[ietf-privacy] cursory PPM Review of RFC 4368

David Singer <singer@apple.com> Tue, 27 May 2014 22:04 UTC

Return-Path: <singer@apple.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66A711A073C for <ietf-privacy@ietfa.amsl.com>; Tue, 27 May 2014 15:04:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.652
X-Spam-Level:
X-Spam-Status: No, score=-2.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dqhaKPkTf3ZE for <ietf-privacy@ietfa.amsl.com>; Tue, 27 May 2014 15:03:45 -0700 (PDT)
Received: from mail-in2.apple.com (mail-out2.apple.com [17.151.62.25]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 345FA1A0793 for <ietf-privacy@ietf.org>; Tue, 27 May 2014 15:03:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1401228220; x=2265141820; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=xvlmlii4suGAp9RsBYPDzFfg1eY9M7wdhJtHMO5gUFQ=; b=LrKNjCm/LQcPXISmfH3Si3oboXT7tE5QKi9phquLWWXiAYC6FtnOwibl8dml8PcO +lkoZgSqoCn5+Xb3gbNot5UDn8F6Huel3ZMAVnBNDHCj0p3bURjosC/+CrTBJ46H hupPbPSoINYowwPpBmPC7z/KM3hXNZFurn2uEYxTO0qJsrgVE+lO4gbNwWBpbyk1 /TPfynazi71nKtBOo4N1BHc4w6I96SRxC2tNDFn67xvlDTjsyG6e1Rx6NcHNg9ce YTz+JI5NJFjYKMtaoHx2Kt5Au1Oai2yeWNvjy/lLskpLbzL0Ke/GTj+mmV7V1dDo vHp9b3kZv0XAQGxF+ogAkw==;
Received: from mail-out.apple.com (mail-out.apple.com [17.151.62.49]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by mail-in2.apple.com (Apple Secure Mail Relay) with SMTP id D7.28.28692.CBB05835; Tue, 27 May 2014 15:03:40 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from relay3.apple.com ([17.128.113.83]) by local.mail-out.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTP id <0N69003QB6LX7MU1@local.mail-out.apple.com> for ietf-privacy@ietf.org; Tue, 27 May 2014 15:03:40 -0700 (PDT)
X-AuditID: 11973e11-f79e06d000007014-7b-53850bbcd5c1
Received: from marigold.apple.com (marigold.apple.com [17.128.115.132]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by relay3.apple.com (Apple SCV relay) with SMTP id 4C.54.14927.EBB05835; Tue, 27 May 2014 15:03:42 -0700 (PDT)
Received: from singda.apple.com (singda.apple.com [17.201.24.241]) by marigold.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTPSA id <0N6900LNR6M4HN50@marigold.apple.com> for ietf-privacy@ietf.org; Tue, 27 May 2014 15:03:40 -0700 (PDT)
From: David Singer <singer@apple.com>
Message-id: <98DAB0D0-455B-4B9A-8158-24AB5D6B6A5F@apple.com>
Date: Tue, 27 May 2014 15:03:37 -0700
To: ietf-privacy@ietf.org
X-Mailer: Apple Mail (2.1874)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprJLMWRmVeSWpSXmKPExsUiON3OUHcPd2uwwZflehaHrzawOzB6LFny kymAMYrLJiU1J7MstUjfLoErY1XfGcaCj2wVJ26uYm9gvMfaxcjJISFgIvG/bR8jhC0mceHe erYuRi4OIYFZTBL7XjczgSR4BQQlfky+x9LFyMHBLCAvcfC8LEiYWUBL4vujVhaI+jlMEuu/ 3WKEGfrw8TFWiMQkJonuZ5+ZIZylTBINrzuZQarYBFQlHsw5BtYhLKAuMeHBalaQDbwCNhKf pyWBhFmASnoenAY7QkRAUqL56nZ2iAWyEo8+NIFtlhA4zSqx5ccctgmMgrOQHDsL4dhZSI5d wMi8ilEoNzEzRzczz0gvsaAgJ1UvOT93EyMkLAV3MB5fZXWIUYCDUYmHV2JZS7AQa2JZcWXu IUZpDhYlcd75t+uDhQTSE0tSs1NTC1KL4otKc1KLDzEycXBKNTDO0+fP+Ltf9IzFh3/7/X43 xX+cnPjx39KZsvaM090LFyufvnbpGs+xohTn/yV6HemPXnzll0nmvZFhGf7k8tfqJ4FW5vkb 7PL22UrZ2igFfrz2/Fx9t6bEQuuWU4+lD95Jbti3Pv2f+N+0iyoG6Vtidt35JXWpT+hsyGcb mWMr0xtNOa6VM/AosRRnJBpqMRcVJwIAEEZ6OSwCAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkluLIzCtJLcpLzFFi42IRbChu0d3H3RpssP2jksXhqw3sDoweS5b8 ZApgjOKySUnNySxLLdK3S+DKaLh4gbWglb3i5Yf9zA2Mz1m7GDk5JARMJB4+PgZli0lcuLee rYuRi0NIYBKTxK8tBxkhnKVMEg2vO5lBqtgEVCUezDnGCGIzC2hJrN95nAnC1pZ48u4C2CRh AXWJCQ9WA9kcHLwCNhKfpyWBhFmAWnsenAYrFxGQlGi+up0dxOYV0JM4c/YXO8QRshKPPjSx TGDknYVkwywkG2YhaVnAyLyKUaAoNSex0lgvsaAgJ1UvOT93EyM4YAqDdzD+WWZ1iFGAg1GJ h/fA4pZgIdbEsuLK3EOMEhzMSiK8pz8BhXhTEiurUovy44tKc1KLDzFKc7AoifNeuFkfLCSQ nliSmp2aWpBaBJNl4uCUamBUrj325tEa+abEj/leT87o/zvQ+O7p3coNpfcfBhSziD/JrFwX +k/HxWOq6rly1T/KF98xf12y5t7ZM4uqvTQF180RvpTVUB10zEiuP65o4X6O1pCC3/viHPOr Wjv/mGxZvlimj/3i3xQ504WPVznPsZnI9Pn25AZPvp0Ssc//a9SkVZ6O3PRZiaU4I9FQi7mo OBEAw+rOVhQCAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/qkAc885hCxECCgrd0uTiVvRlJMI
Subject: [ietf-privacy] cursory PPM Review of RFC 4368
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 May 2014 22:04:09 -0000

<http://tools.ietf.org/html/rfc4368>

This is about low-level access (SNMP) to low-level (multi-protocol switching) network information, and has an apparently well-developed security considerations. Privacy is only mentioned once:
"It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy)."

Since not even IP addresses are exposed, or traffic details, it's hard to see direct privacy implications here. However, the whole area of being able to interrogate network equipment over protocols such as SNMP might well have such implications (e.g. if it's possible to work out which addresses a given IP address is communicating with). 


David Singer
Manager, Software Standards, Apple Inc.