ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Security Considerations, IoT and Everything

2016-11-22 20:21:43
from [Kathleen Moriarty] [Permanent Link] 
Hi Mike,

On Tue, Nov 22, 2016 at 5:48 PM, Stephen Farrell 
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
wrote:




On 22/11/16 22:35, Michael StJohns wrote:

On 11/22/2016 4:56 PM, Stephen Farrell wrote:


On 22/11/16 20:25, Michael StJohns wrote:

Is it time to revise BCP72/RFC3522 to require we also address threats
*from* the protocols to the Internet as a whole?

Yes. As Kathleen said please do contribute to the relevant
thread [1] on the saag list.

S.

[1] https://www.ietf.org/mail-archive/web/saag/current/msg07514.html


Thanks - missed this on the SAAG list when it first came out.

To be honest, this thread/discussion appears a bit moribund:


Yep. I hope though that topics such as this will be raised
and dealt with. I guess it'll be slower than we hoped though.


it wasn't
brought up during the SAAG meeting this time AFAICT,



In addition to Stephen's response, which covered the other points in your
message...

There was a presentation slot for this update in Berlin and Yoav went to
the mic during open mic to request feedback during this meeting in Seoul.
I added a plea for contributions restating the importance of this draft and
the need for contributions explaining how useful it is to other areas of
the IETF in particular to make sure these requests were heard and it was
understood that it was important.

Thanks,
Kathleen



it doesn't appear

to actually be a WG item as of yet, there doesn't appear to be much if
any discussion on the SAAG list (a quick look doesn't find anything
since July excepts Stephen's note - and that was all related to
privacy), and the ID and GIT don't appear to have been updated since
August.  The version on GIT seems to be only a references update from
3522.  It looks like there was maybe a 10 minute - if that - chat about
this in Berlin.

Perhaps it's time to have a broader (than SAAG) discussion on this as it
really reaches further?


I don't care if it's broad or narrow so long as we cover the
ground. If/when folks engage then we'll find the right method
for handling engagement. (Could be on here, on saag or on a
new list - but for now, I think saag is the better option.)



Mike

ps - on another note, why doesn't the SAAG have a datatracker page like
rtgwg?


Saag's not a WG. People suggest it now and then (and others
dislike the idea). Feel free to raise that too (though I'd
far prefer we discuss 3552bis myself.)

Cheers,
S.













-- 

Best regards,
Kathleen
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: What is the right way to do Web Services discovery?, Phillip Hallam-Baker
Next by Date:  reading instructions and new method to develop the internets, الرشيد الريح
Previous by Thread:  Re: Security Considerations, IoT and Everything, Dave Taht
Next by Thread:  Re: Security Considerations, IoT and Everything, Carsten Bormann
Indexes:  [Date] [Thread] [Top] [All Lists]