IETF Logo Mail Archive

Re: [Suit] draft-ietf-suit-architecture-01

Denis <denis.ietf@free.fr> Wed, 04 July 2018 08:18 UTC

Return-Path: <denis.ietf@free.fr>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B849130EB1 for <suit@ietfa.amsl.com>; Wed, 4 Jul 2018 01:18:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.587
X-Spam-Level:
X-Spam-Status: No, score=-2.587 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GNlckT7LLaRk for <suit@ietfa.amsl.com>; Wed, 4 Jul 2018 01:18:38 -0700 (PDT)
Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [IPv6:2a01:e0c:1:1599::15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F2FF130E2F for <suit@ietf.org>; Wed, 4 Jul 2018 01:18:38 -0700 (PDT)
Received: from [192.168.0.13] (unknown [88.182.125.39]) by smtp6-g21.free.fr (Postfix) with ESMTP id 1BF2078031A; Wed, 4 Jul 2018 10:18:36 +0200 (CEST)
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "suit@ietf.org" <suit@ietf.org>
References: <VI1PR0801MB2112A08944328EE625D4DE5CFA430@VI1PR0801MB2112.eurprd08.prod.outlook.com> <ec04d5da-0b76-f4d7-c548-e69579530856@free.fr> <VI1PR0801MB21127B3F43736CA592FD52B5FA420@VI1PR0801MB2112.eurprd08.prod.outlook.com>
From: Denis <denis.ietf@free.fr>
Message-ID: <fb5f56bb-9779-2ac6-8211-58947c7e0ae4@free.fr>
Date: Wed, 04 Jul 2018 10:18:36 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <VI1PR0801MB21127B3F43736CA592FD52B5FA420@VI1PR0801MB2112.eurprd08.prod.outlook.com>
Content-Type: multipart/alternative; boundary="------------11A70F2A6E0906D0581F8B26"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/NWC0k01sULOiVbsA3_Z5jjVVzUk>
Subject: Re: [Suit] draft-ietf-suit-architecture-01
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 08:18:53 -0000

Hannes,

In the security considerations section, it would be worthwhile to 
indicate that the threats are addressed in details
in section 3.2 (Threat Descriptions) from [I-D.ietf-suit-information-model].

Denis

> Hi Denis,
>
> I think the risk of installing an old firmware version is covered in 
> the information model document, which goes into the details of what a 
> manifest has to contain. See Section 3.2.1 of 
> https://tools.ietf.org/html/draft-ietf-suit-information-model-01
>
> There are essentially three types of documents the working group is 
> aiming to produce: an architecture document, the information model for 
> the manifest and one or multiple serialization formats. You have been 
> looking at the architecture but the appropriate document to read is 
> the information model spec.
>
> Ciao
>
> Hannes
>
> *From:*Suit [mailto:suit-bounces@ietf.org] *On Behalf Of *Denis
> *Sent:* 03 July 2018 11:59
> *To:* suit@ietf.org
> *Subject:* Re: [Suit] draft-ietf-suit-architecture-01
>
> Hannes,
>
> It is well known that software updates are often done to address a 
> security issue. The same applies
> to firmware updates. The current draft is lacking to address 
> protections against the downloading of
> an old firmware version. The threat should be mentioned in the 
> security considerations section.
>
> The main body of the document should mention mechanisms to prevent the 
> replay of an old version
> of the firmware.
>
> Denis
>
>     Hi all,
>
>     I have just submitted version -01 of the architecture document. I
>     have incorporate feedback from the working group, such as
>
>     ·New terminology,
>
>     ·Updates on the operating modes
>
>     ·New architecture figures,
>
>     ·New use cases (by David Brown)
>
>     Here is the new version:
>
>     https://tools.ietf.org/html/draft-ietf-suit-architecture-01
>
>     Here is the diff:
>
>     https://tools.ietf.org/rfcdiff?url2=draft-ietf-suit-architecture-01.txt
>
>     Feedback is appreciated.
>
>     Ciao
>
>     Hannes
>
>     IMPORTANT NOTICE: The contents of this email and any attachments
>     are confidential and may also be privileged. If you are not the
>     intended recipient, please notify the sender immediately and do
>     not disclose the contents to any other person, use it for any
>     purpose, or store or copy the information in any medium. Thank you.
>
>
>     _______________________________________________
>
>     Suit mailing list
>
>     Suit@ietf.org <mailto:Suit@ietf.org>
>
>     https://www.ietf.org/mailman/listinfo/suit
>
> IMPORTANT NOTICE: The contents of this email and any attachments are 
> confidential and may also be privileged. If you are not the intended 
> recipient, please notify the sender immediately and do not disclose 
> the contents to any other person, use it for any purpose, or store or 
> copy the information in any medium. Thank you.

v2.43.4 | Report a Bug | By Email | System Status