Re: [Geopriv] Re: [Sip] teasing apart: http as a GEOPRIV using protocol

From: Henning Schulzrinne ^lt;hgs@cs.columbia.edu>
Date: Thu Jul 27 2006 - 13:46:55 EDT

With hindsight, I think the term 'using protocol' has been the source of
  more word-lawyering than engineering insight. I personally find the
distinctions

   - first person vs. third person (i.e., find out location about myself
vs. find out location about some third party)

   - location vs. location + identity

   - token-based authorization vs. identity-based authorization

more helpful.

Token-based authorization hands the recipient a key that allows him to
get a location object, without caring as to who is retrieving the
object. ("Anybody seeing this SIP request can convert the token into an
LO.") Identity-based naturally uses some authenticated identity to
release that information. Strictly speaking, this is only a question of
a level of indirection, since proving identity usually involves proving
possession of a secret.

We've been trying to get at some of these distinctions with the sighting
vs. using protocol terminology, but that distinction also seems to
degenerate into discussions more suited for a law school or theology
department than an engineering organization.

For example, by strict definition, LoST would be a 'Using Protocol'
since it "carries a Location Object", but I hope we all agree that this
is silly. We had earlier agreed that the location-by-DHCP also were not
Using Protocol, even though they obviously carry a location object of
some form.

Privacy issues apply iff
   - third person
   - location + identity (not just location)

The L7 discussion was about 'first person' and 'location only' (although
the latter is subject to debate, depending on whether one considers an
IP address of identifying an individual or not).

Depending on the circumstances, SIP-based retrieval can either involve
privacy concerns (subscribe to alice@example.com) or not (subscribe to
location of one-time random unlinkable identifier
jdfa8f9348@example.com). There can also be different privacy concerns
depending on the perspective. For example, if a SIP request contains
both an identity and the location retrieval reference, this raises
privacy concerns for the proxy, but the LIS may not have any such
concerns since it may only be the repository of these randomly-named
objects, without tie to an identity.

Henning

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Thu, 27 Jul 2006 13:46:55 -0400

This archive was generated by hypermail 2.1.8 : Thu Jul 27 2006 - 13:47:23 EDT