Re: [Geopriv] HELD and persistent TLS connections in emergency calls

To: Brian Rosen <br at brianrosen.net>
Subject: Re: [Geopriv] HELD and persistent TLS connections in emergency calls
From: Cullen Jennings <fluffy at cisco.com>
Date: Fri, 14 Sep 2007 12:25:57 -0700
Authentication-results: sj-dkim-3; header.From=fluffy@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Cc: 'GEOPRIV' <geopriv at ietf.org>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=3702; t=1189798051; x=1190662051; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fluffy@cisco.com; z=From:=20Cullen=20Jennings=20<fluffy@cisco.com> |Subject:=20Re=3A=20[Geopriv]=20HELD=20and=20persistent=20TLS=20connectio ns=20in=20emergency=20calls |Sender:=20; bh=GKCX4ae2fUlmsC1gRIrL2t95//fQqmVuXS/xZoZiMfs=; b=WCYzm4wsWW5/zvpQGttOjou30OO0dJE7ZZ8Y8Pf00RQjI0snx0Ygtp83xxRlim5LIO4IDI8s PxE6VxQ6RxsuaUefa3KtbkisMQDzaaNMAcxsNkr6YHZJnCU73tTYsVLO;
Impp: xmpp:cullenfluffyjennings@jabber.org
In-reply-to: <0a2f01c7f6f5$79431b90$640fa8c0@cis.neustar.com>
List-help: <mailto:geopriv-request@ietf.org?subject=help>
List-id: Geographic Location/Privacy <geopriv.ietf.org>
List-post: <mailto:geopriv@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
References: <0a2f01c7f6f5$79431b90$640fa8c0@cis.neustar.com>


Few random thoughts....

Certainly session resumption might work well here - basically when the device connected the first time it would do the public key operation to set up session once then save a secret that could be used for future sessions without doing the expensive public key operations. There are extensions to allow session resumption to only store state on the client not server - RFC 4507 and soon to be approved update to it. It would be well worth having a look at the session resumption stuff and seeing how to specify it's usage - it is implemented in many TLS stacks including OpenSSL.

I also think it would be worth looking at what the time to set up a TLS session is. The first thing would be to look at what size keys should the server use - some recommendation for key size specific to LIS might help keep people from using things way too large. The information transfered over HELD is unlikely to have high long term value and that might change the key sizes chosen. It would then be good to guess what the processors might be on the very low end stuff by the time any of this actually gets deployed. My gut feeling is 1/2 second does not sound quite right. Whatever the answer is, it would be nice to see this analysis.

I can also imagine that in some cases getting a reference might help in that the host that eventually fetched the reference might have a much faster processor than a low end mobile phone.

Cullen <with my individual hat on>

PS - I simultaneously agree with Henning that it might be possible to use long lived TLS connection while agreeing with Barbara that regardless of the feasibility, operators will hate the idea. Hows that for being on the fence :-) But I hope we can avoid having to do this approach.


On Sep 14, 2007, at 10:34 AM, Brian Rosen wrote:

One of the uses for HELD is for an end device to obtain its location. The recommendations in ecrit-phonebcp say that the end device should get its location when it boots, periodically thereafter, and as it makes an emergency call. The time to complete the operation doesn't matter in the first two cases, but does at call time.

Location sent by value should be protected from eavesdropping. TLS is of course the mechanism of choice for HELD. Unless we change our position, we've stated that the security of the reference is the same as the value. That means getting a reference doesn't help; you would want to protect the transfer of the reference with TLS.

What should the recommendation be for the TLS connection between the endpoint and the HELD server? Seems like we have two bad choices: 1. The endpoint maintains a persistent TLS connection. This seems impossible for a LIS to maintain, and wasteful for the device 2. We incur very long time to establish the TLS session at call time. I think this is currently something in the 1/2 second or more range for a typical phone like embedded controller, sometimes much more. That is WAY too long for emergency call, where we're attempting to keep call set up in the 2 seconds from dial to ring.

I don't have an answer here. We don't use TLS with the other LCPs; we have other mechanisms that protect the privacy to various degrees. TLS is an excellent mechanism for this purpose. I just don't know how to deal with the setup time.
Brian
_______________________________________________
Geopriv mailing list
Geopriv at ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

_______________________________________________
Geopriv mailing list
Geopriv at ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv

Follow-Ups:
- Re: [Geopriv] HELD and persistent TLS connections in emergency calls
  - From: Hannes Tschofenig

References:
- [Geopriv] HELD and persistent TLS connections in emergency calls
  - From: Brian Rosen

Prev by Date: RE: [Geopriv] HELD and persistent TLS connections in emergency calls
Next by Date: RE: [Geopriv] HELD and persistent TLS connections in emergency calls
Previous by thread: Re: [Geopriv] HELD and persistent TLS connections in emergency calls
Next by thread: Re: [Geopriv] HELD and persistent TLS connections in emergency calls
Index(es):
- Date
- Thread

Re: [Geopriv] HELD and persistent TLS connections in emergency calls

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.