idnits 2.17.1 

draft-ietf-geopriv-held-measurements-05.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  -- The document has examples using IPv4 documentation addresses according
     to RFC6890, but does not use any IPv6 documentation addresses.  Maybe
     there should be IPv6 examples, too?


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  == The document seems to contain a disclaimer for pre-RFC5378 work, but was
     first submitted on or after 10 November 2008.  The disclaimer is usually
     necessary only for documents that revise or obsolete older RFCs, and that
     take significant amounts of text from those RFCs.  If you can contact all
     authors of the source material and they are willing to grant the BCP78
     rights to the IETF Trust, you can and should remove the disclaimer. 
     Otherwise, the disclaimer is needed and you can ignore this comment. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (July 6, 2012) is 4313 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: '0-5' is mentioned on line 2078, but not defined

  == Missing Reference: '0-4' is mentioned on line 2078, but not defined

  == Missing Reference: '0-9' is mentioned on line 2078, but not defined

  == Missing Reference: '0-1' is mentioned on line 2078, but not defined

  == Unused Reference: 'I-D.thomson-geopriv-uncertainty' is defined on line
     3232, but no explicit reference was found in the text

  == Unused Reference: 'RFC5808' is defined on line 3285, but no explicit
     reference was found in the text

  ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126)

  == Outdated reference: A later version (-08) exists of
     draft-thomson-geopriv-uncertainty-07


     Summary: 1 error (**), 0 flaws (~~), 9 warnings (==), 2 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	GEOPRIV                                                       M. Thomson
3	Internet-Draft                                                 Microsoft
4	Intended status: Standards Track                         J. Winterbottom
5	Expires: January 7, 2013                                       Commscope
6	                                                            July 6, 2012

8	    Using Device-provided Location-Related Measurements in Location
9	                        Configuration Protocols
10	                draft-ietf-geopriv-held-measurements-05

12	Abstract

14	   A method is described by which a Device is able to provide location-
15	   related measurement data to a LIS within a request for location
16	   information.  Location-related measurement information are
17	   observations concerning properties related to the position of a
18	   Device, which could be data about network attachment or about the
19	   physical environment.  When a LIS generates location information for
20	   a Device, information from the Device can improve the accuracy of the
21	   location estimate.  A basic set of location-related measurements are
22	   defined, including common modes of network attachment as well as
23	   assisted Global Navigation Satellite System (GNSS) parameters.

25	Status of this Memo

27	   This Internet-Draft is submitted in full conformance with the
28	   provisions of BCP 78 and BCP 79.

30	   Internet-Drafts are working documents of the Internet Engineering
31	   Task Force (IETF).  Note that other groups may also distribute
32	   working documents as Internet-Drafts.  The list of current Internet-
33	   Drafts is at http://datatracker.ietf.org/drafts/current/.

35	   Internet-Drafts are draft documents valid for a maximum of six months
36	   and may be updated, replaced, or obsoleted by other documents at any
37	   time.  It is inappropriate to use Internet-Drafts as reference
38	   material or to cite them other than as "work in progress."

40	   This Internet-Draft will expire on January 7, 2013.

42	Copyright Notice

44	   Copyright (c) 2012 IETF Trust and the persons identified as the
45	   document authors.  All rights reserved.

47	   This document is subject to BCP 78 and the IETF Trust's Legal
48	   Provisions Relating to IETF Documents
49	   (http://trustee.ietf.org/license-info) in effect on the date of
50	   publication of this document.  Please review these documents
51	   carefully, as they describe your rights and restrictions with respect
52	   to this document.  Code Components extracted from this document must
53	   include Simplified BSD License text as described in Section 4.e of
54	   the Trust Legal Provisions and are provided without warranty as
55	   described in the Simplified BSD License.

57	   This document may contain material from IETF Documents or IETF
58	   Contributions published or made publicly available before November
59	   10, 2008.  The person(s) controlling the copyright in some of this
60	   material may not have granted the IETF Trust the right to allow
61	   modifications of such material outside the IETF Standards Process.
62	   Without obtaining an adequate license from the person(s) controlling
63	   the copyright in such materials, this document may not be modified
64	   outside the IETF Standards Process, and derivative works of it may
65	   not be created outside the IETF Standards Process, except to format
66	   it for publication as an RFC or to translate it into languages other
67	   than English.

69	Table of Contents

71	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  6
72	   2.  Conventions used in this document  . . . . . . . . . . . . . .  6
73	   3.  Location-Related Measurements in LCPs  . . . . . . . . . . . .  7
74	   4.  Location-Related Measurement Data Types  . . . . . . . . . . .  8
75	     4.1.  Measurement Container  . . . . . . . . . . . . . . . . . .  9
76	       4.1.1.  Time of Measurement  . . . . . . . . . . . . . . . . .  9
77	       4.1.2.  Expiry Time on Location-Related Measurement Data . . .  9
78	     4.2.  RMS Error and Number of Samples  . . . . . . . . . . . . . 10
79	       4.2.1.  Time RMS Error . . . . . . . . . . . . . . . . . . . . 10
80	     4.3.  Measurement Request  . . . . . . . . . . . . . . . . . . . 11
81	     4.4.  Identifying Location Provenance  . . . . . . . . . . . . . 12
82	   5.  Location-Related Measurement Data Types  . . . . . . . . . . . 15
83	     5.1.  LLDP Measurements  . . . . . . . . . . . . . . . . . . . . 15
84	     5.2.  DHCP Relay Agent Information Measurements  . . . . . . . . 16
85	     5.3.  802.11 WLAN Measurements . . . . . . . . . . . . . . . . . 16
86	       5.3.1.  Wifi Measurement Requests  . . . . . . . . . . . . . . 20
87	     5.4.  Cellular Measurements  . . . . . . . . . . . . . . . . . . 20
88	       5.4.1.  Cellular Measurement Requests  . . . . . . . . . . . . 23
89	     5.5.  GNSS Measurements  . . . . . . . . . . . . . . . . . . . . 23
90	       5.5.1.  GNSS System and Signal . . . . . . . . . . . . . . . . 25
91	       5.5.2.  Time . . . . . . . . . . . . . . . . . . . . . . . . . 26
92	       5.5.3.  Per-Satellite Measurement Data . . . . . . . . . . . . 26
93	       5.5.4.  GNSS Measurement Requests  . . . . . . . . . . . . . . 27
94	     5.6.  DSL Measurements . . . . . . . . . . . . . . . . . . . . . 27
95	       5.6.1.  L2TP Measurements  . . . . . . . . . . . . . . . . . . 28
96	       5.6.2.  RADIUS Measurements  . . . . . . . . . . . . . . . . . 28
97	       5.6.3.  Ethernet VLAN Tag Measurements . . . . . . . . . . . . 29
98	       5.6.4.  ATM Virtual Circuit Measurements . . . . . . . . . . . 29
99	   6.  Privacy Considerations . . . . . . . . . . . . . . . . . . . . 30
100	     6.1.  Measurement Data Privacy Model . . . . . . . . . . . . . . 30
101	     6.2.  LIS Privacy Requirements . . . . . . . . . . . . . . . . . 30
102	     6.3.  Measurement Data and Location URIs . . . . . . . . . . . . 31
103	     6.4.  Third-Party-Provided Measurement Data  . . . . . . . . . . 31
104	   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 31
105	     7.1.  Threat Model . . . . . . . . . . . . . . . . . . . . . . . 31
106	       7.1.1.  Acquiring Location Information Without
107	               Authorization  . . . . . . . . . . . . . . . . . . . . 32
108	       7.1.2.  Extracting Network Topology Data . . . . . . . . . . . 33
109	       7.1.3.  Lying By Proxy . . . . . . . . . . . . . . . . . . . . 33
110	       7.1.4.  Measurement Replay . . . . . . . . . . . . . . . . . . 34
111	       7.1.5.  Environment Spoofing . . . . . . . . . . . . . . . . . 35
112	     7.2.  Mitigation . . . . . . . . . . . . . . . . . . . . . . . . 36
113	       7.2.1.  Measurement Validation . . . . . . . . . . . . . . . . 37
114	         7.2.1.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 37
115	         7.2.1.2.  Limitations (Unique Observer)  . . . . . . . . . . 38
116	       7.2.2.  Location Validation  . . . . . . . . . . . . . . . . . 38
117	         7.2.2.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 39
118	         7.2.2.2.  Limitations  . . . . . . . . . . . . . . . . . . . 39
119	       7.2.3.  Supporting Observations  . . . . . . . . . . . . . . . 40
120	         7.2.3.1.  Effectiveness  . . . . . . . . . . . . . . . . . . 40
121	         7.2.3.2.  Limitations  . . . . . . . . . . . . . . . . . . . 40
122	       7.2.4.  Attribution  . . . . . . . . . . . . . . . . . . . . . 41
123	       7.2.5.  Stateful Correlation of Location Requests  . . . . . . 42
124	   8.  Measurement Schemas  . . . . . . . . . . . . . . . . . . . . . 42
125	     8.1.  Measurement Container Schema . . . . . . . . . . . . . . . 43
126	     8.2.  Measurement Source Schema  . . . . . . . . . . . . . . . . 45
127	     8.3.  Base Type Schema . . . . . . . . . . . . . . . . . . . . . 45
128	     8.4.  LLDP Measurement Schema  . . . . . . . . . . . . . . . . . 48
129	     8.5.  DHCP Measurement Schema  . . . . . . . . . . . . . . . . . 49
130	     8.6.  WiFi Measurement Schema  . . . . . . . . . . . . . . . . . 51
131	     8.7.  Cellular Measurement Schema  . . . . . . . . . . . . . . . 54
132	     8.8.  GNSS Measurement Schema  . . . . . . . . . . . . . . . . . 57
133	     8.9.  DSL Measurement Schema . . . . . . . . . . . . . . . . . . 58
134	   9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 60
135	     9.1.  IANA Registry for GNSS Types . . . . . . . . . . . . . . . 60
136	     9.2.  URN Sub-Namespace Registration for
137	           urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc  . . . . . . . 61
138	     9.3.  URN Sub-Namespace Registration for
139	           urn:ietf:params:xml:ns:geopriv:lm  . . . . . . . . . . . . 62
140	     9.4.  URN Sub-Namespace Registration for
141	           urn:ietf:params:xml:ns:geopriv:lm:basetypes  . . . . . . . 63
142	     9.5.  URN Sub-Namespace Registration for
143	           urn:ietf:params:xml:ns:geopriv:lm:lldp . . . . . . . . . . 64
144	     9.6.  URN Sub-Namespace Registration for
145	           urn:ietf:params:xml:ns:geopriv:lm:dhcp . . . . . . . . . . 64
146	     9.7.  URN Sub-Namespace Registration for
147	           urn:ietf:params:xml:ns:geopriv:lm:wifi . . . . . . . . . . 65
148	     9.8.  URN Sub-Namespace Registration for
149	           urn:ietf:params:xml:ns:geopriv:lm:cell . . . . . . . . . . 66
150	     9.9.  URN Sub-Namespace Registration for
151	           urn:ietf:params:xml:ns:geopriv:lm:gnss . . . . . . . . . . 66
152	     9.10. URN Sub-Namespace Registration for
153	           urn:ietf:params:xml:ns:geopriv:lm:dsl  . . . . . . . . . . 67
154	     9.11. XML Schema Registration for Measurement Source Schema  . . 68
155	     9.12. XML Schema Registration for Measurement Container
156	           Schema . . . . . . . . . . . . . . . . . . . . . . . . . . 68
157	     9.13. XML Schema Registration for Base Types Schema  . . . . . . 68
158	     9.14. XML Schema Registration for LLDP Schema  . . . . . . . . . 68
159	     9.15. XML Schema Registration for DHCP Schema  . . . . . . . . . 69
160	     9.16. XML Schema Registration for WiFi Schema  . . . . . . . . . 69
161	     9.17. XML Schema Registration for Cellular Schema  . . . . . . . 69
162	     9.18. XML Schema Registration for GNSS Schema  . . . . . . . . . 70
163	     9.19. XML Schema Registration for DSL Schema . . . . . . . . . . 70
164	   10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 70
165	   11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 71
166	     11.1. Normative References . . . . . . . . . . . . . . . . . . . 71
167	     11.2. Informative References . . . . . . . . . . . . . . . . . . 72
168	   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 73

170	1.  Introduction

172	   A location configuration protocol (LCP) provides a means for a Device
173	   to request information about its physical location from an access
174	   network.  A location information server (LIS) is the server that
175	   provides location information; information that is available due to
176	   the knowledge about the network and physical environment that is
177	   available to the LIS.

179	   As a part of the access network, the LIS is able to acquire
180	   measurement results from network Devices within the network that are
181	   related to Device location.  The LIS also has access to information
182	   about the network topology that can be used to turn measurement data
183	   into location information.  However, this information can be enhanced
184	   with information acquired from the Device itself.

186	   A Device is able to make observations about its network attachment,
187	   or its physical environment.  The location-related measurement data
188	   might be unavailable to the LIS; alternatively, the LIS might be able
189	   to acquire the data, but at a higher cost in time or otherwise.
190	   Providing measurement data gives the LIS more options in determining
191	   location, which could improve the quality of the service provided by
192	   the LIS.  Improvements in accuracy are one potential gain, but
193	   improved response times and lower error rates are also possible.

195	   This document describes a means for a Device to report location-
196	   related measurement data to the LIS.  Examples based on the HELD
197	   [RFC5985] location configuration protocol are provided.

199	2.  Conventions used in this document

201	   The terms LIS and Device are used in this document in a manner
202	   consistent with the usage in [RFC5985].

204	   This document also uses the following definitions:

206	   Location Measurement:  An observation about the physical properties
207	      of a particular Device's network access.  The result of a location
208	      measurement--"location-related measurement data", or simply
209	      "measurement data" given sufficient context--can be used to
210	      determine the location of a Device.  Location-related measurement
211	      data does not identify a Device; measurement data can change with
212	      time if the location of the Device also changes.

214	      Location-related measurement data does not necessarily contain
215	      location information directly, but it can be used in combination
216	      with contextual knowledge of the network, or algorithms to derive
217	      location information.  Examples of location-related measurement
218	      data are: radio signal strength or timing measurements, Ethernet
219	      switch and port identifiers.

221	      Location-related measurement data can be considered sighting
222	      information, based on the definition in [RFC3693].

224	   Location Estimate:  The result of location determination, a location
225	      estimate is an approximation of where the Device is located.
226	      Location estimates are subject to uncertainty, which arise from
227	      errors in measurement results.

229	   GNSS:  Global Navigation Satellite System.  A satellite-based system
230	      that provides positioning and time information.  For example, the
231	      US Global Positioning System (GPS) or the European Galileo system.

233	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
234	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
235	   document are to be interpreted as described in [RFC2119].

237	3.  Location-Related Measurements in LCPs

239	   This document defines a standard container for the conveyance of
240	   location-related measurement parameters in location configuration
241	   protocols.  This is an XML container that identifies parameters by
242	   type and allows the Device to provide the results of any measurement
243	   it is able to perform.  A set of measurement schemas are also defined
244	   that can be carried in the generic container.

246	   The simplest example of measurement data conveyance is illustrated by
247	   the example message in Figure 1.  This shows a HELD location request
248	   message with an Ethernet switch and port measurement taken using LLDP
249	   [IEEE.8021AB].

251	     <locationRequest xmlns="urn:ietf:params:xml:ns:geopriv:held">
252	       <locationType exact="true">civic</locationType>
253	       <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
254	                     time="2008-04-29T14:33:58">
255	         <lldp xmlns="urn:ietf:params:xml:ns:geopriv:lm:lldp">
256	           <chassis type="4">0a01003c</chassis>
257	           <port type="6">c2</port>
258	         </lldp>
259	       </measurements>
260	     </locationRequest>

262	           Figure 1: HELD Location Request with Measurement Data

264	   Measurement data that the LIS does not support or understand can be
265	   ignored.  The measurements defined in this document follow this rule;
266	   extensions that could result in backward incompatibility MUST be
267	   added as new measurement definitions rather than extensions to
268	   existing types.

270	   Multiple sets of measurement data, either of the same type or from
271	   different sources can be included in the "measurements" element.  See
272	   Section 4.1.1 for details on repetition of this element.

274	   Use of location-related measurement data is at the discretion of the
275	   LIS, but the "method" parameter in the PIDF-LO SHOULD be adjusted to
276	   reflect the method used.

278	   Location-related measurement data need not be provided exclusively by
279	   Devices.  A third party location requester can request location
280	   information using measurement data, if they are able and authorized.
281	   There are privacy considerations relating to the use of measurements
282	   by third parties, which are discussed in Section 6.4.

284	   Location-related measurement data and its use presents a number of
285	   security challenges.  These are described in more detail in
286	   Section 7.

288	4.  Location-Related Measurement Data Types

290	   A common container is defined for the expression of location
291	   measurement data, as well as a simple means of identifying specific
292	   types of measurement data for the purposes of requesting them.

294	   The following example shows a measurement container with measurement
295	   time and expiration time included.  A WiFi measurement is enclosed.

297	     <lm:measurements xmlns:lm="urn:ietf:params:xml:ns:geopriv:lm"
298	                      time="2008-04-29T14:33:58"
299	                      expires="2008-04-29T17:33:58">
300	       <wifi xmlns="urn:ietf:params:xml:ns:geopriv:lm:wifi">
301	         <ap serving="true">
302	           <bssid>00-12-F0-A0-80-EF</bssid>
303	           <ssid>wlan-home</ssid>
304	         </ap>
305	       </wifi>
306	     </lm:measurements>

308	                       Figure 2: Measurement Example

310	4.1.  Measurement Container

312	   The "measurement" element is used to encapsulate measurement data
313	   that is collected at a certain point in time.  It contains time-based
314	   attributes that are common to all forms of measurement data, and
315	   permits the inclusion of arbitrary measurement data.

317	   This container can be added to any request for location information,
318	   such as a HELD location request [RFC5985].

320	4.1.1.  Time of Measurement

322	   The "time" attribute records the time that the measurement or
323	   observation was made.  This time can be different to the time that
324	   the measurement information was reported.  Time information can be
325	   used to populate a timestamp on the location result, or to determine
326	   if the measurement information is used.

328	   The "time" attribute is optional to avoid forcing an arbitrary choice
329	   of timestamp for relatively static types of measurement (for
330	   instance, the DSL measurements in Section 5.6) and for legacy Devices
331	   that don't record time information (such as the Home Location
332	   Register/Home Subscriber Server for cellular).  However, time SHOULD
333	   be provided whenever possible.

335	   The "time" attribute is attached to the root "measurement" element.
336	   If it is necessary to provide multiple sets of measurement data with
337	   different times, multiple "measurement" elements SHOULD be provided.

339	4.1.2.  Expiry Time on Location-Related Measurement Data

341	   A Device is able to indicate an expiry time in the location
342	   measurement using the "expires" attribute.  Nominally, this attribute
343	   indicates how long information is expected to be valid for, but it
344	   can also indicate a time limit on the retention and use of the
345	   measurement data.  A Device can use this attribute to prevent the LIS
346	   from retaining measurement data or limit the time that a LIS retains
347	   this information.

349	   Note:  Movement of a Device might result in the measurement data
350	      being invalidated before the expiry time.

352	   The LIS MUST NOT keep location-related measurement data beyond the
353	   time indicated in the "expires" attribute.

355	4.2.  RMS Error and Number of Samples

357	   Often a measurement is taken more than once over a period of time.
358	   Reporting the average of a number of measurement results mitigates
359	   the effects of random errors that occur in the measurement process.

361	   Reporting each measurement individually can be the most effective
362	   method of reporting multiple measurements.  This is achieved by
363	   providing multiple "measurement" elements for different times.

365	   The alternative is to aggregate multiple measurements and report a
366	   mean value across the set of measurements.  Additional information
367	   about the distribution of the results can be useful in determining
368	   location uncertainty.

370	   Two optional attributes are provided for certain measurement values:

372	   rmsError:  The root-mean-squared (RMS) error of the set of
373	      measurement values used in calculating the result.  RMS error is
374	      expressed in the same units as the measurement, unless otherwise
375	      stated.  If an accurate value for RMS error is not known, this
376	      value can be used to indicate an upper bound or estimate for the
377	      RMS error.

379	   samples:  The number of samples that were taken in determining the
380	      measurement value.  If omitted, this value can be assumed to be a
381	      very large value, so that the RMS error is an indication of the
382	      standard deviation of the sample set.

384	   For some measurement techniques, measurement error is largely
385	   dependent on the measurement technique employed.  In these cases,
386	   measurement error is largely a product of the measurement technique
387	   and not the specific circumstances, so RMS error does not need to be
388	   actively measured.  A fixed value MAY be provided for RMS error where
389	   appropriate.

391	   The "rmsError" and "samples" elements are added as attributes of
392	   specific measurement data types.

394	4.2.1.  Time RMS Error

396	   Measurement of time can be significant in certain circumstances.  The
397	   GNSS measurements included in this document are one such case where a
398	   small error in time can result in a large error in location.  Factors
399	   such as clock drift and errors in time sychronization can result in
400	   small, but significant, time errors.  Including an indication of the
401	   quality of the time can be helpful.

403	   An optional "timeError" attribute can be added to the "measurement"
404	   element to indicate the RMS error in time. "timeError" indicates an
405	   upper bound on the time RMS error in seconds.

407	   The "timeError" attribute does not apply where multiple samples of a
408	   measurement is taken over time.  If multiple samples are taken, each
409	   SHOULD be included in a different "measurement" element.

411	4.3.  Measurement Request

413	   A measurement request is used by a protocol peer to describe a set of
414	   measurement data that it desires.  A "measurementRequest" element is
415	   defined that can be included in a protocol exchange.

417	   For instance, a LIS can use a measurement request in HELD responses.
418	   If the LIS is unable to provide location information, but it believes
419	   that a particular measurement type would enable it to provide a
420	   location, it can include a measurement request in an error response.

422	   The "measurement" element of the measurement request identifies the
423	   type of measurement that is requested.  The "type" attribute of this
424	   element indicates the type of measurement, as identified by an XML
425	   qualified name.  An optional "samples" attribute indicates how many
426	   samples of the identified measurement are requested.

428	   The "measurement" element can be repeated to request multiple (or
429	   alternative) measurement types.

431	   Additional XML content might be defined for a particular measurement
432	   type that is used to further refine a request.  These elements either
433	   constrain what is requested or specify optional components of the
434	   measurement data that are needed.  These are defined along with the
435	   specific measurement type.

437	   In the HELD protocol, the inclusion of a measurement request in a
438	   error response with a code of "locationUnknown" indicates that the
439	   LIS believes that providing the indicated measurements would increase
440	   the likelihood of a subsequent request being successful.

442	   The following example shows a HELD error response that indicates that
443	   WiFi measurement data would be useful if a later request were made.
444	   Additional elements indicate that received signal strength for an
445	   802.11n access point is requested.

447	     <error xmlns="urn:ietf:params:xml:ns:geopriv:held"
448	            code="locationUnknown">
449	       <message xml:lang="en">Insufficient measurement data</message>
450	       <measurementRequest
451	           xmlns="urn:ietf:params:xml:ns:geopriv:lm"
452	           xmlns:wifi="urn:ietf:params:xml:ns:geopriv:lm:wifi">
453	         <measurement type="wifi:wifi">
454	           <wifi:type>n</wifi:type>
455	           <wifi:parameter context="ap">wifi:rcpi</wifi:parameter>
456	         </measurement>
457	       </measurementRequest>
458	     </error>

460	             Figure 3: HELD Error Requesting Measurement Data

462	   A measurement request that is included in other HELD messages has
463	   undefined semantics and can be safely ignored.  Other specifications
464	   might define semantics for measurement requests under other
465	   conditions.

467	4.4.  Identifying Location Provenance

469	   An extension is made to the PIDF-LO [RFC4119] that allows a location
470	   recipient to identify the source (or sources) of location information
471	   and the measurement data that was used to determine that location
472	   information.

474	   The "source" element is added to the "geopriv" element of the
475	   PIDF-LO.  This element does not identify specific entities.  Instead,
476	   it identifies the type of source.

478	   The following types of measurement source are identified:

480	   lis:  Location information is based on measurement data that the LIS
481	      or sources that it trusts have acquired.  This label might be used
482	      if measurement data provided by the Device has been completely
483	      validated by the LIS.

485	   device:  Location information is based on measurement data that the
486	      Device has provided to the LIS.

488	   other:  Location information is based on measurement data that a
489	      third party has provided.  This might be an authorized third party
490	      that uses identity parameters
491	      [I-D.ietf-geopriv-held-identity-extensions] or any other entity.

493	   No assertion is made about the veracity of the measurement data from
494	   sources other than the LIS.  A combination of tags MAY be included to
495	   indicate that measurement data from both sources was used.

497	   For example, the first tuple of the following PIDF-LO indicates that
498	   measurement data from a LIS and a device was combined to produce the
499	   result, the second tuple was produced by the LIS alone.

501	     <presence xmlns="urn:ietf:params:xml:ns:pidf"
502	               xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10"
503	               xmlns:gml="http://www.opengis.net/gml"
504	               xmlns:gs="http://www.opengis.net/pidflo/1.0"
505	               xmlns:lmsrc="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
506	               entity="pres:lm@example.com">
507	       <tuple id="deviceLoc">
508	         <status>
509	           <gp:geopriv>
510	             <gp:location-info>
511	               <gs:Circle srsName="urn:ogc:def:crs:EPSG::4326">
512	                 <gml:pos>7.34324 134.47162</gml:pos>
513	                 <gs:radius uom="urn:ogc:def:uom:EPSG::9001">
514	                   850.24
515	                 </gs:radius>
516	               </gs:Circle>
517	             </gp:location-info>
518	             <gp:usage-rules/>
519	             <gp:method>OTDOA</gp:method>
520	             <lmsrc:source>lis device</lmsrc:source>
521	           </gp:geopriv>
522	         </status>
523	       </tuple>
524	       <tuple id="lisLoc">
525	         <status>
526	           <gp:geopriv>
527	             <gp:location-info>
528	               <gs:Circle srsName="urn:ogc:def:crs:EPSG::4326">
529	                 <gml:pos>7.34379 134.46484</gml:pos>
530	                 <gs:radius uom="urn:ogc:def:uom:EPSG::9001">
531	                   9000
532	                 </gs:radius>
533	               </gs:Circle>
534	             </gp:location-info>
535	             <gp:usage-rules/>
536	             <gp:method>Cell</gp:method>
537	             <lmsrc:source>lis</lmsrc:source>
538	           </gp:geopriv>
539	         </status>
540	       </tuple>
541	     </presence>

543	5.  Location-Related Measurement Data Types

545	   This document defines location-related measurement data types for a
546	   range of common network types.

548	   All included measurement data definitions allow for arbitrary
549	   extension in the corresponding schema.  As new parameters that are
550	   applicable to location determination are added, these can be added as
551	   new XML elements in a unique namespace.  Though many of the
552	   underlying protocols support extension, creation of specific XML-
553	   based extensions to the measurement format is favored over
554	   accomodating protocol-specific extensions in generic containers.

556	5.1.  LLDP Measurements

558	   Link-Layer Discovery Protocol (LLDP) [IEEE.8021AB] messages are sent
559	   between adjacent nodes in an IEEE 802 network (e.g. wired Ethernet,
560	   WiFi, 802.16).  These messages all contain identification information
561	   for the sending node, which can be used to determine location
562	   information.  A Device that receives LLDP messages can report this
563	   information as a location-related measurement to the LIS, which is
564	   then able to use the measurement data in determining the location of
565	   the Device.

567	   Note:  The LLDP extensions defined in LLDP Media Endpoint Discovery
568	      (LLDP-MED) [ANSI-TIA-1057] provide the ability to acquire location
569	      information directly from an LLDP endpoint.  Where this
570	      information is available, it might be unnecessary to use any other
571	      form of location configuration.

573	   Values are provided as hexadecimal sequences.  The Device MUST report
574	   the values directly as they were provided by the adjacent node.
575	   Attempting to adjust or translate the type of identifier is likely to
576	   cause the measurement data to be useless.

578	   Where a Device has received LLDP messages from multiple adjacent
579	   nodes, it should provide information extracted from those messages by
580	   repeating the "lldp" element.

582	   An example of an LLDP measurement is shown in Figure 4.  This shows
583	   an adjacent node (chassis) that is identified by the IP address
584	   192.0.2.45 (hexadecimal c000022d) and the port on that node is
585	   numbered using an agent circuit ID [RFC3046] of 162 (hexadecimal a2).

587	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
588	                   time="2008-04-29T14:33:58">
589	       <lldp xmlns="urn:ietf:params:xml:ns:geopriv:lm:lldp">
590	         <chassis type="4">c000022d</chassis>
591	         <port type="6">a2</port>
592	       </lldp>
593	     </measurements>

595	                    Figure 4: LLDP Measurement Example

597	   IEEE 802 Devices that are able to obtain information about adjacent
598	   network switches and their attachment to them by other means MAY use
599	   this data type to convey this information.

601	5.2.  DHCP Relay Agent Information Measurements

603	   The DHCP Relay Agent Information option [RFC3046] provides
604	   measurement data about the network attachment of a Device.  This
605	   measurement data can be included in the "dhcp-rai" element.

607	   The elements in the DHCP relay agent information options are opaque
608	   data types assigned by the DHCP relay agent.  The three items are all
609	   optional: circuit identifier ("circuit", [RFC3046]), remote
610	   identifier ("remote", [RFC3046], [RFC4649]) and subscriber identifier
611	   ("subscriber", [RFC3993], [RFC4580]).  The DHCPv6 remote identifier
612	   has an associated enterprise number [IANA.enterprise] as an XML
613	   attribute.

615	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
616	                   time="2008-04-29T14:33:58">
617	       <dhcp-rai xmlns="urn:ietf:params:xml:ns:geopriv:lm:dhcp">
618	         <giaddr>::ffff:192.0.2.158</giaddr>
619	         <circuit>108b</circuit>
620	       </dhcp-rai>
621	     </measurements>

623	        Figure 5: DHCP Relay Agent Information Measurement Example

625	   The "giaddr" is specified as a dotted quad IPv4 address or an RFC
626	   4291 [RFC4291] IPv6 address, using the forms defined in [RFC3986].
627	   The enterprise number is specified as a decimal integer.  All other
628	   information is included verbatim from the DHCP request in hexadecimal
629	   format.

631	5.3.  802.11 WLAN Measurements

633	   In WiFi, or 802.11 [IEEE.80211], networks a Device might be able to
634	   provide information about the access point (AP) that it is attached
635	   to, or other WiFi points it is able to see.  This is provided using
636	   the "wifi" element, as shown in Figure 6, which shows a single
637	   complete measurement for a single access point.

639	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
640	                   time="2011-04-29T14:33:58">
641	       <wifi xmlns="urn:ietf:params:xml:ns:geopriv:lm:wifi">
642	         <nicType>Intel(r)PRO/Wireless 2200BG</nicType>
643	         <ap serving="true">
644	           <bssid>AB-CD-EF-AB-CD-EF</bssid>
645	           <ssid>example</ssid>
646	           <channel>5</channel>
647	           <location>
648	             <gml:Point xmlns:gml="http://opengis.net/gml">
649	               <gml:pos>-34.4 150.8</gml:pos>
650	             </gml:Point>
651	           </location>
652	           <type>a</type>
653	           <band>5</band>
654	           <regclass country="AU">2</regclass>
655	           <antenna>2</antenna>
656	           <flightTime rmsError="4e-9" samples="1">2.56e-9</flightTime>
657	           <apSignal>
658	             <transmit>23</transmit>
659	             <gain>5</gain>
660	             <rcpi dBm="true" rmsError="12" samples="1">-59</rcpi>
661	             <rsni rmsError="15" samples="1">23</rsni>
662	           </apSignal>
663	           <deviceSignal>
664	             <transmit>10</transmit>
665	             <gain>9</gain>
666	             <rcpi dBm="true" rmsError="9.5" samples="1">-98.5</rcpi>
667	             <rsni rmsError="6" samples="1">7.5</rsni>
668	           </deviceSignal>
669	         </ap>
670	       </wifi>
671	     </measurements>

673	                 Figure 6: 802.11 WLAN Measurement Example

675	   A wifi element is made up of one or more access points, and an
676	   optional "nicType" element.  Each access point is described using the
677	   "ap" element, which is comprised of the following fields:

679	   bssid:  The basic service set identifier.  In an Infrastructure BSS
680	      network, the bssid is the 48 bit MAC address of the access point.

682	      The "verified" attribute of this element describes whether the
683	      device has verified the MAC address or it authenticated the access
684	      point or the network operating the access point (for example, a
685	      captive portal accessed through the access point has been
686	      authenticated).  This attributes defaults to a value of "false"
687	      when omitted.

689	   ssid:  The service set identifier (SSID) for the wireless network
690	      served by the access point.

692	      The SSID is a 32-octet identifier that is commonly represented as
693	      a ASCII [RFC0020] or UTF-8 [RFC3629] encoded string.  To represent
694	      octets that cannot be directly included in an XML element,
695	      escaping is used.  Sequences of octets that do not represent a
696	      valid UTF-8 encoding can be escaped using a backslash ('\')
697	      followed by two case-insensitive hexadecimal digits representing
698	      the value of a single octet.

700	      The canonical or value-space form of an SSID is a sequence of up
701	      to 32 octets that is produced from the concatenation of UTF-8
702	      encoded sequences of unescaped characters and octets derived from
703	      escaped components.

705	   channel:  The channel number (frequency) that the access point
706	      operates on.

708	   location:  The location of the access point, as reported by the
709	      access point.  This element contains any valid location, using the
710	      rules for a "location-info" element, as described in [RFC5491].

712	   type:  The network type for the network access.  This element
713	      includes the alphabetic suffix of the 802.11 specification that
714	      introducted the radio interface, or PHY; e.g. "a", "b", "g", or
715	      "n".

717	   band:  The frequency band for the radio, in gigahertz (GHz).  802.11
718	      [IEEE.80211] specifies PHY layers that use 2.4, 3.7 and 5
719	      gigahertz frequency bands.

721	   regclass:  The regulatory domain and class.  The "country" attribute
722	      optionally includes the applicable two character country
723	      identifier (dot11CountryString), which can be followed by an 'O',
724	      'I' or 'X'.  The element text content includes the value of the
725	      regulatory class: an 8-bit integer in decimal form.

727	   antenna:  The antenna identifier for the antenna that the access
728	      point is using to transmit the measured signals.

730	   flightTime:  Flight time is the difference between the time of
731	      departure (TOD) of signal from a transmitting station and time of
732	      arrival (TOA) of signal at a receiving station, as defined in
733	      [IEEE.80211V].  Measurement of this value requires that stations
734	      synchronize their clocks.  This value can be measured by access
735	      point or Device; because the flight time is assumed to be the same
736	      in either direction - aside from measurement errors - only a
737	      single element is provided.  This element includes optional
738	      "rmsError" and "samples" attributes.  RMS error might be derived
739	      from the reported RMS error in TOD and TOA.

741	   apSignal:  Measurement information for the signal transmitted by the
742	      access point, as observed by the Device.  Some of these values are
743	      derived from 802.11v [IEEE.80211V] messages exchanged between
744	      Device and access point.  The contents of this element include:

746	      transmit:  The transmit power reported by the access point, in
747	         dBm.

749	      gain:  The gain of the access point antenna reported by the access
750	         point, in dB.

752	      rcpi:  The received channel power indicator for the access point
753	         signal, as measured by the Device.  This value SHOULD be in
754	         units of dBm (with RMS error in dB).  If power is measured in a
755	         different fashion, the "dBm" attribute MUST be set to "false".
756	         Signal strength reporting on current hardware uses a range of
757	         different mechanisms; therefore, the value of the "nicType"
758	         element SHOULD be included if the units are not known to be in
759	         dBm and the value reported by the hardware should be included
760	         without modification.  This element includes optional
761	         "rmsError" and "samples" attributes.

763	      rsni:  The received signal to noise indicator in dB.  This element
764	         includes optional "rmsError" and "samples" attributes.

766	   deviceSignal:  Measurement information for the signal transmitted by
767	      the device, as reported by the access point.  This element
768	      contains the same child elements as the "ap" element, with the
769	      access point and Device roles reversed.

771	   All elements are optional except for "bssid".

773	   The "nicType" element is used to specify the make and model of the
774	   wireless network interface in the Device.  Different 802.11 chipsets
775	   report measurements in different ways, so knowing the network
776	   interface type aids the LIS in determining how to use the provided
777	   measurement data.  The content of this field is unconstrained and no
778	   mechanisms are specified to ensure uniqueness.

780	5.3.1.  Wifi Measurement Requests

782	   Two elements are defined for requesting WiFi measurements in a
783	   measurement request:

785	   type:  The "type" element identifies the desired type (or types that
786	      are requested.

788	   parameter:  The "parameter" element identifies an optional
789	      measurements are requested for each measured access point.  An
790	      element is identified by its qualified name.  The optional
791	      "context" parameter can be used to specify if an element is
792	      included as a child of the "ap" or "device" elements; omission
793	      indicates that it applies to both.

795	   Multiple types or parameters can be requested by repeating either
796	   element.

798	5.4.  Cellular Measurements

800	   Cellular Devices are common throughout the world and base station
801	   identifiers can provide a good source of coarse location information.
802	   This information can be provided to a LIS run by the cellar operator,
803	   or may be provided to an alternative LIS operator that has access to
804	   one of several global cell-id to location mapping databases.

806	   A number of advanced location determination methods have been
807	   developed for cellular networks.  For these methods a range of
808	   measurement parameters can be collected by the network, Device, or
809	   both in cooperation.  This document includes a basic identifier for
810	   the wireless transmitter only; future efforts might define additional
811	   parameters that enable more accurate methods of location
812	   determination.

814	   The cellular measurement set allows a Device to report to a LIS any
815	   LTE (Figure 7), UMTS (Figure 8), GSM (Figure 9) or CDMA (Figure 10)
816	   cells that it is able to observe.  Cells are reported using their
817	   global identifiers.  All 3GPP cells are identified by public land
818	   mobile network (PLMN), which is formed of mobile country code (MCC)
819	   and mobile network code (MNC); specific fields are added for each
820	   network type.

822	   Formats for 3GPP cell identifiers are described in [TS.3GPP.23.003].
823	   Bit-level formats for CDMA cell identifiers are described in
824	   [TIA-2000.5]; decimal representations are used.

826	   MCC and MNC are provided as digit sequences; a leading zero in an MCC
827	   or MNC is significant.  All other values are decimal integers.

829	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
830	                   time="2008-04-29T14:33:58">
831	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
832	         <servingCell>
833	           <mcc>465</mcc><mnc>20</mnc><eucid>80936424</eucid>
834	         </servingCell>
835	         <observedCell>
836	           <mcc>465</mcc><mnc>06</mnc><eucid>10736789</eucid>
837	         </observedCell>
838	       </cellular>
839	     </measurements>

841	   Long term evolution (LTE) cells are identified by a 28-bit cell
842	   identifier (eucid).

844	                Figure 7: Example LTE Cellular Measurement

846	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
847	                   time="2008-04-29T14:33:58">
848	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
849	         <servingCell>
850	           <mcc>465</mcc><mnc>20</mnc>
851	           <rnc>2000</rnc><cid>65000</cid>
852	         </servingCell>
853	         <observedCell>
854	           <mcc>465</mcc><mnc>06</mnc>
855	           <lac>16383</lac><cid>32767</cid>
856	         </observedCell>
857	       </cellular>
858	     </measurements>

860	   Universal mobile telephony service (UMTS) cells are identified by 12-
861	   or 16-bit radio network controller (rnc) id and a 16-bit cell id
862	   (cid).

864	                Figure 8: Example UMTS Cellular Measurement

866	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
867	                   time="2008-04-29T14:33:58">
868	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
869	         <servingCell>
870	           <mcc>465</mcc><mnc>06</mnc>
871	           <lac>16383</lac><cid>32767</cid>
872	         </servingCell>
873	       </cellular>
874	     </measurements>

876	   Global System for Mobile communication (GSM) cells are identified by
877	   a 16-bit location area code (lac) and 16-bit cell id (cid).

879	                Figure 9: Example GSM Cellular Measurement

881	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
882	                   time="2008-04-29T14:33:58">
883	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
884	         <servingCell>
885	           <sid>15892</sid><nid>4723</nid><baseid>12</baseid>
886	         </servingCell>
887	         <observedCell>
888	           <sid>15892</sid><nid>4723</nid><baseid>13</baseid>
889	         </observedCell>
890	       </cellular>
891	     </measurements>

893	   Code division multiple access (CDMA) cells are not identified by
894	   PLMN, instead these usea 15-bit system id (sid), a 16-bit network id
895	   (nid) and a 16-bit base station id (baseid).

897	               Figure 10: Example CDMA Cellular Measurement

899	   In general a cellular Device will be attached to the cellular network
900	   and so the notion of a serving cell exists.  Cellular network also
901	   provide overlap between neighbouring sites, so a mobile Device can
902	   hear more than one cell.  The measurement schema supports sending
903	   both the serving cell and any other cells that the mobile might be
904	   able to hear.  In some cases, the Device may simply be listening to
905	   cell information without actually attaching to the network, mobiles
906	   without a SIM are an example of this.  In this case the Device may
907	   simply report cells it can hear without flagging one as a serving
908	   cell.  An example of this is shown in Figure 11.

910	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
911	                   time="2008-04-29T14:33:58">
912	       <cellular xmlns="urn:ietf:params:xml:ns:geopriv:lm:cell">
913	         <observedCell>
914	           <mcc>465</mcc><mnc>20</mnc>
915	           <rnc>2000</rnc><cid>65000</cid>
916	         </observedCell>
917	         <observedCell>
918	           <mcc>465</mcc><mnc>06</mnc>
919	           <lac>16383</lac><cid>32767</cid>
920	         </observedCell>
921	       </cellular>
922	     </measurements>

924	             Figure 11: Example Observed Cellular Measurement

926	5.4.1.  Cellular Measurement Requests

928	   Two elements can be used in measurement requests for cellular
929	   measurements:

931	   type:  A label indicating the type of identifier to provide: one of
932	      "gsm", "umts", "lte", or "cdma".

934	   network:  The network portion of the cell identifier.  For 3GPP
935	      networks, this is the combination of MCC and MNC; for CDMA, this
936	      is the network identifier.

938	   Multiple identifier types or networks can be identified by repeating
939	   either element.

941	5.5.  GNSS Measurements

943	   GNSS use orbiting satellites to transmit signals.  A Device with a
944	   GNSS receiver is able to take measurements from the satellite
945	   signals.  The results of these measurements can be used to determine
946	   time and the location of the Device.

948	   Determining location and time in autonomous GNSS receivers follows
949	   three steps:

951	   Signal acquisition:  During the signal acquisition stage, the
952	      receiver searches for the repeating code that is sent by each GNSS
953	      satellite.  Successful operation typically requires measurement
954	      data for a minimum of 5 satellites.  At this stage, measurement
955	      data is available to the Device.

957	   Navigation message decode:  Once the signal has been acquired, the
958	      receiver then receives information about the configuration of the
959	      satellite constellation.  This information is broadcast by each
960	      satellite and is modulated with the base signal at a low rate; for
961	      instance, GPS sends this information at about 50 bits per second.

963	   Calculation:  The measurement data is combined with the data on the
964	      satellite constellation to determine the location of the receiver
965	      and the current time.

967	   A Device that uses a GNSS receiver is able to report measurements
968	   after the first stage of this process.  A LIS can use the results of
969	   these measurements to determine a location.  In the case where there
970	   are fewer results available than the optimal minimum, the LIS might
971	   be able to use other sources of measurement information and combine
972	   these with the available measurement data to determine a position.

974	      Note: The use of different sets of GNSS _assistance data_ can
975	      reduce the amount of time required for the signal acquisition
976	      stage and obviate the need for the receiver to extract data on the
977	      satellite constellation.  Provision of assistance data is outside
978	      the scope of this document.

980	   Figure 12 shows an example of GNSS measurement data.  The measurement
981	   shown is for the GPS system and includes measurement data for three
982	   satellites only.

984	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
985	                   time="2008-04-29T14:33:58" timeError="2e-5">
986	       <gnss xmlns="urn:ietf:params:xml:ns:geopriv:lm:gnss"
987	             system="gps" signal="L1">
988	         <sat num="19">
989	           <doppler>499.9395</doppler>
990	           <codephase rmsError="1.6e-9">0.87595747</codephase>
991	           <cn0>45</cn0>
992	         </sat>
993	         <sat num="27">
994	           <doppler>378.2657</doppler>
995	           <codephase rmsError="1.6e-9">0.56639479</codephase>
996	           <cn0>52</cn0>
997	         </sat>
998	         <sat num="20">
999	           <doppler>-633.0309</doppler>
1000	           <codephase rmsError="1.6e-9">0.57016835</codephase>
1001	           <cn0>48</cn0>
1002	         </sat>
1003	       </gnss>
1004	     </measurements>

1006	                    Figure 12: Example GNSS Measurement

1008	   Each "gnss" element represents a single set of GNSS measurement data,
1009	   taken at a single point in time.  Measurements taken at different
1010	   times can be included in different "gnss" elements to enable
1011	   iterative refinement of results.

1013	   GNSS measurement parameters are described in more detail in the
1014	   following sections.

1016	5.5.1.  GNSS System and Signal

1018	   The GNSS measurement structure is designed to be generic and to apply
1019	   to different GNSS types.  Different signals within those systems are
1020	   also accounted for and can be measured separately.

1022	   The GNSS type determines the time system that is used.  An indication
1023	   of the type of system and signal can ensure that the LIS is able to
1024	   correctly use measurements.

1026	   Measurements for multiple GNSS types and signals can be included by
1027	   repeating the "gnss" element.

1029	   This document creates an IANA registry for GNSS types.  Two satellite
1030	   systems are registered by this document: GPS [GPS.ICD] and Galileo
1031	   [Galileo.ICD].  Details for the registry are included in Section 9.1.

1033	5.5.2.  Time

1035	   Each set of GNSS measurements is taken at a specific point in time.
1036	   The "time" attribute is used to indicate the time that the
1037	   measurement was acquired, if the receiver knows how the time system
1038	   used by the GNSS relates to UTC time.

1040	   Alternative to (or in addition to) the measurement time, the
1041	   "gnssTime" element MAY be included.  The "gnssTime" element includes
1042	   a relative time in milliseconds using the time system native to the
1043	   satellite system.  For the GPS satellite system, the "gnssTime"
1044	   element includes the time of week in milliseconds.  For the Galileo
1045	   system, the "gnssTime" element includes the time of day in
1046	   milliseconds.

1048	   The accuracy of the time measurement provided is critical in
1049	   determining the accuracy of the location information derived from
1050	   GNSS measurements.  The receiver SHOULD indicate an estimated time
1051	   error for any time that is provided.  An RMS error can be included
1052	   for the "gnssTime" element, with a value in milliseconds.

1054	5.5.3.  Per-Satellite Measurement Data

1056	   Multiple satellites are included in each set of GNSS measurements
1057	   using the "sat" element.  Each satellite is identified by a number in
1058	   the "num" attribute.  The satellite number is consistent with the
1059	   identifier used in the given GNSS.

1061	   Both the GPS and Galileo systems use satellite numbers between 1 and
1062	   64.

1064	   The GNSS receiver measures the following parameters for each
1065	   satellite:

1067	   doppler:  The observed Doppler shift of the satellite signal,
1068	      measured in meters per second.  This is converted from a value in
1069	      Hertz by the receiver to allow the measurement to be used without
1070	      knowledge of the carrier frequency of the satellite system.  This
1071	      value includes an optional RMS error attribute, also measured in
1072	      meters per second.

1074	   codephase:  The observed code phase for the satellite signal,
1075	      measured in milliseconds.  This is converted the system-specific
1076	      value of chips or wavelengths into a system independent value.
1077	      Larger values indicate larger distances from satellite to
1078	      receiver.  This value includes an optional RMS error attribute,
1079	      also measured in milliseconds.

1081	   cn0:  The signal to noise ratio for the satellite signal, measured in
1082	      decibel-Hertz (dB-Hz).  The expected range is between 20 and 50
1083	      dB-Hz.

1085	   mp:  An estimation of the amount of error that multipath signals
1086	      contribute in metres.  This parameter is optional.

1088	   cq:  An indication of the carrier quality.  Two attributes are
1089	      included: "continuous" may be either "true" or "false"; direct may
1090	      be either "direct" or "inverted".  This parameter is optional.

1092	   adr:  The accumulated Doppler range, measured in metres.  This
1093	      parameter is optional and is not useful unless multiple sets of
1094	      GNSS measurements are provided or differential positioning is
1095	      being performed.

1097	   All values are converted from measures native to the satellite system
1098	   to generic measures to ensure consistency of interpretation.  Unless
1099	   necessary, the schema does not constrain these values.

1101	5.5.4.  GNSS Measurement Requests

1103	   Measurement requests can include a "gnss" element, which includes the
1104	   "system" and "signal" attributes.  Multiple elements can be included
1105	   to indicate a requests for GNSS measurements from multiple systems or
1106	   signals.

1108	5.6.  DSL Measurements

1110	   Digital Subscriber Line (DSL) networks rely on a range of network
1111	   technologies.  DSL deployments regularly require cooperation between
1112	   multiple organizations.  These fall into two broad categories:
1113	   infrastructure providers and Internet service providers (ISPs).  For
1114	   the same end user, an infrastructure and Internet service can be
1115	   provided by different entities.  Infrastructure providers manage the
1116	   bulk of the physical infrastructure including cabling.  End users
1117	   obtain their service from an ISP, which manages all aspects visible
1118	   to the end user including IP address allocation and operation of a
1119	   LIS.  See [DSL.TR025] and [DSL.TR101] for further information on DSL
1120	   network deployments and the parameters that are available.

1122	   Exchange of measurement information between these organizations is
1123	   necessary for location information to be correctly generated.  The
1124	   ISP LIS needs to acquire location information from the infrastructure
1125	   provider.  However, since the infrastructure provider could have no
1126	   knowledge of Device identifiers, it can only identify a stream of
1127	   data that is sent to the ISP.  This is resolved by passing
1128	   measurement data relating to the Device to a LIS operated by the
1129	   infrastructure provider.

1131	5.6.1.  L2TP Measurements

1133	   Layer 2 Tunneling Protocol (L2TP) is a common means of linking the
1134	   infrastructure provider and the ISP.  The infrastructure provider LIS
1135	   requires measurement data that identifies a single L2TP tunnel, from
1136	   which it can generate location information.  Figure 13 shows an
1137	   example L2TP measurement.

1139	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1140	                   time="2008-04-29T14:33:58">
1141	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1142	         <l2tp>
1143	           <src>192.0.2.10</src>
1144	           <dest>192.0.2.61</dest>
1145	           <session>528</session>
1146	         </l2tp>
1147	       </dsl>
1148	     </measurements>

1150	                  Figure 13: Example DSL L2TP Measurement

1152	5.6.2.  RADIUS Measurements

1154	   When authenticating network access, the infrastructure provider might
1155	   employ a RADIUS [RFC2865] proxy at the DSL Access Module (DSLAM) or
1156	   Access Node (AN).  These messages provide the ISP RADIUS server with
1157	   an identifier for the DSLAM or AN, plus the slot and port that the
1158	   Device is attached on.  These data can be provided as a measurement,
1159	   which allows the infrastructure provider LIS to generate location
1160	   information.

1162	   The format of the AN, slot and port identifiers are not defined in
1163	   the RADIUS protocol.  Slot and port together identify a circuit on
1164	   the AN, analogous to the circuit identifier in [RFC3046].  These
1165	   items are provided directly, as they were in the RADIUS message.  An
1166	   example is shown in Figure 14.

1168	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1169	                   time="2008-04-29T14:33:58">
1170	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1171	         <an>AN-7692</an>
1172	         <slot>3</slot>
1173	         <port>06</port>
1174	       </dsl>
1175	     </measurements>
1176	                 Figure 14: Example DSL RADIUS Measurement

1178	5.6.3.  Ethernet VLAN Tag Measurements

1180	   For Ethernet-based DSL access networks, the DSL Access Module (DSLAM)
1181	   or Access Node (AN) provide two VLAN tags on packets.  A C-TAG is
1182	   used to identify the incoming residential circuit, while the S-TAG is
1183	   used to identify the DSLAM or AN.  The C-TAG and S-TAG together can
1184	   be used to identify a single point of network attachment.  An example
1185	   is shown in Figure 15.

1187	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1188	                   time="2008-04-29T14:33:58">
1189	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1190	         <stag>613</stag>
1191	         <ctag>1097</ctag>
1192	       </dsl>
1193	     </measurements>

1195	                Figure 15: Example DSL VLAN Tag Measurement

1197	   Alternatively, the C-TAG can be replaced by data on the slot and port
1198	   that the Device is attached to.  This information might be included
1199	   in RADIUS requests that are proxied from the infrastructure provider
1200	   to the ISP RADIUS server.

1202	5.6.4.  ATM Virtual Circuit Measurements

1204	   An ATM virtual circuit can be employed between the ISP and
1205	   infrastructure provider.  Providing the virtual port ID (VPI) and
1206	   virtual circuit ID (VCI) for the virtual circuit gives the
1207	   infrastructure provider LIS the ability to identify a single data
1208	   stream.  A sample measurement is shown in Figure 16.

1210	     <measurements xmlns="urn:ietf:params:xml:ns:geopriv:lm"
1211	                   time="2008-04-29T14:33:58">
1212	       <dsl xmlns="urn:ietf:params:xml:ns:geopriv:lm:dsl">
1213	         <vpi>55</vpi>
1214	         <vci>6323</vci>
1215	       </dsl>
1216	     </measurements>

1218	                  Figure 16: Example DSL ATM Measurement

1220	6.  Privacy Considerations

1222	   Location-related measurement data can be as privacy sensitive as
1223	   location information.

1225	   Measurement data is effectively equivalent to location information if
1226	   the contextual knowledge necessary to generate one from the other is
1227	   readily accessible.  Even where contextual knowledge is difficult to
1228	   acquire, there can be no assurance that an authorized recipient of
1229	   the contextual knowledge is also authorized to receive location
1230	   information.

1232	   In order to protect the privacy of the subject of location-related
1233	   measurement data, this implies that measurement data is protected
1234	   with the same degree of protection as location information.

1236	6.1.  Measurement Data Privacy Model

1238	   It is less desirable to distribute measurement data in the same
1239	   fashion as location information.  Measurement data is less useful to
1240	   location recipients than location information.  Therefore, a simple
1241	   distribution model is desirable.

1243	   In this simple model, the Device is the only entity that is able to
1244	   distribute measurement data.  To use an analogy from the GEOPRIV
1245	   architecture, the Device - as the Location Generator (or the
1246	   Measurement Data Generator) - is the sole entity that can assume the
1247	   roles of Rule Maker and Location Server.

1249	   No entity is permitted to redistribute measurement data.  The Device
1250	   directs other entities in how measurement data is used and retained.

1252	6.2.  LIS Privacy Requirements

1254	   A LIS MUST NOT reveal location-related measurement data or location
1255	   information based on measurement data to any other entity unless
1256	   directed to do so by the Device.

1258	   By adding measurement data to a request for location information, the
1259	   Device implicitly grants permission for the LIS to generate the
1260	   requested location information using the measurement data.
1261	   Permission to use this data for any other purpose is not implied.

1263	   As long as measurement data is only used in serving the request that
1264	   contains it, rules regarding data retention are not necessary.  A LIS
1265	   MUST discard location-related measurement data after servicing a
1266	   request, unless the Device grants permission to use that information
1267	   for other purposes.

1269	6.3.  Measurement Data and Location URIs

1271	   A LIS MAY use measurement data provided by the Device to serve
1272	   requests to location URIs, if the Device permits it.  A Device
1273	   permits this by including measurement data in a request that
1274	   explcitly requests a location URI.  By requesting a location URI, the
1275	   Device grants permission for the LIS to use the measurement data in
1276	   serving requests to that URI.

1278	   Note:  In HELD, the "any" type is not an explicit request for a
1279	      location URI, though a location URI might be provided.

1281	   The usefulness of measurement data that is provided in this fashion
1282	   is limited.  The measurement data is only valid at the time that it
1283	   was acquired by the Device.  At the time that a request is made to a
1284	   location URI, the Device might have moved, rendering the measurement
1285	   data incorrect.

1287	   A Device is able to explicitly limit the time that a LIS retains
1288	   measurement data by adding an expiry time to the measurement data,
1289	   see Section 4.1.2.

1291	6.4.  Third-Party-Provided Measurement Data

1293	   An authorized third-party request for the location of a Device (see
1294	   [I-D.ietf-geopriv-held-identity-extensions]) can include location-
1295	   related measurement data.  This is possible where the third-party is
1296	   able to make observations about the Device.

1298	   A third-party that provides measurement data MUST be authorized to
1299	   provide the specific measurement for the identified device.  A third-
1300	   party MUST either be trusted by the LIS for the purposes of providing
1301	   measurement data of the provided type, or the measurement data MUST
1302	   be validated (see Section 7.2.1) before being used.

1304	   How a third-party authenticates its identity or gains authorization
1305	   to use measurement data is not covered by this document.

1307	7.  Security Considerations

1309	   Use of location-related measurement data has privacy considerations
1310	   that are discussed in Section 6.

1312	7.1.  Threat Model

1314	   The threat model for location-related measurement data concentrates
1315	   on the Device providing falsified, stolen or incorrect measurement
1316	   data.

1318	   A Device that provides location location-related measurement data
1319	   might use data to:

1321	   o  acquire the location of another Device, without authorization;

1323	   o  extract information about network topology; or

1325	   o  coerce the LIS into providing falsified location information based
1326	      on the measurement data.

1328	   Location-related measurement data describes the physical environment
1329	   or network attachment of a Device.  A third party adversary in the
1330	   proximity of the Device might be able to alter the physical
1331	   environment such that the Device provides measurement data that is
1332	   controlled by the third party.  This might be used to indirectly
1333	   control the location information that is derived from measurement
1334	   data.

1336	7.1.1.  Acquiring Location Information Without Authorization

1338	   Requiring authorization for location requests is an important part of
1339	   privacy protections of a location protocol.  A location configuration
1340	   protocol usually operates under a restricted policy that allows a
1341	   requester to obtain their own location.  HELD identity extensions
1342	   [I-D.ietf-geopriv-held-identity-extensions] allows other entities to
1343	   be authorized, conditional on a Rule Maker providing sufficient
1344	   authorization.

1346	   The intent of these protections is to ensure that a location
1347	   recipient is authorized to acquire location information.  Location-
1348	   related measurement data could be used by an attacker to circumvent
1349	   such authorization checks if the association between measurement data
1350	   and Target Device is not validated by a LIS.

1352	   A LIS can be coerced into providing location information for a Device
1353	   that a location recipient is not authorized to receive.  A request
1354	   identifies one Device (implicitly or explicitly), but measurement
1355	   data is provided for another Device.  If the LIS does not check that
1356	   the measurement data is for the identified Device, it could
1357	   incorrectly authorize the request.

1359	   By using unvalidated measurement data to generate a response, the LIS
1360	   provides information about a Device without appropriate
1361	   authorization.

1363	   The feasibility of this attack depends on the availability of
1364	   information that links a Device with measurement data.  In some
1365	   cases, measurement data that is correlated with a target is readily
1366	   available.  For instance, LLDP measurements (Section 5.1) are
1367	   broadcast to all nodes on the same network segment.  An attacker on
1368	   that network segment can easily gain measurement data that relates a
1369	   Device with measurements.

1371	   For some types of measurement data, it's necessary for an attacker to
1372	   know the location of the target in order to determine what
1373	   measurements to use.  This attack is meaningless for types of
1374	   measurement data that require that the attacker first know the
1375	   location of the target before measurement data can be acquired or
1376	   fabricated.  GNSS measurements (Section 5.5) share this trait with
1377	   many wireless location determination methods.

1379	7.1.2.  Extracting Network Topology Data

1381	   Allowing requests with measurements might be used to collect
1382	   information about a network topology.  This is possible if requests
1383	   containing measurements are permitted.

1385	   Network topology can be considered sensitive information by a network
1386	   operator for commercial or security reasons.  While it is impossible
1387	   to completely prevent a Device from acquiring some knowledge of
1388	   network topology if a location service is provided, a network
1389	   operator might desire to limit how much of this information is made
1390	   available.

1392	   Mapping a network topology does not require that an attacker be able
1393	   to associate measurement data with a particular Device.  If a
1394	   requester is able to try a number of measurements, it is possible to
1395	   acquire information about network topology.

1397	   It is not even necessary that the measurements are valid; random
1398	   guesses are sufficient, provided that there is no penalty or cost
1399	   associated with attempting to use the measurements.

1401	7.1.3.  Lying By Proxy

1403	   Location information is a function of its inputs, which includes
1404	   measurement data.  Thus, falsified measurement data can be used to
1405	   alter the location information that is provided by a LIS.

1407	   Some types of measurement data are relatively easy to falsify in a
1408	   way that the resulting location information to be selected with
1409	   little or no error.  For instance, GNSS measurements are easy to use
1410	   for this purpose because all the contextual information necessary to
1411	   calculate a position using measurements is broadcast by the
1412	   satellites [HARPER].

1414	   An attacker that falsifies measurement data gains little if they are
1415	   the only recipients of the result.  The attacker knows that the
1416	   location information is bad.  The attacker only gains if the
1417	   information can somehow be attributed to the LIS by another location
1418	   recipient.

1420	   A recipient might evaluate the trustworthiness of the location
1421	   information based on the credibility of its source.  By coercing the
1422	   LIS into providing falsified location information, any credibility
1423	   that the LIS might have - that the attacker does not - is gained by
1424	   the attacker.

1426	   A third-party that is reliant on the integrity of the location
1427	   information might base an evaluation of the credibility of the
1428	   information on the source of the information.  If that third party is
1429	   able to attribute location information to the LIS, then an attacker
1430	   might gain.

1432	   Location information that is provided to the Device without any means
1433	   to identify the LIS as its source is not subject to this attack.  The
1434	   Device is identified as the source of the data when it distributes
1435	   the location information to location recipients.

1437	   An attacker gains if they are able to coerce the LIS into providing
1438	   location information based on falsified measurement data and that
1439	   information can be attributed to the LIS.

1441	   Location information is attributed to the LIS either through the use
1442	   of digital signatures or by having the location recipient directly
1443	   interact with the LIS.  A LIS that digitally signs location
1444	   information becomes identifiable as the source of the data.
1445	   Similarly, the LIS is identified as a source of data if a location
1446	   recipient acquires information directly from a LIS using a location
1447	   URI.

1449	7.1.4.  Measurement Replay

1451	   The value of some measured properties do not change over time for a
1452	   single location.  This allows for simple replay attacks, where an
1453	   attacker acquires measurements that can later be used without being
1454	   detected as being invalid.

1456	   Measurement data is frequently an observation of an time-invariant
1457	   property of the environment at the subject location.  For
1458	   measurements of this nature, nothing in the measurement itself is
1459	   sufficient proof that the Device is present at the resulting
1460	   location.  Measurement data might have been previously acquired and
1461	   reused.

1463	   For instance, the identity of a radio transmitter, if broadcast by
1464	   that transmitter, can be collected and stored.  An attacker that
1465	   wishes it known that they exist at a particular location, can claim
1466	   to observe this transmitter at any time.  Nothing inherent in the
1467	   claim reveals it to be false.

1469	   For properties of a network, time-invariance is often directly as a
1470	   result of the practicalities of operating the network.  Limiting the
1471	   changes to a network ensures greater consistency of service.  A
1472	   largely static network also greatly simplifies the data management
1473	   tasks involved with providing a location service.

1475	7.1.5.  Environment Spoofing

1477	   Some types of measurement data can be altered or influenced by a
1478	   third party so that a Device.  If it is possible for a third party to
1479	   alter the measured phenomenon, then any location information that is
1480	   derived from this data can be indirectly influenced.

1482	   Altering the environment in this fashion might not require
1483	   involvement with either Device or LIS.  Measurement that is passive -
1484	   where the Device observes a signal or other phenomenon without direct
1485	   interaction - are most susceptible to alteration by third parties.

1487	   Measurement of radio signal characteristics is especially vulnerable
1488	   since an adversary need only be in the general vicinity of the Device
1489	   and be able to transmit a signal.  For instance, a GNSS spoofer is
1490	   able to produce fake signals that claim to be transmitted by any
1491	   satellite or set of satellites (see [GPS.SPOOF]).

1493	   Measurements that require direct interaction increases the complexity
1494	   of the attack.  For measurements relating to the communication
1495	   medium, a third party cannot avoid direct interaction, they need only
1496	   be on the comminications path (that is, man in the middle).

1498	   Even if the entity that is interacted with is authenticated, this
1499	   does not provide any assurance about the integrity of measurement
1500	   data.  For instance, the Device might authenticate the identity of a
1501	   radio transmitter through the use of cryptographic means and obtain
1502	   signal strength measurements for that transmitter.  Radio signal
1503	   strength is trivial for an attacker to increase simply by receiving
1504	   and amplifying the raw signal; it is not necessary for the attacker
1505	   to be able to understand the signal content.

1507	   Note:  This particular "attack" is more often completely legitimate.
1508	      Radio repeaters are commonplace mechanism used to increase radio
1509	      coverage.

1511	   Attacks that rely on altering the observed environment of a Device
1512	   require countermeasures that affect the measurement process.  For
1513	   radio signals, countermeasures could include the use of authenticated
1514	   signals, altered receiver design.  In general, countermeasures are
1515	   highly specific to the individual measurement process.  An exhaustive
1516	   discussion of these issues is left to the relevant literature for
1517	   each measurement technology.

1519	   A Device that provides measurement data is assumed to be responsible
1520	   for applying appropriate countermeasures against this type of attack.

1522	   For a Device that is the ultimate recipient of location information
1523	   derived from measurement data, a LIS might choose to provide location
1524	   information without any validation.  The responsibility for ensuring
1525	   the veracity of the measurement data lies with the Device.

1527	   Measurement data that is susceptible to this sort of influence MUST
1528	   be treated as though it were produced by an untrusted Device for
1529	   those cases where a location recipient might attribute the location
1530	   information to the LIS.  Such measurement data MUST be subjected to
1531	   the same validation as for other types of attacks that rely on
1532	   measurement falsification.

1534	   Note:  Altered measurement data might be provided by a Device that
1535	      has no knowledge of the alteration.  Thus, an otherwise trusted
1536	      Device might still be an unreliable source of measurement data.

1538	7.2.  Mitigation

1540	   The following measures can be applied to limit or prevent attacks.
1541	   The effectiveness of each depends on the type of measurement data and
1542	   how that measurement data is acquired.

1544	   Two general approaches are identified for dealing with untrusted
1545	   measurement data:

1547	   1.  Require independent validation of measurement data or the
1548	       location information that is produced.

1550	   2.  Identify the types of sources that provided the measurement data
1551	       that location information was derived from.

1553	   This section goes into more detail on the different forms of
1554	   validation in Section 7.2.1, Section 7.2.2, and Section 7.2.3.  The
1555	   impact of attributing location information to sources is discussed in
1556	   more detail in Section 7.2.4.

1558	7.2.1.  Measurement Validation

1560	   Detecting that measurement data has been falsified is difficult in
1561	   the absence of integrity mechanisms.

1563	   Independent confirmation of the veracity of measurement data ensures
1564	   that the measurement is accurate and that it applies to the correct
1565	   Device.  By gathering the same measurement data from a trusted and
1566	   independent source, the LIS is able to check that the measurement
1567	   data is correct.

1569	   Measurement information might contain no inherent indication that it
1570	   is falsified.  On the contrary, it can be difficult to obtain
1571	   information that would provide any degree of assurance that the
1572	   measurement device is physically at any particular location.
1573	   Measurements that are difficult to verify require other forms of
1574	   assurance before they can be used.

1576	7.2.1.1.  Effectiveness

1578	   Measurement validation MUST be used if measurement data for a
1579	   particular Device can be easily acquired by unauthorized location
1580	   recipients, as described in Section 7.1.1.  This prevents
1581	   unauthorized access to location information using measurement data.

1583	   Validation of measurement data can be significantly more effective
1584	   than independent acquisition of the same.  For instance, a Device in
1585	   a large Ethernet network could provide a measurement indicating its
1586	   point of attachment using LLDP measurements.  For a LIS, acquiring
1587	   the same measurement data might require a request to all switches in
1588	   that network.  With the measurement data, validation can target the
1589	   identified switch with a specific query.

1591	   Validation is effective in identifying falsified measurement data
1592	   (Section 7.1.3), including attacks involving replay of measurement
1593	   data (Section 7.1.4).  Validation also limits the amount of network
1594	   topology information (Section 7.1.2) made available to Devices to
1595	   that portion of the network topology that they are directly attached.

1597	   Measurement validation has no effect if the underlying effect is
1598	   being spoofed (Section 7.1.5).

1600	7.2.1.2.  Limitations (Unique Observer)

1602	   A Device is often in a unique position to make a measurement.  It
1603	   alone occupies the point in space-time that the location
1604	   determination process seeks to determine.  The Device becomes a
1605	   unique observer for a particular property.

1607	   The ability of the Device to become a unique observer makes the
1608	   Device invaluable to the location determination process.  As a unique
1609	   observer, it also makes the claims of a Device difficult to validate
1610	   and easily to spoof.

1612	   As long as no other entity is capable of making the same
1613	   measurements, there is also no other entity that can independently
1614	   check that the measurements are correct and applicable to the Device.
1615	   A LIS might be unable to validate all or part of the measurement data
1616	   it receives from a unique observer.  For instance, a signal strength
1617	   measurement of the signal from a radio tower cannot be validated
1618	   directly.

1620	   Some portion of the measurement data might still be independently
1621	   verified, even if all information cannot.  In the previous example,
1622	   the radio tower might be able to provide verification that the Device
1623	   is present if it is able to observe a radio signal sent by the
1624	   Device.

1626	   If measurement data can only be partially validated, the extent to
1627	   which it can be validated determines the effectiveness of validation
1628	   against these attacks.

1630	   The advantage of having the Device as a unique observer is that it
1631	   makes it difficult for an attacker to acquire measurements without
1632	   the assistance of the Device.  Attempts to use measurements to gain
1633	   unauthorized access to measurement data (Section 7.1.1) are largely
1634	   ineffectual against a unique observer.

1636	7.2.2.  Location Validation

1638	   Location information that is derived from location-related
1639	   measurement data can also be verified against trusted location
1640	   information.  Rather than validating inputs to the location
1641	   determination process, suspect locations are identified at the output
1642	   of the process.

1644	   Trusted location information is acquired using sources of measurement
1645	   data that are trusted.  Untrusted location information is acquired
1646	   using measurement data provided from untrusted sources, which might
1647	   include the Device.  These two locations are compared.  If the
1648	   untrusted location agrees with the trusted location, the untrusted
1649	   location information is used.

1651	   Algorithms for the comparison of location information are not
1652	   included in this document.  However, a simple comparison for
1653	   agreement might require that the untrusted location be entirely
1654	   contained within the uncertainty region of the trusted location.

1656	   There is little point in using a less accurate, less trusted
1657	   location.  Untrusted location information that has worse accuracy
1658	   than trusted information can be immediately discarded.  There are
1659	   multiple factors that affect accuracy, uncertainty and currency being
1660	   the most important.  How location information is compared for
1661	   accuracy is not defined in this document.

1663	7.2.2.1.  Effectiveness

1665	   Location validation limits the extent to which falsified - or
1666	   erroneous - measurement data can cause an incorrect location to be
1667	   reported.

1669	   Location validation can be more efficient than validation of inputs,
1670	   particularly for a unique observer (Section 7.2.1.2).

1672	   Validating location ensures that the Device is at or near the
1673	   resulting location.  Location validation can be used to limit or
1674	   prevent all of the attacks identified in this document.

1676	7.2.2.2.  Limitations

1678	   The trusted location that is used for validation is always less
1679	   accurate than the location that is being checked.  The amount by
1680	   which the untrusted location is more accurate, is the same amount
1681	   that an attacker can exploit.

1683	   For example, a trusted location might indicate a five kilometer
1684	   radius uncertainty region.  An untrusted location that describes a
1685	   100 meter uncertainty within the larger region might be accepted as
1686	   more accurate.  An attacker might still falsify measurement data to
1687	   select any location within the larger uncertainty region.  While the
1688	   100 meter uncertainty that is reported seems more accurate, a
1689	   falsified location could be anywhere in the five kilometer region.

1691	   Where measurement data might have been falsified, the actual
1692	   uncertainty is effectively much higher.  Local policy might allow
1693	   differing degrees of trust to location information derived from
1694	   untrusted measurement data.  This might not be a boolean operation
1695	   with only two possible outcomes: untrusted location information might
1696	   be used entirely or not at all, or it could be combined with trusted
1697	   location information with the degree to which each contributes based
1698	   on a value set in local policy.

1700	7.2.3.  Supporting Observations

1702	   Replay attacks using previously acquired measurement data are
1703	   particularly hard to detect without independent validation.  Rather
1704	   than validate the measurement data directly, supplementary data might
1705	   be used to validate measurements or the location information derived
1706	   from those measurements.

1708	   These supporting observations could be used to convey information
1709	   that provides additional assurance that the Device was acquired at a
1710	   specific time and place.  In effect, the Device is requested to
1711	   provide proof of its presence at the resulting location.

1713	   For instance, a Device that measures attributes of a radio signal
1714	   could also be asked to provide a sample of the measured radio signal.
1715	   If the LIS is able to observe the same signal, the two observations
1716	   could be compared.  Providing that the signal cannot be predicted in
1717	   advance by the Device, this could be used to support the claim that
1718	   the Device is able to receive the signal.  Thus, the Device is likely
1719	   to be within the range that the signal is transmitted.  A LIS could
1720	   use this to attribute a higher level of trust in the associated
1721	   measurement data or resulting location.

1723	7.2.3.1.  Effectiveness

1725	   The use of supporting observations is limited by the ability of the
1726	   LIS to acquire and validate these observations.  The advantage of
1727	   selecting observations independent of measurement data is that
1728	   observations can be selected based on how readily available the data
1729	   is for both LIS and Device.  The amount and quality of the data can
1730	   be selected based on the degree of assurance that is desired.

1732	   Use of supporting observations is similar to both measurement
1733	   validation and location validation.  All three methods rely on
1734	   independent validation of one or more properties.  Applicability of
1735	   each method is similar.

1737	   Use of supporting observations can be used to limit or prevent all of
1738	   the attacks identified in this document.

1740	7.2.3.2.  Limitations

1742	   The effectiveness of the validation method depends on the quality of
1743	   the supporting observation: how hard it is to obtain at a different
1744	   time or place, how difficult it is to guess and what other costs
1745	   might be involved in acquiring this data.

1747	   In the example of an observed radio signal, requesting a sample of
1748	   the signal only provides an assurance that the Device is able to
1749	   receive the signal transmitted by the measured radio transmitter.
1750	   This only provides some assurance that the Device is within range of
1751	   the transmitter.

1753	   As with location validation, a Device might still be able to provide
1754	   falsified measurements that could alter the value of the location
1755	   information as long as the result is within this region.

1757	   Requesting additional supporting observations can reduce the size of
1758	   the region over which location information can be altered by an
1759	   attacker, or increase trust in the result, but each additional has a
1760	   cost.  Supporting observations contribute little or nothing toward
1761	   the primary goal of determining the location of the Device.  Any
1762	   costs in acquiring supporting observations are balanced against the
1763	   degree of integrity desired of the resulting location information.

1765	7.2.4.  Attribution

1767	   Lying by proxy (Section 7.1.3) relies on the location recipient being
1768	   able to attribute location information to a LIS.  The effectiveness
1769	   of this attack is negated if location information is explicitly
1770	   attributed to a particular source.

1772	   This requires an extension to the location object that explicitly
1773	   identifies the source (or sources) of each item of location
1774	   information.

1776	   Rather than relying on a process that seeks to ensure that location
1777	   information is accurate, this approach instead provides a location
1778	   recipient with the information necessary to reach their own
1779	   conclusion about the trustworthiness of the location information.

1781	   Including an authenticated identity for all sources of measurement
1782	   data is presents a number of technical and operational challenges.
1783	   It is possible that the LIS has a transient relationship with a
1784	   Device.  A Device is not expected to share authentication information
1785	   with a LIS.  There is no assurance that Device identification is
1786	   usable by a potential location recipient.  Privacy concerns might
1787	   also prevent the sharing identification information, even if it were
1788	   available and usable.

1790	   Identifying the type of measurement source allows a location
1791	   recipient to make a decision about the trustworthiness of location
1792	   information without depending on having authenticated identity
1793	   information for each source.  An element for this purpose is defined
1794	   in Section 4.4.

1796	   When including location information that is based on measurement data
1797	   from sources that might be untrusted, a LIS SHOULD include
1798	   alternative location information that is derived from trusted sources
1799	   of measurement data.  Each item of location information can then be
1800	   labelled with the source of that data.

1802	   A location recipient that is able to identify a specific source of
1803	   measurement data (whether it be LIS or Device) can use this
1804	   information to attribute location information to either or both
1805	   entity.  The location recipient is then better able to make decisions
1806	   about trustworthiness based on the source of the data.

1808	   A location recipient that does not understand the "source" element is
1809	   unable to make this distinction.  When constructing a PIDF-LO
1810	   document, trusted location information MUST be placed in the PIDF-LO
1811	   so that it is given higher priority to any untrusted location
1812	   information according to Rule #8 of [RFC5491].

1814	   Attribution of information does nothing to address attacks that alter
1815	   the observed parameters that are used in location determination
1816	   (Section 7.1.5).

1818	7.2.5.  Stateful Correlation of Location Requests

1820	   Stateful examination of requests can be used to prevent a Device from
1821	   attempting to map network topology using requests for location
1822	   information (Section 7.1.2).

1824	   Simply limiting the rate of requests from a single Device reduces the
1825	   amount of data that a Device can acquire about network topology.

1827	8.  Measurement Schemas

1829	   The schema are broken up into their respective functions.  There is a
1830	   base container schema into which all measurements are placed, plus
1831	   definitions for a measurement request (Section 8.1).  A PIDF-LO
1832	   extension is defined in a separate schema (Section 8.2).  There is a
1833	   basic types schema, that contains various base type definitions for
1834	   things such as the "rmsError" and "samples" attributes IPv4, IPv6 and
1835	   MAC addresses (Section 8.3).  Then each of the specific measurement
1836	   types is defined in its own schema.

1838	8.1.  Measurement Container Schema
1839	  <?xml version="1.0"?>
1840	  <xs:schema
1841	      xmlns:lm="urn:ietf:params:xml:ns:geopriv:lm"
1842	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1843	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
1844	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm"
1845	      elementFormDefault="qualified"
1846	      attributeFormDefault="unqualified">

1848	    <xs:annotation>
1849	      <xs:appinfo
1850	          source="urn:ietf:params:xml:schema:geopriv:lm">
1851	      </xs:appinfo>
1852	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1853	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1854	             published RFC and remove this note.]] -->
1855	        This schema defines a framework for location measurements.
1856	      </xs:documentation>
1857	    </xs:annotation>

1859	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

1861	    <xs:element name="measurements">
1862	      <xs:complexType>
1863	        <xs:complexContent>
1864	          <xs:restriction base="xs:anyType">
1865	            <xs:sequence>
1866	              <xs:any namespace="##other" processContents="lax"
1867	                      minOccurs="0" maxOccurs="unbounded"/>
1868	            </xs:sequence>
1869	            <xs:attribute name="time" type="xs:dateTime"/>
1870	            <xs:attribute name="timeError" type="bt:positiveDouble"/>
1871	            <xs:attribute name="expires" type="xs:dateTime"/>
1872	            <xs:anyAttribute namespace="##any" processContents="lax"/>
1873	          </xs:restriction>
1874	        </xs:complexContent>
1875	      </xs:complexType>
1876	    </xs:element>

1878	    <xs:element name="measurementRequest"
1879	                type="lm:measurementRequestType"/>
1880	    <xs:complexType name="measurementRequestType">
1881	      <xs:complexContent>
1882	        <xs:restriction base="xs:anyType">
1883	          <xs:sequence>
1884	            <xs:element ref="lm:measurement"
1885	                        minOccurs="0" maxOccurs="unbounded"/>
1886	            <xs:any namespace="##other" processContents="lax"
1887	                    minOccurs="0" maxOccurs="unbounded"/>
1888	          </xs:sequence>
1889	        </xs:restriction>
1890	      </xs:complexContent>
1891	    </xs:complexType>

1893	    <xs:element name="measurement" type="lm:measurementType"/>
1894	    <xs:complexType name="measurementType">
1895	      <xs:complexContent>
1896	        <xs:restriction base="xs:anyType">
1897	          <xs:sequence>
1898	            <xs:any namespace="##other" processContents="lax"
1899	                    minOccurs="0" maxOccurs="unbounded"/>
1900	          </xs:sequence>
1901	          <xs:attribute name="type" type="xs:QName" use="required"/>
1902	          <xs:attribute name="samples" type="xs:positiveInteger"/>
1903	        </xs:restriction>
1904	      </xs:complexContent>
1905	    </xs:complexType>

1907	    <!-- PIDF-LO extension for source -->
1908	    <xs:element name="source" type="lm:sourceType"/>
1909	    <xs:simpleType name="sourceType">
1910	      <xs:list>
1911	        <xs:simpleType>
1912	          <xs:restriction base="xs:token">
1913	            <xs:enumeration value="lis"/>
1914	            <xs:enumeration value="device"/>
1915	            <xs:enumeration value="other"/>
1916	          </xs:restriction>
1917	        </xs:simpleType>
1918	      </xs:list>
1919	    </xs:simpleType>
1920	  </xs:schema>

1922	                       Measurement Container Schema

1924	8.2.  Measurement Source Schema

1926	   <?xml version="1.0"?>
1927	   <xs:schema
1928	       xmlns:lmsrc="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
1929	       xmlns:xs="http://www.w3.org/2001/XMLSchema"
1930	       targetNamespace="urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc"
1931	       elementFormDefault="qualified"
1932	       attributeFormDefault="unqualified">

1934	     <xs:annotation>
1935	       <xs:appinfo
1936	           source="urn:ietf:params:xml:schema:pidf:geopriv10:lmsrc">
1937	       </xs:appinfo>
1938	       <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1939	         <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1940	              published RFC and remove this note.]] -->
1941	         This schema defines an extension to PIDF-LO that indicates the
1942	         type of source that produced the measurement data used in
1943	         generating the associated location information.
1944	       </xs:documentation>
1945	     </xs:annotation>

1947	     <xs:element name="source" type="lmsrc:sourceType"/>
1948	     <xs:simpleType name="sourceType">
1949	       <xs:list>
1950	         <xs:simpleType>
1951	           <xs:restriction base="xs:token">
1952	             <xs:enumeration value="lis"/>
1953	             <xs:enumeration value="device"/>
1954	             <xs:enumeration value="other"/>
1955	           </xs:restriction>
1956	         </xs:simpleType>
1957	       </xs:list>
1958	     </xs:simpleType>
1959	   </xs:schema>

1961	                Measurement Source PIDF-LO Extension Schema

1963	8.3.  Base Type Schema

1965	   Note that the pattern rules in the following schema wrap due to
1966	   length constraints.  None of the patterns contain whitespace.

