[netext] Richard Barnes' Discuss on draft-ietf-netext-ani-location-08: (with DISCUSS and COMMENT)

"Richard Barnes" <rlb@ipv.sx> Thu, 05 March 2015 03:14 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: netext@ietfa.amsl.com
Delivered-To: netext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A450C1A8A9C; Wed, 4 Mar 2015 19:14:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5ON40effjBls; Wed, 4 Mar 2015 19:14:37 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FCFF1A1BCD; Wed, 4 Mar 2015 19:14:37 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "Richard Barnes" <rlb@ipv.sx>
To: "The IESG" <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.12.0.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150305031437.7587.71906.idtracker@ietfa.amsl.com>
Date: Wed, 04 Mar 2015 19:14:37 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/netext/YwcgR5dsNenZnLuAxIk7l4-t81U>
Cc: netext@ietf.org, netext-chairs@ietf.org, draft-ietf-netext-ani-location.all@ietf.org
Subject: [netext] Richard Barnes' Discuss on draft-ietf-netext-ani-location-08: (with DISCUSS and COMMENT)
X-BeenThere: netext@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "Mailing list for discusion of extensions to network mobility protocol, i.e PMIP6. " <netext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netext>, <mailto:netext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netext/>
List-Post: <mailto:netext@ietf.org>
List-Help: <mailto:netext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netext>, <mailto:netext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 03:14:38 -0000

Richard Barnes has entered the following ballot position for
draft-ietf-netext-ani-location-08: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
http://datatracker.ietf.org/doc/draft-ietf-netext-ani-location/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

(1) In Section 3.1, the "civic location" description here mentions the
use of a location URI, but there's no corresponding Format for it.  Is
that what you actually mean to have for XML Encoding (1)?  You're not
going to fit much XML in 253 octets anyway.  I would suggest having
format 0 be the RFC 4776 format, and format 1 be a URI pointing to an XML
document.

(2) It would help interoperability if you could constrain the classes of
location URI that are supported.  For example, if the mechanism in RFC
6753 is sufficient for your purposes, you could require that geolocation
values in format 1 use an HTTPS URI to be dereferenced using that
mechanism.  Likewise, unless there's a known, compelling need to support
HTTP URIs, you should require HTTPS.  The fact that you have 253 format
codes remaining means that if there are future needs for other URI types,
you can liberalize.

(3) To ensure that the location information referenced by location URIs
is protected, please comment on the assumed access control model for
these URIs.  Can anyone with the URI dereference it?  Or are they
required to be access-controlled?  Section 4 of RFC 6753 should provide a
helpful framework. 

(4) Alternatively to (2) and (3), you could just remove the option for a
XML/URI-based location altogether.  Is there a compelling use cases here
for very precise location?  Even with the 253-octet limit, the RFC 4776
format would allow you to specify down to roughly the neighborhood level
in most cases.  For example, encoding "Washington, DC 20001, US" takes
only 26 octets.  Even looking at some Japanese addresses, which are more
verbose, the examples I'm finding are still on the order of 70-100
octets.

(5) Did the WG consider constraining the set of civic address elements
that can be used?  It's not clear to me that the use cases for this
document require very granular information, e.g., to the individual
building, floor, or room.  The RFC 4776 format makes it fairly easy to
express these constraints, by saying something like "The civic addresses
carried in the civic location sub option MUST NOT contain elements other
than A1, ..., A6 and PC."


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for a good discussion of confidentiality protections in the
Security Considerations.  It would be helpful if you could also note that
another way to address the concerns here is to provision location
information at the least granular level possible.  Suggested:

"The other way to protect the sensitive location information of network
users is of course to not send it in the first places.  Users of the
civic location sub option should provision location values with the
highest possible level of granularity, e.g., to the province or city
level, rather than provisioning specific addresses.  In addition to
helping protect private information, reducing granularity will also
reduce the size of the civic location sub option."