[RTG-DIR]Re: Rtgdir early review of draft-ietf-lisp-geo-06

Dino Farinacci <farinacci@gmail.com> Wed, 03 July 2024 22:39 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59E63C1840E6; Wed, 3 Jul 2024 15:39:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ANaij2CVX66G; Wed, 3 Jul 2024 15:39:56 -0700 (PDT)
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDB6BC1840D8; Wed, 3 Jul 2024 15:39:55 -0700 (PDT)
Received: by mail-pf1-x42e.google.com with SMTP id d2e1a72fcca58-70ad2488fb1so54407b3a.1; Wed, 03 Jul 2024 15:39:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1720046395; x=1720651195; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=/ozR6xAtnybwv2WDefk+j+08fC+O4aCAKLUsa4h4D9c=; b=OZuJ3vYUnxdOcxOx4AEzvw5/2EcYrqoloexyQDSyZCLv4ejjx4MsrPcqjyQWjzfqqo 6iIQdAWf0hn5X9IyZcipA+S9q/UnoS1HtH/OKVc4yMf62RERm6FzZf8dPUuxcdKrfhYs Bscrf9QJXpGVdsDA4GKlTsftRjqt3tqfu5o0up1TBv5sYkB6qn77KHcka9NlutuFjcFz lDp8rj7DxepckTFgMF0L+yz2c9vvLUjXq4sLJqgLP4LGJl6Jq+r3boBPkLFfxiXhlgNO Dny5Kf4TbIZukRRi3SII+IXQvrP3PFxpUbq02EKFRvZIUWHiRtbNHiFznZlFAPi6kKdt 93WA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720046395; x=1720651195; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/ozR6xAtnybwv2WDefk+j+08fC+O4aCAKLUsa4h4D9c=; b=Bu+7t/3oGSsvFAFM01KkGJvhIwb6d0LsggJr4qM0iVMXE9qWmhECdU6WFHeTqnMmEo dXskioDIto71ljHiIFzKh3zl/MpjHXEqVyTcXjqNQNkoKwHRRQfs5p+6mVhK78cfxR0x YuNLo44N8i1Amd+vPOCijq/4TML/ipRGk8mejHd0rdzniyRm2xbsFSbYkYzQcDuOQvzS T7N1tzdTwHLmrXPaBFHM2y1K6y1yV3xH59uiqWzkuIess/61VSCQtM9eKMqe3kfTXP52 S32J8973i8H6q/15DqXk2l/7y4HdzlaKSjLrYy+qnEWF5YOzpEXM7F/eNVHwsTYkLZ6E hLyQ==
X-Forwarded-Encrypted: i=1; AJvYcCXuyVG8KSE23Ns/TQ1F4oQoDD/Vsxl6UeQI4lfeDbHNAeSn4FCWoLxFx0YKeTthUX133lZNVf8HDtxRVrQtkoEe93pxIZrk3lk2Yx+bCggOFduxV/ojdPh7AuZtJJD/0A==
X-Gm-Message-State: AOJu0Yw/RntXK6xWH8AJjRldt8889OL+U7lm9I45Qor+1xTnInnHlkGL SmikEuSRGZAqygfOzMfYfhUofWjjOHas507V8LKGnNap1t8843D7rBGYrA==
X-Google-Smtp-Source: AGHT+IEj8WDtXX7MPR/OtWo0APWAlgn/pAoRBo654AGaCNaMn5TvuTauu5f/COzvVTrosFYBGQwL6g==
X-Received: by 2002:a05:6a00:1944:b0:706:29e6:2ed2 with SMTP id d2e1a72fcca58-70aaad2c0f3mr17565300b3a.5.1720046395268; Wed, 03 Jul 2024 15:39:55 -0700 (PDT)
Received: from smtpclient.apple (c-24-5-184-219.hsd1.ca.comcast.net. [24.5.184.219]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-708044ae395sm11282111b3a.144.2024.07.03.15.39.54 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 03 Jul 2024 15:39:54 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.300.61.1.2\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <CAP+sJUfeGA+kMRcuRA82v0E17DoJ6iXtP+-qNyQTtHimQ3_eVA@mail.gmail.com>
Date: Wed, 03 Jul 2024 15:39:43 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <A78FC8C3-4743-4D62-A733-BC0CE1C72D38@gmail.com>
References: <171728408126.60779.4934672024063573487@ietfa.amsl.com> <160F672D-6F3F-4B01-BC70-BA276F17336B@gmail.com> <CAP+sJUfeGA+kMRcuRA82v0E17DoJ6iXtP+-qNyQTtHimQ3_eVA@mail.gmail.com>
To: Ines Robles <mariainesrobles@googlemail.com>
X-Mailer: Apple Mail (2.3774.300.61.1.2)
Message-ID-Hash: 7X4AU7V5Q437DTDFMZVE5M77QQTAN7DE
X-Message-ID-Hash: 7X4AU7V5Q437DTDFMZVE5M77QQTAN7DE
X-MailFrom: farinacci@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rtg-dir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: rtg-dir@ietf.org, draft-ietf-lisp-geo.all@ietf.org, lisp@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [RTG-DIR]Re: Rtgdir early review of draft-ietf-lisp-geo-06
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-dir/GyLSaX-hopOe9yZ_A2EHv1vwuCk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-dir>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Owner: <mailto:rtg-dir-owner@ietf.org>
List-Post: <mailto:rtg-dir@ietf.org>
List-Subscribe: <mailto:rtg-dir-join@ietf.org>
List-Unsubscribe: <mailto:rtg-dir-leave@ietf.org>

Ines, thanks for your comments. Here is one response to your commentary.

> > 9- In the security considerations, what about add description on attacks
> > related to geo-coordinates such as location spoofing?
> 
> We had added that from previous reviews. Tell us exactly what you are looking for.
> 
> Ok, thanks. I was wondering about potential consequences of location spoofing within the LISP environment, such as misleading network path selection. What do you think? 

I think we have covered this and there is no way to validate a "good geo-coordinate". If you authenticate the source who registered the mapping, you are trusting them. There is no way to do a back-door check to see if the location is correct or precise. 

We don't want the draft to spec out to validate something this:

EID: London, UK
RLOC: geo lat: 37, geo long: -121

Meaning, you don't want to say, "hey those coordinates are in San Jose, CA but you used a name called London, this is suspect, we probably shouldn't register this".

This sort of validation should be done in the implementation at the source (and not the LISP implementation) but the admins who decide London needs to be San Jose. ;-)

Dino