idnits 2.17.1 draft-ietf-ecrit-car-crash-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([RFC6881], [I-D.ietf-ecrit-ecall], [RFC6443]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 4, 2015) is 3218 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC5031' is defined on line 945, but no explicit reference was found in the text == Outdated reference: A later version (-38) exists of draft-ietf-ecrit-additional-data-24 ** Obsolete normative reference: RFC 3023 (Obsoleted by RFC 7303) ** Obsolete normative reference: RFC 4288 (Obsoleted by RFC 6838) Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ECRIT R. Gellens 3 Internet-Draft Qualcomm Technologies, Inc 4 Intended status: Informational B. Rosen 5 Expires: January 3, 2016 NeuStar, Inc. 6 H. Tschofenig 8 July 4, 2015 10 Next-Generation Vehicle-Initiated Emergency Calls 11 draft-ietf-ecrit-car-crash-03.txt 13 Abstract 15 This document describes how to use IP-based emergency services 16 mechanisms to support the next generation of emergency calls placed 17 by vehicles (automatically in the event of a crash or serious 18 incident, or manually invoked by a vehicle occupant) and conveying 19 vehicle, sensor, and location data related to the crash or incident. 20 Such calls are often referred to as "Automatic Crash Notification" 21 (ACN), or "Advanced Automatic Crash Notification" (AACN), even in the 22 case of manual trigger. The "Advanced" qualifier refers to the 23 ability to carry a richer set of data. 25 This document also registers a MIME Content Type and an Emergency 26 Call Additional Data Block for the vehicle, sensor, and location data 27 (often referred to as "crash data" even though there is not 28 necessarily a crash). An external specification for the data format, 29 contents, and structure are referenced in this document. 31 Profiling and simplifications of the general emergency call 32 mechanism, as described in [RFC6443] and [RFC6881], are possible due 33 to the nature of the functionality that is provided in vehicles such 34 as the usage of Global Satellite Navigation System (GNSS). 36 This document reuses the technical aspects of next-generation pan- 37 European eCall (a mandated and standardized system for emergency 38 calls by in-vehicle systems within Europe and other regions), as 39 described in [I-D.ietf-ecrit-ecall]. However, this document 40 specifies a different set of vehicle (crash) data, specifically, the 41 Vehicle Emergency Data Set (VEDS) rather than the eCall Minimum Set 42 of Data (MSD). 44 Status of This Memo 46 This Internet-Draft is submitted in full conformance with the 47 provisions of BCP 78 and BCP 79. 49 Internet-Drafts are working documents of the Internet Engineering 50 Task Force (IETF). Note that other groups may also distribute 51 working documents as Internet-Drafts. The list of current Internet- 52 Drafts is at http://datatracker.ietf.org/drafts/current/. 54 Internet-Drafts are draft documents valid for a maximum of six months 55 and may be updated, replaced, or obsoleted by other documents at any 56 time. It is inappropriate to use Internet-Drafts as reference 57 material or to cite them other than as "work in progress." 59 This Internet-Draft will expire on January 3, 2016. 61 Copyright Notice 63 Copyright (c) 2015 IETF Trust and the persons identified as the 64 document authors. All rights reserved. 66 This document is subject to BCP 78 and the IETF Trust's Legal 67 Provisions Relating to IETF Documents 68 (http://trustee.ietf.org/license-info) in effect on the date of 69 publication of this document. Please review these documents 70 carefully, as they describe your rights and restrictions with respect 71 to this document. Code Components extracted from this document must 72 include Simplified BSD License text as described in Section 4.e of 73 the Trust Legal Provisions and are provided without warranty as 74 described in the Simplified BSD License. 76 Table of Contents 78 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 79 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 80 3. Overview of Current Deployment Models . . . . . . . . . . . . 7 81 4. Document Scope . . . . . . . . . . . . . . . . . . . . . . . 8 82 5. Migration to Next-Generation . . . . . . . . . . . . . . . . 9 83 6. Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 84 7. Call Setup . . . . . . . . . . . . . . . . . . . . . . . . . 11 85 8. Call Routing . . . . . . . . . . . . . . . . . . . . . . . . 14 86 9. Test Calls . . . . . . . . . . . . . . . . . . . . . . . . . 15 87 10. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 88 11. Security Considerations . . . . . . . . . . . . . . . . . . . 17 89 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 90 12.1. MIME Content-type Registration for 91 'application/EmergencyCall.VEDS+xml' . . . . . . . . . . 18 92 12.2. Registration of the 'VEDS' entry in the Emergency Call 93 Additional Data registry . . . . . . . . . . . . . . . . 19 94 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 19 95 14. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 96 15. Changes from Previous Versions . . . . . . . . . . . . . . . 19 97 15.1. Changes from draft-ietf-01 to draft-ietf-02 . . . . . . 19 98 15.2. Changes from draft-ietf-00 to draft-ietf-01 . . . . . . 19 99 15.3. Changes from draft-gellens-02 to draft-ietf-00 . . . . . 20 100 15.4. Changes from draft-gellens-01 to -02 . . . . . . . . . . 20 101 15.5. Changes from draft-gellens-00 to -01 . . . . . . . . . . 20 102 16. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 103 16.1. Normative References . . . . . . . . . . . . . . . . . . 20 104 16.2. Informative references . . . . . . . . . . . . . . . . . 21 105 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 107 1. Terminology 109 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 110 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 111 document are to be interpreted as described in [RFC2119]. 113 This document re-uses terminology defined in Section 3 of [RFC5012]. 115 Additionally, we use the following abbreviations: 117 +--------+----------------------------------------------------------+ 118 | Term | Expansion | 119 +--------+----------------------------------------------------------+ 120 | 3GPP | 3rd Generation Partnership Project | 121 | AACN | Advanced Automatic Crash Notification | 122 | ACN | Automatic Crash Notification | 123 | APCO | Association of Public-Safety Communications Officials | 124 | EENA | European Emergency Number Association | 125 | ESInet | Emergency Services IP network | 126 | GNSS | Global Satellite Navigation System (which includes the | 127 | | various such systems including the Global Positioning | 128 | | System or GPS) | 129 | IVS | In-Vehicle System | 130 | MNO | Mobile Network Operator | 131 | NENA | National Emergency Number Association | 132 | TSP | Telematics Service Provider | 133 | VEDS | Vehicle Emergency Data Set | 134 +--------+----------------------------------------------------------+ 136 2. Introduction 138 Emergency calls made by in-vehicle systems (e.g., in the event of a 139 crash) assist in significantly reducing road deaths and injuries by 140 allowing emergency services to respond quickly and often with better 141 location. 143 Drivers often have a poor location awareness, especially outside of 144 major cities, at night and when away from home (especially abroad). 146 In the most crucial cases, the victim(s) may not be able to call 147 because they have been injured or trapped. 149 For more than a decade, some vehicles have been equipped with 150 telematics systems that, among other features, place an emergency 151 call automatically in the event of a crash or manually in response to 152 an emergency call button. Such systems generally have on-board 153 location determination systems that make use of satellite-based 154 positioning technology, inertial sensors, gyroscopes, etc., to 155 provide a fairly accurate position for the vehicle. Such built-in 156 systems can take advantage of the benefits of being integrated into a 157 vehicle, such as more reliable power, ability to have larger or 158 specialized antenna, ability to be engineered to avoid or minimise 159 degradation by vehicle glass coatings, interference from other 160 vehicle systems, etc. Thus, the PSAP can be provided with a good 161 estimate of where the vehicle is during an emergency. Vehicle 162 manufacturers are increasingly adopting such systems, both for the 163 safety benefits and for the additional features and services they 164 enable (e.g., remote engine diagnostics, remote door unlock, stolen 165 vehicle tracking and disabling, etc.). 167 The general term for such systems is Automatic Crash Notification 168 (ACN) or "Advanced Automatic Crash Notification" (AACN). "ACN" is 169 used in this document as a general term. ACN systems transmit some 170 amount of data specific to the incident, referred to generally as 171 "crash data" (the term is commonly used even though there might not 172 have been a crash). While different systems transmit different 173 amounts of crash data, standardized formats, structures, and 174 mechanisms are needed to provide interoperability among systems and 175 PSAPs. 