| RE: Issue 286: Security | <– Date –> <– Thread –> |
From: Glen Zorn (gwz) (gwz cisco.com)
|
|
| Date: Tue, 15 Feb 2005 16:35:45 -0500 (EST) | |
Jari Arkko <> supposedly scribbled: > Here's an attempt to write some text that would address this issue. I > agree that the draft should define its area of applicability better, > and should talk about the security considerations of revealing > network identities. This would work for me: I would _really_ like to end all this rather coy dancing around the subject. So, I would like the authors to explain clearly, concisely and precisely (_in the document_, not in the EAP list archives or some 3GPP document-in-progress, unless those are referenced _in the document_) what the purpose of this thing is, who is going to use it and why. Farooq has reminded us several times that this is 3GPP; OK, then put that in title: "Identity Selection in 3GPP Networks" or something. As I mentioned in an earlier message, I don't think that any of the hints are actually necessary for roaming to function, especially those in secondary identity requests. I suspect (but don't _know_, since the authors aren't telling) that this is actually to implement some kind of AAA source-routing, possibly to support some legacy model of circuit-switched accounting. OK, fine. Explain that, clearly mark it as a 3GPP thing, make it Informational and let's be done with it. > > Text: Add the following new text to the end of the abstract: > > The mechanism defined in this document is > primarily intended for advertising connectivity > to a limited number of entities that find such > advertisements of their presence useful. > > Add the following new text before the > last paragraph in Section 1. > > This mechanism is not generally applicable to > all access networks or all home or mediating networks. > Basic roaming and AAA routing mechanisms are normally > sufficient, and the identification hints are typically > useful only when there's too much ambiquity, or when > the scale of the roaming associations precludes > full automatic connectivity from all access networks > to all home networks. In such situations, a limited > number of identity hints can be provided. Even > in this case, it is required that the networks that > are listed in these hints consent to such > advertisements. > > And add this to the Security Considerations section: > > Any information revealed either from the network > or client sides before authentication has occurred > can be seen as a security risk. For instance, revealing > the existence of network that uses a poor authentication > method can make it easier for attackers to discover > that such network can be accessed. As a result, > the consent of the network being described in the > hints is required before such hints can be sent. > > Comments? Would this work for people? > > --Jari > _______________________________________________ > eap mailing list > eap [at] frascone.com > http://mail.frascone.com/mailman/listinfo/eap Hope this helps, ~gwz Why is it that most of the world's problems can't be solved by simply listening to John Coltrane? -- Henry Gabriel
- RE: Issue 286: Security, (continued)
-
RE: Issue 286: Security Bari, Farooq, February 13 2005
- RE: Issue 286: Security Bernard Aboba, February 13 2005
-
Re: Issue 286: Security Jari Arkko, February 14 2005
- Re: Issue 286: Security Jari Arkko, February 15 2005
- RE: Issue 286: Security Glen Zorn (gwz), February 15 2005
- Re: Issue 286: Security Jari Arkko, February 16 2005
-
RE: Issue 286: Security Bari, Farooq, February 13 2005
- Message not available
- Re: Issue 286: Security Jari Arkko, February 16 2005
Results generated by Tiger Technologies using MHonArc.