RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignature s)

From: Randall Gellens ^lt;randy@qualcomm.com>
Date: Wed Mar 07 2007 - 20:35:58 EST

At 10:50 AM -0500 3/7/07, Brian Rosen wrote:

> The largest problem continues to be that we are very significantly weakening
> the security of location as we move to the geopriv way of doing things.
> What used to be locked inside a wireline/wireless carrier's domain, with no
> access by end users is turning into an end user controlled environment.

Well-said.

(This is, of course, a general problem occurring in different areas
as domains shift to IP.)

> We're opening a huge security hole. We need some effective strategies to
> minimize this hole. We can't close it as securely as it was. We think
> signatures are one way to significantly help.

Speaking personally, I'm undecided how effective the proposed
signature mechanisms will be. I'm also concerned that techniques
might be selected because they are known to us and thus fairly easy
to add, as opposed to being effective. I'm not saying that's the
case here, but I'm not convinced it isn't.

-- 
Randall Gellens
Opinions are personal;    facts are suspect;    I speak for myself only
-------------- Randomly-selected tag: ---------------
The best way to have a good idea is to have lots of ideas.
                                           --Linus Pauling
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Wed, 7 Mar 2007 17:35:58 -0800

This archive was generated by hypermail 2.1.8 : Wed Mar 07 2007 - 20:35:38 EST