This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/iot-wg@ripe.net/
[iot-wg] The DNS and the Internet of Things: Opportunities, Risks, and Challenges
- Previous message (by thread): [iot-wg] The DNS and the Internet of Things: Opportunities, Risks, and Challenges
- Next message (by thread): [iot-wg] The DNS and the Internet of Things: Opportunities, Risks, and Challenges
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
sandoche Balakrichenan
sandoche.balakrichenan at afnic.fr
Fri Jun 7 14:33:50 CEST 2019
Hi Eliot, Thanks for the response. My comments inline: On 07/06/2019 09:29, Eliot Lear wrote: > > Hi Ad & Sandoche, > > Good that SSAC has published something. There really are some big > challenges here for IoT. In the area of DNS, one challenge is that > in order to limit attacks, you really do want the network to limit > access to services, and that means knowing which domains the device > should be speaking to. > The SPIN project from SIDN (https://www.sidnlabs.nl/en/news-and-blogs/redesigning-spin-to-a-reference-platform-for-secure-and-privacy-enabled-iot-home-networks), seems to be a possible solution. Also, there is another plugin from Princeton that lets one to inspect IoT traffic in your home network right from the browser: https://iot-inspector.princeton.edu/blog/post/getting-started/ https://iot-inspector.princeton.edu/blog/ >  That creates some challenges. That means some sort of consistency > with regard to DNS query responses to the device and to the > enforcement point. The ultimate approach to that is coordination > between the resolver and the enforcement point, but snooping has > worked in the past. And so you can see some DoH challenges if IoT > devices implement that capability prematurely. > > ==> Is this a topic that our group can focus on and maybe prepare a RIPE BCP (Best Current Practice) or BCOP (Best Current Operation Practice) document like the document prepared by ICANN SSAC for the RIPE community? Please send your views. Sandoche. -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/iot-wg/attachments/20190607/b320ba79/attachment.html>
- Previous message (by thread): [iot-wg] The DNS and the Internet of Things: Opportunities, Risks, and Challenges
- Next message (by thread): [iot-wg] The DNS and the Internet of Things: Opportunities, Risks, and Challenges
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ iot-wg Archives ]