IANA Registration for Enumservice 'web' and 'ft'
draft-ietf-enum-webft-01
The information below is for an old version of the document that is already published as an RFC.
| Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 4002.
|
|
|---|---|---|---|
| Authors | Lawrence W. Conroy , Rudolf Brandner , Richard Stastny | ||
| Last updated | 2015-10-14 (Latest revision 2004-05-25) | ||
| Replaces | draft-brandner-enumservice-webft | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Proposed Standard | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | (None) | |
| Document shepherd | (None) | ||
| IESG | IESG state | Became RFC 4002 (Proposed Standard) | |
| Action Holders |
(None)
|
||
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | Allison J. Mankin | ||
| Send notices to | (None) |
draft-ietf-enum-webft-01
ENUM R. Brandner
Internet-Draft Siemens AG
Expires: November 22, 2004 L. Conroy
Siemens Roke Manor Research
R. Stastny
Oefeg
May 24, 2004
IANA Registration for ENUMservices web and ft
<draft-ietf-enum-webft-01.txt>
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http://
www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 22, 2004.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
This document registers the 'ENUMservices' [3] 'web' and 'ft' using
the URI schemes 'http:', 'https:' and 'ftp:' as per the IANA
registration process defined in the ENUM specification RFC3761 [3].
Brandner, et al. Expires October 31, 2004 [Page 1]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Web Service . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Web Service Registration with 'http:' . . . . . . . . . . 6
3.3 Web Service Registration with 'https:' . . . . . . . . . . 7
4. FT Service Registration . . . . . . . . . . . . . . . . . . . 8
5. Security Considerations . . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.1 Normative References . . . . . . . . . . . . . . . . . . . 10
6.2 Informative References . . . . . . . . . . . . . . . . . . 11
7. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 11
8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 13
Brandner, et al. Expires October 31, 2004 [Page 2]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC2119 [2].
Brandner, et al. Expires October 31, 2004 [Page 3]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
2. Introduction
ENUM (E.164 Number Mapping, RFC3761 [3]) is a system that transforms
E.164 numbers [4] into domain names and then uses DNS (Domain Name
Service, RFC1034 [5]) services like delegation through NS records and
NAPTR records to look up what services are available for a specific
domain name.
This document registers 'ENUMservices' according to the guidelines
given in RFC3761 to be used for provisioning in the services field of
a NAPTR [8] resource record to indicate what class of functionality a
given end point offers. The registration is defined within the DDDS
(Dynamic Delegation Discovery System [6][7][8][9][10]) hierarchy, for
use with the "E2U" DDDS Application defined in RFC3761.
The following 'ENUMservices' are registered with this document: 'web'
and 'ft'. These share a common feature in that they each indicate
that the functionality of the given end points and the associated
resources are primarily sources of information.
According to RFC2619bis, the 'ENUMservice' registered must be able to
function as a selection mechanism when choosing one NAPTR resource
record from another. That means that the registration MUST specify
what is expected when using that very NAPTR record, and the URI
scheme which is the outcome of the use of it.
Therefore an 'ENUMservice' acts as a hint, indicating the kind of
service with which the URI constructed using the regexp field is
associated. There can be more than one 'ENUMservice' included within
a single NAPTR; this indicates that there is more than one service
that can be achieved using the associated URI scheme.
The common thread with this set of definitions is that they reflect
the kind of service that the end user will hope to achieve with the
communication using the associated URI.
The services specified here are intended NOT to specify the protocol
or even method of connection that MUST be used to achieve each
service. Instead they define the kind of interactive behavior that an
end user will expect, leaving the end system to decide (based on
policies outside the remit of this specification) how to execute the
service.
Since the same URI scheme may be used for different services (e.g.
'tel:'), and the same kind of service may use different URI schemes
(e.g. for VoIP 'sip:', 'h323:' and 'tel:' may be used), it is
necessary in some cases to specify the service and the URI scheme
used.
