Re: [secdir] secdir review of draft-forte-lost-extensions-06.txt
"Andrea G. Forte" <forte@att.com> Tue, 09 August 2011 16:32 UTC
Return-Path: <forte@att.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F318821F8B54; Tue, 9 Aug 2011 09:32:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xvxHn8M58AIl; Tue, 9 Aug 2011 09:32:51 -0700 (PDT)
Received: from mail120.messagelabs.com (mail120.messagelabs.com [216.82.250.83]) by ietfa.amsl.com (Postfix) with ESMTP id 3C55E21F8A96; Tue, 9 Aug 2011 09:32:51 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: forte@att.com
X-Msg-Ref: server-12.tower-120.messagelabs.com!1312907598!31982132!1
X-StarScan-Version: 6.2.17; banners=-,-,-
X-Originating-IP: [144.160.20.145]
Received: (qmail 31670 invoked from network); 9 Aug 2011 16:33:19 -0000
Received: from sbcsmtp6.sbc.com (HELO mlpd192.enaf.sfdc.sbc.com) (144.160.20.145) by server-12.tower-120.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 9 Aug 2011 16:33:19 -0000
Received: from enaf.sfdc.sbc.com (localhost.localdomain [127.0.0.1]) by mlpd192.enaf.sfdc.sbc.com (8.14.4/8.14.4) with ESMTP id p79GXhd2020283; Tue, 9 Aug 2011 12:33:44 -0400
Received: from alpd052.aldc.att.com (alpd052.aldc.att.com [130.8.42.31]) by mlpd192.enaf.sfdc.sbc.com (8.14.4/8.14.4) with ESMTP id p79GXZik020129; Tue, 9 Aug 2011 12:33:36 -0400
Received: from aldc.att.com (localhost.localdomain [127.0.0.1]) by alpd052.aldc.att.com (8.14.4/8.14.4) with ESMTP id p79GX8w3000573; Tue, 9 Aug 2011 12:33:09 -0400
Received: from [151.109.8.213] (dn151-109-8-213.dhcpn.ugn.att.com [151.109.8.213]) by alpd052.aldc.att.com (8.14.4/8.14.4) with ESMTP id p79GWxPE000316; Tue, 9 Aug 2011 12:33:00 -0400
User-Agent: Microsoft-MacOutlook/14.12.0.110505
Date: Tue, 09 Aug 2011 12:33:41 -0400
From: "Andrea G. Forte" <forte@att.com>
To: Carl Wallace <carl@redhoundsoftware.com>, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Message-ID: <CA66D032.486B%forte@att.com>
Thread-Topic: secdir review of draft-forte-lost-extensions-06.txt
In-Reply-To: <CA619C69.83D2%carl@redhoundsoftware.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-Mailman-Approved-At: Thu, 11 Aug 2011 08:02:35 -0700
Cc: draft-forte-lost-extensions.all@tools.ietf.org
Subject: Re: [secdir] secdir review of draft-forte-lost-extensions-06.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2011 16:32:52 -0000
Carl, Thank you for your review. Please read comments inline. -Andrea On 8/5/11 4:28 PM, "Carl Wallace" <carl@redhoundsoftware.com> wrote: >I have reviewed this document as part of the security directorate's >ongoing effort to review all IETF documents being processed by the IESG. >These comments were written primarily for the benefit of the security area >directors. Document editors and WG chairs should treat these comments >just like any other last call comments. > >This draft defines extensions to the LoST protocol defined in RFC 5222. >Where RFC 5222 focuses on emergency services. This draft addresses usage >of the protocol for non-emergency services. The draft adds three new >types of <findService> queries: N nearest, within distance X and servedBy. > The security considerations section is very brief and primarily addresses >potential problems with a LOST server that provides emergency and >non-emergency service support being over loaded by non-emergency requests. > A few additional concerns that may warrant mention in the document are >below. > >Privacy is not mentioned in this draft at all. RFC 5222 mentions using >HTTP over TLS. Queries for some types of non-emergency services may raise >privacy concerns not associated with seeking emergency services. >Similarly, the draft does not mention integrity. The lack of privacy or >integrity for responses residing in a cache may be worth mentioning as >well. [AGF] As this draft was meant to add functionalities to the LoST protocol (hence the 'extensions' in the name), I assumed that it was clear that everything else mentioned in RFC5222 and not mentioned in our draft would still stand. However, to make this more clear, I have added a paragraph in the Security section to address your concerns. > > >The draft does not discuss error handling at all. Some types of errors >associated with the extensions do not seem to fit into the errors >described in RFC 5222. For example, could a server return an error when a >requested area was too large for a query? Is the server allowed to place >its own limits less than a client requests? These concerns may not arise >in >the 5222 context, where non-overlapping service regions are a mitigation. [AGF] I am not convinced we need additional error messages. Generally speaking, I do not think the draft should limit what the server can do with its content. Given a large area, a server could decide to return the highest rated POIs only, or perhaps a fixed subset, or all of them. I do not think that we can classify such behaviors as LoST errors. These seem to be policy issues rather than errors. > >Given the commercial focus of the draft, the potential for stale >information to be returned by a server seems high and probably worth a >mention. For example, a pizza service may have closed. [AGF] This draft addresses extensions to the protocol used to convey information about location-based services. The way this information is maintained is out of scope. Similarly, for emergency services, if the boundaries of a PSAP change they have to be updated in the DB used by the LoST server. The way these are updated is not in the scope of RFC5222. > >Services are identified by URN. RFC 5222 uses URNs defined in RFC 5031, >which does not apply here. Who manages the URNs for this draft? It's >worth noting the examples within this draft use different URNs to >reference the important pizza service. [AGF] We have submitted a draft on this very issue in the past and encountered some resistance. Other people in the IETF thought we should leave this issue to experts in other non-IETF bodies. We are now trying to resume such work. (http://tools.ietf.org/html/draft-forte-ecrit-service-classification-03) > >A few nits, on page 11 correct "consinstent". Also the next to last >paragraph on page 11 is a little difficult to parse. [AGF] Thanks. > >
- [secdir] secdir review of draft-forte-lost-extens… Carl Wallace
- Re: [secdir] secdir review of draft-forte-lost-ex… Carl Wallace
- Re: [secdir] secdir review of draft-forte-lost-ex… Andrea G. Forte