RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Marc Linsner ^lt;mlinsner@cisco.com>
Date: Thu Feb 22 2007 - 10:52:54 EST

Brian,

1) One problem is that PSAPs will response to un-signed locations, they have
no choice. IP hosts will deploy self location determination/user input and
send the results un-signed to PSAPs. If you accept this as fact, you cannot
eliminate totally spoofed locations. Additionally, as you admit, it is
possible to defeat digital signatures.

2) I have not heard PSAPs admit/accept the negative to the solution, digital
signatures opens up the new attack vector. Digital signatures do nothing
more that add 'machinery' to the equation, spoofing the 'human' element. If
this 'machinery' is capable of presenting a new problem, the 'human' who
will be subject to this new problem must admit/accept the additional
workload.

The problem I see is, once again, the expectations of the solution are not
even close to the capabilities, yet we forge ahead believing we are solving
world hunger. Like Henning, I've not argued that signatures are totally
useless, only arguing they won't meet current expectations, hence not enough
ROI.

-Marc-

  

> -----Original Message-----
> From: Brian Rosen [mailto:br@brianrosen.net]
> Sent: Tuesday, February 20, 2007 5:40 PM
> To: 'Henning Schulzrinne'; 'Dawson, Martin'
> Cc: 'GEOPRIV'
> Subject: RE:
> [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitals
> ignatures)
>
> Bot nets can generate good location data, with valid
> signatures. Each of the zombies could get off one valid call
> before being detected. What signatures could do is prevent
> totally spoofed locations. We MIGHT be able to detect the
> call as at least suspect some time after the attack starts,
> and reduce the effectiveness to considerably less than one per zombie.
> Generally speaking, I think we're mostly trying to stop prank
> calls, and we won't be 100% effective at that, but we would
> be effective enough to make the effort worthwhile.
>
> Brian
>
> > -----Original Message-----
> > From: Henning Schulzrinne [mailto:hgs@cs.columbia.edu]
> > Sent: Monday, February 19, 2007 10:35 PM
> > To: Dawson, Martin
> > Cc: GEOPRIV
> > Subject: Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-
> > LOdigitalsignatures)
> >
> > One could mention the old joke about searching for lost
> keys near the
> > light.
> >
> > This makes no sense - bot nets are currently the most widely used
> > mechanism for doing network damage of all kinds. Assuming
> that we have
> > the threat model of 1980 doesn't exactly help.
> >
> > I have not argued that this precludes the use of
> signatures, just that
> > the impact on large-scale attacks is likely to be close to zero.
> > (Large-scale attacks are actually likely to be made worse, since
> > verifying signatures takes effort, i.e., provides in itself a DOS
> > target.) We just need to be honest about the very limited range of
> > attacks that this mechanism prevents, to avoid adding to
> the supply of
> > security snake oil.
> >
> > Without strong identity assertion, even the single-human
> attack is not
> > likely to be prevented by location signatures, as long as we don't
> > disallow open wireless networks.
> >
> > On Feb 19, 2007, at 10:17 PM, Dawson, Martin wrote:
> >
> > > That didn't meet the specification of being done "without
> exploit".
> > > We can't address the general problem of the security
> holes currently
> > > in the Internet.
> > >
> > > The existence of bot nets is a generic Internet problem and the
> > > issues go well beyond the domain of location integrity.
> It has to be
> > > addressed
> > > - but it should not preclude the existence of integrity
> mechanisms
> > > within the location domain.
> > >
> > > Cheers,
> > > Martin
> > >
> >
> >
> > _______________________________________________
> > Geopriv mailing list
> > Geopriv@ietf.org
> > https://www1.ietf.org/mailman/listinfo/geopriv
>
>
> _______________________________________________
> Geopriv mailing list
> Geopriv@ietf.org
> https://www1.ietf.org/mailman/listinfo/geopriv

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Thu, 22 Feb 2007 10:52:54 -0500

This archive was generated by hypermail 2.1.8 : Thu Feb 22 2007 - 10:53:32 EST