IETF Logo Mail Archive

[Ace] Stephen Farrell's Yes on draft-ietf-ace-usecases-09: (with COMMENT)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Thu, 22 October 2015 13:29 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0357D1A88DF; Thu, 22 Oct 2015 06:29:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.6.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20151022132903.23826.2689.idtracker@ietfa.amsl.com>
Date: Thu, 22 Oct 2015 06:29:03 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ace/Bgc3Mq3vxvOLi19fVR0ckbLOkuw>
Cc: Hannes.Tschofenig@gmx.net, ace-chairs@ietf.org, ace@ietf.org, draft-ietf-ace-usecases@ietf.org
Subject: [Ace] Stephen Farrell's Yes on draft-ietf-ace-usecases-09: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Oct 2015 13:29:04 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-ace-usecases-09: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-ace-usecases/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


Excellent and well written document, thanks. I think there are
five things you could usefully add, see below. That said, I
agree that this cannot and should not try to be fully complete
so I won't argue (much:-) if you prefer to omit these. We/you
can figure out what if any text to add I'm sure, but I'm happy
to chat about that.

1. Software update is really needed and often missing and
usually hard. There's at least a need to authenticate and
authorize new firmware, when there is any update. That may not
be the same as authorizing a new config.

2. Alice buys a new device, and would like to know if it is
calling home or what it is doing before she configures it, or
perhaps before she accepts it in her network. Even if she
accepts it, she may want to be able to monitor the data it
is sending "home" e.g. to ensure her TV is not sending 
data when she inserts a USB stick, if that is undesired.

3. Device fingerprinting is a threat that ought be considered
by solution developers, especially if there is no reliable
software update. Probably the best to be done is to try to
make it hard for unauthorized parties to fingerprint a device,
but that's also hard.

4. Commercial Devices will be end-of-lifed by vendors, and yet
Alice still needs to be able to use, and perhaos to update,
the device. That calls for some kind of authorization handover
which is not quite the same as a change of ownership.

5. Penetration testing will happen and devices should not barf
even then. Maybe that's a security consideration worth a
mention.

See also the secdir review. [1] It'd be good to see a 
response to that.

   [1] https://www.ietf.org/mail-archive/web/secdir/current/msg06101.html

v2.23.0 | Report a Bug | By Email