datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

An Architecture for Location and Location Privacy in Internet Applications
RFC 6280

Internet Engineering Task Force (IETF)                         R. Barnes
Request for Comments: 6280                                   M. Lepinski
BCP: 160                                                BBN Technologies
Updates: 3693, 3694                                            A. Cooper
Category: Best Current Practice                                J. Morris
ISSN: 2070-1721                        Center for Democracy & Technology
                                                           H. Tschofenig
                                                  Nokia Siemens Networks
                                                          H. Schulzrinne
                                                     Columbia University
                                                               July 2011

           An Architecture for Location and Location Privacy
                        in Internet Applications

Abstract

   Location-based services (such as navigation applications, emergency
   services, and management of equipment in the field) need geographic
   location information about Internet hosts, their users, and other
   related entities.  These applications need to securely gather and
   transfer location information for location services, and at the same
   time protect the privacy of the individuals involved.  This document
   describes an architecture for privacy-preserving location-based
   services in the Internet, focusing on authorization, security, and
   privacy requirements for the data formats and protocols used by these
   services.

Status of This Memo

   This memo documents an Internet Best Current Practice.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   BCPs is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6280.

Barnes, et al.            Best Current Practice                 [Page 1]
RFC 6280             Internet Location Architecture            July 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Barnes, et al.            Best Current Practice                 [Page 2]
RFC 6280             Internet Location Architecture            July 2011

Table of Contents

   1. Introduction ....................................................3
      1.1. Binding Rules to Data ......................................4
      1.2. Location-Specific Privacy Risks ............................5
      1.3. Privacy Paradigms ..........................................6
   2. Terminology Conventions .........................................7
   3. Overview of the Architecture ....................................7
      3.1. Basic Geopriv Scenario .....................................8
      3.2. Roles and Data Formats ....................................10
   4. The Location Life Cycle ........................................12
      4.1. Positioning ...............................................13
           4.1.1. Determination Mechanisms and Protocols .............14
           4.1.2. Privacy Considerations for Positioning .............16
           4.1.3. Security Considerations for Positioning ............16
      4.2. Location Distribution .....................................17
           4.2.1. Privacy Rules ......................................17
           4.2.2. Location Configuration .............................19
           4.2.3. Location References ................................20
           4.2.4. Privacy Considerations for Distribution ............21
           4.2.5. Security Considerations for Distribution ...........23
      4.3. Location Use ..............................................24
           4.3.1. Privacy Considerations for Use .....................25
           4.3.2. Security Considerations for Use ....................25
   5. Security Considerations ........................................25

[include full document text]