[Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: (draft-ietf-drinks-spprov) 00 01 02 03 04 05 06 07 08 09 10 11 12 RFC 7877

DRINKS                                                     K. Cartwright
Internet-Draft                                                 V. Bhatia
Intended status: Standards Track                                     TNS
Expires: January 17, 2013                                         S. Ali
                                                                 NeuStar
                                                             D. Schwartz
                                                                XConnect
                                                           July 16, 2012


             Session Peering Provisioning Framework (SPPF)
                   draft-ietf-drinks-spp-framework-02

Abstract

   This document specifies the data model and the overall structure for
   a framework to provision session establishment data into Session Data
   Registries and SIP Service Provider data stores.  The framework is
   called the Session Peering Provisioning Framework (SPPF).  The
   provisioned data is typically used by network elements for session
   peering.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 17, 2013.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents



Cartwright, et al.      Expires January 17, 2013                [Page 1]


Internet-Draft         draft-drinks-spp-framework              July 2012


   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  7
   3.  Framework High Level Design  . . . . . . . . . . . . . . . . .  9
     3.1.  Framework Data Model . . . . . . . . . . . . . . . . . . .  9
     3.2.  Time Value . . . . . . . . . . . . . . . . . . . . . . . . 12
   4.  Transport Protocol Requirements  . . . . . . . . . . . . . . . 13
     4.1.  Connection Oriented  . . . . . . . . . . . . . . . . . . . 13
     4.2.  Request and Response Model . . . . . . . . . . . . . . . . 13
     4.3.  Connection Lifetime  . . . . . . . . . . . . . . . . . . . 13
     4.4.  Authentication . . . . . . . . . . . . . . . . . . . . . . 13
     4.5.  Authorization  . . . . . . . . . . . . . . . . . . . . . . 14
     4.6.  Confidentiality and Integrity  . . . . . . . . . . . . . . 14
     4.7.  Near Real Time . . . . . . . . . . . . . . . . . . . . . . 14
     4.8.  Request and Response Sizes . . . . . . . . . . . . . . . . 14
     4.9.  Request and Response Correlation . . . . . . . . . . . . . 14
     4.10. Request Acknowledgement  . . . . . . . . . . . . . . . . . 14
     4.11. Mandatory Transport  . . . . . . . . . . . . . . . . . . . 15
   5.  Base Framework Data Structures and Response Codes  . . . . . . 16
     5.1.  Basic Object Type and Organization Identifiers . . . . . . 16
     5.2.  Various Object Key Types . . . . . . . . . . . . . . . . . 16
       5.2.1.  Generic Object Key Type  . . . . . . . . . . . . . . . 17
       5.2.2.  Derived Object Key Types . . . . . . . . . . . . . . . 17
     5.3.  Response Message Types . . . . . . . . . . . . . . . . . . 19
   6.  Framework Data Model Objects . . . . . . . . . . . . . . . . . 22
     6.1.  Destination Group  . . . . . . . . . . . . . . . . . . . . 22
     6.2.  Public Identifier  . . . . . . . . . . . . . . . . . . . . 23
     6.3.  SED Group  . . . . . . . . . . . . . . . . . . . . . . . . 28
     6.4.  SED Record . . . . . . . . . . . . . . . . . . . . . . . . 32
     6.5.  SED Group Offer  . . . . . . . . . . . . . . . . . . . . . 36
     6.6.  Egress Route . . . . . . . . . . . . . . . . . . . . . . . 38
   7.  Framework Operations . . . . . . . . . . . . . . . . . . . . . 41
     7.1.  Add Operation  . . . . . . . . . . . . . . . . . . . . . . 41
     7.2.  Delete Operation . . . . . . . . . . . . . . . . . . . . . 41
     7.3.  Get Operations . . . . . . . . . . . . . . . . . . . . . . 42
     7.4.  Accept Operations  . . . . . . . . . . . . . . . . . . . . 42
     7.5.  Reject Operations  . . . . . . . . . . . . . . . . . . . . 43
     7.6.  Get Server Details Operation . . . . . . . . . . . . . . . 43
   8.  XML Considerations . . . . . . . . . . . . . . . . . . . . . . 44
     8.1.  Namespaces . . . . . . . . . . . . . . . . . . . . . . . . 44



Cartwright, et al.      Expires January 17, 2013                [Page 2]


Internet-Draft         draft-drinks-spp-framework              July 2012


     8.2.  Versioning and Character Encoding  . . . . . . . . . . . . 44
   9.  Security Considerations  . . . . . . . . . . . . . . . . . . . 45
     9.1.  Confidentiality and Authentication . . . . . . . . . . . . 45
     9.2.  Authorization  . . . . . . . . . . . . . . . . . . . . . . 45
     9.3.  Denial of Service  . . . . . . . . . . . . . . . . . . . . 45
       9.3.1.  DoS Issues Inherited from Transport Mechanism  . . . . 45
       9.3.2.  DoS Issues Specific to SPPF  . . . . . . . . . . . . . 46
     9.4.  Information Disclosure . . . . . . . . . . . . . . . . . . 47
     9.5.  Non Repudiation  . . . . . . . . . . . . . . . . . . . . . 47
     9.6.  Replay Attacks . . . . . . . . . . . . . . . . . . . . . . 47
     9.7.  Man in the Middle  . . . . . . . . . . . . . . . . . . . . 47
   10. Internationalization Considerations  . . . . . . . . . . . . . 49
   11. IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 50
   12. Formal Specification . . . . . . . . . . . . . . . . . . . . . 51
   13. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 60
   14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 61
     14.1. Normative References . . . . . . . . . . . . . . . . . . . 61
     14.2. Informative References . . . . . . . . . . . . . . . . . . 61
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 63
































Cartwright, et al.      Expires January 17, 2013                [Page 3]


Internet-Draft         draft-drinks-spp-framework              July 2012


1.  Introduction

   Service providers and enterprises use registries to make session
   routing decisions for Voice over IP, SMS and MMS traffic exchanges.
   This document is narrowly focused on the provisioning framework for
   these registries.  This framework prescribes a way for an entity to
   provision session-related data into a registry.  The data being
   provisioned can be optionally shared with other participating peering
   entities.  The requirements and use cases driving this framework have
   been documented in [RFC6461].  The reader is expected to be familiar
   with the terminology defined in the previously mentioned document.

   Three types of provisioning flows have been described in the use case
   document: client to registry provisioning, registry to local data
   repository and registry to registry.  This document addresses client
   to registry aspect to fulfill the need to provision Session
   Establishment Data (SED).  The framework that supports flow of
   messages to facilitate client to registry provisioning is referred to
   as Session Peering Provisioning Framework (SPPF).

   Please note that the role of the "client" and the "server" only
   applies to the connection, and those roles are not related in any way
   to the type of entity that participates in a protocol exchange.  For
   example, a registry might also include a "client" when such a
   registry initiates a connection (for example, for data distribution
   to SSP).

























Cartwright, et al.      Expires January 17, 2013                [Page 4]


Internet-Draft         draft-drinks-spp-framework              July 2012


    *--------*               *------------*               *------------*
    |        | (1). Client   |            | (3).Registry  |            |
    | Client | ------------> |  Registry  |<------------->|  Registry  |
    |        |   to Registry |            |  to Registry  |            |
    *--------*               *------------*               *------------*
                                  /  \                          \
                                 /    \                          \
                                /      \                          \
                               /        \                          v
                              /          \                         ...
                             /            \
                            / (2). Distrib \
                           / Registry data  \
                          /  to local data   \
                         V      store         V
                        +----------+       +----------+
                        |Local Data|       |Local Data|
                        |Repository|       |Repository|
                        +----------+       +----------+

                     Three Registry Provisioning Flows

                                 Figure 1

   The data provisioned for session establishment is typically used by
   various downstream SIP signaling systems to route a call to the next
   hop associated with the called domain.  These systems typically use a
   local data store ("Local Data Repository") as their source of session
   routing information.  More specifically, the SED data is the set of
   parameters that the outgoing signaling path border elements (SBEs)
   need to initiate the session.  See [RFC5486] for more details.

   A "terminating" SIP Service Provider (SSP) provisions SED into the
   registry to be selectively shared with other peer SSPs.
   Subsequently, a registry may distribute the provisioned data into
   local data repositories used for look-up queries (identifier -> URI)
   or for lookup and location resolution (identifier -> URI -> ingress
   SBE of terminating SSP).  In some cases, the registry may
   additionally offer a central query resolution service (not shown in
   the above figure).

   A key requirement for the SPPF is to be able to accommodate two basic
   deployment scenarios:

   1.  A resolution system returns a Look-Up Function (LUF) that
       comprises the target domain to assist in call routing (as
       described in [RFC5486]).  In this case, the querying entity may
       use other means to perform the Location Routing Function (LRF)



Cartwright, et al.      Expires January 17, 2013                [Page 5]


Internet-Draft         draft-drinks-spp-framework              July 2012


       which in turn helps determine the actual location of the
       Signaling Function in that domain.

   2.  A resolution system returns a Location Routing Function (LRF)
       that comprises the location (address) of the signaling function
       in the target domain (as described in [RFC5486]).

   In terms of framework design, SPPF is agnostic to the transport
   protocol.  This document includes the specification of the data model
   and identifies, but does not specify, the means to enable protocol
   operations within a request and response structure.  That aspect of
   the specification has been delegated to the "protocol" specification
   for the framework.  To encourage interoperability, the framework
   supports extensibility aspects.

   Transport requirements are provided in this document to help with the
   selection of the optimum transport mechanism.  The SPP Protocol over
   SOAP document identifies a protocol for SPPF that uses SOAP/HTTP as
   the transport mechanism.

   This document is organized as follows:

   o    Section 2 provides the terminology;

   o    Section 3 provides an overview of SPPF, including functional
        entities and data model;

   o    Section 4 specifies requirements for SPPF transport protocols;

   o    Section 5 describes the base framework data structures, the
        generic response types that MUST be supported by a conforming
        "protocol" specification, and the basic object type most first
        class objects extend from;

   o    Section 6 detailed description of the data model object
        specifications;

   o    Section 8 defines XML considerations XML parsers must meet to
        conform to this specification;

   o    Section 12 normatively defines the SPPF using its XML Schema
        Definition.









Cartwright, et al.      Expires January 17, 2013                [Page 6]


Internet-Draft         draft-drinks-spp-framework              July 2012


2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

   This document reuses terms from [RFC3261], [RFC5486], use cases and
   requirements documented in [RFC6461] and the ENUM Validation
   Architecture [RFC4725].

   In addition, this document specifies the following additional terms:


   SPPF:   Session Peering Provisioning Framework, the framework used by
      a transport protocol to provision data into a Registry (see arrow
      labeled "1." in Figure 1 of [RFC6461]).  It is the primary scope
      of this document.


   SPDP:   Session Peering Distribution Protocol, the protocol used to
      distribute data to Local Data Repository (see arrow labeled "2."
      in Figure 1 of [RFC6461]).


   Client:   An application that supports an SPPF client; it is
      sometimes referred to as a "registry client".


   Registry:   The Registry operates a master database of Session
      Establishment Data for one or more Registrants.

      A Registry acts as an SPPF server.


   Registrant:   In this document we extend the definition of a
      Registrant based on [RFC4725].  The Registrant is the end-user,
      the person or organization that is the "holder" of the Session
      Establishment Data being provisioned into the Registry by a
      Registrar.  For example, in [RFC6461], a Registrant is pictured as
      a SIP Service Provider in Figure 2.

      Within the confines of a Registry, a Registrant is uniquely
      identified by a well-known ID.








