Inline...
> -----Original Message-----
> From: Bernard Aboba [mailto:bernard_aboba@hotmail.com]
> Sent: Wednesday, 17 February 2010 5:49 PM
> To: Thomson, Martin; geopriv@ietf.org
> Subject: RE: [Geopriv] WGLC: draft-ietf-geopriv-held-identity-
> extensions
>
> NEW:
> A LIS can authorize location configuration requests using a policy
> that allows Devices to acquire their own location (see Section 4.1).
> If an unauthorized third-party falsifies addressing on request packets
> to match the provided Device identity, the request might be erroneously
> authorized under this policy. Requests containing Device identity must
> not be authorized using this policy unless specific measures are taken
> to prevent this type of attack.
>
> [BA] Since in HELD return routability is presumed to ensure against IP
> address spoofing of HTTP over TCP requests, I'm assuming that this is
> not the address falsification being referred to here, right? I guess
> that leaves MAC address and the cellular identifiers.
That's correct. I don't know how much more detail is really helpful in the introduction. I want to strike a balance between getting the statements accurate and avoiding unnecessary detail.
However, this statement is also correct for IP addresses. We already have the "specific measures"; that is: return routability, as described in HELD :)
> This IDN-aware domain name slot [I-D.ietf-idnabis-defs] MAY be
> formed
> from any sequence of valid labels (A-label, U-labels or NR-LDH-
> label). Binary or bit string labels cannot be represented in this
> domain name slot.
>
> [BA] If the domain slot is IDN-aware, wouldn't it make sense to prefer
> a U-label? Also, I don't think you want to allow an FQDN that is a
> mixture of U-labels and A-labels.
I've read the relevant sections 5 times now. I think that you are right, U-label is what we're looking for. The fact that you _can_ mix label types, doesn't mean that you should.
--Martin
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
