idnits 2.17.1 

draft-ietf-geopriv-held-measurements-01.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  -- The document has examples using IPv4 documentation addresses according
     to RFC6890, but does not use any IPv6 documentation addresses.  Maybe
     there should be IPv6 examples, too?


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  == The document seems to contain a disclaimer for pre-RFC5378 work, but was
     first submitted on or after 10 November 2008.  The disclaimer is usually
     necessary only for documents that revise or obsolete older RFCs, and that
     take significant amounts of text from those RFCs.  If you can contact all
     authors of the source material and they are willing to grant the BCP78
     rights to the IETF Trust, you can and should remove the disclaimer. 
     Otherwise, the disclaimer is needed and you can ignore this comment. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (September 6, 2010) is 4982 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: '0-5' is mentioned on line 2059, but not defined

  == Missing Reference: '0-4' is mentioned on line 2059, but not defined

  == Missing Reference: '0-9' is mentioned on line 2059, but not defined

  == Missing Reference: '0-1' is mentioned on line 2059, but not defined

  == Unused Reference: 'I-D.thomson-geopriv-uncertainty' is defined on line
     3195, but no explicit reference was found in the text

  == Unused Reference: 'RFC5808' is defined on line 3248, but no explicit
     reference was found in the text

  ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126)

  == Outdated reference: A later version (-06) exists of
     draft-ietf-geopriv-held-identity-extensions-04

  == Outdated reference: A later version (-08) exists of
     draft-thomson-geopriv-uncertainty-05


     Summary: 1 error (**), 0 flaws (~~), 10 warnings (==), 2 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	GEOPRIV                                                       M. Thomson
3	Internet-Draft                                           J. Winterbottom
4	Intended status: Standards Track                                  Andrew
5	Expires: March 10, 2011                                September 6, 2010

7	    Using Device-provided Location-Related Measurements in Location
8	                        Configuration Protocols
9	                draft-ietf-geopriv-held-measurements-01

11	Abstract

13	   A method is described by which a Device is able to provide location-
14	   related measurement data to a LIS within a request for location
15	   information.  Location-related measurement information are
16	   observations concerning properties related to the position of a
17	   Device, which could be data about network attachment or about the
18	   physical environment.  When a LIS generates location information for
19	   a Device, information from the Device can improve the accuracy of the
20	   location estimate.  A basic set of location-related measurements are
21	   defined, including common modes of network attachment as well as
22	   assisted Global Navigation Satellite System (GNSS) parameters.

24	Status of this Memo

26	   This Internet-Draft is submitted in full conformance with the
27	   provisions of BCP 78 and BCP 79.

29	   Internet-Drafts are working documents of the Internet Engineering
30	   Task Force (IETF).  Note that other groups may also distribute
31	   working documents as Internet-Drafts.  The list of current Internet-
32	   Drafts is at http://datatracker.ietf.org/drafts/current/.

34	   Internet-Drafts are draft documents valid for a maximum of six months
35	   and may be updated, replaced, or obsoleted by other documents at any
36	   time.  It is inappropriate to use Internet-Drafts as reference
37	   material or to cite them other than as "work in progress."

39	   This Internet-Draft will expire on March 10, 2011.

41	Copyright Notice

43	   Copyright (c) 2010 IETF Trust and the persons identified as the
44	   document authors.  All rights reserved.

46	   This document is subject to BCP 78 and the IETF Trust's Legal
47	   Provisions Relating to IETF Documents
48	   (http://trustee.ietf.org/license-info) in effect on the date of
49	   publication of this document.  Please review these documents
50	   carefully, as they describe your rights and restrictions with respect
51	   to this document.  Code Components extracted from this document must
52	   include Simplified BSD License text as described in Section 4.e of
53	   the Trust Legal Provisions and are provided without warranty as
54	   described in the Simplified BSD License.

56	   This document may contain material from IETF Documents or IETF
57	   Contributions published or made publicly available before November
58	   10, 2008.  The person(s) controlling the copyright in some of this
59	   material may not have granted the IETF Trust the right to allow
60	   modifications of such material outside the IETF Standards Process.
61	   Without obtaining an adequate license from the person(s) controlling
62	   the copyright in such materials, this document may not be modified
63	   outside the IETF Standards Process, and derivative works of it may
64	   not be created outside the IETF Standards Process, except to format
65	   it for publication as an RFC or to translate it into languages other
66	   than English.

68	Table of Contents

70	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  6
71	   2.  Conventions used in this document  . . . . . . . . . . . . . .  6
72	   3.  Location-Related Measurements in LCPs  . . . . . . . . . . . .  7
73	   4.  Location-Related Measurement Data Types  . . . . . . . . . . .  8
74	     4.1.  Measurement Container  . . . . . . . . . . . . . . . . . .  9
75	       4.1.1.  Time of Measurement  . . . . . . . . . . . . . . . . .  9
76	       4.1.2.  Expiry Time on Location-Related Measurement Data . . .  9
77	     4.2.  RMS Error and Number of Samples  . . . . . . . . . . . . . 10
78	       4.2.1.  Time RMS Error . . . . . . . . . . . . . . . . . . . . 10
79	     4.3.  Measurement Request  . . . . . . . . . . . . . . . . . . . 11
80	     4.4.  Identifying Location Provenance  . . . . . . . . . . . . . 12
81	   5.  Location-Related Measurement Data Types  . . . . . . . . . . . 15
82	     5.1.  LLDP Measurements  . . . . . . . . . . . . . . . . . . . . 15
83	     5.2.  DHCP Relay Agent Information Measurements  . . . . . . . . 16
84	     5.3.  802.11 WLAN Measurements . . . . . . . . . . . . . . . . . 16
85	       5.3.1.  Wifi Measurement Requests  . . . . . . . . . . . . . . 19
86	     5.4.  Cellular Measurements  . . . . . . . . . . . . . . . . . . 20
87	       5.4.1.  Cellular Measurement Requests  . . . . . . . . . . . . 23
88	     5.5.  GNSS Measurements  . . . . . . . . . . . . . . . . . . . . 23
89	       5.5.1.  GNSS System and Signal . . . . . . . . . . . . . . . . 25
90	       5.5.2.  Time . . . . . . . . . . . . . . . . . . . . . . . . . 26
91	       5.5.3.  Per-Satellite Measurement Data . . . . . . . . . . . . 26
92	       5.5.4.  GNSS Measurement Requests  . . . . . . . . . . . . . . 27
93	     5.6.  DSL Measurements . . . . . . . . . . . . . . . . . . . . . 27
94	       5.6.1.  L2TP Measurements  . . . . . . . . . . . . . . . . . . 28
95	       5.6.2.  RADIUS Measurements  . . . . . . . . . . . . . . . . . 28
96	       5.6.3.  Ethernet VLAN Tag Measurements . . . . . . . . . . . . 29
97	       5.6.4.  ATM Virtual Circuit Measurements . . . . . . . . . . . 29
98	   6.  Privacy Considerations . . . . . . . . . . . . . . . . . . . . 29
99	     6.1.  Measurement Data Privacy Model . . . . . . . . . . . . . . 30
100	     6.2.  LIS Privacy Requirements . . . . . . . . . . . . . . . . . 30
101	     6.3.  Measurement Data and Location URIs . . . . . . . . . . . . 30
102	     6.4.  Third-Party-Provided Measurement Data  . . . . . . . . . . 31
103	   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 31
104	     7.1.  Threat Model . . . . . . . . . . . . . . . . . . . . . . . 31
105	       7.1.1.  Acquiring Location Information Without
106	               Authorization  . . . . . . . . . . . . . . . . . . . . 32
107	       7.1.2.  Extracting Network Topology Data . . . . . . . . . . . 33
108	       7.1.3.  Lying By Proxy . . . . . . . . . . . . . . . . . . . . 33
109	       7.1.4.  Measurement Replay . . . . . . . . . . . . . . . . . . 34
110	       7.1.5.  Environment Spoofing . . . . . . . . . . . . . . . . . 35
111	     7.2.  Mitigation . . . . . . . . . . . . . . . . . . . . . . . . 36
112	       7.2.1.  Measurement Validation . . . . . . . . . . . . . . . . 37
113	         7.2.1.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 37
114	         7.2.1.2.  Limitations (Unique Observer)  . . . . . . . . . . 37
115	       7.2.2.  Location Validation  . . . . . . . . . . . . . . . . . 38
116	         7.2.2.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 39
117	         7.2.2.2.  Limitations  . . . . . . . . . . . . . . . . . . . 39
118	       7.2.3.  Supporting Observations  . . . . . . . . . . . . . . . 39
119	         7.2.3.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 40
120	         7.2.3.2.  Limitations  . . . . . . . . . . . . . . . . . . . 40
121	       7.2.4.  Attribution  . . . . . . . . . . . . . . . . . . . . . 41
122	       7.2.5.  Stateful Correlation of Location Requests  . . . . . . 42
123	   8.  Measurement Schemas  . . . . . . . . . . . . . . . . . . . . . 42
124	     8.1.  Measurement Container Schema . . . . . . . . . . . . . . . 42
125	     8.2.  Measurement Source Schema  . . . . . . . . . . . . . . . . 45
126	     8.3.  Base Type Schema . . . . . . . . . . . . . . . . . . . . . 45
127	     8.4.  LLDP Measurement Schema  . . . . . . . . . . . . . . . . . 48
128	     8.5.  DHCP Measurement Schema  . . . . . . . . . . . . . . . . . 49
129	     8.6.  WiFi Measurement Schema  . . . . . . . . . . . . . . . . . 51
130	     8.7.  Cellular Measurement Schema  . . . . . . . . . . . . . . . 54
131	     8.8.  GNSS Measurement Schema  . . . . . . . . . . . . . . . . . 57
132	     8.9.  DSL Measurement Schema . . . . . . . . . . . . . . . . . . 58
133	   9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 60
134	     9.1.  IANA Registry for GNSS Types . . . . . . . . . . . . . . . 60
135	     9.2.  URN Sub-Namespace Registration for
136	           urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc  . . . . . . . 61
137	     9.3.  URN Sub-Namespace Registration for
138	           urn:ietf:params:xml:ns:geopriv:lm  . . . . . . . . . . . . 62
139	     9.4.  URN Sub-Namespace Registration for
140	           urn:ietf:params:xml:ns:geopriv:lm:basetypes  . . . . . . . 63
141	     9.5.  URN Sub-Namespace Registration for
142	           urn:ietf:params:xml:ns:geopriv:lm:lldp . . . . . . . . . . 64
143	     9.6.  URN Sub-Namespace Registration for
144	           urn:ietf:params:xml:ns:geopriv:lm:dhcp . . . . . . . . . . 64
145	     9.7.  URN Sub-Namespace Registration for
146	           urn:ietf:params:xml:ns:geopriv:lm:wifi . . . . . . . . . . 65
147	     9.8.  URN Sub-Namespace Registration for
148	           urn:ietf:params:xml:ns:geopriv:lm:cell . . . . . . . . . . 66
149	     9.9.  URN Sub-Namespace Registration for
150	           urn:ietf:params:xml:ns:geopriv:lm:gnss . . . . . . . . . . 66
151	     9.10. URN Sub-Namespace Registration for
152	           urn:ietf:params:xml:ns:geopriv:lm:dsl  . . . . . . . . . . 67
153	     9.11. XML Schema Registration for Measurement Source Schema  . . 68
154	     9.12. XML Schema Registration for Measurement Container
155	           Schema . . . . . . . . . . . . . . . . . . . . . . . . . . 68
156	     9.13. XML Schema Registration for Base Types Schema  . . . . . . 68
157	     9.14. XML Schema Registration for LLDP Schema  . . . . . . . . . 68
158	     9.15. XML Schema Registration for DHCP Schema  . . . . . . . . . 69
159	     9.16. XML Schema Registration for WiFi Schema  . . . . . . . . . 69
160	     9.17. XML Schema Registration for Cellular Schema  . . . . . . . 69
161	     9.18. XML Schema Registration for GNSS Schema  . . . . . . . . . 70
162	     9.19. XML Schema Registration for DSL Schema . . . . . . . . . . 70
163	   10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 70
164	   11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 70
165	     11.1. Normative References . . . . . . . . . . . . . . . . . . . 70
166	     11.2. Informative References . . . . . . . . . . . . . . . . . . 71
167	   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 73

169	1.  Introduction

171	   A location configuration protocol (LCP) provides a means for a Device
172	   to request information about its physical location from an access
173	   network.  A location information server (LIS) is the server that
174	   provides location information; information that is available due to
175	   the knowledge about the network and physical environment that is
176	   available to the LIS.

178	   As a part of the access network, the LIS is able to acquire
179	   measurement results from network Devices within the network that are
180	   related to Device location.  The LIS also has access to information
181	   about the network topology that can be used to turn measurement data
182	   into location information.  However, this information can be enhanced
183	   with information acquired from the Device itself.

185	   A Device is able to make observations about its network attachment,
186	   or its physical environment.  The location-related measurement data
187	   might be unavailable to the LIS; alternatively, the LIS might be able
188	   to acquire the data, but at a higher cost in time or otherwise.
189	   Providing measurement data gives the LIS more options in determining
190	   location, which could improve the quality of the service provided by
191	   the LIS.  Improvements in accuracy are one potential gain, but
192	   improved response times and lower error rates are also possible.

194	   This document describes a means for a Device to report location-
195	   related measurement data to the LIS.  Examples based on the HELD
196	   [I-D.ietf-geopriv-http-location-delivery] location configuration
197	   protocol are provided.

199	2.  Conventions used in this document

201	   The terms LIS and Device are used in this document in a manner
202	   consistent with the usage in
203	   [I-D.ietf-geopriv-http-location-delivery].

205	   This document also uses the following definitions:

207	   Location Measurement:  An observation about the physical properties
208	      of a particular Device's network access.  The result of a location
209	      measurement--"location-related measurement data", or simply
210	      "measurement data" given sufficient context--can be used to
211	      determine the location of a Device.  Location-related measurement
212	      data does not identify a Device; measurement data can change with
213	      time if the location of the Device also changes.

215	      Location-related measurement data does not necessarily contain
216	      location information directly, but it can be used in combination
217	      with contextual knowledge of the network, or algorithms to derive
218	      location information.  Examples of location-related measurement
219	      data are: radio signal strength or timing measurements, Ethernet
220	      switch and port identifiers.

222	      Location-related measurement data can be considered sighting
223	      information, based on the definition in [RFC3693].

225	   Location Estimate:  The result of location determination, a location
226	      estimate is an approximation of where the Device is located.
227	      Location estimates are subject to uncertainty, which arise from
228	      errors in measurement results.

230	   GNSS:  Global Navigation Satellite System.  A satellite-based system
231	      that provides positioning and time information.  For example, the
232	      US Global Positioning System (GPS) or the European Galileo system.

234	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
235	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
236	   document are to be interpreted as described in [RFC2119].

238	3.  Location-Related Measurements in LCPs

240	   This document defines a standard container for the conveyance of
241	   location-related measurement parameters in location configuration
242	   protocols.  This is an XML container that identifies parameters by
243	   type and allows the Device to provide the results of any measurement
244	   it is able to perform.  A set of measurement schemas are also defined
245	   that can be carried in the generic container.

247	   The simplest example of measurement data conveyance is illustrated by
248	   the example message in Figure 1.  This shows a HELD location request
249	   message with an Ethernet switch and port measurement taken using LLDP
250	   [IEEE.8021AB].

252	     <locationRequest xmlns="urn:ietf:params:xml:ns:geopriv:held">
253	       <locationType exact="true">civic</locationType>
254	       <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
255	                     time="2008-04-29T14:33:58">
256	         <lldp xmlns="urn:ietf:params:xml:ns:geopriv:lm:lldp">
257	           <chassis type="4">0a01003c</chassis>
258	           <port type="6">c2</port>
259	         </lldp>
260	       </measurements>
261	     </locationRequest>
262	           Figure 1: HELD Location Request with Measurement Data

264	   Measurement data that the LIS does not support or understand can be
265	   ignored.  The measurements defined in this document follow this rule;
266	   extensions that could result in backward incompatibility MUST be
267	   added as new measurement definitions rather than extensions to
268	   existing types.

270	   Multiple sets of measurement data, either of the same type or from
271	   different sources can be included in the "measurements" element.  See
272	   Section 4.1.1 for details on repetition of this element.

274	   Use of location-related measurement data is at the discretion of the
275	   LIS, but the "method" parameter in the PIDF-LO SHOULD be adjusted to
276	   reflect the method used.

278	   Location-related measurement data need not be provided exclusively by
279	   Devices.  A third party location requester can request location
280	   information using measurement data, if they are able and authorized.
281	   There are privacy considerations relating to the use of measurements
282	   by third parties, which are discussed in Section 6.4.

284	   Location-related measurement data and its use presents a number of
285	   security challenges.  These are described in more detail in
286	   Section 7.

288	4.  Location-Related Measurement Data Types

290	   A common container is defined for the expression of location
291	   measurement data, as well as a simple means of identifying specific
292	   types of measurement data for the purposes of requesting them.

294	   The following example shows a measurement container with measurement
295	   time and expiration time included.  A WiFi measurement is enclosed.

297	     <lm:measurements xmlns:lm="urn:ietf:params:xml:ns:geopriv:lm"
298	                      time="2008-04-29T14:33:58"
299	                      expires="2008-04-29T17:33:58">
300	       <wifi xmlns="urn:ietf:params:xml:ns:geopriv:lm:wifi">
301	         <ap serving="true">
302	           <bssid>00-12-F0-A0-80-EF</bssid>
303	           <ssid>wlan-home</ssid>
304	         </ap>
305	       </wifi>
306	     </lm:measurements>

308	                       Figure 2: Measurement Example

310	4.1.  Measurement Container

312	   The "measurement" element is used to encapsulate measurement data
313	   that is collected at a certain point in time.  It contains time-based
314	   attributes that are common to all forms of measurement data, and
315	   permits the inclusion of arbitrary measurement data.

317	   This container can be added to any request for location information,
318	   such as a HELD location request
319	   [I-D.ietf-geopriv-http-location-delivery].

321	4.1.1.  Time of Measurement

323	   The "time" attribute records the time that the measurement or
324	   observation was made.  This time can be different to the time that
325	   the measurement information was reported.  Time information can be
326	   used to populate a timestamp on the location result, or to determine
327	   if the measurement information is used.

329	   The "time" attribute is optional to avoid forcing an arbitrary choice
330	   of timestamp for relatively static types of measurement (for
331	   instance, the DSL measurements in Section 5.6) and for legacy Devices
332	   that don't record time information (such as the Home Location
333	   Register/Home Subscriber Server for cellular).  However, time SHOULD
334	   be provided whenever possible.

336	   The "time" attribute is attached to the root "measurement" element.
337	   If it is necessary to provide multiple sets of measurement data with
338	   different times, multiple "measurement" elements SHOULD be provided.

340	4.1.2.  Expiry Time on Location-Related Measurement Data

342	   A Device is able to indicate an expiry time in the location
343	   measurement using the "expires" attribute.  Nominally, this attribute
344	   indicates how long information is expected to be valid for, but it
345	   can also indicate a time limit on the retention and use of the
346	   measurement data.  A Device can use this attribute to prevent the LIS
347	   from retaining measurement data or limit the time that a LIS retains
348	   this information.

350	   Note:  Movement of a Device might result in the measurement data
351	      being invalidated before the expiry time.

353	   The LIS MUST NOT keep location-related measurement data beyond the
354	   time indicated in the "expires" attribute.

356	4.2.  RMS Error and Number of Samples

358	   Often a measurement is taken more than once over a period of time.
359	   Reporting the average of a number of measurement results mitigates
360	   the effects of random errors that occur in the measurement process.

362	   Reporting each measurement individually can be the most effective
363	   method of reporting multiple measurements.  This is achieved by
364	   providing multiple "measurement" elements for different times.

366	   The alternative is to aggregate multiple measurements and report a
367	   mean value across the set of measurements.  Additional information
368	   about the distribution of the results can be useful in determining
369	   location uncertainty.

371	   Two optional attributes are provided for certain measurement values:

373	   rmsError:  The root-mean-squared (RMS) error of the set of
374	      measurement values used in calculating the result.  RMS error is
375	      expressed in the same units as the measurement, unless otherwise
376	      stated.  If an accurate value for RMS error is not known, this
377	      value can be used to indicate an upper bound or estimate for the
378	      RMS error.

380	   samples:  The number of samples that were taken in determining the
381	      measurement value.  If omitted, this value can be assumed to be a
382	      very large value, so that the RMS error is an indication of the
383	      standard deviation of the sample set.

385	   For some measurement techniques, measurement error is largely
386	   dependent on the measurement technique employed.  In these cases,
387	   measurement error is largely a product of the measurement technique
388	   and not the specific circumstances, so RMS error does not need to be
389	   actively measured.  A fixed value MAY be provided for RMS error where
390	   appropriate.

392	   The "rmsError" and "samples" elements are added as attributes of
393	   specific measurement data types.

395	4.2.1.  Time RMS Error

397	   Measurement of time can be significant in certain circumstances.  The
398	   GNSS measurements included in this document are one such case where a
399	   small error in time can result in a large error in location.  Factors
400	   such as clock drift and errors in time sychronization can result in
401	   small, but significant, time errors.  Including an indication of the
402	   quality of the time can be helpful.

404	   An optional "timeError" attribute can be added to the "measurement"
405	   element to indicate the RMS error in time. "timeError" indicates an
406	   upper bound on the time RMS error in seconds.

408	   The "timeError" attribute does not apply where multiple samples of a
409	   measurement is taken over time.  If multiple samples are taken, each
410	   SHOULD be included in a different "measurement" element.

412	4.3.  Measurement Request

414	   A measurement request is used by a protocol peer to describe a set of
415	   measurement data that it desires.  A "measurementRequest" element is
416	   defined that can be included in a protocol exchange.

418	   For instance, a LIS can use a measurement request in HELD responses.
419	   If the LIS is unable to provide location information, but it believes
420	   that a particular measurement type would enable it to provide a
421	   location, it can include a measurement request in an error response.

423	   The "measurement" element of the measurement request identifies the
424	   type of measurement that is requested.  The "type" attribute of this
425	   element indicates the type of measurement, as identified by an XML
426	   qualified name.  An optional "samples" attribute indicates how many
427	   samples of the identified measurement are requested.

429	   The "measurement" element can be repeated to request multiple (or
430	   alternative) measurement types.

432	   Additional XML content might be defined for a particular measurement
433	   type that is used to further refine a request.  These elements either
434	   constrain what is requested or specify optional components of the
435	   measurement data that are needed.  These are defined along with the
436	   specific measurement type.

438	   In the HELD protocol, the inclusion of a measurement request in a
439	   error response with a code of "locationUnknown" indicates that the
440	   LIS believes that providing the indicated measurements would increase
441	   the likelihood of a subsequent request being successful.

443	   The following example shows a HELD error response that indicates that
444	   WiFi measurement data would be useful if a later request were made.
445	   Additional elements indicate that received signal strength for an
446	   802.11n access point is requested.

448	     <error xmlns="urn:ietf:params:xml:ns:geopriv:held"
449	            code="locationUnknown">
450	       <message xml:lang="en">Insufficient measurement data</message>
451	       <measurementRequest
452	           xmlns="urn:ietf:params:xml:ns:geopriv:lm"
453	           xmlns:wifi="urn:ietf:params:xml:ns:geopriv:lm:wifi">
454	         <measurement type="wifi:wifi">
455	           <wifi:type>n</wifi:type>
456	           <wifi:parameter context="ap">wifi:rcpi</wifi:parameter>
457	         </measurement>
458	       </measurementRequest>
459	     </error>

461	                                 Figure 3

463	   A measurement request that is included in other HELD messages has
464	   undefined semantics and can be safely ignored.  Other specifications
465	   might define semantics for measurement requests under other
466	   conditions.

468	4.4.  Identifying Location Provenance

470	   An extension is made to the PIDF-LO [RFC4119] that allows a location
471	   recipient to identify the source (or sources) of location information
472	   and the measurement data that was used to determine that location
473	   information.

475	   The "source" element is added to the "geopriv" element of the
476	   PIDF-LO.  This element does not identify specific entities.  Instead,
477	   it identifies the type of source.

479	   The following types of measurement source are identified:

481	   lis:  Location information is based on measurement data that the LIS
482	      or sources that it trusts have acquired.  This label might be used
483	      if measurement data provided by the Device has been completely
484	      validated by the LIS.

486	   device:  Location information is based on measurement data that the
487	      Device has provided to the LIS.

489	   other:  Location information is based on measurement data that a
490	      third party has provided.  This might be an authorized third party
491	      that uses identity parameters
492	      [I-D.ietf-geopriv-held-identity-extensions] or any other entity.

494	   No assertion is made about the veracity of the measurement data from
495	   sources other than the LIS.  A combination of tags MAY be included to
496	   indicate that measurement data from both sources was used.

498	   For example, the first tuple of the following PIDF-LO indicates that
499	   measurement data from a LIS and a device was combined to produce the
500	   result, the second tuple was produced by the LIS alone.

502	     <presence xmlns="urn:ietf:params:xml:ns:pidf"
503	               xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10"
504	               xmlns:gml="http://www.opengis.net/gml"
505	               xmlns:gs="http://www.opengis.net/pidflo/1.0"
506	               xmlns:lmsrc="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
507	               entity="pres:lm@example.com">
508	       <tuple id="deviceLoc">
509	         <status>
510	           <gp:geopriv>
511	             <gp:location-info>
512	               <gs:Circle srsName="urn:ogc:def:crs:EPSG::4326">
513	                 <gml:pos>7.34324 134.47162</gml:pos>
514	                 <gs:radius uom="urn:ogc:def:uom:EPSG::9001">
515	                   850.24
516	                 </gs:radius>
517	               </gs:Circle>
518	             </gp:location-info>
519	             <gp:usage-rules/>
520	             <gp:method>OTDOA</gp:method>
521	             <lmsrc:source>lis device</lmsrc:source>
522	           </gp:geopriv>
523	         </status>
524	       </tuple>
525	       <tuple id="lisLoc">
526	         <status>
527	           <gp:geopriv>
528	             <gp:location-info>
529	               <gs:Circle srsName="urn:ogc:def:crs:EPSG::4326">
530	                 <gml:pos>7.34379 134.46484</gml:pos>
531	                 <gs:radius uom="urn:ogc:def:uom:EPSG::9001">
532	                   9000
533	                 </gs:radius>
534	               </gs:Circle>
535	             </gp:location-info>
536	             <gp:usage-rules/>
537	             <gp:method>Cell</gp:method>
538	             <lmsrc:source>lis</lmsrc:source>
539	           </gp:geopriv>
540	         </status>
541	       </tuple>
542	     </presence>

544	5.  Location-Related Measurement Data Types

546	   This document defines location-related measurement data types for a
547	   range of common network types.

549	   All included measurement data definitions allow for arbitrary
550	   extension in the corresponding schema.  As new parameters that are
551	   applicable to location determination are added, these can be added as
552	   new XML elements in a unique namespace.  Though many of the
553	   underlying protocols support extension, creation of specific XML-
554	   based extensions to the measurement format is favored over
555	   accomodating protocol-specific extensions in generic containers.

557	5.1.  LLDP Measurements

559	   Link-Layer Discovery Protocol (LLDP) [IEEE.8021AB] messages are sent
560	   between adjacent nodes in an IEEE 802 network (e.g. wired Ethernet,
561	   WiFi, 802.16).  These messages all contain identification information
562	   for the sending node, which can be used to determine location
563	   information.  A Device that receives LLDP messages can report this
564	   information as a location-related measurement to the LIS, which is
565	   then able to use the measurement data in determining the location of
566	   the Device.

568	   Note:  The LLDP extensions defined in LLDP Media Endpoint Discovery
569	      (LLDP-MED) [ANSI/TIA-1057] provide the ability to acquire location
570	      information directly from an LLDP endpoint.  Where this
571	      information is available, it might be unnecessary to use any other
572	      form of location configuration.

574	   The Device MUST report the values directly as they were provided by
575	   the adjacent node.  Attempting to adjust or translate the type of
576	   identifier is likely to cause the measurement data to be useless.

578	   Where a Device has received LLDP messages from multiple adjacent
579	   nodes, it should provide information extracted from those messages by
580	   repeating the "lldp" element.

582	   An example of an LLDP measurement is shown in Figure 4.  This shows
583	   an adjacent node (chassis) that is identified by the IP address
584	   192.0.2.45 (hexadecimal c000022d) and the port on that node is
585	   numbered using an agent circuit ID [RFC3046] of 162 (hexadecimal a2).

587	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
588	                   time="2008-04-29T14:33:58">
589	       <lldp xmlns="urn:ietf:params:xml:ns:geopriv:lm:lldp">
590	         <chassis type="4">c000022d</chassis>
591	         <port type="6">a2</port>
592	       </lldp>
593	     </measurements>

595	                    Figure 4: LLDP Measurement Example

597	   IEEE 802 Devices that are able to obtain information about adjacent
598	   network switches and their attachment to them by other means MAY use
599	   this data type to convey this information.

601	5.2.  DHCP Relay Agent Information Measurements

603	   The DHCP Relay Agent Information option [RFC3046] provides
604	   measurement data about the network attachment of a Device.  This
605	   measurement data can be included in the "dhcp-rai" element.

607	   The elements in the DHCP relay agent information options are opaque
608	   data types assigned by the DHCP relay agent.  The three items are all
609	   optional: circuit identifier ("circuit", [RFC3046]), remote
610	   identifier ("remote", [RFC3046], [RFC4649]) and subscriber identifier
611	   ("subscriber", [RFC3993], [RFC4580]).  The DHCPv6 remote identifier
612	   has an associated enterprise number [IANA.enterprise] as an XML
613	   attribute.

615	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
616	                   time="2008-04-29T14:33:58">
617	       <dhcp-rai xmlns="urn:ietf:params:xml:ns:geopriv:lm:dhcp">
618	         <giaddr>::ffff:192.0.2.158</giaddr>
619	         <circuit>108b</circuit>
620	       </dhcp-rai>
621	     </measurements>

623	        Figure 5: DHCP Relay Agent Information Measurement Example

625	   The "giaddr" is specified as a dotted quad IPv4 address or an RFC
626	   4291 [RFC4291] IPv6 address.  The enterprise number is specified as a
627	   decimal integer.  All other information is included verbatim from the
628	   DHCP request in hexadecimal format.

630	5.3.  802.11 WLAN Measurements

632	   In WiFi, or 802.11 [IEEE.80211], networks a Device might be able to
633	   provide information about the access point (AP) that it is attached
634	   to, or other WiFi points it is able to see.  This is provided using
635	   the "wifi" element, as shown in Figure 6, which shows a single
636	   complete measurement for a single access point.

638	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
639	                   time="2011-04-29T14:33:58">
640	       <wifi xmlns="urn:ietf:params:xml:ns:geopriv:lm:wifi">
641	         <nicType>Intel(r)PRO/Wireless 2200BG</nicType>
642	         <ap serving="true">
643	           <bssid>AB-CD-EF-AB-CD-EF</bssid>
644	           <name>Example</name>
645	           <ssid>example</ssid>
646	           <channel>5</channel>
647	           <location>
648	             <gml:Point xmlns:gml="http://opengis.net/gml">
649	               <gml:pos>-34.4 150.8</gml:pos>
650	             </gml:Point>
651	           </location>
652	           <type>a</type>
653	           <band>5</band>
654	           <regclass country="AU">2</regclass>
655	           <antenna>2</antenna>
656	           <flightTime rmsError="4e-9" samples="1">2.56e-9</flightTime>
657	           <apSignal>
658	             <transmit>23</transmit>
659	             <gain>5</gain>
660	             <rcpi dBm="true" rmsError="12" samples="1">-59</rcpi>
661	             <rsni rmsError="15" samples="1">23</rsni>
662	           </apSignal>
663	           <deviceSignal>
664	             <transmit>10</transmit>
665	             <gain>9</gain>
666	             <rcpi dBm="true" rmsError="9.5" samples="1">-98.5</rcpi>
667	             <rsni rmsError="6" samples="1">7.5</rsni>
668	           </deviceSignal>
669	         </ap>
670	       </wifi>
671	     </measurements>

673	                 Figure 6: 802.11 WLAN Measurement Example

675	   A wifi element is made up of one or more access points, and an
676	   optional "nicType" element.  Each access point is described using the
677	   "ap" element, which is comprised of the following fields:

679	   bssid:  The basic service set identifier.  In an Infrastructure BSS
680	      network, the bssid is the 48 bit MAC address of the access point.

682	      The "verified" attribute of this element describes whether the
683	      device has verified the MAC address or it authenticated the access
684	      point or the network operating the access point (for example, a
685	      captive portal accessed through the access point has been
686	      authenticated).  This attributes defaults to a value of "false"
687	      when omitted.

