TABLE OF CONTENTS Users of location information may require some assurances about its veracity before they will use the information. The most convenient way to provide such an assurance is to identify the source of the information, then ensure that the information is not modified between the source and destination. A digital signature provides a way to provide this assurance.
Digital signatures can be applied in two ways to a PIDF-LO: the Secure MIME (S/MIME) method in Reference 1 or an XML digital signature (see Reference 2). S/MIME offers features that are not useful in this context, like encryption; whereas an XML digital signature offers some flexibility. This flexibility is what makes the XML digital signature useful in signing PIDF-LO.
This appendix describes how a PIDF-LO document can be digitally signed. In particular, a transform is described that can be used to selectively sign parts of the PIDF-LO document.
A digital signature is useful for linking different data together, but not all of the information in a PIDF-LO needs to be protected by the digital signature. If a PIDF-LO is generated by an LIS, certain information must be signed for the signature to be effective, but other elements can be unsigned so that it can be changed.
The following pieces of information must be signed for a digital signature to have any effect:
Location information The location information is the primary piece of interesting data.
The presentity identifier This field identifies the subject of location...
