headers
Internet-Drafts | 12 Sep 2005 21:50
Picon
Favicon

I-D ACTION:draft-ietf-geopriv-dhcp-civil-07.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Geographic Location/Privacy Working Group of the IETF.

	Title		: Dynamic Host Configuration Protocol (DHCPv4
                          and DHCPv6) Option for Civic Addresses 
                          Configuration Information
	Author(s)	: H. Schulzrinne
	Filename	: draft-ietf-geopriv-dhcp-civil-07.txt
	Pages		: 22
	Date		: 2005-9-12
	
This document specifies a Dynamic Host Configuration Protocol (DHCPv4
   and DHCPv6) option containing the civic location of the client or the
   DHCP server.  The Location Configuration Information (LCI) includes
   information about the country, administrative units such as states,
   provinces and cities, as well as street addresses, postal community
   names and building information.  The option allows multiple
   renditions of the same address in different scripts and languages.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-geopriv-dhcp-civil-07.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request <at> ietf.org with the word unsubscribe in the body of the message.  
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
(Continue reading)

Permalink | Reply | 0 comments |
headers
Henning Schulzrinne | 14 Sep 2005 22:51

Re: draft-ietf-geopriv-dhcp-civil-07

Marc,

I'm just the "transmitter" in this case. The text was provided to me as 
part of resolving the IESG comments. Maybe those more closely involved 
with its drafting can provide additional input on your concerns.

Henning

Marc Linsner wrote:
> Henning,
> 
> Wrt:
> 
> "This document only defines the delivery of location information from the
> DHCP server to the client, due to security concerns related to using DHCP to
> update the database.  Within the GEOPRIV architecture as defined by RFC 3693
> [10], the defined mechanism in this document for conveying initial location
> information is known as a "sighting" function.  Sighting functions are not
> required to have security capabilities and are only intended to be
> configured in trusted and controlled environments.  (A classic example of
> the sighting function is a Global Positioning System wired directly to a
> network node.) After initial location information has been introduced, it
> MUST be afforded the protections defined in RFC 3694 [11].  Therefore,
> location information MUST NOT be sent from a DHCP client to a DHCP server as
> is normally allowed by DHCP."
> 
> Correct me if I've interpreted this wrong.  I derived from this text (at
> least) 3 issues:
> 
> 1) Due to [wiremap] database security concerns, we must disallow client to
(Continue reading)

Permalink | Reply | 0 comments |
headers
Marc Linsner | 14 Sep 2005 16:52
Picon
Favicon

draft-ietf-geopriv-dhcp-civil-07

Henning,

Wrt:

"This document only defines the delivery of location information from the
DHCP server to the client, due to security concerns related to using DHCP to
update the database.  Within the GEOPRIV architecture as defined by RFC 3693
[10], the defined mechanism in this document for conveying initial location
information is known as a "sighting" function.  Sighting functions are not
required to have security capabilities and are only intended to be
configured in trusted and controlled environments.  (A classic example of
the sighting function is a Global Positioning System wired directly to a
network node.) After initial location information has been introduced, it
MUST be afforded the protections defined in RFC 3694 [11].  Therefore,
location information MUST NOT be sent from a DHCP client to a DHCP server as
is normally allowed by DHCP."

Correct me if I've interpreted this wrong.  I derived from this text (at
least) 3 issues:

1) Due to [wiremap] database security concerns, we must disallow client to
dhcp server [upstream] communication of this LCI.

2) This DHCP LCI mechanism falls under the 'sighting' category as defined in
the geopriv architecture used in trusted and controlled environments.

3) Communication of location information outside of this special 'sighting'
category must be afforded the protections defined in RFC 3694.

I'd like clarification on:
(Continue reading)

Permalink | Reply | 4 comments |

Gmane