draft-ietf-geopriv-radius-lo-18.txt   draft-ietf-geopriv-radius-lo-19.txt 
GEOPRIV H. Tschofenig, Ed. GEOPRIV H. Tschofenig, Ed.
Internet-Draft Nokia Siemens Networks Internet-Draft Nokia Siemens Networks
Intended status: Standards Track F. Adrangi Intended status: Standards Track F. Adrangi
Expires: June 13, 2008 Intel Expires: August 3, 2008 Intel
M. Jones M. Jones
A. Lior A. Lior
Bridgewater Bridgewater
B. Aboba B. Aboba
Microsoft Corporation Microsoft Corporation
December 11, 2007 January 31, 2008
Carrying Location Objects in RADIUS and Diameter Carrying Location Objects in RADIUS and Diameter
draft-ietf-geopriv-radius-lo-18.txt draft-ietf-geopriv-radius-lo-19.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 40 skipping to change at page 1, line 40
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June 13, 2008. This Internet-Draft will expire on August 3, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
Abstract Abstract
This document describes procedures for conveying access network This document describes procedures for conveying access network
ownership and location information based on a civic and geospatial ownership and location information based on a civic and geospatial
location format in Remote Authentication Dial In User Service location format in Remote Authentication Dial In User Service
(RADIUS) and Diameter. (RADIUS) and Diameter.
The distribution of location information is a privacy sensitive task. The distribution of location information is a privacy sensitive task.
Dealing with mechanisms to preserve the user's privacy is important Dealing with mechanisms to preserve the user's privacy is important
skipping to change at page 39, line 48 skipping to change at page 39, line 48
The RADIUS server is a natural place for storing authorization The RADIUS server is a natural place for storing authorization
policies since the user typically has some sort of trust relationship policies since the user typically has some sort of trust relationship
with the entity operating the RADIUS server. Once the infrastructure with the entity operating the RADIUS server. Once the infrastructure
is deployed and location aware applications are available then there is deployed and location aware applications are available then there
might be a strong desire to use location information for other might be a strong desire to use location information for other
purposes as well. purposes as well.
The Common Policy framework [RFC4745] that was extended for The Common Policy framework [RFC4745] that was extended for
geolocation privacy [I-D.ietf-geopriv-policy] are tailored for geolocation privacy [I-D.ietf-geopriv-policy] are tailored for
this purpose. The Extensible Markup Language (XML) Configuration this purpose. The Extensible Markup Language (XML) Configuration
Access Protocol (XCAP) [I-D.ietf-simple-xcap] gives users the Access Protocol (XCAP) [RFC4825] gives users the ability to change
ability to change their privacy policies using a standardized their privacy policies using a standardized protocol. These
protocol. These policies are an important tool for limiting policies are an important tool for limiting further distribution
further distribution of the user's location to other location of the user's location to other location based services.
based services.
The RADIUS server MUST behave according to the following guidelines: The RADIUS server MUST behave according to the following guidelines:
o The RADIUS server MUST attach available rules to the Access- o The RADIUS server MUST attach available rules to the Access-
Accept, the Access-Reject or the Access-Challenge message when the Accept, the Access-Reject or the Access-Challenge message when the
RADIUS client is supposed to provide location information. RADIUS client is supposed to provide location information.
o When location information is made available to other entities o When location information is made available to other entities
(e.g., writing to stable storage for latter billing processing) (e.g., writing to stable storage for latter billing processing)
then the RADIUS server MUST attach the privacy rules to location then the RADIUS server MUST attach the privacy rules to location
skipping to change at page 42, line 30 skipping to change at page 42, line 30
Location-Data Location-Data
Basic-Location-Policy-Rules Basic-Location-Policy-Rules
Extended-Location-Policy-Rules Extended-Location-Policy-Rules
Location-Capable Location-Capable
Requested-Location-Info Requested-Location-Info
Please refer to Section 5 for the registered list of numbers. Please refer to Section 5 for the registered list of numbers.
This document also instructs IANA to assign a new value for the This document also instructs IANA to assign a new value for the
Error-Cause Attribute [I-D.ietf-radext-rfc3576bis], of "Location- Error-Cause Attribute [I-D.ietf-radext-rfc3576bis], of "Location-
Info-Required" TBA. Info-Required".
Additionally, IANA is requested to create the following new Additionally, IANA is requested to create the following new
registries listed in the subsections below. registries listed in the subsections below.
8.1. New Registry: Operator Namespace Identifier 8.1. New Registry: Operator Namespace Identifier
This document also defines an operator namespace identifier registry This document also defines an operator namespace identifier registry
(used in the Namespace ID field of the Operator-Name Attribute). (used in the Namespace ID field of the Operator-Name Attribute).
Note that this document requests IANA only to maintain a registry of Note that this document requests IANA only to maintain a registry of
existing namespaces for use in this identifier field, and not to existing namespaces for use in this identifier field, and not to
skipping to change at page 48, line 25 skipping to change at page 48, line 25
based on work done by James Polk, John Schnizlein and Marc Linsner. based on work done by James Polk, John Schnizlein and Marc Linsner.
