Dear Joshua, Apologies for the delay to answer this message.
I see your point. I will add it to the list of items to be considered for the next iteration of the document. BTW, -03 already included some of requirements which cover security aspects (see for instance REQ#1, REQ#2, REQ#3, REQ#9). Once we have a stable requirements list, we will identify the requirements which are valid for each use case: http://tools.ietf.org/html/draft-boucadair-intarea-host-identifier-scenarios-03#section-4.1 Cheers, Med >-----Message d'origine----- >De : Joshua Shire [mailto:jsh...@hyduke.com] >Envoyé : vendredi 25 janvier 2013 08:17 >À : BOUCADAIR Mohamed OLNC/OLN; f...@ietf.org; int-area@ietf.org >Cc : draft-boucadair-intarea-host-identifier-scenar...@tools.ietf.org >Objet : RE: draft-boucadair-intarea-host-identifier-scenarios > >Hello, > >I do not believe a pointer to >http://tools.ietf.org/html/draft-ietf-intarea-nat-reveal-analys >is-04#section-3 will be satisfactory for the security >considerations section. > >http://www.ietf.org/rfc/rfc3552.txt states that when writing >a security considerations section, the process "...should be >approached as an effort to perform "due diligence" in >describing all known or foreseeable risks and threats to >potential implementers and users." Normally we see RFCs >describing more applied topics such as protocols, so the >specific language and examples given in the above mentioned >RFC may not seem directly applicable. However, "in spirit", >the document seems clear in requiring all RFCs to examine in >detail their potential security impact. > >As I'm sure we're all aware, some of the use cases identified >are purposefully implemented to maintain the confidentiality >of a client's identity (e.g. NAT to obfuscate the structure of >an enterprise network, Open-Wifi to conceal the identity of a >client under threat of persecution [or prosecution], etc.). > >Thus, in identifying these scenarios as sharing the "issue" of >host identification, the author would seem to be required to >discuss the potential security implications of treating the >lack of host identification as such, rather than a desirable feature. > >Thanks, > >Joshua Shire >Information Systems Manager >Hyduke Energy Services Inc. > >-----Original Message----- >From: int-area-boun...@ietf.org >[mailto:int-area-boun...@ietf.org] On Behalf Of >mohamed.boucad...@orange.com >Sent: Monday, December 03, 2012 2:08 AM >To: f...@ietf.org; int-area@ietf.org >Cc: draft-boucadair-intarea-host-identifier-scenar...@tools.ietf.org >Subject: [Int-area] draft-boucadair-intarea-host-identifier-scenarios > >Dear all, > >We submitted an updated version of this draft to list use >cases which encounter the issue of host identification. The >following use cases are discussed in the draft: > > (1) Carrier Grade NAT (CGN) > (2) A+P (e.g., MAP ) > (3) Application Proxies > (4) Provider Wi-Fi > (5) Policy and Charging Architectures > (6) Cellular Networks > (7) Femtocells > (8) Overlay Networks (e.g., CDNs) > >The document does not include any solution-specific >discussion. Its main goal is to identify the use cases and >describe them. > >If you think your use case is not included in this version, >please share it with us. > >Comments are welcome. > >Cheers, >Med > > >-----Message d'origine----- >De : i-d-announce-boun...@ietf.org >[mailto:i-d-announce-boun...@ietf.org] De la part de >internet-dra...@ietf.org Envoyé : lundi 3 décembre 2012 08:26 >À : i-d-annou...@ietf.org Objet : I-D Action: >draft-boucadair-intarea-host-identifier-scenarios-02.txt > > >A New Internet-Draft is available from the on-line >Internet-Drafts directories. > > > Title : Host Identification: Use Cases > Author(s) : Mohamed Boucadair > David Binet > Sophie Durel > Tirumaleswar Reddy > Brandon Williams > Filename : >draft-boucadair-intarea-host-identifier-scenarios-02.txt > Pages : 14 > Date : 2012-12-02 > >Abstract: > This document describes a set of scenarios in which host > identification is required. > > >The IETF datatracker status page for this draft is: >https://datatracker.ietf.org/doc/draft-boucadair-intarea-host-i >dentifier-scenarios > >There's also a htmlized version available at: >http://tools.ietf.org/html/draft-boucadair-intarea-host-identif >ier-scenarios-02 > >A diff from the previous version is available at: >http://www.ietf.org/rfcdiff?url2=draft-boucadair-intarea-host-i >dentifier-scenarios-02 > > >Internet-Drafts are also available by anonymous FTP at: >ftp://ftp.ietf.org/internet-drafts/ > >_______________________________________________ >I-D-Announce mailing list >i-d-annou...@ietf.org >https://www.ietf.org/mailman/listinfo/i-d-announce >Internet-Draft directories: http://www.ietf.org/shadow.html or >ftp://ftp.ietf.org/ietf/1shadow-sites.txt >_______________________________________________ >Int-area mailing list >Int-area@ietf.org >https://www.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
