<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \(Cuerpo en alfa";
panose-1:2 2 6 3 5 4 5 2 3 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML con formato previo Car";
margin:0cm;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.HTMLconformatoprevioCar
{mso-style-name:"HTML con formato previo Car";
mso-style-priority:99;
mso-style-link:"HTML con formato previo";
font-family:Consolas;}
span.EstiloCorreo21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:869682390;
mso-list-type:hybrid;
mso-list-template-ids:1429472220 67764241 67764249 67764251 67764239 67764249 67764251 67764239 67764249 67764251;}
@list l0:level1
{mso-level-text:"%1\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style></head><body lang=ES link=blue vlink=purple style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'>Hi all,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'>I’m not sure if this should be considered in this document or other future ones, or other foras.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><ol style='margin-top:0cm' start=1 type=1><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo1'><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'>Should IoT devices be allowed to send information to the cloud “always” or the user must have the choice to disable that? I’ve seen many devices, even CPEs, using OpenWRT or a derivative firmware, sending stuff to the manufacturer, “hijacking DNS”, etc. This may be even a regulatory issue.<o:p></o:p></span></li></ol><p class=MsoListParagraph><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><ol style='margin-top:0cm' start=2 type=1><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo1'><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'>Should IoT devices have a standard API to be managed? Otherwise, consumers are unprotected and they may need to throw to the trash can hundreds of euros in case of a manufacturer Cloud failure, vendor bankruptcy, vendor failure to provide security updates, etc., etc.<o:p></o:p></span></li></ol><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'>In my opinion both are related to device security in the Home. I’m also not saying is in the scope of this WG, as said, it may come to IETF, other standardizations foras, even regulation. It is like when we regulate if a device complies with FCC, CE mark, UL, etc., etc., but in terms of security or consumer protection.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;color:black'>One last point. I think it will be very useful to have page numbers in this (and every) document … also in other BCOP documents, we added an annex with terminology.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;color:black'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;color:black'>Regards,<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US style='font-size:12.0pt;color:black;mso-fareast-language:EN-US'>Jordi<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US style='font-size:12.0pt;color:black;mso-fareast-language:EN-US'>@jordipalet<o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US style='font-size:12.0pt;color:black;mso-fareast-language:EN-US'><o:p> </o:p></span></p></div><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><div><p class=MsoNormal style='margin-left:35.4pt'>El 12/2/21 15:41, "iot-wg en nombre de Eliot Lear" <<a href="mailto:iot-wg-bounces@ripe.net">iot-wg-bounces@ripe.net</a> en nombre de <a href="mailto:lear@lear.ch">lear@lear.ch</a>> escribió:<o:p></o:p></p></div></div><div><p class=MsoNormal style='margin-left:35.4pt'><o:p> </o:p></p></div><p style='margin-left:35.4pt'>Hi Töma<o:p></o:p></p><p style='margin-left:35.4pt'>And it is phrased slightly awkwardly. How about this:<o:p></o:p></p><p style='margin-left:35.4pt'>"Comparing internet layer and layer four information to known deny-lists ("blocklists")"<o:p></o:p></p><p style='margin-left:35.4pt'>and <o:p></o:p></p><p style='margin-left:35.4pt'>"Validating that the internet layer and layer four information matches an associated MUD profile"<o:p></o:p></p><p style='margin-left:35.4pt'>?<o:p></o:p></p><p class=MsoNormal style='margin-left:35.4pt'>Eliot <o:p></o:p></p><div><p class=MsoNormal style='margin-left:35.4pt'>On 12.02.21 14:42, Töma Gavrichenkov wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:35.4pt'>Peace,<o:p></o:p></p><div><div><p class=MsoNormal style='margin-left:35.4pt'>On Fri, Feb 12, 2021, 3:56 PM Constanze Dietrich <<a href="mailto:constanze.die@gmail.com" target="_blank">constanze.die@gmail.com</a>> wrote:<o:p></o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm'><div><div><p class=MsoNormal style='margin-left:35.4pt'>Since RIPE 81, the "BCOP" document was refined again and now declared DONE under the title: "Architectural Considerations for IoT Device Security in the Home" (document attached).<o:p></o:p></p></div></div></blockquote></div><div><p class=MsoNormal style='margin-left:35.4pt'><o:p> </o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'>Section 4 sort of implies that there are only two Layer 4 protocols. It'd be very nice if the final RIPE document doesn't have such implications.<o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><o:p> </o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'>--<o:p></o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'>Töma<o:p></o:p></p></div></div><p class=MsoNormal style='margin-left:35.4pt'><br><br><o:p></o:p></p><pre style='margin-left:35.4pt'>_______________________________________________<o:p></o:p></pre><pre style='margin-left:35.4pt'>iot-wg mailing list<o:p></o:p></pre><pre style='margin-left:35.4pt'><a href="mailto:iot-wg@ripe.net">iot-wg@ripe.net</a><o:p></o:p></pre><pre style='margin-left:35.4pt'><a href="https://mailman.ripe.net/">https://mailman.ripe.net/</a><o:p></o:p></pre></blockquote><p class=MsoNormal style='margin-left:35.4pt'>_______________________________________________ iot-wg mailing list iot-wg@ripe.net https://mailman.ripe.net/ <o:p></o:p></p></div><br>**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
http://www.theipv6company.com<br>
The IPv6 Company<br>
<br>
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.<br>
<br>
</body></html>