IETF Logo Mail Archive

Re: [Suit] HR Review: Firmware Update Architecture for IoT Devices

Gurshabad Grover <gurshabad@cis-india.org> Thu, 12 July 2018 05:57 UTC

Return-Path: <gurshabad@cis-india.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A432B130E54; Wed, 11 Jul 2018 22:57:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 972jmA4QmSju; Wed, 11 Jul 2018 22:57:28 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E76E7130E0F; Wed, 11 Jul 2018 22:57:27 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <gurshabad@cis-india.org>) id 1fdUbV-0006s6-QC; Thu, 12 Jul 2018 07:57:26 +0200
To: David Brown <david.brown@linaro.org>, Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>
Cc: "suit@ietf.org" <suit@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, Sandeep Jha <sandeepkjha18@gmail.com>
References: <11993b06-5da6-e397-3457-de6ecec87bb4@cis-india.org> <SN4PR2101MB0816F43DE79B8811CE63FCACA35A0@SN4PR2101MB0816.namprd21.prod.outlook.com> <20180711235039.GA20649@davidb.org>
From: Gurshabad Grover <gurshabad@cis-india.org>
Openpgp: preference=signencrypt
Autocrypt: addr=gurshabad@cis-india.org; keydata= xsFNBFriroIBEADfyDpCD8eborMUMXKtZzjo4t2KzrAlUVYgE/TFtrwUP+4Xw4dzakDIzST8 sVYmlXIWhM5NBBTZSQ190vsxrkbi0xxLcXYM2olZEtqkJ8zONZeZLBeGvcfMymtHqD4jHwYb Zm7OXnS45fWDL+HOoMP/VCwEn098rYfnllIkYQD1Gc28Ig+ywjGg8y5p0qMmmmhm2ckgLjnG MJX8t273MSc8wsn/UYH922yif3MQXmrzqgnRl9hRzf90SKqAw38bw7wccb55pIItloKYsi0r zYBKJSOPXn91Z21TpOSTy21M0MZYEAlDn1zeea+q8TggfHNWxOXoKrIm1pqZFRz0k+8i2siJ AHf8bRm/fhukA6szZ6b2nNPxjkAmOv9zvGu6RZGbmeLvQYVBSSnZ67ayZrkKwn7KIyAV6hQM /bVnD8eEZ2tZ0S8lxoZFYSNeMGt2b6WelFZO97/LbjxaJUHd9K8g5H0MwqN1NXoBxRwllVRC 3sVHVoWTBqnKo8qplzvQEAto69PpvuxxKTOFEJeQqmn1b/fo3sLRb4YiIg8Ax+Np7Huzzjk6 vKKgpIwIN7yEUj/ReWi/UA/W4wSg3XkcqTf7h73crnN/1At0PdgozbDV2UbcApaldStP4DfG UiQl0/7MiYLKapDDuSahmoeH3xrNnrzS9BAfuGHezzDbMyPLXQARAQABzSpHdXJzaGFiYWQg R3JvdmVyIDxndXJzaGFiYWRAY2lzLWluZGlhLm9yZz7CwX0EEwEIACcFAlriroICGyMFCQlm AYAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQrbl/X+ubfC7/bQ//YQv7zqQE433xxsN/ 3GYKoOFccBy3WvV4DxrTskJ3n3k5lfcZolbc8TQksQOTzyerNt2ZA7fsGZa7eFSW+xR4Yq3/ C9o+5FOoHGhyZhb+x17MILhmyvyUNSj7SdKrRISgurMbV2Vv8LxmTcdrK6CdFF6JLH+opzU1 NlRKwZqROPgbYZEB2QFIUbGfgh2I5AXNyV2XbT7fagfkHk+v9AUV7POP2H1+AZ1xq6iFTm2o 9ufNZsp2bInsDohcVBKC3aH2cnFMjvIXpNoUOx8vb5A2xW0aBUTTJDB/uZw53WOg3kehrCNb ZkML3FnDZLRuu1e8DSWmwk5YIoDzt5bMCgfUwb0C6Q+JuM8lC+8CEEa9qamLc+fhvFAzcrWp VWuSaVeLdhe5NxmtlRYNZdGuKy6sRHjwsEWlwzRylhm74fiDR3aA1eIFsfmYLd4z+i1Fp23Y dHJf7/Gor2CmOxphog9DEA9WCuORXfx4De7hoMKwW4gWKw1A8B12Cv4EOkXmCsWsOnfDEarr 2Yl6elxkhQRfKjAesXb0cezRzZgwsWIsbeYsuWFF7Xi6IzUJ27lxU3p5PcyY8O8aDYOn+pu0 YFJ7s3u2VRRgptVZJmkcN3WTApXSHY8fGl5xAakM/bqFJj9uj5zlMnFN2EplC6/mQkfYfy2f siaGTP/GQV4OSuOeuMLOwU0EWuKuggEQAJ4lAzB72gHw4+rbyxmQNNVmvgYVZPjFtO/MQdYi x1QwRP/gxxqPqTd/ZwQvmPGzXRKw10B7uKSRk6YP12+IG0mXJwHGp9q5CWJE0XNGqX3UWbAc KIzxqPNpsf8e6Bv7jdW0YwLBxJ+RW0NNL6uAxz0sr2frbnS+EZB3cU+zOZzp/9YfTUZO2lxF NzgJoErKe/HLp7aBeJXBBcwO0LQlIT80rTZx2KihBa/Ww/y9E9gV/HacJu/Ncb6E/G3e4xGj 9w9L+UW43q01wy+FSUKy9FLc7D40WqQsj8SXZEpl84SyLcJRoX3mtj59bX2SAN2VB2BAksTu qCh00IcIUGfyHziu5PwUWYM96gOhDSocP4wSeiQ8TwLzaffllz2qhdI296a9lCIYIeWVytEd NU9jJ3RbzXAgE0pnDauNXDaQv1FS5jYi8rlslJUxKnrS69BFNjM5RqQ16Cm0C4rKL7/a8wHC r4VjcjSCM8Lzv8YOOitJ9Yt4Y8SVfO5s3YvxcdSr56nX0W3B1kGbG1GpqWTzOgXzGF5bIsbV 7SPecwUs9ShvmLmZzDUxIQ68n4zj3lMZn5I+pP+Ew6nAAiuSmKdr5cygnCH/NVJzil07t+X4 uR6oKHBhuMFYF1c6Wxk36m+EZz5ZHFaT4rN0WDIJdAEqRzD0Z56V6ansDF8y+ksh0SHlABEB AAHCwWUEGAEIAA8FAlriroICGwwFCQlmAYAACgkQrbl/X+ubfC50rhAAloTaq/fZC1gtiVtU wOB+00gEkjgmzt+rLkW+l2EySTST7tje57W83UZwzCX746B2O//Bqardxz9R1Vr0VFiwHA8g 3qeBqPqiv1WoQch/iZ5d/1MxK4A9xDag1uyqLR8RuGlZ8lATmcP3IabKiuiBV4MlFZ7V2Ib6 5ToPf28xxSyjMzTjQObIG0e009uHlu2z+iQVshLyoyVVAOWWa88D6iuBDC/EtBRjlpjLAjuR YhWVYX6KHdVUijKMHN2RqjpX5O2wPL7NcMY/wsTq7EteUeI75hxFvargRXkEt1XR8t52LC0u IE2OjpzY5re/ROUbfsqL8trjAOrSJ+Fx5H8AYl9JaoVxohhxDZgNtgNtPbh/8Nnlf9daj/bh lZcTBO98XLQwMnyHGPdyhIodpWPq2C09Ys3TkQsbcdMMB1pqnEK5Vz1zIKkEEX7QVsLdrz7C 2CFsauc/9PHj+4njCHslXtzBOiVu5FXTnbCwPrLJs5iEUkUCb6qtE/2mSCTrAanzOTTOmqiM cnNTI1Tj0ht462S9VypppQnKCv8shGxXG7BadZTv+pNCA/WfB2kk1sS3ZwB0wBWX4p41fxs+ ArM9ew2SzQ/vBrEfO7ljPfZZmBqH4t/vgAZBnOtTxCGlPEIJqiMqtGHRqIqpiR20QfxEUuXI MfMfa9QJpisdNmqoUyc=
Message-ID: <e078a799-54e1-afe2-23ca-70663d2a3bcd@cis-india.org>
Date: Thu, 12 Jul 2018 11:27:23 +0530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <20180711235039.GA20649@davidb.org>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="5kIwHbsoyG4SPmgE7x8ftcOPUeVL2Za39"
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: 9484ae446d4f83cee8bf28db5146d16c
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/XGdyyBb7ZEoZRxNi-sfFd8P4Krs>
Subject: Re: [Suit] HR Review: Firmware Update Architecture for IoT Devices
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2018 05:57:32 -0000

