Hi, I don't understand from the architecture discussion how a firmware consumer discovers the firmware server, especially in the unmanaged (no status tracker) case. It can't be preconfigured, in case the firmware server changes for some reason. Not unrelated: > Installing trust anchors to > devices via the Trust Provisioning Authority happens in an out-of- > band fashion prior to the firmware update process. What happens when the firmware originator goes out of business and somebody else takes over support, or for any other reason the trust anchors become obsolete? Regards Brian Carpenter On 25-Jul-20 10:30, The IESG wrote: > > The IESG has received a request from the Software Updates for Internet of > Things WG (suit) to consider the following document: - 'A Firmware Update > Architecture for Internet of Things' > <draft-ietf-suit-architecture-11.txt> as Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits final > comments on this action. Please send substantive comments to the > last-call@xxxxxxxx mailing lists by 2020-08-14. Exceptionally, comments may > be sent to iesg@xxxxxxxx instead. In either case, please retain the beginning > of the Subject line to allow automated sorting. > > Abstract > > > Vulnerabilities with Internet of Things (IoT) devices have raised the > need for a solid and secure firmware update mechanism that is also > suitable for constrained devices. Incorporating such update > mechanism to fix vulnerabilities, to update configuration settings as > well as adding new functionality is recommended by security experts. > > This document lists requirements and describes an architecture for a > firmware update mechanism suitable for IoT devices. The architecture > is agnostic to the transport of the firmware images and associated > meta-data. > > > > > The file can be obtained via > https://datatracker.ietf.org/doc/draft-ietf-suit-architecture/ > > > > No IPR declarations have been submitted directly on this I-D. > > > > > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf-announce > -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call