> (Including the geopriv list on this reply).
>
> Martin - there's one change you made that I think you need to adjust.
> In response to Elwyn's suggestion about Appendix A, Req 9 below,
> you've added some 2119 text to that appendix which isn't right. Is
> there a place you can say what you want to say in the body of the document?
Yeah, and that was stupid of me.
The security considerations already contains a statement to this effect:
Location URIs MUST only be disclosed to authorized Location
Recipients.
As for the 2119 language, a reference to the above statement should do:
OLD:
In order to comply with these rules, a Location Recipient
MUST NOT redistribute a location URI without express
permission. Depending on the access control model, the
location URI might be secret (see Section 3.3 of
[RFC5808]).
NEW:
For location URIs that are use possession as a component of
authorization, the protecting the secrecy of the URI is
necessary in order to comply with this requirement (see
Section 6).
--Martin
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
