ITU discussing enhanced tracing of IP addresses
The International Telecommunication Union (ITU) is discussing a standard that will allow enhanced tracing of IP addresses. A provisional document produced by ITU Working Group 17 (SG 17) says that "IP Traceback" will help prevent denial-of-service attacks, identify criminals on the net, and make network applications generally more reliable. Experts on data protection are warning that it could be misused. The initial proposal came from Tian Huirong, a researcher at the Chinese Academy for Telecommunication Research (CATR), part of the Chinese Ministry of the Information Industry.
Data protection activists have expressed misgivings not least because the first draft lists possible applications of tracing IP addresses for use on normal IP packets, rather than just to counter DoS attacks. Tian also refers to further problems to be solved, including the issue of dynamic IP addresses, spoofing, and how to trace addresses that are managed by different domains. It is not yet clear whether this standard actually puts forward new technical ideas or simply concerns agreement on corresponding guidelines for the carriers of IP packets. Members of the SG 17 Working Group have said the standard is not expected to be adopted before 2009.
According to Tian's proposal, the standardisation of the "IP Traceback" functions, as one of several new working topics, was decided on at a meeting last April. Tian has now submitted a series of documents discussing the requirements and possible applications of "IP Traceback". A report by Tony Rutkowski, VeriSign's Vice Chairman and one of the senior members of SG 17, says the topic was originally introduced by ZTE, a Chinese hardware company. The US National Security Agency, which is also represented on SG 17, has preferred to make no comment.
The provisional draft was made public by Steve Bellovin, a network security expert at Columbia University, who considers "IP Traceback" to be of little effect against the majority of currently known attacks and has warned of the danger it represents to freedom of speech and expression. At a conference of the European Network and Information Security Agency (ENISA) in Heraklion, Greece, he told Heise Online that he considers it necessary for governments to give a guarantee that they will not misuse the increasing number of accesses to data and interventions in networks. All the governments of the world set very different priorities on this, Bellovin says.
He was also critical of another proposal by Working Group 17 that has already made some progress. This concerns data flow in the future standard model for identity management on networks. According to the principles favoured by the VeriSign representatives, certificates made out by identity providers for transactions on the network should be dispatched centrally by the respective identity provider to the transaction partner. This would result in a company such as VeriSign centrally accumulating a heap of data about the identity management clients. Any such centralization should certainly be rejected on the grounds of data protection, said Bellovin. Some data-protection specialists are also criticizing the centralized data flow model.