People Location Protocol - PLOP

Once upon a time, I wrote this together with my friend Dirk…

Updated: I also found a presentation from 1999 about it: plop.pdf

INTERNET-DRAFT                                    Patrik Faltstrom
<draft-faltstrom-plop-01.txt>                     Dirk-Willem van Gulik
April 8, 1997
expires July 8, 1997

                   The People Location Protocol

Status of this Memo

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other
   documents at any time.  It is inappropriate to use Internet-Drafts
   as reference material or to cite them other than as ``work in
   progress.''

   To learn the current status of any Internet-Draft, please check the
   ``1id-abstracts.txt'' listing contained in the Internet-Drafts
   Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net
   (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East
   Coast), or ftp.isi.edu (US West Coast).

Abstract

   The People Location Protocol (PLOP) gives the ability to subscribe
   to a feed of geographical locations of specific objects. The protocol
   describes both a TCP-based control channel, aswell as a lightweight
   UDP-based location stream channel between both the object announcing
   its position and the a PLOP service provider, and the PLOP service
   provider and the subscriber.

1. Introduction

   One problem today is to find the geographical location of objects, such
   as friends, sattelites and airplanes. People have the need for finding
   each other; and current methods such as the rwho, and finger protocols
   generally reveal information in a crude and privacy invasing way. Furthermore
   the introduction of nomad technology, such as DHCP, W-LANs, mobile IP and
   roaming accounts has wired people and mobile objects.

   In PLOP, three concepts are central; the Announcer, the Provider and the
   Subscriber. Announcers somehow know and are able to provide the location
   of an object. Providers can provide this information to third parties,
   such as other providers or to Subscribers. The Subscriber is the final
   client; which has a (legitimate) need to know the location of an object.

   How the announcer knows the location is outside the scope of this protocol,
   it could well have a NMEA serial interface to a GPS and be on the move; but
   it might well proxy for a whole range of objects, based on information it
   retrieves from its database. 

	Consider an email tool or personal address book; which warns
   the user that the person to be called or emailed is in a different timezone,
   or which suggest which phonenumber to use.

	A user might simply ferry between his house, his work; and does want
   to publish both places so that he can be reached easily, but at other times
   might not want to be visible to others (except perhaps his mistress, girlfriend,
   wife..) Such might be accomplished with a simple three state 'switch', home,
   at work and 'not-there'; with some fixed locations and simple access controls

 	A duty doctor might want to publish his information during on-duty
   hours; to, and insofar as needed by, the hospitals and medical-alarm centers,
   but at the same time has to consider the privacy of his patients. Even though
   a full blown GPS/GSM combination might be cool; the above can easily be accomplished
   today by using the information already avaible at the medical alarm centers
   in most countries which, during the night, links the postal-code or zip to
   a specific doctor 'state'; such as 'on-call', 'in-transit', 'confirmed',
   'signed-off' and 'off-call'.

	A container fright company might want to keep track of its containers,
   while they are at sea, on the road as well as at their customers. During some
   parts of the transit; the locations are generally linked, and a simple ship
   location announcement suffices for the container provider to publish the location
   or estimated times of arrival of all containers known to be on the ship. But
   during land transit by train or by car; other announcers might have to take
   over; and during the last leg of the journey some dedicated hardware on
   the container might be responsible of updating the information the location
   announcer has avaible. The container company might have a desire to share
   specific parts of the information with some of its customers.

        Sometimes the location of the object, as a space craft, is to be
   published and made known to a large number of users. A space organization
   could for example provide some icons and a nice backdrop or screen safer
   which displays latest mission happening live. Generally Mission Control
   will be quite able to supply the location of its spacecraft; there is
   little reason to actually add an Announcers, a GPS and an extra downlink
   to the spacescraft misson !

   The above examples illustrate several different extremes; some are essential
   one-to-one exchanges with tight access controls; the other extreme is a many
   to many exchange with little or no access and/or privacy controls. It should
   be noted that the security and privacy concerns are generally inversely related
   to the number of subscribers and the number of announcers.

2. Basic definitions

2.1 The PLOP Location Announcer (PLA)

   The PLOP location announcer (PLA) is a PLOP client that want to publish its
   geographical position. It must have a PGP key, where the public key is
   stored on a public server. It must also have the public key of the PSP
   (see 2.2) to be able to encrypt and sign the messages in PLP.

   The PLA tells via the PLOP-control protocol (PCP) the PSP
   that a certain other client can subscribe to the location, and with
   what accuracy.

   The PLA updates via the PLOP location protocol (PLP) the PSP the new
   location.

   Updates are send at the PLA's discretion for the duration of the
   subcribtion lease.

2.2 PLOP Service Provider (PSP)

   The PLOP service provider (PSP) is a server that receives the locations
   sent from the PLA, checks if the message should be forwarded to some
   other PSP (the authorative one), or takes care of registering the new
   location of the PLA after checking the integrity of the location
   announcement.

   The PSP is for each changed location checking what PLS (see 2.3 below)
   is subscribing to the location information for a given PLA, and sends
   the updated location using PLP to the PLS with the given accuracy.

   The PSP has announced its public key to the public as this key is needed
   for the PCP protocol.

2.3 PLOP Location Subscriber (PLS)

   The PLOP Location Subscriber is after subscribing for the location
   using PCP for a given object at a PLA, given a stream of locations
   from the PSP using PLP.

3 The protocols used

3.1 PLP

   The PLOP Location Protocol is a UDP based protocol where the messages
   are protected with a live key. The live key is exchanged between the
   client and the server via the PCP protocol.

   The format of the message in PLP is the following:

        PLP       = TAG CRLF LAT CRLF LONG CRLF TIME CRLF INFO CRLF
        TAG       = "Tag: " DIGIT
        LAT       = "Lat: " DEGREES
        LONG      = "Long: " DEGREES
        TIME      = "Time: " TIMESPEC
        INFO      = "Text: " TEXT
        DEGREES   = *PLUSMINUS DIGITS '.' DIGITS
        TIMESPEC  = *PLUSMINUS DIGITS '.' DIGITS
        TEXT      = *CHAR
        PLUSMINUS = + | -
        DIGITS    = DIGIT *DIGIT
        DIGIT     = 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
        CHAR      = < Any UTF-8 encoded UNICODE character except S-CHAR >
        S-CHAR    = < Any UNICODE character in the range U+0000 to U+001F >

   The PLP message is encrypted using <A REAL ZIPHER ALGORITHM> with the
   live key that is earlier exchanged between sender and receiver using
   PCP. The receiver of a message is responsible for detecting if the
   live key has changed, and 

3.1.1 Lattitude / Longitude (DEGREES)

   Values for latitude and longitude shall be expressed as decimal
   fractions of degrees.  Whole degrees of latitude shall be represented
   by a two-digit decimal number ranging from 0 through 90.  Whole degrees
   of longitude shall be represented by a decimal number ranging from
   0 through 180.  When a decimal fraction of a degree is specified,
   it shall be separated from the whole number of degrees by a
   decimal point.  Decimal fractions of a degree may be expressed to the
   precision desired.

   Latitudes north of the equator shall be specified by a plus sign (+),
   or by the absence of a minus sign (-), preceding the
   designating degrees.  Latitudes south of the Equator shall be
   designated by a minus sign (-) preceding the two digits designating
   degrees.  A point on the Equator shall be assigned to the Northern
   Hemisphere.

   Longitudes east of the prime meridian shall be specified by a plus sign
   (+), or by the Longitudes west of the meridian shall be designated by
   minus sign (-) preceding the digits designating degrees.  A point
   on the prime meridian shall be assigned to the Eastern Hemisphere.  A
   point on the 180th meridian shall be assigned to the Western
   Hemisphere.  One exception to this last convention is permitted.  For
   the special condition of describing a band of latitude around the
   earth, the East Bounding Coordinate data element shall be assigned the
   value +180 (180) degrees.

   Any spatial address with a latitude of +90 (90) or -90 degrees will
   specify the position at the North or South Pole, respectively.  The
   component for longitude may have any legal value.

   With the exception of the special condition described above, this form
   is specified in Department of Commerce, 1986, Representation of
   geographic point locations for information interchange (Federal
   Information Processing Standard 70-1):  Washington,  Department of
   Commerce, National Institute of Standards and Technology.

3.1.2 Time (TIMESPEC)

   A time is expressed as a Julian date, a Floating point number
   of arbitrary accuracy denoting the number of days before (negative),
   or after (positive) the 14th of September 1752.

3.2 PCP

   The PLOP Control Protocol is a TCP based protocol where the messages
   are transported using HTTP. Most messages are signed by the sender and
   encrypted for the receiver using PGP.

   The PCP protocol is used by either a PLS or a PLA when communicating
   with the PSP.

   The commands available are:

      PCP        = PCPCOMMAND CRLF
      PCPCOMMAND = PLACOMMAND | PLSCOMMAND
      PLACOMMAND = GETKEY | SETACL
      PLSCOMMAND = GETKEY | SUBSCRIBE
      GETKEY     = "GetKey"
      SETKEY     = "SetKey" SPACE KEY
      SETACL     = "SetACL" SPACE TOKEN SPACE TAG
      KEY        = DIGITS
      TOKEN      = DIGITS
      SPACE      = <U+0020>

   These commands are always encrypted with the public key of the PSP
   and signed by the PLS or PLA so the PSP can verify the sender. The
   resulting message, signed and encrypted, is sent via a POST command
   via HTTP.

4. Security considerations

   The PCP is encrypted with the public key of the PSP, and signed by
   PLA or PLS. This ensures that both sender and receiver of the commands
   verify each other to each other. Also, because of the encryption,
   it is not possible to steal the connection.

   PLP is secured via a symmetric encryption using a live key which is
   exchanged via PCP. The sender of locations using PLP can choose to
   change the live key whenever he wants. He is because of that also
   responsible for changing the live key.

5. References

6. Author's Addresses