[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GRIP WG Minutes from Pittsburgh IETF Meeting

To: minutes@ietf.org, grip-wg@uu.net
Subject: GRIP WG Minutes from Pittsburgh IETF Meeting
From: Barbara Fraser <byfraser@cisco.com>
Date: Thu, 03 Aug 2000 06:45:37 -0700
Cc: randy@psg.com, Bert Wijnen <bwijnen@lucent.com>
Comment: grip-wg mailing list add/drop requests to Majordomo@TransSys.COM

Minutes for GRIP Working Group Meeting
Date: Tuesday, August 1, 2000
Time: 2:15pm - 3:15pm
Scribe: David Blumenstein (www.david.com)

The working group met for a single one-hour session this IETF. The first 
part of the meeting focused on the current status of the ISP document. 
During the IETF Last Call, at least one person expressed discomfort with 
the content. The IESG sought external comment and the ISPs contacted said 
the draft "needed cleaning up". There were issues that the draft was overly 
prescriptive, and some of the practices that were included were unrealistic 
business practices. Jeff Schiller, Area Director for Security Area, 
commented that there exists a tension between Internet security and 
business interests of ISPs to the point that the relationship between the 
user and the ISP would be one of a contractual basis. He gave an example of 
wanting his ISP to inform him when a security incident occurs that effects him.

The document editor, Tom Killalea, reported that he had revised the -03 
version and thought the new draft addressed all the concerns that surfaced 
during the IETF last call. He reviewed the changes he has made:

* Use of registries - updates if supported and operationally possible
* sanctions on open mail relays dropped (AUP)
* Message submission - priority ordered towards 1, SMTP AUTH 2, MAIL TO

The next portion of the meeting was spent reviewing the current evidence 
protection draft. There was some discussion concerning the collection 
procedures and the use of digital signatures.Signing makes the verification 
easier.

Sections 3.2 "Collection Steps" and 4.2 "Archive" are really weak and need 
to get bolstered. Attendees were encouraged to send content to the list.

Tom requested that attendees take the draft to their local law enforcement 
folks for review. We want to ensure the document is as internationally 
appropriate as possible.

There was some discussion about who the evidence was being protected for. 
That is, is the document focused on protecting evidence so that law 
enforcement can use it to track down the perpetrator, or is it focused on 
protecting evidence so that when a perpetrator is identified, the evidence 
will hold up in a court of law. It is the latter that this document is 
concerned with.

Someone asked that the use of the phrase "law enforcement" be elaborated 
for the context of this document. Others said the definition varies with 
jurisdiction. These points will be discussed on the mailing list and the 
revised draft will be uploaded by September 1, 2000

A new version of the user document will also be made available by September 
1 by editor Manos Megagiannis. Attendees were urged to look for each of 
these two documents and send their review comments to the list.

Prev by Date: Re: Privacy comments on isp-expectations
Next by Date: Re: Comments on draft-ietf-grip-isp-expectations-04.txt
Previous by thread: Comments on draft-ietf-grip-isp-expectations-04.txt
Next by thread: iesg comments on draft-ietf-grip-isp-expectations-04.txt
Index(es):
- Date
- Thread