I have heard someone saying that "64kb ought to be enough for everyone"...
-------- Original-Nachricht --------
> Datum: Tue, 10 Aug 2010 09:14:11 -0400
> Von: Marc Linsner begin_of_the_skype_highlighting end_of_the_skype_highlighting <mlinsner@cisco.com>
> An: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>, geopriv@ietf.org
> Betreff: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
> Hannes,
>
> Think about what you are saying.
>
> The only medium currently in use that works as you posit is 802.11. How
> practical (or even possible) is it to use DHCP to provide device level
> location values on a wireless network? Think thru how one might implement
> such a mechanism and you'll realize it ain't gonna happen!
>
> -Marc-
>
>
>
> On 8/10/10 9:09 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
> <hannes.tschofenig@nsn.com> wrote:
>
> > Think about a regular hotel network.
> >
> >> -----Original Message-----
> >> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
> >> Sent: Tuesday, August 10, 2010 3:59 PM
> >> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
> >> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
> >>
> >> Hannes,
> >>
> >> What specific network type(s) are you worried about?
> >>
> >> -Marc-
> >>
> >>
> >> On 8/10/10 8:25 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
> >> <hannes.tschofenig@nsn.com> wrote:
> >>
> >>> But the conclusion is missing: if you are on a shared link
> >> then you must
> >>> not share location at the level of the individual hosts. I fear that
> >>> those who implement and deploy would not get the point and would
> >>> nevertheless reveal information and put the user at risk.
> >>>
> >>>> -----Original Message-----
> >>>> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
> >>>> Sent: Tuesday, August 10, 2010 3:23 PM
> >>>> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
> >>>> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
> >>>>
> >>>> Hannes,
> >>>>
> >>>>
> >>>> On 8/10/10 3:33 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
> >>>> <hannes.tschofenig@nsn.com> wrote:
> >>>>
> >>>>> Hi all,
> >>>>>
> >>>>> during the GEOPRIV meeting I mentioned missing text in
> >>>>> draft-ietf-geopriv-rfc3825bis regarding security.
> >>>>>
> >>>>> DHCP does not provide confidentiality protection as a
> >>>> built-in feature.
> >>>>> As Marc mentioned in response to issue#23 (see
> >>>>> http://trac.tools.ietf.org/wg/geopriv/trac/ticket/23) every
> >>>> target would
> >>>>> be given the exact same location information on a shared medium.
> >>>>>
> >>>>> Unfortunately, the security consideration section does not
> >>>> mention this
> >>>>> aspect with a single word.
> >>>>
> >>>> Not true, currently in the security consideration section of
> >>>> the draft:
> >>>>
> >>>> " Since there is no privacy protection for DHCP messages, an
> >>>> eavesdropper who can monitor the link between the DHCP
> >> server and
> >>>> requesting client can discover this LCI."
> >>>>
> >>>> I don't believe more text is needed.
> >>>>
> >>>> -Marc-
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Hence, I suggest to add:
> >>>>>
> >>>>> "
> >>>>> Since there is no confidentiality protection for DHCP
> >>>> messages, an
> >>>>> eavesdropper who can monitor the link between the DHCP
> >> server and
> >>>>> requesting client can discover this LCI. In cases
> >> where multiple
> >>>>> hosts share the same link and can therefore see each
> >> others DHCP
> >>>>> messages the DHCP MUST NOT hand out location for
> >> individual hosts
> >>>>> but MUST rather provide location of the DHCP relay,
> >> DHCP server,
> >>>>> or a similar device instead. This ensures that none of the end
> >>>>> devices are able to learn exact information of the other hosts
> >>>>> on the same network.
> >>>>> "
> >>>>>
> >>>>> Ciao
> >>>>> Hannes
> >>>>>
> >>>>> _______________________________________________
> >>>>> Geopriv mailing list
> >>>>> Geopriv@ietf.org
> >>>>> https://www.ietf.org/mailman/listinfo/geopriv
> >>>>
> >>>>
> >>>>
> >>
> >>
> >>
>
>
> _______________________________________________
> Geopriv mailing list
> Geopriv@ietf.org
> https://www.ietf.org/mailman/listinfo/geopriv
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
