draft-ietf-ecrit-unauthenticated-access-03.txt   draft-ietf-ecrit-unauthenticated-access-04.txt 
ECRIT H. Schulzrinne ECRIT H. Schulzrinne
Internet-Draft Columbia University Internet-Draft Columbia University
Intended status: Standards Track S. McCann Intended status: Standards Track S. McCann
Expires: January 12, 2012 Research in Motion UK Ltd Expires: September 13, 2012 Research in Motion UK Ltd
G. Bajko G. Bajko
Nokia Nokia
H. Tschofenig H. Tschofenig
Nokia Siemens Networks Nokia Siemens Networks
D. Kroeselberg D. Kroeselberg
Siemens Siemens
July 11, 2011 March 12, 2012
Extensions to the Emergency Services Architecture for dealing with Extensions to the Emergency Services Architecture for dealing with
Unauthenticated and Unauthorized Devices Unauthenticated and Unauthorized Devices
draft-ietf-ecrit-unauthenticated-access-03.txt draft-ietf-ecrit-unauthenticated-access-04.txt
Abstract Abstract
The IETF emergency services architecture assumes that the calling The IETF emergency services architecture assumes that the calling
device has acquired rights to use the access network or that no device has acquired rights to use the access network or that no
authentication is required for the access network, such as for public authentication is required for the access network, such as for public
wireless access points. Subsequent protocol interactions, such as wireless access points. Subsequent protocol interactions, such as
obtaining location information, learning the address of the Public obtaining location information, learning the address of the Public
Safety Answering Point (PSAP) and the emergency call itself are Safety Answering Point (PSAP) and the emergency call itself are
largely decoupled from the underlying network access procedures. largely decoupled from the underlying network access procedures.
skipping to change at page 2, line 7 skipping to change at page 2, line 7
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 12, 2012. This Internet-Draft will expire on September 13, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 3, line 36 skipping to change at page 3, line 36
5.3.3. SIP Emergency Call Signaling . . . . . . . . . . . . . 15 5.3.3. SIP Emergency Call Signaling . . . . . . . . . . . . . 15
6. Lower Layer Considerations for NAA Case . . . . . . . . . . . 16 6. Lower Layer Considerations for NAA Case . . . . . . . . . . . 16
6.1. Link Layer Emergency Indication . . . . . . . . . . . . . 16 6.1. Link Layer Emergency Indication . . . . . . . . . . . . . 16
6.2. Securing Network Attachment in NAA Cases . . . . . . . . . 17 6.2. Securing Network Attachment in NAA Cases . . . . . . . . . 17
7. Security Considerations . . . . . . . . . . . . . . . . . . . 20 7. Security Considerations . . . . . . . . . . . . . . . . . . . 20
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 21 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 21
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
10.1. Normative References . . . . . . . . . . . . . . . . . . . 23 10.1. Normative References . . . . . . . . . . . . . . . . . . . 23
10.2. Informative References . . . . . . . . . . . . . . . . . . 23 10.2. Informative References . . . . . . . . . . . . . . . . . . 23
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 25
1. Introduction 1. Introduction
Summoning police, the fire department or an ambulance in emergencies Summoning police, the fire department or an ambulance in emergencies
is one of the fundamental and most-valued functions of the telephone. is one of the fundamental and most-valued functions of the telephone.
As telephone functionality moves from circuit-switched telephony to As telephone functionality moves from circuit-switched telephony to
Internet telephony, its users rightfully expect that this core Internet telephony, its users rightfully expect that this core
functionality will continue to work at least as well as it has for functionality will continue to work at least as well as it has for
the older technology. New devices and services are being made the older technology. New devices and services are being made
available that could be used to make a request for help, which are available that could be used to make a request for help, which are
not traditional telephones, and users are increasingly expecting them not traditional telephones, and users are increasingly expecting them
to be used to place emergency calls. to be used to place emergency calls.
