Re: [IPFIX] Review of draft-irtf-nmrg-location-ipfix-07.txt

Stewart Bryant <> Wed, 23 November 2016 11:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CA000129C7F; Wed, 23 Nov 2016 03:02:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id q0yKuII6C-jU; Wed, 23 Nov 2016 03:02:43 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9CCC8129C8F; Wed, 23 Nov 2016 03:02:35 -0800 (PST)
Received: by with SMTP id t79so18336330wmt.0; Wed, 23 Nov 2016 03:02:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=cuRSLhFuI5HIREZpWWc5iHc0FHNfbUEqBwhzjq7LqGo=; b=erbVWbRsBNrpJTy4cnRXlOCtcNaNVfJxJmBxxLaaya8r4MOVaKEAO717Wn6B2CUfQ8 W7MfdnMNe8nZgtDAkK7k/CLWYgyOJ2vggt6HnsJowSfybveO4jLXITXIAlqgcm2ZGzGG DjjxeVlOvxWSM547Pm5GIeI0bWxmOUeylw4Mi7uoQl4Kz8hE78+vR1ZJe3AgQ4LA5vhk bxAIZJneN760UyJ5Qo7blQ7Zh4FLMvw2u6FLwAbGRlquv07C+ZqLCdudfVmWFoMSb0cT xr8p/koiUiXtgZgKP7E1JwyV5r+rEGsz7tAAXcLAKTb6bAt7mpCtMow+ZdmjBlYW4sL3 Lxfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=cuRSLhFuI5HIREZpWWc5iHc0FHNfbUEqBwhzjq7LqGo=; b=MCHBVrJARGt6l2hNC1vOBRRK17tbink9KPMI8FM9riQzaGWfoML7t76yZ81uZtvN4J FW7IBmAEFkG9sWXq6L+dcwqF3tvHT4D3q3JY96HAz9I+xT1mD4vfDi4CWyStpTHdRciO coIV8H8JNzyADsDZ91bxaeGW58Ol2+qHbJVihLlNckZ9CchVitFpylzjTv/cJiOpi5hK 6piHboSYlw3aDDx/Qd76dDWTVOcXA0FSWkuOuoq+FlUyynbvAG4htKQSWVdoKc1pXimS PUHWhqTHTfuEheaVGWQahS/bM0BehHwaIpnG9AHpKDgPIIz1PxSyDcaq+3TpfzaXhS94 g9zA==
X-Gm-Message-State: AKaTC012zqKmQUEb2XCFkxZs1ETXiGd1wCcSY5XGvD/Bk/7r3rso4R3GvDcsSTIiFHlr/Q==
X-Received: by with SMTP id k64mr6994418wme.69.1479898954215; Wed, 23 Nov 2016 03:02:34 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id js10sm35741677wjb.19.2016. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Nov 2016 03:02:33 -0800 (PST)
To: Zhoutianran <>, "" <>
References: <>
From: Stewart Bryant <>
Message-ID: <>
Date: Wed, 23 Nov 2016 11:02:31 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Cc: "" <>, "" <>, "" <>
Subject: Re: [IPFIX] Review of draft-irtf-nmrg-location-ipfix-07.txt
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IPFIX WG discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 23 Nov 2016 11:02:46 -0000

Collecting this data is not particularly difficult, but protecting the 
privacy is much harder and will, I imagine be subject to significant 
scrutiny as the draft progresses.

It seems to me that there are security and privacy issues concerning 
both the traffic and the collector itself. The privacy of the user is a 
widely understood concept and will I am sure be thoroughly examined in 
review. In the case of the collector I am not convinced that it is wise 
to reveal the precise location of the network infrastructure since this 
could result in it being subject to physical attack.

An approach that you do not seem to explore is encrypting the location 
record so that this can only be understood by those that are authorised 
to see it. Indeed there is a case for something analogous to the 
selective availability system in GPS whereby the location is provided 
with different degrees of precision depending on the authority of the user.

- Stewart

On 23/11/2016 02:33, Zhoutianran wrote:
> Hi,
> Though IPFIX is concluded, could the IPFIX experts in this mailing list please help to provide comments for this I-D?
> It seems this work has a long history. Your help will push this work a step forward.
> Thanks,
> Tianran
> _______________________________________________
> IPFIX mailing list