ECRIT                                                     H. Schulzrinne
Internet-Draft                                       Columbia University
Intended status: Experimental                              H. Tschofenig
Expires: February 7, 10, 2010                        Nokia Siemens Networks
                                                          August 6, 9, 2009

  Synchronizing Location-to-Service Translation (LoST) Protocol based
                Service Boundaries and Mapping Elements
                   draft-ietf-ecrit-lost-sync-06.txt
                   draft-ietf-ecrit-lost-sync-07.txt

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on February 7, 10, 2010.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Abstract

   The Location-to-Service Translation (LoST) protocol is an XML-based
   protocol for mapping service identifiers and geodetic or civic
   location information to service URIs and service boundaries.  In
   particular, it can be used to determine the location-appropriate
   Public Safety Answering Point (PSAP) for emergency services.

   The main data structure, the <mapping> element, used for
   encapsulating information about service boundaries is defined in the
   LoST protocol specification and circumscribes the region within which
   all locations map to the same service Uniform Resource Identifier
   (URI) or set of URIs for a given service.

   This document defines an XML protocol to exchange these mappings
   between two nodes.  This mechanism can be used is designed for bulk the exchange of
   authoritative <mapping> elements between two entities.  As such,  Exchanging
   cached <mapping> elements, i.e. non-authoritative elements, is
   possible but not envisioned.  In any case, this document can also be
   used without the LoST protocol. protocol even though the format of the
   <mapping> element is re-used from the LoST specification.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  7
   3.  Querying for Mappings with a <getMappingsRequest> /
       <getMappingsResponse> Exchange . . . . . . . . . . . . . . . .  8
     3.1.  Behavior of the LoST Sync Client's Behavior  . . Source . . . . . . . . . . . . .  8
     3.2.  Behavior of the LoST Sync Server's Behavior  . . Source . . . . . . . . . . . . .  8
     3.3.  Examples . . . . . . . . . . . . . . . . . . . . . . . . .  9
   4.  Pushing Mappings via <pushMappings> and
       <pushMappingsResponse> . . . . . . . . . . . . . . . . . . . . 11
     4.1.  Behavior of the LoST Sync Client's Behavior  . . Source . . . . . . . . . . . . . 11
     4.2.  Behavior of the LoST Sync Server's Behavior  . . . . . Destination  . . . . . . . . . . 11
     4.3.  Example  . . . . . . . . . . . . . . . . . . . . . . . . . 12
   5.  Transport  . . . . . . . . . . . . . . . . . . . . . . . . . . 15
   6.  RelaxNG  . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 18
   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 19
     8.1.  Content-type registration for
           'application/lostsync+xml' . . . . . . . . . . . . . . . . 19
     8.2.  LoST Sync Relax NG Schema Registration . . . . . . . . . . 20
     8.3.  LoST Synchronization Namespace Registration  . . . . . . . 20
   9.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 22
   10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
     10.1. Normative References . . . . . . . . . . . . . . . . . . . 23
     10.2. Informative References . . . . . . . . . . . . . . . . . . 23
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 24

1.  Introduction

   The LoST (Location-to-Service Translation) protocol [RFC5222] maps
   service identifiers and geodetic or civic location information to
   service URIs.  The main data structure, the <mapping> element, used
   for encapsulating information about service boundaries is defined in
   the LoST protocol specification and circumscribes the region within
   which all locations map to the same service Uniform Resource
   Identifier (URI) or set of URIs for a given service.

   This document enables a bulk mechanism is designed for the exchange of authoritative
   <mapping> elements between two entities (the LoST Sync client source and the
   LoST Sync server). destination).

   The LoST Sync mechanism can, for example, be used in the LoST
   architecture, as specified in the [I-D.ietf-ecrit-mapping-arch].
   There, LoST servers act in different roles that cooperate to provide
   an ubiquitous, globally scalable and resilient mapping service.  In
   the LoST mapping architecture, LoST servers can peer, i.e., have an
   on-going data exchange relationship.  Peering relationships are set
   up manually, based on local policies.  A server can peer with any
   number of other servers.  Forest guides peer with other forest
   guides; resolvers peer with forest guides and other resolvers (in the
   same cluster); authoritative mapping servers peer with forest guides
   and other authoritative servers, either in the same cluster or above
   or below them in the tree.  Authoritative mapping servers push
   coverage regions "up" the tree, i.e., from child nodes to parent
   nodes.  The child informs the parent of the geospatial or civic
   region that it covers for a specific service.

   As an example consider the following two forest guides for two
   countries, country Foo and country Bar. Country Foo has only 5 PSAPs
   and the boundaries for fire, police and ambulance are identical.
   Country Bar has a large number of PSAPs but their emergency services
   architecture is designed in a way that all emergency calls are served
   by a small number of replicated and highly available Emergency
   Services Routing Proxies (ESRPs).  These ESRPs give outside countries
   the illusion of a single PSAP.  From a call routing point of view a
   ESRP receiving an emergency call performs location based routing to
   forward calls to one of the large number of PSAPs.

   Country Foo and country Bar utilize LoST Sync to keep their mappings
   up-to-date.  Every country is responsible for maintaining their own
   mapping information and hence they configure their LoST Sync nodes in
   a way that they exchange the respective mapping information.  In this
   case, the mapping data will be synchronized in both directions.
   Since the amount of data being exchanged is small and the expected
   rate of change is low the LoST Sync nodes are configured to always
   exchange all their mapping information whenever a change happens.

   This document defines two types of exchanges and those are best
   described by the exchange between two nodes as shown in Figure 1 and
   Figure 2.  The protocol exchange always runs between a LoST Sync
   client
   source and a LoST Sync server even through the roles are reversed for
   the two available exchanges and logically the two nodes might often
   be peers rather than in a client-server relationship. destination.  Node A in the
   example examples of
   Figure 1 and Figure 2 has mappings that Node B is going to retrieve.
   Node A acts as the source for the data and Node B is the destination.

   The <getMappingsRequest> and <getMappingsResponse> exchange request allows a LoST Sync client source to request
   mappings from a LoST Sync server. destination.

      +---------+                   +---------+
      | Node B  |                   | Node A  |
      | acting  |                   | acting  |
      | as      |                   | as      |
      | LoST    |                   | LoST    |
      | Sync    |                   | Sync    |
      | Client Dest.   |                   | Server Source  |
      +---------+                   +---------+
          |                              |
          |                              |
          |                              |
          | <getMappingsRequest>         |
          |----------------------------->|
          |                              |
          | <getMappingsResponse>        |
          |<-----------------------------|
          |                              |
          |                              |
          |                              |

    Figure 1: Querying for Mappings with a <getMappingsRequest> Message

   Note that in the exchange illustrated in Figure 1 Node B issuing the
   first request and plays the role of the HTTP/HTTPS client (with HTTP
   as selected transport) and Node A plays the role of the HTTP/HTTPS
   server.

   The <pushMappingsRequest> and <pushMappingsResponse> exchange allows a LoST Sync client source to push
   mappings to LoST Sync server. destination.  The assumption is being made that
   Node A and B have previously been configured in a way that they push
   mappings in such a fashion and that Node A maintains state about the
   mappings that have to be pushed to Node B. No subscribe mechanism is
   defined in this document that would allow Node B to tell Node A about
   what mappings it is
   interested. interested nor a mechanism for learning to which
   entities mappings have to be pushed.

       +---------+                   +---------+
       | Node A  |                   | Node B  |
       | acting  |                   | acting  |
       | as      |                   | as      |
       | LoST    |                   | LoST    |
       | Sync    |                   | Sync    |
       | Client Source  |                   | Server Dest.   |
       +---------+                   +---------+
           |                              |
           |                              |
           |                              |
           | <pushMappingsRequest>        |
           |----------------------------->|
           |                              |
           | <pushMappingsResponse>       |
           |<-----------------------------|
           |                              |
           |                              |
           |                              |

      Figure 2: Pushing Mappings with a <pushMappingsRequest> Message

   Note that in the exchange illustrated in Figure 2 Node A issuing the
   first request and plays the role of the HTTP/HTTPS client (with HTTP
   as selected transport) and Node B plays the role of the HTTP/HTTPS
   server.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

   This document reuses terminology introduced by the mapping
   architecture document [I-D.ietf-ecrit-mapping-arch].

   Throughout this document we use the term LoST Sync client source and LoST
   Sync server destination to denote the protocol end points of the exchange.
   The protocol is referred as LoST Sync within the text.

3.  Querying for Mappings with a <getMappingsRequest> /
    <getMappingsResponse> Exchange

3.1.  Behavior of the LoST Sync Client's Behavior Source

   A LoST Sync client destination has two ways to retrieve mapping elements
   from a LoST Sync server node. source.

   1.  A mechanisms that is suitable when no mappings are available on
       the client side LoST Sync destination is to submit an empty
       <getMappingsRequest> message, as shown in Figure 3.  The intent
       by the LoST Sync
       client destination thereby is to retrieve all mappings
       from the LoST Sync
       server. source.  Note that the request does not
       propagate further to other nodes.

   2.  A client that  In case a LoST Sync destination node has already obtained
       mappings in previous exchanges then it may want to check whether
       these mappings have been updated in the meanwhile.  The policy
       when to poll for updated mapping information is outside the scope
       of this document.  The <getMappingsRequest> message with one or
       multiple <exists> child element(s) allows to reduce the number of
       returned mappings to those that have been updated and also to
       those that are missing.

   In response to the <getMappingsRequest> message the client LoST Sync
   destination waits for the <getMappingsResponse> message.  In case of
   a successful response the client LoST Sync destination stores the received
   mappings and determines which mappings to replace.

3.2.  Behavior of the LoST Sync Server's Behavior Source

   When a LoST Sync server source receives an empty <getMappingsRequest>
   message then all locally available mappings MUST be returned
   (assuming that the client has been properly authenticated and
   authorized). returned.

   When a LoST Sync server source receives a <getMappingsRequest> message with
   one or multiple <exists> child element(s) then it MUST consult with
   the local mapping database to determine whether any of the mappings
   of the client is stale and whether there are mappings locally that
   the client does not yet have.  The former can be determined by
   finding mappings corresponding to the 'source' and 'sourceID'
   attribut where a mapping with a more recent lastUpdated date exists.

   Processing a <getMappingsRequest> message MAY lead to a successful
   response in the form of a <getMappingsResponse> or an <errors>
   message.  Only the <badRequest>, <forbidden>, <internalError>,
   <serverTimeout> errors, defined in [RFC5222], are utilized by this
   specification.  Neither the <redirect> nor the <warnings> messages
   are reused by this message.

3.3.  Examples

   The first examples show the simplest example shows an empty <getMappingsRequest> message. message that
   would retrieve all locally stored mappings at the LoST Sync source.

   <?xml version="1.0" encoding="UTF-8"?>
   <getMappingsRequest xmlns="urn:ietf:params:xml:ns:lostsync1"/>

          Figure 3: Example of empty <getMappingsRequest> message

   An

   A further example request is shown in Figure 4, 4 and the corresponding
   response is depicted in Figure 5.  In this example a LoST node requests a request is made
   for a specific mapping for (with source="authoritative.bar.example" and
   sourceId="7e3f40b098c711dbb6060800200c9a66"
   sourceId="7e3f40b098c711dbb6060800200c9a66") that is fresher more recent than
   "2006-11-01T01:00:00Z".

   <?xml version="1.0" encoding="UTF-8"?>
   <getMappingsRequest xmlns="urn:ietf:params:xml:ns:lostsync1">
       <exists>
           <mapping-fingerprint source="authoritative.bar.example"
           sourceId="7e3f40b098c711dbb6060800200c9a66"
           lastUpdated="2006-11-01T01:00:00Z">
           </mapping-fingerprint>
       </exists>
   </getMappingsRequest>

              Figure 4: Example <getMappingsRequest> Message

   The response to the above request is shown in Figure 5.  A more
   recent mapping was available with the identification of
   source="authoritative.bar.example" and
   sourceId="7e3f40b098c711dbb6060800200c9a66".  Only one mapping that
   matched source="authoritative.foo.example" was found and returned.

   <?xml version="1.0" encoding="UTF-8"?>
   <sync:getMappingsResponse
       xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
       xmlns="urn:ietf:params:xml:ns:lost1"
       xmlns:p2="http://www.opengis.net/gml">

           <mapping source="authoritative.bar.example"
               sourceId="7e3f40b098c711dbb6060800200c9a66"
               lastUpdated="2008-11-26T01:00:00Z"
               expires="2009-12-26T01:00:00Z">
               <displayName xml:lang="en">
                   Leonia Police Department
               </displayName>
               <service>urn:service:sos.police</service>
               <serviceBoundary
   profile="urn:ietf:params:lost:location-profile:basic-civic">
                   <civicAddress
   xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
                       <country>US</country>
                       <A1>NJ</A1>
                       <A3>Leonia</A3>
                       <PC>07605</PC>
                   </civicAddress>
               </serviceBoundary>
               <uri>sip:police@leonianj2.example.org</uri>
               <serviceNumber>911</serviceNumber>
           </mapping>

           <mapping expires="2009-01-01T01:44:33Z"
               lastUpdated="2008-11-01T01:00:00Z"
               source="authoritative.foo.example"
               sourceId="7e3f40b098c711dbb606011111111111">
               <displayName xml:lang="en">
                   New York City Police Department
               </displayName>
               <service>urn:service:sos.police</service>
               <serviceBoundary profile="geodetic-2d">
                   <p2:Polygon srsName="urn:ogc:def::crs:EPSG::4326">
                       <p2:exterior>
                           <p2:LinearRing>
                               <p2:pos>37.775 -122.4194</p2:pos>
                               <p2:pos>37.555 -122.4194</p2:pos>
                               <p2:pos>37.555 -122.4264</p2:pos>
                               <p2:pos>37.775 -122.4264</p2:pos>
                               <p2:pos>37.775 -122.4194</p2:pos>
                           </p2:LinearRing>
                       </p2:exterior>
                   </p2:Polygon>
               </serviceBoundary>
               <uri>sip:nypd@example.com</uri>
               <uri>xmpp:nypd@example.com</uri>
               <serviceNumber>911</serviceNumber>
           </mapping>

   </sync:getMappingsResponse>

              Figure 5: Example <getMappingsResponse> Message

4.  Pushing Mappings via <pushMappings> and <pushMappingsResponse>

4.1.  Behavior of the LoST Sync Client's Behavior Source

   When a LoST Sync node source obtains new information that is of interest
   to its peers, it MAY may push the new mappings to its peers.
   Configuration settings at both peers decide whether this
   functionality is used. used and what mappings are pushed to which other
   peers.  New mappings may arrive through non-LoST various means, such as a
   manual addition to the local mappings mapping database, or through the
   interaction with other LoST nodes.  Mappings entities.  Deleting mappings may also be deleted and this may trigger events.

   A sending node keeps
   a protocol interaction.

   The LoST Sync source SHOULD keep track with to which recipient LoST Sync destination
   it has exchanged pushed mapping elements with. elements.  If it does not keep state
   information then it always has to push the complete data set.  As
   discussed in Section 5.1 of [RFC5222], mapping elements are
   identified by the 'source', 'sourceID' and 'lastUpdated' attributes.
   A mapping is considered the same if these three attributes match.  It
   is RECOMMENDED not to push the same information to the same peer more
   than once.

