appsawg
Independent Submission                                           L. Goix
Internet-Draft                                            Telecom Italia
Intended status:
Request for Comments: 7566                   Econocom-Osiatis Ingenierie
Category: Experimental                                             K. Li
Expires: December 20, 2014                           Huawei Technologies
ISSN: 2070-1721                                               Individual
                                                               June 18, 2014

                 ENUM Service 2015

                Enumservice Registration for acct 'acct' URI
                  draft-goix-appsawg-enum-acct-uri-07

Abstract

   This document registers a Telephone an E.164 Number Mapping (ENUM) service for
   'acct:'
   'acct' URIs (Uniform Resource Identifiers).

Status of This Memo

   This Internet-Draft document is submitted in full conformance with the
   provisions of BCP 78 not an Internet Standards Track specification; it is
   published for examination, experimental implementation, and BCP 79.

   Internet-Drafts are working documents of
   evaluation.

   This document defines an Experimental Protocol for the Internet Engineering
   Task Force (IETF).  Note that
   community.  This is a contribution to the RFC Series, independently
   of any other groups may also distribute
   working documents as Internet-Drafts. RFC stream.  The list of current Internet-
   Drafts is RFC Editor has chosen to publish this
   document at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a maximum candidate for any level of six months Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on December 20, 2014.
   http://www.rfc-editor.org/info/rfc7566.

Copyright Notice

   Copyright (c) 2014 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2 ....................................................2
   2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   2 .....................................................2
   3.  Use cases . . . . . . . . . . . . . . . . . . . . . . . . . .   2
     3.1.  Reverse phone lookup  . . . . . . . . . . . . . . . . . .   2
     3.2.  Routing of mobile social communications . . . . . . . . .   3
   4.  IANA Registration . . . . . . . . . . . . . . . . . . . . . .   3
   5.  Examples  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
   6.  DNS Considerations  . . . . . . . . . . . . . . . . . . . . .   5
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   9.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   7
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     10.1. Use Cases .......................................................2
      3.1. Reverse Phone Lookup .......................................2
      3.2. Routing of Mobile Social Communications ....................3
   4. IANA Registration ...............................................4
   5. Examples ........................................................5
   6. DNS Considerations ..............................................5
   7. Security Considerations .........................................6
   8. IANA Considerations .............................................7
   9. References ......................................................7
      9.1. Normative References . . . . . . . . . . . . . . . . . .   7
     10.2. .......................................7
      9.2. Informative References . . . . . . . . . . . . . . . . .   8 .....................................8
   Acknowledgements ...................................................8
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   8 .................................................8

1.  Introduction

   ENUM (E.164 Number Mapping, [RFC6116]) is a system that uses DNS
   (Domain Name Service, [RFC1034]) to translate telephone numbers, such
   as '+44 1632 960123', into URIs (Uniform Resource Identifiers,
   [RFC3986]), such as 'acct:user@example.com'.  ENUM exists primarily
   to facilitate the interconnection of systems that rely on telephone
   numbers with those that use URIs to identify resources.

   [I-D.ietf-appsawg-acct-uri]

   [RFC7565] defines the 'acct' URI scheme as a way to identify a user's
   account at a service provider.

   This document registers an Enumservice for advertising acct 'acct' URI
   information associated with an E.164 number.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Use cases Cases

3.1.  Reverse phone lookup Phone Lookup

   In this example, an address book application could issue ENUM queries
   looking for 'acct' URIs corresponding to phone numbers.  This could
   be used to display the account identifier as well as an icon based on
   the host (domain) portion of that URI.

   Similarly, an endpoint could trigger this resolution process during
   inbound and/or outbound calls to discover an account associated with
   the remote party.

   In general general, the provision of an ENUM record to map a phone number
   into an account may be useful for businesses or professional workers
   to identify themselves publicly (in a similar way as similar to vCard enum ENUM
   records).

3.2.  Routing of mobile social communications Mobile Social Communications

   The Open Mobile Alliance (OMA) develops mobile service enabler
   specifications, which support the creation of interoperable end-to-
   end
   end-to-end mobile services independent of the underlying wireless
   platforms, such as GSM (Global System for Mobile communications),
   UMTS (Universal Mobile Telecommunications System) System), and LTE (Long Term
   Evolution) mobile networks.  The OMA Social Network Web (SNeW)
   Enabler Release [OMA-SNeW] has introduced a number of Social
   Networking social
   networking functionalities for mobile subscribers identified by their
   MSISDN (Mobile Subscriber Integrated Services Digital Network number,
   a number uniquely identifying a subscription in a mobile network),
   amongst which is the ability to follow each other's social activities
   across service providers.

   Such functionality requires the global resolution of the MSISDN to
   the corresponding account and provider, in an analogous a way as MMS analogous to
   Multimedia Messaging Service (MMS) routing, to identify the target
   endpoint for the related messages.  Although alternatives alternative solutions
   exist (e.g. (e.g., based on mobile network operations and/or proprietary
   lookup techniques), ENUM provides a globally accessible mechanism for
   enabling resolution from network entities on behalf of an endpoint,
   or from an endpoint itself.

   For example, a user of a service provider could request to follow the
   social activities of user '+44 1632 960123'.  The home SNEW SNeW Server of
   the former user could perform an ENUM query to identify the 'acct'
   URI corresponding to that phone number.  Based on the resulting URI,
   the server could then identify the SNEW SNeW Server of the target user and
   route the original user's request to the appropriate endpoint.

   A similar mechanism can apply to other types of social networking-
   related messages or other communications targeted to a mobile
   subscriber.

4.  IANA Registration

   As defined in [RFC6117], the following is a template covering
   information needed for the registration of the Enumservice specified
   in this document:

           <record>
             <class>Application-Based, Ancillary</class>
             <type>acct</type>
             <urischeme>acct</urischeme>
             <functionalspec>
               <paragraph>
                 This Enumservice indicates that the resource
                 can be identified by the associated 'acct' URI
                 <xref target='I-D.ietf-appsawg-acct-uri' />. target='RFC7565'/>.
               </paragraph>
             </functionalspec>
             <security>
               For DNS considerations in avoiding loops when
               searching for "acct" NAPTRs, see
               <xref type="rfc" data="rfcTHIS"/>,
                  <xref target="dns">Section 6</xref>. data="7566"/>, Section 6.
               For security considerations, see
               <xref type="rfc" data="rfcTHIS"/>,
                  <xref target="security">Section 7</xref>. data="7566"/>, Section 7.
             </security>
             <usage>COMMON</usage>
             <registrationdocs>
               <xref type="rfc" data="rfcTHIS"/> data="7566"/>
             </registrationdocs>
             <requesters>
               <xref type="person" data="Laurent_Walter_Goix"/>
             </requesters>
           </record>

           <people>
             <person id="Laurent_Walter_Goix">
               <name>Laurent-Walter Goix</name>
                  <org>Telecom Italia</org>
                  <uri>mailto:laurentwalter.goix@telecomitalia.it</uri>
               <org>Econocom-Osiatis Ingenierie</org>
               <uri>mailto:laurent.goix@econocom-osiatis.com</uri>
               <updated>2014-06-18</updated>
             </person>
           </people>

   [Note for RFC-Editor: Please replace any instance of rfcTHIS with

   Note that the
   RFC number registry maintained by IANA is definitive.  For the
   most recent version of this document before publication] the registration, please see the online
   registry <http://www.iana.org/assignments/enum-services>.

5.  Examples

   The following is an example of the use of the Enumservice registered
   by this document in a NAPTR Naming Authority Pointer (NAPTR) resource
   record for phone number +44 1632 960123.

   $ORIGIN 3.2.1.0.6.9.2.3.6.1.4.4.e164.arpa.

   IN NAPTR 10 100 "u" "E2U+acct" "!^.*$!acct:441632960123@foo.com!" .

   IN NAPTR 10 101 "u" "E2U+acct" "!^.*$!acct:john.doe@example.com!" .

   Note that in the first record, the revealed information is limited to
   the domain of the service provider serving that user user, as the userpart
   of the acct 'acct' URI simply replicates the phone number.

6.  DNS Considerations

   There may not be any "E2U+acct" NAPTRs returned in response to the
   original ENUM query on the requested telephone number, but other
   terminal ENUM NAPTRs that include tel: URLs [RFC3966] (e.g.,
   "voice:tel"
   "voice:tel", "pstn:tel", "sms:tel", or "pstn:tel" or "SMS:tel" or "MMS:tel" - "mms:tel" -- see [RFC6118])
   may be present.

   The application that made that ENUM query may choose to re-submit resubmit ENUM
   queries for any E.164 numbers included in those returned terminal
   NAPTRs.  Doing so may cause a query loop (e.g., the ENUM records
   returned from subsequent queries may refer to the telephone number
   already considered).  If applications choose to perform subsequent
   ENUM queries using telephone numbers retrieved from earlier queries,
   these applications MUST be aware of the potential for query loops, loops and
   MUST be prepared to abort the set of queries if such a loop is
   detected.

   This issue is a similar issue to the referential loop issue caused by
   processing non-terminal NAPTR queries, as mentioned in section Section 5.2.1
   of [RFC6116], and a similar technique to mitigate this issue can be
   used; an application searching for records with "acct" Enumservice
   may consider that submitting a chain of more that than 5 ENUM queries
   without finding such a record indicates that a referential loop has
   been entered, and the chain of queries SHOULD be abandoned.

7.  Security Considerations

   DNS, as used by ENUM, is a global, distributed database.  Should
   implementers of this specification use e164.arpa or any other
   publicly available domain as the tree for maintaining PSTN Public Switched
   Telephone Network (PSTN) Enumservice data, this information would be
   visible to anyone anonymously.

   Carriers, service providers, and other users may choose not to
   publish such information in the public e164.arpa tree.  They may
   instead simply publish this in an internal ENUM infrastructure that
   is only able to be queried by trusted elements of their network, thus
   limiting threats.

   For security considerations that apply to all Enumservices, please
   refer to [RFC6116], section Section 7.

   It is important to note that the ENUM record itself does not need to
   contain any personal information but only contains a pointer to an
   account identifier.  This identifier may be queried to discover
   pointers to personal information (e.g.  social network (e.g., social-network information)
   endpoints
   endpoints, and an authorisation authorization mechanism may be in place in that
   context with any level of granularity although it is granularity; these topics are out of scope of
   for this document.

   Technically, ENUM records themselves could contain pointers to the
   same endpoints.  However  However, the visibility of ENUM records cannot be
   controlled based on the requesting entity.  In that context context, the
   simple mapping of the phone number to the account identifier,
   notwithstanding the disclosure of the association itself, still
   enables the reuse of more advanced access policies.

   Revealing an 'acct' URI by itself is unlikely to introduce many
   privacy concerns, although, depending on the structure of the URI, it
   might reveal the full name or employer of the target.  The use of
   anonymous URIs mitigates this risk.

   Unlike a traditional telephone number, the endpoint identified by an
   'acct' URI may require that requesting entities provide cryptographic
   credentials for authentication and authorization before messages are
   exchanged.  ENUM can actually provide far greater protection from
   unwanted requesting entities than does the existing PSTN, despite the
   public availability of ENUM records.

   More serious security concerns are associated with potential attacks
   against an underlying system (for example, social network a social-network system)
   using the 'acct' URI.  For this reason, the underlying system should
   have a number of security requirements that call for authentication,
   integrity
   integrity, and confidentiality properties, and similar measures to
   prevent such attacks.  And this  This is out of scope of for this document.

