Brian,
Not clear to me why #2 is any more of a problem for an application query
method, than the DHCP method.
You have to have internet access before you can create the VPN (at least on
my software)--since we are talking about VPNs, I assume that we are talking
about softphones.
If you have internet access, an application can perform a query to an LIS
and get its location as soon as it gets its configuration information (by
whatever mechanism).
This can happen BEFORE you create the VPN (certainly what is assumed by the
DHCP download mechanism).
Then the endpoint has its location information and can provide it when it
starts its VoIP application.
Nadine
-----Original Message-----
From: ecrit-bounces@ietf.org [mailto:ecrit-bounces@ietf.org] On Behalf Of
Brian Rosen
Sent: Wednesday, April 20, 2005 2:08 PM
To: 'Michael Hammer (mhammer)'; peter_blatherwick@mitel.com
Cc: 'GEOPRIV WG'; ecrit@ietf.org
Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
InterimMeeting
"Routing" in this context is session (SIP) routing, as you suspected.
The first hop (LIS to endpoint) is what we are discussing.
DHCP is not an L3+ protocol. Neither is LLDP-MED.
The thread has discussed a number of problems with an L7 mechanism, but
laying them out:
1. You are subject to IP address spoofing (albeit you need to be able to get
the packets sent from the LIS to the IP address you are spoofing)
2. VPN or other tunnels may have been created before you run this protocol.
That will cause a failure; you need the location corresponding to the
original "outermost" IP address.
3. It is difficult to control the security (beyond IP spoofing) because you
don't have a generally good authentication mechanism. This is a bare phone,
or equivalent, during its boot phase.
There are probably others as well. 2) is the real problem.
Brian
> -----Original Message-----
> From: Michael Hammer (mhammer) [mailto:mhammer@cisco.com]
> Sent: Wednesday, April 20, 2005 1:34 PM
> To: Brian Rosen; peter_blatherwick@mitel.com
> Cc: GEOPRIV WG; ecrit@ietf.org
> Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
> InterimMeeting
>
> Brian,
>
> You describe the NENA phase i2 options, ESQK etc. Your routing
> element, I assume is doing session routing.
>
> The elements you detail are all (or would appear to be)
> application-layer entities and the signaling hops are likewise
> application-layer hops, not L2 hops (except for maybe the LIS-->EP).
>
> So, where is the L2 "dependency" coming from?
>
> I understand that a network node that is immediately adjacent to the
> endpoint is most likely to know where the other end of the link
> terminates, but does that force the delivery protocol aspects of this
> to be a L2 issue?
>
> Each of the myriad link types carry IP packets, no? And IP packets
> can carry an application packet, no? So, wouldn't the
> application-layer solution be the more general one? I thought that
> was in line with IETF principles.
>
> You are probably just laying out the options, not promoting a
> particular one. I would be interested in seeing what the champions of
> one approach or another have to say. (I did a search on LLDP-MED and
> drew a blank.)
>
> Mike
>
> >-----Original Message-----
> >From: Brian Rosen [mailto:br@brianrosen.net]
> >Sent: Wednesday, April 20, 2005 12:13 PM
> >To: Michael Hammer (mhammer); peter_blatherwick@mitel.com
> >Cc: 'GEOPRIV WG'; ecrit@ietf.org
> >Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint
> >GEOPRIV/ECRIT InterimMeeting
> >
> >The basic picture is:
> >
> >LIS ---> endpoint ---> routing element ---> psap
> >
> >The LIS knows where the endpoint is.
> >The endpoint gets location from the LIS
> >The endpoint includes location on the emergency call The routing
> >element uses location to route the call to the right PSAP The PSAP
> >gets the call, and the location.
> >
> >The discussion is, how does the endpoint get location from the LIS?
> >DHCP is one answer. LLDP-MED is another. A proposed L7 mechanism is
> >another.
> >
> >
> >To be sure, there are folks who want to make the picture:
> >
> >LIS --> endpoint --> routing element ---> psap
> > ^ | |
> > | | |
> > +------------------------+ |
> > | |
> > +------------------------------------------+
> >
> >The LIS gives the endpoint a "key"
> >The endpoint includes the key in the emergency call The routing
> >element gets the key and exchanges it for location at the LIS The
> >psap gets the key and exchanges it for location at the LIS
> >
> >The key could be an IP address.