The authorization policy format is based on the work done by Jon The authorization policy format is based on the work done by Jon
Peterson. Peterson.
The authors would like to thank Victor Lortz, Jose Puthenkulam, The authors would like to thank Victor Lortz, Jose Puthenkulam,
Bernrad Aboba, Jari Arkko, Parviz Yegani, Serge Manning, Kuntal Bernrad Aboba, Jari Arkko, Parviz Yegani, Serge Manning, Kuntal
Chowdury, Pasi Eronen, Blair Bullock and Eugene Chang for their Chowdury, Pasi Eronen, Blair Bullock and Eugene Chang for their
feedback to an initial version of this draft. We would like to thank feedback to an initial version of this draft. We would like to thank
Jari Arkko for his text contributions. Lionel Morand provided Jari Arkko for his text contributions. Lionel Morand provided
detailed feedback on numerous issues. His comments helped to improve detailed feedback on numerous issues. His comments helped to improve
the quality of this document. Jouni Korhonen and John Loughney the quality of this document. Jouni Korhonen, Victor Fajardo, Tolga
helped us with the Diameter RADIUS interoperability. Andreas Asveren and John Loughney helped us with the Diameter RADIUS
Pashalidis reviewed a later version document and provided a number of interoperability section. Andreas Pashalidis reviewed a later
comments. Bernard Aboba, Alan DeKok, Lionel Morand, Jouni Korhonen, version document and provided a number of comments. Bernard Aboba,
David Nelson and Emile van Bergen provided guidance on the Requested- Alan DeKok, Lionel Morand, Jouni Korhonen, David Nelson and Emile van
Location-Info Attribute and participated in the capability exchange Bergen provided guidance on the Requested-Location-Info Attribute and
discussions. Allison Mankin, Jouni Korhonen and Pasi Eronen provided participated in the capability exchange discussions. Allison Mankin,
text for the operator namespace identifier registry. Jouni Korhonen Jouni Korhonen and Pasi Eronen provided text for the operator
interacted with the GSMA to find a contact person for the TADIG namespace identifier registry. Jouni Korhonen interacted with the
operator namespace and Scott Bradner consulted the ITU-T to find a GSMA to find a contact person for the TADIG operator namespace and
contact person for the E212 and the ICC operator namespace. Scott Bradner consulted the ITU-T to find a contact person for the
E212 and the ICC operator namespace.
This document is based on the discussions within the IETF GEOPRIV This document is based on the discussions within the IETF GEOPRIV
working group. Therefore, the authors thank Henning Schulzrinne, working group. Therefore, the authors thank Henning Schulzrinne,
James Polk, John Morris, Allison Mankin, Randall Gellens, Andrew James Polk, John Morris, Allison Mankin, Randall Gellens, Andrew
Newton, Ted Hardie, Jon Peterson for their time to discuss a number Newton, Ted Hardie, Jon Peterson for their time to discuss a number
of issues with us. We thank Stephen Hayes for aligning this work of issues with us. We thank Stephen Hayes for aligning this work
with 3GPP activities. with 3GPP activities.
The RADEXT working group chairs, David Nelson and Bernard Aboba, The RADEXT working group chairs, David Nelson and Bernard Aboba,
provided several draft reviews and we would like to thank them for provided several draft reviews and we would like to thank them for
skipping to change at page 51, line 20 skipping to change at page 51, line 20
draft-ietf-geopriv-policy-13 (work in progress), draft-ietf-geopriv-policy-13 (work in progress),
October 2007. October 2007.
[I-D.ietf-radext-rfc3576bis] [I-D.ietf-radext-rfc3576bis]
Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B. Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B.
Aboba, "Dynamic Authorization Extensions to Remote Aboba, "Dynamic Authorization Extensions to Remote
Authentication Dial In User Service (RADIUS)", Authentication Dial In User Service (RADIUS)",
draft-ietf-radext-rfc3576bis-13 (work in progress), draft-ietf-radext-rfc3576bis-13 (work in progress),
October 2007. October 2007.
[I-D.ietf-simple-xcap]
Rosenberg, J., "The Extensible Markup Language (XML)
Configuration Access Protocol (XCAP)",
draft-ietf-simple-xcap-12 (work in progress),
October 2006.
[I-D.ietf-sip-location-conveyance]
Polk, J. and B. Rosen, "Location Conveyance for the
Session Initiation Protocol",
draft-ietf-sip-location-conveyance-09 (work in progress),
November 2007.
[I-D.josefsson-pppext-eap-tls-eap] [I-D.josefsson-pppext-eap-tls-eap]
Josefsson, S., Palekar, A., Simon, D., and G. Zorn, Josefsson, S., Palekar, A., Simon, D., and G. Zorn,
"Protected EAP Protocol (PEAP) Version 2", "Protected EAP Protocol (PEAP) Version 2",
draft-josefsson-pppext-eap-tls-eap-10 (work in progress), draft-josefsson-pppext-eap-tls-eap-10 (work in progress),
October 2004. October 2004.
