IETF Logo Mail Archive

Re: [Iotops] [Madinas] advice on IoT MAC address randomization (or not)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 16 July 2021 08:04 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: iotops@ietfa.amsl.com
Delivered-To: iotops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 579313A2BD0; Fri, 16 Jul 2021 01:04:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=cdrhcu7O; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=jHOIxLPg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJ8pP_B2PUbN; Fri, 16 Jul 2021 01:04:25 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DB0A3A2BC6; Fri, 16 Jul 2021 01:04:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2800; q=dns/txt; s=iport; t=1626422665; x=1627632265; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=3Bwak2vzEPp8g7SKomIflOX4Ha83TuQGNuRqNR5cMYA=; b=cdrhcu7OpZUAidli4sIstZQVpca1oYCxIUWr9jnL0i2FpQrNZBLLYGw0 D4rgNyWntkWH8U87dEOPwWYPMJQDb0aFeGhYvNCRDc7jw0KuJEs+c5Ak8 YlhTWf89EqGiD+jq7hfhH8YhWKI63zsOYyDWJodPMwa8luE7u71NuVnfu U=;
X-IPAS-Result: =?us-ascii?q?A0DYAwD/PPFgl4UNJK1aHgEBCxIMQIMsKSh+WjcxhEiDS?= =?us-ascii?q?AOFOYhaA5ovglMDVAsBAQENAQExEAQBAYFggnQCF4JkAiU4EwIEAQEBAQMCA?= =?us-ascii?q?wEBAQEFAQEFAQEBAgEGBBQBAQEBAQEBAXKFaA2GRQEBAQQSEREMAQE3AQsEA?= =?us-ascii?q?gEIEQMBAgMCJgICAjAVCAgCBAENBSKCTwGCVQMvAQ6bBgGBOgKKH3qBMoEBg?= =?us-ascii?q?gcBAQYEBIJRgwAYgjIDBoEQKoJ7hA6GYiccgUlEgRUnDBCCMjA+gmIChHc2g?= =?us-ascii?q?i6CKgVsZEcQgRhGBh4qlTuVbJIUCoMkijWUBAUdCaZelgiMMphYAgQCBAUCD?= =?us-ascii?q?gEBBoFyIoFbcBVlAYI+UBkOjh8ZgQwBCIJDhRSFSnMCNgIGAQkBAQMJihIsg?= =?us-ascii?q?hsBAQ?=
IronPort-PHdr: A9a23:aPUpYR2Pi7m47OqWsmDPS1BlVkEcU/3cJQcT5pcjjrtINK+qrNzuP 03asPNqilKBHYDW8OlNhOeetaf8EXcB7pCMvDFnEtRMWhYJhN9Qk1kmB8iIWlbyKvLnaykzG oJJXQwt83SyK0MAHsH4ahXbqWGz6jhHHBL5OEJ1K+35F5SUgd6w0rW5+obYZENDgz/uCY4=
IronPort-HdrOrdr: A9a23:cI2N76BVnzc+fmnlHej6sseALOsnbusQ8zAXPh9KKCC9I/b3qy nxppsmPEfP+UkssHFJo6HmBEEZKUmstqKdkrNhQ4tKOzOW+ldATbsSrbcKpgeBJ8SQzJ8n6U 4NSdkaNDS0NykHsS+Y2nj8Lz9D+qj8zEnAv463pB0BIXAIGsNdBkVCe3um+yZNNW977O8CZe KhD7181kOdkBosH6CGL0hAe9KGi8zAlZrgbxJDLQUg8hOygTSh76O/OwSE3z8FOgk/hYsKwC zgqUjU96+ju/a0xlv3zGnI9albn9Pn159qGNGMsM4IMT/h4zzYI7iJGofy+gzdktvfsGrCo+ O8+CvI+P4DsU85S1vF+CcFHTOQjQrGpUWSlWNwykGT0PARDAhKe/apw7gpLScwLyEbzYBBOG Uh5RPGi3MfN2KzoMy2jeK4JC1Chw66p2EvnvUUiGEaWYwCaKVJpYha509NFowcdRiKpLzPPd MeRv003swmPG9yrkqpyFVH0ZipRDA+Dx2GSk8Ntoic1CVXhmlwyw8dyNYElnkN+ZohQ90cjt 60fJhAhfVLVIsbfKh9DOAOTY++DXHMWwvFNCaXLU78HK8KNnrRo9r84akz5uutZJsUpaFC16 jpQRddryo/akjuAcqB0NlC9Q3MWny0WXD3xsRX9/FCy/bBrXrQQGW+oXUV4oqdStkkc7nmss eISdtr6qXYXB7T8K5yrnrDZ6U=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.84,244,1620691200"; d="scan'208";a="724831319"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 16 Jul 2021 08:04:23 +0000
Received: from mail.cisco.com (xbe-aln-001.cisco.com [173.36.7.16]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 16G84No9032190 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 16 Jul 2021 08:04:23 GMT
Received: from xfe-aln-005.cisco.com (173.37.135.125) by xbe-aln-001.cisco.com (173.36.7.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Fri, 16 Jul 2021 03:04:23 -0500
Received: from xfe-aln-002.cisco.com (173.37.135.122) by xfe-aln-005.cisco.com (173.37.135.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Fri, 16 Jul 2021 03:04:22 -0500
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-002.cisco.com (173.37.135.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15 via Frontend Transport; Fri, 16 Jul 2021 03:04:22 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mKkLw3u+zxfDgFJFG9yzJ3lMBLxo5jkdt0S0qLDuvCFXRjXtOus7x4sbbOFqQCfAXOnjX6yE4KJzfizbeZOm/CBqJsXzSynOTiCyBsCSfl5uujreJpSm+lrzq7T7PohyHjxVKXY5SzOrfz9VfVzEsfKp76lSAy+wRKE9T/grX8Li9JXp5EfrZfieyGTDyN9GRMYUeTnNyuY83L47lhYwLA7MwmfZAXqh3n9SWgChUvRxtOAMXsaraVpglsenn02+adsIYVmTTBsy/U43F1tix9FB6Nr48pCyrZkCx5gE12HIB9Klkmdpt+yXpbMXnq8fdiCSDDsc3iJT34wyd1IWsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3Bwak2vzEPp8g7SKomIflOX4Ha83TuQGNuRqNR5cMYA=; b=Ff9ThTbT2HLzNpXWeD/Kf7XgHbyCiIbq3PT7QZ0gBrODV61a342i1+KE4QCpaDE/TKqNyyDLPF71+nUfUfFdxl+gt34Qk1q1yTmrzi4faWhTspaPkG2mm8lsuIdaUSCVewUPzYtmiJ7gg8tDNIJwT2B7flxvrZR+YjlvhqgwWlO5qEuawGroVd2yfJFkfvejvy8JKK/gjsSrsVd6zX0C1z5Uxcc5Um31YGytmMNUhkfHdSjJ95Ukp+fH43O3xV+EP0nXNWeVSlaQfRAFEFShC8qL4JgjP7K/OkfAzPwI0Lw5Vhv3p5HdnoaksPb+g0NJlnBjWo5quiWyMCPdoW+oQg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3Bwak2vzEPp8g7SKomIflOX4Ha83TuQGNuRqNR5cMYA=; b=jHOIxLPgq+QBEmGF665+dT5HhMIyCc4lAUTQsvwgWA3YvJP/uJ+zDf7si80RXQUbr2KlwBwe1x76TmllWjWhBaR/VElPPDiG0nH8K4i/vreAJQEhby3fUMnN/IgsnVWbPmEDhb9Igx5F4XOkOCuteqTouQW64YbI0fp783dbN5I=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB5158.namprd11.prod.outlook.com (2603:10b6:510:3b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.24; Fri, 16 Jul 2021 08:04:21 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::6d61:c160:def1:bc64]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::6d61:c160:def1:bc64%3]) with mapi id 15.20.4331.026; Fri, 16 Jul 2021 08:04:21 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "iotops@ietf.org" <iotops@ietf.org>
CC: "madinas@ietf.org" <madinas@ietf.org>
Thread-Topic: [Madinas] advice on IoT MAC address randomization (or not)
Thread-Index: AQHXeOX0IUUbj0OY5U+dkX9UOZL096tFYfEA
Date: Fri, 16 Jul 2021 08:04:21 +0000
Message-ID: <E5F73F07-F196-4047-B9C1-2B0942545C4D@cisco.com>
References: <2660.1626290680@localhost>
In-Reply-To: <2660.1626290680@localhost>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: sandelman.ca; dkim=none (message not signed) header.d=none;sandelman.ca; dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1b21ae72-b695-4f39-a29a-08d9483051b7
x-ms-traffictypediagnostic: PH0PR11MB5158:
x-microsoft-antispam-prvs: <PH0PR11MB5158ABC1987B56BC5FE7C4B6A9119@PH0PR11MB5158.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6THO0VyhPvWbWqHfrWy3w+ey2bMiiIuM4+5XqEO7gDtW2URYcE+0+y5oCzECg7K2N4JQYPL9p/qKENbza3zkh1QCiE14l+G3YHdcCf/RBwyHNmf/TSzGLseO7tT2nEoa8lLWHud+Jw2hcFAXZAbH2IydJiU3g8YTOKf9dlhD6Kc/IG1ndn4/X7PABuQNjVq3rEq7Y/6d66E4aDsSEptT1ecwnoxIHfjjAc8pVh7og8ancs/vn1BrY4uEA1zXR2cM/vhIvfBIZcnkyOD91nIwx+xthOFM3NcCpapQvCXXP/TUjOWBtt3m3u9q3vKhAJobLush2AwWkApcb/6m/K3pCwrMOeq2jLHDSjUJZeea3ArP1d5vkPafMuvfc2SNRehVcXSwDjFSLJktdBUaxWa2IEPOTsjrx2faUBX1XnvOLldGwnW3KVvAC9uheMft7mZgFyVFnW93xOZU/KyL6oeJh+nOssbv/04sHN3SaFUunn8Qu75BHrJ0gK5Ha4OVvT9ZrQ/ds3d2j4SQDjzsa3JJ45GgMNFfHaYgy1baLqu30fS28TnM9bmbQqkznVU852OpFWcCbKTYuysDHOUWhdErk0831gxQFqTPuXI64q80Flnrp8qsVrw+g3Cg8oA25OlSpxK1nqXLNGtyCWpD9VnsKQXwtkd+omstp3oJbBrMRZjwbrdDHYE+KCS35Z2NwdGK3Vi9t1LkIpWXZvaHp5wjsgBzVj2dmZ9UuNmjYK1ThsQI3MelExA3jIJvF4smx6J3oZ4/7DPAwm5tay5lxfJOR3+hO07GxmQzxXZ5k4xyVDa2iQ6kbEu1hzhIo8iO0nwZ
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(39860400002)(136003)(346002)(376002)(366004)(316002)(110136005)(4326008)(66574015)(53546011)(5660300002)(76116006)(71200400001)(66476007)(36756003)(66946007)(64756008)(33656002)(66556008)(91956017)(66446008)(83380400001)(86362001)(6486002)(186003)(8936002)(6506007)(8676002)(2616005)(26005)(966005)(6512007)(2906002)(478600001)(38100700002)(122000001)(38070700004)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?MWtQLytGb3NVNk1wc3Fub1hiMmFaR21MZ3BOcHlBVlZyR1Njc2ovR1J3TW4y?= =?utf-8?B?NVpWOHJ1R0VPMldvNHdVVEhHbFpQTnF0TEVrQ21BbitlR3UxeTZMczlvRDE3?= =?utf-8?B?WFYvY0kzdDZOVENYdEZtc2loYmN1MkhINTNnM1Z0SWo2UFNiSmdaZjAyNmZU?= =?utf-8?B?MmRNVDVGZjBnampjTUZtQWdFZUFXYWUwSEhHa0MvVHRYRGgyYTArNjQ2cjYr?= =?utf-8?B?Y2grMk51WlhPQm1BaHYwNXBjS1Q5Zm03eXdKdDR5VXpXZkNFdEVkUnJ4d2pa?= =?utf-8?B?Q0ZuSkhDN0dXbDEvNUdNek5aT0cyWnNmdzRrOWs1b25wYWw3bzVhL29BTXor?= =?utf-8?B?UU1rMW5Ia1I5dWNIYytMck9MMGc0THlhcGRpQ2Y1WWhMajlRclZWeUF6RFgr?= =?utf-8?B?WWYvQlJkb2hVWVhLemJSekw3czdBNlJuK04xSlNqWmFvNjcrZkZ3c0lLTjgr?= =?utf-8?B?VlNLK1Brc25GbXlTM2V5WUlQVS9zSXg2NjJtNmdKZFBma3RLd3h2SGVXTDFF?= =?utf-8?B?eHNwbHJYWis1a24wVGF1WFpGVU9tS3R2U1dKOUxFSE05RktLdDRwVzdqb2hq?