Re: [hiaps] with respect to the BOF request.
<Dirk.von-Hugo@telekom.de> Thu, 19 December 2013 15:46 UTC
Return-Path: <Dirk.von-Hugo@telekom.de>
X-Original-To: hiaps@ietfa.amsl.com
Delivered-To: hiaps@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com
(Postfix) with ESMTP id AED911ADFCC for <hiaps@ietfa.amsl.com>;
Thu, 19 Dec 2013 07:46:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No,
score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cqtHHsC8ehVA for
<hiaps@ietfa.amsl.com>; Thu, 19 Dec 2013 07:46:07 -0800 (PST)
Received: from tcmail33.telekom.de (tcmail33.telekom.de [80.149.113.247]) by
ietfa.amsl.com (Postfix) with ESMTP id E95CE1ADFA3 for <hiaps@ietf.org>;
Thu, 19 Dec 2013 07:46:06 -0800 (PST)
Received: from he113445.emea1.cds.t-internal.com ([10.134.93.105]) by
tcmail31.telekom.de with ESMTP/TLS/AES128-SHA; 19 Dec 2013 16:46:03 +0100
Received: from HE113484.emea1.cds.t-internal.com ([10.134.93.124]) by
HE113445.emea1.cds.t-internal.com ([::1]) with mapi;
Thu, 19 Dec 2013 16:46:03 +0100
From: <Dirk.von-Hugo@telekom.de>
To: <hiaps@ietf.org>
Date: Thu, 19 Dec 2013 16:46:02 +0100
Thread-Topic: [hiaps] with respect to the BOF request.
Thread-Index: Ac73Yj1FGkmZxXwRToq6OVaaAOr/5wFbeTeQ
Message-ID: <05C81A773E48DD49B181B04BA21A342A2C79618673@HE113484.emea1.cds.t-internal.com>
References: <52A97466.2060901@bogus.com>
<CAC8QAceGL2MS3m-CU3FBxP2cf4Gu4JvtkaJ05JjJGxYmtinTMA@mail.gmail.com>
<52A9F4EB.2020103@bogus.com>
<CAC8QAccKCx+6HnMm6gQ8Cx2utva5=JupZuD2zQLT-jWE23Gd_w@mail.gmail.com>
In-Reply-To: <CAC8QAccKCx+6HnMm6gQ8Cx2utva5=JupZuD2zQLT-jWE23Gd_w@mail.gmail.com>
Accept-Language: en-US, de-DE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, de-DE
Content-Type: multipart/alternative;
boundary="_000_05C81A773E48DD49B181B04BA21A342A2C79618673HE113484emea1_"
MIME-Version: 1.0
Cc: joelja@bogus.com, sarikaya@ieee.org
Subject: Re: [hiaps] with respect to the BOF request.
X-BeenThere: hiaps@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Host Identification,
Address and Prefix Sharing in Wi-Fi Access \(hiaps\)" <hiaps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hiaps>,
<mailto:hiaps-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hiaps/>
List-Post: <mailto:hiaps@ietf.org>
List-Help: <mailto:hiaps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hiaps>,
<mailto:hiaps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2013 15:46:10 -0000
Dear all, If you have followed the discussion below, it might be of interest to you that we are currently revising the description for the planned BoF in London and the proposed charter focusing on the emergency call location use case for reasons of privacy issues. The new proposal will include the identified problems and try to fix the goal more clearly. Also the existing work of other WGs on that topic will be considered. We expect the updated text to post early next year and hope you will join. Thanks! Best seasonal greetings and kind regards Dirk From: hiaps [mailto:hiaps-bounces@ietf.org] On Behalf Of Behcet Sarikaya Sent: Donnerstag, 12. Dezember 2013 18:47 To: joel jaeggli Cc: hiaps@ietf.org Subject: Re: [hiaps] with respect to the BOF request. On Thu, Dec 12, 2013 at 11:39 AM, joel jaeggli <joelja@bogus.com<mailto:joelja@bogus.com>> wrote: On 12/12/13, 9:19 AM, Behcet Sarikaya wrote: > Hi Joel, > > Thanks for your comments. > My views inline. > Med can say more... > > > On Thu, Dec 12, 2013 at 2:31 AM, joel jaeggli <joelja@bogus.com<mailto:joelja@bogus.com>> wrote: > >>> Description: Host identification is required in IPv4 when the hosts are >> behind a NAT box or >>> when the communication is tunneled such as using IPSec. Host >> identification is also >>> required in IPv6 when the hosts are assigned addresses from a shared >> prefix. In most of >>> these scenarios, the hosts access the network using Wireless Local Area >> Networks, aka >>> Wi-Fi access. In case the hosts are behind a NAT box, there is a strong >> need for the host >>> identification when the host is accessing a fixed network and trying to >> place an emergency >call. >> >> It is likely given current events, that persistent identifiers visible >> to on-path observers are going to be viewed by the IETF community in >> general in an extraordinarily negative light. in particular in the IPv6 >> context I would think it antithetical to the goals of regular rotation >> of temporary/privacy or cryptographically generated addresses to retain >> host identity bindings that are visible outside a limited scope e.g. an >> l2 domain and which persist across host address changes. >> >> I understand there are privacy concerns. > But in our case, we justify it strongly on a case-by-case basis. > > In our IPv6 case, host identifier is IPv6 address and it needs to be > revealed to the edge router. We don't see any privacy issue here because > the edge router will know IPv6 address of the communicating hosts anyway. > > In our IPv4 case, the situation is that the host is in the process of > making an emergency call. The call server to which the host identity will > be revealed has to find the position of the host in order to serve the > host. > Again we don't see the same effects of revealing the host identity to any > server in this case. It is emergency call situation. Oddly I don't agree. being an emergency does not absolve us of dealing with the question of visibility on path. Of course, this brings the security of the protocols used in the solutions issue, right? We need to work on that. I believe the protocols can be made secure. > Having said the above two, I think we need to of course clarify these > issues in the drafts as much as possible. > > In case of IPv4 we have many other cases, e.g. CGA and the concerns you > mentioned could be valid to some extent, I believe those are somewhat > clarified in Med's RFCs, Med can chip in here to say more. > In terms of employing them for roaming, the question of how would they >> be generated and where who they be stored becomes germain. What >> semantics are they actually carrying and the question of persistence >> further raises the stakes with respect to revalation to remote observers. >> >> >> I think it was clarified during email discussions on the list that there > is no roaming case per se in hiaps, we do not have any case that requires a > persistent host identity during roaming. Of course we consider mobile hosts > but the identity will be different in each place. yeah that's not what I took away from the dicussion. I hope it is clarified now? > > >> _______________________________________________ >> hiaps mailing list >> hiaps@ietf.org<mailto:hiaps@ietf.org> >> https://www.ietf.org/mailman/listinfo/hiaps >> >> >
- [hiaps] with respect to the BOF request. joel jaeggli
- Re: [hiaps] with respect to the BOF request. Behcet Sarikaya
- Re: [hiaps] with respect to the BOF request. joel jaeggli
- Re: [hiaps] with respect to the BOF request. Behcet Sarikaya
- Re: [hiaps] with respect to the BOF request. Dirk.von-Hugo