draft-ietf-sipcore-locparam-02.txt   draft-ietf-sipcore-locparam-03.txt 
SIPCORE J. Winterbottom SIPCORE J. Winterbottom
Internet-Draft Winterb Consulting Services Internet-Draft Winterb Consulting Services
Updates: RFC6442 (if approved) R. Jesske Updates: RFC6442 (if approved) R. Jesske
Intended status: Standards Track Deutsche Telekom Intended status: Standards Track Deutsche Telekom
Expires: January 23, 2020 B. Chatras Expires: March 19, 2020 B. Chatras
Orange Labs Orange Labs
A. Hutton A. Hutton
Atos Atos
July 22, 2019 September 16, 2019
Location Source Parameter for the SIP Geolocation Header Field Location Source Parameter for the SIP Geolocation Header Field
draft-ietf-sipcore-locparam-02.txt draft-ietf-sipcore-locparam-03.txt
Abstract Abstract
There are some circumstances where a geolocation header field may There are some circumstances where a Geolocation header field may
contain more than one location value. Knowing the identity of the contain more than one location value. Knowing the identity of the
node adding the location value allows the recipient more freedom in node adding the location value allows the recipient more freedom in
selecting the value to look at first rather than relying solely on selecting the value to look at first rather than relying solely on
the order of the location values. the order of the location values. This document defines the
location-source parameter so that the entity adding the location
value to Geolocation header field can identify itself using its
hostname.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 23, 2020. This Internet-Draft will expire on March 19, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 20 skipping to change at page 2, line 25
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Rationale . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Rationale . . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 5. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 5 6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . 6 7. Security Considerations . . . . . . . . . . . . . . . . . . . 6
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8.1. Registration of loc-src Parameter for geolocation header 8.1. Registration of location-source parameter for Geolocation
field . . . . . . . . . . . . . . . . . . . . . . . . . . 6 header field . . . . . . . . . . . . . . . . . . . . . . 6
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
10.1. Normative References . . . . . . . . . . . . . . . . . . 7 10.1. Normative References . . . . . . . . . . . . . . . . . . 7
10.2. Informative References . . . . . . . . . . . . . . . . . 7 10.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
The SIP geolocation specification [RFC6442] describes the The SIP Geolocation specification [RFC6442] describes the
"Geolocation" SIP header field which is used to indicate that the SIP "Geolocation" SIP header field which is used to indicate that the SIP
message is conveying location information. The specification message is conveying location information. [RFC6442] specifies that
suggests that only one location value should be conveyed. However, SIP intermediaries should not add location values to a SIP request
some communications architectures, such as 3GPP [TS23-167] and ETSI that already contains location value. [RFC6442] also states that if
[M493], prefer to use information provided by edge-proxies or a SIP intermediary adds location it is fully responsible for
acquired through the use of core-network nodes, before using addressing the concerns of any 424 (Bad Location Information) SIP
information provided solely by user equipment (UE). These solutions response it receives. However, some communications architectures,
don't preclude the use of UE provided location but require a means of such as 3GPP [TS23-167] and ETSI [M493], prefer to use information
being able to distinguish the identity of the node adding the provided by edge-proxies or acquired through the use of core-network
location value to the SIP message from that provided by the UE. nodes, before using information provided solely by user equipment
(UE). These solutions don't preclude the use of UE provided location
but require a means of being able to distinguish the identity of the
node adding the location value to the SIP message from that provided
by the UE.
[RFC6442] stipulates that the order of location values in the [RFC6442] stipulates that the order of location values in the
geolocation header field is the same as the order in which they were Geolocation header field is the same as the order in which they were
added to the header field. Whilst this order provides guidance to added to the header field. Whilst this order provides guidance to
the recipient as to which values were added to the message earlier in the recipient as to which values were added to the message earlier in
the communication chain, it does not provide any indication of which the communication chain, it does not provide any indication of which
node actually added the location value. Knowing the identity of the node actually added the location value. Knowing the identity of the
entity that added the location to the message allows the recipient to entity that added the location to the message allows the recipient to
choose which location to consider first rather than relying solely on choose which location to consider first rather than relying solely on
the order of the location values in the geolocation header field. the order of the location values in the Geolocation header field.
This document adds a location-source (loc-src) parameter to the This document extends the Geolocation header field, by allowing an
location values in [RFC6442] so that the entity adding the location entity adding the location value to identity itself using a hostname.
value to geolocation header field can identify itself using its This is done by defining a new geoloc-param header field parameter,
hostname. How the entity adding the location value to the header location-source."How the entity adding the location value to the
field obtains the location information is out of scope of this header field obtains the location information is out of scope of this
document. document.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. Rationale 3. Rationale
The primary intent of the parameter defined in this specific is for The primary intent of the location-source parameter in this
use in emergency calling. There are various architectures defined specification is for use in emergency calling. There are various
for providing emergency calling using SIP-based messaging. Each has architectures defined for providing emergency calling using SIP-based
it own characteristics with corresponding pros and cons. All of them messaging. Each has it own characteristics with corresponding pros
allow the UE to provide location information, however, many also and cons. All of them allow the UE to provide location information,
attach other sources of location information to support veracity however, many also attach other sources of location information to
checks, provide backup information, or to be used as the primary support veracity checks, provide backup information, or to be used as
location. the primary location.
