Re: [Lwip] [OPSAWG] [Suit] next steps in clarifying scoping terminology for SUIT, CoSWID, MUD and SBOM
Michael Richardson <mcr+ietf@sandelman.ca> Tue, 09 June 2020 19:46 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 226003A0D4D for <lwip@ietfa.amsl.com>; Tue, 9 Jun 2020 12:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I7vdk28W9aVr for <lwip@ietfa.amsl.com>; Tue, 9 Jun 2020 12:46:30 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90EA53A0D48 for <lwip@ietf.org>; Tue, 9 Jun 2020 12:46:30 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id C37C438A20; Tue, 9 Jun 2020 15:44:00 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 6q4Cua6yEADq; Tue, 9 Jun 2020 15:43:59 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id B164038A3C; Tue, 9 Jun 2020 15:43:59 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 14B15696; Tue, 9 Jun 2020 15:46:28 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Carsten Bormann <cabo@tzi.org>, lwip@ietf.org
In-Reply-To: <C246507B-A52B-43DE-B406-02AFBB945878@tzi.org>
References: <22789.1591719213@localhost> <C246507B-A52B-43DE-B406-02AFBB945878@tzi.org>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Tue, 09 Jun 2020 15:46:28 -0400
Message-ID: <10933.1591731988@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/2DGns23vt4U8U1vWTcHdCTx9YfA>
Subject: Re: [Lwip] [OPSAWG] [Suit] next steps in clarifying scoping terminology for SUIT, CoSWID, MUD and SBOM
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2020 19:46:33 -0000
Carsten Bormann <cabo@tzi.org> wrote: > Hi Michael, >> On 2020-06-09, at 18:13, Michael Richardson <mcr+ietf@sandelman.ca> >> wrote: >> >> […] smartphones do not fit into RFC7228, and yet they are not >> "unconstrained" >> >> We constrast SUIT to devices where the is potentially many packages >> that can be updated, up to and including the Linux/Windows >> desktop/server environment where there are potentially thousands of >> packages. >> >> In RFC7228, we described a series of useful terms and classes, and we >> have repeatedly come back wishing to have some notions of "class 3+" >> to describe classes of more capable devices, up to and including >> "classic" desktop and server OS installations. >> >> I think that as we move towards dealing with SBOM concepts (whether >> via CoSWID, or in liason to IoTSF and/or NTIA) that it would be useful >> if we worked on an rfc7228bis (or a companion document: nothing wrong >> with 7228 really), that allowed us to speak more intelligently about >> different classes of devices. > There is activity on a 7228 bis. > Would > https://tools.ietf.org/html/draft-bormann-lwig-7228bis-06#table-1 > have helped you? https://tools.ietf.org/rfcdiff?url1=rfc7228&url2=draft-bormann-lwig-7228bis-06.txt > This has a number of experimental classes above 2; both in the M Group > (microcontrollers) and the J Group (general purpose computers — pun > only accessible to people who know how Jeeps got their name). > Note that Sections 3.1..3.3 have more experimental categories; not sure > these are useful for what you are trying to do. I appreciate the direction you are going. Is LWIG going to adopt it? I thought I was on the list, but I might have fallen off. I believe that there are some important intervals between class 10 and class 15. I know of quite a number of class 10ish SoCs that run OpenWRT in less than 4Mb of flash, and have essentially only GPIO pins, like the M-class. It is in this category that I think we have the most public cybersecurity risk, as they are deployed to interface some legacy (RS232) sensor to the Internet. Smartphones have particularly obtuse constraints: while ram sizes are increasing, so are code sizes. But, they have no swap. You can't run a modern browser on a five year old phone, yet even five years ago, the device would have been considered "luxury". There are quite a number of devices that seem luxurious, but once the "OS" is running there actually isn't much left for anything. Lots of "ROM" very little write storage. Also the use of compressed read-only file systems makes a lot of things difficult. The result is that big M-class systems can accomodate more complexity than low-end A/J class systems. This leads to open telnet ports with no authentication, but also winds up begging the question: if it did authenticate, how would they set the per-device unique password, since there isn't anywhere useful to put it? You get into MMU vs no MMU, but many of the M-class devices *do* include memory management units, just not *virtual* memory management units. The presence of TEEs of various kinds is a form of MMU, and that should be a first class as well. Section 3.2 should include TEE. I know you are trying to say this in 3.3, but that section could be about hardware TPMs as well secure enclaves for instance. I really like section 3.1. Between F1 and F2 are devices which can download new firmware and install it while operating, and then can reboot fast enough that nobody notices, but would not be described as "hit-less". F2 means you notice the reboot I know that term from big-ass switching equipment that can upgrade their OS (restarting), but leave the switch fabric and RIB and FIB around intact. I think that this is more than "app-level". And kpatch'able servers. section 4.4 would have been very useful in BRSKI. Even devices that have a battery lasting for their lifetime may not be set to wall-clock time at manufacture time, possibly because the battery is only activated at installation time where time sources may be questionable or because setting the clock during manufacture is deemed too much effort. I think that this is actually the most difficult situation. A device might *think* it has an accurate wall-clock, but in fact, be wrong. This is sometimes worse than having no time. (Or: a stopped clock is right two times a day...) For uncertainty in time, 1e-4 is 1/10000, or 8s per day or 1min/week Can we express this in both ways? I believe that 5.2/Internet integration has a number of things below I0, and between I0 and I1. We need to position native SMS,NFC,BTLE and maybe the non-IP capable "LoRA" stuff in. Why? because CoAP. We also need to position IPv6-LL restricted devices which are just unable to talk off the wire. I have talked about "Connected Things" (BTLE,NFC,etc.), "Web Connected Things" (I1) and "Internet of Things" (I9). I think that between I1 and I9 are a plethora of solutions that we care about that involve CoAP, but not HTTPS. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- Re: [Lwip] next steps in clarifying scoping termi… Michael Richardson
- Re: [Lwip] [Suit] next steps in clarifying scopin… Carsten Bormann
- Re: [Lwip] [OPSAWG] [Suit] next steps in clarifyi… Michael Richardson
- Re: [Lwip] [Suit] next steps in clarifying scopin… Brendan Moran
- Re: [Lwip] [Suit] next steps in clarifying scopin… Michael Richardson