Internet DRAFT - draft-gundavelli-dispatch-e911-wifi
draft-gundavelli-dispatch-e911-wifi
DISPATCH S. Gundavelli
Internet-Draft M. Grayson
Intended status: Standards Track Cisco
Expires: 14 July 2024 11 January 2024
Emergency Communication Services over Wi-Fi Access Networks
draft-gundavelli-dispatch-e911-wifi-02
Abstract
This document introduces an approach to enable emergency services
over Wi-Fi access networks. These services encompass emergency
services such as 911 in North America, 112 in the European Union, and
equivalent emergency services in other regulatory domains. The
proposed approach aims to provide a comprehensive solution for
supporting emergency communication across different regions and
regulatory frameworks.
Leveraging the legal framework and infrastructure of the OpenRoaming
federation, this proposal aims to extend emergency calling
capabilities to the vast number of OpenRoaming Wi-Fi hotspots that
have already been deployed.
The approach addresses critical challenges related to emergency
calling, including discovery and authentication procedures for
accessing networks that support emergency services, emergency access
credentials, the configuration of emergency voice services, accurate
location determination of the emergency caller, and call spofing.
By providing a comprehensive solution, this proposal ensures that
emergency communication services can be seamlessly and effectively
supported within the IEEE 802.11-based Wi-Fi ecosystem leveraging
Passpoint Profiles.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Gundavelli & Grayson Expires 14 July 2024 [Page 1]
Internet-Draft Emergency Communication Services January 2024
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 14 July 2024.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 4
2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 4
2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
3. Emergency Service Architectures - Current Art . . . . . . . . 5
3.1. IETF Protocol Support . . . . . . . . . . . . . . . . . . 5
3.2. NG911 and NG112 Emergency Systems . . . . . . . . . . . . 6
3.3. 3GPP Emergency Service Architecture . . . . . . . . . . . 7
4. Proposed Approach . . . . . . . . . . . . . . . . . . . . . . 8
4.1. Scenario Description . . . . . . . . . . . . . . . . . . 8
4.2. Technical Architecture . . . . . . . . . . . . . . . . . 9
5. Key Service Requirements . . . . . . . . . . . . . . . . . . 11
6. Access Network Location . . . . . . . . . . . . . . . . . . . 12
7. WLAN Network Identification and Selection . . . . . . . . . . 12
8. Legal and Regulatory Requirements . . . . . . . . . . . . . . 13
9. Authentication on the emergency RCOI WLAN . . . . . . . . . . 13
10. Authentication using the sos.fcc-authorized.org realm . . . . 13
11. Emergency CSCF operation for end-users using
sos.fcc-authorized.org credentials . . . . . . . . . . . 14
12. Emergency calling by OpenRoaming subscribers on MNOs . . . . 14
13. Call Flows . . . . . . . . . . . . . . . . . . . . . . . . . 14
14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
15. Security Considerations . . . . . . . . . . . . . . . . . . . 19
16. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19
17. References . . . . . . . . . . . . . . . . . . . . . . . . . 19
Gundavelli & Grayson Expires 14 July 2024 [Page 2]
Internet-Draft Emergency Communication Services January 2024
17.1. Normative References . . . . . . . . . . . . . . . . . . 19
17.2. Informative References . . . . . . . . . . . . . . . . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction
The Federal Communications Commission's (FCC) Communications
Security, Reliability, and Interoperability Council (CSRIC) have
completed a report that is currently under FCC review. The report
focuses on the utilization of Wi-Fi technology for accessing
emergency 911 services in areas without mobile coverage. It provides
an overview of non-proprietary standards capable of facilitating 911
services over Wi-Fi networks based on the IEEE 802.11 technology.
Additionally, the report highlights the potential need for legal and
regulatory adjustments to address concerns related to liability,
privacy, and security when enabling public access to 911 services via
Wi-Fi.
The study looked at the technical feasibility and cost of:
* making telecommunications service provider-owned Wi-Fi access
points, and other communications technologies operating on
unlicensed spectrum, available to the general public for access to
9-1-1 services, without requiring any login credentials, during
times of emergency when mobile service is unavailable;
* the provision by non-telecommunications service provider-owned Wi-
Fi access points of public access to 9-1-1 services during times
of emergency when mobile service is unavailable; and
* alternative means of providing the public with access to 9-1-1
services during times of emergency when mobile service is
unavailable."
These initiatives showcase the dedication of regulatory entities to
enhance access to emergency services through Wi-Fi-based networks.
It is important to note that these efforts are not limited to any one
specific regulatory domain but represent a widespread trend.
This document introduces an approach that aligns with ongoing efforts
to enhance emergency communication services over unlicensed Wi-Fi
access networks. It proposes utilizing the OpenRoaming federation
[I-D.tomas-openroaming] of Wi-Fi access providers and Identity
Providers to facilitate the provision of emergency services.
Gundavelli & Grayson Expires 14 July 2024 [Page 3]
Internet-Draft Emergency Communication Services January 2024
By leveraging a pre-configured emergency passpoint profile, any Wi-
Fi-enabled device situated within the coverage area of an OpenRoaming
hotspot that supports emergency services will have the capability to
access the available emergency communication services provided in
that region.
2. Conventions and Terminology
2.1. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2.2. Terminology
All the terms used in this document are to be interpreted as defined
in the IETF and 3GPP specifications. For convenience, the
definitions for some of the terms are provided below.
OpenRoaming (OR)
A federation that provides the framework for connecting
unprecedented footprint of millions of Wi-Fi hotspots with
identity providers.
Identity Provider (IDP)
An entity that manages identity credentials and policies for
devices and provides authentications services.
Access Network Provider (ANP)
An entity providing internet connectivity services.
Passpoint Profile
Passpoint is a Wi-Fi Alliance (WFA) protocol that enables mobile
devices to discover and authenticate to Wi-Fi hotspots that
provide internet access. Profile includes the user's credentials
and the access network identifiers.
Roaming Consortium Identifier (RCOI)
It is a 3-octet, or a 5-octet value carried in the 802.11 beacon
information element (IE). It is also sent in the ANQP messages.
RCOI identifies the groups or identity providers that are
supported by the network.
Gundavelli & Grayson Expires 14 July 2024 [Page 4]
Internet-Draft Emergency Communication Services January 2024
Connectivity Location Function (CLF)
It maintains mappings between the endpoint's dynamically assigned
IP address and its physical location. An enhanced CLF maintains
the mapping between the devices' access point identifier (BSSID)
and the physical location.
Public Safety Answering Point (PSAP)
A PSAP is a facility where emergency calls are received under the
responsibility of a public authority.
Route Determination Function (RDF)
It resolves a physical location, either a civic address or a geo-
spatial address to the serving PSAP.
P-CSCF
Proxy Call Session Control Function. P-CSCF is a specific 3GPP
function ([TS23501]) defined in their IMS architecture. It
largely a 3GPP variant of the IETF SIP Proxy function [RFC3261].
E-CSCF
Enhanced Call Session Control Function. It takes the requests
from P-CSCF (Proxy CSCF) and routes the emergency sessions to the
PSAP based on CLF and RDF queries.
3. Emergency Service Architectures - Current Art
3.1. IETF Protocol Support
The IETF has made significant contributions to the development of
emergency architectures, which serve as the foundation for Next
Generation 911 and 112 systems. These efforts encompass a wide range
of protocols and cover essential aspects, including location
determination and other relevant elements. The following key
specifications highlight these contributions: [RFC4119], [RFC4676],
[RFC5222], [RFC5985], [RFC6225], [RFC6442], [RFC6443] [RFC6881],
[RFC7852], and [RFC8876],
Gundavelli & Grayson Expires 14 July 2024 [Page 5]
Internet-Draft Emergency Communication Services January 2024
However, it is worth noting that a substantial portion of the work
conducted by the IETF predates the current industry focus on roaming
in Wi-Fi networks using Passpoint profiles and identity federation
rameworks, as well as the infrastructure established by the
OpenRoaming federation. There is inherent value in standardizing
emergency communication approaches that align with these newer
industry developments around Wi-Fi roaming.
The primary objective of these efforts is to enable individuals with
Wi-Fi devices within the coverage area of an OpenRoaming hotspot to
connect to the network without requiring specific access credentials.
This allows them to make emergency calls seamlessly and without any
barriers. This can save lives!
3.2. NG911 and NG112 Emergency Systems
Next Generation 911 (NG911) is the new emergency communication system
designed to enhance the effectiveness and efficiency of emergency
services. NG911 builds upon the existing 911 emergency response
infrastructure by integrating newer capabilities.
The implementation of the NG911 architecture is planned to occur in
multiple phases. The first phase focuses on enhancing the existing
legacy 911 architecture. Following this, a transitional phase will
be implemented to gradually transition to the full-fledged NG911
system. Finally, the End State NG911 Service architecture will be
established to provide the ultimate NG911 capabilities.
NG911 leverages IP-based networks to transmit emergency
communications, enabling seamless integration with various digital
platforms and devices. It enables individuals to contact emergency
services not only through traditional phone calls but also through
text messages, multimedia messages, and even real-time video
streaming. This provides greater flexibility for individuals with
diverse communication preferences or accessibility needs.
One of the significant advantages of NG911 is the ability to receive
more detailed location information from callers. Traditional 911
systems rely on the location of the calling device or the cell tower
used for the call, which can sometimes result in imprecise location
data. NG911 leverages Global Navigation Satellite Systems (GNSS) to
obtain more accurate and reliable location information, allowing
emergency services to respond more swiftly and precisely.