Hi,

Thank you both for your responses and the examples. In light of those,
my thoughts on the encryption recommendation are given below. Also some
comments in-line.

Overall, I think the requirement level of encryption of firmware image
is not sufficiently clear in the drafts. The ambiguity makes it seem
like it is truly OPTIONAL, i.e. it expresses no preference for
encryption. In my opinion, there is a privacy and security advantage in
encrypting the firmware image. Accordingly, the drafts should use the
word "SHOULD" or "RECOMMENDED" for it, which would imply that "there may
exist valid reasons in particular circumstances to ignore [it], but the
full implications must be understood and carefully weighed before
choosing a different course." [RFC2119]

An alternative may be to demarcate the requirement level based on
whether the target device supports decryption. But, my suspicion is that
this may lead to tricky grounds elsewhere.

On Thursday 12 July 2018 03:37 AM, Dave Thaler wrote:
> I believe the argument for it not being mandatory is that many IoT devices are not associated with
> humans.  For example, factory devices are owned by the factory not a human.   Can you elaborate
> on what the concern is for such devices that would warrant mandatory encryption?   Your comment
> seems focused on devices associated with humans, and so I cannot tell whether your comment
> applies more generally to all use cases that are in scope for the drafts.
Thanks, Dave. I completely agree with you in that the privacy concern is
more pertinent for devices directly associated with humans (which I
understand are also in the scope of the drafts). The concern is less
pressing for devices in (say) a factory, where only the security concern
may be applicable, i.e. unintentional exposure of device information
(including version) to observers and eavesdroppersmay increase the
facility's susceptibility to attacks.

On Thursday 12 July 2018 05:20 AM, David Brown wrote:
> In addition, the range of devices covered by these drafts include
> those with insufficient capabilities to support encryption.
Thanks, David. I agree.Hope the clarification suffices. I'm thinking
about the other questions you posed, and will try to get back soon.

Gurshabad

v2.23.0 | Report a Bug | By Email