**Session Date/Time:** 05 Nov 2025 21:00

# IOTOPS

## Summary

The IOTOPS session covered updates on several drafts including MUD URL authorization, ownership and licensing for YANG modules, IoT DNS security and privacy guidelines, privacy preference declarations for IoT, and MUD in constrained environments. A significant part of the session was dedicated to the `7228bis` draft, updating the definition of constrained nodes, which is moving towards Working Group Last Call. Discussions highlighted the importance of standardized signaling protocols, secure updates, and comprehensive guidelines for IoT deployments.

## Key Discussion Points

*   **Authorized update to MUD URLs (Michael Richardson):**
    *   The draft addresses the secure evolution of MUD profiles when multiple URLs are needed, particularly when using less secure conveyance mechanisms like DHCP or L-LDP compared to I-Dev-ID.
    *   The proposed solution allows changing only the last component of a MUD URL, with the new MUD file containing a self-reference that becomes the new valid URL. This maintains security by preventing an attacker from arbitrarily changing the full URL.
    *   The document is considered mature and ready for Working Group Last Call.
*   **Ownership and Licenses for YANG Modules (Elliot and Carsten Bowman):**
    *   This draft, transferred from OPSAWG, aims to convey licensing information for YANG-based files (e.g., MUD files, YANG modules).
    *   Key issues under discussion include:
        *   Confirming "owner" as the appropriate term for specifying rights.
        *   Determining the best data typing for license identifiers (URI vs. SPDX strings).
        *   How to effectively express licensing for derivative works, with Carsten advocating for more examples to guide model design.
    *   The plan is to post an updated draft after addressing these issues and then proceed to Working Group Last Call. Carsten clarified that the draft focuses on the licensing of data instantiations generated by the model, rather than the YANG models themselves.
*   **IoT DNS Security and Privacy Guidelines (Jim):**
    *   This draft, based on research by University College London, provides IoT-specific guidelines for DNS security and privacy, covering common implementation and behavioral issues observed in IoT devices.
    *   Recommendations include using encrypted DNS (DoH/DoQ), proper source port transaction idealization, supporting EDNS and truncation on devices, network operators restricting resolution to management domains, and manufacturers signing zones and publishing their domains.
    *   Feedback suggested moving security considerations section up, elaborating on resolver discovery for encrypted DNS protocols, and adding more rationale for the recommendations. It was noted that DNS over CoAP (DoC) is now published as DoQ.
    *   The call for adoption for this draft was indicated as positive so far.
*   **Privacy Preference Declarations (Daniel):**
    *   This new work proposes a user-centered privacy philosophy for home IoT devices, focusing on transparency and control through "personal" or "household" privacy policies.
    *   The goal is to simplify expressing privacy preferences and data handling expectations to devices, enabling automated compliance and consent pathways.
    *   The proposed architecture involves a device publishing a privacy declaration, accessible by device operators, with an acknowledgment mechanism.
    *   Discussion centered on whether the IETF is the appropriate venue, with Daniel arguing for the need for a *standardized signaling protocol* and *data models* for data primitives, which falls within IETF's scope.
    *   Challenges include vendor adoption, the need for a rich vocabulary, and the "chicken and egg" problem of defining the signaling mechanism before wider adoption or labeling schemes can be effective.
*   **Using MUD in Constrained Environments (Hello One):**
    *   This draft addresses the issues of MUD URL manipulation with DHCP/L-LDP and their unavailability in constrained IoT environments.
    *   It proposes extending the MUD architecture with a "CoAP MUD receiver" that can obtain MUD URLs using CoAP.
    *   The draft suggests using CWTs (CBOR Web Tokens) and a proof-of-possession mechanism to securely bind MUD URLs to devices, signed by the manufacturer.
    *   Open questions include fleshing out the proof of possession, security considerations, and determining the scope of devices hosting their own MUD files.
    *   Participants noted that the applicability extends beyond strictly constrained environments and highlighted the need to integrate with existing authentication mechanisms like WebPKI, while also considering disconnected environments.
*   **7228bis - Definition of Constrained Nodes and Networks bis (Carsten Bowman):**
    *   This draft updates RFC 7228, which defined "constrained devices" in 2014.
    *   Key updates include expanding device classes beyond Class 2, adding peer class numbers (e.g., for Raspberry Pis, smartphones), and addressing editorial improvements.
    *   Two technical changes are proposed: explicitly discussing the importance of header compression at different physical bitrates (critical below 10 bits/sec, less so above 1 Mbps) and introducing isolation functionality for devices that can securely lock away memory during boot.
    *   The draft is considered ready for Working Group Last Call.

## Decisions and Action Items

*   **Authorized update to MUD URLs:**
    *   **Action:** Chairs to solicit reviews for the draft, specifically requesting a DNS Directorate review, before initiating a Working Group Last Call.
*   **IoT DNS Security and Privacy Guidelines:**
    *   **Action:** The author will consider adding more rationale for the recommendations, incorporate DNS over CoAP (now DoQ), and potentially add an "unresolved issues" section to the draft.
*   **7228bis - Definition of Constrained Nodes and Networks bis:**
    *   **Decision:** The chairs will initiate a Working Group Last Call for this draft.
    *   **Action:** The author will compare notes with the RATS working group regarding confidential computing and attestation results to ensure consistency or cross-pollination of ideas.

## Next Steps

*   **Authorized update to MUD URLs:** Proceed to Working Group Last Call following solicitated reviews.
*   **Ownership and Licenses for YANG Modules:** Address open issues (owner vs. originator, data typing, derivative work licensing examples, split model), post an updated draft, and then move towards Working Group Last Call. Consider exploring options for moving this work to a more public and governed organization.
*   **IoT DNS Security and Privacy Guidelines:** Await the outcome of the call for adoption. Further refine the draft based on feedback.
*   **Privacy Preference Declarations:** Seek collaboration with device makers and protocol experts for proof-of-concept implementations. Continue to get feedback on the draft, focusing on developing the standardized signaling mechanism.
*   **Using MUD in Constrained Environments:** Continue discussions on the mailing list to address open issues (proof of possession, security considerations, alternative terminology, scope of device-hosted MUD files) and determine the future standardization path for the draft.
*   **7228bis - Definition of Constrained Nodes and Networks bis:** Initiate Working Group Last Call. The goal is to address reviews promptly and publish the document.