Internet of Things

Rough Guide to IETF 103: Internet of Things

By: Steve Olshansky

Date: October 30, 2018

line break image

Not surprisingly it has been a busy 4 months in IoT, and IoT-related work in IETF has been buzzing right along. This post is intended to highlight some of these activities, and to provide a guide to relevant sessions scheduled during the upcoming IETF 103 meeting in Bangkok. Also check out the IETF Journal IoT Category, the IETF IoT page, the IETF IoT Directorate, the Internet Society’s IoT page, or the Online Trust Alliance IoT page for more details about many of these topics.

The IETF Hackathon, held on the weekend preceding the main IETF meeting (November 3-4, 2018), includes several projects directly related to IoT, with the possibility of more being added. Remote participation is available. More information is on the Hackathon wiki. Projects of interest (at the time of this writing) include those relating to:

  • LPWAN CoAP/UDP/IPv6 SCHC compression and fragmentation
  • ST-COAPS (ACE WG) + ANIMA BRSK
  • WISHI (Work on IoT Semantic / Hypermedia Interoperability
  • Trusted Execution Environment Provisioning (TEEP)

The Thing-to-Thing Research Group (T2TRG), under the Internet Research Task Force (IRTF), investigates open research issues towards turning the promise of IoT into reality. The research group will be meeting on Tuesday afternoon 6 Nov 2018 16:10-18:10 (GMT+7) in Bangkok to report out on their recent activities. In addition, they will hold a working meeting on Friday 9-November from 09:00 to 13:20 (GMT+7). The agenda for the Friday work meeting can be found here. As in the past, full details and latest info on their activities can be found in GitHub.

Two recently chartered IoT-related working groups are working on very serious problems, and are making good progress:

I would like to draw your attention to some recently started activities of note:

In other contributed updates of interest:

The Lightweight Implementation Guidance (LWIG) working group is providing useful implementation guidance to IoT developers. At IETF 103, the group will have discussions to finalize the draft on lightweight TCP implementations and Efficient Neighbor Management policies for 6LoWPAN networks. The group will also discuss a draft which defines how various standard elliptic curves such as NIST P-256, Curve25519 and Ed25519 can efficiently re-use the same underlying implementation. The session is Tuesday 7 Nov 2018 11:20-12:20 (GMT+7).

Another interesting draft titled Enabling Network Access for IoT devices from the Cloud in the Thing-to-Thing Research Group (T2TRG) investigates how to overcome the perennial problem of secure bootstrapping of IoT devices. Rather than inventing another protocol, the draft describes how IoT devices can securely join a network with existing standard protocols such as EAP (RFC 3748) and RADIUS (RFC 2865). The draft received significant positive media coverage by The Register. In the latest update, the draft presents how to deal with the tricky problem of manufacturer obsolescence. It also defines new deployment modes for devices which have no identities or keys using existing EAP methods such as EAP-PSK (RFC 4764) and new EAP methods such as EAP-NOOB (Nimble out-of-band authentication for EAP).

Thanks to Mohit Sethi, Ericsson (Co-Chairing EAP Method Update (EMU) and Lightweight Implementation Guidance (LWIG))

IoT Onboarding

A lot of work is going on to figure out how to help a device with no user interface onboard to the correct network in a secure way. The basis for some of this work is the Bootstrapping Remote Secure Key Infrastructure draft (BRSKI). This work is built atop HTTP. Several other activities are now looking at how to provide the voucher that is used in BRSKI and defined in RFC 8366 for other circumstances, like 802.11 networks and for further constrained devices. There are at LEAST three drafts on this subject, that will be mentioned in the OPS Area WG (OPSAWG) meeting, as well as at the EAP Method Update (EMU) WG session. There will also be a side meeting on Tuesday night at 18:00 local time for those who are interested in Apartment 3 on the 9th floor.

Thanks to Eliot Lear, Cisco

ANIMA‘s Bootstrapping Remote Secure Key Infrastructure draft (BRSKI) protocol has passed WGLC, and by IETF103 may be through IESG review and into the RFC-EDITOR queue. Since IETF101, ANIMA has adopted a constrained version of RFC8366 + BRSKI, and ACE has adopted a constrained version of RFC7030 (Enrollment over Secure Transport – EST). Expect serious activity on these protocols at IETF103, as these variations are approaching WGLC. A variety of interoperability events are being planned around these protocols, and there may be reports on those that have get done. Interest is growing on how to do device secure device enrolment over WiFi. The draft BRSKI over IEEE 802.11 gives a review of many different ideas, and the Wifi Alliance has recently released the Device Provisioning Protocol (DPP) Specification (requires registration).

