Using the Mobile Equipment Identity (MEID) URN as an Instance ID
draft-atarius-dispatch-meid-urn-as-instanceid-08

Note: This ballot was opened for revision 05 and is now closed.

(Ben Campbell) Yes

(Alia Atlas) No Objection

Deborah Brungard No Objection

(Benoît Claise) No Objection

Alissa Cooper No Objection

Comment (2018-01-09 for -06)
No email
send info
I tend to agree with the last call commenters about the likely leakiness of this despite all the good normative language in this document, but don't see a justification not to publish this given that we published RFC 7255.

(Spencer Dawkins) No Objection

(Suresh Krishnan) No Objection

Warren Kumari No Objection

(Mirja Kühlewind) No Objection

(Alexey Melnikov) No Objection

(Kathleen Moriarty) No Objection

Comment (2018-01-10 for -06)
No email
send info
I agree with Adam's request for additional text in the security considerations section.

Thanks for addressing the SecDir review comments:
https://mailarchive.ietf.org/arch/msg/secdir/lZ_SwtRm1tBvuB7UPF-awcrsv60

Alvaro Retana No Objection

(Adam Roach) No Objection

Comment (2018-01-09 for -06)
No email
send info
I think the security section would be improved by adding a blanket warning about not accidentally leaking the MEID in other contexts, such as (and in particular) when application servers subscribe to user registration state using the event package defined in RFC 3680.