IETF Logo Mail Archive

Re: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt

Brian Rosen <br@brianrosen.net> Thu, 26 October 2017 13:47 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE1F413F589 for <sipcore@ietfa.amsl.com>; Thu, 26 Oct 2017 06:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=brianrosen-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ihxKRqrRdGX for <sipcore@ietfa.amsl.com>; Thu, 26 Oct 2017 06:47:42 -0700 (PDT)
Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D882313F4A9 for <sipcore@ietf.org>; Thu, 26 Oct 2017 06:47:41 -0700 (PDT)
Received: by mail-io0-x22f.google.com with SMTP id h70so5484929ioi.4 for <sipcore@ietf.org>; Thu, 26 Oct 2017 06:47:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brianrosen-net.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=zI8jP6fJOA0frMt9D/rBm+Llops93/8bs40p29IsL9Q=; b=sdzwnJgz1hnNd2qF3/Ipl1QoSPws1hfFO+5iYWW168iULWFcFVdlRiNPiet1s/u5ha nmL8ZFrGRccKvn6kY/ZPXqCZSvOd3WfzUgto7T6xKA7Uh8nNzpOOJLuxysddZOzzmKhW l4kV/BLBh0ahQdOR6GxIxUAnkMfcoaLo+NKhMHfKGpLRe0ifvCEyVg9pW9655IO5PuoQ UcruBnFKZQMfLGUIaItSMlEatylVU8Q0BFjHBwbyzEwJSMd3Bc5vx0oj+uA7O3ocerjW KeNDn3fTMDnSmf7XcbctOftv50BTbqJ4/GF1cuWAVkgUDfEdJaIfaabyRaakUHBI9sa9 aN/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=zI8jP6fJOA0frMt9D/rBm+Llops93/8bs40p29IsL9Q=; b=J6oMRwKM9tvmfJi9AGoFLVUS5jBIPkzD+vp48bCREqrMEUz6geSh8myYNRDpDXTrv6 CyhkewJXuRQuH5JA2rAXmrEEUdvuVsRBJvzRU8oN4G4US+XwJmze+wdTqCjzdyCbTaWR I+61SmguSL/N3MqxhyzEo++Xnlvo8T0SRRGsVCtBqV6SmSMc+uQsD3OYW69Rk3nIXkbM u7dGXEyE+1vMm6N7L8Thcs7B+oeGUbN5VI4u5baE5OqGvecL6Zk5rCzK7puX4gpEq0sg AM2TuTWygzQ/MDf1wXw3RdLZFIPlT9PnJ5Bh1q7QwhOi2WMHhfde00n/3EMNSPAKzhm0 F4Jg==
X-Gm-Message-State: AMCzsaXIGgHb7dHgXu2NDeOsyiuIvXi3WsZxG/oYJG8VtLGf7mpy2yDy Y2XOwMV1XwaaBHEk7CPQtrw9ag==
X-Google-Smtp-Source: ABhQp+S7w1LZUyKQea5Nao32eo0T7pFIWg6Ru7bSUX8NXzwQZipiN0nZs3rz2TNnPyq9g2dk3pgbhw==
X-Received: by 10.107.102.14 with SMTP id a14mr31728148ioc.60.1509025661068; Thu, 26 Oct 2017 06:47:41 -0700 (PDT)
Received: from [10.33.193.2] (neustar-sthide-nat1.neustar.biz. [156.154.81.54]) by smtp.gmail.com with ESMTPSA id 137sm737696itb.42.2017.10.26.06.47.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 26 Oct 2017 06:47:39 -0700 (PDT)
From: Brian Rosen <br@brianrosen.net>
Message-Id: <D0F63B99-D737-4BFB-8A10-9A22C64271BD@brianrosen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1CBED8BC-FF53-46B9-B478-527FE3EEAAA9"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 26 Oct 2017 09:47:38 -0400
In-Reply-To: <DFB35273-B79C-4C49-A6E2-880281F870FD@edvina.net>
Cc: "sipcore@ietf.org" <sipcore@ietf.org>, bruno.chatras@orange.com, "Jesske, Roland" <R.Jesske@telekom.de>
To: Olle E Johansson <oej@edvina.net>
References: <150838463846.18684.496033948454208375.idtracker@ietfa.amsl.com> <LEXPR01MB04947E3E8BCB0A5594DC7B13F9470@LEXPR01MB0494.DEUPRD01.PROD.OUTLOOK.DE> <29299_1509013511_59F1B807_29299_392_1_88CAD1D4E8773F42858B58CAA28272A02AF91BFE@OPEXCLILM23.corporate.adroot.infra.ftgroup> <0FA1051A-D2A5-4273-8AF3-B1C9E6543361@brianrosen.net> <728862D5-566F-4A2F-80E6-99F623046F36@edvina.net> <DFB35273-B79C-4C49-A6E2-880281F870FD@edvina.net>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/4ii39ZVIAAGGQnU91Fy6fsdeFQE>
Subject: Re: [sipcore] New Version Notification for draft-winterbottom-sipcore-locparam-02.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 13:47:44 -0000

Thanks for noticing this.  Any way we could convince you to draft a paragraph that could be included with this document that will do that update to security for 6442?

Brian

> On Oct 26, 2017, at 9:14 AM, Olle E. Johansson <oej@edvina.net> wrote:
> 
> Went back to the RFC you are updating. The security considerations there are very much out of date with
> current IETF practise in my opinion. If you update 6442, the security section would benefit from an update.
> 
> Referring to S/MIME (not really implemented much) and SIPS: (which is totally out-of-date) is not acceptable
> any more. 
> 
> /O
> 
>> On 26 Oct 2017, at 15:09, Olle E. Johansson <oej@edvina.net <mailto:oej@edvina.net>> wrote:
>> 
>> Some quick comments to version -02:
>> 
>> in section 4, you refer to “other-loc-src” as a token. That’s not clearly specified. WIll there be a registry for “tokens”?
>> I am afraid that this is an opening for private tokens that hinders interoperability.
>> 
>> In “Privacy considerations” - should you not discuss what happens with my privacy if an entity in the network,
>> but not my phone, adds a location?
>> 
>> In “security considerations” there’s a discussion about a “trusted network” - but that is not defined. What is
>> a trusted network? There’s no mention on how to apply trust, privacy, confidentiality.
>> 
>> There is a typo as well: "when passed to an other domain.”  
>> s/an other/another/
>> 
>> Cheers,
>> /O
>> _______________________________________________
>> sipcore mailing list
>> sipcore@ietf.org <mailto:sipcore@ietf.org>
>> https://www.ietf.org/mailman/listinfo/sipcore
>

v2.23.0 | Report a Bug | By Email