Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02
Eliot Lear <lear@lear.ch> Thu, 02 March 2023 12:55 UTC
Return-Path: <lear@lear.ch>
X-Original-To: iotops@ietfa.amsl.com
Delivered-To: iotops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 951EDC14CEF9; Thu, 2 Mar 2023 04:55:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.087
X-Spam-Level:
X-Spam-Status: No, score=-7.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=lear.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j77YVWHQ_iZh; Thu, 2 Mar 2023 04:54:58 -0800 (PST)
Received: from upstairs.ofcourseimright.com (upstairs.ofcourseimright.com [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95290C14F739; Thu, 2 Mar 2023 04:54:56 -0800 (PST)
Authentication-Results: upstairs.ofcourseimright.com; dmarc=none (p=none dis=none) header.from=lear.ch
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lear.ch; s=upstairs; t=1677761693; bh=V0U2VB84Fa3RJ6784zvsQ9cxsU7ggubNKnUMquiU3RE=; h=Date:To:Cc:References:From:Subject:In-Reply-To:From; b=HCspBZsQ2G76uzSjE4tl7IDTXA3WOf7NfGuYKWUPI5lEmfvby2OvtPA2JNsUkcn8F P9VndVyl/8qP+K3/zZypCyZDmJ2Mjw2EvjRWuNgRmzYRHracEpcmgSR/jkOx2lImdx C78LAXLsU5wtXU4cs4sD4L74QKuiP3ctnsyX+4Dc=
Received: from [IPV6:2001:420:c0c0:1012::4] ([IPv6:2001:420:c0c0:1012:0:0:0:4]) (authenticated bits=0) by upstairs.ofcourseimright.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 322CsrBo1225234 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Thu, 2 Mar 2023 13:54:53 +0100
Content-Type: multipart/alternative; boundary="------------c5vGIDLN3uUzutBub8QCR0tn"
Message-ID: <af3ea132-f300-6496-8d00-dd7084560921@lear.ch>
Date: Thu, 02 Mar 2023 13:54:52 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.8.0
Content-Language: en-US
To: Alexey Melnikov <alexey.melnikov@isode.com>, iotops@ietf.org
Cc: "iotops-chairs@ietf.org" <iotops-chairs@ietf.org>
References: <2b042daf-a7a4-84b4-bd9a-bb293849ca43@isode.com>
From: Eliot Lear <lear@lear.ch>
In-Reply-To: <2b042daf-a7a4-84b4-bd9a-bb293849ca43@isode.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/aFaiv2dkHY5j5YAyGPIqgAauSFo>
Subject: Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02
X-BeenThere: iotops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IOT Operations <iotops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iotops>, <mailto:iotops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops/>
List-Post: <mailto:iotops@ietf.org>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iotops>, <mailto:iotops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2023 12:55:02 -0000
I support this document's publication, and I am willing to continue to
provide reviews.
I think it would be good if Brendon took a few good pot shots on two fronts:
1. Passwords on devices are a bad idea IOT devices that are associated
with north-bound control functions. This includes bridges, vacuum
cleaners, ovens, HVACs, and the like.
2. The strength of security related to the entire solution is not
something we can seriously address at the protocol level, and that
should be more crisply stated in 4.11.1.
Thanks again to Brendan for persevering through this work.
Eliot
On 02.03.23 13:34, Alexey Melnikov wrote:
> Dear IOTOPS participants,
>
> This message starts a 3 week call for Working Group Adoption of "A
> summary of security-enabling technologies for IoT devices"
> (draft-moran-iot-nets-02
> <https://datatracker.ietf.org/doc/draft-moran-iot-nets/>)
>
> ending on Thursday, March 23rd.
>
>
> Please reply to this email with your support (or lack thereof) and
> especially any substantive comments you may have. When including
> comments, please consider whether or not they need to be resolved
> before document adoption by the WG.
>
> Alternatively you can email chairs directly at <iotops-chairs@ietf.org>.
>
>
> Best Regards,
>
> Alexey,
> For the IOTOPS co-chairs,
>
- [Iotops] WG Adoption Call on draft-moran-iot-nets… Alexey Melnikov
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Eliot Lear
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Michael Sweet
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Russ Housley
- [Iotops] end passwords NOW! Michael Richardson
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Michael Richardson
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Russ Housley
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… AKRAM SHERIFF
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Thomas Fossati
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Panwei (William)
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Alexey Melnikov