Steve Hanna via Datatracker <nore...@ietf.org> wrote:
> Reviewer: Steve Hanna
> Review result: Not Ready
Steve thanks for the great review!
I wanted to respond as an IoT onboarding expert and EMU WG member.
> * Bootstrapping an IoT device involves many tasks that extend far beyond
what
> is accomplished by EAP-NOOB: configuring the services that the device
> can/should employ within its new context (including how to reach and
Hi, so your comments are well taken, but it's really an unreasonably high
standard. While it is really important to get the configuration mechanisms
in place, they are even more diverse than onboarding.
That's an entire ocean of disagreement here.
I would certainly love to get a handle on this.
When it comes to standardization, really have to be very selective on how big
a thing to bite off. I think that we can incrementally get to this, but
first we need some success with getting even one onboarding spec working.
So I don't think it's reasonable to evaluate EAP-NOOB (or BRSKI-TEEP) by this
critiera.
> * IoT device provisioning is not a new problem. In fact, it has been
solved
> hundreds of times. Most of those solutions are proprietary but some
standards
> efforts are ongoing now: IoTopia, FIDO IoT, Connected Home over IP,
IP-BLiS,
> etc. Why ignore these? Why not reach out and try to help them?
Well, of those groups, many of them are completely pay-to-play fora, and do
all of their work behind closed doors. In many cases, they look to the IETF
for components, such as EAP-NOOB, BRSKI, etc. that they can incorporate into
their designs. Some are actively hostile towards an an actual written
standard, preferring that everyone license a particular software stack instead.
I think that EAP-NOOB has benefited greatly from academic and industrial review.
> * This proposal assumes that the IoT device has a user interface (camera,
> screen, etc.). What about those that don’t?
Yup. Some don't, and you need to do something else.
But, a lot of devices *do* have displays.
Think about any industrial or hospital instrument.
They all go "ping", and have a cool display to put a graph on :-)
> * Won’t this protocol apply to a relatively small subset of the networks
that
> IoT devices will need to connect to? Few IoT networks run EAP.
EAP is very popular in industrial and enterprise situations.
EAP can be easily introduced into home network, with the Authentication
Server running locally. Many have done this, and it is supported in Openwrt
today.
> * How will the device know which network to connect to, in the first
> place?
This is a good question, and I can offer no answer for the EAP-NOOB case, and
I leave it to the authors to respond to your other comments.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
