From sandoche.balakrichenan at afnic.fr Fri Jun 14 10:22:37 2019 From: sandoche.balakrichenan at afnic.fr (sandoche Balakrichenan) Date: Fri, 14 Jun 2019 10:22:37 +0200 Subject: [bcop] Initiative to create a RIPE BCOP discussion document on proactively mitigating IoT attacks in CPE Message-ID: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> Dear all, The origin for this initiative came from the ICANN SSAC document on DNS and IoT : https://www.icann.org/en/system/files/files/sac-105-en.pdf As RIPE IoT chairs, we asked (in the RIPE IoT mailing list) whether we should prepare a Best Current Operational Practice (BCOP) document in RIPE scope for proactively mitigating IoT attacks. From both the Academy and the Industry, we got interests to contribute to this work. Possible contributors name can be found at the end of this mail: Thanks for your input on how to proceed further: 1. Do you think the topic is useful for the RIPE community? If yes, any guidance on how to proceed further will be appreciated. 2. Should this discussion be initiated in the RIPE IoT WG and not in the BCOP task force? 3. Anyone in this mailing list would be interested in contributing or provided references to people who will be interested to contribute? People who have already expressed interest in contributing: *From the Academy: * 1. Andrzej Duda? (http://duda.imag.fr/) 2. Maciej Korczynski (http://mkorczynski.com/) *From the Industry:* 1. Ad Bresser (SPIN product manager) 2. Eliott Lear (CISCO) 3. Jacques Latour (CIRA - The Canadian Internet registry) 4. Peter Steinhauser (Embedd.com) 5. Possiblity from CZNIC? (Czech Internet registry) who are involved in Turris router project Sandoche. -------------- next part -------------- An HTML attachment was scrubbed... URL: From abscoco at gmail.com Fri Jun 14 13:25:55 2019 From: abscoco at gmail.com (Sylvain BAYA) Date: Fri, 14 Jun 2019 12:25:55 +0100 Subject: [bcop] Initiative to create a RIPE BCOP discussion document on proactively mitigating IoT attacks in CPE In-Reply-To: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> References: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> Message-ID: Hi all, Le vendredi 14 juin 2019, sandoche Balakrichenan > a ?crit?: Dear all, The origin for this initiative came from the ICANN SSAC document on DNS and IoT : https://www.icann.org/en/system/files/files/sac-105-en.pdf As RIPE IoT chairs, we asked (in the RIPE IoT mailing list) whether we should prepare a Best Current Operational Practice (BCOP) document in RIPE scope for proactively mitigating IoT attacks. From both the Academy and the Industry, we got interests to contribute to this work. Possible contributors name can be found? at the end of this mail: Thanks for your input on how to proceed further: 1. Do you think the topic is useful for the RIPE community? If yes, any guidance on how to proceed further will be appreciated. Dear Sandoche,? Thanks for this initiative. ...IMHO, the usefulness of this kind of topic is based on fact and we can easily gather these facts in every communities around the Internet ecosystem ; including the RIPE Community. Internet Society have shared a blog post [1] about the collaborative security. Maybe you are following a similar security approach :-/ ?This week i heard about an hidden microphone [2] inside an IoT home equipment, distributed in France...? For reference, you have a blog [3] about how the RIPE Atlas network ?of IoT? could be used as a ?BCOP? for the IoT industry :-)? 1. Should this discussion be initiated in the RIPE IoT WG and not in the BCOP task force? Surely the two WG matter. But if you need useful information about IoT, the IoT WG with its community is the appropriate place to go... ...let's say, you can prepare a survey for them, and include most of them in the process ; amongst other collaborative|inclusive possible actions... __ [1] https://www.internetsociety.org/collaborativesecurity/approach/ ? ?https://www.internetsociety.org/collaborativesecurity/ [2]: In French ??https://www.numerama.com/tech/526115-monsieur-cuisine-connect-lidl-sexplique-sur-laffaire-du-micro-cache.html [3]:?https://labs.ripe.net/Members/kistel/ripe-atlas-probes-as-iot-devices 1. Anyone in this mailing list would be interested in contributing or provided references to people who will be interested