Re: Notes on W3C WoT Security Use Cases from Benjamin Francis on 2017-07-19 (public-wot-wg@w3.org from July 2017)

From: Benjamin Francis <bfrancis@mozilla.com>
Date: Wed, 19 Jul 2017 13:00:03 +0100
To: daisuke.ajitomi@toshiba.co.jp
Cc: Soumya Kanti Datta <Soumya-Kanti.Datta@eurecom.fr>, "Reshetova, Elena" <elena.reshetova@intel.com>, public-wot-ig <public-wot-ig@w3.org>, public-wot-wg@w3.org
Message-ID: <CAKQmVV-s7FV2ABB+Z+d55peM=zHWBa5UYDoXm6ddLk89SaSNKg@mail.gmail.com>

Hi Daisuke,

On 16 July 2017 at 06:23, <daisuke.ajitomi@toshiba.co.jp> wrote:

> Great summary for the issue and solutions. It is very interesting to me.
>
> In my opinion, it is not just an offline issue and it includes a big
> privacy problem of whether globally accessible domain names can be issued
> to personal-use devices or not.
>
In your solution, getting DV certs and using HTTPS to the gateways, the
> users have to disclose their ip addresses and domain names globally and
> open ports to the global internet
>

I don't think that giving globally accessible domain names to consumer
devices is in itself a privacy problem. Many devices already have publicly
resolvable addresses, open ports or tunnel through firewalls, and most
users disclose their IP address every time they visit a website. What is
important is getting authentication, authorisation and encryption right so
that those devices can not be accessed by unauthorised users and data can
not be intercepted.

> even though there are alternative solutions (e.g. cloud-hosted web-based
> remote control service that is well-managed by service admins).
>

The danger with these cloud based services is that they risk centralisation
and lock-in for users and we've already seen examples of businesses
shutting down cloud services and bricking consumer devices as a result.
There is certainly a place for these managed services, but the architecture
of the Web of Things should not fundamentally depend on a central point of
control, it must be decentralised at least to the extent that the web is
today.

> In particular, considering industrial use cases, I don't know the approach
> can be acceptable or not.
>

Industrial use cases certainly have different characteristics to consumer
use cases.

>
> My colleagues and I have had a similar problem and launched a Community
> Group named "HTTPS in local network CG" this year.
>
> We have still just started discussions about use cases and requirements.
>
> I'd appreciate it if you check it out.
>
> https://www.w3.org/community/httpslocal/
>
> https://github.com/httpslocal/usecases (draft)
>
> https://httpslocal.github.io/cg-charter/ (draft)
>
>
>
> In addition, in the last TPAC, we held a breakout session for this topic.
>
> https://www.w3.org/wiki/TPAC2016/session-https-local-summary
>
>
>
> The following slide includes my early-stage idea as one of the potential
> solutions.
>
> https://www.w3.org/wiki/images/3/37/2016.w3c.breakout_
> session.dot-local-server-cert.p.pdf
>

This is all very interesting, thank you!

Ben

Received on Wednesday, 19 July 2017 12:00:31 UTC