Minutes interim-2021-iotops-01: Tue 15:00
minutes-interim-2021-iotops-01-202104201500-00

MINUTES
15:30 Logistic & WG charter discussion
(10 min; Warren Kumari & Rob Wilton)

Warren: Giving a quick intro.
Toerless:
Thanks for making this group happen!
We should ask folks to provide feedback on whether this group is useful (and I
agree that it is) On Charter: Would like to also see “problem-statements” to be
valid work in iotops / Warren: gap-analysis would have been better Eliot: To
answer question for Toerless, see my presentation later.

15:40 OMA/IoT device management protocol LwM2M with respect to device onboarding
(15 min; Hannes Tschofenig)

Mohit: Have been reading the specs. Question on ACLs: Is there anything that
the xxx specs have to do in ACE or OAuth? Hannes: OAuth and ACE would be a
dynamic model, involving humans, and technicians. LWM2M doesn’t talk about more
complex scenarios. Henk: Would be interesting to see what do you want to see
here (within this WG)? Hannes: For us, what to maintain a lively exchange with
IETF community, have lots of dependencies on IETF specifications, would like a
better flow of information, and better understand how the specifications evolve.

15:55 Overview on the FIDO Alliance specification for device onboarding
(15 min; Geoffrey Cooper)

Henk: A lot of overlap in the general direction, but discrepencies in the
details? What alignment and support do you see here? Geoffrey: Thought about
whether we should stop early. Would already have a protocols. Felt that there
was an impedence mismatch. Need to have a place where you can do a massaging of
the device. Use FDO onboarding to provision XXX credentials. We have also used
to bring up the entire OS and container system. Destination has the ability to
tailor the device (which we call late binding). But we are not trying to device
management. Ash Wilson: Question about why DNS was not used (for rendevous).
Geoffrey: Not the same server managing the IOT as managing the DNS. Easier
within an organization to bring up an application server rather than having to
manipulate he DNS. Also had a brake out mechanism. Rendevous mechanism is not a
big server, but a little server. Dan Harkins: What is in the XXX datastructure?
What else does the manufacturer need to put in. Geoffrey: Manufacturer
certificate, Manufacturer key. As ownership voucher moves through the supply
chain can build up a ledger of certificates as to where the device has been. If
you have a reliable supply chain you would probably already have this mechanism.

16:10 Deep Thoughts on Network Onboarding Challenges
(10 min; Eliot Lear)
https://datatracker.ietf.org/doc/draft-lear-iotops-onboard-intr/?include_text=1

Henk: Huge fan of problem statements. Fleshing that out in a document would be
a good first step. Geoffrey: One issue is that the supply chain is going to be
enormous. Need to think about how to get objects in a company and out to
another one. This might be a way to think about the problem. Eliot: Thank you,
I’ll be in touch.

16:20 Provisioning of IoT devices: Home Routers
(10 min; Michael Richardson)

Henk: Will ask about a virtual interim as a question.
Erik: Will send comment to the list

RAISING HAND FOR TWO HUMS: WOULD YOU LIKE TO PARTICIPATE IN A NEAR TIME (4+
WEEKS’ISH) FOLLOW UP FIRST INTERIM MEETING? (HANDS ACTIVELY RAISED: YAY, HANDS
ACTIVELY NOT RAISED: NAY) RAISE HAND 26 DO NOT RAISE HAND 1 PARTICIPANTS 68