Re: [atoca] What is the scope of "Secure Alerting Format"
Richard Barnes <rbarnes@bbn.com> Fri, 21 September 2012 01:58 UTC
Return-Path: <rbarnes@bbn.com>
X-Original-To: atoca@ietfa.amsl.com
Delivered-To: atoca@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7154A21F8540 for <atoca@ietfa.amsl.com>; Thu, 20 Sep 2012 18:58:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.299
X-Spam-Level:
X-Spam-Status: No, score=-106.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_24=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ZrlSmH9oIb9 for <atoca@ietfa.amsl.com>; Thu, 20 Sep 2012 18:58:20 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 8D60721F85C6 for <atoca@ietf.org>; Thu, 20 Sep 2012 18:58:19 -0700 (PDT)
Received: from [128.89.255.200] (port=64398) by smtp.bbn.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.77 (FreeBSD)) (envelope-from <rbarnes@bbn.com>) id 1TEsVW-0009Sd-Ok; Thu, 20 Sep 2012 21:58:18 -0400
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="us-ascii"
From: Richard Barnes <rbarnes@bbn.com>
In-Reply-To: <5619B668-E739-4B26-A6E9-A8A69BED49D5@neustar.biz>
Date: Thu, 20 Sep 2012 21:58:18 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <A5223ACD-080A-461A-B285-97475F1E832C@bbn.com>
References: <5619B668-E739-4B26-A6E9-A8A69BED49D5@neustar.biz>
To: "Rosen, Brian" <brian.rosen@neustar.biz>
X-Mailer: Apple Mail (2.1278)
Cc: "atoca@ietf.org" <atoca@ietf.org>
Subject: Re: [atoca] What is the scope of "Secure Alerting Format"
X-BeenThere: atoca@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for the IETF Authority-to-Citizen Alert \(atoca\) working group." <atoca.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atoca>, <mailto:atoca-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/atoca>
List-Post: <mailto:atoca@ietf.org>
List-Help: <mailto:atoca-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atoca>, <mailto:atoca-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2012 01:58:20 -0000
In general, I would say that the "Secure Alerting Format" is something that 1. Represents the alert using CAP or a profile of CAP (== "Alerting Format") 2. Allows the recipient to verify the identity of the originator and/or relay(s) So the areas for discussion are (1) whether we want to just incorporate CAP by reference, or add some constraints, and (2) how we want to enable originator/relay authentication. Couple of questions inline. On Sep 13, 2012, at 9:57 AM, Rosen, Brian wrote: > In the revised plan, we're supposed to be concentrating on a "Secure Alerting Format" > > But what is the scope of that? > > I raised, for example, the issue of "area of interest" where the typical CAP message content is not machine actionable to filter messages to the right devices. The polygon for "continental United States" is not practical to send, and many alerts just have the description. Is the thing that gets us the area of interest we can route on in scope or not? I don't really know enough about CAP to comment in depth here, but this sounds at a high level like a CAP profiling problem. "Alert originators SHOULD embed enough information in the CAP message so that the device receiving the alert can determine automatically whether it is in the area of interest or not." It seems like a good question for the group whether profiling CAP is in scope here, since that might cause compatibility issues with legacy systems. If we suppose that we might take a more "system-scale" view in the future, we could also kick the can down the road. (Analogy: SIP allows codec negotiation; phonebcp says what codecs you MUST support.) > Is identity of the originator in scope? I would say that the question of which originators are authorized (i.e., which originators a recipient will accept) is out of scope; that's a provisioning/metadata question. The techniques for associating the alert with one or more verified originator identities is in scope. In other words, the S/MIME might include a certificate chain that shows that the alert was signed by an entity with CN=FEMA, but if I'm in Bolivia I might choose to reject that because FEMA isn't an authority there. > A lot of this depends on the line between "transport" and "format", and I don't understand where we are drawing that line. > > Brian > _______________________________________________ > atoca mailing list > atoca@ietf.org > https://www.ietf.org/mailman/listinfo/atoca
- [atoca] What is the scope of "Secure Alerting For… Rosen, Brian
- Re: [atoca] What is the scope of "Secure Alerting… Richard Barnes