[Geopriv] Lisa's DISCUSS on draft-ietf-geopriv-policy

[Hannes Tschofenig <Hannes.Tschofenig at gmx.net>]

Hi Lisa,
Hi all,

Background: draft-ietf-geopriv-policy is currently in IESG Evaluation 
</idtracker/help/state/20/> and Lisa has put a DISCUSS on the document. 
Here are Lisa's comments and I would like to discuss them on the mailing 
list:
https://datatracker.ietf.org/idtracker/draft-ietf-geopriv-policy/comment/71788/?
https://datatracker.ietf.org/idtracker/draft-ietf-geopriv-policy/comment/71781/?

Lisa focused on the aspect of user interfaces in her feedback. Thank you 
Lisa for giving the document so much thought.

Here is a copy-and-paste from the comments from the tracker:

"
This is very complicated (too flexible) for a privacy extension.  I do 
not expect clients from different vendors to be able to interoperate 
very well over the same policy information.  I expect the end result of 
this to be cases where users believe they have privacy, or intend to 
have privacy, but do not achieve their goals due to difficulty of 
getting clients to interoperate with each other and with servers.
"

"
These mechanisms are too complicated and don't give enough thought to 
how different user-agents are going to interact.  In particular, one 
should imagine setting a privacy policy with one user agent and then 
trying to edit it with another.

It seems that geo-spatial policy creation requires some kind of user 
interface that includes a map.  Is that correct?  Are devices without 
maps then unable to modify or even read policies?

I am not sure that the polygons are as cut-and-dried as they appear.  
I'd like to understand better:
- how one knows what is the inside of the polygon, and what is the outside
- ... how that interacts with poles and other problems mapping 2D to a 
sphere
- how the altitude stuff works at all with client GUIs
- when is altitude known and unknown, independent of knowing a rough 
long/lat position
- whether you can define a polygon for "Alberta" and one for 
"Saskatchewan" and have any point be in one or the other or completely 
outside both -- but not *inside* both, and not stuck in-between

When it comes to users viewing policies created in the past, the lack of 
human-readable labels and comments is going to be a real usability problem.

What happens when a user or user-agent creates a non-sensical 
geo-political or geo-spatial location? 

Are all geo-political elements *really* allowed in conditions?  One 
possible non-sensical policy would be "Show my location unless I'm in 
seat 32A".  Aren't there any restrictions here?

How are user agents supposed to handle mixed geo-spatial and civic 
location conditions? How would that be displayed or represented in a 
list of policy elements?

With the dependency on geopriv-revised-civic-lo, this can't complete yet 
anyway.
"

Thoughts?

Ciao
Hannes



_______________________________________________
Geopriv mailing list
Geopriv at ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv