< Changes
Pbrobinson (talk | contribs) m (→Current status) |
m (Add trackers) |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 5: | Line 5: | ||
== Owner == | == Owner == | ||
* Name: [[User:pbrobinson| Peter Robinson]] | * Name: [[User:pbrobinson| Peter Robinson]], [[User:runcom| Antonio Murdaca]] | ||
* Email: [mailto:pbrobinson@fedoraproject.org| pbrobinson@fedoraproject.org] | * Email: [mailto:pbrobinson@fedoraproject.org| pbrobinson@fedoraproject.org], [mailto:amurdaca@redhat.com| amurdaca@redhat.com] | ||
== Current status == | == Current status == | ||
[[Category: | [[Category:ChangeAcceptedF37]] | ||
<!-- When your change proposal page is completed and ready for review and announcement --> | <!-- When your change proposal page is completed and ready for review and announcement --> | ||
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | <!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | ||
| Line 23: | Line 17: | ||
[[Category:SelfContainedChange]] | [[Category:SelfContainedChange]] | ||
* Targeted release: [[Releases/37 | Fedora 37 ]] | * Targeted release: [[Releases/37 | Fedora Linux 37 ]] | ||
* Last updated: <!-- this is an automatic macro — you don't need to change this line --> {{REVISIONYEAR}}-{{REVISIONMONTH}}-{{REVISIONDAY2}} | * Last updated: <!-- this is an automatic macro — you don't need to change this line --> {{REVISIONYEAR}}-{{REVISIONMONTH}}-{{REVISIONDAY2}} | ||
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page | <!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page | ||
| Line 33: | Line 27: | ||
CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development | CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development | ||
--> | --> | ||
* devel thread | * [devel thread https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/YPVHGXOPW4HTKB7UCKG27MRSOSTDLGZB/] | ||
* FESCo issue: | * FESCo issue: [https://pagure.io/fesco/issue/2777 #2777] | ||
* Tracker bug: | * Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=2075529 #2075529] | ||
* Release Notes tracker: | * Release Notes tracker: [https://pagure.io/fedora-docs/release-notes/issue/818 #818] | ||
== Detailed Description == | == Detailed Description == | ||
| Line 48: | Line 42: | ||
== Scope == | == Scope == | ||
* Proposal owners: | * Proposal owners: | ||
** Package the rust implementation of the FIDO device onboarding stack including client, rendezvous service, owner onboarding service and prototype manufacturing service. | ** Package the [https://github.com/fedora-iot/fido-device-onboard-rs rust implementation of the FIDO device onboarding stack] including client, rendezvous service, owner onboarding service and prototype manufacturing service. | ||
** Enable the client service by default for IoT Edition | ** Enable the client service by default for IoT Edition | ||
** Add the client service to the IoT Edition deliverables | ** Add the client service to the IoT Edition deliverables | ||
Latest revision as of 13:00, 14 April 2022
Support FIDO Device Onboarding
Summary
Package and enable the FIDO Device Onboarding software stack for Zero Touch Onboarding on Fedora IoT.
Owner
Current status
- Targeted release: Fedora Linux 37
- Last updated: 2022-04-14
- [devel thread https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/YPVHGXOPW4HTKB7UCKG27MRSOSTDLGZB/]
- FESCo issue: #2777
- Tracker bug: #2075529
- Release Notes tracker: #818
Detailed Description
The ability for an IoT or Edge device to be plugged in and automatically onboard itself with zero user interaction is critical to be able to scale IoT/Edge to millions of devices. To do this in a secure way with open standards across the industry is even more critical. The FIDO IoT working group has worked with leaders in the silicon industry such as Intel and Arm to produce the FIDO Device onboarding spec which allows a device credential, a root and chain of trust to ensure the secure onboarding of a device without the need of stored credentials.
Benefit to Fedora
The benefit to Fedora is to allow the IoT Edition to demonstrate the use of leading edge open industry protocols for onboarding IoT and Edge devices.
Scope
- Proposal owners:
- Package the rust implementation of the FIDO device onboarding stack including client, rendezvous service, owner onboarding service and prototype manufacturing service.
- Enable the client service by default for IoT Edition
- Add the client service to the IoT Edition deliverables
- Other developers:
- No impact
- Release engineering: #10720
- List of deliverables: N/A (not a System Wide Change)
- Policies and guidelines: N/A (not a System Wide Change)
- Trademark approval: N/A (not needed for this Change)
Upgrade/compatibility impact
There is no upgrade impact. FIDO FDO is a single use onboarding protocol and will not impact existing IoT user systems.
How To Test
- Test with FDO all-in-one services. Documentation will be available for testing.
User Experience
No impact to non IoT Edition users.
The user experience for the IoT Edition is still evolving and this will be updated as things fall into place later in Spring and early Summer 2022.
Dependencies
N/A (not a System Wide Change)
Contingency Plan
- Contingency mechanism: Not shipping FDO as a package in Fedora or including it in the IoT Edition
- Contingency deadline: GA
- Blocks release? No.
- Blocks product? No.
Documentation
N/A (not a System Wide Change)
Release Notes
Fedora IoT Edition supports the FIDO Device Onboarding 1.1 specification for zero touch onboarding of IoT and Edge devices.