAEBgXEFAQELAQGDFFQBIBIqhB+JAptkhg+BewsBAQEMAQEfEAQBAYcQNgcOAgMBAQsBAQUBAQECAQUEbYVWDEIBEAGFR3U+AmCDOAGCfLE4doEyhU+FBwaBOAGMUoIAgREnHIJNiB4ygi0Ejl+jPIJPgmqFIo9vHY99jHSHDohqiUWPd4NCAgQGBQIVgVkIKoFWMxoIGxU7KgGCPj4SGA2VJopYPwMwNQIGAQcBAQMJhU6JWgEB
X-IronPort-AV: E=Sophos; i="5.73,311,1583193600"; d="scan'208,217"; a="25556082"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 24 Apr 2020 13:45:48 +0000
Received: from [10.61.167.156] ([10.61.167.156]) by aer-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 03ODjmw1009544 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 24 Apr 2020 13:45:48 GMT
From: Eliot Lear <lear@cisco.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_51C26092-0009-4CB8-8967-9DF0610A488D"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
Message-Id: <D2540FF7-5A09-489E-B17A-42221D2A651D@cisco.com>
Date: Fri, 24 Apr 2020 15:45:48 +0200
To: mud@ietf.org, iot-onboarding@ietf.org
X-Mailer: Apple Mail (2.3608.80.23.2.2)
X-Outbound-SMTP-Client: 10.61.167.156, [10.61.167.156]
X-Outbound-Node: aer-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-onboarding/vg2JNNyvd3z_5gRUOR3L8L-UEAM>
Subject: [Iot-onboarding] New MUDdiness
X-BeenThere: iot-onboarding@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IoT onboarding mechanisms <iot-onboarding.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-onboarding/>
List-Post: <mailto:iot-onboarding@ietf.org>
List-Help: <mailto:iot-onboarding-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Apr 2020 13:45:53 -0000

All:

You may be interested to know that while this list has been quiet, MUD development continues.  I’d like to let you know about a few updates:
MUD has been committed to wpa_supplicant as part of support in the forthcoming Device Provisioning Protocol release.  This code looks like it was committed sometime back in March.
MUD is now supported by systemd natively for linux-based builds.  To use, one can set  “MUDURL=https://example.com/mud.json <https://example.com/mud.json>” as part of the DHCP, LLDP, or DHCP sections.
And today MUD was also merged into the NetworkManager code base.  To configure, run “nmcli c edit <interfacename>”,  "set connection.mud-url https://foo.com/mud.json <https://foo.com/mud.json>”, and “save”.
We are also looking at several additional extensions to facilitate compliance indication. 

MUD: coming to a distro near you.

Eliot