Firmware Updates for Internet of Things Devices - An Information Model for Manifests

The information below is for an old version of the document
Document Type Expired Internet-Draft (suit WG)
Last updated 2019-01-03 (latest revision 2018-07-02)
Replaces draft-moran-suit-architecture
Stream IETF
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream WG state WG Document (wg milestone: Nov 2019 - Submit manifest info... )
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Vulnerabilities with Internet of Things (IoT) devices have raised the need for a solid and secure firmware update mechanism that is also suitable for constrained devices. Incorporating such update mechanism to fix vulnerabilities, to update configuration settings as well as adding new functionality is recommended by security experts. One component of such a firmware update is the meta-data, or manifest, that describes the firmware image(s) and offers appropriate protection. This document describes all the information that must be present in the manifest.


Brendan Moran (
Hannes Tschofenig (
Henk Birkholz (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)