Dear all and Michael,

I am piggybacking on Michael's last mail on the IoT BCOP document. We have been discussing this topic for a while and we need to go further. 

Last time, we discussed there was a brief consensus for this subject within RIPE Scope : "Best Current Operational Practice (BCOP) document in RIPE scope for proactively mitigating IoT attacks". If there is an alternative opinion, please express.

There were proposals from Eliot and others, that we should begin with an outline. The initial outline was as follows:

-------

The threat
    Some background on device capabilities and limitations
    Who can do what to improve the situation?
        Devices
        CPE gear
        Upstreams
        IoT Manufacturers
        Consumers (let's not ask much)

-------

The functionality for controlling the home network traffic would typically include:

    Insight in all the devices connected to the home network.
    Possibility to block traffic.
    End-user friendly GUI and traffic management possibility.
    Option to have the traffic management outsourced (e.g. to an ISP).
    Blocking of compromised IoT devices.
-------

We could have discussion on the following points:

1. Outline

2. Volunteers (who wish to contribute)

3. Champions (who will lead the work) - We could limit the number of Champions

4. A deadline

These are my two cents. Please feel free with your feedback/contributions.

Sandoche.