TOC 
ECRITH. Schulzrinne
Internet-DraftColumbia University
Intended status: Standards TrackS. McCann
Expires: May 22, 2008Siemens/Roke Manor Research
 G. Bajko
 Nokia
 H. Tschofenig
 Nokia Siemens Networks
 November 19, 2007


Extensions to the Emergency Services Architecture for dealing with Unauthenticated and Unauthorized Devices
draft-schulzrinne-ecrit-unauthenticated-access-01.txt

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on May 22, 2008.

Abstract

The IETF emergency services architecture assumes that access to a network has already happened using the traditional network access authentication procedures or that no authentication for network access is needed (e.g., in case of public hotspots). Subsequent protocol interactions, such as obtaining location information, learning the address of the Public Safety Answering Point (PSAP) and the emergency call itself are largely decoupled from the underlying network access procedures.

There are, however, cases where a device is not in possession of credentials for network access, does not have a VoIP provider, or where the credentials are available but became invalid due to various reasons (e.g., credit exhaustion, expired accounts, etc.).

This document provides a problem statement, introduces terminology and describes an extension for the base IETF emergency services architecture.



Table of Contents

1.  Introduction
2.  A Warning Note
3.  Terminology
4.  Architecture
5.  Profiles
    5.1.  End Host Profile
        5.1.1.  ESRP Discovery
        5.1.2.  Location Determination and Location Configuration
        5.1.3.  Emergency Call Identification
        5.1.4.  SIP Emergency Call Signaling
        5.1.5.  Media
        5.1.6.  Testing
    5.2.  ISP Profile
        5.2.1.  ESRP Discovery
        5.2.2.  Location Determination and Location Configuration
    5.3.  ESRP Profile
        5.3.1.  Emergency Call Routing
        5.3.2.  Emergency Call Identification
        5.3.3.  SIP Emergency Call Signaling
        5.3.4.  Location Retrieval
    5.4.  PSAP Profile
        5.4.1.  Location Retrieval
        5.4.2.  Emergency Call Routing
        5.4.3.  Emergency Call Identification
        5.4.4.  SIP Emergency Call Signaling
        5.4.5.  Media
        5.4.6.  Testing
6.  Example
7.  Security Considerations
8.  Acknowledgments
9.  Open Issues
10.  References
    10.1.  Normative References
    10.2.  Informative References
§  Authors' Addresses
§  Intellectual Property and Copyright Statements




 TOC 

1.  Introduction

Summoning police, the fire department or an ambulance in emergencies is one of the fundamental and most-valued functions of the telephone. As telephone functionality moves from circuit-switched telephony to Internet telephony, its users rightfully expect that this core functionality will continue to work at least as well as it has for the older technology. New devices and services are being made available that could be used to make a request for help, which are not traditional telephones, and users are increasingly expecting them to be used to place emergency calls.

Based on the communication model of the Session Initiation Protocol (SIP) as excercised in the IETF it is not necessary to deploy SIP entities in access networks (or associated to them). Instead, VoIP provider may deploy their SIP entities at any place on the Internet. The IETF emergency services architecture acknowledges this deployment model and even goes a step further by recognizing that there are potentially other, non-SIP VoIP providers, that might want to offer emergency service support to their customers. Hence, the interaction between a SIP User Agent and its VoIP provider does not need to be standardized although [I‑D.ietf‑ecrit‑phonebcp] (Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” January 2010.) provides best current practise recommendations regarding the usage of certain features as excercised in the case of SIP.

This flexibility has implications for the architecture, as briefly described in [I‑D.tschofenig‑ecrit‑architecture‑overview] (Tschofenig, H. and H. Schulzrinne, “Emergency Services Architecture Overview: Sharing Responsibilities,” July 2007.), but allows access networks to be application layer agnostic. Furthermore, since the normal VoIP communication exchanges do not traverse these entities in the access network it is quite likely that interoperability problems will occur especially in an emergency case.

