IETF Logo Mail Archive

RE: [Sipping-emergency] Comment about Charter [no privacy?]

Tschofenig Hannes <hannes.tschofenig@siemens.com> Fri, 29 October 2004 08:49 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA08746 for <sipping-emergency-web-archive@ietf.org>; Fri, 29 Oct 2004 04:49:16 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CNSfx-000169-Gc for sipping-emergency-web-archive@ietf.org; Fri, 29 Oct 2004 05:04:01 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CNSEB-0004l5-13; Fri, 29 Oct 2004 04:35:19 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CNRu9-0001fn-0L for sipping-emergency@megatron.ietf.org; Fri, 29 Oct 2004 04:14:37 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA06283 for <sipping-emergency@ietf.org>; Fri, 29 Oct 2004 04:14:35 -0400 (EDT)
Received: from thoth.sbs.de ([192.35.17.2]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CNS8N-0000NL-JY for sipping-emergency@ietf.org; Fri, 29 Oct 2004 04:29:20 -0400
Received: from mail3.siemens.de (mail3.siemens.de [139.25.208.14]) by thoth.sbs.de (8.12.6/8.12.6) with ESMTP id i9T8EXfO010354; Fri, 29 Oct 2004 10:14:33 +0200
Received: from mchp9daa.mch.sbs.de (mchp9daa.mch.sbs.de [139.25.137.99]) by mail3.siemens.de (8.12.6/8.12.6) with ESMTP id i9T8EVBO022215; Fri, 29 Oct 2004 10:14:32 +0200
Received: by mchp9daa.mch.sbs.de with Internet Mail Service (5.5.2657.72) id <4BVR79XS>; Fri, 29 Oct 2004 10:14:31 +0200
Message-ID: <2A8DB02E3018D411901B009027FD3A3F04686938@mchp905a.mch.sbs.de>
From: Tschofenig Hannes <hannes.tschofenig@siemens.com>
To: 'James Winterbottom' <winterb@nortelnetworks.com>, "James M. Polk" <jmpolk@cisco.com>, sipping-emergency@ietf.org
Subject: RE: [Sipping-emergency] Comment about Charter [no privacy?]
Date: Fri, 29 Oct 2004 10:14:27 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
X-Spam-Score: 0.6 (/)
X-Scan-Signature: 33cc095b503da4365ce57c727e553cf1
X-BeenThere: sipping-emergency@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: sipping-emergency.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sipping-emergency>, <mailto:sipping-emergency-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sipping-emergency@ietf.org>
List-Help: <mailto:sipping-emergency-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sipping-emergency>, <mailto:sipping-emergency-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0739594684=="
Sender: sipping-emergency-bounces@ietf.org
Errors-To: sipping-emergency-bounces@ietf.org
X-Spam-Score: 0.6 (/)
X-Scan-Signature: 88b11fc64c1bfdb4425294ef5374ca07

hi james, 
 
every document will have to address both privacy and security
considerations. the geopriv requirements draft gives a number of guidelines
but more work is needed when you apply it to an actual using protocol (such
as sip). the fact that you have pseudonyms is nice but still there are some
places where user names show up. for example, end-to-end security mechanisms
provide the recipient a way to authenticate you (and authorizate you based
on your authenticated identity) but if you want to experience anonymity then
the authorization functionality at the recipient is certainly more
difficult. 
 
ciao
hannes
 


  _____  

From: James Winterbottom [mailto:winterb@nortelnetworks.com] 
Sent: Freitag, 29. Oktober 2004 08:32
To: James M. Polk; sipping-emergency@ietf.org
Subject: RE: [Sipping-emergency] Comment about Charter [no privacy?]



Hi James, 

Doesn't "draft-ietf-geopriv-pres-02" suggest that a location
server/generator is able to transmit a location to a location recipient, be
that the target itself, or someone else. I believe that this is also covered
in RFC-3693 GeoPriv Requirements. In order to be able to transmit a
location, one must first be able to determine it!!! For the purposes of
transmitting location pseudonyms are also used, so I am not sure where the
tying to a user name comes in.

What was submitted by me is a set of requirements that the authors believe
need to be satisfied in order to meet the needs of emergency service
providers. There has been no discussion of not using or varying the existing
GeoPriv rulesets.


Cheers 
James 
  

-----Original Message----- 
From: sipping-emergency-bounces@ietf.org
[mailto:sipping-emergency-bounces@ietf.org
<mailto:sipping-emergency-bounces@ietf.org> ] 
Sent: Friday, 29 October 2004 3:07 PM 
To: sipping-emergency@ietf.org 
Subject: [Sipping-emergency] Comment about Charter [no privacy?] 


All 

In reading the charter for our new ECRIT BOF, I don't see mention of 
privacy concerns wrt the ability to track an endpoint based on some Loc 
Info Server (LIS) always knowing where that endpoint is (if nomadic or 
mobile), or tying a user(name) to a particular endpoint (regardless of what 
type it is). 

I thought privacy was agreed upon to be mentioned as a consideration? 

I know at least Jonathan and I brought it up, and I think I remember Jon 
agreeing to this consideration. 

We do not want to ignore the retention and distribution rules we so 
carefully built into the PIDF-LO 

cheers, 
James 

                                ******************* 
                 Truth is not to be argued... it is to be presented 


_______________________________________________ 
Sipping-emergency mailing list 
Sipping-emergency@ietf.org
https://www1.ietf.org/mailman/listinfo/sipping-emergency
<https://www1.ietf.org/mailman/listinfo/sipping-emergency>  


_______________________________________________
Sipping-emergency mailing list
Sipping-emergency@ietf.org
https://www1.ietf.org/mailman/listinfo/sipping-emergency

v2.23.0 | Report a Bug | By Email