IETF Logo Mail Archive

Re: [T2TRG] [saag] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt

"Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com> Mon, 10 April 2017 07:27 UTC

Return-Path: <oscar.garcia-morchon@philips.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 438F11205D3 for <t2trg@ietfa.amsl.com>; Mon, 10 Apr 2017 00:27:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.911
X-Spam-Level:
X-Spam-Status: No, score=-2.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=philips.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ykjmnzIosnoW for <t2trg@ietfa.amsl.com>; Mon, 10 Apr 2017 00:27:10 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00123.outbound.protection.outlook.com [40.107.0.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70ABC127B73 for <T2TRG@irtf.org>; Mon, 10 Apr 2017 00:27:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Philips.onmicrosoft.com; s=selector1-philips-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5b6Iz1/6C7Rr6ev4V98uQ2+PurPDOf2Dvs1S2hKXDi8=; b=M7iJB38PPyAeXdDJaNZKARmQlMSJZ2Lpz8gaunHiYF44cqtE/Ad1Y1dpM87f7Hn+4AF+yUjE/rH8Z7BcZpE8dA4F6yBbzS3qMUl28734LWfMU/Idivtimdehw4aeLYesVlHwIKLmzGmWlYg7D+n1xxTV0gJ9PO0tDBsi8rO11/4=
Received: from DB5P122CA0007.EURP122.PROD.OUTLOOK.COM (129.75.164.145) by HE1P122MB0012.EURP122.PROD.OUTLOOK.COM (129.75.100.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.17; Mon, 10 Apr 2017 07:26:06 +0000
Received: from AM1FFO11FD038.protection.gbl (2a01:111:f400:7e00::102) by DB5P122CA0007.outlook.office365.com (2603:10a6:20:1e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.17 via Frontend Transport; Mon, 10 Apr 2017 07:26:06 +0000
Authentication-Results: spf=neutral (sender IP is 23.103.247.180) smtp.mailfrom=philips.com; google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=philips.com;
Received-SPF: Neutral (protection.outlook.com: 23.103.247.180 is neither permitted nor denied by domain of philips.com)
Received: from 011-smtp-out.Philips.com (23.103.247.180) by AM1FFO11FD038.mail.protection.outlook.com (10.174.64.227) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.14 via Frontend Transport; Mon, 10 Apr 2017 07:26:05 +0000
Received: from DB5PR9001MB0165.MGDPHG.emi.philips.com (141.251.190.209) by DB5PR9001MB0167.MGDPHG.emi.philips.com (141.251.190.211) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.17; Mon, 10 Apr 2017 07:26:04 +0000
Received: from DB5PR9001MB0165.MGDPHG.emi.philips.com ([141.251.190.209]) by DB5PR9001MB0165.MGDPHG.emi.philips.com ([141.251.190.209]) with mapi id 15.01.1019.024; Mon, 10 Apr 2017 07:26:04 +0000
From: "Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com>
