Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy-01 - Respond by Sept. 22, 2015
Marcin Siodelski <msiodelski@gmail.com> Tue, 22 September 2015 17:38 UTC
Return-Path: <msiodelski@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5431B2C5C for <dhcwg@ietfa.amsl.com>; Tue, 22 Sep 2015 10:38:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yj__iiFUvMny for <dhcwg@ietfa.amsl.com>; Tue, 22 Sep 2015 10:38:34 -0700 (PDT)
Received: from mail-la0-x22b.google.com (mail-la0-x22b.google.com [IPv6:2a00:1450:4010:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 553341B2C5F for <dhcwg@ietf.org>; Tue, 22 Sep 2015 10:38:34 -0700 (PDT)
Received: by lanb10 with SMTP id b10so21180998lan.3 for <dhcwg@ietf.org>; Tue, 22 Sep 2015 10:38:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=gpgEYYJm2dfYEls80OU6OCEGfkNmNpPBo4V7sSudXP4=; b=g/NwXX6P4vJgVIpegOQ/yWYEKVht3ZuBvwJEQ94IXUcxQ82LrSsbPOpLm4ePoLDSFn tW9kD5mglXmrYHuQXFRs0FDtp1hRJdtbKEPYRrtONBDPji8vXYUU1+fAvI8LOtNRnDdP 4PjICFOPPJXQBn+z2hJA8Qw3KnLpSLDj+tnnUalKYPo9ZaHuOYuE5JNylnwP9PSrmwEO +byMUGBq30Fw5uvqrGnxXu69DkVQMX+scrJWPNB5tt7zRZJeUG0DSBmayWdmwMTM8BCJ NJtQOt+MErRRkAMF/qdl7s5ecbVF3aQHy48P4BSPRADQEK5rhtOxmDi+RY6a1RLbd+Fl LS1w==
X-Received: by 10.112.62.232 with SMTP id b8mr10038479lbs.27.1442943512282; Tue, 22 Sep 2015 10:38:32 -0700 (PDT)
Received: from MacBook-Pro-Marcin.local (89-79-26-47.dynamic.chello.pl. [89.79.26.47]) by smtp.googlemail.com with ESMTPSA id oz1sm4423343lbb.26.2015.09.22.10.38.31 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Sep 2015 10:38:31 -0700 (PDT)
To: "Bernie Volz (volz)" <volz@cisco.com>, "dhcwg@ietf.org" <dhcwg@ietf.org>
References: <489D13FBFA9B3E41812EA89F188F018E1CC66123@xmb-rcd-x04.cisco.com>
From: Marcin Siodelski <msiodelski@gmail.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <56019216.1080600@gmail.com>
Date: Tue, 22 Sep 2015 19:38:30 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <489D13FBFA9B3E41812EA89F188F018E1CC66123@xmb-rcd-x04.cisco.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/HHz1A-803N9F22FtOMN1Fza99rE>
Subject: Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy-01 - Respond by Sept. 22, 2015
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2015 17:38:38 -0000
I have read this document and I support advancing it. However, I found a bunch of typos, which I am not listing here because it will be more efficient if authors just run the spell check and easily locate them themselves. There are also some typos which wouldn't be picked by the spell checker because they make existing words. However they cause various grammatical and logical errors. It seems that authors may have neglected to do the final proof reading of the whole text, because these errors are easy to spot. There are also additional issues which may, to some extent, overlap with Jinmei's comments. 3. Identifiers in DHCPv6 Almost all sections belonging to section 3. (apart from the one discussing DUID) describe *options* carrying some identifiers. So it would be more appropriate to update the introductory text for section 3 to say: "In DHCPv6, there are many options which include identification information or can be used to extract the identification information about the client. This section enumerates various options and identifiers conveyed in them, which can be used to disclose client identification." and rename the section 3 to "DHCPv6 options carrying identifiers" 3.2. Client ID Option The section title should be "Client Identifier Option" because this is the actual name of this option. What does it mean "Client ID is an example of DUID"? I thought that "Client Identifier option is used to convey the DUID". 3.3. IA_NA, IA_TA... and co. OLD: "The IA Address option is used to specify IPv6 addresses ...." NEW: "The IA Address option is used to convey IPv6 addresses ..." OLD: " To differentiate between instances of the same type of IA containers, each IA_NA, IA_TA and IA_PD options have an IAID field that is unique for each client/option type pair. " NEW: " To differentiate between instances of the same type of IA containers for a client, each IA option includes the IAID field with a unique value for a given IA type". 3.8. Civic Location Option OLD: "DHCPv6 servers use the Civic Location option [RFC4776] to delivery of location information" NEW: "DHCPv6 servers use the Civic Location option [RFC4776] to deliver the location information.." 3.9. Coordinate based location I don't know what this intends to say: "After the relevant DHCPv6 exchanges have taken place, the location information is stored on the end device rather than somewhere else, where retrieving it might be difficult in practice." - what is "end device"? - what is "somewhere else" ? - retrieving? You mean it is hard to breach privacy of the client using this information because it is stored on the device running the DHCP client? I think this section may try to convey a valid information but is heavily unclear as stated. 3.10. Client System Architecture Type Option "The Client System Architecture Type option [RFC5970] is used by DHCPv6 client to send a list of supported architecture types to the DHCPv6 server. It is used to provide configuration information for a node that must be booted using the network rather than from local storage." The part starting from "It is used to provide configuration information..." is wrong because the options providing configuration information for a node (server to client) are different options, e.g. OPTION_BOOTFILE_URL. I think I understand what you're trying to say, but you don't say what you mean. OLD: "3.11.1. Subscriber ID" NEW: "3.11.1. Subscriber-ID Option" OLD: "3.11.2. Interface-ID" NEW: "3.11.2. Interface-ID Option" OLD: "3.11.3. Remote ID" NEW: "3.11.3. Remote-ID Option" "4. Existing Mechanisms That Affect Privacy This section describes available DHCPv6 mechanisms that one can use to protect or enhance one's privacy." Is this really true? I thought the purpose of the document was to describe the privacy issues related to the DHCPv6 protocol as it stands with no attempt to provide any mitigation strategies. If the purpose of the document is also to provide some recommendations for the clients (or rather clients' implementors) to avoid some operations leading to privacy breaching (without changing the protocol) it should be clearly stated in the introduction. Currently the introduction only states that this documents enumerates various identifiers which can be used to obtain identification information about the clients. After reading section 4 I actually don't see any mitigation strategies provided. So, the introductory text in this section is wrong. Marcin On 02.09.2015 23:44, Bernie Volz (volz) wrote: > Hi all, > > > > This message starts the DHC Working Group Last Call to advance > draft-ietf-dhc-dhcpv6-privacy-01, Privacy considerations for DHCPv6, > http://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-privacy-01. This > document’s intended status is Informational. At present, there is no IPR > file against this document. > > > > This is a part of the WGLC of 3 documents > (draft-ietf-dhc-dhcp-privacy-01, draft-ietf-dhc-dhcpv6-privacy-01, and > draft-ietf-dhc-anonymity-profile-03). > > > > Please send your comments by September 22th, 2015. If you do not feel > this document should advance, please state your reasons why. > > > > Bernie Volz is the assigned shepherd. > > > > - Tomek & Bernie > > > > > > _______________________________________________ > dhcwg mailing list > dhcwg@ietf.org > https://www.ietf.org/mailman/listinfo/dhcwg >
- [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy-01 … Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… 神明達哉
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… Marcin Siodelski
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… Tomek Mrugalski
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… Bernie Volz (volz)
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… 神明達哉
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… Tomek Mrugalski
- Re: [dhcwg] WGLC on draft-ietf-dhc-dhcpv6-privacy… Tomek Mrugalski