Roughly speaking, the IETF emergency services architecture (see Roughly speaking, the IETF emergency services architecture (see
[I-D.ietf-ecrit-phonebcp] and [I-D.ietf-ecrit-framework]) divides [I-D.ietf-ecrit-phonebcp] and [RFC6443]) divides responsibility for
responsibility for handling emergency calls between the access handling emergency calls between the access network (ISP), the
network (ISP), the application service provider (ASP) that may be a application service provider (ASP) that may be a VoIP service
VoIP service provider and the provider of emergency signaling provider and the provider of emergency signaling services, the
services, the emergency service network (ESN). The access network emergency service network (ESN). The access network may provide
may provide location information to end systems, but does not have to location information to end systems, but does not have to provide any
provide any ASP signaling functionality. The emergency caller can ASP signaling functionality. The emergency caller can reach the ESN
reach the ESN either directly or through the ASP's outbound proxy. either directly or through the ASP's outbound proxy. Any of the
Any of the three parties can provide the mapping from location to three parties can provide the mapping from location to PSAP URI by
PSAP URI by offering LoST [RFC5222] services. offering LoST [RFC5222] services.
In general, a set of automated configuration mechanisms allows a In general, a set of automated configuration mechanisms allows a
device to function in a variety of architectures, without the user device to function in a variety of architectures, without the user
being aware of the details on who provides location, mapping services being aware of the details on who provides location, mapping services
or call routing services. However, if emergency calling is to be or call routing services. However, if emergency calling is to be
supported when the calling device lacks access network authorization supported when the calling device lacks access network authorization
or does not have an ASP, one or more of the providers may need to or does not have an ASP, one or more of the providers may need to
provide additional services and functions. provide additional services and functions.
In all cases, the end device has to be able to perform a LoST lookup In all cases, the end device has to be able to perform a LoST lookup
skipping to change at page 14, line 28 skipping to change at page 14, line 28
5.2.1. ESRP Discovery 5.2.1. ESRP Discovery
An ISP MUST provision a DHCP server with information about LoST An ISP MUST provision a DHCP server with information about LoST
servers [RFC5223]. An ISP operator may choose to deploy a LoST servers [RFC5223]. An ISP operator may choose to deploy a LoST
server or to outsource it to other parties. server or to outsource it to other parties.
5.2.2. Location Determination and Location Configuration 5.2.2. Location Determination and Location Configuration
The ISP is responsible for location determination and exposes this The ISP is responsible for location determination and exposes this
information to the end points via location configuration protocols. information to the end points via location configuration protocols.
The considerations described in [I-D.ietf-ecrit-location-hiding-req] The considerations described in [RFC6444] are applicable to this
are applicable to this document. document.
The ISP MUST support one of the LCPs described in Section 6.5 of The ISP MUST support one of the LCPs described in Section 6.5 of
[I-D.ietf-ecrit-phonebcp]. The description in Section 6.5 and 6.6 of [I-D.ietf-ecrit-phonebcp]. The description in Section 6.5 and 6.6 of
[I-D.ietf-ecrit-phonebcp] regarding the interaction between the end [I-D.ietf-ecrit-phonebcp] regarding the interaction between the end
device and the LIS applies to this document. device and the LIS applies to this document.
The interaction between the LIS at the ISP and the IAP is often The interaction between the LIS at the ISP and the IAP is often
priorietary but the description in priorietary but the description in
[I-D.winterbottom-geopriv-lis2lis-req] may be relevant to the reader. [I-D.winterbottom-geopriv-lis2lis-req] may be relevant to the reader.
skipping to change at page 20, line 46 skipping to change at page 20, line 46
filter list. filter list.
For the ZBP case the additional aspect of fraud has to be considered. For the ZBP case the additional aspect of fraud has to be considered.
