IETF Logo Mail Archive

[clue] Stephen Farrell's Discuss on draft-ietf-clue-data-model-schema-15: (with DISCUSS and COMMENT)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 01 June 2016 19:32 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: clue@ietf.org
Delivered-To: clue@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5082012D5F4; Wed, 1 Jun 2016 12:32:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.21.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160601193224.16192.23638.idtracker@ietfa.amsl.com>
Date: Wed, 01 Jun 2016 12:32:24 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/clue/zp0MYJjEXVmuymNNwls480RYaQI>
Cc: clue-chairs@ietf.org, clue@ietf.org, draft-ietf-clue-data-model-schema@ietf.org
Subject: [clue] Stephen Farrell's Discuss on draft-ietf-clue-data-model-schema-15: (with DISCUSS and COMMENT)
X-BeenThere: clue@ietf.org
X-Mailman-Version: 2.1.17
List-Id: CLUE - ControLling mUltiple streams for TElepresence <clue.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/clue>, <mailto:clue-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/clue/>
List-Post: <mailto:clue@ietf.org>
List-Help: <mailto:clue-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/clue>, <mailto:clue-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2016 19:32:24 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-clue-data-model-schema-15: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-clue-data-model-schema/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------


There may be no change needed here, but I want to check.
This draft defines no security mechanisms and doens't say
how to interoperably use any security mechanisms. For
example, I don't understand how one might (interoperably)
do RBAC or other "advanced" security mechanisms that are
promised in other CLUE documents. [1] Even worse, I don't
get how one could e.g. use XMLENC to encrypt parts of the
schema here, as that'd (I think) almost certainty have to
have been considered in the design of this schema, but
there's no evidence of that. That seems to end up meaning
that the only security mechanisms that one can use with
CLUE and for which one can currently achieve interop are
transport security mechanisms. That all seems to conflict
with text in the security consideration of the CLUE
protocol draft. So my question to discuss is: other than
transport security, what interoperable security
mechanisms are expected to be defined in CLUE, and where
might I find descriptions of those?


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


- section 25 says: "Indeed, authenticated access is
strongly advisable, especially if you convey information
about individuals (<personalInfo>)..." I don't get the
logic there - it seems incorrect actually. Personal data
usually implies  a need for confidentiality and not
authenticated access - what was meant here? Are you using
the term authenticated access to mean more that it does?
(to this reader:-)

v2.23.0 | Report a Bug | By Email