RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Stuard, Doug ^lt;Doug.Stuard@andrew.com>
Date: Tue Feb 27 2007 - 11:21:34 EST

Perhaps I'm missing something, but what I haven't seen mentioned is the routing function. Specific location information is of course desired to dispatch resources, and call takers can (and do) have a number of sniff tests to determine if a call or displayed location might be bogus, but the call must first be routed to the correct PSAP. While of larger granularity than actual caller location, it would be subject to the various vulnerabilities discussed, and without benefit of call taker skepticism. Doug Stuard ________________________________ From: Andrew Newton [mailto:andy@hxr.us] Sent: Tuesday, February 27, 2007 11:10 AM To: g.caron@bell.ca Cc: geopriv@ietf.org; Dawson, Martin; mlinsner@cisco.com Subject: Re: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures) On Feb 26, 2007, at 10:17 PM, g.caron@bell.ca wrote: Well, I can only speculate as, to my knowledge, this is not a current situation. However, it could be foreseen that, as an example, a call taker would try to cross validate the information by say, asking the caller sub information to corroborate the provided information. But don't get hooked on the example only. The point is that it just raises awareness that something may be wrong with that call. Guy, I'm a little concerned that we are missing some points in this discussion. Thanks for your patience. It is my understanding that in all cases where a PSAP is able to talk to a person on the other end of the phone, that they will trust the location given verbally over any automated location regardless of crypto bells and whistles. The location from the network may get used if the emergency responders cannot use the information given by the caller, but in this case signed location seems of little value. Where signed location seems to have more validity is in the case where the PSAP cannot talk to the caller, such as a 9-1-1 hang-up. However, even in this case it wouldn't take more than a few calls an hour for the PSAP to catch on to the problem and change tactics. So the question comes down to this, can signed location be enough of a differentiation from non-signed or invalidly signed location where a PSAP would quit ignoring calls? Even with signed location, it is possible to have a coordinated attack within the window necessary to trigger the PSAPs alternate tactics. -andy ------------------------------------------------------------------------------------------------ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any unauthorized use of this email is prohibited. ------------------------------------------------------------------------------------------------ [mf2]

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Tue, 27 Feb 2007 11:21:34 -0500

This archive was generated by hypermail 2.1.8 : Tue Feb 27 2007 - 11:21:17 EST