[Geopriv] SECDIR review of draft-ietf-geopriv-held-identity-extensions-00
Richard Barnes <rbarnes@bbn.com> Wed, 21 October 2009 01:53 UTC
Return-Path: <rbarnes@bbn.com>
X-Original-To: geopriv@core3.amsl.com
Delivered-To: geopriv@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 292B73A67AF for <geopriv@core3.amsl.com>; Tue, 20 Oct 2009 18:53:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id APgFLVgFn9Hy for <geopriv@core3.amsl.com>; Tue, 20 Oct 2009 18:53:58 -0700 (PDT)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 1F4F83A6839 for <geopriv@ietf.org>; Tue, 20 Oct 2009 18:53:58 -0700 (PDT)
Received: from [128.89.254.184] (helo=col-rbarnes-l1.local) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <rbarnes@bbn.com>) id 1N0PSn-0001ua-DS for geopriv@ietf.org; Tue, 20 Oct 2009 20:54:05 -0400
Message-ID: <4ADE69BD.60308@bbn.com>
Date: Tue, 20 Oct 2009 21:54:05 -0400
From: Richard Barnes <rbarnes@bbn.com>
User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605)
MIME-Version: 1.0
To: 'GEOPRIV' <geopriv@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [Geopriv] SECDIR review of draft-ietf-geopriv-held-identity-extensions-00
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/geopriv>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2009 01:53:59 -0000
FYI, Donald Eastlake was kind enough to do an early SECDIR review of draft-ietf-geopriv-held-identity-extensions-00, included below and available at the following URI: <http://www.ietf.org/mail-archive/web/ietf/current/msg59086.html> -------- Original Message -------- Subject: draft-ietf-geopriv-held-identity-extensions-00 Date: Tue, 20 Oct 2009 10:38:19 -0400 From: Donald Eastlake <d3e3e3@gmail.com> This is an early security directorate review at the request of the working group. This draft is of extensions to existing drafts. Those existing drafts permit a Device to request its location using HTTP based on the source IP address in the requesting packets and include security precautions based on the transport used. The first extension expands "identity" to beyond a simple IP address by providing additional or alternative identity. The second extension permits an authorized third party to request the location of a Device for which it provides the identity. The data representation used within location requests is XML and, while the schema given looks reasonable, I didn't review it in detail. Privacy and Security Considerations This draft appears to have good grasp on the security problems in authenticating a suitable identity for the requestor of location information and the Device whose location is sought. The problems and the general unsuitability of transient or ambiguous identities are discussed as is the care that needs to be taken with identities that might have different meaning depending on network context, such as an address beyond a NAT box. Appropriate authentication of identity elements is mandated. The draft reasonably specifies that a policy establishment mechanism must exist which dictates when a third party would be authorized to request the location of a Device and that the default policy must be to deny all such requests. Overall, at the high level provided, the Privacy and and Security Considerations look good. Trivia Notwithstanding the fact that it is expanded in the title of the document, it couldn't hurt to also give the expansion of HELD in the Terminology section of the draft. Sometimes people fail to see things in what you would think was the most obvious place :-) I found this draft a bit heavy on the acronyms that, in some cases, make it a little harder to understand while saving only a little space, but this is just a matter of taste. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-634-2066 (home) 155 Beaver Street Milford, MA 01757 USA d3e3e3@gmail.com
- [Geopriv] SECDIR review of draft-ietf-geopriv-hel… Richard Barnes