At 12:04 PM -0500 3/20/02, John Morris wrote:
> The two threshold outputs would be:
>
> 1) The structure and elements of a "geopriv object" -- which is
> different than the mere "format of location information." The
> object would at a minimum contain a bare bones privacy
> instruction/rule, and might also contain location information
> (although we will need to address situations in which the privacy
> rule and the location information originate in separate places).
I admit to not being an expert in this area, but I was thinking that
the geopriv object would contain on request a set of attributes
sufficient for policy to be applied, and on response the location
itself, with attributes describing its state, but not any description
of the policy itself. For example, a location requester could fill
in an object with some attributes saying who it is and how much
accuracy it requires, and perhaps in some very broad way the purpose
of the request. An entity which was aware of the location and the
policy could then apply it, deciding to disclose the location or not,
and if so to what accuracy, etc.
> 2) A statement of rules that MUST be followed in any
> implementation that uses the geopriv object
This security requirements document can be used for enforcement, to
argue that protocol x's use of geopriv does or does not comply, and
therefore should or should not be standardized within the IETF.
Received on Thu Mar 21 12:13:33 2002
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST