Randy Bush <ra...@psg.com> wrote:
>>> a stunning review as usual. but i have two questions which you kind
>>> of finessed. they are simple binary, i.e. yes/no, questions that the
>>> end user, to whom the IETF is ultimately responsible, really cares
>>> about.
>>
>>> if the manufacturer's servers go down, either permanently or even for
>>> a day, does the device i have purchased still work? i.e. is it fail
>>> soft? [0]
>>
>> First, BRSKI as used by ANIMA is specifically not targetted at Things.
>> (We are developing profiles of BRSKI that are about Things, but I
>> think that this internet-draft should not be be evaluated on that
>> basis).
>>
>> It's targetted at routers and other devices found at ISPs or
>> Enterprises.
> i missed where i said light bulbs. i do have some of those, but i run
> routers, servers, etc.; and do not want $vendor to break my network for
> *any* reason.
Then I suggest that you never patch the OS or apply firmware updates :-)
The reality is that they can break your network trivially if they want to.
But, you have a contract that says that they won't do that.
>> Second, the only time the manufacturer's servers need to be alive is
>> when device ownership is claimed.
> i.e. when i sell the router to some other op. that was my second
> question.
Yes, so when you sell the router, whether or not the buyer gets firmware
updates, the export firmware, or even a license is also up to the vendor, and
so the vendor already has a say. This really changes nothing, except that it
formalizes the arrangement in computer code rather than legal code.
I'm not particularly happy about this, btw, but I don't see a way to both do
secure imprinting and liberate the end user from vendor control. If you have
a way to solve this tussle, I'd really like to know.
>> Once the device is claimed, it joins *YOUR* network, and trusts your
>> infrastructure, not the manufacturer. Whether or not the device will
>> *operate* without the manufacturer's servers is really outside of
>> BRSKI.
> ahhh. we just sell the guns, we do not say how they are used.
naw, we just sell 3D printers, we do not say how they are used.
>> This is a pretty important question and we have discussed it at
>> length. I remain concerned, but as far as I can see, we have this
>> problem already.
> if i understand correctly, it creates a new problem, needing the
> manufacturer's consent for me to resell my light^Hrouter.
Yes, but operators already had this problem.
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
