Dear all and Michael,
I am piggybacking on Michael's last mail on the IoT BCOP document. We have been discussing this topic for a while and we need to go further.
Last time, we discussed there was a brief consensus for this subject within RIPE Scope : "Best Current Operational Practice (BCOP) document in RIPE scope for proactively mitigating IoT attacks". If there is an alternative opinion, please express.
There were proposals from Eliot and others, that we should begin with an outline. The initial outline was as follows:
-------
The threat
Some background on device capabilities and limitations
Who can do what to improve the situation?
Devices
CPE gear
Upstreams
IoT Manufacturers
Consumers (let's not ask much)
-------
The functionality for controlling the home network traffic would
typically include:
Insight in all the devices connected to the home network.
Possibility to block traffic.
End-user friendly GUI and traffic management possibility.
Option to have the traffic management outsourced (e.g. to an
ISP).
Blocking of compromised IoT devices.
-------
We could have discussion on the following points:
1. Outline
2. Volunteers (who wish to contribute)
3. Champions (who will lead the work) - We could limit the number
of Champions
4. A deadline
These are my two cents. Please feel free with your feedback/contributions.
Sandoche.