On Jun 4, 2009, at 9:24 AM, Cullen Jennings wrote:
Thanks for review ... just wanted to respond to one point in this.
On Jun 3, 2009, at 4:47 PM, Spencer Dawkins wrote:
C5. User Identity Protection: The location URI MUST NOT contain
information that identifies the user or device. Examples include
phone extensions, badge numbers, first or last names.
Spencer (minor): this is probably a good idea, but I'm not sure
it's a 2119 MUST (NOT). How would you recognize this on the wire
(do you know what MY badge number is :-)?
There is the age old discussion about what 2119 means in a
requirement document, but I'm trying to ignore that and just go with
how well this conveys the intent of the WG to future readers. I
agree we could not really black box test this but I think it does
get to the essence of what the requirement is. Even last names might
be hard to tell they are a last name, I hear rumor that google
thinks Tschofenig is a strong password though I note is is a very
common word to find in internet drafts :-)
Anyways, I can't think of a better way to write this requirement so
unless someone has a concrete proposal, I suspect I will just leave
as is.
Say WHY it MUST NOT.
All 2119 language needs explanation; you MUST NOT include identifying
information because if you do, that information will be revealed to
attackers, who may exercise it in attacks. Such attacks include but
are not limited to social engineering, impersonation, stalking,
extortion, and pretending to be an Area Director . . .
In other words, when you use 2119 language to explain a requirement,
explain the rationale for that requirement; in particular explain what
happens (or becomes possible) if the requirement is violated.
Unsubstantiated dogma is doggerel.
--
Dean
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf