IETF Logo Mail Archive

Re: [babel] Secdir last call review of draft-ietf-babel-rtt-extension-04

Shivan Kaul Sahib <shivankaulsahib@gmail.com> Tue, 10 October 2023 16:57 UTC

Return-Path: <shivankaul.1993@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 156CEC1519A9; Tue, 10 Oct 2023 09:57:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.853
X-Spam-Level:
X-Spam-Status: No, score=-1.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j_Cyv0e-1AWL; Tue, 10 Oct 2023 09:57:45 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D82E8C1519A5; Tue, 10 Oct 2023 09:57:45 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id ffacd0b85a97d-31c5cac3ae2so5344939f8f.3; Tue, 10 Oct 2023 09:57:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1696957064; x=1697561864; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=W+FQqcsIJ+Y+XFO/pxOyFA4u4gEJdsabTutttEZFso4=; b=fzYjHMbjAv/3uztLqY/bIodtCPSwXSWWzda0Nvi3052RgDh1vRddSKDC4TEdO29IC+ LSos6iqE18AJjKMx6BOkRXZVVSps+RmWktVjHp9qByWeJyJ/v2rzHa9eeLlh0q+A4Lk7 TLnVp42uFqkF65yiYpVL4yKyyrkSWHMLxUjZL20ngXqrg9tiie+BTsNASfajOwSF1ov3 sosJ070tc8BFE+RglJx7DgSKlsC1a5gzbYJ69zsXOW8Iol+6aQ7xJ8q/EJnvLbj8qZHj TF3cjIT+YSLfzqQNxt0TGItTgDTCzFC0e1H87kBgjQex+U9oLKMKWYFDQ7+oY3e9kuGG 4r6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696957064; x=1697561864; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=W+FQqcsIJ+Y+XFO/pxOyFA4u4gEJdsabTutttEZFso4=; b=fCJF5HJQy2LsU0jwjES7djawOBcH+69HGbJJMjmmp7XOmR2R3xxotZq7Qx8H+Fnc86 tFgoF241uh/xWWhSw80rtgSd4mmCe/E5a/i5DckWjOqze3MCe4zzg/aup+iCKVFZ/v61 19yWOD+Rkkngg1p8Sy2tzpHNLcRBBSmWQxQkTwQ8M7NKNb5c/czzTWOS5d89yzfEjCKW Zn3cWh46cQE7U/34uQuj2NI3OOtc6V1TMm9Pe+RbP0iXxfl0XbELsuHaWY7/eh5Kikjp CdeHz+Kvl0/KfqU6fsjzIKzUX/b8aL/QKCO1ZAtsP3B5JLTEfS7F1tyJY/XNQRN5OVr0 w7hw==
X-Gm-Message-State: AOJu0YxUq0FmJjKQyCIWBIJBhvNVWkcuyDsd30zOVvl98zVRoJXla5hO 7qbUcZtOBbwon7/VE5b77tv5tDvmR7TzVeLo1S1iCNFVdbQ=
X-Google-Smtp-Source: AGHT+IFrpweAY39eUwuzKRhiGKaSjhtCRPK9mJMRBXGgUFnpspOrsO1QSRqPTKIX2Gw+WcjMUE0BDl6+CevvVqcBSbQ=
X-Received: by 2002:a5d:680d:0:b0:317:6ef1:7939 with SMTP id w13-20020a5d680d000000b003176ef17939mr17561738wru.23.1696957063842; Tue, 10 Oct 2023 09:57:43 -0700 (PDT)
MIME-Version: 1.0
References: <169690561656.636.8204474299201117349@ietfa.amsl.com> <87bkd6ztdk.wl-jch@irif.fr>
In-Reply-To: <87bkd6ztdk.wl-jch@irif.fr>
From: Shivan Kaul Sahib <shivankaulsahib@gmail.com>
Date: Tue, 10 Oct 2023 09:57:07 -0700
Message-ID: <CAG3f7MjdVbd9F9n1tEfnxdiEg2TZG=rtDBojgaSZTQEcbsEPyw@mail.gmail.com>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: secdir@ietf.org, babel@ietf.org, draft-ietf-babel-rtt-extension.all@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="000000000000fd4e9a06075f9a3f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/AqLf7KK7e2EKvFf6_IJWwiwwVfw>
Subject: Re: [babel] Secdir last call review of draft-ietf-babel-rtt-extension-04
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 16:57:48 -0000

Hi Juliusz,



On Tue, 10 Oct 2023 at 03:04, Juliusz Chroboczek <jch@irif.fr> wrote:

> Thanks, Shivan.
>
> > From reading the Security Considerations of RFC 8966 (last para), it
> > seems that geolocation privacy was a concern with the original Babel
> > spec. Allowing extremely-fine-grained (1 microsecond) RTT measurements
> > makes that infinitely worse, especially for users on mobile or behind
> > VPNs, who typically have special privacy needs.
>
> I agree.  I'll add some wording to that effect to the Security
> Considerations.
>
> > The IETF has thought a lot about privacy concerns with RTT measurement
> and how
> > to balance them with operational needs,
>
> I'll be grateful for a reference.
>

https://datatracker.ietf.org/doc/html/rfc9312#section-3.8.2 talks about how
QUIC makes RTT measurement via spin bit optional, and to avoid outing those
devices, "all endpoints randomly disable "spinning" for at least one eighth
of connections, even if otherwise enabled by default".

>
> Thanks again,
>
> -- Juliusz
>

v2.23.0 | Report a Bug | By Email