Re: [Ecrit] AD evaluation: draft-ietf-ecrit-ecall-20

Ivo Sedlacek <ivo.sedlacek@ericsson.com> Thu, 15 December 2016 13:13 UTC

Return-Path: <ivo.sedlacek@ericsson.com>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 060CD129639 for <ecrit@ietfa.amsl.com>; Thu, 15 Dec 2016 05:13:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U6kvRs2VULeF for <ecrit@ietfa.amsl.com>; Thu, 15 Dec 2016 05:13:22 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79D47129A5D for <ecrit@ietf.org>; Thu, 15 Dec 2016 05:13:20 -0800 (PST)
X-AuditID: c1b4fb30-037da980000054c8-85-585296eee75e
Received: from ESESSHC014.ericsson.se (Unknown_Domain [153.88.183.60]) by (Symantec Mail Security) with SMTP id 74.3C.21704.EE692585; Thu, 15 Dec 2016 14:13:18 +0100 (CET)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.60) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 15 Dec 2016 14:12:28 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=okkbvEeXlpw4cJCZO9uKNIYwDBDclD4xNo7aubChqFI=; b=L6y6DrRwvN0QwSDKJF3KvvFAENm4K5D8NBc5ZNyQ59/dYuq+juaVHFxCGrHCySx8VznPP1Ufz6edH14xdmaKBaPuBXCFdJZQ3iQ1ejFwowpDQblZCp4yM8Sf3DxzL5et4VFwAEwiTwGGgZjsWtmZLlaflFNcfsOnFhg/5dx7jYI=
Received: from AM5PR0701MB2468.eurprd07.prod.outlook.com (10.169.153.136) by AM5PR0701MB2468.eurprd07.prod.outlook.com (10.169.153.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.789.5; Thu, 15 Dec 2016 13:12:27 +0000
Received: from AM5PR0701MB2468.eurprd07.prod.outlook.com ([10.169.153.136]) by AM5PR0701MB2468.eurprd07.prod.outlook.com ([10.169.153.136]) with mapi id 15.01.0789.009; Thu, 15 Dec 2016 13:12:27 +0000
From: Ivo Sedlacek <ivo.sedlacek@ericsson.com>
To: Randall Gellens <rg+ietf@randy.pensive.org>, "Emergency Context Resolution with Internet Technologies Discussion List" <ecrit@ietf.org>
Thread-Topic: [Ecrit] AD evaluation: draft-ietf-ecrit-ecall-20
Thread-Index: AQHST6wRrRIAV+TuZEmZ3uUONYsOHKEIKs+AgADb+QA=
Date: Thu, 15 Dec 2016 13:12:27 +0000
Message-ID: <AM5PR0701MB2468487AA168E707E12AE5ACE59D0@AM5PR0701MB2468.eurprd07.prod.outlook.com>
References: <97277796-68FC-4967-85B0-3EAE9173DC93@cooperw.in> <p06240607d477882372e1@[99.111.97.136]>
In-Reply-To: <p06240607d477882372e1@[99.111.97.136]>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ivo.sedlacek@ericsson.com;
x-originating-ip: [192.176.1.90]
x-ms-office365-filtering-correlation-id: 42b75e57-d072-4e08-dbcf-08d424ec04bc
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:AM5PR0701MB2468;
