Geographic Location/Privacy (geopriv) ------------------------------------- Charter Last Modified: 2007-11-26 Current Status: Active Working Group Chair(s): Robert Sparks Real-time Applications and Infrastructure Area Director(s): Jon Peterson Cullen Jennings Real-time Applications and Infrastructure Area Advisor: Cullen Jennings Technical Advisor(s): Lisa Dusseault Mailing Lists: General Discussion:geopriv@ietf.org To Subscribe: geopriv-request@ietf.org In Body: subscribe Archive: http://www.ietf.org/mail-archive/web/geopriv/index.html Description of Working Group: As more and more resources become available on the Internet, some applications need to acquire geographic location information about certain resources or entities. These applications include navigation, emergency services, management of equipment in the field, and other location-based services. But while the formatting and transfer of such information is in some sense a straightforward process, the implications of doing it, especially in regards to privacy and security, are anything but. The primary task of this working group will be to assess the the authorization, integrity and privacy requirements that must be met in order to transfer such information, or authorize the release or representation of such information through an agent. In addition, the working group will select an already standardized format to recommend for use in representing location per se. A key task will be to enhance this format and protocol approaches using the enhanced format, to ensure that the security and privacy methods are available to diverse location-aware applications. Approaches to be considered will include (among others) data formats incorporating fields directing the privacy handling of the location information and possible methods of specifying variable precision of location. Also to be considered will be: authorization of requestors and responders; authorization of proxies (for instance, the ability to authorize a carrier to reveal what timezone one is in, but not what city. An approach to the taxonomy of requestors, as well as to the resolution or precision of information given them, will be part of this deliverable. The combination of these elements should provide a service capable of transferring geographic location information in a private and secure fashion (including the option of denying transfer). For reasons of both future interoperability and assurance of the security and privacy goals, it is a goal of the working group to deliver a specification that has broad applicablity and will become mandatory to implement for IETF protocols that are location-aware. Two further deliverables of the WG will be: o An example API for application-level access to/management of link-based location information. That is, for instance, the WG may describe an API for secure, privacy-enabling user/ application handling of location information specific to a 3G wireless link technology. o Development of i-ds that make security and privacy integral to location information in HTTP and HTML, based on the work in draft-daviel-html-geo-tag-05.txt and draft-daviel-http-geo-header-03.txt. Out of Scope: This WG won't develop location-determining technology. It will work from existing technologies and where the technology is undeveloped, will state that applicability may await others' developments. This WG won't develop technology to support any particular regulatory requirement [e.g. E.911] but will provide a framework that might be used for private/secure definition of such technologies by other bodies. Coordination: The WG will coordinate with other WGs developing general privacy and location-aware functions, e.g. the SIP WG, so that the WG deliverables can be used by them. Other coordination should include the NymIP research community, WC3, and the Location Information Forum. Goals and Milestones: Done Discuss initial geopriv scenarios and application requirements i-d's Done Discuss initial geographic location privacy and security requirements i-d. Done Initial i-d on geographic information protocol design, including privacy and security techniques. Done Review charter and initial i-ds with AD, and have IESG consider rechartering if necessary. Done Submit geopriv scenarios and application requirements to IESG for publicaiton as Informational RFCs Done Submit security/privacy requirements I-D to IESG for publication as Informational RFC. Done Submit PIDF-LO basic geopriv object draft as a PS Done Initial Common Rules base object draft Done Initial Common Ruels GEOPRIV object draft Done Submit DHCP Civil draft as a PS Nov 2007 Resubmit Geolocation Policy to the IESG for publication as PS Nov 2007 Resubmit Conveying Location Objects in RADIUS and Diameter to the IESG for publication as PS Nov 2007 Submit Additional Civic PIDF-LO types (updating 4119) to the IESG for publication as PS Dec 2007 Submit Layer 7 Location Conveyance Protocol Problem Statement and Requirements to the IESG for publication as Informational Dec 2007 Submit a Document Format for Filtering and Reporting PIDF-LO Location Notifications to the IESG for publication as PS Dec 2007 Submit Requirements for Location by Reference Protocols to the IESG for publication as Informational Jan 2008 Submit PIDF-LO Usage Clarifications and Recommendations (updating 4119) to the IESG for publication as PS Feb 2008 Submit minimal HTTP based protocol satisfying baseline requirements specified in the Layer 7 Location Conveyance Protocol Problem Statement and Requirements to the IESG for publication as PS Feb 2008 Submit a LIS Discovery Mechanism to the IESG for publication as a PS Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Nov 2003 Oct 2007 Geolocation Policy: A Document Format for Expressing Privacy Preferences for Location Information Oct 2004 Dec 2007 Carrying Location Objects in RADIUS and Diameter Jul 2005 Oct 2007 GEOPRIV PIDF-LO Usage Clarification, Considerations and Recommendations Dec 2005 Dec 2007 Revised Civic Location Format for PIDF-LO Jan 2007 Nov 2007 GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements Jun 2007 Nov 2007 HTTP Enabled Location Delivery (HELD) Sep 2007 Oct 2007 Requirements for a Location-by-Reference Mechanism Dec 2007 Dec 2007 Discovering the Local Location Information Server (LIS) Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC3693 I Feb 2004 Geopriv requirements RFC3694 I Feb 2004 Threat Analysis of the geopriv Protocol RFC3825Standard Jul 2004 Dynamic Host Configuration Protocol Option for Coordinate-based Location Configuration Information RFC4079 I Jul 2005 A Presence Architecture for the Distribution of GEOPRIV Location Objects RFC4119Standard Dec 2005 A Presence-based GEOPRIV Location Object Format RFC4589 PS Jul 2006 Location Types Registry RFC4676 PS Oct 2006 Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information RFC4776 PS Nov 2006 Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information RFC4745 PS Feb 2007 Common Policy: A Document Format for Expressing Privacy Preferences