IETF Logo Mail Archive

Re: [paws] Kathleen Moriarty's Discuss on draft-ietf-paws-protocol-14: (with DISCUSS)

Vincent Chen <vchen@google.com> Thu, 21 August 2014 21:57 UTC

Return-Path: <vchen@google.com>
X-Original-To: paws@ietfa.amsl.com
Delivered-To: paws@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F02141A0B7A for <paws@ietfa.amsl.com>; Thu, 21 Aug 2014 14:57:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.046
X-Spam-Level:
X-Spam-Status: No, score=-2.046 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7gFCENWClory for <paws@ietfa.amsl.com>; Thu, 21 Aug 2014 14:57:27 -0700 (PDT)
Received: from mail-vc0-x22c.google.com (mail-vc0-x22c.google.com [IPv6:2607:f8b0:400c:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EED2B1A0B74 for <paws@ietf.org>; Thu, 21 Aug 2014 14:57:26 -0700 (PDT)
Received: by mail-vc0-f172.google.com with SMTP id im17so11478492vcb.31 for <paws@ietf.org>; Thu, 21 Aug 2014 14:57:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=SHkz6dA9yO1U1BfauDg5eIPyyn0+dShG4tt4GmnjM/0=; b=BYBqvHKFtnlPgzqIaOrDpV5LStiNCa2DdJjwh5r8DyZ3DS8rfdrcg2zvD5S9Gm78k7 3CfOuPgAKe16DqyVmh+UJwDqqUf5fX/JGHdyziKAePrjgcaRuvxGW6oVJBRv9FgcoTBt J/WAH7uOEJXIOBGDa6xQuRHj+yz7RjONLwH5+S2S2suQ4IILmwBlgp9+MZJqCzzqKq+U 7by6BSj23r1GbHnGH3f2r8VZHDO3R6ZDEHdhNn0K6HTCdUC1eacFPVhq0qO1TmPOgIA/ 4QvFR4LvT95b4lqjZy0ZZpRMaCITayKVOdegsYgXu+ieUAKt1xzSYn3eAnGzzbbNpuT5 IDeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=SHkz6dA9yO1U1BfauDg5eIPyyn0+dShG4tt4GmnjM/0=; b=kF/lQlFU5imy4iQ2X5/DsX29sjVk4I6sO1psQRp7a9t/sOWfoarlKJXGtQAxlfKOes GBaqT04jozP+CLCYax4DdwugjWX4o1q1sZTiV/MSclxe93U0sO6olrBrG/rRWpsYUANl p/E8xcxrdjaLZ5CRHtqYfwJi/CctPqi5IKVNKwULEF96QAdmB3mGTucyPt2Jwa12Z/ho naTXsMOGGVBie0U3J2FDg2nxOCOL6HVhiU0TFsaJs7U3u+C12uFmz3tRv6mMdcqBmmSS rVOPgKt30HnOoeesLXJmQbTMN8ZMpFx7m2xoTUJn57XrFruANi+Y5a7KiF4ENiKNWoGd XIXQ==
X-Gm-Message-State: ALoCoQkd9opbxuuE0k59l8e12aVQyvGap9HQ4/nJSyGZReYvf/7FtwhvbxxqHQ38cdDOMDh2kHwF
MIME-Version: 1.0
X-Received: by 10.220.251.200 with SMTP id mt8mr970023vcb.24.1408658246021; Thu, 21 Aug 2014 14:57:26 -0700 (PDT)
Received: by 10.52.177.226 with HTTP; Thu, 21 Aug 2014 14:57:25 -0700 (PDT)
In-Reply-To: <CAHbuEH7QKK7+eH6tmuiUb5jhHxWrK8_JrW2N3_EOjMkgfMcQdQ@mail.gmail.com>
References: <20140820203127.25270.64032.idtracker@ietfa.amsl.com> <53F50D2D.2010203@qti.qualcomm.com> <CAHbuEH4RsF4kkUd8qO+bsCbzs6xRB=TL6hg2GyGWKf8OvJjViw@mail.gmail.com> <CABEV9RP7Dzk46JsUQ15z8kMvTGNOUCUjWmzQkVGyQbnjpvkLRA@mail.gmail.com> <CAHbuEH4+=tUQNRmURd3r047UYhSe=LPyJVZUEq4X+uYDMOaWrw@mail.gmail.com> <CAHbuEH7Ms5QuMwgFXy9OuXTcgvGR-9AyDJMnX-T7qEHema84-Q@mail.gmail.com> <CABEV9RPHCq14oF9CYdVmn0NHaqfQf1mton0WE9-Hn1zMCHyfqw@mail.gmail.com> <CAHbuEH5DSi86tndZLXRqJzkS4pGTp3vSpZKU2tnja2Y1nN0ScQ@mail.gmail.com> <53F64D64.8050002@cs.tcd.ie> <CAHbuEH6X=THkNCephbYA6Yp2k5T6_Wkby1b5A-_O=9tnzUe42w@mail.gmail.com> <CAHbuEH7QKK7+eH6tmuiUb5jhHxWrK8_JrW2N3_EOjMkgfMcQdQ@mail.gmail.com>
Date: Thu, 21 Aug 2014 14:57:25 -0700
Message-ID: <CABEV9ROeCqnArD7dUsXthKkQtG3ik02Qif330eU-zDQfOGy9ng@mail.gmail.com>
From: Vincent Chen <vchen@google.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="089e0122f0985d5fb305012ace7d"
Archived-At: http://mailarchive.ietf.org/arch/msg/paws/GyfLTPq_TYGDxEDeT86ThmBMx18
Cc: "paws-chairs@tools.ietf.org" <paws-chairs@tools.ietf.org>, Pete Resnick <presnick@qti.qualcomm.com>, "paws@ietf.org" <paws@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-paws-protocol@tools.ietf.org
Subject: Re: [paws] Kathleen Moriarty's Discuss on draft-ietf-paws-protocol-14: (with DISCUSS)
X-BeenThere: paws@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Protocol to Access White Space database \(PAWS\)" <paws.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/paws>, <mailto:paws-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/paws/>
List-Post: <mailto:paws@ietf.org>
List-Help: <mailto:paws-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/paws>, <mailto:paws-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Aug 2014 21:57:31 -0000

Stephen, Kathleen,

A Spectrum Database is not a typical database; "full contents" is not well
defined.

In practice, available spectrum needs to be computed on each query, based
on the device's
location (and device type) and a host of other stored information about
location and spectrum usage
of "protected" entities, such as TV stations, wireless mics of theaters,
stadiums, etc.

The reason to use a Database is not that the data is sensitive in any way,
but that the Database has
been certified to be able to compute accurate answers, based on algorithms
and rules defined
by a regulator.

There's no other data that can be accessed...it's just the results of its
computations.

> Just to be clear - As I understand it now, the database may have
sensitive information, but the interface via PAWS only
> allows access to data that is not sensitive.  If you can query it, it is
public.  If you have database access or other extensions
> are written, then it could be possible to get access to sensitive data.

As mentioned elsewhere, I will add a statement to Section 8 to put some
limits on extensions.

-vince


On Thu, Aug 21, 2014 at 12:54 PM, Kathleen Moriarty <
kathleen.moriarty.ietf@gmail.com> wrote:

>
>
>
> On Thu, Aug 21, 2014 at 3:51 PM, Kathleen Moriarty <
> kathleen.moriarty.ietf@gmail.com> wrote:
>
>>
>>
>>
>> On Thu, Aug 21, 2014 at 3:49 PM, Stephen Farrell <
>> stephen.farrell@cs.tcd.ie> wrote:
>>
>>>
>>> Hiya,
>>>
>>> On 21/08/14 20:44, Kathleen Moriarty wrote:
>>> > OK, this isn't my area of expertise, so I didn't read it the same way
>>> in
>>> > that information was limited to requests of public data.
>>> >
>>>
>>> Nothing really to do with IESG processing of this but I'm
>>> curious...
>>>
>>> Is the full DB information really considered public?
>>
>>
>> I'm glad it wasn't just me ;-)  Maybe stating that explicitly would be
>> good.
>>
>> My
>>> impression was rather that trying to extract the full DB
>>> of information via repeated queries would be frowned upon.
>>>
>> Just to be clear - As I understand it now, the database may have
> sensitive information, but the interface via PAWS only allows access to
> data that is not sensitive.  If you can query it, it is public.  If you
> have database access or other extensions are written, then it could be
> possible to get access to sensitive data.
>
>>
>>> S.
>>>
>>
>>
>>
>> --
>>
>> Best regards,
>> Kathleen
>>
>
>
>
> --
>
> Best regards,
> Kathleen
>



-- 
-vince

v2.23.0 | Report a Bug | By Email