Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

[Brandon Martin <lists.nanog () monmotha net>]

On 1/2/21 8:41 AM, Masataka Ohta wrote:
> As streaming services are often offered from distant places
> including foreign locations, generations of emergency alert
> packets *MUST* be responsibility of *LOCAL* ISPs.

I mean, if you know where you are, it's trivial to ask various services 
that already exist (in most cases, in some form) if there are emergency 
alerts for your location.  It wouldn't be hard to make this a pubsub 
type system so that a device can just subscribe to it and be notified if 
it happens over a "NAT is everywhere" friendly long-term TCP session 
with TCP and occasionally application-level keepalives.

Media streaming devices could essentially do this now.  The governments 
which publish this information could help by running services that make 
this data more readily available in standard formats and with well-known 
locations and APIs.  IDK if they currently do that.

This is, IMO, how the Internet is supposed to work.  Somebody makes 
content available.  If you want it, ask them for it.  The network just 
moves the data.

ISPs are not typically in the business of flinging unsolicited traffic 
at endpoints.  We're not cable companies (or at least some of us are 
not). And, as you point out, unsolicited UDP traffic is almost 
guaranteed to get dropped even if you have end-to-end address 
transparency as stateful firewalls are quite common even then.

What the ISP can potentially help a lot with is having some 
easily-discovered service to provide the ISP's notion of "where am I 
(probably)?". I wouldn't expect E911 levels of granularity on this, or 
at least I don't think that's a reasonable request to make of most ISPs 
as that would require live data from DHCP, billing, etc. all to be put 
together in ways that could be difficult and cause security or privacy 
concerns.

What I think IS feasible is something along the lines of a response that 
says "Well, the gear you're terminated on hosts customers within this 
city or zip code or whatever, so that's where you probably are."  This 
is largely static data that you can infer based on large IP swaths (many 
ISPs already essentially put it in their synthesized rDNS) for many 
common configurations and is sufficient for filtering most kinds of 
emergency alerts.

Devices which have GPS can obviously supplement/replace with their own 
location data.  Devices which have access to Wi-Fi/Bluetooth beacon 
location databases can largely do the same.  This is almost guaranteed 
to be more accurate AND more precise.
--
Brandon Martin