On 22 Oct 2018, at 22:29, Michael Richardson <mcr@sandelman.ca> wrote:
Indeed. However at least MUD files should (in principle anyway) give people an idea of what their latest IoT toy will do once it’s plugged in. Though just saying it phones home to google/Amazon/Facebook every so often isn’t much help if you don’t know what it's sending and receiving. Or why it’s doing that.
I disagree.... please don't over-extend what this is designed to do!
MUD files will not, even in principal, tell people what the device will do! It simply say, "will phone home to XYZ on port Q" (for various ways of expressing XYZ).
Michael, I think we are in violent agreement. MUD files are a step in the right direction. They will tell people that their IoT things are phoning home and what sorts of traffic is being generated. This is to be strongly encouraged. It would be even better if we knew what data were carried in that IoT traffic (and why). Though that’s not something which MUD offers - at least not yet.