> In all cases, we can reasonably expect to require authentication
> that the entity that is the recipient of the location is the one
> where consent has been provided (implicit or explicitly). It is
> also possible to protect the information to guard against
> eavesdropping.
As far as I can tell, this would require a global CA (or at least a
reasonably small list of CAs that can be hard-coded into end systems)
that certifies that a certain recipient is indeed an authorized
emergency service provider, say. It has to be possible that I can use a
device bought in the US in the UK to make emergency calls. (I realize
that US CDMA/PCS/analog cell phones don't do this today, but one would
hardly call this a desirable state of affairs. GSM cell phones bought in
Europe will apparently dial emergency calls in the US, if they are
within coverage range of a GSM provider.)
Thus, while such authentication is clearly desirable, its practical
implementation hinges less on protocol capabilities, and much more on
infrastructure. Thus, as usual, we'll have mandatory to IMPLEMENT, but
can't have mandatory to USE.
Received on Sat Aug 18 12:33:39 2001
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST