IETF Logo Mail Archive

Re: [Raw] Roman Danyliw's Discuss on draft-ietf-raw-use-cases-08: (with DISCUSS and COMMENT)

John Scudder <jgs@juniper.net> Thu, 01 December 2022 19:14 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: raw@ietfa.amsl.com
Delivered-To: raw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 792C3C14F74F; Thu, 1 Dec 2022 11:14:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=KEAlXXEL; dkim=pass (1024-bit key) header.d=juniper.net header.b=e3wxEY54
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-mZkFmi145T; Thu, 1 Dec 2022 11:14:20 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09333C14F748; Thu, 1 Dec 2022 11:14:19 -0800 (PST)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2B1FcWv6014684; Thu, 1 Dec 2022 11:14:18 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=jIDtWEoRBywCY5+CT1EC15B1AubtnkF7sFGxQavjHQY=; b=KEAlXXELkMmwMixf/f+N1eVxzUygOie9JNGUTxFKeSbCVzjd8qWA50ryba/Pnh9GaGPY lRisHEMaJmt7vit6UaugtrJZdRhHJE+Eq3iCEhLAeKhDP6lI4Rn7uVTlM8/f9G88D38S Q34a8PzMkcaVg+iz0auGFep8W9DrJ+hEsSWXBkoCMUyjDoKRzu+6RcdxdsPfW1Yx1jso qZj8IF+j+3wwhALATiSjpsuuNnsRHTkGnB8/wchHG9FOtlbZkcXNyAUone1EbCezKe3q qVaYgpJ5YH1AfIQoldXsVKUuGHBl2oUdha/KrntkSRFc79XMVqVD3qGDDBvwqfdfXas3 Uw==
Received: from dm4pr02cu001-vft-obe.outbound.protection.outlook.com (mail-centralusazlp17012023.outbound.protection.outlook.com [40.93.13.23]) by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 3m6k6v1p8u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 01 Dec 2022 11:14:17 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MraA+yV4I3F7UT4EEMcF2iQrrSMyg7+DuVKsnWnbacWLqym/tEyofJrIc3XGUHFJLIJ69cyQcuS5E3+LLlCbViR+OBLSbSdT3woQ94051eIluaq04+hjThCrFLesUD7aZOYKHAnozdqt1rARq+vJkO3hKywU9Qb9HRgH3bdrsTtOuNXEYj/zngh/lngSDxsDQK1+Nwoy6FvY8B+irgD2OFbEGV7sylS5lNI8Rwy90MaibYNnyYuxrysDw//m8omVAptdpY60D2h+9vfHY3nBQiRwvERmk+LyujhUW7h1MkNfPMfR7SeiwWjmpOXgCa1rehduX8pNeLNrkq9C7+ys3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jIDtWEoRBywCY5+CT1EC15B1AubtnkF7sFGxQavjHQY=; b=MLW+ROatkx5RJiXe+hh+KzBPfw9k2LlT4wr+6AlgF1HkcwAg/dR0grteSGnlkC8NO9IV6LQw6iQt8vE/x3dwm+UoIwntplK2ZQs20nR9EIthC+OtxRY+7DAiPyl4knamZoIZavmutAX1SnVlYAM2goOEJloV9BTnsHAl1LWL80JCyrFFHGVCgmzDVwxo4KvM/xLYrmVEWsjbtUuMzaCOGYhjNm1X0Yh5g+CH1UMa3NBAb7u6vMR8lydrjW+wf1QPmNEF7bOmQS4U/hbabNMtIY8ftopP+7vccAZADAEeyi5FZSyjXfNGv+YVZXwOHzeC2joMj8Oc5p7k05NpwlOuIQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jIDtWEoRBywCY5+CT1EC15B1AubtnkF7sFGxQavjHQY=; b=e3wxEY54IGIvVzMJU6Pd9xdUxs9MKuRJ8NwNvOl3ccmoRD9DQfiJt/1VrFC6riRhxvN8pyI4ptls3FnrwkbV8/NGIbScWbvuZ425WjjPNGE0hb66va1Ortby112YXV4LSS4HmMux8NmvrF28pv4JdoZKm0dHvqv07MXXgpOZXBk=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by MWHPR05MB3232.namprd05.prod.outlook.com (2603:10b6:300:b4::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.21; Thu, 1 Dec 2022 19:14:15 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::2b47:6afc:ba5a:1615]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::2b47:6afc:ba5a:1615%7]) with mapi id 15.20.5857.023; Thu, 1 Dec 2022 19:14:14 +0000
From: John Scudder <jgs@juniper.net>
To: CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es>
CC: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>, "draft-ietf-raw-use-cases@ietf.org" <draft-ietf-raw-use-cases@ietf.org>, "raw-chairs@ietf.org" <raw-chairs@ietf.org>, "raw@ietf.org" <raw@ietf.org>, "corinna.schmitt@unibw.de" <corinna.schmitt@unibw.de>
Thread-Topic: [Raw] Roman Danyliw's Discuss on draft-ietf-raw-use-cases-08: (with DISCUSS and COMMENT)
Thread-Index: AQHY+qk92CQbCB9xp0WjwEHEbX9E7a5Wk2eAgALpeQA=
Date: Thu, 01 Dec 2022 19:14:14 +0000
Message-ID: <69B767CF-45FF-459A-858D-8DAFE348DA94@juniper.net>
References: <166870577081.63597.12770105190077863670@ietfa.amsl.com> <CALypLp8bRWwKboH1zV2Lx_Jo-iZpeAk-ygZz=3kQN2r3Ma5xiw@mail.gmail.com>
In-Reply-To: <CALypLp8bRWwKboH1zV2Lx_Jo-iZpeAk-ygZz=3kQN2r3Ma5xiw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.1)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|MWHPR05MB3232:EE_
x-ms-office365-filtering-correlation-id: 78b72bb7-77fd-4bac-69b3-08dad3d03c82
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: fnuSxM5RjVnQJ+pTvj/FNwaZzUdrHCd9rRQa42FWgIDWeETvrB2oXtKUAXKV3N3BZPtDDxiSrValB8BMfGSdcDmKlQw79KlTZyE78pw6og7zjIUxQDUdmt38e8WdEqJTPz0mmv1uGrXzwM3GKGtL3nAhsIdOSQxZs99yTzqqRz945aRt5ipL7kDUqHKF1hiC/gEHlJUQj8W/IwqJntDVTh8/xjQ//rqkJ8hZr/IH37myd41pE8PJ+X3oVsN7KKVEZjGeG3LQi696UoecnbSgLdFbmp+GTI1+PfnNylBERMVyp8vz/Zz8nC2tRw8tGkpMhNtQO8PLFlcEF+u5UcpUf28jwv3XWiVjFBiiZQG5bkOI6W/uVOsGFS/sPGgcyoqPRbmvtt43L5DASFxMesQ6RApPTjcM3pmRH0fkAvfBFy+nt9UYt/eKY1Oi/jOcJwAbg8eAaHYpXJ88ZwSeLA3vFd3aKDw3Lua98i1Nw0JDlpC8/XohC3+9CcFiT3MTk5xDpl3j/Do+pyC3Y6igIYWgaqIUxOMaF02at7NM91a+wzvuaQ9YVhk3PVymsXL/cCOei70WC8Fw3jk/xSTtPOoDHqQYovBcxrp+caopsyiUW591VwrCyYS7cKswknnma4Iyk/R2cBAXhp1zpBQWtkTwGCbpYBhxGhLH9qYynFWR22P0eMCvoLELe+0UkSbbB4693Ss8/E2vRxeGo/OmmTIu9IQRcWYgey8pVRgOGha9S1/38M1G7Cz+D2Cg5AbHRxnDnrk35Q9IPhbL/AHfp+u46ktjsPTOEjyYyzoycqOLnh4=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(376002)(39860400002)(366004)(346002)(136003)(451199015)(38100700002)(2906002)(83380400001)(6506007)(478600001)(6486002)(66899015)(5660300002)(122000001)(186003)(76116006)(71200400001)(38070700005)(36756003)(2616005)(316002)(41300700001)(8936002)(66446008)(66556008)(64756008)(91956017)(4326008)(8676002)(66946007)(66476007)(6916009)(53546011)(33656002)(54906003)(6512007)(86362001)(26005)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ecHq9NhdyV56YW2NFgJE0LYtArNP3x3liK6mFoxva/RhpdNJ+baCpiFqLrj1O1CAO+lI0fgB52qpSkHM8q1RekVy44vbU4xrY2IOY92djlD78iCusi8OrT6ijOvK6rc48HFjuWnDFTqdDR5/eKZ2jh+vESUra2qXLV/od1jqK3jE3yZgKZs+DT/mY7hpM9ZyOk3sTitttrWyf25rqI5ObkXnCHYQHt7GfFQSV3omZqUw7TPiAQ51YjtxWoyXrCoBTB5/vwZ48WfxlauKuU9NnLt4rDh5N0QtrDZmQANfVpIazaTO/DcS27/5TRtmssdmfHHvBefvbrmWLDNnRDuwEH4ne/kJ7Na680owH9yrdIdVy+prf8fwKEOi+j2vHmXop2ie/JRdiEK6i+IE642ol1nj+sfpVuBLswb2SaPQUjAqdaub44mpAo5+orfu1fQPP4sPUzOqEiro1neJ1u1Bhx7o9lgpq53qMPDmIfGu13A2/qi/SLpJ1yLVF3F5DukOhkiXoyijGfBVSFKrzgZ8bzu2fhqbh4VQkOIUQutFgbmEB2NuiHTMePoGATvdam4ZEwXDU+7iwa9wczMKvBCb7GhX+gbNCqplWYOkZvb9EMUEzyLdy0kyRyWZUssm/SoA4kuMK8RWqN5aG/vVKUSjGHthfdQVh4Krn0/vHCez90AiGAFaRfMwg94sztk34ZTcReOB9o27h/kk+vqn+jYNqZIEp4N6dAJNEqjcpHIegsAKsm4dHdErnrosIJUdZ6gBk/cIaf7ytm6krbytNaaa5DpXHigZoPIfg3VxWvf3VPz4OQKcr6pLWcAFWNUncWHuRQgXBXsoWJdYECzcT/3KgIeJg7icpP3fcyaw9Iq0tcEmubHuNjZw0OqJ7NlRFlymo5M+km1CmwV58fbIcO4yW5HzKkXkh/oh5I+i/NnyjsrCOoSNeGCXm+w8yGe809bZRUadrTIqZ/R7qTyotN3LGDfKWIU59wwsKITj44XbT3fGw7yybhpQwwb4ILXyG7CGOBHn+3j4NGnSScmJujyFwI51I/neuJfSJSY+/oj9zqJdKRZjdBcNC0d+qYwHq5Kl7yDklvn8atmCN4rBfaqpf94faeNOJS1NrgNB6bUbw/NUHsq2JCKsq4mx16nL7rH8XoGQpvSXAyeMS/vca47NYy/a/45etbpSfVVMrtj92dvd8+sI2Eae3P4GdFhOynz8oZkeHPUPKxSBy69EwZ4nxhCmR7DIPfqUMBHChC3Lg+idRsYloekDF8i7MKeRRVdMUrAfdzgmidKNQgEDk3pvNb9dr/rmIOxf279EKAqxoadHtF7T+176CGrU62Vri/SSKSZz80Mlm6T+qNDr/a2yqfZTjpXveIWJeLhIGU8/gtzznIVMdAe3x4psiJAPJOqp+bLvIBgdpQ1/F9AxM9LPagSaSzPX8HL5Wn9y0SBFE031kQTVHhoaWkf7ucJ4DcWeHhuCz8u4+IXcmo/jpKay+199i5sd9BWfGFMO5cCb+1EbUDWorK9ppxcItHwkA13CEqmAEbFF4feqbVUKzijdPOG+9ddZ9iGsxG81eHTseDUyITBxt8YuJzTxgtNlubTW
Content-Type: text/plain; charset="utf-8"
Content-ID: <0888F4F374EE7B42AF7D74921B6BFC8C@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 78b72bb7-77fd-4bac-69b3-08dad3d03c82
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Dec 2022 19:14:14.8028 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yMweLiQpkMWddBB70VkYYfso2YehIrwjrN78axfk7bXMlLLzpqsGGG0a8ldJwDsZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR05MB3232
X-Proofpoint-ORIG-GUID: GzRnRJfcpl0P9vLDNA0P9RzuPVdMID6s
X-Proofpoint-GUID: GzRnRJfcpl0P9vLDNA0P9RzuPVdMID6s
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-12-01_14,2022-12-01_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 spamscore=0 lowpriorityscore=0 clxscore=1015 suspectscore=0 malwarescore=0 mlxlogscore=999 mlxscore=0 impostorscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2210170000 definitions=main-2212010147
Archived-At: <https://mailarchive.ietf.org/arch/msg/raw/7Qedt78lP9447KfIu2ls0TF8DoU>
Subject: Re: [Raw] Roman Danyliw's Discuss on draft-ietf-raw-use-cases-08: (with DISCUSS and COMMENT)
X-BeenThere: raw@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: reliable and available wireless <raw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/raw>, <mailto:raw-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/raw/>
List-Post: <mailto:raw@ietf.org>
List-Help: <mailto:raw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/raw>, <mailto:raw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2022 19:14:24 -0000

Hi All,

> On Nov 29, 2022, at 5:46 PM, CARLOS JESUS BERNARDOS CANO <cjbc@it.uc3m.es> wrote:
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> Section 12 states the situation accurately – “Each of the potential RAW
> use-cases will have security considerations from both the use-specific
> perspective.”  Where are these security and privacy considerations for these
> uses cases discussed?  Are these in scope to solve for RAW?  A select list to
> review would be:
> 
> ** Section 3.*. Per the amusement park use case, what are the physical location
> tracking and surveillance considerations?
> 
> ** Section 7.*.  Per the vehicle platooning use case, what are the physical
> location tracking privacy considerations?
> 
> ** Section 8.*. Per the edge robotics use case, what are the privacy
> considerations of the video surveillance?
> 
> ** Section 9.*.  Per the ambulance use case, what are the security
> considerations around exchanging health care information over a wireless WAN?
> 
> A clearer distinction of what is to be addressed at the protocol level, and
> what seems like an application consideration is needed.
> 
> [Carlos] This is a good point to clarify. We have followed the same approach as in the DETNET use cases document (RFC 8578). The RAW use cases document aims at documenting different use cases of interest for RAW, and documenting their demands in terms of rea liability and availability. The document does not go into the per-use case privacy and security considerations of potential future RAW solutions. As of today, the RAW WG is not chartered to work on solutions (it might be done in RAW or DETNET). We believe that the specific privacy and security considerations for the solutions would belong to a different document. Do you think we should be specific about this in the document? We borrowed some text from RFC 8578 to be consistent with the approach that DETNET followed.

We talked about this at today’s IESG telechat. I thought I would take a stab at summarizing the points Roman made; I’m sure he will correct me if I get anything wrong. It was something like this:

- Agreed that this document is use cases and not solutions.
- The document presents use cases, described in prose in a fairly abstract way.
- It is appropriate to talk about security+privacy *at the same level of abstraction* relative to the cases presented.
- Meaning, just a sentence or two per use case probably.
- Take the amusement park with armband doing human tracking case. It would be appropriate to briefly acknowledge this creates a consideration that will need to be worked out as part of a solution.

I would add in my own words, that in the same way use cases exist to provide context for working on and evaluating a solution, it’s also helpful to identify (though not solve) any security and privacy considerations that a solution will foreseeably need to address.

I hope this helps,

—John

v2.23.0 | Report a Bug | By Email