Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Internet Engineering Task Force / Interim Meetings / 21 Jun 2021
Internet Engineering Task Force / Interim Meetings / 21 Jun 2021
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: IETF-T2TRG-20210621-1500

Description

T2TRG interim meeting
2021/06/21 1500

A

Okay, since you reduced it, okay, that's fine.

B

Yeah yeah that so yeah sorry, maybe that may have happened on when we've been.

A

Sure, no not a problem for 20 minutes yep. I could learn my slides just now. So.

B

Very good thanks a.

B

Lot.

C

So can you see my slides? Yes.

C

uh

C

So I think we will wait a couple of minutes, as people are still filing.

C

In.

C

Okay, so we are quickly uh approaching the standard opening delay of four minutes, so this is the summer summary meeting of the thing to think research group.

C

I'm custom woman, ari karen, is with me sharing that group.

C

This is an irtf meeting which means that the ipr guidelines of the ietf apply. This is the short form of the node. Well, there's also a long form which reminds you that if you are talking about uh technology, where the you know about pattern claims you you have to disclose that or you can not talk about that technology.

C

um We are in in a standards meeting where we try to be nice to each other and be productive and so on, and this is an irtf meeting. So we are not developing standards here we are trying to get research done, um so uh we are not going to check whether a new specification that has to be implemented by everyone has uh is getting working with option or something like that. We are just trying to collect interesting content.

C

So we don't have to do anything about blue sheets, because that's handled by uh meet echo there is there are notes. If you go into the chat, you will find a link to the notes.

C

So if you want to the kodi md ietf.org link, if you want to contribute to the notes or just want to read the weird words that we are using in this research group, go there it's useful to have that open, there's. Also a jabber group which is replicated here by mid echo in its chat.

C

We have a mailing list and we also have a repository where we try to collect things uh relevant uh to this meeting.

C

So those were the preliminaries. um The agenda today uh is uh packed, but I hope not overly so um so we want to give a quick report of what has been going on in the last four months uh and then we will get various reports on other seos.

C

This time, w3c web of things and 1dm by two of the three michaels that will be presenting uh today. uh Savvy will then talk about the research group, draft, iot, edge challenges and functions, and uh mohich and michael will talk about the research group draft, secure bootstrapping and the idf id considerations. That goes with that.

C

So that's our program. For today, anything we need to change here.

C

Okay, in which case, um I think this is a pretty in-group uh audience here, so I probably can can do this very very quickly.

C

So in the research group we look at open research issues in making a true internet of things happen, and since this is a giant area, we are really focusing on issues where we have opportunities for iatf, uh standardization and um yeah. We are living in a context. uh The one of the useful things about the itf is that it's close to the ietf, so we have various ietf working groups that we are interfacing uh with, but I think most people- you know that, so I think I can um skip that quickly.

C

uh Let's talk about uh planning for for a short time. We could do this at the end, but usually it's useful to get this out of the way.

C

um So we are going back to regular wishy calls approximately monthly monthly, except that we will have a bigger gap now in the summer, because people are on vacation in the north half of the world.

C

We decided to have this meeting, not at iitf 111, but a month earlier now, but in july we will have a wishy hackathon week in the iitf hackathon context, so that's july, 19 2023, if you're interested in code. I will talk about that in a minute. uh We are also looking at meetings with other sdos like ocf or oma or w3c.

C

W3C has has an open day next week. I'm sure martin will talk about uh that and that that's something that many of us will want to go to. uh We are also looking at academic conferences.

C

Nothing can be announced right now, but I hope we can say something about that soon and we are all longing for a physical meeting, but it looks like that might be difficult and somehow I'm presenting the wrong slides.

C

How did this.

B

Happen.

C

Ari, can you do me a favor and present the right.

B

Slides drop status.

C

I didn't hear that.

B

uh I would the next slide be the research group document status or yes,.

C

With some uh oh there, it is okay, I I just I thought I had made an edit and that somehow was lost, um so um we have several documents that are that have a research group document status that is almost but not entirely unlike working group documents in the ietf. So these are documents where, where the research group things it's good to to pay some attention to them- and these may be worth publishing when uh completed, we have the restful design for iot document uh that that is in progress.

C

There's actually a big request right now in the github and uh the plan is to to get this done in 2021.

C

um There is a little technical or legal technical problem in getting the authors of this document to meet because of u.s embargo issues. So it's always a little bit overhead to make progress on this, but there will be another author and interested people uh meeting real soon now.

C

The second one is the agent. I t document, which we will talk today talk about today, which is also likely to be completed this year um and the third one is the secure bootstrapping uh document that we will talk about later. Today, um there is work going on on the information, modeling standards description, so something that we have been calling nutrition labels for for information, modeling uh informally- and we had some discussion about that in the uh wishing meeting on on last thursday, and uh we will continue that work.

C

And finally, there are various activities that happen in the rishi wiki. For instance, wishing notes. uh These are not research group documents in in the sense of an internet draft, but this is a work that we are working on so ari. Do you want to take over.

B

Sure I can take this one, so in the wishy work um we had a meeting last week. um It's been a few months since the last meeting um I mean a few months ago, we started a discussion with the microsoft azure pixel, queen's definition, language team, on how their work on that's that language and the work we done at the iedf on the sdf, how they relate to each other and how we could perhaps make them interwork.

B

So last week we had a follow-up meeting according to good discussions. We started under the first time and in particular we touched upon a part of topics on first of all on the sdf and detailed enhancements.

B

So we are, of course, all time evolving, sdf to better uh be able to express different things from different ecosystems, but then also we discussed perhaps also this video could be added some features so that some things we can express in in spf could be brought to the dd digital ecosystem.

B

We also discussed uh external ontologies uh with sdf and dtl, so there are a lot of domain specific work uh done out there on on the iot systems and how we can reuse that uh with the different ecosystems and how we can translate that kind of relations and other semantics brought by those ecosystems to sdf and dddl.

B

One long-standing discussion when it comes to id data models have, of course, be this alignment and use of engineering units so many ways to do the same things. um Luckily, with sdf and ddd we're both already using si units. But then again, ddl has extended a bit further beyond simple si units and so we're discussing. What's the best ways we can express them in sdf and dddl to enable automatic conversion and interoperability.

B

Also, we have now two implementations for sdf ddl, so conversion programs for one one each direction we've been using those to do a bit of a proof of concept, work and and pressure testing on sdf and dtdl.

B

And finally, we did discuss that. It would be very useful to further share the models and also convert the models and share the results openly so that we can learn about both ecosystems, but then also learn more how they can work well together.

B

Another topic we discussed was this sdf young conversion. So, as you know, yang is one of those iedf data models, um but then jana, the main author of that work will be presenting that shortly. So I won't go with the details here and finally, the last piece of work we discussed in the wishing meeting was iot information model standard description as an scarce dimension. There's a tinting draft forthcoming on that topic, then, on the next slide, um a bit of the we see work in future.

B

So plan is to have a next meeting around september after summer vacations, or do we identify that? We certainly do need a follow-up on the dtdl topic, so we'll continue that with the microsoft azure team and then also we'll be continuing the discussions on the stf young young conversions.

B

We were hoping to have a chance to talk about those w3c web of things team models last week, but unfortunately we ran out of time. So we decided it's better to have that discussion also properly after the summer vacations.

B

And finally, we have an sdf topic bubbling under we've been planning tackle for quite some time. It's what we've been calling mapping files uh for sdf. So it's really about attaching additional information to the sdf models that you have defined with sdf and working, for example, instances and classes and composition.

B

So that's our plan and current status of the wishy work. Any questions or comments here.

B

Okay, no questions, then we can move forward carson. Oh, I see.

B

Okay, yep go ahead.

C

Yeah, I'm just amazed by by mitchell, which saw me unmuting and I then I didn't immediately say something and it told me oh you're, not saying something which is very nice. Okay, um so ari already mentioned that there's work on an sdf, yank converter and we have uh cut out five minutes for for jana who's. Writing that a converter to talk about that. Maybe first give an overview of what what is actually being converted there and then give a short overview over the tool that you can use today to play with us.

C

So jana. Please go ahead.

D

Yeah, thanks carson. I hope everyone can hear me.

C

Yes,.

D

Yeah, okay, hi, I'm jana, I'm a student at the university of brim and I'm writing my master's thesis currently with carlson. As my supervisor, I'm working on um a sdf van converter, and today I just want to show you a selection of mappings between the two formats to just give you a quick introduction, uh because I could also use your help in evaluating the the mappings that I've come up with so far for those of you who don't know yang that.

D

Well, it's a modeling language used for data sent over network management protocols such as netcon, for example. Can I get the next slide or do I have to do it on my yeah thanks?

D

uh So first, I'm gonna show you a quick overview of mapping between yang and sdf, because then I can explain the yang statements to you as well, at the top level of yang, because yang is organized as a tree structure, this the yang module. This is pretty straightforward.

D

This is translated to the sdf model, and so the thing that consists of the info blog namespace section and definitions, then in yang you've, got containers who can contain any of the other nodes. This is a little bit trickier. It's either translated to sdf objects if the container occurs at the top level or to sdf property of the compound type so of type object which can have properties.

D

This happens if the container is a child child node of a top level container, because that top level container would have been converted to sdf object um and a container can also be converted to compound type to a property of a compound type element. If it occurs at any other level.

D

The same basically happens for list nodes list. Nodes are the same as containers, so they can contain other nodes, with the difference that this assertion of other nodes then can occur multiple times in the data tree.

D

So in case of a top level or one level uh below list, the list is converted to sda property and if it occurs at any other level, it is translated to the property of a compound type element. Again and in both cases the type is array and the items of the array are of type object, because the list has well complex, complex items.

D

So then there's also the leaf list. The difference of a leaf list is that it only contains um simple type, um yeah, simple types, so this is also translated very similarly to what I told you before.

D

If a leave list, of course, at the top level, one level below it is again translated to sdf property of type array now with items of sample types or it is translated to a property of a compound type. Again.

D

The types array and the items are simple types on any other level. Leave notes are just simple type notes that occur a single time, so this is again same concept: sdf property of a simple type. If the leaf occurs at top level or one level below or again the property of a compound type on any other level, then there's also type diffs and groupings which are basically derived types that can be used elsewhere.

D

So typedef is translated to sdf data of a simple type, because the typedef can only have a simple type and a grouping is translated to a sdf data of a compound type, though this is more straightforward. um So on the next slide, uh I will tell you something about the other direction.

C

15 seconds left.

D

Okay, so sdf model is again translated to module, as your thing as you have object to container pretty straightforward um and sdf property is also translated to container uh in case it is a compound type, so it is um complex type and then again, if it is of simple type, then just translate your leave leave list or list and since the last slide is the most important flag, can you please switch to that?

D

um What I wanted to tell you about actually is my converter demo, which you can find at sdf yang converter.org, where you can try out the converter yourself, so you don't have to install it from github and all that stuff uh and yeah. I would really appreciate feedback on uh the conversions, because there were some issues that came up um with conversions that aren't uh as straightforward as the ones. I told you about uh and yeah.

D

Thanks for your attention, you can find the converter at sdf, slash and converter, slash, yanks, converter.org and also there's a link to the github. If you need more information on there, thanks for your attention and thanks questions.

C

Thanks, john, so uh just to remind people if we want to discuss this, we can do this on the thing you think research group list. So don't don't be shy about uh talking about things you found there and if we get too detailed, of course, we can start to take things off list, but I think right now we are not in in danger of drowning from the synchro thing. Research group list.

C

So thank you for that and if, if you have yang models for iot things, please throw them at this tool and and tell us whether what you got in sdi form is is useful.

C

So this is an example of a piece of software and we are going to spend more time on software a month from now or four weeks from now uh at the ietf 111 hackathon week.

C

So again, we are not meeting at the ita itf 111 itself, but we are meeting at the hackathon week that precedes it and we want to have a wishy call on the first day on the monday, probably at 1400 utc and then probably will just have uh daily uh synchronization calls, because most of the work, of course is is going to uh happen on the on the web on the internet. So we will throw models at each other's uh tools and and see what what happens and so on.

C

So we will have a daily call, also probably around the time, maybe a little bit later uh in the day, depending on how uh people feel so converters. Of course, the dtda converter that ericsson brought to the table, the the sdf young converter, the various. What converters that are out there there's some pretty interesting stuff out there and I hope we we will be able to uh get the various authors of the various tools together in this hackathon.

C

So we can exchange uh information and uh certainly we also want to continue developing this mapping file or adding information uh work. We don't really have uh tools that we can point to at this point in time, um but um yeah by by then. Maybe we have uh the first tools um out there.

C

Okay, any questions about the hackathon week.

C

In which case I can hand over to uh michael, do you want to present your own slides? Yes, I will do that right now. One second, okay,.

A

So um asking to send myself: yes,.

C

And I have to press a button here: okay,.

A

And okay, you should see it now and of course it closed it as soon as I shared. Thank you so much. Okay, all right!

A

So I'm going to do a quick update of the work on web of things and I actually have a friend of material sorry for the long slides the ones I uploaded, I'm going to skip over a bunch of slides and materially uploaded. So you can look at that later on to get more material and I'm just going to very quickly do a summary. In case people haven't seen it before, although I'm sure 90 people here have, but basically the web of things is working adapting web technology to iot within the context of w3c.

A

uh Two years ago we actually published a uh thing description, metadata format, which is somewhat similar to um to things like gtdl and an sdf, but it focuses on describing an instance of a device, but it gives you the network interface, and it gives you metadata about the device and it also is based on json ld. So it supports things like web semantics and the general idea is provide kind of a a common abstraction to uh interface between applications and different other different standards.

A

Now currently, in our current charter, we are updating that to uh td 1.1 to fill in various gaps, which I will discuss.

A

We've also introduced thing models which is describing a class of devices, as opposed to a single instance, and this correlates much more strongly with things like sdf we've also been working on discovery, which is a run time mechanism to to to find metadata and profiles, which are a set of constraints on on descriptions to satisfy certain implementation requirements and to enhance energy.

A

So I'm going to discuss each of these. Let me just very quickly talk about tvs themselves and give a little example.

A

So basically it's a json ld file, so that means it has an at context which defines the vocabulary. Sorry about that, and it um it also has high level metadata.

A

It has a description of the required security to talk the device and then a set of properties, events and actions and each property event in action includes forms which give you the basically the protocol based urls for talking the device and then also data schemas for how to set up and interpret data for the device, and the basic idea is that the properties, events and actions are an abstraction that describe you know what you can do and the details in the forums and the data schema tell you how to do it.

A

The data schemas are described in a variant of json schema they're meant to be applicable to uh other uh payloads to see more, and this actually aligns closely with a similar idea in sdn.

A

Now I'm going to talk about, you know just the updates. So what are we doing in uh in the thing description where we're doing discovery we're doing profiles so in thing description?

A

So we are constrained somewhat by the desire in this iteration to be back compatible, so we're not making certain changes uh that would break compatibility, we're kind of holding off for those on td 2.0, and I will say that our current charter uh was meant to be done end of december, we're likely to be adding for an extension just to meet some deadlines for the process, but we'll probably be wrapping up the 1.1 sometime mid-fall at the latest um and then we're starting work on 2.2.

A

We are currently in discussion about what exactly goes into our charter for next round, but we'll definitely do a td 2.0, but I will say that the thing model we have right now is essentially a template for a thing description and because a thing description lacks certain features that map onto sdf, the most notable of which is the sdf object, so mechanism for modularity at the syntactic level.

A

That's the kind of thing we probably need to look at for td 2.0.

A

So uh now in td, 2.1 1.1, we have a bunch of small extensions, so we've updated, you know, schemas to be more lined with json schema.

A

We've added some formal validation levels to indicate precisely what you have to do when you validate things uh with the td et cetera.

A

One of the bigger things that has happened recently is you've been looking at signing and val and colonicalization.

A

So we've defined the canonical form of the td that basically removes various variant ways to describe things so there's a unique way to map between the information model and the serialization, and then you can and the main purpose of that is to do signing.

A

So you can take a serialization and compute a signature for it and then know the information has been uh hasn't, been changed and the canonical form is to allow it to survive going into and out of a database, for example, without breaking the signature.

A

Now work in progress is actually a signature pr. um I will summarize uh that later, but basically we're looking at extending uh jws now for discovery. um We have a new spec for that and it's, as I mentioned later on, to two-phase mechanism, but it has relationships to dns. Sd did core rd we're also defining a directory service api, which is a http web service, provides a database lets you do search searching database of tds.

A

We also have the ability to self-describe so have self-description of devices uh profiles set of constraints.

A

I will say we're focusing, I think, on what I call the hub use case, where you have a thing that prevents http json on one side on the back side, talks to various other protocols, and that use case has come out several times: okay, so again, 1.1 uh looking at colonization.

A

So the basic idea here is not reinvent. You know encryption mechanisms for signatures themselves, so the proposal is based on jws and gwa, including rfc 8037, which covers the newer elliptical curve signature mechanisms.

A

um However, there's still the question of what the input to that signature should be and it needs to be kind of a json object, so there's actually kind of an xml signature, inspired mechanisms to extract subparts of td and then be fed as input into the signature mechanism, and I will also say that the signature then is encapsulated and stored inside the td and there's a mechanism to do that.

A

So that's uh currently on the table under discussion um and uh you're, welcome to look at that um security scheme improvements. um There are a couple devices. We came across that embedded security keys inside urls, which we didn't have a way to describe, and one example that is actually the hue light bulb.

A

So we um extended uh uri security schemes, support uri templates where the key might get embedded into the uri.

A

I don't think it's an especially good design pattern, but we're trying to describe existing devices, including ones we don't certainly agree with, so that was added, there's also a similar mechanism where people might put keys into a payload alongside other stuff. That is actually real payload, and so we added a mechanism to describe that as well.

A

And finally, we explicitly allow the oauth device flow, which is an extension of the oauth spec for iot devices. Basically, um a really big thing is the thing model and the idea of the thing models from this class of devices. This used to be called thing templates and it is in fact, a template.

A

In fact, we use something similar to uri templates and we also use uri templates to parameterize a tm and you'll be able to fill in various parameters and also fill in missing fields to get a td when you instantiate it there's also a set of relation types that relate td's to tms and tms to each other.

A

So the basic mechanism here is that a td can reference only one, and only one tm and the idea is we don't do complicated things of multiple inheritance in the td.

A

The td disinstantiates one tm, but the tm itself has a more complicated mechanism for reading in uh other tms that it's extending or even extracting parts of tms and we're trying to to align this with sdf.

A

The major constraints I mentioned is that, because we're trying to backup compatible, we can't add major new features uh like uh uh containers and so we're gonna reserve that for 2d 2.0, but it might still be possible if we only allow them in tms.

A

So that's uh something we can discuss if we can get done quickly before our next uh round of specs.

A

Okay uh for discovery: uh this is just a review, but basically the discovery mechanism is: how do you get metadata? One of our major constraints is support privacy.

A

So we want to make sure that you know we're not broadcasting data that may have privacy implications, so we try to hide most of the complicated metadata behind a secure interface and we actually hide that behind a web api.

A

So we use existing web mechanisms to protect data, but we still want to use onboarding sort of first contact mechanisms that can leverage existing open discovery mechanisms.

A

So the idea is to have a two-phase introduction phase, that's open and then an authorization mechanism and then have a closed or protected exploration mode. That gives you detailed metadata.

A

We also need to protect the actual queries themselves, so you need to also bootstrap security before you can submit queries and we also do want to align with existing standards mostly to use existing standards as these first contact mechanisms.

A

Next slide right: this is what it said. I'm just going to skip that. But again we have this two phase mechanism.

A

The current status is, we basically are in the phase where we have the spec, mostly written, and now we're trying to figure out how to test it under introductions. We have a few uh normative uh extensions, so in particular for things that have a service type like dns sd, we have to define some service types.

A

Ultimately, a discovery, introduction phase gives you a url. It's helpful that url is a type to distinguish pointing directly at a thing versus pointing at a directory, but it's not mandatory, because when you go to a directory, a directory gives you information.

A

That tells you it's a directory, but it kind of helps to skip a step if you have a type on the url, so, for example, for dns sd, we have two different types: one for a thing and one for a directory service and similarly for did and core rd we'll have resource types and endpoint types that distinguish those two things, but for other cases like well-known urls or direct, which is simply you get a url and you go to it.

A

We don't have any way to attach a type, and so you have to resolve that type.

A

Dynamically exploration, there's two major categories: one is kind of the smart object approach where you get a td directly from the thing and the other is you get a directory service and the directory service is basically a database that tvs can be registered with, and then you can query the database to find tds and you can use syntactic queries and we support both jsonpath and xpath.

A

The json version of xpath, json, xpath, 3.0 and then sparkle, so xpath and sparkle are optional, uh but jsonpath is mandatory. uh One of our issues with jsonpath, though, is it, wasn't quite a standard.

A

Well, there is a draft rfc now with ietf or jsonpath, so we're kind of trying to intercept that so when it comes out as a standard we'll be able to use it if it's not quite ready, yet we may have to make xpath be the mandatory uh version and decent path optional.

A

We want to have at least one demand where you can depend on it. Yes,.

C

Michael can can interject there, so I think the json path working group would be really interested in your requirements. So what what do you need jsonpath to have to do um right now? We are. The general sentiment is that we will have something like a minimum viable product in the first rfc um right. But if there's something you need, we need to know.

A

Yeah- and I think we need to do- is we're able to use cases and examples uh to clarify that uh the main thing we need that's different from the current you know uh version is we have to limit the power of you know, j javascript snippets, so we don't want to be I'll, have to be able to do a injection attacks on on directory servers. So we need to limit the not the comparisons that can be done and the the scripts to like just a small subset.

C

Yeah.

A

That's already.

C

The current.

A

Document.

C

But we do need uh input what you actually need to be able to do and what we can leave out.

A

Well, I will say our main issue right now is timing, so we don't have a lot time to make fancy requests. What we really need is have a minimum vial product out, so we can reference to reference it, and then we can do fancier things in in the discovery 2.0 next year. So I think what we want right now is just the minimum viable thing. uh I think we at least want to have equivalent functionality to json pointer right. You know select a particular yeah. You know that should be easy.

A

Yeah exactly um anyways sparkle is, like you know, all singing all dancing version, but because it's expensive to implement it is optional.

A

um There's also various other things involved in the spec like page nation, so you can go through long pieces.

A

I will say right now: we're focused on http and json, and probably next round we'll look at uh you know coap and cbor. So right now we're not trying to target everything, we're just doing http or web web service.

A

um Sorry, I'm going to move on because we're out of time here our profiles are constraints. So profiles just try to constrain things. As I said, we're focused on just the hub functionality, which translates a bunch of different standards into one http json, and we also want to make sure the implementation is fine, finitely implementable, so the finite set of things that it has to do because the tv is pretty open-ended. We wanted to like limit it to make it implementable and make it validatable.

A

So this is just a set of constraints to be able to happen. I won't go through this in detail, just the idea that we only allow a certain fine set of things and we're currently doing this sort of baseline, and we also are trying to you know clear things like you know: what are the error codes? What do they mean and so forth?

A

um I will say, as well as another activity going on right now is a smart city workshop and this overlaps with watt in the sense of use cases.

A

So this is a slide I'm doing at the workshop, which is being held on the 25th and we're trying to do here is engage with smart city uh stakeholders to define not just web of things requirements, but you know general web services and other kinds of requirements for smart cities.

A

So we also have a use case document we've been working on, and these are some use cases from that document that relate to smart cities, but there's lots of others, uh but like for example, land management needs some some geolocation uh use case uh information.

A

We don't currently have any standard, for you know embedding standardized geolocation information into a td.

A

So that's something we're considering for our 2.0 version to make that standardized, which relates to a use case like land management or construction, uh but even cultural space like a museum, you might want to describe a room you're in, for example, we have no standardized way of doing that.

A

um Okay, so I need to move along here, but I just want to say: uh there's a bunch of resources, so there are current specs out for this. uh This is actually pointing at the editors version of the document which in some cases, is well aligned with the current working draft.

A

In some cases like discovery, the editor's draft is quite a bit ahead now of the working draft. So I suggest in general that you look at the editors drafts.

A

We also have some informative documents and the biggest one is probably the use case and requirements document which includes a lot of discussion about you know various use cases.

A

We also recently updated our website, so there's a brand spanking new website out now that has a better way to access the various stuff we're doing, and one of the things we need to work on right now is things of tutorials, which is something that is in progress, but we have like explainer videos.

A

And that's it so I will stop there and if there's any time for questions I'll, take them. Otherwise we can move on.

C

Thank you for keeping your time very nicely. Maybe you can advance one more slide because there are the people people should be talking to. Thank you.

A

Right well, so we have one moment: that's going to mention. We are rechartering and we are looking at what to do for our next charter in terms of alignment with sdf and other things. We definitely want to get a line, but we have timing constraints.

A

We have to finish our current round and get through the process and then start a new version, and so I think our current goal is to clean up what we have now get in the can, and then we will have a chance to discuss. You know major new things to do very soon for our next charter.

C

So are there any questions.

C

Well, I cut in with my question in the middle of the talk, I'm sorry about that.

C

So I hope we will get keep to keep getting continuous updates about the w3c work because it's very relevant to what we are doing here and thank you, michael for reporting.

C

So the next thing on the agenda is another michael, michael costa, with an update on one dm michael. Can you show your.

C

Slides.

C

You have to press this, yes, but you actually have to click on the yes, this one exactly.

E

Sorry I wasn't responding at first and um I didn't know what was happening so here we go. Can you see the slides now, I'm not sure how the sharing works.

C

Well, you should still have to select what you're sharing on your site.

E

Okay, I I don't see where that oh okay, there we go.

E

There we go: oh yeah, okay,.

E

So you must be able to see that, and let me just maybe go into full screen mode.

