Re: [Pidloc] draft-nordmark-id-loc-privacy
Behcet Sarikaya <sarikaya2012@gmail.com> Fri, 05 October 2018 14:24 UTC
Return-Path: <sarikaya2012@gmail.com>
X-Original-To: pidloc@ietfa.amsl.com
Delivered-To: pidloc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 3B810128CF3
for <pidloc@ietfa.amsl.com>; Fri, 5 Oct 2018 07:24:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.748
X-Spam-Level:
X-Spam-Status: No, score=-1.748 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25,
FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id pFe2bmeBFPgA for <pidloc@ietfa.amsl.com>;
Fri, 5 Oct 2018 07:24:30 -0700 (PDT)
Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com
[IPv6:2a00:1450:4864:20::336])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id C1837124C04
for <pidloc@ietf.org>; Fri, 5 Oct 2018 07:24:29 -0700 (PDT)
Received: by mail-wm1-x336.google.com with SMTP id y140-v6so3887156wmd.0
for <pidloc@ietf.org>; Fri, 05 Oct 2018 07:24:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:references:in-reply-to:reply-to:from:date:message-id
:subject:to:cc;
bh=y0NZij1Ry3qxBOTEnX2IC6OkxJJFjid9EIJUZFSTlVk=;
b=vFD6x+bs1S4BdQ9MUfPGJFkSuKJ7rPBCTgpflUbJ1T01OBS4sSr9jNiGRLMZOpwut6
g3NQqiZlqLSh+p6277YHi08qXOhyTYH+KszWHopgLKnOA/jMzuZacDPfNTf/2CZ5zMl8
eALjKmNFGhqImxEqv1meyVu+2Qi1coyz/1koQIJsW0AP3L6U7QyPslJ5ZIpjGgelv9Jd
8XS7bqSoFjBQdTRfIi43uLJjG+WFfN9cTouK1l6XuANgc8ByyAwN0PQ0dO/WvUiCgKXj
6XS+UoasfVWCGcJbYifPMNKxVF6cSipV6km5Npb2LcnERWThljw9fXO5yqJQx/Ex1qer
R0dw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:reply-to
:from:date:message-id:subject:to:cc;
bh=y0NZij1Ry3qxBOTEnX2IC6OkxJJFjid9EIJUZFSTlVk=;
b=ld9tDrnyL0ElyAcTyfU4cflXMOutzZs9MP0j5rhMHEx8ZGABnZYPet8oOTggyoa/Hg
8KKktMPV00AqDPiGVmQghVuh2BbXFyagVPFoXJLZ5Ha59fu4BQ9OnkB20QFTHGXm6Cfl
/07TJi3+dn+31STbnY0vSdcf/dHaBUKzdCNqkr4w1dnWcMM0qyrGxfp9Ve4SN6zYNTvG
HnO03zJgal+jLoZKpWvND4vroKBnGcSsVklGjw83ksUZoMkM4sInVWJZ0Ac3QEVJC5un
d7YsbmN2BuHsG1I/BP7TS+yJ/PD7XeyiN9b1J0p2rOoBztJ1GCWVSQyuSqPVh4b5FnM7
5O4Q==
X-Gm-Message-State: ABuFfoigCymgvtQEjLvLeo4f1NJnn0FmwVBp7CcG5AhBnvAJx00hGrgs
hqExSDxm6otZ89eaLeJT7oQXBaxDHkz9hWJZMmfeevK6
X-Google-Smtp-Source: ACcGV62USIE2Uymvwu+ZZhPQPIV1iDfS81Zjyme6BuEdP7Cb3EnHDXwy5+apP8A2Qk4xqgtvyjI26BuvNffKEgAMpbI=
X-Received: by 2002:a1c:3c4:: with SMTP id 187-v6mr7611738wmd.90.1538749468012;
Fri, 05 Oct 2018 07:24:28 -0700 (PDT)
MIME-Version: 1.0
References: <CAC8QAcf-w6QhFXAf9c2y69-aWjwoLWJvuPP0Wgp4iT=Qz9+6tQ@mail.gmail.com>
<CAPDqMeos1-=xTAdnOw893C3RkiM9wrt7_njg+jDEasHa-kz1zg@mail.gmail.com>
In-Reply-To: <CAPDqMeos1-=xTAdnOw893C3RkiM9wrt7_njg+jDEasHa-kz1zg@mail.gmail.com>
Reply-To: sarikaya@ieee.org
From: Behcet Sarikaya <sarikaya2012@gmail.com>
Date: Fri, 5 Oct 2018 09:24:16 -0500
Message-ID: <CAC8QAcct_h7Ti+U0U0McF2GSii+ynJZQg4ZO_2058XhPm6dy4w@mail.gmail.com>
To: Tom Herbert <tom@quantonium.net>
Cc: sarikaya@ieee.org, pidloc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000070751005777c07c4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pidloc/fl3csojsHJYHQroSz65VJpWgb5M>
Subject: Re: [Pidloc] draft-nordmark-id-loc-privacy
X-BeenThere: pidloc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <pidloc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pidloc>,
<mailto:pidloc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pidloc/>
List-Post: <mailto:pidloc@ietf.org>
List-Help: <mailto:pidloc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pidloc>,
<mailto:pidloc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2018 14:24:32 -0000
On Thu, Oct 4, 2018 at 1:15 PM Tom Herbert <tom@quantonium.net> wrote: > On Thu, Oct 4, 2018 at 8:02 AM, Behcet Sarikaya <sarikaya2012@gmail.com> > wrote: > > Hi Luigi, Dirk, all, > > > > So far we have a number of reviews on Erik's draft indicating some > editorial > > issues and asking for clarification of some parts. All that is good. > > > > What I suggest is that we should also look into what he is saying in that > > draft, what is he suggesting as the future work to do? > > > > Here I am going to summary what I could find out: > > > > - We should concentrate on long-lived identifiers; > > > > - Worry not much on designing a privacy based unified mapping mapping > system > > which we had concentrated in our previous activity. This is because only > > trusted devices can access the mappings in an operator network > > > > - Instead worry about minimizing the privacy implication one can explore > > limiting to which peers and when the ID/ locator binding are exposed. > > > > The cases where ID/locator bindings are exposed (especially any mobile > > devices) > > - Family and friends for example where are parents sharing young children > > location > > I don't believe this case is relevant. There's already applications > that I can use to track my kids (like Life360). These use the GPS in > mobile devices and secure connections to trasmit location information; > it's far more accurate and secure than trying to deriving location > information from a few bits in an IP address. Yes, this has already been alluded to in the draft: Today such location sharing happens at an application layer using GPS coordinates. I think it's a hard > requirement that Identifiers (IP addresses in general) must not expose > geo location or mobile devices, and it follows that identifier/locator > bindings should never be shared outside a network except LEA orders. > > Here is the rest of the above paragraph I quoted from Erik's draft: But while such sharing is in effect, it wouldn't be unreasonable to also consider sharing IP locators to make it more efficient or more robust to e.g., route a video feed from one device to another. What do you think? Behcet Tom > > > - In industrial IoT case, the devices belonging to the same company share > > ID/locator bindings but not share the ID/locator binding with third > parties > > > > In Section 6, the draft points to some possibilities on how this limiting > > can be achieved: > > > > 1. pointing a locator for some fixed anchor point, like PGW or UPF > > > > 2. injecting routing prefixes for the ID prefixes into the normal routing > > system > > > > 3. not providing any stable locators across this boundary; only allow > > ephemeral IP addresses per session or otherwise limited exposure. > > > > In short, the draft is coming up with a lot work to do. > > We suggest that the group takes a close look into all these points and > see > > what we can do :-) > > Regards, > > Behcet & Dirk > > > > -- > > Pidloc mailing list > > Pidloc@ietf.org > > https://www.ietf.org/mailman/listinfo/pidloc > > >
- [Pidloc] draft-nordmark-id-loc-privacy Behcet Sarikaya
- Re: [Pidloc] draft-nordmark-id-loc-privacy Tom Herbert
- Re: [Pidloc] draft-nordmark-id-loc-privacy Behcet Sarikaya
- Re: [Pidloc] draft-nordmark-id-loc-privacy Tom Herbert
- Re: [Pidloc] draft-nordmark-id-loc-privacy Behcet Sarikaya
- Re: [Pidloc] draft-nordmark-id-loc-privacy Dirk.von-Hugo
- Re: [Pidloc] draft-nordmark-id-loc-privacy Behcet Sarikaya
- Re: [Pidloc] draft-nordmark-id-loc-privacy Luigi Iannone
- Re: [Pidloc] draft-nordmark-id-loc-privacy Luigi Iannone
- Re: [Pidloc] draft-nordmark-id-loc-privacy Behcet Sarikaya