Re: [secdir] Review of draft-ietf-xcon-common-data-model-27.txt

Oscar Novo <oscar.novo@ericsson.com> Fri, 27 May 2011 12:46 UTC

Return-Path: <oscar.novo@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D86F6E07C9; Fri, 27 May 2011 05:46:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.549
X-Spam-Level:
X-Spam-Status: No, score=-6.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3lOHcmr18ina; Fri, 27 May 2011 05:46:50 -0700 (PDT)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by ietfa.amsl.com (Postfix) with ESMTP id A689BE0786; Fri, 27 May 2011 05:46:49 -0700 (PDT)
X-AuditID: c1b4fb39-b7bfdae000005125-ff-4ddf9d389723
Received: from esessmw0197.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id F1.69.20773.83D9FDD4; Fri, 27 May 2011 14:46:48 +0200 (CEST)
Received: from ESESSCMS0355.eemea.ericsson.se ([169.254.1.151]) by esessmw0197.eemea.ericsson.se ([153.88.115.87]) with mapi; Fri, 27 May 2011 14:46:48 +0200
From: Oscar Novo <oscar.novo@ericsson.com>
To: Tero Kivinen <kivinen@iki.fi>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Date: Fri, 27 May 2011 14:46:47 +0200
Thread-Topic: Review of draft-ietf-xcon-common-data-model-27.txt
Thread-Index: AcwcZtxeUrDOGf+5SyWl2w+gF7dnXAABEzpQ
Message-ID: <58E207308662A748A4AC1ECB4E8856140815CDED51@ESESSCMS0355.eemea.ericsson.se>
References: <19935.37953.301024.987227@fireball.kivinen.iki.fi>
In-Reply-To: <19935.37953.301024.987227@fireball.kivinen.iki.fi>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
X-Mailman-Approved-At: Fri, 27 May 2011 06:34:01 -0700
Cc: "draft-ietf-xcon-common-data-model.all@tools.ietf.org" <draft-ietf-xcon-common-data-model.all@tools.ietf.org>
Subject: Re: [secdir] Review of draft-ietf-xcon-common-data-model-27.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2011 12:46:51 -0000

Hi Tero,

Comment inline: 

-----Original Message-----
From: Tero Kivinen [mailto:kivinen@iki.fi] 
Sent: 27. toukokuuta 2011 15:09
To: iesg@ietf.org; secdir@ietf.org
Cc: draft-ietf-xcon-common-data-model.all@tools.ietf.org
Subject: Review of draft-ietf-xcon-common-data-model-27.txt

This is re-review of the draft I already reviewed at 2011-03-03. The current draft contains some small changes done since, but I do not think it solves the issues I raised in my previous review:

1) The confidentiality is not mandatory even in the cases where the
   database contains sensitive elements (passwords), it is only
   SHOULD.

[ON] In the new version of the draft (28) I have changes the text a bit:

   "The confidentiality of the database SHOULD be protected from
   unauthorized users, given that the data model contains a set of
   sensitive elements (e.g., passwords), and it is RECOMMENDED the
   database uses encryption mechanisms if the information is stored in
   long term storage (e.g., disk)." 


2) The privacy issues is not covered enough. The current version added
   specific pointer to the section 11.2 of RFC5239, but that only
   covers one very small privacy issue, i.e. anonymous access. It does
   not cover gathering sensitive privacy information in the database,
   i.e. who participated which conferences and with whom.

[ON] We don't think this document should solve questions as "who participated which conferences and with whom?". And in the working group was agree to leave the policy outside this document for future documents. 

My previous review can be found in
http://www.ietf.org/mail-archive/web/secdir/current/msg02482.html
--
kivinen@iki.fi