= =?utf-8?B?cW0rUjFRd3ZMV1hKQXFsVmxYWVk2aEVacWh4VXd5QjZZNURwcXZOWThRa1dz?= =?utf-8?B?U1F2dTl2bnpBUHlCR2ZmYzJmc1pBMU9KRU1hN3RMYjVSSGJHNWpmRXd4RDkx?= =?utf-8?B?NVNWSm5GQVY2RjZqc042MFd5QWRBd1cyQUF2WHVLZnplckZ5bzdkcVFPOGpx?= =?utf-8?B?ZEpjNTNrZHkrWXJqWWJ1UThoOXllOFJnY3FvOEpWZ0pKWU9xMHhuR0FMcmVO?= =?utf-8?B?bk16ZHk4VFRtUTZ1am1FQTRyaHprN1p1ZklaRDE1K1NGR295b2FLTldpOTBt?= =?utf-8?B?L3p4WVY3b2FNbWp2R2J1M0M2OUpSeStNaDl5cGxBbFV4VWJpV0s1ZHJ5bDZG?= =?utf-8?B?amI2NWVWZTl2QlNZeVpGSkhEL2l1V21Xb1FmdCsrZ0NtaWNtR2s1WTBZN1Iy?= =?utf-8?B?a0t3bFBCdlpCamQrYVlPeGt5MVdNcnVKVnJDVUk5R3Rhcmg3STNCRitUdUw5?= =?utf-8?B?TEpITzNqVkJYVjhYYml1M2pJeDN1TkxsNnJwSHQwWHpvcXF5Q0hmWmwzQUFo?= =?utf-8?B?a1M0TlJ1V0dLdGNsMGwxL05JRXhRU2RueDl3d3ovUzdaM2dXb0pjQk5JOWdR?= =?utf-8?B?T2xnVlI4akFHV3hoRWFyc3ZSVkpwVDZtVzc4dURxNUM4cVZtdXV6VXQ3VllH?= =?utf-8?B?bi9VM2lFOVd3YzltbTFiYnlDcWtaWnRIbWhjdUNveWYrS0ExQnpFT25MZEJJ?= =?utf-8?B?VFFKRDlINnV0WnFpdVEzS0VscEF3UU5BVmZlYUhEb2F3NVYxT2JOMEtMcER6?= =?utf-8?B?YzBPajMxSWFhcXE1bVc4RWp3UTUrRC9xSTNNcTA1UWVoMGhybEVOVzVlUkhW?= =?utf-8?B?Wm5HMkFEclV0aEEyK085bXY0UzVjSUlkQkgxMDJvMEhOTkxZMFh2T2ZZNTJF?= =?utf-8?B?Z3JvY0xLOGNXOE9iZWMvVGZXZHUzL3dHV3FOZFVqMm5VelM0c1l4RHBpbUEz?= =?utf-8?B?VlU0Ty9sR3gwU1BvaEtNblFBcllWdmc2ZFV2cFMyL2k4ZTlub05BclBXcWEz?= =?utf-8?B?RHpDMVZidkxJazZ0UnA0dWpKM1h3dHpDUzFyM0dvOHBLdmpIeHM3WURva2FY?= =?utf-8?B?ZHRWZUtpeGdpWWNDbFMxMkZpL01UYStBcUc1eGt1TjRqSHFkQWlvd3VXMExv?= =?utf-8?B?dG5jTnlyODZxci8wcGVCbzFaTVlNYnRqYWNWZTZVS3dpWW8xNzgyRlh0a1Q3?= =?utf-8?B?Tit0bVpSY1g5US9EazExZz09?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <E492297757518744A43038F47B9635AD@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1b21ae72-b695-4f39-a29a-08d9483051b7
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jul 2021 08:04:21.5239 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PA+jQChtwtU6mSInhdVzTOFcDecgyE0bL/dipK6x+aM+3vbx52ZRmsOS/0Tdt5moogm2QVNmSPadRCNMTwpJMQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5158
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.16, xbe-aln-001.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/Went7ScOXBLSLpB5IHYKCAsqXM0>
Subject: Re: [Iotops] [Madinas] advice on IoT MAC address randomization (or not)
X-BeenThere: iotops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IOT Operations <iotops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iotops>, <mailto:iotops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops/>
List-Post: <mailto:iotops@ietf.org>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iotops>, <mailto:iotops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2021 08:04:30 -0000

