ECRIT                                                         R. Gellens
Internet-Draft                                Core Technology Consulting
Intended status: Standards Track                           H. Tschofenig
Expires: August 18, 2017                                      Individual
                                                       February 14, 2017


                   Next-Generation Pan-European eCall
                     draft-ietf-ecrit-ecall-27.txt

Abstract

   This document describes how to use IP-based emergency services
   mechanisms to support the next generation of the pan European in-
   vehicle emergency call service defined under the eSafety initiative
   of the European Commission (generally referred to as "eCall"). eCall
   is a standardized and mandated system for a special form of emergency
   calls placed by vehicles, providing real-time communications and an
   integrated set of related data.

   This document also registers MIME media types and an Emergency Call
   Additional Data Block for the eCall vehicle data and metadata/control
   data, and an INFO package to enable carrying this data in SIP INFO
   requests.

   Although this specification is designed to meet the requirements of
   European next-generation eCall, it is specified generically such that
   the technology can be re-used or extended to suit requirements across
   jurisdictions.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 18, 2017.





Gellens & Tschofenig     Expires August 18, 2017                [Page 1]


Internet-Draft            Next-Generation eCall            February 2017


Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  Document Scope  . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   5
   4.  eCall Requirements  . . . . . . . . . . . . . . . . . . . . .   7
   5.  Vehicle Data  . . . . . . . . . . . . . . . . . . . . . . . .   7
   6.  Data Transport  . . . . . . . . . . . . . . . . . . . . . . .   7
   7.  Call Setup  . . . . . . . . . . . . . . . . . . . . . . . . .  10
   8.  Test Calls  . . . . . . . . . . . . . . . . . . . . . . . . .  11
   9.  The Metadata/Control Object . . . . . . . . . . . . . . . . .  11
     9.1.  The Control Block . . . . . . . . . . . . . . . . . . . .  13
       9.1.1.  The <ack> element . . . . . . . . . . . . . . . . . .  13
         9.1.1.1.  Attributes of the <ack> element . . . . . . . . .  14
         9.1.1.2.  Child Element of the <ack> element  . . . . . . .  14
         9.1.1.3.  Ack Examples  . . . . . . . . . . . . . . . . . .  15
       9.1.2.  The <capabilities> element  . . . . . . . . . . . . .  15
         9.1.2.1.  Child Element of the <capabilities> element . . .  15
         9.1.2.2.  Capabilities Example  . . . . . . . . . . . . . .  16
       9.1.3.  The <request> element . . . . . . . . . . . . . . . .  16
         9.1.3.1.  Attributes of the <request> element . . . . . . .  17
         9.1.3.2.  Request Example . . . . . . . . . . . . . . . . .  18
   10. Examples  . . . . . . . . . . . . . . . . . . . . . . . . . .  18
   11. Security Considerations . . . . . . . . . . . . . . . . . . .  24
   12. Privacy Considerations  . . . . . . . . . . . . . . . . . . .  25
   13. XML Schema  . . . . . . . . . . . . . . . . . . . . . . . . .  26
   14. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  28
     14.1.  The EmergencyCallData Media Subtree  . . . . . . . . . .  28
     14.2.  Service URN Registrations  . . . . . . . . . . . . . . .  29
     14.3.  MIME Media Type Registration for
            'application/emergencyCallData.eCall.MSD'  . . . . . . .  29
     14.4.  MIME Media Type Registration for
            'application/emergencyCallData.control+xml'  . . . . . .  31



Gellens & Tschofenig     Expires August 18, 2017                [Page 2]


Internet-Draft            Next-Generation eCall            February 2017


     14.5.  Registration of the 'eCall.MSD' entry in the Emergency
            Call Additional Data Types registry  . . . . . . . . . .  32
     14.6.  Registration of the 'control' entry in the Emergency
            Call Additional Data Types registry  . . . . . . . . . .  32
     14.7.  Registration for
            urn:ietf:params:xml:ns:EmergencyCallData:control . . . .  33
     14.8.  Registry Creation  . . . . . . . . . . . . . . . . . . .  33
       14.8.1.  Emergency Call Action Registry . . . . . . . . . . .  33
       14.8.2.  Emergency Call Action Failure Reason Registry  . . .  34
     14.9.  The emergencyCallData.eCall.MSD INFO package . . . . . .  35
       14.9.1.  Overall Description  . . . . . . . . . . . . . . . .  35
       14.9.2.  Applicability  . . . . . . . . . . . . . . . . . . .  36
       14.9.3.  Info Package Name  . . . . . . . . . . . . . . . . .  36
       14.9.4.  Info Package Parameters  . . . . . . . . . . . . . .  36
       14.9.5.  SIP Option-Tags  . . . . . . . . . . . . . . . . . .  37
       14.9.6.  INFO Request Body Parts  . . . . . . . . . . . . . .  37
       14.9.7.  Info Package Usage Restrictions  . . . . . . . . . .  37
       14.9.8.  Rate of INFO Requests  . . . . . . . . . . . . . . .  37
       14.9.9.  Info Package Security Considerations . . . . . . . .  38
       14.9.10. Implementation Details . . . . . . . . . . . . . . .  38
       14.9.11. Examples . . . . . . . . . . . . . . . . . . . . . .  38
   15. Contributors  . . . . . . . . . . . . . . . . . . . . . . . .  38
   16. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  38
   17. Changes from Previous Versions  . . . . . . . . . . . . . . .  38
     17.1.  Changes from draft-ietf-19 to draft-ietf-20  . . . . . .  38
     17.2.  Changes from draft-ietf-18 to draft-ietf-19  . . . . . .  39
     17.3.  Changes from draft-ietf-17 to draft-ietf-18  . . . . . .  39
     17.4.  Changes from draft-ietf-16 to draft-ietf-17  . . . . . .  39
     17.5.  Changes from draft-ietf-15 to draft-ietf-16  . . . . . .  39
     17.6.  Changes from draft-ietf-14 to draft-ietf-15  . . . . . .  39
     17.7.  Changes from draft-ietf-13 to draft-ietf-14  . . . . . .  39
     17.8.  Changes from draft-ietf-12 to draft-ietf-13  . . . . . .  39
     17.9.  Changes from draft-ietf-11 to draft-ietf-12  . . . . . .  40
     17.10. Changes from draft-ietf-09 to draft-ietf-11  . . . . . .  40
     17.11. Changes from draft-ietf-08 to draft-ietf-09  . . . . . .  40
     17.12. Changes from draft-ietf-07 to draft-ietf-08  . . . . . .  40
     17.13. Changes from draft-ietf-06 to draft-ietf-07  . . . . . .  41
     17.14. Changes from draft-ietf-05 to draft-ietf-06  . . . . . .  41
     17.15. Changes from draft-ietf-04 to draft-ietf-05  . . . . . .  41
     17.16. Changes from draft-ietf-03 to draft-ietf-04  . . . . . .  41
     17.17. Changes from draft-ietf-02 to draft-ietf-03  . . . . . .  41
     17.18. Changes from draft-ietf-01 to draft-ietf-02  . . . . . .  42
     17.19. Changes from draft-ietf-00 to draft-ietf-01  . . . . . .  42
     17.20. Changes from draft-gellens-03 to draft-ietf-00 . . . . .  42
     17.21. Changes from draft-gellens-02 to -03 . . . . . . . . . .  42
     17.22. Changes from draft-gellens-01 to -02 . . . . . . . . . .  43
     17.23. Changes from draft-gellens-00 to -01 . . . . . . . . . .  43
   18. References  . . . . . . . . . . . . . . . . . . . . . . . . .  43



Gellens & Tschofenig     Expires August 18, 2017                [Page 3]


Internet-Draft            Next-Generation eCall            February 2017


     18.1.  Normative References . . . . . . . . . . . . . . . . . .  43
     18.2.  Informative references . . . . . . . . . . . . . . . . .  44
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  46

1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

   This document re-uses terminology defined in Section 3 of [RFC5012].

   Additionally, we use the following abbreviations:

            +--------+----------------------------------------+
            | Term   | Expansion                              |
            +--------+----------------------------------------+
            | 3GPP   | 3rd Generation Partnership Project     |
            |        |                                        |
            | CEN    | European Committee for Standardization |
            |        |                                        |
            | EENA   | European Emergency Number Association  |
            |        |                                        |
            | ESInet | Emergency Services IP network          |
            |        |                                        |
            | IMS    | IP Multimedia Subsystem                |
            |        |                                        |
            | IVS    | In-Vehicle System                      |
            |        |                                        |
            | MNO    | Mobile Network Operator                |
            |        |                                        |
            | MSD    | Minimum Set of Data                    |
            |        |                                        |
            | PSAP   | Public Safety Answering Point          |
            +--------+----------------------------------------+

2.  Document Scope

   This document is focused on the signaling, data exchange, and
   protocol needs of next-generation eCall (NG-eCall, also referred to
   as packet-switched eCall or all-IP eCall) within the SIP framework
   for emergency calls (as described in [RFC6443] and [RFC6881]).  eCall
   itself is specified by 3GPP (3rd Generation Partnership Project) and
   CEN (European Committee for Standardization) and these specifications
   include far greater scope than is covered here.

   The eCall service operates over cellular wireless communication, but
   this document does not address cellular-specific details, nor client



Gellens & Tschofenig     Expires August 18, 2017                [Page 4]


Internet-Draft            Next-Generation eCall            February 2017


   domain selection (e.g., circuit-switched versus packet-switched).
   All such aspects are the purview of their respective standards
   bodies.  The scope of this document is limited to eCall operating
   within a SIP-based environment (e.g., 3GPP IMS Emergency Calling
   [TS23.167]).

   Although this specification is designed to meet the requirements of
   pan-European next-generation eCall, it is specified generically such
   that the technology can be re-used or extended to suit requirements
   across jurisdictions (see, e.g., [I-D.ietf-ecrit-car-crash]), and
   extension points are provided to facilitate this.

   Note that vehicles designed for multiple regions might need to
   support eCall and other Advanced Automatic Crash Notification (AACN)
   systems (such as described in [I-D.ietf-ecrit-car-crash]), but this
   is out of scope of this document.

3.  Introduction

   Emergency calls made from vehicles (e.g., in the event of a crash)
   assist in significantly reducing road deaths and injuries by allowing
   emergency services to be aware of the incident, the state of the
   vehicle, the location of the vehicle, and to have a voice channel
   with the vehicle occupants.  This enables a quick and appropriate
   response.

   The European Commission initiative of eCall was conceived in the late
   1990s, and has evolved to a European Parliament decision requiring
   the implementation of a compliant in-vehicle system (IVS) in new
   vehicles and the deployment of eCall in the European Member States in
   the very near future.  Other regions are developing eCall-compatible
   systems.

   The pan-European eCall system is a standardized and mandated
   mechanism for emergency calls by vehicles, providing a voice channel
   and transmission of data.  eCall establishes procedures for such
   calls to be placed by in-vehicle systems, recognized and processed by
   the mobile network, and routed to a specialized PSAP where the
   vehicle data is available to assist the call taker in assessing and
   responding to the situation.  eCall provides a standard set of
   vehicle, sensor (e.g., crash related), and location data.

   An eCall can be either user-initiated or automatically triggered.
   Automatically triggered eCalls indicate a car crash or some other
   serious incident.  Manually triggered eCalls might be reports of
   witnessed crashes or serious hazards.  PSAPs might apply specific
   operational handling to manual and automatic eCalls.




Gellens & Tschofenig     Expires August 18, 2017                [Page 5]


Internet-Draft            Next-Generation eCall            February 2017


   Legacy eCall is standardized (by 3GPP [SDO-3GPP] and CEN [CEN]) as a
   3GPP circuit-switched call over GSM (2G) or UMTS (3G).  Flags in the
   call setup mark the call as an eCall, and further indicate if the
   call was automatically or manually triggered.  The call is routed to
   an eCall-capable PSAP, a voice channel is established between the
   vehicle and the PSAP, and an eCall in-band modem is used to carry a
   defined set of vehicle, sensor (e.g., crash related), and location
   data (the Minimum Set of Data or MSD) within the voice channel.  The
   same in-band mechanism is used for the PSAP to acknowledge successful
   receipt of the MSD, and to request the vehicle to send a new MSD
   (e.g., to check if the state of or location of the vehicle or its
   occupants has changed).  NG-eCall moves from circuit switched to all-
   IP, and carries the vehicle data and eCall signaling as additional
   data carried with the call.  This document describes how IETF
   mechanisms for IP-based emergency calls (including [RFC6443] and
   [RFC7852]) are used to provide the signaling and data exchange of the
   next generation of pan-European eCall.

   The European Telecommunications Standards Institute (ETSI) [SDO-ETSI]
   has published a Technical Report titled "Mobile Standards Group
   (MSG); eCall for VoIP" [MSG_TR] that presents findings and
   recommendations regarding support for eCall in an all-IP environment.
   The recommendations include the use of 3GPP IMS emergency calling
   with additional elements identifying the call as an eCall and as
   carrying eCall data and with mechanisms for carrying the data and
   eCall signaling.  3GPP IMS emergency services support multimedia,
   providing the ability to carry voice, text, and video.  This
   capability is referred to within 3GPP as Multimedia Emergency
   Services (MMES).

   A transition period will exist during which time the various entities
   involved in initiating and handling an eCall might support next-
   generation eCall, legacy eCall, or both.  The issues of migration and
   co-existence during the transition period are outside the scope of
   this document.

   This document indicates how to use IP-based emergency services
   mechanisms to support next-generation eCall.

   This document also registers MIME media types and an Emergency Call
   Additional Data Block for the eCall vehicle data (MSD) and metadata/
   control data, and an INFO package to enable carrying this data in SIP
   INFO requests.

   The MSD is carried in the MIME type 'application/
   emergencyCallData.eCall.MSD' and the metadata/control block is
   carried in the MIME type 'application/emergencyCallData.control+xml'
   (both of which are registered in Section 14).  An INFO package is



Gellens & Tschofenig     Expires August 18, 2017                [Page 6]


Internet-Draft            Next-Generation eCall            February 2017


   defined (in Section 14.9) to enable these MIME types to be carried in
   SIP INFO requests, per [RFC6086].

4.  eCall Requirements

   eCall requirements are specified by CEN in [EN_16072] and by 3GPP in
   [TS22.101] clauses 10.7 and A.27 and [TS24.229] section 4.7.6.
   Requirements specific to vehicle data are contained in EN 15722
   [msd].

5.  Vehicle Data

   Pan-European eCall provides a standardized and mandated set of
   vehicle related data (including VIN, vehicle type, propulsion type,
   current and optionally previous location coordinates, and number of
   occupants), known as the Minimum Set of Data (MSD).  The European
   Committee for Standardization (CEN) has specified this data in EN
   15722 [msd], along with both ASN.1 and XML encodings.  Both circuit-
   switched eCall and this document use the ASN.1 PER encoding, which is
   specified in Annex A of EN 15722 [msd] (the XML encoding specified in
   Annex C is not used in this document, per 3GPP [SDO-3GPP]).

   This document registers the 'application/emergencyCallData.eCall.MSD'
   MIME media type to enable the MSD to be carried in SIP.  As an ASN.1
   PER encoded object, the data is binary and transported using binary
   content transfer encoding within SIP messages.  This document also
   adds the 'eCall.MSD' entry to the Emergency Call Additional Data
   Types registry to enable the MSD to be recognized as such in a SIP-
   based eCall emergency call.  (See [RFC7852] for more information
   about the registry and how it is used.)

   See Section 6 for a discussion of how the MSD vehicle data is
   conveyed in an NG-eCall.

6.  Data Transport

   [RFC7852] establishes a general mechanism for conveying blocks of
   data within a SIP emergency call.  This document makes use of that
   mechanism to include vehicle data (the MSD, see Section 5) and/or
   metadata/control information (see Section 9) within SIP messages.
   This document also registers an INFO package (in Section 14.9) to
   enable eCall related data blocks to be carried in SIP INFO requests
   (per [RFC6086], new INFO usages require the definition of an INFO
   package).

   Note that if other data sets need to be transmitted in the future,
   the appropriate signalling mechanism for such data needs to be




Gellens & Tschofenig     Expires August 18, 2017                [Page 7]


Internet-Draft            Next-Generation eCall            February 2017


   evaluated, including factors such as the size and frequency of such
   data.

   An In-Vehicle System (IVS) transmits an MSD (see Section 5) by
   encoding it per Annex A of EN 15722 [msd], and including it as a MIME
   body part within a SIP message per [RFC7852].  The body part is
   identified by its MIME media type ('application/
   emergencyCallData.eCall.MSD') in the Content-Type header field of the
   body part.  The body part is assigned a unique identifier which is
   listed in a Content-ID header field in the body part.  The SIP
   message is marked as containing the MSD by adding (or appending to) a
   Call-Info header field at the top level of the SIP message.  This
   Call-Info header field contains a CID URL referencing the body part's
   unique identifier, and a 'purpose' parameter identifying the data as
   the eCall MSD per the Emergency Call Additional Data Types registry
   entry; the 'purpose' parameter's value is
   'emergencyCallData.eCall.MSD'.  Per [RFC6086], an MSD is carried in a
   SIP INFO request by using the INFO package defined in Section 14.9.

   A PSAP or IVS transmits a metadata/control object (see Section 9) by
   encoding it per the description in this document, and including it
   within a SIP message as a MIME body part per [RFC7852].  The body
   part is identified by its MIME media type ('application/
   emergencyCallData.control+xml') in the Content-Type header field of
   the body part.  The body part is assigned a unique identifier which
   is listed in a Content-ID header field in the body part.  The SIP
   message is marked as containing the metadata/control object by adding
   (or appending to) a Call-Info header field at the top level of the
   SIP message.  This Call-Info header field contains a CID URL
   referencing the body part's unique identifier, and a 'purpose'
   parameter identifying the data as an eCall metadata/control block per
   the Emergency Call Additional Data Types registry entry; the
   'purpose' parameter's value is 'emergencyCallData.control'.  Per
   [RFC6086], a metadata/control object is carried in a SIP INFO request
   by using the INFO package defined in Section 14.9.

   An MSD or a metadata/control block is always enclosed in a multipart
   body part (even if it would otherwise be the only body part in the
   SIP message).

   A body part containing an MSD or metadata/control object has a
   Content-Disposition header field value containing "By-Reference".

   An In-Vehicle System (IVS) initiating an NG-eCall includes an MSD as
   a body part within the initial INVITE, and optionally also includes a
   metadata/control object informing the PSAP of its capabilities as
   another body part.  The MSD body part (and metadata/control and PIDF-
   LO body parts if included) have a Content-Disposition header field



Gellens & Tschofenig     Expires August 18, 2017                [Page 8]


Internet-Draft            Next-Generation eCall            February 2017


   with the value "By-Reference; handling=optional".  Specifying
   "handling=optional" prevents the SIP INVITE request from being
   rejected if it is processed by a legacy element (e.g., a gateway
   between SIP and circuit-switched environments) that does not
   understand the MSD (or metadata/control object or PIDF-LO).  The PSAP
   creates a metadata/control object acknowledging receipt of the MSD
   and includes it as a body part within the SIP final response to the
   SIP INVITE request per [RFC7852].  A metadata/control object is not
   included in provisional (e.g., 180) responses.

   A PSAP is able to reject a call while indicating that it is aware of
   the situation by including a metadata/control object acknowledging
   the MSD and containing "received=true" within a final response using
   SIP response code 600 (Busy Everywhere), 486 (Busy Here), or 603
   (Decline), per [RFC7852].

   If the IVS receives an acknowledgment for an MSD containing
   "received=false", this indicates that the PSAP was unable to properly
   decode or process the MSD.  The IVS action is not defined (e.g., it
   might only log an error).  Since the PSAP is able to request an
   updated MSD during the call, if an initial MSD is unsatisfactory in
   any way, the PSAP can choose to request another one.

   A PSAP can request that the vehicle send an updated MSD during a call
   (e.g., upon manual request of the PSAP call taker who suspects
   vehicle state may have changed.)  To do so, the PSAP creates a
   metadata/control object requesting an MSD and includes it within a
   SIP INFO request sent within the dialog.  The IVS then includes an
   updated MSD within a SIP INFO request and sends it within the dialog.
   If the IVS is unable to send an MSD, it instead sends a metadata/
   control object acknowledging the request with the 'success' parameter
   set to 'false' and a 'reason' parameter (and optionally a 'details'
   parameter) indicating why the request could not be accomplished.  Per
   [RFC6086], metadata/control objects and MSDs are sent using the INFO
   package defined in Section 14.9.  In addition, to align with how an
   MSD or metadata/control block is transmitted in a SIP message other
   than an INFO request, a Call-Info header field is included in the SIP
   INFO request to reference the MSD or metadata/control block per
   [RFC7852].  See Section 14.9 for information about the use of SIP
   INFO requests to carry data within an eCall.

   The IVS is not expected to send an unsolicited MSD after the initial
   INVITE.

   This document does not mandate support for the data blocks defined in
   [RFC7852].





Gellens & Tschofenig     Expires August 18, 2017                [Page 9]


Internet-Draft            Next-Generation eCall            February 2017


7.  Call Setup

   In circuit-switched eCall, the IVS places a special form of a 112
   emergency call which carries an eCall flag (indicating that the call
   is an eCall and also if the call was manually or automatically
   triggered); the mobile network operator (MNO) recognizes the eCall
   flag and routes the call to an eCall-capable PSAP; vehicle data is
   transmitted to the PSAP via the eCall in-band modem (in the voice
   channel).

