ecrit@ietf.org
[Top] [All Lists]

[Ecrit] Re: [Geopriv] Not-so-grand compromise on how to do endpoint cent

Subject: [Ecrit] Re: [Geopriv] Not-so-grand compromise on how to do endpoint centric LCPwithout giving away the store
From: Hannes Tschofenig
Date: Fri, 13 Apr 2007 16:45:31 +0200
Hi Alex,

That's certainly an option. However, since many folks argued that they need location-by-reference anyway I wonder whether we can avoid signing & encrypting of location information. (You need signing as well to have the other security properties we are looking at.)

In some sense an encrypted message is very similar to a location-by-reference to the end host -- it is opaque. There is, however, the problem of provisioning the keys to the PSAPs. When we also consider the case of location based applications that are also in scope of GEOPRIV then this approach will obviously not work.

So, the main question therefore is: Do we see a problem with the dereferencing step to resolve the reference to location information? So far, I haven't had the impression. This mechanism would only be justified in cases if there is a network connectivity problem between the Location Recipient and the LIS but not between the Target and the Location Recipient.

Ciao
Hannes

Alexander Mayrhofer wrote:
So, I think Barbara Stark first described this, and it needs some work,
but suppose that, as an option, an access network could supply:

1. A reference to location

2. The results of a LoST query on the location value (viz, PSAP URI and
local dialstring)

Hi,

Without wanting to stir anything up (and, granted, without having
followed the discussion very closely), a third option comes to my mind:

Location-by-value, encrypted by the access network with a public key
corresponding to the desired application of the location data?

eg. for emergency services:

- PSAPs supply a public key for location encryption within their
coverage area (would need to be one key per area, though)
- Access providers serving a certain area would encrypt location
information with that key
- Location information could be decrypted only by the PSAPs which the
corresponding private key

(hence, would be useless for Joe's Pizza Delivery Services, or <insert
favourite name here>'s location advertisement service)

I would definitely like to avoid any overengineering here, though - that
is just a very rough idea i would like to share. Especially for
emergency services though, i am a little scared about information not
readable in case of catastrophic situations (imagining the frustration
of a PSAP agent looking at an encrypted location while handling the
call...)

any comments appreciated (including flames  :).

Alex

_______________________________________________
Geopriv mailing list
Geopriv@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/geopriv



_______________________________________________
Ecrit mailing list
Ecrit@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ecrit

<Prev in Thread] Current Thread [Next in Thread>