There are essentially three environments that need to be considered:

  1. The emergency caller does not credentials for access to the network but it still has credentials for his VoIP provider.

    This is often the case with enterprise networks, home networks, or governmental networks. In other cases the user might be able to obtain such credentials, for example in hotspots found in hotels, at airports, and in many coffee shops. Unfortunately, users have to go through a lengthy procedure (often involving captive portals) to obtain a temporary account in exchange of money. In emergency situations it is certainly not desirable to let the user find their way through a number of webpages and to type-in their credit card details.
  2. The emergency caller has credentials for network access but does not have credentials for a VoIP provider. This case is rather unlikely.
  3. The emergency caller has credentials (for either network access or it's VoIP provider) but they do not provide enough authorization to make a call. This use case essentially refers to lack of authorization. Examples are: Insufficient credits, lack of a roaming agreement (between visited network and home network), disabled account, and other authorization failures.

Scenario (1) is the most likely scenario and the main focus of this document.

In all these cases it is not possible to place an emergency call as envisioned in the IETF emergency services architecture, described in [I‑D.ietf‑ecrit‑framework] (Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, “Framework for Emergency Calling using Internet Multimedia,” July 2009.).



 TOC 

2.  A Warning Note

At the time of writing there is no regulation in place that demands the functionality described in this memo. SDOs have started their work on this subject in a proactive fashion in the anticipation that national regulation in some countries might demand this functionality for a subset of network types.

There are also indications that the functionality of unauthenticated emergency calls in today's cellular system (called SIM-less calls) in certain countries leads to a fair amount of hoaks calls or test calls leading to overload situations at PSAPs.

As an example, Federal Office of Communications (OFCOM, Switzerland) provided statistics about 112 calls in Switzerland from Jan. 1997 to Nov. 2001. Switzerland did not offer SIM-less emergency calls except for almost a month in July 2000 where a significant increase in hoaks and test calls was reported. As a consequence, the functionality was disabled again. More details can be found in the panel presentations of the 3rd SDO Emergency Services Workshop [esw07] (, “3rd SDO Emergency Services Workshop, http://www.emergency-services-coordination.info/2007Nov/,” October 30th - November 1st 2007.).



 TOC 

3.  Terminology

In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in RFC 2119 [RFC2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).

This document introduces the following new terms:

Un-initialized Device:

A device without VoIP client software.

Non-service-initialized Device:

A device for which there is no valid service contract with a provider of the services enumerated in paragraph (a) of this section. Other terms: "un-activated", "un-provisioned”, “unbranded”, “non-service-initialized” device.

Unauthenticated Emergency Service:

The term "unauthenticated emergency services" refers to the case where an emergency caller does not have credentials (e.g., no SIM card, no username and password, no private key) to either attach to network or for usage with a VoIP service or both. Still, the device is granted (limited) access to perform emergency calling. It is important to differentiate between the unavailability of credentials for network access and for VoIP access as the network provider and the VoIP provider are often distinct entities and therefore the user might have different credentials with the two.

Unauthorized Emergency Service:

The term "unauthorized emergency services" refers to the case where a device aims to attach to the network or to use a VoIP service but the authorization procedure fails. The authorization step may fail as a consequence of triggering different procedures (such as network access authentication or registration at the VoIP providers registrar). Still, the device is granted (limited) access to perform emergency calling. It is important to differentiate between network operator and VoIP provider as they often refer to different parties and therefore the authorization decision might be executed by a different backend infrastructure.

Lack of authorization might be caused by a number of reasons, including credit exhaustion, expired accounts, locked account, missing access rights (e.g., access to the competitors enterprise network), etc.

This document reuses terminology from [I‑D.ietf‑geopriv‑l7‑lcp‑ps] (Tschofenig, H. and H. Schulzrinne, “GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements,” July 2009.) and [I‑D.ietf‑ecrit‑requirements] (Schulzrinne, H. and R. Marshall, “Requirements for Emergency Context Resolution with Internet Technologies,” March 2007.), namely Internet Access Provider (IAP), Internet Service Provider (ISP), Application Service Provider (ASP), Voice Service Provider (VSP), Emergency Service Routing Proxy (ESRP), Public Safety Answering Point (PSAP), Location Configuration Server (LCS), (emergency) service dial string, and (emergency) service identifier.



 TOC 

4.  Architecture

For unauthenticated emergency services support it is insufficient to provide mechanisms only at the link layer in order to bypass authentication. A modification to the emergency services architecture is necessary since the IAP and the ISP need to make sure that the claimed emergency caller indeed performs an emergency call rather than using the network for other purposes, and thereby acting fraudulent by skipping any authentication, authorization and accounting procedures. Hence, without introducing some understanding of the specific application the ISP (and consequently the IAP) will not be able to detect and filter malicious activities. This leads to the architecture described in Figure 1 (Unauthenticated Emergency Services Architecture) where the IAP needs to implement extensions to link layer procedures for unauthenticated emergency service access and the ISP needs to deploy emergency services related entities used for call routing, such as the Emergency Services Routing Proxy (ESRP), a Location Configuration Server (LCS) and a mapping database.

On a very high-level, the interaction is as follows starting with the end host not being attached to the network and the user starting to make an emergency call.

For editorial reasons the end-to-end SIP and media exchange between the PSAP and SIP UA are not shown in Figure 1 (Unauthenticated Emergency Services Architecture).

Two important aspects are worth to highlight:

Figure 1 (Unauthenticated Emergency Services Architecture) shows that the ISP needs to deploy SIP-based emergency services functionality. It is important to note that the ISP itself may outsource the functionality by simply providing access to them (e.g., it puts the IP address of an ESRP or a LoST server into an allow-list). For editorial reasons this outsourcing is not shown.



      +---------------------------+
      |                           |
      | Emergency Network         |
      | Infrastructure            |
      |                           |
      | +----------+ +----------+ |
      | | PSAP     | | ESRP     | |
      | |          | |          | |
      | +----------+ +----------+ |
      +-------------------^-------+
                          |
                          | (7)
 +------------------------+-----------------------+
 | ISP                    |                       |
 |                        |                       |
 |+----------+            v                       |
 || Mapping  |  (6)  +----------+                 |
 || Database |<----->| ESRP /   |                 |
 |+----------+       | SIP Proxy|<-+              |
 |+----------+       +----------+  |  +----------+|
 || LCS-ISP  |          ^          |  | DHCP     ||
 ||          |<---------+          |  | Server   ||
 |+----------+     (4)             |  +----------+|
 +-------^-------------------------+-----------^--+
 +-------|-------------------------+-----------|--+
 | IAP   | (5)                     |           |  |
 |       V                         |           |  |
 |+----------+                     |           |  |
 || LCS-IAP  |       +----------+  |           |  |
 ||          |       | Link     |  |(3)        |  |
 |+----------+       | Layer    |  |           |  |
 |                   | Device   |  |        (2)|  |
 |                   +----------+  |           |  |
 |                        ^        |           |  |
 |                        |        |           |  |
 +------------------------+--------+-----------+--+
                          |        |           |
                       (1)|        |           |
                          |        |           |
                          |   +----+           |
                          v   v                |
                     +----------+              |
                     | End      |<-------------+
                     | Host     |
                     +----------+

 Figure 1: Unauthenticated Emergency Services Architecture 

It is important to note that a single ESRP may also offer it's service to several ISPs.



 TOC 

5.  Profiles



 TOC 

5.1.  End Host Profile



 TOC 

5.1.1.  ESRP Discovery

The end host MUST use the "Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers" [RFC3361] (Schulzrinne, H., “Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers,” August 2002.) (for IPv6) and / or the "Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers" [RFC3319] (Schulzrinne, H. and B. Volz, “Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers,” July 2003.). This SIP proxy located in the ISP network will be used as the ESRP for routing emergency calls. There is no need to discovery a separate SIP proxy with specific emergency call functionality since the internal procedure for emergency call processing is subject of ISP internal operation.



 TOC 

5.1.2.  Location Determination and Location Configuration

There is no requirement for end hosts to support any Location Configuration Protocol. If clients are in possession of location information, for example, based on a built-in GPS receiver then they SHOULD attach the location information in a PIDF-LO. When constructing the PIDF-LO the guidelines in PIDF-LO profile [I‑D.ietf‑geopriv‑pdif‑lo‑profile] (Winterbottom, J., Thomson, M., and H. Tschofenig, “GEOPRIV PIDF-LO Usage Clarification, Considerations and Recommendations,” November 2008.) MUST be followed. For civic location information the format defined in [I‑D.ietf‑geopriv‑revised‑civic‑lo] (Thomson, M. and J. Winterbottom, “Revised Civic Location Format for PIDF-LO,” December 2007.) MUST be supported.



 TOC 

5.1.3.  Emergency Call Identification

To determine which calls are emergency calls, some entity needs to map a user entered dialstring into this URN scheme. A user may "dial" 1-1-2, but the call would be sent to urn:service:sos. This mapping SHOULD be performed at the endpoint device.

End hosts MUST use the Service URN mechanism [I‑D.ietf‑ecrit‑service‑urn] (Schulzrinne, H., “A Uniform Resource Name (URN) for Emergency and Other Well-Known Services,” August 2007.) to mark calls as emergency calls for their home emergency dial string (if known). For visited emergency dial string the translation into the Service URN mechanism is not mandatory since the ESRP in the ISPs network knows the visited emergency dial strings.



 TOC 

5.1.4.  SIP Emergency Call Signaling

SIP signaling capabilities [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) are mandated for end hosts.

The initial SIP signaling method is an INVITE. The SIP INVITE request MUST be constructed according to the requirements in Section 9.2 [I‑D.ietf‑ecrit‑phonebcp] (Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” January 2010.).

Regarding callback behavior SIP UAs MUST have a globally routable URI in a Contact: header.



 TOC 

5.1.5.  Media

End points MUST comply with the media requirements for end points placing an emergency call found in Section 14 of [I‑D.ietf‑ecrit‑phonebcp] (Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” January 2010.).



 TOC 

5.1.6.  Testing

The description in Section 15 of [I‑D.ietf‑ecrit‑phonebcp] (Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” January 2010.) is fully applicable to this document.



 TOC 

5.2.  ISP Profile



 TOC 

5.2.1.  ESRP Discovery

The ISP MUST implement the server side part of "Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers" [RFC3361] (Schulzrinne, H., “Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers,” August 2002.) (for IPv4) and / or the "Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers" [RFC3319] (Schulzrinne, H. and B. Volz, “Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers,” July 2003.).



 TOC 

5.2.2.  Location Determination and Location Configuration

The ISP must perform the neccesary steps to determine the location of the end host. It is not necessary to standardize a specific mechanism.

The role of the ISP is to operate the LIS. The usage of HELD [I‑D.ietf‑geopriv‑http‑location‑delivery] (Barnes, M., Winterbottom, J., Thomson, M., and B. Stark, “HTTP Enabled Location Delivery (HELD),” August 2009.) with the identity extensions [I‑D.winterbottom‑geopriv‑held‑identity‑extensions] (Thomson, M., Tschofenig, H., Barnes, R., and J. Winterbottom, “Use of Target Identity in HTTP-Enabled Location Delivery (HELD),” August 2009.) may be a possible choice. It might be necessary for the ISP to talk to the IAP in order to determine the location of the end host. The work on LIS-to-LIS communication may be relevant, see [I‑D.winterbottom‑geopriv‑lis2lis‑req] (Winterbottom, J. and S. Norreys, “LIS to LIS Protocol Requirements,” November 2007.).



