draft-ietf-geopriv-radius-lo-22.txt   draft-ietf-geopriv-radius-lo-23.txt 
GEOPRIV H. Tschofenig, Ed. GEOPRIV H. Tschofenig, Ed.
Internet-Draft Nokia Siemens Networks Internet-Draft Nokia Siemens Networks
Intended status: Standards Track F. Adrangi Intended status: Standards Track F. Adrangi
Expires: August 19, 2009 Intel Expires: September 10, 2009 Intel
M. Jones M. Jones
A. Lior A. Lior
Bridgewater Bridgewater
B. Aboba B. Aboba
Microsoft Corporation Microsoft Corporation
February 15, 2009 March 9, 2009
Carrying Location Objects in RADIUS and Diameter Carrying Location Objects in RADIUS and Diameter
draft-ietf-geopriv-radius-lo-22.txt draft-ietf-geopriv-radius-lo-23.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 38 skipping to change at page 1, line 38
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 19, 2009. This Internet-Draft will expire on September 10, 2009.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents in effect on the date of
(http://trustee.ietf.org/license-info) in effect on the date of publication of this document (http://trustee.ietf.org/license-info).
publication of this document. Please review these documents Please review these documents carefully, as they describe your rights
carefully, as they describe your rights and restrictions with respect and restrictions with respect to this document.
to this document.
Abstract Abstract
This document describes procedures for conveying access network This document describes procedures for conveying access network
ownership and location information based on a civic and geospatial ownership and location information based on a civic and geospatial
location format in Remote Authentication Dial In User Service location format in Remote Authentication Dial In User Service
(RADIUS) and Diameter. (RADIUS) and Diameter.
The distribution of location information is a privacy sensitive task. The distribution of location information is a privacy sensitive task.
Dealing with mechanisms to preserve the user's privacy is important Dealing with mechanisms to preserve the user's privacy is important
and addressed in this document. and addressed in this document.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Delivery Methods for Location Information . . . . . . . . . . 7 3. Delivery Methods for Location Information . . . . . . . . . . 6
3.1. Location Delivery based on Out-of-Band Agreements . . . . 7 3.1. Location Delivery based on Out-of-Band Agreements . . . . 6
3.2. Location Delivery based on Initial Request . . . . . . . . 8 3.2. Location Delivery based on Initial Request . . . . . . . . 7
3.3. Location Delivery based on Mid-Session Request . . . . . . 9 3.3. Location Delivery based on Mid-Session Request . . . . . . 8
3.4. Location Delivery in Accounting Messages . . . . . . . . . 13 3.4. Location Delivery in Accounting Messages . . . . . . . . . 12
4. Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 15 4. Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 14
4.1. Operator-Name Attribute . . . . . . . . . . . . . . . . . 15 4.1. Operator-Name Attribute . . . . . . . . . . . . . . . . . 14
4.2. Location-Information Attribute . . . . . . . . . . . . . . 18 4.2. Location-Information Attribute . . . . . . . . . . . . . . 17
4.3. Location-Data Attribute . . . . . . . . . . . . . . . . . 21 4.3. Location-Data Attribute . . . . . . . . . . . . . . . . . 20
4.3.1. Civic Location Profile . . . . . . . . . . . . . . . . 22 4.3.1. Civic Location Profile . . . . . . . . . . . . . . . . 21
4.3.2. Geospatial Location Profile . . . . . . . . . . . . . 23 4.3.2. Geospatial Location Profile . . . . . . . . . . . . . 22
4.4. Basic-Location-Policy-Rules Attribute . . . . . . . . . . 23 4.4. Basic-Location-Policy-Rules Attribute . . . . . . . . . . 22
4.5. Extended-Location-Policy-Rules Attribute . . . . . . . . . 25 4.5. Extended-Location-Policy-Rules Attribute . . . . . . . . . 24
4.6. Location-Capable Attribute . . . . . . . . . . . . . . . . 27 4.6. Location-Capable Attribute . . . . . . . . . . . . . . . . 26
4.7. Requested-Location-Info Attribute . . . . . . . . . . . . 30 4.7. Requested-Location-Info Attribute . . . . . . . . . . . . 29
5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 36 5. Table of Attributes . . . . . . . . . . . . . . . . . . . . . 35
6. Diameter RADIUS Interoperability . . . . . . . . . . . . . . . 38 6. Diameter RADIUS Interoperability . . . . . . . . . . . . . . . 37
7. Security Considerations . . . . . . . . . . . . . . . . . . . 40 7. Security Considerations . . . . . . . . . . . . . . . . . . . 39
7.1. Communication Security . . . . . . . . . . . . . . . . . . 40 7.1. Communication Security . . . . . . . . . . . . . . . . . . 39
7.2. Privacy Considerations . . . . . . . . . . . . . . . . . . 41 7.2. Privacy Considerations . . . . . . . . . . . . . . . . . . 40
7.2.1. RADIUS Client . . . . . . . . . . . . . . . . . . . . 42 7.2.1. RADIUS Client . . . . . . . . . . . . . . . . . . . . 41
7.2.2. RADIUS Server . . . . . . . . . . . . . . . . . . . . 42 7.2.2. RADIUS Server . . . . . . . . . . . . . . . . . . . . 41
7.2.3. RADIUS Proxy . . . . . . . . . . . . . . . . . . . . . 43 7.2.3. RADIUS Proxy . . . . . . . . . . . . . . . . . . . . . 42
7.3. Identity Information and Location Information . . . . . . 43 7.3. Identity Information and Location Information . . . . . . 42
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 44
8.1. New Registry: Operator Namespace Identifier . . . . . . . 45 8.1. New Registry: Operator Namespace Identifier . . . . . . . 44
8.2. New Registry: Location Profiles . . . . . . . . . . . . . 46 8.2. New Registry: Location Profiles . . . . . . . . . . . . . 45
8.3. New Registry: Location-Capable Attribute . . . . . . . . . 47 8.3. New Registry: Location-Capable Attribute . . . . . . . . . 46
8.4. New Registry: Entity Types . . . . . . . . . . . . . . . . 48 8.4. New Registry: Entity Types . . . . . . . . . . . . . . . . 47
8.5. New Registry: Privacy Flags . . . . . . . . . . . . . . . 48 8.5. New Registry: Privacy Flags . . . . . . . . . . . . . . . 47
8.6. New Registry: Requested-Location-Info Attribute . . . . . 48 8.6. New Registry: Requested-Location-Info Attribute . . . . . 47
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 50 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 49
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 51 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 50
10.1. Normative References . . . . . . . . . . . . . . . . . . . 51 10.1. Normative References . . . . . . . . . . . . . . . . . . . 50
10.2. Informative References . . . . . . . . . . . . . . . . . . 51 10.2. Informative References . . . . . . . . . . . . . . . . . . 50
Appendix A. Matching with Geopriv Requirements . . . . . . . . . 54 Appendix A. Matching with Geopriv Requirements . . . . . . . . . 53
A.1. Distribution of Location Information at the User's A.1. Distribution of Location Information at the User's
Home Network . . . . . . . . . . . . . . . . . . . . . . . 54 Home Network . . . . . . . . . . . . . . . . . . . . . . . 53
A.2. Distribution of Location Information at the Visited A.2. Distribution of Location Information at the Visited
Network . . . . . . . . . . . . . . . . . . . . . . . . . 55 Network . . . . . . . . . . . . . . . . . . . . . . . . . 54
A.3. Requirements matching . . . . . . . . . . . . . . . . . . 56 A.3. Requirements matching . . . . . . . . . . . . . . . . . . 55
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 62 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 61
1. Introduction 1. Introduction
This document defines attributes within RADIUS and Diameter that can This document defines attributes within RADIUS and Diameter that can
be used to convey location-related information within authentication be used to convey location-related information within authentication
and accounting exchanges. and accounting exchanges.
Location information may be useful in a number of scenarios. Location information may be useful in a number of scenarios.
Wireless networks (including wireless LAN) are being deployed in Wireless networks (including wireless LAN) are being deployed in
public places such as airports, hotels, shopping malls, and coffee public places such as airports, hotels, shopping malls, and coffee
skipping to change at page 46, line 24 skipping to change at page 45, line 24
| | | (tsbdir@itu.int) | | | | (tsbdir@itu.int) |
| 0x33 | ICC | ITU Director | | 0x33 | ICC | ITU Director |
| | | (tsbdir@itu.int) | | | | (tsbdir@itu.int) |
+----------+--------------------+------------------------------------+ +----------+--------------------+------------------------------------+
Note that the above identifier values represent the ASCII value '0' Note that the above identifier values represent the ASCII value '0'
(decimal 48 or hex 0x30), '1' (decimal 49, or hex 0x31), '2' (decimal (decimal 48 or hex 0x30), '1' (decimal 49, or hex 0x31), '2' (decimal
50, or hex 0x32) and '3' (decimal 51, or hex 0x33). This encoding 50, or hex 0x32) and '3' (decimal 51, or hex 0x33). This encoding
was chosen to simplify parsing. was chosen to simplify parsing.
Requests to IANA for a new value for a Namespace ID will be approved Requests to IANA for a new value for a Namespace ID, i.e., values
by Expert Review. A designated expert will be appointed by the IESG. from 0x34 to 0xFE, will be approved by Expert Review. A designated
expert will be appointed by the IESG.
