Internet Engineering Task Force (IETF) R. Marshall, Ed.
Request for Comments: 5808 TCS
Category: Informational May 2010
ISSN: 2070-1721
Internet Engineering Task Force (IETF) R. Marshall, Ed.
Request for Comments: 5808 TCS
Category: Informational May 2010
ISSN: 2070-1721
Requirements for a Location-by-Reference Mechanism
参考定位机制的要求
Abstract
摘要
This document defines terminology and provides requirements relating to the Location-by-Reference approach using a location Uniform Resource Identifier (URI) to handle location information within signaling and other Internet messaging.
本文件定义了术语,并提供了与使用位置统一资源标识符(URI)处理信令和其他互联网消息传递中的位置信息的按参考位置方法相关的要求。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5808.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc5808.
Copyright Notice
版权公告
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2010 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
本文件可能包含2008年11月10日之前发布或公开的IETF文件或IETF贡献中的材料。控制某些材料版权的人员可能未授予IETF信托允许在IETF标准流程之外修改此类材料的权利。在未从控制此类材料版权的人员处获得充分许可的情况下,不得在IETF标准流程之外修改本文件,也不得在IETF标准流程之外创建其衍生作品,除了将其格式化以RFC形式发布或将其翻译成英语以外的其他语言。
Table of Contents
目录
1. Introduction ....................................................3
2. Terminology .....................................................5
3. Overview of Location-by-Reference ...............................6
3.1. Location URI Usage .........................................7
3.2. Location URI Expiration ....................................8
3.3. Location URI Authorization .................................8
3.4. Location URI Construction ..................................9
4. High-Level Requirements .........................................9
4.1. Requirements for a Location Configuration Protocol .........9
4.2. Requirements for a Location Dereference Protocol ..........11
5. Security Considerations ........................................12
6. Acknowledgements ...............................................13
7. References .....................................................13
7.1. Normative References ......................................13
7.2. Informative References ....................................13
1. Introduction ....................................................3
2. Terminology .....................................................5
3. Overview of Location-by-Reference ...............................6
3.1. Location URI Usage .........................................7
3.2. Location URI Expiration ....................................8
3.3. Location URI Authorization .................................8
3.4. Location URI Construction ..................................9
4. High-Level Requirements .........................................9
4.1. Requirements for a Location Configuration Protocol .........9
4.2. Requirements for a Location Dereference Protocol ..........11
5. Security Considerations ........................................12
6. Acknowledgements ...............................................13
7. References .....................................................13
7.1. Normative References ......................................13
7.2. Informative References ....................................13
All location-based services rely on ready access to location information. Location information can be used in either a direct, Location-by-Value (LbyV) approach or an indirect, Location-by-Reference (LbyR) approach.
所有基于位置的服务都依赖于对位置信息的即时访问。位置信息可用于直接的逐值位置(LbyV)方法或间接的逐参考位置(LbyR)方法。
For LbyV, location information is conveyed directly in the form of a Presence Information Data Format Location Object (PIDF-LO) [RFC4119]. Using LbyV might be either infeasible or undesirable in some circumstances. There are cases where LbyR is better able to address location requirements for a specific architecture or application. This document provides a list of requirements for use with the LbyR approach, and leaves the LbyV model explicitly out of scope.
对于LbyV,位置信息以存在信息数据格式位置对象(PIDF-LO)[RFC4119]的形式直接传送。在某些情况下,使用LbyV可能不可行或不可取。在某些情况下,LbyR能够更好地满足特定体系结构或应用程序的位置需求。本文档提供了LbyR方法使用的需求列表,并将LbyV模型明确排除在范围之外。
As justification for an LbyR model, consider the circumstance that in some mobile networks it is not efficient for the end host to periodically query the Location Information Server (LIS) for up-to-date location information. This is especially the case when power availability is a constraint or when a location update is not immediately needed. Furthermore, the end host might want to delegate the task of retrieving and publishing location information to a third party, such as to a presence server. Additionally, in some deployments, the network operator may not want to make location information widely available. These kinds of location scenarios form the basis of motivation for the LbyR model.
作为LBYR模型的理由,考虑在某些移动网络中,对于终端主机来说,对于最新的位置信息周期性地查询位置信息服务器(LIS)是没有效率的。当电源可用性受到限制或不立即需要位置更新时,尤其如此。此外,终端主机可能希望将检索和发布位置信息的任务委托给第三方,例如状态服务器。此外,在某些部署中,网络运营商可能不希望广泛提供位置信息。这些位置场景构成了LbyR模型的动机基础。
The concept of an LbyR mechanism is simple. An LbyR is made up of a URI scheme, a domain, and a randomized component. This combination of data elements, in the form of a URI, is referred to specifically as a "location URI".
LbyR机制的概念很简单。LbyR由URI方案、域和随机化组件组成。这种以URI形式出现的数据元素组合被具体称为“位置URI”。
A location URI is thought of as a reference to the current location of the Target, yet the location value might remain unchanged over specific intervals of time for several reasons. The type of location information returned as part of the dereferencing step may, for example, be influenced by the following factors:
位置URI被认为是对目标当前位置的引用,但由于多种原因,位置值可能在特定的时间间隔内保持不变。例如,作为解引用步骤的一部分返回的位置信息的类型可能受到以下因素的影响:
- Limitations in the process used to generate location information mean that cached location might be used.
- 用于生成位置信息的过程中的限制意味着可能会使用缓存的位置。
- Policy constraints may dictate that the location provided remains fixed over time for specified Location Recipients. Without additional information, a Location Recipient cannot assume that the location information provided by any location URI is static, and will never change.
- 策略约束可能规定,为指定的位置收件人提供的位置在一段时间内保持固定。如果没有其他信息,位置接收者就不能假定任何位置URI提供的位置信息是静态的,并且永远不会更改。
The LbyR mechanism works according to an information life cycle. Within this life cycle, location URIs are considered temporary identifiers, each undergoing the following uses: Creation; Distribution; Conveyance; Dereference; and Termination. The use of a location URI according to these various states is generally applied in one of the following ways:
LbyR机制根据信息生命周期工作。在此生命周期内,位置URI被视为临时标识符,每个URI都有以下用途:创建;分配运输解引用;和终止。根据这些不同状态的位置URI的使用通常以以下方式之一应用:
1. Creation of a location URI, within a location server, based on some request for its creation.
1. 根据创建位置URI的请求,在位置服务器内创建位置URI。
2. Distribution of a location URI, via a Location Configuration Protocol, between a Target and a location server.
2. 通过位置配置协议在目标和位置服务器之间分发位置URI。
3. Conveyance, applied to LbyR, for example in SIP (Session Initiation Protocol), is the transporting of the location URI, in this case, between any successive signaling nodes.
3. 传输应用于LbyR,例如在SIP(会话发起协议)中,是在任何连续信令节点之间传输位置URI。
4. Dereference of a location URI, a request/response between a client having a location URI and a location server holding the location information that the location URI references.
4. 位置URI的解除引用,具有位置URI的客户端和保存位置URI引用的位置信息的位置服务器之间的请求/响应。
5. Termination of a location URI, due to either expiration or cancellation within a location server, and that is based on a Target cancellation request or some other action, such as timer expiration.
5. 由于位置服务器内的过期或取消而终止位置URI,这是基于目标取消请求或某些其他操作,如计时器过期。
Note that this document makes no functional differentiation between a Location Server (LS), per [RFC3693], and a Location Information Server (LIS), as shown in [RFC5687], but may refer to either of them as a location server interchangeably.
请注意,本文档没有根据[RFC3693]对位置服务器(LS)和位置信息服务器(LIS)进行功能区分,如[RFC5687]所示,但可以将两者中的任何一个互换地称为位置服务器。
Location determination, as distinct from location configuration or dereferencing, often includes topics related to manual provisioning processes, automated location calculations based on a variety of measurement techniques, and/or location transformations (e.g., geo-coding), and is beyond the scope of this document.
与位置配置或解引用不同,位置确定通常包括与手动供应流程、基于各种测量技术的自动位置计算和/或位置转换(例如,地理编码)相关的主题,不在本文档范围内。
Location Conveyance for either LbyR or LbyV, as defined within SIP signaling is considered out of scope for this document. (See [LOC-CONVEY] for an explanation of location conveyance for either LbyR or LbyV scenarios.)
SIP信令中定义的LbyR或LbyV的位置传输不在本文件范围内。(关于LbyR或LbyV场景的位置运输说明,请参见[LOC-TRANSFER]
Except for location conveyance, the above stages in the LbyR life cycle fall into one of two general categories of protocols, either a Location Configuration Protocol or a Location Dereference Protocol. The stages of LbyR Creation, Distribution, and Termination, are each
除位置传输外,LbyR生命周期的上述阶段可分为两大类协议之一,即位置配置协议或位置解引用协议。LbyR的创建、分发和终止阶段分别为
found within the set of Location Configuration Protocols (LCPs). The Dereference stage belongs solely to the set of Location Dereference Protocols.
在位置配置协议(LCP)集合中找到。解引用阶段仅属于位置解引用协议集。
The issues around location configuration protocols have been documented in a location configuration protocol problem statement and requirements document [RFC5687]. There are currently several examples of documented location configuration protocols, namely DHCP [DHCP-LOC-URI], LLDP-MED [LLDP-MED], and HELD [HELD].