to contribute? People who have already expressed interest in contributing: *From the Academy: * 1. Andrzej Duda? (http://duda.imag.fr/) 2. Maciej Korczynski (http://mkorczynski.com/) *From the Industry:* 1. Ad Bresser (SPIN product manager) 2. Eliott Lear (CISCO) 3. Jacques Latour (CIRA - The Canadian Internet registry) 4. Peter Steinhauser (Embedd.com) 5. Possiblity from CZNIC? (Czech Internet registry) who are involved in Turris router project Sandoche. I'm new here, then i hope this helps :-) ? Regards, --sb. __ http://www.chretiennement.org -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0387408365AC8594.asc Type: application/pgp-keys Size: 4826 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From zorz at isoc.org Sat Jun 15 01:51:46 2019 From: zorz at isoc.org (Jan Zorz) Date: Fri, 14 Jun 2019 23:51:46 +0000 Subject: [bcop] Initiative to create a RIPE BCOP discussion document on proactively mitigating IoT attacks in CPE In-Reply-To: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> References: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> Message-ID: Hi, Sounds like a great idea. Should we put you on BCOP TF agenda for Rotterdam meeting and we discuss it there? Cheers, Jan On 14/06/2019 04:22, sandoche Balakrichenan wrote: > Dear all, > > The origin for this initiative came from the ICANN SSAC document on DNS > and IoT : https://www.icann.org/en/system/files/files/sac-105-en.pdf > > As RIPE IoT chairs, we asked (in the RIPE IoT mailing list) whether we > should prepare a Best Current Operational Practice (BCOP) document in > RIPE scope for proactively mitigating IoT attacks. > > From both the Academy and the Industry, we got interests to contribute > to this work. Possible contributors name can be found at the end of this > mail: > > Thanks for your input on how to proceed further: > > 1. Do you think the topic is useful for the RIPE community? If yes, any > guidance on how to proceed further will be appreciated. > 2. Should this discussion be initiated in the RIPE IoT WG and not in > the BCOP task force? > 3. Anyone in this mailing list would be interested in contributing or > provided references to people who will be interested to contribute? > > > People who have already expressed interest in contributing: > > *From the Academy: * > > 1. Andrzej Duda? (http://duda.imag.fr/) > 2. Maciej Korczynski (http://mkorczynski.com/) > > *From the Industry:* > > 1. Ad Bresser (SPIN product manager) > 2. Eliott Lear (CISCO) > 3. Jacques Latour (CIRA - The Canadian Internet registry) > 4. Peter Steinhauser (Embedd.com) > 5. Possiblity from CZNIC? (Czech Internet registry) who are involved in > Turris router project > > Sandoche. > > -- Jan Zorz Internet Society mailto: ------------------------------------------ "Time is a lake, not a river..." - African From sandoche.balakrichenan at afnic.fr Mon Jun 17 09:43:56 2019 From: sandoche.balakrichenan at afnic.fr (Sandoche Balakrichenan) Date: Mon, 17 Jun 2019 09:43:56 +0200 Subject: [bcop] Initiative to create a RIPE BCOP discussion document on proactively mitigating IoT attacks in CPE In-Reply-To: References: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> Message-ID: Hi Sylvain, Thanks for your inputs. We will be taking a look at your references. Sandoche. On 14/06/2019 13:25, Sylvain BAYA wrote: > Hi all, > > Le vendredi 14 juin 2019, sandoche Balakrichenan > > a ?crit?: > > Dear all, > > The origin for this initiative came from the ICANN SSAC document > on DNS and IoT : > https://www.icann.org/en/system/files/files/sac-105-en.pdf > > > As RIPE IoT chairs, we asked (in the RIPE IoT mailing list) > whether we should prepare a Best Current Operational Practice > (BCOP) document in RIPE scope for proactively mitigating IoT attacks. > > From both the Academy and the Industry, we got interests to > contribute to this work. Possible contributors name can be found? > at the end of this mail: > > Thanks for your input on how to proceed further: > > 1. Do you think the topic is useful for the RIPE community? If > yes, any guidance on how to proceed further will be appreciated. > > Dear Sandoche,? > Thanks for this initiative. > > ...IMHO, the usefulness of this kind of topic is based on fact and we > can easily gather these facts in every communities around the Internet > ecosystem ; including the RIPE Community. > > Internet Society have shared a blog post [1] about the collaborative > security. Maybe you are following a similar security approach :-/ > > ?This week i heard about an hidden microphone [2] inside an IoT home > equipment, distributed in France...? > > For reference, you have a blog [3] about how the RIPE Atlas network > ?of IoT? could be used as a ?BCOP? for the IoT industry :-)? > > 1. Should this discussion be initiated in the RIPE IoT WG and not > in the BCOP task force? > > Surely the two WG matter. But if you need useful information about > IoT, the IoT WG with its community is the appropriate place to go... > > ...let's say, you can prepare a survey for them, and include most of > them in the process ; amongst other collaborative|inclusive possible > actions... > __ > [1] https://www.internetsociety.org/collaborativesecurity/approach/ > ? > ?https://www.internetsociety.org/collaborativesecurity/ > > [2]: In French > ??https://www.numerama.com/tech/526115-monsieur-cuisine-connect-lidl-sexplique-sur-laffaire-du-micro-cache.html > > [3]:?https://labs.ripe.net/Members/kistel/ripe-atlas-probes-as-iot-devices > > > 1. Anyone in this mailing list would be interested in > contributing or provided references to people who will be > interested to contribute? > > > People who have already expressed interest in contributing: > > *From the Academy: * > > 1. Andrzej Duda? (http://duda.imag.fr/) > 2. Maciej Korczynski (http://mkorczynski.com/) > > *From the Industry:* > > 1. Ad Bresser (SPIN product manager) > 2. Eliott Lear (CISCO) > 3. Jacques Latour (CIRA - The Canadian Internet registry) > 4. Peter Steinhauser (Embedd.com) > 5. Possiblity from CZNIC? (Czech Internet registry) who are > involved in Turris router project > > Sandoche. > > > I'm new here, then i hope this helps :-) > ? > Regards, > --sb. > __ > http://www.chretiennement.org > -------------- next part -------------- An HTML attachment was scrubbed... URL: From sandoche.balakrichenan at afnic.fr Mon Jun 17 09:47:00 2019 From: sandoche.balakrichenan at afnic.fr (Sandoche Balakrichenan) Date: Mon, 17 Jun 2019 09:47:00 +0200 Subject: [bcop] Initiative to create a RIPE BCOP discussion document on proactively mitigating IoT attacks in CPE In-Reply-To: References: <4dc00e17-6e16-1a49-adc6-f50b7721c62e@afnic.fr> Message-ID: <25bdeceb-42d2-1218-8d88-c11ae9bc938d@afnic.fr> Hi Jan, I feel that if we are able to group the concerned contributors and get together an initial draft, we should include that for discussion in the BCOP TF. I will get back to you in mid-september with updates. Sandoche. On 15/06/2019 01:51, Jan Zorz wrote: > Hi, > > Sounds like a great idea. Should we put you on BCOP TF agenda for > Rotterdam meeting and we discuss it there? > > Cheers, Jan > > On 14/06/2019 04:22, sandoche Balakrichenan wrote: >> Dear all, >> >> The origin for this initiative came from the ICANN SSAC document on DNS >> and IoT : https://www.icann.org/en/system/files/files/sac-105-en.pdf >> >> As RIPE IoT chairs, we asked (in the RIPE IoT mailing list) whether we >> should prepare a Best Current Operational Practice (BCOP) document in >> RIPE scope for proactively mitigating IoT attacks. >> >> From both the Academy and the Industry, we got interests to contribute >> to this work. Possible contributors name can be found at the end of this >> mail: >> >> Thanks for your input on how to proceed further: >> >> 1. Do you think the topic is useful for the RIPE community? If yes, any >> guidance on how to proceed further will be appreciated. >> 2. Should this discussion be initiated in the RIPE IoT WG and not in >> the BCOP task force? >> 3. Anyone in this mailing list would be interested in contributing or >> provided references to people who will be interested to contribute? >> >> >> People who have already expressed interest in contributing: >> >> *From the Academy: * >> >> 1. Andrzej Duda? (http://duda.imag.fr/) >> 2. Maciej Korczynski (http://mkorczynski.com/) >> >> *From the Industry:* >> >> 1. Ad Bresser (SPIN product manager) >> 2. Eliott Lear (CISCO) >> 3. Jacques Latour (CIRA - The Canadian Internet registry) >> 4. Peter Steinhauser (Embedd.com) >> 5. Possiblity from CZNIC? (Czech Internet registry) who are involved in >> Turris router project >> >> Sandoche. >> >> >