draft-ietf-geopriv-l7-lcp-ps-01.txt   draft-ietf-geopriv-l7-lcp-ps-02.txt 
Network Working Group H. Tschofenig Network Working Group H. Tschofenig
Internet-Draft Nokia Siemens Networks Internet-Draft Nokia Siemens Networks
Intended status: Informational H. Schulzrinne Intended status: Informational H. Schulzrinne
Expires: October 8, 2007 Columbia U. Expires: October 30, 2007 Columbia U.
April 6, 2007 April 28, 2007
GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and
Requirements Requirements
draft-ietf-geopriv-l7-lcp-ps-01.txt draft-ietf-geopriv-l7-lcp-ps-02.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on October 8, 2007. This Internet-Draft will expire on October 30, 2007.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
This document provides a problem statement, lists requirements and This document provides a problem statement, lists requirements and
captures discussions for a GEOPRIV Layer 7 Location Configuration captures design aspects for a Geopriv Layer 7 Location Configuration
Protocol (LCP). This protocol aims to allow an end host to obtain Protocol L7 (LCP). This protocol aims to allow an end host to obtain
location information, by value or by reference, from a Location location information, by value or by reference, from a Location
Server (LS) that is located in the access network. The obtained Configuration Server (LCS) that is located in the access network.
location information can then be used for a variety of different The obtained location information can then be used for a variety of
protocols and purposes. For example, it can be used as input to the different protocols and purposes. For example, it can be used as
Location-to-Service Translation Protocol (LoST) or to convey location input to the Location-to-Service Translation Protocol (LoST) or to
within SIP to other entities. convey location within SIP to other entities.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1. Fixed Wired Environment . . . . . . . . . . . . . . . . . 5 3.1. Fixed Wired Environment . . . . . . . . . . . . . . . . . 5
3.2. Moving Network . . . . . . . . . . . . . . . . . . . . . . 7 3.2. Moving Network . . . . . . . . . . . . . . . . . . . . . . 7
3.3. Wireless Access . . . . . . . . . . . . . . . . . . . . . 9 3.3. Wireless Access . . . . . . . . . . . . . . . . . . . . . 9
4. Discovery of the Location Information Server . . . . . . . . . 11 4. Discovery of the Location Configuration Server . . . . . . . . 11
5. Identifier for Location Determination . . . . . . . . . . . . 13 5. Identifier for Location Determination . . . . . . . . . . . . 13
6. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 17 6. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 16
7. Security Considerations . . . . . . . . . . . . . . . . . . . 19 7. Security Considerations . . . . . . . . . . . . . . . . . . . 18
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 21 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 20
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 22 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 21
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 22
11.1. Normative References . . . . . . . . . . . . . . . . . . . 23 11.1. Normative References . . . . . . . . . . . . . . . . . . . 22
11.2. Informative References . . . . . . . . . . . . . . . . . . 23 11.2. Informative References . . . . . . . . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 25 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 24
Intellectual Property and Copyright Statements . . . . . . . . . . 26 Intellectual Property and Copyright Statements . . . . . . . . . . 25
1. Introduction 1. Introduction
This document provides a problem statement, lists requirements and This document provides a problem statement, lists requirements and
captures discussions for a GEOPRIV Layer 7 Location Configuration captures design aspects for a Geopriv Layer 7 Location Configuration
Protocol (LCP). The protocol has two purposes: Protocol L7 (LCP). The protocol has two purposes:
o It is used to obtain location information from a special node, o It is used to obtain location information (referred as "Location
called the Location Server (LS). by Value" or LbyV) from a dedicated node, called the Location
Configuration Server (LCS).
o It enables the end host to obtain a reference to location o It enables the Target to obtain a reference to location
information. This reference can take the form of a subscription information (referred as "Location by Reference" or LbyR). This
URI, such as a SIP presence URI, an HTTP/HTTPS URI, or any others. reference can take the form of a subscription URI, such as a SIP
The requirements related to the task of obtaining such a reference presence URI, a HTTP/HTTPS URI, or another URI. The requirements
are described in a separate document, see [4]. related to the task of obtaining a LbyR are described in a
separate document, see [4].
The need for these two functions can be derived from the scenarios The need for these two functions can be derived from the scenarios
presented in Section 3. presented in Section 3.
For this document we assume that the GEOPRIV Layer 7 LCP runs between For this document we assume that the GEOPRIV Layer 7 LCP runs between
the end host (i.e., the Target in [1] terminology) acting as the LCP the end host (i.e., the Target in [1] terminology) acting as the LCP
client and the Location Server acting as an LCP server. client and the Location Configuration Server acting as an LCP server.