> >
> >Brian
> >
> >
> >> -----Original Message-----
> >> From: Michael Hammer (mhammer) [mailto:mhammer@cisco.com]
> >> Sent: Wednesday, April 20, 2005 12:00 PM
> >> To: Brian Rosen; peter_blatherwick@mitel.com
> >> Cc: GEOPRIV WG; ecrit@ietf.org
> >> Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint
> >GEOPRIV/ECRIT
> >> InterimMeeting
> >>
> >> I still get the feeling that "delivery" is being used in two
> >different
> >> contexts:
> >>
> >> (1) (2)
> >> Local node---?---->endpoint-----/many hops/----->PSAP
> >> ---------------------/many hops/----->
> >> (2)
> >>
> >> How can "delivery" be L2 dependent, when it must reach a PSAP many
> >> hops away? Color me confused.
> >>
> >> Mike
> >>
> >>
> >> >-----Original Message-----
> >> >From: Brian Rosen [mailto:br@brianrosen.net]
> >> >Sent: Wednesday, April 20, 2005 10:47 AM
> >> >To: Michael Hammer (mhammer); peter_blatherwick@mitel.com
> >> >Cc: 'GEOPRIV WG'; ecrit@ietf.org
> >> >Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint
> >> >GEOPRIV/ECRIT InterimMeeting
> >> >
> >> >The idea is that, say, you are in your home, served by a
> >DSL provider.
> >> >The domain is then that of the DSL vendor. Your phone asks for
> >> >its location from the server in the DSL domain. It would be given
> >> >the location corresponding to the IP address of the request. Note
> >> >that this would be pretty good for the requested case, even in the
> >> >presence of a NATed local area network in your home. The
> >phone would
> >> >do this on boot, before any VPN tunnels were established.
> >> >
> >> >I get the idea that a single delivery mechanism is desirable. I'm
> >> >skeptical we can do that because of the security issues. When you
> >> >make the delivery mechanism L2 dependent, you can control the
> >> >possible attacks to a finer grain than the L7 local domain.
> >> >
> >> >Please keep in mind that some of the folks wishing to use the L7
> >> >mechanism don't really want to just return location to the
> >> >endpoint; they want to retain the location and give it out to
> >> >authorized entities upon presentation of the IP address of the
> >> >endpoint. That is a business decision. They can charge for such
> >> >a service. I think the privacy implications of that are
> >dicey, but the
> >> >reality is that's the model that will probably be implemented if
> >> >we do this.
> >> >
> >> >Brian
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >> -----Original Message-----
> >> >> From: Michael Hammer (mhammer) [mailto:mhammer@cisco.com]
> >> >> Sent: Wednesday, April 20, 2005 10:14 AM
> >> >> To: Brian Rosen; peter_blatherwick@mitel.com
> >> >> Cc: GEOPRIV WG; ecrit@ietf.org
> >> >> Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint
> >> >GEOPRIV/ECRIT
> >> >> InterimMeeting
> >> >>
> >> >> Brian,
> >> >>
> >> >> Could you clarify the domain statement. Given
> >nomadicity, it would
> >> >> seem that location delivery would need to be cross-domain. The
> >> >> E911 PSAP will not always be the same domain as the
> >roaming endpoint.
> >> >>
> >> >> My impression is that Location discovery is a L2 issue,
> >tied to the
> >> >> fact that L2 is supposed to be a single physical hop at most
> >> >> between the end- user terminal and an adjacent
> >location-determining
> >> >> network node. (Of course those trying to make L2 protocols a
> >> >replacement for
> >> >> IP sort of screw this assumption up.)
> >> >>
> >> >> The location delivery mechanism is an application-layer or
> >> >L7 service.
> >> >> The argument there is that since multiple applications
> >will need to
> >> >> rely on location information, a general purpose delivery
> >mechanism
> >> >> will provide consistency and generality that is so often
> >sought in
> >> >> IETF work. Security can be built-in to the chosen delivery
> >> >mechanism.
> >> >> Note, that delivery could be a choice of an existing transfer
> >> >> mechanism. This does not preclude other L7 protocols from
> >> >defining a
> >> >> place in their messages that could also carry location
> >information.
> >> >>
> >> >> So, I believe:
> >> >> Location discovery is local, with associated security
> >being local,
> >> >> Location delivery is global, with associated security
> >being global.
