Minutes IETF119: suit: Wed 23:30
minutes-119-suit-202403202330-00
Meeting Minutes | Software Updates for Internet of Things (suit) WG | |
---|---|---|
Date and time | 2024-03-20 23:30 | |
Title | Minutes IETF119: suit: Wed 23:30 | |
State | Active | |
Other versions | markdown | |
Last updated | 2024-03-20 |
SUIT Working Group at IETF 119
Thursday, 21 March 2024 @ 9:30 AEST
MeetEcho: https://www.meetecho.com/ietf119/suit
1) Logistics
- Agenda Bashing
- Minute Taker - Russ and Tero
- Jabber Scribe
2) SUIT Manifest Format
- draft-ietf-suit-manifest-25
- Submitted to IESG for Publication
- 2024-02-05: Revised I-D Needed to IESG Review
- Need to clear DISCUSSes
- TEEP depends on this
Slides propose the way forward to resolve the feedback from the IESG,
including the use of IRI as specified in RFC 3987. Everyone seems to
accept that direction.
Henk: No one is complaining about the possible split in fetch and
install.
Russ: It is too late in the process for a change like this.
(See chat for other opinions.)
David: What is the impact of this change?
Roman: Depending on the size of the change, might need new WGLC, IETF LC
etc.
Roman: As there is question how big the change is perhaps show it, so we
can see how big it is.
Brendan: (Displaying the email sent to the list about this topic) It is
really just a matter of renumbering. Change for the manifest:
This will involve changes to suit-trust-domains. Preferably,
it will involve a single, minor change to the allocation of
keys in suit-manifest:
- suit-install = 17
+ suit-install = 20
Roman: Because the IESG changes there will be need for two new more IESG
members to vote yes, to get this going forward even if all discusses
have been cleared.
3) SUIT Manifest Extensions for Multiple Trust Domains
- draft-ietf-suit-trust-domains-06
- 2024-03-04: Waiting for WG Chair Go-Ahead
- TEEP depends on this document
Slides propose the way forward that depends upon the proposal regarding
SUIT Manifest Format.
Candidate verification sequence:
David: This was discussed in the list extensively, any comments in the
room (none)
David: If the current changes are good, then the next thing is to do
shepherd writeup. Any objections moving forward?
Dave Thaler: I can act as document shepherd if needed.
4) Firmware Encryption with SUIT Manifests
- draft-ietf-suit-firmware-encryption-19
- Depends on newly published RFC 9459
- Depends on draft-ietf-cose-key-thumbprint
- 2024-03-03: In WG Last Call
Authors believe the document is ready for the IESG. No one voiced a
contrary opinion.
Russ: The WG Last Call has been successful; ship it.
5) Secure Reporting of Update Status
- draft-ietf-suit-report-08
- 2024-03-04: WG Document
- TEEP depends on this document
David: We will start WGLC.
6) Strong Assertions of IoT Network Access Requirements
- draft-ietf-suit-mud-08
- Depends on draft-ietf-cose-key-thumbprint
- Submitted to IESG for Publication
- 2024-03-04: AD Followup, One DISCUSS remaining
Dave Thaler: It should always be URI. IRI are meant for the display
purposes, and URI is what is supposed to be transmitted.
Brendan: That would be good feedback to people who say we should think
about i18n for URIs.
David: I think the same comment should apply to the manifest too, is
that true?
Dave Thaler: There are three references for IRI, which one should be
used. I am not convinced that you need to use IRI.
Brendan: All URIs we have are for machine consumption, not for display
purposes.
Dave Thaler: You take the IRI user types in, convert it to the URI, and
then feed that to protocol.
Henk: If Dave thinks using IRI is brittle, then we should use URIs.
Brendan: I have answer, but whether it should contain URI at all, is
still open. I will take that to the list.
7) Mandatory-to-Implement Algorithms for SUIT Manifests
- draft-ietf-suit-mti-05
- Depends on draft-ietf-suit-firmware-encryption
- Depends on newly published RFC 9459
- 2024-02-12: WG Consensus: Waiting for Write-Up
- TEEP depends on this document
David: We will ship it to the IESG.
8) Update Management Extensions for SUIT Manifests
- draft-ietf-suit-update-management-06
- 2024-03-04: Waiting for WG Chair Go-Ahead
- More feedback needed
David: We need more reviewers.
Henk: I will do it.
9) Any Other Business (if time permits)