Internet Engineering Task Force Stephen Thomas, TransNexus Internet Draft Richard Brennan, GRIC draft-thomas-mime-osp-token-00.txt Butch Anton, iPass April 5, 1999 David Oran, Cisco Expires October 5, 1999 The application/osp-token MIME type STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as work in progress. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract The Open Settlement Protocol (OSP)[1], an open standard from the European Telecommunications Standards Institute, specifies a means by which IP telephony equipment in one administrative domain may request access to IP telephony equipment (including, but not limited to: Gateways, Gatekeepers, Border Elements, etc.) in another administrative domain. OSP grants such access by returning authorization tokens, which must then be passed to the destination IP telephony gateway during call signaling. In order to support access control via OSP, IP telephony signaling protocols must be capable of carrying these authorization tokens in an interoperable way. This memo defines just such a method for protocols, such as the Session Initiation Protocol[2], that can support carriage of MIME types during call signaling. This memo conforms to the requirements for MIME type registration defined in RFC 2048[3]. 2. Registration Information MIME media type name: application MIME subtype name: osp-token Thomas, et al [Page 1] Internet Draft The application/osp-token MIME type April 1999 Required parameters: none Optional parameters: osp-token-format: a value of "asn.1" indicates the token contents use the ASN.1 format defined in Annex D, section D.2.1 of the OSP specification; a value of "xml" indicates the token contents use the XML format defined in Annex D, section D.2.2 of the OSP specification. In the absence of any value for this parameter, the token contents shall use the XML format of D.2.2. osp-token-version: a character string indicating the earliest revision of the OSP specification to which the token contents conform. In the absence of any value for this parameter, the token contents shall conform to version "1.4.2" of the OSP specification. Encoding considerations: OSP tokens are normally carried as binary data by the call signaling protocol. Call signaling protocols which cannot reliably transfer binary data may use alternate encodings such as base- 64[4], in which case standard MIME content-encoding parameters may indicate the particular encoding. Security considerations: OSP tokens are intended to provide access control to resources of other administrative domains, and, as such, are inherently designed to address security concerns. For that reason, OSP tokens are digitally signed and, optionally, encrypted, as defined in the OSP specification. Interoperability considerations: The means and/or algorithms by which a receiving system determines whether or not an OSP token is valid are a local matter. However, at a minimum, receiving systems should verify the digital signature of the token, and they should ensure that any call details included in the token contents (e.g. called number, calling number, etc.) are appropriate for the contemplated call. Published specification: "Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); Inter-domain pricing, authorization, and usage exchange". Technical Specification 101 321. European Telecommunications Standards Institute. Version 1.4.2, December 1998.[1] Applications which use this media type: IP telephony call signaling protocols that use MIME types to convey additional information during call setup. Additional information: Magic number(s): none File extension(s): none Thomas, et al [Page 2] Internet Draft The application/osp-token MIME type April 1999 Macintosh File Type Code(s): none Person & email address to contact for further information: Stephen Thomas, stephen.thomas@transnexus.com (editor of OSP version 1.4.2) Richard Brennan, rbrennan@gric.com (editor of OSP version 2.0) Intended usage: COMMON Author/Change controller: European Telecommunications Standards Institute (http://www.etsi.org) 3. References [1] European Telecommunications Standards Institute. "Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); Inter-domain pricing, authorization, and usage exchange". Technical Specification 101 321 version 1.4.2, December 1998. [2] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg. "SIP: Session Initiation Protocol". RFC 2543, March 1999. [3] N. Freed, J. Klensin, and J. Postel. "Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures". RFC 2048, November 1996. [4] N. Freed and N. Borenstein. "Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies". RFC 2045, November 1996. 4. Authors' Addresses For more information, the authors of this document are best contacted via Internet mail: Stephen Thomas TransNexus 430 Tenth Street NW Suite N204 Atlanta, GA 30318 USA Phone: +1 404 872 4887 Fax: +1 404 872 9515 EMail: stephen.thomas@transnexus.com Richard Brennan GRIC Communications Inc. 1421 McCarthy Blvd Milpitas, CA 95035 USA Thomas, et al [Page 3] Internet Draft The application/osp-token MIME type April 1999 Phone: +1 408 965 1193 Fax: +1 408 955 1967 EMail: rbrennan@gric.com Butch Anton iPass Inc. 650 Castro Street, Suite 500 Mountain View, CA 94041 USA Phone: +1 650 944 0337 Fax: +1 650 237 7321 EMail: butch@ipass.com David Oran Cisco Systems, Inc. 7 Ladyslipper Lane Acton, MA 01720 USA Phone: +1 508 264 2048 EMail: oran@cisco.com Thomas, et al [Page 4]