Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Andrew Newton ^lt;andy@hxr.us>
Date: Wed Mar 07 2007 - 12:11:46 EST

On Mar 7, 2007, at 11:36 AM, Brian Rosen wrote:

> Unless you can show that this is significantly different from the
> current
> situation where you DO get suspicious data, and we DO handle it
> satisfactorily, then I believe that we know the cure won't be worse
> than the
> disease. The benefit is known, and we have experience that the
> downside is
> not harmful.

Considering that nobody is able to offer concrete answers about what
it is PSAPs will actually do with invalidly signed location data,
there is no way you can know the harm. A simple expired certificate
can cause ALL calls to look suspicious, and that simple error can
happen in the access network or in the PSAP. The other thing you do
not know because there is no current PSAP experience with it is the
DoS vector of simply slamming the PSAP with invalid signatures that
do nothing more than chew up CPU time. You also do not know how much
this technology will cost in licensing fees, or if it is even
available under license.

> Your suggestion that only "accredited" VSPs can send calls to PSAPs is
> unworkable, although, again, there can be some suspicion associated
> with
> calls originating from an entity not known to the PSAP.

It isn't my suggestion, it is NENA's. And they seem to be moving
forward with it.

> However, that has
> nothing to do with the problem at hand, since the VSP doesn't supply
> location, the access network does.

No, the VSP conveys the information, either by value or reference.
So it is relevant from a trust standpoint. And FYI, for many, many
cases, the location information will originate from the VSP.

-andy

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Wed, 7 Mar 2007 12:11:46 -0500

This archive was generated by hypermail 2.1.8 : Wed Mar 07 2007 - 12:10:13 EST