Early 2011, the Internet Architecture Board (IAB) solicited position statements for a workshop on 'Interconnecting Smart Objects with the Internet', aiming to get feedback from the wider Internet community on their experience with deploying IETF protocols in constrained environments. The workshop took place in Prague on March, 25th, 2011. During the workshop a range of topics were discussed, including architecture, routing, energy efficiency, and security. The workshop report summarizes the discussion and suggested several next steps.
During the months following the workshop indeed a number of IETF initiatives were started, IETF participants submitted Internet drafts, and hands-on code hacking events at IETF 81 and 80 were organized to better facilitate the exchange of ideas.
With the contributions on security in the IETF CoRE working group as well as in the IETF TLS working group it became clear that further discussions on security are necessary and that those will have to feed in implementation and deployment experience as well as a shared understanding how various building blocks fit into a larger architecture. The discussions in these two working groups only serve as a starting point.
The workshop participants are encouraged to share their thoughts about the ability to utilize existing and widely deployed security mechanisms for smart objects. In particular, we are interested to hear about:
- What techniques for issuing credentials have been deployed?
- What extensions are useful to make existing security protocols more suitable for smart objects?
- What type of credentials are frequently used?
- What experience has been gained when implementing and deploying application layer, transport layer, network layer, and link layer security mechanisms (or a mixture of all of them)?
- How can “clever” implementations make security protocols a better fit for constrained devices?
- Are there lessons we can learn from existing deployments?