Re: [Suit] Firmware Update Paper

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Sun, 01 December 2019 10:01 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F1E31200FB for <suit@ietfa.amsl.com>; Sun, 1 Dec 2019 02:01:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=ckbwslJt; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=gWMdIFri
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pNDmRc51lJeO for <suit@ietfa.amsl.com>; Sun, 1 Dec 2019 02:01:30 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70072.outbound.protection.outlook.com [40.107.7.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F3FF120019 for <suit@ietf.org>; Sun, 1 Dec 2019 02:01:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2TgmSp28J1Sa6D2uTpsPYkPHtB82ZprC1+45B6Y4jzk=; b=ckbwslJtIpR0B3yZSexPg+jVvVTXEcWXhlp9IV1NnmYHItl3zb4qhDikaP6HKvvJREYHUsmxYE80V7i+llsuk7/rxf0Xg11+VaDjJjsAmwvYQTlQIvwKuVwyKP3E3GYpL2+g/nL53Rsdubv48KApDdwOkvkV9t0GJ61zeqUiAA0=
Received: from DB6PR0801CA0060.eurprd08.prod.outlook.com (2603:10a6:4:2b::28) by VI1PR08MB3647.eurprd08.prod.outlook.com (2603:10a6:803:85::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18; Sun, 1 Dec 2019 10:01:26 +0000
Received: from DB5EUR03FT009.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::208) by DB6PR0801CA0060.outlook.office365.com (2603:10a6:4:2b::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.20 via Frontend Transport; Sun, 1 Dec 2019 10:01:26 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT009.mail.protection.outlook.com (10.152.20.117) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18 via Frontend Transport; Sun, 1 Dec 2019 10:01:26 +0000
Received: ("Tessian outbound 691822eda51f:v37"); Sun, 01 Dec 2019 10:01:25 +0000
X-CR-MTA-TID: 64aa7808
Received: from fe2206460479.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 24E50E90-99B5-4B1D-9FFC-75F3771380A6.1; Sun, 01 Dec 2019 10:01:20 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id fe2206460479.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Sun, 01 Dec 2019 10:01:20 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nK34HcGHkW/NXpHK2WQ3y/+ZVvzovvYuh4oqPuoMxN9MHnw4ehGklHsXwbwzCr6rSH2s94ywyJoGzBxiVsQmGT/hyDP/2Ian6fMH/JRrmlbSOrLvo0eS4Zrgc86MuXqgAVrAT3ZTq+1KuFt2ytU+jpR+3Or57KXVUwSrgcHzVQUQWuCIa9JhjfxMnmSTqbSo8CG8we6U8HubbdYdOQ8hr9yadKrksefxBgSpf0OOFBUgKox2BT4ziTCmdyGYdJG63NHtiRJpwknt9Hv2lgPL4gkbxzXop5Kdc6rkF6iV0GnCPoU7q8TVX8rKOrWZp2buNHMqaNGaA3jwo2xDFz8j9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=T5hgz0v21nrewqdftfgUD8zXKuLMyv0R6E20CeDNOjc=; b=ATIPPabDKFNOTbV/N40PwsjzYdOQ7c6j2ouoAJoaWCJbBlJ70z6K4EEk9dg7sge7CGmuwZ2N9Dc0jBZmqu8E0l2R0qdQ3KfJa+VwKok3RJoiRN2bW0vqUI+y59fL6IsjmfRrm6O9f2mV58agqFNm7JEg7gLmhTrzrWkw4SaIg2gbfRpXwXuR173GyxAkYVTp/QdmCJZipottI52ygJFOCulzZ/p3+w9VNoC7c7LwZMZz4HtXd0vlD4gNcSArj6oCeviGUUigo2pcEon/uC6SsPc4Rec5p5I6xTeHbJy5hHtEPmAFxi6CkywEMvZabOMPy6z7u9BDRkXTz3QCrkF3rQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=T5hgz0v21nrewqdftfgUD8zXKuLMyv0R6E20CeDNOjc=; b=gWMdIFrimSvoqcVVyRmUb4OwhOmgxSqgZBcbRdApbkftOqike9W0fzYRup8X6F7rAVZwFV9XnS//TV5HK/lBn21mHB6ZT/pTE4I1RAyqrqiStTv3tzaXMZRJDU0VvtSVPDqaBoepaBTN2kLZiAdBwPe6DVC2kjAQpFDIRytiEHE=
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com (52.133.245.74) by VI1PR08MB2925.eurprd08.prod.outlook.com (10.170.236.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.22; Sun, 1 Dec 2019 10:01:18 +0000
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::4044:55a8:a969:fd1d]) by VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::4044:55a8:a969:fd1d%7]) with mapi id 15.20.2495.014; Sun, 1 Dec 2019 10:01:18 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: David Brown <david.brown@linaro.org>, Emmanuel Baccelli <Emmanuel.Baccelli@inria.fr>
CC: "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Suit] Firmware Update Paper
Thread-Index: AdVCMRfQE3vhkyfhQmmfI5GkmMK4PBjMU3yAAFIRTAAADk90gABShczg
Date: Sun, 01 Dec 2019 10:01:18 +0000
Message-ID: <VI1PR08MB536002865BDF0A83A3304B5EFA400@VI1PR08MB5360.eurprd08.prod.outlook.com>
References: <VI1PR08MB53600B1D1A194F49B67B90DFFAC60@VI1PR08MB5360.eurprd08.prod.outlook.com> <20191127203651.GA117656@davidb.org> <CANK0pbaWkn7w2swRgkOqsTubE1os=rDo2BLjrTZ5eW6ePv3WnA@mail.gmail.com> <20191129183627.GA16289@davidb.org>
In-Reply-To: <20191129183627.GA16289@davidb.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: edd5909d-0199-42c3-9add-9c7f066c366b.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.119.90]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: a746a323-f984-4eb4-6927-08d776456dcd
X-MS-TrafficTypeDiagnostic: VI1PR08MB2925:|VI1PR08MB3647:
X-Microsoft-Antispam-PRVS: <VI1PR08MB36477C70D95A8BFA7C9E6048FA400@VI1PR08MB3647.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0238AEEDB0
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(39860400002)(366004)(396003)(346002)(13464003)(199004)(189003)(5660300002)(3846002)(64756008)(52536014)(76116006)(26005)(66476007)(8936002)(7736002)(305945005)(14454004)(478600001)(81166006)(81156014)(66556008)(66446008)(8676002)(229853002)(6246003)(86362001)(966005)(102836004)(186003)(9686003)(6306002)(55016002)(446003)(11346002)(6436002)(66066001)(25786009)(4326008)(71190400001)(71200400001)(33656002)(74316002)(66946007)(76176011)(7696005)(6506007)(110136005)(53546011)(316002)(15650500001)(2906002)(6116002)(256004)(99286004)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB2925; H:VI1PR08MB5360.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: byNfnC3CNLruncaAT7VznOWLz7yRMC6lKZLLdz8pZ+Zx8EuGrcVjSebShL4S5LGM7j2/nt0e8ahq0A7iYC+tXbfDjdr0Z6DJgnN2S+RtIF2Hm7Op0iBreNXxodIrgmXpA1BIDe7GGiM1NS7W/xq0ZTYpNzFzXV1hfVLMyaBZ2Ma0QMBpln45D/ZmyBjFAthe0dSKGT0aT2XyqNSaw2q9XR2KfOcfcsfxoBaCGONwCRiAXBkXIfUEzC483gfYFLXZ/o479MePtLSHvtK7buB0PF/SoWSWF8r+HrZYbBuBOUQKxv5pdwkaEo86HcAKnx91KlGRqpyWIcCTrzc+I9fY/91H4UscnXqow6XPnrEKK8gVNkofc+vFYnbo/4SSfqRTqiVlAlqtF2niyOx5oazPQ3VbjMxh7i8G7lBE7nTGnP41HygFqVo8KwKqRsUGMIgBNjZRPlVjk2nQo89sUrMSe3hueTZ87uJO3IxetXjYwU0=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB2925
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT009.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(39850400004)(376002)(396003)(346002)(40434004)(189003)(13464003)(199004)(6116002)(8936002)(55016002)(23726003)(3846002)(22756006)(6306002)(52536014)(9686003)(2906002)(76130400001)(15650500001)(25786009)(966005)(66066001)(33656002)(14454004)(4326008)(47776003)(70586007)(70206006)(6246003)(5660300002)(26826003)(478600001)(99286004)(46406003)(11346002)(8746002)(50466002)(81156014)(26005)(81166006)(6506007)(356004)(102836004)(186003)(305945005)(53546011)(229853002)(336012)(97756001)(76176011)(7696005)(7736002)(74316002)(8676002)(106002)(86362001)(316002)(110136005)(5024004)(14444005)(446003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3647; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 18414b19-8087-4fb2-9733-08d776456951
X-Forefront-PRVS: 0238AEEDB0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 2M6Xpwg4reDhW5xy7pEFgIYSUQ36vuPVtG03cZnbm+LsLaX3mif6HJyWQbi8FnWByDim9INkwin059Q4I/3sG5okQV3v1Kj6MHyrD+BoNHlJdb8TsAmcvDdSYOhkYundW2+iwg1BbJ4yeCRbxoK+tfYBhXB4TeK+6fZnWu42j0ncgUPI+yScNa/Ob7UR3I6NlKdSLRNnkkaH2brxoHUtKzT1oxPTG2rEwMYirek+FSQk2L2PI5cP3s9suKJXKGSwSQ8RZIr1NpQ72phlJATcpbYDRPy91jKhVicoED4qoV8cAkRJKI4o7Z+iCZfRJZksaAXsCpEJH9LNughSpg5LTmPfrnZALlUmg7G0p+VnvMvtNhqUxFeDCo24F560to+YP+WykVi5LdSb77uUPRIGjHs8gOP3pkJJfSuyfkhajm0QaMGAoSHbY7fD0m8eXgtt5r8Uh9nVRZt9xaT+UG79F45kvQ6v/Hd4CDuY8q/7fLk=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Dec 2019 10:01:26.2713 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a746a323-f984-4eb4-6927-08d776456dcd
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3647
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/R_vxymL-MIET1zns74PME_MqtBI>
Subject: Re: [Suit] Firmware Update Paper
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Dec 2019 10:01:34 -0000

Hi David,

This is good feedback and we will  have to take that into account when we work on the new version of the manifest generator/parser.
The code Emmanuel referenced still implements the old version of the manifest format and this year we switched to a new format, which will need to be implemented / is implemented right now.

Ciao
Hannes

-----Original Message-----
From: Suit <suit-bounces@ietf.org> On Behalf Of David Brown
Sent: Friday, November 29, 2019 7:36 PM
To: Emmanuel Baccelli <Emmanuel.Baccelli@inria.fr>
Cc: suit@ietf.org
Subject: Re: [Suit] Firmware Update Paper

On Fri, Nov 29, 2019 at 12:46:42PM +0100, Emmanuel Baccelli wrote:

> The open source implementation stemming from our paper [1] is embedded
> into the RIOT operating system, which is indeed licensed with LGPL.
> The implementation is compliant with draft-ietf-suit-manifest-00 and
> has recently been merged into the main branch of RIOT, see [2].
> Reuse and further contributions to this code base are welcome!
>
> Relicensing this code is not planned as far as I know (@ code co-authors:
> please correct me if I'm wrong).

This is fine.  The authors of the code are free to license the code however they wish.  I just want to make sure it is clear that this code is not useful as a general example, and if the SUIT wishes to have reference code, it will need to be licensed differently.

> Related: we know of several companies, big and small, which use RIOT
> in their IoT products (and thus use software including -- but not
> limited to -- LGPL
> code) and they are quite happy with it.

I'm sure there are a few companies that are willing to use LGPL licensed embedded code, but their existence doesn't negate that there are large numbers of users who will be unable to use (or even look at) this code.

One example is that both Zephyr and MCUboot are licensed under the Apache 2.0 license.  Most parties feel that the Apache 2.0 and the LGPL 2 license are incompatible, and this code cannot be linked together into a single product.  Since I'd like to include SUIT support into MCUboot, this means I'll have to be doing an implementation from scratch.

It's not my place to argue about the licensing of RIOT, but I would like to see reference code for SUIT that can be used as widley as possible, and the licensing of this particular code prevents it from being used for that.

David

_______________________________________________
Suit mailing list
Suit@ietf.org
https://www.ietf.org/mailman/listinfo/suit
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.