Brandner, et al. Expires October 31, 2004 [Page 4]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
The service parameters defined in RFC3761 allow therefore a 'type'
and a 'subtype' to be specified. Within this set of specifications
the convention is assumed that the 'type' (being the more generic
term) is defining the service and the 'subtype' is defining the URI
scheme.
Brandner, et al. Expires October 31, 2004 [Page 5]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
3. Web Service
3.1 Introduction
The ENUMservices registered in this section indicate that the
resource identified by the associated URI is capable of being a
source of information.
3.2 Web Service Registration with 'http:'
Enumservice Name: "web"
Enumservice Type: "web"
Enumservice Subtype: "http"
URI Scheme: 'http:'
Functional Specification:
This ENUMservice indicates that the resource identified by the
associated URI scheme is capable of being a source of information.
It has to be noted that the kind of information retrieved can be
manifold. Usually, contacting a resource by an 'http:' URI provides a
document. This document can contain references that will trigger
download of many different kinds of information, like audio or video or
executable code. Thus, one can not be more specific about the kind of
information that can be expected when contacting the resource.
Security Considerations:
There are no specific security issues with this 'ENUMservice'.
However, the general considerations of Section 5 apply.
Intended Usage: COMMON
Author:
Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact
detail see Authors' Addresses section)
Any other information the author deems interesting:
None
Brandner, et al. Expires October 31, 2004 [Page 6]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
3.3 Web Service Registration with 'https:'
Enumservice Name: "web"
Enumservice Type: "web"
Enumservice Subtype: "https"
URI Scheme: 'https:'
Functional Specification:
This ENUMservice indicates that the resource identified by the
associated URI scheme is capable of being a source of information,
which can be contacted by using TLS or Secure Socket Layer protocol.
It has to be noted that the kind of information retrieved can be
manifold. Usually, contacting a resource by an 'https:' URI provides
a document. This document can contain all different kind of
information, like audio or video or executable code. Thus, one can
not be more specific what information to expect when contacting the
resource.
Security Considerations:
There are no specific security issues with this 'ENUMservice'.
However, the general considerations of Section 5 apply.
Intended Usage: COMMON
Author:
Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact
detail see Authors' Addresses section)
Any other information the author deems interesting:
None
Brandner, et al. Expires October 31, 2004 [Page 7]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
4. FT Service Registration
Enumservice Name: "ft"
Enumservice Type: "ft"
Enumservice Subtype: "ftp"
URI Scheme: 'ftp:'
Functional Specification:
This ENUMservice indicates that the resource identified by the
associated URI scheme is a file service from which a file or file
listing can be retrieved.
Security Considerations:
There are no specific security issues with this 'ENUMservice'.
However, the general considerations of Section 5 apply.
Intended Usage: COMMON
Author:
Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact
detail see Authors' Addresses section)
Any other information the author deems interesting:
None
Brandner, et al. Expires October 31, 2004 [Page 8]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
5. Security Considerations
DNS, as used by ENUM, is a global, distributed database. Thus any
information stored there is visible to anyone anonymously. Whilst
this is not qualitatively different from publication in a Telephone
Directory, it does open the data subject to having "their"
information collected automatically without any indication that this
has been done or by whom.
Such data harvesting by third parties is often used to generate lists
of targets for unrequested information; in short, they are used to
address "spam". Anyone who uses a Web-archived mailing list is aware
that the volume of "spam" email they are sent increases when they
post to the mailing list; publication of a telephone number in ENUM
is no different, and may be used to send "junk faxes" or "junk SMS"
for example.
Many mailing list users have more than one email address and use
"sacrificial" email accounts when posting to such lists to help
filter out unrequested emails sent to them. This is not so easy with
published telephone numbers; the PSTN E.164 number assignment process
is much more involved and usually a single E.164 number (or a fixed
range of numbers) is associated with each PSTN access. Thus providing
a "sacrificial" phone number in any publication is not possible.
Due to the implications of publishing data on a globally accessible
database, as a principle the data subject MUST give their explicit
informed consent to data being published in ENUM.
