IETF Logo Mail Archive

Re: [sacm] [draft-ietf-sacm-requirements] Do we need a privacy section (#55)

Ron Colvin <Ron.Colvin@nasa.gov> Fri, 07 August 2015 14:00 UTC

Return-Path: <ron.colvin@nasa.gov>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AABB1B2D7E for <sacm@ietfa.amsl.com>; Fri, 7 Aug 2015 07:00:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w6zzzt3lOfhc for <sacm@ietfa.amsl.com>; Fri, 7 Aug 2015 07:00:31 -0700 (PDT)
Received: from ndmsnpf03.ndc.nasa.gov (ndmsnpf03.ndc.nasa.gov [IPv6:2001:4d0:8302:1100::103]) by ietfa.amsl.com (Postfix) with ESMTP id 5923F1B2D87 for <sacm@ietf.org>; Fri, 7 Aug 2015 07:00:28 -0700 (PDT)
Received: from ndmsppt103.ndc.nasa.gov (ndmsppt103.ndc.nasa.gov [198.117.0.68]) by ndmsnpf03.ndc.nasa.gov (Postfix) with ESMTP id ED5742D80B9; Fri, 7 Aug 2015 08:57:29 -0500 (CDT)
Received: from NDMSCHT113.ndc.nasa.gov (ndmscht113-pub.ndc.nasa.gov [198.117.0.213]) by ndmsppt103.ndc.nasa.gov (8.15.0.59/8.15.0.59) with ESMTP id t77E0Rsl009903; Fri, 7 Aug 2015 09:00:27 -0500
Received: from [128.154.226.43] (128.154.226.43) by smtp02.ndc.nasa.gov (198.117.0.213) with Microsoft SMTP Server (TLS) id 14.3.224.2; Fri, 7 Aug 2015 09:00:27 -0500
References: <sacmwg/draft-ietf-sacm-requirements/issues/55@github.com> <sacmwg/draft-ietf-sacm-requirements/issues/55/128680469@github.com>
To: sacmwg/draft-ietf-sacm-requirements <reply+00a6c4d1129080622850c5e27de14219f5265ff1c931c67092cf0000000111dc5ac392a169ce05cd0b75@reply.github.com>, sacmwg/draft-ietf-sacm-requirements <draft-ietf-sacm-requirements@noreply.github.com>
From: Ron Colvin <Ron.Colvin@nasa.gov>
Message-ID: <55C4BA28.2010006@nasa.gov>
Date: Fri, 07 Aug 2015 10:01:12 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <sacmwg/draft-ietf-sacm-requirements/issues/55/128680469@github.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms060205030003080309020707"
X-Originating-IP: [128.154.226.43]
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2015-08-07_07:, , signatures=0
Archived-At: <http://mailarchive.ietf.org/arch/msg/sacm/oOOnOm4Rg7yP4f3xEvQzWU_q-UQ>
Cc: sacm <sacm@ietf.org>
Subject: Re: [sacm] [draft-ietf-sacm-requirements] Do we need a privacy section (#55)
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Ron.Colvin@nasa.gov
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Aug 2015 14:00:33 -0000

My understanding on PII is that as soon as I associate a person with an 
email address, phone number or physical address I have PII that I need 
to protect. If we associate a user id, account or user provisioned PKI 
with a device including possibly a MAC address we probably have the same 
concerns.

I think in many cases user certificates are used for device 
authentication and I thought that was an attribute that was highly 
desirable.

On 8/7/15 7:38 AM, adammontville wrote:
>
> I agree that privacy needs to be covered.
>
> Still, when we talk about /identity/ or /identification/ in this 
> working group, we're talking about something different than PII data. 
> As such, there's this other issue for the information model 
> sacmwg/draft-ietf-sacm-information-model#21 
> <https://github.com/sacmwg/draft-ietf-sacm-information-model/issues/21>, 
> which is seeking to get feedback on what a useful term other than 
> identity might be. The present candidate seems to be /designate/. So, 
> instead of "identify an endpoint" we would "designate an endpoint" or 
> "collect AVPs from the designated set of endpoints".
>
> I also wouldn't go so far as to say that we're performing pervasive 
> monitoring in the sense that mainstream media understands the term. 
> Our scope has always been single-enterprise, and it remains that way.
>
> Again, privacy is important, but I don't think we're talking about PII 
> as much as might be implied by our choice of terms.
>
> —
> Reply to this email directly or view it on GitHub 
> <https://github.com/sacmwg/draft-ietf-sacm-requirements/issues/55#issuecomment-128680469>.
>
>
>
> _______________________________________________
> sacm mailing list
> sacm@ietf.org
> https://www.ietf.org/mailman/listinfo/sacm

-- 


********************************************************
Ron Colvin CISSP, CAP, CEH
Certified Security Analyst
NASA - Goddard Space Flight Center
<ron.colvin@nasa.gov>
Direct phone 301-286-2451
NASA Jabber (rdcolvin@im.nasa.gov) AIM rcolvin13
NASA LCS (ronald.d.colvin@nasa.gov)
********************************************************

v2.23.0 | Report a Bug | By Email