>>> One of the things we also agreed on (almost too readily it seems)
>>> is that the latter is NOT going to be specified by geopriv.
>>> We probably will offer guidelines on appropriate choices, but
>>> because we agreed that transport was not on the table, precise
>>> crypto is not on the table. I think this is a very helpful thing
>>> if the entire group agrees.
>> i suspect that one cares about whether the box is locked or not,
>> and whether the checks in it are signed, irrespective whether the
>> box is carried by car or by plane.
> If the protocol the object is used with provides "adequate"
> crypto, then the object should not provide any additional crypto.
i suspect that the trust association(s) of the transport will not
be the same as the trust association(s) of the material being
transported. i am told that this little difference often raises
its head.
>>> may not include cryptographic authentication (and in fact
>>> in some cases there would NOT be any form of cryptographic
>>> authentication, for example, with emergency calls).
>> i thought that the 911 call centers were quite interested in being
>> able to know the phone number which called the service.
> Yes, they are. However, one cannot define an authentication mechanism
> that requires all emergency centers to implement any crypto
> authentication which requires the center to have a trusted
> relationship with an entity not controlled by the nation the
> center is located in.
as the caller's authenticator may be almost as interesting ex post
facto as it is at the time of the call ("who made the fake call?"),
it may not always need to be immediatly formally verifiable.
the call center's identifier, which is requesting the location, is
likely to be from a very well-know ca hierarchy, and is probably
quite well worth protection from spoofing and mitm.
> It's probably not possible to actually define any specific crypto
> at all - nations tend to reserve that right to themselves.
not to worry. the ietf formal position on crypto is that we ignore
national problems
>>> There was great reluctance to get geopriv into the business of
>>> devising new ways to express policy and in particular, we did
>>> not see the WG designing a new policy expression language.
>>> It was also observed that policy can be expressed by a user
>>> interface as well as a formal policy language.
>> i suspect that security folk may be of some help de-confusing
>> policy mechanisms from policy description from policy decisions.
> Maybe true, but only if they actually participate
this problem is being solved. as this wg's major charter goal is
within the realm of security, we should not have deep difficulty
attracting the support of the new revitalized security team.
>>> Henning observed that we should use "object oriented" language,
>>> and thus talk about the person object inheriting location from
>>> the cell phone object.
>> from a decade of oo in my dark and dirty past: inheritance is data
>> *and behavior*.
> Yeah, but what does that have to do with the problem?
don't ask me. you were the ones using well-known keywords in new
and excitingly different ways.
randy
Received on Wed Mar 20 11:15:38 2002
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST