Hello Mirja and Suresh,
I am happy to make the proposed changes as agreed below.
Regards,
Charlie P.
On 2/11/2017 1:00 AM, Mirja Kuehlewind (IETF) wrote:
Hi Suresh,
sounds all good! I’m happy to quickly resolve my discuss if the authors agree!
Mirja
Am 11.02.2017 um 05:05 schrieb Suresh Krishnan <[email protected]>:
HI Mirja,
On Feb 10, 2017, at 12:08 PM, Mirja Kuehlewind <[email protected]> wrote:
Mirja Kühlewind has entered the following ballot position for
draft-ietf-dmm-4283mnids-04: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dmm-4283mnids/
----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------
I would realy like to see the following changes in the security
considerations section:
OLD
"If used in the MNID extension as defined in this
document, the packet including the MNID extension should be
encrypted
so that personal information or trackable identifiers would not be
inadvertently disclosed to passive observers."
NEW
"If used in the MNID extension as defined in this
document, the packet including the MNID extension SHOULD be
encrypted
so that personal information or trackable identifiers would not be
inadvertently disclosed to passive observers.”
Is this just for changing the "should" to upper case? I think that makes sense.
Or even better make it a MUST? Is there a reason for only having a
SHOULD?
Authors, any specific reason for this to be a SHOULD?
as well as the following change:
OLD
"Moreover, MNIDs containing sensitive identifiers might only be used
for signaling during initial network entry. "
NEW
"Moreover, MNIDs containing sensitive identifiers MUST only be used
for signaling during initial network entry and MUST NOT be leaked to
other networks.”
The statement in OLD: is just a statement of fact that in some networks use
temporary identifiers for reattachment and they use long term (and hence
sensitive) identifiers only at initial attach. I don’t think it makes sense to
change this to 2119 language.
Thanks
Suresh
_______________________________________________
dmm mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmm
