[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RE: RE: draft-jones-radius-geopriv

To: "'Nelson, David'" <dnelson@enterasys.com>, "'john.loughney@nokia.com'" <john.loughney@nokia.com>
Subject: RE: RE: RE: draft-jones-radius-geopriv
From: Avi Lior <avi@bridgewatersystems.com>
Date: Tue, 17 Feb 2004 13:47:30 -0500
Cc: radiusext@ops.ietf.org, geopriv@ietf.org

John,
I agree with Dave here.
As a minimum you have to trust the various intermediaries.

Even if we send a policy down the pipe saying what may or may not be done
with the infromation.  Ultimately you have to trust the various parties.

In sending the information back to the home network you could encrypte it
using radius encryption mechanism. But each party would still have to be
trusted.  So this is good against the Man-in-the-middle attack.

You could also put the information in a secure tunnel (EAP-message) for end
to end security.

However, I will assert that the weakest link WRT to trust is the node
furthest away from the home network.  For example, in WLAN that access point
would be in Joe-Hacker's dinner.  So even using an EAP scheme would offer
questionable protection.  Unless of course the location information is
coming from the users device (but we are not talking about that in our
draft).

Finally, we need to consider what we are truelly advertizing.  Its not the
user's location but the location of the NAS.  As well, the identity of the
user could be protected using EAP methods. So that while you may have access
to the location information you don't really know who the user is.

Avi

> -----Original Message-----
> From: Nelson, David [mailto:dnelson@enterasys.com] 
> Sent: February 17, 2004 1:25 PM
> Cc: radiusext@ops.ietf.org; geopriv@ietf.org
> Subject: RE: RE: RE: draft-jones-radius-geopriv
> 
> 
> 
> John Loughney writes...
> > > This type of location information needs to be transported to the
> home
> > > network and must only be used for that intention.
> > 
> > How does one guarentee that?
> 
> I wonder if it is ever possible to guarantee, in the 
> information-theoretic sense, that a trusted party does not 
> misuse information to which it has access?
> 
> -- Dave
> 
> 
> 
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: RE: RE: draft-jones-radius-geopriv
Next by Date: RE: RE: RE: draft-jones-radius-geopriv
Previous by thread: RE: RE: RE: draft-jones-radius-geopriv
Next by thread: RE: RE: RE: draft-jones-radius-geopriv
Index(es):
- Date
- Thread