Skip to main content

Security Threats and Requirements for Emergency Call Marking and Mapping
RFC 5069

Revision differences

Document history

Date Rev. By Action
2018-12-20
05 (System)
Received changes through RFC Editor sync (changed abstract to 'This document reviews the security threats associated with the marking of signalling messages to indicate that …
Received changes through RFC Editor sync (changed abstract to 'This document reviews the security threats associated with the marking of signalling messages to indicate that they are related to an emergency, and with the process of mapping locations to Universal Resource Identifiers (URIs) that point to Public Safety Answering Points (PSAPs). This mapping occurs as part of the process of routing emergency calls through the IP network.

Based on the identified threats, this document establishes a set of security requirements for the mapping protocol and for the handling of emergency-marked calls. This memo provides information for the Internet community.')
2015-10-14
05 (System) Notify list changed from ecrit-chairs@ietf.org to (None)
2012-08-22
05 (System) post-migration administrative database adjustment to the No Objection position for Russ Housley
2008-01-09
05 Amy Vezza State Changes to RFC Published from RFC Ed Queue by Amy Vezza
2008-01-09
05 Amy Vezza [Note]: 'RFC 5069' added by Amy Vezza
2008-01-07
05 (System) RFC published
2007-09-12
05 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2007-09-11
05 (System) IANA Action state changed to No IC from In Progress
2007-09-11
05 (System) IANA Action state changed to In Progress
2007-09-11
05 Amy Vezza IESG state changed to Approved-announcement sent
2007-09-11
05 Amy Vezza IESG has approved the document
2007-09-11
05 Amy Vezza Closed "Approve" ballot
2007-09-11
05 Amy Vezza State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Amy Vezza
2007-08-24
05 (System) New version available: draft-ietf-ecrit-security-threats-05.txt
2007-08-21
05 Russ Housley [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley
2007-06-29
05 Samuel Weiler Request for Telechat review by SECDIR Completed. Reviewer: Donald Eastlake.
2007-06-22
05 (System) Removed from agenda for telechat - 2007-06-21
2007-06-21
05 Amy Vezza State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza
2007-06-21
05 David Ward [Ballot Position Update] New position, No Objection, has been recorded by David Ward
2007-06-21
05 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon
2007-06-21
05 Jari Arkko
[Ballot comment]
This document identifies and describes threats that affect emergency
call mechanisms.  As the Requirements document, this document is already
in good shape.  However, …
[Ballot comment]
This document identifies and describes threats that affect emergency
call mechanisms.  As the Requirements document, this document is already
in good shape.  However, there is one attack objective that I think is
very important, and that should be attended to a bit closer IMO:

>  o  to divert emergency responders to non-emergency sites.  This memo
>    has not identified any attacks within its intended scope that
>    achieve this objective, so it will not be mentioned further.

Diverting emergency responders to non-emergency sites is actually not an
objective that an attacker might have, but rather a technique of
reaching the objective described in the first bullet ("to deny system
services to all users in a given area").  So the draft actually does
address this objective.

Still, I think the /possibility/ for an attacker to divert emergency
responders to non-emergency sites -- as a means of reaching the DoS
objective -- is important enough to get a bit further elaborated on, in
particular with respect to its relationship to the mechanism to be
developed by the Ecrit WG.  I think that some clarification would be
useful along these lines:

Preventing diversion of emergency calls would likely require some
evidence about the existence of a reported emergency case, such as a
photograph, a video clip, or N previous calls reporting the same
emergency case.  The decision of which proof would be acceptable, and
whether requiring such proof is something desirable in the first place,
is likely something that cannot be decided in the Ecrit WG.  Preventing
diversion of emergency calls is hence something that is likely not to be
in scope of the Ecrit WG.

Maybe this should be clarified either in this document, or in the
Requirements document -- in particular because the Requirements document
currently only talks about verifying the caller's location, rather than
verifying whether there actually exists an emergency case at that location.
2007-06-21
05 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko
2007-06-21
05 Chris Newman [Ballot Position Update] New position, No Objection, has been recorded by Chris Newman
2007-06-21
05 Russ Housley
[Ballot discuss]
The document says:
  >
  > Requirement R9: the protocol or the system within which it is
  > implemented MUST maintain …
[Ballot discuss]
The document says:
  >
  > Requirement R9: the protocol or the system within which it is
  > implemented MUST maintain confidentiality of the request and
  > response.
  >
  Protections within the system are not sufficient to provide
  confidentiality of the request and response message content.
  I suggest that "or" should become "and" in this requirement.
2007-06-21
05 Russ Housley [Ballot Position Update] New position, Discuss, has been recorded by Russ Housley
2007-06-21
05 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault
2007-06-21
05 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu
2007-06-21
05 Magnus Westerlund [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund
2007-06-21
05 Mark Townsley [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley
2007-06-21
05 Sam Hartman [Ballot Position Update] New position, No Objection, has been recorded by Sam Hartman
2007-06-20
05 Yoshiko Fong IANA Evaluation Comments:

As described in the IANA Considerations section, we understand
this document to have NO IANA Actions.
2007-06-20
05 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2007-06-20
05 Cullen Jennings [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings
2007-06-20
05 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert
2007-06-19
05 Tim Polk [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk
2007-06-15
05 Samuel Weiler Request for Telechat review by SECDIR is assigned to Donald Eastlake
2007-06-15
05 Samuel Weiler Request for Telechat review by SECDIR is assigned to Donald Eastlake
2007-06-14
05 Jon Peterson State Changes to IESG Evaluation from AD Evaluation::AD Followup by Jon Peterson
2007-06-14
05 Jon Peterson Placed on agenda for telechat - 2007-06-21 by Jon Peterson
2007-06-14
05 Jon Peterson [Ballot Position Update] New position, Yes, has been recorded for Jon Peterson
2007-06-14
05 Jon Peterson Ballot has been issued by Jon Peterson
2007-06-14
05 Jon Peterson Created "Approve" ballot
2007-06-14
05 (System) Ballot writeup text was added
2007-06-14
05 (System) Last call text was added
2007-06-14
05 (System) Ballot approval text was added
2007-04-27
05 (System) Sub state has been changed to AD Follow up from New Id Needed
2007-04-27
04 (System) New version available: draft-ietf-ecrit-security-threats-04.txt
2007-03-02
05 Jon Peterson State Changes to AD Evaluation::Revised ID Needed from Publication Requested by Jon Peterson
2006-11-05
05 Jon Peterson
PROTO writeup:

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version …
PROTO writeup:

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Document Shepherd is Marc Linsner (marc.linsner@cisco.com).
The document is ready for publications and I have reviewed the document personally.

  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

The security document has been reviewed by many WG members. The feedback from the group caused the document to be refocused and to be re-written several times.

A WG last call was held for the 01 version on 4/17/06.
Comments from the last call were from one person, who submitted changes to the editor.  Those changes resulted in versions 02 and 03.




  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization or XML?


There are no remaining concerns with the document.



  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if those issues have been discussed in the WG and the
          WG has indicated that it still wishes to advance the document,
          detail those concerns here.

There are no concerns with this version of the document.



  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?


There is solid consensus behind this document. Post last call concerns have been resolved.


  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarise the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire will
          be entered into the ID Tracker.)

No.



  (1.g)  Has the Document Shepherd verified that the document satisfies
          all ID nits?  (See http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/).  Boilerplate checks are
          not enough; this check needs to be thorough.

The document does not contain nits.



  (1.h)  Has the document split its references into normative and
          informative?  Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].


The document has references split into a normative and informative references.
There is no dependency on a normative that haven't been finished.
There are no downward references.



  (1.i)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up.  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:


Document Announcement Write-Up for draft-ietf-ecrit-security-threats-03.txt.



          Technical Summary


  This document describes the security requirements which must be fulfilled to prevent or reduce the effectiveness of the attacks on the marking of an emergency call and the location to PSAP URI mapping system.



          Working Group Summary
            Was there anything in WG process that is worth noting?  For
            example, was there controversy about particular points or
            were there decisions where the consensus was particularly
            rough?

Nothing worth noting.

          Document Quality
            Are there existing implementations of the protocol?  Have a
            significant number of vendors indicated their plan to
            implement the specification?  Are there any reviewers that
            merit special mention as having done a thorough review,
            e.g., one that resulted in important changes or a
            conclusion that the document had no substantive issues?

This is a security requirements document, hence no existing implementations.  Reviewers of note are mentioned in the document.
2006-11-05
05 Jon Peterson Draft Added by Jon Peterson in state Publication Requested
2006-07-12
03 (System) New version available: draft-ietf-ecrit-security-threats-03.txt
2006-06-29
02 (System) New version available: draft-ietf-ecrit-security-threats-02.txt
2006-04-18
01 (System) New version available: draft-ietf-ecrit-security-threats-01.txt
2006-03-24
00 (System) New version available: draft-ietf-ecrit-security-threats-00.txt