Re: [privacydir] request for a SAVI doc review
Ted Hardie <ted.ietf@gmail.com> Mon, 31 October 2011 20:08 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: privacydir@ietfa.amsl.com
Delivered-To: privacydir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7FE911E81F3 for <privacydir@ietfa.amsl.com>; Mon, 31 Oct 2011 13:08:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.516
X-Spam-Level:
X-Spam-Status: No, score=-2.516 tagged_above=-999 required=5 tests=[AWL=-0.584, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nVRMKUVnEO7Z for <privacydir@ietfa.amsl.com>; Mon, 31 Oct 2011 13:08:00 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id A523411E81ED for <privacydir@ietf.org>; Mon, 31 Oct 2011 13:07:55 -0700 (PDT)
Received: by gyh20 with SMTP id 20so7535242gyh.31 for <privacydir@ietf.org>; Mon, 31 Oct 2011 13:07:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LNBTyLWqu7JF07R4ZZe8mHtuV2yeWO0mCjn383MsYbI=; b=V9DQWaKTPKVvPk4XPpHZyFpHTJXNqA+vh0DkGOcfuVi/M7KDxAOhmanhXRegKSPDcM xSVkCiBc1/qtdY2ApxvQ654ER/oncCjzF1H0FekX0rRlDJVe2WiBiID7/BvUpjC+BPbS 6yO/61qbQQyuFz6+bLPOGqH7Pm5VYwETxvB5w=
MIME-Version: 1.0
Received: by 10.236.72.132 with SMTP id t4mr18693889yhd.58.1320091675264; Mon, 31 Oct 2011 13:07:55 -0700 (PDT)
Received: by 10.236.105.169 with HTTP; Mon, 31 Oct 2011 13:07:55 -0700 (PDT)
In-Reply-To: <4EA981A9.2080200@cs.tcd.ie>
References: <4EA981A9.2080200@cs.tcd.ie>
Date: Mon, 31 Oct 2011 13:07:55 -0700
Message-ID: <CA+9kkMD-JgQhHb5ZhemOcvs9owV1BoRbn6ROswpG+O0q5fvK1g@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="20cf300510406005e204b09dcb0a"
Cc: privacydir@ietf.org
Subject: Re: [privacydir] request for a SAVI doc review
X-BeenThere: privacydir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Privacy Directorate to develop the concept of privacy considerations for IETF specifications and to review internet-drafts for privacy considerations." <privacydir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacydir>, <mailto:privacydir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/privacydir>
List-Post: <mailto:privacydir@ietf.org>
List-Help: <mailto:privacydir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacydir>, <mailto:privacydir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Oct 2011 20:08:00 -0000
Hi Stephen, I've read through the framework document. My baseline impression is that the document makes a presumption about the relationship between the host and the network employing SAVI that is true when it is the access network (that is, the network assigning the IP address to be verified). In that deployment scenario, it is expected for the network to be able to associate layer two identifiers with the layer 3 identifier (after all, it must to be able to deliver return traffic). What's not clear to the naive reader (read: me) is how you prevent SAVI from operating from other parts of the network; that is, how does the overall framework guard against SAVI being used by some later network on-path getting access to these bindings? I assume that this is detailed elsewhere in the protocol documents, but I believe a short discussion of the privacy threat in framework, along with a pointer to the protocol mechanism would be valuable. If the expectation is that SAVI can operate from multiple places in the network (including, say, the destination network), then I believe there is a more serious privacy concern. regards, Ted Hardie On Thu, Oct 27, 2011 at 9:07 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>wrote: > > Hi, > > There's a SAVI document [1] on the Nov 3 telechat. I'd appreciate > a review of that from a privacy perspective if someone has the > time in the next week. (Just reply to this if you've time.) > > Previous SAVI documents have generated privacy related > DISCUSSes [2,3] which may be useful background. > > Thanks in advance, > S. > > [1] https://datatracker.ietf.org/**doc/draft-ietf-savi-framework/<https://datatracker.ietf.org/doc/draft-ietf-savi-framework/> > [2] https://datatracker.ietf.org/**doc/draft-ietf-savi-fcfs/<https://datatracker.ietf.org/doc/draft-ietf-savi-fcfs/> > [3] https://datatracker.ietf.org/**doc/draft-ietf-savi-threat-**scope/<https://datatracker.ietf.org/doc/draft-ietf-savi-threat-scope/> > > ______________________________**_________________ > privacydir mailing list > privacydir@ietf.org > https://www.ietf.org/mailman/**listinfo/privacydir<https://www.ietf.org/mailman/listinfo/privacydir> >
- [privacydir] request for a SAVI doc review Stephen Farrell
- Re: [privacydir] request for a SAVI doc review Ted Hardie
- Re: [privacydir] request for a SAVI doc review Richard L. Barnes
- Re: [privacydir] request for a SAVI doc review Ted Hardie
- Re: [privacydir] request for a SAVI doc review Stephen Farrell
- Re: [privacydir] request for a SAVI doc review Stephen Farrell
- Re: [privacydir] request for a SAVI doc review Ted Hardie