Hi all, I’m not sure if this should be considered in this document or other future ones, or other foras. Should IoT devices be allowed to send information to the cloud “always” or the user must have the choice to disable that? I’ve seen many devices, even CPEs, using OpenWRT or a derivative firmware, sending stuff to the manufacturer, “hijacking DNS”, etc. This may be even a regulatory issue. Should IoT devices have a standard API to be managed? Otherwise, consumers are unprotected and they may need to throw to the trash can hundreds of euros in case of a manufacturer Cloud failure, vendor bankruptcy, vendor failure to provide security updates, etc., etc. In my opinion both are related to device security in the Home. I’m also not saying is in the scope of this WG, as said, it may come to IETF, other standardizations foras, even regulation. It is like when we regulate if a device complies with FCC, CE mark, UL, etc., etc., but in terms of security or consumer protection. One last point. I think it will be very useful to have page numbers in this (and every) document … also in other BCOP documents, we added an annex with terminology. Regards, Jordi @jordipalet El 12/2/21 15:41, "iot-wg en nombre de Eliot Lear" <iot-wg-bounces@ripe.net en nombre de lear@lear.ch> escribió: Hi Töma And it is phrased slightly awkwardly. How about this: "Comparing internet layer and layer four information to known deny-lists ("blocklists")" and "Validating that the internet layer and layer four information matches an associated MUD profile" ? Eliot On 12.02.21 14:42, Töma Gavrichenkov wrote: Peace, On Fri, Feb 12, 2021, 3:56 PM Constanze Dietrich <constanze.die@gmail.com> wrote: Since RIPE 81, the "BCOP" document was refined again and now declared DONE under the title: "Architectural Considerations for IoT Device Security in the Home" (document attached). Section 4 sort of implies that there are only two Layer 4 protocols. It'd be very nice if the final RIPE document doesn't have such implications. -- Töma _______________________________________________ iot-wg mailing list iot-wg@ripe.net https://lists.ripe.net/mailman/listinfo/iot-wg _______________________________________________ iot-wg mailing list iot-wg@ripe.net https://lists.ripe.net/mailman/listinfo/iot-wg ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.