      ///----\\\      112 voice call with eCall flag      +------+
     ||| IVS  |||---------------------------------------->+ PSAP |
      \\\----///   vehicle data via eCall in-band modem   +------+


                     Figure 1: circuit-switched eCall

   For NG-eCall, the IVS establishes an emergency call using a Request-
   URI indicating a manual or automatic eCall; the MNO (or ESInet)
   recognizes the eCall URN and routes the call to an NG-eCall capable
   PSAP; the PSAP interprets the vehicle data sent with the call and
   makes it available to the call taker.

     ///----\\\     IMS emergency call with eCall URN    +------+
        IVS    ----------------------------------------->+ PSAP |
     \\\----///    vehicle data included in call setup   +------+

                            Figure 2: NG-eCall

   See Section 6 for information on how the MSD is transported within an
   NG-eCall.

   This document adds new service URN children within the "sos"
   subservice.  These URNs provide the mechanism by which an eCall is
   identified, and differentiate between manually and automatically
   triggered eCalls (which might be subject to different treatment,
   depending on policy).  The two service URNs are:
   urn:service:sos.ecall.automatic and urn:service:sos.ecall.manual,
   which requests resources associated with an emergency call placed by
   an in-vehicle system, carrying a standardized set of data related to
   the vehicle and incident.  These are registered in Section 14.2

   Call routing is outside the scope of this document.








Gellens & Tschofenig     Expires August 18, 2017               [Page 10]


Internet-Draft            Next-Generation eCall            February 2017


8.  Test Calls

   eCall requires the ability to place test calls (see [TS22.101] clause
   10.7 and [EN_16062] clause 7.2.2).  These are calls that are
   recognized and treated to some extent as eCalls but are not given
   emergency call treatment and are not handled by call takers.  The
   specific handling of test eCalls is not itself standardized;
   typically, the test call facility allows the IVS or user to verify
   that an eCall can be successfully established with voice
   communication.  The IVS might also be able to verify that the MSD was
   successfully received.

   A service URN starting with "test." indicates a test call.  For
   eCall, "urn:service:test.sos.ecall" indicates such a test feature.
   This functionality is defined in [RFC6881].

   This document specifies "urn:service:test.sos.ecall" for eCall test
   calls.  This is registered in Section 14.2

   The circuit switched eCall test call facility is a non-emergency
   number so does not get treated as an emergency call.  For NG-eCall,
   MNOs, emergency authorities, and PSAPs can determine how to treat a
   vehicle call requesting the "test" service URN so that the desired
   functionality is tested, but this is outside the scope of this
   document.

9.  The Metadata/Control Object

   eCall requires the ability for the PSAP to acknowledge successful
   receipt of an MSD sent by the IVS, and for the PSAP to request that
   the IVS send an MSD (e.g., the call taker can initiate a request for
   a new MSD to see if there have been changes in the vehicle's state,
   e.g., location, direction, number of fastened seatbelts).

   This document defines a block of metadata/control data as an XML
   structure containing elements used for eCall and other related
   emergency call systems and extension points.  (This metadata/control
   block is in effect a high-level protocol between the PSAP and IVS.)
   When the PSAP sends a metadata/control block in response to data sent
   by the IVS in a SIP request other than INFO (e.g., the MSD in the
   initial INVITE), the metadata/control block is sent in the SIP
   response to that request (e.g., the response to the INVITE request).
   When the PSAP sends a control block in other circumstances (e.g.,
   mid-call), the control block is transmitted from the PSAP to the IVS
   in a SIP INFO request within the established dialog.  The IVS sends
   the requested data (the MSD) in a new SIP INFO request (per
   [RFC6086]).  This mechanism flexibly allows the PSAP to send eCall-
   specific data to the IVS and the IVS to respond.  SIP INFO requests



Gellens & Tschofenig     Expires August 18, 2017               [Page 11]


Internet-Draft            Next-Generation eCall            February 2017


   are sent using an appropriate SIP INFO Package.  See Section 6 for
   more information on sending a metadata/control block within a SIP
   message.  See Section 14.9 for information about the use of SIP INFO
   requests to carry data within an eCall.

   When the IVS includes an unsolicited MSD in a SIP request (e.g., the
   initial INVITE), the PSAP sends a metadata/control block indicating
   successful/unsuccessful receipt of the MSD in the SIP response to the
   request.  This also informs the IVS that an NG-eCall is in operation.
   If the IVS receives a SIP final response without the metadata/control
   block, it indicates that the SIP dialog is not an NG-eCall (e.g.,
   some part of the call is being handled as a legacy call).  When the
   IVS sends a solicited MSD (e.g., in a SIP INFO request sent following
   receipt of a SIP INFO request containing a metadata/control block
   requesting an MSD), the PSAP does not send a metadata/control block
   indicating successful or unsuccessful receipt of the MSD.  (Normal
   SIP retransmission handles non-receipt of requested data; note that,
   per [RFC6086], a 200 OK response to a SIP INFO request indicates only
   that the receiver has successfully received and accepted the SIP INFO
   request, it says nothing about the acceptability of the payload.)  If
   the IVS receives a request to send an MSD but it is unable to do so
   for any reason, the IVS sends a metadata/control object acknowledging
   the request and containing "success=false" and "reason" set to an
   appropriate code.

   This provides flexibility to handle various circumstances.  For
   example, if a PSAP is unable to accept an eCall (e.g., due to
   overload or too many calls from the same location), it can reject the
   INVITE.  Since a metadata/control object is also included in the SIP
   response that rejects the call, the IVS knows if the PSAP received
   the MSD, and can inform the vehicle occupants that the PSAP
   successfully received the vehicle location and information but can't
   talk to the occupants at that time.  Especially for SIP response
   codes that indicate an inability to conduct a call (as opposed to a
   technical inability to process the request), the IVS can also
   determine that the call was successful on a technical level (e.g.,
   not helpful to retry as circuit-switched).  (Note that there could be
   edge cases where the PSAP response is not received by the IVS, e.g.,
   if an intermediary sends a CANCEL, and an error response is forwarded
   towards the IVS before the error response from the PSAP is received,
   the response will be dropped, but these are unlikely to occur here.)

   The metadata/control block is carried in the MIME type 'application/
   emergencyCallData.control+xml'.

   The metadata/control block is designed for use with pan-European
   eCall and also eCall-like systems (i.e., in other regions), and has
   extension points.  Note that eCall-like systems might define their



Gellens & Tschofenig     Expires August 18, 2017               [Page 12]


Internet-Draft            Next-Generation eCall            February 2017


   own vehicle data blocks, and so might need to register a new INFO
   package to accommodate the new data MIME media type and the metadata/
   control object.

9.1.  The Control Block

   The control block is an XML data structure allowing for
   acknowledgments, requests, and capabilities information.  It is
   carried in a body part with a specific MIME media type.  Three
   elements are defined for use within a control block:

   ack           Acknowledges receipt of data or a request.

   capabilities  Used in a control block sent from the IVS to the PSAP
                 (e.g., in the initial INVITE) to inform the PSAP of the
                 vehicle capabilities.  Child elements contain all
                 actions and data types supported by the vehicle.  It is
                 OPTIONAL for the IVS to send this block.  Omitting the
                 block indicates that the IVS supports only the
                 mandatory functionality defined in this document.

   request       Used in a control block sent by the PSAP to the IVS, to
                 request the vehicle to perform an action.

   The <ack> element indicates the object being acknowledged and reports
   success or failure.

   The <request> element contains attributes to indicate the request and
   to supply related information.  The 'action' attribute is mandatory
   and indicates the specific action.  An IANA registry is created in
   Section 14.8.1 to contain the allowed values.

   The <capabilities> element has child <request> elements to indicate
   the actions supported by the IVS.

9.1.1.  The <ack> element

   The <ack> element acknowledges receipt of an eCall data object or
   request.  An <ack> element references the Content-ID of the object
   being acknowledged.  The PSAP MUST send an <ack> element
   acknowledging receipt of an unsolicited MSD (e.g., sent by the IVS in
   the INVITE); this <ack> element indicates if the PSAP considers the
   MSD successfully received or not.  An <ack> element is not sent for a
   <capabilities> element.

   The <ack> element has the following attributes:





Gellens & Tschofenig     Expires August 18, 2017               [Page 13]


Internet-Draft            Next-Generation eCall            February 2017


9.1.1.1.  Attributes of the <ack> element

   The <ack> element has the following attributes:

   Name:  ref
   Usage:  Mandatory
   Type:  anyURI
   Direction:  Sent in either direction
   Description:  References the Content-ID of the body part being
      acknowledged.
   Example:  <ack received="true" ref="1234567890@atlanta.example.com"/>

   Name:  received
   Usage:  Conditional: mandatory in an <ack> element sent by a PSAP
   Type:  Boolean
   Direction:  In this document, sent from the PSAP to the IVS
   Description:  Indicates if the referenced object was considered
      successfully received or not.
   Example:  <ack received="true" ref="1234567890@atlanta.example.com"/>

9.1.1.2.  Child Element of the <ack> element

   For extensibility, the <ack> element has the following child element:

   Name:  actionResult
   Usage:  Optional
   Direction:  Sent from the IVS to the PSAP
   Description:  An <actionResult> element indicates the result of an
      action (other than a successfully executed 'send-data' action).
      The <ack> element contains an <actionResult> element for each
      <request> element that is not a successfully executed 'send-data'
      action.  The <actionResult> element has the following attributes:



      Name:  action
      Usage:  Mandatory
      Type:  token
      Description:  Contains the value of the 'action' attribute of the
         <request> element

      Name:  success
      Usage:  Mandatory
      Type:  Boolean
      Description:  Indicates if the action was successfully
         accomplished

      Name:  reason



Gellens & Tschofenig     Expires August 18, 2017               [Page 14]


Internet-Draft            Next-Generation eCall            February 2017


      Usage:  Conditional
      Type:  token
      Description:  Used when 'success' is "false", this attribute
         contains a reason code for a failure.  A registry for reason
         codes is defined in Section 14.8.2.  The initial values are:
         damaged (required components are damaged), data-unsupported
         (the data item referenced in a 'send-data' request is not
         supported), security-failure (the authenticity of the request
         or the authority of the requestor could not be verified),
         unable (a generic error for use when no other code is
         appropriate), and unsupported (the 'action' value is not
         supported).

      Name:  details
      Usage:  optional
      Type:  string
      Description:  Contains further explanation of the circumstances of
         a success or failure.  The contents are implementation-specific
         and human-readable.  This is intended for internal use and
         troubleshooting, not for display to vehicle occupants.

