[clue] Stephen Farrell's Discuss on draft-ietf-clue-data-model-schema-15: (with DISCUSS and COMMENT)
"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 01 June 2016 19:32 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: clue@ietf.org
Delivered-To: clue@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5082012D5F4; Wed, 1 Jun 2016 12:32:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.21.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160601193224.16192.23638.idtracker@ietfa.amsl.com>
Date: Wed, 01 Jun 2016 12:32:24 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/clue/zp0MYJjEXVmuymNNwls480RYaQI>
Cc: clue-chairs@ietf.org, clue@ietf.org, draft-ietf-clue-data-model-schema@ietf.org
Subject: [clue] Stephen Farrell's Discuss on draft-ietf-clue-data-model-schema-15: (with DISCUSS and COMMENT)
X-BeenThere: clue@ietf.org
X-Mailman-Version: 2.1.17
List-Id: CLUE - ControLling mUltiple streams for TElepresence <clue.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/clue>, <mailto:clue-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/clue/>
List-Post: <mailto:clue@ietf.org>
List-Help: <mailto:clue-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/clue>, <mailto:clue-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2016 19:32:24 -0000
Stephen Farrell has entered the following ballot position for draft-ietf-clue-data-model-schema-15: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-clue-data-model-schema/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- There may be no change needed here, but I want to check. This draft defines no security mechanisms and doens't say how to interoperably use any security mechanisms. For example, I don't understand how one might (interoperably) do RBAC or other "advanced" security mechanisms that are promised in other CLUE documents. [1] Even worse, I don't get how one could e.g. use XMLENC to encrypt parts of the schema here, as that'd (I think) almost certainty have to have been considered in the design of this schema, but there's no evidence of that. That seems to end up meaning that the only security mechanisms that one can use with CLUE and for which one can currently achieve interop are transport security mechanisms. That all seems to conflict with text in the security consideration of the CLUE protocol draft. So my question to discuss is: other than transport security, what interoperable security mechanisms are expected to be defined in CLUE, and where might I find descriptions of those? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- - section 25 says: "Indeed, authenticated access is strongly advisable, especially if you convey information about individuals (<personalInfo>)..." I don't get the logic there - it seems incorrect actually. Personal data usually implies a need for confidentiality and not authenticated access - what was meant here? Are you using the term authenticated access to mean more that it does? (to this reader:-)
- [clue] Stephen Farrell's Discuss on draft-ietf-cl… Stephen Farrell
- Re: [clue] Stephen Farrell's Discuss on draft-iet… kathleen.moriarty.ietf
- Re: [clue] Stephen Farrell's Discuss on draft-iet… Alissa Cooper
- Re: [clue] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [clue] Stephen Farrell's Discuss on draft-iet… Simon Pietro Romano