idnits 2.17.1 

draft-ietf-geopriv-http-location-delivery-11.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3978, Section 5.1 on line 17.

  -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
     line 1953.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1964.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1971.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1977.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust Copyright Line does not match the
     current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (December 16, 2008) is 5610 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Unused Reference: 'RFC4395' is defined on line 1702, but no explicit
     reference was found in the text

  ** Obsolete normative reference: RFC 4346 (Obsoleted by RFC 5246)

  ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231,
     RFC 7232, RFC 7233, RFC 7234, RFC 7235)

  ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110)

  == Outdated reference: A later version (-15) exists of
     draft-ietf-geopriv-lis-discovery-04

  -- Obsolete informational reference (is this intentional?): RFC  793
     (Obsoleted by RFC 9293)

  -- Obsolete informational reference (is this intentional?): RFC 3023
     (Obsoleted by RFC 7303)

  -- Obsolete informational reference (is this intentional?): RFC 3825
     (Obsoleted by RFC 6225)

  -- Obsolete informational reference (is this intentional?): RFC 4395
     (Obsoleted by RFC 7595)

  -- Obsolete informational reference (is this intentional?): RFC 5226
     (Obsoleted by RFC 8126)

  == Outdated reference: A later version (-10) exists of
     draft-ietf-geopriv-l7-lcp-ps-08

  == Outdated reference: A later version (-09) exists of
     draft-ietf-geopriv-lbyr-requirements-05

  == Outdated reference: A later version (-13) exists of
     draft-ietf-sip-location-conveyance-12

  == Outdated reference: A later version (-05) exists of
     draft-winterbottom-geopriv-deref-protocol-02


     Summary: 4 errors (**), 0 flaws (~~), 7 warnings (==), 12 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	GEOPRIV WG                                                M. Barnes, Ed.
3	Internet-Draft                                                    Nortel
4	Intended status: Standards Track
5	Expires: June 19, 2009

7	                                                       December 16, 2008

9	                 HTTP Enabled Location Delivery (HELD)
10	            draft-ietf-geopriv-http-location-delivery-11.txt

12	Status of this Memo

14	   By submitting this Internet-Draft, each author represents that any
15	   applicable patent or other IPR claims of which he or she is aware
16	   have been or will be disclosed, and any of which he or she becomes
17	   aware will be disclosed, in accordance with Section 6 of BCP 79.

19	   Internet-Drafts are working documents of the Internet Engineering
20	   Task Force (IETF), its areas, and its working groups.  Note that
21	   other groups may also distribute working documents as Internet-
22	   Drafts.

24	   Internet-Drafts are draft documents valid for a maximum of six months
25	   and may be updated, replaced, or obsoleted by other documents at any
26	   time.  It is inappropriate to use Internet-Drafts as reference
27	   material or to cite them other than as "work in progress."

29	   The list of current Internet-Drafts can be accessed at
30	   http://www.ietf.org/ietf/1id-abstracts.txt.

32	   The list of Internet-Draft Shadow Directories can be accessed at
33	   http://www.ietf.org/shadow.html.

35	   This Internet-Draft will expire on June 19, 2009.

37	Abstract

39	   A Layer 7 Location Configuration Protocol (L7 LCP) is described that
40	   is used for retrieving location information from a server within an
41	   access network.  The protocol includes options for retrieving
42	   location information in two forms: by value and by reference.  The
43	   protocol is an extensible application-layer protocol that is
44	   independent of session-layer.  This document describes the use of
45	   HyperText Transfer Protocol (HTTP) and HTTP over Transport Layer
46	   Security (HTTP/TLS) as transports for the protocol.

48	Table of Contents

50	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
51	   2.  Conventions & Terminology  . . . . . . . . . . . . . . . . . .  4
52	   3.  Overview and Scope . . . . . . . . . . . . . . . . . . . . . .  5
53	   4.  Protocol Overview  . . . . . . . . . . . . . . . . . . . . . .  6
54	     4.1.  Device Identifiers, NAT and VPNs . . . . . . . . . . . . .  7
55	       4.1.1.  Devices and VPNs . . . . . . . . . . . . . . . . . . .  7
56	       4.1.2.  LIS Handling of NATs and VPNs  . . . . . . . . . . . .  8
57	     4.2.  Location by Value  . . . . . . . . . . . . . . . . . . . .  8
58	     4.3.  Location by Reference  . . . . . . . . . . . . . . . . . .  9
59	   5.  Protocol Description . . . . . . . . . . . . . . . . . . . . .  9
60	     5.1.  Delivery Protocol  . . . . . . . . . . . . . . . . . . . . 10
61	     5.2.  Location Request . . . . . . . . . . . . . . . . . . . . . 10
62	     5.3.  Location Response  . . . . . . . . . . . . . . . . . . . . 10
63	     5.4.  Indicating Errors  . . . . . . . . . . . . . . . . . . . . 11
64	   6.  Protocol Parameters  . . . . . . . . . . . . . . . . . . . . . 11
65	     6.1.  "responseTime" Parameter . . . . . . . . . . . . . . . . . 12
66	     6.2.  "locationType" Parameter . . . . . . . . . . . . . . . . . 12
67	       6.2.1.  "exact" Attribute  . . . . . . . . . . . . . . . . . . 14
68	     6.3.  "code" Parameter . . . . . . . . . . . . . . . . . . . . . 14
69	     6.4.  "message" Parameter  . . . . . . . . . . . . . . . . . . . 15
70	     6.5.  "locationUriSet" Parameter . . . . . . . . . . . . . . . . 15
71	       6.5.1.  "locationURI" Parameter  . . . . . . . . . . . . . . . 15
72	       6.5.2.  "expires" Parameter  . . . . . . . . . . . . . . . . . 16
73	     6.6.  "Presence" Parameter (PIDF-LO) . . . . . . . . . . . . . . 16
74	   7.  XML Schema . . . . . . . . . . . . . . . . . . . . . . . . . . 16
75	   8.  HTTP/HTTPS Binding . . . . . . . . . . . . . . . . . . . . . . 20
76	   9.  Security Considerations  . . . . . . . . . . . . . . . . . . . 21
77	     9.1.  Assuring that the proper LIS has been contacted  . . . . . 22
78	     9.2.  Protecting responses from modification . . . . . . . . . . 22
79	     9.3.  Privacy and Confidentiality  . . . . . . . . . . . . . . . 22
80	   10. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
81	     10.1. HTTPS Example Messages . . . . . . . . . . . . . . . . . . 24
82	     10.2. Simple Location Request Example  . . . . . . . . . . . . . 26
83	     10.3. Location Request Example for Multiple Location Types . . . 27
84	   11. IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 28
85	     11.1. URN Sub-Namespace Registration for
86	           urn:ietf:params:xml:ns:geopriv:held  . . . . . . . . . . . 28
87	     11.2. XML Schema Registration  . . . . . . . . . . . . . . . . . 29
88	     11.3. MIME Media Type Registration for 'application/held+xml'  . 29
89	     11.4. Error code Registry  . . . . . . . . . . . . . . . . . . . 30
90	   12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 31
91	   13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 31
92	   14. Changes since last Version . . . . . . . . . . . . . . . . . . 32
93	   15. References . . . . . . . . . . . . . . . . . . . . . . . . . . 38
94	     15.1. Normative References . . . . . . . . . . . . . . . . . . . 38
95	     15.2. Informative References . . . . . . . . . . . . . . . . . . 38

97	   Appendix A.  HELD Compliance to IETF LCP requirements  . . . . . . 40
98	     A.1.  L7-1: Identifier Choice  . . . . . . . . . . . . . . . . . 40
99	     A.2.  L7-2: Mobility Support . . . . . . . . . . . . . . . . . . 40
100	     A.3.  L7-3: ASP and Access Network Provider Relationship . . . . 41
101	     A.4.  L7-4: Layer 2 and Layer 3 Provider Relationship  . . . . . 41
102	     A.5.  L7-5: Legacy Device Considerations . . . . . . . . . . . . 41
103	     A.6.  L7-6: VPN Awareness  . . . . . . . . . . . . . . . . . . . 42
104	     A.7.  L7-7: Network Access Authentication  . . . . . . . . . . . 42
105	     A.8.  L7-8: Network Topology Unawareness . . . . . . . . . . . . 42
106	     A.9.  L7-9: Discovery Mechanism  . . . . . . . . . . . . . . . . 43
107	     A.10. L7-10: PIDF-LO Creation  . . . . . . . . . . . . . . . . . 43
108	   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 43
109	   Intellectual Property and Copyright Statements . . . . . . . . . . 45

111	1.  Introduction

113	   The location of a Device is information that is useful for a number
114	   of applications.  The L7 Location Configuration Protocol (LCP)
115	   problem statement and requirements document
116	   [I-D.ietf-geopriv-l7-lcp-ps] provides some scenarios in which a
117	   Device might rely on its access network to provide location
118	   information.  The Location Information Server (LIS) service applies
119	   to access networks employing both wired technology (e.g.  DSL, Cable)
120	   and wireless technology (e.g.  WiMAX) with varying degrees of Device
121	   mobility.  This document describes a protocol that can be used to
122	   acquire Location Information (LI) from a LIS within an access
123	   network.

125	   This specification identifies two types of location information that
126	   may be retrieved from the LIS.  Location may be retrieved from the
127	   LIS by value, that is, the Device may acquire a literal location
128	   object describing the location of the Device.  The Device may also
129	   request that the LIS provide a location reference in the form of a
130	   location URI or set of location URIs, allowing the Device to
131	   distribute its LI by reference.  Both of these methods can be
132	   provided concurrently from the same LIS to accommodate application
133	   requirements for different types of location information.

135	   This specification defines an extensible XML-based protocol that
136	   enables the retrieval of LI from a LIS by a Device.  This protocol
137	   can be bound to any session-layer protocol, particularly those
138	   capable of MIME transport.  This document describes the use of
139	   HyperText Transfer Protocol (HTTP) and HTTP over Transport Layer
140	   Security (HTTP/TLS) as transports for the protocol.

142	2.  Conventions & Terminology

144	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
145	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
146	   document are to be interpreted as described in [RFC2119].

148	   This document uses the terms (and their acronym forms) Access
149	   Provider (AP), Location Information (LI), Location Object (LO),
150	   Device, Target, Location Generator (LG), Location Recipient (LR),
151	   Rule Maker (RM) and Rule Holder (RH) as defined in RFC 3693, GEOPRIV
152	   Requirements [RFC3693] .  The terms Location Information Server
153	   (LIS), Access Network, Access Provider (AP) and Access Network
154	   Provider are used in the same context as defined in the L7 LCP
155	   Problem statement and Requirements document
156	   [I-D.ietf-geopriv-l7-lcp-ps].  The usage of the terms, Civic
157	   Location/Address and Geodetic Location follows the usage in many of
158	   the referenced documents.

160	   In describing the protocol, the terms "attribute" and "element" are
161	   used according to their context in XML.  The term "parameter" is used
162	   in a more general protocol context and can refer to either an XML
163	   "attribute" or "element".

165	3.  Overview and Scope

167	   This document describes an interface between a Device and a Location
168	   Information Server (LIS).  This document assumes that the LIS is
169	   present within the same administrative domain as the Device (e.g.,
170	   the access network).  An Access Provider (AP) operates the LIS so
171	   that Devices (and Targets) can retrieve their LI.  The LIS exists
172	   because not all Devices are capable of determining LI, and because,
173	   even if a device is able to determine its own LI, it may be more
174	   efficient with assistance.  This document does not specify how LI is
175	   determined.

177	   This document is based on the attribution of the LI to a Device and
178	   not specifically a person (end user) or Target, based on the premise
179	   that location determination technologies are generally designed to
180	   locate a device and not a person.  It is expected that, for most
181	   applications, LI for the device can be used as an adequate substitute
182	   for the end user's LI.  Since revealing the location of the device
183	   almost invariably reveals some information about the location of the
184	   user of the device, the same level of privacy protection demanded by
185	   a user is required for the device.  This approach may require either
186	   some additional assurances about the link between device and target,
187	   or an acceptance of the limitation that unless the device requires
188	   active user authentication, there is no guarantee that any particular
189	   individual is using the device at that instant.

191	   The following diagram shows the logical configuration of some of the
192	   functional elements identified in [RFC3693] and the LIS defined in
193	   [I-D.ietf-geopriv-l7-lcp-ps] and where this protocol applies, with
194	   the Rule Maker and Target represented by the role of the Device.
195	   Note that only the interfaces relevant to the Device are identified
196	   in the diagram.

198	                     +---------------------------------------------+
199	                     | Access Network Provider                     |
200	                     |                                             |
201	                     |   +--------------------------------------+  |
202	                     |   | Location Information Server          |  |
203	                     |   |                                      |  |
204	                     |   |                                      |  |
205	                     |   |                                      |  |
206	                     |   |                                      |  |
207	                     |   +------|-------------------------------+  |
208	                     +----------|----------------------------------+
209	                                |
210	                                |
211	                               HELD
212	                                |
213	     Rule Maker   - _     +-----------+         +-----------+
214	           o          - - | Device    |         | Location  |
215	          <U\             |           | - - - - | Recipient |
216	          / \       _ - - |           |   APP   |           |
217	         Target - -       +-----------+         +-----------+

219	                        Figure 1: Significant Roles

221	   The interface between the Location Recipient (LR) and the Device
222	   and/or LIS is application specific, as indicated by the APP
223	   annotation in the diagram and it is outside the scope of the
224	   document.  An example of an APP interface between a device and LR can
225	   be found in the SIP Location Conveyance document
226	   [I-D.ietf-sip-location-conveyance].

228	4.  Protocol Overview

230	   A device uses the HELD protocol to retrieve its location either
231	   directly in the form of a PIDF-LO document (by value) and indirectly
232	   as a Location URI (by reference).  The security necessary to ensure
233	   the accuracy, privacy and confidentiality of the device's location is
234	   described in the Security Considerations (Section 9).

236	   As described in the L7 LCP problem statement and requirements

238	   [I-D.ietf-geopriv-l7-lcp-ps], the Device MUST first discover the URI
239	   for the LIS for sending the HELD protocol requests.  The URI for the
240	   LIS SHOULD be obtained from an authorized and authenticated entity.
241	   The details for ensuring that an appropriate LIS is contacted are
242	   provided in Section 9 and in particular Section 9.1.  The LIS
243	   discovery protocol details are out of scope of this document and are
244	   specified in [I-D.ietf-geopriv-lis-discovery].  The type of URI
245	   provided by LIS discovery is RECOMMENDED not be a general HTTP URI.

247	   The LIS requires an identifier for the Device in order to determine
248	   the appropriate location to include in the location response message.
249	   In this document, the IP address of the Device, as reflected by the
250	   source IP address in the location request message, is used as the
251	   identifier.  Other identifiers are possible, but are beyond the scope
252	   of this document.

254	4.1.  Device Identifiers, NAT and VPNs

256	   Use of the HELD protocol is subject to the viability of the
257	   identifier used by the LIS to determine location.  This document
258	   describes the use of the source IP address sent from the Device as
259	   the identifier used by the LIS.  When Network Address Translation
260	   (NAT), a Virtual Private Network (VPN) or other forms of address
261	   modification occur between the Device and the LIS the location
262	   returned could be inaccurate.

264	   Not all cases of NATs introduce inaccuracies in the returned
265	   location.  For example, a NAT used in a residential Local Area
266	   Network (LAN) is typically not a problem.  The external IP address
267	   used on the Wide Area Network (WAN) side of the NAT is an acceptable
268	   identifier for all of the devices in the residence, on the LAN side
269	   of the NAT, since the covered geographical area is small.

271	   On the other hand, if there is a VPN between the Device and the LIS,
272	   for example for a teleworker, then the IP address seen by a LIS
273	   inside the enterprise network might not be the right address to
274	   identify the location of the Device.  Section 4.1.2 provides
275	   recommendations to address this issue.

277	4.1.1.  Devices and VPNs

279	   To minimize the impact of connections or tunnels setup for security
280	   purposes or to traverse middleboxes, Devices that connect to servers
281	   such as VPN servers, SOCKS servers and HTTP proxy servers should
282	   perform their HELD query to the LIS prior to establishing a
283	   connection to other servers.  It is RECOMMENDED that discovery
284	   [I-D.ietf-geopriv-lis-discovery] and an initial query are performed
285	   before establishing any connections to other servers.  If a Device
286	   performs the HELD query after establishing a connection to another
287	   server, the Device may receive inaccurate location information.

289	   Devices that establish VPN connections for use by other devices
290	   inside a LAN or other closed network could serve as a LIS, that
291	   implements the HELD protocol, for those other Devices.  Devices
292	   within the closed network are not necessarily able to detect the
293	   presence of the VPN.  In this case, a VPN device should provide the
294	   address of the LIS server it provides, in response to discovery
295	   queries, rather than passing such queries through the VPN tunnel.
296	   Otherwise, the other devices would be totally unaware that they could
297	   receive inaccurate location information.

299	   It could also be useful for a VPN device to serve as a LIS for other
300	   location configuration options such as Dynamic Host Configuration
301	   Protocol (DHCP)[RFC3825] or Link Layer Discovery Protocol - Media
302	   Endpoint Discovery (LLDP-MED) [LLDP-MED].  For this case, the VPN
303	   device that serves as a LIS may first acquire its own location using
304	   HELD.

306	4.1.2.  LIS Handling of NATs and VPNs

308	   In the cases where the Device connects to the LIS through a VPN or a
309	   NAT that serves a large geographic area or multiple geographic
310	   locations (for example, a NAT used by an enterprise to connect their
311	   private network to the Internet), the LIS might not be able to return
312	   an accurate LI.  If the LIS cannot determine LI for the device, it
313	   should provide an error response to the requesting device.  The LIS
314	   needs to be configured to recognize identifiers that represent these
315	   conditions.

317	   LIS operators have a large role in ensuring the best possible
318	   environment for location determination.  The LIS operator needs to
319	   ensure that the LIS is properly configured with identifiers that fall
320	   within NATs and VPNs.  In order to serve a Device on a remote side of
321	   a NAT or VPN a LIS needs to have a presence on the side of the NAT or
322	   VPN nearest the Device.

324	4.2.  Location by Value

326	   Where a Device requires LI directly, it can request that the LIS
327	   create a PIDF-LO document.  This approach fits well with a
328	   configuration whereby the device directly makes use of the provided
329	   PIDF-LO document.  The details on the information that may be
330	   included in the PIDF-LO MUST follow the subset of those rules
331	   relating to the construction of the "location-info" element in the
332	   PIDF-LO Usage Clarification, Considerations and Recommendations
333	   document [I-D.ietf-geopriv-pdif-lo-profile].  Further detail is
334	   included in the detailed protocol section of this document Section 6

336	4.3.  Location by Reference

338	   Requesting location directly does not always address the requirements
339	   of an application.  A Device can request a location URI instead of
340	   literal location.  A Location URI is a URI [RFC3986] of any scheme,
341	   which a Location Recipient (LR) can use to retrieve LI.  A location
342	   URI provided by a LIS can be assumed to be globally-addressable; that
343	   is, anyone in possession of the URI can access the LIS.

345	   However, possession of the URI does not in any way suggest that the
346	   LIS indiscriminately reveals the location associated with the
347	   location URI.  The specific requirements associated with the
348	   dereference of the location are specified in
349	   [I-D.ietf-geopriv-lbyr-requirements].  The location dereference
350	   protocol details are out of scope of this document and are specified
351	   in [I-D.winterbottom-geopriv-deref-protocol].

353	   It should also be noted that while the lybr requirements document
354	   specifies a requirement that a client SHOULD be able to cancel
355	   location references, the protocol specified in this document does not
356	   provide that functionality.  The mechanism to provide this support in
357	   the protocol requires explicit management of Target state on the LIS.
358	   It is anticipated that extensions to HELD may support that
359	   requirement.

361	5.  Protocol Description

363	   As discussed in Section 4, this protocol provides for the retrieval
364	   of the device's location in the form of a PIDF-LO document and/or
365	   Location URI(s) from a LIS.  Three messages are defined to support
366	   the location retrieval: locationRequest, locationResponse and error.
367	   Messages are defined as XML documents.

369	   The Location Request (locationRequest) message is described in
370	   Section 5.2.  A Location Request message from a Device indicates
371	   whether location in the form of a PIDF-LO document (with specific
372	   type(s) of location) and/or Location URI(s) should be returned.  The
373	   LIS replies with a locationResponse message, including a PIDF-LO
374	   document and/or one or more Location URIs in case of success.  In the
375	   case of an error, the LIS replies with an error message.

377	   A MIME type "application/held+xml" is registered in Section 11.3 to
378	   distinguish HELD messages from other XML document bodies.  This
379	   specification follows the recommendations and conventions described
380	   in [RFC3023], including the naming convention of the type ('+xml'
381	   suffix) and the usage of the 'charset' parameter.

383	   Section 6 contains a more thorough description of the protocol
384	   parameters, valid values, and how each should be handled.  Section 7
385	   contains a more specific definition of the structure of these
386	   messages in the form of an XML Schema [W3C.REC-xmlschema-1-20041028].

388	5.1.  Delivery Protocol

390	   The HELD protocol is an application-layer protocol specified by an
391	   XML document.  The HELD protocol is defined independently of any
392	   lower layers used to transport messages from one host to another.
393	   This means that any protocol can be used to transport this protocol
394	   providing that it can provide a few basic features:

396	   o  The HELD protocol doesn't provide any mechanisms that enable
397	      detection of missing messages and retransmission, thus the
398	      protocol must have acknowledged delivery.
399	   o  The HELD protocol is a request/response protocol, thus the
400	      protocol must be able to correlate a response with a request.
401	   o  The HELD protocol RECOMMENDS that the underlying transport provide
402	      authentication, confidentiality, and protection against
403	      modification per Section 9.3.

405	   This document describes the use of a combination of HTTP [RFC2616],
406	   TLS [RFC4346] and TCP [RFC0793] in Section 8.

408	5.2.  Location Request

410	   A location request message is sent from the Device to the LIS when
411	   the Device requires its own LI.  The type of LI that a Device
412	   requests is determined by the type of LI that is included in the
413	   "locationType" element.

415	   The location request is made by sending a document formed of a
416	   "locationRequest" element.  The LIS uses the source IP address of the
417	   location request message as the primary source of identity for the
418	   requesting device or target.  It is anticipated that other Device
419	   identities may be provided through schema extensions.

421	   The LIS MUST ignore any part of a location request message that it
422	   does not understand, except the document element.

424	5.3.  Location Response

426	   A successful response to a location request MUST contain a PIDF-LO
427	   and/or location URI(s).  The response SHOULD contain location
428	   information of the requested "locationType".  The cases whereby a
429	   different type of location information MAY be returned are described
430	   in Section 6.2.

432	5.4.  Indicating Errors

434	   If the LIS is unable to provide location information based on the
435	   received locationRequest message, it MUST return an error message.
436	   The LIS may return an error message in response to requests for any
437	   "locationType".

439	   An error indication document consists of an "error" element.  The
440	   "error" element MUST include a "code" attribute that indicates the
441	   type of error.  A set of predefined error codes are included in
442	   Section 6.3.

444	   Error responses MAY also include a "message" attribute that can
445	   include additional information.  This information SHOULD be for
446	   diagnostic purposes only, and MAY be in any language.  The language
447	   of the message SHOULD be indicated with an "xml:lang" attribute.

449	6.  Protocol Parameters

451	   This section describes in detail the parameters that are used for
452	   this protocol.  Table 1 lists the top-level components used within
453	   the protocol and where they are mandatory or optional for each of the
454	   messages.

456	   +----------------+----------------+----------------+----------------+
457	   | Parameter      |    Location    |    Location    |      Error     |
458	   |                |     Request    |    Response    |                |
459	   +----------------+----------------+----------------+----------------+
460	   | responseTime   |        o       |                |                |
461	   | (Section 6.1)  |                |                |                |
462	   | locationType   |        o       |                |                |
463	   | (Section 6.2)  |                |                |                |
464	   | code           |                |                |        m       |
465	   | (Section 6.3)  |                |                |                |
466	   | message        |                |                |        o       |
467	   | (Section 6.4)  |                |                |                |
468	   | locationUriSet |                |        o       |                |
469	   | (Section 6.5)  |                |                |                |
470	   | Presence       |                |        o       |                |
471	   | (PIDF-LO)      |                |                |                |
472	   | (Section 6.6)  |                |                |                |
473	   +----------------+----------------+----------------+----------------+

475	                     Table 1: Message Parameter Usage

477	6.1.  "responseTime" Parameter

479	   The "responseTime" attribute MAY be included in a location request
480	   message.  The "responseTime" attribute includes a time value
481	   indicating to the LIS how long the Device is prepared to wait for a
482	   response or a purpose for which the Device needs the location.

484	   In the case of emergency services, the purpose of obtaining the LI
485	   could be either for routing a call to the appropriate PSAP or
486	   indicating the location to which responders should be dispatched.
487	   The values defined for the purpose, "emergencyRouting" and
488	   "emergencyDispatch", will likely be governed by jurisdictional
489	   policies, and should be configurable on the LIS.

491	   The time value in the "responseTime" attribute is expressed as a non-
492	   negative integer in units of milliseconds.  The time value is
493	   indicative only and the LIS is under no obligation to strictly adhere
494	   to the time limit implied; any enforcement of the time limit is left
495	   to the requesting Device.  The LIS should provide the most accurate
496	   LI that can be determined within the specified interval for the
497	   specific service.

499	   The LIS may use the value of the time in the "responseTime" attribute
500	   as input when selecting the method of location determination, where
501	   multiple such methods exist.  If the "responseTime" attribute is
502	   absent, then the LIS should return the most precise LI it is capable
503	   of determining, with the time interval being implementation
504	   dependent.

506	6.2.  "locationType" Parameter

508	   The "locationType" element MAY be included in a location request
509	   message.  It contains a list of LI types that are requested by the
510	   Device.  The following list describes the possible values:

512	   any:  The LIS SHOULD attempt to provide LI in all forms available to
513	      it.
514	   geodetic:  The LIS SHOULD return a geodetic location for the Target.
515	   civic:  The LIS SHOULD return a civic address for the Target.
516	   locationURI:  The LIS SHOULD return a set of location URIs for the
517	      Target.

519	   The LIS SHOULD return the requested location type or types.  The
520	   location types the LIS returns also depend on the setting of the
521	   optional "exact" attribute.  If the "exact" attribute is set to
522	   "true" then the LIS MUST return either the requested location type or
523	   provide an error response.  The "exact" attribute does not apply (is
524	   ignored) for a request for a location type of "any".  Further detail
525	   of the "exact" attribute processing is provided in the following
526	   Section 6.2.1.

528	   In the case of a request for specific locationType(s) and the "exact"
529	   attribute is false, the LIS MAY provide additional location types, or
530	   it MAY provide alternative types if the request cannot be satisfied
531	   for a requested location type.  The "SHOULD"-strength requirements on
532	   this parameter for specific location types are included to allow for
533	   soft-failover.  This enables a fixed client configuration that
534	   prefers a specific location type without causing location requests to
535	   fail when that location type is unavailable.  For example, a notebook
536	   computer could be configured to retrieve civic addresses, which is
537	   usually available from typical home or work situations.  However,
538	   when using a wireless modem, the LIS might be unable to provide a
539	   civic address and thus provides a geodetic address.

541	   The LIS SHOULD return location information in a form that is suited
542	   for routing and responding to an emergency call in its jurisdiction,
543	   specifically by value.  The LIS MAY alternatively or additionally
544	   return a location URI.  If the "locationType" element is absent, a
545	   location URI MUST be assumed as the default.  A location URI provided
546	   by the LIS is a reference to the most current available LI and is not
547	   a stable reference to a specific location.

549	   It should be noted that the protocol does not support a request to
550	   just receive one of a subset of location types.  For example, in the
551	   case where a Device has a preference for just "geodetic" or "civic",
552	   it is necessary to make the request without an "exact" attribute,
553	   including both location types.  In this case, if neither is available
554	   a LIS SHOULD return a locationURI if available.

556	   The LIS SHOULD provide the locations in the response in the same
557	   order in which they were included in the "locationType" element in
558	   the request.  Indeed, the primary advantage of including specific
559	   location types in a request when the "exact" attribute is set to
560	   "false" is to ensure that one receives the available locations in a
561	   specific order.  For example, a locationRequest for "civic" could
562	   yield any of the following location types in the response:

564	   o  civic
565	   o  civic, geodetic
566	   o  civic, locationURI
567	   o  civic, geodetic, locationURI
568	   o  civic, locationURI, geodetic
569	   o  geodetic, locationURI (only if civic is not available)
570	   o  locationURI, geodetic (only if civic is not available)
571	   o  geodetic (only if civic is not available)
572	   o  locationURI (only if civic is not available)

574	   For the example above, if the "exact" attribute was "true", then the
575	   only possible response is either a "civic" location or an error
576	   message.

578	6.2.1.  "exact" Attribute

580	   The "exact" attribute MAY be included in a location request message
581	   when the "locationType" element is included.  When the "exact"
582	   attribute is set to "true", it indicates to the LIS that the contents
583	   of the "locationType" parameter MUST be strictly followed.  The
584	   default value of "false" allows the LIS the option of returning
585	   something beyond what is specified, such as a set of location URIs
586	   when only a civic location was requested.

588	   A value of "true" indicates that the LIS MUST provide a location of
589	   the requested type or types or MUST provide an error.  The LIS MUST
590	   provide the requested types only.  The LIS MUST handle an exact
591	   request that includes a "locationType" element set to "any" as if the
592	   "exact" attribute were set to "false".

594	6.3.  "code" Parameter

596	   All "error" responses MUST contain a response code.  All errors are
597	   application-level errors, and MUST only be provided in successfully
598	   processed transport-level responses.  For example where HTTP/HTTPS is
599	   used as the transport, HELD error messages MUST be accompanied by a
600	   200 OK HTTP/HTTPS response.

602	   The value of the response code MUST be one of the following tokens:

604	   requestError:  This code indicates that the request was badly formed
605	      in some fashion (other than the XML content).
606	   xmlError:  This code indicates that the XML content of the request
607	      was either badly formed or invalid.
608	   generalLisError:  This code indicates that an unspecified error
609	      occurred at the LIS.
610	   locationUnknown:  This code indicates that the LIS could not
611	      determine the location of the Device.
612	   unsupportedMessage:  This code indicates that an element in the XML
613	      document for the request, was not supported or understood by the
614	      LIS.  This error code is used when a HELD request contains a
615	      document element that is not supported by the receiver.

617	   timeout:  This code indicates that the LIS could not satisfy the
618	      request within the time specified in the "responseTime" parameter.
619	   cannotProvideLiType:  This code indicates that the LIS was unable to
620	      provide LI of the type or types requested.  This code is used when
621	      the "exact" attribute on the "locationType" parameter is set to
622	      "true".
623	   notLocatable:  This code indicates that the LIS is unable to locate
624	      the Device, and that the Device MUST NOT make further attempts to
625	      retrieve LI from this LIS.  This error code is used to indicate
626	      that the Device is outside the access network served by the LIS;
627	      for instance, the VPN and NAT scenarios discussed in
628	      Section 4.1.2.

630	6.4.  "message" Parameter

632	   The "error" message MAY include a "message" attribute to convey some
633	   additional, human-readable information about the result of the
634	   request.  This message MAY be included in any language, which SHOULD
635	   be indicated by the "xml:lang", attribute.  The default language is
636	   assumed to be English.

638	6.5.  "locationUriSet" Parameter

640	   The "locationUriSet" element, received in a "locationResponse"
641	   message MAY contain any number of "locationURI" elements.  It is
642	   RECOMMENDED that the LIS allocate a Location URI for each scheme that
643	   it supports and that each scheme is present only once.  URI schemes
644	   and their secure variants, such as http and https, MUST be regarded
645	   as two separate schemes.

647	   If a "locationUriSet" element is received in a "locationResponse"
648	   message, it MUST contain an "expires" attribute, which defines the
649	   length of time for which the set of "locationURI" elements are valid.

651	6.5.1.  "locationURI" Parameter

653	   The "locationURI" element includes a single Location URI.  In order
654	   for a URI of any particular scheme to be included in a response,
655	   there MUST be a specification that defines how that URI can be used
656	   to retrieve location information.  The details of the protocol for
657	   dereferencing must meet the location dereference protocol
658	   requirements as specified in [I-D.ietf-geopriv-lbyr-requirements] and
659	   are outside the scope of this base HELD specification.

661	   Each Location URI that is allocated by the LIS is unique to the
662	   device that is requesting it.  At the time the location URI is
663	   provided in the response, there is no binding to a specific location
664	   type and the location URI is totally independent of the specific type
665	   of location it might reference.  The specific location type is
666	   determined at the time of dereference.

668	   A "locationURI" SHOULD NOT contain any information that could be used
669	   to identify the Device or Target.  Thus, it is RECOMMENDED that the
670	   "locationURI" element contain a public address for the LIS and an
671	   anonymous identifier, such as a local identifier or unlinked
672	   pseudonym.  Further guidelines to ensure the privacy and
673	   confidentiality of the information contained in the
674	   "locationResponse" message, including the "locationURI", are included
675	   in Section 9.3.

677	6.5.2.  "expires" Parameter

679	   The "expires" attribute is only included in a "locationResponse"
680	   message when a "locationUriSet" element is included.  The "expires"
681	   attribute indicates the date/time at which the Location URIs provided
682	   by the LIS will expire.  The "expires" attribute does not define the
683	   length of time a location received by dereferencing the location URI
684	   will be valid.  The "expires" attribute is RECOMMENDED not to exceed
685	   24 hours and SHOULD be a minimum of 30 minutes.

687	   Location responses that contain a "locationUriSet" element MUST
688	   include the expiry time in the "expires" attribute.  If a Device
689	   dereferences a location URI after the expiry time, the dereference
690	   SHOULD fail.

692	6.6.  "Presence" Parameter (PIDF-LO)

694	   A single "presence" parameter MAY be included in the
695	   "locationResponse" message when specific locationTypes (e.g.,
696	   "geodetic" or "civic") are requested or a "locationType" of "any" is
697	   requested.  The LIS MUST follow the subset of the rules relating to
698	   the construction of the "location-info" element in the PIDF-LO Usage
699	   Clarification, Considerations and Recommendations document
700	   [I-D.ietf-geopriv-pdif-lo-profile] in generating the PIDF-LO for the
701	   presence parameter.

703	   Note that the presence parameter is not explicitly shown in the XML
704	   schema in Section 7 for a location response message, due to XML
705	   schema constraints, since PIDF is already defined and registered
706	   separately.  Thus, the "##other" namespace serves as a placeholder
707	   for the presence parameter in the schema.

709	7.  XML Schema

711	   This section gives the XML Schema Definition

713	   [W3C.REC-xmlschema-1-20041028], [W3C.REC-xmlschema-2-20041028] of the
714	   "application/held+xml" format.  This is presented as a formal
715	   definition of the "application/held+xml" format.  Note that the XML
716	   Schema definition is not intended to be used with on-the-fly
717	   validation of the presence XML document.  Whitespaces are included in
718	   the schema to conform to the line length restrictions of the RFC
719	   format without having a negative impact on the readability of the
720	   document.  Any conforming processor should remove leading and
721	   trailing white spaces.

723	  <?xml version="1.0"?>
724	  <xs:schema
725	      targetNamespace="urn:ietf:params:xml:ns:geopriv:held"
726	      xmlns:xs="http://www.w3.org/2001/XMLSchema"
727	      xmlns:held="urn:ietf:params:xml:ns:geopriv:held"
728	      xmlns:xml="http://www.w3.org/XML/1998/namespace"
729	      elementFormDefault="qualified"
730	      attributeFormDefault="unqualified">

732	    <xs:annotation>
733	      <xs:documentation>
734	        This document (RFC xxxx) defines HELD messages.
735	        <!-- [[NOTE TO RFC-EDITOR: Please replace XXXX
736	              with the RFC number for this specification.]] -->
737	      </xs:documentation>
738	    </xs:annotation>

740	    <xs:import namespace="http://www.w3.org/XML/1998/namespace"
741	               schemaLocation="http://www.w3.org/2001/xml.xsd"/>

743	    <!-- Return Location -->
744	    <xs:complexType name="returnLocationType">
745	      <xs:complexContent>
746	        <xs:restriction base="xs:anyType">
747	          <xs:sequence>
748	            <xs:element name="locationURI" type="xs:anyURI"
749	                        maxOccurs="unbounded"/>
750	          </xs:sequence>
751	          <xs:attribute name="expires" type="xs:dateTime"
752	                        use="required"/>
753	        </xs:restriction>
754	      </xs:complexContent>
755	    </xs:complexType>

757	    <!-- responseTime Type -->
758	    <xs:simpleType name="responseTimeType">
759	      <xs:union>
760	        <xs:simpleType>
761	          <xs:restriction base="xs:token">
762	            <xs:enumeration value="emergencyRouting"/>
763	            <xs:enumeration value="emergencyDispatch"/>
764	          </xs:restriction>
765	        </xs:simpleType>
766	        <xs:simpleType>
767	          <xs:restriction base="xs:nonNegativeInteger">
768	            <xs:minInclusive value="0"/>
769	          </xs:restriction>
770	        </xs:simpleType>
771	      </xs:union>
772	    </xs:simpleType>

774	    <!-- Location Type -->
775	    <!-- Location Type -->
776	    <xs:simpleType name="locationTypeBase">
777	      <xs:union>
778	        <xs:simpleType>
779	          <xs:restriction base="xs:token">
780	            <xs:enumeration value="any"/>
781	          </xs:restriction>
782	        </xs:simpleType>
783	        <xs:simpleType>
784	          <xs:restriction base="held:locationTypeList">
785	            <xs:minLength value="1"/>
786	          </xs:restriction>
787	        </xs:simpleType>
788	      </xs:union>
789	    </xs:simpleType>

791	    <xs:simpleType name="locationTypeList">
792	      <xs:list>
793	        <xs:simpleType>
794	          <xs:restriction base="xs:token">
795	            <xs:enumeration value="civic"/>
796	            <xs:enumeration value="geodetic"/>
797	            <xs:enumeration value="locationURI"/>
798	          </xs:restriction>
799	        </xs:simpleType>
800	      </xs:list>
801	    </xs:simpleType>

803	    <xs:complexType name="locationTypeType">
804	      <xs:simpleContent>
805	        <xs:extension base="held:locationTypeBase">
806	          <xs:attribute name="exact" type="xs:boolean"
807	                        use="optional" default="false"/>
808	        </xs:extension>
809	      </xs:simpleContent>
810	    </xs:complexType>

812	    <!-- Message Definitions -->
813	    <xs:complexType name="baseRequestType">
814	      <xs:complexContent>
815	        <xs:restriction base="xs:anyType">
816	          <xs:sequence/>
817	          <xs:attribute name="responseTime" type="held:responseTimeType"
818	                        use="optional"/>
819	          <xs:anyAttribute namespace="##any" processContents="lax"/>
820	        </xs:restriction>
821	      </xs:complexContent>
822	    </xs:complexType>

824	    <xs:complexType name="errorType">
825	      <xs:complexContent>
826	        <xs:restriction base="xs:anyType">
827	          <xs:sequence/>
828	          <xs:attribute name="code" type="xs:token"
829	                        use="required"/>
830	          <xs:attribute name="message" type="xs:string"
831	                        use="optional"/>
832	          <xs:attribute ref="xml:lang" use="optional"/>
833	        </xs:restriction>
834	      </xs:complexContent>
835	    </xs:complexType>

837	    <xs:element name="error" type="held:errorType"/>

839	    <!-- Location Response -->
840	    <xs:complexType name="locationResponseType">
841	      <xs:complexContent>
842	        <xs:restriction base="xs:anyType">
843	          <xs:sequence>
844	            <xs:element name="locationUriSet"
845	                        type="held:returnLocationType"
846	                        minOccurs="0"/>
847	            <xs:any namespace="##other" processContents="lax"
848	                    minOccurs="0" maxOccurs="unbounded"/>
849	          </xs:sequence>
850	        </xs:restriction>
851	      </xs:complexContent>
852	    </xs:complexType>
853	    <xs:element name="locationResponse"
854	                type="held:locationResponseType"/>

856	    <!-- Location Request -->

858	    <xs:complexType name="locationRequestType">
859	      <xs:complexContent>
860	        <xs:extension base="held:baseRequestType">
861	          <xs:sequence>
862	            <xs:element name="locationType"
863	                        type="held:locationTypeType"
864	                        minOccurs="0"/>
865	            <xs:any namespace="##other" processContents="lax"
866	                    minOccurs="0" maxOccurs="unbounded"/>
867	          </xs:sequence>
868	        </xs:extension>
869	      </xs:complexContent>
870	    </xs:complexType>

872	    <xs:element name="locationRequest"
873	                type="held:locationRequestType"/>

875	  </xs:schema>

877	8.  HTTP/HTTPS Binding

879	   This section describes the use of HTTP [RFC2616] and HTTPS [RFC2818]
880	   as transport mechanisms for the HELD protocol, which all conforming
881	   implementations MUST support.

883	   The request is carried in the body of an HTTP/HTTPS POST request.
884	   The MIME type of both request and response bodies should be
885	   "application/held+xml".  This should be reflected in the HTTP
886	   Content-Type and Accept header fields.

888	   The LIS populates the HTTP/HTTPS headers so that they are consistent
889	   with the contents of the message.  In particular, the cache control
890	   header SHOULD be set to disable the HTTP/HTTPS caching of any PIDF-LO
891	   document or Location URIs.  Otherwise, there is the risk of stale
892	   locations and/or the unauthorized disclosure of the LI.  This also
893	   allows the LIS to control any caching with the "expires" parameter.
894	   The HTTP/HTTPS status code MUST indicate a 2xx series response for
895	   all HELD locationResponse and error messages.

897	   The use of HTTP/HTTPS also includes a default behaviour, which is
898	   triggered by a GET request, or a POST with no request body.  If
899	   either of these queries are received, the LIS MUST attempt to provide
900	   either a PIDF-LO document or a Location URI, as if the request was a
901	   location request.

903	   Implementation of HELD that implement HTTP transport MUST implement a
904	   transport over HTTPS [RFC2818].  TLS provides message integrity and
905	   confidentiality between Device and LIS.  The LIS MUST implement the
906	   server authentication method described in [RFC2818].  The device uses
907	   the URI obtained during LIS discovery to authenticate the server.
908	   The details of this authentication method are provided in section 3.1
909	   of [RFC2818].  When TLS is used, the Device SHOULD fail a request if
910	   server authentication fails, except in the event of an emergency.

912	9.  Security Considerations

914	   HELD is a location acquisition protocol whereby the a client requests
915	   its location from a LIS.  Specific requirements and security
916	   considerations for location acquisition protocols are provided in
917	   [I-D.ietf-geopriv-l7-lcp-ps].  An in-depth discussion of the security
918	   considerations applicable to the use of Location URIs and by
919	   reference provision of LI is included in
920	   [I-D.ietf-geopriv-lbyr-requirements].

