Re: [netext] Richard Barnes' Discuss on draft-ietf-netext-ani-location-08: (with DISCUSS and COMMENT)

Brian Haberman <> Thu, 05 March 2015 15:14 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A36F81A0BE8; Thu, 5 Mar 2015 07:14:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wyTICyIeJ_2j; Thu, 5 Mar 2015 07:14:39 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CB6F31A0389; Thu, 5 Mar 2015 07:13:16 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTP id A18FD88154; Thu, 5 Mar 2015 07:13:16 -0800 (PST)
Received: from clemson.local (unknown []) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTP id CFE181368260; Thu, 5 Mar 2015 07:13:15 -0800 (PST)
Message-ID: <>
Date: Thu, 05 Mar 2015 10:13:09 -0500
From: Brian Haberman <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Richard Barnes <>, The IESG <>
References: <>
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7Rivr6o4OF57DJaa6fqj7I1fklvI0gJJc"
Archived-At: <>
Subject: Re: [netext] Richard Barnes' Discuss on draft-ietf-netext-ani-location-08: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for discusion of extensions to network mobility protocol, i.e PMIP6. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Mar 2015 15:14:42 -0000

Hi Richard,

On 3/4/15 10:14 PM, Richard Barnes wrote:
> Richard Barnes has entered the following ballot position for
> draft-ietf-netext-ani-location-08: Discuss
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to
> for more information about IESG DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> (1) In Section 3.1, the "civic location" description here mentions the
> use of a location URI, but there's no corresponding Format for it.  Is
> that what you actually mean to have for XML Encoding (1)?  You're not
> going to fit much XML in 253 octets anyway.  I would suggest having
> format 0 be the RFC 4776 format, and format 1 be a URI pointing to an XML
> document.

Just on the above point...

I had a comment during my AD Evaluation on 3.1 and got this response:

>> 2. In Section 3.1, the civic location field is limited to 253 bytes.
>> Given that there are civic locations that exceed that length, can you
>> provide a brief justification for that limit?

> This is a good question. The practical reason for 253 bytes is that
> the ANI length field is one byte.
> However, the DHCPv4 Civic Location also has a one byte length, so we
> felt it was reasonable.
> For longer length, a PIDF location URI could be used (a URI that would
> dereference to a location object).
> Potentially, we can add text around how the 253 byte limit could be
> handled for long civic locations.

So, I do not envision 253 bytes of XML.  However, your point about
clarifying the format is a good one.

The rest of your points I will leave to the authors.


> (2) It would help interoperability if you could constrain the classes of
> location URI that are supported.  For example, if the mechanism in RFC
> 6753 is sufficient for your purposes, you could require that geolocation
> values in format 1 use an HTTPS URI to be dereferenced using that
> mechanism.  Likewise, unless there's a known, compelling need to support
> HTTP URIs, you should require HTTPS.  The fact that you have 253 format
> codes remaining means that if there are future needs for other URI types,
> you can liberalize.
> (3) To ensure that the location information referenced by location URIs
> is protected, please comment on the assumed access control model for
> these URIs.  Can anyone with the URI dereference it?  Or are they
> required to be access-controlled?  Section 4 of RFC 6753 should provide a
> helpful framework. 
> (4) Alternatively to (2) and (3), you could just remove the option for a
> XML/URI-based location altogether.  Is there a compelling use cases here
> for very precise location?  Even with the 253-octet limit, the RFC 4776
> format would allow you to specify down to roughly the neighborhood level
> in most cases.  For example, encoding "Washington, DC 20001, US" takes
> only 26 octets.  Even looking at some Japanese addresses, which are more
> verbose, the examples I'm finding are still on the order of 70-100
> octets.
> (5) Did the WG consider constraining the set of civic address elements
> that can be used?  It's not clear to me that the use cases for this
> document require very granular information, e.g., to the individual
> building, floor, or room.  The RFC 4776 format makes it fairly easy to
> express these constraints, by saying something like "The civic addresses
> carried in the civic location sub option MUST NOT contain elements other
> than A1, ..., A6 and PC."
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> Thanks for a good discussion of confidentiality protections in the
> Security Considerations.  It would be helpful if you could also note that
> another way to address the concerns here is to provision location
> information at the least granular level possible.  Suggested:
> "The other way to protect the sensitive location information of network
> users is of course to not send it in the first places.  Users of the
> civic location sub option should provision location values with the
> highest possible level of granularity, e.g., to the province or city
> level, rather than provisioning specific addresses.  In addition to
> helping protect private information, reducing granularity will also
> reduce the size of the civic location sub option."