9.1.1.3.  Ack Examples


       <?xml version="1.0" encoding="UTF-8"?>
       <emergencyCallData.control
           xmlns="urn:ietf:params:xml:ns:EmergencyCallData:control"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

       <ack received="true" ref="1234567890@atlanta.example.com"/>

       </emergencyCallData.control>


                  Figure 3: Ack Example from PSAP to IVS

9.1.2.  The <capabilities> element

   The <capabilities> element is transmitted by the IVS to indicate to
   the PSAP its capabilities.  No attributes for this element are
   currently defined.  The following child elements are defined:

9.1.2.1.  Child Element of the <capabilities> element

   The <capabilities> element has the following child element:

   Name:  request
   Usage:  Mandatory



Gellens & Tschofenig     Expires August 18, 2017               [Page 15]


Internet-Draft            Next-Generation eCall            February 2017


   Description:  The <capabilities> element contains a <request> child
      element per action supported by the vehicle.

   Example:





         <capabilities>

            <request action="send-data" supported-values="eCall.MSD" />

         </capabilities>

   It is OPTIONAL for the IVS to support the <capabilities> element.  If
   the IVS does not send a <capabilities> element, this indicates that
   the only <request> action supported by the IVS is 'send-data' with
   'datatype' set to 'eCall.MSD'.

9.1.2.2.  Capabilities Example


       <?xml version="1.0" encoding="UTF-8"?>
       <EmergencyCallData.Control
           xmlns="urn:ietf:params:xml:ns:EmergencyCallData:control">

       <capabilities>
           <request action="send-data" supported-values="eCall.MSD"/>
       </capabilities>

       </EmergencyCallData.Control>


                      Figure 4: Capabilities Example

9.1.3.  The <request> element

   A <request> element appears one or more times on its own or as a
   child of a <capabilities> element.  It allows the PSAP to request
   that the IVS perform an action.  The only action that MUST be
   supported is to send an MSD.  The following attributes and child
   elements are defined:








Gellens & Tschofenig     Expires August 18, 2017               [Page 16]


Internet-Draft            Next-Generation eCall            February 2017


9.1.3.1.  Attributes of the <request> element

   The <request> element has the following attributes:

   Name:  action
   Usage:  Mandatory
   Type:  token
   Direction:  Sent in either direction
   Description:  Identifies the action that the vehicle is requested to
      perform (in a <request> element within a <capabilities> element,
      indicates an action that the vehicle is capable of performing).
      An IANA registry is established in Section 14.8.1 to contain the
      allowed values.
   Example:  action="send-data"

   Name:  int-id
   Usage:  Conditional
   Type:  int
   Direction:  Sent in either direction
   Description:  Defined for extensibility.  Documents that make use of
      it are expected to explain when it is required and how it is used.
   Example:  int-id="3"

   Name:  persistence
   Usage:  Optional
   Type:  xs:duration
   Direction:  Sent in either direction
   Description:  Defined for extensibility.  Specifies how long to carry
      on the specified action.  If absent, the default is for the
      duration of the call.
   Example:  persistence="PT1H"

   Name:  datatype
   Usage:  Conditional
   Type:  token
   Direction:  Sent in either direction
   Description:  Mandatory with a "send-data" action within a <request>
      element that is not within a <capabilities> element.  Specifies
      the data block that the IVS is requested to transmit, using the
      same identifier as in the 'purpose' attribute set in a Call-Info
      header field to point to the data block.  Permitted values are
      contained in the 'Emergency Call Data Types' IANA registry
      established in [RFC7852].  Only the "eCall.MSD" value is mandatory
      to support.
   Example:  datatype="eCall.MSD"

   Name:  supported-values
   Usage:  Conditional



Gellens & Tschofenig     Expires August 18, 2017               [Page 17]


Internet-Draft            Next-Generation eCall            February 2017


   Type:  string
   Direction:  Sent from the IVS to the PSAP
   Description:  Defined for extensibility.  Used in a <request> element
      that is a child of a <capability> element, this attribute lists
      all supported values of the action type.  Permitted values depend
      on the action value.  Multiple values are separated with a
      semicolon.  White space is ignored.  Documents that make use of it
      are expected to explain when it is required, the permitted values,
      and how it is used.

   Name:  requested-state
   Usage:  Conditional
   Type:  token
   Direction:  Sent from the PSAP to the IVS
   Description:  Defined for extension.  Indicates the requested state
      of an element associated with the request type.  Permitted values
      depend on the request type.  Documents that make use of it are
      expected to explain when it is required, the permitted values, and
      how it is used.

   Name:  element-id
   Usage:  Conditional
   Type:  token
   Direction:  Sent from the PSAP to the IVS
   Description:  Defined for extension.  Identifies the element to be
      acted on.  Permitted values depend on the request type.  Documents
      that make use of it are expected to explain when it is required,
      the permitted values, and how it is used.

9.1.3.2.  Request Example


       <?xml version="1.0" encoding="UTF-8"?>
       <emergencyCallData.control
           xmlns="urn:ietf:params:xml:ns:EmergencyCallData:control">

       <request action="send-data" datatype="eCall.MSD"/>

       </emergencyCallData.control>


                         Figure 5: Request Example

10.  Examples

   Figure 6 illustrates an eCall.  The call uses the request URI
   'urn:service:sos.ecall.automatic' service URN and is recognized as an
   eCall, and further as one that was invoked automatically by the IVS



Gellens & Tschofenig     Expires August 18, 2017               [Page 18]


Internet-Draft            Next-Generation eCall            February 2017


   due to a crash or other serious incident.  In this example, the
   originating network routes the call to an ESInet which routes the
   call to the appropriate NG-eCall capable PSAP.  The emergency call is
   received by the ESInet's Emergency Services Routing Proxy (ESRP), as
   the entry point into the ESInet.  The ESRP routes the call to a PSAP,
   where it is received by a call taker.  In deployments where there is
   no ESInet, the originating network routes the call directly to the
   appropriate NG-eCall capable PSAP, an illustration of which would be
   identical to the one below except without an ESInet or ESRP.


               +------------+  +---------------------------------------+
               |            |  |                  +-------+            |
               |            |  |                  | PSAP2 |            |
               |            |  |                  +-------+            |
               |            |  |                                       |
               |            |  |  +------+     +-------+               |
     Vehicle-->|            |--+->| ESRP |---->| PSAP1 |--> Call-Taker |
               |            |  |  +------+     +-------+               |
               |            |  |                                       |
               |            |  |                  +-------+            |
               |            |  |                  | PSAP3 |            |
               | Originating|  |                  +-------+            |
               |   Mobile   |  |                                       |
               |  Network   |  |                ESInet                 |
               +------------+  +---------------------------------------+

                Figure 6: Example of NG-eCall Message Flow

   Figure 7 illustrates an eCall call flow with a mid-call PSAP request
   for an updated MSD.  The call flow shows the IVS initiating an
   emergency call, including the MSD in the INVITE.  The PSAP includes
   in the 200 OK response a metadata/control object acknowledging
   receipt of the MSD.  During the call, the PSAP sends a request for an
   MSD in an INFO request.  The IVS sends the requested MSD in a new
   INFO request.















Gellens & Tschofenig     Expires August 18, 2017               [Page 19]


Internet-Draft            Next-Generation eCall            February 2017


            IVS                                         PSAP
             |(1) INVITE (eCall MSD)                      |
             |------------------------------------------->|
             |                                            |
             |(2) 200 OK (eCall metadata [ack MSD])       |
             |<-------------------------------------------|
             |                                            |
             |(3) start media stream(s)                   |
             |............................................|
             |                                            |
             |(4) INFO (eCall metadata [request MSD])     |
             |<-------------------------------------------|
             |                                            |
             |(5) 200 OK                                  |
             |------------------------------------------->|
             |                                            |
             |(6) INFO (eCall MSD)                        |
             |------------------------------------------->|
             |                                            |
             |(7) 200 OK                                  |
             |<-------------------------------------------|
             |                                            |
             |(8) BYE                                     |
             |<-------------------------------------------|
             |                                            |
             |(9) end media streams                       |
             |............................................|
             |                                            |
             |(10) 200 OK                                 |
             |------------------------------------------->|

                 Figure 7: NG-eCall Call Flow Illustration

   The example, shown in Figure 8, illustrates a SIP eCall INVITE
   request containing an MSD.  For simplicity, the example does not show
   all SIP headers, nor the SDP contents, nor does it show any
   additional data blocks added by the IVS or the originating mobile
   network.  Because the MSD is encoded in ASN.1 PER, which is a binary
   encoding, its contents cannot be included in a text document.












Gellens & Tschofenig     Expires August 18, 2017               [Page 20]


Internet-Draft            Next-Generation eCall            February 2017


      INVITE urn:service:sos.ecall.automatic SIP/2.0
      To: urn:service:sos.ecall.automatic
      From: <sip:+13145551111@example.com>;tag=9fxced76sl
      Call-ID: 3848276298220188511@atlanta.example.com
      Geolocation: <cid:target123@example.com>
      Geolocation-Routing: no
      Call-Info: <cid:1234567890@atlanta.example.com>;
                 purpose=emergencyCallData.eCall.MSD
      Accept: application/sdp, application/pidf+xml,
              application/emergencyCallData.control+xml
      CSeq: 31862 INVITE
      Recv-Info: emergencyCallData.eCall.MSD
      Allow: INVITE, ACK, PRACK, INFO, OPTIONS, CANCEL, REFER, BYE,
             SUBSCRIBE, NOTIFY, UPDATE
      Content-Type: multipart/mixed; boundary=boundary1
      Content-Length: ...

      --boundary1
      Content-Type: application/sdp

           ...Session Description Protocol (SDP) goes here...

      --boundary1
      Content-Type: application/pidf+xml
      Content-ID: <target123@example.com>
      Content-Disposition: by-reference;handling=optional

            ...PIDF-LO goes in here

      --boundary1
      Content-Type: application/emergencyCallData.eCall.MSD
      Content-ID: <1234567890@atlanta.example.com>
      Content-Disposition: by-reference;handling=optional

           ...MSD in ASN.1 PER encoding goes here...

       --boundary1--

                       Figure 8: SIP NG-eCall INVITE

   Continuing the example, Figure 9 illustrates a SIP 200 OK response to
   the INVITE request of Figure 8, containing a control block
   acknowledging successful receipt of the eCall MSD.  (For simplicity,
   the example does not show all SIP headers.)







Gellens & Tschofenig     Expires August 18, 2017               [Page 21]


Internet-Draft            Next-Generation eCall            February 2017


      SIP/2.0 200 OK
      To: urn:service:sos.ecall.automatic;tag=8gydfe65t0
      From: <sip:+13145551111@example.com>;tag=9fxced76sl
      Call-ID: 3848276298220188511@atlanta.example.com
      Call-Info: <cid:2345678901@atlanta.example.com>;
                 purpose=emergencyCallData.control
      Accept: application/sdp, application/pidf+xml,
              application/emergencyCallData.control+xml,
              application/emergencyCallData.eCall.MSD
      CSeq: 31862 INVITE
      Recv-Info: emergencyCallData.eCall.MSD
      Allow: INVITE, ACK, PRACK, INFO, OPTIONS, CANCEL, REFER, BYE,
             SUBSCRIBE, NOTIFY, UPDATE
      Content-Type: multipart/mixed; boundary=boundaryX
      Content-Length: ...

      --boundaryX
      Content-Type: application/sdp

           ...Session Description Protocol (SDP) goes here...

      --boundaryX
      Content-Type: application/emergencyCallData.control+xml
      Content-ID: <2345678901@atlanta.example.com>
      Content-Disposition: by-reference

      <?xml version="1.0" encoding="UTF-8"?>
      <emergencyCallData.control
          xmlns="urn:ietf:params:xml:ns:EmergencyCallData:control">

      <ack received="true" ref="1234567890@atlanta.example.com"/>
      </emergencyCallData.control>

      --boundaryX--

                    Figure 9: 200 OK response to INVITE

   Figure 10 illustrates a SIP INFO request containing a metadata/
   control block requesting an eCall MSD.  (For simplicity, the example
   does not show all SIP headers.)











Gellens & Tschofenig     Expires August 18, 2017               [Page 22]


Internet-Draft            Next-Generation eCall            February 2017


    INFO sip:+13145551111@example.com SIP/2.0
    To: <sip:+13145551111@example.com>;tag=9fxced76sl
    From: Exemplar PSAP <urn:service:sos.ecall.automatic>;tag=8gydfe65t0
    Call-ID: 3848276298220188511@atlanta.example.com
    Call-Info: <cid:3456789012@atlanta.example.com>;
               purpose=emergencyCallData.control
    CSeq: 41862 INFO
    Info-Package: emergencyCallData.eCall.MSD
    Allow: INVITE, ACK, PRACK, INFO, OPTIONS, CANCEL, REFER, BYE,
           SUBSCRIBE, NOTIFY, UPDATE
    Content-Type: multipart/mixed; boundary=boundaryZZZ
    Content-Disposition: Info-Package
    Content-Length: ...

    --boundaryZZZ
    Content-Disposition: by-reference
    Content-Type: application/emergencyCallData.control+xml
    Content-ID: <3456789012@atlanta.example.com>

    <?xml version="1.0" encoding="UTF-8"?>
    <emergencyCallData.control
        xmlns="urn:ietf:params:xml:ns:EmergencyCallData:control">

    <request action="send-data" datatype="eCall.MSD"/>

    </emergencyCallData.control>
     --boundaryZZZ--

                      Figure 10: INFO requesting MSD

   Figure 11 illustrates a SIP INFO request containing an MSD.  For
   simplicity, the example does not show all SIP headers.  Because the
   MSD is encoded in ASN.1 PER, which is a binary encoding, its contents
   cannot be included in a text document.

















Gellens & Tschofenig     Expires August 18, 2017               [Page 23]


Internet-Draft            Next-Generation eCall            February 2017


      INFO urn:service:sos.ecall.automatic SIP/2.0
      To: urn:service:sos.ecall.automatic;tag=8gydfe65t0
      From: <sip:+13145551111@example.com>;tag=9fxced76sl
      Call-ID: 3848276298220188511@atlanta.example.com
      Call-Info: <cid:4567890123@atlanta.example.com>;
                 purpose=emergencyCallData.eCall.MSD
      CSeq: 51862 INFO
      Info-Package: emergencyCallData.eCall.MSD
      Allow: INVITE, ACK, PRACK, INFO, OPTIONS, CANCEL, REFER, BYE,
             SUBSCRIBE, NOTIFY, UPDATE
      Content-Type: multipart/mixed; boundary=boundaryLine
      Content-Disposition: Info-Package
      Content-Length: ...

      --boundaryLine
      Content-Type: application/emergencyCallData.eCall.MSD
      Content-ID: <4567890123@atlanta.example.com>
      Content-Disposition: by-reference

           ...MSD in ASN.1 PER encoding goes here...

      --boundaryLine--

                      Figure 11: INFO containing MSD

11.  Security Considerations

   The security considerations described in [RFC5069] (on marking and
   routing emergency calls) apply here.

   In addition to any network-provided location (which might be
   determined solely by the network, or in cooperation with or possibly
   entirely by the originating device), an eCall carries an IVS-supplied
   location within the MSD.  This is likely to be useful to the PSAP,
   especially when no network-provided location is included, or when the
   two locations are independently determined.  Even in situations where
   the network-supplied location is limited to the cell site, this can
   be useful as a sanity check on the device-supplied location contained
   in the MSD.

   The document [RFC7378] discusses trust issues regarding location
   provided by or determined in cooperation with end devices.

   Security considerations specific to the mechanism by which the PSAP
   sends acknowledgments and requests to the vehicle are discussed in
   the "Security Considerations" block of Section 14.4.  Note that an
   attacker that has access to and is capable of generating a response
   to the initial INVITE request could generate a 600 (Busy Everywhere),



Gellens & Tschofenig     Expires August 18, 2017               [Page 24]


Internet-Draft            Next-Generation eCall            February 2017


   486 (Busy Here), or 603 (Decline) response that includes a metadata/
   control object containing a reference to the MSD in the initial
   INVITE and a "received=true" field, which could result in the IVS
   perceiving the PSAP to be overloaded and hence not attempting to
   reinitiate the call.  The risk can be mitigated as discussed in the
   "Security Considerations" block of Section 14.4.

   Data received from external sources inherently carries implementation
   risks.  For example, depending on the platform, buffer overflows can
   introduce remote code execution vulnerabilities, null characters can
   corrupt strings, numeric values used for internal calculations can
   result in underflow/overflow errors, malformed XML objects can expose
   parsing bugs, etc.  Implementations need to be cognizant of the
   potential risks, observe best practices (which might include
   sufficiently capable static code analysis, fuzz testing, component
   isolation, avoiding use of unsafe coding techniques, third-party
   attack tests, signed software, over-the-air updates, etc.), and have
   multiple levels of protection.  Implementors need to be aware that,
   potentially, the data objects described here and elsewhere (including
   the MSD and metadata/control objects) might be malformed, might
   contain unexpected characters, excessively long attribute values,
   elements, etc.

   The security considerations discussed in [RFC7852] apply here (see
   especially the discussion of TLS, TLS versions, cipher suites, and
   PKI).

   When vehicle data or control/metadata is contained in a signed or
   encrypted body part, the enclosing multipart (e.g., multipart/signed
   or multipart/encrypted) has the same Content-ID as the enclosed data
   part.  This allows an entity to identify and access the data blocks
   it is interested in without having to dive deeply into the message
   structure or decrypt parts it is not interested in.  (The 'purpose'
   parameter in a Call-Info header field identifies the data and
   contains a CID URL pointing to the data block in the body, which has
   a matching Content-ID body part header field).

12.  Privacy Considerations

   The privacy considerations discussed in [RFC7852] apply here.  The
   MSD carries some identifying and personal information (mostly about
   the vehicle and less about the owner), as well as location
   information, and so needs to be protected against unauthorized
   disclosure.  Local regulations may impose additional privacy
   protection requirements.






Gellens & Tschofenig     Expires August 18, 2017               [Page 25]


Internet-Draft            Next-Generation eCall            February 2017


   Privacy considerations specific to the data structure containing
   vehicle information are discussed in the "Security Considerations"
   block of Section 14.3.

   Privacy considerations specific to the mechanism by which the PSAP
   sends acknowledgments and requests to the vehicle are discussed in
   the "Security Considerations" block of Section 14.4.

13.  XML Schema

   This section defines an XML schema for the control block.  The text
   description of the control block in Section 9.1 is normative and
   supersedes any conflicting aspect of this schema.


    <?xml version="1.0"?>
    <xs:schema
      targetNamespace="urn:ietf:params:xml:ns:EmergencyCallData:control"
      xmlns:xs="http://www.w3.org/2001/XMLSchema"
      xmlns:pi="urn:ietf:params:xml:ns:EmergencyCallData:control"
      xmlns:xml="http://www.w3.org/XML/1998/namespace"
      elementFormDefault="qualified"
      attributeFormDefault="unqualified">

        <xs:import namespace="http://www.w3.org/XML/1998/namespace"/>

        <xs:element name="EmergencyCallData.control"
                    type="pi:controlType"/>

        <xs:complexType name="controlType">
           <xs:complexContent>
              <xs:restriction base="xs:anyType">
                 <xs:choice>
                    <xs:element name="capabilities"
                                type="pi:capabilitiesType"/>
                    <xs:element name="request" type="pi:requestType"/>
                    <xs:element name="ack" type="pi:ackType"/>
                    <xs:any namespace="##any" processContents="lax"
                            minOccurs="0"
                            maxOccurs="unbounded"/>
                 </xs:choice>
                 <xs:anyAttribute/>
              </xs:restriction>
           </xs:complexContent>
        </xs:complexType>

        <xs:complexType name="ackType">
            <xs:complexContent>



Gellens & Tschofenig     Expires August 18, 2017               [Page 26]


Internet-Draft            Next-Generation eCall            February 2017


                <xs:restriction base="xs:anyType">
                    <xs:sequence minOccurs="1" maxOccurs="unbounded">
                        <xs:element name="actionResult" minOccurs="0"
                                    maxOccurs="unbounded">
                            <xs:complexType>
                                <xs:attribute name="action"
                                              type="xs:token"
                                              use="required"/>
                                <xs:attribute name="success"
                                              type="xs:boolean"
                                              use="required"/>
                                <xs:attribute name="reason"
                                              type="xs:token">
                                    <xs:annotation>
                                        <xs:documentation>
                                            conditionally mandatory
                                            when @success="false"
                                            to indicate reason code
                                            for a failure
                                        </xs:documentation>
                                    </xs:annotation>
                                </xs:attribute>
                                <xs:attribute name="details"
                                              type="xs:string"/>
                                <xs:anyAttribute
                                    processContents="skip"/>
                            </xs:complexType>
                        </xs:element>
                        <xs:any namespace="##any" processContents="lax"
                                minOccurs="0"
                                maxOccurs="unbounded"/>
                    </xs:sequence>
                    <xs:attribute name="ref"
                                  type="xs:anyURI"
                                  use="required"/>
                    <xs:attribute name="received"
                                  type="xs:boolean"/>
                    <xs:anyAttribute/>
                </xs:restriction>
            </xs:complexContent>
        </xs:complexType>

        <xs:complexType name="capabilitiesType">
            <xs:complexContent>
                <xs:restriction base="xs:anyType">
                    <xs:sequence minOccurs="1" maxOccurs="unbounded">
                        <xs:element name="request"
                                    type="pi:requestType"



Gellens & Tschofenig     Expires August 18, 2017               [Page 27]


Internet-Draft            Next-Generation eCall            February 2017


                                    minOccurs="1"
                            maxOccurs="unbounded"/>
                        <xs:any namespace="##any" processContents="lax"
                                 minOccurs="0"
                            maxOccurs="unbounded"/>
                    </xs:sequence>
                    <xs:anyAttribute/>
                </xs:restriction>
            </xs:complexContent>
        </xs:complexType>

        <xs:complexType name="requestType">
            <xs:complexContent>
                <xs:restriction base="xs:anyType">
                    <xs:choice minOccurs="1" maxOccurs="unbounded">
                        <xs:any namespace="##any" processContents="lax"
                                minOccurs="0"
                                maxOccurs="unbounded"/>
                    </xs:choice>
                    <xs:attribute name="action" type="xs:token"
                                  use="required"/>
                    <xs:attribute name="int-id" type="xs:unsignedInt"/>
                    <xs:attribute name="persistence"
                                  type="xs:duration"/>
                    <xs:attribute name="datatype" type="xs:token"/>
                    <xs:attribute name="supported-values"
                                  type="xs:string"/>
                    <xs:attribute name="element-id" type="xs:token"/>
                    <xs:attribute name="requested-state"
                                  type="xs:token"/>
                    <xs:anyAttribute/>
                </xs:restriction>
            </xs:complexContent>
        </xs:complexType>

    </xs:schema>


                      Figure 12: Control Block Schema

14.  IANA Considerations

14.1.  The EmergencyCallData Media Subtree

   This document establishes the "EmergencyCallData" media (MIME)
   subtype tree, a new media subtree rooted at "application/
   EmergencyCallData".  This subtree is used only for content associated
   with emergency communications.  New subtypes in this subtree follow



Gellens & Tschofenig     Expires August 18, 2017               [Page 28]


Internet-Draft            Next-Generation eCall            February 2017


   the rules specified in Section 3.1 of [RFC6838], with the additional
   restriction that the standards-related organization MUST be
   responsible for some aspect of emergency communications.

   This subtree initially contains the following subtypes (defined here
   or in [RFC7852]):

      emergencyCallData.control+xml
      EmergencyCallData.Comment+xml
      EmergencyCallData.DeviceInfo+xml
      EmergencyCallData.MSD
      EmergencyCallData.ProviderInfo+xml
      EmergencyCallData.ServiceInfo+xml
      EmergencyCallData.SubscriberInfo+xml

14.2.  Service URN Registrations

   IANA is requested to register the URN 'urn:service:sos.ecall' under
   the sub-services 'sos' registry defined in Section 4.2 of [RFC5031].

   This service requests resources associated with an emergency call
   placed by an in-vehicle system, carrying a standardized set of data
   related to the vehicle and incident.  Two sub-services are registered
   as well:

   urn:service:sos.ecall.manual

      Used with an eCall invoked due to manual interaction by a vehicle
      occupant.

   urn:service:sos.ecall.automatic

      Used with an eCall invoked automatically, for example, due to a
      crash or other serious incident.

   IANA is also requested to register the URN
   'urn:service:test.sos.ecall' under the sub-service 'test' registry
   defined in Setcion 17.2 of [RFC6881].  This service requests
   resources associated with a test (non-emergency) call placed by an
   in-vehicle system.  See Section 8 for more information on the test
   eCall request URN.

14.3.  MIME Media Type Registration for 'application/
       emergencyCallData.eCall.MSD'

   IANA is requested to add application/emergencyCallData.eCall.MSD as a
   MIME media type, with a reference to this document, in accordance to




Gellens & Tschofenig     Expires August 18, 2017               [Page 29]


Internet-Draft            Next-Generation eCall            February 2017


   the procedures of RFC 6838 [RFC6838] and guidelines in RFC 7303
   [RFC7303].

      MIME media type name: application

      MIME subtype name: emergencyCallData.eCall.MSD

      Mandatory parameters: none

      Optional parameters: none

      Encoding scheme: binary

      Encoding considerations: Uses ASN.1 PER, which is a binary
      encoding; when transported in SIP, binary content transfer
      encoding is used.

      Security considerations: This media type is designed to carry
      vehicle and incident-related data during an emergency call.  This
      data contains personal information including vehicle VIN,
      location, direction, etc.  Appropriate precautions need to be
      taken to limit unauthorized access, inappropriate disclosure to
      third parties, and eavesdropping of this information.  Sections 9
      and Section 10 of [RFC7852] contain more discussion.

      Interoperability considerations: None

      Published specification: Annex A of EN 15722 [msd]

      Applications which use this media type: Pan-European eCall
      compliant systems

      Additional information: None

      Magic Number: None

      File Extension: None

      Macintosh file type code: 'BINA'

      Person and email address for further information: Randall Gellens,
      rg+ietf@randy.pensive.org

      Intended usage: LIMITED USE

      Author: The MSD specification was produced by the European
      Committee For Standardization (CEN).  For contact information,
      please see <http://www.cen.eu/cen/Pages/contactus.aspx>.



Gellens & Tschofenig     Expires August 18, 2017               [Page 30]


Internet-Draft            Next-Generation eCall            February 2017


      Change controller: The European Committee For Standardization
      (CEN)

14.4.  MIME Media Type Registration for 'application/
       emergencyCallData.control+xml'

   IANA is requested to add application/emergencyCallData.control+xml as
   a MIME media type, with a reference to this document, in accordance
   to the procedures of RFC 6838 [RFC6838] and guidelines in RFC 7303
   [RFC7303].

      MIME media type name: application

      MIME subtype name: emergencyCallData.control+xml

      Mandatory parameters: none

      Optional parameters: charset

      Indicates the character encoding of the XML content.

      Encoding considerations: Uses XML, which can employ 8-bit
      characters, depending on the character encoding used.  See
      Section 3.2 of RFC 7303 [RFC7303].

      Security considerations:

         This media type carries metadata and control information and
         requests, such as from a Public Safety Answering Point (PSAP)
         to an In-Vehicle System (IVS) during an emergency call.

         Metadata (such as an acknowledgment that data sent by the IVS
         to the PSAP was successfully received) has limited privacy and
         security implications.  Control information (such as requests
         from the PSAP that the vehicle perform an action) has some
         privacy and security implications.  The privacy concern arises
         from the ability to request the vehicle to transmit a data set,
         which as described in Section 14.3, can contain personal
         information.  The security concern is the ability to request
         the vehicle to perform an action.  Control information needs to
         originate only from a PSAP or other emergency services
         provider, and not be modified en-route.  The level of integrity
         of the cellular network over which the emergency call is placed
         is a consideration: when the IVS initiates an eCall over a
         cellular network, in most cases it relies on the MNO to route
         the call to a PSAP.  (Calls placed using other means, such as
         Wi-Fi or over-the-top services, generally incur somewhat higher
         levels of risk than calls placed "natively" using cellular



Gellens & Tschofenig     Expires August 18, 2017               [Page 31]


Internet-Draft            Next-Generation eCall            February 2017


         networks.)  A call-back from a PSAP merits additional
         consideration, since current mechanisms are not ideal for
         verifying that such a call is indeed a call-back from a PSAP in
         response to an emergency call placed by the IVS.  See the
         discussion in Section 11 and the PSAP Callback document
         [RFC7090].

         Sections 7 and Section 8 of [RFC7852] contain more discussion.

      Interoperability considerations: None

      Published specification: This document

      Applications which use this media type: Pan-European eCall
      compliant systems

      Additional information: None

      Magic Number: None

      File Extension: .xml

      Macintosh file type code: 'TEXT'

      Person and email address for further information: Randall Gellens,
      rg+ietf@randy.pensive.org

      Intended usage: LIMITED USE

      Author: The IETF ECRIT WG.

      Change controller: The IETF ECRIT WG.

14.5.  Registration of the 'eCall.MSD' entry in the Emergency Call
       Additional Data Types registry

   This specification requests IANA to add the 'eCall.MSD' entry to the
   Emergency Call Additional Data Types registry, with a reference to
   this document; the 'Data About' value is 'The Call'.

14.6.  Registration of the 'control' entry in the Emergency Call
       Additional Data Types registry

   This specification requests IANA to add the 'control' entry to the
   Emergency Call Additional Data Types registry, with a reference to
   this document; the 'Data About' value is 'The Call'.





Gellens & Tschofenig     Expires August 18, 2017               [Page 32]


Internet-Draft            Next-Generation eCall            February 2017


14.7.  Registration for urn:ietf:params:xml:ns:EmergencyCallData:control

   This section registers a new XML namespace, as per the guidelines in
   RFC 3688 [RFC3688].

   URI:  urn:ietf:params:xml:ns:EmergencyCallData:control

   Registrant Contact:  IETF, ECRIT working group, <ecrit@ietf.org>, as
      delegated by the IESG <iesg@ietf.org>.

   XML:


     BEGIN
     <?xml version="1.0"?>
     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
          "http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml">
     <head>
          <meta http-equiv="content-type"
                content="text/html;charset=iso-8859-1"/>
          <title>Namespace for Emergency Call Data Control Block</title>
     </head>
     <body>
          <h1>Namespace for Emergency Call Data Control Block</h1>
     <p>See [TBD: This document].</p>
     </body>
     </html>
     END


14.8.  Registry Creation

   This document creates a new registry called "Emergency Call Metadata/
   Control Data".  The following sub-registries are created for this
   registry.

14.8.1.  Emergency Call Action Registry

   This document creates a new sub-registry called "Emergency Call
   Action".  As defined in [RFC5226], this registry operates under
   "Expert Review" rules.  The expert should determine that the proposed
   action is within the purview of a vehicle, is sufficiently
   distinguishable from other actions, and the action is clearly and
   fully described.  In most cases, a published and stable document is
   referenced for the description of the action.

   The content of this registry includes:



Gellens & Tschofenig     Expires August 18, 2017               [Page 33]


Internet-Draft            Next-Generation eCall            February 2017


   Name:  The identifier to be used in the 'action' attribute of a
      control <request> element.

   Description:  A description of the action.  In most cases this will
      be a reference to a published and stable document.  The
      description MUST specify if any attributes or child elements are
      optional or mandatory, and describe the action to be taken by the
      vehicle.

   The initial set of values is listed in Table 2.

           +-----------+--------------------------------------+
           |    Name   |             Description              |
           +-----------+--------------------------------------+
           | send-data | See Section 9.1.3.1 of this document |
           +-----------+--------------------------------------+

          Table 2: Emergency Call Action Registry Initial Values

14.8.2.  Emergency Call Action Failure Reason Registry

   This document creates a new sub-registry called "Emergency Call
   Action Failure Reason" which contains values for the 'reason'
   attribute of the <actionResult> element.  As defined in [RFC5226],
   this registry operates under "Expert Review" rules.  The expert
   should determine that the proposed reason is sufficiently
   distinguishable from other reasons and that the proposed description
   is understandable and correctly worded.

   The content of this registry includes:

   ID:  A short string identifying the reason, for use in the 'reason'
      attribute of an <actionResult> element.

   Description:  A description of the reason.

   The initial set of values is listed in Table 3.














