Skip to main content

ENUM Service Registration for acct URI
draft-goix-appsawg-enum-acct-uri-03

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft that was ultimately published as RFC 7566.
Authors Laurent Walter Goix , Kepeng Li
Last updated 2013-10-10
RFC stream Independent Submission
Formats
IETF conflict review conflict-review-goix-appsawg-enum-acct-uri, conflict-review-goix-appsawg-enum-acct-uri, conflict-review-goix-appsawg-enum-acct-uri, conflict-review-goix-appsawg-enum-acct-uri, conflict-review-goix-appsawg-enum-acct-uri, conflict-review-goix-appsawg-enum-acct-uri
Stream ISE state In ISE Review
Awaiting Reviews
Consensus boilerplate Unknown
Document shepherd (None)
IESG IESG state Became RFC 7566 (Experimental)
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-goix-appsawg-enum-acct-uri-03
appsawg                                                          L. Goix
Internet-Draft                                            Telecom Italia
Intended status: Experimental                                      K. Li
Expires: April 13, 2014                              Huawei Technologies
                                                        October 10, 2013

                 ENUM Service Registration for acct URI
                  draft-goix-appsawg-enum-acct-uri-03

Abstract

   This document registers a Telephone Number Mapping (ENUM) service for
   'acct:' URIs (Uniform Resource Identifiers).

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 13, 2014.

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Goix & Li                Expires April 13, 2014                 [Page 1]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   2
   3.  Use cases . . . . . . . . . . . . . . . . . . . . . . . . . .   2
     3.1.  Reverse phone lookup  . . . . . . . . . . . . . . . . . .   2
     3.2.  Routing of mobile social communications . . . . . . . . .   3
   4.  IANA Registration . . . . . . . . . . . . . . . . . . . . . .   3
   5.  Examples  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
   6.  DNS Considerations  . . . . . . . . . . . . . . . . . . . . .   5
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   9.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   7
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     10.1.  Normative References . . . . . . . . . . . . . . . . . .   7
     10.2.  Informative References . . . . . . . . . . . . . . . . .   8
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Introduction

   ENUM (E.164 Number Mapping, [RFC6116]) is a system that uses DNS
   (Domain Name Service, [RFC1034]) to translate telephone numbers, such
   as '+44 1632 960123', into URIs (Uniform Resource Identifiers,
   [RFC3986]), such as 'acct:user@example.com'.  ENUM exists primarily
   to facilitate the interconnection of systems that rely on telephone
   numbers with those that use URIs to identify resources.

   [I-D.ietf-appsawg-acct-uri] defines the 'acct' URI scheme as a way to
   identify a user's account at a service provider.

   This document registers an enumservice for advertising acct URI
   information associated with an E.164 number.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Use cases

3.1.  Reverse phone lookup

   In this example, an address book application could issue ENUM queries
   looking for 'acct' URIs corresponding to phone numbers.  This could
   be used to display the account identifier as well as an icon based on
   the host (domain) portion of that URI.

Goix & Li                Expires April 13, 2014                 [Page 2]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

   Similarly, an endpoint could trigger this resolution process during
   inbound and/or outbound calls to discover an account associated with
   the remote party.

   In general the provision of an ENUM record to map a phone number into
   an account may be useful for businesses or professional workers to
   identify themselves publicly (in a similar way as vCard enum
   records), or be used in conjunction with WebFinger [RFC7033] and
   privacy policies to provide a more controlled view on some personal
   details.

3.2.  Routing of mobile social communications

   The Open Mobile Alliance (OMA) develops mobile service enabler
   specifications, which support the creation of interoperable end-to-
   end mobile services independent of the underlying wireless platforms,
   such as GSM (Global System for Mobile communications), UMTS
   (Universal Mobile Telecommunications System) and LTE (Long Term
   Evolution) mobile networks.  The OMA Social Network Web (SNeW)
   Enabler Release [OMA-SNeW] has introduced a number of Social
   Networking functionalities for mobile subscribers identified by their
   MSISDN (Mobile Subscriber Integrated Services Digital Network number,
   a number uniquely identifying a subscription in a mobile network),
   amongst which is the ability to follow each other's social activities
   across service providers.

   Such functionality requires the global resolution of the MSISDN to
   the corresponding account and provider, in an analogous way as MMS
   routing, to identify the target endpoint for the related messages.
   Although alternatives solutions exist (e.g. based on mobile network
   operations and/or proprietary lookup techniques), ENUM provides a
   globally accessible mechanism for enabling resolution from network
   entities on behalf of an endpoint, or from an endpoint itself.

   For example, a user of a service provider could request to follow the
   social activities of user '+44 1632 960123'.  The home SNEW Server of
   the former user could perform an ENUM query to identify the 'acct'
   URI corresponding to that phone number, issue a WebFinger query to
   the host portion of that URI and finally route the original user's
   request to the appropriate target endpoint identified in the
   WebFinger response.

   A similar mechanism can apply to other types of social networking-
   related messages or other communications targeted to a mobile
   subscriber.

4.  IANA Registration

Goix & Li                Expires April 13, 2014                 [Page 3]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

   As defined in [RFC6117], the following is a template covering
   information needed for the registration of the enumservice specified
   in this document:

              <record>
                <class>Application-Based, Common</class>
                <type>acct</type>
                <urischeme>acct</urischeme>
                <functionalspec>
                  <paragraph>
                    This enumservice indicates that the resource
                    can be identified by the associated 'acct' URI
   <xref target='I-D.ietf-appsawg-acct-uri' />.
                  </paragraph>
                </functionalspec>
                <security>
                  For DNS considerations in avoiding loops when
                  searching for "acct" NAPTRs,
                  see <xref type="rfc" data="rfcTHIS"/>,
                  <xref target="dns">Section 6</xref>.
                  For security considerations,
                  see <xref type="rfc" data="rfcTHIS"/>,
                  <xref target="security">Section 7</xref>.
                </security>
                <usage>COMMON</usage>
                <registrationdocs>
                  <xref type="rfc" data="rfcTHIS"/>
                </registrationdocs>
                <requesters>
                  <xref type="person" data="Laurent_Walter_Goix"/>
                </requesters>
              </record>

              <people>
                <person id="Laurent_Walter_Goix">
                  <name>Laurent-Walter Goix</name>
                  <org>Telecom Italia</org>
                  <uri>mailto:laurentwalter.goix@telecomitalia.it</uri>
                  <updated>2013-10-10</updated>
                </person>
              </people>

   [Note for RFC-Editor: Please replace any instance of rfcTHIS with the
   RFC number of this document before publication]

5.  Examples

Goix & Li                Expires April 13, 2014                 [Page 4]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

   The following is an example of the use of the enumservice registered
   by this document in a NAPTR resource record for phone number +44 1632
   960123.

   $ORIGIN 3.2.1.0.6.9.2.3.6.1.4.4.e164.arpa.

   IN NAPTR 10 100 "u" "E2U+acct" "!^.*$!acct:441632960123@foo.com!" .

   IN NAPTR 10 101 "u" "E2U+acct" "!^.*$!acct:john.doe@example.com!" .

   Note that in the first record, the revealed information is limited to
   the domain of the service provider serving that user as the userpart
   of the acct URI simply replicates the phone number.

6.  DNS Considerations

   There may not be any "E2U+acct" NAPTRs returned in response to the
   original ENUM query on the requested telephone number, but other
   terminal ENUM NAPTRs that include tel: URLs [RFC3966] (e.g.,
   "voice:tel" or "pstn:tel" or "SMS:tel" or "MMS:tel" - see [RFC6118])
   may be present.

   The application that made that ENUM query may choose to re-submit
   ENUM queries for any E.164 numbers included in those returned
   terminal NAPTRs.  Doing so may cause a query loop (e.g., the ENUM
   records returned from subsequent queries may refer to the telephone
   number already considered).  If applications choose to perform
   subsequent ENUM queries using telephone numbers retrieved from
   earlier queries, these applications MUST be aware of the potential
   for query loops, and MUST be prepared to abort the set of queries if
   such a loop is detected.

   This is a similar issue to the referential loop issue caused by
   processing non-terminal NAPTR queries, as mentioned in section 5.2.1
   of [RFC6116], and a similar technique to mitigate this issue can be
   used; an application searching for records with "acct" Enumservice
   may consider that submitting a chain of more that 5 ENUM queries
   without finding such a record indicates that a referential loop has
   been entered, and the chain of queries SHOULD be abandoned.

7.  Security Considerations

   DNS, as used by ENUM, is a global, distributed database.  Should
   implementers of this specification use e164.arpa or any other
   publicly available domain as the tree for maintaining PSTN
   enumservice data, this information would be visible to anyone
   anonymously.

Goix & Li                Expires April 13, 2014                 [Page 5]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

   As noted earlier, carriers, service providers, and other users may
   choose not to publish such information in the public e164.arpa tree.
   They may instead simply publish this in an internal ENUM
   infrastructure that is only able to be queried by trusted elements of
   their network, thus limiting threats.

   Per se, this enumservice does not introduce specific security
   considerations beyond [RFC6116], section 7.  However, it has to be
   acknowledged that the proposed enumservice could lead to the
   discovery or disclosure of Personally Identifiable Information (PII)
   when used in combination with the WebFinger protocol.  Please see
   [RFC7033] , section 9 for additional information regarding WebFinger
   security.

   Linking telephone numbers to Personally Identifiable Information
   (PII) is a very sensitive topic, because it provides a "reverse
   lookup" from the phone number to its owner.  Publication of such PII
   is covered by data-protection law in many legislations.  In most
   cases, the explicit consent of the affected individual is required.

   Users MUST therefore carefully consider the information provided in
   the resource identified by the ENUM record as well as in the record
   itself.  Considerations SHOULD include serving information only to
   entities of the user's choice and/or limiting the comprehension of
   the information provided based on the identity of the requestor.

   It is important to remind that the ENUM record itself does not need
   to contain any personal information but only contains a pointer to an
   account identifier.  This identifier may be queried through the
   Webfinger protocol to discover pointers to personal information (e.g.
   social network information) and an authorisation mechanism may be in
   place in that context with any level of granularity although it is
   out of scope of this document.

   Technically, ENUM records themselves could contain pointers to the
   same endpoints discoverable through Webfinger.  However the
   visibility of ENUM records cannot be controlled based on the
   requesting entity.  In that context the simple mapping of the phone
   number to the account identifier, notwithstanding the disclosure of
   the association itself, still enables the reuse of more advanced
   access policies.

8.  IANA Considerations

   This document requests the IANA registration of the enumservice with
   Type "acct" according to the definitions in this document, [RFC6116]
   and [RFC6117].

Goix & Li                Expires April 13, 2014                 [Page 6]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

   Details of the registration are given in Section 4.

9.  Acknowledgements

   The authors would like to thank Gonzalo Salgueiro, Paul Jones,
   Lawrence Conroy, Enrico Marocco, Bert Greevenbosch and Bernie
   Hoeneisen for their valuable feedback to improve this document.

10.  References

10.1.  Normative References

   [I-D.ietf-appsawg-acct-uri]
              Saint-Andre, P., "The 'acct' URI Scheme", draft-ietf-
              appsawg-acct-uri-06 (work in progress), July 2013.

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, November 1987.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
              Leach, P., Luotonen, A., and L. Stewart, "HTTP
              Authentication: Basic and Digest Access Authentication",
              RFC 2617, June 1999.

   [RFC3966]  Schulzrinne, H., "The tel URI for Telephone Numbers", RFC
              3966, December 2004.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66, RFC
              3986, January 2005.

   [RFC6116]  Bradner, S., Conroy, L., and K. Fujiwara, "The E.164 to
              Uniform Resource Identifiers (URI) Dynamic Delegation
              Discovery System (DDDS) Application (ENUM)", RFC 6116,
              March 2011.

   [RFC6117]  Hoeneisen, B., Mayrhofer, A., and J. Livingood, "IANA
              Registration of Enumservices: Guide, Template, and IANA
              Considerations", RFC 6117, March 2011.

   [RFC6118]  Hoeneisen, B. and A. Mayrhofer, "Update of Legacy IANA
              Registrations of Enumservices", RFC 6118, March 2011.

   [RFC7033]  Jones, P., Salgueiro, G., Jones, M., and J. Smarr,
              "WebFinger", RFC 7033, September 2013.

Goix & Li                Expires April 13, 2014                 [Page 7]
Internet-Draft     Enum Service ACCT URI Registration       October 2013

10.2.  Informative References

   [OMA-SNeW]
              Open Mobile Alliance, "Social Network Web Enabler", OMA-
              ER-SNeW-V1_0 http://technical.openmobilealliance.org/
              Technical/release_program/snew_v1_0.aspx, Aug 2013.

Authors' Addresses

   Laurent-Walter Goix
   Telecom Italia
   P.za Einaudi, 8
   Milano  20124
   Italy

   Email: laurentwalter.goix@telecomitalia.it

   Kepeng Li
   Huawei Technologies
   Huawei Base, Bantian, Longgang District
   Shenzhen  518129
   P. R. China

   Phone: +86-755-28971807
   Email: likepeng@huawei.com

Goix & Li                Expires April 13, 2014                 [Page 8]