[Int-area] Roman Danyliw's No Objection on draft-ietf-intarea-rfc7042bis-10: (with COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Mon, 16 October 2023 18:44 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: int-area@ietf.org
Delivered-To: int-area@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 63754C14CE36; Mon, 16 Oct 2023 11:44:18 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-intarea-rfc7042bis@ietf.org, intarea-chairs@ietf.org, int-area@ietf.org, ggx@gigix.net, ggx@gigix.net
X-Test-IDTracker: no
X-IETF-IDTracker: 11.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <169748185839.53010.3541558488476557529@ietfa.amsl.com>
Date: Mon, 16 Oct 2023 11:44:18 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/BfFOf8M6CjsBefUKefraS1Ncw6k>
Subject: [Int-area] Roman Danyliw's No Objection on draft-ietf-intarea-rfc7042bis-10: (with COMMENT)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.39
List-Id: IETF Internet Area WG Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Oct 2023 18:44:18 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-intarea-rfc7042bis-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-intarea-rfc7042bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Kyle Rose for the SECDIR review. Section 6. Since specific security concerns around MAC addresses were cite, I would recommend being more comprehensive. OLD See [RFC7043] for security considerations on storing MAC addresses in the DNS. NEW (rough text) MAC addresses can be used as an identifier for tracking users and devices. See [draft-ietf-madinas-mac-address-randomization] for related privacy considerations and a discussion of MAC address randomization to partially mitigate this threat. Additionally, see [RFC7043] for the security and privacy considerations of publishing MAC addresses in DNS. MAC addresses are an identifier provided by a device to the network. On certain devices, MAC addresses are not static, and can be configured. The network should exercise caution when using these addresses to enforce policy (e.g., addresses can be spoofed, and previously seen devices can return to the network with a new address).
- [Int-area] Roman Danyliw's No Objection on draft-… Roman Danyliw via Datatracker
- Re: [Int-area] Roman Danyliw's No Objection on dr… Donald Eastlake