Last Modified: 2004-02-12
But while the formatting and transfer of such information is in some sense a straightforward process, the implications of doing it, especially in regards to privacy and security, are anything but.
The primary task of this working group will be to assess the the authorization, integrity and privacy requirements that must be met in order to transfer such information, or authorize the release or representation of such information through an agent.
In addition, the working group will select an already standardized format to recommend for use in representing location per se. A key task will be to enhance this format and protocol approaches using the enhanced format, to ensure that the security and privacy methods are available to diverse location-aware applications. Approaches to be considered will include (among others) data formats incorporating fields directing the privacy handling of the location information and possible methods of specifying variable precision of location.
Also to be considered will be: authorization of requestors and responders; authorization of proxies (for instance, the ability to authorize a carrier to reveal what timezone one is in, but not what city. An approach to the taxonomy of requestors, as well as to the resolution or precision of information given them, will be part of this deliverable.
The combination of these elements should provide a service capable of transferring geographic location information in a private and secure fashion (including the option of denying transfer).
For reasons of both future interoperability and assurance of the security and privacy goals, it is a goal of the working group to deliver a specification that has broad applicablity and will become mandatory to implement for IETF protocols that are location-aware.
Two further deliverables of the WG will be:
o An example API for application-level access to/management of link-based location information. That is, for instance, the WG may describe an API for secure, privacy-enabling user/ application handling of location information specific to a 3G wireless link technology.
o Development of i-ds that make security and privacy integral to location information in HTTP and HTML, based on the work in draft-daviel-html-geo-tag-05.txt and draft-daviel-http-geo-header-03.txt.
Out of Scope:
This WG won't develop location-determining technology. It will work from existing technologies and where the technology is undeveloped, will state that applicability may await others' developments.
This WG won't develop technology to support any particular regulatory requirement [e.g. E.911] but will provide a framework that might be used for private/secure definition of such technologies by other bodies.
Coordination:
The WG will coordinate with other WGs developing general privacy and location-aware functions, e.g. the SIP WG, so that the WG deliverables can be used by them. Other coordination should include the NymIP research community, WC3, and the Location Information Forum.
Done | Discuss initial geopriv scenarios and application requirements i-d's | |
Done | Discuss initial geographic location privacy and security requirements i-d. | |
Done | Initial i-d on geographic information protocol design, including privacy and security techniques. | |
Done | Review charter and initial i-ds with AD, and have IESG consider rechartering if necessary. | |
Done | Submit geopriv scenarios and application requirements to IESG for publicaiton as Informational RFCs | |
Done | Submit security/privacy requirements I-D to IESG for publication as Informational RFC. | |
Feb 04 | Submit PIDF-LO basic geopriv object draft as a PS | |
Feb 04 | Initial Common Rules base object draft | |
Feb 04 | Initial Common Ruels GEOPRIV object draft | |
Mar 04 | Submit Common Rules base object draft as a PS | |
Mar 04 | Submit Common Rules GEOPRIV object draft as a PS | |
Apr 04 | Submit DHCP Civil draft as a PS | |
Jun 04 | Initial Geo-tag/Geo-Header draft | |
Jun 04 | Initial HTTP using protocol draft | |
Jun 04 | Initial SIP using protocol draft | |
Jul 04 | Initial Using protocol guideline | |
Nov 04 | Submit Geo-tag/Geo-Header draft as a PS | |
Nov 04 | Submit HTTP using protocol draft as a PS | |
Nov 04 | Submit SIP using protocol draft as a PS | |
Nov 04 | Submit Using protocol guidelines draft as a BCP | |
Nov 04 | Conclude working group |
Minutes of the GEOPRIV Working Group Session at the 59th IETF Meeting Chairs: Andrew Newton Allison Mankin Randall Gellens Scribes: Ted Hardie Scott Hollenbeck Randall Gellens Jabber Logs: http://www.xmpp.org/ietf-logs/geopriv@i etf.xmpp.org/2004-03-04.html Presentations: http://ecotroph.net/blojsom/blog/geopri v/meetings/?permalin k=90D9FBF0E678B46F4864A940534143C1.txt 1) James Polk mentions that draft-ietf-sipping-location-requirements-00.txt may meet GEOPRIVÕs milestone for a SIP Using Protocol draft. He requests that the working group look it over. Andy Newton will ask the question of the working group mailing list. 2) Henning Schulzrinne discusses the DHCP Civil draft (draft-ietf-geopriv-dhcp-civil-01.txt). He notes that it is complimentary to the groupÕs DHCP LI draft, points out changes to it, and feels that it is close to working group last call. James Polk indicates that it is "LCI" (location configuration information) instead of"LO" (location object). A request is made of "new", non-US participants to be check that the address format is useable. A concern is brought by Allison Mankin on the work load impact this draft may have for the IANA. Henning notes that it would not be too high at all. 3) Jon Peterson presents draft-ietf-geopriv-pres-00.txt. Jon notes that it will be updated again to make it less SIMPLE centric. 4) Jon Peterson presents draft-ietf-geopriv-pidf-lo-02.txt. Jon notes that the requirements section has been removed. Hannes Tschofenig points out that it is difficult to understand which GEOPRIV requirements are met by PIDF-LO and which are met by a using protocol, and he suggests documenting this in draft-ietf-geopriv-pres-00.txt. Jon disagrees with the suggestion because it would make that draft protocol centric, which is a non-goal. James suggests covering the requirements in draft-ietf-si pping-location-requirements-00.txt, with both Henning and Jon objecting. This is followed by a discussion regarding a new SIPPING requirement for a source type of location information. It is mentioned that requirements for the source type are not fully known and waiting on them would hold up PDIF-LO. Jon suggests that this could be added as an extension. Andy asks that the discussion of this issue be taken to the list. 5) Henning presents the Common Policy drafts (draft-ietf-geopriv-policy-01.txt and draft-ietf-geopriv-common-policy-00.txt). There is some confusion regarding distribution/retention rules. The room has few comments and Henning asks the group to review the drafts and send comments to the list. 6) Watanabe-san and Kurisu-san present the GLI system (http:www.gli.jp). There are no comments or questions from the room. 7) Farid Adrangi presents draft-adrangi-radiusext-loc ation-information-attribut-00.txt. The room discusses the implications of RADIUS trust models on the privacy of location objects. There are many concerns about the trust model inherent in RADIUS relationships not being relative to the privacy of the end user. 8) Hannes presents draft-jones-radius-geopriv-00.txt and discusses the merging of the two drafts. Again there is concern from the room about the privacy concerns of end users and concern regarding the bonding of user identities and authentication mechanisms. There is also concern about special casing requirements for this work and the necessity to properly analyze use cases. It is also mentioned that the verbose XML will degrade performance of RADIUS and there will be a need for compression. |