x-microsoft-exchange-diagnostics: 1; AM5PR0701MB2468; 7:TWshXvYj11Ktm2a5FdDMw0JnCCB/FkqwfZYBvaslizOpPXo7HBj1nmhMVUgliYbWjXaZ7nQNbH3vh4U+OydW+FS+hDASupY56zKz5iNa/B31ZITYl4qKSx4lrSqrH1U8i6azxmzsPZIccoigPsWQCWlJOOR+4HF0QteCohiIoIFdz6yLf0KjapWHdp2WIVx08DK1/AxGD/Os33R3pLvM2Mz5KlLa+aspcf+stqyl7lGFZAVJahDewErFXv/cBHED7iJcFY07nZPB1ZN+rjibEg5BEY/9dG6gW9P/MKEphC4aIZVhXJIbbpDbvxCXcF0ndRW9oyLTYDN1r1DBJF6YxHeb7i76PYLFGfL9i/btUkBMdQWObYqPvBKdafX8QhXkL6WWg5XriVv5WS/ybYOeV9jASA6I9XVsbt4TXO+FkpwChNthE0cEG5eHlJvMbBP8PThh1+HXcnpdr6DFwgj5Mg==
x-microsoft-antispam-prvs: <AM5PR0701MB24685B49E5CA59CD91BC2D03E59D0@AM5PR0701MB2468.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(6072148); SRVR:AM5PR0701MB2468; BCL:0; PCL:0; RULEID:; SRVR:AM5PR0701MB2468;
x-forefront-prvs: 0157DEB61B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(7916002)(39850400002)(39860400002)(39410400002)(39450400003)(39840400002)(189002)(199003)(13464003)(377454003)(24454002)(50944005)(50986999)(8936002)(345774005)(8676002)(76576001)(3660700001)(106356001)(106116001)(105586002)(3280700002)(101416001)(6436002)(7696004)(74316002)(2950100002)(81166006)(6506006)(76176999)(54356999)(81156014)(5660300001)(229853002)(77096006)(38730400001)(97736004)(92566002)(5001770100001)(7736002)(107886002)(25786008)(33656002)(66066001)(122556002)(2900100001)(189998001)(6116002)(9686002)(3846002)(2906002)(68736007)(305945005)(102836003)(86362001)(230783001)(11771545001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM5PR0701MB2468; H:AM5PR0701MB2468.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Dec 2016 13:12:27.5369 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0701MB2468
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpjleLIzCtJLcpLzFFi42KZGbHdRvfdtKAIg79XTCwaFz1ltfj+vIvR gcljyZKfTB5b7zxmCWCK4rJJSc3JLEst0rdL4MqYfP0oU8Gl6Io7l3eyNzAu9+hi5OCQEDCR eLuztouRi0NIYB2jxNL252wQzglGiWkrlzGBOCwCvcwSb1+9gMrMZZK4cf0DK4RzhlFi4sQl LF2MnBxsAnoSE7ccAUuICPQySuxsvMoEkhAWsJWY+bCFFcQWEbCTWHa/jwXCtpL4N2s9M4jN IqAqsaJxFzuIzSuQIHFhwjWwXiGBdIkFC/aA1XACHduyvBMsziggJvH91Bowm1lAXOLWk/lg toSAgMSSPeeZIWxRiZeP/7FC1MdI/O/+zArxtIJE7+UoiBJfiXnrVzJC2P4SDy89Ywe5X0Kg j0Xi9vW/7BCJfIn+Zz9ZIWxriZfndrNCFQGD4sYDFoiEjMT7H4/ZIBKL2SSu/LzNBvFBqsTy ta2MkJCQkrh7pRPKlpF4cWcv6wRGzVlInoCwdSQW7P7EBmFrSyxb+Jp5FjhgBCVOznzCsoCR ZRWjaHFqcVJuupGRXmpRZnJxcX6eXl5qySZGYOo4uOW3wQ7Gl88dDzEKcDAq8fAWxAVGCLEm lhVX5h5ilOBgVhLh1QAmHiHelMTKqtSi/Pii0pzU4kOM0hwsSuK8ZivvhwPDPbEkNTs1tSC1 CCbLxMEp1cAY+ZePecLUCy2cTpJn+6t3bzz7jVlovb3v0+/P2HJ+ByrJCZ433rPn0mLun5/y L/r92TP5WkOl1bxT+8oe3JWyrduwv2+79tf5E40dFfZbHHg5n4Pf9Dzjt0/9twUm5UwTV7NV jNm8ldVDdtZE+eUf3hyYdSZDbv2BBO5Exfve6VGNNjs3vb13X4mlOCPRUIu5qDgRAHg2MQYZ AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/FkRljs2GhNh9hz41ez9qxAcLIIU>
Subject: Re: [Ecrit] AD evaluation: draft-ietf-ecrit-ecall-20
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 13:13:27 -0000

Hello,

Can you please share the up-to-date version of the draft? Thank you.

Kind regards

Ivo Sedlacek

-----Original Message-----
From: Ecrit [mailto:ecrit-bounces@ietf.org] On Behalf Of Randall Gellens
Sent: Thursday, December 15, 2016 12:52 AM
To: Alissa Cooper <alissa@cooperw.in>in>; Emergency Context Resolution with Internet Technologies Discussion List <ecrit@ietf.org>
Subject: Re: [Ecrit] AD evaluation: draft-ietf-ecrit-ecall-20

Hi Alissa,

Thank you for your review.  Please see in-line.

At 5:31 AM -0500 12/6/16, Alissa Cooper wrote:

>  I have reviewed this document in preparation for IETF last call. 
> There are a few items that require discussion before proceeding to LC. 
> I've also included nits that should be resolved together with LC 
> comments or beforehand.
>
>  Substantive comments requiring attention before issuing IETF:
>
>  = Section 5 =
>
>  (1) Since the CEN specifications are not publicly available without 
> paying a fee (as far as I could tell), it would help to provide an 
> overview of what fields are included in the MSD. Otherwise it is 
> difficult to do a complete security/privacy analysis of what is being 
> specified in this document.

I added a parenthetical list of the important fields (meaning those potentially privacy sensitive):

    Pan-European eCall provides a standardized and mandated set of
    vehicle related data (including VIN, vehicle type, propulsion type,
    current and optionally previous location coordinates, and number of
    occupants), known as the Minimum Set of Data (MSD).

>
>  = Section 9.1.3.1 =
>
>  (1) msgid is underspecified. What is it supposed to be used for? 
> Why is it Conditional?

It's used in draft-ietf-ecrit-car-crash.  It's Conditional because it is only needed when using static messages.  It's used to indicate either the static message that the vehicle should display/speak to the occupants, or the set of static messages supported by the vehicle (by specifying the highest supported value).  I added clarifying text to the Description:

    Description:  Defined for extensibility.  Documents that make use of
       it are expected to explain when it is required and how it it used.

Anything more explicit would require that I mention static messages, which are not used in this document (they're used in car-crash), and I'm afraid that would be more confusing.


>
>  (2) For supported-values, requested-state, and element-ID, what is 
> the expectation about where and how the permitted values will be 
> specified?

Since these are all defined for extensibility, the expectation is that the document that uses it defines this.  The car-crash draft makes use of them and defines this.  I added the following sentence to the Description of all three:

       Documents that make use of it are expected to explain
       when it is is required, the permitted values, and how it it used.

>
>  = Section 10 =
>
>  I think this section should actually be a subsection of Section 15. 
> IANA needs to register this INFO package and therefore the 
> registration needs to be in the IANA considerations section. Also, 
> documents don't typically reference themselves unless the text is part 
> of an IANA registration.

Christer asked it to be made its own section.  I now moved it to be a sub-section of the IANA Considerations section.


>
>  = Section 12 =
>
>  The paragraph that begins "Data received from external sources 
> inherently carries implementation risks ..." seems generic and not 
> specific in any way to this specification. Could you elaborate on 
> the specific threats introduced by this specification and specific 
> guidance to mitigate those threats?

It is a pretty generic paragraph.  I now added "including the MSD and 
metadata/control objects" to tie it in to what's new in the document, 
but I agree with you that none of this really needs to be said.  It 
was added by request of an early reviewer who felt it important to 
point out this out, and I figured it wouldn't hurt.


>
>  = Section 15 =
>
>  "This document formalizes the "EmergencyCallData" media (MIME) subtype
>     tree.  This tree is used only for content associated with emergency
>     communications.  New subtypes in this tree can be registered by the
>     IETF or by other standards organizations working with emergency
>     communications, using the "Specification Required" rule, which
>     implies expert review.  The designated expert is the ECRIT working
>     group."
>
>  I reviewed the thread on the media-types list, and I think this 
> text is unclear and needs some fixes:
>
>  (1) Instead of saying this "formalizes" the tree, I think the text 
> needs to be explicit that it is registering a new subtree rooted at 
> application/EmergencyCallData.

I added that and also listed the subtypes that are contained in the 
subtree (the four created in RFC 7852 and the two in this document).

>
>  (2) If you intend for the rules for this subtree to mirror the 
> rules for the standards tree specified in RFC 6838, albeit limiting 
> registrants to emergency-services-related SDOs, then the language 
> used there to describe the registration procedures should be copied.

Rather than copy the wording, I referenced it:

    New subtypes in this subtree follow
    the rules specified in Section 3.1 of [RFC6838], with the additional
    restriction that the standards-related organization MUST be
    responsible for some aspect of emergency communications.

>
>  (3) I think the procedure of specifying the WG as the designated 
> expert is not the most effective choice. It introduces an extra 
> round of triage to find a reviewer when a request comes in, and 
> relies on the perpetual existence of the WG. It's fine if you want 
> the IESG to designate multiple experts or even setup a list with a 
> pool of experts to serve as DEs (neither of which need to be 
> specified in the document), but either of those would be preferable 
> to designating the WG as the expert.

With the new wording that references RFC 6838, the document no longer 
names an expert.

>
>  = Section 15.1 =
>
>  A description needs to be provided for the registration of 
> urn:service:test.sos.ecall.

