> Section 4.3 talks about geo coordinates. I think I understand that these > coordinates may give the location of a device. Is there any expectation > that said device can be associated with a person? The security > considerations mention this briefly. Have the working group considered > whether the guidance in RFC 6280/BCP 160 is applicable here?
A mapping database entry could identify an individual. We think that confidentiality of the control-plane could be used for protecting data in transit from LISP site to the mapping system. For retrieving information from the mapping system, the transport can provide confidentiality protection but also who can access the information. How about I put a reference to RFC6280/BCP160 in the Security Considerstaions section? Dino _______________________________________________ lisp mailing list lisp@ietf.org https://www.ietf.org/mailman/listinfo/lisp
