IETF Logo Mail Archive

Re: [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt

Eliot Lear <lear@cisco.com> Tue, 04 April 2017 10:32 UTC

Return-Path: <lear@cisco.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEDD2129481 for <t2trg@ietfa.amsl.com>; Tue, 4 Apr 2017 03:32:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QTvZ0hFHgPIL for <t2trg@ietfa.amsl.com>; Tue, 4 Apr 2017 03:32:27 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE3A91294E8 for <T2TRG@irtf.org>; Tue, 4 Apr 2017 03:32:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5534; q=dns/txt; s=iport; t=1491301942; x=1492511542; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=K666VkHvngKQX/Lii7vWq2Py2tmFnn8QjTemOYzPCNU=; b=UZmAbp0JtLfQvWf50pA5cAs368wc7mA7p+pu2G0lXX2z2n0O2TKDGW2V ZM/olPA8Ra4p+8d0ecJmzPkMgDuiH8/efFaoxnUkboBaUZ97mdGYqkaD+ /cVpaUjBe+vKe8cWEU+sNwBX8ZrIFHnLtrQtX5T7Lc0BtMVPGLMfLJfV3 E=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BdAgCpdeNY/4sNJK1cGQEBAQEBAQEBAQEBBwEBAQEBg1RhgQuDY4oSkToflVOCDh8NhXYCgzk/GAECAQEBAQEBAWsohRUBAQEBAwEBIUsJAgwECxEBAwEBAScDAgInHwMGCAYBDAYCAQEXiXMOrXKCJopaAQEBAQEBAQEBAQEBAQEBAQEBAQEBDg+IUwiCYoMXhEOCXwEEj2eNBoN8ggx1i1OBfVWEWYM2hluTdR84gQUlFggYFRgphls+NQGJGgEBAQ
X-IronPort-AV: E=Sophos;i="5.36,275,1486425600"; d="asc'?scan'208";a="403375376"
Received: from alln-core-6.cisco.com ([173.36.13.139]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 04 Apr 2017 10:32:21 +0000
Received: from [10.86.249.69] (bxb-vpn3-325.cisco.com [10.86.249.69]) by alln-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id v34AWJdi007140; Tue, 4 Apr 2017 10:32:20 GMT
To: "Garcia-Morchon O, Oscar" <oscar.garcia-morchon@philips.com>, "T2TRG@irtf.org" <T2TRG@irtf.org>, "saag@ietf.org" <saag@ietf.org>
References: <149096223256.21673.7096150636636687245.idtracker@ietfa.amsl.com> <1546ba0e65e946b681ccec46f2abcd8c@DB5PR9001MB0165.MGDPHG.emi.philips.com>
Cc: Mohit Sethi <mohit.m.sethi@ericsson.com>, "Kumar, Sandeep" <sandeep.kumar@philips.com>
From: Eliot Lear <lear@cisco.com>
Message-ID: <483ad18f-5ded-96e0-3008-1d0eb38f5566@cisco.com>
Date: Tue, 04 Apr 2017 12:32:18 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <1546ba0e65e946b681ccec46f2abcd8c@DB5PR9001MB0165.MGDPHG.emi.philips.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="aUcstIoefVj0errnF8vn8lGrNWw4LST4A"
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/y1DAuyAlyQV1AqsiXo4xQQVwjJc>
Subject: Re: [T2TRG] New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Apr 2017 10:32:29 -0000

Hi Oscar,

While I appreciate the draft, there is an elephant in the room.  Not a
day passes when we hear of yet another compromise of a so-called "IoT"
system.  Sometimes these compromises are trivial, and sometimes they are
involved.  At the end of the day, the sheer quantity of Things mandates
some form of network-level protection that the draft should discuss, to
protect those devices from attack.  As was mentioned in the f2f, what if
Bob turns out to be, or becomes evil, or is otherwise 0wn3d by Chuck?

Eliot


On 4/3/17 9:10 AM, Garcia-Morchon O, Oscar wrote:
> Hi,
>
> we have submitted a new version of the Internet Draft on security considerations for the IoT.
> Comments are welcome.
>
> https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons-02
>
> Regards, Oscar.
>
> -----Original Message-----
> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> Sent: Friday, March 31, 2017 2:11 PM
> To: Mohit Sethi <mohit@piuha.net>; Kumar, Sandeep <sandeep.kumar@philips.com>; Kumar, Sandeep <sandeep.kumar@philips.com>; Garcia-Morchon O, Oscar <oscar.garcia-morchon@philips.com>; irtf-chair@irtf.org; t2trg-chairs@ietf.org
> Subject: New Version Notification for draft-irtf-t2trg-iot-seccons-02.txt
>
>
> A new version of I-D, draft-irtf-t2trg-iot-seccons-02.txt
> has been successfully submitted by Oscar Garcia-Morchon and posted to the IETF repository.
>
> Name:draft-irtf-t2trg-iot-seccons
> Revision:02
> Title:State of the Art and Challenges for the Internet of Things
> Document date:2017-03-31
> Group:t2trg
> Pages:56
> URL:            https://www.ietf.org/internet-drafts/draft-irtf-t2trg-iot-seccons-02.txt
> Status:         https://datatracker.ietf.org/doc/draft-irtf-t2trg-iot-seccons/
> Htmlized:       https://tools.ietf.org/html/draft-irtf-t2trg-iot-seccons-02
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-irtf-t2trg-iot-seccons-02
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-irtf-t2trg-iot-seccons-02
>
> Abstract:
>    The Internet of Things concept refers to the usage of standard
>    Internet protocols to allow for human-to-thing or thing-to-thing
>    communication.  The security needs are well-recognized and and many
>    standardization steps have been taken, for example, specification of
>    CoAP over DTLS.  However, security challenges still exist and there
>    are some use cases that lack a suitable solution.  This document
>    first provides an overview of security architecture, its deployment
>    model, security needs in the context of the lifecycle of a thing, as
>    well as the state of the art on IoT security.  Then, we discuss the
>    concept of security profiles for the successful roll-out of secure
>    IoT applications and describe remaining security challenges in the
>    IoT.
>
>
>
>
> Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
>
> ________________________________
> The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
> _______________________________________________
> T2TRG mailing list
> T2TRG@irtf.org
> https://www.irtf.org/mailman/listinfo/t2trg
>

v2.23.0 | Report a Bug | By Email