Re: [Last-Call] [secdir] Secdir last call review of draft-ietf-opsawg-ntf-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Ben,

 

Thank you very much for your suggestions! Yes we should make it clear that network telemetry are not applicable to individual end users. I’ll include the new text your proposed in the document.

 

Best regards,

Haoyu

From: Ben Schwartz <bemasc@xxxxxxxxxx>
Sent: Tuesday, October 26, 2021 7:57 AM
To: Alexey Melnikov <alexey.melnikov@xxxxxxxxx>
Cc: secdir@xxxxxxxx; last-call@xxxxxxxx; draft-ietf-opsawg-ntf.all@xxxxxxxx
Subject: Re: [secdir] Secdir last call review of draft-ietf-opsawg-ntf-09

 

On Tue, Oct 26, 2021 at 6:26 AM Alexey Melnikov <alexey.melnikov@xxxxxxxxx> wrote:

...

 the Security Considerations covers
everything I can think of in regards to data confidentiality, privacy,
access control, etc.

 

I disagree on this point.

 

The draft mentions privacy in exactly two places.

 

First, in Background:

 

>   It is easy to see that network operations can benefit from

>   network big data to gather insights into flows without breaching
>   privacy.

 

This statement is presented without justification.  I disagree.  If anything, it is hard to see how network operations can collect "big data" _without_ breaching privacy.  The techniques described in this draft are technically identical to the Pervasive Monitoring attack documented in RFC 7258. 

 

Second, in the Security Considerations:

 

>   In addition to security, privacy is also an important issue.  Network
>   telemetry means to improve the network operation which can ultimately
>   benefit end user's quality of experience.  The network operators must
>   be held accountable and strive for a balance between managing the
>   network and maintaining the user privacy of that network.

 

I don't think the IETF should be publishing drafts that recommend compromising user privacy, and I find the qualifications here vague and toothless.

 

Although I view these as serious concerns, I think they can be remedied quite easily.  It seems clear to me that the focus of this draft is on "technical" networks whose endpoints do not represent users.  When all endpoints on the network represent a single administrative entity, user privacy concerns are largely inapplicable.  To that end, I would replace these two paragraphs with:

 

> When a network's endpoints do not represent individual users (e.g. in industrial, datacenter, and infrastructure contexts), network operations can often benefit from large-scale data collection without breaching user privacy.

 

and

 

> Large-scale network data collection is a major threat to user privacy [RFC7258].  The Network Telemetry Framework is not applicable to networks whose endpoints represent individual users, such as general-purpose access networks.  Any collection or retention of data in those networks must be tightly limited to protect user privacy.

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux