IETF Logo Mail Archive

Re: [urn] Stephen Farrell's Abstain on draft-ietf-urnbis-rfc2141bis-urn-21: (with COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 02 March 2017 08:11 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: urn@ietfa.amsl.com
Delivered-To: urn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DC5B129469; Thu, 2 Mar 2017 00:11:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nk04VjT3cTlr; Thu, 2 Mar 2017 00:11:06 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AA2F12941E; Thu, 2 Mar 2017 00:11:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id A7E13BE80; Thu, 2 Mar 2017 08:11:03 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VOIDbdVJrdzF; Thu, 2 Mar 2017 08:11:02 +0000 (GMT)
Received: from [10.87.48.75] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 19089BE5C; Thu, 2 Mar 2017 08:11:02 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1488442262; bh=ECoJetzd6iYwYA9NjKZ1KucFuHbEFis7jao3B67I3q8=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=Lkyb6yL11dETV6jyM2NFDFK0OPz+TrEbtCLtas/cGUky8Caz3zD1v1/UlrIyMnKdv tE49cTZccXS+rePZoOHFej6sa2qi9PaWvt6h/9ZquEu6lzjEAE5EpYvvJiktWnjAxQ 6pK7cZwxLpELxPzDGVN+J5RnEogHcuNEcvi9laOs=
To: Peter Saint-Andre <stpeter@stpeter.im>, The IESG <iesg@ietf.org>
References: <148832863670.29552.9014381848292739838.idtracker@ietfa.amsl.com> <68d0ad57-9ba0-beb2-2fe4-2f036fce3e93@stpeter.im>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <836b3132-def8-0534-487a-bc78b69ee82c@cs.tcd.ie>
Date: Thu, 02 Mar 2017 08:11:00 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <68d0ad57-9ba0-beb2-2fe4-2f036fce3e93@stpeter.im>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="iunIeXBC18jR75kcuKNHGLqcq3sOwdEFD"
Archived-At: <https://mailarchive.ietf.org/arch/msg/urn/2yfMGvg4-X1hZ0SN_QhphEJ7-_w>
Cc: urn@ietf.org, urnbis-chairs@ietf.org, draft-ietf-urnbis-rfc2141bis-urn@ietf.org, barryleiba@computer.org
Subject: Re: [urn] Stephen Farrell's Abstain on draft-ietf-urnbis-rfc2141bis-urn-21: (with COMMENT)
X-BeenThere: urn@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Revisions to URN RFCs <urn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/urn>, <mailto:urn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/urn/>
List-Post: <mailto:urn@ietf.org>
List-Help: <mailto:urn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/urn>, <mailto:urn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 08:11:08 -0000

Hiya,

On 02/03/17 03:14, Peter Saint-Andre wrote:
> On 2/28/17 5:37 PM, Stephen Farrell wrote:
> 
>> - Section 8 should I think recognise the dangers inherent
>> in long-term stable identifiers helping with
>> (re-)identification of people and/or network entities.
> 
> Perhaps you could clarify what some of your concerns are here, above and
> beyond the use of URIs in general (after all, a URN is a URI). Reading
> between the lines, I imagine you might be worried that URNs within a
> particular URN namespace (e.g., for U.S. Social Security Numbers or the
> like) - once suitably resolved into one or more URLs - might enable an
> attacker to determine a person's physical location (e.g., via IP
> address) or actual identity (e.g., a pseudonym could "resolve" to a real
> name). Are these guesses on the mark?

Yep. Perhaps things like including an IMSI or IMEI (or
values easily correlated with such) in the NSS part is
what it'd useful to call out. I'm not sure if there are
real examples of such in existing URNs but if there were
it'd be a fine thing to note that including such things
imposes (often unmet) requirements for e.g. confidentiality
on protocols and applications that use those URNs. If
may also be useful to say that things like hashing the
privacy sensitive value before inclusion in the URN don't
prevent correlation and can be as "good" for re-identification
as the non-hashed value.

The argument to include text here is that it seems to be
very tempting to include that kind of information for many
folks.

I'm not sure if there's a useful bit of text in RFC6973
at which you could point, but it'd be worth a look.

> 
>> While that is not the "fault" of URNs, I'd say it is worth
>> warning folks who may just possibly think twice before
>> creating new URNs with those failings. (Though I recognise
>> that that may call for a reference to RFC6919;-)
> 
> I'm sure you meant RFC 6920. :-)

Off-by-one error:-)

Cheers,
S.

> 
> Peter
>

v2.23.0 | Report a Bug | By Email