[Geopriv] Re: [Sip] Routing of calls based on location

From: Jeroen van Bemmel ^lt;jbemmel@zonnet.nl>
Date: Thu Jul 20 2006 - 02:13:51 EDT


> We propose to explicitly allow hop-by-hop security when sending location
> using SIP for the purpose of location based routing. We will specify you
> MUST use TLS if sending location by reference (and there will be some
> words
> about the choice of URI construction which is raised in another email I am
> about to send).

To me the security/privacy of location-by-reference should not depend on the
SIP transport / infrastructure, but on access control at the moment of
dereferencing (I believe this has been mentioned before). Requiring TLS puts
too many constraints on deployments

If this is done, then the recommendation should be to use
location-by-reference for privacy sensitive situations. It gives more
control over who gets to see your location. Although you may not know via
which proxies a request goes, at dereference time you can require client
authentication and thus perform strict access control



Geopriv mailing list
Received on Thu, 20 Jul 2006 08:13:51 +0200

This archive was generated by hypermail 2.1.8 : Wed Jul 26 2006 - 23:43:47 EDT