GEOPRIV%20Policy%20draft-ietf-geopriv-policy%20draft-ietf-geopriv-common-policy

1
GEOPRIV Policydraft-ietf-geopriv-policydraft-iet
f-geopriv-common-policy

• Henning Schulzrinne
• Columbia University
• with J. Morris, H. Tschofenig, J. Cuellar, J.
  Polk, J. Rosenberg

2
Issues

• Commonality should privacy rules be part of
  PIDF, not just PIDF-LO?
• Editorial mostly resolved in author meeting
  yesterday

3
Policy relationships
common policy
geopriv-specific
presence-specific
future
RPID
CIPID
4
Basic structure of rules

• Conditions
• identity, sphere, validity
• identity as lturigt or ltdomaingt ltexceptgt
• Actions
• Transformations

5
Exceptions for identity matching

• Very restricted set of exceptions, but better
  viewed as more capable matching
• Match domain and then check if user matches
  exceptions
• Can be translated into row matching conditions
  (DU1,U2,)
• domain D user NOT IN (U1,U2,)
• Does not interfere with additive nature or
  order-independence
• Will modify to only allow user, not user_at_domain
  to avoid nonsensical all in example.com except
  joe_at_bar.com

6
Combining rules

• Rule matches if all conditions match
• Combine matching rules only
• additive permissions
• order immaterial
• Any field can be Undef (NULL)
• name, type (integer, bool and enum set ),
  value
• TRUE has a lower privacy protection
• larger integer lower privacy
• set union lower privacy

7
Combining rules

• Boolean TRUE iff any row TRUE
• Integer max(rows)
• Set union

8
Open issues

• Additional data types needed?
• URI in common is really a user identifier
• depends on using protocol and authentication
  mechanism
• in SIP, could be From, PAI or authentication user
  name

?
9
Geo conditions

• Civil location match
• any set of civil coordinates
• currently, can express if Im on Main Street
  anywhere
• useful mostly if user doesnt know full hierarchy
• Geo location match
• current location fully contained within spherical
  trapezoid of longitude/latitude values
• should specify ordering, ltnorthgt, ltsouthgt,
  lteastgt, ltwestgt

?
10
Geo transformations

• Set distribute flag
• Set retention time
• Keep rule (should this be generic, not just
  geopriv?)
• Provide civil location
• none, country, region, city, building, full
• Provide geospatial location
• resolution in bits
• will add datum qualifier
• Provide timezone

?
11
Example
ltcprule id"AA56i09"gt ltcpconditionsgt ltcpvalidit
ygt ltcpfromgt2003-10-01T1700000100lt/cpfromgt
ltcptogt2004-10-01T0000000100lt/cptogt lt/cpva
liditygt ltgpcivil-loc-conditiongt
ltcountrygtDElt/countrygt ltA1gtBavarialt/A1gt
ltA3gtMunichlt/A3gt ltA4gtPerlachlt/A4gt
lt/gpcivil-loc-conditiongt lt/cpconditionsgt ltcpact
ionsgt ltcpconfirmationgtfalselt/cpconfirmationgt lt
/cpactionsgt ltcptransformationsgt
ltgpcivil-loc-transformationgtfulllt/gpcivil-loc-tr
ansformationgt ltgpset-distributiongtfalselt/gpset
-distributiongt ltgpkeep-rulesgttruelt/gpkeep-rule
sgt lt/cptransformationsgt lt/cprulegt
12
Conclusion

• Will produce new documents with editorial changes
• Using protocol document needed to flesh out ltidgt
  (was lturigt) element
• Believed to be ready for WGLC