NG911 architecture is based on IETF standards. The SIP UA which is
authenticated to the P-CSCF, creates a SIP INVITE that includes
location information in the form of a Presence Information Data
Format Location Object (PIDF-LO) in the body of the message. The
Gundavelli & Grayson Expires 14 July 2024 [Page 6]
Internet-Draft Emergency Communication Services January 2024
P-CSCF passes the SIP INVITE to the E-CSCF. The E-CSCF passes the
SIP INVITE message to the LRF to obtain location and routing
information for the emergency call. LRF will use the Location to
Service Translation (LoST) protocol [RFC5222] to query the RDF. The
RDF will determine routing based on the routing location
NG112 is the new emergency communication system designed to improve
emergency services by integratung modern technologies and
capabilities. It is a European initiative that aims to enhance the
existing emergency response infrastructure, building upon the legacy
of the widely recognized emergency number, 112. NG112 largely
follows the NG911 architecture and is based on IETF standards.
3.3. 3GPP Emergency Service Architecture
The 3rd Generation Partnership Project (3GPP) has developed an
Emergency Service architecture that enables effective and reliable
emergency communication services within cellular networks. This
architecture encompasses various components and protocols designed to
ensure prompt emergency assistance.
The essential component of the architecture is the Emergency Services
(ES) functionality, which allows users to dial emergency numbers,
such as 112 or 911, to access emergency services. ES interfaces with
the cellular network infrastructure to establish emergency calls and
deliver them to the appropriate Public Safety Answering Point (PSAP)
or emergency call center.
Additionally, the architecture includes the Location Services (LCS)
system, which enables accurate positioning of emergency callers. LCS
uses various positioning methods, including GPS, and network-based
methods, to determine the caller's location and transmit it to the
PSAP for effective emergency response.
The 3GPP Emergency Service architecture also incorporates support for
multimedia services, such as text messages, images, and videos,
enabling individuals to provide additional information to emergency
services during critical situations.
Overall, the 3GPP Emergency Service architecture ensures that
cellular networks have the necessary capabilities to handle emergency
calls, deliver accurate location information, and support multimedia
communication for effective emergency response and public safety.
Gundavelli & Grayson Expires 14 July 2024 [Page 7]
Internet-Draft Emergency Communication Services January 2024
4. Proposed Approach
WBA's OpenRoaming is a roaming federation service of Access Network
Providers (ANPs) and Identity Providers (IDPs), enabling an automatic
and secure Wi-Fi experience globally. WBA OpenRoaming creates the
framework to seamlessly connect devices to the access networks that
are part of the federation. For further insights into the
architectural specifics of WBA's OpenRoaming, please refer to the
document, [I-D.tomas-openroaming].
ANP-1 --\ _----_ /-- IDP-1
\ Access _( Open )_ Identity /
ANP-2 ---<== Network ---( Roaming )--- Providers <==-- IDP-2
/ Providers (_ _) \
ANP-3 --/ '----' \-- IDP-3
Figure 1: OpenRoaming Federation
The solution presented in this proposal utilizes the legal framework
and core components of the OpenRoaming federation to extend emergency
calling capabilities (e.g. 911/112) to tens of thousands of existing
OpenRoaming hotspots operating on unlicensed Wi-Fi networks. The
following text explains the architectural framework of this approach.
4.1. Scenario Description
* A Wi-Fi-enabled device equipped with a pre-installed emergency
passpoint profile and located within the coverage area of an
OpenRoaming hotspot. The device does not have the access network
credentials for that hotspot, other than the emergency passpoint
profile.
* The hotspot is configured to facilitate emergency communication
services. It advertises the emergency RCOI (Roaming Consortium
Identifier) in the IEEE 802.11 beacon messages.
* When a user dials the emergency calling number designated for
their regulatory domain (such as 911/112), their device initiates
a search for Wi-Fi networks that support emergency services by
comparing the RCOI field of the passpoint profile. Upon finding a
match, temporary access to the network is granted. The user's
location is relayed to the Identity Provider (IDP) by the access
network.
Gundavelli & Grayson Expires 14 July 2024 [Page 8]
Internet-Draft Emergency Communication Services January 2024
* The device obtains the emergency service configuration from the
IDP designated for the emergency realm, and specific to that
locale.
* User makes the emergency call registration. User's location
reported in the call signaling is cross correlated with the
location reported by the access network.
* User's call is routed to the nearest PSAP.
4.2. Technical Architecture
IDP
+===================================+
| IDP: (e.g.)sos.fcc-authorized.org)|
| +---+ +------+ |
| |CLF|--------------|E-CSCF| |
| +---+ CLF Query +------+ |
| | for Location | |---><PSAP>
| +---+ +------+ |
| |AAA| |P-CSCF| |
| +---+ +------+ |
+===================================+
. : .
/|\ : /|\
| : |
_----_ | : |
_( Open )_ | : |
----( Roaming )............: |
(_ _) | : |
'----' | : |
| _-----_ |
(RADIUS Signaling)| _( )_ | (SIP Signaling)
| ( Access )- |
RADIUS Attributes | -(_Network)- | P-Access-Network-Info
(BSSID, Civic-Loc | '-----' | SIP Header (RFC 3455)
/Geo-Loc and SLT)| | | and RFC 7315 Defined
| | | 3GPP Header for carrying
\|/ | | BSSID and/or SLT
. +----+ |
| AP | |
+----+ |
: |
: \|/
+========+
| Device | (Emergency Passpoint Profile)
+========+
Gundavelli & Grayson Expires 14 July 2024 [Page 9]
Internet-Draft Emergency Communication Services January 2024
Figure 2: Technical Architecture
The E-CSCF (Emergency Call Session Control Function) and P-CSCF
(Proxy-Call Session Control Function) are well-defined functions
within the IMS (IP Multimedia Subsystem) architecture as specified by
3GPP. These functions can be utilized for emergency calling
purposes, or alternatively, they can be substituted with an IETF SIP
Proxy [RFC3261], to support the necessary calling services.
There will be a designated Identity Provider (IDP) and designated
emergency calling services for supporting emergency calling service
(e.g., 911/112). The AAA server in the IDP supports the realm for
that region (e.g. "@sos.fcc-authorized.org") and the EMERGENCY-RCOI
policies (i.e., for example an 911/112 specific HotSpot2.0 Roaming
Consortium or RCOI). There will also be dedicated P/E-CSCF (Proxy/
Emergency Call Services Control Function) for supporting emergency
calling services. DNS servers for the realm will be configured to
enable ANPs to dynamically discover the designated IDP's AAA servers.
The devices are pre-configured with a HotSpot2.0/Passpoint profile,
which includes the emergency RCOI, and a common identity, e.g.,
anonymous@sos.fcc-athorized.org. Device eco-systems vendors can pre-
configure this profile into every device at the time of manufacturing
or push an updated profile using established carrier-bundle based
provisioning. This anonymous profile will be common for all devices.
This allows the device to discover Wi-Fi access networks that support
emergency services (e.g. 911/112). Furthermore, the SIP User Agent
in the mobile device will be able to use P/E-CSCF configuration
obtained from the Wi-Fi access network.
Wi-Fi access networks that are part of the OpenRoaming federation and
willing to support emergency communication services will configure
the emergency RCOI on their WLAN equipment. WLAN OEM suppliers can
augment existing OpenRoaming provisioning interfaces with emergency
RCOI settings. These networks allow any devices without access
credentials to connect to the network for emergency calling. The Wi-
Fi access network will recover the realm from the identity and use
DNS system to discover the designated IDP's AAA servers.
OpenRoaming already requires access networks to provide their Civic
Location and/or Geo-spatial coordinates in the IDP signaling
messages. The location information may be manually configured or can
be obtained from a reliable source. The device will also be able to
discover emergency voice services (CSCF) and the related
configuration from the access network or from a cloud entity. This
allows device to be able to use the emergency services when connected
to access networks that are not part of the OpenRoaming federation.
NOTE that this assumes that the device has basic internet
Gundavelli & Grayson Expires 14 July 2024 [Page 10]
Internet-Draft Emergency Communication Services January 2024
connectivity and can initiate emergency calls without requiring
emergency calling support from the access network. The device can
include location elements, obtained either from the access network or
from a cloud function, and include them in the SIP signaling using
the Geolocation header fields defined in RFC 6442. The E-CSCF
function will retrieve the location elements from the signaling
messages from the device.
For supporting the architecture based on this approach, we need the
following updates to the WBA OpenRoaming architecture.
* enhancement to WBA OpenRoaming technical framework to include use
of emergency RCOI.
* enhancements to OpenRoaming templated legal terms for access
network providers on use of emergency RCOI and associated
requirements, e.g., related to use of existing defined RFC 5580
location attributes.
* updates to WBA WRIX offered-service VSA to include new string for
"openroaming-emergency" service definition.
* definition of policies required to be enforced by ANP when filter-
id attribute mirrors the "openroaming-emergency" tag.
5. Key Service Requirements
An emergency call handling service shall be designated to handle Wi-
Fi-enabled emergency calls (e.g. 911/112), along with an IDP function
for the respective realm e.g., "sos.fcc-authorized.org", where an
existing MNO cannot (non-provisioned device or MNO core is
unavailable). This should consider third-party providers such as
IDPaaS/MNO/Voice Service Providers to host these services.
Broadband service providers and HotSpot venue operators shall provide
the Civic-Location and or the Geo-spatial coordinates of the venue,
and the emergency voice service configuration to the device in the IP
address configuration procedures.
Consumer devices should be pre-configured by OEMs or through
established carrier-bundle based provisioning with a HotSpot2.0/
Passpoint profile, including the emergency RCOI and a common identity
such as (e.g.) "anonymous@sos.fcc-authorized.org.".
Gundavelli & Grayson Expires 14 July 2024 [Page 11]
Internet-Draft Emergency Communication Services January 2024
6. Access Network Location
Location of the caller is a key element in the emergency-service
workflow. Emergency response centers must be able to determine the
location of the caller before service is dispatched. A caller may be
too young, frightened or confused to provide the location of
emergency, therefore automatic location determination by PSAP is an
essential requirement.
The device making the emergency call must be able to obtain the Civic
and/or Geo-spatial coordinates for inclusion in SIP Registration
messages. Reliance on GPS is not an option for most indoor
environments.
The WLANs supporting emergency 911 services should be capable of
providing the Civic Location or the Geo-Spatial coordinates of the
caller, or of the access point. An OpenRoaming access point must be
manually configured with the Civic and/or the Geo-Spatial coordinates
or able to derive location through other means. For example, an
access point operating in 6 GHz Standard Power mode is required to
include its geo-location in the spectrum grant requests sent to the
AFC. In some environments, the access point can learn the location
information from a connected ethernet switch, or from a broadband
service provider network. Furthermore, any access points supporting
indoor localization services will be able to meet the location
requirement.
It is proposed to re-use the definition of location signaling in
OpenRoaming, enabling the access point to provide the Civic address
and/or the Geo-spatial coordinates of the device or of the access
point to the IDP for CLF population. A confidence-level indicator is
also optionally included in the reported location-data, based on RFC
7459 considerations. This parameter is indicative of the
uncertainity and the confidence level of the reported location.
7. WLAN Network Identification and Selection
The OpenRoaming federation makes extensive use of Passpoint specified
Roaming Consortium Organization Identifiers (RCOIs) for defining
polices that are supported by particular access network providers
(ANPs) and those policies supported by individual identity providers
(IDPs). The supported RCOIs are provisioned in WLAN equipment by the
ANPs and configured in the Passpoint profile of devices managed by
IDPs. Only when there is a match of RCOIs between WLAN and Passpoint
profile will an authentication exchange be triggered. It is proposed
to define the use of an emergency-RCOI for use in the systems to
support Emergency Communication service (e.g. 911/112).
Gundavelli & Grayson Expires 14 July 2024 [Page 12]
Internet-Draft Emergency Communication Services January 2024
8. Legal and Regulatory Requirements
The OpenRoaming federation has a foundation in a legal framework,
whereby the Wireless Broadband Alliance (WBA) as the federation's
policy authority is responsible for defining the framework under
which the federation operates. WBA defines the privacy policy that
providers are required to comply with as well as end-user terms and
conditions. In addition, WBA defines the legal templated terms that
are used between OpenRoaming brokers and OpenRoaming providers,
defining immutable terms that all OpenRoaming providers need to agree
to. Finally, WBA agrees legal terms directly with OpenRoaming
brokers, including terms that require OpenRoaming brokers to use the
WBA templated terms in their agreements with providers. It is
proposed that these legal agreements be amended with terms that cover
operation of emergency service and allow provisions to indemnify ANPs
against any liabilities resulting from emergency call failures.
9. Authentication on the emergency RCOI WLAN
The requirements include being able to support emergency calls for
users without valid credentials to fully authenticate to the WLAN, in
this case a credential that has been issued by a specific OpenRoaming
IDP designated to support users without a full credential. 3GPP has
defined an approach that uses a 3GPP defined vendor specific EAP
method called EAP-3GPP-LimitedService for supporting devices without
credentials. However, this vendor specific EAP method is not widely
supported. Instead, this use-case leverages the well supported EAP-
TTLS method with a common set of credentials used by all users
wanting to access on the emergency-RCOI WLAN. The EAP-Identity shall
be specified as anonymous@sos.fcc-authorized.org with common
credentials being used in the inner method.
10. Authentication using the sos.fcc-authorized.org realm
OpenRoaming dynamically discovers the signaling peers used to
authenticate end-users using DNS. The same approaches are re-used by
ANPs to discover the signaling systems used to support the EAP-server
for the sos.fcc-authorized.org realm. The EAP-server will use the
common credentials to authenticate users without valid OpenRoaming
credentials onto the WLAN. OpenRoaming defines the RADIUS messages
exchanged between ANP and IDP. These include the "offered-service"
vendor specific attribute as well as RFC 5580 defined location
attributes. It is proposed to define a new value for the offered
service, e.g., "openroaming-emergency" to unambiguously indicate that
the authentication has come from a WLAN configured with the emergency
RCOI.
Gundavelli & Grayson Expires 14 July 2024 [Page 13]
Internet-Draft Emergency Communication Services January 2024
11. Emergency CSCF operation for end-users using sos.fcc-authorized.org
credentials
Whereas 3GPP defines the E-CSCF as always operating in the access
network, in this use-case the E-CSCF is a common function that can be
leveraged by all OpenRoaming ANPs that have configured the emergency-
RCOI. This means that the E-CSCF isn't coupled to the access network
by which it can recover network provided location information.
Instead, in this use-case we leverage the existing OpenRoaming
specifications that define the signaling of civic and geo-spatial
location in the RADIUS exchange between ANP and IDP. Unlike in
cellular networks, users on WLAN systems will frequently be allocated
private IP addresses.
This IP address information can be included in the RADIUS exchange
between ANP and IDP, but because it will frequently represent a
private address, it cannot be used to uniquely identify a user.
Instead, it is proposed to enhance the Connectivity Location Function
(CLF) to allow querying based on Basic Service Set ID (BSSID) which
represents the MAC address of the WLAN radio interface that is
serving a user, and optionally a Secure Location Tag (SLT) which the
WLAN system will deliver it to the device.
The BSSID and/or the SLT will be included in the P-ANI SIP header
sent by the device as well as being included in the ANP to IDP RADIUS
signaling. It's proposed that the definition of the IDP hosting the
sos.fcc-authorized.org realm includes support for enhanced CLF
capability that enables the IDP to be queried by an E-CSCF based on
BSSID and/or SLT. The IDP can then match the BSSID and/or SLT with
that received in RADIUS messages originated from individual ANPs and
return the corresponding location information to the E-CSCF.
12. Emergency calling by OpenRoaming subscribers on MNOs
End users who have been provisioned with a full OpenRoaming profile
will successfully authenticate onto the OpenRoaming ANP using their
standard profile and standard OpenRoaming RCOI. As an OpenRoaming
IDP, the MNO is able to similarly match the civic-location and/or
geospatial location of authentication requests with the BSSID and/or
the SLT signaled by the ANP. The MNO operating the CSCF is able to
recover the BSSID and/or the SLT from the P-ANI header and determine
the location of their own users.
13. Call Flows
Gundavelli & Grayson Expires 14 July 2024 [Page 14]
Internet-Draft Emergency Communication Services January 2024
+---+ +---+ +----+ +---+ +---+ +----+ +----+
|Dev| |AP | |DHCP| |DNS| |AAA| |P/E | |PSAP|
+---+ +---+ +----+ +---+ +---+ |CSCF| +----+
| | | | | +----+ |
| | | | | | |
<1> <2> | | <3> | |
| | | | | | |
|<---<4>-->| | | | | |
|<---<5>-->| | | | | |
|<---<6>-->| | | | | |
| |<----------<7>-------->| | | |
| |<----------<8>------------------>| | |
| | <9> | | | |
|<-----------<10>------| | | | |
| | | | | | |
| <11> | | <12> | |
| | | | | | |
|---<13>-->|----------------<14>------------>| | |
|<--------------------------<15>------------>| | |
|<---------|<---------------<16>-------------| | |
|<---<17>->| | | | | |
| | | | <18> | |
|<--------------------------<19>-------------|-------->| |
| | | | |<--<20>--| |
| | | | | <21> |
|<---------------------------------------------------->|<-<22>->|
1. Passpoint Profile with Emergency-RCOI,
ananonymous@sos.fcc-authorized.org.
2. Advertises E-RCOI on that BSSID, Civic & Geo-Location Attributes
configured on the AP.
3. IDP & Voice Services for Emergency Calling. Possibly managed by
FCC or WBA. Manages policies for E-RCOI\nand "sos.fcc.org"
identities.
4. 802.11u with RCOI in Beacon IE
5. Attach to SSID matching the E-RCOI
6. Authentication Exchange (No credential validation)
7. Realm Lookup (sos.fcc.org) / IDP Discovery.
8. TLS Tunnel Setup, Authentication ID federated issued certs.
9. Generates location tag (SLT) based\non device indoor
positioning, or location configuration of the AP.
10. Delivery of SLT from AN over ANQP/AssocResp/DHCP/IPv6 ND
11. BSSID + SLT (optional) + Location Attributes sent to IDP in
the below RADIUS message exchange
12. E-CSCF FQDN and Emergency\nCalling numbers sent to AN in the
below RADIUS message exchange
Gundavelli & Grayson Expires 14 July 2024 [Page 15]
Internet-Draft Emergency Communication Services January 2024
13. EAP-ID/Resp / 802.1x
14. EAP over RADUIUS (TLS)
15. EAP-TTLS with well-known credentials
16. EAP-Success
17. Delivers IMS Configuration over 802.11, DHCP, or IPv6 ND
18. Updates the local CLF to include BSSID and/or SLT to Location
Mapping
19. SIP UA Registration includes BSSID and SLT (optional) in the
P-ANI Header.
20. CLF Query for Location Check using BSSID and/or SLT
21. Determination of PSAP based on query to RDF
22. Emergency Call Routed to PSAP with location
Figure 3: Emergency e911 Services over Wi-Fi Access
Following is some additional text explaining above interactions.
* The device is pre-configured with the emergency passpoint profile,
which includes the emergency RCOI, and a common identity, (e.g.)
"anonymous@sos.fcc.org". This allows the device to discover
access networks that support emergency communication services
(e.g. 911/112).
* The device may be preconfigured with a generic Emergency SIP (non-
IMS) Profile.
* An 802.11 access network supporting EAP-based authentication
method and is part of the OpenRoaming federation is either
configured with the Civic-Location and/or the Geo Spatial
coordinates of the access point or has the ability to derive
location coordinates through other means.
* The access network for supporting emergency services (e.g.
911/112) will advertise the emergency RCOI in the 802.11 Beacon
messages, and furthermore will respond to any ANQP queries on the
supported services.
Gundavelli & Grayson Expires 14 July 2024 [Page 16]
Internet-Draft Emergency Communication Services January 2024
* A device that is in coverage of a WLAN but without any valid
conventional access-network credentials may use the UI interaction
to trigger the selection of the profile containing the emergency
RCOI. The end user's selection of an emergency calling
application, or interaction with the default phone application
(e.g., by selecting the emergency call option in the UI or by
dialing an emergency phone number) may trigger the selection of
the Passport profile with the emergency RCOI, resulting in the
device performing a network-attach for emergency-call access.
* The device will use the default identity, "anonymous@sos.fcc.org"
from passpoint profile in the initial authentication message
exchange, allowing the access network to discover the AAA server /
IDP for EAP authentication.
* The access network using the realm portion of the identity,
"sos.fcc.org." will perform a DNS lookup the AAA server for the
IDP supporting the emergency RCOI and the realm.
* The access network and the AAA server will establish a secure TLS
tunnel for securing the 802.1x/EAP traffic between the device and
the IDP. The authentication of the peers will be based on the
OpenRoaming federation issued X.509 certificates.
* The device will complete the EAP authentication using the common
credentials from the emergency passpoint profile. The 802.1x/EAP
messages are tunneled as RADIUS messages between the access point
and the AAA server.
* The access point will generate secure location tag (SLT) for the
device. The SLT will be delivered to the device over one of the
protocols (ANQP/802.11/DHCP/IPv6 ND). SLT is a tag representative
of the device' location. In another variation, SLT can be a
composite object composed of a signed location by the access
network or a cloud function, along with the identifiers of the
signing entity. Functions such as E-CSCF will be able to verify
the location by verifying the signature of the signing entity.
* Prior to including the access network reported Civic Location, the
Identity Provider (IDP) has the option to conduct a location
validation check. If the reported location fails the validity
test, the IDP can still add the location entry to the CLF.
However, the entry can be flagged to indicate that the address did
not pass the location validation test.
* The access point includes the BSSID of the access point in the
Calling-Station-Id attribute (RFC 2865) and/or the SLT in a new
attribute to be defined.
Gundavelli & Grayson Expires 14 July 2024 [Page 17]
Internet-Draft Emergency Communication Services January 2024
* The access point will also include the attributes for carrying the
Civic Location and/or the Geo-Spatial coordinates of the access
point (RFC 5580).
* The AAA server will send the IMS configuration (E-CSCF FQDN)
supporting emergency call routing services to the access point.
* A success EAP transaction between the device and the AAA server
will result in the AAA server sending EAP-SUCCESS to the device.
* The AAA server will update the local CLF function with the
location of the access point, using BSSID and/or the SLT as
location identifiers.
* The access point delivers the IMS configuration to the client over
one of the interfaces (802.11/ANQP/DHCP/IPv6 ND). ANP will apply
policies which limits the usage of the network over emergency RCOI
only for emergency calling. Furthermore, the ANP will apply QoS
policies on the emergency session for ensuring the call meets the
SLA defined for the emergency service. ANP will prioritize
traffic and sessions on emergency RCOI over other RCOIs.
* The IMS client in the device performs registration with the
emergency IMS system. The UA inserts the P-Access-Network-Info
header field in the SIP message using the 3GPP 24.229 defined
fields. It contains the BSSID of the access point (access-
type="IEEE-802.11", wlan-node-id="BSSID", and optionally a secure-
location-tag=SLT). A new parameter, "secure-location-tag" will be
defined.
* The E-CSCF function uses the BSSID and/or the SLT from the P-ANI
header for determination of the device's location. It queries the
CLF for retrieving the Civic and/or the Geo-spatial coordinates of
the access point. The E-CSCF function may query the RDF function
for the PSAP destination address.
* The E-CSCF will route the emergency call to the nearest PSAP.
14. IANA Considerations
This document does not requires any IANA actions.
Gundavelli & Grayson Expires 14 July 2024 [Page 18]
Internet-Draft Emergency Communication Services January 2024
15. Security Considerations
A rogue user or a compromised device may potentially trigger a volume
of emergency calls, including calls spoofing the caller's real
location. The value set for the field, "i-wlan-node-id" in the PANI
header can potentially be a false BSSID which maps to a different
location in the CLF database.
In this use-case, we eliminate this threat with the use of SLT
(Secure Location Tag) that the network will generate dynamically and
will provide it to the device for inclusion in emergency call
signaling.
A trusted OpenRoaming access network signals the same location tag
along with the civic and/or geo-spatial coordinates to the IDP. The
CSCF function will retrieve the SLT from the call signaling from the
device and will look up the civic location and/or geo-spatial
coordinates of the device by querying the CLF database populated by
the IDP. SLT serves as an index to the real-location and the
generated tag is valid for a short duration, thereby eliminating any
replay attacks.
A rogue user or a compromised device may also initiate a volume of
emergency calls, including a valid caller's location. This threat is
not a new threat and exists even in today's emergency services
supported over wireline and cellular architectures.
16. Acknowledgements
We had many discussions with the members of FCC CSRIC 8 WG and that
feedback greatly us greatly in developing this proposal.
Special thanks to Brian Rosen for a through review and detailed
comments and advice. We also like to thanks Dale R. Worley, Roland
Jesske, and Christer Holmberg for all the discussions.
Finally, we like to thank ART area director, Murray Kucherawy and
DISPATCH working group chairs for facilating the discussions in the
working group.
17. References
17.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
Gundavelli & Grayson Expires 14 July 2024 [Page 19]
Internet-Draft Emergency Communication Services January 2024
17.2. Informative References
[I-D.tomas-openroaming]
Tomas, B., Grayson, M., Canpolat, N., Cockrell, B. A., and
S. Gundavelli, "WBA OpenRoaming Wireless Federation", Work
in Progress, Internet-Draft, draft-tomas-openroaming-00,
14 June 2023, <https://datatracker.ietf.org/doc/html/
draft-tomas-openroaming-00>.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
DOI 10.17487/RFC3261, June 2002,
<https://www.rfc-editor.org/info/rfc3261>.
[RFC4119] Peterson, J., "A Presence-based GEOPRIV Location Object
Format", RFC 4119, DOI 10.17487/RFC4119, December 2005,
<https://www.rfc-editor.org/info/rfc4119>.
[RFC4676] Schulzrinne, H., "Dynamic Host Configuration Protocol
(DHCPv4 and DHCPv6) Option for Civic Addresses
Configuration Information", RFC 4676,
DOI 10.17487/RFC4676, October 2006,
<https://www.rfc-editor.org/info/rfc4676>.
[RFC5222] Hardie, T., Newton, A., Schulzrinne, H., and H.
Tschofenig, "LoST: A Location-to-Service Translation
Protocol", RFC 5222, DOI 10.17487/RFC5222, August 2008,
<https://www.rfc-editor.org/info/rfc5222>.
[RFC5985] Barnes, M., Ed., "HTTP-Enabled Location Delivery (HELD)",
RFC 5985, DOI 10.17487/RFC5985, September 2010,
<https://www.rfc-editor.org/info/rfc5985>.
[RFC6225] Polk, J., Linsner, M., Thomson, M., and B. Aboba, Ed.,
"Dynamic Host Configuration Protocol Options for
Coordinate-Based Location Configuration Information",
RFC 6225, DOI 10.17487/RFC6225, July 2011,
<https://www.rfc-editor.org/info/rfc6225>.
[RFC6442] Polk, J., Rosen, B., and J. Peterson, "Location Conveyance
for the Session Initiation Protocol", RFC 6442,
DOI 10.17487/RFC6442, December 2011,
<https://www.rfc-editor.org/info/rfc6442>.
Gundavelli & Grayson Expires 14 July 2024 [Page 20]
Internet-Draft Emergency Communication Services January 2024
[RFC6443] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton,
"Framework for Emergency Calling Using Internet
Multimedia", RFC 6443, DOI 10.17487/RFC6443, December
2011, <https://www.rfc-editor.org/info/rfc6443>.
[RFC6881] Rosen, B. and J. Polk, "Best Current Practice for
Communications Services in Support of Emergency Calling",
BCP 181, RFC 6881, DOI 10.17487/RFC6881, March 2013,
<https://www.rfc-editor.org/info/rfc6881>.
[RFC7852] Gellens, R., Rosen, B., Tschofenig, H., Marshall, R., and
J. Winterbottom, "Additional Data Related to an Emergency
Call", RFC 7852, DOI 10.17487/RFC7852, July 2016,
<https://www.rfc-editor.org/info/rfc7852>.
[RFC8876] Rosen, B., Schulzrinne, H., Tschofenig, H., and R.
Gellens, "Non-interactive Emergency Calls", RFC 8876,
DOI 10.17487/RFC8876, September 2020,
<https://www.rfc-editor.org/info/rfc8876>.
[TS23501] 23.501, 3. T., "Numbering, addressing and identification",
2021.
Authors' Addresses
Sri Gundavelli
Cisco
170 West Tasman Drive
San Jose, CA 95134
United States of America
Email: sgundave@cisco.com
Mark Grayson
Cisco
11 New Square Park
Bedfont Lakes
United Kingdom
Email: mgrayson@cisco.com
Gundavelli & Grayson Expires 14 July 2024 [Page 21]