[{"author": "Jim Fenton", "text": "<p>Appropriate that Meetecho says \"dance PLAYING\"</p>", "time": "2022-11-10T15:31:15Z"}, {"author": "Lorenzo Miniero", "text": "<p>:)</p>", "time": "2022-11-10T15:31:25Z"}, {"author": "Ira McDonald", "text": "<p>DANCE Arch draft is marked Informational currently</p>", "time": "2022-11-10T15:49:02Z"}, {"author": "Michael Richardson", "text": "<p>Ben's point is well taken, but OTH, call-home-with-private-PKI is actually just as bad :-)</p>", "time": "2022-11-10T15:54:12Z"}, {"author": "Brendan Moran", "text": "<p>+1 to Ben</p>", "time": "2022-11-10T15:54:46Z"}, {"author": "Brendan Moran", "text": "<p>But that said, failure of IoT devices due to out-of-business companies is a massive problem that is not as simple as just an authentication system.</p>", "time": "2022-11-10T15:55:43Z"}, {"author": "Shumon Huque", "text": "<p>On implementations, AFNIC has one, that I suspect Sandoche may mention that when he speaks.</p>", "time": "2022-11-10T15:56:09Z"}, {"author": "Benjamin Schwartz", "text": "<p>@Brendan I think there is an argument that \"mutual authentication\" (not just the client side) is the key prerequisite for solving that problem.  If the device can authenticate to my replacement service, _and_ I can replace the device's trust anchor so it accepts my replacement service, then I can rewrite the firmware, etc.</p>", "time": "2022-11-10T15:58:09Z"}, {"author": "Brendan Moran", "text": "<p><span class=\"user-mention\" data-user-id=\"812\">@Benjamin Schwartz</span> I think we both agree on this, but are approaching it from opposite ends. My thought was \"If I replace the device firmware, I can fix the authentication problem.\"</p>", "time": "2022-11-10T15:59:33Z"}, {"author": "Jabber", "text": "<p>mcr: @Brendan, I still prefer Dan Geer's 2014 manifesto for out-of-business IoT.</p>", "time": "2022-11-10T15:59:56Z"}, {"author": "Olle Johansson", "text": "<p><a href=\"https://www.rfc-editor.org/rfc/rfc6920\">https://www.rfc-editor.org/rfc/rfc6920</a></p>", "time": "2022-11-10T16:01:00Z"}, {"author": "Brendan Moran", "text": "<p>@mcr, I'll have to read it, but the synopsis sounds good.</p>", "time": "2022-11-10T16:02:22Z"}, {"author": "Jabber", "text": "<p>mcr: <a href=\"https://www.darkreading.com/vulnerabilities-threats/dan-geer-touts-liability-policies-for-software-vulnerabilities\">https://www.darkreading.com/vulnerabilities-threats/dan-geer-touts-liability-policies-for-software-vulnerabilities</a>  and <a href=\"https://duo.com/blog/black-hat-2014-keynote-cybersecurity-as-realpolitik\">https://duo.com/blog/black-hat-2014-keynote-cybersecurity-as-realpolitik</a> and <a href=\"https://www.blackhat.com/us-14/speakers/Dan-Geer.html\">https://www.blackhat.com/us-14/speakers/Dan-Geer.html</a>  I can't find the actual video.</p>", "time": "2022-11-10T16:07:07Z"}, {"author": "Jabber", "text": "<p>mcr: <a href=\"https://www.youtube.com/watch?v=nT-TGvYOBpI&amp;t=8s\">https://www.youtube.com/watch?v=nT-TGvYOBpI&amp;t=8s</a></p>\n<div class=\"youtube-video message_inline_image\"><a data-id=\"nT-TGvYOBpI\" href=\"https://www.youtube.com/watch?v=nT-TGvYOBpI&amp;t=8s\"><img src=\"/external_content/01792aeebb9a09fd03b03abd2064ccc2b809274f/68747470733a2f2f692e7974696d672e636f6d2f76692f6e542d544776594f4270492f64656661756c742e6a7067\"></a></div>", "time": "2022-11-10T16:07:43Z"}, {"author": "Jim Fenton", "text": "<p>What is name of this speaker?</p>", "time": "2022-11-10T16:10:00Z"}, {"author": "Shumon Huque", "text": "<p>Sandoche Balakrishnan</p>", "time": "2022-11-10T16:10:42Z"}, {"author": "Jim Fenton", "text": "<p>thx</p>", "time": "2022-11-10T16:11:24Z"}, {"author": "Shumon Huque", "text": "<p>Spelling correction :) \"Sandoche Balakrichenan\"</p>", "time": "2022-11-10T16:12:53Z"}, {"author": "Shumon Huque", "text": "<p>I'm glad to see a new application using the TLS DNSSEC Chain extension!</p>", "time": "2022-11-10T16:17:35Z"}, {"author": "Olle Johansson", "text": "<p>Happy Dancing!</p>", "time": "2022-11-10T16:30:32Z"}]