Re: Last Call: <draft-ietf-insipid-session-id-reqts-08.txt> (Requirements for an End-to-End Session Identification in IP-Based Multimedia Communication Networks) to Informational RFC
"Paul E. Jones" <paulej@packetizer.com> Mon, 16 September 2013 05:27 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66F4E11E81F7 for <ietf@ietfa.amsl.com>; Sun, 15 Sep 2013 22:27:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GjFs8rQCt8SP for <ietf@ietfa.amsl.com>; Sun, 15 Sep 2013 22:27:17 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) by ietfa.amsl.com (Postfix) with ESMTP id 1AD4B11E81C3 for <ietf@ietf.org>; Sun, 15 Sep 2013 22:27:16 -0700 (PDT)
Received: from dyn-219.arid.us (rrcs-98-101-148-48.midsouth.biz.rr.com [98.101.148.48]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id r8G5RFSe001038 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Mon, 16 Sep 2013 01:27:16 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1379309236; bh=rbhBh0qMQEYc5OUKwqQmeFEcSHJCfnGgfZzXmge6JzM=; h=In-Reply-To:References:MIME-Version:Content-Type:Subject:From: Date:To:Message-ID; b=CH3yBJY6RatNC1kDpNWhLeI+r0zG6jZak6DjFLDNTMAu8XlwG8OJQ52Tpt5CeP3RX 9smg8YohDhQ8i3t5LTsc4UlkuWspUjD35n5MFAU/hD8CCWx/pn0pL2zQW4eNb3LgBl /e8C1tIKgsBgQBDt/s3wd8BnFll/bLanSHOsYtyI=
User-Agent: Kaiten Mail
In-Reply-To: <6.2.5.6.2.20130914084457.0dd0b0a8@resistor.net>
References: <20130910164051.26974.65993.idtracker@ietfa.amsl.com> <6.2.5.6.2.20130914084457.0dd0b0a8@resistor.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----AIOBLLOOFLUNNG396OWMVH90TUTZGW"
Subject: Re: Last Call: <draft-ietf-insipid-session-id-reqts-08.txt> (Requirements for an End-to-End Session Identification in IP-Based Multimedia Communication Networks) to Informational RFC
From: "Paul E. Jones" <paulej@packetizer.com>
Date: Mon, 16 Sep 2013 01:27:06 -0400
To: SM <sm@resistor.net>, ietf@ietf.org
Message-ID: <dceda85c-b101-4d01-9f39-7317166bd2cf@email.android.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2013 05:27:22 -0000
I don't have that spec in front of me, but if it is used directly, that would reveal personally identifiable information. I would hope it is used as input into a hash out something. The solution spec we're developing would certainly not use such a value directly or allow it to be derived. Paul -------- Original Message -------- From: SM <sm@resistor.net> Sent: Sat Sep 14 12:03:30 EDT 2013 To: ietf@ietf.org Subject: Re: Last Call: <draft-ietf-insipid-session-id-reqts-08.txt> (Requirements for an End-to-End Session Identification in IP-Based Multimedia Communication Networks) to Informational RFC At 09:40 10-09-2013, The IESG wrote: >The IESG has received a request from the INtermediary-safe SIP session ID >WG (insipid) to consider the following document: >- 'Requirements for an End-to-End Session Identification in IP-Based > Multimedia Communication Networks' > <draft-ietf-insipid-session-id-reqts-08.txt> as Informational RFC > >The IESG plans to make a decision in the next few weeks, and solicits >final comments on this action. Please send substantive comments to the >ietf@ietf.org mailing lists by 2013-09-24. Exceptionally, comments may be Section 4.5 of the draft discusses about logging. It mentions that "creating a common header field value through all SIP entities will greatly reduce any challenge for the purpose of" ... "communication tracking". I look a quick look at Reference [6]. It mentions that the IMEI shall be used for generating an identifier. Is the IMEI covered by REQ4? Regards, -sm