IETF Logo Mail Archive

Re: [Geopriv] HELD and persistent TLS connections in emergency calls

Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Sat, 15 September 2007 09:00 UTC

Return-path: <geopriv-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IWTW5-000217-MJ; Sat, 15 Sep 2007 05:00:41 -0400
Received: from geopriv by megatron.ietf.org with local (Exim 4.43) id 1IWTW3-000210-6C for geopriv-confirm+ok@megatron.ietf.org; Sat, 15 Sep 2007 05:00:39 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IWTW2-00020s-F0 for geopriv@ietf.org; Sat, 15 Sep 2007 05:00:38 -0400
Received: from mail.gmx.net ([213.165.64.20]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1IWTW1-0004l5-Eh for geopriv@ietf.org; Sat, 15 Sep 2007 05:00:38 -0400
Received: (qmail invoked by alias); 15 Sep 2007 09:00:35 -0000
Received: from p54987CAB.dip.t-dialin.net (EHLO [192.168.1.4]) [84.152.124.171] by mail.gmx.net (mp031) with SMTP; 15 Sep 2007 11:00:35 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX19sLGIU7ipsEJAX/TgKt8SqwQjdkPx2WW0qq/5xMQ Fp/OnPO3cUV9Q/
Message-ID: <46EB9F34.9010802@gmx.net>
Date: Sat, 15 Sep 2007 11:00:36 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Cullen Jennings <fluffy@cisco.com>
Subject: Re: [Geopriv] HELD and persistent TLS connections in emergency calls
References: <0a2f01c7f6f5$79431b90$640fa8c0@cis.neustar.com> <F14BDC35-0DDD-4815-8E84-9997338CB03A@cisco.com>
In-Reply-To: <F14BDC35-0DDD-4815-8E84-9997338CB03A@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 37af5f8fbf6f013c5b771388e24b09e7
Cc: 'GEOPRIV' <geopriv@ietf.org>
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Errors-To: geopriv-bounces@ietf.org

Hi Cullen,

Cullen Jennings wrote:
>
> Few random thoughts....
>
> Certainly session resumption might work well here - basically when the 
> device connected the first time it would do the public key operation 
> to set up session once then save a secret that could be used for 
> future sessions without doing the expensive public key operations. 
> There are extensions to allow session resumption to only store state 
> on the client not server - RFC 4507 and soon to be approved update to it.

Yep; http://www.ietf.org/internet-drafts/draft-salowey-tls-rfc4507bis-01.txt
(Document already in *RFC Ed Queue*)

> It would be well worth having a look at the session resumption stuff 
> and seeing how to specify it's usage - it is implemented in many TLS 
> stacks including OpenSSL.
>
> I also think it would be worth looking at what the time to set up a 
> TLS session is.

We have done some performance measurements, see
http://www.tmg.informatik.uni-goettingen.de/publications/1297/psk_tls_gi2006_final.pdf

The analysis did not consider session resumption. However, as one can 
easily see the key length and the selected mode has an impact on the 
performance.


> The first thing would be to look at what size keys should the server 
> use - some recommendation for key size specific to LIS might help keep 
> people from using things way too large. The information transfered 
> over HELD is unlikely to have high long term value and that might 
> change the key sizes chosen. It would then be good to guess what the 
> processors might be on the very low end stuff by the time any of this 
> actually gets deployed. My gut feeling is 1/2 second does not sound 
> quite right. Whatever the answer is, it would be nice to see this 
> analysis.
While the above-mentioned study consider "low-end machines" as well it 
did not focus on mobile phones. Maybe that's something to add.

With the low-end servers we have used 1/2 second is certainly not correct.

>
> I can also imagine that in some cases getting a reference might help 
> in that the host that eventually fetched the reference might have a 
> much faster processor than a low end mobile phone.

Ciao
Hannes

> Cullen <with my individual hat on>
>
> PS - I simultaneously agree with Henning that it might be possible to 
> use long lived TLS connection while agreeing with Barbara that 
> regardless of the feasibility, operators will hate the idea. Hows that 
> for being on the fence :-)  But I hope we can avoid having to do this 
> approach.
>
>
> On Sep 14, 2007, at 10:34 AM, Brian Rosen wrote:
>
>> One of the uses for HELD is for an end device to obtain its 
>> location.  The
>> recommendations in ecrit-phonebcp say that the end device should get its
>> location when it boots, periodically thereafter, and as it makes an
>> emergency call.  The time to complete the operation doesn't matter in 
>> the
>> first two cases, but does at call time.
>>
>> Location sent by value should be protected from eavesdropping.  TLS 
>> is of
>> course the mechanism of choice for HELD. Unless we change our position,
>> we've stated that the security of the reference is the same as the 
>> value.
>> That means getting a reference doesn't help; you would want to 
>> protect the
>> transfer of the reference with TLS.
>>
>> What should the recommendation be for the TLS connection between the
>> endpoint and the HELD server?  Seems like we have two bad choices:
>> 1. The endpoint maintains a persistent TLS connection.  This seems
>> impossible for a LIS to maintain, and wasteful for the device
>> 2. We incur very long time to establish the TLS session at call time.  I
>> think this is currently something in the 1/2 second or more range for a
>> typical phone like embedded controller, sometimes much more.  That is 
>> WAY
>> too long for emergency call, where we're attempting to keep call set 
>> up in
>> the 2 seconds from dial to ring.
>>
>>
>> I don't have an answer here.  We don't use TLS with the other LCPs; 
>> we have
>> other mechanisms that protect the privacy to various degrees.  TLS is an
>> excellent mechanism for this purpose.  I just don't know how to deal 
>> with
>> the setup time.
>>
>> Brian
>>
>>
>>
>> _______________________________________________
>> Geopriv mailing list
>> Geopriv@ietf.org
>> https://www1.ietf.org/mailman/listinfo/geopriv
>
>
> _______________________________________________
> Geopriv mailing list
> Geopriv@ietf.org
> https://www1.ietf.org/mailman/listinfo/geopriv



_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

v2.23.0 | Report a Bug | By Email