Location Information Server (LIS) Discovery Using IP Addresses and Reverse DNS
draft-ietf-geopriv-res-gw-lis-discovery-08
Discuss
Yes
(Richard Barnes)
No Objection
(Barry Leiba)
(Jari Arkko)
(Martin Stiemerling)
Abstain
Note: This ballot was opened for revision 05 and is now closed.
Brian Haberman Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-26 for -05)
Unknown
1) This document rightly states that the approach documented is brittle and could possibly do more harm than good. The right thing to do is use the approach described in RFC 5986. What I want to discuss is why does section 4.3 say: "The DHCP method described in [RFC5986] SHOULD be attempted on all local network interfaces before attempting this method." Why is this not a MUST? In what situation(s), would a device not perform the RFC 5986 approach first? 2) I think it should be noted that this approach will most likely not work if a device is configured to use a public DNS (e.g., 8.8.8.8). The question that arises though, is how would the LIS discovery process *know* that the device is configured to use an alternative DNS server?
Joel Jaeggli Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-28 for -05)
Unknown
first support adrian's dicuss and I do belive that it is discuss0-worthy by our current criterion... Second I deeply concerned (though perhaps I shouldn't be): that what amounts to classful addressing is being proposed for embedding in DNS names. how is that not a harmful precident? I have visions of that being reused in totally inaprropiate fashion, driving address/prefix assingment procedures and so on.
Pete Resnick Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-28 for -05)
Unknown
I disagree with the WG's assessment that this is an Informational document. Section 4.2 is protocol. This document specifies a series of queries to determine a LIS based on an IP address of the client. It proposes how to form the query, the types of responses to expect, an algorithm for additional queries based on portions of the IP address, etc. I simply can't see how this is not a Proposed Standard.
Sean Turner Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-29 for -05)
Unknown
aside: I wonder what the average number of discusses for a geopriv draft is. From the secdir review: The authors mention that RFC 5986 is the preferred method whenever it is supported. I believe that this is because it is more accurate. First question: am I correct in believing this? Secondly, is there any way an attacker could a) cause a device to identify the wrong domain name and b) if a device identifies an incorrect domain name (whether or not the attacker can cause this to happen) is there anyway an attacker can exploit that? Question 2a) may be difficult to answer because the draft does not mandate any particular solution. Indeed it cannot, because the solution used will depend on what is supported locally. But if the answers to questions 1 and 2b) are "yes" it might be worthwhile to point this out in the security considerations section as an additional reason to use the solution given in RFC5389 whenever it is available.
Stephen Farrell Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-27 for -05)
Unknown
(1) I don't get how its hard to configure a LIS name/addr but easy to configure a STUN server - can you explain? (2) Doesn't this require an ISP/access network to likely be able to answer DNS queries for all sorts of 1918 derived names? That seems undesirable - why is is justified here?
Stewart Bryant Former IESG member
Discuss
Discuss
[Treat as non-blocking comment]
(2013-08-27 for -05)
Unknown
I agree with Adrian's discuss as I had the same concerns when reading the text.
Richard Barnes Former IESG member
Yes
Yes
(for -05)
Unknown
Barry Leiba Former IESG member
No Objection
No Objection
(for -05)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -05)
Unknown
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -05)
Unknown
Adrian Farrel Former IESG member
(was Discuss)
Abstain
Abstain
(2013-09-07 for -06)
Unknown
The authors have added some very good privacy text to this document, and I thank them for that. However, their work is predicated on geopriv being a sound idea - i.e. an LIS being something that an application trusts to know where its hosting device is, and that a user will have the clue/knobs to disable the feature if they want to. The current climate suggests both that users lack this clue and that applications may do stuff without telling the user. Furthermore, we can be relatively certain that an LIS operator cannot be trusted if for no other reason than they be served with an instrument of local law. It does not seem reasonable (within the scope of criteria for Discusses) for me to continue to push this point as one requiring resolution in this document even though I continue to believe that the mechanism introduced here will expose users who were previously (unknown to them) protected by home gateways. There has been some discussion that the geopriv working group might start to actively work on a location discovery process that can be used and still preserve the user's privacy, But absent that, I cannot in all conscience support the publication of this work. I will therefore Abstain.