8.  IANA Considerations

   This document requests the

   Per this document, IANA registration of has registered the Enumservice with Type
   "acct" according to the definitions in this document, [RFC6116] [RFC6116], and
   [RFC6117].

   Details of the registration are given in Section 4.

9.  Acknowledgements

   The authors would like to thank Gonzalo Salgueiro, Paul Jones,
   Lawrence Conroy, Enrico Marocco, Bert Greevenbosch and Bernie
   Hoeneisen for their valuable feedback to improve this document.

10.  References

10.1.

9.1.  Normative References

   [I-D.ietf-appsawg-acct-uri]
              Saint-Andre, P., "The 'acct' URI Scheme", draft-ietf-
              appsawg-acct-uri-07 (work in progress), January 2014.

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987. 1987,
              <http://www.rfc-editor.org/info/rfc1034>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997.

   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
              Leach, P., Luotonen, A., and L. Stewart, "HTTP
              Authentication: Basic and Digest Access Authentication",
              RFC 2617, June 1999. 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC3966]  Schulzrinne, H., "The tel URI for Telephone Numbers",
              RFC 3966, DOI 10.17487/RFC3966, December 2004. 2004,
              <http://www.rfc-editor.org/info/rfc3966>.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, DOI 10.17487/RFC3986, January 2005. 2005,
              <http://www.rfc-editor.org/info/rfc3986>.

   [RFC6116]  Bradner, S., Conroy, L., and K. Fujiwara, "The E.164 to
              Uniform Resource Identifiers (URI) Dynamic Delegation
              Discovery System (DDDS) Application (ENUM)", RFC 6116,
              DOI 10.17487/RFC6116, March 2011. 2011,
              <http://www.rfc-editor.org/info/rfc6116>.

   [RFC6117]  Hoeneisen, B., Mayrhofer, A., and J. Livingood, "IANA
              Registration of Enumservices: Guide, Template, and IANA
              Considerations", RFC 6117, DOI 10.17487/RFC6117,
              March 2011. 2011, <http://www.rfc-editor.org/info/rfc6117>.

   [RFC6118]  Hoeneisen, B. and A. Mayrhofer, "Update of Legacy IANA
              Registrations of Enumservices", RFC 6118,
              DOI 10.17487/RFC6118, March 2011.

10.2. 2011,
              <http://www.rfc-editor.org/info/rfc6118>.

   [RFC7565]  Saint-Andre, P., "The 'acct' URI Scheme", RFC 7565,
              DOI 10.17487/RFC7565, May 2015,
              <http://www.rfc-editor.org/info/rfc7565>.

9.2.  Informative References

   [OMA-SNeW]
              Open Mobile Alliance, OMA-ER-SNeW-V1_0, "Social Network
              Web Enabler", OMA-
              ER-SNeW-V1_0
              http://technical.openmobilealliance.org/Technical/
              release_program/snew_v1_0.aspx, Aug 2013. August 2013,
              <http://technical.openmobilealliance.org/Technical/
              release_program/snew_v1_0.aspx>.

Acknowledgements

   The authors would like to thank Gonzalo Salgueiro, Paul Jones,
   Lawrence Conroy, Enrico Marocco, Bert Greevenbosch, and Bernie
   Hoeneisen for their valuable feedback to improve this document.

Authors' Addresses

   Laurent-Walter Goix
   Telecom Italia
   Via Golgi, 42
   Milano  20133
   Italy

   Email: laurentwalter.goix@telecomitalia.it
   Econocom-Osiatis Ingenierie
   75 cours Albert Thomas
   69003 Lyon
   France

   EMail: laurent.goix@econocom-osiatis.com

   Kepeng Li
   Huawei Technologies
   Huawei Base, Bantian, Longgang District
   Shenzhen  518129
   P. R.
   Individual
   969 Wenyixi Road
   311121 Hangzhou
   China

   Phone: +86-755-28971807
   Email: likepeng@huawei.com

   EMail: kepeng.likp@gmail.com