RE: [Geopriv] Review of draft-ietf-geopriv-http-location-delivery-07
"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Tue, 27 May 2008 16:31 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4FD803A6937; Tue, 27 May 2008 09:31:43 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 46C1E3A68CB; Mon, 26 May 2008 00:17:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQkRKWlx98q7; Mon, 26 May 2008 00:17:30 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [217.115.75.233]) by core3.amsl.com (Postfix) with ESMTP id 0A5083A6A37; Mon, 26 May 2008 00:17:29 -0700 (PDT)
Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id m4Q7HT37029002 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 26 May 2008 09:17:29 +0200
Received: from demuexc022.nsn-intra.net (webmail.nsn-intra.net [10.150.128.35]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id m4Q7HA2J010864; Mon, 26 May 2008 09:17:27 +0200
Received: from demuexc024.nsn-intra.net ([10.159.32.11]) by demuexc022.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959); Mon, 26 May 2008 09:17:21 +0200
Received: from FIESEXC007.nsn-intra.net ([10.159.0.15]) by demuexc024.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.3959); Mon, 26 May 2008 09:17:20 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: [Geopriv] Review of draft-ietf-geopriv-http-location-delivery-07
Date: Mon, 26 May 2008 10:17:19 +0300
Message-ID: <C41BFCED3C088E40A8510B57B165C162062CAF@FIESEXC007.nsn-intra.net>
In-Reply-To: <20080525225416.E5B492A78AF@kilo.rtfm.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Geopriv] Review of draft-ietf-geopriv-http-location-delivery-07
Thread-Index: Aci+umLAX5fo8GawTCShJHRP4lJqCAARLgNQ
References: <20080525020040.4DE5A5081A@romeo.rtfm.com><483991AE.9060906@gmx.net><20080525182946.DF50C2A74DA@kilo.rtfm.com><4839C06C.5010506@gmx.net> <20080525225416.E5B492A78AF@kilo.rtfm.com>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Eric Rescorla <ekr@networkresonance.com>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
X-OriginalArrivalTime: 26 May 2008 07:17:20.0941 (UTC) FILETIME=[899815D0:01C8BF00]
X-TM-AS-Product-Ver: SMEX-7.0.0.1584-5.5.1026-15932.004
X-TM-AS-Result: No--12.166600-8.000000-31
X-Mailman-Approved-At: Tue, 27 May 2008 09:11:01 -0700
Cc: GEOPRIV <geopriv@ietf.org>, draft-ietf-geopriv-http-location-delivery@tools.ietf.org, secdir@mit.edu, iesg@ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Hi Ekr, ~snip~ >> > >> When you operate a network and you want this stuff to work then you >> have to consider this aspect. >> In the past a few folks have suggested to write a BCP about how >> different deployments may deal with this aspect but I believe it is >> far too early todo so for a BCP. > >The problem is that I'm not sure that this is an issue that >can be solved by the network operator. In the example I >described, it sounds to me like new protocol work may be required. So far, there was nobody who believed that new protocol work would be required. > > >> >> The reference points to the device. What the Target uses >this reference >> >> either for itself (if it wants to learn it's own >location) or (more >> >> likely) it forwards that URI to someone else, for example >to a PSAP. >> >> >> > >> > OK, but then what protocol is spoken over that URI? (see my >> > comments on S 8 below). >> > >> > >> > >> The answer is: >> >http://tools.ietf.org/id/draft-winterbottom-geopriv-deref-proto >col-00.txt > >What's the status of that document? > At the last meeting the group agreed that this document should become a WG item. I believe my co-author has submitted the document but it got stuck somewhere. Thanks for reminding me to ping my co-authors again. > >> > Well, lots of protocols would benefit from not having IP address >> > spoofing, but again, you're making a levy on network operations >> > on a global scale, no? >> > >> > >> If you want to deal with certain attacks then you may want todo >> something about it. > >Sorry, I don't think I get what you're saying here. Let me give you an example from the emergency services space where this work could be helpful. If the network operator wants to make location information available to the end host then they have various protocol choices. However, there is more beyond just using protocols we develop in the IETF, the IEEE or some other SDOs develop. You need to give the Location Server a way to perform location determination, i.e., it gets some identifier as input and then it needs to determine the physical location of that node. In some environment that's simpler than in others and it also depends on the quality of the location you would like to get back. Regardless of what identifier you pick for the lookup (let it be a MAC address, IP address, etc.) you may want to think about cases where an adversary uses an identifier of someone else. This would potentially allow him to learn location of someone other than his own location. In certain networks this might indeed be possible, for a more detailed discussion see http://www.ietf.org/internet-drafts/draft-ietf-geopriv-l7-lcp-ps-07.txt As a network operator you might want to evaluate whether your network infrastructure is vulnerable to such an attack and to take the corresponding steps to mitigate them. Ciao Hannes _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Review of draft-ietf-geopriv-http-location-delive… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Hannes Tschofenig
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Hannes Tschofenig
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: [secdir] Review of draft-ietf-geopriv-http-lo… Richard Barnes
- RE: [Geopriv] [secdir] Review ofdraft-ietf-geopri… Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [Geopriv] Review of draft-ietf-geopriv-http-l… Eric Rescorla
- RE: [Geopriv] Review of draft-ietf-geopriv-http-l… Tschofenig, Hannes (NSN - FI/Espoo)
- RE: Review of draft-ietf-geopriv-http-location-de… Mary Barnes
- Re: Review of draft-ietf-geopriv-http-location-de… Eric Rescorla
- Re: Review of draft-ietf-geopriv-http-location-de… TSG
- SHOULD vs MUST (was Re: Review of draft-ietf-geop… Lawrence Conroy
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Eric Rescorla
- RE: [Geopriv] Review of draft-ietf-geopriv-http-l… Dawson, Martin
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Dave Cridland
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Joe Abley
- Re: SHOULD vs MUST Frank Ellermann
- Re: SHOULD vs MUST (was Re: Review of draft-ietf-… Iljitsch van Beijnum
- Re: SHOULD vs MUST Fred Baker
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST John C Klensin
- Re: SHOULD vs MUST Fred Baker
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST John C Klensin
- Re: SHOULD vs MUST Scott Brim
- Re: SHOULD vs MUST Dean Willis
- Re: SHOULD vs MUST Robert Sparks
- Re: SHOULD vs MUST Dave Crocker
- Re: SHOULD vs MUST Dave Cridland
- Re: SHOULD vs MUST Iljitsch van Beijnum
- SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Eric Gray
- Re: SHOULD vs MUST case sensitivity Julian Reschke
- Re: SHOULD vs MUST case sensitivity Keith Moore
- SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST Eric Gray
- SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity C. M. Heard
- Re: SHOULD vs MUST case sensitivity Iljitsch van Beijnum
- Re: SHOULD vs MUST case sensitivity Randy Presuhn
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- Re: SHOULD vs MUST case sensitivity Randy Presuhn
- Re: SHOULD vs MUST case sensitivity Keith Moore
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Eric Gray
- Re: SHOULD vs MUST case sensitivity Spencer Dawkins
- Re: SHOULD vs MUST case sensitivity Ralph Droms
- Re: SHOULD vs MUST case sensitivity Dave Crocker
- RE: SHOULD vs MUST case sensitivity Hallam-Baker, Phillip
- Re: SHOULD vs MUST case sensitivity John Levine
- RE: SHOULD vs MUST case sensitivity Hallam-Baker, Phillip
- Re: SHOULD vs MUST case sensitivity John Leslie
- RE: Review of draft-ietf-geopriv-http-location-de… Mary Barnes