Re: [secdir] Review of draft-ietf-xcon-common-data-model-28.txt

Tero Kivinen <kivinen@iki.fi> Wed, 01 June 2011 14:58 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58D97E071F; Wed, 1 Jun 2011 07:58:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqU2vE9vjsiD; Wed, 1 Jun 2011 07:58:37 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7097FE0708; Wed, 1 Jun 2011 07:58:36 -0700 (PDT)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id p51EwVJL023915 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 1 Jun 2011 17:58:31 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id p51EwSxn003686; Wed, 1 Jun 2011 17:58:28 +0300 (EEST)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <19942.21396.600411.479045@fireball.kivinen.iki.fi>
Date: Wed, 1 Jun 2011 17:58:28 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Oscar Novo <oscar.novo@ericsson.com>
In-Reply-To: <58E207308662A748A4AC1ECB4E8856140815D35812@ESESSCMS0355.eemea.ericsson.se>
References: <19935.37953.301024.987227@fireball.kivinen.iki.fi> <58E207308662A748A4AC1ECB4E8856140815CDED51@ESESSCMS0355.eemea.ericsson.se> <19935.41711.849950.705575@fireball.kivinen.iki.fi> <58E207308662A748A4AC1ECB4E8856140815CDF032@ESESSCMS0355.eemea.ericsson.se> <19940.59154.513573.470137@fireball.kivinen.iki.fi> <58E207308662A748A4AC1ECB4E8856140815D35812@ESESSCMS0355.eemea.ericsson.se>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 7 min
X-Total-Time: 7 min
Cc: "draft-ietf-xcon-common-data-model.all@tools.ietf.org" <draft-ietf-xcon-common-data-model.all@tools.ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Review of draft-ietf-xcon-common-data-model-28.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2011 14:58:38 -0000

[CC'ing back to original recipient list, as all my issues have been
solved].

Oscar Novo writes:
> Thanks for your reply. I've created a new version of the draft with
> your suggestions.  
> Do you think the document is more clear now?

Yes.

>    It is RECOMMENDED the database uses encryption mechanisms if the
>    information is stored in long term storage (e.g., disk).  If the
>    database contains sensitive elements (e.g., passwords) the
>    confidentiality of the database MUST be protected from unauthorized
>    users.  If no sensitive elements is present then confidentiality is
>    not needed.

I think the above text is clear and solves my issue. 

>    Note that the specification of the privacy policy is outside the
>    scope of this document.  Saying that, a privacy policy will be needed
>    in the real implementation of the data model and, therefore, is
>    subject to future policy documents.

I think this is the minimal text what is needed. It could provide bit
more information about what kind of elements in data model and what
kind of issues privacy policy would need to cover, but that would
require more work to find that information out.

So I think that change will solve my issue. 
-- 
kivinen@iki.fi