IETF Logo Mail Archive

Re: [T2TRG] RESTful Design & Security

Mohit Sethi <mohit.m.sethi@ericsson.com> Thu, 09 March 2017 14:28 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 042A8128AC9 for <t2trg@ietfa.amsl.com>; Thu, 9 Mar 2017 06:28:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.219
X-Spam-Level:
X-Spam-Status: No, score=-4.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sge5F3SqG3Gt for <t2trg@ietfa.amsl.com>; Thu, 9 Mar 2017 06:28:04 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B898C129633 for <T2TRG@irtf.org>; Thu, 9 Mar 2017 06:28:03 -0800 (PST)
X-AuditID: c1b4fb2d-2eaca9800000290a-fd-58c166711d79
Received: from ESESSHC001.ericsson.se (Unknown_Domain [153.88.183.21]) by (Symantec Mail Security) with SMTP id 0D.B3.10506.17661C85; Thu, 9 Mar 2017 15:28:01 +0100 (CET)
Received: from nomadiclab.lmf.ericsson.se (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.23) with Microsoft SMTP Server id 14.3.319.2; Thu, 9 Mar 2017 15:27:56 +0100
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 59D7D4EE5E; Thu, 9 Mar 2017 16:29:45 +0200 (EET)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id ADE8D4E94F; Thu, 9 Mar 2017 16:29:44 +0200 (EET)
To: Eliot Lear <lear@cisco.com>, "Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, "Kovatsch, Matthias" <matthias.kovatsch@siemens.com>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>
References: <c15a387f-9dd3-987e-2901-b86fd8f60108@gmx.net> <10144.1488908366@obiwan.sandelman.ca> <952c4a16-174f-2457-1f11-8f733e738f90@gmx.net> <4EBB3DDD0FBF694CA2A87838DF129B3C01AA2F98@DEFTHW99EL4MSX.ww902.siemens.net> <558bae1a-ff84-9fb3-c6bf-021f492e9a04@gmx.net> <4EBB3DDD0FBF694CA2A87838DF129B3C01AA313F@DEFTHW99EL4MSX.ww902.siemens.net> <c85cbfa5-083c-9159-3e01-001b353a3e35@cisco.com> <f33f30cc-9a6d-513d-f20f-620ac4b611e1@gmx.net> <d6c78126308c4f6c94ab4a827d0a8c2e@DB5PR9001MB0165.MGDPHG.emi.philips.com> <2669c38e-5a7e-e4a4-36d2-9fd9f7966d52@cisco.com>
From: Mohit Sethi <mohit.m.sethi@ericsson.com>
Message-ID: <89276160-ad20-bc9b-0cbd-c3e1f647dc1e@ericsson.com>
Date: Thu, 09 Mar 2017 16:27:55 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <2669c38e-5a7e-e4a4-36d2-9fd9f7966d52@cisco.com>
Content-Type: multipart/alternative; boundary="------------2B25B145CDCBFB10E518BA7A"
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprDIsWRmVeSWpSXmKPExsUyM2K7qG5h2sEIgy0zjCyW7rzHavH1XweL ReOEF4wWPYf62S0a7lxgsXj/oIfFgc1jyu+NrB6LN+1n85i88TCbx4EDu5k8WubsYfbYfnIS UwBbFJdNSmpOZllqkb5dAldGV/NdtoK7Exgrms59Z2tgXFTWxcjJISFgIvFg81GWLkYuDiGB dYwS+2Y8YYZwtjJKvDg1jRXCWcso8XRZNxuEM49RYvbdDawg/cICehJbZuwFqxIR+M0osejM ZHaIqiMsEnca5jCBVDELqErsn9jABmKzAXV0njvODGLzCthLLHg1AWwSi4CKxLzVz8HiogIR EvOfrmKCqBGUODnzCdCFHBycArYSL/6JQIwMk9j4ahsbxBNqElfPbQJrFRJQl9jacYBxAqPQ LCTds5C0zAKaxAy0+cHWMoiwvMT2t3OYIWx9iet37rPCxJu3zmZewMi2ilG0OLW4ODfdyFgv tSgzubg4P08vL7VkEyMwzg5u+a27g3H1a8dDjAIcjEo8vAUyByKEWBPLiitzDzFKcDArifDu ugQU4k1JrKxKLcqPLyrNSS0+xCjNwaIkzmu28n64kEB6YklqdmpqQWoRTJaJg1OqgVHAYfkr rbn7Y6edPOd4ifXSzjamyIysqyd0uiYYrNG2uRPuJud9+sZ0p2tpSiLpN/8LvKnfmdei7O54 8sRjLsHVa/J/fDFxZm+9+sL0Ff+H43GZLyIiTKb7XVhbyyS4TE35Uskr2x9tuulKU8/PUZJb EFvKpDz1X87R5bxhQkqsAke/Z5za6KLEUpyRaKjFXFScCAAC/RzHrwIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/JPa0u1fIZUVuc_DFeiKAxAK8v3k>
Cc: "T2TRG@irtf.org" <T2TRG@irtf.org>
Subject: Re: [T2TRG] RESTful Design & Security
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Mar 2017 14:28:06 -0000

Hi Elliot

I wonder what difference does it make if we call something a thing, 
component, device, or machine. We have the terms thing-to-thing, 
device-to-device and machine-to-machine communication from different 
(standards) folks.

I would believe that if a thing is connected to another thing or 
network, then the security considerations apply.

Thanks
Mohit


On 03/08/2017 05:46 PM, Eliot Lear wrote:
>
> Oscar,
>
> That's a great document.  In some ways, it's really several documents 
> all rolled up into one.  But Let me ask some leading questions:
>
>   * Is my network-connected refrigerator a Thing or a component?
>   * Is the thermostat in my network-connected refrigerator a Thing or
>     a component?
>   * Is my network-connected car a Thing or a component?
>   * Is the engine that sits on the CAN bus a Thing or a component?
>
> What distinguishes a Thing from a component and when do your security 
> considerations apply, and when do they not?
>
> Eliot
>
>
> On 3/8/17 4:31 PM, Garcia-Morchon O, Oscar wrote:
>> Hi Hannes,
>>
>> the document " draft-irtf-t2trg-iot-seccons-01" summarizes protocols.  But I do not think that we do this happily but seriously. Summarizing existing protocols/work is one of the goals of the document.
>>
>> The document also acknowledges that devices have different capabilities and requirements, also in terms of security. In my view, this fits with the idea of minimum requirements. It would be great to have your input on your use cases and your views on minimum assumptions in different deployment scenarios/security capabilities of different types of devices.
>>
>> Cheers, Oscar.
>>
>>
>> -----Original Message-----
>> From: T2TRG [mailto:t2trg-bounces@irtf.org] On Behalf Of Hannes Tschofenig
>> Sent: Wednesday, March 8, 2017 3:13 PM
>> To: Eliot Lear<lear@cisco.com>; Kovatsch, Matthias<matthias.kovatsch@siemens.com>;mcr+ietf@sandelman.ca
>> Cc:T2TRG@irtf.org
>> Subject: Re: [T2TRG] RESTful Design & Security
>>
>> Hi Eliot,
>>
>> this would indeed be a good conversation to have. I have tried to trigger it a couple of times in context of the IoT device classes but it is very hard to get people to state what their minimum assumptions are.
>>
>> I believe it has to do with the type of standardization approach we are exercising today and this gives us a hard time to describe the big picture of how the various building blocks are supposed to work together. In fact, the picture becomes extremely complex and fragmented since there are just so many options while at the same time we envision super constrained devices. The T2TRG security document
>> (draft-irtf-t2trg-iot-seccons-01) confirms this and happily talks about normal IPsec/IKE, diet IPsec, HIP, MIKEY, OSCOAP, JOSE, COSE, etc. etc.
>>
>> Ciao
>> Hannes
>>
>> On 03/08/2017 11:02 AM, Eliot Lear wrote:
>>> Matthias,
>>>
>>> I think the key question that everyone seems to be dancing around is this:
>>>
>>> What is an Internet host in the context of IoT?  What are the minimum
>>> qualities it must possess?  I don't mean this to be a vote, but more
>>> of a law of physics sort of thing.  For instance, does a host have a
>>> secure unique identity?  What capabilities must it have?  I would
>>> expect them to be very few, but there are assuredly some...
>>>
>>> Eliot
>>>
>>>
>>> On 3/7/17 8:36 PM, Kovatsch, Matthias wrote:
>>>> Fair enough.
>>>>
>>>> Yes, I am on this IoT Directorate. I would say a large fraction of
>>>> the T2TRG participants has been arguing that the Internet of Gateways
>>>> is not a good approach. Your security-related summary proves this point.
>>>>
>>>> I personally don't see end-to-end security happening if we keep
>>>> mixing application protocols, keep using black-magic middleboxes, and
>>>> keep using proprietary interfaces at the device level. We need
>>>> something end-to-end (or T2T) for end-to-end security.
>>>>
>>>> Best wishes
>>>> Matthias
>>>>
>>>>
>>>>
>>>> Sent from my phone, limitations might apply.
>>>>
>>>> -----Original Message-----
>>>> *From:* Hannes Tschofenig [hannes.tschofenig@gmx.net]
>>>> *Received:* Tuesday, 07 Mar 2017, 20:10
>>>> *To:* Kovatsch, Matthias (CT RDA NEC EMB-DE)
>>>> [matthias.kovatsch@siemens.com];mcr+ietf@sandelman.ca
>>>> [mcr+ietf@sandelman.ca]
>>>> *CC:*T2TRG@irtf.org  [T2TRG@irtf.org]
>>>> *Subject:* Re: [T2TRG] RESTful Design & Security
>>>>
>>>> Hi Matthias,
>>>>
>>>> I know that this is a research group and everyone can create whatever
>>>> they want.
>>>>
>>>> We briefly talked about security at the IoT directorate conference
>>>> call and I would be interesting to hear what works and what does not
>>>> work for others.
>>>>
>>>> Ciao
>>>> Hannes
>>>>
>>>>
>>>> On 03/07/2017 07:45 PM, Kovatsch, Matthias wrote:
>>>>> On big propaganda tour? :P
>>>>>
>>>>> Regards
>>>>> Matthias
>>>>>
>>>>>
>>>>> Sent from my phone, limitations might apply.
>>>>>
>>>>> -----Original Message-----
>>>>> *From:* Hannes Tschofenig [hannes.tschofenig@gmx.net]
>>>>> *Received:* Tuesday, 07 Mar 2017, 19:39
>>>>> *To:* Michael Richardson [mcr+ietf@sandelman.ca]
>>>>> *CC:*t2trg@irtf.org  [T2TRG@irtf.org]
>>>>> *Subject:* Re: [T2TRG] RESTful Design & Security
>>>>>
>>>>> OSCOAP does not work when
>>>>>
>>>>> * you mix protocols,
>>>>> * use a middlebox for some processing interactions (such as data
>>>>> aggregation), and
>>>>> * when one of the protocols is a non-RESTful protocol, such as BLE
>>>> or MQTT.
>>>>> Unfortunately, these the use cases we are facing in current IoT
>>>>> deployments. For similar reasons we cannot use RFC 8075 either.
>>>>>
>>>>> Maybe you are seeing different deployment environments.
>>>>>
>>>>> Ciao
>>>>> Hannes
>>>>>
>>>>> On 03/07/2017 06:39 PM, Michael Richardson wrote:
>>>>>> Hannes Tschofenig<hannes.tschofenig@gmx.net>  wrote:
>>>>>>      > Needless to say that these challenges have also been
>>>>>> observed
>>>> in other
>>>>>>      > protocols as well, such as HTTP and even SIP.
>>>>>>
>>>>>>      > What is the story for providing application layer security?
>>>>>>
>>>>>> OSCOAP seems to be end-to-end to me.
>>>>>>
>>>>>> --
>>>>>> Michael Richardson<mcr+IETF@sandelman.ca>, Sandelman Software
>>>>>> Works  -= IPv6 IoT consulting =-
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> T2TRG mailing list
>>>>> T2TRG@irtf.org
>>>>> https://www.irtf.org/mailman/listinfo/t2trg
>>>>>
>>>>
>>>> _______________________________________________
>>>> T2TRG mailing list
>>>> T2TRG@irtf.org
>>>> https://www.irtf.org/mailman/listinfo/t2trg
>> ________________________________
>> The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
>
>
>
> _______________________________________________
> T2TRG mailing list
> T2TRG@irtf.org
> https://www.irtf.org/mailman/listinfo/t2trg

v2.23.0 | Report a Bug | By Email