   A <pushMappings> request sent by a LoST Sync client source MUST send a <pushMappings> request containing
   one or more <mapping> elements.

   To delete a mapping, the content of the mapping is left empty.  The
   node can delete the mapping from its internal mapping database, but
   has to remember which peers it has distributed this update to.  The
   'expires' attribute is required, but ignored.  If an attempt is made
   to delete a non-existent mapping, the request is silently ignored.

4.2.  Behavior of the LoST Sync Server's Behavior Destination

   When a LoST Sync Server destination receives a <pushMappingsRequest> message
   then a newly received mapping M' MUST replace an existing mapping M
   if all of the following conditions hold:

   1.  M'.source equals M.source

   2.  M'.sourceID' equals M.sourceID

   3.  M'.lastUpdated is greater than M.lastUpdated

   If the received mapping M' does not update any existing mapping M
   then it MUST be added to the local cache as an independent mapping.

   If a <pushMappingsRequest> message with an empty <mapping> element is
   received then a corresponding mapping has to be determined based on
   the 'source', 'sourceID' and 'lastUpdated' attributes.  If a mapping
   has been found then it MUST be deleted.  If no mapping can be
   identified then an <errors> response MUST be returned that contains
   the <notDeleted> child element.  The <notDeleted> element MAY carry a
   <message> element and MUST contain the <mapping> element(s) that
   caused the error.

   The response to a <pushMappingsRequest> request is a
   <pushMappingsResponse> message.  With this specification, a
   successful response message returns no additional elements, whereas
   an <errors> response is returned in the response message, if the
   request failed.  Only the <badRequest>, <forbidden>, <internalError>
   or <serverTimeout> errors defined in Section 13.1 of [RFC5222], are
   used.  The <redirect> and <warnings> messages are not used for this
   query/response.

   If the set of nodes that are synchronizing their data does not form a
   tree, it is possible that the same information arrives through
   several other nodes.  This is unavoidable, but generally only imposes
   a modest overhead.  (It would be possible to create a spanning tree
   in the same fashion as IP multicast, but the complexity does not seem
   warranted, given the relatively low volume of data.)

4.3.  Example

   An example is shown in Figure 6.  Image a LoST node that obtained two
   new mappings identified as follows:

   o  source="authoritative.example"
      sourceId="7e3f40b098c711dbb6060800200c9a66" lastUpdated="2008-11-
      26T01:00:00Z"

   o  source="authoritative.example"
      sourceId="7e3f40b098c711dbb606011111111111" lastUpdated="2008-11-
      01T01:00:00Z"

   These two mappings have to be added to the peer's mapping database.

   Additionally, the following mapping has to be deleted:

   o  source="nj.us.example" sourceId="123" lastUpdated="2008-11-
      01T01:00:00Z"

   <?xml version="1.0" encoding="UTF-8"?>
   <sync:pushMappingsRequest
       xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
       xmlns="urn:ietf:params:xml:ns:lost1"
       xmlns:p2="http://www.opengis.net/gml">

           <mapping source="authoritative.example"
               sourceId="7e3f40b098c711dbb6060800200c9a66"
               lastUpdated="2008-11-26T01:00:00Z"
               expires="2009-12-26T01:00:00Z">
               <displayName xml:lang="en">
                   Leonia Police Department
               </displayName>
               <service>urn:service:sos.police</service>
               <serviceBoundary
        profile="urn:ietf:params:lost:location-profile:basic-civic">
                   <civicAddress
        xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
                       <country>US</country>
                       <A1>NJ</A1>
                       <A3>Leonia</A3>
                       <PC>07605</PC>
                   </civicAddress>
               </serviceBoundary>
               <uri>sip:police@leonianj.example.org</uri>
               <serviceNumber>911</serviceNumber>
           </mapping>