689	   name:  The broadcast name for the access point.

691	   ssid:  The service set identifier for the wireless network served by
692	      the access point.

694	   channel:  The channel number (frequency) that the access point
695	      operates on.

697	   location:  The location of the access point, as reported by the
698	      access point.  This element contains any valid location, using the
699	      rules for a "location-info" element, as described in [RFC5491].

701	   type:  The network type for the network access.  This element
702	      includes the alphabetic suffix of the 802.11 specification that
703	      introducted the radio interface, or PHY; e.g. "a", "b", "g", or
704	      "n".

706	   band:  The frequency band for the radio, in gigahertz (GHz).  802.11
707	      [IEEE.80211] specifies PHY layers that use 2.4, 3.7 and 5
708	      gigahertz frequency bands.

710	   regclass:  The regulatory domain and class.  The "country" attribute
711	      optionally includes the applicable two character country
712	      identifier (dot11CountryString), which can be followed by an 'O',
713	      'I' or 'X'.  The element text content includes the value of the
714	      regulatory class: an 8-bit integer.

716	   antenna:  The antenna identifier for the antenna that the access
717	      point is using to transmit the measured signals.

719	   flightTime:  Flight time is the difference between the time of
720	      departure (TOD) of signal from a transmitting station and time of
721	      arrival (TOA) of signal at a receiving station, as defined in
722	      [IEEE.80211V].  Measurement of this value requires that stations
723	      synchronize their clocks.  This value can be measured by access
724	      point or Device; because the flight time is assumed to be the same
725	      in either direction - aside from measurement errors - only a
726	      single element is provided.  This element includes optional
727	      "rmsError" and "samples" attributes.  RMS error might be derived
728	      from the reported RMS error in TOD and TOA.

730	   apSignal:  Measurement information for the signal transmitted by the
731	      access point, as observed by the Device.  Some of these values are
732	      derived from 802.11v [IEEE.80211V] messages exchanged between
733	      Device and access point.  The contents of this element include:

735	      transmit:  The transmit power reported by the access point, in dB.

737	      gain:  The gain of the access point antenna reported by the access
738	         point, in dB.

740	      rcpi:  The received channel power indicator for the access point
741	         signal, as measured by the Device.  This value SHOULD be in
742	         units of dBm (with RMS error in dB).  If power is measured in a
743	         different fashion, the "dBm" attribute MUST be set to "false".
744	         Signal strength reporting on current hardware uses a range of
745	         different mechanisms; therefore, the value of the "nicType"
746	         element SHOULD be included if the units are not known to be in
747	         dBm and the value reported by the hardware should be included
748	         without modification.  This element includes optional
749	         "rmsError" and "samples" attributes.

751	      rsni:  The received signal to noise indicator in dBm.  This
752	         element includes optional "rmsError" and "samples" attributes.

754	   deviceSignal:  Measurement information for the signal transmitted by
755	      the device, as reported by the access point.  This element
756	      contains the same child elements as the "ap" element, with the
757	      access point and Device roles reversed.

759	   All elements are optional except for "bssid".

761	   The "nicType" element is used to specify the make and model of the
762	   wireless network interface in the Device.  Different 802.11 chipsets
763	   report measurements in different ways, so knowing the network
764	   interface type aids the LIS in determining how to use the provided
765	   measurement data.  The content of this field is unconstrained and no
766	   mechanisms are specified to ensure uniqueness.

768	5.3.1.  Wifi Measurement Requests

770	   Two elements are defined for requesting WiFi measurements in a
771	   measurement request:

773	   type:  The "type" element identifies the desired type (or types that
774	      are requested.

776	   parameter:  The "parameter" element identifies an optional
777	      measurements are requested for each measured access point.  An
778	      element is identified by its qualified name.  The optional
779	      "context" parameter can be used to specify if an element is
780	      included as a child of the "ap" or "device" elements; omission
781	      indicates that it applies to both.

783	   Multiple types or parameters can be requested by repeating either
784	   element.

786	5.4.  Cellular Measurements

788	   Cellular Devices are common throughout the world and base station
789	   identifiers can provide a good source of coarse location information.
790	   This information can be provided to a LIS run by the cellar operator,
791	   or may be provided to an alternative LIS operator that has access to
792	   one of several global cell-id to location mapping databases.

794	   A number of advanced location determination methods have been
795	   developed for cellular networks.  For these methods a range of
796	   measurement parameters can be collected by the network, Device, or
797	   both in cooperation.  This document includes a basic identifier for
798	   the wireless transmitter only; future efforts might define additional
799	   parameters that enable more accurate methods of location
800	   determination.

802	   The cellular measurement set allows a Device to report to a LIS any
803	   LTE (Figure 7), UMTS (Figure 8), GSM (Figure 9) or CDMA (Figure 10)
804	   cells that it is able to observe.  Cells are reported using their
805	   global identifiers.  All 3GPP cells are identified by public land
806	   mobile network (PLMN), which is formed of mobile country code (MCC)
807	   and mobile network code (MNC); specific fields are added for each
808	   network type.  All other values are decimal integers.

810	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
811	                   time="2008-04-29T14:33:58">
812	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
813	         <servingCell>
814	           <mcc>465</mcc><mnc>20</mnc>
815	           <eucid>80936424</eucid>
816	         </servingCell>
817	         <observedCell>
818	           <mcc>465</mcc><mnc>06</mnc>
819	           <eucid>10736789</eucid>
820	         </observedCell>
821	       </cellular>
822	     </measurements>

824	   Long term evolution (LTE) cells are identified by a 28-bit cell
825	   identifier (eucid).

827	                Figure 7: Example LTE Cellular Measurement

829	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
830	                   time="2008-04-29T14:33:58">
831	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
832	         <servingCell>
833	           <mcc>465</mcc><mnc>20</mnc>
834	           <rnc>2000</rnc><cid>65000</cid>
835	         </servingCell>
836	         <observedCell>
837	           <mcc>465</mcc><mnc>06</mnc>
838	           <lac>16383</lac><cid>32767</cid>
839	         </observedCell>
840	       </cellular>
841	     </measurements>

843	   Universal mobile telephony service (UMTS) cells are identified by
844	   radio network controller (rnc) and cell id (cid).

846	                Figure 8: Example UMTS Cellular Measurement

848	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
849	                   time="2008-04-29T14:33:58">
850	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
851	         <servingCell>
852	           <mcc>465</mcc><mnc>06</mnc>
853	           <lac>16383</lac><cid>32767</cid>
854	         </servingCell>
855	       </cellular>
856	     </measurements>

858	   Global System for Mobile communication (GSM) cells are identified by
859	   local radio network controller (rnc) and cell id (cid).

861	                Figure 9: Example GSM Cellular Measurement

863	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
864	                   time="2008-04-29T14:33:58">
865	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
866	         <servingCell>
867	           <nid>4723</nid><sid>15892</sid><baseid>12</baseid>
868	         </servingCell>
869	         <observedCell>
870	           <nid>4723</nid><sid>15892</sid><baseid>13</baseid>
871	         </observedCell>
872	       </cellular>
873	     </measurements>

875	   Code division multiple access (CDMA) cells are not identified by
876	   PLMN, instead these use network id (nid), system id (sid) and base
877	   station id (baseid).

879	               Figure 10: Example CDMA Cellular Measurement

881	   In general a cellular Device will be attached to the cellular network
882	   and so the notion of a serving cell exists.  Cellular network also
883	   provide overlap between neighbouring sites, so a mobile Device can
884	   hear more than one cell.  The measurement schema supports sending
885	   both the serving cell and any other cells that the mobile might be
886	   able to hear.  In some cases, the Device may simply be listening to
887	   cell information without actually attaching to the network, mobiles
888	   without a SIM are an example of this.  In this case the Device may
889	   simply report cells it can hear without flagging one as a serving
890	   cell.  An example of this is shown in Figure 11.

892	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
893	                   time="2008-04-29T14:33:58">
894	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
895	         <observedCell>
896	           <mcc>465</mcc><mnc>20</mnc>
897	           <rnc>2000</rnc><cid>65000</cid>
898	         </observedCell>
899	         <observedCell>
900	           <mcc>465</mcc><mnc>06</mnc>
901	           <lac>16383</lac><cid>32767</cid>
902	         </observedCell>
903	       </cellular>
904	     </measurements>

906	             Figure 11: Example Observed Cellular Measurement

908	5.4.1.  Cellular Measurement Requests

910	   Two elements can be used in measurement requests for cellular
911	   measurements:

913	   type:  A label indicating the type of identifier to provide: one of
914	      "gsm", "umts", "lte", or "cdma".

916	   network:  The network portion of the cell identifier.  For 3GPP
917	      networks, this is the combination of MCC and MNC; for CDMA, this
918	      is the network identifier.

920	   Multiple identifier types or networks can be identified by repeating
921	   either element.

923	5.5.  GNSS Measurements

925	   GNSS use orbiting satellites to transmit signals.  A Device with a
926	   GNSS receiver is able to take measurements from the satellite
927	   signals.  The results of these measurements can be used to determine
928	   time and the location of the Device.

930	   Determining location and time in autonomous GNSS receivers follows
931	   three steps:

933	   Signal acquisition:  During the signal acquisition stage, the
934	      receiver searches for the repeating code that is sent by each GNSS
935	      satellite.  Successful operation typically requires measurement
936	      data for a minimum of 5 satellites.  At this stage, measurement
937	      data is available to the Device.

939	   Navigation message decode:  Once the signal has been acquired, the
940	      receiver then receives information about the configuration of the
941	      satellite constellation.  This information is broadcast by each
942	      satellite and is modulated with the base signal at a low rate; for
943	      instance, GPS sends this information at about 50 bits per second.

945	   Calculation:  The measurement data is combined with the data on the
946	      satellite constellation to determine the location of the receiver
947	      and the current time.

949	   A Device that uses a GNSS receiver is able to report measurements
950	   after the first stage of this process.  A LIS can use the results of
951	   these measurements to determine a location.  In the case where there
952	   are fewer results available than the optimal minimum, the LIS might
953	   be able to use other sources of measurement information and combine
954	   these with the available measurement data to determine a position.

956	      Note: The use of different sets of GNSS _assistance data_ can
957	      reduce the amount of time required for the signal acquisition
958	      stage and obviate the need for the receiver to extract data on the
959	      satellite constellation.  Provision of assistance data is outside
960	      the scope of this document.

962	   Figure 12 shows an example of GNSS measurement data.  The measurement
963	   shown is for the GPS system and includes measurement data for three
964	   satellites only.

966	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
967	                   time="2008-04-29T14:33:58" timeError="2e-5">
968	       <gnss xmlns="urn:ietf:params:xml:ns:geopriv:lm:gnss"
969	             system="gps" signal="L1">
970	         <sat num="19">
971	           <doppler>499.9395</doppler>
972	           <codephase rmsError="1.6e-9">0.87595747</codephase>
973	           <cn0>45</cn0>
974	         </sat>
975	         <sat num="27">
976	           <doppler>378.2657</doppler>
977	           <codephase rmsError="1.6e-9">0.56639479</codephase>
978	           <cn0>52</cn0>
979	         </sat>
980	         <sat num="20">
981	           <doppler>-633.0309</doppler>
982	           <codephase rmsError="1.6e-9">0.57016835</codephase>
983	           <cn0>48</cn0>
984	         </sat>
985	       </gnss>
986	     </measurements>

988	                    Figure 12: Example GNSS Measurement

990	   Each "gnss" element represents a single set of GNSS measurement data,
991	   taken at a single point in time.  Measurements taken at different
992	   times can be included in different "gnss" elements to enable
993	   iterative refinement of results.

995	   GNSS measurement parameters are described in more detail in the
996	   following sections.

998	5.5.1.  GNSS System and Signal

1000	   The GNSS measurement structure is designed to be generic and to apply
1001	   to different GNSS types.  Different signals within those systems are
1002	   also accounted for and can be measured separately.

1004	   The GNSS type determines the time system that is used.  An indication
1005	   of the type of system and signal can ensure that the LIS is able to
1006	   correctly use measurements.

1008	   Measurements for multiple GNSS types and signals can be included by
1009	   repeating the "gnss" element.

1011	   This document creates an IANA registry for GNSS types.  Two satellite
1012	   systems are registered by this document: GPS and Galileo.  Details
1013	   for the registry are included in Section 9.1.

1015	5.5.2.  Time

1017	   Each set of GNSS measurements is taken at a specific point in time.
1018	   The "time" attribute is used to indicate the time that the
1019	   measurement was acquired, if the receiver knows how the time system
1020	   used by the GNSS relates to UTC time.

1022	   Alternative to (or in addition to) the measurement time, the
1023	   "gnssTime" element MAY be included.  The "gnssTime" element includes
1024	   a relative time in milliseconds using the time system native to the
1025	   satellite system.  For the GPS satellite system, the "gnssTime"
1026	   element includes the time of week in milliseconds.  For the Galileo
1027	   system, the "gnssTime" element includes the time of day in
1028	   milliseconds.

1030	   The accuracy of the time measurement provided is critical in
1031	   determining the accuracy of the location information derived from
1032	   GNSS measurements.  The receiver SHOULD indicate an estimated time
1033	   error for any time that is provided.  An RMS error can be included
1034	   for the "gnssTime" element, with a value in milliseconds.

1036	5.5.3.  Per-Satellite Measurement Data

1038	   Multiple satellites are included in each set of GNSS measurements
1039	   using the "sat" element.  Each satellite is identified by a number in
1040	   the "num" attribute.  The satellite number is consistent with the
1041	   identifier used in the given GNSS.

1043	   Both the GPS and Galileo systems use satellite numbers between 1 and
1044	   64.

1046	   The GNSS receiver measures the following parameters for each
1047	   satellite:

1049	   doppler:  The observed Doppler shift of the satellite signal,
1050	      measured in meters per second.  This is converted from a value in
1051	      Hertz by the receiver to allow the measurement to be used without
1052	      knowledge of the carrier frequency of the satellite system.  This
1053	      value includes an optional RMS error attribute, also measured in
1054	      meters per second.

1056	   codephase:  The observed code phase for the satellite signal,
1057	      measured in milliseconds.  This is converted from a value in chips
1058	      or wavelengths.  Increasing values indicate increasing
1059	      pseudoranges.  This value includes an optional RMS error
1060	      attribute, also measured in milliseconds.

1062	   cn0:  The signal to noise ratio for the satellite signal, measured in
1063	      decibel-Hertz (dB-Hz).  The expected range is between 20 and 50
1064	      dB-Hz.

1066	   mp:  An estimation of the amount of error that multipath signals
1067	      contribute in metres.  This parameter is optional.

1069	   cq:  An indication of the carrier quality.  Two attributes are
1070	      included: "continuous" may be either "true" or "false"; direct may
1071	      be either "direct" or "inverted".  This parameter is optional.

1073	   adr:  The accumulated Doppler range, measured in metres.  This
1074	      parameter is optional and is not necessary unless multiple sets of
1075	      GNSS measurements are provided.

1077	   All values are converted from measures native to the satellite system
1078	   to generic measures to ensure consistency of interpretation.  Unless
1079	   necessary, the schema does not constrain these values.

1081	5.5.4.  GNSS Measurement Requests

1083	   Measurement requests can include a "gnss" element, which includes the
1084	   "system" and "signal" attributes.  Multiple elements can be included
1085	   to indicate a requests for GNSS measurements from multiple systems or
1086	   signals.

1088	5.6.  DSL Measurements

1090	   Digital Subscriber Line (DSL) networks rely on a range of network
1091	   technology.  DSL deployments regularly require cooperation between
1092	   multiple organizations.  These fall into two broad categories:
1093	   infrastructure providers and Internet service providers (ISPs).
1094	   Infrastructure providers manage the bulk of the physical
1095	   infrastructure including cabling.  End users obtain their service
1096	   from an ISP, which manages all aspects visible to the end user
1097	   including IP address allocation and operation of a LIS.  See
1098	   [DSL.TR025] and [DSL.TR101] for further information on DSL network
1099	   deployments.

1101	   Exchange of measurement information between these organizations is
1102	   necessary for location information to be correctly generated.  The
1103	   ISP LIS needs to acquire location information from the infrastructure
1104	   provider.  However, the infrastructure provider has no knowledge of
1105	   Device identifiers, it can only identify a stream of data that is
1106	   sent to the ISP.  This is resolved by passing measurement data
1107	   relating to the Device to a LIS operated by the infrastructure
1108	   provider.

