IETF Logo Mail Archive

Re: [MIB-DOCTORS] Change the boilerplate - Alissa's DISCUSS

Alissa Cooper <alissa@cooperw.in> Thu, 10 July 2014 15:28 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: mib-doctors@ietfa.amsl.com
Delivered-To: mib-doctors@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51DC51A043D for <mib-doctors@ietfa.amsl.com>; Thu, 10 Jul 2014 08:28:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lanjd1al5ul8 for <mib-doctors@ietfa.amsl.com>; Thu, 10 Jul 2014 08:28:02 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C6061A0233 for <mib-doctors@ietf.org>; Thu, 10 Jul 2014 08:28:02 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.mail.srv.osa [10.202.2.42]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id F1FA021B5F for <mib-doctors@ietf.org>; Thu, 10 Jul 2014 11:27:59 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute2.internal (MEProxy); Thu, 10 Jul 2014 11:27:59 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=date :subject:from:to:cc:message-id:references:in-reply-to :mime-version:content-type:content-transfer-encoding; s=mesmtp; bh=CdYOHvx7IhX9RQua5TUpQbZdraE=; b=Rl2QU5q7ZJsiFfvr2fWsIBqfWzot tMfKcIM+/nWkUGJ0E4u3rF2fFeh/KnIYsdTIFOmiU5vQW1InQXvZi1D6UvmtXTYh /IIWZsuApgu+RgM8gfGyHvi32cgKqTIqZiYmSexFqoiDYiiuVZsi97Q+sV9omoNs ZQP8n6pfJVlVBw8=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=date:subject:from:to:cc:message-id :references:in-reply-to:mime-version:content-type :content-transfer-encoding; s=smtpout; bh=CdYOHvx7IhX9RQua5TUpQb ZdraE=; b=O6ej8BINoYPsExzN3miRZVjge4zWZCy0XfVhnqKPM243/u+ztBsYwu lt2+T/0QU6uc+d2dGL7debHRUbEP4qDYzD4TcjzqhSNo1Gal5Akg/MNEmceq29a2 BOUwpaxJpaLq0YMbp+tL/YjpH+VoHprx84GK4DvUveWUtZKVktSm4=
X-Sasl-enc: lh/+rwGUTqbmrc8vpoeFMsrkhHigLYvH195RRo0K6Zv8 1405006079
Received: from [171.68.18.44] (unknown [171.68.18.44]) by mail.messagingengine.com (Postfix) with ESMTPA id E22EEC007AE; Thu, 10 Jul 2014 11:27:56 -0400 (EDT)
User-Agent: Microsoft-MacOutlook/14.3.9.131030
Date: Thu, 10 Jul 2014 08:27:52 -0700
From: Alissa Cooper <alissa@cooperw.in>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, Benoit Claise <bclaise@cisco.com>
Message-ID: <CFE3FCE9.45FFF%alissa@cooperw.in>
Thread-Topic: [MIB-DOCTORS] Change the boilerplate - Alissa's DISCUSS
References: <CFE17DDA.458C3%alissa@cooperw.in> <53BC5081.6090809@cisco.com> <53BD6690.2040102@cisco.com> <53BE3D7E.2090302@bwijnen.net> <9904FB1B0159DA42B0B887B7FA8119CA5C83CC03@AZ-FFEXMB04.global.avaya.com> <53BE9F74.9080705@cisco.com> <20140710151138.GB90581@elstar.local>
In-Reply-To: <20140710151138.GB90581@elstar.local>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/mib-doctors/dBiuV7OhDN6GYJ2pCCetYNgirN0
X-Mailman-Approved-At: Thu, 10 Jul 2014 09:10:44 -0700
Cc: Adrian Farrel <adrian@olddog.co.uk>, sec-ads@tools.ietf.org, "MIB Doctors (E-mail)" <mib-doctors@ietf.org>
Subject: Re: [MIB-DOCTORS] Change the boilerplate - Alissa's DISCUSS
X-BeenThere: mib-doctors@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: MIB Doctors list <mib-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mib-doctors>, <mailto:mib-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mib-doctors/>
List-Post: <mailto:mib-doctors@ietf.org>
List-Help: <mailto:mib-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mib-doctors>, <mailto:mib-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jul 2014 15:28:04 -0000

Perhaps rather than re-discussing the boilerplate, we could discuss what
the purpose of the boilerplate is.

If the purpose of the boilerplate is to provide text that authors can look
at and say, “yes, in the case of this document, the boilerplate fully
covers the security considerations of the MIB being specified,” then I
think it’s a great thing to have. If the purpose of the boilerplate is to
keep any additional security consideration not covered in the boilerplate
from being addressed in a MIB document, then it seems overly constricting.

Security considerations change over time. I’m assuming that home/device
energy monitoring wasn’t really top of mind when SNMP was developed or
when the boilerplate was originally written. So it’s not surprising that
new security issues are arising that aren’t addressed within the
boilerplate. If the boilerplate were just a suggestion of text and not a
limitation on what can be documented, we could accommodate the changing
times fairly easily.

In my original DISCUSS, all I suggested was text that could be provided in
addition to the boilerplate:

"In certain situations, energy and power monitoring can reveal sensitive
information about individuals' activities and habits. Implementors of this
specification should use appropriate privacy protections as discussed in
Section 9 of RFC 6988 and monitoring of individuals and homes should only
occur
with proper authorization.”

I have not had time to look at Stephen’s comments but I agree with him and
Bert that adding a special section or extra text to discuss privacy
concerns in the IoT-related documents is the right way to go.

Alissa


On 7/10/14, 8:11 AM, "Juergen Schoenwaelder"
<j.schoenwaelder@jacobs-university.de> wrote:

>On Thu, Jul 10, 2014 at 04:13:08PM +0200, Benoit Claise wrote:
>> Dear all,
>> 
>> The email below refers to Alissa's DISCUSS
>> See 
>> 
>>http://datatracker.ietf.org/doc/draft-ietf-eman-energy-monitoring-mib/bal
>>lot/#alissa-cooper
>> 
>> Alissa refers to this sentence in the boilerplate at
>> http://trac.tools.ietf.org/area/ops/trac/wiki/mib-security
>> 
>>         Implementations SHOULD provide the security features described
>> by the
>>         SNMPv3 framework (see [RFC3410]), and implementations claiming
>> compliance
>>         to the SNMPv3 standard MUST include full support for
>> authentication and
>>         privacy via the User-based Security Model (USM) [RFC3414] with
>> the AES
>>         cipher algorithm [RFC3826].
>> 
>> From the discussion (Dan andBert's feedback, on top of mine) , it seems
>> that there are valid reasons to keep a SHOULD here in the generic
>> boilerplate.
>> 
>> So what next?
>> - Should we justify the reasons in the boiler plate
>> - Should we  give some freedom in the boilerplate?
>> 
>>         Implementations SHOULD provide the security features described
>> by the
>>         SNMPv3 framework (see [RFC3410]), and implementations claiming
>> compliance
>>         to the SNMPv3 standard MUST include full support for
>> authentication and
>>         privacy via the User-based Security Model (USM) [RFC3414] with
>> the AES
>>         cipher algorithm [RFC3826].
>> 
>>         <if there are use cases where a MUST is required, described
>> them here>
>> 
>>   Now, I hope it will not be abused by Security ADs, requesting a MUST
>> for every single MIB module.
>> - Something else?
>> - Stop writing MIB modules :-)
>> 
>
>Do nothing, re-discuss this every other year. ;-)
>
>/js
>
>-- 
>Juergen Schoenwaelder           Jacobs University Bremen gGmbH
>Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
>Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

v2.23.0 | Report a Bug | By Email