[OPSAWG] Roman Danyliw's No Objection on draft-ietf-opsawg-mud-acceptable-urls-11: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 03 April 2024 02:20 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-opsawg-mud-acceptable-urls@ietf.org, opsawg-chairs@ietf.org, opsawg@ietf.org, henk.birkholz@ietf.contact, henk.birkholz@sit.fraunhofer.de
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <171211080041.52998.16538712754663513072@ietfa.amsl.com>
Date: Tue, 02 Apr 2024 19:20:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/vUTiASvgh4vAJf4lhq_JrjK7xM8>
Subject: [OPSAWG] Roman Danyliw's No Objection on draft-ietf-opsawg-mud-acceptable-urls-11: (with COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-opsawg-mud-acceptable-urls-11: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-opsawg-mud-acceptable-urls/

----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I am balloting on this document from a GEN area perspective.

** Section 3.1
While there is an argument that old firmware was insecure and should
be replaced, it is often the case that the upgrade process involves
downtime, or can introduce risks due to needed evaluations not having
been completed yet. As an example: moving vehicles (cars, airplanes,
etc.) should not perform upgrades while in motion! It is probably
undesirable to perform any upgrade to an airplane outside the service
facility. A vehicle owner may desire only to perform software
upgrades when they are at their residence. Should there be a
problem, they could make alternate arrangements for transportation.
This contrasts with an alternative situation where the vehicle is
parked at, for instance, a remote cabin, and where an upgrade failure
could cause a much greater inconvenience.

The situation for upgrades of medical devices has even more
considerations involving regulatory compliance.

I’m having trouble understanding the examples provide and the associated
analysis. Editorial recommendation: cut all the text after the first sentence.
Otherwise:

-- What does vehicles, aircraft and medical devices have to do with MUD? Is
there existing and planned penetration of MUD in those markets?

-- Per “While there is an argument that old firmware was insecure and should
be replaced, it is often the case that the upgrade process involves
downtime, or can introduce risks due to needed evaluations not having
been completed yet. As an example, moving vehicles ...”

Where does the suggestion that moving cyber-physical systems should upgrade
their firmware in use come from?

-- What is the basis for the claim that the regulatory compliance of medical
devices is more considerations than say of aircraft?

** Reference

[falsemalware]
"False malware alerts cost organizations $1.27M annually,
report says", 18 January 2020,
<https://www.scmagazine.com/home/security-news/false-
malware-alerts-cost-organizations-1-27m-annually-report-
says/ and http://go.cyphort.com/Ponemon-Report-Page.html>.

Pick a single URL.

[OPSAWG] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker
Re: [OPSAWG] Roman Danyliw's No Objection on draf… Michael Richardson