In addition, they should be made aware that, due to storage of such
data during harvesting by third parties, removal of the data from
publication will not remove any copies that have been taken; in
effect, any publication may be permanent.
However, regulations in many regions will require that the data
subject can at any time request that the data is removed from
publication, and that their consent for its publication is explicitly
confirmed at regular intervals.
The user SHOULD be asked to confirm opening a web page or starting an
ftp session (particularly if the ftp client is configured to send the
user's email address as an "anonymous" user password).
Using a web:http or ft:ftp service is not secure, and so the user
should apply the same caution when entering personal data as they
would do if using a client application started with any other method.
Whilst this is not a feature of ENUM or these ENUMservices, the
ENUM-using application on the end system may appear different from
Brandner, et al. Expires October 31, 2004 [Page 9]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
the user's "normal" browser, and so the user SHOULD receive an
indication on whether or not their communication is secured.
As evaluating a web page can involve execution of embedded (or
linked) content that may include executable code, there are risks
involved in evaluating a web URL. If automatic evaluation of a web
link were to be used, the querying user would be exposed to risks
associated with that automatic download and execution of content.
Thus the client MUST ask the querying user for confirmation before
evaluating the web URL; the client MUST NOT download and evaluate the
web content automatically.
An analysis of threats specific to the dependence of ENUM on the DNS,
and the applicability of DNSSEC [15] to these, is provided in RFC3761
[3].
6. References
6.1 Normative References
[1] Bradner, S., "The Internet Standards Process -- Revision 3",
RFC 2026, BCP 9, October 1996.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", RFC 2119, BCP 14, March 1997.
[3] Faltstrom, P. and M. Mealling, "The E.164 to Uniform Resource
Identifiers (URI) Dynamic Delegation Discovery System (DDDS)
Application (ENUM)", RFC 3761, April 2004.
[4] ITU-T, "The International Public Telecommunication Number
Plan", Recommendation E.164 , May 1997.
[5] Mockapetris, P., "DOMAIN NAMES - CONCEPTS AND FACILITIES", RFC
1034, November 1987.
[6] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
One: The Comprehensive DDDS", RFC 3401, October 2002.
[7] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
Two: The Algorithm", RFC 3402, October 2002.
[8] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
Three: The Domain Name System (DNS) Database", RFC 3403,
October 2002.
[9] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
Four: The Uniform Resource Identifiers (URI)", RFC 3404,
October 2002.
Brandner, et al. Expires October 31, 2004 [Page 10]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
[10] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
Five: URI.ARPA Assignment Procedures", RFC 3405, October 2002.
[11] Berners-Lee, T., Masinter, M. and M. McCahill, "Uniform
Resource Locators (URL)", RFC 1738, December 1994.
[12] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol -
HTTP/1.1", RFC 2616, June 1999.
[13] Rescola, E., "HTTP Over TLS", RFC 2818, May 2000.
[14] ETSI, "Minimum Requirements for Interoperability of European
ENUM Trials", ETSI TS 102 172, February 2003.
6.2 Informative References
[15] Arends, R. and et al. , "Protocol Modifications for the DNS
Security Extensions", Work in Progress .
7. Authors' Addresses
Rudolf Brandner
Siemens AG
Hofmannstr. 51
81359 Munich
Germany
Phone: +49-89-722-51003
EMail: rudolf.brandner@siemens.com
Lawrence Conroy
Siemens Roke Manor Research
Roke Manor
Romsey
United Kingdom
Phone: +44-1794-833666
EMail: lwc@roke.co.uk
Brandner, et al. Expires October 31, 2004 [Page 11]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
Richard Stastny
Oefeg
Postbox 147
1103 Vienna
Austria
Phone: +43-664-420-4100
EMail: richard.stastny@oefeg.at
Brandner, et al. Expires October 31, 2004 [Page 12]
Internet-Draft IANA Registration for ENUMservices web and ft May 2004
8. Full Copyright Statement
Copyright (C) The Internet Society (2004). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Brandner, et al. Expires October 31, 2004 [Page 13]