[secdir] draft-ietf-sipcore-location-conveyance security review

Uri Blumenthal <mouse008@gmail.com> Tue, 07 June 2011 01:41 UTC

Return-Path: <mouse008@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B78CE21F8519; Mon, 6 Jun 2011 18:41:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.963
X-Spam-Level:
X-Spam-Status: No, score=-1.963 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_FONT_FACE_BAD=0.884, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mvxIzAPapEZ8; Mon, 6 Jun 2011 18:41:52 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id E834B21F8518; Mon, 6 Jun 2011 18:41:51 -0700 (PDT)
Received: by vxg33 with SMTP id 33so4073244vxg.31 for <multiple recipients>; Mon, 06 Jun 2011 18:41:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:content-type:subject:date:message-id:to :mime-version:x-mailer; bh=r9uOR2P1557qv8m4CltOZaSr0Vhe1nwtRskx9kkZFVE=; b=qd03SVaYmklNmgXWB6dC4g+ZurApnsjldRMKomZT4rZ0GNn8hZJiYr9KkqguBWJQtH xnktAsLIOydW1F2/t075pDGvpr7q/48+pth5LycVyosor9OGeF6N5NoFZndwSpGLoe4o zGvMmNTDD/j3cZGRST1/7Gy+35goQ0HbTJDkM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:content-type:subject:date:message-id:to:mime-version:x-mailer; b=kbEKc5gh7j131mlUv0Zj1DQ0Ns1Sex/gD2OBMEP7XoHoAWtgP65hvccBlhDuGt2qQA jcIXjOxBuxCz0j5ndQktAPQeIJ0b4XPj5up2PeScK8QvysX4YJyGznYmS0lsMyqTtBFl UPax9XjrGWxDN78M09FojcHButwM1Cg7uxXPA=
Received: by 10.52.187.164 with SMTP id ft4mr4219302vdc.59.1307410910390; Mon, 06 Jun 2011 18:41:50 -0700 (PDT)
Received: from [192.168.1.106] (c-24-63-227-189.hsd1.ma.comcast.net [24.63.227.189]) by mx.google.com with ESMTPS id q1sm1566927vdt.11.2011.06.06.18.41.48 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 06 Jun 2011 18:41:49 -0700 (PDT)
From: Uri Blumenthal <mouse008@gmail.com>
Content-Type: multipart/signed; boundary=Apple-Mail-7-538388134; protocol="application/pkcs7-signature"; micalg=sha1
Date: Mon, 6 Jun 2011 21:36:19 -0400
Message-Id: <5599350D-46D8-4AD4-B61C-F21DD7408290@ll.mit.edu>
To: draft-ietf-sipcore-location-conveyance@tools.ietf.org, secdir@ietf.org, iesg@ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
X-Mailman-Approved-At: Wed, 08 Jun 2011 02:04:24 -0700
Subject: [secdir] draft-ietf-sipcore-location-conveyance security review
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2011 01:44:08 -0000

I reviewed (browsed) the draft-ietf-sipcore-location-conveyance-08, and found it well-written. Its Security Considerations section describes potential impacts of this draft (privacy is a big one) and how they can be mitigated.

I am OK with this draft.
--
_______________________________________________
Uri Blumenthal                               Voice: (781) 981-1638
Cyber Systems and Technology   Fax:   (781) 981-0186
MIT Lincoln Laboratory                   Cell:  (339) 223-5363
244 Wood Street                         Email: <uri@ll.mit.edu>
Lexington, MA  02420-9185       

Web:  http://www.ll.mit.edu/CST/

MIT LL Root CA: 
https://www.ll.mit.edu/labcertificateauthority.html