Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
Natasha Rooney <nrooney@gsma.com> Mon, 07 November 2016 10:42 UTC
Return-Path: <nrooney@gsma.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B640A129B38 for <saag@ietfa.amsl.com>; Mon, 7 Nov 2016 02:42:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gsmasso.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V-HOomZSYUYJ for <saag@ietfa.amsl.com>; Mon, 7 Nov 2016 02:41:57 -0800 (PST)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0041.outbound.protection.outlook.com [104.47.1.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35C06129B3B for <saag@ietf.org>; Mon, 7 Nov 2016 02:41:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=GSMASSO.onmicrosoft.com; s=selector1-gsma-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QQRYdsqwwg5f7/wXW9jPH/wdIXd1po6H3WUAcjuqnbc=; b=o9KeXphaA6y+6FNIgQHIY4y6hbY/FlgbXxejyED9byfqOTCO0GnGeDkKML56gxh75YfAPZJIKJGrIbqbr8J/UNEjwVEFl4LbxQHEG+9qQ/7uxwpQnIloRjPdag0roB+B8DDmf16eZ10E2fHMgqh/J88TnpS59g5h20x4AL7sg/Q=
Received: from VI1PR0401MB2064.eurprd04.prod.outlook.com (10.166.141.138) by VI1PR0401MB2061.eurprd04.prod.outlook.com (10.166.141.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.707.6; Mon, 7 Nov 2016 10:41:52 +0000
Received: from VI1PR0401MB2064.eurprd04.prod.outlook.com ([10.166.141.138]) by VI1PR0401MB2064.eurprd04.prod.outlook.com ([10.166.141.138]) with mapi id 15.01.0707.006; Mon, 7 Nov 2016 10:41:52 +0000
From: Natasha Rooney <nrooney@gsma.com>
To: Keith Moore <moore@network-heretics.com>
Thread-Topic: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
Thread-Index: AQHSNwOd418Z+/nxoUCvigY2dlEx6aDNWRAA
Date: Mon, 07 Nov 2016 10:41:52 +0000
Message-ID: <ED86D1E0-37C2-40C4-81E2-381639CD0B8D@gsma.com>
References: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com>
In-Reply-To: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3251)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nrooney@gsma.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [51.6.68.18]
x-ms-office365-filtering-correlation-id: 400aa862-6894-49c6-bf12-08d406faaf76
x-microsoft-exchange-diagnostics: 1; VI1PR0401MB2061; 7:+BZobyZapUColuLkmd1O2o7vEWCh22vdvC/kcRYFjte0hPSOY/YChZi2vvlxKhh/zLTvWioK/ZCzL2IEHzin+g31gFs0jLdIKNQMwxUEAB/IPk3My5gNLNZF6iufT2xvofYlujXCNahB8zSMcMV0a5cmbNg0YsQFZI/mfxfvwyMVL2nmoqMf8EwukkeZw3ECZ3y/rAwdnKdHsPN2MOsoXIxMV35sOlSQS9flDtvlTOYs530/fdb2TNGzh1spAOsmiTI18QYjXk800xKxKArpMicxgGo5vSWJRpexUZIeuKfQ+kJmeIU/bQbk0iVJ9zf9rZRo2MJECT/QC8IEhFZ9hduGt6INT7zGdAIayWGCtUg=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR0401MB2061;
x-microsoft-antispam-prvs: <VI1PR0401MB2061BAF7893DE86ED0B4CEE9C3A70@VI1PR0401MB2061.eurprd04.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(278428928389397)(120809045254105)(192374486261705)(160794256991155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6045074)(6060229)(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6061226)(6046074); SRVR:VI1PR0401MB2061; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0401MB2061;
x-forefront-prvs: 0119DC3B5E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(189002)(24454002)(199003)(50986999)(101416001)(83716003)(7846002)(81166006)(81156014)(8676002)(6916009)(122556002)(36756003)(76176999)(66066001)(92566002)(16236675004)(86362001)(33656002)(8936002)(10400500002)(5002640100001)(106356001)(106116001)(105586002)(110136003)(3280700002)(4326007)(11100500001)(2906002)(189998001)(230783001)(2900100001)(97736004)(50226002)(5660300001)(3660700001)(82746002)(19617315012)(5890100001)(57306001)(15975445007)(77096005)(586003)(2950100002)(6116002)(102836003)(3846002)(7906003)(87936001)(68736007)(19580405001)(7736002)(19580395003)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0401MB2061; H:VI1PR0401MB2064.eurprd04.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: gsma.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_ED86D1E037C240C481E2381639CD0B8Dgsmacom_"
MIME-Version: 1.0
X-OriginatorOrg: gsma.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Nov 2016 10:41:52.0407 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72a4ff82-fec3-469d-aafb-ac8276216699
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0401MB2061
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 04
X-MS-Exchange-CrossPremises-AuthSource: VI1PR0401MB2064.eurprd04.prod.outlook.com
X-MS-Exchange-CrossPremises-SCL: 1
X-MS-Exchange-CrossPremises-messagesource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-originalclientipaddress: 51.6.68.18
X-MS-Exchange-CrossPremises-avstamp-service: 1.0
X-MS-Exchange-CrossPremises-disclaimer-hash: 78ca8040c6722e32c2f5b0a45bf37e74b9409d645a53be96aa19958e0cee0f00
X-MS-Exchange-CrossPremises-antispam-scancontext: DIR:Originating; SFV:NSPM; SKIP:0;
X-MS-Exchange-CrossPremises-processed-by-journaling: Journal Agent
X-OrganizationHeadersPreserved: VI1PR0401MB2061.eurprd04.prod.outlook.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/obRtVlLJYUlAEbTEiT8buggu05o>
Cc: saag <saag@ietf.org>
Subject: Re: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 10:42:01 -0000
Hi Keith, The Connected Living team here at GSMA recently published the IOT Security Guidelines (including a self-assessment scheme) for the same purpose as your draft but with a wider focus (mobile operator networks, service providers and applications). The guidelines may provide some input to the draft. http://www.gsma.com/connectedliving/future-iot-networks/iot-security-guidelines/ Thanks! Natasha On 5 Nov 2016, at 01:25, Keith Moore <moore@network-heretics.com<mailto:moore@network-heretics.com>> wrote: Stephen Farrell suggested I bring this draft to your attention. This was a rush job as the authors just started talking about this last Friday, but it was written in response to recent DDoS attacks that utilized easily-compromised IoT devices. I'm sure there are missing pieces (I've identified a few since -00) and sections that could be stated better (like the title of section 2.3.2), but hopefully this is a useful start. https://datatracker.ietf.org/doc/draft-moore-iot-security-bcp/ Keith _______________________________________________ saag mailing list saag@ietf.org https://www.ietf.org/mailman/listinfo/saag This email and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must take no action based on them, nor must you copy or show them to anyone; please reply to this email or call +44 207 356 0600 and highlight the error.
- [saag] draft-moore-iot-bcp-00 (Best Current Pract… Keith Moore
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Natasha Rooney
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Natasha Rooney
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ira McDonald
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ronald del Rosario
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Loganaden Velvindron
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ari Keränen
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Watson Ladd
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Garcia Morchon O, Oscar
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Adam Montville
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Michael Richardson
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Garcia Morchon O, Oscar
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ben Laurie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Ben Laurie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Adrian Hope-Bailie
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Eliot Lear
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Jeffrey Walton
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Jeffrey Walton
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Hannes Tschofenig
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Carsten Bormann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… Peter Gutmann
- Re: [saag] draft-moore-iot-bcp-00 (Best Current P… kathleen.moriarty.ietf