Stephen Farrell has entered the following ballot position for
draft-ietf-lisp-lcaf-17: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


I basically support Alexey's discuss position and Ben's
comment but with a bit more detail below.

- section 3: I don't see how you can produce a canonical
order of the LCAF encodings if two can contain e.g. the
same values other than different URLs, since there is no
canonical way to order URLs (or JSON structures etc.)
without a lot more specification.

- 4.3: I agree with Ben's comment. You ought include some
text here to the effect that this information can be
privacy senseitive and to recommend not sending or
storing it in such cases.

- 4.4: there are also potential privacy issues here if
this could be used to identify traffic that is from one
specific host behind a NAT. A similar privacy warning
should be included.

- 4.7: Sorry, when is key material sent in a message? How
is that protected? (Key ids are fine, but not key values)

- 4.10.2: The same privacy issues apply here as for 4.3
and 4.4, if the MAC address maps to e.g.  a portable
device carried by a person.

- 4.10.3 and all of section 5: What are these for?  I
don't see the sense in defining these if there is no well
defined way to use them. Any of these might have
undesirable security and/or privacy characteristics.

- Section 6: There are security considerations.  See

lisp mailing list

Reply via email to