Re: [eman] Ben Campbell's Discuss on draft-ietf-eman-applicability-statement-10: (with DISCUSS)

"Thomas D. Nadeau" <tnadeau@lucidvision.com> Wed, 22 April 2015 22:20 UTC

Return-Path: <tnadeau@lucidvision.com>
X-Original-To: eman@ietfa.amsl.com
Delivered-To: eman@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B11611B37B0; Wed, 22 Apr 2015 15:20:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.895
X-Spam-Level:
X-Spam-Status: No, score=0.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sk6Jxkl4Gjcc; Wed, 22 Apr 2015 15:20:32 -0700 (PDT)
Received: from lucidvision.com (unknown [50.255.148.178]) by ietfa.amsl.com (Postfix) with ESMTP id 92DA61B35E3; Wed, 22 Apr 2015 15:20:32 -0700 (PDT)
Received: from [192.168.1.108] (unknown [50.255.148.181]) by lucidvision.com (Postfix) with ESMTP id AC9C33328A29; Wed, 22 Apr 2015 18:20:31 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: "Thomas D. Nadeau" <tnadeau@lucidvision.com>
In-Reply-To: <DBA94551-493C-4FFD-8C9F-49D9A3D2351C@nostrum.com>
Date: Wed, 22 Apr 2015 18:20:31 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <FC8494B3-6774-4E9F-B04C-5483F75E8061@lucidvision.com>
References: <20150422192021.30691.70336.idtracker@ietfa.amsl.com> <5538109D.1070103@cisco.com> <DBA94551-493C-4FFD-8C9F-49D9A3D2351C@nostrum.com>
To: Ben Campbell <ben@nostrum.com>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/eman/NumPhrl0AJbaCXzULjElKy1oc1E>
Cc: eman-chairs@ietf.org, eman@ietf.org, The IESG <iesg@ietf.org>
Subject: Re: [eman] Ben Campbell's Discuss on draft-ietf-eman-applicability-statement-10: (with DISCUSS)
X-BeenThere: eman@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussions about the Energy Management Working Group <eman.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eman>, <mailto:eman-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/eman/>
List-Post: <mailto:eman@ietf.org>
List-Help: <mailto:eman-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eman>, <mailto:eman-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2015 22:20:34 -0000

> On Apr 22, 2015:5:51 PM, at 5:51 PM, Ben Campbell <ben@nostrum.com> wrote:
> 
> On 22 Apr 2015, at 16:20, Benoit Claise wrote:
> 
>> On 22/04/2015 21:20, Ben Campbell wrote:
>>> Ben Campbell has entered the following ballot position for
>>> draft-ietf-eman-applicability-statement-10: Discuss
>>> 
>>> When responding, please keep the subject line intact and reply to all
>>> email addresses included in the To and CC lines. (Feel free to cut this
>>> introductory paragraph, however.)
>>> 
>>> 
>>> Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
>>> for more information about IESG DISCUSS and COMMENT positions.
>>> 
>>> 
>>> The document, along with other ballot positions, can be found here:
>>> http://datatracker.ietf.org/doc/draft-ietf-eman-applicability-statement/
>>> 
>>> 
>>> 
>>> ----------------------------------------------------------------------
>>> DISCUSS:
>>> ----------------------------------------------------------------------
>>> 
>>> [edited to fix missing word]
>>> 
>>> I agree with Stephen's comments that the security considerations are
>>> sorely lacking. I understand his reasoning for not asking the group to do
>>> considerably more work at this point in the process. But I'd like to see
>>> at least an explicit mention that power management as described in some
>>> of the use cases in this draft may have significant privacy
>>> considerations--even if that mention takes the form of "We haven't fully
>>> analyzed privacy issues, and leave that work to a follow on effort."
>> The question is: can we rely on the security considerations of RFC 7326, RFC 7460, and RFC 7461?
>> For example:
>> 
>>    In certain situations, energy and power monitoring can reveal
>>    sensitive information about individuals' activities and habits.
>>    Implementors of this specification should use appropriate privacy
>>    protections as discussed in Section 9 of RFC 6988 and monitoring of
>>    individuals and homes should only occur with proper authorization.
> 
> It would help if the security considerations in the applicability statement referenced those docs :-) Even so, references scoped to the MIBs are not completely satisfying when the draft says it is equally applicable to things like YANG and NETCONF.
> 
> (By the way, it looks like the references to 7460 and 7461 elsewhere in the draft still point to outdated drafts.)
> 
>> 
>> Or asked differently: should an applicability statement document review and discuss the security considerations of each of the use cases mentioned?
> 
> That would be nice--really, each use case may have different privacy issues. But I agree with Stephen that it's kind of late to ask the WG to analyze those.
> 
> Would you consider adding something to the effect of the following to the security considerations?
> 
> NEW:
> 
> " [RFC7460] section X and [RFC7461] section Y mention that power monitoring and management MIBs may have certain privacy implications. Applications of this spec that use other mechanisms (e.g. YANG) may have similar implications, which are beyond this scope of this document. There may be additional privacy considerations specific to each use case; this document has not attempted to analyze these. “

	This is a (thankfully) simple, and reasonable approach. My only question is why are we mentioning Yang here? The WG only produced SNMP MIBs.

	Would this fix resolve Stephen’s comments as well?

	—Tom