All, I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page. http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx Happy holidays. Sal Salvatore D'Agostino, CSCIP IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines +1 617.201.4809 ph | +1 617.812.6495 fax
Thanks Sal, very helpful presentation.
Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm
flexibility, please!
Best,
Scott
On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino
All,
I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.
http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx
Happy holidays.
Sal
Salvatore D'Agostino, CSCIP
IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA
http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines
+1 617.201.4809 ph | +1 617.812.6495 fax
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793
Reality of what's out there not what it should be.
From: Scott Shorter [mailto:sshorter@electrosoft-inc.com]
Sent: Tuesday, December 17, 2013 2:07 PM
To: Salvatore D'Agostino
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] snmp for security devices
Thanks Sal, very helpful presentation.
Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm
flexibility, please!
Best,
Scott
On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino
Hi all, Unfortunatly I won't be able to attend our Fridays call. If someone is willing to facilitate the call I can give him the Moderator Code. Thank you in advance! Best Ingo
Am 06.03.2014 um 02:38 schrieb Colin Wallis
: http://www.im2mc.org/files/Press%20Releases/IMC-MWC%20Release.pdf
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
Folks
I think I am able to share this because it has not yet received a project number from ISO (i.e.not yet voted as a project accepted by National Bodies).
Enjoy.. :-)
Comments welcome.
Cheers
Colin
From: sal@idmachines.com
To: sshorter@electrosoft-inc.com
Date: Tue, 17 Dec 2013 15:52:15 -0500
CC: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] snmp for security devices
Reality of what’s out there not what it should be.
From: Scott Shorter [mailto:sshorter@electrosoft-inc.com]
Sent: Tuesday, December 17, 2013 2:07 PM
To: Salvatore D'Agostino
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] snmp for security devices
Thanks Sal, very helpful presentation.
Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please!
Best,
Scott
On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino
Colin,
Thank you for forwarding this document.
To my mind, the proposed model is far too complex and seeks to combine
logical, physical and market models that are better segregated into
separate layers.
In the proposed ISO model, the domain "IoT Systems" appears to be a
superset of components such as "Sensors" and "Things'Objects". How can the
system and its components be equal domains in an architecture? Similarly,
"Markets" appears to be a superset of components "Service Providers" and
"Customers."
I believe that the proposed model is ill-conceived and lacks much input
from diverse sources.
I think that the model that our DG has been working on is more likely to
provide a useful reference architecture -- though we have focused primarily
on the logical layer.
If ISO does go forward with this proposal, how do we keep them from
accepting this mish-mash?
Jeff
On Sun, Mar 9, 2014 at 11:35 PM, Colin Wallis
Folks I think I am able to share this because it has not yet received a project number from ISO (i.e.not yet voted as a project accepted by National Bodies). Enjoy.. :-) Comments welcome. Cheers Colin
------------------------------ From: sal@idmachines.com To: sshorter@electrosoft-inc.com Date: Tue, 17 Dec 2013 15:52:15 -0500 CC: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] snmp for security devices
Reality of what's out there not what it should be.
*From:* Scott Shorter [mailto:sshorter@electrosoft-inc.com] *Sent:* Tuesday, December 17, 2013 2:07 PM *To:* Salvatore D'Agostino *Cc:* dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] snmp for security devices
Thanks Sal, very helpful presentation.
Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please!
Best,
Scott
On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino
wrote: All,
I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.
http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx
Happy holidays.
Sal
Salvatore D'Agostino, CSCIP
IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA
http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines
+1 617.201.4809 ph | +1 617.812.6495 fax
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc.
sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
-- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 Truth never triumphs -- its opponents just die out. Science advances one funeral at a time. Max Planck
Thanks Jeff
Useful insights.
<
Hi all,
I'm resurrecting this old thread to share a happy update. I just learned
about RFC 3414 http://www.ietf.org/rfc/rfc3414.txt and RFC
3826http://www.ietf.org/rfc/rfc3826.txtwhich add support for SHA-1
and AES to SNMPv3.
-
Scott
On Tue, Dec 17, 2013 at 3:52 PM, Salvatore D'Agostino
Reality of what’s out there not what it should be.
*From:* Scott Shorter [mailto:sshorter@electrosoft-inc.com] *Sent:* Tuesday, December 17, 2013 2:07 PM *To:* Salvatore D'Agostino *Cc:* dg-idot@kantarainitiative.org *Subject:* Re: [DG-IDoT] snmp for security devices
Thanks Sal, very helpful presentation.
Slide 9 makes me sad, though. MD5 and DES should be extinct. Algorithm flexibility, please!
Best,
Scott
On Tue, Dec 17, 2013 at 1:01 PM, Salvatore D'Agostino
wrote: All,
I think I may have already sent this to the list. It is what I talked to on the call. There is a presentation with further background on the page.
http://www.siaonline.org/Pages/Standards/SNMP-Subcommittee.aspx
Happy holidays.
Sal
Salvatore D'Agostino, CSCIP
IDmachines LLC |1264 Beacon Street, #5 | Brookline, MA 02446 | USA
http:\\www.idmachines.com http://www.idmachines.com/ | http:\\idmachines.blogspot.com http://idmachines.blogspot.com/ | @idmachines
+1 617.201.4809 ph | +1 617.812.6495 fax
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot
-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc.
sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793
-- Scott Shorter, Principal Security Engineer, Electrosoft Services Inc. sshorter@electrosoft-inc.com O: 703-437-9451 x21 M: 240-994-7793
Scott,
Yes this has been around for a while. It certainly matters how people use SNMP. Like most things done badly a number of attacks afford. See recent open redirects on Connect. Implementations matter. We are continuing the work referenced below with SNMP around physical security system networked devices.
Regards,
Sal
From: Scott Shorter [mailto:sshorter@electrosoft-inc.com]
Sent: Tuesday, May 20, 2014 9:59 AM
To: Salvatore D'Agostino
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] snmp for security devices
Hi all,
I'm resurrecting this old thread to share a happy update. I just learned about RFC 3414 http://www.ietf.org/rfc/rfc3414.txt and RFC 3826 http://www.ietf.org/rfc/rfc3826.txt which add support for SHA-1 and AES to SNMPv3.
-
Scott
On Tue, Dec 17, 2013 at 3:52 PM, Salvatore D'Agostino
participants (5)
-
Colin Wallis
-
Ingo Friese
-
j stollman
-
Salvatore D'Agostino
-
Scott Shorter