Return-Path: <Kevin.Smith@vodafone.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 495951A1B40
 for <saag@ietfa.amsl.com>; Tue, 31 Mar 2015 02:22:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.5
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5
 tests=[BAYES_50=0.8, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_MED=-2.3,
 SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id C6ZfG6Elof0S for <saag@ietfa.amsl.com>;
 Tue, 31 Mar 2015 02:22:16 -0700 (PDT)
Received: from mail1.bemta14.messagelabs.com (mail1.bemta14.messagelabs.com
 [193.109.254.115])
 (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 2F10D1A1A2F
 for <saag@ietf.org>; Tue, 31 Mar 2015 02:22:15 -0700 (PDT)
Received: from [193.109.254.3] by server-11.bemta-14.messagelabs.com id
 63/AC-22533-6476A155; Tue, 31 Mar 2015 09:22:14 +0000
X-Env-Sender: Kevin.Smith@vodafone.com
X-Msg-Ref: server-12.tower-184.messagelabs.com!1427793733!7382230!1
X-Originating-IP: [195.232.244.136]
X-StarScan-Received: 
X-StarScan-Version: 6.13.6; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 26215 invoked from network); 31 Mar 2015 09:22:13 -0000
Received: from mailout04.vodafone.com (HELO mailout04.vodafone.com)
 (195.232.244.136)
 by server-12.tower-184.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 
 31 Mar 2015 09:22:13 -0000
Received: from mailint01.vodafone.com (mailint01.vodafone.com
 [195.232.244.198])
 by mailout04.vodafone.com (Postfix) with ESMTP id 3lGQCn4pXdznTtB
 for <saag@ietf.org>; Tue, 31 Mar 2015 11:22:13 +0200 (CEST)
Received: from mailint01.vodafone.com (localhost [127.0.0.1])
 by mailint01.vodafone.com (Postfix) with ESMTP id 3lGQCn3fRtzxPsM
 for <saag@ietf.org>; Tue, 31 Mar 2015 11:22:13 +0200 (CEST)
Received: from VOEXC01W.internal.vodafone.com (voexc01w.dc-ratingen.de
 [145.230.101.21]) (using TLSv1 with cipher AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mailint01.vodafone.com (Postfix) with ESMTPS id 3lGQCn2Vq6zxNym
 for <saag@ietf.org>; Tue, 31 Mar 2015 11:22:13 +0200 (CEST)
Received: from VOEXM17W.internal.vodafone.com ([169.254.1.163]) by
 VOEXC01W.internal.vodafone.com ([145.230.101.21]) with mapi id
 14.03.0224.002; Tue, 31 Mar 2015 11:22:10 +0200
From: "Smith, Kevin, (R&D) Vodafone Group" <Kevin.Smith@vodafone.com>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: Ubiquitous encryption draft feedback - mobile case
Thread-Index: AdBrlAn3G74K8pspTryGfEX1HMRvtA==
Date: Tue, 31 Mar 2015 09:22:09 +0000
Message-ID: <A4BAAB326B17CE40B45830B745F70F108DFC56A4@VOEXM17W.internal.vodafone.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/EdaWlFs5YZ-pkCUu41KBZ5-2QKw>
X-Mailman-Approved-At: Wed, 01 Apr 2015 08:56:29 -0700
Subject: [saag] Ubiquitous encryption draft feedback - mobile case
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>,
 <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>,
 <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2015 09:22:18 -0000

Hi Kathleen & Al,

Thanks for publishing this draft, which makes a lot of sense. I support app=
roaches that allow network management to persist without breaching encrypti=
on or introducing any security/privacy weakness, and this paper provides a =
sound reference for such work.

I'd like to offer an additional (sub) section  on the particular case of tr=
affic management for mobile networks, along the lines of:

"Bandwidth in cellular radio networks tends to be more volatile than in fix=
ed networks. This is a result of variance in radio signal strength as a use=
r moves around a cell, the rapid ingress and egress of connections as users=
 handoff between adjacent cells, and sudden congestion at certain cells at =
certain times. Mobile networks account for this by queuing traffic accordin=
g to its required bandwidth and acceptable latency, and hence spread the av=
ailable bandwidth sensibly across users: for example, a user is unlikely to=
 notice a 20ms delay when receiving a Web page, email or instant message re=
sponse, but will likely notice video buffering or VoIP call jitter. The net=
work manages the queue so that each user has an acceptable experience as co=
nditions vary. Application and transport layer encryption makes the traffic=
 type detection less accurate, impacting queue management."

Also section 4.1 highlights many similarities between Enterprise and a gove=
rnment-regulated mobile network.

A couple of minor typos in the Introduction:

"These efforts are necessary to improve end users expectation of privacy,"
s/improve end users expectation/improve an end user's expectation

"Many attackers and those that pose a greater threat are already using stro=
ng encryption and tools like TOR [TOR] to prevent active attacks from on th=
eir data streams."
s/from/

All best,
Kevin

Kevin Smith, Vodafone R&D