I think we need to bear in mind that the MUD files constitute recommendations for how a device should be treated and what policies/security should be applied to it by a network. This draft, in itself, cannot allow a manufacturer to actually proscribe anything. Today, the only way to achieve what you note below, AFAIK, is for the device to have a software update of some kind applied to it. Also, we could also argue that a manufacturer-published MUD file actually has the potential to increase transparency as it should explicitly define the traffic flows required for "proper operations". Cheers, Einar > On Aug 31, 2017, at 03:02, Dale R. Worley <worley@xxxxxxxxxxx> wrote: > > This draft raises some fascinating questions. One is "How do we ensure > that the manufacturer cannot proscribe the uses of a device that it is > capable of and that its purchaser desires?" Another is "How do we > ensure that the manufacturer cannot reduce the permitted uses of the > device after its purchase?" > > Dale > > _______________________________________________ > OPSAWG mailing list > OPSAWG@xxxxxxxx > https://www.ietf.org/mailman/listinfo/opsawg