Re: [secdir] Review of draft-ietf-geopriv-http-location-delivery-07
Richard Barnes <rbarnes@bbn.com> Mon, 26 May 2008 00:50 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A2EDE3A6A48; Sun, 25 May 2008 17:50:00 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5297A3A680D; Sun, 25 May 2008 17:49:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.299
X-Spam-Level:
X-Spam-Status: No, score=-1.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eaOXml7y+IIN; Sun, 25 May 2008 17:49:58 -0700 (PDT)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 48C593A67EB; Sun, 25 May 2008 17:49:58 -0700 (PDT)
Received: from [128.89.252.139] (helo=[127.0.0.1]) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <rbarnes@bbn.com>) id 1K0QuL-0004IN-5Q; Sun, 25 May 2008 20:49:50 -0400
Message-ID: <483A092B.10105@bbn.com>
Date: Sun, 25 May 2008 20:49:47 -0400
From: Richard Barnes <rbarnes@bbn.com>
User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
MIME-Version: 1.0
To: Eric Rescorla <ekr@networkresonance.com>
Subject: Re: [secdir] Review of draft-ietf-geopriv-http-location-delivery-07
References: <20080525020040.4DE5A5081A@romeo.rtfm.com> <483991AE.9060906@gmx.net> <20080525182946.DF50C2A74DA@kilo.rtfm.com> <4839C06C.5010506@gmx.net> <20080525225416.E5B492A78AF@kilo.rtfm.com>
In-Reply-To: <20080525225416.E5B492A78AF@kilo.rtfm.com>
Cc: GEOPRIV <geopriv@ietf.org>, ietf@ietf.org, secdir@mit.edu, draft-ietf-geopriv-http-location-delivery@tools.ietf.org, iesg@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
>>>>> $Id: draft-ietf-geopriv-http-location-delivery-07-rev.txt,v 1.1 2008/05/24 15:03:19 ekr Exp $ >>>>> >>>>> S 4.3.1. >>>>> Devices that establish VPN connections for use by other devices >>>>> inside a LAN or other closed network could serve as a LIS, that >>>>> implements the HELD protocol, for those other Devices. Devices >>>>> within the closed network are not necessarily able to detect the >>>>> presence of the VPN and rely on the VPN device. To this end, a VPN >>>>> device should provide the address of the LIS server it provides, in >>>>> response to discovery queries, rather than passing such queries >>>>> through the VPN tunnel. >>>>> >>>>> How do you envision this happening? Isn't this going to require >>>>> changing every VPN protocol? I think some more text would be >>>>> appropriate here... >>>>> >>>>> >>>>> >>>> It requires location information to be obtained before the tunnel is setup. >>>> >>> OK, but I still don't understand how this is going to work. Say that >>> I'm on a local network with a DHCP server and the VPN server is a couple >>> of hops away. How does the VPN device "provide the address of the LIS >>> server" to me? >>> >>> >>> >> When you operate a network and you want this stuff to work then you have >> to consider this aspect. >> In the past a few folks have suggested to write a BCP about how >> different deployments may deal with this aspect but I believe it is far >> too early todo so for a BCP. > > The problem is that I'm not sure that this is an issue that can be solved > by the network operator. In the example I described, it sounds to > me like new protocol work may be required. The current document specifies the use of HELD as a protocol between an endpoint and its local network (i.e., as a location configuration protocol). In that sense, the use case you mention doesn't arise, or rather, the use case can be worked around by appropriate configuration of the LIS by the access network operator (to know how network segments are connected on the VPN). I think this issue merits more of an applicability statement than new protocol work. >>> Well, lots of protocols would benefit from not having IP address >>> spoofing, but again, you're making a levy on network operations >>> on a global scale, no? >>> >>> >> If you want to deal with certain attacks then you may want todo >> something about it. > > Sorry, I don't think I get what you're saying here. What the document is trying to say is that because HELD uses the requestor's IP address as a location identifier, if the LIS is trying to assure that location is actually only provided to the host that originates a request, then it must have assurance that the source IP address of the request is that of the originator, i.e., that the source address of the request has not been spoofed. If there is no requirement for that level of assurance, then there is no requirement for anti-spoofing. On the other hand, given that the LIS is notionally operated by the access network operator, this is actually a local requirement: If you, the network/LIS operator, require this degree of assurance then you MUST implement measures to prevent IP address spoofing. (Note, however, the conditionality.) --Richard _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Review of draft-ietf-geopriv-http-location-delive… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Hannes Tschofenig
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Hannes Tschofenig
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: [secdir] Review of draft-ietf-geopriv-http-lo… Richard Barnes
- RE: [Geopriv] [secdir] Review ofdraft-ietf-geopri… Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [Geopriv] Review of draft-ietf-geopriv-http-l… Eric Rescorla
- RE: [Geopriv] Review of draft-ietf-geopriv-http-l… Tschofenig, Hannes (NSN - FI/Espoo)
- RE: Review of draft-ietf-geopriv-http-location-de… Mary Barnes
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… TSG
- SHOULD vs MUST (was Re: Review of draft-ietf-geop… Lawrence Conroy
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Eric Rescorla
- RE: [Geopriv] Review of draft-ietf-geopriv-http-l… Dawson, Martin
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Dave Cridland
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Joe Abley
- Re: SHOULD vs MUST Frank Ellermann
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Iljitsch van Beijnum
- Re: SHOULD vs MUST Fred Baker
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST John C Klensin
- Re: SHOULD vs MUST Fred Baker
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST John C Klensin
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST Dean Willis
- Re: SHOULD vs MUST Robert Sparks
- Re: SHOULD vs MUST Dave Crocker
- Re: SHOULD vs MUST Dave Cridland
- Re: SHOULD vs MUST Iljitsch van Beijnum
- SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Eric Gray
- Re: SHOULD vs MUST case sensitivity Julian Reschke
- Re: SHOULD vs MUST case sensitivity Keith Moore
- SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST Eric Gray
- SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity C. M. Heard
- Re: SHOULD vs MUST case sensitivity Iljitsch van Beijnum
- Re: SHOULD vs MUST case sensitivity Randy Presuhn
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity Randy Presuhn
- Re: SHOULD vs MUST case sensitivity Keith Moore
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Eric Gray
- Re: SHOULD vs MUST case sensitivity Spencer Dawkins
- Re: SHOULD vs MUST case sensitivity Ralph Droms
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Hallam-Baker, Phillip
- Re: SHOULD vs MUST case sensitivity John Levine
- RE: SHOULD vs MUST case sensitivity Hallam-Baker, Phillip
- Re: SHOULD vs MUST case sensitivity John Leslie
- RE: Review of draft-ietf-geopriv-http-location-de… Mary Barnes