Thanks to Michael Richardson, Sandelman Software Works

The IETF motto about running code is being applied to the opsawg’s MUD internet draft. CIRALabs has been working over the summer to bring to life a MUD-driven IoT firewall called the “SecureHomeGateway.” The system uses a smartphone, an off-the-shelf OpenWRT home gateway, and a QR code to apply the MUD internet draft to common devices. The team is taking the work up to ISPs at RIPE, to ccTLD operators at ICANN and has been keeping the HOMENET and ANIMA WGs appraised of developments. The CIRAlabs team expects to make some extensions (MUD processing and extensions for Secure Home Gateway Project) to MUD to better support some operational requirements that might come out of the SUIT and ANIMA The team also has some ideas on how to bootstrap the initial trust between mobile phone and home gateway (BRSKI enrollment for Smart Pledges).The MUD authors are now also looking at ways to expand the use of MUD to bandwidth profiling, so that administrators can provision based on the devices’ needs and observe when a device is behaving outside that profile. The initial draft can be found at https://datatracker.ietf.org/doc/draft-lear-opsawg-mud-bw-profile/.

Thanks to Michael Richardson, Sandelman Software Works, and Eliot Lear, Cisco

MUD

While we are on the subject of “Manufacturer Usage Description Specification“ (MUD), I am pleased to see that it is gaining some serious traction. Last June, the Internet Engineering Steering Group (IESG) approved it as a proposed standard.

From the abstract: This memo specifies a component-based architecture for manufacturer usage descriptions (MUD). The goal of MUD is to provide a means for end devices to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control. Later work can delve into other aspects.

For more on MUD, Eliot Lear, one of the MUD authors, wrote a great article about it for the IETF Journal: Managing the Internet of Things – It’s All About Scaling.

As I have noted in previous IoT Rough Guides, MUD also plays a significant role in the project – Mitigating IoT-Based Automated Distributed Threats – being developed by the US National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE). NCCoE has also taken on a proof of concept project. You can find out more about that at https://www.nccoe.nist.gov/projects/building-blocks/mitigating-iot-based-ddos.

Ongoing work includes:

Schedule and locations subject to change. Please refer to the online agenda to confirm.

If you have an interest in how the IoT is developing and being standardized in the IETF, I hope to see you in person or online at some of these meetings during IETF 103. (Note that If you know you will be unable to travel to the meeting and would like to participate remotely, you must register as a remote participant. There is currently no fee to be a remote participant at an IETF meeting but registration is required. If you do not want to register, you may opt to listen to the live audio stream of the sessions instead. The links for each session are posted in each session description in the agenda.

** All times ICT — Indochina Time (GMT+7) 

6lo (IPv6 over Networks of Resource-constrained Nodes) WG
Monday, 5 Nov 2018, 16:10-18:10
Meeting 2 Room (7th Floor)
Agenda/Materials
Documents
Charter

6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG
Thursday, 8 Nov 2018, 16:10-18:10
Boromphimarn 3 Meeting Room (3rd Floor)
Agenda/Materials
Documents
Charter

ace (Authentication and Authorization for Constrained Environments) WG
Thursday, 8 Nov 2018, 16:10-18:10
Chitlada 1 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

core (Constrained RESTful Environments) WG
Monday, 5 Nov 2018, 13:50-15:50
Boromphimarn 1/2 Meeting Room (3rd Floor)
Thursday, 8 Nov 2018, 11:20-12:20
Chitlada 1 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

homenet (Home Networking) WG
Wednesday, 7 Nov 2018, 13:50-15:20
Chitlada 3 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

ipwave (IP Wireless Access in Vehicular Environments) WG
Tuesday, 6 Nov 2018, 11:30-12:20
Chitlada 3 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

lpwan (IPv6 over Low Power Wide-Area Networks) WG
Tuesday, 6 Nov 2018, 09:00-11:00
Meeting 1 Room (7th Floor)
Agenda/Materials
Documents
Charter

lwig (Light-Weight Implementation Guidance) WG
Wednesday, 7 Nov 2018, 11:20-12:20
Meeting 2 Room (7th Floor)
Agenda/Materials
Documents
Charter

opsawg (Operations and Management Area) WG
Tuesday, 6 Nov 2018, 16:10-18:10
Chitlada 2 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

rats (Remote ATtestation ProcedureS – aka simply Attestation) BoF
Tuesday 6 Nov 2018, 13:50-15:50
Chitlada 2 Meeting Room (2nd Floor)
RATS draft charter

roll (Routing Over Low power and Lossy networks) WG
Monday, 5 Nov 2018, 09:00-11:00
Boromphimarn 1/2 Meeting Room (3rd Floor)
Agenda/Materials
Documents
Charter

suit (Software Updates for Internet of Things) WG
Thursday, 8 Nov 2018, 09:00-11:00
Chitlada 2 Meeting Room (2nd Floor)
Agenda/Materials
Documents
Charter

t2trg (Thing-to-Thing) RG
Tuesday 6 Nov 2018, 16:10-18:10
Meeting 1 Room (7th Floor)
Agenda/Materials
Documents
Charter

teep (Trusted Execution Environment Provisioning) WG
Wednesday, 7 Nov 2018, 09:00-11:00
Meeting 2 Room (7th Floor)
Agenda/Materials
Documents
Charter

It will be a busy week in Bangkok, and whether you plan to be there or join remotely, there’s much to monitor. Read the full series of Rough Guide to IETF 103 posts, and follow us on the Internet Society blogTwitter, or Facebook using #IETF103 to keep up with the latest news.