Cartwright, et al.      Expires January 17, 2013                [Page 7]


Internet-Draft         draft-drinks-spp-framework              July 2012


   Registrar:   In this document we extend the definition of a Registrar
      from [RFC4725].  A Registrar is an entity that performs
      provisioning operations on behalf of a Registrant by interacting
      with the Registry via SPPF operations.  In other words the
      Registrar is the SPPF Client.  The Registrar and Registrant roles
      are logically separate to allow, but not require, a single
      Registrar to perform provisioning operations on behalf of more
      than one Registrant.

   Peering Organization:   A Peering Organization is an entity to which
      a Registrant's SED Groups are made visible using the operations of
      SPPF.







































Cartwright, et al.      Expires January 17, 2013                [Page 8]


Internet-Draft         draft-drinks-spp-framework              July 2012


3.  Framework High Level Design

   This section introduces the structure of the data model and provides
   the information framework for the SPPF.  The data model is defined
   along with all the objects manipulated by the protocol and their
   relationships.

3.1.  Framework Data Model

   The data model illustrated and described in Figure 2 defines the
   logical objects and the relationships between these objects that the
   SPPF protocol supports.  SPPF defines the protocol operations through
   which an SPPF client populates a registry with these logical objects.
   Various clients belonging to different registrars may use the
   protocol for populating the registry's data.

   The logical structure presented below is consistent with the
   terminology and requirements defined in [RFC6461].

































Cartwright, et al.      Expires January 17, 2013                [Page 9]


Internet-Draft         draft-drinks-spp-framework              July 2012


       +-------------+                        +-----------------+
       | all object  |                        |Egress Route:    |
       | types       |                   0..n | rant,           |
       +-------------+                     +--| egrRteName,     |
             |0..n                        /   | pref,           |
             |                           /    | regxRewriteRule,|
             |2                         /     | ingrSedGrp,     |
   +----------------------+            /      | svcs            |
   |Organization:         |           /       +-----------------+
   | orgId                |          /
   +----------------------+         /
          |0..n                    /
          |                       /
          |A SED Group is        /
          |associated with      /
          |zero or more        /              +---[abstract]----+
          |Peering            /               | SED Record:     |
          |Organizations     /                |  rant,          |
          |                 /                 |  sedName,       |0..n
          |0..n            /                  |  sedFunction,   |------|
   +--------+--------------+0..n          0..n|  isInSvc,       |      |
   |SED Group:             |------------------|  ttl            |      |
   |  rant,                |                  +-----------------+      |
   |  sedGrpName,          |                      ^                    |
   |  isInSvc,             |                      |Various types       |
   |  sedRecRef,           |                      |of SED              |
   |  peeringOrg,          |                      |Records             |
   |  sourceIdent,         |                +-----+------------+       |
   |  priority,            |                |        |         |       |
   |  dgName               |             +----+  +-------+  +----+     |
   +-----------------------+             | URI|  | NAPTR |  | NS |     |
          |0..n                          +----+  +-------+  +----+     |
          |                                                            |
          |                                 +-----[abstract]------+    |
          |                                 |Public Identifier:   |    |
          |0..n                             |  rant,              |    |
      +----------------------+0..n      0..n|  publicIdentifier,  |    |
      | Dest Group:          |--------------|  destGrpRef,        |    |
      |   rant,              |              |  sedRecRef          |    |
      |   dgName             |              +---------------------+    |
      +----------------------+                       ^Various types    |
                                                     |of Public        |
                                                     |Identifiers      |
                 +---------+-------+------+----------+                 |
                 |         |       |      |          |                 |
                 +------+  +-----+  +-----+ +-----+  +------+          |
                 |  URI |  | TNP |  | TNR | | RN  |  |TN    |----------|
                 +------+  +-----+  +-----+ +-----+  +------+ 0..n



Cartwright, et al.      Expires January 17, 2013               [Page 10]


Internet-Draft         draft-drinks-spp-framework              July 2012


                                 Figure 2

   The objects and attributes that comprise the data model can be
   described as follows (objects listed from the bottom up):

   o  Public Identifier:
      From a broad perspective a public identifier is a well-known
      attribute that is used as the key to perform resolution lookups.
      Within the context of SPPF, a public identifier object can be a
      Telephone Number (TN), a range of Telephone Numbers, a PSTN
      Routing Number (RN), a TN prefix, or a URI.

      An SPPF Public Identifier is associated with a Destination Group
      to create a logical grouping of Public Identifiers that share a
      common set of Session Establishment Data (e.g. routes).

      A TN Public Identifier may optionally be associated with zero or
      more individual SED Records.  This ability for a Public Identifier
      to be directly associated with a SED Record, as opposed to being
      associated with a Destination Group, supports the use cases where
      the SED Record contains data specifically tailored to an
      individual TN Public Identifier.

   o  Destination Group:
      A named collection of zero or more Public Identifiers that can be
      associated with one or more SED Groups for the purpose of
      facilitating the management of their common session establishment
      information.

   o  SED Group:
      A SED Group contains a set of SED Record references, a set of
      Destination Group references, and a set of peering organization
      identifiers.  This is used to establish a three part relationships
      between a set of Public Identifiers, the session establishment
      information (SED) shared across these Public Identifiers, and the
      list of peering organizations whose query responses from the
      resolution system may include the session establishment
      information contained in a given SED group.  In addition, the
      sourceIdent element within a SED Group, in concert with the set of
      peering organization identifiers, enables fine-grained source
      based routing.  For further details about the SED Group and source
      based routing, refer to the definitions and descriptions of the
      SED Group operations found later in this document.

   o  SED Record:
      A SED Record contains the data that a resolution system returns in
      response to a successful query for a Public Identifier.  SED
      Records are generally associated with a SED Group when the SED



Cartwright, et al.      Expires January 17, 2013               [Page 11]


Internet-Draft         draft-drinks-spp-framework              July 2012


      within is not specific to a Public Identifier.
      To support the use cases defined in [RFC6461], SPPF framework
      defines three type of SED Records: URIType, NAPTRType, and NSType.
      These SED Records extend the abstract type SedRecType and inherit
      the common attribute 'priority' that is meant for setting
      precedence across the SED records defined within a SED Group in a
      protocol agnostic fashion.

   o  Egress Route:
      In a high-availability environment, the originating SSP likely has
      more than one egress paths to the ingress SBE of the target SSP.
      The Egress Route allows the originating SSP to choose a specific
      egress SBE to be associated with the target ingress SBE. the
      'svcs' element identifies the SED records associated with the SED
      Group that will be modified by the originating SSP.

   o  Organization:
      An Organization is an entity that may fulfill any combination of
      three roles: Registrant, Registrar, and Peering Organization.  All
      objects in SPPF framework are associated with two organization
      identifiers to identify each object's registrant and registrar.  A
      SED Group object is also associated with a set of zero or more
      organization identifiers that identify the peering organization(s)
      whose resolution query responses may include the session
      establishment information (SED) defined in the SED Records within
      that SED Group.  A peering organization is an entity that the
      registrant intends to share the SED data with.

3.2.  Time Value

   Some request and response messages in SPPF framework include time
   value(s) defined as type xs:dateTime, a built-in W3C XML Schema
   Datatype.  Use of unqualified local time value is discouraged as it
   can lead to interoperability issues.  The value of time attribute
   MUST BE expressed in Coordinated Universal Time (UTC) format without
   the timezone digits.

   "2010-05-30T09:30:10Z" is an example of an acceptable time value for
   use in SPPF messages. "2010-05-30T06:30:10+3:00" is a valid UTC time,
   but it is not approved for use in SPPF messages.











Cartwright, et al.      Expires January 17, 2013               [Page 12]


Internet-Draft         draft-drinks-spp-framework              July 2012


4.  Transport Protocol Requirements

   This section provides requirements for transport protocols suitable
   for SPPF framework.  More specifically, this section specifies the
   services, features, and assumptions that SPPF framework delegates to
   the chosen transport and envelope technologies.

4.1.  Connection Oriented

   The SPPF follows a model where a client establishes a connection to a
   server in order to further exchange SPPF messages over such point-to-
   point connection.  A transport protocol for SPPF MUST therefore be
   connection oriented.

4.2.  Request and Response Model

   Provisioning operations in SPPF follow the request-response model,
   where a client sends a request message to initiate a transaction and
   the server responds with a response.  Multiple subsequent request-
   response exchanges MAY be performed over a single persistent
   connection.

   Therefore, a transport protocol for SPPF MUST follow the request-
   response model by allowing a response to be sent to the request
   initiator.

4.3.  Connection Lifetime

   Some use cases involve provisioning a single request to a network
   element.  Connections supporting such provisioning requests might be
   short-lived, and may be established only on demand.  Other use cases
   involve either provisioning a large dataset, or a constant stream of
   small updates, either of which would likely require long-lived
   connections.

   Therefore, a protocol suitable for SPPF SHOULD be able to support
   both short-lived as well as long-lived connections.

4.4.  Authentication

   All SPPF objects are associated with a registrant identifier.  SPPF
   Clients provisions SPPF objects on behalf of registrants.  An
   authenticated SPP Client is a registrar.  Therefore, the SPPF
   transport protocol MUST provide means for an SPPF server to
   authenticate an SPPF Client.






Cartwright, et al.      Expires January 17, 2013               [Page 13]


Internet-Draft         draft-drinks-spp-framework              July 2012


4.5.  Authorization

   After successful authentication of the SPPF client as a registrar the
   registry performs authorization checks to determine if the registrar
   is authorized to act on behalf of the Registrant whose identifier is
   included in the SPPF request.  Refer to the Security Considerations
   section for further guidance.

4.6.  Confidentiality and Integrity

   In some deployments, the SPPF objects that an SPPF registry manages
   can be private in nature.  As a result it MAY NOT be appropriate to
   for transmission in plain text over a connection to the SPPF
   registry.  Therefore, the transport protocol SHOULD provide means for
   end-to-end encryption between the SPPF client and server.

   For some SPPF implementations, it may be acceptable for the data to
   be transmitted in plain text, but the failure to detect a change in
   data after it leaves the SPPF client and before it is received at the
   server, either by accident or with a malicious intent, will adversely
   affect the stability and integrity of the registry.  Therefore, the
   transport protocol SHOULD provide means for data integrity
   protection.

4.7.  Near Real Time

   Many use cases require near real-time responses from the server.
   Therefore, a DRINKS transport protocol MUST support near real-time
   response to requests submitted by the client.

4.8.  Request and Response Sizes

   Use of SPPF may involve simple updates that may consist of small
   number of bytes, such as, update of a single public identifier.
   Other provisioning operations may constitute large number of dataset
   as in adding millions records to a registry.  As a result, a suitable
   transport protocol for SPPF SHOULD accommodate dataset of various
   sizes.

4.9.  Request and Response Correlation

   A transport protocol suitable for SPPF MUST allow responses to be
   correlated with requests.

4.10.  Request Acknowledgement

   Data transported in the SPPF is likely crucial for the operation of
   the communication network that is being provisioned.  A SPPF client



Cartwright, et al.      Expires January 17, 2013               [Page 14]


Internet-Draft         draft-drinks-spp-framework              July 2012


   responsible for provisioning SED to the registry has a need to know
   if the submitted requests have been processed correctly.

   Failed transactions can lead to situations where a subset of public
   identifiers or even SSPs might not be reachable, or the provisioning
   state of the network is inconsistent.

   Therefore, a transport protocol for SPPF MUST provide a response for
   each request, so that a client can identify whether a request
   succeeded or failed.

4.11.  Mandatory Transport

   At the time of this writing, a choice of transport protocol has been
   provided in SPP Protocol over SOAP document.  To encourage
   interoperability, the SPPF server MUST provide support for this
   transport protocol.  With time, it is possible that other transport
   layer choices may surface that agree with the requirements discussed
   above.
































Cartwright, et al.      Expires January 17, 2013               [Page 15]


Internet-Draft         draft-drinks-spp-framework              July 2012


5.  Base Framework Data Structures and Response Codes

   SPPF contains some common data structures for most of the supported
   object types.  This section describes these common data structures.