 TOC 

5.3.  ESRP Profile



 TOC 

5.3.1.  Emergency Call Routing

The ESRP must route the emergency call to the PSAP responsible for the physical location of the end host. However, a standardized approach for determining the correct PSAP based on a given location is useful but not mandatory.

For cases where a standardized protocol is used LoST [I‑D.ietf‑ecrit‑lost] (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” May 2008.) is a suitable mechanism.



 TOC 

5.3.2.  Emergency Call Identification

The ESRP MUST understand the Service URN mechanism [I‑D.ietf‑ecrit‑service‑urn] (Schulzrinne, H., “A Uniform Resource Name (URN) for Emergency and Other Well-Known Services,” August 2007.) (i.e., the 'urn:service:sos' tree) and additionally the national emergency dial strings. The ESRP SHOULD perform a mapping of national emergency dial strings to Service URNs to simplify processing at PSAPs.



 TOC 

5.3.3.  SIP Emergency Call Signaling

SIP signaling capabilities [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) are mandated for the ESRP. The ESRP MUST process the messages sent by the client, according to Section 5.1.4 (SIP Emergency Call Signaling). Furthermore, the ESRP MUST be able to add a reference to location information, as described in SIP Location Conveyance [I‑D.ietf‑sip‑location‑conveyance] (Polk, J. and B. Rosen, “Location Conveyance for the Session Initiation Protocol,” March 2009.), before forwarding the call to the PSAP. The ISP MUST be prepared to receive incoming dereferencing requests to resolve the reference to the location information.



 TOC 

5.3.4.  Location Retrieval

The ESRP acts a location recipient and the usage of HELD [I‑D.ietf‑geopriv‑http‑location‑delivery] (Barnes, M., Winterbottom, J., Thomson, M., and B. Stark, “HTTP Enabled Location Delivery (HELD),” August 2009.) with the identity extensions [I‑D.winterbottom‑geopriv‑held‑identity‑extensions] (Thomson, M., Tschofenig, H., Barnes, R., and J. Winterbottom, “Use of Target Identity in HTTP-Enabled Location Delivery (HELD),” August 2009.) may be a possible choice. The ESRP would thereby act as a HELD client and the corresponding LIS at the ISP as the HELD server.

The ESRP needs to obtain enough information to route the call. The ESRP itself, however, does not necessarily need to process location information obtained via HELD since it may be used as input to LoST to obtain the PSAP URI.



 TOC 

5.4.  PSAP Profile



 TOC 

5.4.1.  Location Retrieval

The PSAP MUST act according to SIP Location Conveyance when processing a request with location information. In particular, it MUST understand PIDF-LO format [RFC4119] (Peterson, J., “A Presence-based GEOPRIV Location Object Format,” December 2005.), the PIDF-LO profile [I‑D.ietf‑geopriv‑pdif‑lo‑profile] (Winterbottom, J., Thomson, M., and H. Tschofenig, “GEOPRIV PIDF-LO Usage Clarification, Considerations and Recommendations,” November 2008.) (including all shape types) and the revised civic format [I‑D.ietf‑geopriv‑revised‑civic‑lo] (Thomson, M. and J. Winterbottom, “Revised Civic Location Format for PIDF-LO,” December 2007.) (including the civic location tokens applicable for the geographial region the PSAP is responsible for). Furthermore, the PSAP MUST understand the SIP or SIPS dereference scheme (see [I‑D.ietf‑sip‑location‑conveyance] (Polk, J. and B. Rosen, “Location Conveyance for the Session Initiation Protocol,” March 2009.)) and the HELD dereferencing protocol (see [I‑D.winterbottom‑geopriv‑deref‑protocol] (Winterbottom, J., Tschofenig, H., Schulzrinne, H., Thomson, M., and M. Dawson, “A Location Dereferencing Protocol Using HELD,” January 2010.)).



