Roman Danyliw has entered the following ballot position for draft-ietf-regext-rdap-reverse-search-24: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- ** Section 13 In general, given the sensitivity of this functionality, it SHOULD be accessible to authorized users only, and for specific use cases only. If this data is considered sensitive, why would unauthorized users be permitted to access it (as permitted by use of SHOULD and not a MUST). ** Section 13 Providing reverse search in RDAP carries the following threats as described in [RFC6973]: * Correlation * Disclosure * Misuse of information Therefore, RDAP providers need to mitigate the risk of those threats by implementing appropriate measures supported by security services (see Section 14). Thank you for explicitly including a privacy considerations section to outline the associated risks. Can the text please be more specific in linking these real threats with the proposed mitigations referenced in Section 14? For example, if one is mitigating against “misuse of information” is that by an authenticated/authorized or authenticated user? Is some kind of authentication/authorization required for this class of invocation of RDAP? RFC7481 presents options but not much MTI. How is “correlation” being mitigated? What is “disclosure” in this case? How is it mitigated? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Tero Kivinen for the SECDIR review. I support Lars Eggert's DISCUSS position. ** Section 1. The first objection concerns the potential risks of privacy violation. Where are these privacy concerns summarized? Could a reference be provided? _______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
