Skip to main content

Mobile Node Identifier Types for MIPv6
draft-ietf-dmm-4283mnids-08

Discuss


Yes

(Suresh Krishnan)

No Objection

(Alia Atlas)
(Alvaro Retana)
(Benoît Claise)
(Deborah Brungard)
(Joel Jaeggli)
(Terry Manderson)

Note: This ballot was opened for revision 04 and is now closed.

Stephen Farrell Former IESG member
Discuss
Discuss [Treat as non-blocking comment] (2017-02-15 for -04) Unknown
I don't consider that merely mentioning that there are some
privacy issues (maybe) is nearly sufficient here.  Instead I
would argue that any of these identifier types that could have
privacy implications need to be specifically justified or else
dropped. By specifically justified, I mean that there ought be
an argument (and a fairly holistic one) that the Internet is
better, and not worse, if we define a codepoint that allows
MIPv6 (and later, other protocols) to use that identifier.  I
do accept that my position is perhaps innovative, in terms of
IETF processes, so I'll split the discuss into two parts, one
process oriented and mostly for the IESG, and the second
relating to the content of the draft.

(1) For the IESG: is it ok that we introduce (codepoints for)
a slew of new long-term stable privacy-sensitive identifiers
just because they might someday be needed, or do we need to
have specific justification for defining such things? I would
argue the latter, but that may need us to validate that there
is IETF consensus for that somehow, and perhaps in the
meantime hold on to this draft. Part of my reasoning is that
once we define such codepoints (e.g. for IMSIs) then that
inevitably means that other protocols, and not just MIPv6,
will do the same eventually, so accepting this draft basically
means accepting that we end up commonly and perhaps
carelessly, passing such highly-sensitive information about on
the Internet in many protocols and in many contexts.  My
argument here I think does adhere to various of our BCPs that
do argue for security and privacy, but I do also accept that
this may be novel and to some extent goes against another of
our generally accepted ideas which is that we benefit from
folks documenting things even if those things are sub-optimal
in various ways. So I'd argue this is a real case for an IESG
discussion - I know what I think, but what do the rest of you
think?

(2) For the authors: to the extent you are willing to, and
want to get ahead of the discussion on point (1) above, can
you in fact provide an argument, for each of the identifiers
here that have privacy-sensitivity, that the Internet is better
overall if we define these codepoints knowing that if we do
define a way to represent e.g. an IMSI in MIPv6 that is likely
to be copied elsewhere? Note for the authors: I think it's
entirely fine for you to do nothing pending the discussion of
point (1) above, if that's your preference.
Suresh Krishnan Former IESG member
Yes
Yes (for -04) Unknown

                            
Alia Atlas Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Alissa Cooper Former IESG member
(was Discuss) No Objection
No Objection (2018-03-19) Unknown
Thanks for addressing my DISCUSS.
Alvaro Retana Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Ben Campbell Former IESG member
(was Discuss) No Objection
No Objection (2017-08-30 for -05) Unknown
Thanks for resolving my DISCUSS point.
Benoît Claise Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Deborah Brungard Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Jari Arkko Former IESG member
No Objection
No Objection (2017-02-16 for -04) Unknown
The discussion resulting from Dale's excellent Gen-ART review probably needs to move forward before this document is ready to be made an RFC.
Joel Jaeggli Former IESG member
No Objection
No Objection (for -04) Unknown

                            
Kathleen Moriarty Former IESG member
No Objection
No Objection (2017-02-14 for -04) Unknown
Thanks for the changes per the SecDir review and Mirja's discuss.
https://www.ietf.org/mail-archive/web/secdir/current/msg07164.html
Mirja Kühlewind Former IESG member
(was Discuss) No Objection
No Objection (2017-02-16 for -04) Unknown
Author agreed to do the following change in the security considerations section:
OLD
"If used in the MNID extension as defined in this
   document, the packet including the MNID extension should be encrypted
   so that personal information or trackable identifiers would not be
   inadvertently disclosed to passive observers."
NEW
"If used in the MNID extension as defined in this
   document, the packet including the MNID extension MUST be encrypted
   so that personal information or trackable identifiers would not be
   inadvertently disclosed to passive observers."
Spencer Dawkins Former IESG member
No Objection
No Objection (2017-02-15 for -04) Unknown
I'll watch the DISCUSSions from other ADs ...
Terry Manderson Former IESG member
No Objection
No Objection (for -04) Unknown