IETF Logo Mail Archive

[T2TRG] Fwd: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)

Ari Keränen <ari.keranen@ericsson.com> Tue, 08 November 2016 14:51 UTC

Return-Path: <ari.keranen@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9ABA0129869 for <t2trg@ietfa.amsl.com>; Tue, 8 Nov 2016 06:51:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f1hWEtDsYjpz for <t2trg@ietfa.amsl.com>; Tue, 8 Nov 2016 06:51:41 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F26EA1295F2 for <T2TRG@irtf.org>; Tue, 8 Nov 2016 06:51:40 -0800 (PST)
X-AuditID: c1b4fb25-bf4b398000005623-ac-5821e67ba0c1
Received: from ESESSHC005.ericsson.se (Unknown_Domain [153.88.183.33]) by (Symantec Mail Security) with SMTP id FC.F5.22051.B76E1285; Tue, 8 Nov 2016 15:51:39 +0100 (CET)
Received: from m46.nomadiclab.com (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.35) with Microsoft SMTP Server id 14.3.319.2; Tue, 8 Nov 2016 15:50:47 +0100
References: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com>
To: "T2TRG@irtf.org" <T2TRG@irtf.org>
From: Ari Keränen <ari.keranen@ericsson.com>
X-Forwarded-Message-Id: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com>
Message-ID: <9fb38a4d-84e6-2ebe-ee9a-3e791307dc4e@ericsson.com>
Date: Tue, 08 Nov 2016 16:50:47 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <63ae04d9-9a31-498c-3333-2801a72338f0@network-heretics.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrJLMWRmVeSWpSXmKPExsUyM2K7om71M8UIg/kHJSzeP+hhcWD0mLzx MFsAYxSXTUpqTmZZapG+XQJXxux329gL+jkqvr3ka2C8xtbFyMkhIWAi8ffVASCbi0NIYB2j xIwfa1khnLWMEvsedoJVCQuUSEzevpoVxBYScJd4+PsQC4gtIqAq0TxlA1icTcBW4nf7HiaI qcESKzv+gsV5BewlJpx/A1bPIqAicWv9TWYQW1QgTWLlo19MEDWCEidnPgGq4eDgFPCQOPXK CCTMLGAhMXP+eUYIW15i+9s5zBAnqEpc/feKcQKjwCwk3bOQtMxC0rKAkXkVo2hxanFSbrqR sV5qUWZycXF+nl5easkmRmAAHtzyW3UH4+U3jocYBTgYlXh4P0xTiBBiTSwrrsw9xCjBwawk wuvzRDFCiDclsbIqtSg/vqg0J7X4EKM0B4uSOK/ZyvvhQgLpiSWp2ampBalFMFkmDk6pBkZe g9O236b4JSwXfxby0u/J7o8+tcy7ZjNU3axl2/7admJ4k+mD9fPeWn+/72oydYfDr0jrt8zT VZ9c2+Vxr4tP5Jt0fr6tpOIeZrUuhVZtuZev/FMkr99g8l7l8O7W7kdtGs3e76QjPvhcbm1q E3nsmDHP5b7JbO69E9+X2wiJlszb2rniz1YlluKMREMt5qLiRAAmaO66PAIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/3QbvWODiLm2VkSOLSw_fTyRGQR4>
Subject: [T2TRG] Fwd: [saag] draft-moore-iot-bcp-00 (Best Current Practices for Securing Internet of Things (IoT) Devices)
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 14:51:43 -0000

FYI; at the SAAG list there's discussion about a new IoT security draft. 
See below, and full thread here:
https://mailarchive.ietf.org/arch/search/?email_list=saag&q=iot-bcp

This is relevant also to the T2TRG IoT security discussions.


Cheers,
Ari

-------- Forwarded Message --------
Subject: [saag] draft-moore-iot-bcp-00 (Best Current Practices for 
Securing Internet of Things (IoT) Devices)
Date: Fri, 4 Nov 2016 21:25:59 -0400
From: Keith Moore <moore@network-heretics.com>
To: saag@ietf.org

Stephen Farrell suggested I bring this draft to your attention. This was 
a rush job as the authors just started talking about this last Friday, 
but it was written in response to recent DDoS attacks that utilized 
easily-compromised IoT devices.   I'm sure there are missing pieces 
(I've identified a few since -00) and sections that could be stated 
better (like the title of section 2.3.2), but hopefully this is a useful 
start.

https://datatracker.ietf.org/doc/draft-moore-iot-security-bcp/

Keith

v2.23.0 | Report a Bug | By Email