Internet DRAFT - draft-ranalli-peek-walter-enum-T1roles
draft-ranalli-peek-walter-enum-T1roles
Telephone Number Mapping (enum) D. Ranalli
D. Peek
R. Walter
Internet Draft Document: NetNumber
<draft-ranalli-peek-walter-ENUM-T1roles-01.txt> February 2001
Category: Informational
Tier-1 ENUM System
Roles and Responsibilities
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026 [1].
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts. Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet- Drafts
as reference material or to cite them other than as "work in
progress." The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
1. Abstract
This document describes the actors in a global Tier-1 ENUM system
and the roles and responsibilities that each of the actors fulfills.
In this context, a "Tier-1 ENUM system" refers to an Internet
directory system for registering E164 telephone numbers in a DNS
top-level domain as described in RFC 2916. The population of NAPTR
records with URI's in a Tier-2 ENUM system as described in RFC 2916
is not discussed in this draft.
Ranalli, et al Expires - August 2001 1
� Tier-1 ENUM Roles and Responsibilities February 2001
2. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in RFC-2119 [2].
3. Introduction
Starting with the assignment of an E164 telephone number to an end-
user ("Subscriber"), the roles and responsibilities of various
actors in a global Tier-1 ENUM System are described.
Please send comments on this document to the ENUM working group or
directly to Doug Ranalli at dranalli@netnumber.com
4. Actors In The Tier-1 ENUM System
4.1 E.164 Administration System
Well-defined process within the Public Switched Telephone Network
(PSTN) for defining dialing plans, creating E164 numbers, and
distributing blocks of numbers to network operators and telephone
service providers. In the context of a Tier-1 ENUM System, the key
players within the E164 Administration System include the following:
- International Telecommunications Union (ITU): Defines country
codes.
- National PSTN Regulatory Agencies: Provide regulatory control
over the PSTN numbering system within a country or region.
- National Numbering Plan Administrators: Administer a numbering
plan within a country or region under contract from a National
PSTN Regulatory Agency. Create area-codes/city-codes. Distribute
blocks of numbers to network operators and telephone service
providers.
- Number Portability Administrator: Administers the number
portability process within a country or region under contract from
a National PSTN Regulatory Agency. Provides mechanisms for
shifting control of individual E164 numbers from one Telephone
Number Provider to another based on Subscriber choice.
4.2 Telephone Number Provider (TNP)
- E164 Control: Entity with contractual control over a block of
E164 numbers and/or a set of ported E164 numbers via the E164
Ranalli, et al Expires - August 2001 2
� Tier-1 ENUM Roles and Responsibilities February 2001
Administration process. Example: Network operator, application
service provider, PSTN service provider, or their agents or
assignees.
- E164 Sub-allocation or Assignment: Entity that sub-allocates or
assigns E164 numbers received from the E164 Administration System
to Subscribers.
- Tier-1 ENUM Service Disconnect: Entity with authority, but not
the obligation, to cancel Tier-1 ENUM service for a given E164
number if the TNP has revoked a Subscriber's assignment of the
number for any reason. Example: TNP disconnects a Subscriber's
telephone service and puts an E164 number back into a pool for
future assignment to a new Subscriber. The Registry disconnect
right applies to E164 numbers under contractual control of the TNP
through the E164 Administration allocation and sub-allocation
process.
- Dialing Plan Change Updates: Entity with the authority, but not
the obligation, to submit dialing plan changes to the Tier-1 ENUM
Registry relating to E164 numbers under the control of the TNP via
the E164 Administration Process.
4.3 Subscriber
- Individual or Enterprise that has been allocated or assigned an
E164 number by a TNP and as a result, has day-to-day control over
an E164 number.
4.4 Registrant
- Subscriber, or an Agent (i.e.: service provider) acting on behalf
of a Subscriber, that registers an E164 number with a Tier-1 ENUM
service through an ENUM Registrar.
- Agrees to be bound by the terms and conditions of the Tier-1 ENUM
"Registration Agreement". Warrants that the e164 number being
registered is under the day-to-day control of the Subscriber who's
number is being registered.
- Agrees to abide by the terms and conditions of the Tier-1 ENUM
"Conflict Resolution Process".
4.5 Tier-1 ENUM Registry ("Registry")
Entity that operates a Tier-1 ENUM directory service.
Responsibilities include:
Ranalli, et al Expires - August 2001 3
� Tier-1 ENUM Roles and Responsibilities February 2001
- Delegation Services: Delegation of a complete E164 name to the
appropriate Tier-2 ENUM service provider.
- Registrant Database: Publicly accessible database with minimal
information about Registrants to be used to identify potential
registration conflicts.
- Conflict Resolution: Service provided by the Registry for
resolving conflict between two Registrants over valid control of
an E164 number that has been registered in the Tier-1 Registry.
- Validation Policy: Definition of the acceptable mechanisms that
Registrars may employ for validating Registrant authority over an
E164 number before submitting a registration in the Tier-1 ENUM
service.
- Dialing Plan Changes: Service provided by the Registry for
modifying existing registrations to reflect dialing plan changes
submitted by authorized TNP's.
4.6 ENUM Registrar ("Registrar")
- Entity that has been authorized by the Tier-1 ENUM Registry
operator to register E164 names and associated NS/A records into
the Tier-1 ENUM Registry.
- Registrant Validation: Responsible for complying with the
validation policies defined by the Tier-1 Registry operator for
validating that the E164 numbers being registered are under the
day-to-day control of the Subscriber being represented by the
Registrant.
- TNP Validation: Responsible for validating the identity of any
TNP requesting disconnection of Tier-1 ENUM services, or
requesting dialing plan changes for Tier-1 ENUM services, to
confirm that the TNP has contractual control over the E164
number(s) in question via the E164 Administration process.
4.7 Tier-2 ENUM Provider
- Entity that provides Tier-2 ENUM services which involves the
registration of URI's in DNS NAPTR resource records as defined in
RFC 2916. The full scope of services provided by a Tier-2 ENUM
provider is outside the scope of this Internet-Draft.
Ranalli, et al Expires - August 2001 4
� Tier-1 ENUM Roles and Responsibilities February 2001
5. Entity Relationship Diagram _ Tier-1 ENUM System
-------------------
| E.164 |
| Administration |
| System |
-------------------
|
|
V
-------------------
| Telephone |----
| Number Provider | |
------------------- |
| |
| |
V |
------------------- |
| Registrant | |
| (Subscriber or | |
| Agent) | |
------------------- |
| |
| |
V |
------------------- |
| ENUM | |
| Registrar |<---
-------------------
|
|
V
-------------------
| Tier-1 ENUM |
| Registry |
-------------------
|
|
V
-------------------
| Tier-2 ENUM |
| Provider |
-------------------
Ranalli, et al Expires - August 2001 5
� Tier-1 ENUM Roles and Responsibilities February 2001
6. Typical Use Cases
6.1 ENUM Registration
Registrant (Subscriber or an Agent acting on behalf of a Subscriber)
registers an E164 number with a Tier-1 ENUM service through an ENUM
Registrar by providing the E164 number and address (NS/A records) of
the appropriate Tier-2 ENUM Provider to the Registrar.
Registrar validates the identity of the Registrant to confirm day-
to-day control over the E164 number being registered.
Registrar submits the E164 number, the NS/A records for the
appropriate Tier-2 ENUM Provider, and the required Registrant
information to the Registry.
The Registry either accepts or rejects the registration. If the
registration is rejected due to a conflict over control of an E164
number, the Registry initiates the Conflict Resolution Process.
6.2 Conflict Resolution
Conflict occurs in the Tier-1 ENUM registration process when two
Registrants claim day-to-day control over the same E164 number.
The Conflict Resolution service provided by the Registry is utilized
by ENUM Registrars to resolve registration conflicts.
6.3 Service Termination By TNP
TNP terminates a Subscriber's service and reclaims day-to-day
control over an E164 number.
TNP makes a request to an ENUM Registrar to terminate Tier-1 ENUM
service for the E164 number.
Registrar validates that the TNP is the entity with contractual
control over the E164 number as defined by the E164 Administration
System.
The Registrar communicates the termination request to the Registry.
The Registry terminates service and sends an e-mail message to the
Registrant explaining the reason for the termination and the name of
the TNP that terminated the service.
7. Security Considerations
Ranalli, et al Expires - August 2001 6
� Tier-1 ENUM Roles and Responsibilities February 2001
Tier-1 ENUM registry operators have the responsibility to protect
physical and network resources, as well as, to ensure the validity
of the DNS and its associated information. General ENUM users must
be assured that they will receive valid information, and that they
will be allowed access to this data without interruption. Registrars
that have authority to manage entries must be assured that they are
updating data in an authentic registry, have uninterrupted access to
the data and are allowed to update the data after providing valid
credentials. When preparing to prevent security breaches, the
following types of attacks must be considered:
Impersonation: Registrars that attempt to add and update entries
must be able to unequivocally prove their identity
to the registry. Spoofing or misrepresentation of
the identity of the originator of the information
could allow unauthorized updates to the database.
Invalid or missing data could in turn cause
malicious redirection and denial of service.
Eavesdropping: If the privacy of the information that is being
transmitted is compromised, then registrar-sensitive
information such as the registrar's username and
password, could be obtained by a malicious intruder.
Data Tampering: During the transmission of directory records, valid
URI's could be replaced by invalid URI's, in turn
causing malicious redirection as discussed below.
Since a higher percentage of security breaches such
as data tampering are caused by "insiders", physical
and network security must be addressed.
Malicious Malicious entries into the database will cause users
Redirection: to retrieve fraudulent or damaging content. This can
be accomplished by either data tampering or server
impersonation whereby a malicious server is
masquerading as a registry server.
Denial of There are several ways that a client could be denied
Service: access to the desired registry resources. First, a
malicious intruder could remove data from DNS, thus
making it impossible for the client to access the
information. Secondly, the system could be flooded
with bogus requests that prevent communications.
And finally, by breaching the physical security of
the system, for example, by cutting off electricity
to the facility.
The SSL protocol is not an IETF Standards Track protocol. However,
it is widely available and considered a defacto-standard for
securely transmitting data over the Internet. The Transport Layer
Security protocol is a Standards Track protocol that provides SSL
v3.0 compatibility features and will be used when widely available.
Ranalli, et al Expires - August 2001 7
� Tier-1 ENUM Roles and Responsibilities February 2001
8. References
[1] Bradner, S., "The Internet Standards Process -- Revision 3",
BCP 9, RFC 2026, October 1996.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14,RFC 2119, March 1997
[3] A. Brown, "Telephone Number Mapping", draft-enum-rqmts-01-
txt,June 2000.
[4] P. Faltstrom, "E.164 number and DNS," RFC 2916, September 2000.
9. Acknowledgements
We would like to extend our special thanks to Lynette Khirallah for
her expert advice on security considerations.
10. Author's Addresses
Douglas Ranalli
NetNumber
650 Suffolk Street, Suite 307
Lowell, MA 01854
Phone: +1-978-454-4210 x22
Email: dranalli@netnumber.com
David P. Peek
NetNumber
650 Suffolk Street, Suite 307
Lowell, MA 01854
Phone: +1-603-362-4315
Email: dpeek@netnumber.com
Robert Walter
NetNumber
650 Suffolk Street, Suite 307
Lowell, MA 01854
Phone: +1-978-454-4210 x24
Email: rwalter@netnumber.com
Full Copyright Statement
"Copyright (C) The Internet Society (date). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
Ranalli, et al Expires - August 2001 8
� Tier-1 ENUM Roles and Responsibilities February 2001
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC editor function is currently provided by the
Internet Society.
Ranalli, et al Expires - August 2001 9
�
