[OPSAWG]Re: [Mud] Roman Danyliw's Discuss on draft-ietf-opsawg-mud-iot-dns-considerations-12: (with DISCUSS and COMMENT)

Thu, 13 Jun 2024 08:36:55 -0700 

Roman Danyliw <r...@cert.org> wrote:
    >> Roman Danyliw via Datatracker <nore...@ietf.org> wrote:
    >> > ----------------------------------------------------------------------
    >> > DISCUSS:
    >> > ----------------------------------------------------------------------
    >>
    >> > ** Section 7.  > The use of a publicly specified firmware update
    >> protocol would also > enhance privacy of IoT devices.  In such a
    >> system, the IoT device > would never contact the manufacturer for
    >> version information or for > firmware itself.
    >>
    >> > Why does the use of a “publicly specified firmware update protocol”
    >> necessarily > enhance privacy?  Do all such protocols have the
    >> properties described in the > second sentence?
    >>
    >> answering this directly now.  I don't know, because, we, the IETF,
    >> have yet to specify one :-) (This is a topic I want to bring to SUIT
    >> when it recharters) I am making an assumption here about how such a
    >> protocol would work.

    > This is the source of my confusion and why I am holding a DISCUSS.  I'm
    > challenged by the assertion of privacy properties for something that
    > isn't being cited (i.e., a tangible instance of an update protocols) or
    > that can be validated as accurate.  Why does the draft need to make
    > privacy claims about a hypothetical protocol?  Furthermore, it isn't
    > clear in what way this guidance is actionable since it is hypothetical.

I accept your complaint; this document is not about firmware updates.
Privacy of devices would be enhanced if we had a standard update protocol,
and it matters to this draft only because that would simplify a major reason
for IoT devices to make outside "calls".

I have simply removed those paragraphs and the claims within.

https://author-tools.ietf.org/iddiff?url1=draft-ietf-opsawg-mud-iot-dns-considerations-14&url2=draft-ietf-opsawg-mud-iot-dns-considerations-15&difftype=--html


--
Michael Richardson <mcr+i...@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

Attachment: signature.asc
Description: PGP signature

_______________________________________________
OPSAWG mailing list -- opsawg@ietf.org
To unsubscribe send an email to opsawg-le...@ietf.org

Reply via email to