2.1.4 Geographic Location/Privacy (geopriv)

Last Modified: 2003-06-19

Allison Mankin <mankin@psg.com>
Randall Gellens <rg+ietf@qualcomm.com>
andrew newton <anewton@ecotroph.net>
Applications Area Director(s):
Ned Freed <ned.freed@mrochek.com>
Ted Hardie <hardie@qualcomm.com>
Applications Area Advisor:
Ted Hardie <hardie@qualcomm.com>
Mailing Lists:
General Discussion: geopriv@mail.apps.ietf.org
To Subscribe: geopriv-request@mail.apps.ietf.org
In Body: subscribe
Archive: ftp://ftp.ietf.org/ietf-mail-archive/geopriv
Description of Working Group:
As more and more resources become available on the Internet, some
applications need to acquire geographic location information about
certain resources or entities. These applications include navigation,
emergency services, management of equipment in the field, and other
location-based services.

But while the formatting and transfer of such information is in some
sense a straightforward process, the implications of doing it,
especially in regards to privacy and security, are anything but.

The primary task of this working group will be to assess the the
authorization, integrity and privacy requirements that must be met in
order to transfer such information, or authorize the release or
representation of such information through an agent.

In addition, the working group will select an already standardized
format to recommend for use in representing location per se.  A key
task will be to enhance this format and protocol approaches using the
enhanced format, to ensure that the security and privacy methods are
available to diverse location-aware applications.  Approaches to be
considered will include (among others) data formats incorporating
fields directing the privacy handling of the location information and
possible methods of specifying variable precision of location.

Also to be considered will be:  authorization of requestors and
responders; authorization of proxies (for instance, the ability to
authorize a carrier to reveal what timezone one is in, but not what
city.  An approach to the taxonomy of requestors, as well as to the
resolution or precision of information given them, will be part of this

The combination of these elements should provide a service capable of
transferring geographic location information in a private and secure
fashion (including the option of denying transfer).

For reasons of both future interoperability and assurance of the
security and privacy goals, it is a goal of the working group to
deliver a specification that has broad applicablity and will become
mandatory to implement for IETF protocols that are location-aware.

Two further deliverables of the WG will be:

o An example API for application-level access to/management
  of link-based location information.  That is, for instance, the WG
  may describe an API for secure, privacy-enabling user/ application
  handling of location information specific to a 3G wireless link

o Development of i-ds that make security and privacy integral to
  location information in HTTP and HTML, based on the work in
  draft-daviel-html-geo-tag-05.txt and

Out of Scope:

This WG won't develop location-determining technology.  It will work
from existing technologies and where the technology is undeveloped,
will state that applicability may await others' developments.

This WG won't develop technology to support any particular regulatory
requirement [e.g. E.911] but will provide a framework that might be
used for private/secure definition of such technologies by other


The WG will coordinate with other WGs developing general privacy and
location-aware functions, e.g. the SIP WG, so that the WG deliverables
can be used by them.  Other coordination should include the NymIP
research community, WC3, and the Location Information Forum.
Goals and Milestones:
Jun 02  Discuss initial geopriv scenarios and application requirements i-d's
Jun 02  Discuss initial geographic location privacy and security requirements i-d.
Aug 02  Initial i-d on geographic information protocol design, including privacy and security techniques.
Aug 02  Review charter and initial i-ds with AD, and have IESG consider rechartering if necessary.
Aug 02  Submit geopriv scenarios and application requirements to IESG for publicaiton as Informational RFCs
Sep 02  Submit security/privacy requirements I-D to IESG for publication as Informational RFC.
Sep 02  Use initial framework to restructure drafts on geographic information in HTTP and HTML so that location security and privacy are integral.
Dec 02  Use initial framework to develop an example location/privacy API that might be used in a 3G handset or other consumer application.
Jan 03  Submit geopriv protocol, geopriv http, geopriv html, and handset example draft to IESG for publication as standards track RFCs (except for example draft, submitted as Informational)
Mar 03  Conclude working group, unless ADs determine added work is needed
  • - draft-ietf-geopriv-reqs-03.txt
  • - draft-ietf-geopriv-dhcp-lo-option-00.txt
  • - draft-ietf-geopriv-threat-analysis-00.txt
  • - draft-ietf-geopriv-dhcp-lci-option-02.txt
  • - draft-ietf-geopriv-dhcp-civil-00.txt
  • No Request For Comments

    Current Meeting Report

    None received.


    None received.