Unless the emergency call traverses a PSTN gateway or the ASP charges Unless the emergency call traverses a PSTN gateway or the ASP charges
for IP-to-IP calls, there is little potential for fraud. If the ASP for IP-to-IP calls, there is little potential for fraud. If the ASP
also operates the LoST server, the outbound proxy MAY restrict also operates the LoST server, the outbound proxy MAY restrict
outbound calls to the SIP URIs returned by the LoST server. It is outbound calls to the SIP URIs returned by the LoST server. It is
NOT RECOMMENDED to rely on a fixed list of SIP URIs, as that list may NOT RECOMMENDED to rely on a fixed list of SIP URIs, as that list may
change. change.
Finally, a number of security vulnerabilities discussed in Finally, a number of security vulnerabilities discussed in [RFC6280]
[I-D.ietf-geopriv-arch] around faked location information are less around faked location information are less problematic in the context
problematic in the context of unauthenticated emergency since of unauthenticated emergency since location information does not need
location information does not need to be provided by the end host to be provided by the end host itself or it can be verified to fall
itself or it can be verified to fall within a specific geographical within a specific geographical area.
area.
8. Acknowledgments 8. Acknowledgments
Parts of this document are derived from [I-D.ietf-ecrit-phonebcp]. Parts of this document are derived from [I-D.ietf-ecrit-phonebcp].
Participants of the 2nd and 3rd SDO Emergency Services Workshop Participants of the 2nd and 3rd SDO Emergency Services Workshop
provided helpful input. provided helpful input.
We would like to thank Richard Barnes, Brian Rosen, James Polk, Marc We would like to thank Richard Barnes, Brian Rosen, James Polk, Marc
Linsner, and Martin Thomson for their feedback at the IETF#80 ECRIT Linsner, and Martin Thomson for their feedback at the IETF#80 ECRIT
meeting. meeting.
skipping to change at page 23, line 36 skipping to change at page 23, line 36
A., Peterson, J., Sparks, R., Handley, M., and E. A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261, Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002. June 2002.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[I-D.ietf-ecrit-phonebcp] [I-D.ietf-ecrit-phonebcp]
Rosen, B. and J. Polk, "Best Current Practice for Rosen, B. and J. Polk, "Best Current Practice for
Communications Services in support of Emergency Calling", Communications Services in support of Emergency Calling",
draft-ietf-ecrit-phonebcp-17 (work in progress), draft-ietf-ecrit-phonebcp-20 (work in progress),
March 2011. September 2011.
[RFC5222] Hardie, T., Newton, A., Schulzrinne, H., and H. [RFC5222] Hardie, T., Newton, A., Schulzrinne, H., and H.
Tschofenig, "LoST: A Location-to-Service Translation Tschofenig, "LoST: A Location-to-Service Translation
Protocol", RFC 5222, August 2008. Protocol", RFC 5222, August 2008.
[RFC5223] Schulzrinne, H., Polk, J., and H. Tschofenig, "Discovering [RFC5223] Schulzrinne, H., Polk, J., and H. Tschofenig, "Discovering
Location-to-Service Translation (LoST) Servers Using the Location-to-Service Translation (LoST) Servers Using the
Dynamic Host Configuration Protocol (DHCP)", RFC 5223, Dynamic Host Configuration Protocol (DHCP)", RFC 5223,
August 2008. August 2008.
10.2. Informative References 10.2. Informative References
[RFC5687] Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7 [RFC5687] Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7
Location Configuration Protocol: Problem Statement and Location Configuration Protocol: Problem Statement and
Requirements", RFC 5687, March 2010. Requirements", RFC 5687, March 2010.
[I-D.ietf-ecrit-framework] [RFC6443] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton,
Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, "Framework for Emergency Calling Using Internet
"Framework for Emergency Calling using Internet Multimedia", RFC 6443, December 2011.
Multimedia", draft-ietf-ecrit-framework-12 (work in
progress), October 2010.
[I-D.ietf-geopriv-res-gw-lis-discovery] [I-D.ietf-geopriv-res-gw-lis-discovery]
Thomson, M. and R. Bellis, "Location Information Server Thomson, M. and R. Bellis, "Location Information Server
(LIS) Discovery using IP address and Reverse DNS", (LIS) Discovery using IP address and Reverse DNS",
draft-ietf-geopriv-res-gw-lis-discovery-01 (work in draft-ietf-geopriv-res-gw-lis-discovery-02 (work in
progress), March 2011. progress), September 2011.
[RFC5985] Barnes, M., "HTTP-Enabled Location Delivery (HELD)", [RFC5985] Barnes, M., "HTTP-Enabled Location Delivery (HELD)",
RFC 5985, September 2010. RFC 5985, September 2010.
[RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for [RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for
Emergency Context Resolution with Internet Technologies", Emergency Context Resolution with Internet Technologies",
RFC 5012, January 2008. RFC 5012, January 2008.
[I-D.ietf-ecrit-location-hiding-req] [RFC6444] Schulzrinne, H., Liess, L., Tschofenig, H., Stark, B., and
Schulzrinne, H., Liess, L., Tschofenig, H., Stark, B., and
A. Kuett, "Location Hiding: Problem Statement and A. Kuett, "Location Hiding: Problem Statement and
Requirements", draft-ietf-ecrit-location-hiding-req-04 Requirements", RFC 6444, January 2012.
(work in progress), February 2010.
[I-D.winterbottom-geopriv-lis2lis-req] [I-D.winterbottom-geopriv-lis2lis-req]
Winterbottom, J. and S. Norreys, "LIS to LIS Protocol Winterbottom, J. and S. Norreys, "LIS to LIS Protocol
Requirements", draft-winterbottom-geopriv-lis2lis-req-01 Requirements", draft-winterbottom-geopriv-lis2lis-req-01
(work in progress), November 2007. (work in progress), November 2007.
[RFC5069] Taylor, T., Tschofenig, H., Schulzrinne, H., and M. [RFC5069] Taylor, T., Tschofenig, H., Schulzrinne, H., and M.
Shanmugam, "Security Threats and Requirements for Shanmugam, "Security Threats and Requirements for
Emergency Call Marking and Mapping", RFC 5069, Emergency Call Marking and Mapping", RFC 5069,
January 2008. January 2008.
[I-D.ietf-geopriv-arch] [RFC6280] Barnes, R., Lepinski, M., Cooper, A., Morris, J.,
Barnes, R., Lepinski, M., Cooper, A., Morris, J.,
Tschofenig, H., and H. Schulzrinne, "An Architecture for Tschofenig, H., and H. Schulzrinne, "An Architecture for
Location and Location Privacy in Internet Applications", Location and Location Privacy in Internet Applications",
draft-ietf-geopriv-arch-03 (work in progress), BCP 160, RFC 6280, July 2011.
October 2010.
[esw07] "3rd SDO Emergency Services Workshop, [esw07] "3rd SDO Emergency Services Workshop,
http://www.emergency-services-coordination.info/2007Nov/", http://www.emergency-services-coordination.info/2007Nov/",
October 30th - November 1st 2007. October 30th - November 1st 2007.
[nwgstg3] "WiMAX Forum WMF-T33-001-R015V01, WiMAX Network [nwgstg3] "WiMAX Forum WMF-T33-001-R015V01, WiMAX Network
Architecture Stage-3 Architecture Stage-3
http://www.wimaxforum.org/sites/wimaxforum.org/files/ tech http://www.wimaxforum.org/sites/wimaxforum.org/files/ tech
nical_document/2009/09/ nical_document/2009/09/
DRAFT-T33-001-R015v01-O_Network-Stage3-Base.pdf", DRAFT-T33-001-R015v01-O_Network-Stage3-Base.pdf",
 End of changes. 16 change blocks. 
41 lines changed or deleted 34 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/