IETF Logo Mail Archive

Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)

Paul Kyzivat <pkyzivat@alum.mit.edu> Mon, 14 March 2016 22:19 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: siprec@ietfa.amsl.com
Delivered-To: siprec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC54112D7AD for <siprec@ietfa.amsl.com>; Mon, 14 Mar 2016 15:19:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.935
X-Spam-Level:
X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xebd4KzaSXcv for <siprec@ietfa.amsl.com>; Mon, 14 Mar 2016 15:19:16 -0700 (PDT)
Received: from resqmta-ch2-11v.sys.comcast.net (resqmta-ch2-11v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:43]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56B3F12D769 for <siprec@ietf.org>; Mon, 14 Mar 2016 15:19:16 -0700 (PDT)
Received: from resomta-ch2-04v.sys.comcast.net ([69.252.207.100]) by resqmta-ch2-11v.sys.comcast.net with comcast id VyJn1s00A2AWL2D01yKF3i; Mon, 14 Mar 2016 22:19:15 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([73.218.51.154]) by resomta-ch2-04v.sys.comcast.net with comcast id VyKE1s0043KdFy101yKER9; Mon, 14 Mar 2016 22:19:15 +0000
To: Ben Campbell <ben@nostrum.com>
References: <20160302002515.30664.79446.idtracker@ietfa.amsl.com> <D2FD1094.53195%rmohanr@cisco.com> <2025D20B-7234-4CE3-9E34-E3C0AAFAD5BC@nostrum.com> <D306EF2B.53FCA%rmohanr@cisco.com> <56E10422.2070301@alum.mit.edu> <B522500D-4822-480D-871A-D734AE1F38D9@nostrum.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <56E738E1.80503@alum.mit.edu>
Date: Mon, 14 Mar 2016 18:19:13 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <B522500D-4822-480D-871A-D734AE1F38D9@nostrum.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1457993955; bh=lWW0HsMRHTxBmUICPlKMMPRcySXwu+8tnwzPbxqH/Gc=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=t1xmBS4oU+VYTBysRQvyYAuKSTNwJ9HQJSQ63TtB4y2jUU5wwW2c7J8k6ndq73e/4 DsDONtjsSarRw7x+kTd7RTFE9cqjGxNglI6C6z3L0DrQm17Ppmo4Rlq4KA6ACKHYcb 98DVhZ3va08QEsfdcfzZKOn5WmDC6TfnvCnee628BL4SPlTKT02Ab7RzvHZuZmRme1 12zjnjgm/0+jEvRbCjHWM6ktDMrs7BvlA8MqozL3G/3wfUnniIhgC8XlS5+MCm9h96 JjbyfLP/enxIZ1ykwnUjvFvqywHV8E6qDggtu8a9b4odDcluFQzF9VnNtjx3tC/V58 IfIyip/izg+bg==
Archived-At: <http://mailarchive.ietf.org/arch/msg/siprec/H2h0s_1PG230c9EQKYqo26TdLRk>
Cc: "draft-ietf-siprec-metadata@ietf.org" <draft-ietf-siprec-metadata@ietf.org>, "siprec@ietf.org" <siprec@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org>
Subject: Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/siprec/>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Mar 2016 22:19:18 -0000

The below seems good to me.

	Thanks,
	Paul

On 3/14/16 3:16 PM, Ben Campbell wrote:
> On 9 Mar 2016, at 23:20, Paul Kyzivat wrote:
>
>> Some implementations may have the SRC choose parts of metadata that
>> can be
>>> sent to the SRS.
>>> In other cases, SRCs may send metadata that is not appropriate for
>>> the SRS
>>> to record. Which
>>>   metadata is actually recorded by the SRS must be carefully
>>> considered to
>>> balance privacy
>>> concerns with usability. Implementations MUST control what metadata is
>>> recorded, and MUST NOT
>>>   save metadata sent by the SRC that does not conform to the recording
>>> policy of the SRS.
>>> Metadata in storage needs to be provided with a level of security
>>> that is
>>> comparable to that
>>> of the recording session.
>>
>>
>> How about:
>>
>> An SRC MAY, by policy, choose to limit the parts of the metadata sent to
>> the SRS for recording. And the SRS MAY not need all the metadata it
>> receives or choose, by policy, to limit the metadata it records.
>> Metadata in storage needs to be provided with a level of security that
>> is comparable to that of the recording session.
>
>
> I think that helps, but might need a couple of tweaks:
>
> - The 2nd MAY seems more a statement of fact.
>
> - I think the concept that the SRS MUST NOT record unneeded metatdata
> came from the discussion with Stephen, so I am hesitant to suggest
> removing the 2119 language. How about something like:
>
> "An SRC MAY, by policy, choose to limit the parts of the metadata sent
> to the SRS for recording. And the policy of the SRS might not require
> all the metadata it receives. For the sake of data minimization, the SRS
> MUST not record additional metadata that is not explicitly required by
> local policy. Metadata in storage needs to be provided with a level of
> security that is comparable to that of the recording session."
>
> (But on the other hand, if Stephen has already agreed to the previous
> language, then I would hesitate to change it more than necessary.)
>
> Ben.
>

v2.23.0 | Report a Bug | By Email