Re: [Gen-art] Genart last call review of draft-ietf-6man-rfc4941bis-10

Fernando Gont <fgont@si6networks.com> Wed, 16 September 2020 12:42 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B0753A1234; Wed, 16 Sep 2020 05:42:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.098
X-Spam-Level:
X-Spam-Status: No, score=-1.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RDNS_NONE=0.793, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e9XUlp2ROsx0; Wed, 16 Sep 2020 05:42:05 -0700 (PDT)
Received: from skynet.si6networks.com (unknown [83.247.7.195]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D1F23A0B0E; Wed, 16 Sep 2020 05:42:03 -0700 (PDT)
Received: from [IPv6:2800:810:464:1088:9dfd:9390:d75d:cb60] (unknown [IPv6:2800:810:464:1088:9dfd:9390:d75d:cb60]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by skynet.si6networks.com (Postfix) with ESMTPSA id 55FC11F45; Wed, 16 Sep 2020 09:41:54 -0300 (-03)
To: Russ Housley <housley@vigilsec.com>
Cc: IETF Gen-ART <gen-art@ietf.org>, draft-ietf-6man-rfc4941bis.all@ietf.org, last-call@ietf.org, ipv6@ietf.org
References: <159985539023.6692.3362899198639789498@ietfa.amsl.com> <a4dab342-219a-0f54-9972-623146d3a5d3@si6networks.com> <B7F58E44-B48B-43F5-917A-262A21B70C38@vigilsec.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <cf44056d-6c6e-7766-01a7-6741398969f8@si6networks.com>
Date: Wed, 16 Sep 2020 08:39:14 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <B7F58E44-B48B-43F5-917A-262A21B70C38@vigilsec.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/Ph1eaDdjmzJmZRB5_tCyRNmoIW0>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-6man-rfc4941bis-10
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2020 12:42:10 -0000

Hi, Russ,

On 13/9/20 14:46, Russ Housley wrote:
> Fernando:
> 
>> Thanks a lot for your comments! In-line....
>>
>> On 11/9/20 17:16, Russ Housley via Datatracker wrote:
>>> Reviewer: Russ Housley
>>> Review result: Almost Ready
>> [....]
>>> Major Concerns:
>>> In Section 2.2, the discussion of DNS names comes out of the blue.  In
>>> RFC 4941, there was context for this discussion that has been dropped
>>> from this document.  Some context is needed.
>>
>> I reared the text, but I don't find it as "coming out of the blue". I guess one could add something to Section 2.1 to include DNS names... but, at the end of the day, the name is just another identifier.
>>GRANT ALL ON wp_si6networks.* TO 'wp_si6networks'@'localhost';
>> Or put another way, I'm not sure what's the "context" I would add if asked to.
>>
>> Thoughts?
> 
> This point from RFC 4941 is what I was talking about.
> 
>     One of the requirements for correlating seemingly unrelated
>     activities is the use (and reuse) of an identifier that is
>     recognizable over time within different contexts.  IP addresses
>     provide one obvious example, but there are more.  Many nodes also
>     have DNS names associated with their addresses, in which case the DNS
>     name serves as a similar identifier.  Although the DNS name
>     associated with an address is more work to obtain (it may require a
>     DNS query), the information is often readily available.  In such
>     cases, changing the address on a machine over time would do little to
>     address the concerns raised in this document, unless the DNS name is
>     changed as well (see Section 4).

I see.

How about if we add back these bits, with the text resulting in:
---- cut here ----
    One of the requirements for correlating seemingly unrelated
    activities is the use (and reuse) of an identifier that is
    recognizable over time within different contexts.  IP addresses
    provide one obvious example, but there are more.

    Many nodes have DNS names associated with their addresses, in which
    case the DNS name serves as a similar identifier.  Although the DNS
    name associated with an address is more work to obtain (it may
    require a DNS query), the information is often readily available.  In
    such cases, changing the address on a machine over time would do
    little to address the concerns raised in this document, unless the
    DNS name is changed as well (see Section 4).

    Web browsers and servers typically exchange "cookies"
    with each other [RFC6265].  Cookies allow web servers to correlate a
    current activity with a previous activity.  One common usage is to
    send back targeted advertising to a user by using the cookie supplied
    by the browser to identify what earlier queries had been made (e.g.,
    for what type of information).  Based on the earlier queries,
    advertisements can be targeted to match the (assumed) interests of
    the end-user.
---- cut here ----

?

Would this address your concern?

Thanks!

Regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492