This document makes no attempt to comment on these various This document makes no attempt to comment on these various
architectures or the rationale for them wishing to include multiple architectures or the rationale for them wishing to include multiple
location values. It does recognize that these architectures exist location values. It does recognize that these architectures exist
and that there is a need to identify the entity adding the location and that there is a need to identify the entity adding the location
information. information.
The parameter defined in this specification adds the location source The location-source parameter adds the location source generating the
generating the location value to increase the trustworthiness of the location value to increase the trustworthiness of the location
location information. information.
The loc-src parameter is applicable within a single private The location-source parameter is applicable within a single private
administrative domain or between different administrative domains administrative domain or between different administrative domains
where there is a trust relationship between the domains. Thus it is where there is a trust relationship between the domains. Thus it is
intended to use this parameter only in trust domains where Spec(T) as intended to use this parameter only in trust domains where Spec(T) as
described in [RFC3325] exists. described in [RFC3325] exists.
The loc-src parameter is not included in a SIP message sent to The location-source parameter is not included in a SIP message sent
another network if there is no trust relationship. The The loc-src to another network if there is no trust relationship. The The
parameter is not applicable if the administrative domain manages location-source parameter is not applicable if the administrative
emergency calls in a way that does not require location source domain manages emergency calls in a way that does not require any
generating the location. generation of the location.
The functional architecture described within ETSI [M493] is an The functional architecture described within ETSI [M493] is an
example of architecture where this parameter makes sense to be used. example of architecture where this parameter makes sense to be used.
4. Mechanism 4. Mechanism
The mechanism employed adds a parameter to the location value defined The mechanism employed adds a parameter to the location value defined
in [RFC6442] that identifies the hostname of the entity adding the in [RFC6442] that identifies the hostname of the entity adding the
location value to the geolocation header field. The Augmented BNF location value to the Geolocation header field. The Augmented BNF
(ABNF) [RFC5234] for this parameter is shown in Figure 1. (ABNF) [RFC5234] for this parameter is shown in Figure 1.
location-source = "loc-src=" (hostname ) location-source = "loc-src" EQUAL hostname
hostname = <defined in RFC3261> hostname = <defined in RFC3261>
Figure 1: Location Source Figure 1: Location Source
Only a fully qualified host name is valid, an IP address MUST NOT be Only a fully qualified host name is valid. The syntax does not
added by an entity conforming with this specification. If a node support IP addresses, and if an entity conforming to this
conforming to this specification receives a geolocation header field specification receives a Geolocation header field with a location-
with a loc-src parameter containing an IP address then the parameter source parameter containing an IP address then the parameter MUST be
MUST be removed. removed.
Any proxy adding a location value to a geolocation header field A SIP intermediarity conformant to this specification adding a
SHOULD also add its host name using the loc-src parameter so that it location value to a Geolocation header field SHOULD also add a
is clearly identified as the node adding the location. A UE MUST NOT location-source header field parameter so that it is clearly
provide a loc-src parameter value. If a proxy receives a message identified as the node adding the location. A UA MUST NOT insert a
from an untrusted source with the loc-src parameter set then it MUST location-source header field parameter. If a SIP intermediarity
remove the loc-src parameter before passing the message into a receives a message from an untrusted source with the location-source
trusted network. parameter set then it MUST remove the location-source parameter
before passing the message into a trusted network.
5. Example 5. Example
The following example shows a SIP INVITE message containing a The following example shows a SIP INVITE message containing a
geolocation header field with two location values. The first Geolocation header field with two location values. The first
location value points to a PIDF-LO in the SIP body using a content- location value points to a PIDF-LO in the SIP body using a content-
indirection (cid:) URI per [RFC4483] and this is provided by the UE. indirection (cid:) URI per [RFC4483] and this is provided by the UE.
The second location value is an https URI the provided by a proxy The second location value is an https URI the provided by a SIP
which identifies itself using the loc-src parameter. intermediarity which identifies itself using the location-source
parameter.
INVITE sip:bob@biloxi.example.com SIP/2.0 INVITE sip:bob@biloxi.example.com SIP/2.0
Via: SIP/2.0/TLS pc33.atlanta.example.com;branch=z9hG4bK74bf9 Via: SIP/2.0/TLS pc33.atlanta.example.com;branch=z9hG4bK74bf9
Max-Forwards: 70 Max-Forwards: 70
To: Bob <sip:bob@biloxi.example.com> To: Bob <sip:bob@biloxi.example.com>
From: Alice <sip:alice@atlanta.example.com>;tag=9fxced76sl From: Alice <sip:alice@atlanta.example.com>;tag=9fxced76sl
Call-ID: 3848276298220188511@atlanta.example.com Call-ID: 3848276298220188511@atlanta.example.com
Geolocation: <cid:target123@atlanta.example.com>, Geolocation: <cid:target123@atlanta.example.com>,
<https://lis.example.com:8222/y77syc7cuecbh>; <https://lis.example.com:8222/y77syc7cuecbh>;
loc-src=edgeproxy.example.com loc-src=edgeproxy.example.com
skipping to change at page 5, line 45 skipping to change at page 5, line 51
CSeq: 31862 INVITE CSeq: 31862 INVITE
Contact: <sip:alice@atlanta.example.com> Contact: <sip:alice@atlanta.example.com>
Content-Type: multipart/mixed; boundary=boundary1 Content-Type: multipart/mixed; boundary=boundary1
Content-Length: ... Content-Length: ...
Figure 2: Example Location Request. Figure 2: Example Location Request.
6. Privacy Considerations 6. Privacy Considerations
This document doesn't change any of the privacy considerations This document doesn't change any of the privacy considerations
described in [RFC6442]. While the addition of the loc-src parameter described in [RFC6442]. While the addition of the location-source
does provide an indicator of the entity that added the location in parameter does provide an indicator of the entity that added the
the signaling path this provides little more exposure than a proxy location in the signaling path this provides little more exposure
identity being added to the record-route header field. than a proxy identity being added to the record-route header field.
7. Security Considerations 7. Security Considerations
This document introduces the ability of a proxy or middle box to This document introduces the ability of a SIP intermediarity to
insert a host name indicating the that they added the specific insert a host name indicating that they added the specific location
location value to the geolocation header field. The intent is for value to the Geolocation header field. The intent is for this field
this field to be used by the location recipient in the event that the to be used by the location recipient in the event that the SIP
SIP message contains multiple location values. As a consequence this message contains multiple location values. As a consequence this
parameter should only be used by the location recipient in a trusted parameter should only be used by the location recipient in a trusted
network. network.
As already stated in [RFC6442] securing the location hop- by-hop, As already stated in [RFC6442] securing the location hop- by-hop,
using TLS, protects the message from eavesdropping and modification using TLS, protects the message from eavesdropping and modification
in transit, but exposes the information to all proxies on the path as in transit, but exposes the information to all SIP intermediaries on
well as the endpoint. The loc-src parameter is applicable within a the path as well as the endpoint. The location-source parameter is
single private administrative domain or between different applicable within a single private administrative domain or between
administrative domains where there is a trust relationship between different administrative domains where there is a trust relationship
the domains. If such trust domain is not given it is strongly between the domains. If such trust domain is not given it is
recommended to delete the location information. strongly recommended to delete the location information.
The use of this parameter is not restricted to a specific The use of this parameter is not restricted to a specific
architecture but using multiples locations and loc-src may end in architecture but using multiples locations and loc-src may end in
compatibility issues. [RFC6442] already addresses the issue of compatibility issues. [RFC6442] already addresses the issue of
multiples locations. To avoid problems of wrong interpretation of multiples locations. To avoid problems of wrong interpretation of
loc-src the value may be discarded when passed to an other domain. loc-src the value may be removed when passed to an other domain.
8. IANA Considerations 8. IANA Considerations
8.1. Registration of loc-src Parameter for geolocation header field 8.1. Registration of location-source parameter for Geolocation header
field
This document calls for IANA to register a new SIP header parameter This document calls for IANA to register a new SIP header parameter
as per the guidelines in [RFC3261], which will be added to header as per the guidelines in [RFC3261], which will be added to header
sub-registry under http://www.iana.org/assignments/sip-parameters. sub-registry under http://www.iana.org/assignments/sip-parameters.
Header Field: geolocation Header Field: Geolocation
Parameter Name: loc-src Parameter Name: loc-src
9. Acknowledgements 9. Acknowledgements
The authors would like to thank Dale Worley for his extensive review The authors would like to thank Dale Worley and Christer Holmberg for
of the draft The authors would like to acknowledge the constructive their extensive review of the draft The authors would like to
feedback provided by Paul Kyziva and Christer Holmberg. acknowledge the constructive feedback provided by Paul Kyzivat and
Robert Sparks.
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E. A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261, Schooler, "SIP: Session Initiation Protocol", RFC 3261,
 End of changes. 31 change blocks. 
81 lines changed or deleted 93 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/