1968	   <?xml version="1.0"?>
1969	   <xs:schema
1970	     xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1971	     xmlns:xs="http://www.w3.org/2001/XMLSchema"
1972	     targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
1973	     elementFormDefault="qualified"
1974	     attributeFormDefault="unqualified">

1976	     <xs:annotation>
1977	       <xs:appinfo
1978	           source="urn:ietf:params:xml:schema:geopriv:lm:basetypes">
1979	       </xs:appinfo>
1980	       <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
1981	         <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
1982	              published RFC and remove this note.]] -->
1983	         This schema defines a set of base type elements.
1984	       </xs:documentation>
1985	     </xs:annotation>

1987	     <xs:simpleType name="byteType">
1988	       <xs:restriction base="xs:integer">
1989	         <xs:minInclusive value="0"/>
1990	         <xs:maxInclusive value="255"/>
1991	       </xs:restriction>
1992	     </xs:simpleType>
1993	     <xs:simpleType name="twoByteType">
1994	       <xs:restriction base="xs:integer">
1995	         <xs:minInclusive value="0"/>
1996	         <xs:maxInclusive value="65535"/>
1997	       </xs:restriction>
1998	     </xs:simpleType>

2000	     <xs:simpleType name="nonNegativeDouble">
2001	       <xs:restriction base="xs:double">
2002	         <xs:minInclusive value="0.0"/>
2003	       </xs:restriction>
2004	     </xs:simpleType>
2005	     <xs:simpleType name="positiveDouble">
2006	       <xs:restriction base="bt:nonNegativeDouble">
2007	         <xs:minExclusive value="0.0"/>
2008	       </xs:restriction>
2009	     </xs:simpleType>

2011	     <xs:complexType name="doubleWithRMSError">
2012	       <xs:simpleContent>
2013	         <xs:extension base="xs:double">
2014	           <xs:attribute name="rmsError" type="bt:positiveDouble"/>
2015	           <xs:attribute name="samples" type="xs:positiveInteger"/>
2016	         </xs:extension>
2017	       </xs:simpleContent>
2018	     </xs:complexType>
2019	     <xs:complexType name="nnDoubleWithRMSError">
2020	       <xs:simpleContent>
2021	         <xs:restriction base="bt:doubleWithRMSError">
2022	           <xs:minInclusive value="0"/>
2023	         </xs:restriction>
2024	       </xs:simpleContent>
2025	     </xs:complexType>

2027	     <xs:simpleType name="ipAddressType">
2028	       <xs:union memberTypes="bt:IPv6AddressType bt:IPv4AddressType"/>
2029	     </xs:simpleType>

2031	     <!-- IPv6 format definition -->
2032	     <xs:simpleType name="IPv6AddressType">
2033	       <xs:annotation>
2034	         <xs:documentation>
2035	           An IP version 6 address, based on RFC 4291.
2036	         </xs:documentation>
2037	       </xs:annotation>
2038	       <xs:restriction base="xs:token">
2039	         <!-- Fully specified address -->
2040	         <xs:pattern value="[0-9A-Fa-f]{1,4}(:[0-9A-Fa-f]{1,4}){7}"/>
2041	         <!-- Double colon start -->
2042	         <xs:pattern value=":(:[0-9A-Fa-f]{1,4}){1,7}"/>
2043	         <!-- Double colon middle -->
2044	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,6}
2045	                            (:[0-9A-Fa-f]{1,4}){1}"/>
2046	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,5}
2047	                            (:[0-9A-Fa-f]{1,4}){1,2}"/>
2048	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,4}
2049	                            (:[0-9A-Fa-f]{1,4}){1,3}"/>
2050	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,3}
2051	                            (:[0-9A-Fa-f]{1,4}){1,4}"/>
2052	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,2}
2053	                            (:[0-9A-Fa-f]{1,4}){1,5}"/>
2054	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1}
2055	                            (:[0-9A-Fa-f]{1,4}){1,6}"/>
2056	         <!-- Double colon end -->
2057	         <xs:pattern value="([0-9A-Fa-f]{1,4}:){1,7}:"/>
2058	         <!-- IPv4-Compatible and IPv4-Mapped Addresses -->
2059	         <xs:pattern value="((:(:0{1,4}){0,3}:[fF]{4})|(0{1,4}:
2060	             (:0{1,4}){0,2}:[fF]{4})|((0{1,4}:){2}
2061	             (:0{1,4})?:[fF]{4})|((0{1,4}:){3}:[fF]{4})
2062	             |((0{1,4}:){4}[fF]{4})):(25[0-5]|2[0-4][0-9]|
2063	             [0-1]?[0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]
2064	             ?[0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]?
2065	             [0-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|[0-1]?
2066	             [0-9]?[0-9])"/>
2067	         <!-- The unspecified address -->
2068	         <xs:pattern value="::"/>
2069	       </xs:restriction>
2070	     </xs:simpleType>

2072	     <!-- IPv4 format definition -->
2073	     <xs:simpleType name="IPv4AddressType">
2074	       <xs:restriction base="xs:token">
2075	         <xs:pattern value="(25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2076	                            (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2077	                            (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])\.
2078	                            (25[0-5]|2[0-4][0-9]|[0-1]?[0-9]?[0-9])"/>
2079	       </xs:restriction>
2080	     </xs:simpleType>

2082	     <!-- MAC address (EUI-48) or EUI-64 address -->
2083	     <xs:simpleType name="macAddressType">
2084	       <xs:restriction base="xs:token">
2085	         <xs:pattern
2086	     value="[\da-fA-F]{2}(-[\da-fA-F]{2}){5}((-[\da-fA-F]{2}){2})?"/>
2087	       </xs:restriction>
2088	     </xs:simpleType>

2090	   </xs:schema>

2092	                             Base Type Schema

2094	8.4.  LLDP Measurement Schema

2096	  <?xml version="1.0"?>
2097	  <xs:schema
2098	      xmlns:lldp="urn:ietf:params:xml:ns:geopriv:lm:lldp"
2099	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2100	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2101	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:lldp"
2102	      elementFormDefault="qualified"
2103	      attributeFormDefault="unqualified">

2105	    <xs:annotation>
2106	      <xs:appinfo
2107	          source="urn:ietf:params:xml:schema:geopriv:lm:lldp">
2108	      </xs:appinfo>
2109	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2110	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2111	             published RFC and remove this note.]] -->
2112	        This schema defines a set of LLDP location measurements.
2113	      </xs:documentation>
2114	    </xs:annotation>
2115	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2117	    <xs:element name="lldp" type="lldp:lldpMeasurementType"/>
2118	    <xs:complexType name="lldpMeasurementType">
2119	      <xs:complexContent>
2120	        <xs:restriction base="xs:anyType">
2121	          <xs:sequence>
2122	            <xs:element name="chassis" type="lldp:lldpDataType"/>
2123	            <xs:element name="port" type="lldp:lldpDataType"/>
2124	            <xs:any namespace="##other" processContents="lax"
2125	                    minOccurs="0" maxOccurs="unbounded"/>
2126	          </xs:sequence>
2127	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2128	        </xs:restriction>
2129	      </xs:complexContent>
2130	    </xs:complexType>

2132	    <xs:complexType name="lldpDataType">
2133	      <xs:simpleContent>
2134	        <xs:extension base="lldp:lldpOctetStringType">
2135	          <xs:attribute name="type" type="bt:byteType"
2136	                        use="required"/>
2137	        </xs:extension>
2138	      </xs:simpleContent>
2139	    </xs:complexType>

2141	    <xs:simpleType name="lldpOctetStringType">
2142	      <xs:restriction base="xs:hexBinary">
2143	        <xs:minLength value="1"/>
2144	        <xs:maxLength value="255"/>
2145	      </xs:restriction>
2146	    </xs:simpleType>

2148	  </xs:schema>

2150	                          LLDP measurement schema

2152	8.5.  DHCP Measurement Schema

2154	  <?xml version="1.0"?>
2155	  <xs:schema
2156	      xmlns:dhcp="urn:ietf:params:xml:ns:geopriv:lm:dhcp"
2157	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2158	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2159	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:dhcp"
2160	      elementFormDefault="qualified"
2161	      attributeFormDefault="unqualified">

2163	    <xs:annotation>
2164	      <xs:appinfo
2165	          source="urn:ietf:params:xml:schema:geopriv:lm:dhcp">
2166	      </xs:appinfo>
2167	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2168	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2169	             published RFC and remove this note.]] -->
2170	        This schema defines a set of DHCP location measurements.
2171	      </xs:documentation>
2172	    </xs:annotation>

2174	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2176	    <!-- DHCP Relay Agent Information Option -->
2177	    <xs:element name="dhcp-rai" type="dhcp:dhcpType"/>
2178	    <xs:complexType name="dhcpType">
2179	      <xs:complexContent>
2180	        <xs:restriction base="xs:anyType">
2181	          <xs:sequence>
2182	            <xs:element name="giaddr" type="bt:ipAddressType"/>
2183	            <xs:element name="circuit"
2184	                        type="xs:hexBinary" minOccurs="0"/>
2185	            <xs:element name="remote"
2186	                        type="dhcp:dhcpRemoteType" minOccurs="0"/>
2187	            <xs:element name="subscriber"
2188	                        type="xs:hexBinary" minOccurs="0"/>
2189	            <xs:any namespace="##other" processContents="lax"
2190	                    minOccurs="0" maxOccurs="unbounded"/>
2191	          </xs:sequence>
2192	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2193	        </xs:restriction>
2194	      </xs:complexContent>
2195	    </xs:complexType>

2197	    <xs:complexType name="dhcpRemoteType">
2198	      <xs:simpleContent>
2199	        <xs:extension base="xs:hexBinary">
2200	          <xs:attribute name="enterprise" type="xs:positiveInteger"
2201	                        use="optional"/>
2202	        </xs:extension>
2203	      </xs:simpleContent>
2204	    </xs:complexType>

2206	  </xs:schema>

2208	                          DHCP measurement schema

2210	8.6.  WiFi Measurement Schema
2211	  <?xml version="1.0"?>
2212	  <xs:schema
2213	      xmlns:wifi="urn:ietf:params:xml:ns:geopriv:lm:wifi"
2214	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2215	      xmlns:gml="http://www.opengis.net/gml"
2216	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2217	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:wifi"
2218	      elementFormDefault="qualified"
2219	      attributeFormDefault="unqualified">

2221	    <xs:annotation>
2222	      <xs:appinfo
2223	          source="urn:ietf:params:xml:schema:geopriv:lm:wifi">
2224	        802.11 location measurements
2225	      </xs:appinfo>
2226	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2227	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2228	             published RFC and remove this note.]] -->
2229	        This schema defines a basic set of 802.11 location measurements.
2230	      </xs:documentation>
2231	    </xs:annotation>

2233	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>
2234	    <xs:import namespace="http://www.opengis.net/gml"/>

2236	    <xs:element name="wifi" type="wifi:wifiNetworkType"/>

2238	    <xs:complexType name="wifiNetworkType">
2239	      <xs:complexContent>
2240	        <xs:restriction base="xs:anyType">
2241	          <xs:sequence>
2242	            <xs:element name="nicType" type="xs:token"
2243	                        minOccurs="0"/>
2244	            <xs:element name="ap" type="wifi:wifiType"
2245	                        maxOccurs="unbounded"/>
2246	          </xs:sequence>
2247	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2248	        </xs:restriction>
2249	      </xs:complexContent>
2250	    </xs:complexType>

2252	    <xs:complexType name="wifiType">
2253	      <xs:complexContent>
2254	        <xs:restriction base="xs:anyType">
2255	          <xs:sequence>
2256	            <xs:element name="bssid" type="wifi:bssidType"/>
2257	            <xs:element name="ssid" type="wifi:ssidType"
2258	                        minOccurs="0"/>

2260	            <xs:element name="channel" type="xs:nonNegativeInteger"
2261	                        minOccurs="0"/>
2262	            <xs:element name="location" minOccurs="0"
2263	                        type="xs:anyType"/>
2264	            <xs:element name="type" type="wifi:networkType"
2265	                        minOccurs="0"/>
2266	            <xs:element name="regclass" type="wifi:regclassType"
2267	                        minOccurs="0"/>
2268	            <xs:element name="antenna" type="wifi:octetType"
2269	                        minOccurs="0"/>
2270	            <xs:element name="flightTime" minOccurs="0"
2271	                        type="bt:nnDoubleWithRMSError"/>
2272	            <xs:element name="apSignal" type="wifi:signalType"
2273	                        minOccurs="0"/>
2274	            <xs:element name="deviceSignal" type="wifi:signalType"
2275	                        minOccurs="0"/>
2276	            <xs:any namespace="##other" processContents="lax"
2277	                    minOccurs="0" maxOccurs="unbounded"/>
2278	          </xs:sequence>
2279	          <xs:attribute name="serving" type="xs:boolean"
2280	                        default="false"/>
2281	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2282	        </xs:restriction>
2283	      </xs:complexContent>
2284	    </xs:complexType>

2286	    <xs:complexType name="bssidType">
2287	      <xs:simpleContent>
2288	        <xs:extension base="bt:macAddressType">
2289	          <xs:attribute name="verified" type="xs:boolean"
2290	                        default="false"/>
2291	        </xs:extension>
2292	      </xs:simpleContent>
2293	    </xs:complexType>

2295	    <!-- Note that this pattern does not prevent multibyte UTF-8
2296	         sequences that result in a SSID longer than 32 octets. -->
2297	    <xs:simpleType name="ssidType">
2298	      <xs:restriction base="xs:token">
2299	        <xs:pattern value="(\\[\da-fA-F]{2}|[^\\]){0,32}"/>
2300	      </xs:restriction>
2301	    </xs:simpleType>

2303	    <xs:simpleType name="networkType">
2304	      <xs:restriction base="xs:token">
2305	        <xs:pattern value="[a-zA-Z]+"/>
2306	      </xs:restriction>
2307	    </xs:simpleType>
2308	    <xs:complexType name="regclassType">
2309	      <xs:simpleContent>
2310	        <xs:extension base="wifi:octetType">
2311	          <xs:attribute name="country">
2312	            <xs:simpleType>
2313	              <xs:restriction base="xs:token">
2314	                <xs:pattern value="[A-Z]{2}[OIX]?"/>
2315	              </xs:restriction>
2316	            </xs:simpleType>
2317	          </xs:attribute>
2318	        </xs:extension>
2319	      </xs:simpleContent>
2320	    </xs:complexType>

2322	    <xs:simpleType name="octetType">
2323	      <xs:restriction base="xs:nonNegativeInteger">
2324	        <xs:maxInclusive value="255"/>
2325	      </xs:restriction>
2326	    </xs:simpleType>

2328	    <xs:complexType name="signalType">
2329	      <xs:complexContent>
2330	        <xs:restriction base="xs:anyType">
2331	          <xs:sequence>
2332	            <xs:element name="transmit" type="xs:double"
2333	                        minOccurs="0"/>
2334	            <xs:element name="gain" type="xs:double" minOccurs="0"/>
2335	            <xs:element name="rcpi" type="wifi:rssiType"
2336	                        minOccurs="0"/>
2337	            <xs:element name="rsni" type="bt:doubleWithRMSError"
2338	                        minOccurs="0"/>
2339	            <xs:any namespace="##other" processContents="lax"
2340	                    minOccurs="0" maxOccurs="unbounded"/>
2341	          </xs:sequence>
2342	        </xs:restriction>
2343	      </xs:complexContent>
2344	    </xs:complexType>

2346	    <xs:complexType name="rssiType">
2347	      <xs:simpleContent>
2348	        <xs:extension base="bt:doubleWithRMSError">
2349	          <xs:attribute name="dBm" type="xs:boolean" default="true"/>
2350	        </xs:extension>
2351	      </xs:simpleContent>
2352	    </xs:complexType>

2354	    <!-- Measurement Request elements -->
2355	    <xs:element name="type" type="wifi:networkType"/>
2356	    <xs:element name="parameter" type="wifi:parameterType"/>

2358	    <xs:complexType name="parameterType">
2359	      <xs:simpleContent>
2360	        <xs:extension base="xs:QName">
2361	          <xs:attribute name="context" use="optional">
2362	            <xs:simpleType>
2363	              <xs:restriction base="xs:token">
2364	                <xs:enumeration value="ap"/>
2365	                <xs:enumeration value="device"/>
2366	              </xs:restriction>
2367	            </xs:simpleType>
2368	          </xs:attribute>
2369	        </xs:extension>
2370	      </xs:simpleContent>
2371	    </xs:complexType>

2373	  </xs:schema>

2375	                          WiFi measurement schema

2377	8.7.  Cellular Measurement Schema

2379	   <?xml version="1.0"?>
2380	   <xs:schema
2381	       xmlns:cell="urn:ietf:params:xml:ns:geopriv:lm:cell"
2382	       xmlns:xs="http://www.w3.org/2001/XMLSchema"
2383	       targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:cell"
2384	       elementFormDefault="qualified"
2385	       attributeFormDefault="unqualified">

