Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.txt> (PT-EAP: Posture Transport (PT) Protocol For EAP Tunnel Methods) to Proposed Standard
SM <sm@resistor.net> Mon, 14 January 2013 21:42 UTC
Return-Path: <sm@resistor.net>
X-Original-To: nea@ietfa.amsl.com
Delivered-To: nea@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB34321F88C4; Mon, 14 Jan 2013 13:42:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.583
X-Spam-Level:
X-Spam-Status: No, score=-102.583 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d6eAt+uc28D9; Mon, 14 Jan 2013 13:42:06 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 33C5621F888C; Mon, 14 Jan 2013 13:42:06 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id r0ELfwQk015885; Mon, 14 Jan 2013 13:42:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1358199724; bh=4tFNIUI0YQa3tG2dr+E8nheKffWwn8ncoviWILR2i9o=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=rd2rvXJ0vL0p5RWgX9wb2g0RbVdi2tMZA6EbKHDFdz1jSIp94ULp9SrGThMMUUCON 3i+qlyw5Hln6FSP8JUdUH65gkPMPZZw/gzhDngAh9hphdqYOcxCzKxDiBf3IaqpMmK w48IhyzeLqF8XWJ/L9hEjAqxVOq2I0f/Kva0DsW8=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1358199724; i=@resistor.net; bh=4tFNIUI0YQa3tG2dr+E8nheKffWwn8ncoviWILR2i9o=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=RffMZ2pKrof4JRPTJFqvENZNUFqYs0Qh/Cf6t0tm6fsKXPeZxloSvjTZVW8MqrSVU G0X1OgOh/aVBL3sPlcGTHWydQZB4ZJ0Gwt6IStpr2CChZyxKAu8XhCqrW2PzBgSCty LAMJApQ6XsUktEBhI7ryfpYUHlgt4exSPyjacE4E=
Message-Id: <6.2.5.6.2.20130114123552.0a8fb9e8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 14 Jan 2013 13:34:09 -0800
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
From: SM <sm@resistor.net>
In-Reply-To: <B80278DF1B7C814184086F4A6ECB3115225B9B21@xmb-aln-x02.cisco .com>
References: <6.2.5.6.2.20130108225436.0b31f008@resistor.net> <B80278DF1B7C814184086F4A6ECB3115225B9B21@xmb-aln-x02.cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Mailman-Approved-At: Mon, 14 Jan 2013 17:45:23 -0800
Cc: ietf-privacy@ietf.org, nea@ietf.org, ietf@ietf.org
Subject: Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.txt> (PT-EAP: Posture Transport (PT) Protocol For EAP Tunnel Methods) to Proposed Standard
X-BeenThere: nea@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nea>
List-Post: <mailto:nea@ietf.org>
List-Help: <mailto:nea-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jan 2013 21:42:09 -0000
Hi Nancy,
At 12:29 14-01-2013, Nancy Cam-Winget (ncamwing) wrote:
>[NCW] I can change it to a lower case "must", ok?
That's ok.
>[NCW] We can move the reference to be normative.
Ok.
>[NCW] I don't think there are specifically for PT-EAP. The sections you
>reference
>Were to (in section 6) addressing the general EAP identity as PT-EAP is
>really not
>An "authentication" method.
If I understood the above correctly PT-EAP does not transport any
information which could be used to identify an individual. That's
different from PT-EAP not being an "authenticated" method. Therefore,
there isn't much to say in terms of privacy considerations.
I suggest not including the following then:
"As a transport protocol, PT-EAP does not directly utilize or
require direct knowledge of any personally identifiable
information (PII)."
The draft can leverage the second paragraph of Section 6 as "privacy
considerations" instead of making a statement about PII. I'll copy
this message to ietf-privacy@ to get a better opinion.
In Section 6:
"Therefore, it is important for deployers to leverage these
protections in order to prevent disclosure of PII potentially
contained within PA-TNC or PB-TNC within the PT-EAP payload."
I suggest "information about an individual" instead of PII [1].
Regards,
-sm
1. I used the wording from draft-iab-privacy-considerations-06
- [Nea] Last Call: <draft-ietf-nea-pt-eap-06.txt> (… The IESG
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… SM
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Nancy Cam-Winget (ncamwing)
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Stephen Hanna
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Stephen Hanna
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Stephen Farrell
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Stephen Hanna
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… Stephen Farrell
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… SM
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… SM
- Re: [Nea] Last Call: <draft-ietf-nea-pt-eap-06.tx… SM