Re: Last Call: <draft-hardie-privsec-metadata-insertion-05.txt> (Design considerations for Metadata Insertion) to Informational RFC
Ted Hardie <ted.ietf@gmail.com> Thu, 23 February 2017 23:40 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADEF6129C68; Thu, 23 Feb 2017 15:40:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2rDZWxm9HKlr; Thu, 23 Feb 2017 15:40:19 -0800 (PST)
Received: from mail-oi0-x235.google.com (mail-oi0-x235.google.com [IPv6:2607:f8b0:4003:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2E96129C55; Thu, 23 Feb 2017 15:40:19 -0800 (PST)
Received: by mail-oi0-x235.google.com with SMTP id 65so3427820oig.1; Thu, 23 Feb 2017 15:40:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=KJKbH4J6SyxjqPhDPA3Duv0Jl3NUGFcSTLa/Y9N5eEg=; b=a8Rr+VT0SGWStoSnBuuND/EfAcapEudDWjZfcYcZsHEeAewqWEluDFFi7cVO/+Qv5g 5fipM1szzecW2idUneMC0r5coQZC59VgUjEmaWU8vmbrFgUNW7/qh12uXQanq+HKvJP+ Vob+1ehL1QaxwQxXJJmIanYaGkG+1zhJ93c2N2ds73sbfRb1MWhOPKedDkcx12bCSwPS zI+KRNHdy4uojzQ8ohdwugHc9WogW1g0Hw15XHg8d4kRRWi11eHxgEy6M6XHGAnzmmIw BwQU60KlgZIK3MwEm4HVmXuV6soT/SzXEhKUdcEMycvI+/0HWbL2TXk9ul0LuyELaVMW 1beQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=KJKbH4J6SyxjqPhDPA3Duv0Jl3NUGFcSTLa/Y9N5eEg=; b=Bl4KY+nse6VuxfuwrM3NFcH9ShTyM9RfgRN1fBn1NS0MUoq4C/LFfXDtjRgD8o+Ese ajPF0YjLnpNYxZc1INEuxlcawgl7JXjmGRSF0m56fMkC59PLvjvz8UwZIJsi1pyytKIT TzLOdDZdfFSVjfWkzO+r1OAWN64XDeQTshxIxBj4QF8AErc/ZGX0xV4h65pzykn0p3gV JsaD3L4JRMZn0nzTnPNJwZzfGHfKJlFLaYF/oy/ivVIY1jgDoCa/IK0D/TTFD2onih5H Fc7Qq5YWSR3OrZvx9CiLlYdIxv84hYVxT8LejC4cRW/0Eut06nfWrtyF1UNkLL+bwGW2 xmDg==
X-Gm-Message-State: AMke39ncLiW4oRMByOoH6KyLblbV3+VU+9HejcocP1alooRWXoC488JNiDhTWIu5eR3qk5RiLc2MU8nSIVET6A==
X-Received: by 10.202.72.6 with SMTP id v6mr617138oia.177.1487893218761; Thu, 23 Feb 2017 15:40:18 -0800 (PST)
MIME-Version: 1.0
Received: by 10.74.142.85 with HTTP; Thu, 23 Feb 2017 15:39:48 -0800 (PST)
In-Reply-To: <787AE7BB302AE849A7480A190F8B933009E16627@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <148527996733.12573.15522530300481191993.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B933009DEB0B5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CA+9kkMC8d9dRGA0mYm-ALbZOnnq6LTLE=56imUFqK9JZ0wC=pw@mail.gmail.com> <787AE7BB302AE849A7480A190F8B933009E16627@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 23 Feb 2017 15:39:48 -0800
Message-ID: <CA+9kkMBw-QbaDzDanWs6sH-z7rEteofCvp8-d-qSf9J31zJykA@mail.gmail.com>
Subject: Re: Last Call: <draft-hardie-privsec-metadata-insertion-05.txt> (Design considerations for Metadata Insertion) to Informational RFC
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Content-Type: multipart/alternative; boundary="001a113db248c4a3e305493b227f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/0JCjvUqy5L7NFyY9g_n8HdEmPIc>
Cc: "draft-hardie-privsec-metadata-insertion@ietf.org" <draft-hardie-privsec-metadata-insertion@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Feb 2017 23:40:21 -0000
HI Mohamad, Thanks for rechecking; some further comments in-line. On Wed, Feb 22, 2017 at 11:21 PM, <mohamed.boucadair@orange.com> wrote: > Hi Ted, > > > > Thank you for the reply and for implementing these changes. > > > > I checked the diff, but I’m afraid the -06 version has the same issues as > the ones I reported in January 31. > > > I did respond to the particular comments and text proposals, so I assume this is the more general issue. If I understand correctly, you would prefer this document to be structured as a revision to the threat model document or connected to a larger consideration of the issues. I understand that, and it was considered, but I believe that this format is still the most effective for the narrow issue it addresses. >From that flow some of your other concerns about audience, at least as I understand. As written, this is narrow advice for a broad audience: basically, anyone who would consider the form of metadata insertion it describes. You would, if I understand you, prefer a narrower description of the audience in a larger context. > I’m reiterating that most of my comments are still unaddressed in -06. > > > I realize that the