For me to promote RIOT with CoAP on 6LoWPAN or IPSP as a full IoT solution that you can start using from your first maker projects and still get production quality IoT (and I don’t think one should go for less), I think that RIOT will need to incorporate a few more technologies, or make them usable out of the box.
I don’t know all the stepping stones on the road, and the requirements are in flux too, but in the “endeavours” category, that shouldn’t stop things.
Several components here involve trust anchors. When building the first networked hello world (and yes, I firmly believe that a networked hello world should already have all security in place), and out of the box, that can be keys managed in the local RIOT tree (as SUIT does now); going from hello world to production, these may move further out to other trusted infrastructure.
Right now, components are:
Roll-out: Right now the best we have on link layer encryption is preshared K1 and K2 material of RFC8180, IIUC.
That’s kind of almost OK-ish security-wise (I’m not placing any elevated trust in L2 security, it’s more a “don’t be an open access point unintentionally” kind of thing), but has a terrible firmware upgrade story (roll out new K1/K2 material to everyone, then update the 6LBR?).
A better way to do it is presented in RFC9031, with pairwise keys between the network JRC (registrar) and the node. (I have some hopes for an EDHOC version of that, but right now nothing on the radar as EDHOC isn’t ready either; BRSKI is yet another variant).
As long as we offer a RIOT-based 6LBR, I think that should be able to host the JRC as well.
When the 6lowpan to join (or a set thereof) is known at build time and hard-coded, pairwise keys would be generated at the build machine, and either distributed live to the JRCs, or installed there with the next firmware upgrade.
Firmware upgrades: We have SUIT and riotboot, that should largely be enough.
(I personally don’t care so much about the local verifiability mcuboot & co give, because usually whoever can alter the firmware can also alter the bootloader; game changes when remote attestation comes into play).
I think that we should migrate default setups towards being remote updatable. As long as users just do hello-world, it doesn’t (if it does: shouldn’t) hurt to have riotboot in place – but as soon as networking is established, plugging in for upgrades should be optional, and the tutorial experience should reflect that.
Communication authentication and encryption: DTLS is in-tree now; OSCORE unfortunately not due to the complexity of multi-transport CoAP.
Using one of these should become transparent and default when using RIOT, and resources that are not explicitly public services should be locked down for unauthorized access (see next).
Authorization model: Any exposed resource, especially those in the examples, should check for authentication.
A trust relation with the flashing device can be established out of the box. Setting up any more can involve:
ACE, delegating decisions to an authorization server (AS). That AS can easily be unconstrained, and even be part of the build infrastructure.
EDHOC, which can use certificates (X.509 or CWT) down to a trust root.
DTLS X.509 (or CWT, if that ever got followed up on) certificates
The infrastructure in RIOT or the CoAP libraries should make it straightforward to set up trust relations between servers and clients.
Did I miss any?
(Many technologies mentioned here may also pop up in my summit talk, which is certainly no coincidence)