Report from the Smart Object Security Workshop
RFC 7397

Document Type RFC - Informational (December 2014; No errata)
Last updated 2014-12-12
Stream ISE
Formats plain text pdf html bibtex
IETF conflict review conflict-review-gilger-smart-object-security-workshop
Stream ISE state Published RFC
Consensus Boilerplate Unknown
Document shepherd Nevil Brownlee
Shepherd write-up Show (last changed 2014-03-27)
IESG IESG state RFC 7397 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
IANA IANA review state Version Changed - Review Needed
IANA action state No IC
Independent Submission                                         J. Gilger
Request for Comments: 7397                                 H. Tschofenig
Category: Informational                                    December 2014
ISSN: 2070-1721

             Report from the Smart Object Security Workshop

Abstract

   This document provides a summary of a workshop on 'Smart Object
   Security' that took place in Paris on March 23, 2012.  The main goal
   of the workshop was to allow participants to share their thoughts
   about the ability to utilize existing and widely deployed security
   mechanisms for smart objects.

   This report summarizes the discussions and lists the conclusions and
   recommendations to the Internet Engineering Task Force (IETF)
   community.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7397.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Gilger & Tschofenig           Informational                     [Page 1]
RFC 7397             Smart Object Security Workshop        December 2014

Table of Contents

   1. Introduction ....................................................2
   2. Terminology .....................................................3
   3. Workshop Structure ..............................................3
      3.1. Requirements and Use Cases .................................4
      3.2. Implementation Experience ..................................7
      3.3. Authorization .............................................10
      3.4. Provisioning of Credentials ...............................12
   4. Summary ........................................................14
   5. Security Considerations ........................................15
   6. References .....................................................16
      6.1. Normative References ......................................16
      6.2. Informative References ....................................16
   Appendix A. Program Committee .....................................18
   Appendix B. Published Workshop Material ...........................18
   Appendix C. Accepted Position Papers ..............................18
   Appendix D. Workshop Participants .................................21
   Acknowledgements ..................................................22
   Authors' Addresses ................................................23

1.  Introduction

   In early 2011, the Internet Architecture Board (IAB) solicited
   position statements for a workshop on 'Interconnecting Smart Objects
   with the Internet', aiming to get feedback from the wider Internet
   community on their experience with deploying IETF protocols in
   constrained environments.  The workshop took place in Prague on March
   25, 2011.  During the workshop, a range of topics were discussed,
   including architecture, routing, energy efficiency, and security.
   RFC 6574 [RFC6574] summarizes the discussion and suggests several
   next steps.

   During the months following the workshop, new IETF initiatives were
   started, such as the Light-Weight Implementation Guidance (LWIG)
   working group, and hackathons were organized at IETF 80 and IETF 81
   to better facilitate the exchange of ideas.

   Contributions regarding security from the IETF Constrained RESTful
   Environments (CoRE) working group and the IETF Transport Layer
   Security (TLS) working group made it clear that further discussions
   on security were necessary and that those would have to incorporate
   implementation and deployment experience as well as a shared
   understanding of how various building blocks fit into a larger
   architecture.

Gilger & Tschofenig           Informational                     [Page 2]
RFC 7397             Smart Object Security Workshop        December 2014

   The workshop on 'Smart Object Security' was organized to bring
   together various disconnected discussions about smart object
   security happening in different IETF working groups and industry
Show full document text