[dns-privacy] Roman Danyliw's No Objection on draft-ietf-dprive-bcp-op-08: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 05 February 2020 02:08 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 09E48120058; Tue, 4 Feb 2020 18:08:23 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dprive-bcp-op@ietf.org, Tim Wicinski <tjw.ietf@gmail.com>, dprive-chairs@ietf.org, tjw.ietf@gmail.com, dns-privacy@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.116.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <158086850303.15764.11037418418570151550.idtracker@ietfa.amsl.com>
Date: Tue, 04 Feb 2020 18:08:23 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/1HZjJXIh8DpNn5Q0BYydmbIxI7c>
Subject: [dns-privacy] Roman Danyliw's No Objection on draft-ietf-dprive-bcp-op-08: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Feb 2020 02:08:23 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-dprive-bcp-op-08: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dprive-bcp-op/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

** Per 6.1.1.  Item 2.  Per “Data Collection and sharing … and in each case
whether it is aggregated, pseudonymized, or anonymized and the conditions of
data transfer”, would be useful to also have the policy describe the technique
used to realize this minimization?

** Section 6.1.2.  Item 5.  Per “Jurisdiction.  This section should communicate
the applicable jurisdictions and law enforcement regimes …”, what’s a “law
enforcement regime” (and why is that different than a “jurisdiction”)?

** Section 6.2.1.  Per item 5.4.  Why restrict disclosure to “law enforcement
agencies, or other public and private parties dealing with security and
intelligence”, and not request disclosure of all parties who get access with
“Specify whether the operator has any agreement in place with public or private
parties to give them access to the server and/or to the data”?  One party’s
assessment of an entity as “security” (captured in the current text) is
another’s “public safety” (not captured in the current text but captured the
recommend text)

** Editorial Nits
-- Section 6.1.2.  Typo. s/section Section 5/Section 5/g

-- Section 6.1.2  Editorial Nit. Per item 5.2, “… and how to contact the
operator to enforce them”, it is more appropriate to say “exercise them”, e.g.,
a user contacts the operator to exercise their “right to be forgotten” (not
enforce their right to be forgotten).