draft-ietf-geopriv-radius-lo-21.txt   draft-ietf-geopriv-radius-lo-22.txt 
GEOPRIV H. Tschofenig, Ed. GEOPRIV H. Tschofenig, Ed.
Internet-Draft Nokia Siemens Networks Internet-Draft Nokia Siemens Networks
Intended status: Standards Track F. Adrangi Intended status: Standards Track F. Adrangi
Expires: August 13, 2009 Intel Expires: August 19, 2009 Intel
M. Jones M. Jones
A. Lior A. Lior
Bridgewater Bridgewater
B. Aboba B. Aboba
Microsoft Corporation Microsoft Corporation
February 9, 2009 February 15, 2009
Carrying Location Objects in RADIUS and Diameter Carrying Location Objects in RADIUS and Diameter
draft-ietf-geopriv-radius-lo-21.txt draft-ietf-geopriv-radius-lo-22.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 38 skipping to change at page 1, line 38
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 13, 2009. This Internet-Draft will expire on August 19, 2009.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 17 skipping to change at page 4, line 17
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
3. Delivery Methods for Location Information . . . . . . . . . . 7 3. Delivery Methods for Location Information . . . . . . . . . . 7
3.1. Location Delivery based on Out-of-Band Agreements . . . . 7 3.1. Location Delivery based on Out-of-Band Agreements . . . . 7
3.2. Location Delivery based on Initial Request . . . . . . . . 8 3.2. Location Delivery based on Initial Request . . . . . . . . 8
3.3. Location Delivery based on Mid-Session Request . . . . . . 9 3.3. Location Delivery based on Mid-Session Request . . . . . . 9
3.4. Location Delivery in Accounting Messages . . . . . . . . . 13 3.4. Location Delivery in Accounting Messages . . . . . . . . . 13
4. Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 15 4. Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1. Operator-Name Attribute . . . . . . . . . . . . . . . . . 15 4.1. Operator-Name Attribute . . . . . . . . . . . . . . . . . 15
4.2. Location-Information Attribute . . . . . . . . . . . . . . 18 4.2. Location-Information Attribute . . . . . . . . . . . . . . 18
4.3. Location-Data Attribute . . . . . . . . . . . . . . . . . 20 4.3. Location-Data Attribute . . . . . . . . . . . . . . . . . 21
4.3.1. Civic Location Profile . . . . . . . . . . . . . . . . 21 4.3.1. Civic Location Profile . . . . . . . . . . . . . . . . 22
4.3.2. Geospatial Location Profile . . . . . . . . . . . . . 22 4.3.2. Geospatial Location Profile . . . . . . . . . . . . . 23
4.4. Basic-Location-Policy-Rules Attribute . . . . . . . . . . 22 4.4. Basic-Location-Policy-Rules Attribute . . . . . . . . . . 23
4.5. Extended-Location-Policy-Rules Attribute . . . . . . . . . 24 4.5. Extended-Location-Policy-Rules Attribute . . . . . . . . . 25
4.6. Location-Capable Attribute . . . . . . . . . . . . . . . . 26 4.6. Location-Capable Attribute . . . . . . . . . . . . . . . . 27
4.7. Requested-Location-Info Attribute . . . . . . . . . . . . 29 4.7. Requested-Location-Info Attribute . . . . . . . . . . . . 30
5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 35 5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 36
6. Diameter RADIUS Interoperability . . . . . . . . . . . . . . . 37 6. Diameter RADIUS Interoperability . . . . . . . . . . . . . . . 38
7. Security Considerations . . . . . . . . . . . . . . . . . . . 39 7. Security Considerations . . . . . . . . . . . . . . . . . . . 40
7.1. Communication Security . . . . . . . . . . . . . . . . . . 39 7.1. Communication Security . . . . . . . . . . . . . . . . . . 40
7.2. Privacy Considerations . . . . . . . . . . . . . . . . . . 40 7.2. Privacy Considerations . . . . . . . . . . . . . . . . . . 41
7.2.1. RADIUS Client . . . . . . . . . . . . . . . . . . . . 41 7.2.1. RADIUS Client . . . . . . . . . . . . . . . . . . . . 42
7.2.2. RADIUS Server . . . . . . . . . . . . . . . . . . . . 41 7.2.2. RADIUS Server . . . . . . . . . . . . . . . . . . . . 42
7.2.3. RADIUS Proxy . . . . . . . . . . . . . . . . . . . . . 42 7.2.3. RADIUS Proxy . . . . . . . . . . . . . . . . . . . . . 43
7.3. Identity Information and Location Information . . . . . . 42 7.3. Identity Information and Location Information . . . . . . 43
