Open JoachimDahlgren opened 1 year ago
alpaycetin74
commented
1 year ago We could return a HTTP 400 error that communicates the valid accuracy range to the caller in the "message" field. The API implementer would know their system and what range to enforce. On the other hand, then we should not impose a range in the API definition itself because the acceptable values become now implementation specific.
gmuratk
commented
1 year ago In addition to the system limitations, there could be legal limitations as well. For example, for legal reasons high precision may not be allowed, but low precision accuracy may be acceptable, with appropriate consent of course. Would use of scopes, for varying levels of precision, on different endpoints be a good approach here? Are there other suggestions? cc: @Dharmik-T-mobile
jlurien
commented
1 year ago @gmuratk this is an interesting consideration. It is not exactly the initial topic but privacy concerns about accuracy were also mentioned during last meeting.
For example in Android, there are two levels of accuracy regarding permission (coarse and fine). Compared to mobile devices, as our current minimum limit is 2km, we are always providing "coarse" accuracy, as we are far from the "fine" accuracy that a GPS can provide.
If we wanted to model that in our APIs, with our own levels, we'll have to decide on the how-to, but if this is required I think we should open a dedicated issue for it.
When asking to verify the location of a device you input a circle (a point + radius in form of accuracy) to which we will respond TRUE, FALSE, UNKNOWN or PARTIAL.
The accuracy that can be provided depends to a large degree on the underlying system as well as where the device is located. With some GMLC implementations the accuracy in ideal situations can be below 100m, Relying only on location reporting through 3GPP MONTE we have at best cell level granularity which in rural areas will be not very accurate.
One could expect that API invokers would like as high accuracy as possible. This means that we could have a scenario when the accuracy of the underlying system is to low and we will always return FALSE. How can we communicate this to the API invoker? Should we provide more detailed information in the API description or should we add information in the response that the asked for accuracy is not supported?