Re: [sipcore] AD Evaluation of draft-ietf-sipcore-reason-q850-loc-04
Ben Campbell <ben@nostrum.com> Wed, 30 January 2019 23:02 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1828130DE3; Wed, 30 Jan 2019 15:02:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Level:
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I377ufS_BdVK; Wed, 30 Jan 2019 15:02:41 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 507F0130E25; Wed, 30 Jan 2019 15:02:41 -0800 (PST)
Received: from [10.0.1.29] (cpe-70-122-203-106.tx.res.rr.com [70.122.203.106]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x0UN2Xph039542 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 30 Jan 2019 17:02:39 -0600 (CST) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1548889360; bh=E0QScFOnjxV1ZpLo+z/te0DSD+mfhBjLVCexB8Bmt3U=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=v0OpWYucLav6SPZmvOOnwZcvBUl7RXM1dQOJgLplkxOre1EbfGIq70vm1Fil4c7vj 7YGz1KhwgnChc2RFe+e84o7OHM94zWSb0i60/9bnD+DCXVF2eabdoNoe7tL9k+51wn nN3HY9ul6yNwoDSAOsQM0HHp7fdOL4bt5FHyO4xA=
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-122-203-106.tx.res.rr.com [70.122.203.106] claimed to be [10.0.1.29]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <B25E5FC2-948A-4138-B111-CFA8F13CF1F2@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_CD414C03-A1FC-4654-BDF1-2BC4E889D73C"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Wed, 30 Jan 2019 17:02:31 -0600
In-Reply-To: <39984F53-5EA4-475C-B060-C2E16CF37FB3@nostrum.com>
Cc: sipcore-chairs@ietf.org, sipcore@ietf.org, draft-ietf-sipcore-reason-q850-loc.all@ietf.org
To: "<R.Jesske@telekom.de>" <R.Jesske@telekom.de>
References: <34AC90DD-12D6-4F34-B2A0-A1BB4D66A701@nostrum.com> <FRXPR01MB01355ED302E1EBC466EA8EE9F9D30@FRXPR01MB0135.DEUPRD01.PROD.OUTLOOK.DE> <39984F53-5EA4-475C-B060-C2E16CF37FB3@nostrum.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/ZUHSsdnwFfUUu9JAxcx84sPtUJU>
Subject: Re: [sipcore] AD Evaluation of draft-ietf-sipcore-reason-q850-loc-04
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jan 2019 23:02:43 -0000
Hi Roland, I think this version is ready for IETF Last Call. I will request that shortly. I still have some minor editorial comments below. These can be addressed along with any IETF LC feedback. Thanks! Ben. > On Jan 14, 2019, at 5:29 PM, Ben Campbell <ben@nostrum.com> wrote: > > Signed PGP part > Apologies for the late response. I somehow missed seeing your response until now. Comments inline. I removed sections that seem resolved. > > Please submit a new revision as soon as you are ready. > > Thanks! > > Ben. > >> On Nov 30, 2018, at 4:38 AM, R.Jesske@telekom.de wrote: >> >>> > > [...] > >>> *** Substantive Comments *** >>> >>> §3: “open to be used by any other network” >>> That would really mean “any other network that includes ISUP interworking >>> gateways and uses Q.850 reason codes”, right? >>> >> [RJ] Yes I think it would be worth mentioning that in the draft. […] > >>> >>> §6 and §7: >>> >>> Unfortunately, RFC 3326 contains no privacy considerations at all, so we really >>> can’t say that this doesn’t change them. The expectation for privacy >>> considerations has changed since that RFC was published. I think this >>> document does need to describe any privacy considerations that the >>> combination of a Q.850 reason code and location might have. >> >> [RJ] I would propose to delete then the first sentence. >> Thus the considerations would state: >> While the addition of the location parameter >> does provide an indicator of the entity that added the location in >> the signaling path this provides little more exposure than the >> [Q.850] cause itself. >> >> I could add: >> When applying privacy according to RFC 3323 the location value will not give any hint to the identity originating or terminating party of the call. It shows only the location of the release of the call which maybe the end device itself (location user) or any other network part. >> The location is even not showing from which city or town the call is coming from. >> >> Would this be enough? > > If the call was released by the end device, does that not let people infer information about the original callee, if that device can be associated with the callee? I think we’ve resolved that part, but looking at the new language: "When applying privacy according to [RFC3323] the location value will not give any hint to the identity originating or terminating party of the call. It shows only the location of the release of the call which maybe the end device itself (location user) or any other network part. The location is even not showing from which city or town the call is coming from." I think readers will still get confused by the use of “location” to describe something that’s not a “physical” location. I think it would help in this sentence to clarify that we are talking about “ISUP location”. Also, the is the use of RFC 3323 really relevant? That is, I don’t think the ISUP location reveals the identity one way or another, right? It’s not up to this draft to worry about whether some other part of the SIP message does. Finally, there are some minor grammar issues. I propose the following simplification: “The ISUP location value itself will not reveal the identity of the originating or terminating party of the call. It shows only the ISUP network location of the device that released the call. The ISUP location does not show show the physical location of the caller or callee.” (Nit) §7, new text: I propose the following edit: OLD: "[RFC3398] does an extensive security consideration due to interworking between ISUP and SIP.” NEW: "[RFC3398] describes detailed security consideration due to interworking between ISUP and SIP."
- [sipcore] AD Evaluation of draft-ietf-sipcore-rea… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-ietf-sipcore… R.Jesske
- Re: [sipcore] AD Evaluation of draft-ietf-sipcore… Ben Campbell
- Re: [sipcore] ***CAUTION_Invalid_Signature*** Re:… R.Jesske
- Re: [sipcore] AD Evaluation of draft-ietf-sipcore… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-ietf-sipcore… Ben Campbell
- Re: [sipcore] ***CAUTION_Invalid_Signature*** Re:… R.Jesske