922	   By using the HELD protocol, the client and the LIS expose themselves
923	   to two types of risk:

925	   Accuracy:  Client receives incorrect location information
926	   Privacy:  An unauthorized entity receives location information

928	   The provision of an accurate and privacy/confidentiality protected
929	   location to the requestor depends on the success of five steps:

931	      1.  The client must determine the proper LIS.
932	      2.  The client must connect to the proper LIS.
933	      3.  The LIS must be able to identify the device by its identifier
934	      (IP Address).
935	      4.  The LIS must be able to return the desired location.
936	      5.  HELD messages must be transmitted unmodified between the LIS
937	      and the client.

939	   Of these, only the second, third and the fifth are within the scope
940	   of this document.  The first step is based on either manual
941	   configuration or on the LIS discovery defined in
942	   [I-D.ietf-geopriv-lis-discovery], in which appropriate security
943	   considerations are already discussed.  The fourth step is dependent
944	   on the specific positioning capabilities of the LIS, and is thus
945	   outside the scope of this document.

947	9.1.  Assuring that the proper LIS has been contacted

949	   This document assumes that the LIS to be contacted is identified
950	   either by an IP address or a domain name, as is the case for a LIS
951	   discovered as described in LIS Discovery
952	   [I-D.ietf-geopriv-lis-discovery].  When the HELD transaction is
953	   conducted using TLS [RFC4346], the LIS can authenticate its identity,
954	   either as a domain name or as an IP address, to the client by
955	   presenting a certificate containing that identifier as a
956	   subjectAltName (i.e., as an iPAddress or dNSName, respectively).  In
957	   the case of the HTTP binding described above, this is exactly the
958	   authentication described by TLS [RFC2818].  Any binding of HELD MUST
959	   be capable of being transacted over TLS so that the client can
960	   request the above authentication, and a LIS implementation for a
961	   binding MUST include this feature.  Note that in order for the
962	   presented certificate to be valid at the client, the client must be
963	   able to validate the certificate.  In particular, the validation path
964	   of the certificate must end in one of the client's trust anchors,
965	   even if that trust anchor is the LIS certificate itself.

967	9.2.  Protecting responses from modification

969	   In order to prevent that response from being modified en route,
970	   messages must be transmitted over an integrity-protected channel.
971	   When the transaction is being conducted over TLS (a required feature
972	   per Section 9.1), the channel will be integrity protected by
973	   appropriate ciphersuites.  When TLS is not used, this protection will
974	   vary depending on the binding; in most cases, without protection from
975	   TLS, the response will not be protected from modification en route.

977	9.3.  Privacy and Confidentiality

979	   Location information returned by the LIS must be protected from
980	   access by unauthorized parties, whether those parties request the
981	   location from the LIS or intercept it en route.  As in Section 9.2,
982	   transactions conducted over TLS with appropriate ciphersuites are
983	   protected from access by unauthorized parties en route.  Conversely,
984	   in most cases, when not conducted over TLS, the response will be
985	   accessible while en route from the LIS to the requestor.

987	   Because HELD is an LCP and identifies clients and targets by IP
988	   addresses, a requestor is authorized to access location for an IP
989	   address only if it is the holder of that IP address.  The LIS MUST
990	   verify that the client is the target of the returned location, i.e.,
991	   the LIS MUST NOT provide location to other entities than the target.
992	   Note that this is a necessary, but not sufficient criterion for
993	   authorization.  A LIS MAY deny requests according to any local
994	   policy.

996	   A prerequisite for meeting this requirement is that the LIS must have
997	   some assurance of the identity of the client.  Since the target of
998	   the returned location is identified by an IP address, simply sending
999	   the response to this IP address will provide sufficient assurance in
1000	   many cases.  This is the default mechanism in HELD for assuring that
1001	   location is given only to authorized clients; LIS implementations
1002	   MUST support a mode of operation in which this is the only client
1003	   authentication.

1005	   Using IP return routability as an authenticator means that location
1006	   information is vulnerable to exposure through IP address spoofing
1007	   attacks.  A temporary spoofing of IP address could mean that a device
1008	   could request a Location Object or Location URI that would result in
1009	   another Device's location.  In addition, in cases where a Device
1010	   drops off the network for various reasons, the re-use of the Device's
1011	   IP address could result in another Device receiving the original
1012	   Device's location rather than its own location.  These exposures are
1013	   limited by the following:

1015	   o  Location URIs MUST have a limited lifetime, as reflected by the
1016	      value for the expires element in Section 6.5.2.  The lifetime of
1017	      location URIs necessarily depends on the nature of the access.
1018	   o  The LIS and network SHOULD be configured so that the LIS is made
1019	      aware of Device movement within the network and addressing
1020	      changes.  If the LIS detects a change in the network that results
1021	      in it no longer being able to determine the location of the
1022	      Device, then all location URIs for that Device SHOULD be
1023	      invalidated.

1025	   The above measures are dependent on network configuration, which
1026	   SHOULD be considered.  For instance, in a fixed internet access,
1027	   providers may be able to restrict the allocation of IP addresses to a
1028	   single physical line, ensuring that spoofing is not possible; in such
1029	   an environment, additional measures may not be necessary.

1031	10.  Examples

1033	   The following sections provide basic HTTP/HTTPS examples, a simple
1034	   location request example and a location request for multiple location
1035	   types example along with the relevant location responses.  To focus
1036	   on important portions of messages, the examples in Section 10.2 and
1037	   Section 10.3 do not show HTTP/HTTPS headers or the XML prologue.  In
1038	   addition, sections of XML not relevant to the example are replaced
1039	   with comments.

1041	10.1.   HTTPS Example Messages

1043	   The examples in this section show complete HTTP/HTTPS messages that
1044	   include the HELD request or response document.

1046	   This example shows the most basic request for a LO.  The POST
1047	   includes an empty "locationRequest" element.

1049	         POST /location HTTPS/1.1
1050	         Host: lis.example.com:49152
1051	         Content-Type: application/held+xml
1052	         Content-Length: 87

1054	         <?xml version="1.0"?>
1055	         <locationRequest xmlns="urn:ietf:params:xml:ns:geopriv:held"/>

1057	   Since the above request does not include a "locationType" element,
1058	   the successful response to the request may contain any type of
1059	   location.  The following shows a response containing a minimal
1060	   PIDF-LO.

1062	         HTTPS/1.1 200 OK
1063	         Server: Example LIS
1064	         Date: Tue, 10 Jan 2006 03:42:29 GMT
1065	         Expires: Tue, 10 Jan 2006 03:42:29 GMT
1066	         Cache-control: private
1067	         Content-Type: application/held+xml
1068	         Content-Length: 594

1070	         <?xml version="1.0"?>
1071	         <locationResponse xmlns="urn:ietf:params:xml:ns:geopriv:held">
1072	         <presence xmlns="urn:ietf:params:xml:ns:pidf"
1073	                   entity="pres:3650n87934c@ls.example.com">
1074	           <tuple id="b650sf789nd">
1075	           <status>
1076	            <geopriv xmlns="urn:ietf:params:xml:ns:pidf:geopriv10">
1077	             <location-info>
1078	                <Point xmlns="http://www.opengis.net/gml"
1079	                       srsName="urn:ogc:def:crs:EPSG::4326">
1080	                  <pos>-34.407 150.88001</pos>
1081	                </Point>
1082	              </location-info>
1083	              <usage-rules>
1084	                <retention-expiry>
1085	                  2006-01-11T03:42:28+00:00</retention-expiry>
1086	              </usage-rules>
1087	              <method>Wiremap</method>
1088	            </geopriv>
1089	           </status>
1090	           <timestamp>2006-01-10T03:42:28+00:00</timestamp>
1091	           </tuple>
1092	         </presence>
1093	         </locationResponse>

1095	   The error response to the request is an error document.  The
1096	   following response shows an example error response.

1098	         HTTPS/1.1 200 OK
1099	         Server: Example LIS
1100	         Expires: Tue, 10 Jan 2006 03:49:20 GMT
1101	         Cache-control: private
1102	         Content-Type: application/held+xml
1103	         Content-Length: 135

1105	         <?xml version="1.0"?>
1106	         <error xmlns="urn:ietf:params:xml:ns:geopriv:held"
1107	                code="locationUnknown"
1108	                message="Unable to determine location"/>

1110	10.2.  Simple Location Request Example

1112	   The location request shown below doesn't specify any location types
1113	   or response time.

1115	   <locationRequest xmlns="urn:ietf:params:xml:ns:geopriv:held"/>

1117	   The example response to this location request contains a list of
1118	   Location URIs.

1120	      <locationResponse xmlns="urn:ietf:params:xml:ns:geopriv:held">
1121	        <locationUriSet expires="2006-01-01T13:00:00">
1122	          <locationURI>https://ls.example.com:9768/357yc6s64ceyoiuy5ax3o
1123	          </locationURI>
1124	          <locationURI>sip:9769+357yc6s64ceyoiuy5ax3o@ls.example.com
1125	          </locationURI>
1126	        </locationUriSet>
1127	      </locationResponse>

1129	   An error response to this location request is shown below:

1131	         <error xmlns="urn:ietf:params:xml:ns:geopriv:held"
1132	                    code="locationUnknown"
1133	                    message="Location not available"/>

1135	10.3.  Location Request Example for Multiple Location Types

1137	   The following Location Request message includes a request for
1138	   geodetic, civic and any Location URIs.

1140	         <locationRequest xmlns="urn:ietf:params:xml:ns:geopriv:held">
1141	          <locationType exact="true">
1142	            geodetic
1143	            civic
1144	            locationURI
1145	          </locationType>
1146	          </locationRequest>

1148	   The corresponding Location Response message includes the requested
1149	   location information, including two location URIs.

