IETF Logo Mail Archive

Re: [Ecrit] AD review: draft-ietf-ecrit-additional-data-29

Alissa Cooper <alissa@cooperw.in> Thu, 09 July 2015 22:19 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FF141A1B1B for <ecrit@ietfa.amsl.com>; Thu, 9 Jul 2015 15:19:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fexibL2d1DCc for <ecrit@ietfa.amsl.com>; Thu, 9 Jul 2015 15:19:39 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C21481A1B17 for <ecrit@ietf.org>; Thu, 9 Jul 2015 15:19:39 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id E74A621AA7 for <ecrit@ietf.org>; Thu, 9 Jul 2015 18:19:38 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute1.internal (MEProxy); Thu, 09 Jul 2015 18:19:38 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-sasl-enc :x-sasl-enc; s=mesmtp; bh=TlzFYBpha8/lik3f6BuOlnpCk3A=; b=TWsKtu t144/pmx8qyut7LBDgSp+9ESBBoQrFwV6J0mO+zIL1bBjBWD6g1CTkJNC2btuAyN MJ4UdLRpv7NKC/YOdCnhPnbRY6vJKtmt7RZBr1uGiwTjT0VXOZDhMSSE4qOqPhzJ GZovxJbBoNP888z3BT4Gclkig8qkPrgdCCOu4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=TlzFYBpha8/lik3 f6BuOlnpCk3A=; b=TExthHmzE4RrZu68r55y6TDDFPgZNekUbLg/DubX6cwSuxd rBlOjcnY5g3W0Vhptt27JwkLucpdq2WUBhf4RZPC660ns5M+J5eux6/sslDDmCsM GsE98T/cNDwrkx3Nl9L7bEiU6eBxKe+NjlWXw7I8DabV14/WtTs4lwIPx2D0=
X-Sasl-enc: AmqJSlAJVy3DD/ffgcK0LeC/2juexrKjOFOrhw2hiZEo 1436480378
Received: from dhcp-171-68-21-99.cisco.com (dhcp-171-68-21-99.cisco.com [171.68.21.99]) by mail.messagingengine.com (Postfix) with ESMTPA id BF4B9C00023; Thu, 9 Jul 2015 18:19:37 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <p06240600d194f63d737f@[99.111.97.136]>
Date: Thu, 09 Jul 2015 15:19:35 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <AA8402BC-217E-4072-94A6-4C9B3BB2A08B@cooperw.in>
References: <99E88B8D-C7E1-4C33-A5FC-45E105D28580@cooperw.in> <p06240600d194f63d737f@[99.111.97.136]>
To: Randall Gellens <rg+ietf@qti.qualcomm.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ecrit/1wZ06R1rp48TUyGSeLfjo4QOB0M>
Cc: ecrit@ietf.org
Subject: Re: [Ecrit] AD review: draft-ietf-ecrit-additional-data-29
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2015 22:19:41 -0000

Hi Randy,

Thanks for addressing my comments. I have one follow-up below.

On Jun 28, 2015, at 6:53 PM, Randall Gellens <rg+ietf@qti.qualcomm.com> wrote:

>> 
>> Section 4.3.4:
>> I'm curious about the kinds of "investigations" 
>> that PSAPs do and how they have used unique 
>> device IDs in those investigations -- could you 
>> explain? At first blush this seems to require 
>> over-sharing of sensitive data.
> 
> The most common situation that I'm aware of is 
> repeated false/accidental calls.  If there is no 
> callback number or it isn't usable, the PSAP may 
> need to try and track down the device by 
> contacting the service providers in the area.  In 
> the case of handsets without current service, 
> they may be able to determine who last had 
> service.  

How does the user make an emergency call without current service?

> There could be other situations where 
> this might be useful (e.g., a disconnected call 
> where the call taker believes there is a need for 
> assistance but was not able to obtain a location 
> or other information).

It would be helpful if the above explanation could be included in the draft.

Given the explanation above, does it really make sense for the device to be providing this information in addition to the service provider? That is, the device may have many possible device IDs that it could include, but it may not know which ones the service provider collects and correlates to specific users, so it won’t necessarily know which ones to provide. Given that all of these IDs can be uniquely identifying in different contexts, providing multiple IDs that won’t get used seems like not the best idea. And if the user is abusing the emergency call system, he won’t include these anyway.

Are we sure that all of the device types specified actually get used in this way by PSAPs? E.g., I was curious about whether service providers track device RFIDs.

I also think, as much as I dislike the subscriber privacy indicator specified in 4.4.1, it should cover this data element as well, particularly since this element can be inserted by the service provider without the user knowing.

Thanks,
Alissa

v2.23.0 | Report a Bug | By Email