idnits 2.17.1 draft-gellens-ecrit-car-crash-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 13, 2014) is 3724 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC4119' is defined on line 863, but no explicit reference was found in the text == Unused Reference: 'RFC6442' is defined on line 883, but no explicit reference was found in the text == Unused Reference: 'RFC4481' is defined on line 912, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3023 (Obsoleted by RFC 7303) ** Obsolete normative reference: RFC 4288 (Obsoleted by RFC 6838) == Outdated reference: A later version (-14) exists of draft-ietf-ecrit-trustworthy-location-07 Summary: 2 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ECRIT R. Gellens 3 Internet-Draft Qualcomm Technologies, Inc 4 Intended status: Informational B. Rosen 5 Expires: August 17, 2014 NeuStar, Inc. 6 H. Tschofenig 7 (no affiliation) 8 February 13, 2014 10 Internet Protocol-based In-Vehicle Emergency Calls 11 draft-gellens-ecrit-car-crash-02.txt 13 Abstract 15 This document describes how to use IP-based emergency services 16 mechanisms to support the next generation of emergency calls placed 17 by vehicles (automatically in the event of a crash or serious 18 incident, or manually invoked by a vehicle occupant) and conveying 19 vehicle, sensor, and location data related to the crash or incident. 20 Such calls are often referred to as "Automatic Crash Notification" 21 (ACN), or "Advanced Automatic Crash Notification" (AACN), even in the 22 case of manual trigger. The "Advanced" qualifier refers to the 23 ability to carry a richer set of data. 25 This document also registers a MIME Content Type and an Emergency 26 Call Additional Data Block for the vehicle, sensor, and location data 27 (often referred to as "crash data" even though there is not 28 necessarily a crash). 30 Profiling and simplifications are possible due to the nature of the 31 functionality that is provided in vehicles with the usage of Global 32 Satellite Navigation System (GNSS). 34 Status of This Memo 36 This Internet-Draft is submitted in full conformance with the 37 provisions of BCP 78 and BCP 79. 39 Internet-Drafts are working documents of the Internet Engineering 40 Task Force (IETF). Note that other groups may also distribute 41 working documents as Internet-Drafts. The list of current Internet- 42 Drafts is at http://datatracker.ietf.org/drafts/current/. 44 Internet-Drafts are draft documents valid for a maximum of six months 45 and may be updated, replaced, or obsoleted by other documents at any 46 time. It is inappropriate to use Internet-Drafts as reference 47 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on August 17, 2014. 50 Copyright Notice 52 Copyright (c) 2014 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (http://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 68 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 69 3. Overview of Current Deployment Models . . . . . . . . . . . . 6 70 4. Document Scope . . . . . . . . . . . . . . . . . . . . . . . 8 71 5. Migration to Next-Generation . . . . . . . . . . . . . . . . 8 72 6. Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 73 7. Call Setup . . . . . . . . . . . . . . . . . . . . . . . . . 10 74 8. Call Routing . . . . . . . . . . . . . . . . . . . . . . . . 13 75 9. Test Calls . . . . . . . . . . . . . . . . . . . . . . . . . 14 76 10. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 77 11. Security Considerations . . . . . . . . . . . . . . . . . . . 16 78 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 79 12.1. Service URN Registration . . . . . . . . . . . . . . . . 16 80 12.2. MIME Content-type Registration for 81 'application/EmergencyCall.VEDS+xml' . . . . . . . . . . 17 82 12.3. Registration of the 'VEDS' entry in the Emergency Call 83 Additional Data registry . . . . . . . . . . . . . . . . 18 84 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 18 85 14. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 86 15. Changes from Previous Versions . . . . . . . . . . . . . . . 18 87 15.1. Changes from -01 to -02 . . . . . . . . . . . . . . . . 18 88 15.2. Changes from -00 to -01 . . . . . . . . . . . . . . . . 18 89 16. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 90 16.1. Normative References . . . . . . . . . . . . . . . . . . 19 91 16.2. Informative references . . . . . . . . . . . . . . . . . 20 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 94 1. Terminology 95 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 96 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 97 document are to be interpreted as described in [RFC2119]. 99 This document re-uses terminology defined in Section 3 of [RFC5012]. 101 Additionally, we use the following abbreviations: 103 3GPP: 3rd Generation Partnership Project 105 AACN: Advanced Automatic Crash Notification 107 ACN: Automatic Crash Notification 109 APCO: Association of Public-Safety Communications Officials 111 EENA: European Emergency Number Association 113 ESInet: Emergency Services IP network 115 GNSS: Global Satellite Navigation System (which includes the various 116 such systems including the Global Positioning System or GPS) 118 IVS: In-Vehicle System 120 MNO: Mobile Network Operator 122 NENA: National Emergency Number Association 124 TSP: Telematics Service Provider 126 VEDS: Vehicle Emergency Data Set 128 2. Introduction 130 Emergency calls made by in-vehicle systems (e.g., in the event of a 131 crash) assist in significantly reducing road deaths and injuries by 132 allowing emergency services to respond quickly and often with better 133 location. 135 Drivers often have a poor location awareness, especially outside of 136 major cities, at night and when away from home (especially abroad). 137 In the most crucial cases, the victim(s) may not be able to call 138 because they have been injured or trapped. 140 For more than a decade, some vehicles have been equipped with 141 telematics systems that, among other features, place an emergency 142 call automatically in the event of a crash or manually in response to 143 an emergency call button. Such systems generally have on-board 144 location determination systems that make use of satellite-based 145 positioning technology, inertial sensors, gyroscopes, etc., to 146 provide a fairly accurate position for the vehicle. Such built-in 147 systems can take advantage of the benefits of being integrated into a 148 vehicle, such as more reliable power, ability to have larger or 149 specialized antenna, ability to be engineered to avoid or minimise 150 degradation by vehicle glass coatings, interference from other 151 vehicle systems, etc. Thus, the PSAP can be provided with a good 152 estimate of where the vehicle is during an emergency. Vehicle 153 manufacturers are increasingly adopting such systems, both for the 154 safety benefits and for the additional features and services they 155 enable (e.g., remote engine diagnostics, remote door unlock, stolen 156 vehicle tracking and disabling, etc.). 158 The general term for such systems is Automatic Crash Notification 159 (ACN) or "Advanced Automatic Crash Notification" (AACN). "ACN" is 160 used in this document as a general term. ACN systems transmit some 161 amount of data specific to the incident, referred to generally as 162 "crash data." While different systems transmit different amounts of 163 crash data, standardized formats, structures, and mechanisms are 164 needed to provide interoperability among systems and PSAPs. 166 Currently deployed in-vehicle telematics systems are circuit-switched 167 and lack a standards-based ability to convey crash data directly to 168 the PSAP (generally relying on either a human call taker or an 169 automated system to provide the PSAP call taker with some crash data 170 orally, or possibly a proprietary mechanism) and are difficult to 171 extend as new sensors are added. 173 The transition to next-generation calling in general, and emergency 174 calling in particular, provides an opportunity to vastly improve the 175 scope, breadth, reliability and usefulness of crash data during an 176 emergency by allowing it to be presented alongside the call, and to 177 be automatically processed by the PSAP and made available to the call 178 taker in an integrated, automated way. In addition, vehicle 179 manufacturers are provided an opportunity to take advantage of the 180 same standardized mechanisms for data transmission for internal use 181 if they wish (such as telemetry between the vehicle and a service 182 center for both emergency and non-emergency uses, including location- 183 based services, multi-media entertainment systems, and road-side 184 assistance applications). 186 Next-generation ACN provides an opportunity for such calls to be 187 recognized and processed as such during call set-up, and routed to a 188 specialized PSAP where the vehicle data is available to assist the 189 call taker in assessing and responding to the situation. 191 An ACN call may be either occupant-initiated or automatically 192 triggered. (The "A" in "ACN" does stand for "Automatic," but the 193 term is often used to refer to the class of calls that are placed by 194 an in-vehicle system (IVS) and that carry incident-related data as 195 well as voice.) Automatically triggered calls indicate a car crash 196 or some other serious incident (e.g., a fire) and carry a greater 197 presumption of risk of injury. Manually triggered calls are often 198 reports of serious hazards (such as drunk drivers) and may require 199 different responses depending on the situation. Manually triggered 200 calls are also more likely to be false (e.g., accidental) calls and 201 may thus be subject to different handling by the PSAP. 203 This document describes how the IETF mechanisms for IP-based 204 emergency calls, including [RFC6443] and [additional-data-draft], are 205 used to provide the realization of next-generation ACN. 207 The Association of Public-Safety Communications Officials (APCO) and 208 the National Emergency Number Association (NENA) have jointly 209 developed a standardized set of incident-related vehicle data for ACN 210 use, called the Vehicle Emergency Data Set (VEDS) [VEDS]. Such data 211 is often referred to as crash data although it is applicable in 212 incidents other than crashes. 214 VEDS provides a standard data set for the transmission, exchange, and 215 interpretation of vehicle-related data. A standard data format 216 allows the data to be generated by an IVS, and interpreted by PSAPs, 217 emergency responders, and medical facilities (including those capable 218 of providing trauma level patient care). It includes incident- 219 related information such as airbag deployment, location of the 220 vehicle, if the vehicle was involved in a rollover, various sensor 221 data that can indicate the potential severity of the crash and the 222 likelihood of severe injuries to the vehicle occupants, etc. This 223 data better informs the PSAP and emergency responders as to the type 224 of response that may be needed. This information was recently 225 included in the federal guidelines for field triage of injured 226 patients. These guidelines are designed to help responders at the 227 accident scene identify the potential existence of severe internal 228 injuries and to make critical decisions about how and where a patient 229 needs to be transported. 231 This document registers the 'application/EmergencyCallData.VEDS+xml' 232 MIME content-type, and registers the 'VEDS' entry in the Emergency 233 Call Additional Data registry. 235 VEDS is an XML structure (see [VEDS]). The 'application/ 236 EmergencyCallData.VEDS+xml' MIME content-type is used to identify it. 237 The 'VEDS' entry in the Emergency Call Additional Data registry is 238 used to construct a 'purpose' parameter value for conveying VEDS data 239 in a Call-Info header (as described in [additional-data-draft]). 241 VEDS is a versatile structure that can accomodate varied needs. 242 However, if additional sets of data are determined to be needed, the 243 steps to enable each data block are very briefly summarized below: 245 o A standardized format and encoding (such as XML) is defined and 246 published by a Standards Development Organization (SDO). 247 o A MIME Content-Type is registered for it (typically under the 248 'Application' media type and with a sub-type starting with 249 'EmergencyCallData.'). 250 o An entry for the block is added to the Emergency Call Additional 251 Data Blocks sub-registry (established by [additional-data-draft]); 252 the registry entry is the root of the MIME sub-type (not including 253 the 'EmergencyCallData' prefix and any suffix such as '+xml'). 255 A next-generation In-Vehicle System (IVS) transmits crash data by 256 encoding it in a standardized and registered format (such as VEDS) 257 and attaching it to an INVITE as a MIME body part. The body part is 258 identified by its MIME content-type (such as 'application/ 259 EmergencyCallData.VEDS+xml') in the Content-Type header field of the 260 body part. The body part is assigned a unique identifier which is 261 listed in a Content-ID header field in the body part. The INVITE is 262 marked as containing the crash data by adding (or appending to) a 263 Call-Info header field at the top level of the INVITE. The Call-Info 264 header field contains a CID URL referencing the body part's unique 265 identifier, and a 'purpose' parameter identifying the data as the 266 crash data per the registry entry; the 'purpose' parameter's value is 267 'EmergencyCallData.' and the root of the MIME type (not including the 268 'EmergencyCallData' prefix and any suffix such as '+xml' (e.g., 269 'purpose=EmergencyCallData.VEDS'). 271 The mechanisms described here can be used place emergency calls that 272 are identifiable as ACN calls and that carry one or more standardized 273 crash data objects in an interoperable way. 275 Note that while ACN systems in the U.S. and other regions are not 276 currently mandated, Europe has a mandated and standardized system for 277 emergency calls by in-vehicle systems. This pan-European system is 278 known as "eCall" and is not further discussed in this document but is 279 the subject of a separate document, [eCall-draft] 281 3. Overview of Current Deployment Models 282 Current (circuit-switched or legacy) systems for placing emergency 283 calls by in-vehicle systems, including automatic crash notification 284 systems, generally have a limited ability to convey at least location 285 and in some cases telematics data to the PSAP. Most such systems use 286 one of three architectural models, which are described here as: 287 "Telematics Service Provider" (TSP), "direct", and "paired handset". 288 These three models are illustrated below. 290 In the TSP model, both emergency and non-emergency calls are placed 291 to a Telematics Service Provider (TSP); a proprietary technique is 292 used for data transfer (such as proprietary in-band modems) to the 293 TSP. 295 In an emergency, the TSP call taker bridges in the PSAP and 296 communicates location, crash data (such as impact severity and trauma 297 prediction), and other data (such as the vehicle description) to the 298 PSAP call taker verbally. Typically, a three-way voice call is 299 established between the vehicle, the TSP, and the PSAP, allowing 300 communication between the PSAP call taker, the TSP call taker, and 301 the vehicle occupants (who might be unconscious). 303 ///----\\\ proprietary +------+ 911 trunk +------+ 304 ||| IVS |||-------------->+ TSP +------------------>+ PSAP | 305 \\\----/// crash data +------+ +------+ 307 Figure 1: Legacy TSP Model. 309 In the paired model, the IVS uses a Bluetooth link with a previously- 310 paired handset to establish an emergency call with the PSAP (by 311 dialing a standard emergency number such as 9-1-1), and then 312 communicates location data to the PSAP via text-to-speech; crash data 313 is not conveyed. Some such systems use an automated voice prompt 314 menu (e.g., "this is an automatic emergency call from a vehicle; 315 press 1 to open a voice path to the vehicle; press 2 to hear the 316 location read out") to allow the call taker to request location data 317 via text-to-speech. 319 +---+ 320 ///----\\\ | H | 911/etc voice call via handset +------+ 321 ||| IVS |||-->| S +----------------------------------->+ PSAP | 322 \\\----/// +---+ location via text-to-speech +------+ 324 Figure 2: Legacy Paired Model 326 In the direct model, the IVS directly places an emergency call with 327 the PSAP by dialing a standard emergency number such as 9-1-1. Such 328 systems might communicate location data to the PSAP via text-to- 329 speech; crash data might not be conveyed. 331 ///----\\\ 911/etc voice call via IVS +------+ 332 ||| IVS |||---------------------------------------->+ PSAP | 333 \\\----/// location via text-to-speech +------+ 335 Figure 3: Legacy Direct Model 337 4. Document Scope 339 This document is focused on the interface to the PSAP, that is, how 340 an ACN emergency call is setup and incident-related data (including 341 vehicle, sensor, and location data) is transmitted to the PSAP using 342 IETF specifications. (The goal is to re-use specifications rather 343 than to invent new.) For the direct model, this is the end-to-end 344 description (between the vehicle and the PSAP). For the TSP model, 345 this describes the right-hand side (between the TSP and the PSAP), 346 leaving the left-hand side (between the vehicle and the TSP) up to 347 the entities involved (i.e., IVS and TSP vendors) who are then free 348 to use the same mechanism as for the right-hand side (or not). 350 This document does not address pan-European eCall (a mandated and 351 standardized system for emergency calls by in-vehicle systems within 352 Europe and other regions), which is the subject of a separate 353 document, [eCall-draft] 355 5. Migration to Next-Generation 357 Migration of emergency calls placed by in-vehicle systems to next- 358 generation (all-IP) technology provides a standardized mechanism to 359 identify such calls and to present crash data with the call. This 360 allows ACN calls and crash data to be automatically processed by the 361 PSAP and made available to the call taker in an integrated, automated 362 way. 364 Vehicle manufacturers using the TSP model may choose to take 365 advantage of the same mechanism to carry telematics data between the 366 vehicle and the TSP for both emergency and non-emergency calls. 368 A next-generation IVS establishes an emergency call using the 3GPP 369 IMS solution with a Request-URI indicating an ACN type of emergency 370 call with vehicle data attached; the MNO only needs to recognize the 371 call as an emergency call and route it to an ESInet; the ESInet 372 recognizes the call as an ACN with vehicle data and routes the call 373 to an NG-ACN capable PSAP; the PSAP interpets the vehicle data sent 374 with the call and makes it available to the call taker. 376 Because of the need to identify and specially process Next-Generation 377 ACN calls (as discussed above), this document registers new service 378 URN children within the "sos" subservice. These URNs provide the 379 mechanism by which an NG-ACN call is identified, and differentiate 380 between manually and automatically triggered NG-ACN calls (which may 381 be subject to different treatment, depending on policy). The two 382 service URNs are: 'urn:service:sos.vehicle.automatic' and 383 'urn:service:sos.vehicle.manual'. 385 Migration of the three architectural models to next-generation (all- 386 IP) is described below. 388 In the TSP model, the IVS transmits crash and location data to the 389 TSP using either a protocol that is based on a proprietary design or 390 one that re-uses IETF specifications. In an emergency, the TSP call 391 taker bridges in the PSAP and the TSP transmits crash and other data 392 to the PSAP using IETF specifications. There is a three-way call 393 between the vehicle, the TSP, and the PSAP, allowing communication 394 between the PSAP call taker, the TSP call taker, and the vehicle 395 occupants (who might be unconscious). 397 proprietary 398 ///----\\\ or standard +------+ standard +------+ 399 ||| IVS ||| ------------------->+ TSP +------------------->+ PSAP | 400 \\\----/// crash + other data +------+ crash + other data +------+ 402 Figure 4: Next-Generation TSP Model 404 The vehicle manufacturer and the TSP may choose to use the same IETF 405 specifications to transmit crash and location data from the vehicle 406 to the TSP as is described here to transmit such data from the TSP to 407 the PSAP. 409 In the paired model, the IVS uses a Bluetooth link to a previously- 410 paired handset to establish an emergency call with the PSAP; it is 411 not clear what facilities are or will be available for transmitting 412 crash data through the Bluetooth link. 414 +---+ 415 ///----\\\ (unclear) | H | (unclear) +------+ 416 ||| IVS |||------------------>| S +------------------->+ PSAP | 417 \\\----/// (unclear) +---+ (unclear) +------+ 419 Figure 5: Next-Generation Paired Model 421 In the direct model, the IVS communicates crash data to the PSAP 422 directly using IETF specifications. 424 ///----\\\ NG1-1-2/NG9-1-1 call +------+ 425 ||| IVS |||----------------------------------------->+ PSAP | 426 \\\----/// crash data +------+ 428 Figure 6: Next-Generation Model 430 6. Profile 432 In the context of emergncy calls placed by an in-vehicle system it is 433 assumed that the car is equipped with a built-in GNSS receiver. For 434 this reason only geodetic location information will be sent within an 435 emergency call. The following location shapes MUST be implemented: 436 2d and 3d Point (see Section 5.2.1 of [RFC5491]), Circle (see 437 Section 5.2.3 of [RFC5491]), and Ellipsoid (see Section 5.2.7 of 438 [RFC5491]). The coordinate reference systems (CRS) specified in 439 [RFC5491] are also mandatory for this document. The 440 element, as defined in [RFC5962] which indicates the direction of 441 travel of the vehicle, is important for dispatch and hence it MUST be 442 included in the PIDF-LO . The element specified in 443 [RFC5962] MUST be implemented and MAY be included. 445 Calls by in-vehicle systems are placed via cellular networks, which 446 may ignore location sent by an originating device in an emergency 447 call INVITE, instead attaching their own location (often determined 448 in cooperation with the originating device). The IVS MAY attach 449 location data to the call INVITE. Standardized crash data structures 450 often include location as determined by the IVS. A benefit of this 451 is that it allows the PSAP to see both the location as determined by 452 the cellular network (often in cooperation with the originating 453 device) and the location as determined by the IVS. 455 This specification also inherits the ability to utilize test call 456 functionality from Section 15 of [RFC6881]. 458 7. Call Setup 460 It is important that ACN calls be easily identifiable as such at all 461 stages of call handling, and that automatic versis manual triggering 462 be known. ACN calls differ from general emergency calls in several 463 aspects, including the presence of standardized crash data, the fact 464 that the call is known to be placed by an in-vehicle system (which 465 has implications for PSAP operational processes), and, especially for 466 automatic calls, information that may indicate a likelihood of severe 467 injury and hence need for trauma services. Knowledge that a call is 468 an ACN and further that it was automatically or manually invoked 469 carries a range of implications about the call, the circumstances, 470 and the vehicle occupants. Calls by in-vehicle systems may be 471 considered a specific sub-class of general emergency calls and need 472 to be handled by a PSAP with the technical and operational 473 capabilities to serve such calls. (This is especially so in 474 environments such as the U.S. where there are many PSAPs and where 475 individual PSAPs have a range of capabilities.) Technical 476 capabilities include the ability to recognize and process 477 standardized crash data. Operational capabilities include training 478 and processes for assessing severe injury likelihood and responding 479 appropriately (e.g., dispatching trauma-capable medical responders, 480 transporting victims to a trauma center, alerting the receiving 481 facility, etc.). 483 Because ACN calls differ in significant ways from general emergency 484 calls, and because such calls need to be handled by specialized PSAPs 485 (equipped technically to interpet and make use of crash data, and 486 operationally to handle emergency calls placed by in-vehicle 487 systems), this document proposes an SOS sub-service for ACN/car 488 crash, specifically, "SOS.vehicle". Using a sub-service makes it 489 readily obvious that the call is an ACN; a further child elements is 490 proposed to distinguish calls automatically placed due to a crash or 491 other serious incident (such as a fire) from those manually invoked 492 by a vehicle occupant (specifically, "SOS.vehicle.automatic" and 493 "SOS.vehicle.manual"). The distinction between automatic and manual 494 invocation is also significant; automatically triggered calls 495 indicate a car crash or some other serious incident (e.g., a fire) 496 and carry a greater presumption of risk of injury and hence need for 497 specific responders (such as trauma or fire). Manually triggered 498 calls are often reports of serious hazards (such as drunk drivers) 499 and may require different responses depending on the situation. 500 Manually triggered calls are also more likely to be false (e.g., 501 accidental) calls and may thus be subject to different handling by 502 the PSAP. 504 A next-generation In-Vehicle System (IVS) transmits crash data by 505 encoding it in a standardized and registered format and attaching it 506 to an INVITE as an additional data block as specified in Section 4.1 507 of [additional-data-draft]. As described in that document, the block 508 is identified by its MIME content-type, and pointed to by a CID URL 509 in a Call-Info header with a 'purpose' parameter value corresponding 510 to the block. 512 Specifically, the steps required during standardization are: 514 o A set of crash data is standardized by an SDO or appropriate 515 organization 517 o A MIME Content-Type for the crash data set is registered with IANA 518 * If the data is specifically for use in emergency calling, the 519 MIME type is normally under the 'application' type with a 520 subtype starting with 'EmergencyCallData.' 522 * If the data format is XML, then by convention the name has a 523 suffix of '+xml' 525 o The item is registered in the Emergency Call Additional Data 526 registry, as defined in Section 9.1.7 of [additional-data-draft] 528 * For emergency-call-specific formats, the registered name is the 529 root of the MIME Content-Type (not including the 530 'EmergencyCallData' prefix and any suffix such as '+xml') as 531 described in Section 4.1 of [additional-data-draft] 533 When placing an emergency call: 535 o The crash data set is created and encoded per its specification 537 o The crash data set is attached to the emergency call INVITE as 538 specified in Section 4.1 of [additional-data-draft], that is, as a 539 MIME body part identified by its MIME Content-Type in the body 540 part's Content-Type header field 542 o The body part is assigned a unique identifier label in a Content- 543 ID header field of the body part 545 o A Call-Info header field at the top level of the INVITE references 546 the crash data and identifies it by its MIME root (as registered 547 in the Emergency Call Additional Data registry) 549 * The crash data is referenced in the Call-Info header field by a 550 CID URL that contains the unique Content ID assigned to the 551 crash data body part 553 * The crash data is identified in the Call-Info header field by a 554 'purpose' parameter whose value is 'EmergencyCallData.' 555 concatenated with the specific crash data entry in the 556 Emergency Call Additional Data registry 558 * The Call-Info header field MAY be either solely to reference 559 the crash data (and hence have only the one URL) or may also 560 contain other URLs referencing other data 562 o Additional crash data sets MAY be included by following the same 563 steps 565 The Vehicle Emergency Data Set (VEDS) is an XML structure defined by 566 the Association of Public-Safety Communications Officials (APCO) and 567 the National Emergency Number Association (NENA) [VEDS]. The 568 'application/EmergencyCallData.VEDS+xml' MIME content-type is used to 569 identify it. The 'VEDS' entry in the Emergency Call Additional Data 570 registry is used to construct a 'purpose' parameter value for 571 conveying VEDS data in a Call-Info header. 573 The VEDS data is attached as a body part with MIME content type 574 'application/EmergencyCallData.VEDS+xml' which is pointed at by a 575 Call-Info URL of type CID with a 'purpose' parameter of 576 'EmergencyCallData.VEDS'. 578 Entities along the path between the vehicle and the PSAP are able to 579 identify the call as an ACN call and handle it appropriately. The 580 PSAP is able to identify the crash data as well as any other 581 additional data attached to the INVITE by examining the Call-Info 582 header fields for 'purpose' parameters whose values start with 583 'EmergencyCallData.' The PSAP is able to access and the data it is 584 capable of handling and is interested in by checking the 'purpose' 585 parameter values. 587 8. Call Routing 589 An Emergency Services IP Network (ESInet) is a network operated by 590 emergency services authorities. It handles emergency call routing 591 and processing before delivery to a PSAP. In the NG9-1-1 592 architecture adopted by NENA as well as the NG1-1-2 architecture 593 adopted by EENA, each PSAP is connected to one or more ESInets. Each 594 originating network is also connected to one or more ESInets. The 595 ESInets maintain policy-based routing rules which control the routing 596 and processing of emergency calls. The centralization of such rules 597 within ESInets provides for a cleaner separation between the 598 responsibilities of the originating network and that of the emergency 599 services network, and provides greater flexibility and control over 600 processing of emergency calls by the emergency services authorities. 601 This makes it easier to react quickly to unusual situations that 602 require changes in how emergency calls are routed or handled (e.g., a 603 natural disaster closes a PSAP), as well as ease in making long-term 604 changes that affect such routing (e.g., cooperative agreements to 605 specially handle calls requiring translation or relay services). 607 In an environment that uses ESInets, the originating network need 608 only detect that the service URN of an emergency call is or starts 609 with "sos", passing all types of emergency calls to an ESInet. The 610 ESInet is then responsible for routing such calls to an appropriate 611 PSAP. In an environment without an ESInet, the emergency services 612 authorities and the originating carriers would need to determine how 613 such calls are routed. 615 9. Test Calls 617 This specification also inherits the ability to utilize test call 618 functionality from Section 15 of [RFC6881]. 620 A service URN starting with "test." indicates a request for an 621 automated test. For example, 622 "urn:service:test.sos.vehicle.automatic" indicates such a test 623 feature. This functionality is defined in [RFC6881]. 625 10. Example 627 Figure 7 shows an emergency call placed by a vehicle whereby location 628 information and VEDS crash data are both attached to the SIP INVITE 629 message. The INVITE has a request URI containing the 630 'urn:service:sos.vehicle.automatic' service URN and is thus 631 recognized as an ACN type of emergency call, and is also recognized 632 as a type of emergency call because the request URI starts with 633 'urn:service:sos'. The mobile network operator (MNO) routes the call 634 to an Emergency services IP Network (ESInet), as for any emergency 635 call. The ESInet processes the call as an ACN and routes the call to 636 an appropriate ACN-capable PSAP (using location information and the 637 fact that that it is an ACN). (In deployments where there is no 638 ESInet, the MNO itself needs to route directly to an appropriate ACN- 639 capable PSAP.) The call is processed by the Emergency Services 640 Routing Proxy (ESRP), as the entry point to the ESInet. The ESRP 641 routes the call to an appropriate ACN-capable PSAP, where the call is 642 received by a call taker. 644 +-----------------------------------------+ 645 | | 646 +------------+ | +-------+ | 647 | | | | PSAP2 | | 648 | | | +-------+ | 649 | Originating| | | 650 | Mobile | | +------+ +-------+ | 651 Vehicle-->| Network |--+->| ESRP |---->| PSAP1 |---> Call-Taker | 652 | | | +------+ +-------+ | 653 | | | | 654 +------------+ | +-------+ | 655 | | PSAP3 | | 656 | +-------+ | 657 | | 658 | | 659 | | 660 | ESInet | 661 +-----------------------------------------+ 663 Figure 7: Example of Vehicle-Placed Emergency Call Message Flow 665 The example, shown in Figure 8, illustrates a SIP emergency call 666 eCall INVITE that is being conveyed with location information (a 667 PIDF-LO) and crash data (as VEDS data). 669 INVITE urn:service:sos.vehicle.automatic SIP/2.0 670 To: urn:service:sos.ecall.automatic 671 From: ;tag=9fxced76sl 672 Call-ID: 3848276298220188511@atlanta.example.com 673 Geolocation: 674 Geolocation-Routing: no 675 Call-Info: cid:1234567890@atlanta.example.com; 676 purpose=EmergencyCallData.VEDS 677 Accept: application/sdp, application/pidf+xml 678 CSeq: 31862 INVITE 679 Content-Type: multipart/mixed; boundary=boundary1 680 Content-Length: ... 682 --boundary1 684 Content-Type: application/sdp 686 ...Session Description Protocol (SDP) goes here 688 --boundary1 690 Content-Type: application/pidf+xml 691 Content-ID: 692 693 701 702 703 704 705 -34.407 150.883 706 707 708 278 709 710 711 712 713 gps 714 715 2012-04-5T10:18:29Z 716 1M8GDM9A_KP042788 717 718 720 --boundary1 722 Content-Type: application/EmergencyCallData.VEDS+xml 723 Content-ID: 1234567890@atlanta.example.com 725 ...eCall VEDS data object goes here 727 --boundary1-- 729 Figure 8: SIP INVITE indicating an In-Vehicular Emergency Call 731 11. Security Considerations 733 This document does not raise security considerations beyond those 734 described in [RFC5069]. As with emergency service systems with end 735 host provided location information there is the possibility that that 736 location is incorrect, either intentially (in case of an a denial of 737 service attack against the emergency services infrastructure) or due 738 to a malfunctioning devices. The reader is referred to 739 [I-D.ietf-ecrit-trustworthy-location] for a discussion of some of 740 these vulnerabilities. 742 12. IANA Considerations 744 12.1. Service URN Registration 746 IANA is requested to register the URN 'urn:service:sos.vehicle' under 747 the sub-services 'sos' registry defined in Section 4.2 of [RFC5031]. 749 This service identifier reaches a public safety answering point 750 (PSAP), which in turn dispatches aid appropriate to the emergency 751 related to accidents of vehicles. The following two sub-services are 752 registered as well: 754 urn:service:sos.vehicle.manual 756 This service URN indicates that an emergency call carrying vehicle 757 sensor ("crash") data has been placed by an in-vehicle system 758 (IVS) based on the manual interaction of the driver or a 759 passenger. 761 urn:service:sos.vehicle.automatic 763 This service URN indicates that an emergency call carrying vehicle 764 sensor ("crash") data has been placed by an in-vehicle system 765 (IVS) triggered automatically, for example, due to a crash. 767 12.2. MIME Content-type Registration for 'application/ 768 EmergencyCall.VEDS+xml' 770 This specification requests the registration of a new MIME type 771 according to the procedures of RFC 4288 [RFC4288] and guidelines in 772 RFC 3023 [RFC3023]. 774 MIME media type name: application 776 MIME subtype name: EmergencyCallData.VEDS+xml 778 Mandatory parameters: none 780 Optional parameters: charset 782 Indicates the character encoding of enclosed XML. 784 Encoding considerations: Uses XML, which can employ 8-bit 785 characters, depending on the character encoding used. See 786 Section 3.2 of RFC 3023 [RFC3023]. 788 Security considerations: This content type is designed to carry 789 vehicle crash data during an emergency call. This data may 790 contains personal information including vehicle VIN, location, 791 direction, etc. appropriate precautions need to be taken to limit 792 unauthorized access, inappropriate disclosure to third parties, 793 and eavesdropping of this information. Please refer to Section 7 794 and Section 8 of [additional-data-draft] for more information. 796 Interoperability considerations: None 798 Published specification: [VEDS] 799 Applications which use this media type: Emergency Services 801 Additional information: None 803 Magic Number: None 805 File Extension: .xml 807 Macintosh file type code: 'TEXT' 809 Person and email address for further information: Hannes 810 Tschofenig, Hannes.Tschofenig@gmx.net 812 Intended usage: LIMITED USE 814 Author: This specification is a work item of the IETF ECRIT 815 working group, with mailing list address . 817 Change controller: The IESG 819 12.3. Registration of the 'VEDS' entry in the Emergency Call Additional 820 Data registry 822 This specification requests IANA to add the 'VEDS' entry to the 823 Emergency Call Additional Data registry, with a reference to this 824 document. The Emergency Call Additional Data registry has been 825 established by [additional-data-draft]. 827 13. Contributors 829 We would like to thank Ulrich Dietz for his help with earlier 830 versions of the original version of this document. 832 14. Acknowledgements 834 We would like to thank Michael Montag, Arnoud van Wijk, Ban Al-Bakri, 835 and Gunnar Hellstrom for their feedback. 837 15. Changes from Previous Versions 839 15.1. Changes from -01 to -02 841 o Fixed case of 'EmergencyCallData', in accordance with changes to 842 [additional-data-draft] 844 15.2. Changes from -00 to -01 845 o Now using 'EmergencyCallData' for purpose parameter values and 846 MIME subtypes, in accordance with changes to 847 [additional-data-draft] 849 o Added reference to RFC 6443 851 o Fixed bug that caused Figure captions to not appear 853 16. References 855 16.1. Normative References 857 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 858 Requirement Levels", BCP 14, RFC 2119, March 1997. 860 [RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media 861 Types", RFC 3023, January 2001. 863 [RFC4119] Peterson, J., "A Presence-based GEOPRIV Location Object 864 Format", RFC 4119, December 2005. 866 [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and 867 Registration Procedures", RFC 4288, December 2005. 869 [RFC5031] Schulzrinne, H., "A Uniform Resource Name (URN) for 870 Emergency and Other Well-Known Services", RFC 5031, 871 January 2008. 873 [RFC5491] Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV 874 Presence Information Data Format Location Object (PIDF-LO) 875 Usage Clarification, Considerations, and Recommendations", 876 RFC 5491, March 2009. 878 [RFC5962] Schulzrinne, H., Singh, V., Tschofenig, H., and M. 879 Thomson, "Dynamic Extensions to the Presence Information 880 Data Format Location Object (PIDF-LO)", RFC 5962, 881 September 2010. 883 [RFC6442] Polk, J., Rosen, B., and J. Peterson, "Location Conveyance 884 for the Session Initiation Protocol", RFC 6442, December 885 2011. 887 [RFC6443] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, 888 "Framework for Emergency Calling Using Internet 889 Multimedia", RFC 6443, December 2011. 891 [RFC6881] Rosen, B. and J. Polk, "Best Current Practice for 892 Communications Services in Support of Emergency Calling", 893 BCP 181, RFC 6881, March 2013. 895 [VEDS] , "Vehicular Emergency Data Set (VEDS) version 3", July 896 2012, . 899 [additional-data-draft] 900 Rosen, B., Tschofenig, H., Marshall, R., Gellens, R., and 901 J. Winterbottom, "Additional Data related to an Emergency 902 Call", draft-ietf-ecrit-additional-data-11 (work in 903 progress), July 2013. 905 16.2. Informative references 907 [I-D.ietf-ecrit-trustworthy-location] 908 Tschofenig, H., Schulzrinne, H., and B. Aboba, 909 "Trustworthy Location", draft-ietf-ecrit-trustworthy- 910 location-07 (work in progress), July 2013. 912 [RFC4481] Schulzrinne, H., "Timed Presence Extensions to the 913 Presence Information Data Format (PIDF) to Indicate Status 914 Information for Past and Future Time Intervals", RFC 4481, 915 July 2006. 917 [RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for 918 Emergency Context Resolution with Internet Technologies", 919 RFC 5012, January 2008. 921 [RFC5069] Taylor, T., Tschofenig, H., Schulzrinne, H., and M. 922 Shanmugam, "Security Threats and Requirements for 923 Emergency Call Marking and Mapping", RFC 5069, January 924 2008. 926 [eCall-draft] 927 Gellens, RG., "Next-Generation Pan-European eCall", 2013. 929 Authors' Addresses 931 Randall Gellens 932 Qualcomm Technologies, Inc 933 5775 Morehouse Drive 934 San Diego 92651 935 US 937 Email: rg+ietf@qti.qualcomm.com 938 Brian Rosen 939 NeuStar, Inc. 940 470 Conrad Dr 941 Mars, PA 16046 942 US 944 Email: br@brianrosen.net 946 Hannes Tschofenig 947 (no affiliation) 949 Email: Hannes.Tschofenig@gmx.net 950 URI: http://www.tschofenig.priv.at