IETF Logo Mail Archive

Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)

"Ben Campbell" <ben@nostrum.com> Mon, 14 March 2016 19:16 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: siprec@ietfa.amsl.com
Delivered-To: siprec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9693512D722; Mon, 14 Mar 2016 12:16:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w2q_Ps8Jx0za; Mon, 14 Mar 2016 12:16:12 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D5B412D736; Mon, 14 Mar 2016 12:16:12 -0700 (PDT)
Received: from [10.0.1.10] (cpe-70-119-203-4.tx.res.rr.com [70.119.203.4]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id u2EJG7nr066976 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 14 Mar 2016 14:16:07 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-119-203-4.tx.res.rr.com [70.119.203.4] claimed to be [10.0.1.10]
From: Ben Campbell <ben@nostrum.com>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
Date: Mon, 14 Mar 2016 14:16:06 -0500
Message-ID: <B522500D-4822-480D-871A-D734AE1F38D9@nostrum.com>
In-Reply-To: <56E10422.2070301@alum.mit.edu>
References: <20160302002515.30664.79446.idtracker@ietfa.amsl.com> <D2FD1094.53195%rmohanr@cisco.com> <2025D20B-7234-4CE3-9E34-E3C0AAFAD5BC@nostrum.com> <D306EF2B.53FCA%rmohanr@cisco.com> <56E10422.2070301@alum.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.4r5232)
Archived-At: <http://mailarchive.ietf.org/arch/msg/siprec/t04F4owH8g62LheVFeQueTH17-Q>
Cc: "draft-ietf-siprec-metadata@ietf.org" <draft-ietf-siprec-metadata@ietf.org>, "siprec@ietf.org" <siprec@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org>
Subject: Re: [siprec] Ben Campbell's No Objection on draft-ietf-siprec-metadata-20: (with COMMENT)
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/siprec/>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Mar 2016 19:16:13 -0000

On 9 Mar 2016, at 23:20, Paul Kyzivat wrote:

> Some implementations may have the SRC choose parts of metadata that 
> can be
>> sent to the SRS.
>> In other cases, SRCs may send metadata that is not appropriate for 
>> the SRS
>> to record. Which
>>   metadata is actually recorded by the SRS must be carefully 
>> considered to
>> balance privacy
>> concerns with usability. Implementations MUST control what metadata 
>> is
>> recorded, and MUST NOT
>>   save metadata sent by the SRC that does not conform to the 
>> recording
>> policy of the SRS.
>> Metadata in storage needs to be provided with a level of security 
>> that is
>> comparable to that
>> of the recording session.
>
>
> How about:
>
> An SRC MAY, by policy, choose to limit the parts of the metadata sent 
> to
> the SRS for recording. And the SRS MAY not need all the metadata it
> receives or choose, by policy, to limit the metadata it records.
> Metadata in storage needs to be provided with a level of security that
> is comparable to that of the recording session.


I think that helps, but might need a couple of tweaks:

- The 2nd MAY seems more a statement of fact.

- I think the concept that the SRS MUST NOT record unneeded metatdata 
came from the discussion with Stephen, so I am hesitant to suggest 
removing the 2119 language. How about something like:

"An SRC MAY, by policy, choose to limit the parts of the metadata sent 
to the SRS for recording. And the policy of the SRS might not require 
all the metadata it receives. For the sake of data minimization, the SRS 
MUST not record additional metadata that is not explicitly required by 
local policy. Metadata in storage needs to be provided with a level of 
security that is comparable to that of the recording session."

(But on the other hand, if Stephen has already agreed to the previous 
language, then I would hesitate to change it more than necessary.)

Ben.

v2.23.0 | Report a Bug | By Email