5.1.  Basic Object Type and Organization Identifiers

   This section introduces the basic object type that most first class
   objects derive from.

   All first class objects extend the basic object type BasicObjType
   that contains the identifier of the registrant organization that owns
   this object, the identifier of the registrar organization that
   created this object, the date and time that the object was created by
   the server, and the date and time that the object was last modified.


   <complexType name="BasicObjType" abstract="true">
    <sequence>
     <element name="rant" type="sppfb:OrgIdType"/>
     <element name="rar" type="sppfb:OrgIdType"/>
     <element name="cDate" type="dateTime" minOccurs="0"/>
     <element name="mDate" type="dateTime" minOccurs="0"/>
     <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
    </sequence>
   </complexType>

   The identifiers used for registrants (rant), registrars (rar), and
   peering organizations (peeringOrg) are instances of OrgIdType.  The
   OrgIdType is defined as a string and all OrgIdType instances SHOULD
   follow the textual convention: "namespace:value" (for example "iana-
   en:32473").  See the IANA Consideration section for more details.

5.2.  Various Object Key Types

   The SPPF data model contains various object relationships.  In some
   cases, these object relationships are established by embedding the
   unique identity of the related object inside the relating object.  In
   addition, an object's unique identity is required to Delete or Get
   the details of an object.  The following sub-sections normatively
   define the various object keys in SPPF and the attributes of those
   keys .

   "Name" attributes that are used as components of object key types
   MUST be treated case insensitive.






Cartwright, et al.      Expires January 17, 2013               [Page 16]


Internet-Draft         draft-drinks-spp-framework              July 2012


5.2.1.  Generic Object Key Type

   Most objects in SPPF are uniquely identified by an object key that
   has the object's name, object's type and its registrant's
   organization ID as its attributes.  The abstract type called
   ObjKeyType is where this unique identity is housed.  Any concrete
   representation of the ObjKeyType MUST contain the following:

      Object Name: The name of the object.

      Registrant Id: The unique organization ID that identifies the
      Registrant.

      Type: The value that represents the type of SPPF object that.
      This is required as different types of objects in SPPF, that
      belong to the same registrant, can have the same name.

   The structure of abstract ObjKeyType is as follows:


   <complexType name="ObjKeyType" abstract="true">
    <annotation>
     <documentation>
     ---- Generic type that represents the
          key for various objects in SPPF. ----
     </documentation>
    </annotation>
   </complexType>

5.2.2.  Derived Object Key Types

   The SPPF data model contains certain objects that are uniquely
   identified by attributes, different from or in addition to, the
   attributes in the generic object key described in previous section.
   These kind of object keys are derived from the abstract ObjKeyType
   and defined in there own abstract key types.  Because these object
   key types are abstract, these MUST be specified in a concrete form in
   any conforming SPPF "protocol" specification.  These are used in
   Delete and Get operations, and may also be used in Accept and Reject
   operations.

   Following are the derived object keys in SPPF data model:

   o    SedGrpOfferKeyType: This uniquely identifies a SED Group object
        offer.  This key type extends from ObjKeyType and MUST also have
        the organization ID of the Registrant to whom the object is
        being offered, as one of its attributes.  In addition to the
        Delete and Get operations, these key types are used in Accept



Cartwright, et al.      Expires January 17, 2013               [Page 17]


Internet-Draft         draft-drinks-spp-framework              July 2012


        and Reject operations on a SED Group Offer object.  The
        structure of abstract SedGrpOfferKeyType is as follows:

   <complexType name="SedGrpOfferKeyType"
   abstract="true">
       <complexContent>
           <extension base="sppfb:ObjKeyType">
               <annotation>
       <documentation>
       ---- Generic type that represents
            the key for a object offer. ----
       </documentation>
      </annotation>
     </extension>
    </complexContent>
   </complexType>

        A SED Group Offer object MUST use SedGrpOfferKeyType.  Refer the
        "Framework Data Model Objects" section of this document for
        description of SED Group Offer object.

   o    PubIdKeyType: This uniquely identifies a Public Identity object.
        This key type extends from abstract ObjKeyType.  Any concrete
        definition of PubIdKeyType MUST contain the elements that
        identify the value and type of Public Identity and also contain
        the organization ID of the Registrant that is the owner of the
        Public Identity object.  A Public Identity object key in SPPF is
        uniquely identified by the the registrant's organization ID, the
        value of the public identity, and, optionally, the Destination
        Group name the public identity belongs to.  Consequently, any
        concrete representation of the PubIdKeyType MUST contain the
        following attributes:

        *    Registrant Id: The unique organization ID that identifies
             the Registrant.

        *    Destination Group name: The name of the Destination Group
             the Public Identity is associated with.  This is an
             optional attribute.

        *    Type: The type of Public Identity.

        *    Value: The value of the Public Identity.

        The .PubIdKeyType is used in Delete and Get operations on a
        Public Identifier object.





Cartwright, et al.      Expires January 17, 2013               [Page 18]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    The structure of abstract PubIdKeyType is as follows:

   <complexType name="PubIdKeyType" abstract="true">
    <complexContent>
     <extension base="sppfb:ObjKeyType">
      <annotation>
       <documentation>
       ---- Generic type that represents the key for a Pub Id. ----
       </documentation>
      </annotation>
     </extension>
    </complexContent>
   </complexType>

   A Public Identity object MUST use attributes of PubIdKeyType for its
   unique identification .  Refer the "Framework Data Model Objects"
   section of this document for a description of Public Identity object.

5.3.  Response Message Types

   This section contains the listing of response types that MUST be
   defined by the conforming "protocol" specification and implemented by
   a conforming SPPF server.

   +---------------------+---------------------------------------------+
   | Response Type       | Description                                 |
   +---------------------+---------------------------------------------+
   | Request Succeeded   | Any conforming specification MUST define a  |
   |                     | response to indicate that a given request   |
   |                     | succeeded.                                  |
   |                     |                                             |
   | Request syntax      | Any conforming specification MUST define a  |
   | invalid             | response to indicate that a syntax of a     |
   |                     | given request was found invalid.            |
   |                     |                                             |
   | Request too large   | Any conforming specification MUST define a  |
   |                     | response to indicate that the count of      |
   |                     | entities in the request is larger than the  |
   |                     | server is willing or able to process.       |
   |                     |                                             |
   | Version not         | Any conforming specification MUST define a  |
   | supported           | response to indicate that the server does   |
   |                     | not support the version of the SPPF         |
   |                     | protocol specified in the request.          |
   |                     |                                             |






Cartwright, et al.      Expires January 17, 2013               [Page 19]


Internet-Draft         draft-drinks-spp-framework              July 2012


   | Command invalid     | Any conforming specification MUST define a  |
   |                     | response to indicate that the operation     |
   |                     | and/or command being requested by the       |
   |                     | client is invalid and/or not supported by   |
   |                     | the server.                                 |
   |                     |                                             |
   | System temporarily  | Any conforming specification MUST define a  |
   | unavailable         | response to indicate that the SPPF server   |
   |                     | is temporarily not available to serve       |
   |                     | client request.                             |
   |                     |                                             |
   | Unexpected internal | Any conforming specification MUST define a  |
   | system or server    | response to indicate that the SPPF server   |
   | error.              | encountered an unexpected error that        |
   |                     | prevented the server from fulfilling the    |
   |                     | request.                                    |
   |                     |                                             |
   | Attribute value     | Any conforming specification MUST define a  |
   | invalid             | response to indicate that the SPPF server   |
   |                     | encountered an attribute or property in the |
   |                     | request that had an invalid/bad value.      |
   |                     | Optionally, the specification MAY provide a |
   |                     | way to indicate the Attribute Name and the  |
   |                     | Attribute Value to identify the object that |
   |                     | was found to be invalid.                    |
   |                     |                                             |
   | Object does not     | Any conforming specification MUST define a  |
   | exist               | response to indicate that an object present |
   |                     | in the request does not exist on the SPPF   |
   |                     | server.  Optionally, the specification MAY  |
   |                     | provide a way to indicate the Attribute     |
   |                     | Name and the Attribute Value that           |
   |                     | identifies the non-existent object.         |
   |                     |                                             |
   | Object status or    | Any conforming specification MUST define a  |
   | ownership does not  | response to indicate that the operation     |
   | allow for           | requested on an object present in the       |
   | operation.          | request cannot be performed because the     |
   |                     | object is in a status that does not allow   |
   |                     | the said operation or the user requesting   |
   |                     | the operation is not authorized to perform  |
   |                     | the said operation on the object.           |
   |                     | Optionally, the specification MAY provide a |
   |                     | way to indicate the Attribute Name and the  |
   |                     | Attribute Value that identifies the object. |
   +---------------------+---------------------------------------------+

                          Table 1: Response Types



Cartwright, et al.      Expires January 17, 2013               [Page 20]


Internet-Draft         draft-drinks-spp-framework              July 2012


   When the response messages are "parameterized" with the Attribute
   Name and Attribute Value, then the use of these parameters MUST
   adhere to the following rules:

   o    Any value provided for the Attribute Name parameter MUST be an
        exact XSD element name of the protocol data element that the
        response message is referring to.  For example, valid values for
        "attribute name" are "dgName", "sedGrpName", "sedRec", etc.

   o    The value for Attribute Value MUST be the value of the data
        element to which the preceding Attribute Name refers.

   o    Response type "Attribute value invalid" SHOULD be used whenever
        an element value does not adhere to data validation rules.

   o    Response types "Attribute value invalid" and "Object does not
        exist" MUST NOT be used interchangeably.  Response type "Object
        does not exist" SHOULD be returned by an Add/Del/Accept/Reject
        operation when the data element(s) used to uniquely identify a
        pre-existing object do not exist.  If the data elements used to
        uniquely identify an object are malformed, then response type
        "Attribute value invalid" SHOULD be returned.





























Cartwright, et al.      Expires January 17, 2013               [Page 21]


Internet-Draft         draft-drinks-spp-framework              July 2012


6.  Framework Data Model Objects

   This section provides a description of the specification of each
   supported data model object (the nouns) and identifies the commands
   (the verbs) that MUST be supported for each data model object.
   However, the specification of the data structures necessary to
   support each command is delegated to the "protocol" specification.

6.1.  Destination Group

   As described in the introductory sections, a Destination Group
   represents a set of Public Identifiers with common session
   establishment information.  The transport protocol MUST support the
   ability to Create, Modify, Get, and Delete Destination Groups (refer
   the "Framework Operations" section of this document for a generic
   description of various operations).

   A Destination Group object MUST be uniquely identified by attributes
   as defined in the description of "ObjKeyType" in the section "Generic
   Object Key Type" of this document.

   The DestGrpType object structure is defined as follows:


   <complexType name="DestGrpType">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="dgName" type="sppfb:ObjNameType"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   The DestGrpType object is composed of the following elements:

   o    base: All first class objects extend BasicObjType that contains
        the ID of the registrant organization that owns this object,
        registrar organization that provisioned this object on behalf of
        the registrant, the date and time that the object was created by
        the server, and the date and time that the object was last
        modified.  If the client passed in either the created date or
        the modification date, the server will ignore them.  The server
        sets these two date/time values.

   o    dgName: The character string that contains the name of the
        Destination Group.




Cartwright, et al.      Expires January 17, 2013               [Page 22]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    ext: Point of extensibility described in a previous section of
        this document.

6.2.  Public Identifier

   A Public Identifier is the search key used for locating the session
   establishment data (SED).  In many cases, a Public Identifier is
   attributed to the end user who has a retail relationship with the
   service provider or registrant organization.  SPPF supports the
   notion of the carrier-of-record as defined in [RFC5067].  Therefore,
   the registrant under whom the Public Identity is being created can
   optionally claim to be a carrier-of-record.

   SPPF identifies three types of Public Identifiers: telephone numbers
   (TN), routing numbers (RN), and URI type of Public Identifiers (like
   an email address).  SPPF provides structures to manage a single TN, a
   contiguous range of TNs, and a TN prefix.  The transport protocol
   MUST support the ability to Create, Modify, Get, and Delete Public
   Identifiers (refer the "Framework Operations" section of this
   document for a generic description of various operations).

   A Public Identity object MUST be uniquely identified by attributes as
   defined in the description of "PubIdKeyType" in the section "Derived
   Object Key Types" of this document.

   The abstract XML schema type definition PubIDType is a generalization
   for the concrete Public Identifier schema types.  PubIDType element
   'dgName' represents the name of the destination group that a given
   Public Identifier MAY be a member of.  The PubIDType object structure
   is defined as follows:


   <complexType name="PubIdType" abstract="true">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="dgName" type="sppfb:ObjNameType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   A Public Identifier may be provisioned as a member of a Destination
   Group or provisioned outside of a Destination Group.  A Public
   Identifier that is provisioned as a member of a Destination Group is
   intended to be associated with its SED through the SED Group(s) that
   are associated with its containing Destination Group.  A Public
   Identifier that is not provisioned as a member of a Destination Group



Cartwright, et al.      Expires January 17, 2013               [Page 23]


Internet-Draft         draft-drinks-spp-framework              July 2012


   is intended to be associated with its SED through the SED Records
   that are directly associated with the Public Identifier.

   A telephone number is provisioned using the TNType, an extension of
   PubIDType.  When a Public Identifier is provisioned as a member of a
   Destination Group, each TNType object is uniquely identified by the
   combination of its value contained within <tn> element, and the
   unique key of its parent Destination Group (dgName and rantId).  In
   other words a given telephone number string may exist within one or
   more Destination Groups, but must not exist more than once within a
   Destination Group.  A Public Identifier that is not provisioned as a
   member of a Destination Group is uniquely identified by the
   combination of its value, and its registrant ID.  TNType is defined
   as follows:


   <complexType name="TNType">
    <complexContent>
     <extension base="sppfb:PubIdType">
      <sequence>
       <element name="tn" type="sppfb:NumberValType"/>
       <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
       <element name="sedRecRef" type="sppfb:SedRecRefType"
                minOccurs="0" maxOccurs="unbounded"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <simpleType name="NumberValType">
    <restriction base="token">
     <maxLength value="20"/>
     <pattern value="\+?\d\d*"/>
    </restriction>
   </simpleType>


   TNType consists of the following attributes:

   o    tn: Telephone number to be added to the registry.

   o    sedRecRef: Optional reference to SED records that are directly
        associated with the TN Public Identifier.  Following the SPPF
        data model, the SED record could be a protocol agnostic URIType
        or another type.

   o    corInfo: corInfo is an optional parameter of type CORInfoType
        that allows the registrant organization to set forth a claim to



Cartwright, et al.      Expires January 17, 2013               [Page 24]


Internet-Draft         draft-drinks-spp-framework              July 2012


        be the carrier-of-record (see [RFC5067]).  This is done by
        setting the value of <corClaim> element of the CORInfoType
        object structure to "true".  The other two parameters of the
        CORInfoType, <cor> and <corDate> are set by the registry to
        describe the outcome of the carrier-of-record claim by the
        registrant.  In general, inclusion of <corInfo> parameter is
        useful if the registry has the authority information, such as,
        the number portability data, etc., in order to qualify whether
        the registrant claim can be satisfied.  If the carrier-of-record
        claim disagrees with the authority data in the registry, whether
        the TN add operation fails or not is a matter of policy and it
        is beyond the scope of this document.

   A routing number is provisioned using the RNType, an extension of
   PubIDType.  SSPs that possess the number portability data may be able
   to leverage the RN search key to discover the ingress routes for
   session establishment.  Therefore, the registrant organization can
   add the RN and associate it with the appropriate destination group to
   share the route information.  Each RNType object is uniquely
   identified by the combination of its value inside the <rn> element,
   and the unique key of its parent Destination Group (dgName and
   rantId).  In other words a given routing number string may exist
   within one or more Destination Groups, but must not exist more than
   once within a Destination Group.  RNType is defined as follows:


   <complexType name="RNType">
    <complexContent>
     <extension base="sppfb:PubIdType">
      <sequence>
       <element name="rn" type="sppfb:NumberValType"/>
       <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   RNType has the following attributes:

   o    rn: Routing Number used as the search key.

   o    corInfo: Optional <corInfo> element of type CORInfoType.

   TNRType structure is used to provision a contiguous range of
   telephone numbers.  The object definition requires a starting TN and
   an ending TN that together define the span of the TN range.  Use of
   TNRType is particularly useful when expressing a TN range that does
   not include all the TNs within a TN block or prefix.  The TNRType



Cartwright, et al.      Expires January 17, 2013               [Page 25]


Internet-Draft         draft-drinks-spp-framework              July 2012


   definition accommodates the open number plan as well such that the
   TNs that fall between the start and end TN range may include TNs with
   different length variance.  Whether the registry can accommodate the
   open number plan semantics is a matter of policy and is beyond the
   scope of this document.  Each TNRType object is uniquely identified
   by the combination of its value that in turn is a combination of the
   <startTn> and <endTn> elements, and the unique key of its parent
   Destination Group (dgName and rantId).  In other words a given TN
   Range may exist within one or more Destination Groups, but must not
   exist more than once within a Destination Group.  TNRType object
   structure definition is as follows:


   <complexType name="TNRType">
    <complexContent>
     <extension base="sppfb:PubIdType">
      <sequence>
       <element name="range" type="sppfb:NumberRangeType"/>
       <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <complexType name="NumberRangeType">
    <sequence>
     <element name="startTn" type="sppfb:NumberValType"/>
     <element name="endTn" type="sppfb:NumberValType"/>
    </sequence>
   </complexType>

   TNRType has the following attributes:

   o    startTn: Starting TN in the TN range

   o    endTn: The last TN in the TN range

   o    corInfo: Optional <corInfo> element of type CORInfoType

   In some cases, it is useful to describe a set of TNs with the help of
   the first few digits of the telephone number, also referred to as the
   telephone number prefix or a block.  A given TN prefix may include
   TNs with different length variance in support of open number plan.
   Once again, whether the registry supports the open number plan
   semantics is a matter of policy and it is beyond the scope of this
   document.  The TNPType data structure is used to provision a TN
   prefix.  Each TNPType object is uniquely identified by the
   combination of its value in the <tnPrefix> element, and the unique



Cartwright, et al.      Expires January 17, 2013               [Page 26]


Internet-Draft         draft-drinks-spp-framework              July 2012


   key of its parent Destination Group (dgName and rantId).  TNPType is
   defined as follows:


   <complexType name="TNPType">
    <complexContent>
     <extension base="sppfb:PubIdType">
      <sequence>
       <element name="tnPrefix" type="sppfb:NumberValType"/>
       <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   TNPType consists of the following attributes:

   o    tnPrefix: The telephone number prefix

   o    corInfo: Optional <corInfo> element of type CORInfoType.

   In some cases, a Public Identifier may be a URI, such as an email
   address.  The URIPubIdType object is comprised of the data element
   necessary to house such Public Identifiers.  Each URIPubIdType object
   is uniquely identified by the combination of its value in the <uri>
   element, and the unique key of its parent Destination Group (dgName
   and rantId).  URIPubIdType is defined as follows:


   <complexType name="URIPubIdType">
    <complexContent>
     <extension base="sppfb:PubIdType">
      <sequence>
       <element name="uri" type="anyURI"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   URIPubIdType consists of the following attributes:

   o    uri: The value that acts a Public Identifier.

   o    ext: Point of extensibility.






Cartwright, et al.      Expires January 17, 2013               [Page 27]


Internet-Draft         draft-drinks-spp-framework              July 2012


6.3.  SED Group

   As described in the introductory sections, a SED Group represents a
   combined grouping of Destination Groups containing a set of Public
   Identifiers with common Session Establishment Data(SED), The common
   Session Establishment Data Records, and the list of peer
   organizations that have access to these public identifiers using the
   associated SED information.  It is this indirect linking of public
   identifiers to their Session Establishment Data that significantly
   improves the scalability and manageability of the peering data.
   Additions and changes to SED information are reduced to a single
   operation on a SED Group or SED Record , rather than millions of data
   updates to individual public identifier records that individually
   contain their peering data.  The transport protocol MUST support the
   ability to Create, Modify, Get, and Delete SED Groups (refer the
   "Framework Operations" section of this document for a generic
   description of various operations).

   A SED Group object MUST be uniquely identified by attributes as
   defined in the description of "ObjKeyType" in the section "Generic
   Object Key Type" of this document.

   The SedGrpType object structure is defined as follows:




























Cartwright, et al.      Expires January 17, 2013               [Page 28]


Internet-Draft         draft-drinks-spp-framework              July 2012


   <complexType name="SedGrpType">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="sedGrpName" type="sppfb:ObjNameType"/>
       <element name="sedRecRef" type="sppfb:SedRecRefType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="dgName" type="sppfb:ObjNameType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="peeringOrg" type="sppfb:OrgIdType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="sourceIdent" type="sppfb:SourceIdentType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="isInSvc" type="boolean"/>
       <element name="priority" type="unsignedShort"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <complexType name="SedRecRefType">
    <sequence>
     <element name="sedKey" type="sppfb:ObjKeyType"/>
     <element name="priority" type="unsignedShort"/>
     <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
    </sequence>
   </complexType>

   The SedGrpType object is composed of the following elements:

   o    base: All first class objects extend BasicObjType that contains
        the ID of the registrant organization that owns this object, the
        date and time that the object was created by the server, and the
        date and time that the object was last modified.  If the client
        passes in either the created date or the modification date, the
        server will ignore them.  The server sets these two date/time
        values.

   o    sedGrpName: The character string that contains the name of the
        SED Group.  It uniquely identifies this object within the
        context of the registrant ID (a child element of the base
        element as described above).

   o    sedRecRef: Set of zero or more objects of type SedRecRefType
        that house the unique keys of the SED Records (containing the
        session establishment data) that the SedGrpType object refers to
        and their relative priority within the context of this SED



Cartwright, et al.      Expires January 17, 2013               [Page 29]


Internet-Draft         draft-drinks-spp-framework              July 2012


        Group.

   o    dgName: Set of zero or more names of DestGrpType object
        instances.  Each dgName name, in association with this SED
        Group's registrant ID, uniquely identifies a DestGrpType object
        instance whose public identifiers are reachable using the
        session establishment information housed in this SED Group.  An
        intended side affect of this is that a SED Group cannot provide
        session establishment information for a Destination Group
        belonging to another registrant.

   o    peeringOrg: Set of zero or more peering organization IDs that
        have accepted an offer to receive this SED Group's information.
        The set of peering organizations in this list is not directly
        settable or modifiable using the addSedGrpsRqst operation.  This
        set is instead controlled using the SED offer and accept
        operations.

   o    sourceIdent: Set of zero or more SourceIdentType object
        instances.  These objects, described further below, house the
        source identification schemes and identifiers that are applied
        at resolution time as part of source based routing algorithms
        for the SED Group.

   o    isInSvc: A boolean element that defines whether this SED Group
        is in service.  The session establishment information contained
        in a SED Group that is in service is a candidate for inclusion
        in resolution responses for public identities residing in the
        Destination Group associated with this SED Group.  The session
        establishment information contained in a SED Group that is not
        in service is not a candidate for inclusion in resolution
        responses.

   o    priority: Zero or one priority value that can be used to provide
        a relative value weighting of one SED Group over another.  The
        manner in which this value is used, perhaps in conjunction with
        other factors, is a matter of policy.

   o    ext: Point of extensibility described in a previous section of
        this document.

   As described above, the SED Group contains a set of references to SED
   record objects.  A SED record object is based on an abstract type:
   SedRecType.  The concrete types that use SedRecType as an extension
   base are NAPTRType, NSType, and URIType.  The definitions of these
   types are included the SED Record section of this document.

   The SedGrpType object provides support for source-based routing via



Cartwright, et al.      Expires January 17, 2013               [Page 30]


Internet-Draft         draft-drinks-spp-framework              July 2012


   the peeringOrg data element and more granular source base routing via
   the source identity element.  The source identity element provides
   the ability to specify zero or more of the following in association
   with a given SED Group: a regular expression that is matched against
   the resolution client IP address, a regular expression that is
   matched against the root domain name(s), and/or a regular expression
   that is matched against the calling party URI(s).  The result will be
   that, after identifying the visible SED Groups whose associated
   Destination Group(s) contain the lookup key being queried and whose
   peeringOrg list contains the querying organizations organization ID,
   the resolution server will evaluate the characteristics of the Source
   URI, and Source IP address, and root domain of the lookup key being
   queried.  The resolution server then compares these criteria against
   the source identity criteria associated with the SED Groups.  The
   session establishment information contained in SED Groups that have
   source based routing criteria will only be included in the resolution
   response if one or more of the criteria matches the source criteria
   from the resolution request.  The Source Identity data element is of
   type SourceIdentType, whose structure is defined as follows:


   <complexType name="SourceIdentType">
    <sequence>
     <element name="sourceIdentRegex" type="sppfb:RegexType"/>
     <element name="sourceIdentScheme"
              type="sppfb:SourceIdentSchemeType"/>
     <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
    </sequence>
   </complexType>

   <simpleType name="SourceIdentSchemeType">
    <restriction base="token">
     <enumeration value="uri"/>
     <enumeration value="ip"/>
     <enumeration value="rootDomain"/>
    </restriction>
   </simpleType>

   The SourceIdentType object is composed of the following data
   elements:

   o    sourceIdentScheme: The source identification scheme that this
        source identification criteria applies to and that the
        associated sourceIdentRegex should be matched against.

   o    sourceIdentRegex: The regular expression that should be used to
        test for a match against the portion of the resolution request
        that is dictated by the associated sourceIdentScheme.



Cartwright, et al.      Expires January 17, 2013               [Page 31]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    ext: Point of extensibility described in a previous section of
        this document.

6.4.  SED Record

   As described in the introductory sections, a SED Group represents a
   combined grouping of SED Records that define session establishment
   information.  However, SED Records need not be created to just serve
   a single SED Group.  SED Records can be created and managed to serve
   multiple SED Groups.  As a result, a change for example to the
   properties of a network node used for multiple routes, would
   necessitate just a single update operation to change the properties
   of that node.  The change would then be reflected in all the SED
   Groups whose SED record set contains a reference to that node.  The
   transport protocol MUST support the ability to Create, Modify, Get,
   and Delete SED Records (refer the "Framework Operations" section of
   this document for a generic description of various operations).

   A SED Record object MUST be uniquely identified by attributes as
   defined in the description of "ObjKeyType" in the section "Generic
   Object Key Type" of this document.

   The SedRecType object structure is defined as follows:


   <complexType name="SedRecType" abstract="true">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="sedName" type="sppfb:ObjNameType"/>
       <element name="sedFunction" type="sppfb:SedFunctionType"
                minOccurs="0"/>
       <element name="isInSvc" type="boolean"/>
       <element name="ttl" type="positiveInteger" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <simpleType name="SedFunctionType">
    <restriction base="token">
     <enumeration value="routing"/>
     <enumeration value="lookup"/>
    </restriction>
   </simpleType>

   The SedRecType object is composed of the following elements:




Cartwright, et al.      Expires January 17, 2013               [Page 32]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    base: All first class objects extend BasicObjType that contains
        the ID of the registrant organization that owns this object, the
        date and time that the object was created by the server, and the
        date and time that the object was last modified.  If the client
        passes in either the created date or the modification date, the
        server will ignore them.  The server sets these two date/time
        values.

   o    sedName: The character string that contains the name of the SED
        Record.  It uniquely identifies this object within the context
        of the registrant ID (a child element of the base element as
        described above).

   o    sedFunction: As described in [RFC6461], SED or Session
        Establishment Data falls primarily into one of two categories or
        functions, LUF and LRF.  To remove any ambiguity as to the
        function a SED record is intended to provide, this optional
        element allows the provisioning party to make his or her
        intentions explicit.

   o    isInSvc: A boolean element that defines whether this SED Record
        is in service or not.  The session establishment information
        contained in a SED Record which is in service is a candidate for
        inclusion in resolution responses for Telephone Numbers that are
        either directly associated to this SED Record, or for Public
        Identities residing in a Destination Group that is associated to
        a SED Group which in turn has an association to this SED Record.

   o    ttl: Number of seconds that an addressing server may cache a
        particular SED Record.

   As described above, SED records are based on an abstract type:
   SedRecType.  The concrete types that use SedRecType as an extension
   base are NAPTRType, NSType, and URIType.  The definitions of these
   types are included below.  The NAPTRType object is comprised of the
   data elements necessary for a NAPTR that contains routing information
   for a SED Group.  The NSType object is comprised of the data elements
   necessary for a DNS name server that points to another DNS server
   that contains the desired routing information.  The NSType is
   relevant only when the resolution protocol is ENUM.  The URIType
   object is comprised of the data elements necessary to house a URI.

   The data provisioned in a registry can be leveraged for many purposes
   and queried using various protocols including SIP, ENUM and others.
   As such, the resolution data represented by the SedRecords must be in
   a form suitable for transport using one of these protocols.  In the
   NPATRType for example, if the URI is associated with a destination
   group, the user part of the replacement string <uri> that may require



Cartwright, et al.      Expires January 17, 2013               [Page 33]


Internet-Draft         draft-drinks-spp-framework              July 2012


   the Public Identifier cannot be preset.  As a SIP Redirect, the
   resolution server will apply <ere> pattern on the input Public
   Identifier in the query and process the replacement string by
   substituting any back reference(s) in the <uri> to arrive at the
   final URI that is returned in the SIP Contact header.  For an ENUM
   query, the resolution server will simply return the values of the
   <ere> and <uri> members of the URI.


   <complexType name="NAPTRType">
    <complexContent>
     <extension base="sppfb:SedRecType">
      <sequence>
       <element name="order" type="unsignedShort"/>
       <element name="flags" type="sppfb:FlagsType" minOccurs="0"/>
       <element name="svcs" type="sppfb:SvcType"/>
       <element name="regx" type="sppfb:RegexParamType" minOccurs="0"/>
       <element name="repl" type="sppfb:ReplType" minOccurs="0"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <complexType name="NSType">
    <complexContent>
     <extension base="sppfb:SedRecType">
      <sequence>
       <element name="hostName" type="token"/>
       <element name="ipAddr" type="sppfb:IPAddrType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <complexType name="IPAddrType">
    <sequence>
     <element name="addr" type="sppfb:AddrStringType"/>
     <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
    </sequence>
    <attribute name="type" type="sppfb:IPType" default="v4"/>
   </complexType>

   <simpleType name="IPType">
    <restriction base="token">
     <enumeration value="IPv4"/>



Cartwright, et al.      Expires January 17, 2013               [Page 34]


Internet-Draft         draft-drinks-spp-framework              July 2012


     <enumeration value="IPv6"/>
    </restriction>
   </simpleType>

   <complexType name="URIType">
    <complexContent>
     <extension base="sppfb:SedRecType">
      <sequence>
       <element name="ere" type="token" default="^(.*)$"/>
       <element name="uri" type="anyURI"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <simpleType name="flagsType">
    <restriction base="token">
     <length value="1"/>
     <pattern value="[A-Z]|[a-z]|[0-9]"/>
    </restriction>
   </simpleType>


   The NAPTRType object is composed of the following elements:

   o    order: Order value in an ENUM NAPTR, relative to other NAPTRType
        objects in the same SED Group.

   o    svcs: ENUM service(s) that are served by the SBE.  This field's
        value must be of the form specified in [RFC6116] (e.g., E2U+
        pstn:sip+sip).  The allowable values are a matter of policy and
        not limited by this protocol.

   o    regx: NAPTR's regular expression field.  If this is not included
        then the Repl field must be included.

   o    repl: NAPTR replacement field, should only be provided if the
        Regex field is not provided, otherwise the server will ignore it

   o    ext: Point of extensibility described in a previous section of
        this document.

   The NSType object is composed of the following elements:

   o    hostName: Fully qualified host name of the name server.





Cartwright, et al.      Expires January 17, 2013               [Page 35]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    ipAddr: Zero or more objects of type IpAddrType.  Each object
        holds an IP Address and the IP Address type, IPv4 or IP v6.

   o    ext: Point of extensibility described in a previous section of
        this document.

   The URIType object is composed of the following elements:

   o    ere: The POSIX Extended Regular Expression (ere) as defined in
        [RFC3986].

   o    uri: the URI as defined in [RFC3986].  In some cases, this will
        serve as the replacement string and it will be left to the
        resolution server to arrive at the final usable URI.

6.5.  SED Group Offer

   The list of peer organizations whose resolution responses can include
   the session establishment information contained in a given SED Group
   is controlled by the organization to which a SED Group object belongs
   (its registrant), and the peer organization that submits resolution
   requests (a data recipient, also know as a peering organization).
   The registrant offers access to a SED Group by submitting a SED Group
   Offer.  The data recipient can then accept or reject that offer.  Not
   until access to a SED Group has been offered and accepted will the
   data recipient's organization ID be included in the peeringOrg list
   in a SED Group object, and that SED Group's peering information
   become a candidate for inclusion in the responses to the resolution
   requests submitted by that data recipient.  The transport protocol
   MUST support the ability to Create, Modify, Get, Delete, Accept and
   Reject SED Group Offers (refer the "Framework Operations" section of
   this document for a generic description of various operations).

   A SED Group Offer object MUST be uniquely identified by attributes as
   defined in the description of "SedGrpOfferKeyType" in the section
   "Derived Object Key Types" of this document.

   The SedGrpOfferType object structure is defined as follows:













Cartwright, et al.      Expires January 17, 2013               [Page 36]


Internet-Draft         draft-drinks-spp-framework              July 2012


   <complexType name="SedGrpOfferType">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="sedGrpOfferKey" type="sppfb:SedGrpOfferKeyType"/>
       <element name="status" type="sppfb:SedGrpOfferStatusType"/>
       <element name="offerDateTime" type="dateTime"/>
       <element name="acceptDateTime" type="dateTime" minOccurs="0"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   <complexType name="SedGrpOfferKeyType" abstract="true">
    <annotation>
     <documentation>
     -- Generic type that represents the key for a SED group offer. Must
        be defined in concrete form in the transport specificaiton. --
     </documentation>
    </annotation>
   </complexType>

   <simpleType name="SedGrpOfferStatusType">
    <restriction base="token">
     <enumeration value="offered"/>
     <enumeration value="accepted"/>
    </restriction>
   </simpleType>

   The SedGrpOfferType object is composed of the following elements:

   o    base: All first class objects extend BasicObjType that contains
        the ID of the registrant organization that owns this object, the
        date and time that the object was created by the server, and the
        date and time that the object was last modified.  If the client
        passed in either the created date or the modification date, the
        will ignore them.  The server sets these two date/time values.

   o    sedGrpOfferKey: The object that identifies the SED that is or
        has been offered and the organization that it is or has been
        offered to.

   o    status: The status of the offer, offered or accepted.  The
        server controls the status.  It is automatically set to
        "offered" when ever a new SED Group Offer is added, and is
        automatically set to "accepted" if and when that offer is
        accepted.  The value of the element is ignored when passed in by



Cartwright, et al.      Expires January 17, 2013               [Page 37]


Internet-Draft         draft-drinks-spp-framework              July 2012


        the client.

   o    offerDateTime: Date and time in UTC when the SED Group Offer was
        added.

   o    acceptDateTime: Date and time in UTC when the SED Group Offer
        was accepted.

