Ok, Thank you Dino for the clarification, BR, Ines
On Thu, Jul 4, 2024 at 1:39 AM Dino Farinacci <farina...@gmail.com> wrote: > Ines, thanks for your comments. Here is one response to your commentary. > > > > 9- In the security considerations, what about add description on > attacks > > > related to geo-coordinates such as location spoofing? > > > > We had added that from previous reviews. Tell us exactly what you are > looking for. > > > > Ok, thanks. I was wondering about potential consequences of location > spoofing within the LISP environment, such as misleading network path > selection. What do you think? > > I think we have covered this and there is no way to validate a "good > geo-coordinate". If you authenticate the source who registered the mapping, > you are trusting them. There is no way to do a back-door check to see if > the location is correct or precise. > > We don't want the draft to spec out to validate something this: > > EID: London, UK > RLOC: geo lat: 37, geo long: -121 > > Meaning, you don't want to say, "hey those coordinates are in San Jose, CA > but you used a name called London, this is suspect, we probably shouldn't > register this". > > This sort of validation should be done in the implementation at the source > (and not the LISP implementation) but the admins who decide London needs to > be San Jose. ;-) > > Dino > > > >
_______________________________________________ lisp mailing list -- lisp@ietf.org To unsubscribe send an email to lisp-le...@ietf.org