E

Okay, so this is a an update on one data model. I'm assuming everyone sort of has a an idea of what one data model is, but what we're doing is using the sdf language to to drive for a common data model for common, in other words, that one data model that everyone can use. Hence the name one data model for the common iot affordance patterns like on off control and color control of a light and temperature sensing and thermostatic control, and things like that.

E

So I'm going to go through what um you know where we are and and sort of we depend on sdf, but we've we've moved the sdf work um completely out of one data model and and that standardization is in process and we're we're just going to use whatever is, is done by one by stf and provide requirements. So we're kind of doing a pressure test of sdf right now and we're looking at a couple of new features as re mentioned. But the main body of work is around the convergence of data models across industry.

E

So currently we have about 200 models. I think it's about 195 models in the playground contributed mostly from oma lightweight, m2m and ocf, but we have some examples from bluetooth mesh and the zigbee cluster library in there as well, and we've we've determined what process we want to use for uh convergence and that is sort of a model.

E

Adoption process where we're we're going to basically have an official adopted 1dm model, that's adopted through a consensus process and we've we've also sort of figured out how we want to manage the life cycle of models and track them and version them and how documentation would be handled, and we have some small set very small set of initial models that we want to use to for the first run of the process so going forward.

E

We have already agreed on the adoption process we're uh we're about a a quarter or so a few months behind where we thought we would be, but um we've been taking our time with the process. We don't want to get too far ahead of ourselves.

E

We have some provisional, basically we're going to create some provisional adopted models for the first ones, with the understanding that they'll be stable, but ultimately they may be superseded. As we get more a larger body of people involved in the consensus process, we need to go back and re-engage with some of the early contributors because the we spent a lot of time on the language design and on the process and and a lot of the folks just want to get their models adopted.

E

So we need to go there and it'll probably take a little while so um um kind of maybe third quarter of this year, we'll have some provisional models out and it's almost really third quarter now. So I think we're we can't be behind yet so the provisional models.

E

We have some models from ocf representing appliance features and a model from lightweight m2m, based on their sensor model.

E

We've decided on a process that sort of mirrors really what everybody does, but in particular, ocf has has made put down a few sort of ground rules like we only really want constructive feedback, in other words, make a concrete proposal that says what you want or how you think this model should be made better, and um it's sort of like the role of an ietf chair, that we can drive consensus and help break the deadlocks.

E

But we really want the group to agree and we've sort of looked at this uh chair role, that's defined in rfc 2418 as a work group chair and that that sort of is a it's a good pattern for us to use as uh going forward.

E

So the provisional models we have are.

E

The the owen so basically there's some ongoing uh questions about how uh sensors should be handled in quantities and units, as audi mentioned earlier. um I don't know if we really talk about that too much in another slide, but here's the ocf models and we're basically looking at things that uh things that can be that don't really that don't overlap with a lot of other models. I we had some some criteria for what models we wanted to select for the early revisions and they were sort of non-controversial.

E

We don't want to start with a thermostat model that we know someone is going to want to change so so we pulled these out of the ocf canon if you will and they're they're for modeling appliances and there's some of the common things like the binary switch and the mode and the operational state.

E

So you think in a mode as being you know, diagnostic mode or running mode or a failure mode, or maybe a fan mode that might be running one way or another, and then operational state is sort of what, where you're going on. If it's a dishwasher, you might have the rinse cycle, the wash cycle, the drying cycle, etc, and so those are all in the on off switch.

E

So those are all really really common patterns that you find in appliances and we're going to try to drive those forward in the ocf from the ocf canon if you will and then um from oma we've um we're looking at a couple of sensors and there are really a number of issues that we need to work out, and this is basically just to give everyone a flavor of the kind of uh questions and kind of work we'll be doing in one dm.

E

So basically, quantities in units is probably a good place to start because, as hardy said, that that really turns out to be a bigger issue than than I expected it to be. But um basically you know, should we bind units to sensor type and that's a really good question should should a temperature sensor always report in celsius, or should we basically have some conversion ability or adaptation ability to different units? And of course, temperature is a good example, because it has some alternate units, many sensors. Don't so it's not a problem.

E

We want to basically see if it makes sense to have a common pattern, because really all the sensors kind of report the same way and the only thing that differs is the units and the scale.

E

So that's really the the crux of the the question here is: should we have a bunch of definitions that are tied to units like a temperature sensor, a humidity sensor, a barometric pressure sensor and so on? Or should that be a sensor as in say, bacnet has just a sensor and then you, you have values that you put in and then you customize it according to engineering units way down the road, and so there's really a range for a few different patterns here.

E

Currently, in the definitions contributed, they were, they were specialized per units, but um it's not really clear that that's the the best way to do things or if there should be two patterns and an alternate specialized sensors and a generic sensor, then people have a question of which one to use etc. So that's basically the flavor of it and then you know a lot of the sensors are multi-sensors, and so how do you deal with? That? Is there a way that we need to standardize the way multiple sensors are packed together?

E

Particularly bluetooth mesh has a really good system for doing that from columnar data and timestamp series, but that's their way of doing it, and is that something that we could standardize or do we need to have some some consensus sort of drive for some consensus around a few different you know have a. I guess what you'd call a dialectic approach where we try to synthesize the best from a few different approaches all right. So this is kind of my last slide to illustrate sort of a use case and what really driving for an industry.

E

It shows a semantic proxy where a sensor from one definition is exposed to a client that expecting a different definition and if we have common uh abstract, high-level models, as shown on the left, so there's an sdf model for what we're doing that.

E

Just simply has different protocol bindings for the different in different packet formats, and what have you the approach here would be that we would take the single definition and convert it to both oma and ocf, so that the declarations would be compatible with with their sensors and they could figure out what sensor they're talking about, for example, on the mcm side and then um basically create the thing models for both of those.

E

As as mccool mentioned earlier, we were going to use w3c thing description as an intermediate format here, especially because there's some application software that already consumes these and knows how to work with them.

E

So we would create a thing model for each each one of these and the thing description that had the the protocol binding information for oma on the consuming side and the protocol binding information for ocf, in this case on the exposing side, and then the software known as node watt, which is actually an eclipse project that knows how to consume and expose based on tvs.

E

We could create a proxy from that software and that would automatically consume essentially any any any oma server or device that has a definition in sdf and expose it as an ocf client. Now I think something that michael mccool was mentioning earlier is really interesting here. If there is a common web of things profile for how software clients access things, then this picture would have many different types of servers and devices on the bottom ocf oma, you know lightweight m2m, zigbee, bluetooth and then the top part would be the common web of things profile, client.

E

So there's there's another way of using this same basic technology.

E

Let's see, I think, that's all. I have there's some backup slides here that you can look at and then we kind of show how the workflow works and and for adopting models and and uh some of the stuff about who's involved, and uh this is kind of interesting, where uh one little point where we're planning on providing a way for anyone to just host their models in sdf as a as a way of standardizing the format, without necessarily participating in the in the convergence process.

E

Of course, the convergence process is the big value, but there's also a lot of value in just having an sdf model for things that that can be easily adapted to uh okay, not sure about time. But that's really all I have on on my presentation.

C

Okay, thank you, michael. um Are there any questions.

E

We gained a little.

C

Time, yes, you did eve.

C

Oops you're very quiet.

F

I'm very quiet how about this? Is this a little better.

E

A little bit less.

F

Okay, so of course, I'm very curious about and have been interested continually in following the um semantic proxy conversion diagram, which was your last slide, michael yeah, that one manic property- and I was very interested to hear about digital twin dtl work, that's emerging, and I know we talk about the numbers of models that exist in the repository.

F

I wonder um if you can also talk about um you, know kind of going forward, keeping track of the various conversions that are underway, and I presume that that's really and it has always been the focus of the hackathons, um but um you know sort of I think a really interesting metric is how many, how many of these conversions, in which directions are also um emerging or under development.

F

That would be interesting to hear about.

E

um That that is a really good idea and a metric, because um a little bit of disclosure, I've recently changed jobs and I'm now working for a company called passive logic and our main business is digital twins for buildings.

E

So I'm not going to be personally interested in this much about um you know smart home devices anymore, but um I think that I'm looking at conversions for dtdl to sdf and bacnet and um a new thing that we're developing called the quantum ontology, which is a physical physics ontology for building that has to do with enthalpy and things like that. So um that would add three new three or four new uh conversions, so we could think about. You know. You know that uh coming up with that.

E

So far, though, there's only really a um sort of a software, repo or open source sort of conversion, but I think if we could move these up to a sort of a high level status in in terms of there's a conversion uh as the spec changes, the conversion changes, maybe not everyone's involved. Maybe this is just being pulled from an open source, repo and being synced whenever they make an update.

