Re: [Geopriv] draft-ietf-geopriv-lbyr-requirements-02 ???

["Roger Marshall" <RMarshall@telecomsys.com>]

The following summarizes the second of the three original subj:
questions, Q1,Q2,Q3:

Q2.

...about draft-ietf-geopriv-lbyr-requirements-01
Sent: Friday, February 15, 2008 4:24 PM, Fr: James M. Polk

> Section 5.1 has this requirement
> 
> "
> C4. Random Generated:  The location URI MUST be hard to 
> guess, i.e., it MUST contain a cryptographically random component.
> 
> Motivation: There is some benefit to the client if the 
> location URI is generated in an obscured manner so that its 
> sequence, for example in the case of a client's location 
> update, can't be easy guessed.
> "
> 
> Why does this need to be cryptographically random?
> 
> As long as my badge number is "3199", why can't my LbyR URI be
> 
>          sips:cisco3199.cisco.com
> 
> The domain part is already revealed in the URI...[cut]

The last of many emails discussing this was on 3/03... (btwn, James P.,
Barbara S., Richard B.).  Based on that discussion, and some earlier R*
text from Richard Barnes, the current requirements draft (-02) contains
the following resolution to Q2:

   C4. [Deleted, replaced by C8,C9,C10]:

...

   C8. Location URI Anonymous:  The location URI MUST NOT reveal any
      information about the Target other than it's location.

      Motivation: A user should have the option to control how much
      information is revealed about them.  This provides that control by
      not forcing the inclusion of other information with location,
      (e.g., to not include any identification information in the
      location URI.)

   C9. Location URI Not guessable:  Location URIs that do not require
      authentication and authorization MUST NOT be guessable, based on
      the use of a cryptographically random sequence somewhere within
      the URI.  (Note that the number of bits depends to some extent on
      the number of active location URIs that might exist at the one
      time; 128-bit is most likely enough for the short term.)

      Motivation: Location URIs without access control reveal private
      information, and a guessable location URI could be easily
      exploited to obtain private information.

   C10.  Location URI Optional:  In the case of user-provided
      authorization policies, where anonymous or non-guessable location
      URIs are not warranted, the location configuration protocol MAY
      support optional location URI forms.

      Motivation: Users don't always have such strict privacy
      requirements, but may opt to specify their own location URI, or
      components thereof.

I'm not currently aware of any further comments received on the list
concerning this approach and language.

-roger marshall.


> -----Original Message-----
> From: geopriv-bounces@ietf.org 
> [mailto:geopriv-bounces@ietf.org] On Behalf Of James M. Polk
> Sent: Monday, March 31, 2008 1:19 PM
> To: Hannes Tschofenig
> Cc: GEOPRIV
> Subject: Re: [Geopriv] draft-ietf-geopriv-lbyr-requirements-02 ???
> 
> At 07:53 AM 3/30/2008, Hannes Tschofenig wrote:
> >It seems that you are saying that Roger has to keep things going.
> 
> All I'm saying is that there was never a post articulating 
> what the consensus reached answers were to each of the 3 
> questions I asked on the list.  I don't believe that is 
> asking a lot. Do you think this is asking too much?
> 
> Each of the 3 questions had ~ 5 to 75 responses, so there 
> were a lot of folks interested in the questions, and 
> obviously the first response didn't answer any of the 3 Qs right away.
> 
> 
> >Roger, could you post a description of the outstanding issues with a 
> >suggestions on how to address them?
> >
> >Ciao
> >Hannes
> >
> >James M. Polk wrote:
> > > At 12:40 PM 3/29/2008, Hannes Tschofenig wrote:
> > >> Given the status of HELD this document should have been 
> finished a 
> > >> while ago.
> > >> I am not even sure whether I have seen a WGLC for it.
> > >>
> > >> What are the next steps for it?
> > >> Why isn't it done already?
> > >
> > > weeeeelllll....
> > >
> > > There were 3 fairly substantiative questions posted 
> against -01 of 
> > > the ID just before the -0X deadline, and there needs to 
> be time for 
> > > proper review of -02 to see if this version answers at 
> least these 3 questions.
> > >
> > > I think 1 has been answered
> > >
> > > I think another has not reached consensus
> > >
> > > and the last wasn't answered at all
> > >
> > > but this is memory (which may or may not be reliable)
> > >
> > >
> > >> _______________________________________________
> > >> Geopriv mailing list
> > >> Geopriv@ietf.org
> > >> https://www.ietf.org/mailman/listinfo/geopriv
> >
> >_______________________________________________
> >Geopriv mailing list
> >Geopriv@ietf.org
> >https://www.ietf.org/mailman/listinfo/geopriv
> 
> _______________________________________________
> Geopriv mailing list
> Geopriv@ietf.org
> https://www.ietf.org/mailman/listinfo/geopriv
> 


CONFIDENTIALITY NOTICE: The information contained in this message may be privileged and/or confidential. If you are not the intended recipient, or responsible for delivering this message to the intended recipient, any review, forwarding, dissemination, distribution or copying of this communication or any attachment(s) is strictly prohibited. If you have received this message in error, please notify the sender immediately, and delete it and all attachments from your computer and network.

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv