Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 02 March 2023 21:29 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: iotops@ietfa.amsl.com
Delivered-To: iotops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ACEDC152EEF for <iotops@ietfa.amsl.com>; Thu, 2 Mar 2023 13:29:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Level:
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (bad RSA signature)" header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qdRrIABq8CjZ for <iotops@ietfa.amsl.com>; Thu, 2 Mar 2023 13:29:42 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93584C15256B for <iotops@ietf.org>; Thu, 2 Mar 2023 13:29:42 -0800 (PST)
Received: from dyas.sandelman.ca (desktop4.sandelman.ca [209.87.249.16]) by relay.sandelman.ca (Postfix) with ESMTPS id 9A2391F455; Thu, 2 Mar 2023 21:29:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sandelman.ca; s=mail; t=1677792580; bh=+7JfveUWyhiB7TjI2P4EfWkRYtIkKDh1ZVlGqwllBVo=; h=From:To:Subject:In-reply-to:References:Date:From; b=EKv7506zSHNzlaVNJrEkKdYn+WTWD0+/5X1KuKVsakguuCAGykdvrioHKaXcfLPDX vgZzikXBU4BSFgCz/GBBYj28VXuS0tQJKaCUVIh6w3wKtucg+JvQOUSDVMn/KQulgN yr46M4W5cfTRu78i0YeZOb/34CB0MOXByheBYJp4bzrBJQ6kJ5KemXxd7ZV2LWfJG8 E1aRk6zYuRM56wU4BqrDFIa7cSJeSjOJGSui/pwpZhmDz7obVc2OwF14J6/72dVEFX 78Qt0WInEGcFDLWD0fSTMhSKs1KIZg6wkou2zyP6+f5yAKsvfM0gT0+dWJ1mDg1Xd9 UA/MZ1mNXpaaw==
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id 6BD3EA1338; Thu, 2 Mar 2023 16:29:39 -0500 (EST)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id 699D3A0FDA; Thu, 2 Mar 2023 16:29:39 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Russ Housley <housley@vigilsec.com>, iotops@ietf.org
In-reply-to: <2C446A21-E61A-408A-99EA-5B3B34CA9AFA@vigilsec.com>
References: <2b042daf-a7a4-84b4-bd9a-bb293849ca43@isode.com> <2C446A21-E61A-408A-99EA-5B3B34CA9AFA@vigilsec.com>
Comments: In-reply-to Russ Housley <housley@vigilsec.com> message dated "Thu, 02 Mar 2023 11:57:33 -0500."
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 02 Mar 2023 16:29:39 -0500
Message-ID: <1744680.1677792579@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/yizMGyOvtMqnGcy0M9RZRcT3b4g>
Subject: Re: [Iotops] WG Adoption Call on draft-moran-iot-nets-02
X-BeenThere: iotops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IOT Operations <iotops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iotops>, <mailto:iotops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops/>
List-Post: <mailto:iotops@ietf.org>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iotops>, <mailto:iotops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2023 21:29:47 -0000
Russ Housley <housley@vigilsec.com> wrote: > I have no objection to the adoption of this document, but I would like > to see the discussion also cover protection of data at rest in the IoT > device. Currently, it talks about "information in transit on the > networks or stored in the IoT application or in the Cloud." However, > the protections for data at rest are not really covered in the > subsections that follow. While I agree that this is important, I am not entirely certain it's within the IETF's mandate :-) That doesn't mean we shouldn't do it though, but it may be too big a bite. > This document is highly aligned with ENISA. It mentions a NIST > document, but it ignores other sources of reasonable requirements, such > as > https://ctiacertification.org/program/iot-cybersecurity-certification/. > I think that pulling together a superset of the requirements (as long > as they are not in conflict) would be a real service to the community. Agreed. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Iotops] WG Adoption Call on draft-moran-iot-nets… Alexey Melnikov
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Eliot Lear
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Michael Sweet
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Russ Housley
- [Iotops] end passwords NOW! Michael Richardson
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Michael Richardson
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Russ Housley
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… AKRAM SHERIFF
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Thomas Fossati
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Panwei (William)
- Re: [Iotops] WG Adoption Call on draft-moran-iot-… Alexey Melnikov