Filter by topic and date
IETF 104: Internet of Things (IoT) Wrapup
- Steve Olshansky
20 May 2019
At IETF 104, there was a great deal of activity related to various aspects of the IoT ecosystem across numerous working groups, Birds-of-a-Feather gatherings, the Thing-to-Thing Research Group (T2TRG), as well as side conversations. The IETF Hackathon preceding IETF 104, as well as spontaneous conversations in hallways and over meals around IETF 104, were also fruitful.
For those interested in following or participating in IoT-related standards development, IETF working groups (WGs) are open to any interested individual. Much of the work of the IETF takes place on mailing lists and links to details about respective WG email lists, including information about subscribing and list archives, are included in the working group information towards the end of this post. But first, a summary of activities at IETF 104 assembled from contributions by, and thanks to, Henk Birkholz, Eliot Lear, Michael Richardson, and Mohit Sethi, followed by links to work undertaken at the recent IETF Hackathon and to ongoing IoT-related working groups as well as the T2TRG.
Remote ATtestation ProcedureS (RATS) Working Group
The RATS working group is aiming to provide answers to questions of how to imbue with trustworthiness the things that compose the Internet itself. A broad foundation is required to establish trust in network equipment, conveyance protocols, and the entities that govern them. Therefore, the working group anticipates participants from manufactures, vendors, various standards development organizations (SDOs), and other standards experts in the field of trust relationships and trusted computing. The aim is to bring these experts together in order to discuss and create the necessary protocols required to distribute believable evidence about the veracity of the things that compose the Internet.
Creating the concept of "Forward Authenticity” is one of the first steps being taken. Providing indisputable evidence about the trustworthiness of the things that compose the Internet, in an inter-operable manner, is another goal of the RATS working group. The RATS working group has outlined many topics that have to be addressed in this domain and will continue to evolve systematically a corresponding roadmap to address them.
Thing-to-Thing Research Group (T2TRG)
Eliot Lear and Mohit Sethi
The Thing-to-Thing research group (T2TRG), under the Internet Research Task Force (IRTF), investigates open research issues towards turning the promise of IoT into reality. The research group held reported on their recent activities during their session in Prague, and held a further working meeting to follow up.
Earlier this year, the seminal document on IoT security considerations from T2TRG cleared its last milestone and was approved for publication as an informational RFC by the Internet Engineering Steering Group (IESG). T2TRG is also discussing two new pieces of work:
- Constrained Internationalized Resource Identifiers describes a mechanism to encode URI components in Concise Binary Object Representation (CBOR) instead of the typical string of ASCII characters. This can simplify parsing and comparison of URIs in resource-constrained environments.
- Constrained RESTful Application Language (CoRAL) defines a data and interaction model that can allow software agents (automated scripts) to navigate a Web application based on a standardized vocabulary of links and forms and relation types.
IoT bootstrapping work is also underway in the IETF. Many small office and home (SOHO) IoT devices re-use the existing Wi-Fi infrastructure for connecting to the Internet. These deployments typically rely on a network-wide shared-secret for joining the network. This is also commonly referred to as WPA2-PSK mode. However, the security of a shared passphrase becomes highly questionable when large numbers of physical devices–from toys to bathroom scales to doorbells to thermostats–are connected to the network. The per-device credentials provided by 802.1X will be necessary to prevent one insecure device from compromising the security of others on the same wireless network. There is currently ongoing discussion in the community on how IETF standards such as EAP (Extensible Authentication Protocol) can be employed for this purpose.
Full details and the latest information about T2TRG activities can be found in GitHub.
Large organizations obviously also require centralized management, both in terms of how devices get credentials, and establishing accountability for those devices. When hundreds of the same type of a device are connected, automation is a requirement. On the other hand, such a trusted introduction also introduces additional and potentially lasting dependencies on additional parties. The IETF is currently working on mechanisms such as Bootstrapping Remote Secure Key Infrastructure (BRSKI) which are being adopted by others.
After the IETF 103 meeting, a mailing list was also formed to discuss these topics, and participants have begun to catalog the mechanisms that are available. Discussions at IETF 104 were used refine that work.
Lightweight Implementation Guidance (LWIG)
Eliot Lear and Mohit Sethi
The LWIG working group is providing useful implementation guidance to IoT developers. Among other things, the working group is currently working on a draft that defines how various standard elliptic curves such as NIST P-256, Curve25519 and Ed25519 can efficiently re-use the same underlying implementation. Since the last IETF meeting, this draft has received a review from Crypto Forum Research Group (CFRG) of the IRTF. Updates to this and other documents were discussed during the working group session.
Other meeting highlights
Other IoT-related highlights of the IETF 104 meeting included:
The Trusted Execution Environment Provisioning (teep) WG had a productive meeting, and among the topics they discussed was their architecture document, as well as manifest interoperability with the work of the suit WG.
The IETF Hackathon preceding the IETF 104 meeting included several IoT-related projects:
HOMENET (Home Networking), DNSSD and the Internet of Things
Internet of Things with RIOT
IP Wireless Access in Vehicular Environments (IPWAVE) Basic Protocols
(IPv6 over Low Power Wide-Area Networks) LPWAN CoAP/UDP/IPv6 SCHC compression and fragmentation
RPL over BLE using NimBLE and RIOT
Secure IoT bootstrapping with Nimble out-of-band authentication for EAP (EAP-NOOB)
SUIT (Software Updates for Internet of Things) IoT Firmware Update Metadata
WISHI (Work on Semantic/Hypermedia Interoperability)
The IETF Hackathon wiki has additional details on all the projects worked on in Prague.
IoT-related Working Group materials from IETF 104
Here are links to IoT-related Working Group information, including materials and video recordings from sessions at IETF 104:
6lo (IPv6 over Networks of Resource-constrained Nodes) WG
6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG
ace (Authentication and Authorization for Constrained Environments) WG
core (Constrained RESTful Environments) WG
homenet (Home Networking) WG
ipwave (IP Wireless Access in Vehicular Environments) WG
lpwan (IPv6 over Low Power Wide-Area Networks) WG
lwig (Light-Weight Implementation Guidance) WG
opsawg (Operations and Management Area) WG
rats (Remote ATtestation ProcedureS)
roll (Routing Over Low power and Lossy networks) WG
suit (Software Updates for Internet of Things) WG
t2trg (Thing-to-Thing) RG
teep (Trusted Execution Environment Provisioning) WG
About the author
Steve Olshansky is the Internet Technology Program Manager at the Internet Society, based in Colorado, United States.