IETF Logo Mail Archive

Re: [dispatch] draft-winterbottom-dispatch-locparam

"DRAGE, Keith (Keith)" <keith.drage@alcatel-lucent.com> Wed, 22 July 2015 16:36 UTC

Return-Path: <keith.drage@alcatel-lucent.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B8FC1A8997 for <dispatch@ietfa.amsl.com>; Wed, 22 Jul 2015 09:36:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EKExrUKQillI for <dispatch@ietfa.amsl.com>; Wed, 22 Jul 2015 09:36:29 -0700 (PDT)
Received: from smtp-fr.alcatel-lucent.com (fr-hpida-esg-02.alcatel-lucent.com [135.245.210.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DA961A87EA for <dispatch@ietf.org>; Wed, 22 Jul 2015 09:36:29 -0700 (PDT)
Received: from fr712usmtp2.zeu.alcatel-lucent.com (unknown [135.239.2.42]) by Websense Email Security Gateway with ESMTPS id 690A0DD3640EE; Wed, 22 Jul 2015 16:36:24 +0000 (GMT)
Received: from FR711WXCHHUB01.zeu.alcatel-lucent.com (fr711wxchhub01.zeu.alcatel-lucent.com [135.239.2.111]) by fr712usmtp2.zeu.alcatel-lucent.com (GMO) with ESMTP id t6MGaRIr025245 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 22 Jul 2015 18:36:27 +0200
Received: from FR712WXCHMBA11.zeu.alcatel-lucent.com ([169.254.7.203]) by FR711WXCHHUB01.zeu.alcatel-lucent.com ([135.239.2.111]) with mapi id 14.03.0195.001; Wed, 22 Jul 2015 18:36:27 +0200
From: "DRAGE, Keith (Keith)" <keith.drage@alcatel-lucent.com>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>, "dispatch@ietf.org" <dispatch@ietf.org>
Thread-Topic: [dispatch] draft-winterbottom-dispatch-locparam
Thread-Index: AQHQxJrqe3eSb9jiG02hvSCRPJkZap3nrPqQ
Date: Wed, 22 Jul 2015 16:36:25 +0000
Message-ID: <949EF20990823C4C85C18D59AA11AD8B69749AAB@FR712WXCHMBA11.zeu.alcatel-lucent.com>
References: <949EF20990823C4C85C18D59AA11AD8B6974984A@FR712WXCHMBA11.zeu.alcatel-lucent.com> <55AFBA60.6040802@alum.mit.edu> <949EF20990823C4C85C18D59AA11AD8B69749996@FR712WXCHMBA11.zeu.alcatel-lucent.com> <55AFC3CB.1060906@alum.mit.edu>
In-Reply-To: <55AFC3CB.1060906@alum.mit.edu>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.239.27.41]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/Y-S_IhV1u9yow2nUWnyXPD9srdk>
Subject: Re: [dispatch] draft-winterbottom-dispatch-locparam
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 16:36:32 -0000

To be clear, the chief customer of this at the moment is VoIP providers and emergency service providers in Europe that do not do IMS. IMS is a parallel architecture that currently does not specify this for location, although possibly it could in the future.

I do agree that the document needs to be clear about what is meant by trust.

But the point of my posting was to try and elaborate and close the issue Cullen was raising about privacy.

