Re: [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
Eliot Lear <lear@cisco.com> Thu, 06 April 2017 08:47 UTC
Return-Path: <lear@cisco.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B102F126DEE for <t2trg@ietfa.amsl.com>; Thu, 6 Apr 2017 01:47:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.521
X-Spam-Level:
X-Spam-Status: No, score=-14.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6iyVAygdlKwu for <t2trg@ietfa.amsl.com>; Thu, 6 Apr 2017 01:47:29 -0700 (PDT)
Received: from aer-iport-2.cisco.com (aer-iport-2.cisco.com [173.38.203.52]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EEBD1201FA for <T2TRG@irtf.org>; Thu, 6 Apr 2017 01:47:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=18601; q=dns/txt; s=iport; t=1491468448; x=1492678048; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=tK2UMrvbtW0DkQroroN2NXhok3cEIvXsQTr7Qtfe6vs=; b=WFfBBhKF3XHY0m3+7SFCEbimlb2pEemoPPHUHNSsuanQ2Ib2K6SE1r/a I33ALYrXZEoFfzxJbjSGbT3D4IuZBZn3nc7mWnDv4VI0E440DRJQ6HKPk 2BPbb28/IMnoCZ6HdGWYV5K2Vhad4Per3LWU2/YE4IFz+3VnlzpRW1bGu g=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CTAgBQ/+VY/xbLJq1dGQEBAQEBAQEBAQEBBwEBAQEBhDWBC4NjihJzkCofkCGFNIIPHwEMhXYCg34YAQIBAQEBAQEBayiFFQEBAQEDAQEhSwkCDAQLEQEDAQEBJwMCAicfAwYIBgEMBgIBAReJcw6qX4ImK4o9AQEBAQEBAQEBAQEBAQEBAQEBAQEBDg+IUwmCYoMXhEWCXwEEj2mNB4N8gg11i1WBfVWEWYM2hluTdh84gQUlFggYFRgphFsdgWU+NQGJEAEBAQ
X-IronPort-AV: E=Sophos;i="5.37,283,1488844800"; d="asc'?scan'208,217";a="650944043"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Apr 2017 08:47:25 +0000
Received: from [10.61.218.220] ([10.61.218.220]) by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v368lO5J012449; Thu, 6 Apr 2017 08:47:25 GMT
To: "Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com>, "T2TRG@irtf.org" <T2TRG@irtf.org>, "saag@ietf.org" <saag@ietf.org>
References: <149096223256.21673.7096150636636687245.idtracker@ietfa.amsl.com> <1546ba0e65e946b681ccec46f2abcd8c@DB5PR9001MB0165.MGDPHG.emi.philips.com> <483ad18f-5ded-96e0-3008-1d0eb38f5566@cisco.com> <4459c5f266fc4e7bb34a040dd3b14b57@DB5PR9001MB0165.MGDPHG.emi.philips.com>
Cc: Mohit Sethi <mohit.m.sethi@ericsson.com>, "Kumar, Sandeep" <sandeep.kumar@philips.com>
From: Eliot Lear <lear@cisco.com>
Message-ID: <9224da8b-0065-a429-4f36-ca84e61be2a3@cisco.com>
Date: Thu, 06 Apr 2017 10:47:24 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <4459c5f266fc4e7bb34a040dd3b14b57@DB5PR9001MB0165.MGDPHG.emi.philips.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="3WtQJajSRsMDQvi05SFqfEMdA4aOknAgB"
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/UACJmcCMD0EFr0fdyVHx_FpQQf4>
Subject: Re: [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Apr 2017 08:47:33 -0000
Hi Oscar,
First of all, I realized I was reading the old version of the draft. My
apologies. This having been said, I would suggest the following:
* In discussing bootstrapping in Section 7.2, assuredly we should talk
about the work going on in the ANIMA working group
(draft-ietf-anima-bootstrapping-keyinfra). Not all devices are so
constrained as to be unable to use the established PKI, and indeed
the cost of doing so for onboarding is dropping by the day.
* Consider refocusing Section 7.11 on the role of firewalls, access
points, and access switches in protecting IoT (really all) devices.
I would resituate it or directly next to E2E security, and then
discuss the relative merits and risks. If it is possible to do so,
match the flow you have built in Section 3.2 (the numbered points)
in later sections.
* In Section 4, you've done an excellent job of discussing threat
vectors. Without being hyperbolic about it (and this might be
hard), it might be good to remind people of some consequences of
penetration. Broadly speaking I see this as enabling of direct
attacks (e.g., causing the device to fail to correctly perform its
function), or indirect attacks (making use of the device to attack
other devices). These are obviously not mutually exclusive.
* I would move the attack discussion in 7.11 into Section 4, and I
would move Section 4 above Section 3, the logic here being to first
have the threat discussion, and then discuss how they are remediated.
* Bullet point 6 on extraction of private information is important to
include. However, I would suggest NOT making generalizations as to
how well a device protects private data. It is sufficient to say
that when a device does not go to some pains to protect that data,
if the device is physically unprotected, so then is the data.
Hope this helps...
Eliot
On 4/6/17 9:28 AM, Garcia-Morchon O, Oscar wrote:
> Hi Eliot,
>
> It is a very good point. Thanks.
>
> IoT involves very different aspects that we try to reflect in the document. One of them is indeed network security with the goal to protect devices from attack but also the network from compromised devices.
>
> In the document, we refer to your ongoing work on MUD. Which other type of methods do you have in mind or do you think that should be included in the document?
>
> Regards, Oscar.
>
> -----Original Message-----
> From: Eliot Lear [mailto:lear@cisco.com]
> Sent: Tuesday, April 4, 2017 12:32 PM
> To: Garcia-Morchon O, Oscar <oscar.garcia-morchon@philips.com>; T2TRG@irtf.org; saag@ietf.org
> Cc: Mohit Sethi <mohit.m.sethi@ericsson.com>; Kumar, Sandeep <sandeep.kumar@philips.com>
> Subject: Re: [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
>
> Hi Oscar,
>
> While I appreciate the draft, there is an elephant in the room. Not a day passes when we hear of yet another compromise of a so-called "IoT"
> system. Sometimes these compromises are trivial, and sometimes they are involved. At the end of the day, the sheer quantity of Things mandates some form of network-level protection that the draft should discuss, to protect those devices from attack. As was mentioned in the f2f, what if Bob turns out to be, or becomes evil, or is otherwise 0wn3d by Chuck?
>
> Eliot
>
>
> On 4/3/17 9:10 AM, Garcia-Morchon O, Oscar wrote:
>> Hi,
>>
>> we have submitted a new version of the Internet Draft on security considerations for the IoT.
>> Comments are welcome.
>>
>> https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons-02
>>
>> Regards, Oscar.
>>
>> -----Original Message-----
>> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
>> Sent: Friday, March 31, 2017 2:11 PM
>> To: Mohit Sethi <mohit@piuha.net>; Kumar, Sandeep
>> <sandeep.kumar@philips.com>; Kumar, Sandeep
>> <sandeep.kumar@philips.com>; Garcia-Morchon O, Oscar
>> <oscar.garcia-morchon@philips.com>; irtf-chair@irtf.org;
>> t2trg-chairs@ietf.org
>> Subject: New Version Notification for
>> draft-irtf-t2trg-iot-seccons-02.txt
>>
>>
>> A new version of I-D, draft-irtf-t2trg-iot-seccons-02.txt
>> has been successfully submitted by Oscar Garcia-Morchon and posted to the IETF repository.
>>
>> Name:draft-irtf-t2trg-iot-seccons
>> Revision:02
>> Title:State of the Art and Challenges for the Internet of Things
>> Document date:2017-03-31 Group:t2trg
>> Pages:56
>> URL: https://www.ietf.org/internet-drafts/draft-irtf-t2trg-iot-seccons-02.txt
>> Status: https://datatracker.ietf.org/doc/draft-irtf-t2trg-iot-seccons/
>> Htmlized: https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons-02
>> Htmlized: https://datatracker.ietf.org/doc/html/draft-irtf-t2trg-iot-seccons-02
>> Diff: https://www.ietf.org/rfcdiff?url2=draft-irtf-t2trg-iot-seccons-02
>>
>> Abstract:
>> The Internet of Things concept refers to the usage of standard
>> Internet protocols to allow for human-to-thing or thing-to-thing
>> communication. The security needs are well-recognized and and many
>> standardization steps have been taken, for example, specification of
>> CoAP over DTLS. However, security challenges still exist and there
>> are some use cases that lack a suitable solution. This document
>> first provides an overview of security architecture, its deployment
>> model, security needs in the context of the lifecycle of a thing, as
>> well as the state of the art on IoT security. Then, we discuss the
>> concept of security profiles for the successful roll-out of secure
>> IoT applications and describe remaining security challenges in the
>> IoT.
>>
>>
>>
>>
>> Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
>>
>> The IETF Secretariat
>>
>>
>> ________________________________
>> The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
>> _______________________________________________
>> T2TRG mailing list
>> T2TRG@irtf.org
>> https://www.irtf.org/mailman/listinfo/t2trg
>>
>
>
- Re: [T2TRG] [saag] New Version Notification for d… Garcia-Morchon O, Oscar
- Re: [T2TRG] New Version Notification for draft-ir… Garcia-Morchon O, Oscar
- Re: [T2TRG] New Version Notification for draft-ir… Eliot Lear
- Re: [T2TRG] [saag] New Version Notification for d… Barry Raveendran Greene
- Re: [T2TRG] [saag] New Version Notification for d… Peter Gutmann
- Re: [T2TRG] [saag] New Version Notification for d… Barry Raveendran Greene
- Re: [T2TRG] [saag] New Version Notification for d… Garcia-Morchon O, Oscar
- Re: [T2TRG] [saag] New Version Notification for d… Garcia-Morchon O, Oscar
- Re: [T2TRG] New Version Notification for draft-ir… Garcia-Morchon O, Oscar
- Re: [T2TRG] New Version Notification for draft-ir… Eliot Lear
- Re: [T2TRG] [saag] New Version Notification for d… Peter Gutmann
- Re: [T2TRG] [saag] New Version Notification for d… Thorsten Dahm