Michael,

Quick reply on the absence of charter on the MADINAS page on the data tracker: AFAIK, the charter appears only when there is a being-chartered WG and MADINAS is still a WG-forming BoF __ The description is on the BoF Wiki https://trac.tools.ietf.org/bof/trac/

Else, IMHO, IoT should also be in the use cases of MADINAS for the reason you cited.

Regards

-éric

-----Original Message-----
From: Madinas <madinas-bounces@ietf.org> on behalf of Michael Richardson <mcr+ietf@sandelman.ca>
Date: Wednesday, 14 July 2021 at 21:25
To: "iotops@ietf.org" <iotops@ietf.org>
Cc: "madinas@ietf.org" <madinas@ietf.org>
Subject: [Madinas] advice on IoT MAC address randomization (or not)


    I'm not sure where the madinas charter is, the _MADINAS - Proposed Charter
    v2_ thread from the end of May petered out.  I don't see a charter in the
    WG/BOF entry on the datatracker.

    A BCP document is mentioned.

    I think that a BCP document on IoT devices, including routers,
    switches and other infrastructure would be good.

    The short of it, for me, is that
      a) wired interfaces for non-movable things (home gateways, fridges,
         furnaces) should not change their MAC address.  (Whether they use
         OUI derived addresses is a second question)

      b) Until WPA-Enterprise aka EAP-TLS,.. is ubiquitous among wifi IoT
         devices, that they should always use the same MAC address for the
         same ESSID.

    Combining (a) and (b), I'm fine if wired devices that do 802.1x want to do
    RCM.  That would apply to many security paranoid enterprise
    desktops/laptops.  But, I don't think that the IDS systems will be ready for
    a long time, as they mostly haven't caught up to IPv6 Temporary addresses yet.

    It's probably five pages of justification for each point I make above, sigh.

    --
    Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
               Sandelman Software Works Inc, Ottawa and Worldwide

v2.8.7 | Report a Bug | By Email