draft-ietf-ecrit-psap-callback-01.txt   draft-ietf-ecrit-psap-callback-02.txt 
ECRIT H. Schulzrinne ECRIT H. Schulzrinne
Internet-Draft Columbia University Internet-Draft Columbia University
Intended status: Informational H. Tschofenig Intended status: Informational H. Tschofenig
Expires: April 28, 2011 Nokia Siemens Networks Expires: May 9, 2011 Nokia Siemens Networks
M. Patel M. Patel
Nortel InterDigital Communications
October 25, 2010 November 5, 2010
Public Safety Answering Point (PSAP) Callbacks Public Safety Answering Point (PSAP) Callbacks
draft-ietf-ecrit-psap-callback-01.txt draft-ietf-ecrit-psap-callback-02.txt
Abstract Abstract
After an emergency call is completed (either prematurely terminated After an emergency call is completed (either prematurely terminated
by the emergency caller or normally by the call-taker) it is possible by the emergency caller or normally by the call-taker) it is possible
that the call-taker feels the need for further communication or for a that the call-taker feels the need for further communication or for a
clarification. For example, the call may have been dropped by clarification. For example, the call may have been dropped by
accident without the call-taker having sufficient information about accident without the call-taker having sufficient information about
the current situation of a wounded person. A call-taker may trigger the current situation of a wounded person. A call-taker may trigger
a callback towards the emergency caller using the contact information a callback towards the emergency caller using the contact information
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 28, 2011. This Internet-Draft will expire on May 9, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
skipping to change at page 2, line 28 skipping to change at page 2, line 28
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Routing Asymmetry . . . . . . . . . . . . . . . . . . . . 3 1.1. Routing Asymmetry . . . . . . . . . . . . . . . . . . . . 3
1.2. Multi-Stage Resolution . . . . . . . . . . . . . . . . . . 4 1.2. Multi-Stage Resolution . . . . . . . . . . . . . . . . . . 4
1.3. Call Forwarding . . . . . . . . . . . . . . . . . . . . . 5 1.3. Call Forwarding . . . . . . . . . . . . . . . . . . . . . 5
1.4. PSTN Interworking . . . . . . . . . . . . . . . . . . . . 7 1.4. PSTN Interworking . . . . . . . . . . . . . . . . . . . . 7
1.5. Network-based Service URN Resolution . . . . . . . . . . . 7 1.5. Network-based Service URN Resolution . . . . . . . . . . . 7
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 9 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 9
3. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 10 3. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 10
4. Callback Marking . . . . . . . . . . . . . . . . . . . . . . . 12 4. Callback Marking . . . . . . . . . . . . . . . . . . . . . . . 12
5. Security Considerations . . . . . . . . . . . . . . . . . . . 13 4.1. Tel URI . . . . . . . . . . . . . . . . . . . . . . . . . 12
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 4.2. SIP URI . . . . . . . . . . . . . . . . . . . . . . . . . 12
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 5. Security Considerations . . . . . . . . . . . . . . . . . . . 14
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
8.1. Informative References . . . . . . . . . . . . . . . . . . 16 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16
8.2. Informative References . . . . . . . . . . . . . . . . . . 16 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 8.1. Normative References . . . . . . . . . . . . . . . . . . . 17
8.2. Informative References . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19
1. Introduction 1. Introduction
Summoning police, the fire department or an ambulance in emergencies Summoning police, the fire department or an ambulance in emergencies
is one of the fundamental and most-valued functions of the telephone. is one of the fundamental and most-valued functions of the telephone.
As telephone functionality moves from circuit-switched telephony to As telephone functionality moves from circuit-switched telephony to
Internet telephony, its users rightfully expect that this core Internet telephony, its users rightfully expect that this core
functionality will continue to work at least as well as it has for functionality will continue to work at least as well as it has for
the legacy technology. New devices and services are being made the legacy technology. New devices and services are being made
available that could be used to make a request for help, which are available that could be used to make a request for help, which are
skipping to change at page 12, line 8 skipping to change at page 12, line 8
(or similar emergency services entity). The assertion is either (or similar emergency services entity). The assertion is either
cryptographically protected to enable end-to-end verification or an cryptographically protected to enable end-to-end verification or an
chain of trust security model has to be assumed. In Figure 7 we chain of trust security model has to be assumed. In Figure 7 we
assume an end-to-end security model where trust anchors are assume an end-to-end security model where trust anchors are
provisioned to ensure the ability for a SIP entity to verify the provisioned to ensure the ability for a SIP entity to verify the
received assertion. received assertion.
4. Callback Marking 4. Callback Marking
The callback marking is represented as URI parameter for an URI The callback marking is represented as URI parameter for an URI
scheme. The ABNF [RFC5234] syntax is as follows. The 'par' scheme. The ABNF [RFC5234] syntax is shown below.
production is defined in RFC 3966 [RFC3966]. The "/=" syntax
indicates an extension of the production on the left-hand side:
par /= callback 4.1. Tel URI
callback = callback-tag "=" callback-value The 'par' production is defined in RFC 3966 [RFC3966]. The "/="
syntax indicates an extension of the production on the left-hand
side:
callback-tag = "callback" par /= callback
callback-value = "normal" / "test" / callback = callback-tag "=" callback-value
callback-tag = "callback"
callback-value = "normal" / "test" /
The semantics of the callback values are described below: The semantics of the callback values are described below:
normal: This represents an normal PSAP callback. normal: This represents an normal PSAP callback.
test: This is a test callback. test: This is a test callback.
An example of the "callback" parameter is given below: An example of the "callback" parameter is given below:
From: <tel:+17005554141;callback=test>;tag=1928301774 P-Asserted-Identity: <tel:+17005554141;callback=test>
4.2. SIP URI
The 'uri-parameter' production is defined in RFC 3966 [RFC3261]. The
"/=" syntax indicates an extension of the production on the left-hand
side:
uri-parameter =/ callback
callback = callback-tag "=" callback-value
callback-tag = "callback"
callback-value = "normal" / "test" /
The semantics of the callback values are described below:
normal: This represents an normal PSAP callback.
test: This is a test callback.
An example of the "callback" parameter is given below:
P-Asserted-Identity: <sip:psap@example.com;callback=normal>
5. Security Considerations 5. Security Considerations
This document defines a callback marking scheme using URI parameters This document defines a callback marking scheme using URI parameters
and illustrates how to handle authorization for preferential and illustrates how to handle authorization for preferential
treatment. treatment. The URI parameter that is included for a URI MUST be used
in concert with either the PAI [RFC3325] or the SIP Identity
[RFC4474] header. A pure From header does not provide security
assurance that the calling party is indeed a PSAP.
An important aspect from a security point of view is the relationship An important aspect from a security point of view is the relationship
between the emergency services network and the VSP (assuming that the between the emergency services network and the VSP (assuming that the
emergency call travels via the VSP and not directly between the SIP emergency call travels via the VSP and not directly between the SIP
UA and the PSAP). If there is some form of relationship between the UA and the PSAP). If there is some form of relationship between the
emergency services operator and the VSP then the identification of a emergency services operator and the VSP then the identification of a
PSAP call back is less problematic than in the case where the two PSAP call back is less problematic than in the case where the two
entities have not entered in some form of relationship that would entities have not entered in some form of relationship that would
allow the VSP to verify whether the marked callback message indeed allow the VSP to verify whether the marked callback message indeed
came from a legitimate source. came from a legitimate source.
skipping to change at page 13, line 31 skipping to change at page 14, line 34
The main attack surface can be seen in the usage of PSAP callback The main attack surface can be seen in the usage of PSAP callback
marking to bypass blacklists, ignore call forwarding procedures and marking to bypass blacklists, ignore call forwarding procedures and
similar features to interact with users and to get their attention. similar features to interact with users and to get their attention.
For example, using PSAP callback marking devices would be able to For example, using PSAP callback marking devices would be able to
recognize these types of incoming messages leading to the device recognize these types of incoming messages leading to the device
overriding user interface configurations, such as vibrate-only mode. overriding user interface configurations, such as vibrate-only mode.
As such, the requirement is to ensure that the mechanisms described As such, the requirement is to ensure that the mechanisms described
in this document can not be used for malicious purposes, including in this document can not be used for malicious purposes, including
SPIT. SPIT.
It is important that PSAP callback marked SIP messages, which cannot A SIP entity MAY treat the call as a normal incoming call if it
be verified adequately, are treated like a call that does not have considers the request with the included URI parameter to be
any marking attached instead of failing the call processing fraudulent, i.e. if it does not recognize the originator, or the
procedure. domain from where the call originated from as being trusted/owned by
a PSAP. It is NOT RECOMMENDED to drop a call that is marked as PSAP
callback in such a case since this may severely impact the ability
for calltakers at PSAPs to contact emergency callers.
6. IANA Considerations 6. IANA Considerations
This document extends the registry of URI parameters, as defined RFC This document extends the registry of URI parameters for SIP, as
3969 [RFC3969]. Two new URI parameters are defined in this document defined in RFC 3969 [RFC3969]. A new SIP URI parameter is defined in
as follows: this document as follows:
Parameter Name: callback
Predefined Values: Yes
Reference: This document
This document extends the registry of Tel URI parameters for SIP, as
defined in RFC 5341[RFC5341]. A new Tel URI parameter is defined in
this document as follows:
Parameter Name: callback Parameter Name: callback
Predefined Values: Yes Predefined Values: Yes
Reference: This document Reference: This document
7. Acknowledgements 7. Acknowledgements
We would like to thank members from the ECRIT working group, in We would like to thank members from the ECRIT working group, in
particular Brian Rosen, for their discussions around PSAP callbacks. particular Brian Rosen, for their discussions around PSAP callbacks.
The working group discussed the topic of callbacks at their virtual The working group discussed the topic of callbacks at their virtual
interim meeting in February 2010 and the following persons provided interim meeting in February 2010 and the following persons provided
valuable input: John Elwell, Bernard Aboba, Cullen Jennings, Keith valuable input: John Elwell, Bernard Aboba, Cullen Jennings, Keith
Drage, Marc Linsner, Roger Marshall, Dan Romascanu, Geoff Thompson, Drage, Marc Linsner, Roger Marshall, Dan Romascanu, Geoff Thompson,
Milan Patel, Janet Gunn. Janet Gunn.
8. References 8. References
8.1. Informative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
8.2. Informative References [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
[I-D.ietf-ecrit-framework] Schooler, "SIP: Session Initiation Protocol", RFC 3261,
Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, June 2002.
"Framework for Emergency Calling using Internet
Multimedia", draft-ietf-ecrit-framework-11 (work in
progress), July 2010.
[I-D.ietf-sip-saml]
Tschofenig, H., Hodges, J., Peterson, J., Polk, J., and D.
Sicker, "SIP SAML Profile and Binding",
draft-ietf-sip-saml-08 (work in progress), October 2010.
[RFC3325] Jennings, C., Peterson, J., and M. Watson, "Private [RFC3325] Jennings, C., Peterson, J., and M. Watson, "Private
Extensions to the Session Initiation Protocol (SIP) for Extensions to the Session Initiation Protocol (SIP) for
Asserted Identity within Trusted Networks", RFC 3325, Asserted Identity within Trusted Networks", RFC 3325,
November 2002. November 2002.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
RFC 3966, December 2004. RFC 3966, December 2004.
[RFC3969] Camarillo, G., "The Internet Assigned Number Authority [RFC3969] Camarillo, G., "The Internet Assigned Number Authority
(IANA) Uniform Resource Identifier (URI) Parameter (IANA) Uniform Resource Identifier (URI) Parameter
Registry for the Session Initiation Protocol (SIP)", Registry for the Session Initiation Protocol (SIP)",
BCP 99, RFC 3969, December 2004. BCP 99, RFC 3969, December 2004.
[RFC4474] Peterson, J. and C. Jennings, "Enhancements for [RFC4474] Peterson, J. and C. Jennings, "Enhancements for
Authenticated Identity Management in the Session Authenticated Identity Management in the Session
Initiation Protocol (SIP)", RFC 4474, August 2006. Initiation Protocol (SIP)", RFC 4474, August 2006.
[RFC5341] Jennings, C. and V. Gurbani, "The Internet Assigned Number
Authority (IANA) tel Uniform Resource Identifier (URI)
Parameter Registry", September 2008.
8.2. Informative References
[I-D.ietf-ecrit-framework]
Rosen, B., Schulzrinne, H., Polk, J., and A. Newton,
"Framework for Emergency Calling using Internet
Multimedia", draft-ietf-ecrit-framework-12 (work in
progress), October 2010.
[I-D.ietf-sip-saml]
Tschofenig, H., Hodges, J., Peterson, J., Polk, J., and D.
Sicker, "SIP SAML Profile and Binding",
draft-ietf-sip-saml-08 (work in progress), October 2010.
[RFC4484] Peterson, J., Polk, J., Sicker, D., and H. Tschofenig, [RFC4484] Peterson, J., Polk, J., Sicker, D., and H. Tschofenig,
"Trait-Based Authorization Requirements for the Session "Trait-Based Authorization Requirements for the Session
Initiation Protocol (SIP)", RFC 4484, August 2006. Initiation Protocol (SIP)", RFC 4484, August 2006.
[RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for [RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for
Emergency Context Resolution with Internet Technologies", Emergency Context Resolution with Internet Technologies",
RFC 5012, January 2008. RFC 5012, January 2008.
[RFC5031] Schulzrinne, H., "A Uniform Resource Name (URN) for [RFC5031] Schulzrinne, H., "A Uniform Resource Name (URN) for
Emergency and Other Well-Known Services", RFC 5031, Emergency and Other Well-Known Services", RFC 5031,
skipping to change at page 18, line 29 skipping to change at page 19, line 29
Nokia Siemens Networks Nokia Siemens Networks
Linnoitustie 6 Linnoitustie 6
Espoo 02600 Espoo 02600
Finland Finland
Phone: +358 (50) 4871445 Phone: +358 (50) 4871445
Email: Hannes.Tschofenig@gmx.net Email: Hannes.Tschofenig@gmx.net
URI: http://www.tschofenig.priv.at URI: http://www.tschofenig.priv.at
Milan Patel Milan Patel
Nortel InterDigital Communications
Maidenhead Office Park, Westacott Way
Maidenhead SL6 3QH
UK
Email: milanpa@nortel.com Email: Milan.Patel@interdigital.com
 End of changes. 22 change blocks. 
48 lines changed or deleted 100 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/