Hi Stephen, > On Feb 15, 2017, at 8:27 PM, Stephen Farrell <[email protected]> > wrote: > > Stephen Farrell has entered the following ballot position for > draft-ietf-dmm-4283mnids-04: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dmm-4283mnids/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > > I don't consider that merely mentioning that there are some > privacy issues (maybe) is nearly sufficient here. Instead I > would argue that any of these identifier types that could have > privacy implications need to be specifically justified or else > dropped. By specifically justified, I mean that there ought be > an argument (and a fairly holistic one) that the Internet is > better, and not worse, if we define a codepoint that allows > MIPv6 (and later, other protocols) to use that identifier. I > do accept that my position is perhaps innovative, in terms of > IETF processes, so I'll split the discuss into two parts, one > process oriented and mostly for the IESG, and the second > relating to the content of the draft. > > (1) For the IESG: is it ok that we introduce (codepoints for) > a slew of new long-term stable privacy-sensitive identifiers > just because they might someday be needed, or do we need to > have specific justification for defining such things? I would > argue the latter, but that may need us to validate that there > is IETF consensus for that somehow, and perhaps in the > meantime hold on to this draft. Part of my reasoning is that > once we define such codepoints (e.g. for IMSIs) then that > inevitably means that other protocols, and not just MIPv6, > will do the same eventually, so accepting this draft basically > means accepting that we end up commonly and perhaps > carelessly, passing such highly-sensitive information about on > the Internet in many protocols and in many contexts. My > argument here I think does adhere to various of our BCPs that > do argue for security and privacy, but I do also accept that > this may be novel and to some extent goes against another of > our generally accepted ideas which is that we benefit from > folks documenting things even if those things are sub-optimal > in various ways. So I'd argue this is a real case for an IESG > discussion - I know what I think, but what do the rest of you > think?
Yes. I think it is worth having that discussion given that few more ADs have expressed concerns similar to yours. On the flip side, I think at least few of these identifiers are already conveyed using other layers in some of the SDO networks. Regards Suresh
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
