Think about what you are saying.
The only medium currently in use that works as you posit is 802.11. How
practical (or even possible) is it to use DHCP to provide device level
location values on a wireless network? Think thru how one might implement
such a mechanism and you'll realize it ain't gonna happen!
-Marc-
On 8/10/10 9:09 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
<hannes.tschofenig@nsn.com> wrote:
> Think about a regular hotel network.
>
>> -----Original Message-----
>> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
>> Sent: Tuesday, August 10, 2010 3:59 PM
>> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
>> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
>>
>> Hannes,
>>
>> What specific network type(s) are you worried about?
>>
>> -Marc-
>>
>>
>> On 8/10/10 8:25 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
>> <hannes.tschofenig@nsn.com> wrote:
>>
>>> But the conclusion is missing: if you are on a shared link
>> then you must
>>> not share location at the level of the individual hosts. I fear that
>>> those who implement and deploy would not get the point and would
>>> nevertheless reveal information and put the user at risk.
>>>
>>>> -----Original Message-----
>>>> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
>>>> Sent: Tuesday, August 10, 2010 3:23 PM
>>>> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
>>>> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
>>>>
>>>> Hannes,
>>>>
>>>>
>>>> On 8/10/10 3:33 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
>>>> <hannes.tschofenig@nsn.com> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> during the GEOPRIV meeting I mentioned missing text in
>>>>> draft-ietf-geopriv-rfc3825bis regarding security.
>>>>>
>>>>> DHCP does not provide confidentiality protection as a
>>>> built-in feature.
>>>>> As Marc mentioned in response to issue#23 (see
>>>>> http://trac.tools.ietf.org/wg/geopriv/trac/ticket/23) every
>>>> target would
>>>>> be given the exact same location information on a shared medium.
>>>>>
>>>>> Unfortunately, the security consideration section does not
>>>> mention this
>>>>> aspect with a single word.
>>>>
>>>> Not true, currently in the security consideration section of
>>>> the draft:
>>>>
>>>> " Since there is no privacy protection for DHCP messages, an
>>>> eavesdropper who can monitor the link between the DHCP
>> server and
>>>> requesting client can discover this LCI."
>>>>
>>>> I don't believe more text is needed.
>>>>
>>>> -Marc-
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Hence, I suggest to add:
>>>>>
>>>>> "
>>>>> Since there is no confidentiality protection for DHCP
>>>> messages, an
>>>>> eavesdropper who can monitor the link between the DHCP
>> server and
>>>>> requesting client can discover this LCI. In cases
>> where multiple
>>>>> hosts share the same link and can therefore see each
>> others DHCP
>>>>> messages the DHCP MUST NOT hand out location for
>> individual hosts
>>>>> but MUST rather provide location of the DHCP relay,
>> DHCP server,
>>>>> or a similar device instead. This ensures that none of the end
>>>>> devices are able to learn exact information of the other hosts
>>>>> on the same network.
>>>>> "
>>>>>
>>>>> Ciao
>>>>> Hannes
>>>>>
>>>>> _______________________________________________
>>>>> Geopriv mailing list
>>>>> Geopriv@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/geopriv
>>>>
>>>>
>>>>
>>
>>
>>
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
