Message Disposition Notification
draft-ietf-appsawg-mdn-3798bis-16

Note: This ballot was opened for revision 15 and is now closed.

(Ben Campbell) Yes

(Alia Atlas) No Objection

Comment (2016-11-29 for -15)
No email
send info
Should the Media-Type registration go to the authors of the draft, as specified, or instead to the appsawg & eventually defaulting to the IESG?

Deborah Brungard No Objection

(Benoît Claise) No Objection

Alissa Cooper No Objection

Comment (2016-11-30 for -15)
No email
send info
Thanks for the good work to improve the privacy properties here.

= Section 6.2 =

"Disposition mode (Section 3.2.6.1) can leak information about
   recipient's MUA configuration, in particular whether MDNs are
   acknowledged manually or automatically.  If this is a concern, MUAs
   can return "manual-action/MDN-sent-manually" disposition mode in
   generated MDNs."

I see why this is here, but doesn't recommending falsifying these fields put their integrity in question whenever they are set to manual? I mean, why would recipients trust this information if the RFC actually suggests sending a field that lies about an MDN being automatically acknowledged?

= Section 6.2.2 =

"The "Reporting-UA" field (Section 3.2.1) might contain enough
   information to uniquely identify a specific device, usually when
   combined with other characteristics, particularly if the user agent
   sends excessive details about the user's system or extensions.
   However, the source of unique information that is least expected by
   users is proactive negotiation, including the Accept-Language header
   fields."

I think the use of "However" is tripping me up here. Earlier in the document you have good recommendations about how to mitigate the risk of fingerprinting based on the Reporting-UA field. That guidance is valid regardless of whether other header fields might also contribute to fingerprinting or whether users would expect that (frankly, I don't see how user expectations are relevant here, since most users don't understand fingerprinting anyway). I think something along the following lines to replace the last sentence above would be more accurate: "Even when the guidance in Section 3.2.1 is followed to avoid fingerprinting, other sources of unique information may still be present, including the Accept-Language header fields."

(Spencer Dawkins) No Objection

(Stephen Farrell) No Objection

(Joel Jaeggli) No Objection

Suresh Krishnan No Objection

Mirja Kühlewind No Objection

(Terry Manderson) No Objection

(Kathleen Moriarty) No Objection

Alvaro Retana No Objection

Alexey Melnikov Recuse

Comment (2016-11-24 for -15)
No email
send info
I am the editor.