Re: [perpass] comments and questions for the group on draft-farrell-perpass-attack-02
Eliot Lear <lear@cisco.com> Mon, 09 December 2013 14:00 UTC
Return-Path: <lear@cisco.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 983A51AE2E8; Mon, 9 Dec 2013 06:00:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.502
X-Spam-Level:
X-Spam-Status: No, score=-9.502 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wtDFrx31VSL9; Mon, 9 Dec 2013 06:00:55 -0800 (PST)
Received: from aer-iport-2.cisco.com (aer-iport-2.cisco.com [173.38.203.52]) by ietfa.amsl.com (Postfix) with ESMTP id D5A751AE2E3; Mon, 9 Dec 2013 06:00:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1051; q=dns/txt; s=iport; t=1386597651; x=1387807251; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=3z7OBa41undPiaea7w9/u+RlP70O16QyeeTUDnQEZhM=; b=MmNQNy2yRzbnDI8sEWOMJL1APONFUEjGvPtKQzDF23r7xxtBHVaRtjpL tsItABoYZvvfHYTIHj1WJh0RMZ2jOdo4ncIc9MqH1wr5FrKoWN4/IzKZI wR5H4Hvox33ivE10cGoJl3CL/on+JlWnOwbkW9cwkc6dtRStDVM7ZeuZX c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah0FALLMpVKQ/khM/2dsb2JhbABZgweECrYWgS8WdIIlAQEBBCNVARALGAICBRYLAgIJAwIBAgFFBg0BBwEBh36yAo8sF4EpjQ9YB4JrgUgDlDGDY5ITgWuBPzuBLA
X-IronPort-AV: E=Sophos;i="4.93,858,1378857600"; d="scan'208";a="1301639"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by aer-iport-2.cisco.com with ESMTP; 09 Dec 2013 14:00:50 +0000
Received: from ams3-vpn-dhcp5161.cisco.com (ams3-vpn-dhcp5161.cisco.com [10.61.84.40]) by ams-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id rB9E0jxS000921 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 9 Dec 2013 14:00:45 GMT
Message-ID: <52A5CD16.3050905@cisco.com>
Date: Mon, 09 Dec 2013 15:00:54 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: Robin Wilton <wilton@isoc.org>
References: <52A5B79E.2040202@cisco.com> <2FF9686C-7DEA-42E3-B2FA-DCD72A5E5168@isoc.org>
In-Reply-To: <2FF9686C-7DEA-42E3-B2FA-DCD72A5E5168@isoc.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: perpass <perpass@ietf.org>, Internet Architecture Board <iab@iab.org>, IESG <iesg@ietf.org>
Subject: Re: [perpass] comments and questions for the group on draft-farrell-perpass-attack-02
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 14:00:57 -0000
Robin, On 12/9/13 2:00 PM, Robin Wilton wrote: > Eliot, > > I think your second edit is probably too broad, in the sense that it could create quite a lot of room for abuse. You currently have: > >>> More limited-scope monitoring or other services or to assist with >>> network operations that >>> is required in order to operate the network or an application is not >>> considered pervasive monitoring > I would suggest something along the following lines. The first part is just a rewording of your text; the part in square brackets is prompted by what I think we can learn from existing approaches to pervasive monitoring. > > Where monitoring is of limited scope, or services in support of network operations are required in order to operate the network, these are not necessarily to be considered de facto pervasive monitoring [; however, thought should be given to whether they enable pervasive monitoring, either directly or as a by-product of their primary purpose]. > Your alternative would be fine with me. Eliot
- [perpass] comments and questions for the group on… Eliot Lear
- Re: [perpass] comments and questions for the grou… Eric Burger
- Re: [perpass] comments and questions for the grou… Robin Wilton
- Re: [perpass] comments and questions for the grou… Stephen Farrell
- Re: [perpass] comments and questions for the grou… Eliot Lear
- Re: [perpass] comments and questions for the grou… Eliot Lear
- Re: [perpass] comments and questions for the grou… Eliot Lear
- Re: [perpass] comments and questions for the grou… Eliot Lear
- Re: [perpass] comments and questions for the grou… Paul Ferguson
- Re: [perpass] comments and questions for the grou… Brian E Carpenter