To: Thorsten Dahm <thorstendlux@google.com>, "T2TRG@irtf.org" <T2TRG@irtf.org>, "saag@ietf.org" <saag@ietf.org>
CC: Barry Raveendran Greene <bgreene@senki.org>, Eliot Lear <lear@cisco.com>, Mohit Sethi <mohit.m.sethi@ericsson.com>, "Kumar, Sandeep" <sandeep.kumar@philips.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com>
Thread-Topic: [saag] [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
Thread-Index: AQHSrdgeSEucviIKrk+lU0K6113ww6G23pSggAGLGACAAY3UgIAEPrsw
Date: Mon, 10 Apr 2017 07:26:04 +0000
Message-ID: <0257915cc65245fe84de054c66fdca59@DB5PR9001MB0165.MGDPHG.emi.philips.com>
References: <149096223256.21673.7096150636636687245.idtracker@ietfa.amsl.com> <1546ba0e65e946b681ccec46f2abcd8c@DB5PR9001MB0165.MGDPHG.emi.philips.com> <483ad18f-5ded-96e0-3008-1d0eb38f5566@cisco.com> <0DC0BAC2-C6BA-4D15-9343-60642BBD93C7@senki.org> <1491374652157.84909@cs.auckland.ac.nz> <0f486dc8e90844658f8107f44486b5cd@DB5PR9001MB0165.MGDPHG.emi.philips.com> <1491489157910.81916@cs.auckland.ac.nz> <CAB4uO_wXs5KhcE+cSU6eA0bbvXEqC+HNGRpDrBozudwemRtjuA@mail.gmail.com>
In-Reply-To: <CAB4uO_wXs5KhcE+cSU6eA0bbvXEqC+HNGRpDrBozudwemRtjuA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [62.140.137.32]
X-MS-Office365-Filtering-Correlation-Id: 2a5879e4-9d69-4111-7d59-08d47fe2d9db
Content-Type: multipart/alternative; boundary="_000_0257915cc65245fe84de054c66fdca59DB5PR9001MB0165MGDPHGem_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: DB5PR9001MB0167.MGDPHG.emi.philips.com
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:23.103.247.180; IPV:NLI; CTRY:; EFV:NLI; SFV:NSPM; SFS:(10019020)(39850400002)(39840400002)(39860400002)(39450400003)(39410400002)(39400400002)(2980300002)(85714005)(374574003)(377454003)(199003)(43544003)(189002)(24454002)(53754006)(9170700003)(7110500001)(189998001)(8936002)(3846002)(790700001)(6116002)(102836003)(229853002)(50986999)(2201001)(66066001)(76176999)(24736003)(2906002)(4326008)(38730400002)(356003)(8676002)(81166006)(2900100001)(86362001)(53546009)(106466001)(105586002)(33646002)(2420400007)(7906003)(7736002)(93886004)(108616004)(230783001)(2501003)(236005)(6306002)(54896002)(54906002)(54356999)(512874002)(2950100002)(5660300001)(55016002)(7696004)(6246003)(84326002)(606005)(53936002); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1P122MB0012; H:011-smtp-out.Philips.com; FPR:; SPF:Neutral; MLV:sfv; A:1; MX:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; AM1FFO11FD038; 1:swY6lWqos7Bi+p/SMMI4BuFt1j+Cdg3Y7Xlbr/yMqpoEtFZAgrCwR42tPaNCEDM5gClsYoEzK0Pz7aIl7RPuLjlXnqYl9wp+PrSlJ6jC4ITqqF5opCWLOhmXgRBTMGFIQ2Ws2dc4iy/WJpyKGhKIoRBsRnBY2BRQdCsKVt95fPb1GOu6qTckliQhHCEK9QZKzigZ5uYkTD1Hn1a5dw3SmD/PNAKYLzgTsyVoOAmaTR4OWwa1uoQAtIVcd/jMGFD4X3G96pQVynFJF0mCEmwitegORrUJI9PFByCwzc/WJJGGSVtMnCQ5IN1l4eSK36A0oBzcPUFAynIFDYCA9MZc+BE/du45pSAB2BH3GWtwK5UTf3Di/aIG4TYlnrF1dkUBwC2AvA55Qox91GWWP764DsIL2P2V1s76T0h1uX4gqd9Fg7s297wgWUhc8/4xCcfUbLHE/kbpZyAvdjdmansBXYIZlTsUV3VcQA6f5X4Tj6NaOnvGqF07QzvQGi6JMllegMN+L8TwupTUHVsM5/3StA==
X-CrossPremisesHeadersPromoted: AM1FFO11FD038.protection.gbl
X-CrossPremisesHeadersFiltered: AM1FFO11FD038.protection.gbl
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:HE1P122MB0012;
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 3:bF5KiGv8s+Ze3I15Y5pzFZ+3pGYijjEeFmiDldW0mknf5pRk1te5hIjbu4OJXM4MHaqBWJU1+mSIcI5WP1jaQ0l0LYvIRuC30s3jrghpiBAl0uRobg84ukgjp87kfDmx/9fQnmFftHp7pTkakhDT3V8PMXHOYRHF/1BG7km6A21CDhhUnMK828D6HANCsdZc7FwIfS5qU3jovbq0b9QUBzToCd7mx/cDM3frOcX1kaXnxOIBtnIDgNAGFyVxg18x9q36mNXaw62kmDaD1AOD+Z0roDF8MqIvMOeyRJ+lxvjl2W+qEHAoHzOfY9NdArQUogRQd8a27rGFUpUxL2tEzNocN/opQn9pIRNkFnCspeedG1xAeJ4esS6jNw7e5xiMhg/kzlpMPdU2z8gdd6U2zzxlTFrXFhGPE24r7s9ieWzEVWk24LsGmR4RnCvQfe4Ll5FTWp+ZB7h8EXYf+7jAXw==; 25:/ZnxuZdUh7KmDpf/pSL0rT0zIFX4IwTVMr/O+JajDUfl04Gb5vks5gNtnrEtJpmsuwYBdaoz0lGtdeYpdbeKcgQA9HONnME27DbnhQNHZoXNaMbA+1qvtNQ+95XeTVtfrj0SGz/plAdXj2nLC5s1AiAabwQ4lFrkPqZRl6rvydIblqV4uFvUytwbTUu0aN53fozKN6GPJR2PVNpFinkNd8csiAMqVntovgRb65W/sb+IMJ6oZV2N6kZwvKGIkpNEGWXByqJUyz26Y8gQTmNJqJ0bkQKM06F3ycUF8H99+3m+Azc8GQUXfXWk+qRWUbzYJWrGsyKrDH3euQbAqQA95c7IYISbyQcWKQfIctemXJPLCOxPL+Hee6NbBdW50JYJ6PMz8bZQMntzToBo7b0CYgJIgGHc0M90QgSpoGGjw9iaEMIkSVF4Yu6NLJzrVxi6J0uCHXQEoDbymUrTl0lesw==
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 31:4pEKPTcse1RjDmGjCOITZpJ+2iyJ/L9Yef0SYqpEyYIlZHIDlWeBjVr87k+MduPIGUWH9Uu7mhWUlxsgw4mMhADFK/KEIt/Nmlg3hd7wgNA5+EXaIAIG2rT9DrEN7wuACK04fEGoenWDvQZeLzKI8kVwr8NHI+ckFdsEfWcQcYKDSlDUZFDUuzdO3sYcdlcPhfYgSvnQOCTC3hHKSuQ8h+LwgcBlHOMRifj+YPw2rSYBwbctdJty8zrrewSKNHEqZHnxRGwbYnUg94FIjUnXrhOQaxy8mB5Dg+nZNXhiszY=; 20:k9mATkZ0Zu4iC/1/Z2AmIXYWOCyiz7hPC4rm/YotMpFfJi94IbN1pLQ7INXCpj8aMiKfUoHfpzEYnskgqcOhISqGSTSFfaw/z2FxpOtiEO+Me0SCITe5MGSNuNYBOm/xO8QmVQq4JKSkJnxSIgxVf65hWNHlYP7GQw0guEYrCRijggKLVidGf5gu3gxy7uF2m7P2KU5uS6RtTo2w91z0+mz4tkAVprVSSMYxYuI9BTqMe889vXkrv//SS7ZpJamY77tfYkdzWI05hl/YxyuioEGx2p1bND/fijEtYoLy3Dok5hcsKWrayUgKSBjlBuCh8ByJaA9kcOlfh2LmpExgfBUFzOUyp78+sJnXNAjfs0MUkFohMlmcyvq891USVqpI5AWq7yAmtElKgnsbYEI2wA1WuXXPXDuoIHHdsN526887A61hb42yp0s8I6SLUEHCf8JsSnjananIdjG0KbPgFIvywbBliyGG8dJ9O6Ji0V+uuTUNmZ1Qzq/oR5fpc+94
X-Microsoft-Antispam-PRVS: <HE1P122MB0012C778DF7061217E06BF12C8010@HE1P122MB0012.EURP122.PROD.OUTLOOK.COM>
X-Exchange-Antispam-Report-Test: UriScan:(37575265505322)(158342451672863)(192374486261705)(211936372134217)(95692535739014)(21748063052155)(260087099026482)(21532816269658);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(8121501046)(5005006)(13016025)(13018025)(93006095)(93003095)(10201501046)(3002001)(6055026)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(6072148); SRVR:HE1P122MB0012; BCL:0; PCL:0; RULEID:; SRVR:HE1P122MB0012;
