[Geopriv] RE: RE: RE: draft-jones-radius-geopriv

From: Mark Jones ^lt;mark.jones@bridgewatersystems.com>
Date: Tue Feb 17 2004 - 14:14:21 EST

> I wonder if it is ever possible to guarantee, in the
> information-theoretic sense, that a trusted party does not
> misuse information to which it has access?

It's a good point, David. I see a parallel here with the privacy policies we
read on web sites before surrendering our email, etc. There is no guarantee
that my personal information will be misused. However, if the service
provider does break the rules governing its use then presumably I have some
legal recourse.

Similarly, as a subscriber I would like to be able to specify a policy
governing the use of my location information and this policy must be
accessible and evaluated by anyone who determines my location. Depending on
consumer sensitivity to this issue, we may even see network access locations
(hotspots, etc) boasting 'GEOPRIV compliance' as a differentiator.

Now I'm not suggesting RADIUS will be the only protocol involved in
addressing this problem but it is proposed as a transport protocol for the
location information so we should examine the security and privacy
implications now rather than try to bolt something on later.


Geopriv mailing list
Received on Tue, 17 Feb 2004 14:14:21 -0500

This archive was generated by hypermail 2.1.8 : Tue Feb 17 2004 - 14:17:05 EST