Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Henning Schulzrinne ^lt;hgs@cs.columbia.edu>
Date: Mon Feb 19 2007 - 22:35:00 EST

One could mention the old joke about searching for lost keys near the
light.

This makes no sense - bot nets are currently the most widely used
mechanism for doing network damage of all kinds. Assuming that we
have the threat model of 1980 doesn't exactly help.

I have not argued that this precludes the use of signatures, just
that the impact on large-scale attacks is likely to be close to zero.
(Large-scale attacks are actually likely to be made worse, since
verifying signatures takes effort, i.e., provides in itself a DOS
target.) We just need to be honest about the very limited range of
attacks that this mechanism prevents, to avoid adding to the supply
of security snake oil.

Without strong identity assertion, even the single-human attack is
not likely to be prevented by location signatures, as long as we
don't disallow open wireless networks.

On Feb 19, 2007, at 10:17 PM, Dawson, Martin wrote:

> That didn't meet the specification of being done "without exploit". We
> can't address the general problem of the security holes currently
> in the
> Internet.
>
> The existence of bot nets is a generic Internet problem and the issues
> go well beyond the domain of location integrity. It has to be
> addressed
> - but it should not preclude the existence of integrity mechanisms
> within the location domain.
>
> Cheers,
> Martin
>

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Mon, 19 Feb 2007 22:35:00 -0500

This archive was generated by hypermail 2.1.8 : Mon Feb 19 2007 - 22:35:20 EST