Ines, thanks for your comments. Here is one response to your commentary. > > 9- In the security considerations, what about add description on attacks > > related to geo-coordinates such as location spoofing? > > We had added that from previous reviews. Tell us exactly what you are looking > for. > > Ok, thanks. I was wondering about potential consequences of location spoofing > within the LISP environment, such as misleading network path selection. What > do you think?
I think we have covered this and there is no way to validate a "good geo-coordinate". If you authenticate the source who registered the mapping, you are trusting them. There is no way to do a back-door check to see if the location is correct or precise. We don't want the draft to spec out to validate something this: EID: London, UK RLOC: geo lat: 37, geo long: -121 Meaning, you don't want to say, "hey those coordinates are in San Jose, CA but you used a name called London, this is suspect, we probably shouldn't register this". This sort of validation should be done in the implementation at the source (and not the LISP implementation) but the admins who decide London needs to be San Jose. ;-) Dino _______________________________________________ lisp mailing list -- [email protected] To unsubscribe send an email to [email protected]
