Open mmccool opened 3 years ago
There is still some ongoing discussion based on feedback at TPAC. We probably should leave this open until the lifecycle is finalized and we have a chance to do a final security review. The PR above, however, has been merged.
@OliverPfaff has agreed to review the current status and provide input on whether any additional updates are needed from a security perspective.
abc
Review comments for https://w3c.github.io/wot-architecture/#lifecycle
Organization: in a *-of-things document, start with Thing Lifecycle (reflecting the given starting point), then System Lifecycle (saying there is more than a/one thing that matters), then Information Lifecycle (to contrast against IT)
Terminology: using "thing" and "device" as synonym terms (?) is unfortunate. Suggestion: use "thing", do not use "device" (the current usage of "device" creates confusion for people with an OT background)
Thing lifecycle stage "Bootstrapped": the current text focusses on "establishing identity and ownership". This is just a small minority of what has to happen after "Manufactured" and before "Operational" (supply network address esp. IP address, supply naming information esp. application naming, supply configuration information [independent from security items])
Ownership: is addressed in text but not covered in Figure (and the text section about state changes). This seems to be not well-balanced
Multiplicity of identifier(s): in general the relationship between "thing" and "identifier" is 1:n (one thing typically has 1 MAC address, 1 IP address and 1 application name per application resulting in n+2 identifiers if it runs n applications). The term "identity" can cope with this. But it still creates misconceptions: it is not uncommon to read/comprehend "1 identity" as "1 identifier"
System: consider to differentiate instances of "system" according "machine" (a "system" with a dedicated physical body such as an industrial robot) and others (a "system" without such body e.g. a home or office automation system)
Simple System Lifecycle: I don't really understand the rationale behind this differentiation
System Lifecycle with Registration: same comment as for Simple System Lifecycle
Notes from security meeting Nov 30:
We still have a lifecycle in the S&P Guidelines but perhaps it should be removed and just reference the lifecycle in Arch 1.1.
See PR https://github.com/w3c/wot-architecture/pull/539 when it is complete. This better aligns the lifecycle with the IETF/T2TRG document and modifies the diagram, pulling out detail into the main body text.