during the GEOPRIV meeting I mentioned missing text in
draft-ietf-geopriv-rfc3825bis regarding security.
DHCP does not provide confidentiality protection as a built-in feature.
As Marc mentioned in response to issue#23 (see
http://trac.tools.ietf.org/wg/geopriv/trac/ticket/23) every target would
be given the exact same location information on a shared medium.
Unfortunately, the security consideration section does not mention this
aspect with a single word. Hence, I suggest to add:
"
Since there is no confidentiality protection for DHCP messages, an
eavesdropper who can monitor the link between the DHCP server and
requesting client can discover this LCI. In cases where multiple
hosts share the same link and can therefore see each others DHCP
messages the DHCP MUST NOT hand out location for individual hosts
but MUST rather provide location of the DHCP relay, DHCP server,
or a similar device instead. This ensures that none of the end
devices are able to learn exact information of the other hosts
on the same network.
"
Ciao
Hannes
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
