Hi Roman, On Mon, Oct 16, 2023 at 2:44 PM Roman Danyliw via Datatracker <nore...@ietf.org> wrote: > > Roman Danyliw has entered the following ballot position for > draft-ietf-intarea-rfc7042bis-10: No Objection > > ... > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you to Kyle Rose for the SECDIR review. > > Section 6. Since specific security concerns around MAC addresses were cite, I > would recommend being more comprehensive. > > OLD > See [RFC7043] for security considerations on storing MAC addresses in > the DNS. > > NEW (rough text) > > MAC addresses can be used as an identifier for tracking users and devices. > See > [draft-ietf-madinas-mac-address-randomization] for related privacy > considerations and a discussion of MAC address randomization to partially > mitigate this threat. Additionally, see [RFC7043] for the security and > privacy > considerations of publishing MAC addresses in DNS. > > MAC addresses are an identifier provided by a device to the network. On > certain devices, MAC addresses are not static, and can be configured. The > network should exercise caution when using these addresses to enforce policy > (e.g., addresses can be spoofed, and previously seen devices can return to the > network with a new address).
OK. I'll add some text along those lines. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e...@gmail.com _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
