idnits 2.17.1 draft-eastlake-card-map-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. == There are 18 instances of lines with non-RFC2606-compliant FQDNs in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 161 has weird spacing: '...irlines and o...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 2001) is 8471 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'ISO 7812' is mentioned on line 418, but not defined == Missing Reference: 'ISO 7816' is mentioned on line 427, but not defined == Unused Reference: 'RFC 1034' is defined on line 521, but no explicit reference was found in the text == Unused Reference: 'RFC 1035' is defined on line 524, but no explicit reference was found in the text == Unused Reference: 'SET-EIG' is defined on line 536, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. 'ABA' -- Possible downref: Non-RFC (?) normative reference: ref. 'ISO 3166' -- Possible downref: Non-RFC (?) normative reference: ref. 'ISO 7812-1' -- Possible downref: Non-RFC (?) normative reference: ref. 'ISO 7816-5' ** Obsolete normative reference: RFC 2535 (Obsoleted by RFC 4033, RFC 4034, RFC 4035) -- Possible downref: Non-RFC (?) normative reference: ref. 'SET' -- Possible downref: Non-RFC (?) normative reference: ref. 'SET-EIG' -- Possible downref: Non-RFC (?) normative reference: ref. 'TELE DENMARK' Summary: 6 errors (**), 0 flaws (~~), 8 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 INTERNET-DRAFT Donald E. Eastlake 3rd 2 Motorola 3 Expires August 2001 February 2001 5 ISO 7812/7816 Numbers and the Domain Name System (DNS) 6 --- --------- ------- --- --- ------ ---- ------ ----- 7 9 Donald E. Eastlake 3rd 11 Status of This Document 13 This draft is intended to be become an Informational RFC. 14 Distribution of this document is unlimited. Comments should be sent 15 to the author. 17 This document is an Internet-Draft and is in full conformance with 18 all provisions of Section 10 of RFC 2026. Internet-Drafts are 19 working documents of the Internet Engineering Task Force (IETF), its 20 areas, and its working groups. Note that other groups may also 21 distribute working documents as Internet-Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet- Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html. 34 Abstract 36 There are a variety of servers, web pages, and the like, which 37 holders of ISO 7812 financial transaction identification card (i.e., 38 credit/debit card) numbers and ISO 7816 smart card or related numbers 39 may need to locate on the Internet. For example, some systems assume 40 a smart card holder can contact the issuer of a smart card 41 application for maintenance and update functions and the payment 42 protocols may assume that a card holder can locate the appropriate 43 certification authority to obtain a card holder certificate. This 44 document specifies a method using the DNS as an important element in 45 locating card related facilities on the Internet by mapping ISO 7812 46 and ISO 7816 number systems into domain names. 48 Disclaimer 50 The methods proposed herein have not been endorsed by the issuers and 51 registries of ISO 7812 and 7816 numbers. 53 Acknowledgment 55 Suggestions from the following persons, listed in alphabetic order, 56 have been incorporated in this document and are gratefully 57 acknowledged: 59 Doug Beattie, Electronic Commerce Consultants 61 Dave Burdett, Commerce One 63 Brian Carpenter, IBM 65 Robert Elz, University of Melbourne 67 Tony Lewis, VISA International 69 Table of Contents 71 Status of This Document ...................................1 73 Abstract...................................................2 74 Disclaimer ................................................2 75 Acknowledgment ............................................2 77 Table of Contents..........................................3 79 1. Introduction............................................4 80 1.1 ISO 7812 Details ......................................4 81 1.2 ISO 7816 Details ......................................5 82 1.2.1 ISO 7816 '0'-'9' Prefixes ...........................6 83 1.2.2 ISO 7816 'A' Prefixes ...............................6 84 1.2.3 ISO 7816 'D' Prefixes ...............................6 85 1.2.4 ISO 7816 'B', 'C', and 'E' Prefixes .................7 86 1.2.5 ISO 7816 'F' Prefixes ...............................7 88 2. Inverse Number Mapping and Wildcards....................8 90 3. Card Domain Names Specified.............................9 91 3.1 ISO 7812 Card Brand, Issuer, and Acquirer Pointers ....9 92 3.2 ISO 7812 Acquirer Facilities .........................10 93 3.3 ICON Location ........................................10 94 3.4 Similar Proprietary Systems ..........................11 95 3.5 ISO 7816 Application IDs .............................11 96 4. Financial Institutions Not On Line ....................11 97 5. ISO 7812 BIN Ambiguity ................................11 98 6. Security Considerations ...............................12 100 References................................................13 102 Author's Address..........................................14 103 Expiration and File Name .................................14 105 Appendix: Initial ISO 7812 Brand Pointers.................15 107 1. Introduction 109 Financial transaction cards such as credit and debit cards are 110 identified by numbers issued in conjunction with ISO standard 7812 111 [ISO 7812-1] and applications that run on ISO smart cards are 112 identified by numbers issued in conjunction with ISO standard 7816 113 [ISO 7816-5]. In general, the leading digits of such numbers indicate 114 the category and/or issuing institution and the remainder of the 115 number provides further identification. 117 There has been no way, given such a number, to automatically find an 118 Internet site related to the card issuer, the card brand, or other 119 card facilities. Some operations in connections with smart card 120 resident applications, such as resetting certain error conditions on 121 a stored value card, may require contacting the issuer. Other 122 protocols may require that other facilities based on card number be 123 reached over the Internet. 125 A means of automatically mapping such identification numbers into 126 domain names means that as soon as a number is known (due to user 127 smart card insertion, the reading of a magnetic stripe, or user 128 selection from a list of previous entered credit cards, for example), 129 the ability would be present to easily attempt to contact facilities 130 on the Internet for that number. Thus web browsers/wallets could 131 provide "go to issuer", "go to brand", "get a certificate", etc., 132 buttons whenever an IS0 7812/7816 identification number is known. 134 1.1 ISO 7812 Details 136 Under ISO 7812, card numbers are decimal and the first 6 digits are 137 formally known as the Issuer Identification Number or IIN. This six 138 digit prefix is sometimes referred to as the BIN (Bank Identification 139 Number), although it applies to more than banks, and the entire 140 number is sometimes known as the PAN (Primary Account Number), even 141 though these numbers are also used for secondary accounts, Merchant 142 accounts, and other account and identification numbers. Card numbers 143 are frequently issued in connection with "brands" such as VISA, 144 MasterCard, American Express, JCB, Discover, Dinners Club, Air Travel 145 Card, etc. 147 Formally, ISO 7812 identification card numbers are divided as 148 follows: 150 1 2-6 7-> last 151 +-----+-------------------+-----------+-------------+ 152 | MII | issuer identifier | | | 153 +-----+-------------------+ account # | check digit | 154 | issuer identification # | | | 155 +-------------------------+-----------+-------------+ 156 | ISO 7812 identification number | 157 +---------------------------------------------------+ 158 MII = Major Industry Identifier as follows 159 0 - for ISO/TC 68 and other industry assignments 160 1 - airlines 161 2 - airlines and other industry assignments 162 3 - travel and entertainment 163 4/5 - banking/financial 164 6 - merchandizing and banking 165 7 - petroleum 166 8 - telecommunications and other industry assignments 167 9 - for national assignment 169 If the number starts with 9, the next three digits are the numeric 170 country code as defined in [ISO 3166] and the remainder of the number 171 is as defined by that national standards body for that country. 173 Account numbers are variable length up to a maximum of 12 digits so 174 the maximum total length is 19 bytes. 176 The check digit is calculated modulo 10 by the Luhn formula over all 177 the preceding digits as specified in [ISO 7812]. 179 The global registration agency for [ISO 7812] Issuer Identification 180 Numbers is the American Bankers Association [ABA] but application for 181 an IIN must generally be made through a national standards body. 183 1.2 ISO 7816 Details 185 ISO smart cards have applications on them each identified by a 186 hexadecimal Application Identifier (AID) BCD encoded into a maximum 187 of 16 bytes. In the past, most such cards have had a single 188 application but multiapplication cards are expected to be more common 189 in the future. 