GEOPRIV                                                       M. Thomson
Internet-Draft                                           J. Winterbottom
Intended status: Standards Track                                  Andrew
Expires: June 20, August 8, 2009                                 February 4, 2009                                 December 17, 2008

        Discovering the Local Location Information Server (LIS)
                  draft-ietf-geopriv-lis-discovery-05
                  draft-ietf-geopriv-lis-discovery-06

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she

   This Internet-Draft is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, submitted to IETF in accordance full conformance with Section 6 the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on June 20, August 8, 2009.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Abstract

   A method is described for the discovery of a Location Information
   Server.  The method uses a Dynamic Host Configuration Protocol (DHCP)
   option.  DHCP options are defined for both IPv4 and IPv6 DHCP.  A
   URI-enabled NAPTR (U-NAPTR) method is described for use where the
   DHCP option is unsuccessful.  This document defines a U-NAPTR
   Application Service for a LIS, with a specific Application Protocol
   for the HTTP Enabled Location Delivery (HELD) protocol.

Table of Contents

   1.  Introduction and Overview  . . . . . . . . . . . . . . . . . .  3
     1.1.  DHCP Discovery . . . . . . . . . . . . . . . . . . . . . .  3
     1.2.  U-NAPTR Discovery  . . . . . . . . . . . . . . . . . . . .  3
     1.3.  Terminology  . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  LIS Discovery Using DHCP . . . . . . . . . . . . . . . . . . .  5
     2.1.  DHCPv4 Option for a LIS Authentication . . . . . . . Address  . . . . . . . . . . . . .  5
     2.2.  DHCPv4  DHCPv6 Option for a LIS Address  . . . . . . . . . . . . .  6  5
     2.3.  DHCPv6 Option for a  LIS Address Authentication . . . . . . . . . . . . . . . . . . . .  6
       2.3.1.  DHCPv4 Option for a LIS Certificate Fingerprints . . .  7
       2.3.2.  DHCPv6 Option for a LIS Certificate Fingerprints . . .  9
   3.  U-NAPTR for LIS Discovery  . . . . . . . . . . . . . . . . . .  9 10
     3.1.  Determining a Domain Name  . . . . . . . . . . . . . . . . 10 11
   4.  Overall Discovery Procedure  . . . . . . . . . . . . . . . . . 11 12
     4.1.  Virtual Private Networks (VPNs)  . . . . . . . . . . . . . 12 13
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . . 13 14
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 14 15
     6.1.  Registration of DHCPv4 and DHCPv6 LIS URI Option Codes . . 15
     6.2.  Registration of DHCPv4 and DHCPv6 LIS Certificate
           Fingerprints Option Codes  . . . . . . 14
     6.2. . . . . . . . . . . 15
     6.3.  Registration of a Location Server Application Service
           Tag  . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
     6.3. 15
     6.4.  Registration of a Location Server Application Protocol
           Tag for HELD . . . . . . . . . . . . . . . . . . . . . . . 14 15
   7.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16 17
   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 18
     8.1.  Normative References . . . . . . . . . . . . . . . . . . . 17 18
     8.2.  Informative References . . . . . . . . . . . . . . . . . . 17
   Appendix A.  DHCP LIS URI Option Examples  . . . . . . . . . . . . 19
     A.1.  LIS URI Only . . . . . . . . . . . . . . . . . . . . . . . 19
     A.2.  LIS URI with Fingerprint . . . . . . . . . . . . . . . . . 19 18
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 21
   Intellectual Property and Copyright Statements . . . . . . . . . . 22 20

1.  Introduction and Overview

   The location of a device is a useful and sometimes necessary part of
   many services.  A Location Information Server (LIS) is responsible
   for providing that location information to devices with an access
   network.  The LIS uses knowledge of the access network and its
   physical topology to generate and serve location information to
   devices.

   Each access network requires specific knowledge about topology.
   Therefore, it is important to discover the LIS that has the specific
   knowledge necessary to locate a device.  That is, the LIS that serves
   the current access network.  Automatic discovery is important where
   there is any chance of movement outside a single access network.
   Reliance on static configuration can lead to unexpected errors if a
   device moves between access networks.

   This document describes DHCP options and DNS records that a device
   can use to discover a LIS.

   The product of a discovery process, such as the one described in this
   document, is the address of the service.  In this document, the
   result is an http: or https: URI, which identifies a LIS.

   The URI result from the discovery process is suitable for location
   configuration only; that is, the client MUST dereference the URI
   using the process described in HELD
   [I-D.ietf-geopriv-http-location-delivery].  URIs discovered in this
   way are not "location by reference" URIs; dereferencing one of them
   provides the location of the requester only.  Clients MUST NOT embed
   these URIs in fields in other protocols designed to carry the
   location of the client.

1.1.  DHCP Discovery

   DHCP ([RFC2131], [RFC3315]) is a commonly used mechanism for
   providing bootstrap configuration information allowing a device to
   operate in a specific network environment.  The bulk of DHCP
   information is largely static; consisting of configuration
   information that does not change over the period that the device is
   attached to the network.  Physical location information might change
   over this time, however the address of the LIS does not.  Thus, DHCP
   is suitable for configuring a device with the address of a LIS.

1.2.  U-NAPTR Discovery

   Where DHCP is not available, the DNS might be able to provide a URI.
   This document describes a method that uses URI-enabled NAPTR
   (U-NAPTR) [RFC4848], a Dynamic Delegation Discovery Service (DDDS)
   profile that supports URI results.

   For the LIS discovery DDDS application, an Application Service tag
   "LIS" and an Application Protocol tag "HELD" are created and
   registered with the IANA.  Taking a domain name, this U-NAPTR
   application uses the two tags to determine the LIS URI.

   A domain name is the crucial input to the U-NAPTR resolution process.
   Section 3.1 of this document describes several methods for deriving
   an appropriate domain name.

1.3.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

   This document also uses the term "device" to refer to an end host, or
   client consistent with its use in HELD.  In HELD and RFC3693
   [RFC3693] parlance, the Device is also the Target.

   The terms "access network" refers to the network that a device
   connects to for Internet access.  The "access network provider" is
   the entity that operates the access network.  This is consistent with
   the definition in [I-D.ietf-geopriv-l7-lcp-ps] which combines the
   Internet Access Provider (IAP) and Internet Service Provider (ISP).
   The access network provider is responsible for allocating the device
   a public IP address and for directly or indirectly providing a LIS
   service.

2.  LIS Discovery Using DHCP

   DHCP allows the access network provider to specify the address of a
   LIS as part of network configuration.  If the device is able to
   acquire a LIS URI using DHCP then this URI is used directly; the
   U-NAPTR process is not necessary if this option is provided.

   This document registers DHCP options for a LIS address URI for both IPv4 and
   IPv6.  A second option for both DHCP versions is also registered to
   convey a fingerprint of the certificate expected to be used by the
   LIS.

2.1.  DHCPv4 Option for a LIS Authentication

   The Address

   This section defines a DHCP LIS URI for IPv4 (DHCPv4) option includes an optional authentication method for the address
   of a LIS.  If an https:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    LIS_URI    |    Length     |                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
   .                                                               .
   .                            LIS URI is provided for                            .
   .                                                               .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                  Figure 1: DHCPv4 LIS URI Option Example

   LIS_URI:  The IANA assigned option number (TBD).  [[IANA/RFC-Editor
      Note: Please replace TBD with the LIS, assigned DHCPv4 option code.]]

   Length:  The length of the entire LIS URI option
   can optionally include in octets.

   LIS URI:  The address of the LIS.  The URI MUST NOT be terminated by
      a fingerprint zero octet.

      The DHCPv4 version of this URI SHOULD NOT exceed 255 octets in
      length, but MAY be extended by concatenating multiple option
      values, as described in [RFC3396].

2.2.  DHCPv6 Option for a LIS Address

   This section defines a DHCP for IPv6 (DHCPv6) option for the server certificate. address
   of a LIS.  The
   device can use DHCPv6 option for this fingerprint parameter is similarly
   formatted to authenticate the server. DHCPv4 option.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |       OPTION_LIS_URI          |           Length              |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   .                                                               .
   .                            LIS URI                            .
   .                                                               .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                      Figure 2: DHCPv6 LIS URI Option

   OPTION_LIS_URI:  The IANA assigned option number (TBD).  [[IANA/
      RFC-Editor Note: Please replace TBD with the assigned DHCPv6
      option code.]]

   Length:  The length of the LIS URI option in octets.

