IETF Logo Mail Archive

[Geopriv] RE: Strawman Proposal

"Winterbottom, James" <James.Winterbottom@andrew.com> Tue, 13 March 2007 20:51 UTC

Return-path: <geopriv-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRDxx-0000cl-2g; Tue, 13 Mar 2007 16:51:29 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRDxv-0000cf-SG for geopriv@ietf.org; Tue, 13 Mar 2007 16:51:27 -0400
Received: from smtp3.andrew.com ([198.135.207.235] helo=andrew.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HRDxu-0000uC-FL for geopriv@ietf.org; Tue, 13 Mar 2007 16:51:27 -0400
X-SEF-Processed: 5_0_0_910__2007_03_13_15_57_24
X-SEF-16EBA1E9-99E8-4E1D-A1CA-4971F5510AF: 1
Received: from aopexbh1.andrew.com [10.86.20.24] by smtp3.andrew.com - SurfControl E-mail Filter (5.2.1); Tue, 13 Mar 2007 15:57:23 -0500
Received: from AHQEX1.andrew.com ([10.86.20.21]) by aopexbh1.andrew.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 13 Mar 2007 15:51:25 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 13 Mar 2007 15:51:23 -0500
Message-ID: <E51D5B15BFDEFD448F90BDD17D41CFF102957DA6@AHQEX1.andrew.com>
In-Reply-To: <45F6FF85.6090109@gmx.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Strawman Proposal
Thread-Index: AcdlqEVSFdZg4j1wTVmfZcy2HAPc9AABnHZQ
From: "Winterbottom, James" <James.Winterbottom@andrew.com>
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
X-OriginalArrivalTime: 13 Mar 2007 20:51:25.0792 (UTC) FILETIME=[5DA2DE00:01C765B1]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87
Cc: GEOPRIV <geopriv@ietf.org>, "Dawson, Martin" <Martin.Dawson@andrew.com>, Marc Linsner <mlinsner@cisco.com>
Subject: [Geopriv] RE: Strawman Proposal
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Errors-To: geopriv-bounces@ietf.org

Hi Hannes,


> * We don't do Location Signing at all.
> * Access networks distribute location information to the end host at a
> granularity that allows location based routing (unsigned). For most
> countries this is in fact trivial.


[AJW] My discussions with carriers and infrastructure providers seems to
suggest that obtaining location information to provide to end hosts is
going to be far from trivial. When confronted with this hurdle I am not
so sure that adding signing is that much more work.


> * Access networks additionally provide a location-by-reference to the
> end host (if necessary and if they can do so)
> This reference is resolved by the PSAP for detailed location
information
> retrieval. The PSAP can therefore also authenticate the LIS and has
the
> information about the access network.

[AJW] It is not clear to me how I can use this approach to provide an
answering or priority policy for the PSAP. Do however agree that a
re-query mechanism as you suggest is useful where the PSAP wants
up-to-date or more accurate location information.

> 
> As Henning pointed out there is some value in authenticating the
> emergency caller (directly or indirectly). Why did nobody investigate
it
> since it also allows to get hold of the adversary? It might not look
so
> nice from crypto point of view but it would provide a lot of help.
> 

[AJW] It is not clear to me how authenticating millions of users and
their multitude of identity mechanisms is any less daunting than
providing accreditation to potentially thousands of access network
providers. But perhaps I am missing the point. That said, if you couple
this with signed location then you have the whole gamut. See location
dependability draft
http://tools.ietf.org/html/draft-thomson-geopriv-location-dependability-
00
 
> 
> PS: I also believe that the PSAP operator would accept calls that
don't
> have any location attached to it. How many calls today have location
> information available? Do we have some statistics about it?
> 

[AJW] All emergency calls in the world have some degree of location
provided (inferred), though in some cases this may not be fantastically
accurate, country level. In the United States for wireline it is based
on the calling line ID, and either an ESRD (roughly representing a cell)
or an ESRK (representing a rough calling area) for wireless.

Perhaps, like some other working groups we need to make the distinction
between support and implement. I am asking that the requirements include
support for it, I think that implementation will be something that
jurisdictions have the option to do or not.

Cheers
James




> 
> Winterbottom, James wrote:
> > I have re-read Ted's email now several times, and it seems to
> > concentrate on being able to detect and potentially thwart denial of
> > service attacks. While this is one of the potential problem it is
not
> > the only one, and I don't see the kind of thing Ted is talking about
as
> > addressing the same problems that signatures will address.
> >
> > Further more I did not seem to me to provide a concrete way of doing
> > what Ted was suggesting. Precisely how will this be done?  Without
these
> > details it seems like smoke and mirrors and may not end up being
> > possible at all. But I don't discount it as helping.
> >
> > I don't see DoS as being the only source of attack, and certainly
don't
> > see signatures as the solution to the DoS problem. I do see
signatures
> > as providing a good way to potentially screen crank-calls and
avoiding
> > unnecessary use of public resources.
> >
> > The 4 requirements I am tabling are below.
> >
> > 1) The only calls that SHALL be directed to a PSAP are those calls
that
> > have been made by end-devices that are in the PSAP service
jurisdiction
> > at the time a call is made.
> >
> > 2) Any location used by routing services or subsequent dispatch
services
> > MUST unequivocally represent the physical position of the end-device
at
> > the time the location is proffered.
> >
> > 3) Any request for location made to a LIS MUST result in either an
> > error, or the current location of the target device being returned.
> >
> > 4) The source of the location information MUST be identifiable and
is
> > accountable for the accuracy of the information provided.
> >
> > Providing you try to meet these 4 requirements I am happy. Simply
saying
> > they can't be done and so they are not requirements, as has been
said in
> > the past, is not acceptable.
> >
> > Cheers
> > James
> >
> >
> >
> >
> >
> >
> >> -----Original Message-----
> >> From: Marc Linsner [mailto:mlinsner@cisco.com]
> >> Sent: Tuesday, 13 March 2007 2:50 AM
> >> To: Dawson, Martin
> >> Cc: 'GEOPRIV'
> >> Subject: RE: [Geopriv] NENA Requirements
> >>
> >> Martin,
> >>
> >>
> >>> I think all of the NENA requirements have been raised and
> >>> discussed - the latest concept to cause indigestion is
> >>> location signing.
> >>>
> >> You have requirements mixed up with solutions.  Signing location
> >>
> > objects
> >
> >> is
> >> a solution.  I believe Ted nailed the requirement.
> >>
> >> -Marc-
> >>
> >>
> >>
> >> _______________________________________________
> >> Geopriv mailing list
> >> Geopriv@ietf.org
> >> https://www1.ietf.org/mailman/listinfo/geopriv
> >>
> >
> >
------------------------------------------------------------------------
> ------------------------
> > This message is for the designated recipient only and may
> > contain privileged, proprietary, or otherwise private information.
> > If you have received it in error, please notify the sender
> > immediately and delete the original.  Any unauthorized use of
> > this email is prohibited.
> >
------------------------------------------------------------------------
> ------------------------
> > [mf2]
> >
> >
> > _______________________________________________
> > Geopriv mailing list
> > Geopriv@ietf.org
> > https://www1.ietf.org/mailman/listinfo/geopriv
> >
> 

------------------------------------------------------------------------------------------------
This message is for the designated recipient only and may
contain privileged, proprietary, or otherwise private information.  
If you have received it in error, please notify the sender
immediately and delete the original.  Any unauthorized use of
this email is prohibited.
------------------------------------------------------------------------------------------------
[mf2]


_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

v2.23.0 | Report a Bug | By Email