Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)
"Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Wed, 16 March 2016 03:15 UTC
Return-Path: <rmohanr@cisco.com>
X-Original-To: siprec@ietfa.amsl.com
Delivered-To: siprec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB47312DE71; Tue, 15 Mar 2016 20:15:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_HTML_ATTACH=0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NExZ59ZBdOEE; Tue, 15 Mar 2016 20:15:13 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12E6012DF19; Tue, 15 Mar 2016 20:15:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=464114; q=dns/txt; s=iport; t=1458098109; x=1459307709; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=EkacbBjUkRxUZaN5q+SJ50Nbkj8WUz/v4Y7525KHQ98=; b=ifLeJkqFDAa7OPFPVTcalR1dsSBI26VaqfWixYoVIC6YKBBykTiPjYJX wphY2sF5t8NzgxXgcYEN3WBLB0NbDf+l2AUaVBOPJunUCOfjpvFyZPmqC 8/WCw/0Pl96M+ZW3ZeZ8QMvoJV0gEjQZ5X+MwLGckyQTxZ0IPtuBCEMwF 0=;
X-Files: Diff_ draft-ietf-siprec-metadata-20.txt - draft-ietf-siprec-metadata-21.txt.html, draft-ietf-siprec-metadata-21.txt : 268201, 65895
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CfBAA2z+hW/4ENJK3KHAICAQI
X-IronPort-AV: E=Sophos;i="5.24,342,1454976000"; d="txt'?html'217?scan'217,208,217";a="249971813"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 16 Mar 2016 03:15:07 +0000
Received: from XCH-RTP-019.cisco.com (xch-rtp-019.cisco.com [64.101.220.159]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id u2G3F7g6029158 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 16 Mar 2016 03:15:07 GMT
Received: from xch-rtp-017.cisco.com (64.101.220.157) by XCH-RTP-019.cisco.com (64.101.220.159) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Tue, 15 Mar 2016 23:15:06 -0400
Received: from xch-rtp-017.cisco.com ([64.101.220.157]) by XCH-RTP-017.cisco.com ([64.101.220.157]) with mapi id 15.00.1104.009; Tue, 15 Mar 2016 23:15:05 -0400
From: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>
To: Ben Campbell <ben@nostrum.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "siprec@ietf.org" <siprec@ietf.org>
Thread-Topic: Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)
Thread-Index: AQHRfzIJ3IOga8d/wkWo2w93L8SOhw==
Date: Wed, 16 Mar 2016 03:15:05 +0000
Message-ID: <D30ECEB4.54AFA%rmohanr@cisco.com>
References: <20160302002515.30664.79446.idtracker@ietfa.amsl.com> <D2FD1094.53195%rmohanr@cisco.com> <2025D20B-7234-4CE3-9E34-E3C0AAFAD5BC@nostrum.com> <D306EF2B.53FCA%rmohanr@cisco.com> <D0FA9505-C980-427F-9ECC-EB72CCF911DA@nostrum.com> <D30E0649.54969%rmohanr@cisco.com> <A00B8D51-2512-404B-A980-D5BE238A9216@nostrum.com>
In-Reply-To: <A00B8D51-2512-404B-A980-D5BE238A9216@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.1.160122
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.196.69.85]
Content-Type: multipart/mixed; boundary="_003_D30ECEB454AFArmohanrciscocom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/siprec/pnJdM3ct4hrLrnfK9iQ21gPSx3M>
Cc: "draft-ietf-siprec-metadata@ietf.org" <draft-ietf-siprec-metadata@ietf.org>, The IESG <iesg@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org>
Subject: Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/siprec/>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 03:15:23 -0000
Hi All, Please find the diffs attached. This addresses Stephen¹s and Ben¹s IESG comments. Please check and let me know if this is fine. I will publish the revision by end of this week. Regards, Ram -----Original Message----- From: Ben Campbell <ben@nostrum.com> Date: Tuesday, 15 March 2016 at 7:52 PM To: Cisco Employee <rmohanr@cisco.com> Cc: "draft-ietf-siprec-metadata@ietf.org" <draft-ietf-siprec-metadata@ietf.org>, "siprec@ietf.org" <siprec@ietf.org>, Brian Rosen <br@brianrosen.net>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org> Subject: Re: Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT) >Hi Ram, > >It all looks good to me. > >Thanks! > >Ben. > >On 15 Mar 2016, at 8:00, Ram Mohan R (rmohanr) wrote: > >> Hi Ben, >> >> Thanks for review. See inline. Removed those that does not need any >> response (which you have accepted). Will send diffs to WG and reviewers >> soon with all the comments incorporated. >> >> -----Original Message----- >> From: Ben Campbell <ben@nostrum.com> >> Date: Tuesday, 15 March 2016 at 12:36 AM >> To: Cisco Employee <rmohanr@cisco.com> >> Cc: "draft-ietf-siprec-metadata@ietf.org" >> <draft-ietf-siprec-metadata@ietf.org>, "siprec@ietf.org" >> <siprec@ietf.org>, Brian Rosen <br@brianrosen.net>, The IESG >> <iesg@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org> >> Subject: Re: Ben Campbell's No