Re: [ietf-privacy] Fwd: New Version Notification for draft-cooper-ietf-privacy-requirements-00.txt
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 21 September 2013 12:55 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D367611E81C0 for <ietf-privacy@ietfa.amsl.com>; Sat, 21 Sep 2013 05:55:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.466
X-Spam-Level:
X-Spam-Status: No, score=-102.466 tagged_above=-999 required=5 tests=[AWL=0.133, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQL+1ZqC8qF1 for <ietf-privacy@ietfa.amsl.com>; Sat, 21 Sep 2013 05:55:32 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 8C95C11E81B8 for <ietf-privacy@ietf.org>; Sat, 21 Sep 2013 05:55:30 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 82589BE76; Sat, 21 Sep 2013 13:55:26 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oRhHNrPTp4Kt; Sat, 21 Sep 2013 13:55:24 +0100 (IST)
Received: from [10.87.48.3] (unknown [86.42.17.191]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 00B11BE74; Sat, 21 Sep 2013 13:55:23 +0100 (IST)
Message-ID: <523D973B.6090205@cs.tcd.ie>
Date: Sat, 21 Sep 2013 13:55:23 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: SM <sm@resistor.net>
References: <20130920162352.23295.48024.idtracker@ietfa.amsl.com> <523C7912.1060206@cs.tcd.ie> <6.2.5.6.2.20130920224035.0b5bf338@resistor.net>
In-Reply-To: <6.2.5.6.2.20130920224035.0b5bf338@resistor.net>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: ietf-privacy@ietf.org
Subject: Re: [ietf-privacy] Fwd: New Version Notification for draft-cooper-ietf-privacy-requirements-00.txt
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Sep 2013 12:55:40 -0000
On 09/21/2013 06:55 AM, SM wrote: > Hello, > At 09:34 20-09-2013, Stephen Farrell wrote: >> FYI. Comments welcome, > > I read draft-cooper-ietf-privacy-requirements-00 quickly. > > From Section 3: > > "standards-track IETF protocols that involve transmission of personal > data" > > The above only covers sending personal data. I commented about a draft > previously [1]. The Gen-ART review [2] mentioned that: > > "Misuse of this specification and many others could harm privacy, > but that shouldn't necessarily dissuade us from publishing this draft." > > The SecDir review didn't consider privacy as a security concern [3]. > > Would draft-cooper-ietf-privacy-requirements-00 be applicable for the > above case? Assuming we get IETF consensus for our proposal, then yes I think it would cover that case since the personal data concerned is designed to be transmitted in the DNS protocol. Since there's currently no way to provide confidentiality for DNS (a fine thing to think about), then for draft-jabley it would come down to whether the IETF would have consensus to ignore the BCP in that case. I guess this proposed BCP would in such cases move the burden of proof somewhat from those saying "stop, be more privacy friendly" to those proposing the new protocol. And I think that'd be a good change. S. > > Regards, > -sm > > 1. http://www.ietf.org/mail-archive/web/ietf/current/msg79722.html > 2. http://www.ietf.org/mail-archive/web/ietf/current/msg79959.html > 3. http://www.ietf.org/mail-archive/web/secdir/current/msg04083.html > >
- [ietf-privacy] Fwd: New Version Notification for … Stephen Farrell
- Re: [ietf-privacy] Fwd: New Version Notification … SM
- Re: [ietf-privacy] Fwd: New Version Notification … Stephen Farrell
- Re: [ietf-privacy] New Version Notification for d… S Moonesamy
- Re: [ietf-privacy] [perpass] New Version Notifica… Brian Trammell
- Re: [ietf-privacy] [perpass] New Version Notifica… Robin Wilton
- Re: [ietf-privacy] [perpass] New Version Notifica… Stephen Farrell
- Re: [ietf-privacy] [perpass] New Version Notifica… Alissa Cooper
- Re: [ietf-privacy] [perpass] New Version Notifica… Brian Trammell
- Re: [ietf-privacy] [perpass] New Version Notifica… Stephen Farrell
- Re: [ietf-privacy] New Version Notification for d… Avri Doria
- Re: [ietf-privacy] New Version Notification for d… Scott Brim
- Re: [ietf-privacy] New Version Notification for d… Stephen Farrell