Hi Suresh, sounds all good! I’m happy to quickly resolve my discuss if the authors agree!
Mirja > Am 11.02.2017 um 05:05 schrieb Suresh Krishnan <[email protected]>: > > HI Mirja, > >> On Feb 10, 2017, at 12:08 PM, Mirja Kuehlewind <[email protected]> wrote: >> >> Mirja Kühlewind has entered the following ballot position for >> draft-ietf-dmm-4283mnids-04: Discuss >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-dmm-4283mnids/ >> >> >> >> ---------------------------------------------------------------------- >> DISCUSS: >> ---------------------------------------------------------------------- >> >> I would realy like to see the following changes in the security >> considerations section: >> OLD >> "If used in the MNID extension as defined in this >> document, the packet including the MNID extension should be >> encrypted >> so that personal information or trackable identifiers would not be >> inadvertently disclosed to passive observers." >> NEW >> "If used in the MNID extension as defined in this >> document, the packet including the MNID extension SHOULD be >> encrypted >> so that personal information or trackable identifiers would not be >> inadvertently disclosed to passive observers.” > > Is this just for changing the "should" to upper case? I think that makes > sense. > >> Or even better make it a MUST? Is there a reason for only having a >> SHOULD? > > Authors, any specific reason for this to be a SHOULD? > >> >> as well as the following change: >> OLD >> "Moreover, MNIDs containing sensitive identifiers might only be used >> for signaling during initial network entry. " >> NEW >> "Moreover, MNIDs containing sensitive identifiers MUST only be used >> for signaling during initial network entry and MUST NOT be leaked to >> other networks.” > > The statement in OLD: is just a statement of fact that in some networks use > temporary identifiers for reattachment and they use long term (and hence > sensitive) identifiers only at initial attach. I don’t think it makes sense > to change this to 2119 language. > > Thanks > Suresh > _______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
