[babel] Secdir last call review of draft-ietf-babel-rtt-extension-04
Shivan Sahib via Datatracker <noreply@ietf.org> Tue, 10 October 2023 02:40 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: babel@ietf.org
Delivered-To: babel@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D99EC15108F; Mon, 9 Oct 2023 19:40:16 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Shivan Sahib via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: babel@ietf.org, draft-ietf-babel-rtt-extension.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 11.12.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <169690561656.636.8204474299201117349@ietfa.amsl.com>
Reply-To: Shivan Sahib <shivankaulsahib@gmail.com>
Date: Mon, 09 Oct 2023 19:40:16 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/H3OlfuGgqYoVOHUECKR1aWfm4n0>
Subject: [babel] Secdir last call review of draft-ietf-babel-rtt-extension-04
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 02:40:16 -0000
Reviewer: Shivan Sahib Review result: Has Issues This document enhances the Babel routing protocol by allowing gathering of RTT measurements from neighbours (and then using that for routing decisions). From reading the Security Considerations of RFC 8966 (last para), it seems that geolocation privacy was a concern with the original Babel spec. Allowing extremely-fine-grained (1 microsecond) RTT measurements makes that infinitely worse, especially for users on mobile or behind VPNs, who typically have special privacy needs. The IETF has thought a lot about privacy concerns with RTT measurement and how to balance them with operational needs, but before delving into that I wanted to check if this was a concern that was identified or discussed.
- [babel] Secdir last call review of draft-ietf-bab… Shivan Sahib via Datatracker
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… David Schinazi
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek