Shane- Thanks for noticing. The DNSSEC/IoT security piece is the usual "using DNS+DNSSEC to distribute public keys"/DANE thing to provide some way to bootstrap security in IoT devices (vendors can then go use their own proprietary "lighter weight" mechanisms). Now I know, having tried writing some validators for ESP8266 etc..., that your low end IoT device doesn't really have a lot of RAM/ROM to deal with RSA DNSSEC validation but I do find many new low-end chipsets to have ECC engines built in. So there is hope. But I know you know all that. Sorry for pushing DNSSEC but it is kinda my thing here. Cant blame a guy for doing his job - can you? -Rick
-----Original Message----- From: Shane Kerr [mailto:shane@time-travellers.org] Sent: Thursday, December 15, 2016 2:25 AM To: Richard Lamb <richard.lamb@icann.org> Cc: iot-discussion@ripe.net Subject: Re: [iot-discussion] fwiw iot slide-ware fodder
Rick,
At 2016-12-14 23:52:25 +0000 Richard Lamb <richard.lamb@icann.org> wrote:
An animated slide ive been using for iot over the past few years. https://www.co.tt/files/iotslide.pptx I am not an artist but if useful, feel free to use. -Rick
I like this because there seems to be a persistent desire to invent some new naming system for IoT. :)
To be fair though, DNS and/or DNSSEC does not really address many of the security problems with IoT. Can you explain a little bit about the context of this slide?
Thanks!
-- Shane