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 4:rSm5UHonbelG5CeGJZNNsF5hXUIK86GP5VA3ezHcXDqNr+3DXUtT3Q/BveOtDni5W9hBEeFI3ag9/gVyR/HHNXbPgnclmbhSr0U2EhgFUxff8/wGMck4gFHxfEZV5qMSmvrMU5J01KoLX5czwghMTcS9DUZ6h1qHIx7/Yco5670hwWOPPmX2Zdpalkf4gG8jVOeDt7pKwGbDFtMHhdZbYpVGBaFugnotNoFW/BrrgVOSFDwH9y9AUKmnsruCUEVWvn/MRsENqyR2KDG4ah1z0ljsp9b5BuZ/NmkV8YJkv2VJqG1xGQ1VEFKv2jzEqFZQD0wM03L2lF8DNmAYNZi/w5vri1DW4g+lJ84MRcoAU8Ea5PP8kBMn8kvxhD7tk3qIIpHW6LLem2EC0Mr6jC9kewqPlKbhAvu7B8ri+88yiYVpiMsjy0IWCk+KuCQJykEu6fSDgxSKqGGWVdT6CawrLCIB2mTBNlPkmqwjGKRw1z64HLCjsmHaeJNgkLQatdVCa6bjIyndw7alF9C6xALEjjN2grhwyreO0EKjY29N3khAIlt6/TeQnb+XXRD+PV7fNd8hod+PZFB/SJJ2/uTg7yxS7gsZ69OBI87QvtGZGdGKNSSW1jnzZovv2V+uwiSVWVf6WIb7bj6ruGuj50nK1rU//lJjAmOAhF+kdtgH8BAlozjW6OeTthVCZdZzW8gGStMvMIbJyL1vTXQxFhA2RspJXxsrIGPYqCfweWpjlWAxEODD4PFHfipV2Q0EmIkKRGWYV5+oGA95HYPUvN1IDj6fk8sbwKyFm3jbE1Ah8n6t0HCsJ/em8tBzPmiOgMpg6Ax82S6WRgkzJVr4o3vvYa0fnTdfPSbfP24GsBEUn3WVLOHsfKj4Lpx7cOFqkDASsK5kc4PC/a50EKu89R/6oTl5i4PGVrWTphgovqsWYJpFFIqEW/hC5qX+3rKJaAyul9msTuawL5LNjutEkYCy+xSUQ24BVNWuuAJohiGC3qPFbTBUJva5RHEplj6m3eLsRWjD0hMULeWvfaa9WdNcJ52nBWrU6d2gQ1SNRiv9kFU=
X-Forefront-PRVS: 027367F73D
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 23:Kpr0ffH0CoCy9FC5efzd8L7pQjgeKYRc1ijDw4xmuigFKBXsiZMqylQkcV1AnzdER3BF692mriw/MDmp2h42H7Y4jo8XCWts2nmZOUWb+xcn1a986QbrpIIUHrPYrkVCFZILWnqJDIMTcvO5mQT2VQOI/0+whVRniBTtAE1f5Xg6CCDUXYzhIqJOFzY5zYCoGIeP6QkbpcEllVep+O/QSgGd0meGwIlXeFClZ+Qm+79nj3uOIFD4SWAPnLmb9hws1UwMXWIlldf9ICKOTF3ciBROcIApTUni5Lvgv/Q1dxWxPJuKQqHmrJTK8GTHZPPszXoCAfBRKPmlETE/wODlhb7xjTsGxXphjQnn3zxKPrT2UiFl0IS3rNhaMkZ4cB6qvHITzWHd1gW5syqi3TK6l0MARm6QIgsUiS7ZCLi2fz/h9u/4LS+aD2viv9Lzl7uBuJz26zHA40CoBXVdEr1+KSsFpEpPnHe6XTPz38WECV5/ageqQdPiNJjwoIayB21X3E+sAPkcywMWJcrPvEp8rK6/cOUw7keKgx04+x60vqtXP3aBuMdNNCGKkyRt+TTYaZ0oKzEoYf9nuAHPyDrU4889BZQ2E5AAsOs0dxP5B60O4NhUAIV2zd6i3bOXJpdYHrb1XixI3bp4sQm+qPQAqg8/spOV/VvuFkqpbXIStWf7Pl7Xdeah7dQ4qlJZUeE01L3j0OJMuudvfznJjAk5xJHjm4IwAgo84Gt2cr9uErzDQrUuenZqj6fGxtMJWXE7IfFtPIoHs5Gqy0ygdkk8YQB9Q2CzXmTDbd9AsvLMpZgdP3wP32hby+SEg4QLO8OxqbFISbWLhHOyuxH44obY2U8oCcg6OkEdfqBkpOO6t+66DIL/DPueNPBktNSAs/WJ0+8Y66EFh8gsgpksopF0ivXo9nNUv4wseihkSRml00TibMgygCypCPmv10CuhX2aXab1YheYLW4pkL4FrnYAxIbhM7uIbsjHID/XTe6Kl3mWIiMm72vm36RrOnYlOXJz8JoB/Fn1S2dQOHfik7Jd9mnpk0BD70/mdCv88K5ziAarkUQ36laOoXRCsOHq1Ej3srIG8fuVBFxz0bIUKwMMnVR2ck27Y8DYc11YsF/lzI4zzAEjgqyj72ZQXEEprSdg2OwZgl3GSemLUdj3zzwgnweCUEXmdqDHK4wO1XEpJ9p6dYaiJ8sM60YPtGicmx4hnnYFEJioOcP6BobWCY0YBWXFGCKRhfKbIzLf4DMqMFriT7OTfGJkBYWcPuAg6heDoGo5BQ2vdjeILY4TkqHPtovPJ6GveArAzpY4AOCM9wz9zSjrh1wrKYxvpnChU43zpvjCDt+Y+pBE3qgKDzwgs9ewIWdOtt1uOzdkTKmw7PE6+E/a8ve/iAymxJNET2Ugd7RKuzHWXZA0b2TRbxY91oKa+upXZ8SjQEGx1m0gd8hYLt0VWFMHUJ4TwFzJDNYE6Bg0m3zxGRwxNNYlCW3bWQ==
