Hi Ines, Do you consider that the document is now ready for publication from the RTGDir perspective?
Thanks Ciao L. > On 4 Jul 2024, at 07:35, Ines Robles <mariainesrob...@googlemail.com> wrote: > > Ok, Thank you Dino for the clarification, > > BR, > Ines > > On Thu, Jul 4, 2024 at 1:39 AM Dino Farinacci <farina...@gmail.com > <mailto:farina...@gmail.com>> wrote: >> Ines, thanks for your comments. Here is one response to your commentary. >> >> > > 9- In the security considerations, what about add description on attacks >> > > related to geo-coordinates such as location spoofing? >> > >> > We had added that from previous reviews. Tell us exactly what you are >> > looking for. >> > >> > Ok, thanks. I was wondering about potential consequences of location >> > spoofing within the LISP environment, such as misleading network path >> > selection. What do you think? >> >> I think we have covered this and there is no way to validate a "good >> geo-coordinate". If you authenticate the source who registered the mapping, >> you are trusting them. There is no way to do a back-door check to see if the >> location is correct or precise. >> >> We don't want the draft to spec out to validate something this: >> >> EID: London, UK >> RLOC: geo lat: 37, geo long: -121 >> >> Meaning, you don't want to say, "hey those coordinates are in San Jose, CA >> but you used a name called London, this is suspect, we probably shouldn't >> register this". >> >> This sort of validation should be done in the implementation at the source >> (and not the LISP implementation) but the admins who decide London needs to >> be San Jose. ;-) >> >> Dino >> >> >>
_______________________________________________ lisp mailing list -- lisp@ietf.org To unsubscribe send an email to lisp-le...@ietf.org