      The semantics and format of the remainder of the LIS URI option
      are identical to the DHCPv4 option, except for the larger
      allowance for URI length granted by the 16 bit length field.
      DHCPv6 prohibits concatenation of option values.

2.3.  LIS Authentication

   HTTP over TLS [RFC2818] describes how a host can be is authenticated based
   on an expected domain name. name using public key infrastructure.  Relying
   exclusively on a domain name for authentication is not appropriate
   for a LIS, since the domain name associated with the access network
   might not be known.  Indeed, it is often innapropriate inappropriate to attempt to
   assign any particular domain name to an access network.

   This specification defines an alternative means of establishing an
   expected identity for the server that uses a certificate fingerprint.
   The DHCP option includes a fingerprint certificate fingerprint.
   One or more fingerprints for the server certificate
   that is offered used by the LIS when the associated URI is accessed.

   An access network operator is still able to nominate authentication
   based on a domain name.  If no fingerprint information
   is included,
   the device MUST authenticate the server using the method described included in
   Section 3.1 of RFC 2818 [RFC2818].  If a fingerprint exists, the
   domain name method MUST NOT be used.

   The certificate fingerprint can be ignored if the LIS URI doesn't
   indicate a protocol that supports exchange of certificates (such as
   http:). second DHCP option.  The LIS MUST be considered unauthenticated.

   Note:  Whether the device goes on to use client uses the fingerprint
   information provided by
      an unauthenticated LIS depends on device policy.  A device might
      choose to continue with alternative methods of discovery before
      falling back to an unauthenticated LIS.

   The mechanism the DHCP server to generate authenticate the LIS when
   it establishes a TLS session.

   A fingerprint is to take the generated by applying a cryptographic hash of function
   to the DER-encoded certificate using a cryptographically strong algorithm. certificate.  The hash algorithm used for
   generating the fingerprint is identified by a textual name taken from
   the IANA registry "Hash Function Textual Names" defined established in
   [RFC4572].  Implementations MUST support SHA-1 as the hash algorithm and use SHA-1 algorithm, using
   the label "sha-1" to identify the SHA-1
   algorithm.

   Multiple fingerprints "sha-1".

   The output of multiple hash functions MAY be included.  This provides
   a means to upgrade hash functions without affecting backward
   compatibility.  If a hash algorithm is indicated, but not supported
   by a device, it MUST choose use the first fingerprint that is produced by an
   algorithm that the device supports.  Other fingerprint values MAY be
   checked.  If any supported fingerprint does not match, the LIS MUST
   be considered unauthenticated.  If none of the specified hash
   algorithms are supported by the device, it MUST consider the LIS to
   be unauthenticated.

   A client SHOULD request the LIS certificate fingerprint option at the
   same time as the LIS URI option.  Without the LIS certificate
   fingerprint option a client cannot authenticate the LIS.

   The certificate fingerprint can be ignored if the first
   algorithm LIS URI doesn't
   indicate a protocol that it supports.  If any supported supports exchange of certificates (such as
   http:).  Unless the information used in the certificate fingerprint does not
   match,
   option is used, the LIS MUST be considered as unauthenticated.  If no hash
   algorithm

   Note:  Whether the device goes on to use the information provided by
      an unauthenticated LIS depends on device policy.  A device might
      choose to continue with alternative methods of discovery before
      falling back to an unauthenticated LIS.

   An access network operator is supported able to nominate authentication based
   on a domain name by omitting fingerprints.  If a zero-length
   fingerprint option is provided, the device, it device MUST consider authenticate the LIS to
   server using the method described in Section 3.1 of RFC 2818
   [RFC2818].  If a fingerprint exists, the domain name method MUST NOT
   be
   unauthenticated.

2.2. used.

2.3.1.  DHCPv4 Option for a LIS Address Certificate Fingerprints

   This section defines a DHCP for IPv4 (DHCPv4) option for the address
   of a LIS. LIS
   certificate fingerprints.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    LIS_URI  LIS_CERT_FP  |    Length     |   F-Code(1)   |   F-Length Hash-Type-Len |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+               | Hash-Type-Len
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+               |
   .                           Hash-Type                  ...                           .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                       Fingerprint-Value                     ...
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ F'print-Len   |    F-Code(0)                                               |                    URI                        .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   +-+-+-+-+-+-+-+-+                                               |                           URI (cont.)                       ...
   .                                                               .
   .                      Fingerprint-Value                        .
   .                                                               .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                  Figure 1: DHCPv4 LIS URI Option Example

   LIS_URI:  The IANA assigned option number (TBD).  [[IANA/RFC-Editor
      Note: Please replace TBD with the assigned DHCPv4 option code.]]