This document splits the problem space into separate parts and This document is structured as follows. Section 4 discusses the
discusses them in separate subsections. Section 4 discusses the challenge of discovering the LCS in the access network. Section 5
challenge of discovering the Location Information Server in the compares different types of identifiers that can be used to retrieve
access network. Section 5 compares different types of identifiers location information. A list of requirements for the L7 LCP can be
that can be used to retrieve location information. A list of found in Section 6.
requirements for the GEOPRIV Layer 7 Location Configuration Protocol
can be found in Section 6.
This document does not describe how the access network provider This document does not describe how the access network provider
determines the location of the end host since this is largely a determines the location of the end host since this is largely a
matter of the capabilities of specific link layer technologies. matter of the capabilities of specific link layer technologies or
certain deployment environments.
2. Terminology 2. Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED", In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are to be interpreted as described in RFC 2119 [2], and "OPTIONAL" are to be interpreted as described in RFC 2119 [2],
with the qualification that unless otherwise stated these words apply with the qualification that unless otherwise stated these words apply
to the design of the GEOPRIV Layer 7 Location Configuration Protocol. to the design of the GEOPRIV Layer 7 Location Configuration Protocol.
We also use terminology from [1] and [3]. The term Location Configuration Server (LCS) refers to an entity
capable of determining the location of the Target and of delivering
that location information, a reference to it, or bot) to the Target
via the L7 LCP.
This document also uses terminology from [1] and [3].
3. Scenarios 3. Scenarios
This section describes a few network scenarios where the GEOPRIV This section describes a few network scenarios where the L7 LCP may
Layer 7 Location Configuration Protocol may be used. Note that this be used. Note that this section does not aim to exhaustively list
section does not aim to list all possible deployment environments all possible deployment environments. Instead we focus on the
exhaustively. We focus on the description of the following following environments:
environments:
o DSL/Cable networks, WiMax-like fixed access o DSL/Cable networks, WiMax-like fixed access
o Airport, City, Campus Wireless Networks, such as 802.11a/b/g, o Airport, City, Campus Wireless Networks, such as 802.11a/b/g,
802.16e/Wimax 802.16e/Wimax
o 3G networks o 3G networks
o Enterprise networks o Enterprise networks
We illustrate a few examples below. We illustrate a few examples below.
3.1. Fixed Wired Environment 3.1. Fixed Wired Environment
The following figure shows a DSL network scenario with the Access Figure 1 shows a DSL network scenario with the Access Network
Network Provider and the customer premises. The Access Network Provider and the customer premises. The Access Network Provider
Provider operates link and network layer devices (represented as operates link and network layer devices (represented as Node) and the
Node) and the Location Server (LS). LCS.
+---------------------------+ +---------------------------+
| | | |
| Access Network Provider | | Access Network Provider |
| | | |
| +--------+ | | +--------+ |
| | Node | | | | Node | |
| +--------+ +----------+ | | +--------+ +----------+ |
| | | | LS | | | | | | LCS | |
| | +---| | | | | +---| | |
| | +----------+ | | | +----------+ |
| | | | | |
+-------+-------------------+ +-------+-------------------+
| Wired Network | Wired Network
<----------------> Access Network Provider demarc <----------------> Access Network Provider demarc
| |
+-------+-------------------+ +-------+-------------------+
| | | | | |
| +-------------+ | | +-------------+ |
skipping to change at page 7, line 18 skipping to change at page 7, line 18
the same box, or for there to be no home router, or for the NTE and the same box, or for there to be no home router, or for the NTE and
end host to be in the same physical box (with no home router). An end host to be in the same physical box (with no home router). An
example of this last case is where Ethernet service is delivered to example of this last case is where Ethernet service is delivered to
customers' homes, and the Ethernet NIC in their PC serves as the NTE. customers' homes, and the Ethernet NIC in their PC serves as the NTE.
Current Customer Premises Network (CPN) deployments frequently show Current Customer Premises Network (CPN) deployments frequently show
the following characteristics: the following characteristics:
1. CPE = Single PC 1. CPE = Single PC
1. with Ethernet NIC [PPPoE or DHCP on PC]; there may be a 1. with Ethernet NIC (PPPoE or DHCP on PC); there may be a
bridged DSL or cable modem as NTE, or the Ethernet NIC might bridged DSL or cable modem as NTE, or the Ethernet NIC might
be the NTE be the NTE
2. with USB DSL or cable modem [PPPoA, PPPoE, or DHCP on PC] 2. with USB DSL or cable modem [PPPoA, PPPoE, or DHCP on PC]
Note that the device with NAPT and DHCP of Figure 1 is not Note that the device with NAPT and DHCP of Figure 1 is not
present in such a scenario. present in such a scenario.
2. One or more hosts with at least one router [DHCP Client or PPPoE, 2. One or more hosts with at least one router (DHCP Client or PPPoE,
DHCP server in router; VoIP can be soft client on PC, stand-alone DHCP server in router; VoIP can be soft client on PC, stand-alone
VoIP device, or Analog Terminal Adaptor (ATA) function embedded VoIP device, or Analog Terminal Adaptor (ATA) function embedded
in router] in router)
1. combined router and NTE 1. combined router and NTE
2. separate router with NTE in bridged mode 2. separate router with NTE in bridged mode
3. separate router with NTE [NTE/router does PPPoE or DHCP to 3. separate router with NTE (NTE/router does PPPoE or DHCP to
WAN, router provides DHCP server for hosts in LAN; double NAT WAN, router provides DHCP server for hosts in LAN; double
NAT)
The majority of fixed access broadband customers use a router. The The majority of fixed access broadband customers use a router. The
placement of the VoIP client is mentioned to describe what sorts of placement of the VoIP client is mentioned to describe what sorts of
hosts may need to be able to request location information. Soft hosts may need to be able to request location information. Soft
clients on PCs are frequently not launched until long after bootstrap clients on PCs are frequently not launched until long after bootstrap
is complete, and are not able to control any options that may be is complete, and are not able to control any options that may be
specified during bootstrap. They also cannot control whether a VPN specified during bootstrap. They also cannot control whether a VPN
client is operating on the PC. client is running on the end host.
3.2. Moving Network 3.2. Moving Network
An example of a moving network is a "WIMAX-like fixed wireless" An example of a moving network is a "WIMAX-like fixed wireless"
scenario that is offered in several cities, like New Orleans, Biloxi, scenario that is offered in several cities, like New Orleans, Biloxi,
etc., where much of the communications infrastructure was destroyed etc., where much of the communications infrastructure was destroyed
due to a natural disaster. The customer-side antenna for this due to a natural disaster. The customer-side antenna for this
service is rather small (about the size of a mass market paperback service is rather small (about the size of a mass market paperback
book) and can be run off battery power. The output of this little book) and can be run off battery power. The output of this little
antenna is a RJ-45 Ethernet jack. A laptop can be plugged into this antenna is a RJ-45 Ethernet jack. A laptop can be plugged into this
skipping to change at page 8, line 23 skipping to change at page 8, line 24
the core network, and from there to the same BRASs that serve regular the core network, and from there to the same BRASs that serve regular
DSL customers. These Broadband Remote Access Servers (BRASs) DSL customers. These Broadband Remote Access Servers (BRASs)
terminate the PPPoE sessions, just like they do for regular DSL. terminate the PPPoE sessions, just like they do for regular DSL.
The laptop and SIP client are, in this case, unaware that they are The laptop and SIP client are, in this case, unaware that they are
"mobile". All they see is an Ethernet connection, and the IP address "mobile". All they see is an Ethernet connection, and the IP address
they get from PPPoE does not change over the coverage area. Only the they get from PPPoE does not change over the coverage area. Only the
user and the network are aware of the laptop's mobility. user and the network are aware of the laptop's mobility.
Further examples of moving networks can be found in busses, trains, Further examples of moving networks can be found in busses, trains,
airplanes. and airplanes.
Figure 2 shows an example topology for a moving network. Figure 2 shows an example topology for a moving network.
+--------------------------+ +--------------------------+
| Wireless | | Wireless |
| Access Network Provider | | Access Network Provider |
| | | |
| +----------+| | +----------+|
| +-------+ LS || | +-------+ LCS ||
| | | || | | | ||
| +---+----+ +----------+| | +---+----+ +----------+|
| | Node | | | | Node | |
| | | | | | | |
| +---+----+ | | +---+----+ |
| | | | | |
+------+-------------------+ +------+-------------------+
| Wireless Interface | Wireless Interface
| |
+------+-------------------+ +------+-------------------+
skipping to change at page 9, line 40 skipping to change at page 9, line 40
|| A | \+ B | | || A | \+ B | |
|+--------+ +--------+ | |+--------+ +--------+ |
+--------------------------+ +--------------------------+
Figure 2: Moving Network Figure 2: Moving Network
3.3. Wireless Access 3.3. Wireless Access
Figure 3 shows a wireless access network where a moving end host Figure 3 shows a wireless access network where a moving end host
obtains location information or references to location information obtains location information or references to location information
from the LS. The access equipment uses, in many cases, link layer from the LCS. The access equipment uses, in many cases, link layer
devices. This figure represents a hotspot network found in hotels, devices. Figure 3 represents a hotspot network found, for example,
airports, coffee shops. For editorial reasons we only describe a in hotels, airports, and coffee shops. For editorial reasons we only
single access point and do not depict how the LS obtains location describe a single access point and do not depict how the LCS obtains
information since this is very deployment specific. location information since this is very deployment specific.
+--------------------------+ +--------------------------+
| Access Network Provider | | Access Network Provider |
| | | |
| +----------+| | +----------+|
| +-------| LS || | +-------| LC ||
| | | || | | | ||
| +--------+ +----------+| | +--------+ +----------+|
| | Access | | | | Access | |
| | Point | | | | Point | |
| +--------+ | | +--------+ |
| | | | | |
+------+-------------------+ +------+-------------------+
| |
+------+ +------+
| End | | End |
| Host | | Host |
+------+ +------+
Figure 3: Wireless Access Scenario Figure 3: Wireless Access Scenario
4. Discovery of the Location Information Server 4. Discovery of the Location Configuration Server
When an end host wants to retrieve location information from the LS When a Target wants to retrieve location information from the LCS it
it first needs to discover it. Based on the problem statement of first needs to discover it. Based on the problem statement of
determining the location of the end host, which is known best by determining the location of the Target, which is known best by
entities close to the end host itself, we assume that the LS is entities close to the Target itself, we assume that the LCS is
located in the access network. Several procedures have been located in the access network. Several procedures have been
investigated that aim to discovery the LS in such an access network. investigated that aim to discovery the LCS in such an access network.
DHCP-based Discovery: DHCP-based Discovery:
In some environments the Dynamic Host Configuration Protocol might In some environments the Dynamic Host Configuration Protocol
be a good choice for discovering the FQDN or the IP address of the (DHCP) might be a good choice for discovering the FQDN or the IP
LS. In environments where DHCP can be used it is also possible to address of the LCS. In environments where DHCP can be used it is
use the already defined location extensions. In environments with also possible to use the already defined location extensions. In
legacy devices, such as the one shown in Section 3.1, a DHCP based environments with legacy devices, such as the one shown in
discovery solution is not possible. Section 3.1, a DHCP based discovery solution may not be possible.
DNS-based Discovery: DNS-based Discovery:
With this idea the end host obtains its public IP address (e.g., With this idea the end host obtains its public IP address (e.g.,
via STUN [5]) in order to obtain its domain name (via the usual via STUN [5]) in order to obtain its domain name (via the usual
reverse DNS lookup). Then, the SRV or NAPTR record for that reverse DNS lookup). Then, the SRV or NAPTR record for that
domain is retrieved. This relies on the user's public IP address domain is retrieved. This relies on the user's public IP address
having a DNS entry. having a DNS entry.
Redirect Rule: Redirect Rule:
A redirect rule at a device in the access network, for example at A redirect rule at a device in the access network, for example at
the AAA client, will be used to redirect the Geopriv-L7 signalling the AAA client, will be used to redirect the L7 LCP signalling
messages (destined to a specific port) to the LS. The end host messages (destined to a specific port) to the LCS. The end host
could then discover the LS by sending a packet to almost any could then discover the LCS by sending a packet to almost any
address (as long it is not in the local network). The packet address (as long it is not in the user's home network behind a
would be redirected to the respective LS being configured. The NAT). The packet would be redirected to the respective LCS being
same procedure is used by captive portals whereby any HTTP traffic configured. The same procedure is used by captive portals whereby
is intercepted and redirected. any HTTP traffic is intercepted and redirected.
Multicast Query: Multicast Query:
An end node could also discover a LS by sending a multicast An end node could also discover a LCS by sending a multicast
request to a well-known address. An example of such a mechanism request to a well-known address. An example of such a mechanism
is multicast DNS (see [6] and [7]). is multicast DNS (see [6] and [7]).
The LS discovery procedure raises deployment and security issues. The LCS discovery procedure raises deployment and security issues.
When an end host discovers a LS, When an end host discovers a LCS it must be ensured that
1. it does not talk to a man-in-the-middle adversary, and 1. it does not talk to a man-in-the-middle, and
2. it needs to ensure that the discovered entity is indeed an 2. that the discovered entity is indeed an authorized LCS.
authorized LS.
5. Identifier for Location Determination 5. Identifier for Location Determination
The LS returns location information to the end host when it receives The LCS returns location information to the end host when it receives
a request. Some form of identifier is therefore needed to allow the a request. Some form of identifier is therefore needed to allow the
LS to determine the current location of the target or a good LCS to retrieve the Target's current location (or a good
approximation of it. approximation of it) from a database.
The chosen identifier needs to have the following properties: The chosen identifier needs to have the following properties:
Ability for end host to learn or know the identifier: Ability for Target to learn or know the identifier:
The end host MUST know or MUST be able to learn the identifier The Target MUST know or MUST be able to learn the identifier
(explicitly or implicitly) in order to send it to the LS. (explicitly or implicitly) in order to send it to the LCS.
Implicitly refers to the situation where a device along the path Implicitly refers to the situation where a device along the path
between the end host and the LS modifies the identifier, as it is between the end host and the LCS modifies the identifier, as it is
done by a NAT when an IP address based identifier is used. done by a NAT when an IP address based identifier is used.
Ability to use the identifier for location determination: Ability to use the identifier for location determination:
The LS MUST be able to use the identifier (directly or indirectly) The LCS MUST be able to use the identifier (directly or
for location determination. Indirectly refers to the case where indirectly) for location determination. Indirectly refers to the
the LS uses other identifiers locally within the access network, case where the LCS uses other identifiers internally for location
in addition to the one provided by the end host, for location determination, in addition to the one provided by the Target.
determination.
Security properties of the identifier: Security properties of the identifier:
Misuse needs to be minimized whereby off-path adversary MUST NOT Misuse needs to be minimized whereby off-path adversary MUST NOT
be able to obtain location information of other hosts. A on-path be able to obtain location information of other Targets. A on-
adversary in the same subnet SHOULD NOT be able to spoof the path adversary in the same subnet SHOULD NOT be able to spoof the
identifier of another host in the same subnet. identifier of another Target in the same subnet.
The problem is further complicated by the requirement that the end
host should not be aware of the network topology and the LS must be
placed in such a way that it can determine location information with
the available information. As shown in Figure 1 the host behind the
NTE/NAPT-DHCP device is not visible to the access network and the LS
itself. In the DSL network environment some identifier used at the
NTE is observable for by the LS/access network.
The following list discusses frequently mentioned identifiers and The following list discusses frequently mentioned identifiers and
their properties: their properties:
Host MAC address: Host MAC Address:
The host MAC address is known to the end system, but not carried The Target's MAC address is known to the end host, but not carried
over an IP hop. over an IP hop and therefore not accessible to the LCS in most
deployment environments (unless carried in the L7 LCP itself).
ATM VCI/VPI: ATM VCI/VPI:
The VPI/VCI is generally only seen by the DSL modem. Almost all The VPI/VCI is generally only seen by the DSL modem. Almost all
routers in the US use 1 of 2 VPI/VCI value pairs: 0/35 and 8/35. routers in the US use 1 of 2 VPI/VCI value pairs: 0/35 and 8/35.
This VC is terminated at the DSLAM, which uses a different VPI/VCI This VC is terminated at the DSLAM, which uses a different VPI/VCI
(per end customer) to connect to the ATM switch. Only the network (per end customer) to connect to the ATM switch. Only the network
provider is able to map VPI/VCI values through its network. With provider is able to map VPI/VCI values through its network. With
the arrival of VDSL, ATM will slowly be phased out in favor of the arrival of VDSL, ATM will slowly be phased out in favor of
Ethernet. Ethernet.
Switch/Port Number: Switch/Port Number:
This identifier is available only in certain networks, such as This identifier is available only in certain networks, such as
enterprise networks, typically available via proprietary protocols enterprise networks, typically available via proprietary protocols
like CDP or, in the future, 802.1ab. like CDP or, in the future, 802.1ab.
Cell ID: Cell ID:
This identifier is available in cellular data networks and the This identifier is available in cellular data networks and the
cell ID might not be visible to the end host. cell ID may not be visible to the end host.
Authenticated User Identity:
In DSL networks the user credentials are, in many cases, only
known by the router and not to the end host. To the network, the
authenticated user identity is only available if a network access
authentication procedure is executed. In case of roaming it still
might not be available to the access network since security
protocols might provide user identity confidentiality and thereby
hide the real identity of the user allowing the access network to
only see a pseudonym or a randomized string.
Host Identifier: Host Identifier:
The Host Identifier introduced by the Host Identity Protocol [8] The Host Identifier introduced by the Host Identity Protocol [8]
allows identification of a particular host. Unfortunately, the allows identification of a particular host. Unfortunately, the
network can only use this identifier for location determination if network can only use this identifier for location determination if
the operator already stores an mapping of host identities to the operator already stores an mapping of host identities to
location information. Furthermore, there is a deployment problem location information. Furthermore, there is a deployment problem
since the host identities are not used in todays networks. since the host identities are not used in todays networks.
Cryptographically Generated Address (CGA): Cryptographically Generated Address (CGA):
The concept of a Cryptographically Generated Address (CGA) was The concept of a Cryptographically Generated Address (CGA) was
introduced by [9]. The basic idea is to put the truncated hash of introduced by [9]. The basic idea is to put the truncated hash of
a public key into the interface identifier part of an IPv6 a public key into the interface identifier part of an IPv6
address. In addition to the properties of an IP address it allows address. In addition to the properties of an IP address it allows
a proof of ownership. Hence, a return routability check can be a proof of ownership. Hence, a return routability check can be
omitted. omitted. It is only available for IPv6 addresses.
Network Access Identifiers: Network Access Identifiers:
A Network Access Identifier [10] is only used during the network A Network Access Identifier [10] is used during the network access
access authentication procedure in RADIUS [11] or Diameter [12]. authentication procedure, for example in RADIUS [11] and Diameter
Furthermore, in a roaming scenario it does not help the access [12]. In DSL networks the user credentials are, in many cases,
network to make meaningful decisions since the username part might only known by the home router and not configured at the Target
be a pseudonym and there is no relationship to the end host's itself. To the network, the authenticated user identity is only
location. available if a network access authentication procedure is
executed. In case of roaming the user's identity might not be
available to the access network since security protocols might
offer user identity confidentiality and thereby hiding the real
identity of the user allowing the access network to only see a
pseudonym or a randomized string.
Unique Client Identifier Unique Client Identifier
The DSL Forum has defined that all devices that expect to be The DSL Forum has defined that all devices that expect to be
managed by the TR-069 interface be able to generate an identifier managed by the TR-069 interface be able to generate an identifier
as described in DSL Forum TR-069v2 Section 3.4.4. It also has a as described in Section 3.4.4 of the TR-069v2 DSL Forum document.
requirement that routers that use DHCP to the WAN use RFC 4361 It also has a requirement that routers that use DHCP to the WAN
[13] to provide the DHCP server with a unique client identifier. use RFC 4361 [13] to provide the DHCP server with a unique client
This identifier is, however, not visible to the end host with the identifier. This identifier is, however, not visible to the
assumption of a legacy device like the NTE. If we assume that the Target when legacy NTE device are used.
LTE can be modified then a number of solutions come to mind
including DHCP based location delivery.
IP Address: IP Address:
The end host's IP address may be used for location determination. The Target's IP address may be used for location determination.
This IP address is not visible to the LS if the end host is behind This IP address is not visible to the LCS if the end host is
one or multipel NATs. This is, however, not a problem since the behind one or multiple NATs. This may not be a problem since the
location of a host that is located behind a NAT cannot be location of a host that is located behind a NAT cannot be
determined by the access network. The LS would in this case only determined by the access network. The LCS would in this case only
see the public IP address of the NAT binding allocated by the NAT, see the public IP address of the NAT binding allocated by the NAT,
which is the correct behavior. The property of the IP address for which is the expected behavior. The property of the IP address
a return routability check is attractive as well to return for a return routability check is attractive to return location
location information only to a device that transmitted the information only to the address that submitted the request. If an
request. The LS receives the request and provides location adversary wants to learn the location of a Target (as identified
information back to the same IP address. If an adversary wants to by a particular IP address) then it does not see the response
learn location information from an IP address other than its own message (unless he is on the subnetwork or at a router along the
IP address then it would not see the response message (unless he path towards the LCS).
is on the subnetwork or at a router along the path towards the LS)
since the LS would return the message to the address where it came
from.
On a shared medium an adversary could ask for location information On a shared medium an adversary could ask for location information
of another host using its IP address. The adversary would be able of another Target. The adversary would be able to see the
to see the response message since he is sniffing on the shared response message since it is sniffing on the shared medium unless
medium unless security mechanisms (such as link layer encryption) security mechanisms (such as link layer encryption) is in place.
is in place. With a network deployment as shown in Section 3.1 With a network deployment as shown in Section 3.1 with multiple
with multiple hosts in the Customer Premise being behind a NAT the hosts in the Customer Premise being behind a NAT the LCS is unable
LS is unable to differentiate the individual end points. For WLAN to differentiate the individual end points. For WLAN deployments
deployments as found in hotels, as shown in as shown in as found in hotels, as shown in Section 3.3, it is possible for an
Section 3.3, it is possible for an adversary to eavesdrop data adversary to eavesdrop data traffic and subsequently to spoof the
traffic and subsequently to spoof the IP address in a query to the IP address in a query to the LCS to learn more detailed location
LS to learn more detailed location information (e.g., specific information (e.g., specific room numbers). Such an attack might,
room numbers). Such an attack might, for example, compromise the for example, compromise the privacy of hotel guests.
privacy of hotel guests. Note that DHCP would suffer from the
same problem here unless each node uses link layer security
mechanism.
Return routability checks are useful only if the adversary does
not see the response message and if the goal is to delay state
establishment. If the adversary is in a broadcast network then a
return routability check alone is not sufficient to prevent the
above attack since the adversary will observe the response.
6. Requirements 6. Requirements
The following requirements and assumptions have been identified: The following requirements and assumptions have been identified:
Requirement L7-1: Identifier Choice Requirement L7-1: Identifier Choice
The LS MUST be presented with a unique identifier of its own The L7 LCP MUST be able to carry different identifiers or MUST
addressing realm associated directly or indirectly (i.e., linked define an identifier that is mandatory to implement. Regarding
through other identifiers) with the physical location of the end the latter aspect, such an identifier is only appropriate if it is
host. from the same realm as the one for which the location information
service maintains identifier to location mapping.
An identifier is only appropriate if it is from the same realm as
the one for which the location information service maintains
identifier to location mapping.
Requirement L7-2: Mobility Support Requirement L7-2: Mobility Support
The GEOPRIV Layer 7 Location Configuration Protocol MUST support a The L7 LCP MUST support a broad range of mobility from devices
broad range of mobility from devices that can only move between that can only move between reboots, to devices that can change
reboots, to devices that can change attachment points with the attachment points with the impact that their IP address is
impact that their IP address is changed, to devices that do not changed, to devices that do not change their IP address while
change their IP address while roaming, to devices that roaming, to devices that continuously move by being attached to
continuously move by being attached to the same network attachment the same network attachment point.
point.
Requirement L7-3: Layer 7 and Layer 2/3 Provider Relationship Requirement L7-3: Layer 7 and Layer 2/3 Provider Relationship
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST NOT assume a business or trust
MUST NOT assume a business or trust relationship between the relationship between the VSP and the ISP/ASP. Requirements for
provider of application layer (e.g., SIP, XMPP, H.323) provider resolving a reference to location information are not discussed in
and the access network provider operating the LS. this document.
Requirement L7-4: Layer 2 and Layer 3 Provider Relationship Requirement L7-4: Layer 2 and Layer 3 Provider Relationship
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST assume that there is a trust and
MUST assume that there is a trust and business relationship business relationship between the L2 and the L3 provider. The L3
between the L2 and the L3 provider. The L3 provider operates the provider operates the LCS and needs to obtain location information
LS and needs to obtain location information from the L2 provider from the L2 provider since this one is closest to the end host.
since this one is closest to the end host. If the L2 and L3 If the L2 and L3 provider for the same host are different
provider for the same host are different entities, they cooperate entities, they cooperate for the purposes needed to determine end
for the purposes needed to determine end system locations. system locations.
Requirement L7-5: Legacy Device Considerations Requirement L7-5: Legacy Device Considerations
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST consider legacy devices, such as
MUST consider legacy residential NAT devices and NTEs in an DSL residential NAT devices and NTEs in an DSL environment, that
environment that cannot be upgraded to support additional cannot be upgraded to support additional protocols, for example,
protocols, for example to pass additional information through to pass additional information towards the Target.
DHCP.
Requirement L7-6: VPN Awareness Requirement L7-6: VPN Awareness
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST assume that at least one end of a
MUST assume that at least one end of a VPN is aware of the VPN VPN is aware of the VPN functionality. In an enterprise scenario,
functionality. In an enterprise scenario, the enterprise side the enterprise side will provide the LCS used by the client and
will provide the LS used by the client and can thereby detect can thereby detect whether the LCS request was initiated through a
whether the LS request was initiated through a VPN tunnel. VPN tunnel.
Requirement L7-7: Network Access Authentication Requirement L7-7: Network Access Authentication
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST NOT assume prior network access
MUST NOT assume prior network access authentication. authentication.
Requirement L7-8: Network Topology Unawareness Requirement L7-8: Network Topology Unawareness
The design of the GEOPRIV Layer 7 Location Configuration Protocol The design of the L7 LCP MUST NOT assume end systems being aware
MUST NOT assume end systems being aware of the access network of the access network topology. End systems are, however, able to
topology. End systems are, however, able to determine their determine their public IP address(es) via mechanisms, such as STUN
public IP address(es) via mechanisms such as STUN [5] or NSIS [5] or NSIS NATFW NSLP [14] .
NATFW NSLP [14] .
Requirement L7-9: Discovery Mechanism Requirement L7-9: Discovery Mechanism
The GEOPRIV Layer 7 Location Configuration Protocol MUST provide a The L7 LCP MUST define a single mandatory-to-implement discovery
mandatory-to-implement discovery mechanism. mechanism.
7. Security Considerations 7. Security Considerations
This document addresses security aspect throughout the document. A discussion about security aspects can be found in another document.
[Editor's Note: The security related content was previously in this
document and will be published in a separate document soon.]
8. IANA Considerations 8. IANA Considerations
This document does not require actions by IANA. This document does not require actions by IANA.
9. Contributors 9. Contributors
This contribution is a joint effort of the GEOPRIV Layer 7 Location This contribution is a joint effort of the GEOPRIV Layer 7 Location
Configuration Requirements Design Team of the IETF GEOPRIV Working Configuration Requirements Design Team of the IETF GEOPRIV Working
Group. The contributors include Henning Schulzrinne, Barbara Stark, Group. The contributors include Henning Schulzrinne, Barbara Stark,
Marc Linsner, Andrew Newton, James Winterbottom, Martin Thomson, Marc Linsner, Andrew Newton, James Winterbottom, Martin Thomson,
Rohan Mahy, Brian Rosen, Jon Peterson and Hannes Tschofenig. Rohan Mahy, Brian Rosen, Jon Peterson and Hannes Tschofenig.
We would like to thank the GEOPRIV working group chairs, Andy Newton,
Randy Gellens and Allison Mankin, for creating the design team.
The design team members can be reached at: The design team members can be reached at:
Marc Linsner: mlinsner@cisco.com Marc Linsner: mlinsner@cisco.com
Rohan Mahy: rohan@ekabal.com Rohan Mahy: rohan@ekabal.com
Andrew Newton: andy@hxr.us Andrew Newton: andy@hxr.us
Jon Peterson: jon.peterson@neustar.biz Jon Peterson: jon.peterson@neustar.biz
skipping to change at page 23, line 31 skipping to change at page 22, line 31
[4] Marshall, R., "Requirements for a Location-by-Reference [4] Marshall, R., "Requirements for a Location-by-Reference
Mechanism used in Location Configuration and Conveyance", Mechanism used in Location Configuration and Conveyance",
draft-marshall-geopriv-lbyr-requirements-01 (work in progress), draft-marshall-geopriv-lbyr-requirements-01 (work in progress),
March 2007. March 2007.
[5] Rosenberg, J., Weinberger, J., Huitema, C., and R. Mahy, "STUN [5] Rosenberg, J., Weinberger, J., Huitema, C., and R. Mahy, "STUN
- Simple Traversal of User Datagram Protocol (UDP) Through - Simple Traversal of User Datagram Protocol (UDP) Through
Network Address Translators (NATs)", RFC 3489, March 2003. Network Address Translators (NATs)", RFC 3489, March 2003.
[6] Aboba, B., "Link-local Multicast Name Resolution (LLMNR)", [6] Aboba, B., Thaler, D., and L. Esibov, "Link-local Multicast
draft-ietf-dnsext-mdns-47 (work in progress), August 2006. Name Resolution (LLMNR)", RFC 4795, January 2007.
[7] Cheshire, S. and M. Krochmal, "Multicast DNS", [7] Cheshire, S. and M. Krochmal, "Multicast DNS",
draft-cheshire-dnsext-multicastdns-06 (work in progress), draft-cheshire-dnsext-multicastdns-06 (work in progress),
August 2006. August 2006.
[8] Moskowitz, R., "Host Identity Protocol", draft-ietf-hip-base-07 [8] Moskowitz, R., "Host Identity Protocol", draft-ietf-hip-base-07
(work in progress), February 2007. (work in progress), February 2007.
[9] Aura, T., "Cryptographically Generated Addresses (CGA)", [9] Aura, T., "Cryptographically Generated Addresses (CGA)",
RFC 3972, March 2005. RFC 3972, March 2005.
skipping to change at page 25, line 14 skipping to change at page 24, line 14
Authors' Addresses Authors' Addresses
Hannes Tschofenig Hannes Tschofenig
Nokia Siemens Networks Nokia Siemens Networks
Otto-Hahn-Ring 6 Otto-Hahn-Ring 6
Munich, Bavaria 81739 Munich, Bavaria 81739
Germany Germany
Phone: +49 89 636 40390 Phone: +49 89 636 40390
Email: Hannes.Tschofenig@siemens.com Email: Hannes.Tschofenig@nsn.com
URI: http://www.tschofenig.com URI: http://www.tschofenig.com
Henning Schulzrinne Henning Schulzrinne
Columbia University Columbia University
Department of Computer Science Department of Computer Science
450 Computer Science Building 450 Computer Science Building
New York, NY 10027 New York, NY 10027
US US
Phone: +1 212 939 7004 Phone: +1 212 939 7004
 End of changes. 64 change blocks. 
225 lines changed or deleted 201 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/