Hi, Russ,
On 13/9/20 14:46, Russ Housley wrote:
Fernando:
Thanks a lot for your comments! In-line....
On 11/9/20 17:16, Russ Housley via Datatracker wrote:
Reviewer: Russ Housley
Review result: Almost Ready
[....]
Major Concerns:
In Section 2.2, the discussion of DNS names comes out of the blue. In
RFC 4941, there was context for this discussion that has been dropped
from this document. Some context is needed.
I reared the text, but I don't find it as "coming out of the blue". I guess one could add something to Section 2.1 to include DNS names... but, at the end of the day, the name is just another identifier.
GRANT ALL ON wp_si6networks.* TO 'wp_si6networks'@'localhost';
Or put another way, I'm not sure what's the "context" I would add if asked to.
Thoughts?
This point from RFC 4941 is what I was talking about.
One of the requirements for correlating seemingly unrelated
activities is the use (and reuse) of an identifier that is
recognizable over time within different contexts. IP addresses
provide one obvious example, but there are more. Many nodes also
have DNS names associated with their addresses, in which case the DNS
name serves as a similar identifier. Although the DNS name
associated with an address is more work to obtain (it may require a
DNS query), the information is often readily available. In such
cases, changing the address on a machine over time would do little to
address the concerns raised in this document, unless the DNS name is
changed as well (see Section 4).
I see.
How about if we add back these bits, with the text resulting in:
---- cut here ----
One of the requirements for correlating seemingly unrelated
activities is the use (and reuse) of an identifier that is
recognizable over time within different contexts. IP addresses
provide one obvious example, but there are more.
Many nodes have DNS names associated with their addresses, in which
case the DNS name serves as a similar identifier. Although the DNS
name associated with an address is more work to obtain (it may
require a DNS query), the information is often readily available. In
such cases, changing the address on a machine over time would do
little to address the concerns raised in this document, unless the
DNS name is changed as well (see Section 4).
Web browsers and servers typically exchange "cookies"
with each other [RFC6265]. Cookies allow web servers to correlate a
current activity with a previous activity. One common usage is to
send back targeted advertising to a user by using the cookie supplied
by the browser to identify what earlier queries had been made (e.g.,
for what type of information). Based on the earlier queries,
advertisements can be targeted to match the (assumed) interests of
the end-user.
---- cut here ----
?
Would this address your concern?
Thanks!
Regards,
--
Fernando Gont
SI6 Networks
e-mail: fgont@xxxxxxxxxxxxxxx
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
