Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05

Stephen Farrell <> Fri, 30 January 2015 19:40 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A10781A1BA3; Fri, 30 Jan 2015 11:40:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UzmvVD7JncUw; Fri, 30 Jan 2015 11:40:49 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 10CB31A1B9E; Fri, 30 Jan 2015 11:40:49 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id C3B2EBE9A; Fri, 30 Jan 2015 19:41:19 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6aBMCW6tk-xz; Fri, 30 Jan 2015 19:41:18 +0000 (GMT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 79758BE8E; Fri, 30 Jan 2015 19:41:18 +0000 (GMT)
Message-ID: <>
Date: Fri, 30 Jan 2015 19:40:45 +0000
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Cyrus Daboo <>, Eliot Lear <>, Daniel Kahn Gillmor <>, Daniel Migault <>,
References: <> <> <> <> <> <7C672BF606D0621F4E873E1C@cyrus.local>
In-Reply-To: <7C672BF606D0621F4E873E1C@cyrus.local>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <>
Cc: Time Zone Data Distribution Service <>
Subject: Re: [ietf-privacy] [Tzdist] [saag] Fwd: WGLC for draft-ietf-tzdist-service-05
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 30 Jan 2015 19:40:51 -0000

Hi Cyrus,

On 30/01/15 16:39, Cyrus Daboo wrote:
> Whilst that is true I don't think we should be required to deal with
> issues that are generic to HTTP itself (and in some cases already
> covered in the base HTTP specs - e.g. server log information). 

I think that's fair, but could you also watch out to see if
there is (or is not) a 3rd category of issue which isn't
generic to HTTP or covered in HTTP specs but is also not
specific to tzdist? What I mean is that there could be
things identified here that would affect some but not all
protocols layered on HTTP. For example, it could be that using
HTTP at startup or periodically to make the same requests
causes some issue(s) that fall into this category. Another
way to think about this category would be things that you
don't want to put in the tzdist spec but that you also don't
think the httpbis WG would have agreed to put into the base
HTTP spec.

Regardless of whether or not those end up documented in
tzdist, noting them and that they're of this nature could
be useful.

> Once I
> get a chance to look over Daniel's comments in depth (and a big thank
> you to him for taking the time to do a through analysis), I will try and
> propose some text for a Privacy Considerations section - the first
> statement in that will be a reference to the various sections in the
> 7230-7234 document suite that are relevant. There will be issues
> specific to tzdist that we definitely need to address.

It is a really excellent review, yes.