[Docs] [txt|pdf] [Tracker] [Email] [Nits]

Versions: 00 draft-ietf-enum-webft

ENUM Working Group                                          R. Brandner
Internet Draft                                                  Siemens
                                                              L. Conroy
                                                                Siemens
                                                             R. Stastny
                                                                  OeFEG
Expires: August 2003                                      February 2003


            Registration for enumservices web and ft
              <draft-brandner-enumservice-webft-00.txt>

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026 [1].

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.




Abstract

   This document registers a group of 'enumservices' [2] to be used to
   indicate that the associated resources are primarily sources for
   information.

   Specifically, the "enumservices" registered with this document are
   'web' and 'ft' using the URI schemes 'http:', 'https:' and 'ftp:'






Table of Contents

   TBD


1.  Introduction

   ENUM (E.164 Number Mapping, RFC2916bis [2]) is a system that
   transforms E.164 numbers [3] into domain names and then uses DNS
   (Domain Name Service, RFC1034 [4]) services like delegation through
   NS records and NAPTR records to look up what services are available
   for a specific domain name.

   This document registers 'enumservices' according to the guidelines
   given in RFC2916bis to be used for provisioning in the services
   field of a NAPTR[6] resource record to indicate what class of
   functionality a given end point offers. The registration is defined
   within the DDDS (Dynamic Delegation Discovery System
   [5][6][7][8][9]) hierarchy, for use with the "E2U" DDDS Application
   defined in RFC2916bis.

   The following 'enumservices' are registered with this document:
   'web' and 'ft'. These share a common feature in that they each
   indicate that the functionality of the given end points and the
   associated resources are primarily sources of information.

   According to RFC2619bis, the 'enumservice' registered must be able
   to function as a selection mechanism when choosing one NAPTR
   resource record from another. That means that the registration MUST
   specify what is expected when using that very NAPTR record, and the
   URI scheme which is the outcome of the use of it.

   Therefore an 'enumservice' acts as a hint, indicating the kind of
   service with which the URI constructed using the regexp field is
   associated. There can be more than one 'enumservice' included within
   a single NAPTR; this indicates that there is more than one service
   that can be achieved using the associated URI scheme.

   The common thread with this set of definitions is that they reflect
   the kind of service that the end user will hope to achieve with the
   communication using the associated URI.

   The services specified here are intended NOT to specify the protocol
   or even method of connection that MUST be used to achieve each
   service. Instead they define the kind of interactive behavior that
   an end user will expect, leaving the end system to decide (based on
   policies outside the remit of this specification) how to execute the
   service.

   Since the same URI scheme may be used for different services (e.g.
   'tel:'), and the same kind of service may use different URI schemes
   (e.g. for VoIP 'sip:', 'h323:' and 'tel:' may be used), it is
   necessary in some cases to specify the service and the URI scheme
   used.

   The service parameters defined in RFC2916bis allow therefore a
   'type' and a 'subtype' to be specified. Within this set of
   specifications the convention is assumed that the 'type' (being the
   more generic term) is defining the service and the 'subtype' is
   defining the URI scheme.


2.  Abbreviations

   TBD


3.  Web Service

3.1  Introduction

   The enumservices registered in this section indicate that the
   resource identified by the associated URI is capable of being a
   source of information.


3.2  Web Service Registration with 'http:'

   Enumservice Name: "web"

   Type: "web"

   Subtype: "http"

   URI Scheme: 'http:'

   Functional Specification:

   This enumservice indicates that the resource identified by the
   associated URI scheme is capable of being a source of information.

   It has to be noted that the kind of information retrieved can be
   manifold. Usually, contacting a resource by an 'http:' URI provides
   a document. This document can contain all different kind of
   information, like audio or video or executable code. Thus, one can
   not be more specific what information to expect when contacting the
   resource.


   Security Considerations:

   There are no specific security issues with this 'enumservice'.
   However, the general considerations of section 6 apply.

   Intended Usage: COMMON

   Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny
           (for author contact detail see section 8)

   Any other information the author deems interesting:

   None


3.3  Web Service Registration with 'https:'

   Enumservice Name: "web"

   Type: "web"

   Subtype: "https"

   URI Scheme: 'https:'

   Functional Specification:

   This enumservice indicates that the resource identified by the
   associated URI scheme is capable of being a source of information,
   which can be contacted by using TLS or Secure Socket Layer protocol.

   It has to be noted that the kind of information retrieved can be
   manifold. Usually, contacting a resource by an 'https:' URI provides
   a document. This document can contain all different kind of
   information, like audio or video or executable code. Thus, one can
   not be more specific what information to expect when contacting the
   resource.

   Security Considerations:

   There are no specific security issues with this 'enumservice'.
   However, the general considerations of section 6 apply.

   Intended Usage: COMMON

   Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny
           (for author contact detail see section 8)

   Any other information the author deems interesting:

   None


4.  Ft Service Registration

   Enumservice Name: "ft"

   Type: "ft"

   Subtype: "ftp"

   URI Scheme: 'ftp:'

   Functional Specification:

   This enumservice indicates that the resource identified by the
   associated URI scheme is a file service from which a file or file
   listing can be retrieved.

   Security Considerations:

   There are no specific security issues with this 'enumservice'.
   However, the general considerations of section 6 apply.

   Intended Usage: COMMON

   Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny
           (for author contact detail see section 8)

   Any other information the author deems interesting:

   None


5.  Additional Information

   Editor note: Is there any necessary additional information? TBD


6.  Security Considerations

   DNS, as used by ENUM, is a global, distributed database. Thus any
   information stored there is visible to anyone anonymously. Whilst
   this is not qualitatively different from publication in a Telephone
   Directory, it does open the data subject to having "their"
   information collected automatically without any indication that this
   has been done or by whom.

   Such data harvesting by third parties is often used to generate
   lists of targets for unrequested information; in short, they are
   used to address "spam". Anyone who uses a Web-archived mailing list
   is aware that the volume of "spam" email they are sent increases
   when they post to the mailing list; publication of a telephone
   number in ENUM is no different, and may be used to send "junk faxes"
   or "junk SMS" for example.

   Many mailing list users have more than one email address and use
   "sacrificial" email accounts when posting to such lists to help
   filter out unrequested emails sent to them. This is not so easy with
   published telephone numbers; the PSTN E.164 number assignment
   process is much more involved and usually a single E.164 number (or
   a fixed range of numbers) is associated with each PSTN access. Thus
   providing a "sacrificial" phone number in any publication is not
   possible.

   Due to the implications of publishing data on a globally accessible
   database, as a principle the data subject MUST give their explicit
   informed consent to data being published in ENUM.

   In addition, they should be made aware that, due to storage of such
   data during harvesting by third parties, removal of the data from
   publication will not remove any copies that have been taken; in
   effect, any publication may be permanent.

   However, regulations in many regions will require that the data
   subject can at any time request that the data is removed from
   publication, and that their consent for its publication is
   explicitly confirmed at regular intervals.

   The user SHOULD be asked to confirm opening a web page or starting
   an ftp session (particularly if the ftp client is configured to
   send the user's email address as an "anonymous" user password).

   Using a web:http or ft:ftp service is not secure, and so the user
   should apply the same caution when entering personal data as they
   would do if using a client application started with any other
   method. Whilst this is not a feature of ENUM or these enumservices,
   the ENUM-using application on the end system may appear different
   from the user's "normal" browser, and so the user SHOULD receive an
   indication on whether or not their communication is secured.

   As evaluating a web page can involve execution of embedded (or
   linked) content that may include executable code, there are risks
   involved in evaluating a web URL. If automatic evaluation of a web
   link were to be used, the querying user would be exposed to risks
   associated with that automatic download and execution of content.
   Thus the client MUST ask the querying user for confirmation before
   evaluating the web URL; the client MUST NOT download and evaluate
   the web content automatically.

   In addition to the specific security considerations given above, all
   security considerations given in RFC2916bis apply.


7.  References

1  Scott Bradner, RFC2026,
      "The Internet Standards Process - Revision 3",
      October 1996.

2  P. Faltstrom, M. Mealling,
      "The E.164 to URI DDDS Application (ENUM)",
      draft-ietf-enum-rfc2916bis-03.txt,
      Work in progress, January 2003

3  ITU-T,
      "The International Public Telecommunication Number Plan",
      Recommendation E.164,
      May 1997

4  P. Mockapetris, RFC1034,
      "DOMAIN NAMES - CONCEPTS AND FACILITIES",
      November 1987

5  M. Mealling, RFC 3401,
      "Dynamic Delegation Discovery System (DDDS) Part One:
      The Comprehensive DDDS",
      October 2002

6  M. Mealling, RFC 3402,
      "Dynamic Delegation Discovery System (DDDS) Part Two:
      The Algorithm",
      October 2002

7  M. Mealling, RFC 3403,
      "Dynamic Delegation Discovery System (DDDS) Part Three:
      The Domain Name System (DNS) Database",
      October 2002

8  M. Mealling, RFC 3404,
      "Dynamic Delegation Discovery System (DDDS) Part Four:
      The Uniform Resource Identifiers (URI)",
      October 2002

9  M. Mealling, RFC 3405,
      "Dynamic Delegation Discovery System (DDDS) Part Five:
      URI.ARPA Assignment Procedures",
      October 2002

10  ETSI TS 102 172,
      "Minimum Requirements for Interoperability of
      European ENUM Trials",
      February 2003

11  T. Berners-Lee, L. Masinter, M. McCahill, RFC 1738
      "Uniform Resource Locators (URL)",
      December 1994

12  R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter,
      P.Leach, T. Berners-Lee,
      RFC 2616,
      "Hypertext Transfer Protocol - HTTP/1.1",
      June 1999

13  E.Rescorla, RFC 2818
      "HTTP Over TLS",
      May 2000


8.  Author's Addresses

   Rudolf Brandner
      Siemens ICN
      Hofmannstrasse 51
      Munich
      Germany
      email: <mailto:rudolf.brandner@siemens.com>
      voice: <tel:+49-89-72251003>
      web:   <http://www.siemens.com>

   Lawrence Conroy
      Siemens Roke Manor Research
      Roke Manor
      Romsey
      U.K.
      email: <mailto:lwc@roke.co.uk>
      voice: <tel:+44-1794-833666>

   Richard Stastny
      OeFEG
      Postbox 147
      1103 Vienna
      Austria
      email: <mailto:richard.stastny@oefeg.at>
      voice: <tel:+43-664-420-4100>



9.  Full Copyright Statement

Copyright (C) The Internet Society (2000).  All Rights Reserved.

This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are
included on all such copies and derivative works.  However, this
document itself may not be modified in any way, such as by removing the
copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of developing
Internet standards in which case the procedures for copyrights defined
in the Internet Standards process must be followed, or as required to
translate it into languages other than English.

The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.


Html markup produced by rfcmarkup 1.107, available from http://tools.ietf.org/tools/rfcmarkup/