[iot-wg] the vague IoT/RIPE-NCC training question

{did we sort out who are the new co-chairs?}

Peter Steinhäuser <ps at embedd.com> wrote:
    > Regarding your initial topic about the NCC training offerings I tend to stand on Jim’s
    > side. Nevertheless I think this WG could:

    > 1) Identify IoT aspects that affect ISPs from the broad field of topcis, as you already
    > mentioned a bit further below. @Daniel: I salute your comment, I think that’s we
    > should focus on.

    > 2) Work on RIPE documents, i.e. like the BCOP document we were working on. Such
    > documents then could found a base for trainings, if done by the RIPE NCC or third
    > parties tends to be seen.

Any other thoughts?

    > Getting engagement from the ISPs seems a tricky matter. Inside prpl currently IoT is
    > not a relevant topic, at least none of the major ISPs seems to have brought it up, yet.
    > Talking to IXPs as well could give us broader view. Although they have not direct control
    > about the end user’s CPEs they can get seriously affected by DDoS attacks and
    > should have a good interest in prevention.

This concern is what originally motivated CIRA to engage in the SHG project.
What we really have is a major, industry-wide, tragedy of the commons
https://en.wikipedia.org/wiki/Tragedy_of_the_commons situation.
The entities most affected by poor security and resulting DDoS attacks are
not the entities able to affect change.  The ones who could affect change do
not have the resources and/or motivation to do so.

    >> So, what would I like to see:
    >>
    >> 1) increase connection with RIPE NCC with organizations like
    >> iotsecurityfoundation.org.  IoTSF is among the few places I've found which
    >> are not about hype or marketing, who seem to have real connections to both
    >> places/people technical and people/places regulatory.  Like the IETF, though,
    >> we need more participation of operators.... not just the airy-fairy senior
    >> security architects from various ISPs, but actual people in the
    >> trenches.

Let me ask a question here.
Is there a means by which the RIPE NCC can (or is already) be in the loop for reports about DDoS
attacks on ISPs and critical (European) infrastructure?
I don't mean *me*, or the IOT-WG.   I understand that this kind of thing is
often confidential.  I am asking if the RIPE NCC can act as an air-gap
firewall, exfiltrating important aspects of the incidents.
We can only fix things that we can measure!
Also: _tell me how you will measure me, and I'll tell you how I will act_

    >> Is there an opportunity to collect wisdom together?
    >> Maybe some kind of symposium of operators and openwrt developers could
    >> happen.  OpenWRT has had conferences, although often not that well advertised
    >> in advance.  pprlFoundation sometimes has conferences I think.   The
    >> WBAlliance does stuff, but alas, 90% of what I see is total marketing.

One approach might be a small colloquium of operators/developers meeting
under Chatham House rules.  I'm sure that I could get IoTSF to host such a
thing in London, but there may be better times/places at which the right
people are already there.  Note that for the conversation to be genuine it
couldn't be open to the public, but a report would be generated.



--
Michael Richardson <mcr+IETF at sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 515 bytes
Desc: not available
URL: </ripe/mail/archives/iot-wg/attachments/20220706/405c6e56/attachment.sig>