Re: [Ecrit] Location hiding: Consensus?

[Henning Schulzrinne <hgs at cs.columbia.edu>]

On May 9, 2007, at 9:31 PM, Andrew Newton wrote:

> On May 9, 2007, at 11:22 AM, Henning Schulzrinne wrote:
> > Are you suggesting that, from a technical standpoint, hiding  
> > location from the end system is a good idea?
>
> I think you misunderstood my point.  Simply put, if you are going  
> through the trouble to support location hiding, you should support  
> it fully and not partially.

Why? We're engineering for requirements, not some abstract ideal of  
perfection, particularly since that perfection is about as far away  
from where we want to be without the business issue. After all,  
location hiding isn't the architecture that the working group agreed  
upon. Thus, I think the right model is to what we need to do, but no  
more.

> > Unfortunately, in your model, the VSP would have no way to do any  
> > validation at all, since it is not operating a trusted LoST  
> > server, according to our 'no business relationship' requirement  
> > and thus can't resolve the reference. Thus, your model actually  
> > fails to support the validation requirements. That's certainly  
> > good to note.
>
> Hmmm... yet in your model, the PSAP is somehow known as a trusted  
> entity when dereferencing location.  In whatever way that occurs,  
> which has not been explained, the VSP can also use that trust  
> relationship to determine if it is sending calls to a PSAP.

PSAPs and ISPs are not competing with each other, ISPs (in their  
often dual role as VSPs) and VSPs are. Also, the number of PSAPs per  
ISP is very small, compared to the number of VSPs. There is no way  
that an ISP can know all the VSPs in the world.

I don't like this trust relationship, but it's been proposed by  
others for other reasons (location signing), and I don't recall you  
objecting at that point.


> There is another issue with the validation step.  Taking Brian's  
> now-infamous VSP in Sierra Leone, how can you be assured that the  
> LoST tree used by the VSP is capable of traversing to the LoST tree  
> used by the LIS?

For any number of reasons, we need a global LoST tree if the Sierra  
Leonian VSP is to work at all for roaming users, location hiding or  
not. We can't count on every ISP offering LoST services, for example.



> > I'm using Brian's variation of my proposal. The LIS computes,  
> > based on its querying of LoST, a geometric shape such as a polygon  
> > or circle whose centroid/center lands in the right PSAP and  
> > includes the current location of the client, presumably somewhere  
> > other than in the center.
> >
> > The VSP does exactly the same computation, again taking the center  
> > of the circle to do the lookup. Thus, it performs no special  
> > operation and is not concerned with holes in service areas at all.
>
> Since the computation is the same, why not just send the point that  
> is the centroid?

We don't want to lie by pretending that the client is somewhere where  
it isn't. In the centroid model, we simply artificially "fuzz" the  
location information.



> -andy


_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit