HTTP Enabled Location Delivery (HELD) draft-winterbottom-http-location-delivery-01 J. Winterbottom, M. Thomson, M. Dawson IETF-63 19/09/2018

Rationale Location information (LI) belongs to a specific IP device (Target) LI is an access network service A LS servicing an access network is able to determine LI for an IP device Serve location information: directly to the Target to location recipients using a location URI The point to note here is the clear delineation of responsibility – an access provider is responsible for providing location information. A device may assist in that, but the access provider is ultimately answerable. The access provider is in a unique position to be able to determine location information. Location URI IETF-63 19/09/2018

Application layer protocol Preserve PIDF-LO format Extensions do not affect the HELD payload Traverses routers and NAT Reliant only on the presence of IP Common location request protocol Type of access network has no effect Application layer security TLS with encryption and authentication TLS satisfies Req. 4 (transmission security), 5 (key establishment), 13 (authentication – in combination with OCSP) and 14 (auth, integrity, confidentiality, replay protection – although this statement applies to the LO directly). Location URI IETF-63 19/09/2018

Privacy LI is associated with a device, not a user Unlinked pseudonyms for the device LI can be granted without identity information Target provides a ruleset for LR requests to the LS Based on common policy – flexible The target may also specify what rules are included in served PIDF-LO documents We can’t determine where a person is based on the location of an antenna or device that they own. Also, think about the model used for location within current phone networks – the phone number is used as the identifier, not the name of the owner of the phone. The rules are associated with a device session and are not revealed to the LR. The identity of the rule creator isn’t necessarily revealed, even to the LS. Point 1.1 – unlinked pseudonyms satisfy Req. 12 Point 2 – Req. 7 Point 2.2 – the target specifies two sets of rules: the viewer rules (part of the PIDF-LO template – the subset of rules specified in Req. 9 of RFC 3693) and the LG/LS rules (the full ruleset). Location URI IETF-63 19/09/2018

Basic request HTTP GET to retrieve LI HTTP POST with parameters PIDF-LO – provide own location Ruleset – by-value or by-reference Specify the type of location or request location by-reference Set a limit on response time Location URI IETF-63 19/09/2018

Location update Target publishes location update URI A target may use GNSS in a similar fashion. Target publishes location update URI LS serves a request from LR LS contacts target through update URI, which initiates positioning in cellular network to determine LI Location URI IETF-63 19/09/2018

“On Behalf Of” An entity that requests as if it were the target device Acknowledgement that not all devices are able to determine or request LI Enables delivery of services based on location for all devices Emergency calls Trust arrangement is either mandated by regulations, or as part of a contract OBO will be for special cases only. Location URI IETF-63 19/09/2018

Discussion