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 44 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45
8.1. New Registry: Operator Namespace Identifier . . . . . . . 44 8.1. New Registry: Operator Namespace Identifier . . . . . . . 45
8.2. New Registry: Location Profiles . . . . . . . . . . . . . 45 8.2. New Registry: Location Profiles . . . . . . . . . . . . . 46
8.3. New Registry: Location-Capable Attribute . . . . . . . . . 46 8.3. New Registry: Location-Capable Attribute . . . . . . . . . 47
8.4. New Registry: Entity Types . . . . . . . . . . . . . . . . 47 8.4. New Registry: Entity Types . . . . . . . . . . . . . . . . 48
8.5. New Registry: Privacy Flags . . . . . . . . . . . . . . . 47 8.5. New Registry: Privacy Flags . . . . . . . . . . . . . . . 48
8.6. New Registry: Requested-Location-Info Attribute . . . . . 47 8.6. New Registry: Requested-Location-Info Attribute . . . . . 48
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 49 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 50
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 50 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 51
10.1. Normative References . . . . . . . . . . . . . . . . . . . 50 10.1. Normative References . . . . . . . . . . . . . . . . . . . 51
10.2. Informative References . . . . . . . . . . . . . . . . . . 50 10.2. Informative References . . . . . . . . . . . . . . . . . . 51
Appendix A. Matching with Geopriv Requirements . . . . . . . . . 53 Appendix A. Matching with Geopriv Requirements . . . . . . . . . 54
A.1. Distribution of Location Information at the User's A.1. Distribution of Location Information at the User's
Home Network . . . . . . . . . . . . . . . . . . . . . . . 53 Home Network . . . . . . . . . . . . . . . . . . . . . . . 54
A.2. Distribution of Location Information at the Visited A.2. Distribution of Location Information at the Visited
Network . . . . . . . . . . . . . . . . . . . . . . . . . 54 Network . . . . . . . . . . . . . . . . . . . . . . . . . 55
A.3. Requirements matching . . . . . . . . . . . . . . . . . . 55 A.3. Requirements matching . . . . . . . . . . . . . . . . . . 56
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 61 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 62
1. Introduction 1. Introduction
This document defines attributes within RADIUS and Diameter that can This document defines attributes within RADIUS and Diameter that can
be used to convey location-related information within authentication be used to convey location-related information within authentication
and accounting exchanges. and accounting exchanges.
Location information may be useful in a number of scenarios. Location information may be useful in a number of scenarios.
Wireless networks (including wireless LAN) are being deployed in Wireless networks (including wireless LAN) are being deployed in
public places such as airports, hotels, shopping malls, and coffee public places such as airports, hotels, shopping malls, and coffee
skipping to change at page 19, line 9 skipping to change at page 19, line 45
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time-to-Live ... | Time-to-Live ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time-to-Live | | Time-to-Live |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Method ... | Method ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Index (16 bits): Index (16 bits):
The 16-bit unsigned integer value allows this attribute The 16-bit unsigned integer value allows this attribute to provide
to provide information relating to the information included information relating to the information included in the Location-
in the Location-Data Attribute to which it refers (via the Index). Data Attribute to which it refers (via the Index).
Code: (8 bits): Code (8 bits):
Describes the location profile that is carried in this attribute This field indicates the content of the location profile carried
as an unsigned 8-bit integer value. in the Location-Data Attribute. Two profiles are defined in this
document, namely one civic location profile (see Section 4.3.1)
that uses value (0) and a geospatial location profile (see
Section 4.3.2) that uses the value (1).
