On 8/10/10 3:33 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
<hannes.tschofenig@nsn.com> wrote:
> Hi all,
>
> during the GEOPRIV meeting I mentioned missing text in
> draft-ietf-geopriv-rfc3825bis regarding security.
>
> DHCP does not provide confidentiality protection as a built-in feature.
> As Marc mentioned in response to issue#23 (see
> http://trac.tools.ietf.org/wg/geopriv/trac/ticket/23) every target would
> be given the exact same location information on a shared medium.
>
> Unfortunately, the security consideration section does not mention this
> aspect with a single word.
Not true, currently in the security consideration section of the draft:
" Since there is no privacy protection for DHCP messages, an
eavesdropper who can monitor the link between the DHCP server and
requesting client can discover this LCI."
I don't believe more text is needed.
-Marc-
Hence, I suggest to add:
>
> "
> Since there is no confidentiality protection for DHCP messages, an
> eavesdropper who can monitor the link between the DHCP server and
> requesting client can discover this LCI. In cases where multiple
> hosts share the same link and can therefore see each others DHCP
> messages the DHCP MUST NOT hand out location for individual hosts
> but MUST rather provide location of the DHCP relay, DHCP server,
> or a similar device instead. This ensures that none of the end
> devices are able to learn exact information of the other hosts
> on the same network.
> "
>
> Ciao
> Hannes
>
> _______________________________________________
> Geopriv mailing list
> Geopriv@ietf.org
> https://www.ietf.org/mailman/listinfo/geopriv
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