6.6.  Egress Route

   In a high-availability environment, the originating SSP likely has
   more than one egress paths to the ingress SBE of the target SSP.  If
   the originating SSP wants to exercise greater control and choose a
   specific egress SBE to be associated to the target ingress SBE, it
   can do so using the EgrRteType object.

   A Egress Route object MUST be uniquely identified by attributes as
   defined in the description of "ObjKeyType" in the section "Generic
   Object Key Type" of this document.

   Lets assume that the target SSP has offered as part of his session
   establishment data, to share one or more ingress routes and that the
   originating SSP has accepted the offer.  In order to add the egress
   route to the registry, the originating SSP uses a valid regular
   expression to rewrite ingress route in order to include the egress
   SBE information.  Also, more than one egress route can be associated
   with a given ingress route in support of fault-tolerant
   configurations.  The supporting SPPF structure provides a way to
   include route precedence information to help manage traffic to more
   than one outbound egress SBE.

   The transport protocol MUST support the ability to Add, Modify, Get,
   and Delete Egress Routes (refer the "Framework Operations" section of
   this document for a generic description of various operations).  The
   EgrRteType object structure is defined as follows:
















Cartwright, et al.      Expires January 17, 2013               [Page 38]


Internet-Draft         draft-drinks-spp-framework              July 2012


   <complexType name="EgrRteType">
    <complexContent>
     <extension base="sppfb:BasicObjType">
      <sequence>
       <element name="egrRteName" type="sppfb:ObjNameType"/>
       <element name="pref" type="unsignedShort"/>
       <element name="regxRewriteRule" type="sppfb:RegexParamType"/>
       <element name="ingrSedGrp" type="sppfb:ObjKeyType"
                minOccurs="0" maxOccurs="unbounded"/>
       <element name="svcs" type="sppfb:SvcType" minOccurs="0"/>
       <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
      </sequence>
     </extension>
    </complexContent>
   </complexType>

   The EgrRteType object is composed of the following elements:

   o    base: All first class objects extend BasicObjType that contains
        the ID of the registrant organization that owns this object, the
        date and time that the object was created by the server, and the
        date and time that the object was last modified.  If the client
        passes in either the created date or the modification date, the
        server will ignore them.  The server sets these two date/time
        values.

   o    egrRteName: The name of the egress route.

   o    pref: The preference of this egress route relative to other
        egress routes that may get selected when responding to a
        resolution request.

   o    regxRewriteRule: The regular expression re-write rule that
        should be applied to the regular expression of the ingress
        NAPTR(s) that belong to the ingress route.

   o    ingrSedGrp: The ingress SED group that the egress route should
        be used for.

   o    svcs: ENUM service(s) that are served by an Egress Route.  This
        element is used to identify the ingress NAPTRs associated with
        the SED Group to which an Egress Route's regxRewriteRule should
        be applied.  If no ENUM service(s) are associated with an Egress
        Route, then the Egress Route's regxRewriteRule should be applied
        to all the NAPTRs associated with the SED Group.  This field's
        value must be of the form specified in [RFC6116] (e.g., E2U+
        pstn:sip+sip).  The allowable values are a matter of policy and
        not limited by this protocol.



Cartwright, et al.      Expires January 17, 2013               [Page 39]


Internet-Draft         draft-drinks-spp-framework              July 2012


   o    ext: Point of extensibility described in a previous section of
        this document.

















































Cartwright, et al.      Expires January 17, 2013               [Page 40]


Internet-Draft         draft-drinks-spp-framework              July 2012


7.  Framework Operations

7.1.  Add Operation

   Any conforming "protocol" specification MUST provide a definition for
   the operation that adds one or more SPPF objects into the registry.
   If the object, as identified by the request attributes that form part
   of the object's key, does not exist, then the registry MUST create
   the object.  If the object does exist, then the registry MUST replace
   the current properties of the object with the properties passed in as
   part of the Add operation.

   If the entity that issued the command is not authorized to perform
   this operation an appropriate error message MUST be returned from
   amongst the response messages defined in "Response Message Types"
   section of the document.

7.2.  Delete Operation

   Any conforming "protocol" specification MUST provide a definition for
   the operation that deletes one or more SPPF objects from the registry
   using the object's key.

   If the entity that issued the command is not authorized to perform
   this operation an appropriate error message MUST be returned from
   amongst the response messages defined in "Response Message Types"
   section of the document.

   When an object is deleted, any references to that object must of
   course also be removed as the SPPF server implementation fulfills the
   deletion request.  Furthermore, the deletion of a composite object
   must also result in the deletion of the objects it contains.  As a
   result, the following rules apply to the deletion of SPPF object
   types:

   o    Destination Groups: When a destination group is deleted all
        public identifiers within that destination group must also be
        automatically deleted by the SPPF implementation as part of
        fulfilling the deletion request.  And any references between
        that destination group and any SED group must be automatically
        removed by the SPPF implementation as part of fulfilling the
        deletion request.

   o    SED Groups: When a SED group is deleted any references between
        that SED group and any destination group must be automatically
        removed by the SPPF implementation as part of fulfilling the
        deletion request.  Similarly any references between that SED
        group and any SED records must be removed by the SPPF



Cartwright, et al.      Expires January 17, 2013               [Page 41]


Internet-Draft         draft-drinks-spp-framework              July 2012


        implementation as part of fulfilling the deletion request.
        Furthermore, SED group offers relating that SED group must also
        be deleted as part of fulfilling the deletion request.

   o    SED Records: When a SED record is deleted any references between
        that SED record and any SED group must be removed by the SPPF
        implementation as part of fulfilling the deletion request.

   o    Public Identifiers: When a public identifier is deleted any
        references between that public identifier and its containing
        destination group must be removed by the SPPF implementation as
        part of fulfilling the deletion request.  Any SED records
        contained directly within that Public Identifier must be deleted
        by the SPPF implementation as part of fulfilling the deletion
        request.

7.3.  Get Operations

   At times, on behalf of the registrant, the registrar may need to have
   access to SPPF objects that were previously provisioned in the
   registry.  A few examples include logging, auditing, and pre-
   provisioning dependency checking.  This query mechanism is limited to
   aid provisioning scenarios and should not be confused with query
   protocols provided as part of the resolution system (e.g.  ENUM and
   SIP).  Any conforming "protocol" specification MUST provide a
   definition for the operation that queries the details of one or more
   SPPF objects from the registry using the object's key.  If the entity
   that issued the command is not authorized to perform this operation
   an appropriate error message MUST be returned from amongst the
   response messages defined in "Response Message Types" section of the
   document.

7.4.  Accept Operations

   In SPPF, a SED Group Offer can be accepted or rejected by, or on
   behalf of, the registrant to whom the SED Group has been offered
   (refer "Framework Data Model Objects" section of this document for a
   description of the SED Group Offer object).  The Accept operation is
   used to accept the SED Group Offers.  Any conforming "protocol"
   specification MUST provide a definition for the operation to accept
   SED Group Offers by, or on behalf of the Registrant, using the SED
   Group Offer object key.

   Not until access to a SED Group has been offered and accepted will
   the registrant's organization ID be included in the peeringOrg list
   in that SED Group object, and that SED Group's peering information
   become a candidate for inclusion in the responses to the resolution
   requests submitted by that registrant.  A SED Group Offer that is in



Cartwright, et al.      Expires January 17, 2013               [Page 42]


Internet-Draft         draft-drinks-spp-framework              July 2012


   the "offered" status is accepted by, or on behalf of, the registrant
   to which it has been offered.  When the SED Group Offer is accepted
   the the SED Group Offer is moved to the "accepted" status and adds
   that data recipient's organization ID into the list of peerOrgIds for
   that SED Group.

   If the entity that issued the command is not authorized to perform
   this operation an appropriate error message MUST be returned from
   amongst the response messages defined in "Response Message Types"
   section of the document.

7.5.  Reject Operations

   In SPPF, a SED Group Offer object can be accepted or rejected by, or
   on behalf of, the registrant to whom the SED Group has been offered
   (refer "Framework Data Model Objects" section of this document for a
   description of the SED Group Offer object).  Furthermore, that offer
   may be rejected, regardless of whether or not it has been previously
   accepted.  The Reject operation is used to reject the SED Group
   Offers.  When the SED Group Offer is rejected that SED Group Offer is
   deleted, and, if appropriate, the data recipient's organization ID is
   removed from the list of peeringOrg IDs for that SED Group.  Any
   conforming "protocol" specification MUST provide a definition for the
   operation to reject SED Group Offers by, or on behalf of the
   Registrant, using the SED Group Offer object key.

   If the entity that issued the command is not authorized to perform
   this operation an appropriate error message MUST be returned from
   amongst the response messages defined in "Response Message Types"
   section of the document.

7.6.  Get Server Details Operation

   In SPPF, Get Server Details operation can be used to request certain
   details about the SPPF server that include the SPPF server's current
   status, the major/minor version of the SPPF protocol supported by the
   SPPF server.

   Any conforming "protocol" specification MUST provide a definition for
   the operation to request such details from the SPPF server.  If the
   entity that issued the command is not authorized to perform this
   operation an appropriate error message MUST be returned from amongst
   the response messages defined in "Response Message Types" section of
   the document.







Cartwright, et al.      Expires January 17, 2013               [Page 43]


Internet-Draft         draft-drinks-spp-framework              July 2012


8.  XML Considerations

   XML serves as the encoding format for SPPF, allowing complex
   hierarchical data to be expressed in a text format that can be read,
   saved, and manipulated with both traditional text tools and tools
   specific to XML.

   XML is case sensitive.  Unless stated otherwise, XML specifications
   and examples provided in this document MUST be interpreted in the
   character case presented to develop a conforming implementation.

   This section discusses a small number of XML-related considerations
   pertaining to SPPF.

8.1.  Namespaces

   All SPPF elements are defined in the namespaces in the IANA
   Considerations section and in the Formal Framework Specification
   section of this document.

8.2.  Versioning and Character Encoding

   All XML instances SHOULD begin with an <?xml?> declaration to
   identify the version of XML that is being used, optionally identify
   use of the character encoding used, and optionally provide a hint to
   an XML parser that an external schema file is needed to validate the
   XML instance.

   Conformant XML parsers recognize both UTF-8 (defined in [RFC3629])
   and UTF-16 (defined in [RFC2781]); per [RFC2277] UTF-8 is the
   RECOMMENDED character encoding for use with SPPF.

   Character encodings other than UTF-8 and UTF-16 are allowed by XML.
   UTF-8 is the default encoding assumed by XML in the absence of an
   "encoding" attribute or a byte order mark (BOM); thus, the "encoding"
   attribute in the XML declaration is OPTIONAL if UTF-8 encoding is
   used.  SPPF clients and servers MUST accept a UTF-8 BOM if present,
   though emitting a UTF-8 BOM is NOT RECOMMENDED.

   Example XML declarations:

   <?xml version="1.0" encoding="UTF-8" standalone="no"?>









Cartwright, et al.      Expires January 17, 2013               [Page 44]


Internet-Draft         draft-drinks-spp-framework              July 2012


9.  Security Considerations

   Many SPPF implementations manage data that is considered confidential
   and critical.  Furthermore, SPPF implementations can support
   provisioning activities for multiple registrars and registrants.  As
   a result any SPPF implementation must address the requirements for
   confidentiality, authentication, and authorization.

9.1.  Confidentiality and Authentication

   With respect to confidentiality and authentication, the transport
   protocol requirements section of this document contains security
   properties that the transport protocol must provide so that
   authenticated endpoints can exchange data confidentially and with
   integrity protection.  Refer to that section and the resulting
   transport protocol specification document for the specific solutions
   to authentication and confidentiality.