1110	5.6.1.  L2TP Measurements

1112	   Layer 2 Tunneling Protocol (L2TP) is a common means of linking the
1113	   infrastructure provider and the ISP.  The infrastructure provider LIS
1114	   requires measurement data that identifies a single L2TP tunnel, from
1115	   which it can generate location information.  Figure 13 shows an
1116	   example L2TP measurement.

1118	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1119	                   time="2008-04-29T14:33:58">
1120	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1121	         <l2tp>
1122	           <src>192.0.2.10</src>
1123	           <dest>192.0.2.61</dest>
1124	           <session>528</session>
1125	         </l2tp>
1126	       </dsl>
1127	     </measurements>

1129	                  Figure 13: Example DSL L2TP Measurement

1131	5.6.2.  RADIUS Measurements

1133	   When authenticating network access, the infrastructure provider might
1134	   employ a RADIUS [RFC2865] proxy at the DSL Access Module (DSLAM) or
1135	   Access Node (AN).  These messages provide the ISP RADIUS server with
1136	   an identifier for the DSLAM or AN, plus the slot and port that the
1137	   Device is attached on.  These data can be provided as a measurement,
1138	   which allows the infrastructure provider LIS to generate location
1139	   information.

1141	   The format of the AN, slot and port identifiers are not defined in
1142	   the RADIUS protocol.  Slot and port together identify a circuit on
1143	   the AN, analogous to the circuit identifier in [RFC3046].  These
1144	   items are provided directly, as they were in the RADIUS message.  An
1145	   example is shown in Figure 14.

1147	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1148	                   time="2008-04-29T14:33:58">
1149	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1150	         <an>AN-7692</an>
1151	         <slot>3</slot>
1152	         <port>06</port>
1153	       </dsl>
1154	     </measurements>

1156	                 Figure 14: Example DSL RADIUS Measurement

1158	5.6.3.  Ethernet VLAN Tag Measurements

1160	   For Ethernet-based DSL access networks, the DSL Access Module (DSLAM)
1161	   or Access Node (AN) provide two VLAN tags on packets.  A C-TAG is
1162	   used to identify the incoming residential circuit, while the S-TAG is
1163	   used to identify the DSLAM or AN.  The C-TAG and S-TAG together can
1164	   be used to identify a single point of network attachment.  An example
1165	   is shown in Figure 15.

1167	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1168	                   time="2008-04-29T14:33:58">
1169	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1170	         <stag>613</stag>
1171	         <ctag>1097</ctag>
1172	       </dsl>
1173	     </measurements>

1175	                Figure 15: Example DSL VLAN Tag Measurement

1177	   Alternatively, the C-TAG can be replaced by data on the slot and port
1178	   that the Device is attached to.  This information might be included
1179	   in RADIUS requests that are proxied from the infrastructure provider
1180	   to the ISP RADIUS server.

1182	5.6.4.  ATM Virtual Circuit Measurements

1184	   An ATM virtual circuit can be employed between the ISP and
1185	   infrastructure provider.  Providing the virtual port ID (VPI) and
1186	   virtual circuit ID (VCI) for the virtual circuit gives the
1187	   infrastructure provider LIS the ability to identify a single data
1188	   stream.  A sample measurement is shown in Figure 16.

1190	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1191	                   time="2008-04-29T14:33:58">
1192	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1193	         <vpi>55</vpi>
1194	         <vci>6323</vci>
1195	       </dsl>
1196	     </measurements>

1198	                  Figure 16: Example DSL ATM Measurement

1200	6.  Privacy Considerations

1202	   Location-related measurement data can be as privacy sensitive as
1203	   location information.

1205	   Measurement data is effectively equivalent to location information if
1206	   the contextual knowledge necessary to generate one from the other is
1207	   readily accessible.  Even where contextual knowledge is difficult to
1208	   acquire, there can be no assurance that an authorized recipient of
1209	   the contextual knowledge is also authorized to receive location
1210	   information.

1212	   In order to protect the privacy of the subject of location-related
1213	   measurement data, this implies that measurement data is protected
1214	   with the same degree of protection as location information.

1216	6.1.  Measurement Data Privacy Model

1218	   It is less desirable to distribute measurement data in the same
1219	   fashion as location information.  Measurement data is less useful to
1220	   location recipients than location information.  Therefore, a simple
1221	   distribution model is desirable.

1223	   In this simple model, the Device is the only entity that is able to
1224	   distribute measurement data.  To use an analogy from the GEOPRIV
1225	   architecture, the Device - as the Location Generator (or the
1226	   Measurement Data Generator) - is the sole entity that can assume the
1227	   roles of Rule Maker and Location Server.

1229	   No entity can redistribute measurement data.  The Device directs
1230	   other entities in how measurement data is used and retained.

1232	6.2.  LIS Privacy Requirements

1234	   A LIS MUST NOT reveal location-related measurement data or location
1235	   information based on measurement data to any other entity unless
1236	   directed to do so by the Device.

1238	   By adding measurement data to a request for location information, the
1239	   Device implicitly grants permission for the LIS to generate the
1240	   requested location information using the measurement data.
1241	   Permission to use this data for any other purpose is not implied.

1243	   As long as measurement data is only used in serving the request that
1244	   contains it, rules regarding data retention are not necessary.  A LIS
1245	   MUST discard location-related measurement data after servicing a
1246	   request, unless the Device grants permission to use that information
1247	   for other purposes.

1249	6.3.  Measurement Data and Location URIs

1251	   A LIS MAY use measurement data provided by the Device to serve
1252	   requests to location URIs, if the Device permits it.  A Device
1253	   permits this by including measurement data in a request that
1254	   explcitly requests a location URI.  By requesting a location URI, the
1255	   Device grants permission for the LIS to use the measurement data in
1256	   serving requests to that URI.

1258	   Note:  In HELD, the "any" type is not an explicit request for a
1259	      location URI, though a location URI might be provided.

1261	   The usefulness of measurement data that is provided in this fashion
1262	   is limited.  The measurement data is only valid at the time that it
1263	   was acquired by the Device.  At the time that a request is made to a
1264	   location URI, the Device might have moved, rendering the measurement
1265	   data incorrect.

1267	   A Device is able to explicitly limit the time that a LIS retains
1268	   measurement data by adding an expiry time to the measurement data,
1269	   see Section 4.1.2.

1271	6.4.  Third-Party-Provided Measurement Data

1273	   An authorized third-party request for the location of a Device (see
1274	   [I-D.ietf-geopriv-held-identity-extensions]) can include location-
1275	   related measurement data.  This is possible where the third-party is
1276	   able to make observations about the Device.

1278	   A third-party that provides measurement data MUST be authorized to
1279	   provide the specific measurement for the identified device.  A third-
1280	   party MUST either be trusted by the LIS for the purposes of providing
1281	   measurement data of the provided type, or the measurement data MUST
1282	   be validated (see Section 7.2.1) before being used.

1284	   How a third-party authenticates its identity or gains authorization
1285	   to use measurement data is not covered by this document.

1287	7.  Security Considerations

1289	   Use of location-related measurement data has privacy considerations
1290	   that are discussed in Section 6.

1292	7.1.  Threat Model

1294	   The threat model for location-related measurement data concentrates
1295	   on the Device providing falsified, stolen or incorrect measurement
1296	   data.

1298	   A Device that provides location location-related measurement data
1299	   might use data to:

1301	   o  acquire the location of another Device, without authorization;

1303	   o  extract information about network topology; or

1305	   o  coerce the LIS into providing falsified location information based
1306	      on the measurement data.

1308	   Location-related measurement data describes the physical environment
1309	   or network attachment of a Device.  A third party adversary in the
1310	   proximity of the Device might be able to alter the physical
1311	   environment such that the Device provides measurement data that is
1312	   controlled by the third party.  This might be used to indirectly
1313	   control the location information that is derived from measurement
1314	   data.

1316	7.1.1.  Acquiring Location Information Without Authorization

1318	   Requiring authorization for location requests is an important part of
1319	   privacy protections of a location protocol.  A location configuration
1320	   protocol usually operates under a restricted policy that allows a
1321	   requester to obtain their own location.  HELD identity extensions
1322	   [I-D.ietf-geopriv-held-identity-extensions] allows other entities to
1323	   be authorized, conditional on a Rule Maker providing sufficient
1324	   authorization.

1326	   The intent of these protections is to ensure that a location
1327	   recipient is authorized to acquire location information.  Location-
1328	   related measurement data could be used by an attacker to circumvent
1329	   such authorization checks if the association between measurement data
1330	   and Target Device is not validated by a LIS.

1332	   A LIS can be coerced into providing location information for a Device
1333	   that a location recipient is not authorized to receive.  A request
1334	   identifies one Device (implicitly or explicitly), but measurement
1335	   data is provided for another Device.  If the LIS does not check that
1336	   the measurement data is for the identified Device, it could
1337	   incorrectly authorize the request.

1339	   By using unvalidated measurement data to generate a response, the LIS
1340	   provides information about a Device without appropriate
1341	   authorization.

1343	   The feasibility of this attack depends on the availability of
1344	   information that links a Device with measurement data.  In some
1345	   cases, measurement data that is correlated with a target is readily
1346	   available.  For instance, LLDP measurements (Section 5.1) are
1347	   broadcast to all nodes on the same network segment.  An attacker on
1348	   that network segment can easily gain measurement data that relates a
1349	   Device with measurements.

1351	   For some types of measurement data, it's necessary for an attacker to
1352	   know the location of the target in order to determine what
1353	   measurements to use.  This attack is meaningless for types of
1354	   measurement data that require that the attacker first know the
1355	   location of the target before measurement data can be acquired or
1356	   fabricated.  GNSS measurements (Section 5.5) share this trait with
1357	   many wireless location determination methods.

1359	7.1.2.  Extracting Network Topology Data

1361	   Allowing requests with measurements might be used to collect
1362	   information about a network topology.  This is possible if requests
1363	   containing measurements are permitted.

1365	   Network topology can be considered sensitive information by a network
1366	   operator for commercial or security reasons.  While it is impossible
1367	   to completely prevent a Device from acquiring some knowledge of
1368	   network topology if a location service is provided, a network
1369	   operator might desire to limit how much of this information is made
1370	   available.

1372	   Mapping a network topology does not require that an attacker be able
1373	   to associate measurement data with a particular Device.  If a
1374	   requester is able to try a number of measurements, it is possible to
1375	   acquire information about network topology.

1377	   It is not even necessary that the measurements are valid; random
1378	   guesses are sufficient, provided that there is no penalty or cost
1379	   associated with attempting to use the measurements.

1381	7.1.3.  Lying By Proxy

1383	   Location information is a function of its inputs, which includes
1384	   measurement data.  Thus, falsified measurement data can be used to
1385	   alter the location information that is provided by a LIS.

1387	   Some types of measurement data are relatively easy to falsify in a
1388	   way that the resulting location information to be selected with
1389	   little or no error.  For instance, GNSS measurements are easy to use
1390	   for this purpose because all the contextual information necessary to
1391	   calculate a position using measurements is broadcast by the
1392	   satellites [HARPER].

1394	   An attacker that falsifies measurement data gains little if they are
1395	   the only recipients of the result.  The attacker knows that the
1396	   location information is bad.  The attacker only gains if the
1397	   information can somehow be attributed to the LIS by another location
1398	   recipient.

1400	   A recipient might evaluate the trustworthiness of the location
1401	   information based on the credibility of its source.  By coercing the
1402	   LIS into providing falsified location information, any credibility
1403	   that the LIS might have - that the attacker does not - is gained by
1404	   the attacker.

1406	   A third-party that is reliant on the integrity of the location
1407	   information might base an evaluation of the credibility of the
1408	   information on the source of the information.  If that third party is
1409	   able to attribute location information to the LIS, then an attacker
1410	   might gain.

1412	   Location information that is provided to the Device without any means
1413	   to identify the LIS as its source is not subject to this attack.  The
1414	   Device is identified as the source of the data when it distributes
1415	   the location information to location recipients.

1417	   An attacker gains if they are able to coerce the LIS into providing
1418	   location information based on falsified measurement data and that
1419	   information can be attributed to the LIS.

1421	   Location information is attributed to the LIS either through the use
1422	   of digital signatures or by having the location recipient directly
1423	   interact with the LIS.  A LIS that digitally signs location
1424	   information becomes identifiable as the source of the data.
1425	   Similarly, the LIS is identified as a source of data if a location
1426	   recipient acquires information directly from a LIS using a location
1427	   URI.

1429	7.1.4.  Measurement Replay

1431	   The value of some measured properties do not change over time for a
1432	   single location.  This allows for simple replay attacks, where an
1433	   attacker acquires measurements that can later be used without being
1434	   detected as being invalid.

1436	   Measurement data is frequently an observation of an time-invariant
1437	   property of the environment at the subject location.  For
1438	   measurements of this nature, nothing in the measurement itself is
1439	   sufficient proof that the Device is present at the resulting
1440	   location.  Measurement data might have been previously acquired and
1441	   reused.

1443	   For instance, the identity of a radio transmitter, if broadcast by
1444	   that transmitter, can be collected and stored.  An attacker that
1445	   wishes it known that they exist at a particular location, can claim
1446	   to observe this transmitter at any time.  Nothing inherent in the
1447	   claim reveals it to be false.

1449	   For properties of a network, time-invariance is often directly as a
1450	   result of the practicalities of operating the network.  Limiting the
1451	   changes to a network ensures greater consistency of service.  A
1452	   largely static network also greatly simplifies the data management
1453	   tasks involved with providing a location service.

1455	7.1.5.  Environment Spoofing

1457	   Some types of measurement data can be altered or influenced by a
1458	   third party so that a Device.  If it is possible for a third party to
1459	   alter the measured phenomenon, then any location information that is
1460	   derived from this data can be indirectly influenced.

1462	   Altering the environment in this fashion might not require
1463	   involvement with either Device or LIS.  Measurement that is passive -
1464	   where the Device observes a signal or other phenomenon without direct
1465	   interaction - are most susceptible to alteration by third parties.

1467	   Measurement of radio signal characteristics is especially vulnerable
1468	   since an adversary need only be in the general vicinity of the Device
1469	   and be able to transmit a signal.  For instance, a GNSS spoofer is
1470	   able to produce fake signals that claim to be transmitted by any
1471	   satellite or set of satellites (see [GPS.SPOOF]).

1473	   Measurements that require direct interaction increases the complexity
1474	   of the attack.  For measurements relating to the communication
1475	   medium, a third party cannot avoid direct interaction, they need only
1476	   be on the comminications path (that is, man in the middle).

1478	   Even if the entity that is interacted with is authenticated, this
1479	   does not provide any assurance about the integrity of measurement
1480	   data.  For instance, the Device might authenticate the identity of a
1481	   radio transmitter through the use of cryptographic means and obtain
1482	   signal strength measurements for that transmitter.  Radio signal
1483	   strength is trivial for an attacker to increase simply by receiving
1484	   and amplifying the raw signal; it is not necessary for the attacker
1485	   to be able to understand the signal content.

1487	   Note:  This particular "attack" is more often completely legitimate.
1488	      Radio repeaters are commonplace mechanism used to increase radio
1489	      coverage.

1491	   Attacks that rely on altering the observed environment of a Device
1492	   require countermeasures that affect the measurement process.  For
1493	   radio signals, countermeasures could include the use of authenticated
1494	   signals, altered receiver design.  In general, countermeasures are
1495	   highly specific to the individual measurement process.  An exhaustive
1496	   discussion of these issues is left to the relevant literature for
1497	   each measurement technology.

1499	   A Device that provides measurement data is assumed to be responsible
1500	   for applying appropriate countermeasures against this type of attack.

1502	   For a Device that is the ultimate recipient of location information
1503	   derived from measurement data, a LIS might choose to provide location
1504	   information without any validation.  The responsibility for ensuring
1505	   the veracity of the measurement data lies with the Device.

1507	   Measurement data that is susceptible to this sort of influence MUST
1508	   be treated as though it were produced by an untrusted Device for
1509	   those cases where a location recipient might attribute the location
1510	   information to the LIS.  Such measurement data MUST be subjected to
1511	   the same validation as for other types of attacks that rely on
1512	   measurement falsification.

1514	   Note:  Altered measurement data might be provided by a Device that
1515	      has no knowledge of the alteration.  Thus, an otherwise trusted
1516	      Device might still be an unreliable source of measurement data.

1518	7.2.  Mitigation

1520	   The following measures can be applied to limit or prevent attacks.
1521	   The effectiveness of each depends on the type of measurement data and
1522	   how that measurement data is acquired.

