On Tue, Oct 26, 2021 at 6:26 AM Alexey Melnikov <alexey.melnikov@xxxxxxxxx> wrote:
...
the Security Considerations covers
everything I can think of in regards to data confidentiality, privacy,
access control, etc.
I disagree on this point.
The draft mentions privacy in exactly two places.
First, in Background:
> It is easy to see that network operations can benefit from
> network big data to gather insights into flows without breaching> privacy.
This statement is presented without justification. I disagree. If anything, it is hard to see how network operations can collect "big data" _without_ breaching privacy. The techniques described in this draft are technically identical to the Pervasive Monitoring attack documented in RFC 7258.
Second, in the Security Considerations:
> In addition to security, privacy is also an important issue. Network
> telemetry means to improve the network operation which can ultimately
> benefit end user's quality of experience. The network operators must
> be held accountable and strive for a balance between managing the
> network and maintaining the user privacy of that network.
> telemetry means to improve the network operation which can ultimately
> benefit end user's quality of experience. The network operators must
> be held accountable and strive for a balance between managing the
> network and maintaining the user privacy of that network.
I don't think the IETF should be publishing drafts that recommend compromising user privacy, and I find the qualifications here vague and toothless.
Although I view these as serious concerns, I think they can be remedied quite easily. It seems clear to me that the focus of this draft is on "technical" networks whose endpoints do not represent users. When all endpoints on the network represent a single administrative entity, user privacy concerns are largely inapplicable. To that end, I would replace these two paragraphs with:
> When a network's endpoints do not represent individual users (e.g. in industrial, datacenter, and infrastructure contexts), network operations can often benefit from large-scale data collection without breaching user privacy.
and
> Large-scale network data collection is a major threat to user privacy [RFC7258]. The Network Telemetry Framework is not applicable to networks whose endpoints represent individual users, such as general-purpose access networks. Any collection or retention of data in those networks must be tightly limited to protect user privacy.
<<attachment: smime.p7s>>
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
