Hi Roman Please see PPE for my comments inline
On Wed, Jan 3, 2024 at 1:14 PM Roman Danyliw via Datatracker < [email protected]> wrote: > Roman Danyliw has entered the following ballot position for > charter-ietf-lisp-04-06: Block > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/charter-ietf-lisp/ > > > > ---------------------------------------------------------------------- > BLOCK: > ---------------------------------------------------------------------- > > Per the following set of work "Privacy and Security: The WG will work on > EID > anonymity, VPN segmentation leveraging on the Instance ID, and traffic > anonymization. The reuse of existing mechanisms will be prioritized.": > > -- What is the threat model assumed for "traffic anonymization" and "EID > anonymity"? Could the desired security properties be clarified? > > PPE - LISP has an (EID, Routing Location) pair, it is possible to learn of > a specific long lived EID and then poll the mapping system to know its new > bindings over time. It would be therefore possible to record and track long > lived EIDs and identify the traffic specifically for that endpoint. Some > desired security properties would be to have short lived EIDs as well as > secured and restricted access to binding of an EID and locator for privacy. > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Per the following set of work "Privacy and Security: The WG will work on > EID > anonymity, VPN segmentation leveraging on the Instance ID, and traffic > anonymization. The reuse of existing mechanisms will be prioritized.": > > -- What will the output of this work look like? Which milestone is it > associated with? > > PPE - There are currently 2 WG drafts and the milestone is > March 2025 Submit LISP Privacy and Security document(s) to the IESG for > consideration (Privacy and Security) [EXPERIMENTAL] > > Thanks Padma
_______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