177 Currently deployed in-vehicle telematics systems are circuit-switched 178 and lack a standards-based ability to convey crash data directly to 179 the PSAP (generally relying on either a human call taker or an 180 automated system to provide the PSAP call taker with some crash data 181 orally, or possibly a proprietary mechanism). The PSAP call taker 182 needs to first realize that the call is related to a vehicle 183 incident, and in most cases must then listen to the data and 184 transcribe it. 186 The transition to next-generation calling in general, and emergency 187 calling in particular, provides an opportunity to vastly improve the 188 scope, breadth, reliability and usefulness of crash data during an 189 emergency by allowing it to be presented alongside the call, and to 190 be automatically processed by the PSAP and made available to the call 191 taker in an integrated, automated way. In addition, vehicle 192 manufacturers are provided an opportunity to take advantage of the 193 same standardized mechanisms for data transmission for internal use 194 if they wish (such as telemetry between the vehicle and a service 195 center for both emergency and non-emergency uses, including location- 196 based services, multi-media entertainment systems, and road-side 197 assistance applications). 199 Next-generation ACN provides an opportunity for such calls to be 200 recognized and processed as such during call set-up, and optionally 201 routed to an upgraded PSAP where the vehicle data is available to 202 assist the call taker in assessing and responding to the situation. 204 An ACN call may be either occupant-initiated or automatically 205 triggered. (The "A" in "ACN" does stand for "Automatic," but the 206 term is often used to refer to the class of calls that are placed by 207 an in-vehicle system (IVS) and that carry incident-related data as 208 well as voice.) Automatically triggered calls indicate a car crash 209 or some other serious incident (e.g., a fire) and carry a greater 210 presumption of risk of injury. Manually triggered calls are often 211 reports of serious hazards (such as impaired drivers or roadway 212 debris) and may require different responses depending on the 213 situation. Manually triggered calls are also more likely to be false 214 (e.g., accidental) calls and may thus be subject to different 215 handling by the PSAP. 217 This document describes how the IETF mechanisms for IP-based 218 emergency calls, including [RFC6443] and 219 [I-D.ietf-ecrit-additional-data], are used to provide the realization 220 of next-generation ACN. 222 The Association of Public-Safety Communications Officials (APCO) and 223 the National Emergency Number Association (NENA) have jointly 224 developed a standardized set of incident-related vehicle data for ACN 225 use, called the Vehicle Emergency Data Set (VEDS) [VEDS]. Such data 226 is often referred to as crash data although it is applicable in 227 incidents other than crashes. 229 VEDS provides a standard data set for the transmission, exchange, and 230 interpretation of vehicle-related data. A standard data format 231 allows the data to be generated by an IVS, and interpreted by PSAPs, 232 emergency responders, and medical facilities (including those capable 233 of providing trauma level patient care). It includes incident- 234 related information such as airbag deployment, location of the 235 vehicle, if the vehicle was involved in a rollover, various sensor 236 data that can indicate the potential severity of the crash and the 237 likelihood of severe injuries to the vehicle occupants, etc. This 238 data better informs the PSAP and emergency responders as to the type 239 of response that may be needed. This information was recently 240 included in the federal guidelines for field triage of injured 241 patients. These guidelines are designed to help responders at the 242 accident scene identify the potential existence of severe internal 243 injuries and to make critical decisions about how and where a patient 244 needs to be transported. 246 This document registers the 'application/EmergencyCallData.VEDS+xml' 247 MIME content-type, and registers the 'VEDS' entry in the Emergency 248 Call Additional Data registry. 