Gellens & Tschofenig     Expires August 18, 2017               [Page 34]


Internet-Draft            Next-Generation eCall            February 2017


   +------------------+------------------------------------------------+
   | ID               | Description                                    |
   +------------------+------------------------------------------------+
   | damaged          | Required components are damaged.               |
   |                  |                                                |
   | data-unsupported | The data item referenced in a 'send-data'      |
   |                  | request is not supported.                      |
   |                  |                                                |
   | security-failure | The authenticity of the request or the         |
   |                  | authority of the requestor could not be        |
   |                  | verified.                                      |
   |                  |                                                |
   | unable           | The action could not be accomplished (a        |
   |                  | generic error for use when no other code is    |
   |                  | appropriate).                                  |
   |                  |                                                |
   | unsupported      | The 'action' value is not supported.           |
   +------------------+------------------------------------------------+

   Table 3: Emergency Call Action Failure Reason Registry Initial Values

14.9.  The emergencyCallData.eCall.MSD INFO package

   This document registers the 'emergencyCallData.eCall.MSD' INFO
   package.

   Both endpoints (the IVS and the PSAP equipment) include
   'emergencyCallData.eCall.MSD' in a Recv-Info header field per
   [RFC6086] to indicate ability to receive INFO requests carrying data
   as described here.

   Support for the 'emergencyCallData.eCall.MSD' INFO package indicates
   the ability to receive eCall related body parts as specified in [TBD:
   THIS DOCUMENT].

   An INFO request message carrying body parts related to an emergency
   call as described in [TBD: THIS DOCUMENT] has an Info-Package header
   field set to 'emergencyCallData.eCall.MSD' per [RFC6086].

   The requirements of Section 10 of [RFC6086] are addressed in the
   following sections.

14.9.1.  Overall Description

   This section describes "what type of information is carried in INFO
   requests associated with the Info Package, and for what types of
   applications and functionalities UAs can use the Info Package."




Gellens & Tschofenig     Expires August 18, 2017               [Page 35]


Internet-Draft            Next-Generation eCall            February 2017


   INFO requests associated with the emergencyCallData.eCall.MSD INFO
   package carry data associated with emergency calls as defined in
   [TBD: THIS DOCUMENT].  The application is vehicle-initiated emergency
   calls established using SIP.  The functionality is to carry vehicle
   data and metadata/control information between vehicles and PSAPs.
   Refer to [TBD: THIS DOCUMENT] for more information.

14.9.2.  Applicability

   This section describes "why the Info Package mechanism, rather than
   some other mechanism, has been chosen for the specific use-case...."

   The use of the SIP INFO method is based on an analysis of the
   requirements against the intent and effects of the INFO method versus
   other approaches (which included the SIP MESSAGE method, the SIP
   OPTIONS method, the SIP re-INVITE method, media plane transport, and
   non-SIP protocols).  In particular, the transport of emergency call
   data blocks occurs within a SIP emergency dialog, per Section 6, and
   is normally carried in the initial INVITE request and response; the
   use of the SIP INFO method only occurs when emergency-call-related
   data needs to be sent mid-call.  While the SIP MESSAGE method could
   be used, it is not tied to a SIP dialog as is the SIP INFO method and
   thus might not be associated with the dialog.  Either the SIP OPTIONS
   or re-INVITE methods could also be used, but is seen as less clean
   than the SIP INFO method.  The SIP SUBSCRIBE/NOTIFY method could be
   coerced into service, but the semantics are not a good fit, e.g., the
   subscribe/notify mechanism provides one-way communication consisting
   of (often multiple) notifications from notifier to subscriber
   indicating that certain events in notifier have occurred, whereas
   what's needed here is two-way communication of data related to the
   emergency dialog.  Use of the media plane mechanisms was discounted
   because the number of messages needing to be exchanged in a dialog is
   normally zero or very few, and the size of the data is likewise very
   small.  The overhead caused by user plane setup (e.g., to use MSRP as
   transport) would be disproportionately large.

   Based on the analyses, the SIP INFO method was chosen to provide for
   mid-call data transport.

14.9.3.  Info Package Name

   The info package name is emergencyCallData.eCall.MSD

14.9.4.  Info Package Parameters

   None





Gellens & Tschofenig     Expires August 18, 2017               [Page 36]


Internet-Draft            Next-Generation eCall            February 2017


14.9.5.  SIP Option-Tags

   None

14.9.6.  INFO Request Body Parts

   The body for an emergencyCallData.eCall.MSD info package is a
   multipart (normally multipart/mixed) body containing zero or one
   application/emergencyCallData.eCall.MSD part (containing an MSD) and
   zero or more application/emergencyCallData.control+xml (containing a
   metadata/control object) parts.  At least one MSD or metadata/control
   body part is expected; the behavior upon receiving an INFO request
   with neither is undefined.

   The body parts are sent per [RFC6086], and in addition, to align with
   with how these body parts are sent in SIP messages other than INFO
   requests, each associated body part is referenced by a Call-Info
   header field at the top level of the SIP message.  The body part has
   a Content-Disposition header field set to "By-Reference".

   An MSD or metadata/control block is always enclosed in a multipart
   body part (even if it would otherwise be the only body part in the
   SIP message).  The innermost multipart that contains only body parts
   associated with the INFO package has a Content-Disposition value of
   Info-Package.

   See [TBD: THIS DOCUMENT] for more information.

14.9.7.  Info Package Usage Restrictions

   Usage is limited to vehicle-initiated emergency calls as defined in
   [TBD: THIS DOCUMENT].

14.9.8.  Rate of INFO Requests

   The SIP INFO request is used within an established emergency call
   dialog for the PSAP to request the IVS to send an updated MSD, and
   for the IVS to send a requested MSD.  Because this is normally done
   only on manual request of the PSAP call taker (who suspects some
   aspect of the vehicle state has changed), the rate of SIP INFO
   requests associated with the emergencyCallData.eCall.MSD info package
   is normally quite low (most dialogs are likely to contain zero INFO
   requests, while others might carry an occasional request).








Gellens & Tschofenig     Expires August 18, 2017               [Page 37]


Internet-Draft            Next-Generation eCall            February 2017


14.9.9.  Info Package Security Considerations

   The MIME media type registrations specified for use with this INFO
   package (Section 14.3 and Section 14.4) contain a discussion of the
   security and/or privacy considerations specific to that data block.
   The "Security Considerations" and "Privacy Considerations" sections
   of [TBD: THIS DOCUMENT] discuss security and privacy considerations
   of the data carried in eCalls.

14.9.10.  Implementation Details

   See [TBD: THIS DOCUMENT] for protocol details.

14.9.11.  Examples

   See [TBD: THIS DOCUMENT] for protocol examples.

15.  Contributors

   Brian Rosen was a co-author of the original document upon which this
   document is based.

16.  Acknowledgements

   We would like to thank Bob Williams and Ban Al-Bakri for their
   feedback and suggestion; Rex Buddenberg, Lena Chaponniere, Alissa
   Cooper, Keith Drage, Stephen Edge, Wes George, Mirja Kuehlewind,
   Allison Mankin, Alexey Melnikov, Ivo Sedlacek, and James Winterbottom
   for their review and comments; Robert Sparks and Paul Kyzivat for
   their help with the SIP mechanisms; Mark Baker and Ned Freed for
   their help with the media subtype registration issue.  We would like
   to thank Michael Montag, Arnoud van Wijk, Gunnar Hellstrom, and
   Ulrich Dietz for their help with the original document upon which
   this document is based.  Christer Holmberg deserves special mention
   for his many detailed reviews.

17.  Changes from Previous Versions

   RFC Editor: Please remove this section prior to publication.

17.1.  Changes from draft-ietf-19 to draft-ietf-20

   o  Fixed various nits








Gellens & Tschofenig     Expires August 18, 2017               [Page 38]


Internet-Draft            Next-Generation eCall            February 2017


17.2.  Changes from draft-ietf-18 to draft-ietf-19

   o  Added additional text to "Rate of Info Requests"
   o  Added additional text to "Security Considerations"
   o  Further corrected "content type" to "media type"

17.3.  Changes from draft-ietf-17 to draft-ietf-18

   o  Added reference to 3GPP TS24.229
   o  Clarified that an INFO request is expected to have at least one
      MSD or metadata/control body part
   o  Fixed minor errors in examples
   o  Corrected "content type" to "media type"
   o  Deleted "xsi:schemaLocation" from examples

17.4.  Changes from draft-ietf-16 to draft-ietf-17

   o  Clarify Content-Disposition value in INFO requests

17.5.  Changes from draft-ietf-15 to draft-ietf-16

   o  Various clarifications and simplifications
   o  Added reference to 3GPP 23.167

17.6.  Changes from draft-ietf-14 to draft-ietf-15

   o  eCall body parts now always sent enclosed in multipart (even if
      only body part in SIP message) and hence always have a Content-
      Disposition of By-Reference
   o  Fixed errors in attribute directionality text
   o  Fixed typos.

17.7.  Changes from draft-ietf-13 to draft-ietf-14

   o  Added text to the IANA Considerations to formalize the
      EmergencyCallData media subtree
   o  Fixed some typos

17.8.  Changes from draft-ietf-12 to draft-ietf-13

   o  Clarifications suggested by Christer
   o  Corrections to Content-Disposition text and examples as suggested
      by Paul Kyzivat
   o  Clarifications to Content-Disposition text and examples to clarify
      that handling=optional is only used in the initial INVITE






Gellens & Tschofenig     Expires August 18, 2017               [Page 39]


Internet-Draft            Next-Generation eCall            February 2017


17.9.  Changes from draft-ietf-11 to draft-ietf-12

   o  Fixed errors in examples found by Dale
   o  Removed enclosing sub-section of INFO package registration section
   o  Added text per Christer and Dale's suggestions that the MSD and
      metadata/control blocks are sent in INFO with a Call-Info header
      field referencing them
   o  Deleted Call Routing section (7.1) in favor of a statement that
      call routing is outside the scope of the document
   o  Other text changes per comments received from Christer and Ivo.

17.10.  Changes from draft-ietf-09 to draft-ietf-11

   o  Renamed INFO package to emergencyCallData.eCall.MSD
   o  Changed INFO package to only permit MSD and metadata/control MIME
      types
   o  Moved <capabilities> element back from car-crash but made it
      OPTIONAL
   o  Moved other extension points back from car-crash so that extension
      points are in base spec (and also to get XML schema to compile)
   o  Text changes for clarification.

17.11.  Changes from draft-ietf-08 to draft-ietf-09

   o  Created a new "Data Transport" section that describes how the MSD
      and metadata/control blocks are attached, and then referred to
      that section rather than repeat the information about the CID and
      Call-Info and so forth, which means most references to the
      additional-data draft have now been deleted
   o  Mentioned edge cases where a PSAP response to INVITE isn't
      received by the IVS
   o  Reworded description of which status codes are used when a PSAP
      wishes to reject a call but inform the vehicle occupants that it
      is aware of the situation to be more definite
   o  Added examples showing INFO
   o  Added references for eCall test call requirement
   o  Described meaning of eCall URNs in Section 8 as well as in IANA
      registration

17.12.  Changes from draft-ietf-07 to draft-ietf-08

   o  eCall MSD now encoded as ASN.1 PER, using binary content transfer
      encoding
   o  Added text to point out aspects of call handling and metadata/
      control usage, such as use in rejected calls, and solicited MSDs
   o  Revised use of INFO to require that when a request for an MSD is
      sent in INFO, the MSD sent in response is in its own INFO, not the
      response to the requesting INFO



Gellens & Tschofenig     Expires August 18, 2017               [Page 40]


Internet-Draft            Next-Generation eCall            February 2017


   o  Added material to INFO package registation to comply with
      Section 10 of [RFC6086]
   o  Moved material not required by 3GPP into
      [I-D.ietf-ecrit-car-crash], e.g., some of the eCall metadata/
      control elements, attributes, and values
   o  Revised test call wording to clarify that specific handling is out
      of scope
   o  Revised wording throughout the document to simplify
   o  Moved new Section 7.1 to be a subsection of 7
   o  Moved new Section Section 14.9 to be a main section instead of a
      subsection of Section 9
   o  Revised SIP INFO usage and package registration per advice from
      Robert Sparks and Paul Kyzivat

17.13.  Changes from draft-ietf-06 to draft-ietf-07

   o  Fixed typo in Acknowledgements

17.14.  Changes from draft-ietf-05 to draft-ietf-06

   o  Added additional security and privacy clarifications regarding
      signed and encrypted data
   o  Additional security and privacy text
   o  Deleted informative section on ESINets as unnecessary.

17.15.  Changes from draft-ietf-04 to draft-ietf-05

   o  Reworked the security and privacy considerations material in the
      document as a whole and in the MIME registation sections of the
      MSD and control objects
   o  Clarified that the <actionResult> element can appear multiple
      times within an <ack> element
   o  Fixed IMS definition
   o  Added clarifying text for the 'msgid' attribute

17.16.  Changes from draft-ietf-03 to draft-ietf-04

   o  Added Privacy Considerations section
   o  Reworded most uses of non-normative "may", "should", "must", and
      "recommended."
   o  Fixed nits in examples

17.17.  Changes from draft-ietf-02 to draft-ietf-03

   o  Added request to enable cameras
   o  Improved examples and XML schema
   o  Clarifications and wording improvements




Gellens & Tschofenig     Expires August 18, 2017               [Page 41]


Internet-Draft            Next-Generation eCall            February 2017


17.18.  Changes from draft-ietf-01 to draft-ietf-02

   o  Added clarifying text reinforcing that the data exchange is for
      small blocks of data infrequently transmitted
   o  Clarified that dynamic media is conveyed using SIP re-INVITE to
      establish a one-way media stream
   o  Clarified that the scope is the needs of eCall within the SIP
      emergency call environment
   o  Added informative statement that the document may be suitable for
      reuse by other ACN systems
   o  Clarified that normative language for the control block applies to
      both IVS and PSAP
   o  Removed 'ref', 'supported-mime', and <media> elements
   o  Minor wording improvements and clarifications

17.19.  Changes from draft-ietf-00 to draft-ietf-01

   o  Added further discussion of test calls
   o  Added further clarification to the document scope
   o  Mentioned that multi-region vehicles may need to support other
      crash notification specifications in addition to eCall
   o  Added details of the eCall metadata and control functionality
   o  Added IANA registration for the MIME media type for the control
      object
   o  Added IANA registries for protocol elements and tokens used in the
      control object
   o  Minor wording improvements and clarifications

17.20.  Changes from draft-gellens-03 to draft-ietf-00

   o  Renamed from draft-gellens- to draft-ietf-.
   o  Added mention of and reference to ETSI TR "Mobile Standards Group
      (MSG); eCall for VoIP"
   o  Added text to Introduction regarding migration/co-existence being
      out of scope
   o  Added mention in Security Considerations that even if the network-
      supplied location is just the cell site, this can be useful as a
      sanity check on the IVS-supplied location
   o  Minor wording improvements and clarifications

17.21.  Changes from draft-gellens-02 to -03

   o  Clarifications and editorial improvements.








Gellens & Tschofenig     Expires August 18, 2017               [Page 42]


Internet-Draft            Next-Generation eCall            February 2017


17.22.  Changes from draft-gellens-01 to -02

   o  Minor wording improvements
   o  Removed ".automatic" and ".manual" from
      "urn:service:test.sos.ecall" registration and discussion text.

17.23.  Changes from draft-gellens-00 to -01

   o  Now using 'EmergencyCallData' for purpose parameter values and
      MIME subtypes, in accordance with changes to [RFC7852]
   o  Added reference to RFC 6443
   o  Fixed bug that caused Figure captions to not appear

18.  References

18.1.  Normative References

   [msd]      CEN, , "Intelligent transport systems -- eSafety -- eCall
              minimum set of data (MSD), EN 15722", April 2015.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
              DOI 10.17487/RFC3688, January 2004,
              <http://www.rfc-editor.org/info/rfc3688>.

   [RFC5031]  Schulzrinne, H., "A Uniform Resource Name (URN) for
              Emergency and Other Well-Known Services", RFC 5031,
              DOI 10.17487/RFC5031, January 2008,
              <http://www.rfc-editor.org/info/rfc5031>.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              DOI 10.17487/RFC5226, May 2008,
              <http://www.rfc-editor.org/info/rfc5226>.

   [RFC6086]  Holmberg, C., Burger, E., and H. Kaplan, "Session
              Initiation Protocol (SIP) INFO Method and Package
              Framework", RFC 6086, DOI 10.17487/RFC6086, January 2011,
              <http://www.rfc-editor.org/info/rfc6086>.

   [RFC6838]  Freed, N., Klensin, J., and T. Hansen, "Media Type
              Specifications and Registration Procedures", BCP 13,
              RFC 6838, DOI 10.17487/RFC6838, January 2013,
              <http://www.rfc-editor.org/info/rfc6838>.



Gellens & Tschofenig     Expires August 18, 2017               [Page 43]


Internet-Draft            Next-Generation eCall            February 2017


   [RFC6881]  Rosen, B. and J. Polk, "Best Current Practice for
              Communications Services in Support of Emergency Calling",
              BCP 181, RFC 6881, DOI 10.17487/RFC6881, March 2013,
              <http://www.rfc-editor.org/info/rfc6881>.

   [RFC7303]  Thompson, H. and C. Lilley, "XML Media Types", RFC 7303,
              DOI 10.17487/RFC7303, July 2014,
              <http://www.rfc-editor.org/info/rfc7303>.

   [RFC7852]  Gellens, R., Rosen, B., Tschofenig, H., Marshall, R., and
              J. Winterbottom, "Additional Data Related to an Emergency
              Call", RFC 7852, DOI 10.17487/RFC7852, July 2016,
              <http://www.rfc-editor.org/info/rfc7852>.

18.2.  Informative references

   [CEN]      "European Committee for Standardization",
              <http://www.cen.eu>.

   [EN_16062]
              CEN, , "Intelligent transport systems -- eSafety -- eCall
              High Level Application Requirements (HLAP) Using GSM/UMTS
              Circuit Switched Networks, EN 16062", April 2015.

   [EN_16072]
              CEN, , "Intelligent transport systems -- eSafety -- Pan-
              European eCall operating requirements, EN 16072", April
              2015.

   [I-D.ietf-ecrit-car-crash]
              Gellens, R., Rosen, B., and H. Tschofenig, "Next-
              Generation Vehicle-Initiated Emergency Calls", draft-ietf-
              ecrit-car-crash-23 (work in progress), January 2017.

   [ITU.X691]
              International Telecommunications Union, , "Information
              technology -- ASN.1 encoding rules: Specification of
              Packed Encoding Rules (PER), ITU-T X.691", July 2002,
              <https://www.itu.int/ITU-T/studygroups/com17/languages/
              X.691-0207.pdf>.

   [MSG_TR]   ETSI, , "ETSI Mobile Standards Group (MSG); eCall for
              VoIP", ETSI Technical Report TR 103 140 V1.1.1 (2014-04),
              April 2014.







Gellens & Tschofenig     Expires August 18, 2017               [Page 44]


Internet-Draft            Next-Generation eCall            February 2017


   [RFC5012]  Schulzrinne, H. and R. Marshall, Ed., "Requirements for
              Emergency Context Resolution with Internet Technologies",
              RFC 5012, DOI 10.17487/RFC5012, January 2008,
              <http://www.rfc-editor.org/info/rfc5012>.

   [RFC5069]  Taylor, T., Ed., Tschofenig, H., Schulzrinne, H., and M.
              Shanmugam, "Security Threats and Requirements for
              Emergency Call Marking and Mapping", RFC 5069,
              DOI 10.17487/RFC5069, January 2008,
              <http://www.rfc-editor.org/info/rfc5069>.

   [RFC6443]  Rosen, B., Schulzrinne, H., Polk, J., and A. Newton,
              "Framework for Emergency Calling Using Internet
              Multimedia", RFC 6443, DOI 10.17487/RFC6443, December
              2011, <http://www.rfc-editor.org/info/rfc6443>.

   [RFC7090]  Schulzrinne, H., Tschofenig, H., Holmberg, C., and M.
              Patel, "Public Safety Answering Point (PSAP) Callback",
              RFC 7090, DOI 10.17487/RFC7090, April 2014,
              <http://www.rfc-editor.org/info/rfc7090>.

   [RFC7378]  Tschofenig, H., Schulzrinne, H., and B. Aboba, Ed.,
              "Trustworthy Location", RFC 7378, DOI 10.17487/RFC7378,
              December 2014, <http://www.rfc-editor.org/info/rfc7378>.

   [SDO-3GPP]
              "3d Generation Partnership Project",
              <http://www.3gpp.org/>.

   [SDO-ETSI]
              "European Telecommunications Standards Institute (ETSI)",
              <http://www.etsi.org>.

   [TS22.101]
              3GPP, , "3GPP TS 22.101: Technical Specification Group
              Services and System Aspects; Service aspects; Service
              principles".

   [TS23.167]
              3GPP, , "3GPP TS 23.167: IP Multimedia Subsystem (IMS)
              emergency sessions".

   [TS24.229]
              3GPP, , "3GPP TS 24.229: IP multimedia call control
              protocol based on Session Initiation Protocol (SIP) and
              Session Description Protocol (SDP); Stage 3".





Gellens & Tschofenig     Expires August 18, 2017               [Page 45]


Internet-Draft            Next-Generation eCall            February 2017


Authors' Addresses

   Randall Gellens
   Core Technology Consulting

   Email: rg+ietf@randy.pensive.org


   Hannes Tschofenig
   Individual

   Email: Hannes.Tschofenig@gmx.net
   URI:   http://www.tschofenig.priv.at






































Gellens & Tschofenig     Expires August 18, 2017               [Page 46]