**Session Date/Time:** 04 Oct 2022 14:00 # [LPWAN](../wg/lpwan.html) ## Summary The LPWAN working group session addressed administrative items, reviewed the status of several drafts, and initiated a significant discussion on device identifiers and rule management within the Chic architecture. Previous minutes were approved, and updates were provided on the Yang data model (awaiting AD approval) and the NB-IoT draft (ITF Last Call ending, IESG ballot planned). The core technical discussion revolved around the necessity, representation, and security implications of device identifiers for Chic rules, as well as mechanisms for rule integrity, access control, and templating. No immediate consensus was reached on the need or specific format for a device ID, but the importance of authenticated rule fetching (e.g., using hashes of canonical CBOR representations) was highlighted. ## Key Discussion Points * **Administrative Updates**: * Previous meeting minutes were approved without corrections. * The Working Group Last Call for the `sicfox` draft was launched. IPR mails have been received, and reviewers are encouraged to provide comments. * The shepherd review for the `compound-ack` draft is underway. The shepherd has questions for the authors and is awaiting a final IPR answer. A Yang doctor review was noted as not yet performed, but the Yang model is considered straightforward. The AD suggested sending the review to authors first for informal discussion before publishing. * **Yang Data Model Status**: * Lauren provided an update, stating all comments, including those from Area Directors, have been addressed. The AD indicated that pending a final check on an XML instantiation example, the document is expected to be approved and sent to the RFC Editor by the end of the week. * **NB-IoT Draft Status**: * Anna reported that the `NB-IoT` draft received positive reviews from the Security and Operations directories. * A liaison statement was sent to 3GPP for review, with the AD noting that a quick reply is not typically expected. * The ITF Last Call for the `NB-IoT` draft concludes this week, and it is planned for IESG ballot on October 27th. * **Device Identifiers for Chic Rules (Lauren's Presentation)**: * Lauren presented on the problem of associating Chic rule sets (from `RFC 8724`, `8824`) with specific devices within the current Yang data model. * Existing identification methods (e.g., Open Chic's use of IP/port, LoRaWAN Device ID, `RFC 1939` URL format for MAC/DevUI) were discussed. Concerns were raised regarding their generality, uniqueness (e.g., rotating MAC addresses, varied MAC formats), and technology agnosticism. * The fundamental need for a "device ID" for Chic instances was questioned. For rule exchange between Chic instances, it was suggested that relying on Layer 2 or capability (i.e., agreeing on a set of rules) might be sufficient and potentially more secure, rather than requiring a distinct device identifier. * **Access Control**: The discussion highlighted a need to define access control for modifying Chic rules. The "Network Configuration Access Control Model" (NACM) was suggested as a potential approach, requiring further investigation for constraint environments. * **Privacy**: Privacy considerations are paramount, especially for devices that can be intrusive. While seen as orthogonal to the data model's identifiers, privacy must be addressed at the rule level (e.g., through dynamic addressing or session key rotation). * **Rule Instantiation/Templating**: For large deployments (e.g., smart grids), the ability to apply generic rule sets and instantiate device-specific parameters (e.g., replacing "$IP" with actual IP addresses) was discussed. The group considered whether this process is an implementation detail or requires standardization within the architecture document. * **Rule Integrity**: The importance of ensuring the integrity and authenticity of fetched rule sets was strongly emphasized. A mechanism using a canonical representation (e.g., CBOR via the Yang-to-CBOR RFC) combined with cryptographic hashes was proposed to verify rules, enabling trusted local caching and distribution (e.g., via CDNs within factories where internet access might be limited). ## Decisions and Action Items * **Decision**: The minutes from the previous meeting are approved. * **Action Item**: Pascal (co-chair) will continue documenting points related to device identification, rule integrity (e.g., hash-based verification), and rule instantiation/templating within the architecture document. He will collaborate with Alexander (co-chair) on specific wording. * **Action Item**: Alexander (co-chair) will send the `compound-ack` shepherd review to the authors for informal discussion before official publication and will await Juan Carlos's IPR answer. * **Action Item**: The working group encourages participants to review the `sicfox` draft during its Working Group Last Call. * **Action Item**: Lauren (Aloha) will further investigate and document the precise justification and properties for a "device ID" within the LPWAN architecture, clearly distinguishing its role from rule-set negotiation and capability. ## Next Steps * Continue the discussion on the necessity and specific properties of device identifiers within the LPWAN architecture document. * Further investigate the applicability of the "Network Configuration Access Control Model" (NACM) for managing access to Chic rule modifications in constraint environments. * Finalize the `compound-ack` shepherd review and associated IPR processes. * Progress the `sicfox` draft through its Working Group Last Call. * Await final Area Director approval for the Yang data model. * Prepare the `NB-IoT` draft for IESG ballot. * The re-chartering discussion for the LPWAN working group will be deferred to the next meeting if time permits. * The next working group meeting is scheduled in two weeks, ahead of IETF London.