   Length:  The length of the entire LIS URI option in octets.

   F-Code:  A single octet indicates the type of data that follows:
      fingerprint or URI.  A value of 1 indicates that the following
      data includes a certificate fingerprint.  A value of 0 indicates
      that no more supplementary data is included and the URI follows.
      An "F-Code" with a value of 0 MUST be included.

      Values other than zero or one MAY be ignored.  Any other value
      MUST be specified in a standards track RFC that SHOULD establish
      an
   .      (Hash-Type-Len through Fingerprint-Value Repeated)       .
   .                             . . .                             .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

       Figure 3: DHCPv4 LIS Certificate Fingerprints Option Example

   LIS_CERT_FP:  The IANA registry.

   F-Length:  If the "F-Code" is non-zero, it MUST be followed by an
      octet that indicates assigned option number (TBD).  [[IANA/
      RFC-Editor Note: Please replace TBD with the length, in octets, assigned DHCPv4
      option code.]]

   Length:  The length of the data. entire LIS certificate fingerprints option
      in octets.  This
      value includes option MAY be zero length, indicating the sum absence
      of the lengths of: "Hash-Type-Len",
      "Hash-Type", and "Fingerprint-Value". fingerprint information.

   Hash-Type-Len:  The length, in octets, of the "Hash-Type" field.

   Hash-Type:  A text tag that identifies the hash algorithm used to
      generate the fingerprint.  The set of values are defined in the
      "Hash Function Textual Names" IANA registry [RFC4572].

   F'print-Len:  The length, in octets of the "Fingerprint-Value" field.

   Fingerprint-Value:  The octet values of the certificate fingerprint.
      The length of this field is defined by the hash algorithm and MUST
      match the remainder of the fingerprint data.  If this does not
      equal the value of "F-Length" less the length "Hash-Type-Len" and
      "Hash-Type", the fingerprint MUST be considered invalid.

      Note:
      An invalid fingerprint is not equivalent to no fingerprint.

   URI:  The address of the LIS.  The URI takes  If
      this value is not the remainder expected length of the
      DHCP option.  The URI hash function output,
      the fingerprint MUST NOT be NULL terminated. considered invalid.

      The DHCPv4 version of this URI SHOULD NOT exceed 225 octets in
      length, but four fields, "Hash-Type-Len", "Hash-Type", "F'print-Len" and
      "Fingerprint-Value" MAY be extended by concatenating multiple option
      values, as described in [RFC3396].

2.3. repeated.  Each repetition includes a
      different hash type, except for hashes that produce values longer
      than 2040 bits (255 octets), for which the "Fingerprint-Value" is
      concatenated to derive the value.

2.3.2.  DHCPv6 Option for a LIS Address Certificate Fingerprints

   This section defines a DHCP for IPv6 (DHCPv6) option for the address
   of a LIS. LIS
   certificate fingerprints.  The DHCPv6 option for this parameter is
   similarly formatted to the DHCPv4 option.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |       OPTION_LIS_URI     OPTION_LIS_CERT_FP        |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   F-Code(1)        Hash-Type-Len          |   F-Length                               | Hash-Type-Len
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
   .                           Hash-Type  ...                           .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                       Fingerprint-Value                     ...
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+         F'print-Len           |    F-Code(0)                               |                    URI
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
   .                                                               .
   .                      Fingerprint-Value                        .
   .                                                               .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                           URI (cont.)                       ...
   .      (Hash-Type-Len through Fingerprint-Value Repeated)       .
   .                             . . .                             .
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

           Figure 2: 4: DHCPv6 LIS URI Certificate Fingerprints Option
   OPTION_LIS_URI:

   OPTION_LIS_CERT_FP:  The IANA assigned option number (TBD).  [[IANA/
      RFC-Editor Note: Please replace TBD with the assigned DHCPv6
      option code.]]

   Length:  The length of the LIS URI certificate fingerprints option in
      octets.

      The format semantics of remainder of the LIS URI option is are identical to
      the DHCPv4 option.  As shown, length fields are extended to 16
      bits, removing the need for concatenation to accomodate values
      longer than 255 octets in length.  DHCPv6 prohibits concatenation
      of option values.

3.  U-NAPTR for LIS Discovery

   U-NAPTR resolution for a LIS takes a domain name as input and
   produces a URI that identifies the LIS.  This process also requires
   an Application Service tag and an Application Protocol tag, which
   differentiate LIS-related NAPTR records from other records for that
   domain.

   Section 6.2 6.3 defines an Application Service tag of "LIS", which is
   used to identify the location service for a particular domain.  The
   Application Protocol tag "HELD", defined in Section 6.3, 6.4, is used to
   identify a LIS that understands the HELD protocol
   [I-D.ietf-geopriv-http-location-delivery].

   The NAPTR records in the following example demonstrate the use of the
   Application Service and Protocol tags.  Iterative NAPTR resolution is
   used to delegate responsibility for the LIS service from
   "zonea.example.net." and "zoneb.example.net." to
   "outsource.example.com.".

      zonea.example.net.
      ;;       order pref flags
      IN NAPTR 100   10   ""  "LIS:HELD" (          ; service
          ""                                        ; regex
          outsource.example.com.                    ; replacement
          )
      zoneb.example.net.
      ;;       order pref flags
      IN NAPTR 100   10   ""  "LIS:HELD" (          ; service
          ""                                        ; regex
          outsource.example.com.                    ; replacement
          )
      outsource.example.com.
      ;;       order pref flags
      IN NAPTR 100   10   "u"  "LIS:HELD" (         ; service
          "!*.!https://lis.example.org:4802/?c=ex!" ; regex
          .                                         ; replacement
          )

              Figure 3: 5: Sample LIS:HELD Service NAPTR Records

   Details for the "LIS" Application Service tag and the "HELD"
   Application Protocol tag are included in Section 6.

   U-NAPTR MUST only be used if the DHCP LIS URI option is not
   available.

   An https: LIS URI that is a product of U-NAPTR MUST be authenticated
   using the domain name method described in Section 3.1 of RFC 2818
   [RFC2818].

3.1.  Determining a Domain Name

   The U-NAPTR discovery method described requires a domain name as
   input.  This document does not specify how that domain name is
   acquired by a device.  If a device knows one or more of the domain
   names assigned to it, it MAY attempt to use each domain name as
   input.  Static configuration of a device is possible if a domain name
   is known to work for this purpose.

   A fully qualified domain name (FQDN) for the device might be provided
   by a DHCP server ([RFC4702] for DHCPv4, [RFC4704] for DHCPv6).
   DHCPv4 option 15 [RFC2131] could also be used as a source of a domain
   name suffix for the device.  If DHCP and any of these options are
   available, these values could be used as input the U-NAPTR procedure;
   however, implementers need to be aware that many DHCP servers do not
   provide a sensible value for these options.

4.  Overall Discovery Procedure

   The individual components of discovery are combined into a single
   discovery procedure.  Some networks maintain a topology analogous to
   an onion and are comprised of layers, or segments, separating hosts
   from the Internet through intermediate networks.  Applying the
   individual discovery methods in an order that favours a physically
   proximate LIS over a remote LIS is preferred.

   A host MUST support DHCP discovery and MAY support U-NAPTR discovery.
   The process described in this document is known to not work in a very
   common deployment scenario, namely the fixed wired environment
   described in Section 3.1 of [I-D.ietf-geopriv-l7-lcp-ps].
   Alternative methods of discovery to address this limitation are
   likely.

   The following process ensures a greater likelihood of a LIS in close
   physical proximity being discovered:

   1.  Request the DHCP LIS URI Option for each network interface.

   2.  Use U-NAPTR to discover a LIS URI using all known domain names.

   3.  Use a statically configured LIS URI.

   A host that has multiple network interfaces could potentially be
   served by a different access network on each interface, each with a
   different LIS.  The host SHOULD attempt to discover the LIS
   applicable to each network interface, stopping when a LIS is
   successfully discovered on any interface.

   A host that discovers a LIS URI MUST attempt to verify that the LIS
   is able to provide location information.  For the HELD protocol, the
   host MUST make a location request to the LIS.  If the LIS responds to
   this request with the "notLocatable" error code (see Section 4.3.2 of
   [I-D.ietf-geopriv-http-location-delivery]), the host MUST continue
   the discovery process and not make further requests to that LIS on
   that network interface.

