[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Chargeable-User-Identity



Dave Nelson wrote:
> Wait.  Now you've got me confused.  I though that Operator-Name was being
> proposed, in the eduroam usage scenario, to carry the name of the visited
> network.  In other words, the name of a consortium member.  Do you mean to
> convey that the names of the visited networks, the eduroam consortium
> members, are also considered private and sensitive?  Gee...
>   
Well, not the names of consortium members, but fact that a particular
user is in a particular location is, of course, private and sensitive.
Quoting from the abstract of RFC 5580:

   The distribution of location information is a privacy-sensitive task.
   Dealing with mechanisms to preserve the user's privacy is important
   and is addressed in this document.

Since the visited network does not bill us for our users, we have no
reason to know where our user is, but more importantly, we would not
want this information to travel in the open.

We want to have the Operator-Name (or equivalent) for just one reason -
when we generate the CUI we want to do something like:
md5(User-Name:Operator-Name:local_salt)
This way we will have different CUIs for the same user visiting
different networks and we will also be safe against a dictionary attack
against the User-Name when the Operator-Name is known).

Tomasz

-- 
Tomasz Wolniewicz    
          twoln@umk.pl        http://www.home.umk.pl/~twoln

Uczelniane Centrum Informatyczne   Information&Communication Technology Centre
Uniwersytet Mikolaja Kopernika     Nicolaus Copernicus University,
pl. Rapackiego 1, Torun               pl. Rapackiego 1, Torun, Poland
tel: +48-56-611-2750     fax: +48-56-622-1850       tel kom.: +48-693-032-576


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>