9.2.  Authorization

   With respect to authorization, the SPPF server implementation must
   define and implement a set of authorization rules that precisely
   address (1) which registrars will be authorized to create/modify/
   delete each SPPF object type for given registrant(s) and (2) which
   registrars will be authorized to view/get each SPPF object type for
   given registrant(s).  These authorization rules are a matter of
   policy and are not specified within the context of SPPF.  However,
   any SPPF implementation must specify these authorization rules in
   order to function in a reliable and safe manner.

9.3.  Denial of Service

   Guidance on Denial-of-Service (DoS) issues in general is given in
   [RFC4732], "Internet Denial of Service Considerations", which also
   gives a general vocabulary for describing the DoS issue.

   SPPF is a high-level client-server protocol that can be implemented
   on lower-level mechanisms such as remote procedure call and web-
   service API protocols.  As such, it inherits any Denial-of-Service
   issues inherent to the specific lower-level mechanism used for any
   implementation of SPPF.  SPPF also has its own set of higher-level
   exposures that are likely to be independent of lower-layer mechanism
   choices.

9.3.1.  DoS Issues Inherited from Transport Mechanism

   SPPF implementation is in general dependent on the selection and
   implementation of a lower-level transport protocol and a binding



Cartwright, et al.      Expires January 17, 2013               [Page 45]


Internet-Draft         draft-drinks-spp-framework              July 2012


   between that protocol and SPPF.  The archetypal SPPF implementation
   uses XML (http://www.w3.org/TR/xml/) representation in a SOAP
   (http://www.w3.org/TR/soap/) request/response framework over HTTP
   ([RFC2616]), and probably also uses TLS ([RFC5246]) for on-the wire
   data integrity and participant authentication, and might use HTTP
   Digest authentication ([RFC2609]).

   The typical deployment scenario for SPPF is to have servers in a
   managed facility, and therefor techniques such as Network Ingress
   Filtering ([RFC2609]) are generally applicable.  In short, any DoS
   mechanism affecting a typical HTTP implementation would affect such
   an SPPF implementation, and the mitigation tools for HTTP in general
   also therefore apply to SPPF.

   SPPF does not directly specify an authentication mechanism, instead
   relying on the lower-level transport protocol to provide for
   authentication.  In general, authentication is an expensive
   operation, and one apparent attack vector is to flood an SPPF server
   with repeated requests for authentication, thereby exhausting its
   resources.  SPPF implementations SHOULD therefore be prepared to
   handle authentication floods, perhaps by noting repeated failed login
   requests from a given source address and blocking that source
   address.

9.3.2.  DoS Issues Specific to SPPF

   The primary defense mechanism against DoS within SPPF is
   authentication.  Implementations MUST tightly control access to the
   SPPF service, SHOULD implement DoS and other policy control
   screening, and MAY employ a variety of policy violation reporting and
   response measures such as automatic blocking of specific users and
   alerting of operations personnel.  In short, the primary SPPF
   response to DoS-like activity by a user is to block that user or
   subject their actions to additional review.

   SPPF allows a client to submit multiple-element or "batch" requests
   that may insert or otherwise affect a large amount of data with a
   single request.  In the simplest case, the server progresses
   sequentially through each element in a batch, completing one and
   before starting the next.  Mid-batch failures are handled by stopping
   the batch and rolling-back the data store to its pre-request state.
   This "stop and roll-back" design provides a DoS opportunity.  A
   hostile client could repeatedly issue large batch requests with one
   or more failing elements, causing the server to repeatedly stop and
   roll-back large transactions.  The suggested response is to monitor
   clients for such failures, and take administrative action (such as
   blocking the user) when an excessive number of roll-backs is
   reported.



Cartwright, et al.      Expires January 17, 2013               [Page 46]


Internet-Draft         draft-drinks-spp-framework              July 2012


   An additional suggested response is for an implementer to set their
   maximum allowable XML message size, and their maximum allowable batch
   size at a level that they feel protects their operational instance,
   given the hardware sizing they have in place and the expected load
   and size needs that their users expect.

9.4.  Information Disclosure

   It is not uncommon for the logging systems to document on-the-wire
   messages for various purposes, such as, debug, audit, and tracking.
   At the minimum, the various support and administration staff will
   have access to these logs.  Also, if an unprivileged user gains
   access to the SPPF deployments and/or support systems, it will have
   access to the information that is potentially deemed confidential.
   To manage information disclosure concerns beyond the transport level,
   SPPF implementations MAY provide support for encryption at the SPPF
   object level.

9.5.  Non Repudiation

   In some situations, it may be required to protect against denial of
   involvement (see [RFC4949]) and tackle non-repudiation concerns in
   regards to SPPF messages.  This type of protection is useful to
   satisfy authenticity concerns related to SPPF messages beyond the
   end-to-end connection integrity, confidentiality, and authentication
   protection that the transport layer provides.  This is an optional
   feature and some SPPF implementations MAY provide support for it.

9.6.  Replay Attacks

   Anti-replay protection ensures that a given SPPF object replayed at a
   later time doesn't affect the integrity of the system.  SPPF provides
   at least one mechanism to fight against replay attacks.  Use of the
   optional client transaction identifier allows the SPPF client to
   correlate the request message with the response and to be sure that
   it is not a replay of a server response from earlier exchanges.  Use
   of unique values for the client transaction identifier is highly
   encouraged to avoid chance matches to a potential replay message.

9.7.  Man in the Middle

   The SPPF client or registrar can be a separate entity acting on
   behalf of the registrant in facilitating provisioning transactions to
   the registry.  Further, the transport layer provides end-to-end
   connection protection between SPPF client and the SPPF server.
   Therefore, man-in-the-middle attack is a possibility that may affect
   the integrity of the data that belongs to the registrant and/or
   expose peer data to unintended actors in case well-established



Cartwright, et al.      Expires January 17, 2013               [Page 47]


Internet-Draft         draft-drinks-spp-framework              July 2012


   peering relationships already exist.


















































Cartwright, et al.      Expires January 17, 2013               [Page 48]


Internet-Draft         draft-drinks-spp-framework              July 2012


10.  Internationalization Considerations

   Character encodings to be used for SPPF elements are described in
   Section 8.2.  The use of time elements in the protocol is specified
   in Section 3.2.  Where human-readable languages are used in the
   protocol, those messages SHOULD be tagged according to [RFC5646], and
   the transport protocol MUST support a respective mechanism to
   transmit such tags together with those human-readable messages.  If
   tags are absent, the language of the message defaults to "en"
   (English).









































Cartwright, et al.      Expires January 17, 2013               [Page 49]


Internet-Draft         draft-drinks-spp-framework              July 2012


11.  IANA Considerations

   This document uses URNs to describe XML namespaces and XML schemas
   conforming to a registry mechanism described in [RFC3688].

   Two URI assignments are requested.

   Registration request for the SPPF XML namespace:
   urn:ietf:params:xml:ns:sppf:base:1
   Registrant Contact: IESG
   XML: None.  Namespace URIs do not represent an XML specification.

   Registration request for the XML schema:
   URI: urn:ietf:params:xml:schema:sppf:1
   Registrant Contact: IESG
   XML: See the "Formal Specification" section of this document
   (Section 12).

   IANA is requested to create a new SPPF registry for Organization
   Identifiers that will indicate valid strings to be used for well-
   known enterprise namespaces.
   This document makes the following assignments for the OrgIdType
   namespaces:


         Namespace                    OrgIdType namespace string
         ----                         ----------------------------
         IANA Enterprise Numbers       iana-en























Cartwright, et al.      Expires January 17, 2013               [Page 50]


Internet-Draft         draft-drinks-spp-framework              July 2012


12.  Formal Specification

   This section provides the draft XML Schema Definition for SPPF
   Protocol.


   <?xml version="1.0" encoding="UTF-8"?>
   <schema xmlns:sppfb="urn:ietf:params:xml:ns:sppf:base:1"
   xmlns="http://www.w3.org/2001/XMLSchema"
   targetNamespace="urn:ietf:params:xml:ns:sppf:base:1"
   elementFormDefault="qualified" xml:lang="EN">
    <annotation>
     <documentation>
      ---- Generic Object key types to be defined by specific
           Transport/Architecture.  The types defined here can
           be extended by the specific architecture to
           define the Object Identifiers ----
     </documentation>
    </annotation>
    <complexType name="ObjKeyType"
     abstract="true">
     <annotation>
      <documentation>
       ---- Generic type that represents the
            key for various objects in SPPF. ----
      </documentation>
     </annotation>
    </complexType>

    <complexType name="SedGrpOfferKeyType" abstract="true">
     <complexContent>
      <extension base="sppfb:ObjKeyType">
       <annotation>
        <documentation>
        ---- Generic type that represents
             the key for a SED group offer. ----
        </documentation>
       </annotation>
      </extension>
     </complexContent>
    </complexType>

    <complexType name="PubIdKeyType" abstract="true">
     <complexContent>
      <extension base="sppfb:ObjKeyType">
       <annotation>
        <documentation>
         ----Generic type that



Cartwright, et al.      Expires January 17, 2013               [Page 51]


Internet-Draft         draft-drinks-spp-framework              July 2012


         represents the key
         for a Pub Id. ----
        </documentation>
       </annotation>
      </extension>
     </complexContent>
    </complexType>

    <annotation>
     <documentation>
       ---- Object Type Definitions ----
     </documentation>
    </annotation>

    <complexType name="SedGrpType">
     <complexContent>
      <extension base="sppfb:BasicObjType">
       <sequence>
        <element name="sedGrpName" type="sppfb:ObjNameType"/>
        <element name="sedRecRef" type="sppfb:SedRecRefType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="dgName" type="sppfb:ObjNameType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="peeringOrg" type="sppfb:OrgIdType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="sourceIdent" type="sppfb:SourceIdentType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="isInSvc" type="boolean"/>
        <element name="priority" type="unsignedShort"/>
        <element name="ext"
        type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="DestGrpType">
     <complexContent>
      <extension base="sppfb:BasicObjType">
       <sequence>
        <element name="dgName"
        type="sppfb:ObjNameType"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="PubIdType" abstract="true">
     <complexContent>
      <extension base="sppfb:BasicObjType">



Cartwright, et al.      Expires January 17, 2013               [Page 52]


Internet-Draft         draft-drinks-spp-framework              July 2012


       <sequence>
        <element name="dgName" type="sppfb:ObjNameType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="TNType">
     <complexContent>
      <extension base="sppfb:PubIdType">
       <sequence>
        <element name="tn" type="sppfb:NumberValType"/>
        <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
        <element name="sedRecRef" type="sppfb:SedRecRefType"
                 minOccurs="0" maxOccurs="unbounded"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="TNRType">
     <complexContent>
      <extension base="sppfb:PubIdType">
       <sequence>
        <element name="range" type="sppfb:NumberRangeType"/>
        <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="TNPType">
     <complexContent>
      <extension base="sppfb:PubIdType">
       <sequence>
        <element name="tnPrefix" type="sppfb:NumberValType"/>
        <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="RNType">
     <complexContent>
      <extension base="sppfb:PubIdType">
       <sequence>
        <element name="rn" type="sppfb:NumberValType"/>
        <element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>



Cartwright, et al.      Expires January 17, 2013               [Page 53]


Internet-Draft         draft-drinks-spp-framework              July 2012


     <complexType name="URIPubIdType">
     <complexContent>
      <extension base="sppfb:PubIdType">
       <sequence>
        <element name="uri" type="anyURI"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="SedRecType" abstract="true">
     <complexContent>
      <extension base="sppfb:BasicObjType">
       <sequence>
        <element name="sedName" type="sppfb:ObjNameType"/>
        <element name="sedFunction" type="sppfb:SedFunctionType"
                 minOccurs="0"/>
        <element name="isInSvc" type="boolean"/>
        <element name="ttl" type="positiveInteger" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="NAPTRType">
     <complexContent>
      <extension base="sppfb:SedRecType">
       <sequence>
        <element name="order" type="unsignedShort"/>
        <element name="flags" type="sppfb:FlagsType" minOccurs="0"/>
        <element name="svcs" type="sppfb:SvcType"/>
        <element name="regx" type="sppfb:RegexParamType" minOccurs="0"/>
        <element name="repl" type="sppfb:ReplType" minOccurs="0"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="NSType">
     <complexContent>
      <extension base="sppfb:SedRecType">
       <sequence>
        <element name="hostName" type="token"/>
        <element name="ipAddr" type="sppfb:IPAddrType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>



Cartwright, et al.      Expires January 17, 2013               [Page 54]


Internet-Draft         draft-drinks-spp-framework              July 2012


    </complexType>
    <complexType name="URIType">
     <complexContent>
      <extension base="sppfb:SedRecType">
       <sequence>
        <element name="ere" type="token" default="^(.*)$"/>
        <element name="uri" type="anyURI"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="SedGrpOfferType">
     <complexContent>
      <extension base="sppfb:BasicObjType">
       <sequence>
        <element name="sedGrpOfferKey" type="sppfb:SedGrpOfferKeyType"/>
        <element name="status" type="sppfb:SedGrpOfferStatusType"/>
        <element name="offerDateTime" type="dateTime"/>
        <element name="acceptDateTime" type="dateTime" minOccurs="0"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <complexType name="EgrRteType">
     <complexContent>
      <extension base="sppfb:BasicObjType">
       <sequence>
        <element name="egrRteName" type="sppfb:ObjNameType"/>
        <element name="pref" type="unsignedShort"/>
        <element name="regxRewriteRule" type="sppfb:RegexParamType"/>
        <element name="ingrSedGrp" type="sppfb:ObjKeyType"
                 minOccurs="0" maxOccurs="unbounded"/>
        <element name="svcs" type="sppfb:SvcType" minOccurs="0"/>
        <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
       </sequence>
      </extension>
     </complexContent>
    </complexType>
    <annotation>
     <documentation>
      ---- Abstract Object and Element Type Definitions ----
     </documentation>
    </annotation>
    <complexType name="BasicObjType" abstract="true">
     <sequence>
      <element name="rant" type="sppfb:OrgIdType"/>



Cartwright, et al.      Expires January 17, 2013               [Page 55]


Internet-Draft         draft-drinks-spp-framework              July 2012


      <element name="rar" type="sppfb:OrgIdType"/>
      <element name="cDate" type="dateTime" minOccurs="0"/>
      <element name="mDate" type="dateTime" minOccurs="0"/>
      <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
     </sequence>
    </complexType>
    <complexType name="RegexParamType">
     <sequence>
      <element name="ere" type="sppfb:RegexType" default="^(.*)$"/>
      <element name="repl" type="sppfb:ReplType"/>
     </sequence>
    </complexType>
    <complexType name="IPAddrType">
     <sequence>
      <element name="addr" type="sppfb:AddrStringType"/>
      <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
     </sequence>
     <attribute name="type" type="sppfb:IPType" default="v4"/>
    </complexType>
    <complexType name="SedRecRefType">
     <sequence>
      <element name="sedKey" type="sppfb:ObjKeyType"/>
      <element name="priority" type="unsignedShort"/>
      <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
     </sequence>
    </complexType>
    <complexType name="SourceIdentType">
     <sequence>
      <element name="sourceIdentRegex" type="sppfb:RegexType"/>
      <element name="sourceIdentScheme"
               type="sppfb:SourceIdentSchemeType"/>
      <element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
     </sequence>
    </complexType>
    <complexType name="CORInfoType">
     <sequence>
      <element name="corClaim" type="boolean" default="true"/>
      <element name="cor" type="boolean" default="false" minOccurs="0"/>
      <element name="corDate" type="dateTime" minOccurs="0"/>
     </sequence>
    </complexType>
    <complexType name="SvcMenuType">
     <sequence>
      <element name="serverStatus" type="sppfb:ServerStatusType"/>
      <element name="majMinVersion" type="token" maxOccurs="unbounded"/>
      <element name="objURI" type="anyURI" maxOccurs="unbounded"/>
      <element name="extURI" type="anyURI"
               minOccurs="0" maxOccurs="unbounded"/>



Cartwright, et al.      Expires January 17, 2013               [Page 56]


Internet-Draft         draft-drinks-spp-framework              July 2012


     </sequence>
    </complexType>
    <complexType name="ExtAnyType">
     <sequence>
      <any namespace="##other" maxOccurs="unbounded"/>
     </sequence>
    </complexType>
    <simpleType name="FlagsType">
     <restriction base="token">
      <length value="1"/>
      <pattern value="[A-Z]|[a-z]|[0-9]"/>
     </restriction>
    </simpleType>
    <simpleType name="SvcType">
     <restriction base="token">
      <minLength value="1"/>
     </restriction>
    </simpleType>
    <simpleType name="RegexType">
     <restriction base="token">
      <minLength value="1"/>
     </restriction>
    </simpleType>
    <simpleType name="ReplType">
     <restriction base="token">
      <minLength value="1"/>
      <maxLength value="255"/>
     </restriction>
    </simpleType>
    <simpleType name="OrgIdType">
     <restriction base="token"/>
    </simpleType>
    <simpleType name="ObjNameType">
     <restriction base="token">
      <minLength value="3"/>
      <maxLength value="80"/>
     </restriction>
    </simpleType>
    <simpleType name="TransIdType">
     <restriction base="token">
      <minLength value="3"/>
      <maxLength value="120"/>
     </restriction>
    </simpleType>
    <simpleType name="MinorVerType">
     <restriction base="unsignedLong"/>
    </simpleType>
    <simpleType name="AddrStringType">



Cartwright, et al.      Expires January 17, 2013               [Page 57]


Internet-Draft         draft-drinks-spp-framework              July 2012


     <restriction base="token">
      <minLength value="3"/>
      <maxLength value="45"/>
     </restriction>
    </simpleType>
    <simpleType name="IPType">
     <restriction base="token">
      <enumeration value="v4"/>
      <enumeration value="v6"/>
     </restriction>
    </simpleType>
    <simpleType name="SourceIdentSchemeType">
     <restriction base="token">
      <enumeration value="uri"/>
      <enumeration value="ip"/>
      <enumeration value="rootDomain"/>
     </restriction>
    </simpleType>
    <simpleType name="ServerStatusType">
     <restriction base="token">
      <enumeration value="inService"/>
      <enumeration value="outOfService"/>
     </restriction>
    </simpleType>
    <simpleType name="SedGrpOfferStatusType">
     <restriction base="token">
      <enumeration value="offered"/>
      <enumeration value="accepted"/>
     </restriction>
    </simpleType>
    <simpleType name="NumberValType">
     <restriction base="token">
      <maxLength value="20"/>
      <pattern value="\+?\d\d*"/>
     </restriction>
    </simpleType>
    <simpleType name="NumberTypeEnum">
     <restriction base="token">
      <enumeration value="TN"/>
      <enumeration value="TNPrefix"/>
      <enumeration value="RN"/>
     </restriction>
    </simpleType>
    <simpleType name="SedFunctionType">
     <restriction base="token">
      <enumeration value="routing"/>
      <enumeration value="lookup"/>
     </restriction>



Cartwright, et al.      Expires January 17, 2013               [Page 58]


Internet-Draft         draft-drinks-spp-framework              July 2012


    </simpleType>
    <complexType name="NumberType">
     <sequence>
      <element name="value" type="sppfb:NumberValType"/>
      <element name="type" type="sppfb:NumberTypeEnum"/>
     </sequence>
    </complexType>
    <complexType name="NumberRangeType">
     <sequence>
      <element name="startRange" type="sppfb:NumberValType"/>
      <element name="endRange" type="sppfb:NumberValType"/>
     </sequence>
    </complexType>
   </schema>





































Cartwright, et al.      Expires January 17, 2013               [Page 59]


Internet-Draft         draft-drinks-spp-framework              July 2012


13.  Acknowledgments

   This document is a result of various discussions held in the DRINKS
   working group and within the DRINKS protocol design team, with
   contributions from the following individuals, in alphabetical order:
   Alexander Mayrhofer, David Schwartz, Deborah A Guyton, Lisa
   Dusseault, Manjul Maharishi, Mickael Marrache, Otmar Lendl, Richard
   Shockey, Samuel Melloul, Sumanth Channabasappa, Syed Ali, and Vikas
   Bhatia .










































Cartwright, et al.      Expires January 17, 2013               [Page 60]


Internet-Draft         draft-drinks-spp-framework              July 2012


14.  References

14.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2277]  Alvestrand, H., "IETF Policy on Character Sets and
              Languages", BCP 18, RFC 2277, January 1998.

   [RFC3629]  Yergeau, F., "UTF-8, a transformation format of ISO
              10646", STD 63, RFC 3629, November 2003.

   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
              January 2004.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, January 2005.

   [RFC4949]  Shirey, R., "Internet Security Glossary, Version 2",
              RFC 4949, August 2007.

   [RFC5067]  Lind, S. and P. Pfautz, "Infrastructure ENUM
              Requirements", RFC 5067, November 2007.

14.2.  Informative References

   [RFC2609]  Guttman, E., Perkins, C., and J. Kempf, "Service Templates
              and Service: Schemes", RFC 2609, June 1999.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

   [RFC2781]  Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO
              10646", RFC 2781, February 2000.

   [RFC3261]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
              A., Peterson, J., Sparks, R., Handley, M., and E.
              Schooler, "SIP: Session Initiation Protocol", RFC 3261,
              June 2002.

   [RFC4725]  Mayrhofer, A. and B. Hoeneisen, "ENUM Validation
              Architecture", RFC 4725, November 2006.

   [RFC4732]  Handley, M., Rescorla, E., and IAB, "Internet Denial-of-
              Service Considerations", RFC 4732, December 2006.



Cartwright, et al.      Expires January 17, 2013               [Page 61]


Internet-Draft         draft-drinks-spp-framework              July 2012


   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.2", RFC 5246, August 2008.

   [RFC5321]  Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
              October 2008.

   [RFC5486]  Malas, D. and D. Meyer, "Session Peering for Multimedia
              Interconnect (SPEERMINT) Terminology", RFC 5486,
              March 2009.

   [RFC5646]  Phillips, A. and M. Davis, "Tags for Identifying
              Languages", BCP 47, RFC 5646, September 2009.

   [RFC6116]  Bradner, S., Conroy, L., and K. Fujiwara, "The E.164 to
              Uniform Resource Identifiers (URI) Dynamic Delegation
              Discovery System (DDDS) Application (ENUM)", RFC 6116,
              March 2011.

   [RFC6461]  Channabasappa, S., "Data for Reachability of Inter-/
              Intra-NetworK SIP (DRINKS) Use Cases and Protocol
              Requirements", RFC 6461, January 2012.






























Cartwright, et al.      Expires January 17, 2013               [Page 62]


Internet-Draft         draft-drinks-spp-framework              July 2012


Authors' Addresses

   Kenneth Cartwright
   TNS
   1939 Roland Clarke Place
   Reston, VA  20191
   USA

   Email: kcartwright@tnsi.com


   Vikas Bhatia
   TNS
   1939 Roland Clarke Place
   Reston, VA  20191
   USA

   Email: vbhatia@tnsi.com


   Syed Wasim Ali
   NeuStar
   46000 Center Oak Plaza
   Sterling, VA  20166
   USA

   Email: syed.ali@neustar.biz


   David Schwartz
   XConnect
   316 Regents Park Road
   London,   N3 2XJ
   United Kingdom

   Email: dschwartz@xconnect.net















Cartwright, et al.      Expires January 17, 2013               [Page 63]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/