   DHCP discovery MUST be attempted before any other discovery method.
   This allows the network access provider a direct and explicit means
   of configuring a LIS address.  Alternative methods are only specified
   as a means to discover a LIS where the DHCP infrastructure does not
   support the LIS URI option.

   This document does not mandate any particular source for the domain
   name that is used as input to U-NAPTR.  Alternative methods for
   determining the domain name MAY be used.

   Static configuration MAY be used if all other discovery methods fail.
   Note however, that if a host has moved from its customary location,
   static configuration might indicate a LIS that is unable to provide a
   location.

   The product of the LIS discovery process is an http: or https: URI.
   Nothing distinguishes this URI from other URIs with the same scheme,
   aside from the fact that it is the product of this process.  Only
   URIs produced by the discovery process can be used for location
   configuration using HELD.  URIs that are not a product of LIS
   discovery MUST NOT be used for location configuration.

4.1.  Virtual Private Networks (VPNs)

   LIS discovery over a VPN network interface SHOULD NOT be performed.
   A LIS discovered in this way is unlikely to have the information
   necessary to determine an accurate location.

   Since not all interfaces connected to a VPN can be detected by hosts,
   a LIS SHOULD NOT provide location information in response to requests
   that it can identify as originating from a VPN pool.  This ensures
   that even if a host discovers a LIS over the VPN, it does not rely on
   a LIS that is unable to provide accurate location information.  The
   exception to this is where the LIS and host are able to determine a
   location without access network support.

5.  Security Considerations

   The primary attack against the methods described in this document is
   one that would lead to impersonation of a LIS.  The LIS is
   responsible for providing location information and this information
   is critical to a number of network services; furthermore, a host does
   not necessarily have a prior relationship with a LIS.  Several
   methods are described here that can limit the probablity of, or
   provide some protection against, such an attack.

   The address of a LIS is usually well-known within an access network;
   therefore, interception of messages does not introduce any specific
   concerns.

   If DHCP is used, the

   The integrity of DHCP options is limited by the security of the
   channel over which they are provided.  Physical security and
   separation of DHCP messages from other packets are commonplace
   methods that can reduce the possibility of attack within an access
   network; alternatively, DHCP authentication [RFC3118] can provide a degree of protection against modification.
   degree of protection against modification.

   Section 2.3 describes how a LIS is authenticated by clients, using
   either certificate fingerprints or a domain name certificate.

   An attacker could attempt to compromise the U-NAPTR resolution.  A
   more thorough description of the security considerations for U-NAPTR
   applications is included in [RFC4848].

   In addition to considerations related to U-NAPTR, it is important to
   recognize that the output of this is entirely dependent on its input.
   An attacker who can control the domain name is therefore able to
   control the final URI.  Any mechanism for automatically determining
   such a domain name MUST consider such attacks.

6.  IANA Considerations

6.1.  Registration of DHCPv4 and DHCPv6 LIS URI Option Codes

   The IANA is requested to assign has assigned an option code of (TBD) for the DHCPv4 option
   for a LIS address, URI, as described in Section 2.2 2.1 of this document.

   The IANA is requested to assign has assigned an option code of (TBD) for the DHCPv6 option
   for a LIS address, URI, as described in Section 2.3 2.2 of this document.

6.2.  Registration of DHCPv4 and DHCPv6 LIS Certificate Fingerprints
      Option Codes

   The IANA has assigned an option code of (TBD) for the DHCPv4 option
   for a LIS certificate fingerprints, as described in Section 2.3.1 of
   this document.

   The IANA has assigned an option code of (TBD) for the DHCPv6 option
   for a LIS certificate fingerprints, as described in Section 2.3.2 of
   this document.

6.3.  Registration of a Location Server Application Service Tag

   This section registers a new S-NAPTR/U-NAPTR Application Service tag
   for a LIS, as mandated by [RFC3958].

   Application Service Tag:  LIS

   Intended usage:  Identifies a service that provides a host with its
      location information.

   Defining publication:  RFCXXXX

   Related publications:  HELD [I-D.ietf-geopriv-http-location-delivery]

   Contact information:  The authors of this document

   Author/Change controller:  The IESG

6.3.