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 6:xrajbW1th6ERfPKhCNcDYlwgCoaInY+eJBQRxrc8vJ8JQ4o+7r3nTutShnZo7CQTolPp5nGfVvSPTLNEwSilWQBLOjojCNSBRiaKdWA7Hef5BFGNSpBzqEqZJ4LR5PhSqL2CaqgDM0r6QD3WLs5MBT/U/vCs0QGNXF3qBXeigQuAUoi2TGtHUMCxgoIkBlSve4FUNBeuIFZzvs4BSbxkmadXe0mljzy5bNfhIOzePsnvxkTOtwwDuhPFModQMGlgkUC5Bqg5mHKaVqXWBp86umAx5w1yIlsbUZDUAB/YzS/sGIsxgUSg0gCNiSHTeyomMaWssJTwbBuNGFsJu/6hTOESNea+lVs1eU9o3yaSO+fAXWadK5owF3PJz2Qpiuj/I0JXpuAKaAQe7JQtQnwzyU20ocveXU58JsG6/qThOc1u6EBnjm6a+pxHtFjNQvC+Oyip39NelMuNDnhK+ELRr4BzrIO37san/3xEj6cnja8=; 5:oabdo5CK7FyhhHbGOkWfaeSb69CUkij40gg8BqZO76JJzu6IN2tp+lv2+JT41xE2iRBWXw4TWD0PIjoLP161ndeujI9SPbBvJVXN8rUSwV9LF5EP36vX2AjUhupohizpFnZxiFCoA2cnlCsE3wQZRw==; 24:Jws0eQBX/w86rnh5bo+E827hmEAZqelRVQf7/klsWzPxrZZC4IC39OAHeZC55TMpwnSQmEVtZuFtC0eEiu87HAjaKDWrsWKgASXDTqjeT5M=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0012; 7:1zXI+NMw/QockEd13fC0OxH3oJqM8yGnTOq/s0UjERTbiI1E8vGKPm41BgvbqO2OHae4OHtwD5bh6i85YPk33etbW8wnX2360G0DpGfwege5rUusUMEj/NPp3tUOI6JHriZsxHG0kK0z90F+r2fmguIeBHUTerw9LBCKnaOvjDG41ZiGsr0ckYYByhC3FqYy67yqo9MTW9imRr1OyK/4MSGu6aNG3D9kziNQSZhkCC89c6Ypsmz4P/CTXRMCR+zwcAn0yeX2+fVI+SAMUGm8sRmM4Nvv/pDaPBaUPMYR4ifnaAwvj3owsfsVcGDCjhfy2FcnTGvFG+OjxkmEtyI7Dw==
X-OriginatorOrg: philips.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Apr 2017 07:26:05.9211 (UTC)
X-MS-Exchange-CrossTenant-Id: 1a407a2d-7675-4d17-8692-b3ac285306e4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=1a407a2d-7675-4d17-8692-b3ac285306e4; Ip=[23.103.247.180]; Helo=[011-smtp-out.Philips.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P122MB0012
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 04
X-MS-Exchange-CrossPremises-AuthSource: DB5PR9001MB0165.MGDPHG.emi.philips.com
X-MS-Exchange-CrossPremises-SCL: 1
X-MS-Exchange-CrossPremises-messagesource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-originalclientipaddress: 62.140.137.32
X-MS-Exchange-CrossPremises-disclaimer-hash: 7fd5309d68bb4378c576a4d2c2ad972d336f5eb0475879c2a0b14da1aac98972
X-MS-Exchange-CrossPremises-processed-by-journaling: Journal Agent
X-MS-Exchange-CrossPremises-AVStamp-Service: 1.0
X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:NSPM; SKIP:0;
X-OrganizationHeadersPreserved: HE1P122MB0012.EURP122.PROD.OUTLOOK.COM
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/EcpHFulVplZAQBwsJHj-y9b2jVk>
Subject: Re: [T2TRG] [saag] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2017 07:27:12 -0000

Hi Thorsten,

I fully agree with your email.

Regarding: “I had a private chat with Oscar and pointed out the missing details on mitigation of the risks he points out in his document. Not sure if that should be added to an already long document or if we should split it into a separate document.”

I agree that having such a document would be great. Personally, I would not include the mitigation strategies in this document since this document is already pretty long. I also think that just a list of mitigation strategies will be rather long and also confusing for designers. A designer will still ask himself, what do I really need to protect “my” IoT system?

What about the following? We could have a different document that includes:



-          Extended text related to how to deal with threats (page 12 in the current document starting with “Dealing with above threats and finding suitable security mitigations is challenging: there are very sophisticated threats that a very powerful attacker could use; also, new threats and exploits appear in a daily basis.  Therefore, the existence of proper secure product creation processes that allow managing and minimizing risks during the lifecycle of the IoT devices is at least as important as being aware of the threats.  A non-exhaustive list of relevant processes include:”

-          Mitigation strategies: here we can list main mitigation strategies to deal with different types of threats.

-          Security profiles (section 6 in current document, this section would be removed from the current document) that illustrate which mitigation strategies should be applied to different classes of use cases (I believe that this makes lots of sense since not all classes of use cases will be exposed to the same threats, and thus, mitigation strategies will also be different.)



Regards, Oscar.