Keith

> -----Original Message-----
> From: Paul Kyzivat [mailto:pkyzivat@alum.mit.edu] 
> Sent: 22 July 2015 17:25
> To: DRAGE, Keith (Keith); dispatch@ietf.org
> Subject: Re: [dispatch] draft-winterbottom-dispatch-locparam
> 
> On 7/22/15 11:55 AM, DRAGE, Keith (Keith) wrote:
> > Yes.
> >
> > That is in the draft, and I thought it was reasonably 
> implicit in the summary. I'm not trying to rewrite the 
> procedures here.
> >
> > But in general, if the received header field parameter is 
> not trusted, then it is removed by the receiver.
> 
> The point of Spec(T) was to enumerate the things that must be 
> specified. 
> ISTM it would make sense for this draft to reference 3325 for 
> a definition of Trust, rather than leaving it vague and 
> loosely specified. 
> Since the chief customer for this is IMS, and it already 
> depends on 3325, it doesn't seem like a big burden.
> 
> In particular, it makes clear that some elements sit on a 
> trust boundary and are responsible for policing, while other 
> elements may not be on a boundary and have no responsibility 
> for policing.
> 
> 	Thanks,
> 	Paul
> 
> > Keith
> >
> >> -----Original Message-----
> >> From: dispatch [mailto:dispatch-bounces@ietf.org] On 
> Behalf Of Paul 
> >> Kyzivat
> >> Sent: 22 July 2015 16:45
> >> To: dispatch@ietf.org
> >> Subject: Re: [dispatch] draft-winterbottom-dispatch-locparam
> >>
> >> On 7/22/15 11:30 AM, DRAGE, Keith (Keith) wrote:
> >>> I've now read all the versions of meeting notes distributed.
> >>>
> >>> None of these expand on Cullen's privacy concern, so
> >> perhaps he could elaborate.
> >>>
> >>> I would state that:
> >>>
> >>> 1)	the trust statements in the document relate only to the
> >> additional header field. The privacy requirements on the 
> remainder of 
> >> the Geolocation header field are unchanged.
> >>>
> >>> 2)	for SIP deployments that use trust, neither the trust
> >> nor the entities involved in that trust are the same for 
> every header 
> >> field. So the trust for RFC 3325 is: a) on the sender to 
> trust that 
> >> the recipient to apply any "id" privacy indicated; b) on the 
> >> recipient that they trust the sender to assert the 
> identity. For this 
> >> draft, the only trust required is that the receiver trusts 
> the sender 
> >> to assert that the new header field parameter was applied by a 
> >> "originating telephony or electronic communications service 
> >> provider".
> >>
> >> There is also a need for some entity to police the incoming trust 
> >> boundary, and remove assertions (locparam values in this case) 
> >> inserted by untrusted elements.
> >>
> >> 	Thanks,
> >> 	Paul
> >>
> >>> 3)	I do not believe there is any privacy issue about the
> >> recipient receiving information that any contained 
> Geolocation header 
> >> field came from a "originating telephony or electronic 
> communications 
> >> service provider" as opposed to anywhere else. If there 
> is, then the 
> >> trust requirements could be altered in the same manner as already 
> >> used for a number of 3GPP specific header fields.
> >>>
> >>> Keith
> >>>
> >>>> -----Original Message-----
> >>>> From: DRAGE, Keith (Keith)
> >>>> Sent: 22 July 2015 10:17
> >>>> To: dispatch@ietf.org
> >>>> Subject: draft-winterbottom-dispatch-locparam
> >>>>
> >>>> Issues from the dispatch meeting discussion:
> >>>>
> >>>> 1)	In regard to trust, what is needed is a mechanism to
> >>>> meet the following from the EC mandate:
> >>>>
> >>>> ". The enhancement, i.e. location data provision, is
> >> expected to be
> >>>> determined by the originating telephony or electronic
> >> communications
> >>>> service provider, capable of originating voice calls
> >> through a number
> >>>> or numbers in national telephone numbering plans, and be
> >> provided at
> >>>> call setup to the PSAP as soon as the call reaches the authority 
> >>>> handling the emergency calls."
> >>>>
> >>>> The proposal in the document is that the recipient of a
> >> SIP request
> >>>> will either know that the entity that sent or proxied the
> >> SIP request
> >>>> is either an "originating telephony or electronic communications 
> >>>> service provider" or trusts that entity to make a proper 
> >>>> discrimination of that.
> >>>>
> >>>> Relying on certificates or known domain names would
> >> require PSAPs and
> >>>> networks routeing emergency calls to have a maintained 
> database of 
> >>>> all known "originating telephony or electronic
> >> communications service
> >>>> provider" worldwide.
> >>>>
> >>>> 2)	The question was raised as to whether it should be
> >>>> specific for emergency call. I see no reason why it 
> should be. It 
> >>>> does not interfere with the location itself, or the 
> privacy of the 
> >>>> location itself. Further, I have a concern of any protocol
> >> mechanism
> >>>> that is emergency call specific, as it never gets tested 
> until one 
> >>>> wants to make an emergency call.
> >>>>
> >>>> 3)	I believe Cullen mentioned privacy, but I am not sure
> >>>> in what context. The mechanism does not interfere with 
> any of the 
> >>>> privacy requirements defined for the Geolocation header field.
> >>>> Further if the trust in 1) above is not met, it is only
> >> the parameter
> >>>> that is removed, not the Geolocation header field itself.
> >>>>
> >>>> Regards
> >>>>
> >>>> Keith
> >>> _______________________________________________
> >>> dispatch mailing list
> >>> dispatch@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/dispatch
> >>>
> >>
> >> _______________________________________________
> >> dispatch mailing list
> >> dispatch@ietf.org
> >> https://www.ietf.org/mailman/listinfo/dispatch
> >>
> 
>

v2.23.0 | Report a Bug | By Email