Really need to change the name of this thread...
-----Original Message-----
From: geopriv-bounces@ietf.org [mailto:geopriv-bounces@ietf.org] On Behalf
Of Brian Rosen
Sent: Wednesday, April 20, 2005 1:58 PM
To: peter_blatherwick@mitel.com
Cc: 'GEOPRIV WG'; ecrit@ietf.org; 'Michael Hammer (mhammer)'
Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
InterimMeeting
Peter
For some time, I have accepted the fact that we aren't going to be able to
have one mechanism. I don't like it, but it seems inevitable. You have to
admit that once you say "more than one" and your reasoning is "different
scenarios" you open the door to the next guy who gets to make the same
argument. What are the phone vendors going to do? You really, really don't
want a phone making one assumption and the network L2 vendors another. The
scenarios where LLDP-MED works COULD, reasonably, use DHCP. You might like
LLDP-MED for any number of reasons, but it's not the case that DHCP wouldn't
work. The reverse is not true; there are many networks where there is no
switch that could reasonably implement LLDP-MED. CableModem is an obvious
one. At the moment, I'm rationalizing "home=DHCP, enterprise=LLDP-MED", but
I don't want a phone vendor assuming he is only serving one of those
markets. You guys have made our life difficult, and I don't really think it
had to be, but its reality.
The appeal of the L7 mechanism was that we could have one. Alas, I don't
see how to make it work. Ethernet connected devices will probably need
LLDP-MED and DHCP. That's my current message to phone vendors.
At the moment, all the DSL folks I talk to insist that they won't deploy a
DHCP mechanism or an LLDP-MED mechanism. They want something else. That's
the immediate impetuous for the L7 discussion. If L7 mechanisms don't work,
and I don't think they do, then we either need a DSL L2 mechanism, or we
need them to buy my "home router uses DHCP to clients, and anything the want
to the DSL side" argument. The DSL guys have some allies; basically boxes
in the middle of L2 that don't have a relationship with the DHCP box. The
example is the WiFi management boxes. They know which AP you are connected
to; some may even triangulate. But those boxes don't run DHCP, and they
don't have an interface to them. L7 works for them too; especially because
they can limit the domain to the subnet(s) their management boxes handle.
Maybe that's the angle to attack; define an interface to the DHCP server
that lets it get location so it can hand it out to the endpoints. I've
tried to argue that they could implement LLDP-MED. I got push back from one
of them, but the reasons don't make sense to me yet.
I've been working on this for some time. The inclination of EVERY L2 player
is "we need a mechanism just for us". That, clearly, won't work. What I
tell them is "if you can control the specification of every end device that
directly or indirectly connects to your L2, then use anything you like, as
long as EVERY device that is connected to your L2 can get location. If you
can't control endpoints like that, use DHCP (or LLDP-MED)". 3G is an
example of an L2 where they can control all the endpoints. They have a way
to get location, and that's good enough for me.
Brian
________________________________________
From: peter_blatherwick@mitel.com [mailto:peter_blatherwick@mitel.com]
Sent: Wednesday, April 20, 2005 1:21 PM
To: Brian Rosen
Cc: ecrit@ietf.org; 'GEOPRIV WG'; 'Michael Hammer (mhammer)'
Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
InterimMeeting
Seems a simple-minded question has sparked a flurry of debate ;-) Some
thoughts, just to stir the pot some more... not that it appears to need
it...
I do not at all see the purely L2 LLDP-MED approach and the call it L2.5
DHCP approach as being in conflict. They are merely different ways suited
to different scenarios.
I do not see implementing both LLDP-based and DHCP-based methods in a phone
as being a big deal, since in the end they both are simple, would deliver
the exact same data to the application above, and they start in a strict
order (LLDP always before DHCP). The harder issue is really what would the
poor phone do if it received by both mechanisms, and the received data were
different -- it would need to pick one, or sort out the conflict itself
(yech!).
Since LLDP (hence LLDP-MED) is strictly contained to a physical link, its
security is very contained.
IEEE 802.1X is applied to that same link before LLDP gets to run (or before
DHCP for that matter), so at least the endpoint can be well authenticated
before hand. Also, it intuitively makes sense at least in my fuzzy brain,
that the X509 certs which could be part of the 802.1X authentication
exchange (if EAP-TLS is used) could also be useful in the upward
authentication process. (If I have messed up the acronyms, please do not
jump down my throat .. hopefully close enough.)
It would indeed be unfortunate to add a third approach ... or a forth ....
I am not familiar with whatever the DSL approach would be, but do not
off-hand see why a DHCP relay approach would not work there. Anything
written up to look at on it?