           <mapping expires="2009-01-01T01:44:33Z"
               lastUpdated="2008-11-01T01:00:00Z"
               source="authoritative.example"
               sourceId="7e3f40b098c711dbb606011111111111">
               <displayName xml:lang="en">
                   New York City Police Department
               </displayName>
               <service>urn:service:sos.police</service>
               <serviceBoundary profile="geodetic-2d">
                   <p2:Polygon srsName="urn:ogc:def::crs:EPSG::4326">
                       <p2:exterior>
                           <p2:LinearRing>
                               <p2:pos>37.775 -122.4194</p2:pos>
                               <p2:pos>37.555 -122.4194</p2:pos>
                               <p2:pos>37.555 -122.4264</p2:pos>
                               <p2:pos>37.775 -122.4264</p2:pos>
                               <p2:pos>37.775 -122.4194</p2:pos>
                           </p2:LinearRing>
                       </p2:exterior>
                   </p2:Polygon>
               </serviceBoundary>
               <uri>sip:nypd@example.com</uri>
               <uri>xmpp:nypd@example.com</uri>
               <serviceNumber>911</serviceNumber>
           </mapping>

           <mapping source="nj.us.example"
               sourceId="123"
               lastUpdated="2008-11-01T01:00:00Z"
               expires="2008-11-01T01:00:00Z"/>

   </sync:pushMappingsRequest>

              Figure 6: Example <pushMappingsRequest> Message

   In response, the peer performs the necessary operation and updates
   its mapping database.  In particular, it will check whether the other
   peer is authorized to perform the update and whether the elements and
   attributes contain values that it understands.  In our example, a
   positive response is returned as shown in Figure 7.

   <?xml version="1.0" encoding="UTF-8"?>
   <pushMappingsResponse xmlns="urn:ietf:params:xml:ns:lostsync1" />

                 Figure 7: Example <pushMappingsResponse>

   In case that a mapping could not be deleted as requested the
   following error response might be returned instead.

   <?xml version="1.0" encoding="UTF-8"?>
   <errors xmlns="urn:ietf:params:xml:ns:lost1"
       xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
       source="nodeA.example.com">

       <sync:notDeleted
           message="Could not delete the indicated mapping."
           xml:lang="en">

           <mapping source="nj.us.example"
               sourceId="123"
               lastUpdated="2008-11-01T01:00:00Z"
               expires="2008-11-01T01:00:00Z"/>

       </sync:notDeleted>
   </errors>

                    Figure 8: Example <errors> Message

5.  Transport

   LoST Sync needs an underlying protocol transport mechanism to carry
   requests and responses.  This document defines the use of LoST Sync an XML protocol over
   HTTP and LoST over HTTP-over-TLS.  Client and server developers are
   reminded that full support of RFC 2616 HTTP facilities is expected.
   If LoST Sync clients or servers re-implement HTTP, rather than using available
   servers or client code as a base, careful attention must be paid to
   full interoperability.  Other transport mechanisms are left to future
   documents.  The available selection of the transport
   mechanisms are mechanism will in most
   cases be determined through manual configuration although the use usage
   of the LoST U-NAPTR
   application. application defined in the LoST specification is
   possible.  In protocols that support content type indication, LoST
   Sync uses the media type application/lostsync+xml.

   When using HTTP [RFC2616] and HTTP-over-TLS [RFC2818], LoST Sync
   messages use the HTTP POST method.  The HTTP request MUST use the
   Cache-Control response directive "no-cache" to HTTP-level caching
   even by caches that have been configured to return stale responses to
   client requests.

   All LoST Sync responses, including those indicating a LoST warning or
   error, are carried in 2xx responses, typically 200 (OK).  Other 2xx
   responses, in particular 203 (Non-authoritative information) may be
   returned by HTTP caches that disregard the caching instructions. 3xx,
   4xx and 5xx HTTP response codes indicates that the HTTP request
   itself failed or was redirected; these responses do not contain any
   LoST Sync XML elements.

   The HTTP URL is derived from the LoST Sync server name via U-NAPTR
   application.

