datatracker.ietf.org
Sign in
Version 5.6.2.p1, 2014-07-22
Report a bug

Geopriv Requirements
RFC 3693

Document type: RFC - Informational (February 2004; No errata)
Updated by RFC 6280
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 3693 (Informational)
Responsible AD: Ted Hardie
Send notices to: <mankin@psg.com>, <rg+ietf@qualcomm.com>, <anewton@ecotroph.net>

Network Working Group                                         J. Cuellar
Request for Comments: 3693                                    Siemens AG
Category: Informational                                        J. Morris
                                       Center for Democracy & Technology
                                                             D. Mulligan
                        Samuelson Law, Technology & Public Policy Clinic
                                                             J. Peterson
                                                                 NeuStar
                                                                 J. Polk
                                                                   Cisco
                                                           February 2004

                          Geopriv Requirements

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).  All Rights Reserved.

Abstract

   Location-based services, navigation applications, emergency services,
   management of equipment in the field, and other location-dependent
   services need geographic location information about a Target (such as
   a user, resource or other entity).  There is a need to securely
   gather and transfer location information for location services, while
   at the same time protect the privacy of the individuals involved.

   This document focuses on the authorization, security and privacy
   requirements for such location-dependent services.  Specifically, it
   describes the requirements for the Geopriv Location Object (LO) and
   for the protocols that use this Location Object.  This LO is
   envisioned to be the primary data structure used in all Geopriv
   protocol exchanges to securely transfer location data.

Cuellar, et al.              Informational                      [Page 1]
RFC 3693                  Geopriv Requirements             February 2004

Table of Contents

   1.  Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Conventions Used in this Document. . . . . . . . . . . . . . .  4
   3.  Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
   4.  Primary Geopriv Entities . . . . . . . . . . . . . . . . . . .  6
   5.  Further Geopriv Terminology. . . . . . . . . . . . . . . . . .  7
       5.1.  Location Information and Sighting. . . . . . . . . . . .  7
       5.2.  The Location Object and Using Protocol . . . . . . . . .  9
       5.3.  Trusted vs. Non-trusted Data Flows . . . . . . . . . . . 10
       5.4.  Further Geopriv Principals . . . . . . . . . . . . . . . 10
       5.5.  Privacy Rules. . . . . . . . . . . . . . . . . . . . . . 12
       5.6.  Identifiers, Authentication and Authorization. . . . . . 13
   6.  Scenarios and Explanatory Discussion . . . . . . . . . . . . . 15
   7.  Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 19
       7.1.  Location Object. . . . . . . . . . . . . . . . . . . . . 19
       7.2.  The Using Protocol . . . . . . . . . . . . . . . . . . . 21
       7.3.  Rule based Location Data Transfer. . . . . . . . . . . . 21
       7.4.  Location Object Privacy and Security . . . . . . . . . . 22
             7.4.1.  Identity Protection. . . . . . . . . . . . . . . 22
             7.4.2.  Authentication Requirements. . . . . . . . . . . 23
             7.4.3.  Actions to be secured. . . . . . . . . . . . . . 23
       7.5.  Non-Requirements . . . . . . . . . . . . . . . . . . . . 24
   8.  Security Considerations. . . . . . . . . . . . . . . . . . . . 24
       8.1.  Traffic Analysis . . . . . . . . . . . . . . . . . . . . 24
       8.2.  Securing the Privacy Rules . . . . . . . . . . . . . . . 24
       8.3.  Emergency Case . . . . . . . . . . . . . . . . . . . . . 24
       8.4.  Identities and Anonymity . . . . . . . . . . . . . . . . 25
       8.5.  Unintended Target. . . . . . . . . . . . . . . . . . . . 26
   9.  Protocol and LO Issues for later Consideration . . . . . . . . 26
       9.1.  Multiple Locations in one LO . . . . . . . . . . . . . . 26
       9.2.  Translation Fields . . . . . . . . . . . . . . . . . . . 26
       9.3.  Truth Flag . . . . . . . . . . . . . . . . . . . . . . . 27
       9.4.  Timing Information Format. . . . . . . . . . . . . . . . 27
       9.5.  The Name Space of Identifiers. . . . . . . . . . . . . . 27
   10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 28
   11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 28
       11.1. Normative Reference  . . . . . . . . . . . . . . . . . . 28
       11.2. Informative References . . . . . . . . . . . . . . . . . 28
   12. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 29

[include full document text]