E

So there are a lot of different ways to do that, and I think that your suggestion could be taken as a general sort of category of things to add to one dm to what we talk about and track and manage. So I I think, that's that sounds pretty good and again thanks for the the plug for moving uh moving on to sort of digital twin work, because I think that's a new emerging, a new emerging thing that that creates almost a whole new uh application area for something like this and also this.

E

uh This diagram here, basically, is a good uh illustration of the kind of architecture that a digital twin would would use. It would normalize the data from a bunch of different sensors and actuators and the control affordances, and it would present a single sort of unified semantic interface to the to the upper layers, and indeed that's uh one of the bigger questions about digital twin that helps. You do the modeling, because then you don't have to think about a lot of different.

F

Protocols well, thank you.

A

Michael yeah, I'm most interested in tracking the conversions, I think they're a really good test case. Let us know uh how compatible the different standards are and whether they're just modeling the same information in different ways, and so, regardless their practical utilities. I think they are very practical. I think, having those conversions around really helps us test our compatibility of our various information models, um in fact, to the extent that when looking at like directory services and thinking you know, could we have a single information model and just serialize it in different formats?

A

So I could certainly see a you know what thing directory service also providing maybe stf models and just a different way to serialize the same information if they are.

C

Truly yeah, I think this is really important, really useful input for the hackathon that we're going to have in in four weeks. um We have started in the wishy activity to collect pointers, to tools, and maybe this is a reminder to update that. So we we should be able to uh have an inventory of what the kinds of tools we have available. Maybe that's something we can prepare for the hackathon and then, of course, at the hackathon.

C

We can look a bit more more closely and what we actually can get converted and one one great thing that came out on thursday. When we had our wishing meeting and talked to the microsoft people about the asia gtdl work. Is they now also have some models out there? So the next thing that we will look at is how to get these models in into the repositories um as well. And of course, there are other models that are waiting uh for this.

C

So so we are either going to do this before the hackathon at the hackathon and I hope by the end of the hackathon, we have a much better overview of what we already have covered and where additional work is required.

E

Yeah, that's that's really good and I'm remembering carsten really early on. In fact, even back at the iab semantic interoperability workshop, you had made a diagram of of how translation works in general, with the common format showing a box in the middle and arcs coming in and arcs going out and really the system we're building, isn't just the box in the middle. It includes these arcs that come in and go out which are in, in fact the conversions.

E

So really that makes a lot of sense and and having those as something a little bit higher level, also um with digital, twin and other kinds of we're. Looking at physical uh models of things that aren't necessarily don't have the same kind of affordances. They're they're mainly object property models, but they describe the physical uh part of things that are connected to, like you know the heaters and the the uh the pump and the tank and things like that condensers.

E

So um those things are also needed, but they don't necessarily get converted they get expressed, or maybe they get converted if we're talking about something like opc ua, where those models already exist. But that's also part of the ecosystem. We need to understand that sdf is going to be modeling more than just connected devices that you can talk to, but also the things that they connect to.

C

Great any other things you want to do with the last 90 seconds we have on this gender item.

C

uh So sorry, can you prepare your slides.

G

Here we go good yep. Thank you, yeah. So I'd like to present an update to our draft on iot edge computing challenges and functions right, so in revision 2, which we are presenting today, we addressed commands from milan and we made also other related changes, so we will go through that in the rest of the slides. We also contacted some standard community members for comment, but for now we didn't get technical feedback, so we are still waiting.

G

So, let's start with a quick overview, this draft discusses some aspects of iot edge computing. So why do we need it? How is it used today and what are the research challenges we can identify?

G

So in section 2 we provide some background. We list use cases in section 3. We list reasons that motivate the use of edge computing for iot and in section four we have an overview of iot h computing. Today we provide also a general model and a distributed version of this model.

G

We then list in the same section for research challenges organized by functions or components, so they are loosely classified as oem, functional and application and well, one point is that those functions need to be at relatively high level so that you know they map to research challenges without too much overlap between them. So this this this function is here to structure the the research space. In a way um you know, then we have a section on simulation and emulation environments and one on security considerations.

G

So, let's go through the updates. The first comment stated that some use cases felt a bit generic and did not seem to exemplify the need for edge processing, so we think it's a fair command. We rewrote the use case on smart construction and we deleted another one and we reordered the the use cases.

G

The second comment had basically two observations. You know from the fact that connectivity can be constrained and also it can be costly upstream and downstream. So basically, there was a need to broaden some statements, so we changed the title. We made the minor changes to um basically cover those additional aspects, and the third comment was that it was about resilience and it provided some text to describe resilience today in iot, iot deployments.

G

So again, a very useful comment and we added text closely based on this in section 4.1.

G

The next comment was that section 4 should be revised. You know the list of research challenges should be revised to separate description of edge functions from the implementation mechanisms.

G

It was also suggested to divide the description into key iot functions and the list was provided, so we we actually we expanded the scope of some of the functions. You know.

D

Three.

G

Of them are listed here we did some reorganization and quite a lot of text updates as well. So hopefully we cover the areas listed in the comments and we you know all of them and at the right level.

G

The next comment was that the section of on edge caching should clarify that the edge node may offer local data storage and caching so based on that, we updated and retitled the section to to include both local storage and caching.

G

We also uh added new research challenges uh corresponding to recent papers. uh uh They are added in references in ref. So basically, if you want to check them, uh you know because the diff is a bit difficult to read, so you can look at the diff of the reference section and basically look them up in the in the text. They will correspond to new challenges or extensions of existing ones and those are basically 2021 papers.

G

So, finally, we did some editorial changes as well. Right, so uh to our knowledge, all outstanding comments are addressed. The draft is in a stable state. uh Additional comments are welcome and uh finally, I'd like also to take a you know for us to to discuss whether it makes sense to start a last call. uh Is this the right moment, so it could help elicit some final comments.

G

The authors uh agree that this document is ready as far as we can tell right. So this completes this presentation. Thank you for your attention and thank you milan for, for your.

C

Comments, thank you savvy, michael.

A

I actually read this twice and made a bunch of comments and they never managed to get through the process of sending them to you.

A

So uh if you'd like, I can try one more time, because I did find a bunch of stuff in the earlier versions, but they may have been addressed already, but I can certainly do passover and this time trying to figure out how to get the comments to you in a way you can use.

G

Definitely that that would be great, michael and uh if you don't have, even if you don't have time, you know it's fine, if you send some comments which were already covered, it's really not not a big deal. No, don't worry.

A

Well, the problems I had, I had a lot, and it was just uh difficult to. I just didn't- want to write them up in a big long email. So if there's a way, I can edit the document itself and do a diff or do a pr or something that would be ideal.

A

I just couldn't figure out what the tooling you're using and so let's just discuss this offline.

G

Sounds good yeah we we have it's on github, so that's not a problem yeah. I can send again the link to the github repository on the list. If you like yeah or to you, I mean.

C

Yeah, I think, as a reviewer I I can't sympathize with that a lot, so there are often comments where you just say: hey. Why don't you say it this way and it's much easier to just edit the the document and and submit this as a pull request. So.

A

I think that's a yeah, I do recall now I checked it out and got it to compile, so it just got. I ran out of time and then the new version came out and my comments were no longer valid right, so I just need to get it all done quickly, so I guess I'll have to find some time to sit down and just do it for the third version. Third time.

C

Yeah, so um I think that's also one thing that that we learned it's really best to submit comments in in smaller pieces. So if you do a review and you have done the partial one- don't don't wait until you have time to actually complete the thing, send it on to the authors. They can do something useful with that, and you can always go back to reviewing the the next uh version of the document.

C

So I think that that's a pretty important uh thing also when, when you have these, these monster pull requests, it's sometimes hard to to integrate them in particular, if you get two at the same point in time, so keep it small, keep it simple and keep it timely. I think that that's the advice I would give to people who want to do this pull requests.

A

Yeah, I would say that my my intention here would be create an issue and then do a small pr for each issue not to have one big peer, understood.

C

Yeah that may be also be overwhelming because you might have 20 years in the end, but so the truth may be somewhere in the middle, but I think the important point is actually sending things incrementally. So you you don't create a lot of delay, but I'm hearing from this that that people are actually interested in getting a few more um reviews in, and I think it's also time for for the chairs to uh provide a review.

C

So we we are getting ready uh for the research group um last call, so we will spend some more time doing these reviews and then probably issue the research group last call in the fall.

C

And whatever we can do before that really helps speed up the research rouble squad.

C

Good any any other observations about this drought.

G

Thank you uh michael and carsten,.

C

Okay, so when we are done with this, let's go to the initial security setup: mohit. Can you can you show your slides.

H

I hope you can hear me fine.

C

Yes,.

H

And hopefully,.

B

We'll see you guys.

C

Yes,.

H

Yeah, okay, uh so I guess good evening for those of you in europe and morning or late evening, for for others in different time zones, my name is mohit and together with my co-authors, bachata and dan, we have been working on this document, which is currently titled as secure iot bootstrapping a survey.

