| < draft-ietf-suit-architecture-08.txt | draft-ietf-suit-architecture-09.txt > | |||
|---|---|---|---|---|
| SUIT B. Moran | SUIT B. Moran | |||
| Internet-Draft H. Tschofenig | Internet-Draft H. Tschofenig | |||
| Intended status: Informational Arm Limited | Intended status: Informational Arm Limited | |||
| Expires: May 22, 2020 D. Brown | Expires: November 23, 2020 D. Brown | |||
| Linaro | Linaro | |||
| M. Meriac | M. Meriac | |||
| Consultant | Consultant | |||
| November 19, 2019 | May 22, 2020 | |||
| A Firmware Update Architecture for Internet of Things | A Firmware Update Architecture for Internet of Things | |||
| draft-ietf-suit-architecture-08 | draft-ietf-suit-architecture-09 | |||
| Abstract | Abstract | |||
| Vulnerabilities with Internet of Things (IoT) devices have raised the | Vulnerabilities with Internet of Things (IoT) devices have raised the | |||
| need for a solid and secure firmware update mechanism that is also | need for a solid and secure firmware update mechanism that is also | |||
| suitable for constrained devices. Incorporating such update | suitable for constrained devices. Incorporating such update | |||
| mechanism to fix vulnerabilities, to update configuration settings as | mechanism to fix vulnerabilities, to update configuration settings as | |||
| well as adding new functionality is recommended by security experts. | well as adding new functionality is recommended by security experts. | |||
| This document lists requirements and describes an architecture for a | This document lists requirements and describes an architecture for a | |||
| skipping to change at page 1, line 43 ¶ | skipping to change at page 1, line 43 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on May 22, 2020. | This Internet-Draft will expire on November 23, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 8, line 8 ¶ | skipping to change at page 8, line 8 ¶ | |||
| - Robust permissions | - Robust permissions | |||
| - Diverse modes of operation | - Diverse modes of operation | |||
| - Suitability to software and personalization data | - Suitability to software and personalization data | |||
| 3.1. Agnostic to how firmware images are distributed | 3.1. Agnostic to how firmware images are distributed | |||
| Firmware images can be conveyed to devices in a variety of ways, | Firmware images can be conveyed to devices in a variety of ways, | |||
| including USB, UART, WiFi, BLE, low-power WAN technologies, etc. and | including USB, UART, WiFi, BLE, low-power WAN technologies, etc. and | |||
| use different protocols (e.g., CoAP, HTTP). The specified mechanism | use different protocols (e.g., CoAP, HTTP). The specified mechanism | |||
| needs to be agnostic to the distribution of the firmware images and | needs to be agnostic to the distribution of the firmware images and | |||
| manifests. | manifests. | |||
| 3.2. Friendly to broadcast delivery | 3.2. Friendly to broadcast delivery | |||
| This architecture does not specify any specific broadcast protocol. | This architecture does not specify any specific broadcast protocol. | |||
| However, given that broadcast may be desirable for some networks, | However, given that broadcast may be desirable for some networks, | |||
| updates must cause the least disruption possible both in metadata and | updates must cause the least disruption possible both in metadata and | |||
| firmware transmission. | firmware transmission. | |||
| skipping to change at page 28, line 30 ¶ | skipping to change at page 28, line 30 ¶ | |||
| Security (TLS) / Datagram Transport Layer Security (DTLS) | Security (TLS) / Datagram Transport Layer Security (DTLS) | |||
| Profiles for the Internet of Things", RFC 7925, | Profiles for the Internet of Things", RFC 7925, | |||
| DOI 10.17487/RFC7925, July 2016, | DOI 10.17487/RFC7925, July 2016, | |||
| <https://www.rfc-editor.org/info/rfc7925>. | <https://www.rfc-editor.org/info/rfc7925>. | |||
| 14.2. Informative References | 14.2. Informative References | |||
| [I-D.ietf-cose-hash-sig] | [I-D.ietf-cose-hash-sig] | |||
| Housley, R., "Use of the HSS/LMS Hash-based Signature | Housley, R., "Use of the HSS/LMS Hash-based Signature | |||
| Algorithm with CBOR Object Signing and Encryption (COSE)", | Algorithm with CBOR Object Signing and Encryption (COSE)", | |||
| draft-ietf-cose-hash-sig-06 (work in progress), November | draft-ietf-cose-hash-sig-09 (work in progress), December | |||
| 2019. | 2019. | |||
| [I-D.ietf-suit-information-model] | [I-D.ietf-suit-information-model] | |||
| Moran, B., Tschofenig, H., and H. Birkholz, "An | Moran, B., Tschofenig, H., and H. Birkholz, "An | |||
| Information Model for Firmware Updates in IoT Devices", | Information Model for Firmware Updates in IoT Devices", | |||
| draft-ietf-suit-information-model-04 (work in progress), | draft-ietf-suit-information-model-05 (work in progress), | |||
| October 2019. | January 2020. | |||
| [I-D.ietf-suit-manifest] | [I-D.ietf-suit-manifest] | |||
| Moran, B., Tschofenig, H., and H. Birkholz, "SUIT CBOR | Moran, B., Tschofenig, H., Birkholz, H., and K. Zandberg, | |||
| manifest serialisation format", draft-ietf-suit- | "A Concise Binary Object Representation (CBOR)-based | |||
| manifest-01 (work in progress), October 2019. | Serialization Format for the Software Updates for Internet | |||
| of Things (SUIT) Manifest", draft-ietf-suit-manifest-04 | ||||
| (work in progress), March 2020. | ||||
| [I-D.ietf-teep-architecture] | [I-D.ietf-teep-architecture] | |||
| Pei, M., Tschofenig, H., Wheeler, D., Atyeo, A., and D. | Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, | |||
| Liu, "Trusted Execution Environment Provisioning (TEEP) | "Trusted Execution Environment Provisioning (TEEP) | |||
| Architecture", draft-ietf-teep-architecture-03 (work in | Architecture", draft-ietf-teep-architecture-08 (work in | |||
| progress), July 2019. | progress), April 2020. | |||
| [LwM2M] OMA, ., "Lightweight Machine to Machine Technical | [LwM2M] OMA, ., "Lightweight Machine to Machine Technical | |||
| Specification, Version 1.0.2", February 2018, | Specification, Version 1.0.2", February 2018, | |||
| <http://www.openmobilealliance.org/release/LightweightM2M/ | <http://www.openmobilealliance.org/release/LightweightM2M/ | |||
| V1_0_2-20180209-A/OMA-TS-LightweightM2M- | V1_0_2-20180209-A/OMA-TS-LightweightM2M- | |||
| V1_0_2-20180209-A.pdf>. | V1_0_2-20180209-A.pdf>. | |||
| [RFC5649] Housley, R. and M. Dworkin, "Advanced Encryption Standard | [RFC5649] Housley, R. and M. Dworkin, "Advanced Encryption Standard | |||
| (AES) Key Wrap with Padding Algorithm", RFC 5649, | (AES) Key Wrap with Padding Algorithm", RFC 5649, | |||
| DOI 10.17487/RFC5649, September 2009, | DOI 10.17487/RFC5649, September 2009, | |||
| End of changes. 10 change blocks. | ||||
| 16 lines changed or deleted | 18 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||