Markdown Version | Session Recording

Session Date/Time: 18 Mar 2025 08:30

suit

Summary

The SUIT working group meeting at IETF 122 covered the status of several drafts, including firmware encryption, manifest, trust domains, report, MUD, MTI, and update management. Updates were provided on IESG review, RFC editor queue status, and recent changes. A discussion was held regarding CDDL inclusion in drafts and how to best facilitate review and implementation.

Key Discussion Points

• SUIT Firmware Encryption: Draft submitted to IESG publication and review. Discussions ongoing regarding comments from ORI. AES CBC text removed due to CTR being mandatory in the MTI document. Working group last call will be initiated after ORI comments are addressed.
• SUIT Manifest: Cleared discusses and submitted to RFC editor. Updates included CDDL fixes, implementation-defined fetch arguments, reference updates, device resilience considerations, conformance matrix relocation, and IANA changes. IANA actions need to be clarified.
• SUIT Trust Domains: Cleared discusses and on the telechat queue for April 14th. Minor updates included reclassification of references and clarifying text.
• SUIT Report: Deb is reviewing and will provide comments, after which the document can go to the IESG.
• SUIT MUD: Submitted to the RFC editor queue. Clarifications made regarding device certificates and pros/cons of using SUIT with MUD. IANA review is on hold due to recent updates.
• SUIT MTI: Updates in response to Deb's review. Clarified profile scope is constrained nodes. AESCTR usage explained. Payload encryption discussed in relation to cybersecurity defenses. Needs alignment with the Jose fully specified algorithms draft and a new draft will be created and shipped.
• SUIT Update Management: Updates in response to Thomas's review. References to co-rim removed and CDDL snippets cleaned up. Semver encoding made more explicit. Ready for public queue again.
• CDDL Inclusion in Drafts: Discussion regarding best practices for including CDDL in drafts, balancing readability for reviewers with ease of implementation (extracting CDDL). Consider using Martin Thompson's MD-based draft template or contributing to it.

Decisions and Action Items

• Hannes: Double-check ORI comments on SUIT Firmware Encryption draft and issue a new draft after addressing them.
• Chairs: Initiate a short working group last call for SUIT Firmware Encryption draft after the new version is published.
• Brendan: Clarify IANA actions for SUIT Manifest draft.
• Brendan: Respond to IANA regarding the update to the SUIT MUD draft and explain it was a non-technical change.
• Brendan: Update SUIT MTI draft to align with Jose fully specified algorithms draft and ship the updated draft.
• Brendan: Push SUIT Update Management to the public queue.
• Akira: Talk to Martin Thompson about integrating CDDL snippets in the MD-based draft template

Next Steps

• Address outstanding IANA actions for various drafts.
• Move drafts through the IESG and RFC editor queues.
• Continue development and review of SUIT Report draft.
• Continue the discussion on incorporating CDDL into drafts in the COSE or SEBOR working groups or with Martin Thompson.