191 The first hex digit of the AID indicates the type of AID prefix as 192 listed below followed by details on each type. In general, the AID 193 prefix is followed a variable length "Proprietary application 194 identification extension" (PIX) under the control of the issuer 195 identified by the prefix. 197 0-9 An ISO 7812 IIN. 198 A International registration. 199 B-C Reserved for ISO. 200 D National registration. 201 E Reserved for ISO. 202 F Proprietary non-registered 204 1.2.1 ISO 7816 '0'-'9' Prefixes 206 AIDs with a prefix of '0' through '9' use ISO 7812 IINs for the 207 prefix (see section 1.1 above). 209 +-------------------------+--------+----------------------------+ 210 | ISO 7812 | | Proprietary application | 211 | issuer identification # | 'FF' | identifier extension (PIX) | 212 +-------------------------+--------+----------------------------+ 213 | Application identifier (AID), 2-16 bytes | 214 +---------------------------------------------------------------+ 216 [ISO 7816] is designed to be independent of IIN length and specifies 217 that if the IIN length is odd, it should be padded up the next full 218 byte by suffixing a hex 'F' nibble. 220 1.2.2 ISO 7816 'A' Prefixes 222 In AIDs with a prefix of 'A' (i.e., binary 1010), the prefix is 223 followed by 36 bits of Registry provider number as 9 BCD digits. 224 Values in these 9 nibbles that do not corresponding to a decimal 225 digits are reserved for ISO. 227 +---------------------------------------------------------+ 228 | Registered Application | Proprietary application | 229 | provider identifier (RID) | identifier extension (PIX) | 230 | 5 bytes | <= 11 bytes | 231 +---------------------------------------------------------+ 232 | Application identifier (AID), 1-16 bytes | 233 +---------------------------------------------------------+ 235 The registration authority for RIDs is [TELE DENMARK]. 237 1.2.3 ISO 7816 'D' Prefixes 239 The RID consists of the 4 bit D prefix (binary 1101), the country 240 code in 12 bits as 3 BCD digits coded according to the numeric 241 country codes in [ISO 3166], and 24 additional bits as specified by 242 the national standards body with BCD coding recommended. 244 +---------------------------------------------------------+ 245 | Registered Application | Proprietary application | 246 | provider identifier (RID) | identifier extension (PIX) | 247 | 5 bytes | <= 11 bytes | 248 +---------------------------------------------------------+ 249 | Application identifier (AID), 1-16 bytes | 250 +---------------------------------------------------------+ 252 1.2.4 ISO 7816 'B', 'C', and 'E' Prefixes 254 Prefixes 'B', 'C', and 'E' are reserved for future use by ISO and not 255 further specified. 257 1.2.5 ISO 7816 'F' Prefixes 259 Prefix 'F' indicates a proprietary non-registered AID. Because of 260 this, the same 'F' prefixed AID could be used by different 261 application providers for different applications. 263 +------------------------------------------------------+ 264 | Application Label | 265 +------------------------------------------------------+ 266 | Proprietary application identifier (AID), 1-16 bytes | 267 +------------------------------------------------------+ 269 2. Inverse Number Mapping and Wildcards 271 When numbers are allocated in lexically hierarchical blocks so that a 272 prefix or suffix of digits is a meaningful division, the DNS wildcard 273 feature can be used to provide a convenient delegation and lookup 274 mechanism. This works even when the numbers and prefixes/suffixes 275 are variable length. In this regard, it is important to remember that 276 more specific names override less specific ones for DNS wildcards. 278 Domain names start with the most significant label on the right and 279 go to less significant labels as you go left while in ISO 7812 and 280 7816 numbers the leading or left most digits are the most significant 281 while the trailing or right most digits are less significant. Thus, 282 the digits must be reversed to match the card number and DNS naming 283 systems and the digits must be interspersed with dots to provide 284 hierarchical division into DNS domains. 286 Note that the transformed, reversed number need not be exposed to 287 users but could be generated internally by software in an automatic 288 fashion. 290 [Note: while card.reg.int was assigned by IANA for this purpose, 291 follwing the 10 May 2000 statement by the IAB, this may be changed to 292 card.arpa or some other *.arpa.] 294 For example, currently the American Express card brand is the only 295 one using [ISO 7812] numbers starting with 37. However, this is not 296 a guarantee for all time and it could be that at some point some BIN 297 numbers starting with 37 would be assigned to a different brand. If 298 you are looking up facility "z" for card number 37012345678 (not a 299 valid American Express number), you could do a retrieval with a name 300 like 3.2.1.0.7.3.z.card.reg.int based on the first six digits of the 301 number. A wild card RR with the name *.7.3.z.card.reg.int would match 302 this and would appear in the response with its name expanded to the 303 specific name asked for, but only if there were no more specific 304 name. If there were a 3.2.1.0.7.3.z.card.reg.int specific name, for 305 instance, it would always be chosen in preference to the 306 *.7.3.card.reg.int wildcard in this case because it is a more exact 307 match. Thus more specific values can punch out holes in ranges 308 established by shorter, less specific prefixes. On the other hand, 309 if a retrieval were done for 7.7.7.7.7.3.z.card.reg.int, it would get 310 the more general *.7.3.z.card.reg.int wild card since it does not 311 match the more exact wildcard. (The situation is generally a little 312 more complex than indicted here because additional intermediate 313 length wildcards may be needed. See the Appendix for a more complete 314 example zone.) 316 3. Card Domain Names Specified 318 Subdomains are currently defined within the card.reg.int domain as 319 follows in alphabetic order: 321 [Note: while card.reg.int was assigned by IANA for this purpose, 322 follwing the 10 May 2000 statement by the IAB, this may be changed to 323 card.arpa or some other *.arpa.] 325 acquirer.card.reg.int - ISO 7812 card acquirers 326 aid.card.reg.int - ISO 7816 application identifiers 327 brand.card.reg.int. - ISO 7812 card brands. 328 issuer.card.reg.int. - ISO 7812 card issuers. 330 To find a facility, you need to (1) get the number, (2) reverse the 331 order of these digits, and (3) put a dot between each digit and add 332 the appropriate facility suffix. [ISO 7812] financial transaction 333 card identification numbers generally must be truncated to six digits 334 if revealing the full number in the DNS queries would be a security 335 problem. Generally revealing the entire number in a DNS query is not 336 a problem for [ISO 7816] AIDs. 338 None of the facility pointers obtained via these means need be 339 exclusive and these card related Internet facilities may have other 340 names and URLs that will also work. These facilities are intended to 341 supplement, not necessarily replace, direct communication of domain 342 names and URLs from financial institutions to their customers. 344 3.1 ISO 7812 Card Brand, Issuer, and Acquirer Pointers 346 The card brand and issuer home pages would be located by creating the 347 numeric portion as above and appending ".brand.card.reg.int" or 348 ".issuer.card.reg.int" respectively. A CNAME RR will be stored at 349 that name pointing to the actual domain name for the home page. A 350 CNAME is chosen, rather than having specific "A" RRs pointing to 351 host(s), "MX" RRs pointing to mail servers, etc., to minimize the 352 update load on the card.reg.int sub-domains. Changes in the serving 353 host, mail servers, etc., need only be made under the facility's 354 domain name, which the CNAME points to, rather than also under 355 card.reg.int. 357 For example, the brand for the card 551204..., a MasterCard card, 358 would be found by browsing at 4.0.2.1.5.5.brand.card.reg.int. and the 359 issuer for the card 471922..., a VISA card, would be found by 360 browsing at 2.2.9.1.7.4.issuer.reg.card.int. These domain names can 361 be automatically generated from a card number and need not be exposed 362 to users. 364 The Appendix shows possible initial content of the brand.card.reg.int 365 domain. There are relatively few brands and they are allocated to 366 moderately compact blocks of numbers with relatively few exceptions 367 not belonging to the block brand. So there will probably be under 368 2,000 entries in the brand.card.reg.int subdomain. 370 Since there are only a few tens of thousands of banks and other 371 issuers of significance in the world for financial transaction cards, 372 there should be well under 200,000 entries in the issuer.card.reg.int 373 subdomain. 375 Although at this time very large blocks of numbers are generally 376 allocated to brands (for example almost all card numbers starting 377 with 5 and 4 are MasterCard and Visa cards, respectively), some 378 numbers within these large blocks may be carved out by more specific 379 entries for other brands. 381 3.2 ISO 7812 Acquirer Facilities 383 Generally, merchants are assigned merchant IDs from the space of PANs 384 by their acquirer. Acquirer facilities can be located from such 385 numbers using the .acquirer.card.reg.int suffix. 387 3.3 ICON Location 389 For many of the facilities locatable via card.reg.int, some user 390 interface software will want to be able to display an image or icon. 391 Standard suffixes to the computed domain name of the facility are 392 recommended, as listed below, to make the default location of such 393 icons easier. 395 Suffix to Domain Name Image Size in Pixels 397 /icons/exsmall.gif 32 x 32 or 32 x 20 398 /icons/small.gif 53 x 33 399 /icons/medium.gif 103 x 65 400 /icons/large.gif 180 x 114 401 /icons/exlarge.gif 263 x 166 403 The larger dimension above is horizontal and the smaller is vertical. 404 The extra small version is permitted to be a 32x32 square which is a 405 common desk top operating system icon size. It is recommended that 406 displaying the extra small size be avoided due to lower 407 recognizability is such small images. The color palette of the icons 408 should be limited to colors typically available in an 8 bit or 256 409 color environment. 411 The above file name, size, and color recommendations are similar to 412 those in Book 2 of the SET standards [SET]. 414 3.4 Similar Proprietary Systems 416 Some proprietary systems use numbers schemes similar to [ISO 7812] or 417 [ISO 7816]. For instance, an "Example" stored cash card system might 418 use card IDs that have the same structure and prefixes as [ISO 7812] 419 card numbers. Such schemes are welcome to use the techniques 420 described in this document for inverse look up via DNS but should 421 place the inverse tree under their proprietary domain name. For 422 instance, the hypothetical stored cash card system could use 423 ....card-number.example.com. 425 3.5 ISO 7816 Application IDs 427 Facilities based on [ISO 7816] application identifiers can be found 428 using the 430 suffix. While a subset of such IDs are structured like ISO 7812 431 PANs, nevertheless, they are likely to need different facilities so 432 no reference is made to the parts of the card.reg.int DNS tree 433 allocated for non-smart card use. 435 4. Financial Institutions Not On Line 437 Some numbers may be allocated to institutions that do not have a 438 network presence. In some of those cases, a wildcard could provide an 439 appropriate pointer, say to a brand supplied bank lookup page that 440 provides telephone number and address or the like to contact the 441 bank. However, in cases where the next higher level wildcard would 442 provide inappropriate pointers for such institutions, it will be 443 necessary to add entries for such numbers which are CNAMEed to "not- 444 on-line.card.reg.int" which will not exist. Thus an appropriate 445 error message will be generated. 447 5. ISO 7812 BIN Ambiguity 449 For the facilities under card.reg.int using ISO 7812 numbers, the BIN 450 is defined as the first six digits of the account number. In many 451 cases an issuer or certification authority is defined by fewer 452 digits, for example the first four digits. This is no problem as a 453 wild card can be used to match all extensions of this shorter prefix. 454 However, cases where six digits are insufficient need special 455 handling as describe below. Such situations can arise due to 456 subdivision / subdelegation of a BIN for administrative reasons, due 457 to sale of part of a card population, as parts of bank mergers and 458 splits, etc. Additional digits can not be used in the DNS query 459 because they would reveal too much of the card number and thus be a 460 security risk. 462 If multiple institutions have decided to share a BIN, there are 463 several ways the situation can be handled. For the issuer web page 464 either (1) the institutions sharing the BIN can run a common web page 465 with links to their individual pages on it or (2) if they are all the 466 same brand, the brand can run such a multi-issuer referral page at 467 the BIN or, in many cases, at a higher level wildcard or (3) in the 468 event that they are different brands, the card.reg.int maintainer can 469 run a page providing access to the different sub-BIN issuers. A 470 multiple issuer home page could just have names, icons, and links to 471 the separate institutions or more complex indexing or search 472 facilities if it covered many banks. While this problem in not 473 expected to arise for the brand.card.reg.int subdomain, similar 474 solutions apply if it does. 476 6. Security Considerations 478 This document concerns a means to map ISO 7812 financial card and ISO 479 7816 smart card application identification numbers into the Domain 480 Name System (DNS) so that card related facilities on the Internet can 481 be automatically located. The security of the resulting pointers is 482 dependent on the integrity of the maintainer of the domain used for 483 this purpose and the security of the DNS, including the use of 484 security extensions [RFC 2535]. However, note that when used in 485 connection with many smart card application, certificate issuance, 486 and payment schemes, the security mechanisms of the protocols used 487 after communications is established provide strong protection against 488 spoofing or compromise of sensitive information even if the DNS were 489 subverted. 491 For currently existing types of ISO 7812 financial numbers, care 492 should be taken in making DNS queries that an entire sensitive 493 identification number is NOT used. Since DNS queries are not 494 encrypted, this would expose the card number within the Internet. No 495 more than the initial six digits may be used. (These consideration 496 do not generally apply to numbers based on ISO 7816 application 497 identifiers.) 499 References 501 [ABA] - 502 American Bankers Association 503 1120 Connecticut Avenue, N.W. 504 Washington, DC 20036 USA 506 +1-800-BANKERS 508 [ISO 3166] - Codes for the representation of names of countries. 510 [ISO 7812-1] - Identification card - Identification of Issuers. 512 [ISO 7816-5] - Identification card - Integrated circuit(s) cards with 513 contacts - Numbering system and registration procedures of 514 application identifiers 516 Note: The International Standards Organization web site is at 517 . Final ISO standards, such as 3166, 7812, and 518 7816, are not generally available on the Internet and usually must 519 be purchased through national standards bodies. 521 [RFC 1034] - Domain Names - Concepts and Facilities, P. Mockapetris, 522 November 1987 524 [RFC 1035] - Domain Names - Implementation and Specifications, P. 525 Mockapetris, November 1987. 527 [RFC 2535] - Domain Name System Security Extensions, D. Eastlake, 528 March 1999. 530 [SET] - Secure Electronic Transaction (SET) Specification, Version 531 1.0, May 31, 1997, available from . 532 Book 1: Business Description 533 Book 2: Programmer's Guide 534 Book 3: Formal Protocol Definition 536 [SET-EIG] - External Interface Guide to SET Secure Electronic 537 Transaction, September 24, 1997, available from 538 . 540 [TELE DENMARK] - , 541 Tele Denmark 542 Attn: ISO/IEC 7816-5 Registration Authority 543 Teglholmsgade 1 544 1790 Copenhagen V 545 Denmark 547 Author's Address 549 Donald E. Eastlake 3rd 550 Motorola 551 155 Beaver Street 552 Milford, MA 01757 USA 554 Telephone: +1 508-634-2066 (h) 555 +1 508-261-5434 (w) 556 FAX: +1 508-261-4447 (w) 557 EMail: Donald.Eastlake@motorola.com 559 Expiration and File Name 561 This draft expires August 2001. 563 Its file name is draft-eastlake-card-map-08.txt. 565 Appendix: Initial ISO 7812 Brand Pointers 567 This table shows possible initial brand name pointers that might be 568 installed in the brand.card.reg.int domain. 570 [In light of the 10 May 2000 IAB statement on infrastructure domains, 571 card.reg.int may be changed to card.arpa or other *.arpa.] 573 Initial Name CNAME 575 *.brand.card.reg.int unknown-brand.card.reg.int 576 *.1.brand.card.reg.int www.air-travel-card.com 577 *.3.brand.card.reg.int unknown-brand.card.reg.int 578 *.0.3.brand.card.reg.int www.dinersclub.com 579 *.6.0.3.brand.card.reg.int www.dinersclub.com 580 *.9.6.0.3.brand.card.reg.int www.jcb.co.jp 581 *.8.0.3.brand.card.reg.int www.dinersclub.com 582 *.8.8.0.3.brand.card.reg.int www.jcb.co.jp 583 *.1.3.brand.card.reg.int www.jcb.co.jp 584 *.3.3.brand.card.reg.int www.americanexpress.com 585 *.3.3.3.brand.card.reg.int www.americanexpress.com 586 *.7.3.3.3.brand.card.reg.int www.jcb.co.jp 587 *.5.3.brand.card.reg.int unknown-brand.card.reg.int 588 *.2.5.3.brand.card.reg.int unknown-brand.card.reg.int 589 *.8.2.5.3.brand.card.reg.int www.jcb.co.jp 590 *.6.3.brand.card.reg.int www.dinersclub.com 591 *.7.3.brand.card.reg.int www.americanexpress.com 592 *.8.3.brand.card.reg.int www.dinersclub.com 593 *.4.brand.card.reg.int www.visa.com 594 *.5.brand.card.reg.int www.mastercard.com 595 *.6.brand.card.reg.int unknown-brand.card.reg.int 596 *.0.6.brand.card.reg.int unknown-brand.card.reg.int 597 *.1.0.6.brand.card.reg.int unknown-brand.card.reg.int 598 *.1.1.0.6.brand.card.reg.int www.novus.com 600 (MasterCard actually only has numbers starting with 51 through 56 but 601 until some other brand with cards issued with ISO 7812 numbers 602 starting with a 5 are entered into the DNS zone, there is no reason 603 to go to any more detail in the wildcard.)