Re: [Ecrit] Roman Danyliw's No Objection on draft-ietf-ecrit-similar-location-18: (with COMMENT)

Roman Danyliw <rdd@cert.org> Wed, 02 March 2022 14:31 UTC

Return-Path: <rdd@cert.org>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7E513A085D; Wed, 2 Mar 2022 06:31:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RzCipAFXFQZh; Wed, 2 Mar 2022 06:31:16 -0800 (PST)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0112.outbound.protection.office365.us [23.103.208.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0382A3A07D3; Wed, 2 Mar 2022 06:31:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Kz6UYhhd6k1l1LdZp36x1ew2sJZRkgY610H2ZsajXGxLJOL/Bwnm86nXReUwLuGhHXT/CQp8xVs0J+f6KiC5MEoKMGaMLml0aqL3Q5AG1GyZRvpr/EEhQLnemNNsDTar1qT9+JF1RCrW9InMNckRMLEriSmr6nkWPKhAy8zzfopg8Vurd+RRP2qjJYdRAMDg7wwTWBNrYxZcTMWCE4jO1flG+CC7e01ZYJWQXp3W5VrS3b8nu0q8n53+uvT+GjkmcyQ9QXobIq+1XUYzQMSt5ZQZSdU1yWhsWr1hWLI79wtedz2JA1C4hn/xiFSHqIWHTPQYBxBt5JaqG8gYu/iwLg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XsxDQTv2OPElnxlGOoqlfdLCNCN6t6JiiXmlVIiPCxo=; b=Susf9yrMm3xTHdtlvV5Wkd1+nNsZiiUa6pJezPQ8UQroA7Lj7/WrJSESrDAd3ar0a51FG10ewdKe8+muYjoeOue1aX5SC9WyfGL51XJ7jAyrGnx9QdkKlMWjlH6TdOwyzrBdsX35I0d+CddbNnaPiYaANJg+SoHPx6JiFYuzyEdUVfUlwCGQF8Qpq3I+K/IUOw5+bWNrhEznLkJ8OZu0BqLBn43z9dvYEKLKnVIxQx4lPYJlnmR1FNuCgqPBeLkldcifjU5y2Yx25cJtGVTXsOKp51vz4zA8XC5wk58X0IJtC0XhYZW0CPPlYiFRMSL7DxhFWGwp1rO60UWwC/Ympg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XsxDQTv2OPElnxlGOoqlfdLCNCN6t6JiiXmlVIiPCxo=; b=WJNLrRUuIx2XUCzVktbPWoAT8eZNVM5pv6t1w6Sutjco3fz1Ipve+2NDAVCGZEFCoGpQWtpHuqJCzDs4kmxJiajF8FxdC8l7gYUg8zZzqzwg+n1J2hbsGAxBhln0J58ICqJogrYn4cBzKM0zb3+vpIANpH7U73LVdWq4NFac/nI=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1382.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.14; Wed, 2 Mar 2022 14:31:10 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::40d4:64e2:fc22:b3cd]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::40d4:64e2:fc22:b3cd%5]) with mapi id 15.20.5017.027; Wed, 2 Mar 2022 14:31:10 +0000
From: Roman Danyliw <rdd@cert.org>
To: Brian Rosen <br@brianrosen.net>
CC: The IESG <iesg@ietf.org>, "draft-ietf-ecrit-similar-location@ietf.org" <draft-ietf-ecrit-similar-location@ietf.org>, "ecrit-chairs@ietf.org" <ecrit-chairs@ietf.org>, "ecrit@ietf.org" <ecrit@ietf.org>, "dwightpurtle@gmail.com" <dwightpurtle@gmail.com>
Thread-Topic: Roman Danyliw's No Objection on draft-ietf-ecrit-similar-location-18: (with COMMENT)
Thread-Index: AQHYLj9dEmuOR5e/I0CrYIU/liFq5aysJa2AgAABzwA=
Date: Wed, 02 Mar 2022 14:31:10 +0000
Message-ID: <BN2P110MB11070ED42940F4C24734526EDC039@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <164623025433.17954.9445129257215162877@ietfa.amsl.com> <0C760307-44DB-405D-A93D-AAB69D674361@brianrosen.net>
In-Reply-To: <0C760307-44DB-405D-A93D-AAB69D674361@brianrosen.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2c6f9b81-7523-4443-1cfc-08d9fc594bea
x-ms-traffictypediagnostic: BN2P110MB1382:EE_
x-microsoft-antispam-prvs: <BN2P110MB1382043B8885DBCA44A32EEADC039@BN2P110MB1382.NAMP110.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6IlYb9eeDI+TZoqfwe8x0qQSFL5K5TIRbCWTyaionqU3DSkWZsOMXyp3sCGaAthWIUfsom/bW7huyrpjE6yfMc9CBfoyP5cdQ/t1hkJeI1Hgxm7l3E+RzRRyy4/R5EBBJsp/qw5VGjARPGIkajDt8DILtSM4wDIUsq98t6P2XK+8yxTmx97EY8BfVChyzkTu2x6kCqjn3V22P35XObPh32yhQ+ztO0KxglRYyp34b0+VF0wgyMDDXxVMnPoOUx3H8klKl0Z2HWiDyD53PpA3IpQdjjKY7uEHHvDzEKgbtcB6YBrr9xPuqtKZ9ZMStm8WvFLlXj7weZ+g8xw9z6ynBVATuNkNw0JR/9vUvAYue6lwkt0gdECO2enzkpe2l8ivWHKjNu1N6e/lWTRgS0XLAXSofcUhXwUVX7DgRajWPv+iBvpy52LKAtXLLklYtTpgc6f5PhqV4FuCsRCeejtJDxYxAqoUe/rbUVCRRSXSYAG2iWjq1Z+8Qm4qCqABqQaxAo3yOFkeh4LiRoDxAPNhlasU6e2s/fUuy/iYeVdhCH6YdjN7LjJ6KOg2UjRQV/92aRcmLKx/Q11eNUe024jlj0mCugAcwMf7l4G12CF4n5dd6ZKSLhh3z47ETVO/Vxonjdbz9rcB5sDq4RYyFgclcVIO0lcJsHDnydiQOL9WWAfkq8WG0nNtvhphppY2R1Aeu452+9LUX9O3Gq5+UBeKoQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(366004)(52536014)(86362001)(8936002)(38070700005)(122000001)(5660300002)(82960400001)(2906002)(38100700002)(26005)(186003)(498600001)(54906003)(6916009)(9686003)(7696005)(6506007)(71200400001)(55016003)(53546011)(966005)(66476007)(66556008)(66946007)(76116006)(4326008)(66446008)(8676002)(64756008)(33656002)(83380400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: WZa79Tl4tE5QB3b6s9/NaTIU90wtaXwqnP1yRNncVPWUarRXtqW37YK8VjPY69llxOM2og/Bs/Su0OVznOn4CGSY9MQEIl7Odec7zC8KWL2/ebBGVjr2nOB6lQyuv4UkGmVndoMYiY3ZjUdyGIPudw==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 2c6f9b81-7523-4443-1cfc-08d9fc594bea
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Mar 2022 14:31:10.5090 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1382
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/SZ6mveM-KI_xP-HJlXjx0qqZ80c>
Subject: Re: [Ecrit] Roman Danyliw's No Objection on draft-ietf-ecrit-similar-location-18: (with COMMENT)
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Emergency Context Resolution with Internet Technologies <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2022 14:31:22 -0000