H

The change since the last ietf is that the document is officially adopted. As a research group item, we haven't really made changes to the content, but I guess the goal of today's presentation and interim meeting is to present some suggestions that we have on on possible future directions for this document and get feedback uh from all of you before we actually go and edit.

H

The draft and a lot of the the changes and suggestions are actually coming coming, not not from the authors but from working group chairs and and members like carsten. So a lot of the material that we'll be presenting today is actually based off uh off of a presentation from carson borman in the iot ops working group.

H

So uh just to recap, why does this document exist? And what are we trying to do with this? So the goal was that there is so many different bootstrapping protocols, so we thought, like maybe having a document trying to summarize some of the common bootstrapping protocols, would make sense and when we started doing that, more and more new protocols from different standards, organizations uh came up and obviously not all of them were even using say, similar or same terminology and over time.

H

Our goal then also became to not just document the protocols and solutions from different seos, but also to kind of provide an overview of what are the different terms used for bootstrapping.

H

Another goal is to identify common patterns so and provide recommendations on applicability of terms so with common patterns. I guess by now many of you have seen this common interaction in smart home environments, where you are expected to either scan some qr code or or something of that sorts before your iot device can join your home network, so uh different protocols and sdos may call it a companion device or a configurator, for example, but it's essentially the same purpose and then the same pattern. So one of the goals was to identify these common patterns.

H

Then uh obviously, we can't list all uh examples of bootstrapping techniques, but uh we pick and choose some illustrative examples.

H

So we try to cover those that are significantly different in in terms of user interaction in terms of what kind of credentials they expect before the protocol starts, and uh what do they achieve so, for example, some protocols may only configure uh the network and and not configure like application settings and so on, so they might just configure the ssid and password so that your device can join the network and connect to the internet, but the rest of the things like configuring, the name of the device or like adding it to different groups.

H

You might have to do them with another protocol, whereas some others might build systems where they include everything from uh connecting the device to the network, to configuring, uh application parameters and and so on.

H

We did try to initially classify these bootstrapping techniques using some traditional methodology like managed and unmanaged and leap of faith methods, but we soon realized that it's actually pretty hard to classify them. Some of them are obviously easy and straightforward and fall into one or the other category, but many of them fall into this generic category of hybrid methods where they might do this or might do that and in some situations they support this, and obviously you know anyone who is writing a protocol specification once it's to address as many use cases as as possible.

H

So it often happens that in some cases it's uh in one category, whereas in in other cases it's in another category. So there are very few protocols that say we only address uh small enterprise or something I think many of them would say. We address home and small enterprise and maybe also like full enterprise experience.

H

So uh moving on so we started documenting the terminology and the current list which we have in the draft and and here on the slide. So we immediately realized that there is lots of similar terms that are being used in this context. There's bootstrapping provisioning, onboarding, initialization registration commissioning configuration discovery.

H

There may be like a couple of others which we may have missed and if you know, please uh type it into the chat now or send an email, and this draft is on github, so you're also welcome to send pull requests.

H

So immediately we realize is even is the title of the draft correct, because we call this secure, bootstrapping, secure, iot bootstrapping survey, but if bootstrapping is not the only term that is used in this context, what should the draft be called and we got a nice suggestion from carson of using initial security setup as kind of an overarching term? That includes there's an essence of all these uh terms.

H

uh Basically that you want to do the initial security setup of of an iot device and the suggested new title is terminology and processes for initial security setup of iot devices, and obviously we look forward to your feedback. If this makes sense. The other idea we got from carson was to actually break down protocols into three things. So, first is to identify the players.

H

Basically, who are the parties involved? So typically it might be the manufacturer of the iot device. It might also be the end user of the iot device.

H

uh The end user of an iot device may be different from an owner of an iot device, so your iot device may be owned by the company you work for, but you might be the end user, so some protocols may end up distinguishing users and owners, uh there's also network administrators which may control or manage uh devices.

H

So this could be players, uh then the second uh kind of block building block for these uh protocols is beliefs, and what we realized is that there are some beliefs that these protocols start with and then some beliefs that they instill during the protocol execution.

H

So it's quite common that many protocols assume that devices come with some certificates installed by the manufacturer and the certificates contain different kind of uh you know things like idev id or it may not even be a certificate, it might just be a pre-shared secret or other forms of trust, anchors and, and the next presentation will be exactly about these kind of things, of what what kind of credentials the device may come with and then, once this initial security setup is complete, uh what information is actually configured on the device.

H

So typically, this may include, like ssid network key, even some protocols like configure the initialization vector that should be used by the device. All these things would be the post up, beliefs that are instilled into the device during the process and the third building block for these protocols is the actual processes, so the sequence of events that must be done for this security setup. So um many times it's powering up the device.

H

uh It may involve like scanning a qr code that that is on the box of the device in which it was shipped or the device itself. It may be tapping nfcs.

H

It may be like accepting some checkbox on your companion device like a smartphone, but basically uh what kind of interactions are required and- and there are many protocols that actually don't require uh anything from the user. So you I'm sure all of you have heard about this zero interaction uh protocols where the user doesn't really have to do anything. So I have taken two examples of protocols and then tried to break them down into these building blocks of players, beliefs and processes. So the first one is device provisioning protocol.

H

A brief description of this protocol is already in the draft. So it's a protocol from wi-fi alliance for configuring, wi-fi based iot devices, and it relies on a configurator which is a smartphone and the iot devices themselves are called enrollees.

H

It has three sub protocols, so bootstrap where you typically scan a qr code or tap nfc for the device. Then there is a actual exchange that happens between the smartphone and the iot device, where uh authentication happens, and typically it's a authentication in one direction where, like the iot device, is authenticated.

H

But the protocol allows you to do authentication in both the both the directions. It would just require that not only the smartphones can secure code. You will also need the other other direction in in some form, so whether the iot device scans a qr code as well or uses some other mechanism to transfer the public keys is kind of left open, but it is possible to do mutual authentication.

H

All the most most deployments would do only only one way and then, finally, once the authentication is complete, the smartphone will configure uh or install information such as the ssid and passphrase, so quite straightforward protocol and user experience. So let's look at the players, so there's the manufacturer, which installs a key pair and then ensures that the public key and other metadata of the of the device that is being shipped is available on the device or on its packaging.

H

There's the user, which in most cases is then also treated as the owner of the device and a companion smartphone, which is used for completing the process, uh believes that exists before the protocol is executed. So basically, it's the manufacturer installed asymmetric keypair and after the setup is done, the device is installed with knowledge such as the ssid and passwords. It should use to connect to the internet, and the process is user scanning a qr code or tapping nfc.

H

If mutual authentication is desired, then it's done twice in both directions and generally the user kind of configures, the ssid and passphrase of his home router that the iot device should connect to so. The second protocol that I wanted to cover today was bluetooth. One of the reasons was this for covering bluetooth, and this is currently not in the draft.

H

uh It just says to be done, and erranding complained at the last d2trg meeting when it will be done so at least now we have it on the slides and hopefully, after this meeting I'll, add this information to the draft as well. So bluetooth mesh calls provisioning similar to dpp, which is device provisioning. Protocol bluetooth mesh calls this process of initial security setup as provisioning and, as is quite common.

H

There is a device which is unprovisioned and needs to be provisioned and then a smartphone which kind of helps the user in the process to do that, it begins with the invitation, so the device sends out beacons. Saying I'm unconfigured, please configure me a smartphone will discover these beacons and then send an invitation that hey, I could configure you and the new device would say here are my capabilities. So these are the cryptographic algorithms I support. These are my I o capabilities and- and these are like elements uh that are part of the device.

H

So elements is basically, if you think of a light strip, then each each individual light would be an element. uh That's how at least bluetooth mesh defines them. There's a public key exchange that happens after this. So it's a typical elliptic curve tv helmet key exchange with fresh keys, and this happens if ob input or ob output, authentication method is used. So ob here stands for out of band.

H

So if out of band authentication is used, then typically a fresh ecdh, key exchange happens, and thereafter there is a actual transfer of data on an out-of-band channel and bluetooth actually is allows sending this data as a blinking led light or as audio noise. So you could think of this configuring, like some bluetooth speakers, for example.

H

This is shown as the green arrow in the diagram thereafter bluetooth, both the smartphone and the unprovisioned device exchange.

H

What bluetooth specification calls has confirmation messages, but I would rather call them commitment messages, so both the sites commit to some random numbers, and once that is done, they reveal the random numbers to kind of verify that there was no man in the middle uh attacker during this protocol exchange.

H

Finally, once this shared key is set up between the smartphone and the new device that is used to like protect data which is being sent to the unconfigured device, so this data can include the network key unicost address that the device should use and and other information, such as the iv index and and so on, so to look at the building blocks for this protocol. The the players in this case are a user and provisioner.

H

So you might immediately notice that in this case the manufacturer of the device is not really a player, at least in the mode of provisioning that I have shown in the slides. Bluetooth also has other other modes of probationing, where the manufacturer may install a key pair and and print a qr code, but just to kind of show a variation of that process.

H

Bluetooth also allows where manufacturer is not allowed, so you see only user and provisioner.

H

There is no pre-setup belief, so there are no hard-coded credentials in the device and after the execution of this initial security setup process, the device learns the target network credentials, whether it's a lighting, application and and so on, and whether this light is in the kitchen or bedroom and and things like that, the process, depending on the actual deployment, might be that the user has to scan a blinking light or like listen to some noise that is being made by the speaker and eventually send information like which group does this device belong to and what application keys does it have access to?

H

That's it. The draft is currently on github. I look forward to your feedback on this suggested direction, make sense or how to modify it and improve it further.

C

Okay, thank you. So I think the the same observation applies that, since the thing is on github, it may be very easy to put up issues there or make text suggestions there. But of course we also welcome the traditional review sent to the meeting. So if you have a small thing, maybe the issue is the right way to do this or a short notice to the meetings, of course. Also is the right thing.

C

So what can? Can you say a little bit more about the the timeline you see for the next steps of this.

H

uh I guess I would like to get at least the updated uh content, some of the updated content ready before the cut off for july ietf, but yeah after that it depends a little bit also on getting some some feedback on on the content. That is there. So obviously uh all the authors have been also busy and we have been a little bit lacking and we'll try to make up for that. So hopefully there should be a new version before the cutoff for july, and after that it depends on what kind of feedback we get.

H

If this direction is like I'm amenable to the rest of the research group, then it would be simply like breaking down other protocols into the players, beliefs and processes.

C

Okay, any comments or questions on the draft and and onwards presentation.

C

Michael.

I

Well, I think that that um um this is michael richardson. I think that uh the proposed revisions to the art to the structure of the document are really good. um I says mohit said: there's a fair bit of work to do to to reorganize it. uh That way- um and I guess I'm really looking forward to that thing- and I really like this- uh the process that in slides three or four or whatever it was that he proposed.

I

I think it's great, um but I think that uh we just need to get to that point somewhere, um yeah, that's the breakdown yeah exactly. I really like that. I think that's a really good thing, um and I think that it will maybe provide a good um for future documents that people write about uh this thing they will hopefully uh um provide.

I

You know a clear clarity on this um and I think it would also provide. I don't know whether this I don't know this document needs to go actually talk about very many examples, but I guess it's good to talk to about those that we know about. um I really hope that there might be somebody in this working group that is a um able to provide these details on the chip matter uh stuff in an authoritative fashion um for it, because I think that would be timely to include that.

I

uh But I said we don't need to meet. We don't need to do this extensively. We need to do it um represented representationally, so that you have some idea of how to apply it, to existing things and in the future.

H

Yeah yeah thanks for the feedback, I agree that it cannot be an exhaustive list of protocols, but we try to cover important ones and and make sure that there is like different enough that they represent, like all the variations that exist in these processes.

C

Yeah, I think one one uh as michael said, one of the important benefits from this document might be that we have an example, a model for how you would talk about a specific bootstrapping approach on boarding approach. So we have the right words to talk about uh these things, and so, for instance, if if people are coming with new models, they would be able to describe in a way that it can be compared with existing ones, of course, unless they want to obviously how their stuff works, which also sometimes happens.

C

So by my gabriel.

J

Yes, um sort of telling what uh michael richardson said uh so yeah sure not uh to to list, I don't think we should list every single one, but let me offer another one in addition to matter that might be important. uh The fido issued recently uh uh an iot um security uh spec, so that one might be might be relevant just because fido is is very, very prevalent in authentication space uh already um and the another thing that comes to mind is nist has issued guidelines for iot security, and it would be good to see.

J

um Maybe it would be an extra section to see of the the mists of the world or the government guidance which ones of the reviewed uh comply, or how do they comply sort of to give uh guidance to folks who might be interested in going one step beyond and actually contemplating adoption, because once you contemplate adoption, then things like what governments are uh that government guidance becomes fairly important. I think at least for certain style of deployments.

H

Yeah thanks gabriel, for the feedback uh fido is currently at least in the draft. It's described what the protocol does. Obviously it's not described in the fashion that the slice currently suggests. So this was more like asking for feedback, and it seems people seem to support this direction of breaking down protocols into players, beliefs and processes. So I would do that for fido as well.

H

uh It will be there uh regarding the nist uh I'll have to look at the the specification itself on how well it covers this bootstrapping and what to do about it but sure I'll. Take a note of it and come come back to you at the next interim or.

C

Meeting.

C

Okay, so um yeah. I hope that the the uh prediction I made in in the introduction that this is a 20 20ish 20 22-ish document will come true, maybe a bit hard to finish it during this year, but we might get it in a status where we can uh do most of the process this year. So I'm looking forward to this uh document uh being processed.

C

So michael, do you want to.

I

Yeah, okay,.

C

uh Where is it yes,.

C

The the funny thing is that if the two chairs press on the button at the same point in time, one of them will press a random button.

I

Oh, so um I'm going to talk about this idef id considerations, document and kind of relate it back to mohit's document and for those who are watching, we did exchange slides. So we somewhat should, if it's, if it's, if it's coordinated, it should look that way.

I

um So an experience I went through with um a couple of uh sort of non-ietf reviewers and some you know, there's a list called dumpster fire um out there as well, um and basically, what I encountered at some point was that there's a certain amount of skepticism as to you know, oh well, pki will never be secure because someone will just screw it up and the manufacturer won't know what they're doing they'll forget what's going on and other stuff and then other people said: oh no, no! No!

I

That won't happen because they're going to do blah, blah blah blah and then they spread it off 27 processes, and I realized that, while the truth is probably somewhere in between that either either viewpoint kind of uh uh puts a kibosh on things either people think oh, I can't never trust this thing um or they think.

I

Oh, it's gonna be so complicated that no one will ever implement it, um and so I realized, as I started, talking to a number of different uh entities that do create these things and do operate them um both for purposes of remote attestation and for other things that well.

I

Of course, none of them were willing to talk about the details of why theirs was was sufficiently secure but not excessively secure and um that why it was useful, and so this is where this document came about to kind of provide some um analysis of what's going on. So how does it relate to this? So we have. I I've should have called this players, but it's the manufacturer, the manufacturing player, and they do things.

I

um And then we have some process of onboarding, whether it's called initialization or registration or onboarding, and then we have some kind of operational process that involves software updates. That may involve discovery of the device.

I

Once it's on the network, backup of the configuration and the settings, that's actually something often forgot particularly, uh is very, very critical in industrial settings because they really need to be able to restore the the configuration essentially uh when they replace the device, um and there may also be some discovery here that happens as part of onboarding and um there's some back and forth there. So, for instance, mohit's uh um previous slide about bluetooth mesh on boarding that there's a definite discovery process.

I

That's um involved in that, um and sometimes it's it's there or not, um and so this is where this is. The kind of this is how I view this is my view.

I

If you like of mohit's document of how I think about it, I took I tried to take as many of the words out of this as possible and if I had a cool uh 3d thing, this would now morph and the yellow part on the left would now turn into this part here, for you and you'd have a really you know, 3d experience as as I as I change the orientation of this type of thing.

I

So what I'm actually interested is now going into the third dimension of that that box um and talking- and this is what my document tries to do- is to connect the two things. So um in some cases there's uh the manufacturer. What they do in particularly in the silicon space is that uh they provision some kind of shared secret into the silicon and they provide it to the next people down the chain.

I

Who may do something, and as far as I can tell, um this is probably you know, transmitted in the form of excel file or something like this or csv file uh securely transported. And if you have visions of that johnny mnemonic movie, I think that you're thinking the right way, because I think that's actually the kind of level of security that people need to think about here.

I

But the next step here is you, you create an idev id, and that requires some kind of a certification authority to do something like this and to sign them for in a device unique way. And then you put some kind of a root ca. On top of that, because the ca that's running in the factory is perhaps only the one that runs for a couple months, or maybe a year at most, and then you cycle it get a new private key and things like that and that's uh what this document talks about.

I

How do these things go together? uh How do we number the layers of these things? Because I've shown two in this diagram plus an end entity certificate, and you could imagine two or even three or in some cases only one.

I

um So then, on the other side, there's trust anchors and they get used for a bunch of things, and you see that there's a difference of an arrow here, because while the idef id goes in, the certificate goes in with the private key already being in the device, um the trust anchor, the public key goes in and the private key is held somewhere in the factory or in the an evolve in many cases.

I

If it's the root ca that you're going to point to, and what are you going to do with this well you're, going to probably have a code signing and entity certificate and that's going to be used in a protocol like suit or other things, to verify that the new software is correct and in some cases, for instance, in brewski, for instance, we have a voucher signing in entity certificate that you need to have as well and there's other protocols that have other kinds of anchors that you need to include, and so then part of the other part of this document is to understand.

I

Well, how do we do the security around this process right? What is the human factors around this and what pieces can we understand this? So, for instance, was there one does the secrets held by one person or by three people or seven people? Do you need four people to put the secret back together or or two, um and that's just a number that that is there is, is three better than four. I don't know, and I'm not trying to say so, one way, the other.

I

um Clearly, the more pieces you have the more likelihood it is that some those people could be compromised or uh compelled to reveal the secret.

I

um So that's a downside, you might say, on the other hand, the more pieces you have, the more likely it is that they don't get killed in a bus by a bus um or, if you're, trying to bring up a new plant in a new continent that they're still able to travel to that continent during a pandemic, to bring something up and that's a sort of consideration that you may actually have to think. Oh wait a minute.

I

What can I continue operations um during a travel restrictions and for the dns sec, for instance the the last year? um They actually, as I understand it last june, they got the drills out and they drilled open the vault um because they couldn't actually have all the right people travel uh to uh the to california to resign the dnessec route, and so there was a process that I guess they understood well, where they physically attacked themselves.

I

I guess um on video, and um that happened um so of course the other ca could have also a split. That may be a different thing: it might have different characteristics as things and that's part of the goal. If we're going to convince these uh reviewers security reviewers that this anchor is actually properly taken care of, then you need to actually sit down and go well. What what? How is it taken care of care of?

I

And what does that mean and then there's a final thing that you might think about is: is that the same ca and it could be and there's some good reasons to make it the same ca and there's some good reasons to make it a different ca and all I really want to do with this document and have a manufacturer say? Yes, no, that's all um these are questions that I want to ask, and so really what I want to get in this document is the.

I

What are the list of questions that we would like to have and answers for um and we're putting no value judgment on whether which is better? That's it from.

I

Me.

C

So, what's your trajectory your plan, trajectory for this document is that sometimes.

I

I would like the t2g rg to adopt it. That would be my preference. I would be very happy to take uh co-authors on it. um I really want to be able to reference this in two documents on operational considerations um that uh have been written in in the uh for the animal working group.

I

um I think that there will be other things that may be quite willing to to reference it um and all of these other onboarding type mechanisms, I think, should be able to quite easily say uh what's going on and which ones apply to them, um and so this wouldn't apply in most cases.

I

This this analysis wouldn't apply to the fido onboarding system, but rather to the um qualcomm implementation of the fido onboarding system, and so qualcomm would say what what is their policy they or what are they doing and how are they doing it um and they don't need to tell us our details. They don't need to tell us the names of the secret splitted people. That's completely uninteresting.

I

What's interesting is that we can understand what level of of uh caution they've taken and, of course, with every level of caution comes a corresponding uh kind of inverse level of of operational impediment right um in many cases,.

C

So how do you see this document interact with the the one we discussed before.

I

Well, that's an interesting question. um I think that uh while we could do some amount of of uh cooperation between them in terms of terminology, I would like to adopt whatever terminology the uh the other document is proposing.

I

So I think that's a commonality, uh so I would think this document needs to reference the other document for the the different steps and the different things that go on. um I'm not sure if there's references the other direction that make any sense, but if there are then of course we could do them, but I don't. I see them as being related, but not necessarily co-involved.

I

I don't think it would make sense to merge them in any way. For instance,.

C

Okay, so this document would essentially play the role that some of the other examples that are in the other document play or is there something different about your document.

I

It is not a use case that the other document would look at, but rather it is uh looking at a particular well, so you know so this is my view.

I

This is my view of the other document right and so I'm interested in. What's in the yellow box that supports the rest of it, and so, if you like, as I said, think of this as now driving in the third dimension up and down into your screen, and what does that mean for this? So so I would expect this kind of activity to be mentioned in the first document that, for instance, you, the a player being a manufacturer, may prepare an idev id or some kind of other.

I

Some cases are still producing per customer skus with per customer secrets, for instance, um and that's something that can happen that can be explained and can be done right, but that when you want to go details as to what is the manufacturer actually doing, then that my document is what matters and it could be that in the bluetooth mesh, for instance, situation. Well, that's not an example where the manufacturer was there, but the dpp situation.

I

Different manufacturers may in fact produce devices that have different security properties because they build them in different factories which have different security properties, and I don't think it's the role of the the protocol review to say something about the uh characteristics of the of the individual devices, but rather of the class of the onboarding or uh process.

I

So it could be up to this amount of security. If the manufacturer does the most security and it could be the at least the least amount of security, if the manufacturer does the minimum amount. But if you want to know what amount the manufacturer actually does, then you need to know you need to ask the manufacturer for their.

I

You know rfc one two, three four statement and then you'd get that statement and say: oh okay, so I can't use this in medical things because you didn't do enough uh due diligence on your security, but I can use this in my house right.

C

Okay, I think that that's an interesting way to to kind of specialize the the more general approach that the other document has, and I think that's somewhat something we can benefit for from, in particular with respect to getting a feel for how levels of security might be um expressed, because that that's not certain currently something that we have a lot of grasp.

C

For I mean we have bits of security, we can distinguish 128 bits from 256, but we don't really have levels of security for particular operational uh consideration.

I

And I'm not actually asking to establish levels of security, I think that's outside of the ietf and the irtf's uh uh uh um view that needs to be established by somebody else, but in the you just use one one parameter levels of bits of security right, and so that's a that's a question you can say what is your? What is your aes bit level count and someone can answer that, um but, as we know, that's maybe completely meaningless. If the 256 bit key is printed on the side of the building right. So that's.

I

What we're asking right is is okay, you've got this thing and where does it go? What is it happens to it.

C

Okay, so um how? How do we get those reviews so who would be interested in actually putting some uh review of this document up? I see mohitch.

H

I can obviously volunteer to review. uh I joined the queue to say that, if, if you're going to adopt this, I think we'll need to like obviously involve the ops people in the ietf to look at this and perhaps also like. uh If the chairs can help like get reviews from the actual manufacturers and ceos uh to kind of make sure that the processes that that are written in the draft uh reflect what is happening in inside their organizations.

I

uh

H

I don't think we.

I

Need to I've actually presented the document to about six manufacturers at this point, and most of them were nodding um getting them to actually write some kind of comments about.

I

It has been difficult to pull teeth, um but um I think that with the pandemic waning, I think that we, I will be able to come back and uh um get some more of their time, so I've actually done a lot of that already in the past year, um and uh I I in many cases they're like huh I got to think about what I can say and what I can't say under nda and that's what's actually taking them time. Is they just can't walk into the lawyer's office and say well? What can I do.

C

I think, in the long run we will have to mix in some some uh considerations as well, because all these uh systems of course need to maintain their trustworthiness.

C

So I think we will put some of this uh in there as well.

I

So so you know, there's also some other aspects, so that's actually written in some of the document is there um and so using your idev id or some other key that you have uh provisioned for the purpose of signing evidence um is also is, is one of the things the manufacturer provides um as.

I

Well,.

C

What.

H

uh Yeah I'll just uh kind of respond to michael, that's great that you have presented, and at least I'm not expecting them to like write uh comments on the list or I don't know, review the draft or anything like that. It's just good to know that they have kind of seen your presentation and no not to it so kind of indicating that whatever is there is correct. So that's that's what I was looking for and that's I think enough for me.

I

I would like them to write an email that I could share publicly. That says we have read the document and we don't see anything that we couldn't. You know uh we couldn't uh reply to.

C

Yeah, I think that that's an interesting discussion how we do we actually elicit this information. I think in the end, we will also need to to involve people who make regulations and discuss with them what they actually might be eliciting from from manufacturers, uh so that that might be an interesting other part of the conversation.

I

It seems.

C

Over time likely about finishing thought.

I

I was going to say that that that this is why it's a taxonomy, because we not we're not, we, we really don't want to make a judgment about any of the content. We really want the regulators to say and therefore this number shall be at least 12 or something right, and our goal is just to figure out what is the number 12? Actually, what is what is 12? Actually, what are the units for the number 12? uh What are the units that 12 is denominated in or whatever the.

K

Red word is.

I

They say yeah.

C

Okay, thank you michael, so we we're at the end of uh our time and at the end of the uh agenda again, we we will have a hackathon in july. We will have another research group meeting at some point in september, so I think what is left to be done is wishing everybody a great summer and talk to you soon.

B

Great, thank you. Everyone talk to you soon.

A

Again, for.

A

Everybody.