IETF Logo Mail Archive

RE: [Geopriv] draft agenda: GEOPRIV @ IETF 70

"Marc Linsner" <mlinsner@cisco.com> Wed, 21 November 2007 22:29 UTC

Return-path: <geopriv-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iuy4N-00085t-Ju; Wed, 21 Nov 2007 17:29:19 -0500
Received: from geopriv by megatron.ietf.org with local (Exim 4.43) id 1Iuy4L-00085Y-N9 for geopriv-confirm+ok@megatron.ietf.org; Wed, 21 Nov 2007 17:29:17 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iuy4L-00085Q-9k for geopriv@ietf.org; Wed, 21 Nov 2007 17:29:17 -0500
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Iuy4K-0004xn-8N for geopriv@ietf.org; Wed, 21 Nov 2007 17:29:17 -0500
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-5.cisco.com with ESMTP; 21 Nov 2007 14:29:15 -0800
Received: from sj-core-3.cisco.com (sj-core-3.cisco.com [171.68.223.137]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id lALMTFsa016217; Wed, 21 Nov 2007 14:29:15 -0800
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id lALMSr0o008534; Wed, 21 Nov 2007 22:29:15 GMT
Received: from xmb-rtp-205.amer.cisco.com ([64.102.31.59]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 21 Nov 2007 17:28:52 -0500
Received: from mlinsnerwxp02 ([10.82.170.67]) by xmb-rtp-205.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 21 Nov 2007 17:28:50 -0500
From: Marc Linsner <mlinsner@cisco.com>
To: "'Winterbottom, James'" <James.Winterbottom@andrew.com>, geopriv@ietf.org
Subject: RE: [Geopriv] draft agenda: GEOPRIV @ IETF 70
Date: Wed, 21 Nov 2007 17:28:51 -0500
Message-ID: <00a401c82c8d$e71282a0$2f0d0d0a@cisco.com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
In-reply-to: <E51D5B15BFDEFD448F90BDD17D41CFF1039E56D8@AHQEX1.andrew.com>
Thread-Index: AcgrsVlMpPdFoz8GQYW928WCPUjhDQAsPgkvAAEyHeAABWYFIAADUsdw
X-OriginalArrivalTime: 21 Nov 2007 22:28:52.0123 (UTC) FILETIME=[E4D4EEB0:01C82C8D]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=31281; t=1195684155; x=1196548155; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mlinsner@cisco.com; z=From:=20=22Marc=20Linsner=22=20<mlinsner@cisco.com> |Subject:=20RE=3A=20[Geopriv]=20draft=20agenda=3A=20GEOPRIV=20@=20IETF=20 70 |Sender:=20; bh=WDBTfIO4rRxY+XvdMLQZWMXzO9cHQYArnqLX5uUigSk=; b=hrr65fPFyQZlUKBNttZvdFxZW5raynX3K5U3mFFgooysVU0Cmld2iDxFcjC1UJB7ll68EoXy ENcn0+tuXthrPT4GF9nYtjoJHsc8H9XyAG3Jc45y32U6J8mXkxHW45Nl;
Authentication-Results: sj-dkim-2; header.From=mlinsner@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8b46f883d051ec9bb02ad32011a213d1
Cc:
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1541309563=="
Errors-To: geopriv-bounces@ietf.org

James,
 
In-line....


  _____  

From: Winterbottom, James [mailto:James.Winterbottom@andrew.com] 
Sent: Wednesday, November 21, 2007 3:42 PM
To: Marc Linsner; Stark, Barbara; rjsparks@nostrum.com; geopriv@ietf.org
Subject: RE: [Geopriv] draft agenda: GEOPRIV @ IETF 70



Marc,

 

Suppose the identifier is a MAC address, since this has no formal URI
representation  then what? 

 

macaddressofmarclinsnersworkstation-00-01-6C-CB-DF-01@accessprovider.net
<mailto:macaddressofmarclinsnersworkstation-00-01-6C-CB-DF-01@accessprovider
.net> 

 

IMO, formalization of such is not required as entities passing such
information have established relationships and can negotiate syntax via that
relationship.  If in fact it's standardized, it creates an attack vector.

 

Suppose HELD is bound to a transport other than HTTP, such as in
http://tools.ietf.org/html/draft-thomson-geopriv-held-beep-01, how are the
parameters simply added to the URI? Does it even make sense to do so? 

 

Hmm....HELD = HTTP enabled location discovery is bound to a transport other
than HTTP?

 

http://www.ietf.org/internet-drafts/draft-ietf-geopriv-l7-lcp-ps-06.txt
indicates that identifiers other than IP address will be required in some
scenarios. 

 

LCP = location configuration protocol. Configuration of a host, not SP OSS
boxes.  Where draft-ietf-geopriv-http-location-delivery-03.txt does not work
is spelled out in that draft.  The draft works in ALL scenarios except
tunnels.  I'll accept that the security/privacy required by 3693/4 is met as
is, but not with extensions.

 

 

http://www.ietf.org/internet-drafts/draft-ietf-ecrit-phonebcp-03.txt
identifies the need, in some situations, for an outbound proxy to insert
location on-behalf-of the calling device. In this situation using HELD
requires a formal way to express how the Device is being identified, and
what the identifier represents. 

 

 Not all requirements have technical solutions.  The phonebcp is attempting
to state that it's possible for a proxy to insert location, it doesn't
provide or require the 'how'.

 

Please read the draft
http://tools.ietf.org/html/draft-winterbottom-geopriv-held-identity-extensio
ns-04 before jumping on to the attack. 

 

Yes, this drafts opens up several ways for someone other than a target to
gain knowledge of some other target's location. 

 

There are several architectures and deployments well underway that require
this work. The ABNF definitions in the extensions draft have applicability
beyond just HELD. 

 

I realize Barbara's concern and offered an alternative, asking why it
doesn't solve her use case.  To state there are 'several' more adds nothing
to this thread. 

 

 

    I don't see a need to delay this work further. 

 

That's a surprise.

 

-Marc-

 

 

 

Cheers

James

 


  _____  


From: Marc Linsner [mailto:mlinsner@cisco.com] 
Sent: Thursday, 22 November 2007 4:54 AM
To: 'Stark, Barbara'; rjsparks@nostrum.com; geopriv@ietf.org
Subject: RE: [Geopriv] draft agenda: GEOPRIV @ IETF 70

 

Barbara,

 

Remind me again why this can't be accomplished by putting the identifier in
the uri?  ex: identifier@accessprovider.net

 

Thanks,

 

-Marc-

 

 

 


  _____  


From: Stark, Barbara [mailto:bs7652@att.com] 
Sent: Wednesday, November 21, 2007 12:17 PM
To: rjsparks@nostrum.com; geopriv@ietf.org
Subject: Re: [Geopriv] draft agenda: GEOPRIV @ IETF 70

Robert,
I think the HELD identity extensions is important. It's needed for LIS to
LIS communication, which is critical where the entity who assigns the public
IP address is not the same as the access provider.
Barbara

----- Original Message -----
From: Robert Sparks <rjsparks@nostrum.com>
To: GEOPRIV <geopriv@ietf.org>
Sent: Tue Nov 20 15:09:03 2007
Subject: [Geopriv] draft agenda: GEOPRIV @ IETF 70

Folks -

We have 2.5 hrs in Vancouver (Friday morning). Based on our chartered 
work, list discussions, and agenda requests, here's the agenda I'm 
planning to follow:

15m     Administrivia   Chairs
30m     http-location-delivery  Mary (<- Lets finish this one!)
20m     Finishing geopriv-policy        Hannes/Cullen
30m     LIS Discovery   James W
10m     l7lcp-ps        Hannes
20m     pidf-lo-dynamic Henning
15m     dhcp-lbyr-uri-option    James P
10m     civicaddresses-austria  Karl
20m     Uncertainty and Confidence      James W
10m     HELD Dereference        James W

As usual, we have many other requests to talk about other things - 
please take those to the list for now.

This is a draft agenda and we can change it. Let me know if you think 
I've missed something important.

RjS


_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

*****

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers. GA623




----------------------------------------------------------------------------
--------------------
This message is for the designated recipient only and may
contain privileged, proprietary, or otherwise private information.  
If you have received it in error, please notify the sender
immediately and delete the original.  Any unauthorized use of
this email is prohibited.
----------------------------------------------------------------------------
--------------------
[mf2]	


_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

v2.23.0 | Report a Bug | By Email