On 2010-10-16 11:16, David Conrad wrote:
> Mark,
>
> On Oct 15, 2010, at 11:48 AM, Mark Smith wrote:
>> So it won't be possible for the ISP to provide a
>> managed CPE service, because they don't control and can't be in control
>> of when the firmware is released to the CPE customers.
>
> I'd think that recommending having an option that disables unattended
> automatic update would address this concern. Managed service providers,
> since they'd be controlling the CPE, could go in and disable unattended
> automatic updates (if they so desire).
I think the discussion has shown that we (the IETF) don't have consensus
and that legal and commercial requirements will vary enormously in the
real world. To me there's only one possible conclusion: the IETF can't
"legislate" on this. So again here is my suggestion:
REC-13:
Residential Internet Gateways SHOULD provide a convenient means to
securely update their firmware, for the installation of security patches
and other manufacturer-recommended changes.
Brian
>> If the draft is going to persist with specifying that firmware is
>> automatically distributed and installed, then it is also going to have
>> to specify mechanisms as to how ISPs are going to put inline with this
>> process, between the vendor and the CPE, so they're going to be able to
>> prevent automatic upgrades occurring at times when it is inconvenient to
>> customers.
>
> Not really.
>
>> o would you be happy that your Internet attached TV's firmware is
>
> Sort of like my TiVo updating itself?
>
>> o would you be happy that your (eventual) Internet attached ECU's
> [...]
>> o would you be happy that your Internet attached plane's firmware is
>
> Presumably, vendors would figure out how to do upgrades with minimal risk if
> the decided to follow the IETF recommendations, e.g., the ECU can easily tell
> when the car isn't running (or even occupied) and a plane's systems can
> easily determine whether the engines are running (or whatever). Posing
> reductio ad absurdum scenarios probably isn't really helping the discussion.
>
>> I certainly understand the issue of CPE firmware not being upgraded
>> regularly.
>
> According to recent data out of DNS-OARC, there are between 160,000 and
> 320,000 name servers on the Internet still running BIND version 4 -- a name
> server that has been deprecated by ISC now for almost a decade.
>
> People generally do not interact with CPE devices outside of perhaps initial
> installation/configuration. They might cycle the power once in a while, but
> otherwise it is a black box. These unattended devices have proven to be a
> target for various forms of attacks. I believe we should learn from past (and
> current) experiences and make recommendations that address those experiences.
> Assuming that folks are going to become more conscientious about installing
> updates hasn't really worked in the past, I'm unsure why it will work in the
> future.
>
> Regards,
> -drc
>
> _______________________________________________
> v6ops mailing list
> v6...@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
