Re: [Captive-portals] Robert Wilton's No Objection on draft-ietf-capport-api-07: (with COMMENT)
Tommy Pauly <tpauly@apple.com> Mon, 22 June 2020 16:25 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D48333A0F94; Mon, 22 Jun 2020 09:25:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J2AQgxC-GVhp; Mon, 22 Jun 2020 09:25:33 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp03.apple.com (ma1-aaemail-dr-lapp03.apple.com [17.171.2.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E52473A0F93; Mon, 22 Jun 2020 09:25:32 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp03.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp03.apple.com (8.16.0.42/8.16.0.42) with SMTP id 05MGL6ps030508; Mon, 22 Jun 2020 09:25:31 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=iInhy4JaOcioWf3kK1EMSXVzo9KC9HUJm6jALvK4WVk=; b=hPubiCRL5TP2rGNrOqE9KF4bm7ucm9NK/dTrhHbO1tXuxQEx3+F1vp96qX8NsqjeHBYz ATM5T0wum/OhBtgQnwrvVf7VSfJSLBjBiMmUoChTL7SfTQxn3UxGOMthsHoxdAcAHJyG Ali7/enkJicAyBSSRaQ54R96wTFEgBL7DqPWLFTK9zzF/ey6+wu1RVJPhOq4OJiLaIFT 7ZIPuhsv+zO3Pw0iK3HFr3SzwFHp/ygVd3Q0+EG1pxxWCt7oQSAOan8ZnIwiQUQR+Z5V hO1M7yYQM1276rL8gV01/M2ZxpoMZYFwsoTlmJJaCp0Lb6gWewWi65Jg60yAhlckkh+C EQ==
Received: from rn-mailsvcp-mta-lapp02.rno.apple.com (rn-mailsvcp-mta-lapp02.rno.apple.com [10.225.203.150]) by ma1-aaemail-dr-lapp03.apple.com with ESMTP id 31sheusefs-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 22 Jun 2020 09:25:31 -0700
Received: from rn-mailsvcp-mmp-lapp04.rno.apple.com (rn-mailsvcp-mmp-lapp04.rno.apple.com [17.179.253.17]) by rn-mailsvcp-mta-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPS id <0QCC00JGL5MJEV30@rn-mailsvcp-mta-lapp02.rno.apple.com>; Mon, 22 Jun 2020 09:25:31 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp04.rno.apple.com by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) id <0QCC00Y005LC1X00@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Mon, 22 Jun 2020 09:25:31 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 20425c60f75be713db56485d3bf99a1d
X-Va-E-CD: 219752bae0217f8d438ddf38cdf57907
X-Va-R-CD: 7abd77e9382b46122c53d303029104be
X-Va-CD: 0
X-Va-ID: 5b2e8bef-97a4-46a3-94d5-ae657f428af4
X-V-A:
X-V-T-CD: 20425c60f75be713db56485d3bf99a1d
X-V-E-CD: 219752bae0217f8d438ddf38cdf57907
X-V-R-CD: 7abd77e9382b46122c53d303029104be
X-V-CD: 0
X-V-ID: ed1a8953-ebef-49e3-b6bb-b084c07b70e2
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-22_09:2020-06-22, 2020-06-22 signatures=0
Received: from [17.235.54.19] (unknown [17.235.54.19]) by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPSA id <0QCC00W3V5MC8000@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Mon, 22 Jun 2020 09:25:25 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <3B8A4194-7F0C-404B-AED3-CB4A7E371F5E@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_C3DC1FB0-31AD-4A94-9EE3-F523198B3B66"
MIME-version: 1.0 (Mac OS X Mail 13.4 \(3608.80.7.2.3\))
Date: Mon, 22 Jun 2020 09:25:24 -0700
In-reply-to: <MN2PR11MB436632CA83692B16C923938AB5970@MN2PR11MB4366.namprd11.prod.outlook.com>
Cc: "capport-chairs@ietf.org" <capport-chairs@ietf.org>, "captive-portals@ietf.org" <captive-portals@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-capport-api@ietf.org" <draft-ietf-capport-api@ietf.org>, Martin Thomson <mt@lowentropy.net>
To: "Rob Wilton (rwilton)" <rwilton=40cisco.com@dmarc.ietf.org>
References: <159187426163.11035.11823958603457067416@ietfa.amsl.com> <F01F66DF-E679-47ED-BCBF-75CD9DC5C470@apple.com> <MN2PR11MB436632CA83692B16C923938AB5970@MN2PR11MB4366.namprd11.prod.outlook.com>
X-Mailer: Apple Mail (2.3608.80.7.2.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-22_09:2020-06-22, 2020-06-22 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/ivmRFYfbNkuk65z0oaIjnjFh9nE>
