1 / 5

Trustworthy Location

Trustworthy Location. draft-ietf-ecrit-trustworthy-location-01 ECRIT WG IETF 79 Tuesday, November 9, 2010. NITs Fixed in -01. Lack of a Security Considerations section (renamed the Summary section) Missing reference to RFC 2119 in the terminology section

lydia
Download Presentation

Trustworthy Location

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trustworthy Location draft-ietf-ecrit-trustworthy-location-01 ECRIT WG IETF 79 Tuesday, November 9, 2010

  2. NITs Fixed in -01 • Lack of a Security Considerations section (renamed the Summary section) • Missing reference to RFC 2119 in the terminology section • Out of date references (3 instances) • Spelling mistakes (2) • Introductory material split across Sections 1 and 3.

  3. Issue #1 • -00 Section 4 has discussion of threats, but no discussion of previous ECRIT and GEOPRIV threat model documents. • Not clear how threat model in this document relates to threats explored in previous documents. • Proposed resolution: summarize RFC 5069 and RFC 3694, describe focus of threat model in this document.

  4. Issue #2 • -00 text asserted that “trustworthy location may be more important than identity”, without much explanation. • In practice, “Trustworthy Location” and accountability issues need to be analyzed together • Where accountability is low, prank calls (including location spoofing) can increase. • With the PSTN, it is not possible to contact a PSAP in another country; this may not necessarily be the case with IP-based emergency services. • International prank calls possible. • Location may be trustworthy, but emergency services call may not be. • Call could describe an invented situation at an actual location. • (Partial) resolution: add text on the accountability issue. • Additional text (and thinking) needed.

  5. Feedback?

More Related