Entity (8 bits): Entity (8 bits):
This field encodes which location this attribute refers to as an This field encodes which location this attribute refers to as an
unsigned 8-bit integer value. unsigned 8-bit integer value. Location information can refer to
different entities. This document registers two entity values,
Sighting Time (64 bits): namely:
NTP timestamp for the 'sighting time' field.
Time-to-Live (64 bits):
NTP timestamp for the 'time-to-live' field.
Method (variable): Value (0) describes the location of the user's client device
Describes the way that the location information was Value (1) describes the location of the RADIUS client
determined. This field MUST contain the value of
exactly one IANA-registered 'method' token [RFC4119].
The following fields need more explanation: The registry used for these values is established by this
document, see Section 8.4.
sighting time: Sighting Time (64 bits)
This field indicates when the Location Information was accurate. This field indicates when the Location Information was accurate.
The data type of this field is a string and and the content is The data type of this field is a string and and the content is
expressed in the 64 bit Network Time Protocol (NTP) timestamp expressed in the 64 bit Network Time Protocol (NTP) timestamp
format [RFC1305]. format [RFC1305].
time-to-live: Time-to-Live (64 bits):
This field gives a hint until when location information should be This field gives a hint until when location information should be
considered current. The data type of this field is a string and considered current. The data type of this field is a string and
the content is expressed in the 64 bit Network Time Protocol (NTP) the content is expressed in the 64 bit Network Time Protocol (NTP)
timestamp format [RFC1305]. Note that the time-to-live field is timestamp format [RFC1305]. Note that the time-to-live field is
different than Retention Expires field used in the Basic-Location- different than Retention Expires field used in the Basic-Location-
Policy-Rules Attribute, see Section 4.4. Retention expires Policy-Rules Attribute, see Section 4.4. Retention expires
indicates the time the recipient is no longer permitted to possess indicates the time the recipient is no longer permitted to possess
the location information. the location information.
Entity: Method (variable):
Location information can refer to different entities. This
document registers two entity values, namely:
Value (0) describes the location of the user's client device
Value (1) describes the location of the RADIUS client
The registry used for these values is established by this
document, see Section 8.4.
Code:
This field indicates the content of the location profile carried Describes the way that the location information was determined.
in the Location-Data Attribute. Two profiles are defined in this This field MUST contain the value of exactly one IANA-registered
document, namely one civic location profile (see Section 4.3.1) 'method' token [RFC4119].
that uses value (0) and a geospatial location profile (see
Section 4.3.2) that uses the value (1).
The length of the Location-Information Attribute MUST NOT exceed 253 The length of the Location-Information Attribute MUST NOT exceed 253
octets. octets.
4.3. Location-Data Attribute 4.3. Location-Data Attribute
The Location-Data Attribute MAY be sent in Access-Request and in The Location-Data Attribute MAY be sent in Access-Request and in
Accounting-Request messages. For the Accounting-Request message the Accounting-Request messages. For the Accounting-Request message the
Acc-Status-Type may be set to Start, Interim or Stop. Acc-Status-Type may be set to Start, Interim or Stop.
skipping to change at page 23, line 33 skipping to change at page 24, line 39
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flags | Retention Expires ... | Flags | Retention Expires ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retention Expires ... | Retention Expires ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retention Expires | Note Well ... | Retention Expires | Note Well ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Note Well ... | Note Well ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This document reuses fields of the RFC 4119 [RFC4119] 'usage-rules'
element. These fields have the following meaning:
Flag (16 bits): Flag (16 bits):
Only the first bit (R) is defined and corresponds to the The Flag' field is a bit mask and only the first bit (R) is
retransmission-allowed field. All other bits are reserved defined in this document and corresponds to the retransmission-
and MUST be zero. allowed field:
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R|o o o o o o o o o o o o o o o| |R|o o o o o o o o o o o o o o o|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The symbol 'o' refers to reserved flags. R = retransmission-allowed
o = reserved.
Retention Expires (64 bits):
NTP timestamp for the 'retention-expires' field.
