[ietf-privacy] cursory PPM Review of RFC 4368
David Singer <singer@apple.com> Tue, 27 May 2014 22:04 UTC
Return-Path: <singer@apple.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 66A711A073C
for <ietf-privacy@ietfa.amsl.com>; Tue, 27 May 2014 15:04:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.652
X-Spam-Level:
X-Spam-Status: No, score=-2.652 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id dqhaKPkTf3ZE for <ietf-privacy@ietfa.amsl.com>;
Tue, 27 May 2014 15:03:45 -0700 (PDT)
Received: from mail-in2.apple.com (mail-out2.apple.com [17.151.62.25])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 345FA1A0793
for <ietf-privacy@ietf.org>; Tue, 27 May 2014 15:03:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s;
c=relaxed/simple;
q=dns/txt; i=@apple.com; t=1401228220; x=2265141820;
h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type:
Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
bh=xvlmlii4suGAp9RsBYPDzFfg1eY9M7wdhJtHMO5gUFQ=;
b=LrKNjCm/LQcPXISmfH3Si3oboXT7tE5QKi9phquLWWXiAYC6FtnOwibl8dml8PcO
+lkoZgSqoCn5+Xb3gbNot5UDn8F6Huel3ZMAVnBNDHCj0p3bURjosC/+CrTBJ46H
hupPbPSoINYowwPpBmPC7z/KM3hXNZFurn2uEYxTO0qJsrgVE+lO4gbNwWBpbyk1
/TPfynazi71nKtBOo4N1BHc4w6I96SRxC2tNDFn67xvlDTjsyG6e1Rx6NcHNg9ce
YTz+JI5NJFjYKMtaoHx2Kt5Au1Oai2yeWNvjy/lLskpLbzL0Ke/GTj+mmV7V1dDo
vHp9b3kZv0XAQGxF+ogAkw==;
Received: from mail-out.apple.com (mail-out.apple.com [17.151.62.49])
(using TLS with cipher RC4-MD5 (128/128 bits))
(Client did not present a certificate)
by mail-in2.apple.com (Apple Secure Mail Relay) with SMTP id
D7.28.28692.CBB05835; Tue, 27 May 2014 15:03:40 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from relay3.apple.com ([17.128.113.83]) by local.mail-out.apple.com
(Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct
22 2013))
with ESMTP id <0N69003QB6LX7MU1@local.mail-out.apple.com> for
ietf-privacy@ietf.org; Tue, 27 May 2014 15:03:40 -0700 (PDT)
X-AuditID: 11973e11-f79e06d000007014-7b-53850bbcd5c1
Received: from marigold.apple.com (marigold.apple.com [17.128.115.132])
(using TLS with cipher RC4-MD5 (128/128 bits))
(Client did not present a certificate) by relay3.apple.com (Apple SCV relay)
with SMTP id 4C.54.14927.EBB05835; Tue, 27 May 2014 15:03:42 -0700 (PDT)
Received: from singda.apple.com (singda.apple.com [17.201.24.241])
by marigold.apple.com
(Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013))
with ESMTPSA id <0N6900LNR6M4HN50@marigold.apple.com> for
ietf-privacy@ietf.org; Tue, 27 May 2014 15:03:40 -0700 (PDT)
From: David Singer <singer@apple.com>
Message-id: <98DAB0D0-455B-4B9A-8158-24AB5D6B6A5F@apple.com>
Date: Tue, 27 May 2014 15:03:37 -0700
To: ietf-privacy@ietf.org
X-Mailer: Apple Mail (2.1874)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprJLMWRmVeSWpSXmKPExsUiON3OUHcPd2uwwZflehaHrzawOzB6LFny
kymAMYrLJiU1J7MstUjfLoErY1XfGcaCj2wVJ26uYm9gvMfaxcjJISFgIvG/bR8jhC0mceHe
erYuRi4OIYFZTBL7XjczgSR4BQQlfky+x9LFyMHBLCAvcfC8LEiYWUBL4vujVhaI+jlMEuu/
3WKEGfrw8TFWiMQkJonuZ5+ZIZylTBINrzuZQarYBFQlHsw5BtYhLKAuMeHBalaQDbwCNhKf
pyWBhFmASnoenAY7QkRAUqL56nZ2iAWyEo8+NIFtlhA4zSqx5ccctgmMgrOQHDsL4dhZSI5d
wMi8ilEoNzEzRzczz0gvsaAgJ1UvOT93EyMkLAV3MB5fZXWIUYCDUYmHV2JZS7AQa2JZcWXu
IUZpDhYlcd75t+uDhQTSE0tSs1NTC1KL4otKc1KLDzEycXBKNTDO0+fP+Ltf9IzFh3/7/X43
xX+cnPjx39KZsvaM090LFyufvnbpGs+xohTn/yV6HemPXnzll0nmvZFhGf7k8tfqJ4FW5vkb
7PL22UrZ2igFfrz2/Fx9t6bEQuuWU4+lD95Jbti3Pv2f+N+0iyoG6Vtidt35JXWpT+hsyGcb
mWMr0xtNOa6VM/AosRRnJBpqMRcVJwIAEEZ6OSwCAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkluLIzCtJLcpLzFFi42IRbChu0d3H3RpssP2jksXhqw3sDoweS5b8
ZApgjOKySUnNySxLLdK3S+DKaLh4gbWglb3i5Yf9zA2Mz1m7GDk5JARMJB4+PgZli0lcuLee
rYuRi0NIYBKTxK8tBxkhnKVMEg2vO5lBqtgEVCUezDnGCGIzC2hJrN95nAnC1pZ48u4C2CRh
AXWJCQ9WA9kcHLwCNhKfpyWBhFmAWnsenAYrFxGQlGi+up0dxOYV0JM4c/YXO8QRshKPPjSx
TGDknYVkwywkG2YhaVnAyLyKUaAoNSex0lgvsaAgJ1UvOT93EyM4YAqDdzD+WWZ1iFGAg1GJ
h/fA4pZgIdbEsuLK3EOMEhzMSiK8pz8BhXhTEiurUovy44tKc1KLDzFKc7AoifNeuFkfLCSQ
nliSmp2aWpBaBJNl4uCUamBUrj325tEa+abEj/leT87o/zvQ+O7p3coNpfcfBhSziD/JrFwX
+k/HxWOq6rly1T/KF98xf12y5t7ZM4uqvTQF180RvpTVUB10zEiuP65o4X6O1pCC3/viHPOr
Wjv/mGxZvlimj/3i3xQ504WPVznPsZnI9Pn25AZPvp0Ssc//a9SkVZ6O3PRZiaU4I9FQi7mo
OBEAw+rOVhQCAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/qkAc885hCxECCgrd0uTiVvRlJMI
Subject: [ietf-privacy] cursory PPM Review of RFC 4368
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 May 2014 22:04:09 -0000
<http://tools.ietf.org/html/rfc4368> This is about low-level access (SNMP) to low-level (multi-protocol switching) network information, and has an apparently well-developed security considerations. Privacy is only mentioned once: "It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy)." Since not even IP addresses are exposed, or traffic details, it's hard to see direct privacy implications here. However, the whole area of being able to interrogate network equipment over protocols such as SNMP might well have such implications (e.g. if it's possible to work out which addresses a given IP address is communicating with). David Singer Manager, Software Standards, Apple Inc.
- [ietf-privacy] cursory PPM Review of RFC 4368 David Singer