Technical Summary
Vulnerabilities with Internet of Things (IoT) devices have raised the
need for a reliable and secure firmware update mechanism that is also
suitable for constrained devices. Ensuring that devices function and
remain secure over their service life requires such an update
mechanism to fix vulnerabilities, to update configuration settings,
as well as adding new functionality.
One component of such a firmware update is a concise and machine-
processable meta-data document, or manifest, that describes the
firmware image(s) and offers appropriate protection. This document
describes the information that must be present in the manifest.
Working Group Summary
Nothing worth noting. Consensus was straightforward, and
a large number of participants provided feedback on earlier
versions, as noted in the Acknowledgements section.
Document Quality
This document is a set of threats and requirements and as such
is not implemented directly. There are implementations of
draft-ietf-suit-manifest which is one specification that
meets the requirements in this document.
This document has gone through many reviews with incremental
changes over time. Section 6 (acknowledgments) contains a long
list of those who have reviewed this document over time.
Personnel
The Document Shepherd is Dave Thaler
The Responsible Area Director is Roman Danyliw