[Ecrit] Secdir review of draft-ietf-ecrit-data-only-ea-18
Charlie Kaufman <charliekaufman@outlook.com> Sat, 24 August 2019 19:53 UTC
Return-Path: <charliekaufman@outlook.com>
X-Original-To: expand-draft-ietf-ecrit-data-only-ea.all@virtual.ietf.org
Delivered-To: ecrit@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 65534) id 23205120020; Sat, 24 Aug 2019 12:53:15 -0700 (PDT)
X-Original-To: xfilter-draft-ietf-ecrit-data-only-ea.all@ietfa.amsl.com
Delivered-To: xfilter-draft-ietf-ecrit-data-only-ea.all@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8661D12006E; Sat, 24 Aug 2019 12:53:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TQcwreJL7d15; Sat, 24 Aug 2019 12:53:12 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-oln040092004034.outbound.protection.outlook.com [40.92.4.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26B24120020; Sat, 24 Aug 2019 12:53:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AhvknYUpM2mOlyhkg9aYde4+YCi+INBFbhmOpS7PU7GMpoemdVCly9uC2cBd/StXbA1CnGdBwFP7KfkcBil7CohUWFV2+GxTJ22ZiWO/6FzSAO8fElSVq1HocBAFUJ4Zr7vET+p/MHosORZGzowSSYy8qPLYEqBG/e2I3lBO5wg2RGHPf/iHD2+UxnSZQPzjRC0KXaxkEP+G4zSs377fS4Qe/VERa0bHaPOlembd5MJUSumcZZx0cvFHANTH9bV1e9V0lmuZUQpxYt+FQoe2O+TpNq8C8s/29hgQAg5nWvVlQeyXVgxcNcdH2AJRM61lAIZnllpQIEhw/Ao5jndqtw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pnvLoIMZLD/NGH2q8pVVxPg1iux11ZMeEw6Sb8veD7Q=; b=RBNd0WrLcnsDcVyDJwa4UFlhRyoxGdSiRN8Z2MQgpJfrMrcgWHMyvW9lUC0lJzhtVxwap75mdWMb2fFmp5lA2sXwsXFoJEV9pr5OW/ywt7k9Aek1ZxMsGe7sVlD5wpMmXruu6eNFswpNP2L3HRFdw3fBTB400M1QmMv1/oDoPVHxdq0CZzUyX9p9dYEZ/RRpwpQVpmtHxkg3gUxPOSGmgFQ80wXqmatrXcKQ/7brVhtuOhIa87PG1MUOTwm6kdl6HlpF9dxM8QKkzsJ2xyhpfatCZ3UI6qeAzWiECCUcfpw2FEeRdd81fELnXKMm1/tICXfhhbYvqK2FZqY2/rFIAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pnvLoIMZLD/NGH2q8pVVxPg1iux11ZMeEw6Sb8veD7Q=; b=KkcZkFAoqqhRNZ4P9PRs/b0n8wZYqUm2yxavHMflncLegO9NpJxkABZOCLYRIK8wd8YIuhyx8yrjvwfhAyigxbdydZWaCQmU7rfvAZH/tjKbTu0gC7UTbUAe1YirNUW58S1aNWFs+ByZ8bsUciqhJgI/MFjaiWjXNG7dKPfWlFnfckhJKp+2DDNBA8pXsk89t5v9ZO7pXteS5so/QtANxo0afbSIidOel4UWGLDwgtTkf2hn9aZjjsOTkaB2uGEnp1NEngAQ27op4dkZVwITaLb2s543OrZtSwr1tBxxZcWU6eaytXdvpyPZn477Y4OYG3k7ggYhsgU0v0HP/EVL8Q==
Received: from SN1NAM02FT013.eop-nam02.prod.protection.outlook.com (10.152.72.56) by SN1NAM02HT059.eop-nam02.prod.protection.outlook.com (10.152.73.45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.13; Sat, 24 Aug 2019 19:53:11 +0000
Received: from MWHPR04MB0367.namprd04.prod.outlook.com (10.152.72.57) by SN1NAM02FT013.mail.protection.outlook.com (10.152.72.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.13 via Frontend Transport; Sat, 24 Aug 2019 19:53:10 +0000
Received: from MWHPR04MB0367.namprd04.prod.outlook.com ([fe80::647b:b636:342c:f0f5]) by MWHPR04MB0367.namprd04.prod.outlook.com ([fe80::647b:b636:342c:f0f5%2]) with mapi id 15.20.2178.020; Sat, 24 Aug 2019 19:53:10 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ecrit-data-only-ea.all@ietf.org" <draft-ietf-ecrit-data-only-ea.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-ecrit-data-only-ea-18
Thread-Index: AQHVWrVSYrXYcnS0SkGl7pu26H6ueQ==
Date: Sat, 24 Aug 2019 19:53:10 +0000
Message-ID: <MWHPR04MB0367DA96CF172D996CDDA622DFA70@MWHPR04MB0367.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:1F1FED9EAFBA0D4184881D4ACE6AD383884967CEFDE737BBA1E7670C646DC028; UpperCasedChecksum:30B068DF2CCF5B9A043DAF63945B690001059E4739F467AEF8CA51728D220CA4; SizeAsReceived:6714; Count:40
x-tmn: [YdBoR6aQ3yP5WuHc5mzl14h77OcZUwaC]
x-ms-publictraffictype: Email
x-incomingheadercount: 40
x-eopattributedmessage: 0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(5050001)(7020095)(20181119110)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031323274)(2017031324274)(2017031322404)(1601125500)(1603101475)(1701031045); SRVR:SN1NAM02HT059;
x-ms-traffictypediagnostic: SN1NAM02HT059:
x-microsoft-antispam-message-info: DlSZsmLs0WXTO0vMBSDSgsyZyR5UilZrvRvdkAOBlBbE716xAkLX40ApgSMKXkuV8iqcqbuYRHhU6n46eNWKgXNWEBgnpUAP//zME5W96sxVDgPRsXER9M8s1FonEc3cazWT4CjHEsh/cwK7NQQ0bcPP3Cd2zpA9hanP5WMPifHJgYsLUSaYqDUwwvQB2Grk
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MWHPR04MB0367DA96CF172D996CDDA622DFA70MWHPR04MB0367namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 12ed7498-8e5b-43f5-2095-08d728ccb0fa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Aug 2019 19:53:10.2366 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM02HT059
Resent-From: alias-bounces@ietf.org
Resent-To: br@brianrosen.net, hgs+ecrit@cs.columbia.edu, hannes.tschofenig@arm.com, rg+ietf@coretechnologyconsulting.com, allison.mankin@gmail.com, roger.marshall@comtechtel.com, barryleiba@computer.org, adam@nostrum.com, aamelnikov@fastmail.fm, Allison Mankin <allison.mankin@gmail.com>, draft-ietf-ecrit-data-only-ea@ietf.org, ecrit@ietf.org
Resent-Message-Id: <20190824195315.23205120020@ietfa.amsl.com>
Resent-Date: Sat, 24 Aug 2019 12:53:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/hoWefCbDWEKmwk8B3QsQey29N00>
Subject: [Ecrit] Secdir review of draft-ietf-ecrit-data-only-ea-18
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Aug 2019 19:53:15 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document defines a new MIME type: 'application/EmergencyCallData.cap+xml' for use primarily by sensors to send alert messages to emergency services providers. It also defines a new Emergency Call Data Type: 'cap' in order to embed this data efficiently in a SIP transaction. I saw no new security issues beyond those already noted for the protocols carrying these messages. I do have some editorial suggestions: There is a lot of context that the authors assumed any reader would have that could have been stated in the introduction. I believe from context that the purpose of this new MIME type is to support simple (IoT) sensors that don't want to implement a more heavyweight protocol, but I don't believe that was stated anywhere. I got the impression that the functionality provided could have been done with existing protocols by sending the CAP message over a SIP session, but that doing so would place an unnecessary burden on simple (IoT) sensors, and that this protocol would be easier for such sensors to implement for the limited cases such sensors need to deal with. If that's true, it should be stated. If not, the purpose of this protocol should be more clearly stated. These acronyms were used but never defined: SIP CID LoST These acronyms were expanded, but not in an easy to find place: Common Alerting Protocol (CAP) Public Safety Answering Points (PSAPs) Emergency Services Routing Proxy (ESRP) It would be nice to include them in the terminology section, ideally with a reference to the RFC where more information is available. Typo: p17 "security mechanism" -> "security mechanisms" --Charlie
- [Ecrit] Secdir review of draft-ietf-ecrit-data-on… Charlie Kaufman
- Re: [Ecrit] Secdir review of draft-ietf-ecrit-dat… Allison Mankin
- Re: [Ecrit] Secdir review of draft-ietf-ecrit-dat… Brian Rosen
- Re: [Ecrit] Secdir review of draft-ietf-ecrit-dat… Charlie Kaufman
- Re: [Ecrit] Secdir review of draft-ietf-ecrit-dat… Brian Rosen