有关位置配置协议的问题已记录在位置配置协议问题声明和需求文件[RFC5687]中。目前有几个记录的位置配置协议示例,即DHCP[DHCP-LOC-URI]、LLDP-MED[LLDP-MED]和HOLD[HOLD]。
For dereferencing a location URI, depending on the type of reference used, such as a HTTP/HTTPS or SIP Presence URI, different operations can be performed. While an HTTP/HTTPS URI can be resolved to location information, a SIP Presence URI provides further benefits from the SUBSCRIBE/NOTIFY concept that can additionally be combined with location filters [LOC-FILTERS].
对于解引用位置URI,根据所使用的引用类型,例如HTTP/HTTPS或SIP状态URI,可以执行不同的操作。虽然HTTP/HTTPS URI可以解析为位置信息,但SIP状态URI提供了订阅/通知概念的进一步好处,该概念还可以与位置过滤器[LOC-filters]结合使用。
The structure of this document includes terminology, Section 2, followed by a discussion of the basic elements that surround how a location URI is used. These elements, or actors, are discussed in an overview section, Section 3, accompanied by a graph, associated processing steps, and a brief discussion around the use, expiration, authorization, and construction of location URIs.
本文档的结构包括术语,第2节,然后讨论围绕如何使用位置URI的基本元素。这些元素或参与者将在第3节的概述部分进行讨论,并附有图表、相关处理步骤,以及关于位置URI的使用、过期、授权和构造的简要讨论。
Requirements are outlined accordingly, separated as location configuration requirements, Section 4.1, and location dereference requirements, Section 4.2.
相应地概述了要求,分别为第4.1节的位置配置要求和第4.2节的位置取消参考要求。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119], with the important qualification that, unless otherwise stated, these terms apply to the design of the Location Configuration Protocol and the Location Dereferencing Protocol, not its implementation or application.
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不得”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中的描述进行解释,除非另有说明,否则重要的限定条件为:,这些术语适用于位置配置协议和位置解引用协议的设计,而不是其实现或应用。
This document reuses the terminology of [RFC3693], such as Location Server (LS), Location Recipient (LR), Rule Maker (RM), Target, and Location Object (LO). Furthermore, the following terms are defined in this document:
本文档重用了[RFC3693]的术语,如位置服务器(LS)、位置接收者(LR)、规则制定者(RM)、目标和位置对象(LO)。此外,本文件中定义了以下术语:
Location-by-Value (LbyV): Using location information in the form of a location object (LO), such as a PIDF-LO.
按值定位(LbyV):使用位置对象(LO)形式的位置信息,如PIDF-LO。
Location-by-Reference (LbyR): Representing location information indirectly using a location URI.
引用位置(LbyR):使用位置URI间接表示位置信息。
Location Configuration Protocol: A protocol that is used by a Target to acquire either a location object or a location URI from a location configuration server, based on information unique to the Target.
位置配置协议:一种协议,目标使用该协议根据目标特有的信息从位置配置服务器获取位置对象或位置URI。
Location Dereference Protocol: A protocol that is used by a client to query a location server, based on the location URI input, and that returns location information.
位置解除引用协议:客户端根据位置URI输入查询位置服务器并返回位置信息的协议。
Location URI: As defined within this document, an identifier that serves as a reference to location information. A location URI is provided by a location server, and is later used as input by a dereference protocol to retrieve location information.
位置URI:如本文档中定义的,作为位置信息引用的标识符。位置URI由位置服务器提供,稍后由解引用协议用作输入以检索位置信息。
This section describes the entities and interactions involved in the LbyR model.
本节描述了LbyR模型中涉及的实体和交互。
+---------+---------+ Location +-----------+
| | | Dereference | Location |
| LIS/LS +---------------+ Recipient |
| | | Protocol | |
+----+----+----+----+ (3) +-----+-----+
| * |
| Policy * |
Location | Exchange * |
Configuration | (*) * | Location
Protocol | +----+----+ | Conveyance
(1) | | Rule | | Protocol
| | Maker | | (2)
+----+----+ +---------+ |
| | |
| Target +-------------------------------+
| |
+---------+
+---------+---------+ Location +-----------+
| | | Dereference | Location |
| LIS/LS +---------------+ Recipient |
| | | Protocol | |
+----+----+----+----+ (3) +-----+-----+
| * |
| Policy * |
Location | Exchange * |
Configuration | (*) * | Location
Protocol | +----+----+ | Conveyance
(1) | | Rule | | Protocol
| | Maker | | (2)
+----+----+ +---------+ |
| | |
| Target +-------------------------------+
| |
+---------+
Figure 1: Location Reference Entities and Interactions
图1:位置参考实体和交互
Figure 1 shows the assumed communication model for both a Layer 7 location configuration protocol and a location dereference protocol.
