> -----Original Message-----
> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
> Sent: Tuesday, August 10, 2010 3:59 PM
> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
>
> Hannes,
>
> What specific network type(s) are you worried about?
>
> -Marc-
>
>
> On 8/10/10 8:25 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
> <hannes.tschofenig@nsn.com> wrote:
>
> > But the conclusion is missing: if you are on a shared link
> then you must
> > not share location at the level of the individual hosts. I fear that
> > those who implement and deploy would not get the point and would
> > nevertheless reveal information and put the user at risk.
> >
> >> -----Original Message-----
> >> From: ext Marc Linsner [mailto:mlinsner@cisco.com]
> >> Sent: Tuesday, August 10, 2010 3:23 PM
> >> To: Tschofenig, Hannes (NSN - FI/Espoo); geopriv@ietf.org
> >> Subject: Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
> >>
> >> Hannes,
> >>
> >>
> >> On 8/10/10 3:33 AM, "Tschofenig, Hannes (NSN - FI/Espoo)"
> >> <hannes.tschofenig@nsn.com> wrote:
> >>
> >>> Hi all,
> >>>
> >>> during the GEOPRIV meeting I mentioned missing text in
> >>> draft-ietf-geopriv-rfc3825bis regarding security.
> >>>
> >>> DHCP does not provide confidentiality protection as a
> >> built-in feature.
> >>> As Marc mentioned in response to issue#23 (see
> >>> http://trac.tools.ietf.org/wg/geopriv/trac/ticket/23) every
> >> target would
> >>> be given the exact same location information on a shared medium.
> >>>
> >>> Unfortunately, the security consideration section does not
> >> mention this
> >>> aspect with a single word.
> >>
> >> Not true, currently in the security consideration section of
> >> the draft:
> >>
> >> " Since there is no privacy protection for DHCP messages, an
> >> eavesdropper who can monitor the link between the DHCP
> server and
> >> requesting client can discover this LCI."
> >>
> >> I don't believe more text is needed.
> >>
> >> -Marc-
> >>
> >>
> >>
> >>
> >>
> >>
> >> Hence, I suggest to add:
> >>>
> >>> "
> >>> Since there is no confidentiality protection for DHCP
> >> messages, an
> >>> eavesdropper who can monitor the link between the DHCP
> server and
> >>> requesting client can discover this LCI. In cases
> where multiple
> >>> hosts share the same link and can therefore see each
> others DHCP
> >>> messages the DHCP MUST NOT hand out location for
> individual hosts
> >>> but MUST rather provide location of the DHCP relay,
> DHCP server,
> >>> or a similar device instead. This ensures that none of the end
> >>> devices are able to learn exact information of the other hosts
> >>> on the same network.
> >>> "
> >>>
> >>> Ciao
> >>> Hannes
> >>>
> >>> _______________________________________________
> >>> Geopriv mailing list
> >>> Geopriv@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/geopriv
> >>
> >>
> >>
>
>
>
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
Tuesday, August 10, 2010
Re: [Geopriv] draft-ietf-geopriv-rfc3825bis
Think about a regular hotel network.