> >> >>
> >> >> The real issues are making those happen.
> >> >>
> >> >> Mike
> >> >>
> >> >> >-----Original Message-----
> >> >> >From: ecrit-bounces@ietf.org [mailto:ecrit-bounces@ietf.org] On
> >> >> >Behalf Of Brian Rosen
> >> >> >Sent: Wednesday, April 20, 2005 9:54 AM
> >> >> >To: peter_blatherwick@mitel.com
> >> >> >Cc: 'GEOPRIV WG'; ecrit@ietf.org
> >> >> >Subject: [Ecrit] RE: [Geopriv] Announcement of Joint
> >GEOPRIV/ECRIT
> >> >> >InterimMeeting
> >> >> >
> >> >> >There turns out to be a large set of issues around this
> >> >> >problem, which I fear is leading to Balkanization. There are
> >> >> >two really important problems we need to solve.
> >> >> >
> >> >> >One fundamental problem is that every client needs to
> >> >implement every
> >> >> >possible LI transfer mechanism that its environment
> >could provide.
> >> >> >
> >> >> >We have DHCP. You guys are working on LLDP-MED. The DSL
> >> >> >guys reject both
> >> >> >of these and want a something else. Every phone has to
> >implement
> >> >> >every protocol.
> >> >> >
> >> >> >There are some who have observed that the mechanisms at hand
> >> >> >are L2 specific. They claim as long as you have an L2 specific
> >> >> >mechanism, you need one or more for each L2. To get out
> >of that,
> >> >> >they propose that we use an L7 mechanism (think some version of
> >> >> >HTTP, although that might not fly). They would say,
> >lets do that
> >> >> >once,
> >> >and every L2
> >> >> >can use it. The problem is that you then have to deal with the
> >> >> >security issues of an L7 mechanism, and in particular,
> >you have to
> >> >> >use IP address as the "key" for what location to return.
> >> >If you can
> >> >> >spoof IP address, you can get someone else's location.
> >> >> >
> >> >> >Those advocating L7 mechanisms claim that the mechanism
> >> >would only be
> >> >> >implemented within a domain, and the domain would have to take
> >> >> >anti-spoofing steps. They note that the mechanism would need
> >> >> >at least a complete round trip, and probably more than one, so
> >> >spoofing
> >> >> >requires the ability to
> >> >> >intercept packets not addressed to the attacker. The
> >> >> >returned data could
> >> >> >be precisely a PIDF-LO.
> >> >> >
> >> >> >Then on top of that, we turn out to need some more security,
> >> >> >especially for emergency calls. We need to prevent forged
> >> >locations.
> >> >> >That means we need to sign the PIDF-LO. If you get location
> >> >> >via DHCP, or LLDP-MED, and the endpoint constructs a PIDF-LO
> >> >> >from that, how do we construct a signature from the entity that
> >> >> >actually determined location?
> >> >> >
> >> >> >Brian
> >> >> >
> >> >> >
> >> >> >________________________________________
> >> >> >From: geopriv-bounces@ietf.org
> >> >> >[mailto:geopriv-bounces@ietf.org] On Behalf Of
> >> >> >peter_blatherwick@mitel.com
> >> >> >Sent: Wednesday, April 20, 2005 9:30 AM
> >> >> >To: Andrew Newton
> >> >> >Cc: GEOPRIV WG; ecrit@ietf.org
> >> >> >Subject: Re: [Geopriv] Announcement of Joint
> >GEOPRIV/ECRIT Interim
> >> >> >Meeting
> >> >> >
> >> >> >
> >> >> >Hi Andrew, lists,
> >> >> >
> >> >> >I'd like to better understand the meaning of the following
> >> >> >agenda
> >> >> >items:
> >> >> > "
> >> >> > 2) Properties of network elements in transferring LI
> >from layer
> >> >> >2
> >> >> > upward to PIDF-LO.
> >> >> > 3) Proposed enhancements to PIDF-LO to support #2.
> >> >> > "
> >> >> >
> >> >> >Is there a summary of what these really mean, or examples
> >> >of what the
> >> >> >outcome could be in terms of protocol or layer interactions?
> >> >> >
> >> >> >Reason I'm asking is I am deeply involved in a layer 2
> >> >approach which
> >> >> >would be able to deliver location information to endpoints from
> >> >> >the L2 LAN infrastructure they are connected to. The work is
> >> >going on in
> >> >> >TIA and is called Link Layer Discovery Protocol - Media
> >> >> >Endpoint Discovery (LLDP-MED), which is an extension of IEEE
> >> >802.1AB, specific
> >> >> >to VoIP systems. In LLDP-MED, among several other
> >things, we have
> >> >> >specified ways to pass equivalent data to the DHCP
> >> >> >coordinate-based LCI (RFC 3825) and civic location LCI
> >> >> >(draft-ietf-geopriv-dhcp-civil-05, in Last Call process I
> >> >believe).
> >> >> >We see this method of delivery as a non-competing
> >> >alternative to the
> >> >> >DHCP-based approach, with the same end result to the overall
> >> >> >ECS system (the endpoint receives the exact same data),
> >which has some
> >> >> >advantages particularly in enterprise deployment
> >scenarios. (The
> >> >> >DHCP-based method has advantages in different scenarios.) I
> >> >> >am Editor of thi s document, and it is now in ballot process in
> >> >> >TIA (more or less equivalent to Last Call in IETF).
> >> >> >
> >> >> >Sorry, I expect I am suffering lack of context here,
> >since I only
> >> >> >joined the list relatively recently.
> >> >> >
> >> >> >BTW, what is the state of geopriv-dhcp-civil? Is it now
> >past Last
> >> >> >Call and in the RFC Editor's queue? It seemed to have been
> >> >> >settled on the list, and waiting on AD action.
> >> >> >
> >> >> >-- Peter Blatherwick
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >Andrew Newton <andy@hxr.us>
> >> >> >Sent by: geopriv-bounces@ietf.org
> >> >> >13.04.05 16:34
> >> >> >
> >> >> > To: GEOPRIV WG <geopriv@ietf.org>
> >> >> > cc:
> >> >> > Subject: [Geopriv] Announcement of Joint
> >> >GEOPRIV/ECRIT
> >> >> >Interim Meeting
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >The GEOPRIV and ECRIT working groups will be holding a
> >> >joint interim
> >> >> >meeting.
> >> >> >
> >> >> > What: Interim GEOPRIV/ECRIT meeting
> >> >> > When: 2005 May 16 08:30-17:30
> >> >> > 2005 May 17 08:30-17:30
> >> >> > 2005 May 18 08:30-17:30
> >> >> > Where: Columbia University
> >> >> > Dept. of Computer Science
> >> >> > 450 Computer Science Bldg.
> >> >> > 1214 Amsterdam Avenue (close to 120th St.)
> >> >> > New York, NY 10027
> >> >> >Directions: http://www.cs.columbia.edu/directions.html
> >> >> > Also: WiFi provided.
> >> >> > Teleconference to be provided.
> >> >> > Hotel: http://www.cs.columbia.edu/~hgs/etc/hotels.html
> >> >> > Early bookings recommended.
> >> >> >
> >> >> >Proposed GEOPRIV Agenda:
> >> >> > 2005 May 16 08:30-17:30, 2005 May 17 08:30-12:30
> >> >> >1) Role of HTTP as a transfer protocol for PIDF-LO vs. the
> >> >use of LI
> >> >> >in HTTP/HTML for web browsing.
> >> >> >2) Properties of network elements in transferring LI
> >from layer 2
> >> >> >upward to PIDF-LO.
> >> >> >3) Proposed enhancements to PIDF-LO to support #2.
> >> >> >
> >> >> >Proposed ECRIT Agenda:
> >> >> > 2005 May 17 13:30-17:30, 2005 May 18 08:30-17:30
> >> >> >1) Emergency Call Routing Requirements
> >> >> >2) Security and Threats Analysis
> >> >> >
> >> >> >_______________________________________________
> >> >> >Geopriv mailing list
> >> >> >Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >_______________________________________________
> >> >> >Ecrit mailing list
> >> >> >Ecrit@ietf.org https://www1.ietf.org/mailman/listinfo/ecrit
> >> >> >
> >> >>
> >> >
> >> >
> >>
> >
> >
>
_______________________________________________
Ecrit mailing list
Ecrit@ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Wed, 20 Apr 2005 15:22:55 -0400
This archive was generated by hypermail 2.1.8 : Wed Apr 20 2005 - 15:27:56 EDT