document did not change to address the audience or document integration you preferred; I think there we simply disagree on how to make this advice effective. I'm sorry that first message apparently did not describe the disagreement effectively. If I have misunderstood your comments, please accept my apologies. I would be happy of further clarification and suggested text to illustrate your preferences would be especially welcome. thanks, Ted Hardie > Cheers, > > Med > > > > *De :* Ted Hardie [mailto:ted.ietf@gmail.com] > *Envoyé :* mercredi 22 février 2017 23:09 > *À :* BOUCADAIR Mohamed IMT/OLN > *Cc :* ietf@ietf.org; draft-hardie-privsec-metadata-insertion@ietf.org > *Objet :* Re: Last Call: <draft-hardie-privsec-metadata-insertion-05.txt> > (Design considerations for Metadata Insertion) to Informational RFC > > > > Hi Mohamed, > > Thanks for your review. I've uploaded a draft -06 with updates from your > and other reviews. Some notes in-line. > > > > On Tue, Jan 31, 2017 at 1:49 AM, <mohamed.boucadair@orange.com> wrote: > > Dear Ted, > > Please find below my general review of the document and also my detailed > comments. > > * Overall: > - I don't think the document is ready to be published as it is. It does > not discuss the usability and implications of the advice. Further, it may > be interpreted that a client/end system/user can always by itself populate > data that is supplied by on-path nodes (in current deployments). That's > assumption is not true for some protocols. > - The purpose of publishing this advice is not clear. For example, how > this advice will be implemented in practice? What is its scope? > - I would personally prefer an updated version of RFC7258 with more strict > language on the privacy-related considerations. This is more actionable > with concrete effects in documents that will required to include a > discussion on privacy related matters. > > Detailed comments are provided below: > > * The abstract says the following: > > The IAB has published [RFC7624] in response to several revelations of > pervasive attack on Internet communications. This document considers > the implications of protocol designs which associate metadata with > encrypted flows. In particular, it asserts that designs which do so > by explicit actions of the end system are preferable to designs in > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > which middleboxes insert them. > > I suggest you explicit what is meant by "the end system". > > > > I have updated this to clarify that this is the host/end system not the > user. > > > If you mean the owner/user, then the text should say so. If you mean a > client software instance, then bugs/inappropriate default values may lead > to (privacy leak) surprises too. It was reported in the past that some > browsers inject the MSISDN too. > > * Introduction: "To ensure that the Internet can be trusted by users" > > Rather « To minimize the risk of Internet-originated attacks targeted at > users ». > > > > I've adopted this language. > > > > It's reasonable to claim the Internet can be trusted by users; see how the > usage of social networks has become severely twisted for example > > > > I've also considered your point that an updated version of RFC7258 might > be a better outlet for advice like this. We did consider several > approaches, including incorporating the text in an update to RFC 3552 or > as part of a document describing the full set of companion mitigations to > the threats in RFC 7624 (draft-iab-privsec-confidentiality-mitigations > would be one approach). Those are all valid approaches, but it seemed that > short, easily read documents tackling a single point might be easier to > produce and consume. > > Thanks again for your review, > > Ted Hardie > > >
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Ted Hardie
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Stephen Farrell
- RE: Last Call: <draft-hardie-privsec-metadata-ins… mohamed.boucadair
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Stephen Farrell
- Re: Last Call: <draft-hardie-privsec-metadata-ins… Stephen Farrell