[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RE: RE: draft-jones-radius-geopriv
> I wonder if it is ever possible to guarantee, in the
> information-theoretic sense, that a trusted party does not
> misuse information to which it has access?
>
It's a good point, David. I see a parallel here with the privacy policies we
read on web sites before surrendering our email, etc. There is no guarantee
that my personal information will be misused. However, if the service
provider does break the rules governing its use then presumably I have some
legal recourse.
Similarly, as a subscriber I would like to be able to specify a policy
governing the use of my location information and this policy must be
accessible and evaluated by anyone who determines my location. Depending on
consumer sensitivity to this issue, we may even see network access locations
(hotspots, etc) boasting 'GEOPRIV compliance' as a differentiator.
Now I'm not suggesting RADIUS will be the only protocol involved in
addressing this problem but it is proposed as a transport protocol for the
location information so we should examine the security and privacy
implications now rather than try to bolt something on later.
Regards
Mark
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>