1524	   Two general approaches are identified for dealing with untrusted
1525	   measurement data:

1527	   1.  Require independent validation of measurement data or the
1528	       location information that is produced.

1530	   2.  Identify the types of sources that provided the measurement data
1531	       that location information was derived from.

1533	   This section goes into more detail on the different forms of
1534	   validation in Section 7.2.1, Section 7.2.2, and Section 7.2.3.  The
1535	   impact of attributing location information to sources is discussed in
1536	   more detail in Section 7.2.4.

1538	7.2.1.  Measurement Validation

1540	   Detecting that measurement data has been falsified is difficult in
1541	   the absence of integrity mechanisms.

1543	   Independent confirmation of the veracity of measurement data ensures
1544	   that the measurement is accurate and that it applies to the correct
1545	   Device.  By gathering the same measurement data from a trusted and
1546	   independent source, the LIS is able to check that the measurement
1547	   data is correct.

1549	   Measurement information might contain no inherent indication that it
1550	   is falsified.  On the contrary, it can be difficult to obtain
1551	   information that would provide any degree of assurance that the
1552	   measurement device is physically at any particular location.
1553	   Measurements that are difficult to verify require other forms of
1554	   assurance before they can be used.

1556	7.2.1.1.  Effectiveness

1558	   Measurement validation MUST be used if measurement data for a
1559	   particular Device can be easily acquired by unauthorized location
1560	   recipients, as described in Section 7.1.1.  This prevents
1561	   unauthorized access to location information using measurement data.

1563	   Validation of measurement data can be significantly more effective
1564	   than independent acquisition of the same.  For instance, a Device in
1565	   a large Ethernet network could provide a measurement indicating its
1566	   point of attachment using LLDP measurements.  For a LIS, acquiring
1567	   the same measurement data might require a request to all switches in
1568	   that network.  With the measurement data, validation can target the
1569	   identified switch with a specific query.

1571	   Validation is effective in identifying falsified measurement data
1572	   (Section 7.1.3), including attacks involving replay of measurement
1573	   data (Section 7.1.4).  Validation also limits the amount of network
1574	   topology information (Section 7.1.2) made available to Devices to
1575	   that portion of the network topology that they are directly attached.

1577	   Measurement validation has no effect if the underlying effect is
1578	   being spoofed (Section 7.1.5).

1580	7.2.1.2.  Limitations (Unique Observer)

1582	   A Device is often in a unique position to make a measurement.  It
1583	   alone occupies the point in space-time that the location
1584	   determination process seeks to determine.  The Device becomes a
1585	   unique observer for a particular property.

1587	   The ability of the Device to become a unique observer makes the
1588	   Device invaluable to the location determination process.  As a unique
1589	   observer, it also makes the claims of a Device difficult to validate
1590	   and easily to spoof.

1592	   As long as no other entity is capable of making the same
1593	   measurements, there is also no other entity that can independently
1594	   check that the measurements are correct and applicable to the Device.
1595	   A LIS might be unable to validate all or part of the measurement data
1596	   it receives from a unique observer.  For instance, a signal strength
1597	   measurement of the signal from a radio tower cannot be validated
1598	   directly.

1600	   Some portion of the measurement data might still be independently
1601	   verified, even if all information cannot.  In the previous example,
1602	   the radio tower might be able to provide verification that the Device
1603	   is present if it is able to observe a radio signal sent by the
1604	   Device.

1606	   If measurement data can only be partially validated, the extent to
1607	   which it can be validated determines the effectiveness of validation
1608	   against these attacks.

1610	   The advantage of having the Device as a unique observer is that it
1611	   makes it difficult for an attacker to acquire measurements without
1612	   the assistance of the Device.  Attempts to use measurements to gain
1613	   unauthorized access to measurement data (Section 7.1.1) are largely
1614	   ineffectual against a unique observer.

1616	7.2.2.  Location Validation

1618	   Location information that is derived from location-related
1619	   measurement data can also be verified against trusted location
1620	   information.  Rather than validating inputs to the location
1621	   determination process, suspect locations are identified at the output
1622	   of the process.

1624	   Trusted location information is acquired using sources of measurement
1625	   data that are trusted.  Untrusted location information is acquired
1626	   using measurement data provided from untrusted sources, which might
1627	   include the Device.  These two locations are compared.  If the
1628	   untrusted location agrees with the trusted location, the untrusted
1629	   location information is used.

1631	   Algorithms for the comparison of location information are not
1632	   included in this document.  However, a simple comparison for
1633	   agreement might require that the untrusted location be entirely
1634	   contained within the uncertainty region of the trusted location.

1636	   There is little point in using a less accurate, less trusted
1637	   location.  Untrusted location information that has worse accuracy
1638	   than trusted information can be immediately discarded.  There are
1639	   multiple factors that affect accuracy, uncertainty and currency being
1640	   the most important.  How location information is compared for
1641	   accuracy is not defined in this document.

1643	7.2.2.1.  Effectiveness

1645	   Location validation limits the extent to which falsified - or
1646	   erroneous - measurement data can cause an incorrect location to be
1647	   reported.

1649	   Location validation can be more efficient than validation of inputs,
1650	   particularly for a unique observer (Section 7.2.1.2).

1652	   Validating location ensures that the Device is at or near the
1653	   resulting location.  Location validation can be used to limit or
1654	   prevent all of the attacks identified in this document.

1656	7.2.2.2.  Limitations

1658	   The trusted location that is used for validation is always less
1659	   accurate than the location that is being checked.  The amount by
1660	   which the untrusted location is more accurate, is the same amount
1661	   that an attacker can exploit.

1663	   For example, a trusted location might indicate a five kilometer
1664	   radius uncertainty region.  An untrusted location that describes a
1665	   100 meter uncertainty within the larger region might be accepted as
1666	   more accurate.  An attacker might still falsify measurement data to
1667	   select any location within the larger uncertainty region.  While the
1668	   100 meter uncertainty that is reported seems more accurate, a
1669	   falsified location could be anywhere in the five kilometer region.

1671	   Where measurement data might have been falsified, the actual
1672	   uncertainty is effectively much higher.  Local policy might allow
1673	   differing degrees of trust to location information derived from
1674	   untrusted measurement data.  This might not be a boolean operation
1675	   with only two possible outcomes: untrusted location information might
1676	   be used entirely or not at all, or it could be combined with trusted
1677	   location information with the degree to which each contributes based
1678	   on a value set in local policy.

1680	7.2.3.  Supporting Observations

1682	   Replay attacks using previously acquired measurement data are
1683	   particularly hard to detect without independent validation.  Rather
1684	   than validate the measurement data directly, supplementary data might
1685	   be used to validate measurements or the location information derived
1686	   from those measurements.

1688	   These supporting observations could be used to convey information
1689	   that provides additional assurance that the Device was acquired at a
1690	   specific time and place.  In effect, the Device is requested to
1691	   provide proof of its presence at the resulting location.

1693	   For instance, a Device that measures attributes of a radio signal
1694	   could also be asked to provide a sample of the measured radio signal.
1695	   If the LIS is able to observe the same signal, the two observations
1696	   could be compared.  Providing that the signal cannot be predicted in
1697	   advance by the Device, this could be used to support the claim that
1698	   the Device is able to receive the signal.  Thus, the Device is likely
1699	   to be within the range that the signal is transmitted.  A LIS could
1700	   use this to attribute a higher level of trust in the associated
1701	   measurement data or resulting location.

1703	7.2.3.1.  Effectiveness

1705	   The use of supporting observations is limited by the ability of the
1706	   LIS to acquire and validate these observations.  The advantage of
1707	   selecting observations independent of measurement data is that
1708	   observations can be selected based on how readily available the data
1709	   is for both LIS and Device.  The amount and quality of the data can
1710	   be selected based on the degree of assurance that is desired.

1712	   Use of supporting observations is similar to both measurement
1713	   validation and location validation.  All three methods rely on
1714	   independent validation of one or more properties.  Applicability of
1715	   each method is similar.

1717	   Use of supporting observations can be used to limit or prevent all of
1718	   the attacks identified in this document.

1720	7.2.3.2.  Limitations

1722	   The effectiveness of the validation method depends on the quality of
1723	   the supporting observation: how hard it is to obtain at a different
1724	   time or place, how difficult it is to guess and what other costs
1725	   might be involved in acquiring this data.

1727	   In the example of an observed radio signal, requesting a sample of
1728	   the signal only provides an assurance that the Device is able to
1729	   receive the signal transmitted by the measured radio transmitter.
1730	   This only provides some assurance that the Device is within range of
1731	   the transmitter.

1733	   As with location validation, a Device might still be able to provide
1734	   falsified measurements that could alter the value of the location
1735	   information as long as the result is within this region.

1737	   Requesting additional supporting observations can reduce the size of
1738	   the region over which location information can be altered by an
1739	   attacker, or increase trust in the result, but each additional has a
1740	   cost.  Supporting observations contribute little or nothing toward
1741	   the primary goal of determining the location of the Device.  Any
1742	   costs in acquiring supporting observations are balanced against the
1743	   degree of integrity desired of the resulting location information.

1745	7.2.4.  Attribution

1747	   Lying by proxy (Section 7.1.3) relies on the location recipient being
1748	   able to attribute location information to a LIS.  The effectiveness
1749	   of this attack is negated if location information is explicitly
1750	   attributed to a particular source.

1752	   This requires an extension to the location object that explicitly
1753	   identifies the source (or sources) of each item of location
1754	   information.

1756	   Rather than relying on a process that seeks to ensure that location
1757	   information is accurate, this approach instead provides a location
1758	   recipient with the information necessary to reach their own
1759	   conclusion about the trustworthiness of the location information.

1761	   Including an authenticated identity for all sources of measurement
1762	   data is presents a number of technical and operational challenges.
1763	   It is possible that the LIS has a transient relationship with a
1764	   Device.  A Device is not expected to share authentication information
1765	   with a LIS.  There is no assurance that Device identification is
1766	   usable by a potential location recipient.  Privacy concerns might
1767	   also prevent the sharing identification information, even if it were
1768	   available and usable.

1770	   Identifying the type of measurement source allows a location
1771	   recipient to make a decision about the trustworthiness of location
1772	   information without depending on having authenticated identity
1773	   information for each source.  An element for this purpose is defined
1774	   in Section 4.4.

1776	   When including location information that is based on measurement data
1777	   from sources that might be untrusted, a LIS SHOULD include
1778	   alternative location information that is derived from trusted sources
1779	   of measurement data.  Each item of location information can then be
1780	   labelled with the source of that data.

1782	   A location recipient that is able to identify a specific source of
1783	   measurement data (whether it be LIS or Device) can use this
1784	   information to attribute location information to either or both
1785	   entity.  The location recipient is then better able to make decisions
1786	   about trustworthiness based on the source of the data.

1788	   A location recipient that does not understand the "source" element is
1789	   unable to make this distinction.  When constructing a PIDF-LO
1790	   document, trusted location information MUST be placed in the PIDF-LO
1791	   so that it is given higher priority to any untrusted location
1792	   information according to Rule #8 of [RFC5491].

1794	   Attribution of information does nothing to address attacks that alter
1795	   the observed parameters that are used in location determination
1796	   (Section 7.1.5).

1798	7.2.5.  Stateful Correlation of Location Requests

1800	   Stateful examination of requests can be used to prevent a Device from
1801	   attempting to map network topology using requests for location
1802	   information (Section 7.1.2).

1804	   Simply limiting the rate of requests from a single Device reduces the
1805	   amount of data that a Device can acquire about network topology.

1807	8.  Measurement Schemas

1809	   The schema are broken up into their respective functions.  There is a
1810	   base container schema into which all measurements are placed, plus
1811	   definitions for a measurement request (Section 8.1).  A PIDF-LO
1812	   extension is defined in a separate schema (Section 8.2).  There is a
1813	   basic types schema, that contains various base type definitions for
1814	   things such as the "rmsError" and "samples" attributes IPv4, IPv6 and
1815	   MAC addresses (Section 8.3).  Then each of the specific measurement
1816	   types is defined in its own schema.

1818	8.1.  Measurement Container Schema

1820	  <?xml version="1.0"?>
1821	  <xs:schema
1822	      xmlns:lm="urn:ietf:params:xml:ns:geopriv:lm"
1823	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1824	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
1825	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm"
1826	      elementFormDefault="qualified"
1827	      attributeFormDefault="unqualified">

1829	    <xs:annotation>
1830	      <xs:appinfo
1831	          source="urn:ietf:params:xml:schema:geopriv:lm">
1832	      </xs:appinfo>
1833	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1834	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1835	             published RFC and remove this note.]] -->
1836	        This schema defines a framework for location measurements.
1837	      </xs:documentation>
1838	    </xs:annotation>

1840	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

1842	    <xs:element name="measurements">
1843	      <xs:complexType>
1844	        <xs:complexContent>
1845	          <xs:restriction base="xs:anyType">
1846	            <xs:sequence>
1847	              <xs:any namespace="##other" processContents="lax"
1848	                      minOccurs="0" maxOccurs="unbounded"/>
1849	            </xs:sequence>
1850	            <xs:attribute name="time" type="xs:dateTime"/>
1851	            <xs:attribute name="timeError" type="bt:positiveDouble"/>
1852	            <xs:attribute name="expires" type="xs:dateTime"/>
1853	            <xs:anyAttribute namespace="##any" processContents="lax"/>
1854	          </xs:restriction>
1855	        </xs:complexContent>
1856	      </xs:complexType>
1857	    </xs:element>

1859	    <xs:element name="measurementRequest"
1860	                type="lm:measurementRequestType"/>
1861	    <xs:complexType name="measurementRequestType">
1862	      <xs:complexContent>
1863	        <xs:restriction base="xs:anyType">
1864	          <xs:sequence>
1865	            <xs:element ref="lm:measurement"
1866	                        minOccurs="0" maxOccurs="unbounded"/>
1867	            <xs:any namespace="##other" processContents="lax"
1868	                    minOccurs="0" maxOccurs="unbounded"/>
1869	          </xs:sequence>
1870	        </xs:restriction>
1871	      </xs:complexContent>
1872	    </xs:complexType>

1874	    <xs:element name="measurement" type="lm:measurementType"/>
1875	    <xs:complexType name="measurementType">
1876	      <xs:complexContent>
1877	        <xs:restriction base="xs:anyType">
1878	          <xs:sequence>
1879	            <xs:any namespace="##other" processContents="lax"
1880	                    minOccurs="0" maxOccurs="unbounded"/>
1881	          </xs:sequence>
1882	          <xs:attribute name="type" type="xs:QName" use="required"/>
1883	          <xs:attribute name="samples" type="xs:positiveInteger"/>
1884	        </xs:restriction>
1885	      </xs:complexContent>
1886	    </xs:complexType>

1888	    <!-- PIDF-LO extension for source -->
1889	    <xs:element name="source" type="lm:sourceType"/>
1890	    <xs:simpleType name="sourceType">
1891	      <xs:list>
1892	        <xs:simpleType>
1893	          <xs:restriction base="xs:token">
1894	            <xs:enumeration value="lis"/>
1895	            <xs:enumeration value="device"/>
1896	            <xs:enumeration value="other"/>
1897	          </xs:restriction>
1898	        </xs:simpleType>
1899	      </xs:list>
1900	    </xs:simpleType>
1901	  </xs:schema>

1903	                       Measurement Container Schema

1905	8.2.  Measurement Source Schema

1907	   <?xml version="1.0"?>
1908	   <xs:schema
1909	       xmlns:lmsrc="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
1910	       xmlns:xs="http://www.w3.org/2001/XMLSchema"
1911	       targetNamespace="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
1912	       elementFormDefault="qualified"
1913	       attributeFormDefault="unqualified">

1915	     <xs:annotation>
1916	       <xs:appinfo
1917	           source="urn:ietf:params:xml:schema:pidf:geopriv10:lmsrc">
1918	       </xs:appinfo>
1919	       <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1920	         <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1921	              published RFC and remove this note.]] -->
1922	         This schema defines an extension to PIDF-LO that indicates the
1923	         type of source that produced the measurement data used in
1924	         generating the associated location information.
1925	       </xs:documentation>
1926	     </xs:annotation>

1928	     <xs:element name="source" type="lmsrc:sourceType"/>
1929	     <xs:simpleType name="sourceType">
1930	       <xs:list>
1931	         <xs:simpleType>
1932	           <xs:restriction base="xs:token">
1933	             <xs:enumeration value="lis"/>
1934	             <xs:enumeration value="device"/>
1935	             <xs:enumeration value="other"/>
1936	           </xs:restriction>
1937	         </xs:simpleType>
1938	       </xs:list>
1939	     </xs:simpleType>
1940	   </xs:schema>

1942	                Measurement Source PIDF-LO Extension Schema

1944	8.3.  Base Type Schema

1946	   Note that the pattern rules in the following schema wrap due to
1947	   length constraints.  None of the patterns contain whitespace.

