On 14 Oct 2016, at 3:46, Dino Farinacci wrote:
Section 4.3 talks about geo coordinates. I think I understand that
coordinates may give the location of a device. Is there any
that said device can be associated with a person? The security
considerations mention this briefly. Have the working group
whether the guidance in RFC 6280/BCP 160 is applicable here?
A mapping database entry could identify an individual. We think that
confidentiality of the control-plane could be used for protecting data
in transit from LISP site to the mapping system. For retrieving
information from the mapping system, the transport can provide
confidentiality protection but also who can access the information.
How about I put a reference to RFC6280/BCP160 in the Security
That's not really what I had in mind. RFC6280 has considerations that
apply do the design of protocols that can transfer location objects, not
just their use or implementation. My question was whether the working
group had considered whether they apply to this document. I'm not saying
that they do; I am not an expert on lisp, and maybe the this data
doesn't get sent or used in a way that matters from the perspective of
RFC 6280. But I would hope that the working group has or will make an
informed decision about that.
lisp mailing list