HI Mirja, > On Feb 10, 2017, at 12:08 PM, Mirja Kuehlewind <[email protected]> wrote: > > Mirja Kühlewind has entered the following ballot position for > draft-ietf-dmm-4283mnids-04: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dmm-4283mnids/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > I would realy like to see the following changes in the security > considerations section: > OLD > "If used in the MNID extension as defined in this > document, the packet including the MNID extension should be > encrypted > so that personal information or trackable identifiers would not be > inadvertently disclosed to passive observers." > NEW > "If used in the MNID extension as defined in this > document, the packet including the MNID extension SHOULD be > encrypted > so that personal information or trackable identifiers would not be > inadvertently disclosed to passive observers.”
Is this just for changing the "should" to upper case? I think that makes sense. > Or even better make it a MUST? Is there a reason for only having a > SHOULD? Authors, any specific reason for this to be a SHOULD? > > as well as the following change: > OLD > "Moreover, MNIDs containing sensitive identifiers might only be used > for signaling during initial network entry. " > NEW > "Moreover, MNIDs containing sensitive identifiers MUST only be used > for signaling during initial network entry and MUST NOT be leaked to > other networks.” The statement in OLD: is just a statement of fact that in some networks use temporary identifiers for reattachment and they use long term (and hence sensitive) identifiers only at initial attach. I don’t think it makes sense to change this to 2119 language. Thanks Suresh
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