Peter
"Brian Rosen" <br@brianrosen.net>
20.04.05 10:47
To: "'Michael Hammer (mhammer)'" <mhammer@cisco.com>,
<peter_blatherwick@mitel.com>
cc: "'GEOPRIV WG'" <geopriv@ietf.org>, <ecrit@ietf.org>
Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint
GEOPRIV/ECRIT InterimMeeting
The idea is that, say, you are in your home, served by a DSL provider. The
domain is then that of the DSL vendor. Your phone asks for its location
from the server in the DSL domain. It would be given the location
corresponding to the IP address of the request. Note that this would be
pretty good for the requested case, even in the presence of a NATed local
area network in your home. The phone would do this on boot, before any VPN
tunnels were established.
I get the idea that a single delivery mechanism is desirable. I'm skeptical
we can do that because of the security issues. When you make the delivery
mechanism L2 dependent, you can control the possible attacks to a finer
grain than the L7 local domain.
Please keep in mind that some of the folks wishing to use the L7 mechanism
don't really want to just return location to the endpoint; they want to
retain the location and give it out to authorized entities upon presentation
of the IP address of the endpoint. That is a business decision. They can
charge for such a service. I think the privacy implications of that are
dicey, but the reality is that's the model that will probably be implemented
if we do this.
Brian
> -----Original Message-----
> From: Michael Hammer (mhammer) [mailto:mhammer@cisco.com]
> Sent: Wednesday, April 20, 2005 10:14 AM
> To: Brian Rosen; peter_blatherwick@mitel.com
> Cc: GEOPRIV WG; ecrit@ietf.org
> Subject: RE: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
> InterimMeeting
>
> Brian,
>
> Could you clarify the domain statement. Given nomadicity, it would
> seem that location delivery would need to be cross-domain. The E911
> PSAP will not always be the same domain as the roaming endpoint.
>
> My impression is that Location discovery is a L2 issue, tied to the
> fact that L2 is supposed to be a single physical hop at most between
> the end- user terminal and an adjacent location-determining network
> node. (Of course those trying to make L2 protocols a replacement for
> IP sort of screw this assumption up.)
>
> The location delivery mechanism is an application-layer or L7 service.
> The argument there is that since multiple applications will need to
> rely on location information, a general purpose delivery mechanism
> will provide consistency and generality that is so often sought in
> IETF work. Security can be built-in to the chosen delivery mechanism.
> Note, that delivery could be a choice of an existing transfer
> mechanism. This does not preclude other L7 protocols from defining a
> place in their messages that could also carry location information.
>
> So, I believe:
> Location discovery is local, with associated security being local,
> Location delivery is global, with associated security being global.
>
> The real issues are making those happen.
>
> Mike
>
> >-----Original Message-----
> >From: ecrit-bounces@ietf.org [mailto:ecrit-bounces@ietf.org] On
> >Behalf Of Brian Rosen
> >Sent: Wednesday, April 20, 2005 9:54 AM
> >To: peter_blatherwick@mitel.com
> >Cc: 'GEOPRIV WG'; ecrit@ietf.org
> >Subject: [Ecrit] RE: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
> >InterimMeeting
> >
> >There turns out to be a large set of issues around this problem,
> >which I fear is leading to Balkanization. There are two really
> >important problems we need to solve.
> >
> >One fundamental problem is that every client needs to implement every
> >possible LI transfer mechanism that its environment could provide.
> >
> >We have DHCP. You guys are working on LLDP-MED. The DSL guys
> >reject both of these and want a something else. Every phone has to
> >implement every protocol.
> >
> >There are some who have observed that the mechanisms at hand are L2
> >specific. They claim as long as you have an L2 specific mechanism,
> >you need one or more for each L2. To get out of that, they propose
> >that we use an L7 mechanism (think some version of HTTP, although
> >that might not fly). They would say, lets do that once, and every L2
> >can use it. The problem is that you then have to deal with the
> >security issues of an L7 mechanism, and in particular, you have to
> >use IP address as the "key" for what location to return. If you can
> >spoof IP address, you can get someone else's location.
> >
> >Those advocating L7 mechanisms claim that the mechanism would only be
> >implemented within a domain, and the domain would have to take
> >anti-spoofing steps. They note that the mechanism would need at
> >least a complete round trip, and probably more than one, so spoofing
> >requires the ability to intercept packets not addressed to the
> >attacker. The returned data could
> >be precisely a PIDF-LO.
> >
> >Then on top of that, we turn out to need some more security,
> >especially for emergency calls. We need to prevent forged locations.
> >That means we need to sign the PIDF-LO. If you get location via
> >DHCP, or LLDP-MED, and the endpoint constructs a PIDF-LO from that,
> >how do we construct a signature from the entity that actually
> >determined location?
> >
> >Brian
> >
> >
> >________________________________________
> >From: geopriv-bounces@ietf.org [mailto:geopriv-bounces@ietf.org] On
> >Behalf Of peter_blatherwick@mitel.com
> >Sent: Wednesday, April 20, 2005 9:30 AM
> >To: Andrew Newton
> >Cc: GEOPRIV WG; ecrit@ietf.org
> >Subject: Re: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
> >Interim Meeting
> >
> >
> >Hi Andrew, lists,
> >
> >I'd like to better understand the meaning of the following agenda
> >items:
> > "
> > 2) Properties of network elements in transferring LI from layer 2
> > upward to PIDF-LO.
> > 3) Proposed enhancements to PIDF-LO to support #2.
> > "
> >
> >Is there a summary of what these really mean, or examples of what the
> >outcome could be in terms of protocol or layer interactions?
> >
> >Reason I'm asking is I am deeply involved in a layer 2 approach which
> >would be able to deliver location information to endpoints from the
> >L2 LAN infrastructure they are connected to. The work is going on in
> >TIA and is called Link Layer Discovery Protocol - Media Endpoint
> >Discovery (LLDP-MED), which is an extension of IEEE 802.1AB, specific
> >to VoIP systems. In LLDP-MED, among several other things, we have
> >specified ways to pass equivalent data to the DHCP
> >coordinate-based LCI (RFC 3825) and civic location LCI
> >(draft-ietf-geopriv-dhcp-civil-05, in Last Call process I
> >believe). We see this method of delivery as a non-competing
> >alternative to the DHCP-based approach, with the same end
> >result to the overall ECS system (the endpoint receives the
> >exact same data), which has some advantages particularly in
> >enterprise deployment scenarios. (The DHCP-based method has
> >advantages in different scenarios.) I am Editor of thi s
> >document, and it is now in ballot process in TIA (more or less
> >equivalent to Last Call in IETF).
> >
> >Sorry, I expect I am suffering lack of context here, since I only
> >joined the list relatively recently.
> >
> >BTW, what is the state of geopriv-dhcp-civil? Is it now past Last
> >Call and in the RFC Editor's queue? It seemed to have been settled
> >on the list, and waiting on AD action.
> >
> >-- Peter Blatherwick
> >
> >
> >
> >
> >Andrew Newton <andy@hxr.us>
> >Sent by: geopriv-bounces@ietf.org
> >13.04.05 16:34
> >
> > To: GEOPRIV WG <geopriv@ietf.org>
> > cc:
> > Subject: [Geopriv] Announcement of Joint GEOPRIV/ECRIT
> >Interim Meeting
> >
> >
> >
> >
> >The GEOPRIV and ECRIT working groups will be holding a joint interim
> >meeting.
> >
> > What: Interim GEOPRIV/ECRIT meeting
> > When: 2005 May 16 08:30-17:30
> > 2005 May 17 08:30-17:30
> > 2005 May 18 08:30-17:30
> > Where: Columbia University
> > Dept. of Computer Science
> > 450 Computer Science Bldg.
> > 1214 Amsterdam Avenue (close to 120th St.)
> > New York, NY 10027
> >Directions: http://www.cs.columbia.edu/directions.html
> > Also: WiFi provided.
> > Teleconference to be provided.
> > Hotel: http://www.cs.columbia.edu/~hgs/etc/hotels.html
> > Early bookings recommended.
> >
> >Proposed GEOPRIV Agenda:
> > 2005 May 16 08:30-17:30, 2005 May 17 08:30-12:30
> >1) Role of HTTP as a transfer protocol for PIDF-LO vs. the use of LI
> >in HTTP/HTML for web browsing.
> >2) Properties of network elements in transferring LI from layer 2
> >upward to PIDF-LO.
> >3) Proposed enhancements to PIDF-LO to support #2.
> >
> >Proposed ECRIT Agenda:
> > 2005 May 17 13:30-17:30, 2005 May 18 08:30-17:30
> >1) Emergency Call Routing Requirements
> >2) Security and Threats Analysis
> >
> >_______________________________________________
> >Geopriv mailing list
> >Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv
> >
> >
> >
> >
> >_______________________________________________
> >Ecrit mailing list
> >Ecrit@ietf.org
> >https://www1.ietf.org/mailman/listinfo/ecrit
> >
>
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Wed, 20 Apr 2005 15:09:18 -0400
This archive was generated by hypermail 2.1.8 : Wed Apr 20 2005 - 15:28:04 EDT