1151	       <locationResponse xmlns="urn:ietf:params:xml:ns:geopriv:held">
1152	          <locationUriSet expires="2006-01-01T13:00:00">
1153	          <locationURI>https://ls.example.com:9768/357yc6s64ceyoiuy5ax3o
1154	          </locationURI>
1155	          <locationURI>sip:9769+357yc6s64ceyoiuy5ax3o@ls.example.com:
1156	          </locationURI>
1157	         </locationUriSet>
1158	         <presence xmlns="urn:ietf:params:xml:ns:pidf:geopriv10"
1159	                entity="pres:ae3be8585902e2253ce2@10.102.23.9">
1160	         <tuple id="lisLocation">
1161	          <status>
1162	          <geopriv>
1163	           <location-info>
1164	             <gs:Circle
1165	              xmlns:gs="http://www.opengis.net/pidflo/1.0"
1166	              xmlns:gml="http://www.opengis.net/gml"
1167	              srsName="urn:ogc:def:crs:EPSG::4326">
1168	              <gml:pos>-34.407242 150.882518</gml:pos>
1169	              <gs:radius uom="urn:ogc:def:uom:EPSG::9001">30
1170	              </gs:radius>

1172	             </gs:Circle>
1173	             <ca:civicAddress
1174	              xmlns:ca="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr"
1175	              xml:lang="en-au">
1176	              <ca:country>AU</ca:country>
1177	              <ca:A1>NSW</ca:A1>
1178	              <ca:A3>Wollongong</ca:A3>
1179	              <ca:A4>Gwynneville</ca:A4>
1180	              <ca:STS>Northfield Avenue</ca:STS>
1181	              <ca:LMK>University of Wollongong</ca:LMK>
1182	              <ca:FLR>2</ca:FLR>
1183	              <ca:NAM>Andrew Corporation</ca:NAM>
1184	              <ca:PC>2500</ca:PC>
1185	              <ca:BLD>39</ca:BLD>
1186	              <ca:SEAT>WS-183</ca:SEAT>
1187	              <ca:POBOX>U40</ca:POBOX>
1188	             </ca:civicAddress>
1189	           </location-info>
1190	           <usage-rules>
1191	             <retransmission-allowed>false</retransmission-allowed>
1192	             <retention-expiry>2007-05-25T12:35:02+10:00
1193	             </retention-expiry>
1194	           </usage-rules>
1195	           <method>Wiremap</method>
1196	           </geopriv>
1197	          </status>
1198	          <timestamp>2007-05-24T12:35:02+10:00</timestamp>
1199	        </tuple>
1200	        </presence>
1201	       </locationResponse>

1203	11.  IANA Considerations

1205	   This document requires several IANA registrations detailed in the
1206	   following sections.

1208	11.1.  URN Sub-Namespace Registration for
1209	       urn:ietf:params:xml:ns:geopriv:held

1211	   This section registers a new XML namespace,
1212	   "urn:ietf:params:xml:ns:geopriv:held", per the guidelines in
1213	   [RFC3688].

1215	      URI: urn:ietf:params:xml:ns:geopriv:held
1216	      Registrant Contact: IETF, GEOPRIV working group,
1217	      (geopriv@ietf.org), Mary Barnes (mary.barnes@nortel.com).
1218	      XML:

1220	         BEGIN
1221	           <?xml version="1.0"?>
1222	           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
1223	             "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
1224	           <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
1225	             <head>
1226	               <title>HELD Messages</title>
1227	             </head>
1228	             <body>
1229	               <h1>Namespace for HELD Messages</h1>
1230	               <h2>urn:ietf:params:xml:ns:geopriv:held</h2>
1231	       [NOTE TO IANA/RFC-EDITOR: Please replace XXXX
1232	       with the RFC number for this specification.]
1233	               <p>See RFCXXXX</p>
1234	             </body>
1235	           </html>
1236	         END

1238	11.2.  XML Schema Registration

1240	   This section registers an XML schema as per the guidelines in
1241	   [RFC3688].

1243	   URI:  urn:ietf:params:xml:schema:geopriv:held
1244	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
1245	      Mary Barnes (mary.barnes@nortel.com).
1246	   Schema:  The XML for this schema can be found as the entirety of
1247	      Section 7 of this document.

1249	11.3.  MIME Media Type Registration for 'application/held+xml'

1251	   This section registers the "application/held+xml" MIME type.

1253	   To:  ietf-types@iana.org
1254	   Subject:  Registration of MIME media type application/held+xml
1255	   MIME media type name:  application
1256	   MIME subtype name:  held+xml
1257	   Required parameters:  (none)
1258	   Optional parameters:  charset
1259	      Indicates the character encoding of enclosed XML.  Default is
1260	      UTF-8.

1262	   Encoding considerations:  Uses XML, which can employ 8-bit
1263	      characters, depending on the character encoding used.  See RFC
1264	      3023 [RFC3023], section 3.2.
1265	   Security considerations:  This content type is designed to carry
1266	      protocol data related to the location of an entity, which could
1267	      include information that is considered private.  Appropriate
1268	      precautions should be taken to limit disclosure of this
1269	      information.
1270	   Interoperability considerations:  This content type provides a basis
1271	      for a protocol
1272	   Published specification:  RFC XXXX [NOTE TO IANA/RFC-EDITOR: Please
1273	      replace XXXX with the RFC number for this specification.]
1274	   Applications which use this media type:  Location information
1275	      providers and consumers.
1276	   Additional Information:  Magic Number(s): (none)
1277	      File extension(s): .xml
1278	      Macintosh File Type Code(s): (none)
1279	   Person & email address to contact for further information:  Mary
1280	      Barnes <mary.barnes@nortel.com>
1281	   Intended usage:  LIMITED USE
1282	   Author/Change controller:  The IETF
1283	   Other information:  This media type is a specialization of
1284	      application/xml [RFC3023], and many of the considerations
1285	      described there also apply to application/held+xml.

1287	11.4.  Error code Registry

1289	   This document requests that the IANA create a new registry for the
1290	   HELD protocol including an initial registry for error codes.  The
1291	   error codes are included in HELD error messages as described in
1292	   Section 6.3 and defined in the schema in the 'codeType' token in the
1293	   XML schema in (Section 7)

1295	   The following summarizes the requested registry:

1297	   Related Registry:   Geopriv HELD Registries, Error codes for HELD
1298	   Defining RFC:  RFC XXXX [NOTE TO IANA/RFC-EDITOR: Please replace XXXX
1299	      with the RFC number for this specification.]
1300	   Registration/Assignment Procedures:  Following the policies outlined
1301	      in [RFC5226], the IANA policy for assigning new values for the
1302	      Error codes for HELD shall be Specification Required: values and
1303	      their meanings must be documented in an RFC or in some other
1304	      permanent and readily available reference, in sufficient detail
1305	      that interoperability between independent implementations is
1306	      possible.

1308	   Registrant Contact:  IETF, GEOPRIV working group, (geopriv@ietf.org),
1309	      Mary Barnes (mary.barnes@nortel.com).

1311	   This section pre-registers the following seven initial error codes as
1312	   described above in Section 6.3:

1314	   requestError:  This code indicates that the request was badly formed
1315	      in some fashion.
1316	   xmlError:  This code indicates that the XML content of the request
1317	      was either badly formed or invalid.
1318	   generalLisError:  This code indicates that an unspecified error
1319	      occurred at the LIS.
1320	   locationUnknown:  This code indicates that the LIS could not
1321	      determine the location of the Device.
1322	   unsupportedMessage:  This code indicates that the request was not
1323	      supported or understood by the LIS.  This error code is used when
1324	      a HELD request contains a document element that is not supported
1325	      by the receiver.
1326	   timeout:  This code indicates that the LIS could not satisfy the
1327	      request within the time specified in the "responseTime" parameter.
1328	   cannotProvideLiType:  This code indicates that the LIS was unable to
1329	      provide LI of the type or types requested.  This code is used when
1330	      the "exact" attribute on the "locationType" parameter is set to
1331	      "true".
1332	   notLocatable:  This code indicates that the LIS is unable to locate
1333	      the Device, and that the Device MUST NOT make further attempts to
1334	      retrieve LI from this LIS.  This error code is used to indicate
1335	      that the Device is outside the access network served by the LIS;
1336	      for instance, the VPN and NAT scenarios discussed in
1337	      Section 4.1.2.

1339	12.  Contributors

1341	   James Winterbottom, Martin Thomson and Barbara Stark are the authors
1342	   of the original document, from which this WG document was derived.
1343	   Their contact information is included in the Author's address
1344	   section.  In addition, they also contributed to the WG document,
1345	   including the XML schema.

1347	13.  Acknowledgements

1349	   The author/contributors would like to thank the participants in the
1350	   GEOPRIV WG and the following people for their constructive input and
1351	   feedback on this document (in alphabetical order): Nadine Abbott,
1352	   Eric Arolick, Richard Barnes (in particular the security section),
1353	   Peter Blatherwick, Ben Campbell, Guy Caron, Eddy Corbett, Martin
1354	   Dawson, Lisa Dusseault, Jerome Grenier, Ted Hardie, Cullen Jennings,
1355	   Neil Justusson, Tat Lam, Marc Linsner, Patti McCalmont, Roger
1356	   Marshall, Perry Prozeniuk, Carl Reed, Julian Reschke, Eric Rescorla,
1357	   Brian Rosen, John Schnizlein, Shida Schubert, Henning Schulzrinne, Ed
1358	   Shrum, Doug Stuard, Hannes Tschofenig and Karl Heinz Wolf.

1360	14.  Changes since last Version

1362	   NOTE TO THE RFC-Editor: Please remove this section prior to
1363	   publication as an RFC.

1365	   Changes from WG 10 to 11 (Post-2nd WGLC):

1367	   1) Added additional text around the scope and applicability of the
1368	   URI returned from LIS Discovery (section 4).

1370	   2) Removed HTTP GET - will always use POST.

1372	   3) Removed sentence wrt mobile devices in section 6.2.

1374	   4) Added specific recommendation for minimum value for expires in
1375	   section 6.5.2 (30 Minutes).

1377	   5) Remove reference to RFC 3704 (for IP address spoofing) in section
1378	   9.3 (bullet 2).

1380	   6) Clarified that both HTTP and HTTPS are allowed - changed last
1381	   bullet in section 5.1 from REQUIRES to RECOMMENDS.

1383	   7) Clarification wrt "presence" parameter in section 6.6 - a "single"
1384	   presence parameter may be included.

1386	   Changes from WG 09 to 10 (2nd WGLC):

1388	   1) Updated text for Devices and VPNs (section 4.1.1) to include
1389	   servers such as HTTP and SOCKs, thus changed the text to be generic
1390	   in terms of locating LIS before connecting to one of these servers,
1391	   etc.

1393	   2) Fixed (still buggy) HTTP examples.

1395	   3) Added text explaining the whitespaces in XML schema are for
1396	   readability/document format limitations and that they should be
1397	   handled via parser/schema validation.

1399	   4) Miscellaneous editorial nits
1400	   Changes from WG 08 to 09 (Post-IETF LC: continued resolution of sec-
1401	   dir and gen-art review comments, along with apps-area feedback):

1403	   1) Removed heldref/heldrefs URIs, including fixing examples (which
1404	   were buggy anyways).

1406	   2) Clarified text for locationURI - specifying that the deref
1407	   protocol must define or appropriately restrict and clarifying that
1408	   requirements for deref must be met and that deref details are out of
1409	   scope for this document.

1411	   3) Clarified text in security section for support of both HTTP/HTTPS.

1413	   4) Changed definition for Location Type to force the specification of
1414	   at least one location type.

1416	   Changes from WG 07 to 08 (IETF LC: sec-dir and gen-art review
1417	   comments):

1419	   1) Fix editorial nits: rearranging sections in 4.1 for readibility,
1420	   etc.

1422	   2) Added back text in Device and VPN section referencing DHCP and
1423	   LLDP-MED when a VPN device serves as a LIS.

1425	   3) Clarified the use of both HTTP and HTTPS.

1427	   4) Defined two URIs related to 3 respectively - divided IANA
1428	   registrations into sub-sections to accomodate this change.  (Note:
1429	   LIS Discovery will now define that URI, thus this document defines
1430	   the one associatied with a Location reference).

