IETF Logo Mail Archive

Re: [dispatch] draft-winterbottom-dispatch-locparam

Paul Kyzivat <pkyzivat@alum.mit.edu> Wed, 22 July 2015 16:24 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 007D31A89F1 for <dispatch@ietfa.amsl.com>; Wed, 22 Jul 2015 09:24:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rJ8RAL_R4Xo7 for <dispatch@ietfa.amsl.com>; Wed, 22 Jul 2015 09:24:51 -0700 (PDT)
Received: from resqmta-ch2-12v.sys.comcast.net (resqmta-ch2-12v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:44]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D421D1A88B3 for <dispatch@ietf.org>; Wed, 22 Jul 2015 09:24:45 -0700 (PDT)
Received: from resomta-ch2-05v.sys.comcast.net ([69.252.207.101]) by resqmta-ch2-12v.sys.comcast.net with comcast id vUQb1q0042Bo0NV01UQlE5; Wed, 22 Jul 2015 16:24:45 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([50.138.229.151]) by resomta-ch2-05v.sys.comcast.net with comcast id vUQk1q00U3Ge9ey01UQk7B; Wed, 22 Jul 2015 16:24:45 +0000
Message-ID: <55AFC3CB.1060906@alum.mit.edu>
Date: Wed, 22 Jul 2015 12:24:43 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: "DRAGE, Keith (Keith)" <keith.drage@alcatel-lucent.com>, "dispatch@ietf.org" <dispatch@ietf.org>
References: <949EF20990823C4C85C18D59AA11AD8B6974984A@FR712WXCHMBA11.zeu.alcatel-lucent.com> <55AFBA60.6040802@alum.mit.edu> <949EF20990823C4C85C18D59AA11AD8B69749996@FR712WXCHMBA11.zeu.alcatel-lucent.com>
In-Reply-To: <949EF20990823C4C85C18D59AA11AD8B69749996@FR712WXCHMBA11.zeu.alcatel-lucent.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1437582285; bh=TXDoCHW7FOEkKLsoElmxq64xsG+YPIxBvfixjnAGK7A=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=UMh8Npe4WjVPQfpwpe2dkVnqYR+ibSlIot8WYGr0SQNn71eL68BX7KV/5DV1hn3dS cFZUa8l7hDb2vZLSKxPFKeG+GdjckbEsb5xG4Z3qiEJQvlpW9jbrmcVW/1epfRxwfP CbDBqWD6SSuCgmvhmNc3tJ9ymhFE9xh3pbG6L2UdcZOv2h/W+7Y70mmoeItcIvlugd 7abVebMwnEw/f3n07LiHEc71fnR3AyqxgdVXRCtebCTz8mc6xQ6yL3QXh2ROkYfY06 HII9A3qJYmyJkoe1zII8UlbSDGaL8/eTjltwDublmaGdqNUUlAfvvx0OUP0xpYyhTz PwVl1wCMh0P4w==
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/MK9FUjV0pdyi-FFmOCm5FJB54WI>
Subject: Re: [dispatch] draft-winterbottom-dispatch-locparam
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 16:24:53 -0000

On 7/22/15 11:55 AM, DRAGE, Keith (Keith) wrote:
> Yes.
>
> That is in the draft, and I thought it was reasonably implicit in the summary. I'm not trying to rewrite the procedures here.
>
> But in general, if the received header field parameter is not trusted, then it is removed by the receiver.

The point of Spec(T) was to enumerate the things that must be specified. 
ISTM it would make sense for this draft to reference 3325 for a 
definition of Trust, rather than leaving it vague and loosely specified. 
Since the chief customer for this is IMS, and it already depends on 
3325, it doesn't seem like a big burden.

In particular, it makes clear that some elements sit on a trust boundary 
and are responsible for policing, while other elements may not be on a 
boundary and have no responsibility for policing.

	Thanks,
	Paul

> Keith
>
>> -----Original Message-----
>> From: dispatch [mailto:dispatch-bounces@ietf.org] On Behalf
>> Of Paul Kyzivat
>> Sent: 22 July 2015 16:45
>> To: dispatch@ietf.org
>> Subject: Re: [dispatch] draft-winterbottom-dispatch-locparam
>>
>> On 7/22/15 11:30 AM, DRAGE, Keith (Keith) wrote:
>>> I've now read all the versions of meeting notes distributed.
>>>
>>> None of these expand on Cullen's privacy concern, so
>> perhaps he could elaborate.
>>>
>>> I would state that:
>>>
>>> 1)	the trust statements in the document relate only to the
>> additional header field. The privacy requirements on the
>> remainder of the Geolocation header field are unchanged.
>>>
>>> 2)	for SIP deployments that use trust, neither the trust
>> nor the entities involved in that trust are the same for
>> every header field. So the trust for RFC 3325 is: a) on the
>> sender to trust that the recipient to apply any "id" privacy
>> indicated; b) on the recipient that they trust the sender to
>> assert the identity. For this draft, the only trust required
>> is that the receiver trusts the sender to assert that the new
>> header field parameter was applied by a "originating
>> telephony or electronic communications service provider".
>>
>> There is also a need for some entity to police the incoming
>> trust boundary, and remove assertions (locparam values in
>> this case) inserted by untrusted elements.
>>
>> 	Thanks,
>> 	Paul
>>
>>> 3)	I do not believe there is any privacy issue about the
>> recipient receiving information that any contained
>> Geolocation header field came from a "originating telephony
>> or electronic communications service provider" as opposed to
>> anywhere else. If there is, then the trust requirements could
>> be altered in the same manner as already used for a number of
>> 3GPP specific header fields.
>>>
>>> Keith
>>>
>>>> -----Original Message-----
>>>> From: DRAGE, Keith (Keith)
>>>> Sent: 22 July 2015 10:17
>>>> To: dispatch@ietf.org
>>>> Subject: draft-winterbottom-dispatch-locparam
>>>>
>>>> Issues from the dispatch meeting discussion:
>>>>
>>>> 1)	In regard to trust, what is needed is a mechanism to
>>>> meet the following from the EC mandate:
>>>>
>>>> ". The enhancement, i.e. location data provision, is
>> expected to be
>>>> determined by the originating telephony or electronic
>> communications
>>>> service provider, capable of originating voice calls
>> through a number
>>>> or numbers in national telephone numbering plans, and be
>> provided at
>>>> call setup to the PSAP as soon as the call reaches the authority
>>>> handling the emergency calls."
>>>>
>>>> The proposal in the document is that the recipient of a
>> SIP request
>>>> will either know that the entity that sent or proxied the
>> SIP request
>>>> is either an "originating telephony or electronic communications
>>>> service provider" or trusts that entity to make a proper
>>>> discrimination of that.
>>>>
>>>> Relying on certificates or known domain names would
>> require PSAPs and
>>>> networks routeing emergency calls to have a maintained database of
>>>> all known "originating telephony or electronic
>> communications service
>>>> provider" worldwide.
>>>>
>>>> 2)	The question was raised as to whether it should be
>>>> specific for emergency call. I see no reason why it should be. It
>>>> does not interfere with the location itself, or the privacy of the
>>>> location itself. Further, I have a concern of any protocol
>> mechanism
>>>> that is emergency call specific, as it never gets tested until one
>>>> wants to make an emergency call.
>>>>
>>>> 3)	I believe Cullen mentioned privacy, but I am not sure
>>>> in what context. The mechanism does not interfere with any of the
>>>> privacy requirements defined for the Geolocation header field.
>>>> Further if the trust in 1) above is not met, it is only
>> the parameter
>>>> that is removed, not the Geolocation header field itself.
>>>>
>>>> Regards
>>>>
>>>> Keith
>>> _______________________________________________
>>> dispatch mailing list
>>> dispatch@ietf.org
>>> https://www.ietf.org/mailman/listinfo/dispatch
>>>
>>
>> _______________________________________________
>> dispatch mailing list
>> dispatch@ietf.org
>> https://www.ietf.org/mailman/listinfo/dispatch
>>

v2.23.0 | Report a Bug | By Email