图1显示了第7层位置配置协议和位置解引用协议的假定通信模型。
(1) The Target (an end device) uses a location configuration protocol to acquire a location reference from a LIS, which acts as (or is able to access) an LS.
(1) 目标(终端设备)使用位置配置协议从充当(或能够访问)LS的LIS获取位置参考。
In the case where the Target is also a Rule Maker, the location configuration protocol can be used to convey policy information.
在目标也是规则制定者的情况下,可以使用位置配置协议来传递策略信息。
In the case where possession of a location URI is the only required form of authorization (see Section 3.3), a policy is implied whereby any requester is granted access to location information. This does not preclude other means of providing authorization policies.
在拥有位置URI是唯一需要的授权形式的情况下(参见第3.3节),暗示了一种策略,允许任何请求者访问位置信息。这并不排除提供授权策略的其他方法。
A Target could also acquire a location URI from the LS directly using alternative means, for example, the acquisition of a presence Address of Record (AoR) to be used for location information, in which case, it could be regarded as a location URI.
目标还可以使用替代手段直接从LS获取位置URI,例如,获取用于位置信息的记录的存在地址(AoR),在这种情况下,可以将其视为位置URI。
(2) The Target conveys the location URI to the Location Recipient (interface out of scope).
(2) 目标将位置URI传递给位置收件人(接口超出范围)。
(3) The Location Recipient dereferences the location URI to acquire location information from the LS.
(3) 位置收件人取消引用位置URI以从LS获取位置信息。
The LS controls access to location information based on the policy provided by the Rule Maker.
LS根据规则制定者提供的策略控制对位置信息的访问。
Note A. There is no requirement for using the same protocol in (1) and (3).
注A:不要求使用(1)和(3)中的相同协议。
Note B. Figure 1 includes the interaction between the owner of the Target and the LIS to obtain Rule Maker policies. This interaction needs to happen before the LIS will authorize anything other than what is allowed based on default policies in order to dereference a location request of the Target. This communication path is out of scope for this document.
注B.图1包括目标所有者和LIS之间的交互,以获取规则制定者策略。这种交互需要在LIS授权基于默认策略所允许的内容之外的任何内容之前发生,以便取消对目标位置请求的引用。此通信路径超出了此文档的范围。
Note C. The Target might take on the role of the Location Recipient, in which case, it could attempt to dereference the location URI itself, in order to obtain its own location information.
注意C.目标可能扮演位置接收者的角色,在这种情况下,它可以尝试取消对位置URI本身的引用,以获取自己的位置信息。
An example scenario of how the above location configuration and location dereference steps might work using SIP is where a Target obtains a location URI in the form of a subscription URI (e.g., a SIP URI) via a location configuration protocol. In this case, the Target is the same as the Recipient; therefore, the Target can subscribe to the URI in order to be notified of its current location based on subscription parameters. In the example, parameters are set up for a specific Target/Recipient along with an expressed geospatial boundary, so that the Target/Recipient receives an updated location notification once the boundary is crossed (see [LOC-FILTERS]).
上述位置配置和位置解引用步骤如何使用SIP的示例场景是,目标通过位置配置协议获得订阅URI(例如,SIP URI)形式的位置URI。在这种情况下,目标与接收者相同;因此,目标可以订阅URI,以便根据订阅参数通知其当前位置。在该示例中,为特定目标/接收者以及表达的地理空间边界设置了参数,以便目标/接收者在跨越边界后收到更新的位置通知(请参见[LOC-FILTERS])。
Location URIs may have an expiry associated with them, primarily for security considerations, and generally in order for the LIS to keep track of the location URIs that have been handed out, to know whether a location URI is still valid once the LIS receives it in a request, and for preventing a recipient of such a URI from being able to (in some cases) permanently track a host. Expiration of a location URI limits the time that accidental leaking of a location URI introduces. Other justifications for expiration of location URIs include the ability for a LIS to do garbage collection.
位置URI可以具有与其相关联的到期日,主要是出于安全考虑,并且通常是为了让LIS跟踪已经分发的位置URI,以知道一旦LIS在请求中接收到位置URI,位置URI是否仍然有效,以及为了防止此类URI的接收者能够(在某些情况下)永久跟踪主机。位置URI过期会限制位置URI意外泄漏所导致的时间。位置URI过期的其他理由包括LIS可以执行垃圾收集。
How a location URI will ultimately be used within the dereference step is an important consideration at the time the location URI is requested via a location configuration protocol. The process of dereferencing location URIs will be influenced by the specific authorization model applied by the Location Information Server and the URI scheme that indicates the protocol to be used to resolve the reference to a location object.
在通过位置配置协议请求位置URI时,如何最终在解引用步骤中使用位置URI是一个重要的考虑因素。取消引用位置URI的过程将受到位置信息服务器应用的特定授权模型和URI方案的影响,该方案指示用于解析对位置对象的引用的协议。
Location URIs manifest themselves in a few different forms. The different ways that a location URI can be represented are based on local policy, and are depicted in the following four scenarios.
位置URI以几种不同的形式表现出来。位置URI的不同表示方式基于本地策略,在以下四种场景中进行了描述。
1. No location information included in the URI: As is typical, a location URI is used to get location information. However, in this case, the URI representation itself does not need to reveal any specific information at all. Location information is acquired by the dereferencing operation using a location URI.
1. URI中不包含位置信息:通常,位置URI用于获取位置信息。但是,在这种情况下,URI表示本身根本不需要显示任何特定信息。通过使用位置URI的解引用操作获取位置信息。
2. URI does not identify a Target: By default, a location URI MUST NOT reveal any information about the Target other than location information. This is true for the URI itself (or in the document acquired by dereferencing), unless policy explicitly permits otherwise.
2. URI不标识目标:默认情况下,位置URI不能显示除位置信息以外的任何有关目标的信息。除非策略明确允许,否则URI本身(或在通过取消引用获取的文档中)也是如此。
3. Access control authorization model: If this model is used, the location URI MUST NOT include any location information in its representation. Location URIs operating under this model could be widely published to recipients that are not authorized to receive this information.
3. 访问控制授权模型:如果使用此模型,则位置URI在其表示中不得包含任何位置信息。在此模式下运行的位置URI可能会广泛发布给无权接收此信息的收件人。
4. Possession authorization model (the URI itself is a secret): If this model is used, the location URI is confidential information shared between the LIS/LS, the Target, and all authorized Location Recipients. In this case, possession implies
4. 占有授权模型(URI本身是一个秘密):如果使用此模型,则位置URI是LIS/LS、目标和所有授权位置收件人之间共享的机密信息。在这种情况下,占有意味着
authorization. Because knowledge of the location URI is used to authenticate and authorize access to location information, the URI needs to include sufficient randomness to make guessing its value difficult. A possession model URI can include location information in its representation.
批准由于位置URI的知识用于验证和授权对位置信息的访问,因此URI需要包含足够的随机性,以使猜测其值变得困难。占有模型URI可以在其表示中包含位置信息。
Given scenarios 2 and 4, above, and depending on local policy, a location URI may be constructed in such a way as to make it difficult to guess. Accordingly, the form of the URI is then constrained by the degree of randomness and uniqueness applied to it. In this case, it may be important to protect the actual location information from inspection by an intermediate node. Construction of a location URI in such a way as to not reveal any Target-specific information (e.g., user or device information), with the goal of making the location URI appear bland, uninteresting, and generic, may be helpful to some degree in order to keep location information more difficult to detect. Thus, obfuscating the location URI in this way may provide some level of safeguard against the undetected inspection and unintended use of what would otherwise be evident location information, since it forces a dereference operation at the location dereference server, an important step for the purpose of providing statistics, audit trails, and general logging for many different kinds of location-based services.
给定上述场景2和4,并根据本地策略,位置URI的构造方式可能会使其难以猜测。因此,URI的形式随后受到应用于它的随机性和唯一性的程度的约束。在这种情况下,保护实际位置信息免受中间节点的检查可能很重要。以不暴露任何目标特定信息(例如,用户或设备信息)的方式构造位置URI,其目的是使位置URI看起来平淡、无趣和通用,这在某种程度上可能有助于保持位置信息更难检测。因此,以这种方式混淆位置URI可以提供某种程度的保护,防止未被检测到的检查和对明显位置信息的非预期使用,因为它强制在位置取消引用服务器上执行取消引用操作,这是提供统计信息、审计跟踪的重要步骤,以及许多不同类型的基于位置的服务的通用日志记录。
This document outlines the requirements for a Location by Reference mechanism that can be used by a number of underlying protocols. Requirements here address two general types of such protocols, a general location configuration protocol and a general location dereferencing protocol.
本文档概述了可由许多底层协议使用的按引用定位机制的要求。这里的需求涉及这类协议的两种一般类型,通用位置配置协议和通用位置解引用协议。
The requirements are broken into two sections.
这些要求分为两部分。
Below, we summarize high-level design requirements needed for a location-by-reference mechanism as used within the location configuration protocol.
下面,我们总结了位置配置协议中使用的逐参考位置机制所需的高级设计需求。
C1. Location URI support: The location configuration protocol MUST support a location reference in URI form.
C1。位置URI支持:位置配置协议必须支持URI形式的位置引用。
Motivation: A standardized location reference mechanism increases interoperability.
动机:标准化的位置参考机制提高了互操作性。
C2. Location URI expiration: When a location URI has a limited validity interval, its lifetime MUST be indicated.
C2。位置URI过期:当位置URI的有效期间隔有限时,必须指示其生存期。
Motivation: A location URI may not intend to represent a location forever, and the identifier eventually may need to be recycled, or may be subject to a specific window of validity, after which the location reference fails to yield a location, or the location is determined to be kept confidential.
动机:位置URI可能不打算永远代表一个位置,标识符最终可能需要循环使用,或者可能受到特定有效窗口的约束,在此之后位置引用无法生成位置,或者该位置被确定为保密。
C3. Location URI cancellation: The location configuration protocol MUST support the ability to request a cancellation of a specific location URI.
C3。位置URI取消:位置配置协议必须支持请求取消特定位置URI的功能。
Motivation: If the Target determines that a location URI should no longer be used to dereference a location, then there should be a way to request that the location URI be nullified.
动机:如果目标确定不应再使用位置URI解除对位置的引用,那么应该有一种方法请求将位置URI置为空。
C4. Location information masking: The location URI MUST ensure, by default, through randomization and uniqueness, that the location URI does not contain location-information-specific components.
补体第四成份。位置信息屏蔽:默认情况下,位置URI必须通过随机化和唯一性确保位置URI不包含特定于位置信息的组件。
Motivation: It is important to keep any location information masked from a casual observing node.
动机:保持任何位置信息都不被偶然的观察节点所掩盖是很重要的。
C5. Target identity protection: The location URI MUST NOT contain information that identifies the Target (e.g., user or device). Examples include phone extensions, badge numbers, and first or last names.
C5。目标身份保护:位置URI不得包含标识目标的信息(例如,用户或设备)。示例包括电话分机、徽章号码和姓名。
Motivation: It is important to protect caller identity or contact address from being included in the form of the location URI itself when it is generated.
动机:在生成位置URI时,保护呼叫者身份或联系地址不被包含在位置URI本身的形式中非常重要。
C6. Reuse indicator: There SHOULD be a way to allow a Target to control whether a location URI can be resolved once only or multiple times.
C6。重用指示符:应该有一种方法允许目标控制位置URI只能解析一次还是多次。
Motivation: The Target requesting a location URI may request a location URI that has a 'one-time-use' only characteristic, as opposed to a location URI having multiple reuse capability. This would allow the server to return an error with or without location information during the subsequent dereference operation.
动机:请求位置URI的目标可能会请求具有“一次性使用”特征的位置URI,而不是具有多重重用功能的位置URI。这将允许服务器在后续取消引用操作期间返回一个包含或不包含位置信息的错误。
C7. Selective disclosure: The location configuration protocol MUST provide a mechanism that allows the Rule Maker to control what information is being disclosed about the Target.
C7。选择性披露:位置配置协议必须提供一种机制,允许规则制定者控制披露的目标信息。
Motivation: The Rule Maker has to be in control of how much information is revealed during the dereferencing step as part of the privacy features.
动机:作为隐私功能的一部分,规则制定者必须控制在取消引用步骤中透露的信息量。
C8. Location URI not guessable: As a default, the location configuration protocol MUST return location URIs that are random and unique throughout the indicated lifetime. A location URI with 128 bits of randomness is RECOMMENDED.
C8。位置URI不可猜测:默认情况下,位置配置协议必须返回在指定生命周期内随机且唯一的位置URI。建议使用具有128位随机性的位置URI。
Motivation: Location URIs should be constructed in such a way that an adversary cannot guess them and dereference them without having previously obtained them from the Target.
动机:位置URI的构造方式应确保对手在事先未从目标获得它们的情况下无法猜到它们并取消引用它们。
C9. Location URI options: In the case of user-provided authorization policies, where anonymous or non-guessable location URIs are not warranted, the location configuration protocol MAY support a variety of optional location URI conventions, as requested by a Target to a location configuration server (e.g., embedded location information within the location URI).
C9。位置URI选项:在用户提供的授权策略的情况下,如果不保证匿名或不可猜测的位置URI,则位置配置协议可能支持目标向位置配置服务器请求的各种可选位置URI约定(例如,位置URI中嵌入的位置信息)。
Motivation: Users don't always have such strict privacy requirements, but may opt to specify their own location URI or components to be included within a location URI.
动机:用户并不总是有如此严格的隐私要求,但可以选择指定自己的位置URI或包含在位置URI中的组件。
Below, we summarize high-level design requirements needed for a location-by-reference mechanism as used within the location dereference protocol.
下面,我们总结了位置解引用协议中使用的逐参考位置机制所需的高级设计需求。
D1. Location URI support: The location dereference protocol MUST support a location reference in URI form.
D1。位置URI支持:位置解除引用协议必须支持URI形式的位置引用。
Motivation: It is required that there be consistency of use between location URI formats used in a configuration protocol and those used by a dereference protocol.
动机:在配置协议中使用的位置URI格式和解除引用协议中使用的位置URI格式之间需要有一致性。
D2. Authentication: The location dereference protocol MUST include mechanisms to authenticate both the client and the server.
D2。身份验证:位置解除引用协议必须包括对客户端和服务器进行身份验证的机制。
Motivation: Although the implementations must support authentication of both parties, any given transaction has the option not to authenticate one or both parties.
动机:尽管实现必须支持双方的身份验证,但任何给定的事务都可以选择不验证一方或双方。
D3. Dereferenced location form: The value returned by the dereference protocol MUST contain a well-formed PIDF-LO document.
D3。解引用位置表单:解引用协议返回的值必须包含格式良好的PIDF-LO文档。
Motivation: This is in order to ensure that adequate privacy rules can be adhered to, since the PIDF-LO format comprises the necessary structures to maintain location privacy.
动机:这是为了确保遵守足够的隐私规则,因为PIDF-LO格式包含维护位置隐私的必要结构。
D4. Location URI repeated use: The location dereference protocol MUST support the ability for the same location URI to be resolved more than once, based on dereference server configuration.
D4。位置URI重复使用:位置解除引用协议必须支持根据解除引用服务器配置多次解析同一位置URI的能力。
Motivation: Through dereference server configuration, for example, it may be useful to not only allow more than one dereference request, but, in some cases, to also limit the number of dereferencing attempts by a client.
动机:例如,通过取消引用服务器配置,不仅允许多个取消引用请求,而且在某些情况下,还可以限制客户端尝试取消引用的次数。
D5. Location confidentiality: The location dereference protocol MUST support confidentiality protection of messages sent between the Location Recipient and the location server.
D5。位置机密性:位置解除引用协议必须支持位置收件人和位置服务器之间发送的消息的机密性保护。
Motivation: The location URI indicates what type of security protocol has to be provided. An example is a location URI using a HTTPS URI scheme.
动机:位置URI指示必须提供何种类型的安全协议。例如,使用HTTPS URI方案的位置URI。
The method of constructing the location URI to include randomized components helps to prevent adversaries from obtaining location information without ever retrieving a location URI. In the possession model, a location URI, regardless of its construction, if made publicly available, implies no safeguard against anyone being able to dereference and get the location. Care has to be paid when distributing such a location URI to the trusted location recipients. When this aspect is of concern, the authorization model has to be chosen. Even in this model, care has to be taken on how to construct the authorization policies to ensure that only those parties have access to location information that are considered trustworthy enough to enforce the basic rule set that is attached to location information in a PIDF-LO document.
构造包含随机组件的位置URI的方法有助于防止对手在不检索位置URI的情况下获取位置信息。在占有模型中,位置URI,无论其构造如何,如果公开提供,都不意味着任何人都无法解除引用并获取位置。在将这样的位置URI分发给受信任的位置收件人时,必须小心。考虑到这一点时,必须选择授权模型。即使在这个模型中,也必须注意如何构造授权策略,以确保只有那些被认为足够可信的参与方才能访问位置信息,从而强制执行附加到PIDF-LO文档中位置信息的基本规则集。
Any location URI, by necessity, indicates the server (name) that hosts the location information. Knowledge of the server in some specific domain could therefore reveal something about the location of the Target. This kind of threat may be mitigated somewhat by introducing another layer of indirection: namely the use of a (remote) presence server.
根据需要,任何位置URI都指示承载位置信息的服务器(名称)。因此,了解某个特定领域中的服务器可能会揭示目标位置的某些信息。通过引入另一层间接寻址(即使用(远程)状态服务器),可以在一定程度上缓解这种威胁。
A covert channel for protocol message exchange is an important consideration, given an example scenario where user A subscribes to location information for user B, then every time A gets a location update, an (external) observer of the subscription notification may
协议消息交换的隐蔽通道是一个重要的考虑因素,给定一个示例场景,其中用户A订阅用户B的位置信息,然后每次A获得位置更新时,订阅通知的(外部)观察者可能会
know that B has moved. One mitigation of this is to have periodic notification, so that user B may appear to have moved even when static.
知道B已经搬家了。对此的一种缓解措施是定期通知,这样即使在静态情况下,用户B也可能看起来已经移动了。
I would like to thank the present IETF GEOPRIV working group chairs, Alissa Cooper and Richard Barnes, past chairs, Robert Sparks, Andy Newton, Allison Mankin, and Randall Gellens, who established a design team that initiated this requirements work. I'd also like to thank those original design team participants for their inputs, comments, and insightful reviews. The design team included the following folks: Richard Barnes, Martin Dawson, Keith Drage, Randall Gellens, Ted Hardie, Cullen Jennings, Marc Linsner, Rohan Mahy, Allison Mankin, Andrew Newton, Jon Peterson, James M. Polk, Brian Rosen, John Schnizlein, Henning Schulzrinne, Barbara Stark, Hannes Tschofenig, Martin Thomson, and James Winterbottom.
我要感谢目前的IETF GEOPRIV工作组主席Alissa Cooper和Richard Barnes,过去的主席Robert Sparks、Andy Newton、Allison Mankin和Randall Gellens,他们建立了一个设计团队,发起了这项需求工作。我还要感谢那些原创设计团队的参与者,感谢他们的投入、评论和深刻的评论。设计团队包括以下人员:理查德·巴恩斯、马丁·道森、基思·德拉格、兰德尔·盖伦斯、特德·哈迪、卡伦·詹宁斯、马克·林纳、罗汉·马伊、艾利森·曼金、安德鲁·牛顿、乔恩·彼得森、詹姆斯·波尔克、布赖恩·罗森、约翰·施尼兹林、亨宁·舒尔兹林纳、芭芭拉·斯塔克、汉内斯·茨霍芬特、马丁·汤姆森和詹姆斯·温特巴顿。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[DHCP-LOC-URI] Polk, J., "Dynamic Host Configuration Protocol (DHCP) IPv4 and IPv6 Option for a Location Uniform Resource Identifier (URI)", Work in Progress, March 2010.
[DHCP-LOC-URI]Polk,J.,“位置统一资源标识符(URI)的动态主机配置协议(DHCP)IPv4和IPv6选项”,正在进行的工作,2010年3月。
[HELD] Barnes, M., Winterbottom, J., Thomson, M., and B. Stark, "HTTP Enabled Location Delivery (HELD)", Work in Progress, August 2009.
[Hold]Barnes,M.,Winterbottom,J.,Thomson,M.,和B.Stark,“支持HTTP的位置交付(Hold)”,正在进行的工作,2009年8月。
[LLDP-MED] Telecommunications Industry Association (TIA), "ANSI/TIA-1057 Link Layer Discovery Protocol - Media Endpoint Discovery", 2006.
[LLDP-MED]电信行业协会(TIA),“ANSI/TIA-1057链路层发现协议-媒体端点发现”,2006年。
[LOC-FILTERS] Mahy, R., Rosen, B., and H. Tschofenig, "Filtering Location Notifications in the Session Initiation Protocol (SIP)", Work in Progress, March 2010.
[LOC-FILTERS]Mahy,R.,Rosen,B.,和H.Tschofenig,“在会话启动协议(SIP)中过滤位置通知”,正在进行的工作,2010年3月。
[LOC-CONVEY] Polk, J. and B. Rosen, "Location Conveyance for the Session Initiation Protocol", Work in Progress, February 2010.
[LOC-Transfer]Polk,J.和B.Rosen,“会话启动协议的位置传输”,正在进行的工作,2010年2月。
[RFC3693] Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and J. Polk, "Geopriv Requirements", RFC 3693, February 2004.
[RFC3693]Cuellar,J.,Morris,J.,Mulligan,D.,Peterson,J.,和J.Polk,“地质驱动要求”,RFC 3693,2004年2月。
[RFC4119] Peterson, J., "A Presence-based GEOPRIV Location Object Format", RFC 4119, December 2005.
[RFC4119]Peterson,J.,“一种基于状态的GEOPRIV定位对象格式”,RFC41192005年12月。
[RFC5687] Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7 Location Configuration Protocol: Problem Statement and Requirements", RFC 5687, March 2010.
[RFC5687]Tschofenig,H.和H.Schulzrinne,“GEOPRIV第7层位置配置协议:问题陈述和要求”,RFC 5687,2010年3月。
Author's Address
作者地址
Roger Marshall (editor) TeleCommunication Systems, Inc. 2401 Elliott Avenue 2nd Floor Seattle, WA 98121 US
罗杰·马歇尔(编辑)美国华盛顿州西雅图市艾略特大道2401号2楼电信系统公司98121
Phone: +1 206 792 2424
EMail: rmarshall@telecomsys.com
URI: http://www.telecomsys.com
Phone: +1 206 792 2424
EMail: rmarshall@telecomsys.com
URI: http://www.telecomsys.com