Last Call Review of draft-ietf-babel-rtt-extension-04
review-ietf-babel-rtt-extension-04-secdir-lc-sahib-2023-10-09-00

Request Review of draft-ietf-babel-rtt-extension
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2023-10-11
Requested 2023-09-27
Authors Baptiste Jonglez, Juliusz Chroboczek
I-D last updated 2023-10-09
Completed reviews Secdir Telechat review of -05 by Shivan Kaul Sahib (diff)
Iotdir Telechat review of -05 by Pascal Thubert (diff)
Intdir Telechat review of -05 by Antoine Fressancourt (diff)
Secdir Last Call review of -04 by Shivan Kaul Sahib (diff)
Genart Last Call review of -04 by Roni Even (diff)
Opsdir Last Call review of -04 by Sheng Jiang (diff)
Rtgdir Early review of -03 by Joel M. Halpern (diff)
Assignment Reviewer Shivan Kaul Sahib
State Completed
Request Last Call review on draft-ietf-babel-rtt-extension by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/Fa-nTZrEz2qyhkqgG7OLvEBYexQ
Reviewed revision 04 (document currently at 07)
Result Has issues
Completed 2023-10-09
review-ietf-babel-rtt-extension-04-secdir-lc-sahib-2023-10-09-00
This document enhances the Babel routing protocol by allowing gathering of RTT
measurements from neighbours (and then using that for routing decisions). From
reading the Security Considerations of RFC 8966 (last para), it seems that
geolocation privacy was a concern with the original Babel spec. Allowing
extremely-fine-grained (1 microsecond) RTT measurements makes that infinitely
worse, especially for users on mobile or behind VPNs, who typically have
special privacy needs.

The IETF has thought a lot about privacy concerns with RTT measurement and how
to balance them with operational needs, but before delving into that I wanted
to check if this was a concern that was identified or discussed.