I added:

    This service requests
    resources associated with a test (non-emergency) call placed by an
    in-vehicle system.  See Section 8 for more information on the test
    eCall request URN.

>
>  = Section 15.2 =
>
>  "In general, it is acceptable for the data to be unprotected while briefly in
>        transit within the Mobile Network Operator (MNO); the MNO is
>        trusted to not permit the data to be accessed by third parties."
>
>  This does not seem consistent with Sections 9 and 10 of RFC 7852, 
> where TLS is listed as a SHOULD-level requirement due to legacy 
> deployed bases and the priority for calls to be completed in 
> emergency situations, not because of any sort of trust 
> relationship. I think this text needs to be revised to be 
> consistent with RFC 7852.

The text is specifically talking about data within the MNO, not data 
in transit between the MNO and the vehicle, or the MNO and the PSAP, 
hence it is entirely consistent with TLS (since when TLS is used, the 
data is in the clear within the entity that received it, as TLS is 
hop-by-hop rather than end-to-end).  However, on review the text does 
not seem needed and so I delete the text you quoted.

>
>  = Sections 15.4 and 15.5 =
>
>  I think you mean Emergency Call Data Types registry as opposed to 
> Emergency Call Data Blocks registry (the latter does not exist). 
> Also note that the Data Types registry has a 'Data About' column 
> that needs to be filled in for these two entries.
>
>  I would also recommend fixing all the other references in the 
> document to the Emergency Call Data Blocks registry.

That was an old name for the registry.  Thanks for catching this.  I 
fixed all references.


>
>  = Section 19 =
>
>  Why are EN_16072 and TS22.101 listed as normative, but TS24.229 is 
> listed as informative? I suspect they could all be informative, 
> although I do not have access to EN_16072.

I agree, those are now informative references.

>  Nits that can be resolved in the next rev (preferably) or together 
> with IETF LC comments:
>
>  = Abstract and Section 2 =
>
>  Since the IETF defines standards for the big-I Internet, I think it 
> would help to make a clarification similar to the following in the 
> abstract and in Section 2:
>
>  "Although this specification is designed to meet the requirements 
> of European next-generation eCall, it is specified generically such 
> that the technology may be re-used or extended to suit requirements 
> across jurisdictions (see, e.g., draft-ietf-ecrit-car-crash)."
>
>  Section 2 doesn't quite say this but I think it's important enough 
> to note specifically there and in the abstract.

I like your wording better than what's in Section 2 now, so I 
replaced that with yours (except with "can" instead of "may" because 
otherwise someone will say it is ambiguous):

    Although this specification is designed to meet the requirements of
    pan-European next-generation eCall, it is specified generically such
    that the technology can be re-used or extended to suit requirements
    across jurisdictions (see, e.g., [I-D.ietf-ecrit-car-crash]), and
    extension points are provided to facilitate this.

I added the same to the Abstract except without the reference to 
car-crash (since references are frowned upon in Abstracts).

>
>  = Section 3 =
>
>  s/(both of which are registered in Section 15)/(both of which are 
> registered in Section 15)./

Thanks.

>
>  = Section 5 =
>
>  I think it would help to explain why support for the XML encoding 
> of MSD is not being specified here.

It's because 3GPP didn't want it, they insisted on ASN.1.  I added 
"per 3GPP [SDO-3GPP]".


>
>  = Section 8 =
>
>  You need to explain what CS-eCall is and expand the acronym on first use.

There were only two uses, so I just expanded them both.


>
>  = Section 9.1.1.2 =
>
>  The reason codes should be defined and explained here in the body 
> of the document and references from the IANA considerations 
> section, not defined for the first time there.
>
>  = Section 9.1.3.1 =
>
>  s/persistance/persistence/

Oops, thank you for catching this.

>
>  = Section 14 =
>
>  s/@success='false"/@success="false"/

Good catch, thank you.

>
>  = Section 15 =
>
>  I don't understand why the intro to this section contains the media 
> type subtree registration, rather than having that in its own 
> subsection like all the other subsections of Section 15.

OK, I made it a subsection.


>
>  = Section 15.2 and 15.3 =
>
>  "Sections 7 and Section 8 of [RFC7852] contain more discussion."
>
>  I think you mean Sections 9 and 10.

Thanks for catching this.

-- 
Randall Gellens
Opinions are personal;    facts are suspect;    I speak for myself only
-------------- Randomly selected tag: ---------------
Day of inquiry.  You will be subpoenaed.

_______________________________________________
Ecrit mailing list
Ecrit@ietf.org
https://www.ietf.org/mailman/listinfo/ecrit