RE: [paws] WG Review: Protocol to Access White Space database (paws)
<scott.probasco@nokia.com> Thu, 21 April 2011 13:06 UTC
Return-Path: <scott.probasco@nokia.com>
X-Original-To: ietf@ietfc.amsl.com
Delivered-To: ietf@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 8D4BCE0775; Thu, 21 Apr 2011 06:06:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level:
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzDQBNbkpT1f; Thu, 21 Apr 2011 06:06:13 -0700 (PDT)
Received: from mgw-da01.nokia.com (smtp.nokia.com [147.243.128.24]) by ietfc.amsl.com (Postfix) with ESMTP id 46419E076F; Thu, 21 Apr 2011 06:06:13 -0700 (PDT)
Received: from vaebh106.NOE.Nokia.com (vaebh106.europe.nokia.com [10.160.244.32]) by mgw-da01.nokia.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p3LD5IIu020071; Thu, 21 Apr 2011 16:05:49 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.5]) by vaebh106.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Thu, 21 Apr 2011 16:05:20 +0300
Received: from 008-AM1MMR1-002.mgdnok.nokia.com (65.54.30.57) by NOK-am1MHUB-01.mgdnok.nokia.com (65.54.30.5) with Microsoft SMTP Server (TLS) id 8.2.255.0; Thu, 21 Apr 2011 15:05:19 +0200
Received: from 008-AM1MPN1-023.mgdnok.nokia.com ([169.254.3.210]) by 008-AM1MMR1-002.mgdnok.nokia.com ([65.54.30.57]) with mapi id 14.01.0289.008; Thu, 21 Apr 2011 15:05:16 +0200
From: scott.probasco@nokia.com
To: acooper@cdt.org
Subject: RE: [paws] WG Review: Protocol to Access White Space database (paws)
Thread-Topic: [paws] WG Review: Protocol to Access White Space database (paws)
Thread-Index: AQHL/rLA5Czj0i0wfE+ujEk1m1AO2ZRlknOAgAE/lXCAATXygIAAQm6A
Date: Thu, 21 Apr 2011 13:05:15 +0000
Message-ID: <88BE24FD9280884487DEAE0CE1FD3A5B06182F@008-AM1MPN1-023.mgdnok.nokia.com>
References: <20110419165634.CD24CE07CF@ietfc.amsl.com> <4DADFE6D.3050107@cs.tcd.ie> <88BE24FD9280884487DEAE0CE1FD3A5B060F1B@008-AM1MPN1-023.mgdnok.nokia.com> <F4035489-7D81-47C9-BE99-3D9DCF1637FA@cdt.org>
In-Reply-To: <F4035489-7D81-47C9-BE99-3D9DCF1637FA@cdt.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-titus-version: 3.2.55
x-tituslabs-classifications-30: TLPropertyRoot=Trial License; Classification=Personal;
x-putclassificationandsendinfointox-header: Classification: Personal Project: Subject: RE: [paws] WG Review: Protocol to Access White Space database (paws) Sender Name: Probasco Scott (Nokia-CIC/Dallas) Sender Email: scott.probasco@nokia.com Send Date: Thursday, April 21, 2011 Send Time: 8:05:10 AM
x-originating-ip: [10.243.2.236]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 21 Apr 2011 13:05:20.0115 (UTC) FILETIME=[C46C3430:01CC0024]
X-Nokia-AV: Clean
X-Mailman-Approved-At: Thu, 21 Apr 2011 08:34:12 -0700
Cc: paws@ietf.org, iesg@ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2011 13:06:14 -0000
Hi, I agree with the concept, just want to be sure the PAWS is not expected to develop these security mechanisms (i.e. the tools) as contrasted to including or using in PAWS the security tools developed by appropriate expert groups. "Inclusion of robust security mechanisms is required:..." ?? Regards, Scott -----Original Message----- From: ext Alissa Cooper [mailto:acooper@cdt.org] Sent: Thursday, April 21, 2011 6:01 AM To: Probasco Scott (Nokia-CIC/Dallas) Cc: stephen.farrell@cs.tcd.ie; ietf@ietf.org; paws@ietf.org; iesg@ietf.org Subject: Re: [paws] WG Review: Protocol to Access White Space database (paws) On Apr 20, 2011, at 3:41 PM, <scott.probasco@nokia.com> <scott.probasco@nokia.com> wrote: > Hi Stephen, All, > > I believe the current wording >>> Robust security mechanisms are required to prevent: >>> device identity spoofing, modification of device requests, modification >>> of channel enablement information, ... > is acceptable because "mechanisms are required" means they should be in the protocol, it does not mean they cannot be optional. PAWS should support Regulator requirements globally, and thus I believe there will be procedures or capabilities which are "required" to be in the protocol but will be "optional" during run time. Thus different or conflicting requirements from different regions of the world can be supported. (Several regulatory groups around the world are still developing their views and requirements). > Agreed on this point, although I think the charter could make it a little less ambiguous by saying "Development of robust security mechanisms is required . . .," that way