ietf
[Top] [All Lists]

Re: Last Call: <draft-ietf-insipid-session-id-reqts-08.txt> (Requirements for an End-to-End Session Identification in IP-Based Multimedia Communication Networks) to Informational RFC

2013-09-16 00:27:43
I don't have that spec in front of me, but if it is used directly, that would 
reveal personally identifiable information. I would hope it is used as input 
into a hash out something.

The solution spec we're developing would certainly not use such a value 
directly or allow it to be derived.

Paul


-------- Original Message --------
From: SM <sm(_at_)resistor(_dot_)net>
Sent: Sat Sep 14 12:03:30 EDT 2013
To: ietf(_at_)ietf(_dot_)org
Subject: Re: Last Call: <draft-ietf-insipid-session-id-reqts-08.txt>    
(Requirements for an End-to-End Session Identification in IP-Based      
Multimedia Communication Networks) to Informational RFC

At 09:40 10-09-2013, The IESG wrote:
The IESG has received a request from the INtermediary-safe SIP session ID
WG (insipid) to consider the following document:
- 'Requirements for an End-to-End Session Identification in IP-Based
   Multimedia Communication Networks'
  <draft-ietf-insipid-session-id-reqts-08.txt> as Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2013-09-24. Exceptionally, comments 
may be

Section 4.5 of the draft discusses about logging.  It mentions that 
"creating a common header field value through all SIP entities will 
greatly reduce any challenge for the purpose of" ... "communication tracking".

I look a quick look at Reference [6].  It mentions that the IMEI 
shall be used for generating an identifier.  Is the IMEI covered by REQ4?

Regards,
-sm 

<Prev in Thread] Current Thread [Next in Thread>