Technical Summary
This document defines an authorization policy language for controlling access to
location information. It extends the Common Policy authorization framework to
provide location-specific access control. More specifically, this document
defines condition elements specific to location information in order to restrict
access based on the current location of the Target. Furthermore, it offers
location-specific transformation elements to reduce the granularity of the
returned location information.
Working Group Summary
There is strong, long-standing consensus in the working group that the policies
described this document are a useful way to transmit geolocation-based privacy
policies. This document went through several IESG reviews resulting in refinement
by the working group. The most recent working group discussion focused on which
"fuzzing" algorithm(s) should be mandatory to implement, given that all known
algorithms have failings. In the end, there was strong consensus that the
current approach, with an extensive discussion of risks associated with fuzzing,
is the most appropriate.
Document Quality
The document has been reviewed by key participants from the GEOPRIV working
group. In the process of analyzing fuzzing algorithms, there were several
experimental implementations.
Personnel
The document shepherd is Richard Barnes. The responsible AD is Robert Sparks.