From: Thorsten Dahm [mailto:thorstendlux@google.com]
Sent: Friday, April 7, 2017 4:17 PM
To: T2TRG@irtf.org; saag@ietf.org
Cc: Garcia-Morchon O, Oscar <oscar.garcia-morchon@philips.com>; Barry Raveendran Greene <bgreene@senki.org>; Eliot Lear <lear@cisco.com>; Mohit Sethi <mohit.m.sethi@ericsson.com>; Kumar, Sandeep <sandeep.kumar@philips.com>; Peter Gutmann <pgut001@cs.auckland.ac.nz>
Subject: Re: [saag] [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt

Hi all,

I also agree with the statements of the folks who previously commented on the topic. Before the IETF in Chicago I had a private chat with Oscar and pointed out the missing details on mitigation of the risks he points out in his document. Not sure if that should be added to an already long document or if we should split it into a separate document. And yes, while it is a good document and we should have it, documents alone don't change much. What we need are products that implement the best practices as well as network operators and consumers who refuse to connect insecure dishwashers to their enterprise or home network. Without market pressure and holding manufacturers accountable for the damage their products may cause it's hard to convince them to spend money on IoT security.

Taking a step back, I doubt that IoT will be able to take care of itself in the next couple of years, so we have to rely on operators to do the job for the manufacturers while we push BCPs and standards like the current document to them. IMHO the extensive usage of features like private VLANs is still very painful and even in combination with stuff like MUD, it would only solve parts of the problem. We as operators probably need to rethink the stack from L1 to L7 and reach out to other Working Groups outside of the IoT / Security space to address the need. The bootstrapping work in ANIMA is a good example for that. We may can't avoid completely connecting devices that use strcpy() into fixed-size buffers to our networks, but we can prevent them from disturbing other devices on the network and limiting the blast radius in case of a (unavoidable?) compromise.

Maybe a good topic to be picked up by the T2TRG is the question of how to protect the network from compromised devices, the majority of the work as I can see it focuses currently on the security of the Thing itself.

cheers,
Thorsten

On 6 April 2017 at 15:32, Peter Gutmann <pgut001@cs.auckland.ac.nz<mailto:pgut001@cs.auckland.ac.nz>> wrote:
Garcia-Morchon O, Oscar <oscar.garcia-morchon@philips.com<mailto:oscar.garcia-morchon@philips.com>> writes:

>The main goals are:
>- summarize existing solutions out there and in IETF
>- summarize security considerations and challenges that should be addressed
>  in the future

The problem is that almost everyone else who has any interest in the IoS has
also published their own checklist or guidelines or BCP or whatever they felt
like doing.  It's not that we have a lack of guidelines, we have as many as
you like (and that's not just IoS-specific stuff but includes any book on
secure programming, security engineering, and so on), but no-one uses them.
So it seems like we need to look at why people aren't using them, and how we
can get them used.  Why does every J.Random Linux distro come with hardened
system binaries and libraries and books and howto's on further hardening
things, but every IoS device feature strcpy() into fixed-size buffers and XSS
and directory-traversal bugs like it was 1995?

The problem with the non-specificity of many of the guidelines is that you end
up with something that tries to cover, for example, a Raspberry Pi, which is
essentially a Unix server and for which you don't need any new guidelines
because any reference on setting up and hardening a Unix box will do, and at
the other end of the spectrum a PLC running what's labelled as an RTOS but
which is really just a big binary blob containing device drivers, a task
scheduler, a network stack, and the application, all running in ring zero with
no protection features.

So the document currently is an interesting overview of IoS security issues,
and better than most I've seen, but there's no obvious answer to a question
like "I have a PLC, what steps should I take to secure it?".  Instead, it's a
survey of every possible technology and mechanism that could be applied to the
problem, which leads to an obvious suggestion of submitting it as a paper for
Computing Surveys instead of publishing it as an RFC, since it reads very much
like a Computing Surveys paper and would probably work well there.

Peter.
_______________________________________________
saag mailing list
saag@ietf.org<mailto:saag@ietf.org>
https://www.ietf.org/mailman/listinfo/saag



--
Thorsten Dahm

Network Engineer
Google Ireland Ltd.
The Gasworks, Barrow Street
Dublin 4,  Ireland

Registered in Dublin, Ireland
Registration Number: 368047

________________________________
The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.

v2.23.0 | Report a Bug | By Email