1432	   5) Clarified the description of the location URI in Protocol Overview
1433	   and Protocol parameter sections.  Note that these sections again
1434	   reference location dereference protocol for completeness and
1435	   clarification of issues that are out of scope for this base document.

1437	   6) Defined new error code: notLocatable.

1439	   7) Clarifications and corrections in security section.

1441	   8) Clarified text for locationType, specifically removing extra text
1442	   from "any" description and putting that in a separate paragraph.
1443	   Also, provided an example.

1445	   9) Added boundaries for "expires" parameter.

1447	   10) Clarified that the HELD protocol as defined by this document does
1448	   not allow for canceling location references.

1450	   Changes from WG 06 to 07 (PROTO review comments):

1452	   1) Fix nits: remove unused references, move requirements to
1453	   Informational References section, fix long line in ABNF, fix ABNF
1454	   (quotes around '?'), add schemaLocation to import namespace in XML
1455	   schema.

1457	   2) Remove text in Device and VPN section referencing DHCP and LLDP-
1458	   MED when a VPN device serves as a LIS, per Issue 1 resolution at
1459	   IETF-71.  (Editorial oversight in producing version 06).

1461	   Changes from WG 05 to 06 (2nd WGLC comments):

1463	   1) Updated security section based on WG feedback, including
1464	   condensing section 10.1.1 (Assuring the proper LIS has been
1465	   contacted), restructuring sections by flattening, adding an
1466	   additional step to the list that had been in the Accuracy section and
1467	   removing summary section.

1469	   2) Changed URI schema to "helds" to address concerns over referential
1470	   integrity and for consistency with mandate of TLS for HELD.

1472	   3) Editorial clarifications including fixing examples to match HELD
1473	   URI definition (e.g., adding port, adding randomness to URI examples,
1474	   etc.)

1476	   4) Updated references removing unused references and moving
1477	   requirements docs to Informational Reference section to avoid
1478	   downrefs.

1480	   Changes from WG 04 to 05 (WGLC comments):

1482	   1) Totally replaced the security section with the details provided by
1483	   Richard Barnes so that we don't need a reference to the location
1484	   security document.

1486	   2) Fixed error codes in schema to allow extensibility.  Change the
1487	   IANA registration to be "specification required".

1489	   3) Cleaned up the HELD: URI description, per comments from Martin and
1490	   James and partially addressing HELD-04 Issue 1.  Put the definition
1491	   in a separate section and clarified the applicability (to also
1492	   include being a results of the discovery process) and fixed examples.

1494	   4) Updated the LocationURI section to be more accurate, address
1495	   HELD-04 Issue 3, and include the reference to the new HELD:URI
1496	   section.  Also, fixed an error in the doc in that the top level parm
1497	   in the locationResponse is actually locationUriSet, which contains
1498	   any number of locationURI elements and the "expires" parameter.  So,
1499	   Table 1 was also updated and a new section for the LocationURISet was
1500	   added that includes the subsections for the "locationURI" and
1501	   "expires".  And, then clarified that "expires" applies to
1502	   "locationURISet" and not per "locationURI".

1504	   5) Editorial nits: pointed out offline by Richard (e.g., by-value ->
1505	   by value, by-reference -> by reference, etc.) and onlist by James and
1506	   Martin.  Please refer to the diff for a complete view of editorial
1507	   changes.

1509	   6) Added text in HTTP binding section to disable HTTP caching
1510	   (HELD-04 Issue 5 on the list).

1512	   Changes from WG 03 to 04:

1514	   1) Terminology: clarified in terminology section that "attribute" and
1515	   "element" are used in the strict XML sense and "parameter" is used as
1516	   a general protocol term Replaced term "HTTP delivery" with "HTTP
1517	   transport".  Still have two terms "HTTP transport" and "HTTP
1518	   binding", but those are consistent with general uses of HTTP.

1520	   2) Editorial changes and clarifications: per Roger Marshall's and
1521	   Eric Arolick's comments and subsequent WG mailing list discussion.

1523	   3) Changed normative language for describing expected and recommended
1524	   LIS behaviors to be non-normative recommendations in cases where the
1525	   protocol parameters were not the target of the discussion (e.g., we
1526	   can't prescribe to the LIS how it determines location or what it
1527	   defines to be an "accurate" location).

1529	   4) Clarified responseTime attribute (section 6.1).  Changed type from
1530	   "decimal" to "nonNegativeInteger" in XML schema (section 7)

1532	   5) Updated Table 1 in section 6 to only include top-level parameters
1533	   and fixed some errors in that table (i.e., code for locationResponse)
1534	   and adding PIDF-LO to the table.  Added a detailed section describing
1535	   PIDF-LO (section 6.6), moving some of the normative text in the
1536	   Protocol Overview to this section.

1538	   6) Added schema and description for locationURI to section 6.5.
1539	   Added IANA registration for HELD: URI schema.

1541	   7) Added IANA registry for error codes.

1543	   Changes from WG 02 to 03:

1545	   1) Added text to address concern over use of IP address as device
1546	   identifier, per long email thread - changes to section 3 (overview)
1547	   and section 4 (protocol overview).

1549	   2) Removed WSDL (section 8 updated, section 8.1 and 10.4 removed)

1551	   3) Added extensibility to baseRequestType in the schema (an oversight
1552	   from previous edits), along with fixing some other nits in schema
1553	   (section 7)

1555	   4) Moved discussion of Location URI from section 5.3 (Location
1556	   Response) to where it rightly belonged in Section 6.5 (Location URI
1557	   Parameter).

1559	   5) Clarified text for "expires" parameter (6.5.1) - it's an optional
1560	   parm, but required for LocationURIs

1562	   6) Clarified responseTime parameter: when missing, then the LCS
1563	   provides most precise LI, with the time required being implementation
1564	   specific.

1566	   7) Clarified that the MUST use in section 8 (HTTP binding) is a MUST
1567	   implement.

1569	   8) Updated references (removed unused/added new).

1571	   Changes from WG 01 to 02:

1573	   1) Updated Terminology to be consistent with WG agreements and other
1574	   documents (e.g., LCS -> LIS and removed duplicate terms).  In the
1575	   end, there are no new terms defined in this document.

1577	   2) Modified definition of responseTime to reflect WG consensus.

1579	   3) Removed jurisdictionalCivic and postalCivic locationTypes (leaving
1580	   just "civic").

1582	   4) Clarified text that locationType is optional.  Fixed table 1 and
1583	   text in section 5.2 (locationRequest description).  Text in section
1584	   6.2 (description of locationType element) already defined the default
1585	   to be "any".

1587	   5) Simplified error responses.  Separated the definition of error
1588	   response type from the locationResponse type thus no need for
1589	   defining an error code of "success".  This simplifies the schema and
1590	   processing.

1592	   6) Updated schema/examples for the above.

1594	   7) Updated Appendix A based on updates to requirements document,
1595	   specifically changes to A.1, A.3 and adding A.10.

1597	   8) Miscellaneous editorial clarifications.

1599	   Changes from WG 00 to 01:

1601	   1) heldResponse renamed to locationResponse.

1603	   2) Changed namespace references for the PIDF-LO geoShape in the
1604	   schema to match the agreed GML PIDF-LO Geometry Shape Application
1605	   Schema.

1607	   3) Removed "options" element - leaving optionality/extensibility to
1608	   XML mechanisms.

1610	   4) Changed error codes to be enumerations and not redefinitions of
1611	   HTTP response codes.

1613	   5) Updated schema/examples for the above and removed some remnants of
1614	   the context element.

1616	   6) Clarified the definition of "Location Information (LI)" to include
1617	   a reference to the location (to match the XML schema and provide
1618	   consistency of usage throughout the document).  Added an additional
1619	   statement in section 7.2 (locationType) to clarify that LCS MAY also
1620	   return a Location URI.

1622	   7) Modifed the definition of "Location Configuration Server (LCS)" to
1623	   be consistent with the current definiton in the requirements
1624	   document.

1626	   8) Updated Location Response (section 6.3) to remove reference to
1627	   context and discuss the used of a local identifier or unlinked
1628	   pseudonym in providing privacy/security.

1630	   9) Clarified that the source IP address in the request is used as the
1631	   identifier for the target/device for the HELD protocol as defined in
1632	   this document.

1634	   10) Miscellaneous editorial clarifications.

1636	15.  References
1637	15.1.  Normative References

1639	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
1640	              Requirement Levels", BCP 14, RFC 2119, March 1997.

1642	   [RFC4346]  Dierks, T. and E. Rescorla, "The Transport Layer Security
1643	              (TLS) Protocol Version 1.1", RFC 4346, April 2006.

1645	   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
1646	              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
1647	              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

1649	   [RFC2818]  Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

1651	   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
1652	              January 2004.

1654	   [I-D.ietf-geopriv-pdif-lo-profile]
1655	              Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV
1656	              PIDF-LO Usage Clarification, Considerations and
1657	              Recommendations", draft-ietf-geopriv-pdif-lo-profile-14
1658	              (work in progress), November 2008.

1660	   [W3C.REC-xmlschema-1-20041028]
1661	              Thompson, H., Mendelsohn, N., Beech, D., and M. Maloney,
1662	              "XML Schema Part 1: Structures Second Edition", World Wide
1663	              Web Consortium Recommendation REC-xmlschema-1-20041028,
1664	              October 2004,
1665	              <http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>.

1667	   [W3C.REC-xmlschema-2-20041028]
1668	              Biron, P. and A. Malhotra, "XML Schema Part 2: Datatypes
1669	              Second Edition", World Wide Web Consortium
1670	              Recommendation REC-xmlschema-2-20041028, October 2004,
1671	              <http://www.w3.org/TR/2004/REC-xmlschema-2-20041028>.

1673	   [I-D.ietf-geopriv-lis-discovery]
1674	              Thomson, M. and J. Winterbottom, "Discovering the Local
1675	              Location Information Server (LIS)",
1676	              draft-ietf-geopriv-lis-discovery-04 (work in progress),
1677	              October 2008.

1679	15.2.  Informative References

1681	   [RFC0793]  Postel, J., "Transmission Control Protocol", STD 7,
1682	              RFC 793, September 1981.

1684	   [RFC3023]  Murata, M., St. Laurent, S., and D. Kohn, "XML Media
1685	              Types", RFC 3023, January 2001.

1687	   [RFC3693]  Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and
1688	              J. Polk, "Geopriv Requirements", RFC 3693, February 2004.

1690	   [RFC3825]  Polk, J., Schnizlein, J., and M. Linsner, "Dynamic Host
1691	              Configuration Protocol Option for Coordinate-based
1692	              Location Configuration Information", RFC 3825, July 2004.

1694	   [LLDP-MED]
1695	              TIA, "ANSI/TIA-1057 Link Layer Discovery Protocol - Media
1696	              Endpoint Discovery".

1698	   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
1699	              Resource Identifier (URI): Generic Syntax", STD 66,
1700	              RFC 3986, January 2005.

1702	   [RFC4395]  Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
1703	              Registration Procedures for New URI Schemes", BCP 115,
1704	              RFC 4395, February 2006.

1706	   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
1707	              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
1708	              May 2008.

1710	   [I-D.ietf-geopriv-l7-lcp-ps]
1711	              Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7
1712	              Location Configuration Protocol; Problem Statement and
1713	              Requirements", draft-ietf-geopriv-l7-lcp-ps-08 (work in
1714	              progress), June 2008.

1716	   [I-D.ietf-geopriv-lbyr-requirements]
1717	              Marshall, R., "Requirements for a Location-by-Reference
1718	              Mechanism", draft-ietf-geopriv-lbyr-requirements-05 (work
1719	              in progress), November 2008.

1721	   [I-D.ietf-sip-location-conveyance]
1722	              Polk, J. and B. Rosen, "Location Conveyance for the
1723	              Session Initiation Protocol",
1724	              draft-ietf-sip-location-conveyance-12 (work in progress),
1725	              November 2008.

1727	   [I-D.winterbottom-geopriv-deref-protocol]
1728	              Winterbottom, J., Tschofenig, H., Schulzrinne, H.,
1729	              Thomson, M., and M. Dawson, "An HTTPS Location
1730	              Dereferencing Protocol Using HELD",
1731	              draft-winterbottom-geopriv-deref-protocol-02 (work in
1732	              progress), July 2008.

1734	Appendix A.  HELD Compliance to IETF LCP requirements

1736	   This appendix describes HELD's compliance to the requirements
1737	   specified in the [I-D.ietf-geopriv-l7-lcp-ps].

1739	A.1.  L7-1: Identifier Choice

1741	   "The L7 LCP MUST be able to carry different identifiers or MUST
1742	   define an identifier that is mandatory to implement.  Regarding the
1743	   latter aspect, such an identifier is only appropriate if it is from
1744	   the same realm as the one for which the location information service
1745	   maintains identifier to location mapping."

1747	   COMPLY

1749	   HELD uses the IP address of the location request message as the
1750	   primary source of identity for the requesting device or target.  This
1751	   identity can be used with other contextual network information to
1752	   provide a physical location for the Target for many network
1753	   deployments.  There may be network deployments where an IP address
1754	   alone is insufficient to identify a Target in a network.  However,
1755	   any necessary identity extensions for these networks is beyond the
1756	   scope of this document.

1758	A.2.  L7-2: Mobility Support

1760	   "The GEOPRIV Layer 7 Location Configuration Protocol MUST support a
1761	   broad range of mobility from devices that can only move between
1762	   reboots, to devices that can change attachment points with the impact
1763	   that their IP address is changed, to devices that do not change their
1764	   IP address while roaming, to devices that continuously move by being
1765	   attached to the same network attachment point."

1767	   COMPLY

1769	   Mobility support is inherently a characteristic of the access network
1770	   technology and HELD is designed to be access network agnostic.
1771	   Consequently HELD complies with this requirement.  In addition HELD
1772	   provides specific support for mobile environments by providing an
1773	   optional responseTime attribute in location request messages.
1774	   Wireless networks often have several different mechanisms at their
1775	   disposal for position determination (e.g.  Assisted GPS versus
1776	   location based on serving base station identity), each providing
1777	   different degrees of accuracy and taking different amounts of time to
1778	   yield a result.  The responseTime parameter provides the LIS with a
1779	   criterion which it can use to select a location determination
1780	   technique.

1782	A.3.  L7-3: ASP and Access Network Provider Relationship

1784	   "The design of the L7 LCP MUST NOT assume a business or trust
1785	   relationship between the Application Service Provider (ASP) and the
1786	   Access Network Provider.  Requirements for resolving a reference to
1787	   location information are not discussed in this document."

1789	   COMPLY

1791	   HELD describes a location acquisition protocol between a Device and a
1792	   LIS.  In the context of HELD, the LIS is within the Access Network.
1793	   Thus, HELD is independent of the business or trust relationship
1794	   between the Application Service Provider (ASP) and the Access Network
1795	   Provider.  Location acquisition using HELD is subject to the
1796	   restrictions described in Section 9.

1798	A.4.  L7-4: Layer 2 and Layer 3 Provider Relationship

1800	   "The design of the GEOPRIV Layer 7 Location Configuration Protocol
1801	   MUST assume that there is a trust and business relationship between
1802	   the L2 and the L3 provider.  The L3 provider operates the LIS and
1803	   needs to obtain location information from the L2 provider since this
1804	   one is closest to the end host.  If the L2 and L3 provider for the
1805	   same host are different entities, they cooperate for the purposes
1806	   needed to determine end system locations."

1808	   COMPLY

1810	   HELD was specifically designed with this model in mind and readily
1811	   allows itself to chaining requests between operators without a change
1812	   in protocol being required.  HELD is a webservices protocol which can
1813	   be bound to transports other than HTTP, such as BEEP.  Using a
1814	   protocol such as BEEP offers the option of high request throughput
1815	   over a dedicated connection between an L3 provider and an L2 provider
1816	   without incurring the serial restriction imposed by HTTP.  This is
1817	   less easy to do with protocols that do not decouple themselves from
1818	   the transport.

1820	A.5.  L7-5: Legacy Device Considerations

1822	   "The design of the GEOPRIV Layer 7 Location Configuration Protocol
1823	   MUST consider legacy residential NAT devices and NTEs in an DSL
1824	   environment that cannot be upgraded to support additional protocols,
1825	   for example to pass additional information through DHCP."

1827	   COMPLY

1829	   HELD is an application protocol and operates on top of IP.  A HELD
1830	   request from a host behind a residential NAT will traverse the NAT
1831	   acquiring the external address of the home router.  The location
1832	   provided to the host therefore will be the address of the home router
1833	   in this circumstance.  No changes are required to the home router in
1834	   order to support this function, HELD was designed specifically to
1835	   address this deployment scenario.

1837	A.6.  L7-6: VPN Awareness

1839	   "The design of the GEOPRIV Layer 7 Location Configuration Protocol
1840	   MUST assume that at least one end of a VPN is aware of the VPN
1841	   functionality.  In an enterprise scenario, the enterprise side will
1842	   provide the LIS used by the client and can thereby detect whether the
1843	   LIS request was initiated through a VPN tunnel."

1845	   COMPLY

1847	   HELD does not preclude a LIS on the far end of a VPN tunnel being
1848	   aware that the client request is occurring over that tunnel.  It also
1849	   does not preclude a client device from accessing a LIS serving the
1850	   local physical network and subsequently using the location
1851	   information with an application that is accessed over a VPN tunnel.

1853	A.7.  L7-7: Network Access Authentication

1855	   "The design of the GEOPRIV Layer 7 Location Configuration Protocol
1856	   MUST NOT assume prior network access authentication."

1858	   COMPLY

1860	   HELD makes no assumptions about prior network access authentication.
1861	   HELD strongly recommends the use of TLS with server-side certificates
1862	   for communication between the end-point and the LIS.  There is no
1863	   requirement for the end-point to authenticate with the LIS.

1865	A.8.  L7-8: Network Topology Unawareness

1867	   "The design of the GEOPRIV Layer 7 Location Configuration Protocol
1868	   MUST NOT assume end systems being aware of the access network
1869	   topology.  End systems are, however, able to determine their public
1870	   IP address(es) via mechanisms such as STUN or NSIS NATFW NSLP."

1872	   COMPLY

1874	   HELD makes no assumption about the network topology.  HELD doesn't
1875	   require that the device know its external IP address, except where
1876	   that is required for discovery of the LIS.

1878	A.9.  L7-9: Discovery Mechanism

1880	   "The L7 LCP MUST define a single mandatory to implement discovery
1881	   mechanism."

1883	   COMPLY

1885	   HELD uses the discovery mechanism in
1886	   [I-D.ietf-geopriv-lis-discovery].

1888	A.10.  L7-10: PIDF-LO Creation

1890	   "When a LIS creates a PIDF-LO per RFC 4119 then it MUST put the
1891	   <geopriv> element into the <device> element of the presence document
1892	   (see RFC 4479).  This ensures that the resulting PIDF-LO document,
1893	   which is subsequently distributed to other entities, conforms to the
1894	   rules outlined in ". [I-D.ietf-geopriv-pdif-lo-profile]

1896	   COMPLY

1898	   HELD protocol overview (Section 4 ) describes the requirements on the
1899	   LIS in creating the PIDF-LO and prescribes that the PIDF-LO generated
1900	   by the LIS MUST conform to [I-D.ietf-geopriv-pdif-lo-profile].

1902	Authors' Addresses

1904	   Mary Barnes (editor)
1905	   Nortel
1906	   2201 Lakeside Blvd
1907	   Richardson, TX

1909	   Email: mary.barnes@nortel.com

1911	   James Winterbottom
1912	   Andrew
1913	   PO Box U40
1914	   Wollongong University Campus, NSW  2500
1915	   AU

1917	   Phone: +61 2 4221 2938
1918	   Email: james.winterbottom@andrew.com
1919	   URI:   http://www.andrew.com/
1920	   Martin Thomson
1921	   Andrew
1922	   PO Box U40
1923	   Wollongong University Campus, NSW  2500
1924	   AU

1926	   Phone: +61 2 4221 2915
1927	   Email: martin.thomson@andrew.com
1928	   URI:   http://www.andrew.com/

1930	   Barbara Stark
1931	   BellSouth
1932	   Room 7A43
1933	   725 W Peachtree St.
1934	   Atlanta, GA  30308
1935	   US

1937	   Email: barbara.stark@att.com

1939	Full Copyright Statement

1941	   Copyright (C) The IETF Trust (2008).

1943	   This document is subject to the rights, licenses and restrictions
1944	   contained in BCP 78, and except as set forth therein, the authors
1945	   retain all their rights.

1947	   This document and the information contained herein are provided on an
1948	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
1949	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
1950	   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
1951	   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
1952	   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
1953	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

1955	Intellectual Property

1957	   The IETF takes no position regarding the validity or scope of any
1958	   Intellectual Property Rights or other rights that might be claimed to
1959	   pertain to the implementation or use of the technology described in
1960	   this document or the extent to which any license under such rights
1961	   might or might not be available; nor does it represent that it has
1962	   made any independent effort to identify any such rights.  Information
1963	   on the procedures with respect to rights in RFC documents can be
1964	   found in BCP 78 and BCP 79.

1966	   Copies of IPR disclosures made to the IETF Secretariat and any
1967	   assurances of licenses to be made available, or the result of an
1968	   attempt made to obtain a general license or permission for the use of
1969	   such proprietary rights by implementers or users of this
1970	   specification can be obtained from the IETF on-line IPR repository at
1971	   http://www.ietf.org/ipr.

1973	   The IETF invites any interested party to bring to its attention any
1974	   copyrights, patents or patent applications, or other proprietary
1975	   rights that may cover technology that may be required to implement
1976	   this standard.  Please address the information to the IETF at
1977	   ietf-ipr@ietf.org.