2387	     <xs:annotation>
2388	       <xs:appinfo
2389	           source="urn:ietf:params:xml:schema:geopriv:lm:cell">
2390	       </xs:appinfo>
2391	       <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2392	         <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2393	              published RFC and remove this note.]] -->
2394	         This schema defines a set of cellular location measurements.
2395	       </xs:documentation>
2396	     </xs:annotation>

2398	     <xs:element name="cellular" type="cell:cellularType"/>

2400	     <xs:complexType name="cellularType">
2401	       <xs:complexContent>
2402	         <xs:restriction base="xs:anyType">
2403	           <xs:sequence>
2404	             <xs:choice>
2405	               <xs:element name="servingCell" type="cell:cellType"/>
2406	               <xs:element name="observedCell" type="cell:cellType"/>
2407	             </xs:choice>
2408	             <xs:element name="observedCell" type="cell:cellType"
2409	                         minOccurs="0" maxOccurs="unbounded"/>
2410	           </xs:sequence>
2411	           <xs:anyAttribute namespace="##any" processContents="lax"/>
2412	         </xs:restriction>
2413	       </xs:complexContent>
2414	     </xs:complexType>

2416	     <xs:complexType name="cellType">
2417	       <xs:complexContent>
2418	         <xs:restriction base="xs:anyType">
2419	           <xs:choice>
2420	             <xs:sequence>
2421	               <xs:element name="mcc" type="cell:mccType"/>
2422	               <xs:element name="mnc" type="cell:mncType"/>
2423	               <xs:choice>
2424	                 <xs:sequence>
2425	                   <xs:choice>
2426	                     <xs:element name="rnc" type="cell:cellIdType"/>
2427	                     <xs:element name="lac" type="cell:cellIdType"/>
2428	                   </xs:choice>
2429	                   <xs:element name="cid" type="cell:cellIdType"/>
2430	                 </xs:sequence>
2431	                 <xs:element name="eucid" type="cell:cellIdType"/>
2432	               </xs:choice>
2433	               <xs:any namespace="##other" processContents="lax"
2434	                       minOccurs="0" maxOccurs="unbounded"/>
2435	             </xs:sequence>
2436	             <xs:sequence>
2437	               <xs:element name="sid" type="cell:cellIdType"/>
2438	               <xs:element name="nid" type="cell:cellIdType"/>
2439	               <xs:element name="baseid" type="cell:cellIdType"/>
2440	               <xs:any namespace="##other" processContents="lax"
2441	                       minOccurs="0" maxOccurs="unbounded"/>
2442	             </xs:sequence>
2443	             <xs:any namespace="##other" processContents="lax"
2444	                     minOccurs="0" maxOccurs="unbounded"/>
2445	           </xs:choice>
2446	         </xs:restriction>
2447	       </xs:complexContent>
2448	     </xs:complexType>

2450	     <xs:simpleType name="mccType">
2451	       <xs:restriction base="xs:token">
2452	         <xs:pattern value="[0-9]{3}"/>
2453	       </xs:restriction>
2454	     </xs:simpleType>

2456	     <xs:simpleType name="mncType">
2457	       <xs:restriction base="xs:token">
2458	         <xs:pattern value="[0-9]{2,3}"/>
2459	       </xs:restriction>
2460	     </xs:simpleType>

2462	     <xs:simpleType name="cellIdType">
2463	       <xs:restriction base="xs:nonNegativeInteger">
2464	         <xs:maxInclusive value="268435456"/> <!-- 2^28 (eucid) -->
2465	       </xs:restriction>
2466	     </xs:simpleType>

2468	     <!-- Measurement Request elements -->

2470	     <xs:element name="type" type="cell:typeType"/>
2471	     <xs:simpleType name="typeType">
2472	       <xs:restriction base="xs:token">
2473	         <xs:enumeration value="gsm"/>
2474	         <xs:enumeration value="umts"/>
2475	         <xs:enumeration value="lte"/>
2476	         <xs:enumeration value="cdma"/>
2477	       </xs:restriction>
2478	     </xs:simpleType>

2480	     <xs:element name="network" type="cell:networkType"/>
2481	     <xs:complexType name="networkType">
2482	       <xs:complexContent>
2483	         <xs:restriction base="xs:anyType">
2484	           <xs:choice>
2485	             <xs:sequence>
2486	               <xs:element name="mcc" type="cell:mccType"/>
2487	               <xs:element name="mnc" type="cell:mncType"/>
2488	             </xs:sequence>
2489	             <xs:element name="nid" type="cell:cellIdType"/>
2490	           </xs:choice>
2491	         </xs:restriction>
2492	       </xs:complexContent>
2493	     </xs:complexType>

2495	   </xs:schema>

2497	                        Cellular measurement schema

2499	8.8.  GNSS Measurement Schema
2500	  <?xml version="1.0"?>
2501	  <xs:schema
2502	      xmlns:gnss="urn:ietf:params:xml:ns:geopriv:lm:gnss"
2503	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2504	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2505	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:gnss"
2506	      elementFormDefault="qualified"
2507	      attributeFormDefault="unqualified">

2509	    <xs:annotation>
2510	      <xs:appinfo
2511	          source="urn:ietf:params:xml:schema:geopriv:lm:gnss">
2512	      </xs:appinfo>
2513	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2514	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2515	             published RFC and remove this note.]] -->
2516	        This schema defines a set of GNSS location measurements
2517	      </xs:documentation>
2518	    </xs:annotation>

2520	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2522	    <!-- GNSS -->
2523	    <xs:element name="gnss" type="gnss:gnssMeasurementType">
2524	      <xs:unique name="gnssSatellite">
2525	        <xs:selector xpath="sat"/>
2526	        <xs:field xpath="@num"/>
2527	      </xs:unique>
2528	    </xs:element>

2530	    <xs:complexType name="gnssMeasurementType">
2531	      <xs:complexContent>
2532	        <xs:restriction base="xs:anyType">
2533	          <xs:sequence>
2534	            <xs:element name="gnssTime" type="bt:nnDoubleWithRMSError"
2535	                        minOccurs="0"/>
2536	            <xs:element name="sat" type="gnss:gnssSatelliteType"
2537	                        minOccurs="1" maxOccurs="64"/>
2538	            <xs:any namespace="##other" processContents="lax"
2539	                    minOccurs="0" maxOccurs="unbounded"/>
2540	          </xs:sequence>
2541	          <xs:attribute name="system" type="xs:token" use="required"/>
2542	          <xs:attribute name="signal" type="xs:token"/>
2543	          <xs:anyAttribute namespace="##any" processContents="lax"/>
2544	        </xs:restriction>
2545	      </xs:complexContent>
2546	    </xs:complexType>
2547	    <xs:complexType name="gnssSatelliteType">
2548	      <xs:complexContent>
2549	        <xs:restriction base="xs:anyType">
2550	          <xs:sequence>
2551	            <xs:element name="doppler" type="bt:doubleWithRMSError"/>
2552	            <xs:element name="codephase"
2553	                        type="bt:nnDoubleWithRMSError"/>
2554	            <xs:element name="cn0" type="bt:nonNegativeDouble"/>
2555	            <xs:element name="mp" type="bt:positiveDouble"
2556	                        minOccurs="0"/>
2557	            <xs:element name="cq" type="gnss:codePhaseQualityType"
2558	                        minOccurs="0"/>
2559	            <xs:element name="adr" type="xs:double" minOccurs="0"/>
2560	          </xs:sequence>
2561	          <xs:attribute name="num" type="xs:positiveInteger"
2562	                        use="required"/>
2563	        </xs:restriction>
2564	      </xs:complexContent>
2565	    </xs:complexType>

2567	    <xs:complexType name="codePhaseQualityType">
2568	      <xs:complexContent>
2569	        <xs:restriction base="xs:anyType">
2570	          <xs:attribute name="continuous" type="xs:boolean"
2571	                        default="true"/>
2572	          <xs:attribute name="direct" use="required">
2573	            <xs:simpleType>
2574	              <xs:restriction base="xs:token">
2575	                <xs:enumeration value="direct"/>
2576	                <xs:enumeration value="inverted"/>
2577	              </xs:restriction>
2578	            </xs:simpleType>
2579	          </xs:attribute>
2580	        </xs:restriction>
2581	      </xs:complexContent>
2582	    </xs:complexType>
2583	  </xs:schema>

2585	                          GNSS measurement Schema

2587	8.9.  DSL Measurement Schema

2589	  <?xml version="1.0"?>
2590	  <xs:schema
2591	      xmlns:dsl="urn:ietf:params:xml:ns:geopriv:lm:dsl"
2592	      xmlns:bt="urn:ietf:params:xml:ns:geopriv:lm:basetypes"
2593	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
2594	      targetNamespace="urn:ietf:params:xml:ns:geopriv:lm:dsl"
2595	      elementFormDefault="qualified"
2596	      attributeFormDefault="unqualified">

2598	    <xs:annotation>
2599	      <xs:appinfo
2600	          source="urn:ietf:params:xml:schema:geopriv:lm:dsl">
2601	        DSL measurement definitions
2602	      </xs:appinfo>
2603	      <xs:documentation source="http://www.ietf.org/rfc/rfcXXXX.txt">
2604	        <!-- [[NOTE TO RFC-EDITOR: Please replace above URL with URL of
2605	             published RFC and remove this note.]] -->
2606	        This schema defines a basic set of DSL location measurements.
2607	      </xs:documentation>
2608	    </xs:annotation>

2610	    <xs:import namespace="urn:ietf:params:xml:ns:geopriv:lm:basetypes"/>

2612	    <xs:element name="dsl" type="dsl:dslVlanType"/>
2613	    <xs:complexType name="dslVlanType">
2614	      <xs:complexContent>
2615	        <xs:restriction base="xs:anyType">
2616	          <xs:choice>
2617	            <xs:element name="l2tp">
2618	              <xs:complexType>
2619	                <xs:complexContent>
2620	                  <xs:restriction base="xs:anyType">
2621	                    <xs:sequence>
2622	                      <xs:element name="src" type="bt:ipAddressType"/>
2623	                      <xs:element name="dest" type="bt:ipAddressType"/>
2624	                      <xs:element name="session"
2625	                                  type="xs:nonNegativeInteger"/>
2626	                    </xs:sequence>
2627	                  </xs:restriction>
2628	                </xs:complexContent>
2629	              </xs:complexType>
2630	            </xs:element>
2631	            <xs:sequence>
2632	              <xs:element name="an" type="xs:token"/>
2633	              <xs:group ref="dsl:dslSlotPort"/>
2634	            </xs:sequence>
2635	            <xs:sequence>
2636	              <xs:element name="stag" type="dsl:vlanIDType"/>
2637	              <xs:choice>
2638	                <xs:sequence>
2639	                  <xs:element name="ctag" type="dsl:vlanIDType"/>
2640	                  <xs:group ref="dsl:dslSlotPort" minOccurs="0"/>
2641	                </xs:sequence>
2642	                <xs:group ref="dsl:dslSlotPort"/>

2644	              </xs:choice>
2645	            </xs:sequence>
2646	            <xs:sequence>
2647	              <xs:element name="vpi" type="bt:byteType"/>
2648	              <xs:element name="vci" type="bt:twoByteType"/>
2649	            </xs:sequence>
2650	            <xs:any namespace="##other" processContents="lax"
2651	                    minOccurs="0" maxOccurs="unbounded"/>
2652	          </xs:choice>
2653	          <xs:anyAttribute namespace="##other" processContents="lax"/>
2654	        </xs:restriction>
2655	      </xs:complexContent>
2656	    </xs:complexType>
2657	    <xs:simpleType name="vlanIDType">
2658	      <xs:restriction base="xs:nonNegativeInteger">
2659	        <xs:maxInclusive value="4095"/>
2660	      </xs:restriction>
2661	    </xs:simpleType>
2662	    <xs:group name="dslSlotPort">
2663	      <xs:sequence>
2664	        <xs:element name="slot" type="xs:token"/>
2665	        <xs:element name="port" type="xs:token"/>
2666	      </xs:sequence>
2667	    </xs:group>

2669	  </xs:schema>

2671	                          DSL measurement schema

2673	9.  IANA Considerations

2675	   This section creates a registry for GNSS types (Section 5.5) and
2676	   registers the namespaces and schema defined in Section 8.

2678	9.1.  IANA Registry for GNSS Types

2680	   This document establishes a new IANA registry for Global Navigation
2681	   Satellite System (GNSS) types.  The registry includes tokens for the
2682	   GNSS type and for each of the signals within that type.  Referring to
2683	   [RFC5226], this registry operates under "Specification Required"
2684	   rules.  The IESG will appoint an Expert Reviewer who will advise IANA
2685	   promptly on each request for a new or updated GNSS type.

2687	   Each entry in the registry requires the following information:

2689	   GNSS name:  the name and a brief description of the GNSS

2691	   Brief description:  the name and a brief description of the GNSS

2693	   GNSS token:  a token that can be used to identify the GNSS

2695	   Signals:  a set of tokens that represent each of the signals that the
2696	      system provides

2698	   Documentation reference:  a reference to one or more stable, public
2699	      specifications that outline usage of the GNSS, including (but not
2700	      limited to) signal specifications and time systems

2702	   The registry initially includes two registrations:

2704	   GNSS name:  Global Positioning System (GPS)

2706	   Brief description:  a system of satellites that use spread-spectrum
2707	      transmission, operated by the US military for commercial and
2708	      military applications

2710	   GNSS token:  gps

2712	   Signals:  L1, L2, L1C, L2C, L5

2714	   Documentation reference:  Navstar GPS Space Segment/Navigation User
2715	      Interface [GPS.ICD]

2717	   GNSS name:  Galileo

2719	   Brief description:  a system of satellites that operate in the same
2720	      spectrum as GPS, operated by the European Union for commercial
2721	      applications

2723	   GNSS Token:  galileo

2725	   Signals:  L1, E5A, E5B, E5A+B, E6

2727	   Documentation Reference:  Galileo Open Service Signal In Space
2728	      Interface Control Document (SIS ICD) [Galileo.ICD]

2730	9.2.  URN Sub-Namespace Registration for
2731	      urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc

2733	   This section registers a new XML namespace,
2734	   "urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc", as per the guidelines
2735	   in [RFC3688].

2737	      URI: urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc

2739	      Registrant Contact: IETF, GEOPRIV working group,
2740	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2742	      XML:

2744	         BEGIN
2745	           <?xml version="1.0"?>
2746	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2747	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2748	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2749	             <head>
2750	               <title>Measurement Source for PIDF-LO</title>
2751	             </head>
2752	             <body>
2753	               <h1>Namespace for Location Measurement Source</h1>
2754	               <h2>urn:ietf:params:xml:ns:pidf:geopriv10:lmsrc</h2>
2755	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2756	       with the RFC number for this specification.]]
2757	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2758	             </body>
2759	           </html>
2760	         END

2762	9.3.  URN Sub-Namespace Registration for
2763	      urn:ietf:params:xml:ns:geopriv:lm

2765	   This section registers a new XML namespace,
2766	   "urn:ietf:params:xml:ns:geopriv:lm", as per the guidelines in
2767	   [RFC3688].

2769	      URI: urn:ietf:params:xml:ns:geopriv:lm

2771	      Registrant Contact: IETF, GEOPRIV working group,
2772	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2774	      XML:

2776	         BEGIN
2777	           <?xml version="1.0"?>
2778	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2779	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2780	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2781	             <head>
2782	               <title>Measurement Container</title>
2783	             </head>
2784	             <body>
2785	               <h1>Namespace for Location Measurement Container</h1>
2786	               <h2>urn:ietf:params:xml:ns:geopriv:lm</h2>
2787	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2788	       with the RFC number for this specification.]]
2789	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2790	             </body>
2791	           </html>
2792	         END

2794	9.4.  URN Sub-Namespace Registration for
2795	      urn:ietf:params:xml:ns:geopriv:lm:basetypes

2797	   This section registers a new XML namespace,
2798	   "urn:ietf:params:xml:ns:geopriv:lm:basetypes", as per the guidelines
2799	   in [RFC3688].

2801	      URI: urn:ietf:params:xml:ns:geopriv:lm:basetypes

2803	      Registrant Contact: IETF, GEOPRIV working group,
2804	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2806	      XML:

2808	         BEGIN
2809	           <?xml version="1.0"?>
2810	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2811	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2812	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2813	             <head>
2814	               <title>Base Device Types</title>
2815	             </head>
2816	             <body>
2817	               <h1>Namespace for Base Types</h1>
2818	               <h2>urn:ietf:params:xml:ns:geopriv:lm:basetypes</h2>
2819	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2820	       with the RFC number for this specification.]]
2821	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2822	             </body>
2823	           </html>

2825	         END

2827	9.5.  URN Sub-Namespace Registration for
2828	      urn:ietf:params:xml:ns:geopriv:lm:lldp

2830	   This section registers a new XML namespace,
2831	   "urn:ietf:params:xml:ns:geopriv:lm:lldp", as per the guidelines in
2832	   [RFC3688].

2834	      URI: urn:ietf:params:xml:ns:geopriv:lm:lldp

2836	      Registrant Contact: IETF, GEOPRIV working group,
2837	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2839	      XML:

2841	         BEGIN
2842	           <?xml version="1.0"?>
2843	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2844	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2845	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2846	             <head>
2847	               <title>LLDP Measurement Set</title>
2848	             </head>
2849	             <body>
2850	               <h1>Namespace for LLDP Measurement Set</h1>
2851	               <h2>urn:ietf:params:xml:ns:geopriv:lm:lldp</h2>
2852	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2853	       with the RFC number for this specification.]]
2854	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2855	             </body>
2856	           </html>
2857	         END

2859	9.6.  URN Sub-Namespace Registration for
2860	      urn:ietf:params:xml:ns:geopriv:lm:dhcp

2862	   This section registers a new XML namespace,
2863	   "urn:ietf:params:xml:ns:geopriv:lm:dhcp", as per the guidelines in
2864	   [RFC3688].

2866	      URI: urn:ietf:params:xml:ns:geopriv:lm:dhcp

2868	      Registrant Contact: IETF, GEOPRIV working group,
2869	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2871	      XML:

2873	         BEGIN
2874	           <?xml version="1.0"?>
2875	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2876	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2877	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2878	             <head>
2879	               <title>DHCP Measurement Set</title>
2880	             </head>
2881	             <body>
2882	               <h1>Namespace for DHCP Measurement Set</h1>
2883	               <h2>urn:ietf:params:xml:ns:geopriv:lm:dhcp</h2>
2884	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2885	       with the RFC number for this specification.]]
2886	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2887	             </body>
2888	           </html>
2889	         END

2891	9.7.  URN Sub-Namespace Registration for
2892	      urn:ietf:params:xml:ns:geopriv:lm:wifi

2894	   This section registers a new XML namespace,
2895	   "urn:ietf:params:xml:ns:geopriv:lm:wifi", as per the guidelines in
2896	   [RFC3688].

2898	      URI: urn:ietf:params:xml:ns:geopriv:lm:wifi

2900	      Registrant Contact: IETF, GEOPRIV working group,
2901	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2903	      XML:

2905	         BEGIN
2906	           <?xml version="1.0"?>
2907	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2908	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2909	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2910	             <head>
2911	               <title>WiFi Measurement Set</title>
2912	             </head>
2913	             <body>
2914	               <h1>Namespace for WiFi Measurement Set</h1>
2915	               <h2>urn:ietf:params:xml:ns:geopriv:lm:wifi</h2>
2916	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2917	       with the RFC number for this specification.]]
2918	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2919	             </body>
2920	           </html>

2922	         END

2924	9.8.  URN Sub-Namespace Registration for
2925	      urn:ietf:params:xml:ns:geopriv:lm:cell

2927	   This section registers a new XML namespace,
2928	   "urn:ietf:params:xml:ns:geopriv:lm:cell", as per the guidelines in
2929	   [RFC3688].

2931	      URI: urn:ietf:params:xml:ns:geopriv:lm:cell

2933	      Registrant Contact: IETF, GEOPRIV working group,
2934	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2936	      XML:

2938	         BEGIN
2939	           <?xml version="1.0"?>
2940	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2941	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2942	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2943	             <head>
2944	               <title>Cellular Measurement Set</title>
2945	             </head>
2946	             <body>
2947	               <h1>Namespace for Cellular Measurement Set</h1>
2948	               <h2>urn:ietf:params:xml:ns:geopriv:lm:cell</h2>
2949	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2950	       with the RFC number for this specification.]]
2951	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2952	             </body>
2953	           </html>
2954	         END

2956	9.9.  URN Sub-Namespace Registration for
2957	      urn:ietf:params:xml:ns:geopriv:lm:gnss

2959	   This section registers a new XML namespace,
2960	   "urn:ietf:params:xml:ns:geopriv:lm:gnss", as per the guidelines in
2961	   [RFC3688].

2963	      URI: urn:ietf:params:xml:ns:geopriv:lm:gnss

2965	      Registrant Contact: IETF, GEOPRIV working group,
2966	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

2968	      XML:

2970	         BEGIN
2971	           <?xml version="1.0"?>
2972	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2973	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2974	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
2975	             <head>
2976	               <title>GNSS Measurement Set</title>
2977	             </head>
2978	             <body>
2979	               <h1>Namespace for GNSS Measurement Set</h1>
2980	               <h2>urn:ietf:params:xml:ns:geopriv:lm:gnss</h2>
2981	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
2982	       with the RFC number for this specification.]]
2983	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
2984	             </body>
2985	           </html>
2986	         END

2988	9.10.  URN Sub-Namespace Registration for
2989	       urn:ietf:params:xml:ns:geopriv:lm:dsl

2991	   This section registers a new XML namespace,
2992	   "urn:ietf:params:xml:ns:geopriv:lm:dsl", as per the guidelines in
2993	   [RFC3688].

2995	      URI: urn:ietf:params:xml:ns:geopriv:lm:dsl

2997	      Registrant Contact: IETF, GEOPRIV working group,
2998	      (geopriv@ietf.org), Martin Thomson (martin.thomson@commscope.com).

3000	      XML:

3002	         BEGIN
3003	           <?xml version="1.0"?>
3004	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
3005	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3006	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
3007	             <head>
3008	               <title>DSL Measurement Set</title>
3009	             </head>
3010	             <body>
3011	               <h1>Namespace for DSL Measurement Set</h1>
3012	               <h2>urn:ietf:params:xml:ns:geopriv:lm:dsl</h2>
3013	   [[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX
3014	       with the RFC number for this specification.]]
3015	               <p>See <a href="[[RFC URL]]">RFCXXXX</a>.</p>
3016	             </body>
3017	           </html>

3019	         END

3021	9.11.  XML Schema Registration for Measurement Source Schema

3023	   This section registers an XML schema as per the guidelines in
3024	   [RFC3688].

3026	   URI:  urn:ietf:params:xml:schema:pidf:geopriv10:lmsrc

3028	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3029	      Martin Thomson (martin.thomson@commscope.com).

3031	   Schema:  The XML for this schema can be found in Section 8.2 of this
3032	      document.

3034	9.12.  XML Schema Registration for Measurement Container Schema

3036	   This section registers an XML schema as per the guidelines in
3037	   [RFC3688].

3039	   URI:  urn:ietf:params:xml:schema:lm

3041	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3042	      Martin Thomson (martin.thomson@commscope.com).

3044	   Schema:  The XML for this schema can be found in Section 8.1 of this
3045	      document.

3047	9.13.  XML Schema Registration for Base Types Schema

3049	   This section registers an XML schema as per the guidelines in
3050	   [RFC3688].

3052	   URI:  urn:ietf:params:xml:schema:lm:basetypes

3054	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3055	      Martin Thomson (martin.thomson@commscope.com).

3057	   Schema:  The XML for this schema can be found in Section 8.3 of this
3058	      document.

3060	9.14.  XML Schema Registration for LLDP Schema

3062	   This section registers an XML schema as per the guidelines in
3063	   [RFC3688].

3065	   URI:  urn:ietf:params:xml:schema:lm:lldp

3067	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3068	      Martin Thomson (martin.thomson@commscope.com).

3070	   Schema:  The XML for this schema can be found in Section 8.4 of this
3071	      document.

3073	9.15.  XML Schema Registration for DHCP Schema

3075	   This section registers an XML schema as per the guidelines in
3076	   [RFC3688].

3078	   URI:  urn:ietf:params:xml:schema:lm:dhcp

3080	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3081	      Martin Thomson (martin.thomson@commscope.com).

3083	   Schema:  The XML for this schema can be found in Section 8.5 of this
3084	      document.

3086	9.16.  XML Schema Registration for WiFi Schema

3088	   This section registers an XML schema as per the guidelines in
3089	   [RFC3688].

3091	   URI:  urn:ietf:params:xml:schema:lm:wifi

3093	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3094	      Martin Thomson (martin.thomson@commscope.com).

3096	   Schema:  The XML for this schema can be found in Section 8.6 of this
3097	      document.

3099	9.17.  XML Schema Registration for Cellular Schema

3101	   This section registers an XML schema as per the guidelines in
3102	   [RFC3688].

3104	   URI:  urn:ietf:params:xml:schema:lm:cellular

3106	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3107	      Martin Thomson (martin.thomson@commscope.com).

3109	   Schema:  The XML for this schema can be found in Section 8.7 of this
3110	      document.

3112	9.18.  XML Schema Registration for GNSS Schema

3114	   This section registers an XML schema as per the guidelines in
3115	   [RFC3688].

3117	   URI:  urn:ietf:params:xml:schema:lm:gnss

3119	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3120	      Martin Thomson (martin.thomson@commscope.com).

3122	   Schema:  The XML for this schema can be found in Section 8.8 of this
3123	      document.

3125	9.19.  XML Schema Registration for DSL Schema

3127	   This section registers an XML schema as per the guidelines in
3128	   [RFC3688].

3130	   URI:  urn:ietf:params:xml:schema:lm:dsl

3132	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
3133	      Martin Thomson (martin.thomson@commscope.com).

3135	   Schema:  The XML for this schema can be found in Section 8.9 of this
3136	      document.

3138	10.  Acknowledgements

3140	   Thanks go to Simon Cox for his comments relating to terminology that
3141	   have helped ensure that this document is aligns with ongoing work in
3142	   the Open Geospatial Consortium (OGC).  Thanks to Neil Harper for his
3143	   review and comments on the GNSS sections of this document.  Thanks to
3144	   Noor-E-Gagan Singh, Gabor Bajko, Russell Priebe, and Khalid Al-Mufti
3145	   for their significant input to and suggestions for improving the
3146	   802.11 measurements.  Thanks to Cullen Jennings for feedback and
3147	   suggestions.  Bernard Aboba provided review and feedback on a range
3148	   of measurement data definitions.  Mary Barnes and Geoff Thompson
3149	   provided a review and corrections.  David Waitzman and John Bressler
3150	   both noted shortcomings with 802.11 measurements.  Keith Drage,
3151	   Darren Pawson provided expert LTE knowledge.

3153	11.  References
3154	11.1.  Normative References

3156	   [DSL.TR025]
3157	              Wang, R., "Core Network Architecture Recommendations for
3158	              Access to Legacy Data Networks over ADSL", September 1999.

3160	   [DSL.TR101]
3161	              Cohen, A. and E. Shrum, "Migration to Ethernet-Based DSL
3162	              Aggregation", April 2006.

3164	   [GPS.ICD]  "Navstar GPS Space Segment/Navigation User Interface",
3165	              ICD GPS-200, Apr 2000.

3167	   [Galileo.ICD]
3168	              GJU, "Galileo Open Service Signal In Space Interface
3169	              Control Document (SIS ICD)", May 2006.

3171	   [RFC0020]  Cerf, V., "ASCII format for network interchange", RFC 20,
3172	              October 1969.

3174	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
3175	              Requirement Levels", BCP 14, RFC 2119, March 1997.

3177	   [RFC3629]  Yergeau, F., "UTF-8, a transformation format of ISO
3178	              10646", STD 63, RFC 3629, November 2003.

3180	   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
3181	              Resource Identifier (URI): Generic Syntax", STD 66,
3182	              RFC 3986, January 2005.

3184	   [RFC4119]  Peterson, J., "A Presence-based GEOPRIV Location Object
3185	              Format", RFC 4119, December 2005.

3187	   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
3188	              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
3189	              May 2008.

3191	   [RFC5491]  Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV
3192	              Presence Information Data Format Location Object (PIDF-LO)
3193	              Usage Clarification, Considerations, and Recommendations",
3194	              RFC 5491, March 2009.

3196	   [RFC5985]  Barnes, M., "HTTP-Enabled Location Delivery (HELD)",
3197	              RFC 5985, September 2010.

3199	   [TIA-2000.5]
3200	              TIA/EIA, "Upper Layer (Layer 3) Signaling Standard for
3201	              cdma2000(R) Spread Spectrum Systems",  TIA-2000.5-D,
3202	              March 2004.

3204	   [TS.3GPP.23.003]
3205	              3GPP, "Numbering, addressing and identification", 3GPP
3206	              TS 23.003 9.4.0, September 2010.

3208	11.2.  Informative References

3210	   [ANSI-TIA-1057]
3211	              ANSI/TIA, "Link Layer Discovery Protocol for Media
3212	              Endpoint Devices", TIA 1057, April 2006.

3214	   [GPS.SPOOF]
3215	              Scott, L., "Anti-Spoofing and Authenticated Signal
3216	              Architectures for Civil Navigation Signals", ION-
3217	              GNSS Portland, Oregon, 2003.

3219	   [HARPER]   Harper, N., Dawson, M., and D. Evans, "Server-side
3220	              spoofing and detection for Assisted-GPS", Proceedings of
3221	              International Global Navigation Satellite Systems Society
3222	              (IGNSS) Symposium 2009 16, December 2009,
3223	              <http://ignss.org/files/Paper16.pdf>.

3225	   [I-D.ietf-geopriv-held-identity-extensions]
3226	              Winterbottom, J., Thomson, M., Tschofenig, H., and R.
3227	              Barnes, "Use of Device Identity in HTTP-Enabled Location
3228	              Delivery (HELD)",
3229	              draft-ietf-geopriv-held-identity-extensions-06 (work in
3230	              progress), November 2010.

3232	   [I-D.thomson-geopriv-uncertainty]
3233	              Thomson, M. and J. Winterbottom, "Representation of
3234	              Uncertainty and Confidence in PIDF-LO",
3235	              draft-thomson-geopriv-uncertainty-07 (work in progress),
3236	              March 2012.

3238	   [IANA.enterprise]
3239	              IANA, "Private Enterprise Numbers", 2011,
3240	              <http://www.iana.org/assignments/enterprise-numbers>.

3242	   [IEEE.80211]
3243	              IEEE, "Wireless LAN Medium Access Control (MAC) and
3244	              Physical Layer (PHY) specifications - IEEE 802.11 Wireless
3245	              Network Management", IEEE Std 802.11-2007, June 2007.

3247	   [IEEE.80211V]
3248	              IEEE, "Wireless LAN Medium Access Control (MAC) and
3249	              Physical Layer (PHY) specifications - IEEE 802.11 Wireless
3250	              Network Management (Draft)", P802.11v D12.0, June 2010.

3252	   [IEEE.8021AB]
3253	              IEEE, "IEEE Standard for Local and Metropolitan area
3254	              networks, Station and Media Access Control Connectivity
3255	              Discovery", IEEE Std 802.1AB-2009, September 2009.

3257	   [RFC2865]  Rigney, C., Willens, S., Rubens, A., and W. Simpson,
3258	              "Remote Authentication Dial In User Service (RADIUS)",
3259	              RFC 2865, June 2000.

3261	   [RFC3046]  Patrick, M., "DHCP Relay Agent Information Option",
3262	              RFC 3046, January 2001.

3264	   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
3265	              January 2004.

3267	   [RFC3693]  Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and
3268	              J. Polk, "Geopriv Requirements", RFC 3693, February 2004.

3270	   [RFC3993]  Johnson, R., Palaniappan, T., and M. Stapp, "Subscriber-ID
3271	              Suboption for the Dynamic Host Configuration Protocol
3272	              (DHCP) Relay Agent Option", RFC 3993, March 2005.

3274	   [RFC4291]  Hinden, R. and S. Deering, "IP Version 6 Addressing
3275	              Architecture", RFC 4291, February 2006.

3277	   [RFC4580]  Volz, B., "Dynamic Host Configuration Protocol for IPv6
3278	              (DHCPv6) Relay Agent Subscriber-ID Option", RFC 4580,
3279	              June 2006.

3281	   [RFC4649]  Volz, B., "Dynamic Host Configuration Protocol for IPv6
3282	              (DHCPv6) Relay Agent Remote-ID Option", RFC 4649,
3283	              August 2006.

3285	   [RFC5808]  Marshall, R., "Requirements for a Location-by-Reference
3286	              Mechanism", RFC 5808, May 2010.

3288	Authors' Addresses

3290	   Martin Thomson
3291	   Microsoft
3292	   3210 Porter Drive
3293	   Palo Alto, CA  94304
3294	   US

3296	   Phone: +1 650-353-1925
3297	   Email: martin.thomson@gmail.com

3299	   James Winterbottom
3300	   Commscope
3301	   Andrew Building (39)
3302	   University of Wollongong
3303	   Northfields Avenue
3304	   NSW  2522
3305	   AU

3307	   Phone: +61 2 4221 2938
3308	   Email: james.winterbottom@commscope.com