On 7 October 2015, the IAB provided comments to the FCC on their proposed Amendment of Parts 0, 1, 2, 15 and 18 of the Commission’s Rules regarding Authorization of Radiofrequency Equipment (FCC 15-92):

The Internet Architecture Board (IAB) welcomes the efforts of the FCC to 
simplify its procedures and to accelerate the verification processes 
associated with Radio Frequency devices. We note, however, that there 
may be additional clarification needed in one aspect of the proposed 
rule making. As set out in Paragraph 20 of Notice of July 21st, the 
document proposes that device manufacturers "incorporate software 
security features that permit only those parties that have been 
authorized by the manufacturer to make changes to the device's technical 
parameters." 

The IAB welcomes the focus on security, but notes that software security 
features of this type must be broad enough to permit device firmware 
updates by parties other than the manufacturer itself. This is necessary 
first because a manufacturer ceasing operation would otherwise leave all 
hardware orphaned from update, which itself poses significant potential 
security risks. It is also necessary because many radio frequency 
devices originally intended for one set of use cases have been adapted 
by the experimental and open source communities for new uses. Closing 
off this source of innovation and advancement is clearly counter to the 
interests promoted by the FCC. 

We encourage the FCC to amend this plan to require both software 
security features and a clearly defined program by which authorization 
for access to these update features can be granted; this program should 
be as simple as possible, so that open source communities, academia, and 
other experimental efforts may be sustained. 

Respectfully submitted, 
Andrew Sullivan (IAB Chair) 
for the IAB