[secdir] R: secdir review of draft-ietf-ippm-alt-mark-13

Fioccola Giuseppe <giuseppe.fioccola@telecomitalia.it> Thu, 26 October 2017 09:14 UTC

From: Fioccola Giuseppe <giuseppe.fioccola@telecomitalia.it>
To: Taylor Yu <tlyu@mit.edu>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-ippm-alt-mark.all@ietf.org" <draft-ietf-ippm-alt-mark.all@ietf.org>
Thread-Topic: secdir review of draft-ietf-ippm-alt-mark-13
Thread-Index: AQHTTfzDqwPRXUR6aE6ZHyCQVGUiw6L11+CA
Date: Thu, 26 Oct 2017 09:14:13 +0000
Message-ID: <391beb71155048f3b8168c2c1fb5c8bd@TELMBXB02RM001.telecomitalia.local>
References: <ldvtvym4r03.fsf@ubuntu-1gb-nyc1-01.localdomain>
In-Reply-To: <ldvtvym4r03.fsf@ubuntu-1gb-nyc1-01.localdomain>
Accept-Language: it-IT, en-US
Content-Language: it-IT
Content-Type: text/plain; charset="iso-8859-1"
content-transfer-encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/dYwXHZ__a4o9qPA8LXEfHj0URg4>
Subject: [secdir] R: secdir review of draft-ietf-ippm-alt-mark-13
Precedence: list

Hi Taylor,
I appreciate your good opinion of the document and I agree with your notes.

Thanks,

Giuseppe

-----Messaggio originale-----
Da: Taylor Yu [mailto:tlyu@mit.edu]
Inviato: giovedì 26 ottobre 2017 03:50
A: iesg@ietf.org; secdir@ietf.org; draft-ietf-ippm-alt-mark.all@ietf.org
Oggetto: secdir review of draft-ietf-ippm-alt-mark-13

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

The summary of the review is Ready.

The Security Considerations section seems reasonable. I mostly agree that

"The privacy concerns of network measurement are limited because the
method only relies on information contained in the IP header without
any release of user data."

I would add that although information in the IP header is metadata that can be used to compromise the privacy of users, the limited marking technique in this document seems unlikely to substantially increase the existing privacy risks from IP header metadata. I also think it's reasonable to consider this detail to be already addressed by the wording "privacy concerns... are limited".

It might be theoretically possible to modulate the marking to serve as a covert channel, but I think it would have a very low data rate if it is to avoid adversely affecting the measurement systems that monitor the marking. It's probably not worth mentioning this possibility in the document.

Best regards,

-Taylor

Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie.

This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks.

Rispetta l'ambiente. Non stampare questa mail se non è necessario.

[secdir] secdir review of draft-ietf-ippm-alt-mar… Taylor Yu
[secdir] R: secdir review of draft-ietf-ippm-alt-… Fioccola Giuseppe