Re: [Pearg] I-D Action: draft-irtf-pearg-numeric-ids-generation-05.txt
Fernando Gont <fgont@si6networks.com> Thu, 07 January 2021 00:55 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 440333A1418; Wed, 6 Jan 2021 16:55:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.149
X-Spam-Level:
X-Spam-Status: No, score=-2.149 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.262, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gnZAi1y4l-Hh; Wed, 6 Jan 2021 16:54:58 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C1B93A1413; Wed, 6 Jan 2021 16:54:53 -0800 (PST)
Received: from [10.0.0.129] (unknown [186.19.8.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 1D7CB280A8E; Thu, 7 Jan 2021 00:54:48 +0000 (UTC)
To: pearg@irtf.org, "pearg-chairs@irtf.org" <pearg-chairs@irtf.org>
References: <160997689095.9831.10422244210829050469@ietfa.amsl.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <91f6a1f3-d9ac-9ea4-07d4-884b06e0f9f6@si6networks.com>
Date: Wed, 06 Jan 2021 20:56:04 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <160997689095.9831.10422244210829050469@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/ef9AlvXxg1JHkW5OYADDPe9nZK0>
Subject: Re: [Pearg] I-D Action: draft-irtf-pearg-numeric-ids-generation-05.txt
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2021 00:55:02 -0000
Folks, FYI, this rev addresses comments we received off-list, some minor issues that we found while doing a fresh review ourselves, and comments that we got as a result of draft-gont-numeric-ids-sec-considerations being last called (that led to folks looking at the two PEARG I-Ds on numeric IDs). Other than generally polishing the text and fixing minor errors: * We added a short Section "8.3. Fingerprinting", upon request of Bernard Aboba. * All discussion of algorithms or techniques that generally have negative implications has been moved into Appendix A. If you can please do take a look and let us know what you think. Thanks! Regards, Fernando On 6/1/21 20:48, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Privacy Enhancements and Assessments Research Group RG of the IRTF. > > Title : On the Generation of Transient Numeric Identifiers > Authors : Fernando Gont > Ivan Arce > Filename : draft-irtf-pearg-numeric-ids-generation-05.txt > Pages : 37 > Date : 2021-01-06 > > Abstract: > This document performs an analysis of the security and privacy > implications of different types of "transient numeric identifiers" > used in IETF protocols, and tries to categorize them based on their > interoperability requirements and the associated failure severity > when such requirements are not met. Subsequently, it provides advice > on possible algorithms that could be employed to satisfy the > interoperability requirements of each identifier category, while > minimizing the negative security and privacy implications, thus > providing guidance to protocol designers and protocol implementers. > Finally, it describes a number of algorithms that have been employed > in real implementations to generate transient numeric identifiers and > analyzes their security and privacy properties. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-irtf-pearg-numeric-ids-generation/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-irtf-pearg-numeric-ids-generation-05 > https://datatracker.ietf.org/doc/html/draft-irtf-pearg-numeric-ids-generation-05 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-irtf-pearg-numeric-ids-generation-05 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- [Pearg] I-D Action: draft-irtf-pearg-numeric-ids-… internet-drafts
- Re: [Pearg] I-D Action: draft-irtf-pearg-numeric-… Fernando Gont