Re: [OPSAWG] Roman Danyliw's No Objection on draft-ietf-opsawg-mud-acceptable-urls-11: (with COMMENT)
Michael Richardson <mcr@sandelman.ca> Wed, 03 April 2024 13:11 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABCD0C1516E0; Wed, 3 Apr 2024 06:11:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.918
X-Spam-Level:
X-Spam-Status: No, score=-2.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, LOTS_OF_MONEY=0.001, MONEY_NOHTML=1.477, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3EXYhL6aUL8i; Wed, 3 Apr 2024 06:11:42 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38C35C14CE39; Wed, 3 Apr 2024 06:11:31 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 913313898B; Wed, 3 Apr 2024 09:11:30 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id vkUMDJIzbVXw; Wed, 3 Apr 2024 09:11:28 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id C461038988; Wed, 3 Apr 2024 09:11:28 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1712149888; bh=mzZht/fLgyqEbCn3tW1y0TJ6oEbJFeM7qqFFLgwDoW8=; h=From:To:cc:Subject:In-Reply-To:References:Date:From; b=hR2F3um9EYHXYW7IO7KvLz3n6nevIi8yf+WJBD4iF9debAxLvc2S99TrikdPNhpZ1 i6iETPDZcrVuj0m5gUlid0YPQpMIvTWKwuAcMltFx50+m+7pB8pvDyDJAivbtpb97Z NOaqpdVW/3E3qoKxZojG7uLjcV59YX3k6cr3c3NuilP0xDWT5h6TmbRAQRY9t4xdYz UK4LIzyA0XKN1mDdqATrsTJZb5R2Rsn1ebwnDFR+Rpxlujq1GCH1ru9b5+aDRiQ+xZ D5sDX+mAO+26O3DwOTVPAiIJgVL/4wr+5OMFr3nsopvNj//CjLfaEbM1lHwVr5glQg cKSYLemR7ofbw==
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id BF798130; Wed, 3 Apr 2024 09:11:28 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: Roman Danyliw <rdd@cert.org>
cc: The IESG <iesg@ietf.org>, draft-ietf-opsawg-mud-acceptable-urls@ietf.org, opsawg@ietf.org, opsawg-chairs@ietf.org
In-Reply-To: <171211080041.52998.16538712754663513072@ietfa.amsl.com>
References: <171211080041.52998.16538712754663513072@ietfa.amsl.com>
X-Mailer: MH-E 8.6+git; nmh 1.8+dev; GNU Emacs 28.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 03 Apr 2024 09:11:28 -0400
Message-ID: <12802.1712149888@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/H8K8bcEsnyME-aqoaTFpNfBYCKA>
Subject: Re: [OPSAWG] Roman Danyliw's No Objection on draft-ietf-opsawg-mud-acceptable-urls-11: (with COMMENT)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 13:11:46 -0000
Roman Danyliw via Datatracker <noreply@ietf.org> wrote: > ** Section 3.1 While there is an argument that old firmware was > insecure and should be replaced, it is often the case that the upgrade > process involves downtime, or can introduce risks due to needed > evaluations not having been completed yet. As an example: moving > vehicles (cars, airplanes, etc.) should not perform upgrades while in > motion! It is probably undesirable to perform any upgrade to an > airplane outside the service facility. A vehicle owner may desire only > to perform software upgrades when they are at their residence. Should > there be a problem, they could make alternate arrangements for > transportation. This contrasts with an alternative situation where the > vehicle is parked at, for instance, a remote cabin, and where an > upgrade failure could cause a much greater inconvenience. > The situation for upgrades of medical devices has even more > considerations involving regulatory compliance. > I’m having trouble understanding the examples provide and the > associated analysis. Editorial recommendation: cut all the text after > the first sentence. Otherwise: If you find it enough to claim that upgrades introduce risks, I don't mind cutting there. > -- What does vehicles, aircraft and medical devices have to do with > MUD? Is there existing and planned penetration of MUD in those markets? There isn't a penetration of MUD in any market yet. Aircraft have hundreds of non-critical systems (seat-back movie players for instance). MUD could have prevented the 2015 Jeep attack: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ (The LTE provider(s) would have had to run MUD, and that's really not crazy. Someone writing the MUD file would have included incoming telnet in the acceptlist) > -- Per “While there is an argument that old firmware was insecure and > should be replaced, it is often the case that the upgrade process > involves downtime, or can introduce risks due to needed evaluations not > having been completed yet. As an example, moving vehicles ...” > Where does the suggestion that moving cyber-physical systems should > upgrade their firmware in use come from? >From many people who think that you have to always run the latest software, NOW, or else. I wrote the above a few years ago thinking nobody would be stupid enough to upgrade while away, but Tesla did exactly that. > -- What is the basis for the claim that the regulatory compliance of > medical devices is more considerations than say of aircraft? Different regulatory agency, different rules, different processes. Many small aircraft use iPads for navigation/maps for instance. They aren't critical systems, they aren't really regulated. > ** Reference > [falsemalware] "False malware alerts cost organizations $1.27M > annually, report says", 18 January 2020, > <https://www.scmagazine.com/home/security-news/false- > malware-alerts-cost-organizations-1-27m-annually-report- says/ and > http://go.cyphort.com/Ponemon-Report-Page.html>. > Pick a single URL. okay. Looks like second URL has died already. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [OPSAWG] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker
- Re: [OPSAWG] Roman Danyliw's No Objection on draf… Michael Richardson