Subject: Re: [Captive-portals] Robert Wilton's No Objection on draft-ietf-capport-api-07: (with COMMENT)
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2020 16:25:35 -0000
Hi Rob, Thanks for the example text for user consent, etc. I believe that at this point in how the CAPPORT API will be used, the main way that personal information is transmitted is in the web portal. The privacy text in -08 was updated from the -07 version to not imply that it is the API JSON itself: "Information passed between a client and the user-facing web portal may include a user's personal information…” My interpretation of requirements like GDPR is that they’d be then applying to what shows on the web portal that the API server points to, at which point the consent and terms can and should be shown in a normal web page flow. However, for future extensions to the CAPPORT API that could allow captive portal interaction without a webpage, but done more “automatically”, I do think this kind of text will be necessary. So, I think for now, we leave this for future updates? Best, Tommy > On Jun 22, 2020, at 9:18 AM, Rob Wilton (rwilton) <rwilton=40cisco.com@dmarc.ietf.org> wrote: > > Hi Tommy, > > Just one (belated) comment at the end ... > >>> >>> 7.1. Privacy Considerations >>> >>> Possibly worth adding a comment about the necessity to keep personal >>> information secure. In addition, should there be any comments about >> GDPR like >>> constraints (if they apply)? >> >> This section has also be reworded slightly to make this more clear. I’m >> not sure if there’s anything we can state for GDPR or similar constraints >> here. I think that would mainly apply to what is shown in the user portal, >> not the API interaction. > [RW] > > FWIW, I saw this text in another document that I'm reviewing now, and is was something along these lines that I was originally thinking of when I posted the original comment: > > When sharing personally identifiable information or information that > is otherwise considered confidential to affected users, SET > Transmitters and Recipients MUST have the appropriate legal > agreements and user consent or terms of service in place. > Furthermore, data that needs confidentiality protection MUST be > encrypted, at least with TLS and sometimes also using JSON Web > Encryption (JWE) [RFC7516]. > > In some cases, subject identifiers themselves may be considered > sensitive information, such that their inclusion within a SET may be > considered a violation of privacy. SET Issuers should consider the > ramifications of sharing a particular subject identifier with a SET > Recipient (e.g., whether doing so could enable correlation and/or de- > anonymization of data) and choose appropriate subject identifiers for > their use cases. > > I.e. if user identifiable information is being carried over the CAPPORT API, then IANAL, etc, but I think that GDPR would require that the user had given consent in some way before any personally identifiable information is transmitted. > > I'll leave it to you to decide if that is a valid consideration for the privacy section. > > Regards, > Rob > > >> >> Best, >> Tommy >>> >>> Thanks, >>> Rob >>> >>> >>> > > _______________________________________________ > Captive-portals mailing list > Captive-portals@ietf.org <mailto:Captive-portals@ietf.org> > https://www.ietf.org/mailman/listinfo/captive-portals <https://www.ietf.org/mailman/listinfo/captive-portals>
- [Captive-portals] Robert Wilton's No Objection on… Robert Wilton via Datatracker
- Re: [Captive-portals] Robert Wilton's No Objectio… Tommy Pauly
- Re: [Captive-portals] Robert Wilton's No Objectio… Rob Wilton (rwilton)
- Re: [Captive-portals] Robert Wilton's No Objectio… Tommy Pauly
- Re: [Captive-portals] Robert Wilton's No Objectio… Rob Wilton (rwilton)