28 November 2023, 16:00 – 17:30 (UTC+1)
Co-Chairs: Peter Steinhauser, Peter Wehrle
Scribes: Karla Liddle-White
Status: Draft
View the stenography transcripts
Peter Steinhauser
The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/52-RIPE-87-IoT-Slides.pdf
Peter Steinhauser welcomed everyone to the session. He provided an overview of the agenda including presentations from speakers representing the University College of London, AVM and Netnod. Peter confirmed that the RIPE 86 minutes had been published and approved by the WG Chairs.
Anna Maria Mandalari
The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/54-RIPE23.pdf
Anna presented on research which investigated the ongoing challenges of securing IoT devices using protection systems and safeguards. She discussed the emergence of IoT safeguards claiming to protect privacy and security and presented the privacy and security implications, evaluating threat detection capabilities, and examined the side effects of using IoT safeguards.
Jad El Cham, RIPE NCC, asked for more insights on what kind of traffic had been shared to the cloud and how safeguards worked with the Manufactured Usage Descriptor.
Anna explained that they could not see the type of traffic being captured since it was encrypted and she also clarified that no one used the Manufactured Usage Descriptor.
Peter Steinhauser thanked Anna for her presentation and asked whether there was a trade-off to using safeguards or not, considering the inefficiency of the solutions and the privacy implications. He also asked what actions the IoT WG could take.
Anna said that something was better than nothing and the solution would be to work at the edge and try to avoid the cloud at all costs. She said that her idea would be to have federated IoT test beds in which researchers and people from industry could use for experiments with IoT devices. She also said that an open database on security vulnerabilities and privacy threats would be a good idea.
Michael Richardson, Sandelman Software Works Inc, commented that installing safeguards sounded unsafe after listening to the presentation and that these could be hostile fraudulent devices since a service is being provided and then violating privacy.
Anna replied that this is why labelling and certification schemes are much needed.
Peter Koch, DENIC eG, asked Anna about potentially doing outreach, talking to consumer protection or other institutions about this, including institutions like the EU which has already introducing legislation.
Anna said that they were holding conversations with consumer protection organisations since there wasn’t a lot of awareness of threats from these devices and regulatory bodies need information from technical experts. She said that they were talking with data protection authorities and with the information Commission office and the Italian data authority, but these agencies don't really have the resources to open cases.
David Tatlisu, speaking for himself, asked if Anna had any exchange with Open-Source projects like AS blocking platforms Pi‑hole to see what technologies they were using.
Anna said that they had undertaken a study to understand which destinations were essential for devices to work and which weren’t required. They then compared them with the blocking list in Pi‑hole, motherboard and other lists and saw that the non-essentials weren’t there because it was a completely different infrastructure.
Eric van Uden
The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/51-AVM-RIPE-Matter-20231122_v1.5_final.pdf
Eric introduced Matter, a new smart home protocol. He spoke of the benefit that Matter devices work together regardless of manufacturer, that it’s based on secure standards like TLS 1.3 and how energy efficient it is. He said that Matter was designed for interoperability and is expected to be widely adopted by smart home manufacturers in the next few years. Eric also detailed the technical stack and the journey of developing Matter.
Tom Hill, BT, said that he thought they had missed some of the standards work happening in the IETF Snack Working Group which would inform the work Eric had been doing.
Eric thanked him and said that he was correct and that he had been looking at what was happening at the IETF in this case.
Michael Richardson, Sandelman Software Works Inc, said that he was excited to see the TR 369 interaction and that a best practice protocol was finally being developed. He asked whether CSA Matter was actually royalty-free.
Eric said that USP was something very important because they would get rid of the old‑fashioned TR 369 and move into the modern world with more possibilities. He said that they were not ready completely and had a lot of work to do within the USP stack.
Peter Koch, DENIC eG, thanked Eric for sharing and suggested an interim session to explain Matter in more technical detail.
Eric said that he would love to offer more technical information at another session.
Peter Steinhauser said that it’s important to mention the privacy situation of TR 369 in that there are several controllers including the device and the user and that he did not want the ISP to see what was happening in a home network. He added that it would be important to figure out what the actual use cases would be for the ISP since an ISP’s role is to provide the network, not dig into private data at home.
Michael Richardson, Sandelman Software Works Inc, added that the ISP could play a rendezvous role, for example, if you care for an elderly relative and need to know if she has left the oven on, the ISP is the only one who knows what her home IP address is.
Christer Weinigel
The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/2-RIPE-87-IoT-WG-Talk_Roughtime_Netnod-v.1.pdf
Christer discussed the importance of accurate time in various Internet protocols like DNSSEC and TLS, emphasised potential risks when time is not properly synchronized. He introduced Roughtime as a secure time protocol intended to provide time accuracy for validating TLS certificates and address the bootstrapping problem.
The talk touched on the evolution of Roughtime, its support for microsecond accuracy, and additional features such as atomic time and support for UT1. He finished the presentation asking for input from the IoT community to shape the protocol according to practical requirements, noting the current fragmentation of draft versions and the plan to consolidate them based on community feedback.
Jad El Cham, RIPE NCC, asked how Christer had got the accuracy from 10 seconds to microseconds and whether this was still a work in progress.
Christer said that it was the resolution of timestamps which are now microseconds, and that the accuracy was up to the network.
Marco Davids, SIDN, said that there was a list of Roughtime servers in the software and whether this was based on DNS names or IP addresses and asked if there may still be a bootstrapping issue.
Christer said that right now in the implementation, it was a string and name lookup and what makes it secure was the public keys.
Niall O'Reilly, RIPE Vice‑Chair, asked how to give input to Roughtime requirements, and whether adding information on GitHub was the best way forward.
Christer said that the mailing list was the best way forward. He added that there were a couple of different Roughtime projects on GitHub and one contained a list of existing servers which might be a good place to start adding issues.
Karen O'Donoghue, NTP Working Group co‑chair, asked how the work aligns with the NTP version five work ongoing in the IETF, and whether it was possible that some of these features could be there.
Christer said that Roughtime is a separate protocol from NTP. He said that one of the goals was to solve some of the issues with NTP since you could take the same principles with multiple servers and apply them and it would work perfectly fine but wouldn’t solve the current issues. He added that NTP version five was in the works with people working on it in the IETF Working Group and the same ideas should probably work quite well with NTP version five.
Jad El Cham, RIPE NCC, said that if they wanted to use Roughtime, they should have access to the list of public servers and whether it would be possible to replicate this within a private set‑up without exposing them to public servers.
Christer said he definitely could. He added that it was a packet with timestamps over UDP, and over a datagram protocol where you sign the response with a private key and then check the response against a hard code list of public keys which you could do on UDP or over TCP if they wanted to. He added that there was nothing stopping anyone from saying they have their own private Roughtime infrastructure.
Peter Wehrle finished the session by asking attendees to get active in the community and on the mailing list and added that they would hopefully have one or two intermediate sessions to progress certain matters.
Peter Steinhauser closed the session.