Re: [secdir] secdir review of draft-ietf-dmm-4283mnids-04

Charlie Perkins <charles.perkins@earthlink.net> Sun, 12 February 2017 18:12 UTC

Return-Path: <charles.perkins@earthlink.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FEB31299A1; Sun, 12 Feb 2017 10:12:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.721
X-Spam-Level:
X-Spam-Status: No, score=-2.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=earthlink.net; domainkeys=pass (2048-bit key) header.from=charles.perkins@earthlink.net header.d=earthlink.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G9QiELlRdp4P; Sun, 12 Feb 2017 10:12:27 -0800 (PST)
Received: from elasmtp-galgo.atl.sa.earthlink.net (elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98251129993; Sun, 12 Feb 2017 10:12:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=earthlink.net; s=dk12062016; t=1486923147; bh=gd8XJFn/6UKxbqYTlgJ60SRFlS9NH06HsZCa E6RU0ig=; h=Received:Subject:To:References:From:Message-ID:Date: User-Agent:MIME-Version:In-Reply-To:Content-Type: Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; b=JvQyoVn RKV2T5U+FJ3yEVfTQ9OozhevaWzaigKxjIzEzYxFkAdcEga0P0Vev8i6j2JESyyn32n oj20AtuQXpqtbWJGQZA7UdItnbamxSf3tXqBLqaxDJiKIuPNa+04Fnb4tVI6RE3hDbo 2Dt6EDceHQoUTZSlHorH7un3Tr3b3QYCmHC7YrVjkvyqk/TtfvEAnSyT25/EXzITCH4 C/91aVjCIDykqx8ZEEufqiYUoBJXpZJcU+wGuLC/CqjIAhtmQcJtaR8hhDr95r79dVt bi/zvo5jMvWsnoxcK7jHHOBKynnb0ohCvoGds9WaF/qArMhtcqQP85Y8q02ZnjF+ohQ ==
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk12062016; d=earthlink.net; b=UZ+AZHbrcUMbmJjxTsLIX0/Z3Hd1LJxk2KvIlpeNVsGSlOuui10D5vd8rPlYU+imm3ey63JpWAQGris67pfNIZtSWV4nqfBLnlEeL12rtBoheDPb7HGt16gNIZJZvD493J9q6QVau2zu/9SbLDDuwFmoo25biK3TiXsRHQuO+ZZqlf9X376wgyrlbmekQxgMFdUx0atW+1X2LoSg+DUEfnsmvA6vPx2l/HRnnf9FStZnF+3h38A0uW1FBXa3tQeV9pA6VAk9R9isswvf+od/s2h+rthmIdNcE8FieLGvDG1GwwNFZZi7aEtNvB4gH+IEu+7C2/JUteVphAsVfSEvIA==; h=Received:Subject:To:References:From:Message-ID:Date:User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [99.51.72.196] (helo=[192.168.1.82]) by elasmtp-galgo.atl.sa.earthlink.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.67) (envelope-from <charles.perkins@earthlink.net>) id 1ccyd4-0007Iy-K2; Sun, 12 Feb 2017 13:12:06 -0500
To: Joseph Salowey <joe@salowey.net>, secdir <secdir@ietf.org>, draft-ietf-dmm-4283mnids.all@ietf.org, The IESG <iesg@ietf.org>
References: <CAOgPGoA32_AeYwbrEze52Hghd50Q-0svYojbpaMAb_LuiVCW4w@mail.gmail.com>
From: Charlie Perkins <charles.perkins@earthlink.net>
Message-ID: <d6b27329-1333-eed5-e3fa-da8f986ef3f0@earthlink.net>
Date: Sun, 12 Feb 2017 10:12:01 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <CAOgPGoA32_AeYwbrEze52Hghd50Q-0svYojbpaMAb_LuiVCW4w@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: 137d7d78656ed6919973fd6a8f21c4f2d780f4a490ca6956527bd5036cbc8ac7f1ef8e1983fa9f67d33b7d1b5ade781b350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 99.51.72.196
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/_GSuGNE2l0QpYV8g-ZzYk5tsCRU>
Subject: Re: [secdir] secdir review of draft-ietf-dmm-4283mnids-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Feb 2017 18:12:29 -0000

Hello Joseph,

Thanks for the review.  There will be new text added to the Security 
Considerations as suggested by other reviewers as well. It will indeed 
lend additional emphasis to the matter of trackable IDs.

Regards,
Charlie P.


On 2/5/2017 2:36 PM, Joseph Salowey wrote:
> I have reviewed this document as part of the security directorate's 
> ongoing effort to review all IETF documents being processed by the 
> IESG.  These comments were written primarily for the benefit of the 
> security area directors. Document editors and WG chairs should treat 
> these comments just like any other last call comments.
>
> This document is ready with nits.
>
> I was pleased that the security considerations does discuss some 
> privacy issues.  I think it would help to emphasize that identifiers 
> can be trackable since many of the IDs in the draft are long lived.  
> The section does mention it, this suggestion is just for emphasis.
>
> First sentence of second paragraph of security considerations.
>
> "Some identifiers (e.g., IMSI) are considered to be private 
> information and some are long lived allowing for tracking of an 
> individual or device."
>
> Cheers,
>
> Joe