Hiya, Just on that one point (the rest seems fine):
On 17/03/16 13:00, Susan Hares wrote: >>> - If i2rs were used to control home networks, then that would >>> raise more privacy issues, e.g. the agent's IP address can be >>> privacy sensitive. Would it be useful to rule that out of >> scope? E.g. to say that i2rs SHOULD NOT be used where the >> agent/router in question >>> is specific to one person or home? > Sue: I'm really not sure what you are getting at. Data in routers > is privacy sensitive. Data between I2RS Agent and I2RS client will be > encrypted except in very, very rare circumstances where is defined to > be public data in the data model. SECDIR, OPSDIR, RTGWG, > Transport-directorate will be asked to review any IETF data model > that claims this is the case to validate it is appropriate. So... I > think we are going beyond what people use for home networks. Let's assume all client/agent stuff is wonderfully protected e.g. via TLS. Normally, the fact that a client at IP1 is managing an agent at IP2, which is still visible despite the TLS, is not much of a deal. Nor is it a deal when that happens, e.g. in reaction to some other event, perhaps even one triggered by an attacker. But if the agent is my home g/w, then the sensitivity level goes up I think, or at least it can. The reason is that the agent's address (IP2) is tied to me. If the agent was on my phone (e.g. for tethering) then it'd be even more of a deal perhaps, as I carry it with me. If i2rs just isn't intended for such use-cases, it may be worth saying that was all I meant. Cheers, S. >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
