Re: [Geopriv] New draft on Secure Location Objects
"Richard L. Barnes" <rbarnes@bbn.com> Mon, 06 November 2006 17:53 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gh8eh-0007lz-Tr; Mon, 06 Nov 2006 12:53:07 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gh8eg-0007lq-D5; Mon, 06 Nov 2006 12:53:06 -0500
Received: from mx11.bbn.com ([128.33.0.80]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gh8ec-000269-3Z; Mon, 06 Nov 2006 12:53:06 -0500
Received: from dommiel.bbn.com ([192.1.122.15] helo=[127.0.0.1]) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <rbarnes@bbn.com>) id 1Gh8eX-0005ym-5V; Mon, 06 Nov 2006 12:52:57 -0500
Message-ID: <454F766D.9090002@bbn.com>
Date: Mon, 06 Nov 2006 09:52:45 -0800
From: "Richard L. Barnes" <rbarnes@bbn.com>
User-Agent: Thunderbird 1.5.0.7 (Windows/20060909)
MIME-Version: 1.0
To: Henning Schulzrinne <hgs@cs.columbia.edu>
Subject: Re: [Geopriv] New draft on Secure Location Objects
References: <454BD3C6.1060609@bbn.com> <6AD351BE-7106-4DF9-8902-70C6A1CA0534@cs.columbia.edu>
In-Reply-To: <6AD351BE-7106-4DF9-8902-70C6A1CA0534@cs.columbia.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 4b800b1eab964a31702fa68f1ff0e955
Cc: geopriv@ietf.org, ECRIT <ecrit@ietf.org>, Steve Kent <kent@bbn.com>
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Errors-To: geopriv-bounces@ietf.org
Henning, You're certainly right that we don't need to revisit the arguments that have gone on about location signing (and other security issues). In this draft, I think we were hoping to sidestep some of that by treating mechanisms for security separately from the underlying trust models. That is, this draft is trying to examine the tradeoffs of various security mechanisms, and their performance against security threats in current GEOPRIV and ECRIT documents -- independent of the trust model and associated semantics. I agree that the trust model that supports GEOPRIV security is a complicated and difficult question, and one we should elaborate on more in our next draft. We will try to incorporate the prior ECRIT and GEOPRIV discussions, in addition to the current documents. However, we should bear in mind that the selection of a trust model is a separate and independent problem from defining formats and mechanisms that might rely on such a trust model. Thanks, --Richard Henning Schulzrinne wrote: > Richard, > > your author group may benefit from perusing the ECRIT and GEOPRIV > mailing list archives, as they discuss many of these issues in depth. > Unfortunately, issues such as what it means to sign a location (how > can the receiver tell who can legitimately sign for an unknown user's > location?) do not seem to be reflected in your draft. Given the long > and contentious debates on these topics, it would seem helpful to > avoid having them again, so I think you could do the working groups a > favor by reflecting those discussions in your draft. If you're able to > summarize and reflect on those issues, your draft could be potentially > useful to move the discussion forward, rather than just having the > same discussion again. > > Many of these items are already discussed in the L7 and conveyance > document, so it might be useful to reduce the overlap. > > Henning > > > On Nov 3, 2006, at 6:41 PM, Richard L. Barnes wrote: > >> The issue of the security of location information in the GEOPRIV >> architecture has gotten a lot of discussion, so we wanted to examine >> some ways that security features might be embedded in location objects. >> >> The internet-drafts queue seems to be saturated, so please find >> draft-barnes-geopriv-secure-location-object-00.txt attached. >> >> Cheers, >> --Richard >> >> >> >> Network Working Group R. Barnes >> Internet-Draft M. Lepinski >> Intended status: Informational R. Watro >> Expires: April 27, 2007 BBN Technologies >> October 24, 2006 >> >> >> Secure Location Objects >> draft-barnes-geopriv-secure-location-object-00 > > _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv
- [Geopriv] New draft on Secure Location Objects Richard L. Barnes
- Re: [Geopriv] New draft on Secure Location Objects Henning Schulzrinne
- Re: [Geopriv] New draft on Secure Location Objects Richard L. Barnes