1949	 <?xml version="1.0"?>
1950	 <xs:schema
1951	   xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1952	   xmlns:xs="http://www.w3.org/2001/XMLSchema"
1953	   targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1954	   elementFormDefault="qualified"
1955	   attributeFormDefault="unqualified">

1957	   <xs:annotation>
1958	     <xs:appinfo
1959	         source="urn:ietf:params:xml:schema:geopriv:lm:basetypes">
1960	     </xs:appinfo>
1961	     <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1962	       <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1963	            published RFC and remove this note.]] -->
1964	       This schema defines a set of base type elements.
1965	     </xs:documentation>
1966	   </xs:annotation>

1968	   <xs:simpleType name="byteType">
1969	     <xs:restriction base="xs:integer">
1970	       <xs:minInclusive value="0"/>
1971	       <xs:maxInclusive value="255"/>
1972	     </xs:restriction>
1973	   </xs:simpleType>
1974	   <xs:simpleType name="twoByteType">
1975	     <xs:restriction base="xs:integer">
1976	       <xs:minInclusive value="0"/>
1977	       <xs:maxInclusive value="65535"/>
1978	     </xs:restriction>
1979	   </xs:simpleType>

1981	   <xs:simpleType name="nonNegativeDouble">
1982	     <xs:restriction base="xs:double">
1983	       <xs:minInclusive value="0.0"/>
1984	     </xs:restriction>
1985	   </xs:simpleType>
1986	   <xs:simpleType name="positiveDouble">
1987	     <xs:restriction base="bt:nonNegativeDouble">
1988	       <xs:minExclusive value="0.0"/>
1989	     </xs:restriction>
1990	   </xs:simpleType>

1992	   <xs:complexType name="doubleWithRMSError">
1993	     <xs:simpleContent>
1994	       <xs:extension base="xs:double">
1995	         <xs:attribute name="rmsError" type="bt:positiveDouble"/>
1996	         <xs:attribute name="samples" type="xs:positiveInteger"/>
1997	       </xs:extension>
1998	     </xs:simpleContent>
1999	   </xs:complexType>
2000	   <xs:complexType name="nnDoubleWithRMSError">
2001	     <xs:simpleContent>
2002	       <xs:restriction base="bt:doubleWithRMSError">
2003	         <xs:minInclusive value="0"/>
2004	       </xs:restriction>
2005	     </xs:simpleContent>
2006	   </xs:complexType>

2008	   <xs:simpleType name="ipAddressType">
2009	     <xs:union memberTypes="bt:IPv6AddressType bt:IPv4AddressType"/>
2010	   </xs:simpleType>

2012	   <!-- IPv6 format definition -->
2013	   <xs:simpleType name="IPv6AddressType">
2014	     <xs:annotation>
2015	       <xs:documentation>
2016	         An IP version 6 address, based on RFC 4291.
2017	       </xs:documentation>
2018	     </xs:annotation>
2019	     <xs:restriction base="xs:token">
2020	       <!-- Fully specified address -->
2021	       <xs:pattern value="[0-9A-Fa-f]{1,4}(:[0-9A-Fa-f]{1,4}){7}"/>
2022	       <!-- Double colon start -->
2023	       <xs:pattern value=":(:[0-9A-Fa-f]{1,4}){1,7}"/>
2024	       <!-- Double colon middle -->
2025	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,6}
2026	                          (:[0-9A-Fa-f]{1,4}){1}"/>
2027	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,5}
2028	                          (:[0-9A-Fa-f]{1,4}){1,2}"/>
2029	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,4}
2030	                          (:[0-9A-Fa-f]{1,4}){1,3}"/>
2031	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,3}
2032	                          (:[0-9A-Fa-f]{1,4}){1,4}"/>
2033	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,2}
2034	                          (:[0-9A-Fa-f]{1,4}){1,5}"/>
2035	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1}
2036	                          (:[0-9A-Fa-f]{1,4}){1,6}"/>
2037	       <!-- Double colon end -->
2038	       <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,7}:"/>
2039	       <!-- IPv4-Compatible and IPv4-Mapped Addresses -->
2040	       <xs:pattern value="((:(:0{1,4}){0,3}:[fF]{4})|(0{1,4}:
2041	                          (:0{1,4}){0,2}:[fF]{4})|((0{1,4}:){2}
2042	                          (:0{1,4})?:[fF]{4})|((0{1,4}:){3}:[fF]{4})
2043	                          |((0{1,4}:){4}[fF]{4})):(25[0-5]|2[0-4][0-9]|
2044	                          [0-1]?[0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]
2045	                          ?[0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]?
2046	                          [0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]?
2047	                          [0-9]?[0-9])"/>
2048	       <!-- The unspecified address -->
2049	       <xs:pattern value="::"/>
2050	     </xs:restriction>
2051	   </xs:simpleType>

2053	   <!-- IPv4 format definition -->
2054	   <xs:simpleType name="IPv4AddressType">
2055	     <xs:restriction base="xs:token">
2056	       <xs:pattern value="(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2057	                          (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2058	                          (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2059	                          (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])"/>
2060	     </xs:restriction>
2061	   </xs:simpleType>

2063	   <!-- MAC address (EUI-48) or EUI-64 address -->
2064	   <xs:simpleType name="macAddressType">
2065	     <xs:restriction base="xs:token">
2066	       <xs:pattern
2067	   value="[\da-fA-F]{2}(-[\da-fA-F]{2}){5}((-[\da-fA-F]{2}){2})?"/>
2068	     </xs:restriction>
2069	   </xs:simpleType>

2071	 </xs:schema>

2073	                             Base Type Schema

2075	8.4.  LLDP Measurement Schema

2077	  <?xml version="1.0"?>
2078	  <xs:schema
2079	      xmlns:lldp="urn:ietf:params:xml:ns:geopriv:lm:lldp"
2080	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2081	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2082	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:lldp"
2083	      elementFormDefault="qualified"
2084	      attributeFormDefault="unqualified">

2086	    <xs:annotation>
2087	      <xs:appinfo
2088	          source="urn:ietf:params:xml:schema:geopriv:lm:lldp">
2089	      </xs:appinfo>
2090	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2091	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2092	             published RFC and remove this note.]] -->
2093	        This schema defines a set of LLDP location measurements.
2094	      </xs:documentation>
2095	    </xs:annotation>
2096	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2098	    <xs:element name="lldp" type="lldp:lldpMeasurementType"/>
2099	    <xs:complexType name="lldpMeasurementType">
2100	      <xs:complexContent>
2101	        <xs:restriction base="xs:anyType">
2102	          <xs:sequence>
2103	            <xs:element name="chassis" type="lldp:lldpDataType"/>
2104	            <xs:element name="port" type="lldp:lldpDataType"/>
2105	            <xs:any namespace="##other" processContents="lax"
2106	                    minOccurs="0" maxOccurs="unbounded"/>
2107	          </xs:sequence>
2108	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2109	        </xs:restriction>
2110	      </xs:complexContent>
2111	    </xs:complexType>

2113	    <xs:complexType name="lldpDataType">
2114	      <xs:simpleContent>
2115	        <xs:extension base="lldp:lldpOctetStringType">
2116	          <xs:attribute name="type" type="bt:byteType"
2117	                        use="required"/>
2118	        </xs:extension>
2119	      </xs:simpleContent>
2120	    </xs:complexType>

2122	    <xs:simpleType name="lldpOctetStringType">
2123	      <xs:restriction base="xs:hexBinary">
2124	        <xs:minLength value="1"/>
2125	        <xs:maxLength value="255"/>
2126	      </xs:restriction>
2127	    </xs:simpleType>

2129	  </xs:schema>

2131	                          LLDP measurement schema

2133	8.5.  DHCP Measurement Schema

2135	  <?xml version="1.0"?>
2136	  <xs:schema
2137	      xmlns:dhcp="urn:ietf:params:xml:ns:geopriv:lm:dhcp"
2138	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2139	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2140	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:dhcp"
2141	      elementFormDefault="qualified"
2142	      attributeFormDefault="unqualified">

2144	    <xs:annotation>
2145	      <xs:appinfo
2146	          source="urn:ietf:params:xml:schema:geopriv:lm:dhcp">
2147	      </xs:appinfo>
2148	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2149	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2150	             published RFC and remove this note.]] -->
2151	        This schema defines a set of DHCP location measurements.
2152	      </xs:documentation>
2153	    </xs:annotation>

2155	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2157	    <!-- DHCP Relay Agent Information Option -->
2158	    <xs:element name="dhcp-rai" type="dhcp:dhcpType"/>
2159	    <xs:complexType name="dhcpType">
2160	      <xs:complexContent>
2161	        <xs:restriction base="xs:anyType">
2162	          <xs:sequence>
2163	            <xs:element name="giaddr" type="bt:ipAddressType"/>
2164	            <xs:element name="circuit"
2165	                        type="xs:hexBinary" minOccurs="0"/>
2166	            <xs:element name="remote"
2167	                        type="dhcp:dhcpRemoteType" minOccurs="0"/>
2168	            <xs:element name="subscriber"
2169	                        type="xs:hexBinary" minOccurs="0"/>
2170	            <xs:any namespace="##other" processContents="lax"
2171	                    minOccurs="0" maxOccurs="unbounded"/>
2172	          </xs:sequence>
2173	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2174	        </xs:restriction>
2175	      </xs:complexContent>
2176	    </xs:complexType>

2178	    <xs:complexType name="dhcpRemoteType">
2179	      <xs:simpleContent>
2180	        <xs:extension base="xs:hexBinary">
2181	          <xs:attribute name="enterprise" type="xs:positiveInteger"
2182	                        use="optional"/>
2183	        </xs:extension>
2184	      </xs:simpleContent>
2185	    </xs:complexType>

2187	  </xs:schema>

2189	                          DHCP measurement schema

2191	8.6.  WiFi Measurement Schema
2192	  <?xml version="1.0"?>
2193	  <xs:schema
2194	      xmlns:wifi="urn:ietf:params:xml:ns:geopriv:lm:wifi"
2195	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2196	      xmlns:gml="http://www.opengis.net/gml"
2197	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2198	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:wifi"
2199	      elementFormDefault="qualified"
2200	      attributeFormDefault="unqualified">

2202	    <xs:annotation>
2203	      <xs:appinfo
2204	          source="urn:ietf:params:xml:schema:geopriv:lm:wifi">
2205	        802.11 location measurements
2206	      </xs:appinfo>
2207	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2208	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2209	             published RFC and remove this note.]] -->
2210	        This schema defines a basic set of 802.11 location measurements.
2211	      </xs:documentation>
2212	    </xs:annotation>

2214	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>
2215	    <xs:import namespace="http://www.opengis.net/gml"/>

2217	    <xs:element name="wifi" type="wifi:wifiNetworkType"/>

2219	    <xs:complexType name="wifiNetworkType">
2220	      <xs:complexContent>
2221	        <xs:restriction base="xs:anyType">
2222	          <xs:sequence>
2223	            <xs:element name="nicType" type="xs:token"
2224	                        minOccurs="0"/>
2225	            <xs:element name="ap" type="wifi:wifiType"
2226	                        maxOccurs="unbounded"/>
2227	          </xs:sequence>
2228	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2229	        </xs:restriction>
2230	      </xs:complexContent>
2231	    </xs:complexType>

2233	    <xs:complexType name="wifiType">
2234	      <xs:complexContent>
2235	        <xs:restriction base="xs:anyType">
2236	          <xs:sequence>
2237	            <xs:element name="bssid" type="wifi:bssidType"/>
2238	            <xs:element name="name" type="wifi:ssidBaseType"
2239	                        minOccurs="0"/>

2241	            <xs:element name="ssid" type="wifi:ssidBaseType"
2242	                        minOccurs="0"/>
2243	            <xs:element name="channel" type="xs:nonNegativeInteger"
2244	                        minOccurs="0"/>
2245	            <xs:element name="location" minOccurs="0"
2246	                        type="xs:anyType"/>
2247	            <xs:element name="type" type="wifi:networkType"
2248	                        minOccurs="0"/>
2249	            <xs:element name="regclass" type="wifi:regclassType"
2250	                        minOccurs="0"/>
2251	            <xs:element name="antenna" type="wifi:octetType"
2252	                        minOccurs="0"/>
2253	            <xs:element name="flightTime "minOccurs="0"
2254	                        type="bt:nnDoubleWithRMSError"/>
2255	            <xs:element name="apSignal" type="wifi:signalType"
2256	                        minOccurs="0"/>
2257	            <xs:element name="deviceSignal" type="wifi:signalType"
2258	                        minOccurs="0"/>
2259	            <xs:any namespace="##other" processContents="lax"
2260	                    minOccurs="0" maxOccurs="unbounded"/>
2261	          </xs:sequence>
2262	          <xs:attribute name="serving" type="xs:boolean"
2263	                        default="false"/>
2264	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2265	        </xs:restriction>
2266	      </xs:complexContent>
2267	    </xs:complexType>

2269	    <xs:simpleType name="ssidBaseType">
2270	      <xs:restriction base="xs:token">
2271	        <xs:maxLength value="32"/>
2272	      </xs:restriction>
2273	    </xs:simpleType>

2275	    <xs:complexType name="bssidType">
2276	      <xs:simpleContent>
2277	        <xs:extension base="bt:macAddressType">
2278	          <xs:attribute name="verified" type="xs:boolean"
2279	                        default="false"/>
2280	        </xs:extension>
2281	      </xs:simpleContent>
2282	    </xs:complexType>

2284	    <xs:simpleType name="networkType">
2285	      <xs:restriction base="xs:token">
2286	        <xs:pattern value="[a-zA-Z]+"/>
2287	      </xs:restriction>
2288	    </xs:simpleType>
2289	    <xs:complexType name="regclassType">
2290	      <xs:simpleContent>
2291	        <xs:extension base="wifi:octetType">
2292	          <xs:attribute name="country">
2293	            <xs:simpleType>
2294	              <xs:restriction base="xs:token">
2295	                <xs:pattern value="[A-Z]{2}[OIX]?"/>
2296	              </xs:restriction>
2297	            </xs:simpleType>
2298	          </xs:attribute>
2299	        </xs:extension>
2300	      </xs:simpleContent>
2301	    </xs:complexType>

2303	    <xs:simpleType name="octetType">
2304	      <xs:restriction base="xs:nonNegativeInteger">
2305	        <xs:maxInclusive value="255"/>
2306	      </xs:restriction>
2307	    </xs:simpleType>

2309	    <xs:complexType name="signalType">
2310	      <xs:complexContent>
2311	        <xs:restriction base="xs:anyType">
2312	          <xs:sequence>
2313	            <xs:element name="transmit" type="xs:double"
2314	                        minOccurs="0"/>
2315	            <xs:element name="gain" type="xs:double" minOccurs="0"/>
2316	            <xs:element name="rcpi" type="wifi:rssiType"
2317	                        minOccurs="0"/>
2318	            <xs:element name="rsni" type="bt:doubleWithRMSError"
2319	                        minOccurs="0"/>
2320	            <xs:any namespace="##other" processContents="lax"
2321	                    minOccurs="0" maxOccurs="unbounded"/>
2322	          </xs:sequence>
2323	        </xs:restriction>
2324	      </xs:complexContent>
2325	    </xs:complexType>

2327	    <xs:complexType name="rssiType">
2328	      <xs:simpleContent>
2329	        <xs:extension base="bt:doubleWithRMSError">
2330	          <xs:attribute name="dBm" type="xs:boolean" default="true"/>
2331	        </xs:extension>
2332	      </xs:simpleContent>
2333	    </xs:complexType>

2335	    <!-- Measurement Request elements -->
2336	    <xs:element name="type" type="wifi:networkType"/>
2337	    <xs:element name="parameter" type="wifi:parameterType"/>

2339	    <xs:complexType name="parameterType">
2340	      <xs:simpleContent>
2341	        <xs:extension base="xs:QName">
2342	          <xs:attribute name="context" use="optional">
2343	            <xs:simpleType>
2344	              <xs:restriction base="xs:token">
2345	                <xs:enumeration value="ap"/>
2346	                <xs:enumeration value="device"/>
2347	              </xs:restriction>
2348	            </xs:simpleType>
2349	          </xs:attribute>
2350	        </xs:extension>
2351	      </xs:simpleContent>
2352	    </xs:complexType>

2354	  </xs:schema>

2356	                          WiFi measurement schema

2358	8.7.  Cellular Measurement Schema

2360	   <?xml version="1.0"?>
2361	   <xs:schema
2362	       xmlns:cell="urn:ietf:params:xml:ns:geopriv:lm:cell"
2363	       xmlns:xs="http://www.w3.org/2001/XMLSchema"
2364	       targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:cell"
2365	       elementFormDefault="qualified"
2366	       attributeFormDefault="unqualified">

2368	     <xs:annotation>
2369	       <xs:appinfo
2370	           source="urn:ietf:params:xml:schema:geopriv:lm:cell">
2371	       </xs:appinfo>
2372	       <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2373	         <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2374	              published RFC and remove this note.]] -->
2375	         This schema defines a set of cellular location measurements.
2376	       </xs:documentation>
2377	     </xs:annotation>

2379	     <xs:element name="cellular" type="cell:cellularType"/>

2381	     <xs:complexType name="cellularType">
2382	       <xs:complexContent>
2383	         <xs:restriction base="xs:anyType">
2384	           <xs:sequence>
2385	             <xs:choice>
2386	               <xs:element name="servingCell" type="cell:cellType"/>
2387	               <xs:element name="observedCell" type="cell:cellType"/>
2388	             </xs:choice>
2389	             <xs:element name="observedCell" type="cell:cellType"
2390	                         minOccurs="0" maxOccurs="unbounded"/>
2391	           </xs:sequence>
2392	           <xs:anyAttribute namespace="##any" processContents="lax"/>
2393	         </xs:restriction>
2394	       </xs:complexContent>
2395	     </xs:complexType>

2397	     <xs:complexType name="cellType">
2398	       <xs:complexContent>
2399	         <xs:restriction base="xs:anyType">
2400	           <xs:choice>
2401	             <xs:sequence>
2402	               <xs:element name="mcc" type="cell:mccType"/>
2403	               <xs:element name="mnc" type="cell:mncType"/>
2404	               <xs:choice>
2405	                 <xs:sequence>
2406	                   <xs:choice>
2407	                     <xs:element name="rnc" type="cell:cellIdType"/>
2408	                     <xs:element name="lac" type="cell:cellIdType"/>
2409	                   </xs:choice>
2410	                   <xs:element name="cid" type="cell:cellIdType"/>
2411	                 </xs:sequence>
2412	                 <xs:element name="eucid" type="cell:cellIdType"/>
2413	               </xs:choice>
2414	               <xs:any namespace="##other" processContents="lax"
2415	                       minOccurs="0" maxOccurs="unbounded"/>
2416	             </xs:sequence>
2417	             <xs:sequence>
2418	               <xs:element name="nid" type="cell:cellIdType"/>
2419	               <xs:element name="sid" type="cell:cellIdType"/>
2420	               <xs:element name="baseid" type="cell:cellIdType"/>
2421	               <xs:any namespace="##other" processContents="lax"
2422	                       minOccurs="0" maxOccurs="unbounded"/>
2423	             </xs:sequence>
2424	             <xs:any namespace="##other" processContents="lax"
2425	                     minOccurs="0" maxOccurs="unbounded"/>
2426	           </xs:choice>
2427	         </xs:restriction>
2428	       </xs:complexContent>
2429	     </xs:complexType>

2431	     <xs:simpleType name="mccType">
2432	       <xs:restriction base="xs:token">
2433	         <xs:pattern value="[0-9]{3}"/>
2434	       </xs:restriction>
2435	     </xs:simpleType>

2437	     <xs:simpleType name="mncType">
2438	       <xs:restriction base="xs:token">
2439	         <xs:pattern value="[0-9]{2,3}"/>
2440	       </xs:restriction>
2441	     </xs:simpleType>

2443	     <xs:simpleType name="cellIdType">
2444	       <xs:restriction base="xs:nonNegativeInteger">
2445	         <xs:maxInclusive value="268435456"/> <!-- 2^28 (eucid) -->
2446	       </xs:restriction>
2447	     </xs:simpleType>

2449	     <!-- Measurement Request elements -->

2451	     <xs:element name="type" type="cell:typeType"/>
2452	     <xs:simpleType name="typeType">
2453	       <xs:restriction base="xs:token">
2454	         <xs:enumeration value="gsm"/>
2455	         <xs:enumeration value="umts"/>
2456	         <xs:enumeration value="lte"/>
2457	         <xs:enumeration value="cdma"/>
2458	       </xs:restriction>
2459	     </xs:simpleType>

2461	     <xs:element name="network" type="cell:networkType"/>
2462	     <xs:complexType name="networkType">
2463	       <xs:complexContent>
2464	         <xs:restriction base="xs:anyType">
2465	           <xs:choice>
2466	             <xs:sequence>
2467	               <xs:element name="mcc" type="cell:mccType"/>
2468	               <xs:element name="mnc" type="cell:mncType"/>
2469	             </xs:sequence>
2470	             <xs:element name="nid" type="cell:cellIdType"/>
2471	           </xs:choice>
2472	         </xs:restriction>
2473	       </xs:complexContent>
2474	     </xs:complexType>

2476	   </xs:schema>

2478	                        Cellular measurement schema

2480	8.8.  GNSS Measurement Schema
2481	 <?xml version="1.0"?>
2482	 <xs:schema
2483	     xmlns:gnss="urn:ietf:params:xml:ns:geopriv:lm:gnss"
2484	     xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2485	     xmlns:xs="http://www.w3.org/2001/XMLSchema"
2486	     targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:gnss"
2487	     elementFormDefault="qualified"
2488	     attributeFormDefault="unqualified">

2490	   <xs:annotation>
2491	     <xs:appinfo
2492	         source="urn:ietf:params:xml:schema:geopriv:lm:gnss">
2493	     </xs:appinfo>
2494	     <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2495	       <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2496	            published RFC and remove this note.]] -->
2497	       This schema defines a set of GNSS location measurements
2498	     </xs:documentation>
2499	   </xs:annotation>

2501	   <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2503	   <!-- GNSS -->
2504	   <xs:element name="gnss" type="gnss:gnssMeasurementType">
2505	     <xs:unique name="gnssSatellite">
2506	       <xs:selector xpath="sat"/>
2507	       <xs:field xpath="@num"/>
2508	     </xs:unique>
2509	   </xs:element>

2511	   <xs:complexType name="gnssMeasurementType">
2512	     <xs:complexContent>
2513	       <xs:restriction base="xs:anyType">
2514	         <xs:sequence>
2515	           <xs:element name="gnssTime" type="bt:nnDoubleWithRMSError"
2516	                       minOccurs="0"/>
2517	           <xs:element name="sat" type="gnss:gnssSatelliteType"
2518	                       minOccurs="1" maxOccurs="64"/>
2519	           <xs:any namespace="##other" processContents="lax"
2520	                   minOccurs="0" maxOccurs="unbounded"/>
2521	         </xs:sequence>
2522	         <xs:attribute name="system" type="xs:token" use="required"/>
2523	         <xs:attribute name="signal" type="xs:token"/>
2524	         <xs:anyAttribute namespace="##any" processContents="lax"/>
2525	       </xs:restriction>
2526	     </xs:complexContent>
2527	   </xs:complexType>
2528	   <xs:complexType name="gnssSatelliteType">
2529	     <xs:complexContent>
2530	       <xs:restriction base="xs:anyType">
2531	         <xs:sequence>
2532	           <xs:element name="doppler" type="bt:doubleWithRMSError"/>
2533	           <xs:element name="codephase" type="bt:nnDoubleWithRMSError"/>
2534	           <xs:element name="cn0" type="bt:nonNegativeDouble"/>
2535	           <xs:element name="mp" type="bt:positiveDouble"
2536	                       minOccurs="0"/>
2537	           <xs:element name="cq" type="gnss:codePhaseQualityType"
2538	                       minOccurs="0"/>
2539	           <xs:element name="adr" type="xs:double" minOccurs="0"/>
2540	         </xs:sequence>
2541	         <xs:attribute name="num" type="xs:positiveInteger"
2542	                       use="required"/>
2543	       </xs:restriction>
2544	     </xs:complexContent>
2545	   </xs:complexType>

2547	   <xs:complexType name="codePhaseQualityType">
2548	     <xs:complexContent>
2549	       <xs:restriction base="xs:anyType">
2550	         <xs:attribute name="continuous" type="xs:boolean"
2551	                       default="true"/>
2552	         <xs:attribute name="direct" use="required">
2553	           <xs:simpleType>
2554	             <xs:restriction base="xs:token">
2555	               <xs:enumeration value="direct"/>
2556	               <xs:enumeration value="inverted"/>
2557	             </xs:restriction>
2558	           </xs:simpleType>
2559	         </xs:attribute>
2560	       </xs:restriction>
2561	     </xs:complexContent>
2562	   </xs:complexType>
2563	 </xs:schema>

2565	                          GNSS measurement Schema

2567	8.9.  DSL Measurement Schema

2569	  <?xml version="1.0"?>
2570	  <xs:schema
2571	      xmlns:dsl="urn:ietf:params:xml:ns:geopriv:lm:dsl"
2572	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2573	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2574	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:dsl"
2575	      elementFormDefault="qualified"
2576	      attributeFormDefault="unqualified">

2578	    <xs:annotation>
2579	      <xs:appinfo
2580	          source="urn:ietf:params:xml:schema:geopriv:lm:dsl">
2581	        DSL measurement definitions
2582	      </xs:appinfo>
2583	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2584	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2585	             published RFC and remove this note.]] -->
2586	        This schema defines a basic set of DSL location measurements.
2587	      </xs:documentation>
2588	    </xs:annotation>

2590	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2592	    <xs:element name="dsl" type="dsl:dslVlanType"/>
2593	    <xs:complexType name="dslVlanType">
2594	      <xs:complexContent>
2595	        <xs:restriction base="xs:anyType">
2596	          <xs:choice>
2597	            <xs:element name="l2tp">
2598	              <xs:complexType>
2599	                <xs:complexContent>
2600	                  <xs:restriction base="xs:anyType">
2601	                    <xs:sequence>
2602	                      <xs:element name="src" type="bt:ipAddressType"/>
2603	                      <xs:element name="dest" type="bt:ipAddressType"/>
2604	                      <xs:element name="session"
2605	                                  type="xs:nonNegativeInteger"/>
2606	                    </xs:sequence>
2607	                  </xs:restriction>
2608	                </xs:complexContent>
2609	              </xs:complexType>
2610	            </xs:element>
2611	            <xs:sequence>
2612	              <xs:element name="an" type="xs:token"/>
2613	              <xs:group ref="dsl:dslSlotPort"/>
2614	            </xs:sequence>
2615	            <xs:sequence>
2616	              <xs:element name="stag" type="dsl:vlanIDType"/>
2617	              <xs:choice>
2618	                <xs:sequence>
2619	                  <xs:element name="ctag" type="dsl:vlanIDType"/>
2620	                  <xs:group ref="dsl:dslSlotPort" minOccurs="0"/>
2621	                </xs:sequence>
2622	                <xs:group ref="dsl:dslSlotPort"/>
2623	              </xs:choice>

2625	            </xs:sequence>
2626	            <xs:sequence>
2627	              <xs:element name="vpi" type="bt:byteType"/>
2628	              <xs:element name="vci" type="bt:twoByteType"/>
2629	            </xs:sequence>
2630	            <xs:any namespace="##other" processContents="lax"
2631	                    minOccurs="0" maxOccurs="unbounded"/>
2632	          </xs:choice>
2633	          <xs:anyAttribute namespace="##other" processContents="lax"/>
2634	        </xs:restriction>
2635	      </xs:complexContent>
2636	    </xs:complexType>
2637	    <xs:simpleType name="vlanIDType">
2638	      <xs:restriction base="xs:nonNegativeInteger">
2639	        <xs:maxInclusive value="4095"/>
2640	      </xs:restriction>
2641	    </xs:simpleType>
2642	    <xs:group name="dslSlotPort">
2643	      <xs:sequence>
2644	        <xs:element name="slot" type="xs:token"/>
2645	        <xs:element name="port" type="xs:token"/>
2646	      </xs:sequence>
2647	    </xs:group>

2649	  </xs:schema>

2651	                          DSL measurement schema

2653	9.  IANA Considerations

2655	   This section creates a registry for GNSS types (Section 5.5) and
2656	   registers the namespaces and schema defined in Section 8.

2658	9.1.  IANA Registry for GNSS Types

2660	   This document establishes a new IANA registry for Global Navigation
2661	   Satellite System (GNSS) types.  The registry includes tokens for the
2662	   GNSS type and for each of the signals within that type.  Referring to
2663	   [RFC5226], this registry operates under "Specification Required"
2664	   rules.  The IESG will appoint an Expert Reviewer who will advise IANA
2665	   promptly on each request for a new or updated GNSS type.

2667	   Each entry in the registry requires the following information:

2669	   GNSS name:  the name and a brief description of the GNSS

2671	   Brief description:  the name and a brief description of the GNSS

2673	   GNSS token:  a token that can be used to identify the GNSS

2675	   Signals:  a set of tokens that represent each of the signals that the
2676	      system provides

2678	   Documentation reference:  a reference to one or more stable, public
2679	      specifications that outline usage of the GNSS, including (but not
2680	      limited to) signal specifications and time systems

2682	   The registry initially includes two registrations:

2684	   GNSS name:  Global Positioning System (GPS)

2686	   Brief description:  a system of satellites that use spread-spectrum
2687	      transmission, operated by the US military for commercial and
2688	      military applications

2690	   GNSS token:  gps

2692	   Signals:  L1, L2, L1C, L2C, L5

2694	   Documentation reference:  Navstar GPS Space Segment/Navigation User
2695	      Interface [GPS.ICD]

2697	   GNSS name:  Galileo

2699	   Brief description:  a system of satellites that operate in the same
2700	      spectrum as GPS, operated by the European Union for commercial
2701	      applications

2703	   GNSS Token:  galileo

2705	   Signals:  L1, E5A, E5B, E5A+B, E6

2707	   Documentation Reference:  Galileo Open Service Signal In Space
2708	      Interface Control Document (SIS ICD) [Galileo.ICD]

2710	9.2.  URN Sub-Namespace Registration for
2711	      urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc

2713	   This section registers a new XML namespace,
2714	   "urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc", as per the guidelines
2715	   in [RFC3688].

2717	      URI: urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc

2719	      Registrant Contact: IETF, GEOPRIV working group,
2720	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2722	      XML:

2724	         BEGIN
2725	           <?xml version="1.0"?>
2726	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2727	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2728	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2729	             <head>
2730	               <title>Measurement Source for PIDF-LO</title>
2731	             </head>
2732	             <body>
2733	               <h1>Namespace for Location Measurement Source</h1>
2734	               <h2>urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc</h2>
2735	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2736	       with the RFC number for this specification.]]
2737	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2738	             </body>
2739	           </html>
2740	         END

2742	9.3.  URN Sub-Namespace Registration for
2743	      urn:ietf:params:xml:ns:geopriv:lm

2745	   This section registers a new XML namespace,
2746	   "urn:ietf:params:xml:ns:geopriv:lm", as per the guidelines in
2747	   [RFC3688].

2749	      URI: urn:ietf:params:xml:ns:geopriv:lm

2751	      Registrant Contact: IETF, GEOPRIV working group,
2752	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2754	      XML:

2756	         BEGIN
2757	           <?xml version="1.0"?>
2758	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2759	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2760	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2761	             <head>
2762	               <title>Measurement Container</title>
2763	             </head>
2764	             <body>
2765	               <h1>Namespace for Location Measurement Container</h1>
2766	               <h2>urn:ietf:params:xml:ns:geopriv:lm</h2>
2767	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2768	       with the RFC number for this specification.]]
2769	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2770	             </body>
2771	           </html>
2772	         END

2774	9.4.  URN Sub-Namespace Registration for
2775	      urn:ietf:params:xml:ns:geopriv:lm:basetypes

2777	   This section registers a new XML namespace,
2778	   "urn:ietf:params:xml:ns:geopriv:lm:basetypes", as per the guidelines
2779	   in [RFC3688].

2781	      URI: urn:ietf:params:xml:ns:geopriv:lm:basetypes

2783	      Registrant Contact: IETF, GEOPRIV working group,
2784	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2786	      XML:

2788	         BEGIN
2789	           <?xml version="1.0"?>
2790	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2791	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2792	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2793	             <head>
2794	               <title>Base Device Types</title>
2795	             </head>
2796	             <body>
2797	               <h1>Namespace for Base Types</h1>
2798	               <h2>urn:ietf:params:xml:ns:geopriv:lm:basetypes</h2>
2799	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2800	       with the RFC number for this specification.]]
2801	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2802	             </body>
2803	           </html>

2805	         END

2807	9.5.  URN Sub-Namespace Registration for
2808	      urn:ietf:params:xml:ns:geopriv:lm:lldp

2810	   This section registers a new XML namespace,
2811	   "urn:ietf:params:xml:ns:geopriv:lm:lldp", as per the guidelines in
2812	   [RFC3688].

2814	      URI: urn:ietf:params:xml:ns:geopriv:lm:lldp

2816	      Registrant Contact: IETF, GEOPRIV working group,
2817	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2819	      XML:

2821	         BEGIN
2822	           <?xml version="1.0"?>
2823	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2824	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2825	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2826	             <head>
2827	               <title>LLDP Measurement Set</title>
2828	             </head>
2829	             <body>
2830	               <h1>Namespace for LLDP Measurement Set</h1>
2831	               <h2>urn:ietf:params:xml:ns:geopriv:lm:lldp</h2>
2832	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2833	       with the RFC number for this specification.]]
2834	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2835	             </body>
2836	           </html>
2837	         END

2839	9.6.  URN Sub-Namespace Registration for
2840	      urn:ietf:params:xml:ns:geopriv:lm:dhcp

2842	   This section registers a new XML namespace,
2843	   "urn:ietf:params:xml:ns:geopriv:lm:dhcp", as per the guidelines in
2844	   [RFC3688].

2846	      URI: urn:ietf:params:xml:ns:geopriv:lm:dhcp

2848	      Registrant Contact: IETF, GEOPRIV working group,
2849	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2851	      XML:

2853	         BEGIN
2854	           <?xml version="1.0"?>
2855	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2856	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2857	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2858	             <head>
2859	               <title>DHCP Measurement Set</title>
2860	             </head>
2861	             <body>
2862	               <h1>Namespace for DHCP Measurement Set</h1>
2863	               <h2>urn:ietf:params:xml:ns:geopriv:lm:dhcp</h2>
2864	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2865	       with the RFC number for this specification.]]
2866	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2867	             </body>
2868	           </html>
2869	         END

2871	9.7.  URN Sub-Namespace Registration for
2872	      urn:ietf:params:xml:ns:geopriv:lm:wifi

2874	   This section registers a new XML namespace,
2875	   "urn:ietf:params:xml:ns:geopriv:lm:wifi", as per the guidelines in
2876	   [RFC3688].

2878	      URI: urn:ietf:params:xml:ns:geopriv:lm:wifi

2880	      Registrant Contact: IETF, GEOPRIV working group,
2881	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2883	      XML:

2885	         BEGIN
2886	           <?xml version="1.0"?>
2887	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2888	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2889	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2890	             <head>
2891	               <title>WiFi Measurement Set</title>
2892	             </head>
2893	             <body>
2894	               <h1>Namespace for WiFi Measurement Set</h1>
2895	               <h2>urn:ietf:params:xml:ns:geopriv:lm:wifi</h2>
2896	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2897	       with the RFC number for this specification.]]
2898	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2899	             </body>
2900	           </html>

2902	         END

2904	9.8.  URN Sub-Namespace Registration for
2905	      urn:ietf:params:xml:ns:geopriv:lm:cell

2907	   This section registers a new XML namespace,
2908	   "urn:ietf:params:xml:ns:geopriv:lm:cell", as per the guidelines in
2909	   [RFC3688].

2911	      URI: urn:ietf:params:xml:ns:geopriv:lm:cell

2913	      Registrant Contact: IETF, GEOPRIV working group,
2914	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2916	      XML:

2918	         BEGIN
2919	           <?xml version="1.0"?>
2920	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2921	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2922	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2923	             <head>
2924	               <title>Cellular Measurement Set</title>
2925	             </head>
2926	             <body>
2927	               <h1>Namespace for Cellular Measurement Set</h1>
2928	               <h2>urn:ietf:params:xml:ns:geopriv:lm:cell</h2>
2929	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2930	       with the RFC number for this specification.]]
2931	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2932	             </body>
2933	           </html>
2934	         END

2936	9.9.  URN Sub-Namespace Registration for
2937	      urn:ietf:params:xml:ns:geopriv:lm:gnss

2939	   This section registers a new XML namespace,
2940	   "urn:ietf:params:xml:ns:geopriv:lm:gnss", as per the guidelines in
2941	   [RFC3688].

2943	      URI: urn:ietf:params:xml:ns:geopriv:lm:gnss

2945	      Registrant Contact: IETF, GEOPRIV working group,
2946	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2948	      XML:

2950	         BEGIN
2951	           <?xml version="1.0"?>
2952	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2953	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2954	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2955	             <head>
2956	               <title>GNSS Measurement Set</title>
2957	             </head>
2958	             <body>
2959	               <h1>Namespace for GNSS Measurement Set</h1>
2960	               <h2>urn:ietf:params:xml:ns:geopriv:lm:gnss</h2>
2961	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2962	       with the RFC number for this specification.]]
2963	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2964	             </body>
2965	           </html>
2966	         END

2968	9.10.  URN Sub-Namespace Registration for
2969	       urn:ietf:params:xml:ns:geopriv:lm:dsl

2971	   This section registers a new XML namespace,
2972	   "urn:ietf:params:xml:ns:geopriv:lm:dsl", as per the guidelines in
2973	   [RFC3688].

2975	      URI: urn:ietf:params:xml:ns:geopriv:lm:dsl

2977	      Registrant Contact: IETF, GEOPRIV working group,
2978	      (geopriv@ietf.org), Martin Thomson (martin.thomson@andrew.com).

2980	      XML:

2982	         BEGIN
2983	           <?xml version="1.0"?>
2984	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2985	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2986	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2987	             <head>
2988	               <title>DSL Measurement Set</title>
2989	             </head>
2990	             <body>
2991	               <h1>Namespace for DSL Measurement Set</h1>
2992	               <h2>urn:ietf:params:xml:ns:geopriv:lm:dsl</h2>
2993	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2994	       with the RFC number for this specification.]]
2995	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2996	             </body>
2997	           </html>

2999	         END

3001	9.11.  XML Schema Registration for Measurement Source Schema

3003	   This section registers an XML schema as per the guidelines in
3004	   [RFC3688].

3006	   URI:  urn:ietf:params:xml:schema:pidf:geopriv10:lmsrc

3008	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3009	      Martin Thomson (martin.thomson@andrew.com).

3011	   Schema:  The XML for this schema can be found in Section 8.2 of this
3012	      document.

3014	9.12.  XML Schema Registration for Measurement Container Schema

3016	   This section registers an XML schema as per the guidelines in
3017	   [RFC3688].

3019	   URI:  urn:ietf:params:xml:schema:lm

3021	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3022	      Martin Thomson (martin.thomson@andrew.com).

3024	   Schema:  The XML for this schema can be found in Section 8.1 of this
3025	      document.

3027	9.13.  XML Schema Registration for Base Types Schema

3029	   This section registers an XML schema as per the guidelines in
3030	   [RFC3688].

3032	   URI:  urn:ietf:params:xml:schema:lm:basetypes

3034	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3035	      Martin Thomson (martin.thomson@andrew.com).

3037	   Schema:  The XML for this schema can be found in Section 8.3 of this
3038	      document.

3040	9.14.  XML Schema Registration for LLDP Schema

3042	   This section registers an XML schema as per the guidelines in
3043	   [RFC3688].

3045	   URI:  urn:ietf:params:xml:schema:lm:lldp

3047	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3048	      Martin Thomson (martin.thomson@andrew.com).

3050	   Schema:  The XML for this schema can be found in Section 8.4 of this
3051	      document.

3053	9.15.  XML Schema Registration for DHCP Schema

3055	   This section registers an XML schema as per the guidelines in
3056	   [RFC3688].

3058	   URI:  urn:ietf:params:xml:schema:lm:dhcp

3060	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3061	      Martin Thomson (martin.thomson@andrew.com).

3063	   Schema:  The XML for this schema can be found in Section 8.5 of this
3064	      document.

3066	9.16.  XML Schema Registration for WiFi Schema

3068	   This section registers an XML schema as per the guidelines in
3069	   [RFC3688].

3071	   URI:  urn:ietf:params:xml:schema:lm:wifi

3073	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3074	      Martin Thomson (martin.thomson@andrew.com).

3076	   Schema:  The XML for this schema can be found in Section 8.6 of this
3077	      document.

3079	9.17.  XML Schema Registration for Cellular Schema

3081	   This section registers an XML schema as per the guidelines in
3082	   [RFC3688].

3084	   URI:  urn:ietf:params:xml:schema:lm:cellular

3086	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3087	      Martin Thomson (martin.thomson@andrew.com).

3089	   Schema:  The XML for this schema can be found in Section 8.7 of this
3090	      document.

3092	9.18.  XML Schema Registration for GNSS Schema

3094	   This section registers an XML schema as per the guidelines in
3095	   [RFC3688].

3097	   URI:  urn:ietf:params:xml:schema:lm:gnss

3099	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3100	      Martin Thomson (martin.thomson@andrew.com).

3102	   Schema:  The XML for this schema can be found in Section 8.8 of this
3103	      document.

3105	9.19.  XML Schema Registration for DSL Schema

3107	   This section registers an XML schema as per the guidelines in
3108	   [RFC3688].

3110	   URI:  urn:ietf:params:xml:schema:lm:dsl

3112	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3113	      Martin Thomson (martin.thomson@andrew.com).

3115	   Schema:  The XML for this schema can be found in Section 8.9 of this
3116	      document.

3118	10.  Acknowledgements

3120	   Thanks go to Simon Cox for his comments relating to terminology that
3121	   have helped ensure that this document is aligns with ongoing work in
3122	   the Open Geospatial Consortium (OGC).  Thanks to Neil Harper for his
3123	   review and comments on the GNSS sections of this document.  Thanks to
3124	   Noor-E-Gagan Singh, Gabor Bajko and Russell Priebe for their
3125	   significant input to and suggestions for improving the 802.11
3126	   measurements.  Thanks to Cullen Jennings for feedback and
3127	   suggestions.  Bernard Aboba provided review and feedback on a range
3128	   of measurement data definitions.  Mary Barnes provided a review and
3129	   corrections.

3131	11.  References

3133	11.1.  Normative References

3135	   [DSL.TR025]
3136	              Wang, R., "Core Network Architecture Recommendations for
3137	              Access to Legacy Data Networks over ADSL", September 1999.

3139	   [DSL.TR101]
3140	              Cohen, A. and E. Shrum, "Migration to Ethernet-Based DSL
3141	              Aggregation", April 2006.

3143	   [GPS.ICD]  "Navstar GPS Space Segment/Navigation User Interface",
3144	              ICD GPS-200, Apr 2000.

3146	   [Galileo.ICD]
3147	              GJU, "Galileo Open Service Signal In Space Interface
3148	              Control Document (SIS ICD)", May 2006.

3150	   [I-D.ietf-geopriv-http-location-delivery]
3151	              Barnes, M., Winterbottom, J., Thomson, M., and B. Stark,
3152	              "HTTP Enabled Location Delivery (HELD)",
3153	              draft-ietf-geopriv-http-location-delivery-16 (work in
3154	              progress), August 2009.

3156	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
3157	              Requirement Levels", BCP 14, RFC 2119, March 1997.

3159	   [RFC4119]  Peterson, J., "A Presence-based GEOPRIV Location Object
3160	              Format", RFC 4119, December 2005.

3162	   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
3163	              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
3164	              May 2008.

3166	   [RFC5491]  Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV
3167	              Presence Information Data Format Location Object (PIDF-LO)
3168	              Usage Clarification, Considerations, and Recommendations",
3169	              RFC 5491, March 2009.

3171	11.2.  Informative References

3173	   [ANSI/TIA-1057]
3174	              ANSI/TIA, "Link Layer Discovery Protocol for Media
3175	              Endpoint Devices", TIA 1057, April 2006.

3177	   [GPS.SPOOF]
3178	              Scott, L., "Anti-Spoofing and Authenticated Signal
3179	              Architectures for Civil Navigation Signals", ION-
3180	              GNSS Portland, Oregon, 2003.

3182	   [HARPER]   Harper, N., Dawson, M., and D. Evans, "Server-side
3183	              spoofing and detection for Assisted-GPS", Proceedings of
3184	              International Global Navigation Satellite Systems Society
3185	              (IGNSS) Symposium 2009 16, December 2009,
3186	              <http://ignss.org/files/Paper16.pdf>.

3188	   [I-D.ietf-geopriv-held-identity-extensions]
3189	              Winterbottom, J., Thomson, M., Tschofenig, H., and R.
3190	              Barnes, "Use of Device Identity in HTTP-Enabled Location
3191	              Delivery (HELD)",
3192	              draft-ietf-geopriv-held-identity-extensions-04 (work in
3193	              progress), June 2010.

3195	   [I-D.thomson-geopriv-uncertainty]
3196	              Thomson, M. and J. Winterbottom, "Representation of
3197	              Uncertainty and Confidence in PIDF-LO",
3198	              draft-thomson-geopriv-uncertainty-05 (work in progress),
3199	              May 2010.

3201	   [IANA.enterprise]
3202	              IANA, "Private Enterprise Numbers",
3203	              <http://www.iana.org/assignments/enterprise-numbers>.

3205	   [IEEE.80211]
3206	              IEEE, "Wireless LAN Medium Access Control (MAC) and
3207	              Physical Layer (PHY) specifications - IEEE 802.11 Wireless
3208	              Network Management", IEEE Std 802.11-2007, June 2007.

3210	   [IEEE.80211V]
3211	              IEEE, "Wireless LAN Medium Access Control (MAC) and
3212	              Physical Layer (PHY) specifications - IEEE 802.11 Wireless
3213	              Network Management (Draft)", P802.11v D12.0, June 2010.

3215	   [IEEE.8021AB]
3216	              IEEE, "IEEE Standard for Local and Metropolitan area
3217	              networks, Station and Media Access Control Connectivity
3218	              Discovery",  802.1AB, June 2005.

3220	   [RFC2865]  Rigney, C., Willens, S., Rubens, A., and W. Simpson,
3221	              "Remote Authentication Dial In User Service (RADIUS)",
3222	              RFC 2865, June 2000.

3224	   [RFC3046]  Patrick, M., "DHCP Relay Agent Information Option",
3225	              RFC 3046, January 2001.

3227	   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
3228	              January 2004.

3230	   [RFC3693]  Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and
3231	              J. Polk, "Geopriv Requirements", RFC 3693, February 2004.

3233	   [RFC3993]  Johnson, R., Palaniappan, T., and M. Stapp, "Subscriber-ID
3234	              Suboption for the Dynamic Host Configuration Protocol
3235	              (DHCP) Relay Agent Option", RFC 3993, March 2005.

3237	   [RFC4291]  Hinden, R. and S. Deering, "IP Version 6 Addressing
3238	              Architecture", RFC 4291, February 2006.

3240	   [RFC4580]  Volz, B., "Dynamic Host Configuration Protocol for IPv6
3241	              (DHCPv6) Relay Agent Subscriber-ID Option", RFC 4580,
3242	              June 2006.

3244	   [RFC4649]  Volz, B., "Dynamic Host Configuration Protocol for IPv6
3245	              (DHCPv6) Relay Agent Remote-ID Option", RFC 4649,
3246	              August 2006.

3248	   [RFC5808]  Marshall, R., "Requirements for a Location-by-Reference
3249	              Mechanism", RFC 5808, May 2010.

3251	Authors' Addresses

3253	   Martin Thomson
3254	   Andrew
3255	   Andrew Building (39)
3256	   University of Wollongong
3257	   Northfields Avenue
3258	   Wollongong, NSW  2522
3259	   AU

3261	   Phone: +61 2 4221 2915
3262	   Email: martin.thomson@andrew.com
3263	   URI:   http://www.andrew.com/

3265	   James Winterbottom
3266	   Andrew
3267	   Andrew Building (39)
3268	   University of Wollongong
3269	   Northfields Avenue
3270	   NSW  2522
3271	   AU

3273	   Phone: +61 2 4221 2938
3274	   Email: james.winterbottom@andrew.com
3275	   URI:   http://www.andrew.com/