ENUM Working Group R. Brandner Internet Draft Siemens L. Conroy Siemens R. Stastny OeFEG Expires: August 2003 February 2003 Registration for enumservices of group messages Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [1]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document registers a group of 'enumservices' [5] to be used to indicate that the associated resources are capable of receiving discrete messages. Specifically, the "enumservices" registered with this document are 'email', 'fax', 'sms', 'ems' and 'mms' using the URI schemes 'mailto:' and 'tel:' Table of Contents TBD 1. Introduction ENUM (E.164 Number Mapping, RFC2916bis [5]) is a system that transforms E.164 numbers [6] into domain names and then uses DNS (Domain Name Service, RFC1034 [7]) services like delegation through NS records and NAPTR records to look up what services are available for a specific domain name. This document registers 'enumservices' according to the guidelines given in RFC2916bis to be used for provisioning in the services field of a NAPTR[10] resource record to indicate what class of functionality a given end point offers. The registration is defined within the DDDS (Dynamic Delegation Discovery System [9] [10] [11] [12] [13]) hierarchy, for use with the "E2U" DDDS Application defined in RFC2916bis The following 'enumservices' are registered with this document: 'email', 'fax', 'sms', 'ems' and 'mms'. These share a common feature in that they each indicate that the functionality of the given end points and the associated resources are capable of receiving discrete messages, albeit of different types. According to RFC2619bis, the 'enumservice' registered must be able to function as a selection mechanism when choosing one NAPTR resource record from another. That means that the registration MUST specify what is expected when using that very NAPTR record, and the URI scheme which is the outcome of the use of it. Therefore an 'enumservice' acts as a hint, indicating the kind of service with which the URI constructed using the regexp field is associated. There can be more than one 'enumservice' included within a single NAPTR; this indicates that there is more than one service that can be achieved using the associated URI scheme. The common thread with this set of definitions is that they reflect the kind of service that the end user will hope to achieve with the communication using the associated URI. The services specified here are intended NOT to specify the protocol or even method of connection that MUST be used to achieve each service. Instead they define the kind of interactive behavior that an end user will expect, leaving the end system to decide (based on policies outside the remit of this specification) how to execute the service. Since the same URI scheme may be used for different services (e.g. 'tel:'), and the same kind of service may use different URI schemes (e.g. for VoIP 'sip:', 'h323:' and 'tel:' may be used), it is necessary in some cases to specify the service and the URI scheme used. The service parameters defined in RFC2916bis allow therefore a 'type' and a 'subtype' to be specified. Within this set of specifications the convention is assumed that the 'type' (being the more generic term) is defining the service and the 'subtype' is defining the URI scheme. Although currently only one URI scheme is associated with a given service, it should be considered that an additional URI scheme to be used with this service may be added later. Thus the subtype is needed to identify the specific 'enumservice' intended. 2. Abbreviations TBD 3. E-mail Service Registration Enumservice Name: "email" Type: "email" Subtype: "mailto" URI Scheme: 'mailto:' Functional Specification: This enumservice indicates that the remote resource can be addressed by the associated URI scheme in order to send an email. Security Considerations: An e-mail address is a canonical address by which a user is known. Placing this address in ENUM is comparable to placing a SIP or H.323 address in the DNS. DNS does not make any policy decisions about the records that is shares with an inquirer. All DNS records must be assumed to be available to all inquirers at all times. The information provided within an ENUM NAPTR resource record must therefore be considered to be open to the public, which is a cause for some privacy considerations. Therefore ENUM Subscribers should be made aware of this risk. Since it is within the responsibility of the ENUM Subscriber which data is entered in ENUM, it is within the ENUM Subscribers control if he enters e-mail addresses: 1. allowing inference of private data e.g. his first and last name 2. at all It should also be considered that it is the purpose of public communication identifiers to be publicly known. To reduce spam and other unwanted communication other means should be made available. See also section 7. Intended Usage: COMMON Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact detail see section 10) Any other information the author deems interesting: None 4. Fax Service Registration Enumservice Name: "fax" Type: "fax" Subtype: "tel" URI Scheme: 'tel:' Functional Specification: This enumservice indicates that the resource identified by the associated URI scheme is capable of being contacted to provide a communication session during which facsimile documents can be sent. A client selecting this NAPTR will have support for generating and sending facsimile documents to the recipient using the PSTN session and transfer protocols specified in [ITU1] and [ITU2] - in short, they will have a fax program with a local or shared PSTN access over which they can send faxes. Security Considerations: An fax number as any other phone number may give not so much privacy away then a name in the format user@host (e.g. an email or sip address), but there is still the risk of unwanted messages. Therefore in principle the same applies as stated in the security consideration for e-mail. See also section 7. Intended Usage: COMMON Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact detail see section 10) Any other information the author deems interesting: None 5. MMS, EMS, SMS Service 5.1 Introduction An ENUM NAPTR indicates ability on the part of the Subscriber to receive specified communication service (or services) provided via the contact address (shown in the generated URI). In the case of MMS, EMS, and SMS services, the capability of these services is a nested superset; thus a service supporting MMS can support also delivery of EMS or SMS messages to a recipient, whilst a service supporting EMS can also deliver SMS messages. Thus, if a client is capable only of generating and sending an SMS message, they MAY choose to consider also NAPTRs indicating support for EMS and MMS services as well as SMS, as these services will be able to deliver an SMS message to the recipient address. Conversely, a client capable of sending MMS messages may choose to consider also NAPTRs indicating support for EMS or SMS messages, "downgrading" their User Interface to allow only generation of messages that conform to SMS or EME standards. These behaviors on the part of the client are purely optional, and are NOT the subject of any protocol standardization. 5.2 SMS Service Registration Enumservice Name: "sms" Type: "sms" Subtype: "tel" URI Scheme: 'tel:' Functional Specification: This enumservice indicates that the resource identified by the associated URI scheme is capable of receiving a message using the Short Message System (SMS). Security Considerations: There are no specific security issues with this 'enumservice'. However, the general considerations of section 7 apply. Intended Usage: COMMON Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact detail see section 10) Any other information the author deems interesting: None 5.3 EMS Service Registration Enumservice Name: "ems" Type: "ems" Subtype: "tel" URI Scheme: 'tel:' Functional Specification: This enumservice indicates that the resource identified by the associated URI scheme is capable of receiving a message using the Extended Message System (EMS). Security Considerations: There are no specific security issues with this 'enumservice'. However, the general considerations of section 7 apply. Intended Usage: COMMON Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact detail see section 10) Any other information the author deems interesting: Note that an indication of EMS can be taken as implying that the recipient is capable of receiving SMS messages at this address as well. 5.4 MMS Service Registration Enumservice Name: "mms" Type: "mms" Subtype: "tel" URI Scheme: 'tel:' Functional Specification: This enumservice indicates that the resource identified by the associated URI scheme is capable of receiving a message using the Multimedia Message System (MMS). Security Considerations: There are no specific security issues with this 'enumservice'. However, the general considerations of section 7 apply. Intended Usage: COMMON Author: Rudolf Brandner, Lawrence Conroy, Richard Stastny (for author contact detail see section 10) Note that an indication of MMS can be taken as implying that the recipient is capable of receiving EMS or SMS messages at this address. 6. Additional Information Editor note: Is there any necessary additional information? TBD 7. Security Considerations DNS, as used by ENUM, is a global, distributed database. Thus any information stored there is visible to anyone anonymously. Whilst this is not qualitatively different from publication in a Telephone Directory, it does open the data subject to having "their" information collected automatically without any indication that this has been done or by whom. Such data harvesting by third parties is often used to generate lists of targets for unrequested information; in short, they are used to address "spam". Anyone who uses a Web-archived mailing list is aware that the volume of "spam" email they are sent increases when they post to the mailing list; publication of a telephone number in ENUM is no different, and may be used to send "junk faxes" or "junk SMS" for example. Many mailing list users have more than one email address and use "sacrificial" email accounts when posting to such lists to help filter out unrequested emails sent to them. This is not so easy with published telephone numbers; the PSTN E.164 number assignment process is much more involved and usually a single E.164 number (or a fixed range of numbers) is associated with each PSTN access. Thus providing a "sacrificial" phone number in any publication is not possible. Due to the implications of publishing data on a globally accessible database, as a principle the data subject MUST give their explicit informed consent to data being published in ENUM. In addition, they should be made aware that, due to storage of such data during harvesting by third parties, removal of the data from publication will not remove any copies that have been taken; in effect, any publication may be permanent. However, regulations in many regions will require that the data subject can at any time request that the data is removed from publication, and that their consent for its publication is explicitly confirmed at regular intervals. When placing a fax call via the PSTN or a sending a message via the Public Land Mobile Network, the sender may be charged for this action. In both kinds of network, calling or messaging to some numbers is more expensive than sending to others; both networks have "premium rate" services that can charge considerably more than a "normal" call or message destination. As such, it is important that the end user be asked to confirm sending the message, and that the destination number be presented to them. It is the originating user's choice on whether or not to send a message to this destination number, but they SHOULD be shown the destination number so that they can make this decision In addition to the specific security considerations given above, all security considerations given in RFC2916bis apply. 8. References 1 Scott Bradner, RFC2026, "The Internet Standards Process - Revision 3", October 1996. 2 ITU-T T.4, "Standardization of Group 3 facsimile terminals for document transmission", April 1999 3 ITU-T T.30, "Procedures for document facsimile transmission in the general switched telephone network", April 1999 4 H. Schulzrinne, A. Vaha-Sipila, "URIs for Telephone Calls", draft-antti-RFC2806bis-07.txt, Work in progress, December 2002 5 P. Faltstrom, M. Mealling, "The E.164 to URI DDDS Application (ENUM)", draft-ietf-enum-rfc2916bis-03.txt, Work in progress, January 2003 6 ITU-T, "The International Public Telecommunication Number Plan", Recommendation E.164, May 1997 7 P. Mockapetris, RFC1034, "DOMAIN NAMES - CONCEPTS AND FACILITIES", November 1987 8 ETSI TS 102 172, "Minimum Requirements for Interoperability of European ENUM Trials", February 2003 9 M. Mealling, RFC 3401, "Dynamic Delegation Discovery System (DDDS) Part One: The Comprehensive DDDS", October 2002 10 M. Mealling, RFC 3402, "Dynamic Delegation Discovery System (DDDS) Part Two: The Algorithm", October 2002 11 M. Mealling, RFC 3403, "Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database", October 2002 12 M. Mealling, RFC 3404, "Dynamic Delegation Discovery System (DDDS) Part Four: The Uniform Resource Identifiers (URI)", October 2002 13 M. Mealling, RFC 3405, "Dynamic Delegation Discovery System (DDDS) Part Five: URI.ARPA Assignment Procedures", October 2002 9. Author's Addresses Rudolf Brandner Siemens ICN Hofmannstrasse 51 Munich Germany email: voice: web: Lawrence Conroy Siemens Roke Manor Research Roke Manor Romsey U.K. email: voice: Richard Stastny OeFEG Postbox 147 1103 Vienna Austria email: voice: Full Copyright Statement Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.