[secdir] draft-ietf-geopriv-relative-location-04 SecDir Review

Donald Eastlake <d3e3e3@gmail.com> Sat, 04 May 2013 04:05 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0DF621F8FAC; Fri, 3 May 2013 21:05:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04SdFtZv+FMh; Fri, 3 May 2013 21:05:32 -0700 (PDT)
Received: from mail-ob0-x229.google.com (mail-ob0-x229.google.com [IPv6:2607:f8b0:4003:c01::229]) by ietfa.amsl.com (Postfix) with ESMTP id E868E21F8FAB; Fri, 3 May 2013 21:05:24 -0700 (PDT)
Received: by mail-ob0-f169.google.com with SMTP id tb18so1929040obb.28 for <multiple recipients>; Fri, 03 May 2013 21:05:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:from:date:message-id:subject:to:cc :content-type; bh=G2T6U/bSHx+dDP3Lqx3uhbofoyHPIuQ50YD5gafQ6QU=; b=XCZIvVJl+YxBJ0mnZ8NngB4UvecBIEht28o7JOcEFhw4dKJFMmTkHf4tp+A53/q9Mo gyFCRJnaqOaOdeQoK44Kc4H5zjD8Pn3ohBLtZtYIEnUZ1PxAPjrRagUUtQ5S7ItO43DD oYXzYKVMFFcXv0ShbytyfXYyukAJyTFZIIavYZxu2Iu2/xyhwrQ46clwnlDvwRhOWReV Zw/tUhs1dsP3Wo6KVyiEI3bGRP+pjhHpMIL/74JBpjxNNecfTKGhKbl8qz0jwR2dzCTf FqQKUO2PxTvYe+/tsmkUTtczj3lgpaQOoIky4BB51uC/qXYLpIBTdh35J6XVpLacmRyB OVrg==
X-Received: by 10.182.16.170 with SMTP id h10mr598843obd.17.1367640324523; Fri, 03 May 2013 21:05:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.76.10.8 with HTTP; Fri, 3 May 2013 21:05:04 -0700 (PDT)
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Sat, 4 May 2013 00:05:04 -0400
Message-ID: <CAF4+nEFM-0yv+4Jsai_h4a6=YUOSuKHER_QsoqVCJAHhUY7oig@mail.gmail.com>
To: iesg@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Cc: draft-ietf-geopriv-relative-location.all@tools.ietf.org, secdir@ietf.org
Subject: [secdir] draft-ietf-geopriv-relative-location-04 SecDir Review
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2013 04:05:33 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document specifies an extension to the Presence Information Data
Format Location Object (PIDF-LO, RFC 4119) so that location
information can be given relative to a base point. It is pretty
general, allowing the relative location to be various shapes or
specified with a map. Both XML and TLV representations are provided.

The Security Considerations section seems reasonable to me for a data
format specification document. It refers to the base RFC 4119
specification be also briefly touches on a covert channel that the
representation would otherwise have made available in some cases.

I feel comfortable with the existing Security Considerations section.

Thanks,
Donald
=============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3@gmail.com