[Insipid] Genart LC review: draft-ietf-insipid-logme-reqs-11
Stewart Bryant <stewart.bryant@gmail.com> Tue, 03 January 2017 15:11 UTC
Return-Path: <stewart.bryant@gmail.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC61412960D; Tue, 3 Jan 2017 07:11:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3GIlm7H5Bepd; Tue, 3 Jan 2017 07:11:37 -0800 (PST)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B614129617; Tue, 3 Jan 2017 07:11:37 -0800 (PST)
Received: by mail-wm0-x230.google.com with SMTP id c85so201572985wmi.1; Tue, 03 Jan 2017 07:11:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=H8bntGtI/3J7B6qQpjdyg/g3wkal5Ukk1smKYXqvhSo=; b=MbBN9nQFRBxhXVAxSKfb7wCjdf+oaYm2WbmTvWWSbEASCkKbTnl4/VxJIDmGjYtis7 dHOK4FEkiL8LMsJ7q4mdYJmy2hmtagVw8BpOu7swlJIvDa4k5HlxgbScttnqOjTWnM+t RS4wVX3kNibJscm1c3R5Zds50cUM4xWd69ldiMqbFUdrJkBRKccF1zniamzkh3vEv+Hv tXA2I2xBNoliLqizJxOl6sf6RaMQ5L893Y1mzroLXvWNHbmxvXFiNHTJgYTiKnb8e/a0 vlH9DOFl8zgMKLC56hQLNeNNfKiFuJckTOEq8NRYBYwDZY12+BcGKx4rDldx+d8QQdaU 565Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=H8bntGtI/3J7B6qQpjdyg/g3wkal5Ukk1smKYXqvhSo=; b=Rtq7gfgekxV7b1PH4PWGDS7UE6+C5YpLaO39IbZxbWCudX1Za4JkYLvRMylG06aMsf /aTRs2JsKSc5Izn/CE9BTzS+jqiXBwXQsLoHX4lvIos+tQyvJpmacrUvJWyiES+m5a3B hNTvGvlpf4kQY7VpZhMGFDGx5xK5XDTG6dPKpBliku3hj7gLPZ/l4Xxqgv+Xj0n0sfA2 5KsPI/J828OS0SsFv90U3TCNlNw1SZ4aoHShAFhCuVO8QYf/6tpT5hUmw++v7lyB0Y2k Ml4yt/MBFQ9yurPabIUhA8HrBS9YsXStf9TD9+BKT/Vt6cMNuTn3RBuF++omB2oDw/2k EoOQ==
X-Gm-Message-State: AIkVDXLYrN2XTUIstwKGg+kYLCL+HI1MHQj6lbTGXMjOWw0/LmCMm0meCKaZtrb9quMKcg==
X-Received: by 10.28.69.17 with SMTP id s17mr55637008wma.141.1483456295646; Tue, 03 Jan 2017 07:11:35 -0800 (PST)
Received: from [192.168.2.126] (host213-123-124-182.in-addr.btopenworld.com. [213.123.124.182]) by smtp.gmail.com with ESMTPSA id o3sm93552074wjx.39.2017.01.03.07.11.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 Jan 2017 07:11:35 -0800 (PST)
From: Stewart Bryant <stewart.bryant@gmail.com>
To: draft-ietf-insipid-logme-reqs@ietf.org, General Area Review Team <gen-art@ietf.org>, IETF Discussion <ietf@ietf.org>, insipid@ietf.org
Message-ID: <4d11bb6c-c286-0e56-282a-4003fc518eab@gmail.com>
Date: Tue, 03 Jan 2017 15:11:32 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/insipid/0LvCbju7uE-EbAttLiGwhk81XE4>
Subject: [Insipid] Genart LC review: draft-ietf-insipid-logme-reqs-11
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/insipid/>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jan 2017 15:11:40 -0000
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please treat these comments just
like any other last call comments.
For more information, please see the FAQ at
<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
Document: draft-ietf-insipid-logme-reqs-11
Reviewer: Stewart Bryant
Review Date: 2017-01-03
IETF LC End Date: 2017-01-13
IESG Telechat date: unknown
Summary: Ready with minor issue
This is a well written document that describes a useful feature in
its intended purpose. However I could not help but think that it has
an inevitable alternate use in the observation of users. There is
guidance on how to prevent this, but that seems easily ignored. Thus
the guidance from Security Area review will be of particular importance.
Major issues:
None.
Minor issues:
6.1. Trust Domain
Since a "log me" marker may cause a SIP entity to log the SIP header
and body of a request or response, the "log me" marker SHOULD be
removed at a trust domain boundary.
SB> I am not convinced that SHOULD is strong enough given that the traffic
SB> is leaving the trust domain.
Nits/editorial comments:
3.1. Network Boundary
Figure 2 shows a network boundary between GW-A1
in operator A's network and the SBC in operator B's network. A
SB> SBC needs expanding on first use.
===================
[RFC5853] gives examples of manipulating signaling to prevent the
sending network passing on sensitive information, for example
topology hiding, or the receiving network protecting itself from
signaling that is not under its control, for example protocol repair.
SB> The last sentence does not scan well.
===================
o REQ9: The "log me" marker mechanism SHOULD allow a SIP
intermediary to request logging SIP requests and responses on
behalf of the originating endpoint. The typical use case for this
requirement is for compatibility with UAs that have not
SB> UA needs expanding on first use.
- [Insipid] Genart LC review: draft-ietf-insipid-lo… Stewart Bryant
- Re: [Insipid] Genart LC review: draft-ietf-insipi… Arun Arunachalam (carunach)
- Re: [Insipid] Genart LC review: draft-ietf-insipi… Stewart Bryant