6.4.  Registration of a Location Server Application Protocol Tag for
      HELD

   This section registers a new S-NAPTR/U-NAPTR Application Protocol tag
   for the HELD [I-D.ietf-geopriv-http-location-delivery] protocol, as
   mandated by [RFC3958].

   Application Service Tag:  HELD

   Intended Usage:  Identifies the HELD protocol.

   Applicable Service Tag(s):  LIS

   Terminal NAPTR Record Type(s):  U

   Defining Publication:  RFCXXXX

   Related Publications:  HELD [I-D.ietf-geopriv-http-location-delivery]

   Contact Information:  The authors of this document

   Author/Change Controller:  The IESG

7.  Acknowledgements

   The authors would like to thank Leslie Daigle for her work on
   U-NAPTR; Peter Koch for his feedback on the how not to use DNS aspects of this
   document; for discovery;
   Andy Newton for constructive suggestions with regards to document
   direction; Hannes Tschofenig and Richard Barnes for input and
   reviews; Dean Willis for constructive feedback; Pasi Eronen for the
   certificate fingerprint concept. concept; Ralph Droms, David W. Hankins,
   Damien Neil, and Bernie Volz for DHCP option format.

8.  References

8.1.  Normative References

   [RFC2131]  Droms, R., "Dynamic Host Configuration Protocol",
              RFC 2131, March 1997.

   [RFC2818]  Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

   [RFC3315]  Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
              and M. Carney, "Dynamic Host Configuration Protocol for
              IPv6 (DHCPv6)", RFC 3315, July 2003.

   [RFC3396]  Lemon, T. and S. Cheshire, "Encoding Long Options in the
              Dynamic Host Configuration Protocol (DHCPv4)", RFC 3396,
              November 2002.

   [RFC4572]  Lennox, J., "Connection-Oriented Media Transport over the
              Transport Layer Security (TLS) Protocol in the Session
              Description Protocol (SDP)", RFC 4572, July 2006.

   [RFC4702]  Stapp, M., Volz, B., and Y. Rekhter, "The Dynamic Host
              Configuration Protocol (DHCP) Client Fully Qualified
              Domain Name (FQDN) Option", RFC 4702, October 2006.

   [RFC4704]  Volz, B., "The Dynamic Host Configuration Protocol for
              IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN)
              Option", RFC 4704, October 2006.

   [RFC4848]  Daigle, L., "Domain-Based Application Service Location
              Using URIs and the Dynamic Delegation Discovery Service
              (DDDS)", RFC 4848, April 2007.

   [I-D.ietf-geopriv-http-location-delivery]
              Barnes, M., Winterbottom, J., Thomson, M., and B. Stark,
              "HTTP Enabled Location Delivery (HELD)",
              draft-ietf-geopriv-http-location-delivery-10
              draft-ietf-geopriv-http-location-delivery-12 (work in
              progress), October 2008. January 2009.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

8.2.  Informative References

   [RFC3118]  Droms, R. and W. Arbaugh, "Authentication for DHCP
              Messages", RFC 3118, June 2001.

   [RFC3693]  Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and
              J. Polk, "Geopriv Requirements", RFC 3693, February 2004.

   [RFC3958]  Daigle, L. and A. Newton, "Domain-Based Application
              Service Location Using SRV RRs and the Dynamic Delegation
              Discovery Service (DDDS)", RFC 3958, January 2005.

   [I-D.ietf-geopriv-l7-lcp-ps]
              Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7
              Location Configuration Protocol; Problem Statement and
              Requirements", draft-ietf-geopriv-l7-lcp-ps-08 (work in
              progress), June 2008.

Appendix A.  DHCP LIS URI Option Examples

A.1.  LIS URI Only

   Figure 4 shows an example LIS URI option for DHCPv6 in hexadecimal
   form.  This example is the simplest form, with an http: URI and no
   fingerprint information.

   Hexadecimal representation of LIS option, including the leading
   DHCPv4 option code and length octets: [[IANA/RFC-Editor Note: Please
   replace instances of "??:??" in the following example with the
   hexadecimal representation of the IANA allocated DHCPv6 option code;
   replace "???" with the decimal representation of the IANA allocated
   DHCPv6 option code.]]

   ??:??:00:1d:00:68:74:74:70:3a:2f:2f:6c:69:73:2e:65:78:61:6d:
   70:6c:65:2e:6f:72:67:3a:34:38:30:31:2f

     Octet   Value   Description
    ------- ------- --------------------------------------------------
     00-01   ??:??     LIS URI Option Code (???)
      02     00:1d     Option Length = 29
      03      00       F-Code = 0 (URI)

     04-     68:74:74:70:3a:2f:2f:6c:69:73:2e:65:78:61:6d:70:
       -1f     6c:65:2e:6f:72:67:3a:34:38:30:31:2f
                      - LIS URI = "http://lis.example.org:4801/"

               Figure 4: Example of a Simple LIS URI Option

A.2.  LIS URI with Fingerprint

   Figure 5 shows an example LIS URI option for DHCPv4 in hexadecimal
   form.  This example shows the inclusion of two fingerprints, the
   first based on SHA-256, RRs and the second based on SHA-1.

   Hexadecimal representation of LIS option, including the leading
   DHCPv4 option code Dynamic Delegation
              Discovery Service (DDDS)", RFC 3958, January 2005.

   [I-D.ietf-geopriv-l7-lcp-ps]
              Tschofenig, H. and length octets: [[IANA/RFC-Editor Note: Please
   replace two instances of "??" in the following example with the
   hexadecimal representation of the IANA allocated DHCPv4 option code;
   replace "???" with the decimal representation of the IANA allocated
   DHCPv4 option code.]]

   ??:69:01:28:07:73:68:61:2d:32:35:36:49:20:77:6f:6e:64:65:72:
   20:69:66:74:68:69:73:20:77:69:6c:6c:20:62:65:20:6e:6f:74:69:
   63:65:64:3f:01:1a:07:73:68:61:2d:31:39:39:62:6f:74:74:6c:65:
   73:6f:66:62:65:65:72:6f:6e:74:68:65:00:68:74:74:70:73:3a:2f:
   2f:6c:69:73:2e:65:78:61:6d:70:6c:65:2e:6f:72:67:3a:34:38:30:
   32:2f:3f:63:3d:65:78

     Octet   Value   Description
    ------- ------- --------------------------------------------------
      00      ??     LIS URI Option Code (???)
      01      6a     Option Length = 106
      02      01     F-Code = 1 (Fingerprint)
      03      28     F-Length = 40
      04      07     Hash-Type-Len = H. Schulzrinne, "GEOPRIV Layer 7

     05-0b   73:68:61:2d:32:35:36
                      - Hash-Type = "sha-256"

     0c-     49:20:77:6f:6e:64:65:72:20:69:66:74:68:69:73:20:
       -2b     77:69:6c:6c:20:62:65:20:6e:6f:74:69:63:65:64:3f
                      - Fingerprint-Value (SHA-256 output)

      2c      01     F-Code = 1 (Fingerprint)
      2d      1a     F-Length = 26
      2e      07     Hash-Type-Len = 5

     2f-33   73:68:61:2d:31
                      - Hash-Type = "sha-1"

     34-     39:39:62:6f:74:74:6c:65:73:6f:
       -47     66:62:65:65:72:6f:6e:74:68:65
                      - Fingerprint-Value (SHA-1 output)

      48      00     F-Code = 0 (URI)

     49-     68:74:74:70:73:3a:2f:2f:6c:69:73:2e:65:78:61:6d:70:
       -6a     6c:65:2e:6f:72:67:3a:34:38:30:32:2f:3f:63:3d:65:78
                      - LIS URI = "https://lis.example.org:4802/?c=ex"

          Figure 5: Example LIS URI Option with Fingerprint Data
              Location Configuration Protocol; Problem Statement and
              Requirements", draft-ietf-geopriv-l7-lcp-ps-08 (work in
              progress), June 2008.

Authors' Addresses

   Martin Thomson
   Andrew
   PO Box U40
   Wollongong University Campus, NSW  2500
   AU

   Phone: +61 2 4221 2915
   Email: martin.thomson@andrew.com
   URI:   http://www.andrew.com/

   James Winterbottom
   Andrew
   PO Box U40
   Wollongong University Campus, NSW  2500
   AU

   Phone: +61 2 4221 2938
   Email: james.winterbottom@andrew.com
   URI:   http://www.andrew.com/

Full Copyright Statement

   Copyright (C) The IETF Trust (2008).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.