**Session Date/Time:** 26 Jul 2023 22:30

# iotops

## Summary
The IoT Operations (iotops) working group meeting at IETF 117 covered several key topics including an IoT security survey draft, a comparison of COAP security protocols, device schema extensions to the SCIM model, and a draft proposing certificate-less enrollment protocol for constrained IoT devices (Bruskey CLE). Discussions revolved around the direction and improvement of these drafts, soliciting co-authors and reviewers, and addressing security considerations.

## Key Discussion Points

*   **IoT Security Survey Draft:**
    *   Purpose: To map security requirements from existing standards to IETF and related technologies.
    *   Current Status: Covers ALISA baseline and NIST IoT cybersecurity capability core baseline.
    *   Need for co-authors and reviewers due to the expected growth of the document.
    *   Discussion on whether this document should become an RFC or remain a perpetually updated draft.
*   **Comparison of COAP Security Protocols:**
    *   Discussion of the progress of the draft, including addressing comments from IETF 116 and early IUT review.
    *   Concerns were raised about terminology, key exchange, and security considerations, with plans to address them.
    *   Decision needed on whether to wait for CTLS to be published before moving to working group last call.
*   **Device Schema Extensions to SCIM:**
    *   Goal: To abstract onboarding mechanisms and offer a provisioning interface.
    *   The communication reverses, and partners who are providing IoT devices into an enterprise environment will call into SCIM and also link to an ALG.
    *   Updates to the endpoint application schema were discussed.
    *   Open API model provided in the appendix for testing.
*   **Bruskey CLE (Certificate-Less Enrollment Protocol):**
    *   Draft proposes an alternative to certificate-based authentication for constrained IoT devices using certificate-less cryptography.
    *   Discussion about the claimed improvements in computational efficiency and transmission overhead compared to certificate-based methods.
    *   Concerns were raised about the reliance on IBC and its scalability and security considerations.

## Decisions and Action Items

*   **IoT Security Survey Draft:**
    *   Seek additional co-authors and reviewers.
    *   Continue development as a draft for now; revisit RFC status later.
*   **Comparison of COAP Security Protocols:**
    *   Sean to address Russ’s comments and submit version 03.
    *   Chairs to check with TLS working group about CTLS publication timeline.
    *   Working group to decide whether to wait for CTLS publication before last call.
*   **Device Schema Extensions to SCIM:**
    *   Elliot to correct language clarity issues.
    *   Elliot to correct regex inconsistencies for MAC addresses.
    *   Intend to release LSS code for testing.
*   **Bruskey CLE:**
    *   Author to address concerns raised about IBC and its security implications, especially scalability and potential vulnerabilities with centralized key generation.
    *   Author to clarify comparisons with TLS in later presentations.

## Next Steps

*   Continue development and refinement of all drafts based on feedback.
*   Seek additional co-authors and reviewers for the IoT security survey.
*   Address comments and issues raised during the meeting.
*   Determine a timeline for progressing the COAP security protocols comparison draft to working group last call.
*   IoT Net is potentially being utilized in Prague, but its status is currently unsupported.