appsawg L. Goix
Internet-Draft Telecom Italia
Intended status: Standards Track K. Li
Expires: January 12, 2013 Huawei Technologies
July 11, 2012
ENUM Service Registration for Social Networking (SN) Services
draft-goix-appsawg-enum-sn-service-02
Abstract
This document registers a Telephone Number Mapping (ENUM) service for
Social Networking (SN). Specifically, this document focuses on
provisioning 'acct:' URIs (Uniform Resource Identifiers) in ENUM.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 12, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Goix & Li Expires January 12, 2013 [Page 1]
�
Internet-Draft Enum Service SN registration July 2012
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Justification . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IANA Registration . . . . . . . . . . . . . . . . . . . . . . 3
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. DNS Considerations . . . . . . . . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
8. Change log (to be deleted before publication) . . . . . . . . 6
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 8
Goix & Li Expires January 12, 2013 [Page 2]
�
Internet-Draft Enum Service SN registration July 2012
1. Introduction
ENUM (E.164 Number Mapping, [RFC6116]) is a system that uses DNS
(Domain Name Service, [RFC1034]) to translate telephone numbers, such
as '+44 01632 960123', into URIs (Uniform Resource Identifiers,
[RFC3986], such as 'acct:user@example.com'. ENUM exists primarily to
facilitate the interconnection of systems that rely on telephone
numbers with those that use URIs to identify resources.
Social Networking (SN) services allow users to post and retrieve
activities (e.g. status updates or media uploads) and related
replies. [I-D.saintandre-acct-uri] is proposing a generic URI to
identify an SN service account for a particular resource: the 'acct:'
URI scheme.
This document registers an enumservice for advertising account
information associated with an E.164 number.
1.1. Justification
The requirement to map an SN account with an E.164 number is from the
Open Mobile Alliance (OMA) Social Network Web Enabler Release
[OMA-SNeW-ER].
In Mobile networks, users are traditionally identified through a
Mobile Subscriber ISDN (MSISDN) number. In order to provide SN
functionality to mobile subscribers identified by their MSISDN, a
mapping is needed to identify a corresponding SN account and
provider.
1.2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
2. IANA Registration
As defined in [RFC6117], the following is a template covering
information needed for the registration of the enumservice specified
in this document:
Goix & Li Expires January 12, 2013 [Page 3]
�
Internet-Draft Enum Service SN registration July 2012
Application-Based, Common
sn
acct
This Enumservice indicates that the resource
can be addressed by the associated URI using
SN protocols, including
to discover additional information.
See .
COMMON
This document.
Laurent-Walter Goix
Telecom Italia
mailto:laurentwalter.goix@telecomitalia.it
2012-07-10
3. Examples
The following is an example of the use of the enumservice registered
by this document in a NAPTR resource record for phone number +44
01632 960123.
$ORIGIN 3.2.1.0.6.9.2.3.6.1.0.4.4.e164.arpa.
IN NAPTR 10 100 "u" "E2U+sn" "!^.*$!acct:john.doe@example.com!" .
Goix & Li Expires January 12, 2013 [Page 4]
�
Internet-Draft Enum Service SN registration July 2012
4. DNS Considerations
If no "E2U+sn" NAPTR record exist for the requested number, the
resolution process over issuing ENUM queries may be recursively
performed over E.164 numbers identified by other NAPTR records for
the requested number pointing to "tel" URIs [RFC3966]. Whilst this
process is useful to support, amongst others, number portability as
per [RFC4769], Section 4, this may also create potential loops in
this resolution process. As such ENUM clients performing such ENUM
queries over "tel" URIs to identify "acct" URIs SHOULD understand the
"enumdi" indicator defined in [RFC4759]. In particular, if the
result of the query does not include "E2U+sn" NAPTR records, and
includes a NAPTR resource record containing a "tel" URI that has the
same E.164 number, or a "tel" URI with the "enumdi" parameter set,
that client SHOULD NOT perform subsequent ENUM queries over such
numbers and SHOULD consider that the original requested number cannot
be mapped.
Furthermore the client MAY stop performing subsequent ENUM queries
after the fifth recursive query as suggested in [RFC6116] section
5.2.1.
5. Security Considerations
DNS, as used by ENUM, is a global, distributed database. Should
implementers of this specification use e164.arpa or any other
publicly available domain as the tree for maintaining PSTN
Enumservice data, this information would be visible to anyone
anonymously.
As noted earlier, carriers, service providers, and other users may
choose not to publish such information in the public e164.arpa tree.
They may instead simply publish this in an internal ENUM
infrastructure that is only able to be queried by trusted elements of
their network, thus limiting threats.
Per se, this enumservice does not introduce specific security
considerations beyond [RFC6116], section 7. However, it has to be
acknowledged that the proposed Enumservice could lead to the
discovery or disclosure of Personally Identifiable Information (PII)
if used in combination with the WebFinger protocol. Please see
[I-D.ietf-appsawg-webfinger], section 10 for additional information
regarding WebFinger security to avoid unwanted disclosure of
information.
Similar security concerns are associated with potential attacks
against an underlying Social Networking system. Unlike a traditional
Goix & Li Expires January 12, 2013 [Page 5]
�
Internet-Draft Enum Service SN registration July 2012
telephone number, and as per the indirect nature of SN communication
(typically through an intermediary network element), the resource
identified by an 'acct:' URI may not be subject to direct
communication with other peers. However (e.g. in case of private
message exchange) it may require that peers provide cryptographic
credentials for authentication and authorization before messages are
exchanged. For this reason, SN protocols should have a number of
security requirements that call for authentication, integrity and
confidentiality properties, and similar measures to prevent such
attacks.
6. IANA Considerations
This document requests the IANA registration of the Enumservice with
Type "sn" according to the definitions in this document, [RFC6116]
and [RFC6117].
Details of the registration are given in Section 2.
7. Acknowledgements
The authors would like to thank Gonzalo Salgueiro, Paul Jones,
Lawrence Conroy, and Enrico Marocco for their valuable feedback to
improve this document.
8. Change log (to be deleted before publication)
-02 Draft
* Updated references to acct: URI I-D and OMA specifications
* Added changelog section
-01 Draft
* Made changes to example phone numbers
* Updated security and DNS considerations
* Fixed IANA registration template
* Added acknowledgment section
9. References
Goix & Li Expires January 12, 2013 [Page 6]
�
Internet-Draft Enum Service SN registration July 2012
9.1. Normative References
[I-D.ietf-appsawg-webfinger]
Jones, P., Salgueiro, G., and J. Smarr, "WebFinger",
draft-ietf-appsawg-webfinger-00 (work in progress),
July 2012.
[I-D.saintandre-acct-uri]
Saint-Andre, P., "The 'acct' URI Scheme",
draft-saintandre-acct-uri-01 (work in progress),
July 2012.
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
RFC 3966, December 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC4759] Stastny, R., Shockey, R., and L. Conroy, "The ENUM Dip
Indicator Parameter for the "tel" URI", RFC 4759,
December 2006.
[RFC4769] Livingood, J. and R. Shockey, "IANA Registration for an
Enumservice Containing Public Switched Telephone Network
(PSTN) Signaling Information", RFC 4769, November 2006.
[RFC6116] Bradner, S., Conroy, L., and K. Fujiwara, "The E.164 to
Uniform Resource Identifiers (URI) Dynamic Delegation
Discovery System (DDDS) Application (ENUM)", RFC 6116,
March 2011.
[RFC6117] Hoeneisen, B., Mayrhofer, A., and J. Livingood, "IANA
Registration of Enumservices: Guide, Template, and IANA
Considerations", RFC 6117, March 2011.
9.2. Informative References
[OMA-SNeW-ER]
Open Mobile Alliance, "Social Network Web Enabler", OMA-
ER-SNeW-V1_0 20120702-D, July 2012.
Goix & Li Expires January 12, 2013 [Page 7]
�
Internet-Draft Enum Service SN registration July 2012
Authors' Addresses
Laurent-Walter Goix
Telecom Italia
P.za Einaudi, 8
Milano 20124
Italy
Email: laurentwalter.goix@telecomitalia.it
Kepeng Li
Huawei Technologies
Huawei Base, Bantian, Longgang District
Shenzhen, Guangdong 518129
P. R. China
Phone: +86-755-28974289
Email: likepeng@huawei.com
Goix & Li Expires January 12, 2013 [Page 8]
