Draft of IETF 51 geopriv WG minutes

These minutes were kindly produced by John Noerenberg, and I've made
some chair-ish tweaks. Please send any corrections (including improving
on our naming of speakers) by the end of the day August 27 (Monday).
your names) by the end of the day August 27.

(John, please note a query at the end...)

-------

Geopriv WG Meeting Minutes, IETF 51, 9 August 2001 - Draft

Reported by John Noerenberg

Notetaker's apology: While I attempted to get everyone's name as they
spoke at the mike, I guessed at the spelling of many of your
names. Please don't take offense at my errors or any omissions. They
are inadvertent and not intentional.

Geopriv met for an hour 9 August 2001. Co-chair Allison Mankin
identified two items for the agenda of the WG's first meeting. We
would review the charter, and she would give the people in attendance
the opportunity to introduce themselves, and offer comments on how to
accomplish the goals laid out for the WG in the charter. Intro slides
are at http://www.east.isi.edu/~mankin/GEO51.html.

There are many IETF WGs and groups outside the IETF who are vitally
interested in the privacy implications of location. Allison described
the history of the geopriv WG: the ideas for geolocation objects in IETF
were explored by the Spatial BOF and mailing list, but the IESG was unable
to get the Spatial group to make privacy issues primary in their
charter proposal. Therefore the IESG (with the Applications area
sponsoring) developed the geopriv WG charter. A key point is that the
actual geolocation information structures are not the main
contribution to be made by IETF: a number of organizations are devoted
to GIS; the geopriv WG will add privacy-supporting networking protocol
context to location formats defined outside IETF.

Drafts prepared originally in the context of Spatial are good as
sources of input for geopriv, notably by Takahashi et al and Tang et
al. Another draft was noted, that by Rosen and Mahy, that needs to be
resubmitted to internet- drafts. Two drafts by Daviel on geolocation
objects in html and http are on the charter, provided that the drafts
are revised to meet privacy and security requirements developed as the
WG's first milestone.

Allison then invited attendees at the meeting to offer their thoughts
on how the WG should proceed toward its goals. Kenji Takahashi asked
if what is developed by geopriv would be protocol independent. Allison
and Ned Freed (the Area Director) answered that we anticipate that at
least the initial phase of our work will be reviewed by the IESG and
IAB for its utility and for its suitability for other applications and
protocols. It is not certain a specific over-the-wire protocol would
come out of this group. Leslie Daigle pointed out that another working
group, IMPP, which she co-chairs, has deferred on location privacy
issues because they realized they didn't have the necessary expertise.

Andrew Randall asked if this group was aware of the work by the WAP
Forum regarding use of location information, and protocols to manage
its use. He was asked if WAP Forum work was freely available to
non-members. Andrew answered that once published the specifications
were available, but works in progress were not published. Scott
Bradner jumped in and noted that the IETF is aware that other
standards bodies have different practices than the IETF, and that the
IESG and IAB will work assiduously to help WGs avoid obstacles that
may arise. We, as well as other standards bodies, realize there is
nothing to be gained in duplicating each other's efforts. Meanwhile,
he requested that at this early point in the WG's life geopriv
postpone concerns regarding these matters. Allison noted that the Open
GIS Forum has also been working in this area, and Scott and Allison
noted that they are both in touch with the group.

Henning Schulzrinne cautioned the WG that making location information
available for use is a critical path item for the wireless telephony
industry. For example location information is very important for
emergency response systems planned to be made available by wireless
carriers. He encouraged the WG to make intermediate results that
enable such systems available as early as possible. He warned that if
we act too slowly, others would make decisions without the benefit of
our expertise.

Angus M??? applauded the inauguration of the WG. He asked if the
framework of the protocol would specify when or whether authentication
would be required to obtain location information. John Noerenberg
noted the answer isn't known, but this is the sort of question that WG
is charged with answering.

John Loughney introduced himself as having spent a lot of effort on
spatial and the documents it attempted to develop. He reminded geopriv
that spatial had considerable difficulty with security and privacy
considerations because the group poorly understood the scope of what
they were trying to accomplish in this regard. He recommended geopriv
conduct a threat analysis in order to focus their work. There was a
hum of agreement amongst the attendees.

Echoing the earlier remarks concerning the WAP Forum, Shahid Shoaib
noted that 3GPP and 3GPP2 were also working in this area. It would not
be good if different standards bodies produced conflicting
protocols. That would make establishment of a standard difficult.

Rohan Mahy asked if the Chair was looking for authors and editors for
the WG's documents. Allison took this opportunity to ask anyone
interested in working on the papers to be produced to contact her
after the meeting or send her email (Allison Mankin
<mankin@isi.edu>). Rohan identified himself as the author of a
spatial requirements draft, recently expired. Allison recommended he
resubmit the draft.

Dan Rothman suggested geopriv develop a cross-reference to other
organizations and IETF WGs that will be affected by this WG.

Karen Sollins suggested geopriv must be explicit defining location
representation, that in her experience the form of the information is
entwined with the information. This led to a further discussion about
the nature of the work to be produced by geopriv. James Polk, who
co-chaired the spatial BOFs, agreed with Karen that geopriv must
define the location payload with attendant information defining scope
of use and means to prevent unintended disclosure. He felt the WG
charter did not make this an explicit work item. ???? asked if geopriv
would only define data objects for location. Allison replied, "No."
She cited other environments that require both a definition of data
objects, as well as the means to transport them. John Noerenberg noted
data objects defined in one environment might be used elsewhere,
citing MIME in email as a particular example. While the MIME WG
concerned itself solely with defining data objects for use within
email transport, MIME data objects have found applicability in other
contexts. Henning noted protocols must specify both data
representation and transport. (Transport is used here in a generic
sense, not to mean Layer 4). Ned Freed (as Area Director) reported
that as he worked on the charter with the Chairs, he had particular
difficulty finding a term naming the protocol elements, or data
objects, carried by the protocol. Whatever term is used to describe
the information moved by the protocol, he agreed it is essential they
be defined. Further, he noted geopriv's protocol elements are likely
to be used in protocols where the elements move only in one direction,
as well as in protocols where location data objects move
bi-directonally. Greg Vaudreil asked if SASL would be a useful
framework. Ned replied that was not certain, but that was certainly
along the lines to be considered.

Kenji Takahashi observed it was important that geopriv define the
location services offered by the protocols it defines. Dave Loren
asserted the security requirements for geopriv protocols will not be
orthogonal to the data requirements. He gave an example where
too-specific knowledge of a party's location could compromise their
privacy. There was a murmur of agreement in the meeting as attendees
recognized the truth and importance of this remark.

We were nearly out of time for the meeting. Dan Rothman raised the
last topic to be discussed. He returned to the scope of the work to be
performed by geopriv. He said that the outputs must be defined in
order to determine whether peers can interoperably exchange data
objects in a geopriv session. Further, IETF rules require there be
multiple implementations of peers. Ned, agreeing, noted there are
various ways to achieve this. For example, the WG could define several
applications that transport geopriv protocol elements. The WG may also
define a single protocol that has multiple independent
implementations. [Allison's query: is this last note just about
multiple implementations or something else that needs expanding.]

With this, our hour was up. Allison thanked everyone for participating,
and closed the meeting.

- -- john noerenberg
   jwn2@qualcomm.com

------- End of Forwarded Message
Received on Thu Aug 23 16:31:56 2001