Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
kathleen.moriarty.ietf@gmail.com Sat, 12 November 2016 12:28 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF302129A41 for <saag@ietfa.amsl.com>; Sat, 12 Nov 2016 04:28:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CAFNgInO9iqB for <saag@ietfa.amsl.com>; Sat, 12 Nov 2016 04:28:09 -0800 (PST)
Received: from mail-pf0-x22f.google.com (mail-pf0-x22f.google.com [IPv6:2607:f8b0:400e:c00::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 123D9129551 for <saag@ietf.org>; Sat, 12 Nov 2016 04:28:09 -0800 (PST)
Received: by mail-pf0-x22f.google.com with SMTP id i88so18294713pfk.2 for <saag@ietf.org>; Sat, 12 Nov 2016 04:28:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kDOuhtEeYfK6/I3nU6EB58upU9oUGs2yuQ9rEhiVpqs=; b=UEEgfU++43gQYcxl2lFF4AiHcHfWQIVm1RlSne48i1VAhJxh1pklFSL6ZScf6c/kNZ p3bu0Ku5OEddt51H0/BrLZ/w238+vS2g04UmAov6stxMKVpk/9aBb6+yYMlR0UjxfrCt nnDimFtqHDFVxir8x1IWcSFzSUJzhK3T7J3ORgW6aN96zYav3gBtz5t6/DzmmUoUB4Fc 7QH+ddlj5U1CuQo9LxaXBtakTeucfED6ttksfUKGJRLdNi7oq2x/3+ijux5rJl/MJjD1 Zh0XolgfylGegb0mUKUGT/jR2LJjQTNZOPf9shnBsRB8YEOcu6HEvcOpqQIN4PPan8EU otgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kDOuhtEeYfK6/I3nU6EB58upU9oUGs2yuQ9rEhiVpqs=; b=SpFasw7ffld/NtH1GftCPvq1X2z3uB8MAzyt422MR8C/iAZnLfH/5Ou1XMa3l3I62s V6hp/1IsZQktUSyboRRsHsY4/ULFGlmsJmwJl8AwmCdGOOput2Xi2oMH48dahmP6WsT6 cvjG/lk8yOQgLfJdEYTqXRdaAiYT960f4OaS1OHsPS4OAFP49Ujxhm7QtE5EdcPtaTml uzaqj9xisSKnvt3JW3bvBNp8mBMeMagLxkQxMQSliMbh5GLskfAcJDPiwu6Jyh2JudOr h+swXXS7qjJoTkCiULm4PhuhBw0l7m2ZPtjCCGcC7i1Bu3ZczK+oNqot04hxzA83dZUV OJhg==
X-Gm-Message-State: ABUngvcF3YmAaDTMB/Ohow0Sa58OESLciIdGFY1WSe6lYwgSL0bHyxfFQKEEYFCmO+aPzw==
X-Received: by 10.98.15.206 with SMTP id 75mr16852750pfp.105.1478953688681; Sat, 12 Nov 2016 04:28:08 -0800 (PST)
Received: from ?IPv6:2001:67c:370:144:f856:7ad5:9772:f033? ([2001:67c:370:144:f856:7ad5:9772:f033]) by smtp.gmail.com with ESMTPSA id sh9sm22216697pac.41.2016.11.12.04.28.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 12 Nov 2016 04:28:07 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-8DF5C547-10D2-434A-A0E0-58A0167DDDA1"
Mime-Version: 1.0 (1.0)
From: kathleen.moriarty.ietf@gmail.com
X-Mailer: iPhone Mail (14B100)
In-Reply-To: <013c0c1d5ba948b28702bb01449196ac@HE1PR9003MB0234.MGDPHG.emi.philips.com>
Date: Sat, 12 Nov 2016 21:27:59 +0900
Content-Transfer-Encoding: 7bit
Message-Id: <08D37FA2-F2DE-4BC7-918C-1F96071FCEF9@gmail.com>
References: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com> <ff6dae39-a277-ea87-9b1a-643400c8742b@ericsson.com> <68453f17719b45a3afe0ee8607acd420@HE1PR9003MB0234.MGDPHG.emi.philips.com> <CACknUNUKKa=W5YxHzw0HKPMfiA2DjvMfC5iViHUXUQ=guJQ5qw@mail.gmail.com> <013c0c1d5ba948b28702bb01449196ac@HE1PR9003MB0234.MGDPHG.emi.philips.com>
To: "Garcia Morchon O, Oscar" <oscar.garcia@philips.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/MI45FDS4rNZiHoQEtFTtWSeH6ak>
Cc: Mohit Sethi <mohit.m.sethi@ericsson.com>, "saag@ietf.org" <saag@ietf.org>, "Kumar, Sandeep" <sandeep.kumar@philips.com>, Keith Moore <moore@network-heretics.com>
Subject: Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2016 12:28:11 -0000
Hi, We will also have a presentation providing a read out from the IoT software update workshop (IoTSU). The presentation is linked from the agenda for SAAG. https://datatracker.ietf.org/meeting/97/agenda/saag/ This does not provide what you are looking for though. Thank you, Kathleen Please excuse typos, sent from handheld device > On Nov 9, 2016, at 5:09 AM, Garcia Morchon O, Oscar <oscar.garcia@philips.com> wrote: > > Hi Adam, > > we will be discussing next steps for the T2TRG draft in the T2TRG meeting. > > Regards, Oscar. > > From: Adam Montville [mailto:adam.w.montville@gmail.com] > Sent: Tuesday, November 08, 2016 11:24 AM > To: Garcia Morchon O, Oscar; Ari Keränen; Keith Moore; saag@ietf.org > Subject: Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices) > > Would it be worthwhile to add this to the saag agenda, or is there otherwise some session for discussing the plethora of IoT security related material? > > On Tue, Nov 8, 2016 at 10:04 AM Garcia Morchon O, Oscar <oscar.garcia@philips.com> wrote: > Hi Ari, Keith, > > indeed, the purpose is similar of the draft in the T2TRG is similar. It is clear is that having a document in which we describe which aspects should be considered is very relevant. > > We are in the process of further updating our draft -- comments are welcome. > > Regards, Oscar. > > -----Original Message----- > From: saag [mailto:saag-bounces@ietf.org] On Behalf Of Ari Keränen > Sent: Tuesday, November 08, 2016 9:44 AM > To: Keith Moore; saag@ietf.org > Subject: Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices) > > Hi, > > Also at the Thing-to-Thing Research Group we have a draft about security considerations for IoT: > https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons > > > Cheers, > Ari > > On 05/11/16 03:25, Keith Moore wrote: > > Stephen Farrell suggested I bring this draft to your attention. This was > > a rush job as the authors just started talking about this last Friday, > > but it was written in response to recent DDoS attacks that utilized > > easily-compromised IoT devices. I'm sure there are missing pieces > > (I've identified a few since -00) and sections that could be stated > > better (like the title of section 2.3.2), but hopefully this is a useful > > start. > > > > https://datatracker.ietf.org/doc/draft-moore-iot-security-bcp/ > > > > Keith > > > > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > ________________________________ > The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag
- [saag] draft-moore-iot-bcp-00 (Best Current Pract… Keith Moore
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Natasha Rooney
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Natasha Rooney
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ira McDonald
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ronald del Rosario
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Loganaden Velvindron
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ari Keränen
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Watson Ladd
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Garcia Morchon O, Oscar
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Adam Montville
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Michael Richardson
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Garcia Morchon O, Oscar
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ben Laurie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ben Laurie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Adrian Hope-Bailie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Eliot Lear
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Jeffrey Walton
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Jeffrey Walton
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Carsten Bormann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… kathleen.moriarty.ietf