Objection on >>draft-ietf-siprec-metadata-20: >> (with COMMENT) >> >>> >>>>> >>>>> Now that you've added the reference, you may not need the normative >>>>> language here. Is the RECOMMENDED something new beyond what is >>>>> already >>>>> required in siprec-protocol? (I am pretty sure the MUST is already >>>>> covered there.) >>>> >>>> Right. I have fixed this after discussion with Stephen. New text for >>>> para >>>> 1 in Security Consideration is: >>>> Para 2 is removed. >>>> >>>> NEW: >>>> This document describes an extensive set of metadata that may be >>>> recorded >>>> by the SRS. Most of the >>>> metadata could be considered private data. The procedures mentioned >>>> in >>>> security consideration >>>> section of <xref target="I-D.ietf-siprec-protocol"/> MUST be >>>> implemented >>>> by SRC and SRS for >>>> mutual authentication and to protect the content of the metadata in >>>> the >>>> RS. >>>> >>>> Some implementations may have the SRC choose parts of metadata that >>>> can be >>>> sent to the SRS. >>>> In other cases, SRCs may send metadata that is not appropriate for the >>>> SRS >>>> to record. Which >>>> metadata is actually recorded by the SRS must be carefully considered >>>> to >>>> balance privacy >>>> concerns with usability. Implementations MUST control what metadata is >>>> recorded, and MUST NOT >>>> save metadata sent by the SRC that does not conform to the recording >>>> policy of the SRS. >>>> Metadata in storage needs to be provided with a level of security that >>>> is >>>> comparable to that >>>> of the recording session. >>> >>> Perhaps s/"control what metadata is recorded"/"limit what metadata is >>> recorded" ? >> >> I see that Paul and you have discussed in the other thread and came up >> with text for this part. I will use that text here. >> >> NEW: (Taken from your mail with Paul) >> >> "An SRC MAY, by policy, choose to limit the parts of the metadata sent >> to the SRS for recording. And the policy of the SRS might not require >> all the metadata it receives. For the sake of data minimization, the SRS >> MUST NOT record additional metadata that is not explicitly required by >> local policy. Metadata in storage needs to be provided with a level of >> security that is comparable to that of the recording session." >> >> >> >> >>> >>>> >>>>> >>>>>> >>>>>>> >>>>>>> - 13.2: I think RFCs 3325 and 3326 need to be normative references. >>>>>>> That's an issue for 3325, but section 6.5.1 normatively states that >>>>>>> P-AID >>>>>>> is a potential source for nameID. (which should probably be scoped >>>>>>> to >>>>>>> only be true for deployments where P-AID makes sense.) >>>>>> >>>>>> Fine. We can make reference to 3325 and 3326 normative. >>>>> >>>>> On reflection, I think I've changed my mind on suggesting 3325 be >>>>> normative. In the description of the nameID attribute, it would be >>>>> better to say that nameID is the AoR of the participant, and then >>>>> non-normatively mention examples of where that might come from >>>>> (including P-AID as one of those examples.) >>>> >>>> WFM. I will modify the text to make it non-normative. >>>> >>>> NEW: >>>> The AoR is drawn from From header or P-Asserted-Identity header or >>>> Remote-Party-ID header. >>> >>> I suggest going a little further, such as "... For example, the AoR may >>> be drawn from the From header field or P-Asserted-Identity header >>> field." (eliding RPID as mentioned earlier) >> >> WFM. Will add the suggested text. >> >>> >>>> >>>>> >>>>> And now that I look at that paragraph again, I wonder if an >>>>> RFC4424/4424bis identity assertion should be listed as an example >>>>> source? >>>> >>>> I am fine with adding RFC4424 Identity assertion header as one source >>>> for >>>> nameID. >>> >>> On reflection, the actual AoR would still come from From, etc, even >>>with >>> 4474/4474bis. So the mention is probably not needed. >> >> Ok. Will not add this. >> >> I will send out diffs with all the comments incorporated soon. >> >> Regards, >> Ram >>> >>>> >>>> Ram >>>> >>>>> >>>>> [...]
- [siprec] Ben Campbell's No Objection on draft-iet… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Paul Kyzivat
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Paul Kyzivat
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Paul Kyzivat
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Paul Kyzivat
- Re: [siprec] Ben Campbell's No Objection on draft… Paul Kyzivat
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)
- Re: [siprec] Ben Campbell's No Objection on draft… Ben Campbell
- Re: [siprec] Ben Campbell's No Objection on draft… Ram Mohan R (rmohanr)