Re: [93attendees] Network experiment during the meeting

"DRAGE, Keith (Keith)" <> Wed, 15 July 2015 12:08 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id AA9DA1A8A23 for <>; Wed, 15 Jul 2015 05:08:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.709
X-Spam-Status: No, score=-5.709 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_12=0.6, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8KDw-P6MKdtf for <>; Wed, 15 Jul 2015 05:08:52 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A2C971A8A47 for <>; Wed, 15 Jul 2015 05:07:47 -0700 (PDT)
Received: from (unknown []) by Websense Email Security Gateway with ESMTPS id 313E251642B60; Wed, 15 Jul 2015 12:07:44 +0000 (GMT)
Received: from ( []) by (GMO) with ESMTP id t6FC7icf015873 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 15 Jul 2015 14:07:45 +0200
Received: from ([]) by ([]) with mapi id 14.03.0195.001; Wed, 15 Jul 2015 14:07:44 +0200
From: "DRAGE, Keith (Keith)" <>
To: "Eric Vyncke (evyncke)" <>, "" <>
Thread-Topic: [93attendees] Network experiment during the meeting
Date: Wed, 15 Jul 2015 12:07:44 +0000
Message-ID: <>
References: <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_949EF20990823C4C85C18D59AA11AD8B697415D7FR712WXCHMBA11z_"
MIME-Version: 1.0
Archived-At: <>
Cc: Rolf Winter <>
Subject: Re: [93attendees] Network experiment during the meeting
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list of IETF 93 attendees that have opted in on this list. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 15 Jul 2015 12:08:57 -0000

I think you will find the fact that anyone can collect the data is irrelevant.

And neither is it directly a security or privacy issue.

It is the responsibility of the organisation or person doing the data collection to ensure they comply with the requirements of data protection. These include the right of individuals affected to ensure the data collected is accurate, and also that it is not transferred outside the EU to a regime that does not have equivalent safeguards.

If this was a UK environment, that could also require registration with the data registrar, unless exemptions apply. No idea what the Czech implementation of the relevant directive is.

But fundamentally, is any of the information you are collecting, before or after subsequent processing, something that could be regarded as personal data? If the answer is no, then data protection will not apply; if the answer is yes, then just telling people you are doing it is certainly not a sufficient assessment of your responsibilities.

I assume by the way that the IETF secretariat has done a similar assessment of its responsibilities for any personal data it collects while it is in the EU?



From: 93attendees [] On Behalf Of Eric Vyncke (evyncke)
Sent: 15 July 2015 10:14
Cc: Rolf Winter
Subject: Re: [93attendees] Network experiment during the meeting
Importance: Low

Like Toerless, I find interesting this discussion when we all know that WiFi (unless WPA is used) is 'broadcasted' everywhere.

During some previous IETF meetings, I used for one hour or two to collect aggregated statistics on IPv6 NDP & other multicast packets. Obviously, anybody could do it as the WiFi AP are configured in such a way that mcast packets are forwarded


From: 93attendees <<>> on behalf of Chris Elliott <<>>
Reply-To: "<>" <<>>
Date: mardi 14 juillet 2015 18:32
To: Ray Pelletier <<>>
Cc: joel jaeggli <<>>, "<>" <<>>, Rolf Winter <<>>, "<>" <<>>
Subject: Re: [93attendees] Network experiment during the meeting

On Tuesday, July 14, 2015, Ray Pelletier <<>> wrote:
I asked Jim and Joel this but no response as yet. Maybe you have an opinion

This appears to be a benign experiment, but would it impact operations, or in your opinion, intrude on privacy?

I do not expect it to impact operations, and, as the device collecting data will be in the NOC, we can easily disable it should there be any concerns.

Both Jari and I have discussed privacy concerns with Rolf and, at the level of information I have, I believe Rolf will be protecting our attendees privacy.

That said, I'm not a security guy and a full analysis of the security implications would probably need to be done by a security guru.

However, note, with or without our permission, any attendee can collect the same information Rolf is collecting.



On Jul 14, 2015, at 11:25 AM, Chris Elliott <<javascript:_e(%7B%7D,'cvml','');>> wrote:

On Tue, Jul 14, 2015 at 11:13 AM, joel jaeggli <<javascript:_e(%7B%7D,'cvml','');>> wrote:
Hash: SHA1

Typically experiments involving the production network run past the
network staff and the IAD/IAOC or IETF chair.


Rolf contacted me a while ago and I had him contact Jari for approval of this "experiment". Jari has approved it.

The device will sit in the NOC where we can easily disable it if there's an issue.

I haven't seen this float by so I don't know if it has or not but if
you haven't, I'd suggest doing that.

 Rolf's done his job. I got distracted by traveling and trying to get the network working to forward this to the NOC list. I'll do that asap.



On 7/13/15 1:13 PM, Rolf Winter wrote:
> Hello everyone,
> during the meeting we plan to conduct an experiment on the IETF
> wireless network. We will record the broadcast traffic sent over
> the network with the goal of analyzing current applications' use of
> IP broadcasts. We have conducted this experiment previously on
> another large wireless campus network with interesting results and
> will repeat the experiment on the IETF wireless network as a second
> data point. We collect the data and aggregate it to statistics
> which will not reveal data about individual users of the network
> and once that is done, we will delete all packet traces we
> collected. More information on the experiment can be found here:
>  If you have questions regarding the experiment, please drop me an
> Email.
> See you in Prague,
> Rolf
> _______________________________________________ 93attendees mailing
> list<javascript:_e(%7B%7D,'cvml','');>

Version: GnuPG/MacGPG2 v2
Comment: GPGTools -


93attendees mailing list<javascript:_e(%7B%7D,'cvml','');>

Chris Elliott<javascript:_e(%7B%7D,'cvml','');>

"What the f*ck is a sesame? It's a's a way to open sh*t!" --Mitch Hedberg
93attendees mailing list<javascript:_e(%7B%7D,'cvml','');>

Chris Elliott
CCIE # 2013

"You and I are mirages that perceive themselves"
--Douglas Hofstadter