[I-D.tschofenig-eap-ikev2] [I-D.tschofenig-eap-ikev2]
Tschofenig, H., Kroeselberg, D., Pashalidis, A., Ohba, Y., Tschofenig, H., Kroeselberg, D., Pashalidis, A., Ohba, Y.,
and F. Bersani, "EAP-IKEv2 Method", and F. Bersani, "EAP-IKEv2 Method",
draft-tschofenig-eap-ikev2-15 (work in progress), draft-tschofenig-eap-ikev2-15 (work in progress),
skipping to change at page 52, line 19 skipping to change at page 52, line 7
[RFC1994] Simpson, W., "PPP Challenge Handshake Authentication [RFC1994] Simpson, W., "PPP Challenge Handshake Authentication
Protocol (CHAP)", RFC 1994, August 1996. Protocol (CHAP)", RFC 1994, August 1996.
[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000. [RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC3041] Narten, T. and R. Draves, "Privacy Extensions for [RFC3041] Narten, T. and R. Draves, "Privacy Extensions for
Stateless Address Autoconfiguration in IPv6", RFC 3041, Stateless Address Autoconfiguration in IPv6", RFC 3041,
January 2001. January 2001.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3579] Aboba, B. and P. Calhoun, "RADIUS (Remote Authentication [RFC3579] Aboba, B. and P. Calhoun, "RADIUS (Remote Authentication
Dial In User Service) Support For Extensible Dial In User Service) Support For Extensible
Authentication Protocol (EAP)", RFC 3579, September 2003. Authentication Protocol (EAP)", RFC 3579, September 2003.
[RFC3693] Cuellar, J., Morris, J., Mulligan, D., Peterson, D., and [RFC3693] Cuellar, J., Morris, J., Mulligan, D., Peterson, D., and
D. Polk, "Geopriv Requirements", RFC 3693, February 2004. D. Polk, "Geopriv Requirements", RFC 3693, February 2004.
[RFC3694] Danley, M., "Threat Analysis of the Geopriv Protocol",
RFC 3694, September 2003.
[RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton, [RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton,
"Diameter Network Access Server Application", RFC 4005, "Diameter Network Access Server Application", RFC 4005,
August 2005. August 2005.
[RFC4017] Stanley, D., Walker, J., and B. Aboba, "Extensible [RFC4017] Stanley, D., Walker, J., and B. Aboba, "Extensible
Authentication Protocol (EAP) Method Requirements for Authentication Protocol (EAP) Method Requirements for
Wireless LANs", RFC 4017, March 2005. Wireless LANs", RFC 4017, March 2005.
[RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible [RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible
Authentication Protocol (EAP) Application", RFC 4072, Authentication Protocol (EAP) Application", RFC 4072,
skipping to change at page 53, line 19 skipping to change at page 52, line 47
RFC 4306, December 2005. RFC 4306, December 2005.
[RFC4372] Adrangi, F., Lior, A., Korhonen, J., and J. Loughney, [RFC4372] Adrangi, F., Lior, A., Korhonen, J., and J. Loughney,
"Chargeable User Identity", RFC 4372, January 2006. "Chargeable User Identity", RFC 4372, January 2006.
[RFC4745] Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J., [RFC4745] Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J.,
Polk, J., and J. Rosenberg, "Common Policy: A Document Polk, J., and J. Rosenberg, "Common Policy: A Document
Format for Expressing Privacy Preferences", RFC 4745, Format for Expressing Privacy Preferences", RFC 4745,
February 2007. February 2007.
[RFC4825] Rosenberg, J., "The Extensible Markup Language (XML)
Configuration Access Protocol (XCAP)", RFC 4825, May 2007.
[Unicode] "The Unicode Standard -- Worldwide Character Encoding -- [Unicode] "The Unicode Standard -- Worldwide Character Encoding --
Version 1.0, Addison- Wesley, Volume 1, 1991, Volume 2", Version 1.0, Addison- Wesley, Volume 1, 1991, Volume 2",
, 1992. , 1992.
Appendix A. Matching with Geopriv Requirements Appendix A. Matching with Geopriv Requirements
This section compares the requirements for a GEOPRIV Using Protocol, This section compares the requirements for a GEOPRIV Using Protocol,
described in [RFC3693], against the approach of distributing Location described in [RFC3693], against the approach of distributing Location
Objects with RADIUS. Objects with RADIUS.
skipping to change at page 63, line 7 skipping to change at page 63, line 7
Bernard Aboba Bernard Aboba
Microsoft Corporation Microsoft Corporation
One Microsoft Way One Microsoft Way
Redmond, WA 98052 Redmond, WA 98052
US US
Email: bernarda@microsoft.com Email: bernarda@microsoft.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
 End of changes. 13 change blocks. 
43 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/