The Expert Reviewer should ensure that a new entry is indeed required The Expert Reviewer should ensure that a new entry is indeed required
or could fit within an existing database, e.g., whether there is a or could fit within an existing database, e.g., whether there is a
real requirement to provide a token for an Namespace ID because one real requirement to provide a token for an Namespace ID because one
is already up and running, or whether the REALM identifier plus the is already up and running, or whether the REALM identifier plus the
name should recommended to the requester. In addition, the Expert name should recommended to the requester. In addition, the Expert
Reviewer should ascertain to some reasonable degree of diligence that Reviewer should ascertain to some reasonable degree of diligence that
a new entry is a correct reference to an Operator Namespace, when a a new entry is a correct reference to an Operator Namespace, when a
new one is registered. new one is registered.
skipping to change at page 51, line 39 skipping to change at page 50, line 39
Arkko, "Diameter Base Protocol", RFC 3588, September 2003. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[RFC3825] Polk, J., Schnizlein, J., and M. Linsner, "Dynamic Host [RFC3825] Polk, J., Schnizlein, J., and M. Linsner, "Dynamic Host
Configuration Protocol Option for Coordinate-based Configuration Protocol Option for Coordinate-based
Location Configuration Information", RFC 3825, July 2004. Location Configuration Information", RFC 3825, July 2004.
[RFC4776] Schulzrinne, H., "Dynamic Host Configuration Protocol [RFC4776] Schulzrinne, H., "Dynamic Host Configuration Protocol
(DHCPv4 and DHCPv6) Option for Civic Addresses (DHCPv4 and DHCPv6) Option for Civic Addresses
Configuration Information", RFC 4776, November 2006. Configuration Information", RFC 4776, November 2006.
[RFC5176] Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B.
Aboba, "Dynamic Authorization Extensions to Remote
Authentication Dial In User Service (RADIUS)", RFC 5176,
January 2008.
10.2. Informative References 10.2. Informative References
[GMLv3] "Open Geography Markup Language (GML) Implementation [GMLv3] "Open Geography Markup Language (GML) Implementation
Specification", OGC 02-023r4, Specification", OGC 02-023r4,
http://www.opengis.org/techno/implementation.htm", , http://www.opengis.org/techno/implementation.htm", ,
January 2003. January 2003.
[GSM] "TADIG Naming Conventions, Version 4.1", GSM Association [GSM] "TADIG Naming Conventions, Version 4.1", GSM Association
Official Document TD.13", , June 2006. Official Document TD.13", , June 2006.
skipping to change at page 53, line 36 skipping to change at page 52, line 40
February 2007. February 2007.
[RFC4825] Rosenberg, J., "The Extensible Markup Language (XML) [RFC4825] Rosenberg, J., "The Extensible Markup Language (XML)
Configuration Access Protocol (XCAP)", RFC 4825, May 2007. Configuration Access Protocol (XCAP)", RFC 4825, May 2007.
[RFC5106] Tschofenig, H., Kroeselberg, D., Pashalidis, A., Ohba, Y., [RFC5106] Tschofenig, H., Kroeselberg, D., Pashalidis, A., Ohba, Y.,
and F. Bersani, "The Extensible Authentication Protocol- and F. Bersani, "The Extensible Authentication Protocol-
Internet Key Exchange Protocol version 2 (EAP-IKEv2) Internet Key Exchange Protocol version 2 (EAP-IKEv2)
Method", RFC 5106, February 2008. Method", RFC 5106, February 2008.
[RFC5176] Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B.
Aboba, "Dynamic Authorization Extensions to Remote
Authentication Dial In User Service (RADIUS)", RFC 5176,
January 2008.
[RFC5281] Funk, P. and S. Blake-Wilson, "Extensible Authentication [RFC5281] Funk, P. and S. Blake-Wilson, "Extensible Authentication
Protocol Tunneled Transport Layer Security Authenticated Protocol Tunneled Transport Layer Security Authenticated
Protocol Version 0 (EAP-TTLSv0)", RFC 5281, August 2008. Protocol Version 0 (EAP-TTLSv0)", RFC 5281, August 2008.
Appendix A. Matching with Geopriv Requirements Appendix A. Matching with Geopriv Requirements
This section compares the requirements for a GEOPRIV Using Protocol, This section compares the requirements for a GEOPRIV Using Protocol,
described in [RFC3693], against the approach of distributing Location described in [RFC3693], against the approach of distributing Location
Objects with RADIUS. Objects with RADIUS.
 End of changes. 11 change blocks. 
58 lines changed or deleted 58 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/