Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02

Eliot Lear <> Thu, 02 March 2023 12:55 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 951EDC14CEF9; Thu, 2 Mar 2023 04:55:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.087
X-Spam-Status: No, score=-7.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id j77YVWHQ_iZh; Thu, 2 Mar 2023 04:54:58 -0800 (PST)
Received: from ( [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 95290C14F739; Thu, 2 Mar 2023 04:54:56 -0800 (PST)
Authentication-Results:; dmarc=none (p=none dis=none)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=upstairs; t=1677761693; bh=V0U2VB84Fa3RJ6784zvsQ9cxsU7ggubNKnUMquiU3RE=; h=Date:To:Cc:References:From:Subject:In-Reply-To:From; b=HCspBZsQ2G76uzSjE4tl7IDTXA3WOf7NfGuYKWUPI5lEmfvby2OvtPA2JNsUkcn8F P9VndVyl/8qP+K3/zZypCyZDmJ2Mjw2EvjRWuNgRmzYRHracEpcmgSR/jkOx2lImdx C78LAXLsU5wtXU4cs4sD4L74QKuiP3ctnsyX+4Dc=
Received: from [IPV6:2001:420:c0c0:1012::4] ([IPv6:2001:420:c0c0:1012:0:0:0:4]) (authenticated bits=0) by (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 322CsrBo1225234 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Thu, 2 Mar 2023 13:54:53 +0100
Content-Type: multipart/alternative; boundary="------------c5vGIDLN3uUzutBub8QCR0tn"
Message-ID: <>
Date: Thu, 02 Mar 2023 13:54:52 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.8.0
Content-Language: en-US
To: Alexey Melnikov <>,
Cc: "" <>
References: <>
From: Eliot Lear <>
In-Reply-To: <>
Archived-At: <>
Subject: Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IOT Operations <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Mar 2023 12:55:02 -0000

I support this document's publication, and I am willing to continue to 
provide reviews.

I think it would be good if Brendon took a few good pot shots on two fronts:

 1. Passwords on devices are a bad idea IOT devices that are associated
    with north-bound control functions.  This includes bridges, vacuum
    cleaners, ovens, HVACs, and the like.
 2. The strength of security related to the entire solution is not
    something we can seriously address at the protocol level, and that
    should be more crisply stated in 4.11.1.

Thanks again to Brendan for persevering through this work.


On 02.03.23 13:34, Alexey Melnikov wrote:
> Dear IOTOPS participants,
> This message starts a 3 week call for Working Group Adoption of "A 
> summary of security-enabling technologies for IoT devices" 
> (draft-moran-iot-nets-02 
> <>)
> ending on Thursday, March 23rd.
> Please reply to this email with your support (or lack thereof) and 
> especially any substantive comments you may have. When including 
> comments, please consider whether or not they need to be resolved 
> before document adoption by the WG.
> Alternatively you can email chairs directly at <>.
> Best Regards,
> Alexey,
> For the IOTOPS co-chairs,