Re: [lmap] Kathleen Moriarty's No Objection on draft-ietf-lmap-framework-12: (with COMMENT)
"MORTON, ALFRED C (AL)" <acmorton@att.com> Sun, 12 April 2015 21:49 UTC
Return-Path: <acmorton@att.com>
X-Original-To: lmap@ietfa.amsl.com
Delivered-To: lmap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E43851B2C7C; Sun, 12 Apr 2015 14:49:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.511
X-Spam-Level:
X-Spam-Status: No, score=-1.511 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9vYx5NIi6eWm; Sun, 12 Apr 2015 14:49:46 -0700 (PDT)
Received: from mail-pink.research.att.com (mail-pink.research.att.com [204.178.8.22]) by ietfa.amsl.com (Postfix) with ESMTP id 648891B2C7A; Sun, 12 Apr 2015 14:49:46 -0700 (PDT)
Received: from mail-blue.research.att.com (unknown [135.207.178.11]) by mail-pink.research.att.com (Postfix) with ESMTP id B6CED120942; Sun, 12 Apr 2015 18:07:53 -0400 (EDT)
Received: from exchange.research.att.com (njfpsrvexg0.research.att.com [135.207.240.40]) by mail-blue.research.att.com (Postfix) with ESMTP id DBFC76834B; Sun, 12 Apr 2015 17:49:44 -0400 (EDT)
Received: from NJFPSRVEXG0.research.att.com ([fe80::c5dd:2310:7197:58ea]) by NJFPSRVEXG0.research.att.com ([fe80::c5dd:2310:7197:58ea%17]) with mapi; Sun, 12 Apr 2015 17:49:36 -0400
From: "MORTON, ALFRED C (AL)" <acmorton@att.com>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>
Date: Sun, 12 Apr 2015 17:49:35 -0400
Thread-Topic: [lmap] Kathleen Moriarty's No Objection on draft-ietf-lmap-framework-12: (with COMMENT)
Thread-Index: AdBya2tNqN4IBzpAQN20hquvpjkiMwC++Qcg
Message-ID: <4AF73AA205019A4C8A1DDD32C034631D01608849F4@NJFPSRVEXG0.research.att.com>
References: <20150409021752.2465.57916.idtracker@ietfa.amsl.com>
In-Reply-To: <20150409021752.2465.57916.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/lmap/GAQgDJm6YDC2vFz8M8FAr5EedsU>
Cc: "dromasca@avaya.com" <dromasca@avaya.com>, "lmap-chairs@ietf.org" <lmap-chairs@ietf.org>, "lmap@ietf.org" <lmap@ietf.org>
Subject: Re: [lmap] Kathleen Moriarty's No Objection on draft-ietf-lmap-framework-12: (with COMMENT)
X-BeenThere: lmap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Large Scale Measurement of Access network Performance <lmap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lmap>, <mailto:lmap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lmap/>
List-Post: <mailto:lmap@ietf.org>
List-Help: <mailto:lmap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lmap>, <mailto:lmap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Apr 2015 21:49:49 -0000
Hi Kathleen, > -----Original Message----- > From: lmap [mailto:lmap-bounces@ietf.org] On Behalf Of Kathleen Moriarty ... > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you for your very careful and detailed attention to security and > privacy, with options suggested to protect privacy in practice through > group ids instead of ones that identify an individual. > > I just have one question. The security considerations section has a > lower case 'must' for providing session encryption, but then the privacy > section warns that monitoring can be possible when sessions are not > encrypted. lc must is as demanding as we get in this memo, there are no 2119 terms as agreed. You may be referring to this sentence at the end of the privacy section, 8.4.4 and the figure in that section: If the Measurement Traffic is unencrypted, as found in many systems today, then both timing and limited results are open to on-path observers. The measurement traffic is distinctly different from the LMAP Control and Reporting protocols. We have ability/scope to specify requirements on the LMAP Control and Reporting protocols, and have required encryption. The measurement traffic itself is out of scope for LMAP. It may be unencrypted user traffic which we observe passively, or it may be an un-encrypted (active) stream dedicated to measurement (which is in the clear to avoid encryption processing with its impact on performance - the objective is to assess the network). But even this active measurement traffic would likely be encrypted when e2e encryption becomes the norm. > When I saw the privacy considerations, I went back to the > security section to make sure active attacks against session traffic > that was not encrypted was addressed as I didn't see this same 'must' > and by that time needed to go back to make sure something as in place. > I'm wondering why these weren't just addressed together since more > security things could happen too if sessions were not encrypted (in > other words, there could be less text, unless I am missing something and > we need more on the security side). Thanks! > Attacks on measurement traffic and their supporting protocols are covered in the relevant WG literature (e.g., IPPM and IPFIX). hope this helps, Al
- [lmap] Kathleen Moriarty's No Objection on draft-… Kathleen Moriarty
- Re: [lmap] Kathleen Moriarty's No Objection on dr… MORTON, ALFRED C (AL)