Note Well (variable):
This field contains a URI that points to human readable
privacy instructions. The data type of this field is string.
This document reuses fields of the RFC 4119 [RFC4119] 'usage-rules'
element. These fields have the following meaning:
retransmission-allowed:
When the value of this field is to zero (0), then the recipient of All reserved bits MUST be zero. When the value of this field the
this Location Object is not permitted to share the enclosed retransmission-allowed field is set to zero (0), then the
location information, or the object as a whole, with other recipient of this Location Object is not permitted to share the
parties. The value of '1' allows to share the location enclosed location information, or the object as a whole, with
other parties. The value of '1' allows to share the location
information with other parties by considering the extended policy information with other parties by considering the extended policy
rules. rules.
retention-expires: Retention Expires (64 bits):
This field specifies an absolute date at which time the Recipient This field specifies an absolute date at which time the Recipient
is no longer permitted to possess the location information. The is no longer permitted to possess the location information. The
data type of this field is a string and the format is a 64 bit NTP data type of this field is a string and the format is a 64 bit NTP
timestamp [RFC1305]. timestamp [RFC1305].
note-well: Note Well (variable):
This field contains a URI that points to human readable privacy This field contains a URI that points to human readable privacy
instructions. This field is useful when location information is instructions. The data type of this field is string. This field
distributed to third party entities, which can include humans in a is useful when location information is distributed to third party
location based service. RADIUS entities are not supposed to entities, which can include humans in a location based service.
process this field. RADIUS entities are not supposed to process this field.
Whenever a Location Object leaves the RADIUS eco-system the URI in Whenever a Location Object leaves the RADIUS eco-system the URI in
the note-well attribute MUST be expanded to the human readable the note-well attribute MUST be expanded to the human readable
text. For example, when the Location Object is transferred to a text. For example, when the Location Object is transferred to a
SIP based environment then the human readable text is placed into SIP based environment then the human readable text is placed into
the 'note-well' element of the 'usage-rules' element contained in the 'note-well' element of the 'usage-rules' element contained in
the PIDF-LO document (see [RFC4119]). the PIDF-LO document (see [RFC4119]).
4.5. Extended-Location-Policy-Rules Attribute 4.5. Extended-Location-Policy-Rules Attribute
skipping to change at page 51, line 4 skipping to change at page 52, line 4
http://www.opengis.org/techno/implementation.htm", , http://www.opengis.org/techno/implementation.htm", ,
January 2003. January 2003.
[GSM] "TADIG Naming Conventions, Version 4.1", GSM Association [GSM] "TADIG Naming Conventions, Version 4.1", GSM Association
Official Document TD.13", , June 2006. Official Document TD.13", , June 2006.
[I-D.ietf-geopriv-policy] [I-D.ietf-geopriv-policy]
Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J., Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J.,
and J. Polk, "Geolocation Policy: A Document Format for and J. Polk, "Geolocation Policy: A Document Format for
Expressing Privacy Preferences for Location Information", Expressing Privacy Preferences for Location Information",
draft-ietf-geopriv-policy-19 (work in progress), draft-ietf-geopriv-policy-20 (work in progress),
January 2009. February 2009.
[I-D.josefsson-pppext-eap-tls-eap] [I-D.josefsson-pppext-eap-tls-eap]
Josefsson, S., Palekar, A., Simon, D., and G. Zorn, Josefsson, S., Palekar, A., Simon, D., and G. Zorn,
"Protected EAP Protocol (PEAP) Version 2", "Protected EAP Protocol (PEAP) Version 2",
draft-josefsson-pppext-eap-tls-eap-10 (work in progress), draft-josefsson-pppext-eap-tls-eap-10 (work in progress),
October 2004. October 2004.
[ISO] "Codes for the representation of names of countries and [ISO] "Codes for the representation of names of countries and
their subdivisions - Part 1: Country codes, ISO 3166-1", their subdivisions - Part 1: Country codes, ISO 3166-1",
, 1997. , 1997.
 End of changes. 26 change blocks. 
106 lines changed or deleted 79 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/