[ietf-privacy] PPM Review of RFCs 4590 and 5090

Eliot Lear <lear@cisco.com> Thu, 22 May 2014 11:50 UTC

Return-Path: <lear@cisco.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFAA91A018E for <ietf-privacy@ietfa.amsl.com>; Thu, 22 May 2014 04:50:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.152
X-Spam-Level:
X-Spam-Status: No, score=-10.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMIqU50MpUBG for <ietf-privacy@ietfa.amsl.com>; Thu, 22 May 2014 04:50:37 -0700 (PDT)
Received: from aer-iport-3.cisco.com (aer-iport-3.cisco.com [173.38.203.53]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 337A81A0190 for <ietf-privacy@ietf.org>; Thu, 22 May 2014 04:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=348; q=dns/txt; s=iport; t=1400759436; x=1401969036; h=message-id:date:from:mime-version:to:subject: content-transfer-encoding; bh=NwJaJyXcxSnH0sB8L1ba13K6qtqOslXvD9bBWQuhtmU=; b=LnxT+D++5a8iGcCfskfFkCB/XdzU5nK8B73+nCcFEjH80Bl/UekEze0t jXsTJxXj/aCXEaB5/+b9wppz2vzxQXqizZexRqmfmUh4mX4ymQLSXvn90 6d4QoIVnLWNzKxOZsEvYWsIE6P8OXotBJ8zln3E3VMXrJYDOYQdvExBO+ k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ap8EALjjfVOtJssW/2dsb2JhbABZhxzBLoEwdIJPgQsCBSECEQJZCAEBiD2hZ48ipT0XgSqNQYJfgUsBA5lwkyWDOjs
X-IronPort-AV: E=Sophos;i="4.98,887,1392163200"; d="scan'208";a="53995737"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-3.cisco.com with ESMTP; 22 May 2014 11:50:34 +0000
Received: from ELEAR-M-C3ZS.CISCO.COM ([10.61.214.143]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id s4MBoYeI011849 for <ietf-privacy@ietf.org>; Thu, 22 May 2014 11:50:34 GMT
Message-ID: <537DE489.60705@cisco.com>
Date: Thu, 22 May 2014 13:50:33 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: ietf-privacy@ietf.org
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/rp0d324db6fzjQJeOmt7cUkjcHk
Subject: [ietf-privacy] PPM Review of RFCs 4590 and 5090
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 May 2014 11:50:39 -0000

RFC-4590 (the one the tool selected) is obsoleted by RFC 5090. The
attributes defined are shared in clear text. Section 8 goes into this. 
Radius issues are well known.  An additional layer of security is
necessary to protect user information.  These two docs talk about
IPSEC.  An alternative would be diameter or something akin to Moonshot.