Hi Brian!

> -----Original Message-----
> From: Brian Rosen <br@brianrosen.net>
> Sent: Wednesday, March 2, 2022 9:23 AM
> To: Roman Danyliw <rdd@cert.org>
> Cc: The IESG <iesg@ietf.org>; draft-ietf-ecrit-similar-location@ietf.org; ecrit-
> chairs@ietf.org; ecrit@ietf.org; dwightpurtle@gmail.com
> Subject: Re: Roman Danyliw's No Objection on draft-ietf-ecrit-similar-location-
> 18: (with COMMENT)
> 
> Thanks for the comments.  It’s a W3C schema, and I will add text to say that.
> 
> The suggestion to limit query rate for corrections is a good one, and I’ll add it.
> The database should be public, but the users who really need correction service
> (typically communications service providers) are typically known in advance
> and authentication could differentiate.
> 
> “The similar location service could be misused to attempt to enumerate the
> entire database by running a high volume of invalid or partial queries.  The LoST
> server can limit the volume of similar locations it returns.  It can also
> authenticate queries and limit the service to known queriers”

Thanks for explaining the deployment context.  The above proposed text captures my thinking.  Much appreciated.

Regards,
Roman

> Brian
> 
> > On Mar 2, 2022, at 9:10 AM, Roman Danyliw via Datatracker
> <noreply@ietf.org> wrote:
> >
> > Roman Danyliw has entered the following ballot position for
> > draft-ietf-ecrit-similar-location-18: No Objection
> >
> > When responding, please keep the subject line intact and reply to all
> > email addresses included in the To and CC lines. (Feel free to cut
> > this introductory paragraph, however.)
> >
> >
> > Please refer to
> > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-posi
> > tions/ for more information about how to handle DISCUSS and COMMENT
> > positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-ecrit-similar-location/
> >
> >
> >
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> >
> > Thank you to Scott Kelly for the SECDIR review.
> >
> > ** Section 6.  This document should have a normative reference to the
> > schema format used in this section.  Is that RELAX NG? or W3 Schema?
> > I’ll note that [I-D.ietf-ecrit-lost-planned-changes] also doesn’t
> > normatively reference a schema format.
> >
> > ** Section 7.  Given the deployment models of LoST, is it expected
> > that the entire contents of the server database would be publicly
> > available?  Would it be an issue if large portions of the LoST
> > back-end database (on the LoST
> > server) were revealed?  I ask because if the server is willing to
> > correct input/provide suggestions based on partial on invalid client
> > input, a malicious party could potentially use this to enumerate the
> > database via high volume of invalid/partial queries. If that’s a
> > threat, then perhaps there should be a form for rate limiting applied
> > on the number of corrected queries permitted per unit time.
> >
> >
> >