it's not indicating that the actual mechanisms themselves will always be required. Given that device identity will have to be shared in some circumstances, I would also add its protection to the end of the list of mechanisms: Development of security mechanisms is required to prevent: device identity spoofing, modification of device requests, modification of channel enablement information, impersonation of registered database services and unauthorized disclosure of a user's location and/or device identity. Alissa > It's not the time to dig deep into proposed solutions, just my opinion is the current proposed wording is an acceptable definition to allow a Work Group to get started defining the details. > > Regards, > Scott > > -----Original Message----- > From: paws-bounces@ietf.org [mailto:paws-bounces@ietf.org] On Behalf Of ext Stephen Farrell > Sent: Tuesday, April 19, 2011 4:28 PM > To: IETF-Discussion > Cc: paws@ietf.org; iesg@ietf.org > Subject: Re: [paws] WG Review: Protocol to Access White Space database (paws) > > > I think this is a good and timely thing for the IETF to do. > > One part of this where I think it might be useful to get > some broader input (which may have happened already, I'm not > sure) is the following: > > On 19/04/11 17:56, IESG Secretary wrote: >> The protocol must protect both the channel enablement process and the >> privacy of users. > > That part is fine but it goes on to say: > >> Robust security mechanisms are required to prevent: >> device identity spoofing, modification of device requests, modification >> of channel enablement information, ... > > I'm told (and believe) this in response to (at least) US > FCC requirements that call for a device ID and sometimes > serial number to be (securely, for some value of securely) > sent with the query. > > Those appear to be real regulatory requirements in the > US, presumably so the regulator can stomp on someone who > messes about in the wrong spectrum at the wrong time. > (The link below [1] may be to the right or wrong bit of > those US regulations, I'm not at all sure, not being > from there;-) > > So my questions: > > Are there may be similar (or conflicting!) requirements > elsewhere? > > Does this bit of the charter text need changes to work > well for other regions? > > Separately, I'm not sure how to square those kinds of > regulatory requirements with protecting privacy where the > device is carried by a person and has some FCC device ID > (which lots do I guess) and the person might not want > the database operator to know who's asking. But I think > that's ok as something for the WG to figure out since > the charter already calls for respecting privacy. > > I'm more concerned in case e.g. some other regional regulation > called for this protocol to be completely anonymous or > something, in which case the current charter text might > be problematic. > > Cheers, > Stephen. > > [1] > http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?c=ecfr&sid=3e9c322addf1f7e897d8c84a6c7aca78&rgn=div8&view=text&node=47:1.0.1.1.14.8.243.9&idno=47 > _______________________________________________ > paws mailing list > paws@ietf.org > https://www.ietf.org/mailman/listinfo/paws > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf >
- Re: [paws] WG Review: Protocol to Access White Sp… Joel M. Halpern
- Re: [paws] WG Review: Protocol to Access White Sp… Peter Saint-Andre
- Re: WG Review: Protocol to Access White Space dat… Stephen Farrell
- Re: [paws] WG Review: Protocol to Access White Sp… Joel M. Halpern
- Re: [paws] WG Review: Protocol to Access White Sp… Joel M. Halpern
- Re: [paws] WG Review: Protocol to Access White Sp… Alexey Melnikov
- Re: [paws] WG Review: Protocol to Access White Sp… Andrew Sullivan
- RE: [paws] WG Review: Protocol to Access White Sp… Bernard Aboba
- Re: [paws] WG Review: Protocol to Access White Sp… Joel M. Halpern
- RE: [paws] WG Review: Protocol to Access White Sp… Paul Lambert
- Re: [paws] WG Review: Protocol to Access White Sp… Rex Buddenberg
- RE: [paws] WG Review: Protocol to Access White Sp… scott.probasco
- Re: [paws] WG Review: Protocol to Access White Sp… t.petch
- Re: [paws] WG Review: Protocol to Access White Sp… Cullen Jennings
- Re: [paws] WG Review: Protocol to Access White Sp… Alissa Cooper
- RE: [paws] WG Review: Protocol to Access White Sp… scott.probasco
- Re: [paws] WG Review: Protocol to Access White Sp… Glen Zorn