[09:14:17] --- ietf.wg-geopriv has joined
[09:32:05] --- ietf.wg-geopriv has left: Disconnected
[09:46:54] --- jjmbcom has joined
[10:08:51] --- jjmbcom has left: Disconnected
[17:03:09] --- Barry Leiba has joined
[17:07:17] --- Randy has joined
[17:11:44] --- anewton has joined
[17:15:26] <Randy> We're starting
[17:17:12] --- RjS has joined
[17:17:13] --- adaviel has joined
[17:18:38] --- RjS has left: Logged out
[17:21:42] --- NMAs has joined
[17:24:26] <Randy> common-policy draft
[17:27:40] --- RjS has joined
[17:27:55] --- NMAs has left
[17:32:24] --- Barry Leiba has left
[17:32:33] <Randy> Discussion on limiting sphere and scheme to one per
[17:32:57] <Randy> John suggests limiting both to one
[17:33:15] <Randy> Andy says if we do that we get rid of scheme and just use full URI for id
[17:34:27] <Randy> Jonathan notes that we originally went this way so users didn't have to care about the protocol (sip vs xmpp)
[17:35:01] <Randy> Andy: users use tools, not edit xml directly
[17:35:15] <Randy> Henning: can't rely on tools
[17:35:51] <Randy> Jonathan: need to convert to uri anyway, so it simplifies document
[17:36:25] <Randy> Andy: easier to implement if just uri
[17:38:47] <Randy> Adam Roach: assumes adam@sip.example.com always same person
[17:39:17] <RjS> specifically, Adam's making sure there is no assumption that sip:adam@example.com == xmpp:adam@example.com
[17:39:20] <Randy> Henning: yes, if you suspect the uri is not the same person, don't use this rule
[17:39:37] <Randy> [ thanks ]
[17:39:47] <Randy> [ anyone, please feel free to jump in with notes ]
[17:39:59] <Randy> chair: hum to make id a single uri
[17:40:10] <Randy> no hums against, lots of hums for
[17:40:32] <Randy> Andy: draft has no internationalization section
[17:42:02] --- stephenfarr has joined
[17:42:44] <Randy> idn vs ascii domain
[17:43:03] --- jean-francois has joined
[17:43:09] --- stephenfarr has left
[17:43:35] <Randy> Henning: 2 issues: only use for domain name is comparison (equality test in rule) we don
[17:43:46] <Randy> Henning: we don't turn domain name into ip address
[17:47:14] <Randy> Ted: every uri is also an iri, so can use iri style
[17:48:12] --- RjS has left
[17:48:30] <Randy> Andy: in uri, domain is "authority"; what is the intent of domain =?
[17:49:22] <Randy> Jonathan: no intend to to dns lookup and compare ips
[17:49:57] <Randy> Jonathan: use here is as name space; identify set of addresses
[17:50:40] <Randy> Andy: that's what "authority" is
[17:51:11] --- anewton has left
[17:51:39] <Randy> Jonathan: ignore port in identity test; we don't want most crud in "authority", only want host (or ip address)
[17:54:45] <Randy> Registration of sphere values:
[17:55:24] <Randy> Jonathan: no need, since sphere values are self-contained (I authorize you to subscribe to my presence based on the value of my sphere -- so only my sphere values need to be consistent)
[17:55:57] <Randy> no issues raised at meeting on geopriv policy
[17:56:04] <Randy> ** please review draft **
[17:56:23] <Randy> geopriv-provided-by
[17:57:00] <Randy> draft-thomson-geopriv-provided-by-00.txt
[17:58:02] <Randy> Alison: this document duplicates treatment of provided-by in pidf-lo and is inconsistent with it
[18:00:02] <Randy> (skipping rest of presentation)
[18:00:35] <Randy> Alison asks about NEMA issue with provided-by
[18:02:32] <Randy> Nadine: truncation was for historical reason, not needed, tell RFC editor to not truncate
[18:03:09] <Randy> draft-ietf-geopriv-radius-lo-04.txt
[18:03:39] --- anewton has joined
[18:03:50] <Randy> Issue: generic 'capability' in radius
[18:04:23] <Randy> carrying geopriv info in radius now depends on this, yet this is not yet in radius
[18:05:07] <Randy> Alison: instead of using 'capability', a priori agree to include location in request
[18:12:38] <Randy> Alison: let's sort out geo and priv issues; priv issues are why we have the document here
[18:12:54] <Randy> Glenn Zorn: no priv issues, since server-to-server
[18:14:16] <Randy> Glenn Zorn: we could have done this in diameter, which already has capability
[18:14:44] <Randy> Alison: (but no end-to-end security, only hop-by-hop) radius is because of user community needs
[18:15:59] <Randy> Hannes: seems to be end-to-end security model in radius only when talking to security folks, not when talking to other wgs
[18:16:41] <Randy> Hannes: we want to avoid sending loc unless needed; need to include do-not-distr flag
[18:24:36] --- Randy has left
[18:24:47] --- Randy has joined
[18:25:09] --- Randy has left
[18:25:13] --- mmealling has joined
[18:27:20] --- Randy has joined
[18:28:35] <Randy> Alison: OK to WGLC this document?
[18:29:34] <Randy> John: we still have an open issue (in radext) on this document, shouldn't go to wglc until issue is resolved
[18:30:59] <Randy> HELD-02 (James Winterbottom)
[18:31:45] <jean-francois> draft-winterbottom-http-location-delivery-02.txt
[18:44:01] <Randy> Issue: identification of target to held server
[18:44:11] <Randy> James: use source IP address
[18:44:26] <Randy> Ted: this opens up eavesdropping and spoofing risks
[18:44:56] <Randy> James: thought this issue was resolved at previous IETF, and it was OK to use source IP because that's OK for HTTPS
[18:45:14] <Randy> Ted: so you're assuming that tls is handling authentication
[18:50:08] <Randy> Henning: this is an rpc mechanism, no need to invent new one over http for this
[18:59:06] <Randy> Issue: motivation for held is that dhcp can't be used to provision location information, yet held requires dhcp
[19:03:38] <Randy> Brian: if you can't use DHCP to provision target with location, how can you use held, since held relies on dhcp
[19:03:55] <Randy> James: can use dns trick, or manual configuration
[19:08:48] <Randy> closing for today, see everyone tomorrow
[19:08:54] --- Randy has left
[19:10:04] --- adaviel has left: Disconnected
[19:14:05] --- anewton has left
[19:19:18] --- jean-francois has left
[20:15:04] --- mmealling has left