Geolocation Policy: A Document Format for Expressing Privacy Preferences for Location Information
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, geopriv mailing list <email@example.com>, geopriv chair <firstname.lastname@example.org> Subject: Protocol Action: 'Geolocation Policy: A Document Format for Expressing Privacy Preferences for Location Information' to Proposed Standard (draft-ietf-geopriv-policy-27.txt) The IESG has approved the following document: - 'Geolocation Policy: A Document Format for Expressing Privacy Preferences for Location Information' (draft-ietf-geopriv-policy-27.txt) as Proposed Standard This document is the product of the Geographic Location/Privacy Working Group. The IESG contact persons are Robert Sparks and Gonzalo Camarillo. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-geopriv-policy/
Technical Summary This document defines an authorization policy language for controlling access to location information. It extends the Common Policy authorization framework to provide location-specific access control. More specifically, this document defines condition elements specific to location information in order to restrict access based on the current location of the Target. Furthermore, it offers location-specific transformation elements to reduce the granularity of the returned location information. Working Group Summary There is strong, long-standing consensus in the working group that the policies described this document are a useful way to transmit geolocation-based privacy policies. This document went through several IESG reviews resulting in refinement by the working group. The most recent working group discussion focused on which "fuzzing" algorithm(s) should be mandatory to implement, given that all known algorithms have failings. In the end, there was strong consensus that the current approach, with an extensive discussion of risks associated with fuzzing, is the most appropriate. Document Quality The document has been reviewed by key participants from the GEOPRIV working group. In the process of analyzing fuzzing algorithms, there were several experimental implementations. Personnel The document shepherd is Richard Barnes. The responsible AD is Robert Sparks.