 TOC 

5.4.2.  Emergency Call Routing

There might be additional emergency call routing applied within the PSAP operators network. This aspect is, however, outside the scope of this document.

LoST [I‑D.ietf‑ecrit‑lost] (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” May 2008.) might be an appropriate way to determine the next ESRP or the final PSAP for routing the emergency call.



 TOC 

5.4.3.  Emergency Call Identification

The PSAP MUST understand the Service URN mechanism [I‑D.ietf‑ecrit‑service‑urn] (Schulzrinne, H., “A Uniform Resource Name (URN) for Emergency and Other Well-Known Services,” August 2007.) (i.e., the 'urn:service:sos' tree).



 TOC 

5.4.4.  SIP Emergency Call Signaling

SIP signaling [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) is expected be supported by the PSAP. The PSAP MUST process the messages sent by the client, as indicated in Section 5.1.4 (SIP Emergency Call Signaling). When receiving an emergency call the ESRP will dereference the reference to location information for dispatch.



 TOC 

5.4.5.  Media

The PSAP MUST process the media traffic sent by the client, as indicated in Section 5.1.5 (Media).



 TOC 

5.4.6.  Testing

The PSAP MUST process the signaling messages sent by the client, as indicated in Section 5.1.6 (Testing).



 TOC 

6.  Example

[Editor's Note: A WLAN hotspot or a DSL home network example could go in here.]



 TOC 

7.  Security Considerations

The security threats discussed in [I‑D.ietf‑ecrit‑security‑threats] (Taylor, T., “Security Threats and Requirements for Emergency Call Marking and Mapping,” August 2007.) are applicable to this document. A number of security vulnerabilities discussed in [I‑D.barnes‑geopriv‑lo‑sec] (Barnes, R., Lepinski, M., Cooper, A., Morris, J., Tschofenig, H., and H. Schulzrinne, “An Architecture for Location and Location Privacy in Internet Applications,” March 2009.) around faked location information are less problematic in this case since location information does not need to be provided by the end host itself or it can be verified to fall within a specific geographical area.

There are a couple of new vulnerabilities raised with unauthenticated emergency services since the PSAP operator does is not in possession of any identity information about the emergency call via the signaling path itself. In countries where this functionality is used for GSM networks today this has lead to a significant amount of misuse.

The link layer mechanisms need to provide a special way of handling unauthenticated emergency services. Although this subject is not a topic for the IETF itself but there are at least a few high-level assumptions that may need to be collected. This includes security features that may be desirable.



 TOC 

8.  Acknowledgments

We would like to thank the authors of [I‑D.ietf‑ecrit‑phonebcp] (Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” January 2010.) (James Polk and Brian Rosen) for their good work. This document makes heavy use of their document.

We would like to thank members from the Wimax Forum for their help with the terminology. We would also like to thank the participants of the 2nd and 3rd SDO Emergency Services Workshop for their input regarding this subject.



 TOC 

9.  Open Issues

The following three high-level topics have been determined as open issues:



 TOC 

10.  References



 TOC 

10.1. Normative References

[I-D.ietf-sip-location-conveyance] Polk, J. and B. Rosen, “Location Conveyance for the Session Initiation Protocol,” draft-ietf-sip-location-conveyance-13 (work in progress), March 2009 (TXT).
[I-D.ietf-ecrit-service-urn] Schulzrinne, H., “A Uniform Resource Name (URN) for Emergency and Other Well-Known Services,” draft-ietf-ecrit-service-urn-07 (work in progress), August 2007 (TXT).
[RFC4776] Schulzrinne, H., “Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information,” RFC 4776, November 2006 (TXT).
[RFC3825] Polk, J., Schnizlein, J., and M. Linsner, “Dynamic Host Configuration Protocol Option for Coordinate-based Location Configuration Information,” RFC 3825, July 2004 (TXT).
[RFC4119] Peterson, J., “A Presence-based GEOPRIV Location Object Format,” RFC 4119, December 2005 (TXT).
[I-D.ietf-geopriv-pdif-lo-profile] Winterbottom, J., Thomson, M., and H. Tschofenig, “GEOPRIV PIDF-LO Usage Clarification, Considerations and Recommendations,” draft-ietf-geopriv-pdif-lo-profile-14 (work in progress), November 2008 (TXT).
[I-D.ietf-geopriv-revised-civic-lo] Thomson, M. and J. Winterbottom, “Revised Civic Location Format for PIDF-LO,” draft-ietf-geopriv-revised-civic-lo-07 (work in progress), December 2007 (TXT).
[RFC3361] Schulzrinne, H., “Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers,” RFC 3361, August 2002 (TXT).
[RFC3319] Schulzrinne, H. and B. Volz, “Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers,” RFC 3319, July 2003 (TXT).
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” RFC 3261, June 2002 (TXT).
[I-D.rosen-iptel-dialstring] Rosen, B., “Dialstring parameter for the Session Initiation Protocol Uniform Resource Identifier,” draft-rosen-iptel-dialstring-05 (work in progress), March 2007 (TXT).
[I-D.ietf-sip-gruu] Rosenberg, J., “Obtaining and Using Globally Routable User Agent (UA) URIs (GRUU) in the Session Initiation Protocol (SIP),” draft-ietf-sip-gruu-15 (work in progress), October 2007 (TXT).
[RFC2396] Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifiers (URI): Generic Syntax,” RFC 2396, August 1998 (TXT, HTML, XML).
[RFC3264] Rosenberg, J. and H. Schulzrinne, “An Offer/Answer Model with Session Description Protocol (SDP),” RFC 3264, June 2002 (TXT).
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” STD 64, RFC 3550, July 2003 (TXT, PS, PDF).
[RFC3551] Schulzrinne, H. and S. Casner, “RTP Profile for Audio and Video Conferences with Minimal Control,” STD 65, RFC 3551, July 2003 (TXT, PS, PDF).
[RFC3428] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., and D. Gurle, “Session Initiation Protocol (SIP) Extension for Instant Messaging,” RFC 3428, December 2002 (TXT).
[RFC4103] Hellstrom, G. and P. Jones, “RTP Payload for Text Conversation,” RFC 4103, June 2005 (TXT).
[RFC3984] Wenger, S., Hannuksela, M., Stockhammer, T., Westerlund, M., and D. Singer, “RTP Payload Format for H.264 Video,” RFC 3984, February 2005 (TXT).
[I-D.ietf-sipping-toip] Wijk, A. and G. Gybels, “Framework for real-time text over IP using the Session Initiation Protocol (SIP),” draft-ietf-sipping-toip-09 (work in progress), April 2008 (TXT).
[RFC3920] Saint-Andre, P., Ed., “Extensible Messaging and Presence Protocol (XMPP): Core,” RFC 3920, October 2004 (TXT, HTML, XML).
[RFC2119] Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997 (TXT, HTML, XML).
[I-D.winterbottom-geopriv-deref-protocol] Winterbottom, J., Tschofenig, H., Schulzrinne, H., Thomson, M., and M. Dawson, “A Location Dereferencing Protocol Using HELD,” draft-winterbottom-geopriv-deref-protocol-05 (work in progress), January 2010 (TXT).
[I-D.ietf-ecrit-phonebcp] Rosen, B. and J. Polk, “Best Current Practice for Communications Services in support of Emergency Calling,” draft-ietf-ecrit-phonebcp-14 (work in progress), January 2010 (TXT).


 TOC 

10.2. Informative References

[I-D.ietf-ecrit-lost] Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” draft-ietf-ecrit-lost-10 (work in progress), May 2008 (TXT).
[I-D.tschofenig-ecrit-architecture-overview] Tschofenig, H. and H. Schulzrinne, “Emergency Services Architecture Overview: Sharing Responsibilities,” draft-tschofenig-ecrit-architecture-overview-00 (work in progress), July 2007 (TXT).
[I-D.ietf-geopriv-l7-lcp-ps] Tschofenig, H. and H. Schulzrinne, “GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements,” draft-ietf-geopriv-l7-lcp-ps-10 (work in progress), July 2009 (TXT).
[I-D.ietf-ecrit-framework] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, “Framework for Emergency Calling using Internet Multimedia,” draft-ietf-ecrit-framework-10 (work in progress), July 2009 (TXT).
[I-D.marshall-geopriv-lbyr-requirements] Marshall, R., “Requirements for a Location-by-Reference Mechanism used in Location Configuration and Conveyance,” draft-marshall-geopriv-lbyr-requirements-02 (work in progress), July 2007 (TXT).
[I-D.ietf-geopriv-http-location-delivery] Barnes, M., Winterbottom, J., Thomson, M., and B. Stark, “HTTP Enabled Location Delivery (HELD),” draft-ietf-geopriv-http-location-delivery-16 (work in progress), August 2009 (TXT).
[I-D.ietf-ecrit-mapping-arch] Schulzrinne, H., “Location-to-URL Mapping Architecture and Framework,” draft-ietf-ecrit-mapping-arch-04 (work in progress), March 2009 (TXT).
[I-D.ietf-ecrit-requirements] Schulzrinne, H. and R. Marshall, “Requirements for Emergency Context Resolution with Internet Technologies,” draft-ietf-ecrit-requirements-13 (work in progress), March 2007 (TXT).
[I-D.winterbottom-geopriv-held-identity-extensions] Thomson, M., Tschofenig, H., Barnes, R., and J. Winterbottom, “Use of Target Identity in HTTP-Enabled Location Delivery (HELD),” draft-winterbottom-geopriv-held-identity-extensions-10 (work in progress), August 2009 (TXT).
[I-D.winterbottom-geopriv-lis2lis-req] Winterbottom, J. and S. Norreys, “LIS to LIS Protocol Requirements,” draft-winterbottom-geopriv-lis2lis-req-01 (work in progress), November 2007 (TXT).
[I-D.ietf-ecrit-security-threats] Taylor, T., “Security Threats and Requirements for Emergency Call Marking and Mapping,” draft-ietf-ecrit-security-threats-05 (work in progress), August 2007 (TXT).
[I-D.schulzrinne-ecrit-location-hiding-requirements] Schulzrinne, H., “Location Hiding: Problem Statement and Requirements,” draft-schulzrinne-ecrit-location-hiding-requirements-01 (work in progress), August 2007 (TXT).
[I-D.barnes-geopriv-lo-sec] Barnes, R., Lepinski, M., Cooper, A., Morris, J., Tschofenig, H., and H. Schulzrinne, “An Architecture for Location and Location Privacy in Internet Applications,” draft-barnes-geopriv-lo-sec-05 (work in progress), March 2009 (TXT).
[esw07] 3rd SDO Emergency Services Workshop, http://www.emergency-services-coordination.info/2007Nov/,” October 30th - November 1st 2007.


 TOC 

Authors' Addresses

  Henning Schulzrinne
  Columbia University
  Department of Computer Science
  450 Computer Science Building
  New York, NY 10027
  US
Phone:  +1 212 939 7004
Email:  hgs+ecrit@cs.columbia.edu
URI:  http://www.cs.columbia.edu
  
  Stephen McCann
  Siemens/Roke Manor Research
Email:  stephen.mccann@roke.co.uk
  
  Gabor Bajko
  Nokia
Email:  Gabor.Bajko@nokia.com
  
  Hannes Tschofenig
  Nokia Siemens Networks
  Otto-Hahn-Ring 6
  Munich, Bavaria 81739
  Germany
Email:  Hannes.Tschofenig@nsn.com
URI:  http://www.tschofenig.com


 TOC 

Full Copyright Statement

Intellectual Property