6.  RelaxNG

   <?xml version="1.0" encoding="utf-8"?>

        <grammar ns="urn:ietf:params:xml:ns:lostsync1"
        xmlns="http://relaxng.org/ns/structure/1.0"
        xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0"
        datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">

            <include href="lost.rng"/>

            <start combine="choice">

             <a:documentation> Location-to-Service Translation (LoST)
               Synchronization Protocol</a:documentation>

                <choice>
                    <ref name="pushMappings"/>
                    <ref name="pushMappingsResponse"/>
                    <ref name="getMappingsRequest"/>
                    <ref name="getMappingsResponse"/>
                </choice>
            </start>

            <define name="pushMappings">
                <element name="pushMappings">
                        <oneOrMore>
                            <ref name="mapping"/>
                        </oneOrMore>

                    <ref name="extensionPoint"/>
                </element>
            </define>

            <define name="pushMappingsResponse">
                <element name="pushMappingsResponse">
                    <ref name="extensionPoint"/>
                </element>
            </define>

             <define name="getMappingsRequest">
                  <element name="getMappingsRequest">
                    <choice>
                         <ref name="exists"></ref>
                         <ref name="extensionPoint"/>
                    </choice>
                </element>
            </define>

             <define name="exists">
                  <element name="exists">
                       <oneOrMore>
                            <element name="mapping-fingerprint">
                                 <attribute name="source">
                                      <data type="token"/>
                                 </attribute>
                                 <attribute name="sourceId">
                                      <data type="token"/>
                                 </attribute>
                                 <attribute name="lastUpdated">
                                      <data type="dateTime"/>
                                 </attribute>
                                 <ref name="extensionPoint"/>
                            </element>
                       </oneOrMore>
                  </element>
             </define>

            <define name="getMappingsResponse">
                <element name="getMappingsResponse">
                        <oneOrMore>
                            <ref name="mapping"/>
                        </oneOrMore>
                    <ref name="extensionPoint"/>
                </element>
            </define>

             <!-- error messages -->

             <define name="notDeleted">
                  <element name="notDeleted">
                       <ref name="basicException"/>
                       <oneOrMore>
                            <ref name="mapping"/>
                       </oneOrMore>
                  </element>
             </define>
        </grammar>

7.  Security Considerations

   The LoST security considerations are discussed in [RFC5222].  The

   This document defines a protocol for exchange of mapping information
   between two entities.  Hence, the operations described in this
   document involve mutually-trusting LoST nodes.  These nodes need to
   authenticate each other, using mechanisms such as HTTP Digest
   [RFC2617], HTTP Basic [RFC2617] over TLS [RFC5246] or TLS client and
   server certificates.  Manual configuration for the setup of the
   peering relationships is required and hence the choice of the
   security mechanisms used between the two entities is a deployment
   specific decision.  In any case, it MUST be ensured that the two end
   points are authenticated and that a secure communication channel
   (i.e., an integrity protected exchange of data with the help of the
   TLS Record Layer) is setup to avoid the possibility of injecting
   bogus mappings.  If an adversary manages to inject false mappings
   then this could lead to denial of service attacks.  If the mapping
   data contains a URL that does not exist then emergency services for
   the indicated area are not reachable.  If all mapping data contains
   URLs that point to a single PSAP (rather than a large number) then
   this PSAP is likely to experience overload conditions.  If the
   mapping data contains a URL that points to a server controlled by the
   adversary itself then it might impersonate PSAPs.

8.  IANA Considerations

8.1.  Content-type registration for 'application/lostsync+xml'

   This specification requests the registration of a new MIME type
   according to the procedures of RFC 4288 [RFC4288] and guidelines in
   RFC 3023 [RFC3023].

   MIME media type name:  application

   MIME subtype name:  lostsync+xml

   Mandatory parameters:  none

   Optional parameters:  charset

      Indicates the character encoding of enclosed XML.

   Encoding considerations:  Uses XML, which can employ 8-bit
      characters, depending on the character encoding used.  See RFC
      3023 [RFC3023], Section 3.2.

   Security considerations:  This content type is designed to carry LoST
      Syncronization protocol payloads.

   Interoperability considerations:  None

   Published specification:  RFCXXXX [NOTE TO IANA/RFC-EDITOR: Please
      replace XXXX with the RFC number of this specification.]

   Applications which use this media type:  Emergency and Location-based
      Systems

   Additional information:

      Magic Number:  None

      File Extension:  .lostsyncxml

      Macintosh file type code:  'TEXT'

   Personal and email address for further information:  Hannes
      Tschofenig, Hannes.Tschofenig@nsn.com

   Intended usage:  LIMITED USE

   Author:

      This specification is a work item of the IETF ECRIT working group,
      with mailing list address <ecrit@ietf.org>.

   Change controller:

      The IESG <iesg@ietf.org>

8.2.  LoST Sync Relax NG Schema Registration

   URI:  urn:ietf:params:xml:schema:lostsync1

   Registrant Contact:  IETF ECRIT Working Group, Hannes Tschofenig
      (Hannes.Tschofenig@gmx.net).

   Relax NG Schema:  The Relax NG schema to be registered is contained
      in Section 6.

8.3.  LoST Synchronization Namespace Registration

   URI:  urn:ietf:params:xml:ns:lostsync1

   Registrant Contact:  IETF ECRIT Working Group, Hannes Tschofenig
      (Hannes.Tschofenig@gmx.net).

   XML:

   BEGIN
   <?xml version="1.0"?>
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
     "http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
   <head>
     <meta http-equiv="content-type"
           content="text/html;charset=iso-8859-1"/>
     <title>LoST Synchronization Namespace</title>
   </head>
   <body>
     <h1>Namespace for LoST server synchronization</h1>
     <h2>urn:ietf:params:xml:ns:lost1:sync</h2>
   <p>See <a href="[URL of published RFC]">RFCXXXX
       [NOTE TO IANA/RFC-EDITOR:
        Please replace XXXX with the RFC number of this
       specification.]</a>.</p>
   </body>
   </html>
   END

9.  Acknowledgments

   Robins George, Cullen Jennings, Karl Heinz Wolf, Richard Barnes,
   Mayutan Arumaithurai and Andrew Newton provided helpful input.  Jari
   Urpalainen assisted with the Relax NG schema.  We would also like to
   thank our PROTO shepherd Roger Marshall for his help with the
   document.

10.  References

10.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
              Leach, P., Luotonen, A., and L. Stewart, "HTTP
              Authentication: Basic and Digest Access Authentication",
              RFC 2617, June 1999.

   [RFC2818]  Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

   [RFC3023]  Murata, M., St. Laurent, S., and D. Kohn, "XML Media
              Types", RFC 3023, January 2001.

   [RFC4288]  Freed, N. and J. Klensin, "Media Type Specifications and
              Registration Procedures", BCP 13, RFC 4288, December 2005.

   [RFC5222]  Hardie, T., Newton, A., Schulzrinne, H., and H.
              Tschofenig, "LoST: A Location-to-Service Translation
              Protocol", RFC 5222, August 2008.

   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.2", RFC 5246, August 2008.

10.2.  Informative References

   [I-D.ietf-ecrit-mapping-arch]
              Schulzrinne, H., "Location-to-URL Mapping Architecture and
              Framework", draft-ietf-ecrit-mapping-arch-04 (work in
              progress), March 2009.

Authors' Addresses

   Henning Schulzrinne
   Columbia University
   Department of Computer Science
   450 Computer Science Building
   New York, NY  10027
   US

   Phone: +1 212 939 7004
   Email: hgs+ecrit@cs.columbia.edu
   URI:   http://www.cs.columbia.edu

   Hannes Tschofenig
   Nokia Siemens Networks
   Linnoitustie 6
   Espoo  02600
   Finland

   Phone: +358 (50) 4871445
   Email: Hannes.Tschofenig@gmx.net
   URI:   http://www.tschofenig.priv.at