[paws] Alissa Cooper's Discuss on draft-ietf-paws-protocol-14: (with DISCUSS and COMMENT)
"Alissa Cooper" <alissa@cooperw.in> Wed, 20 August 2014 16:52 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: paws@ietfa.amsl.com
Delivered-To: paws@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E74C1A049D; Wed, 20 Aug 2014 09:52:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.1
X-Spam-Level:
X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GVWVA8Vtbmbv; Wed, 20 Aug 2014 09:52:39 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D98701A04A7; Wed, 20 Aug 2014 09:52:36 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alissa Cooper <alissa@cooperw.in>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.2.p5
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140820165236.31862.86067.idtracker@ietfa.amsl.com>
Date: Wed, 20 Aug 2014 09:52:36 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/paws/Yjj9knK6CDyyp7HBgZJYcguX8eo
Cc: paws@ietf.org, paws-chairs@tools.ietf.org, draft-ietf-paws-protocol@tools.ietf.org
Subject: [paws] Alissa Cooper's Discuss on draft-ietf-paws-protocol-14: (with DISCUSS and COMMENT)
X-BeenThere: paws@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "Protocol to Access White Space database \(PAWS\)" <paws.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/paws>, <mailto:paws-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/paws/>
List-Post: <mailto:paws@ietf.org>
List-Help: <mailto:paws-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/paws>, <mailto:paws-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 16:52:40 -0000
Alissa Cooper has entered the following ballot position for draft-ietf-paws-protocol-14: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: http://datatracker.ietf.org/doc/draft-ietf-paws-protocol/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I'm glad this work is being done in the IETF, thanks for all your effort. A couple of my points below have overlaps with some of Stephen's points. = Shepherd write-up = "Yes, there were 2 IPR disclosures filed that reference this document. They were discussed in the WG, and nobody came forward to say that they'd like to change anything in the document because of the disclosures." But there are 3 IPR disclosures in the tracker, not 2. Were all three discussed in the WG? = Section 4.1 = "A Database MAY change its URI, but before it changes its URI, it MUST indicate so by including the URI of one or more alternate databases using DbUpdateSpec (Section 5.7) in its responses to devices." The behavior here seems ambiguous. Does the database need to send responses containing the updated URI to all devices it has ever communicated with, or all registered devices, before it can actually change the URI? Does the database even maintain such lists? If not, how many such responses does it need to send out before changing its URI, or how long does it need to wait? Just saying that sending the new URI needs to happen "before" the URI changes does not seem specific enough for devices to know whether the URI has changed, or for databases to know when they can disable an old URI or stop sending the DbUpdateSpec indication. = Section 4.5 = These two sentences seem to contradict each other: "The device identifier, capabilities, and characteristics communicated in the AVAIL_SPECTRUM_REQ message MUST be those of the Slave Device, but the location MUST be that of the Master Device." "When the request is made by the Master Device on behalf of a Slave Device, the location is that of the Slave Device and it is OPTIONAL (see also masterDeviceLocation)." Perhaps this can be solved by making the reference to "the location" in the first sentence more specific -- the masterDeviceLocation -- but I'm not really sure from reading the text. Then later in the section, I started getting even more confused by this: "When the request is made by the Master Device on behalf of a Slave Device, the location is that of the Slave Device and it is OPTIONAL (see also masterDeviceLocation). ... masterDeviceLocation: When the request is made by the Master Device on behalf of a Slave Device, the Master Device MAY provide its own GeoLocation (Section 5.1)." Does this mean it's acceptable for a Master device acting on behalf of a Slave device to send neither the Slave device location (in the location parameter) nor the Master device location (in the masterDeviceLocation parameter)? I believe that the current text allows this. If so, why is location required in the registration step (and in batch available spectrum requests) but not in the available spectrum step? Seems like it should be the other way around -- that a device could register without specifying its location, but not request available spectrum without it. If the above interpretation was not intended, something needs to be fixed in one part or the other of the above text to indicate that either the Master device location or the Slave device location (or both) must be present in the request. The same issue arises in Section 4.5.5. = Section 5.1 = I'd like to discuss why the single point location format needs to be supported here. Is it really the case that a portion of whitespace spectrum will ever be available only at a single point, as opposed to a region? If not, it seems like sending a point (and, moreover, allowing region to be unsupported but not point) divulges more precise information about the requesting device than is ever actually necessary to fulfill the goals of this protocol. Do regulators require a single point? Why? = Section 5.2 = I'd like to discuss why the device serial number needs to be included in the device descriptor, rather than some (perhaps persistent) randomly generated device identifier that is used only in the context of this protocol (which would better protect the privacy of the user of the device, since the whitespaces database administrator wouldn't be able to correlate the device's spectrum requests with other activities linked to the serial number). It's not really clear why serial number is collected since both this document and RFC 6953 note the protocol does not defend against abuse or mis-use of spectrum. I'm asking the above two questions in light of requirement P.7 from RFC 6953, "The PAWS protocol SHOULD support privacy-sensitive handling of device-provided data where such protection is feasible, allowed, and desired." A separate interesting question that does not seem to be addressed anywhere in the draft is whether a device can be fingerprinted by the database operator by virtue of the collection of elements it sends (rulesetIds, manufacturer, model, antenna characteristics, device capabilities, etc.) even if it doesn't send a serial number or device owner information that uniquely identify it. That seems worth discussion in Section 10. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- = Shepherd write-up= "An in-depth review by a JSON expert might be useful." Did that happen? = Section 1 = "It opens the door for innovations in spectrum management that can incorporate a variety of parameters, including user location and time. In the future, it also can include other parameters, such as user priority, time, signal type and power, spectrum supply and demand, payment or micro-auction bidding, and more." Time seems to be listed both as a current parameter and a future one, which is confusing. = Section 4.4 = "FCC rules, for example, require that a 'Fixed Device' register its owner and operator contact information, its device identifier, its location, and its antenna height." It would be nice to have a citation for the rules referenced here. = Section 5.1 = Feel free to ignore this if it's completely misguided, but does altitude really not matter? Are we sure this protocol won't be re-used for devices on airplanes trying to find available spectrum? (I note that in RFC 6953, requirement D.1 specifies that the data model must support "the height and its uncertainty" -- I have no idea what "the height" means or if it is related to altitude.) = Section 10 = I agree with Stephen that the database operator should be considered as a potential adversary from the standpoint of potentially being able to create a fine-grained database that tracks the locations and spectrum use patterns of individual devices. That data could certainly be abused.
- [paws] Alissa Cooper's Discuss on draft-ietf-paws… Alissa Cooper
- [paws] Comment on draft-ietf-paws-protocol-14 Russ Housley
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Pete Resnick
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Pete Resnick
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Pete Resnick
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Gabor Bajko
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Pete Resnick
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Alissa Cooper
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Pete Resnick
- Re: [paws] Alissa Cooper's Discuss on draft-ietf-… Vincent Chen