250 VEDS is an XML structure (see [VEDS]). The 'application/ 251 EmergencyCallData.VEDS+xml' MIME content-type is used to identify it. 252 The 'VEDS' entry in the Emergency Call Additional Data registry is 253 used to construct a 'purpose' parameter value for conveying VEDS data 254 in a Call-Info header (as described in 255 [I-D.ietf-ecrit-additional-data]). 257 VEDS is a versatile structure that can accomodate varied needs. 258 However, if additional sets of data are determined to be needed 259 (e.g., in the future or in different regions), the steps to enable 260 each data block are very briefly summarized below: 262 o A standardized format and encoding (such as XML) is defined and 263 published by a Standards Development Organization (SDO). 265 o A MIME Content-Type is registered for it (typically under the 266 'Application' media type and with a sub-type starting with 267 'EmergencyCallData.'). 269 o An entry for the block is added to the Emergency Call Additional 270 Data Blocks sub-registry (established by 271 [I-D.ietf-ecrit-additional-data]); the registry entry is the root 272 of the MIME sub-type (not including the 'EmergencyCallData' prefix 273 and any suffix such as '+xml'). 275 A next-generation In-Vehicle System (IVS) transmits crash data by 276 encoding it in a standardized and registered format (such as VEDS) 277 and attaching it to an INVITE as a MIME body part. The body part is 278 identified by its MIME content-type (such as 'application/ 279 EmergencyCallData.VEDS+xml') in the Content-Type header field of the 280 body part. The body part is assigned a unique identifier which is 281 listed in a Content-ID header field in the body part. The INVITE is 282 marked as containing the crash data by adding a Call-Info header 283 field at the top level of the INVITE. This Call-Info header field 284 contains a CID URL referencing the body part's unique identifier, and 285 a 'purpose' parameter identifying the data as the crash data per the 286 registry entry; the 'purpose' parameter's value is 287 'EmergencyCallData.' and the root of the MIME type (not including the 288 'EmergencyCallData' prefix and any suffix such as '+xml' (e.g., 289 'purpose=EmergencyCallData.VEDS'). 291 The mechanisms described here are thus used to place emergency calls 292 that are identifiable as ACN calls and that carry one or more 293 standardized crash data objects in an interoperable way. 295 3. Overview of Current Deployment Models 297 Current (circuit-switched or legacy) systems for placing emergency 298 calls by in-vehicle systems, including automatic crash notification 299 systems, generally have a limited ability to convey at least location 300 and in some cases telematics data to the PSAP. Most such systems use 301 one of three architectural models, which are described here as: 302 "Telematics Service Provider" (TSP), "direct", and "paired handset". 303 These three models are illustrated below. 305 In the TSP model, both emergency and non-emergency calls are placed 306 to a Telematics Service Provider (TSP); a proprietary technique is 307 used for data transfer (such as proprietary in-band modems) to the 308 TSP. 310 In an emergency, the TSP call taker bridges in the PSAP and 311 communicates location, crash data (such as impact severity and trauma 312 prediction), and other data (such as the vehicle description) to the 313 PSAP call taker verbally. Typically, a three-way voice call is 314 established between the vehicle, the TSP, and the PSAP, allowing 315 communication between the PSAP call taker, the TSP call taker, and 316 the vehicle occupants (who might be unconscious). 318 ///----\\\ proprietary +------+ 911 trunk +------+ 319 ||| IVS |||-------------->+ TSP +------------------>+ PSAP | 320 \\\----/// crash data +------+ +------+ 322 Figure 1: Legacy TSP Model. 324 In the paired model, the IVS uses a Bluetooth link with a previously- 325 paired handset to establish an emergency call with the PSAP (by 326 dialing a standard emergency number such as 9-1-1), and then 327 communicates location data to the PSAP via text-to-speech; crash data 328 is not conveyed. Some such systems use an automated voice prompt 329 menu (e.g., "this is an automatic emergency call from a vehicle; 330 press 1 to open a voice path to the vehicle; press 2 to hear the 331 location read out") to allow the call taker to request location data 332 via text-to-speech. 334 +---+ 335 ///----\\\ | H | 911/etc voice call via handset +------+ 336 ||| IVS |||-->| S +----------------------------------->+ PSAP | 337 \\\----/// +---+ location via text-to-speech +------+ 339 Figure 2: Legacy Paired Model 341 In the direct model, the IVS directly places an emergency call with 342 the PSAP by dialing a standard emergency number such as 9-1-1. Such 343 systems might communicate location data to the PSAP via text-to- 344 speech; crash data might not be conveyed. 346 ///----\\\ 911/etc voice call via IVS +------+ 347 ||| IVS |||---------------------------------------->+ PSAP | 348 \\\----/// location via text-to-speech +------+ 350 Figure 3: Legacy Direct Model 352 4. Document Scope 354 This document is focused on the interface to the PSAP, that is, how 355 an ACN emergency call is setup and incident-related data (including 356 vehicle, sensor, and location data) is transmitted to the PSAP using 357 IETF specifications. (The goal is to re-use specifications rather 358 than to invent new.) For the direct model, this is the end-to-end 359 description (between the vehicle and the PSAP). For the TSP model, 360 this describes the right-hand side (between the TSP and the PSAP), 361 leaving the left-hand side (between the vehicle and the TSP) up to 362 the entities involved (i.e., IVS and TSP vendors) who are then free 363 to use the same mechanism as for the right-hand side (or not). 365 Note that while ACN systems in the U.S. and other regions are not 366 currently mandated, Europe has a mandated and standardized system for 367 emergency calls by in-vehicle systems. This pan-European system is 368 known as "eCall" and is the subject of a separate document, 369 [I-D.ietf-ecrit-ecall]. Vehicles designed to operate in multiple 370 regions may need to support eCall as well as the ACN described here. 371 If other regions devise their own specifications or data formats, a 372 multi-region vehicle may need to support those as well. This 373 document adopts the call set-up and other technical aspects of 374 [I-D.ietf-ecrit-ecall], which uses [I-D.ietf-ecrit-additional-data], 375 which makes it easy to substitute a different data set while keeping 376 other technical aspects unchanged. Hence, both NG-eCall and the ACN 377 mechanism described here are fully compatible, differing only in the 378 specific data block that is sent (the eCall MSD in the case of NG- 379 eCall, and the APCO/NENA VEDS used in this document). If other 380 regions adopt their own data set, this can be similarly accomodated 381 without changing other technical aspects. 383 5. Migration to Next-Generation 385 Migration of emergency calls placed by in-vehicle systems to next- 386 generation (all-IP) technology provides a standardized mechanism to 387 identify such calls and to present crash data with the call. This 388 allows ACN calls and crash data to be automatically processed by the 389 PSAP and made available to the call taker in an integrated, automated 390 way. Because the crash data is carried in the initial SIP INVITE 391 (per [I-D.ietf-ecrit-additional-data]) the PSAP can present it to the 392 call taker simultaneously with the appearance of the call. 394 Vehicle manufacturers using the TSP model may choose to take 395 advantage of the same mechanism to carry telematics data between the 396 vehicle and the TSP for both emergency and non-emergency calls. 398 A next-generation IVS establishes an emergency call using the 399 emergency call solution as described in [RFC6443] and [RFC6881], with 400 the difference that the Request-URI indicates an ACN type of 401 emergency call and a Call-Info header field indicates that vehicle 402 crash data is attached. When an ESInet is deployed the MNO only 403 needs to recognize the call as an emergency call and route it to an 404 ESInet. The ESInet may recognize the call as an ACN with vehicle 405 data and may route the call to an NG-ACN capable PSAP. Such a PSAP 406 would interpret the vehicle data sent with the call and make it 407 available to the call taker. 409 Because of the need to identify and specially process Next-Generation 410 ACN calls (as discussed above), [I-D.ietf-ecrit-ecall] registers new 411 service URN children within the "sos" subservice. These URNs provide 412 a mechanism by which an NG-ACN call is identified, and differentiate 413 between manually and automatically triggered NG-ACN calls, which can 414 be subject to different treatment, depending on policy. (The two 415 service URNs registered in [I-D.ietf-ecrit-ecall] are: 416 urn:service:sos.ecall.automatic and urn:service:sos.ecall.manual.) 418 Note that in North America, routing queries performed by clients 419 outside of an ESInet are likely to treat all sub-services of "sos" 420 identically to "sos" with no sub-service. However, the Request-URI 421 header field retains the full sub-service; route and handling 422 decisions within an ESInet or PSAP may take the sub-service into 423 account. For example, in a region with multiple cooperating PSAPs, 424 an NG-ACN call might be routed to a PSAP that is NG-ACN capable, or 425 one that specializes in vehicle-related incidents. 427 Migration of the three architectural models to next-generation (all- 428 IP) is described below. 430 In the TSP model, the IVS transmits crash and location data to the 431 TSP using either a protocol that is based on a proprietary design or 432 one that re-uses IETF specifications. In an emergency, the TSP call 433 taker bridges in the PSAP and the TSP transmits crash and other data 434 to the PSAP using IETF specifications. There is a three-way call 435 between the vehicle, the TSP, and the PSAP, allowing communication 436 between the PSAP call taker, the TSP call taker, and the vehicle 437 occupants (who might be unconscious). 439 proprietary 440 ///----\\\ or standard +------+ standard +------+ 441 ||| IVS ||| ------------------->+ TSP +------------------->+ PSAP | 442 \\\----/// crash + other data +------+ crash + other data +------+ 444 Figure 4: Next-Generation TSP Model 446 The vehicle manufacturer and the TSP may choose to use the same IETF 447 specifications to transmit crash and location data from the vehicle 448 to the TSP as is described here to transmit such data from the TSP to 449 the PSAP. 451 In the paired model, the IVS uses a Bluetooth link to a previously- 452 paired handset to establish an emergency call with the PSAP; it is 453 not clear what facilities are or will be available for transmitting 454 crash data through the Bluetooth link to the handset for inclusion in 455 an NG emergency call. 457 +---+ 458 ///----\\\ (unclear) | H | (unclear) +------+ 459 ||| IVS |||------------------>| S +------------------->+ PSAP | 460 \\\----/// (unclear) +---+ (unclear) +------+ 462 Figure 5: Next-Generation Paired Model 464 In the direct model, the IVS communicates crash data to the PSAP 465 directly using IETF specifications. 467 ///----\\\ NG emergency call +------+ 468 ||| IVS |||----------------------------------------->+ PSAP | 469 \\\----/// crash + other data +------+ 471 Figure 6: Next-Generation Model 473 If the call is routed to a PSAP that is not capable of processing the 474 vehicle data, the PSAP ignores (or does not receive) the vehicle 475 data. This is detectable by the IVS or TSP when it receives a 200 OK 476 to the INVITE that lacks an eCall control structure acknowledging 477 receipt of the data [I-D.ietf-ecrit-ecall]. The IVS or TSP then 478 proceeds as it would for a non-NG ACN call (e.g., verbal conveyance 479 of data) 481 6. Profile 483 In the context of emergncy calls placed by an in-vehicle system it is 484 assumed that the car is equipped with a built-in GNSS receiver. For 485 this reason only geodetic location information will be sent within an 486 emergency call. The following location shapes MUST be implemented: 487 2d and 3d Point (see Section 5.2.1 of [RFC5491]), Circle (see 488 Section 5.2.3 of [RFC5491]), and Ellipsoid (see Section 5.2.7 of 489 [RFC5491]). The coordinate reference systems (CRS) specified in 490 [RFC5491] are also mandatory for this document. The 491 element, as defined in [RFC5962] which indicates the direction of 492 travel of the vehicle, is important for dispatch and hence it MUST be 493 included in the PIDF-LO [RFC4119]. The element specified 494 in [RFC5962] MUST be implemented and MAY be included. 496 Calls by in-vehicle systems are placed via cellular networks, which 497 may ignore location sent by an originating device in an emergency 498 call INVITE, instead attaching their own location (often determined 499 in cooperation with the originating device). Standardized crash data 500 structures often include location as determined by the IVS. A 501 benefit of this is that it allows the PSAP to see both the location 502 as determined by the cellular network (often in cooperation with the 503 originating device) and the location as determined by the IVS. 505 This specification inherits the ability to utilize test call 506 functionality from Section 15 of [RFC6881]. 508 7. Call Setup 510 It is important that ACN calls be easily identifiable as such at all 511 stages of call handling, and that automatic versus manual triggering 512 be known. ACN calls differ from general emergency calls in several 513 aspects, including the presence of standardized crash data, the fact 514 that the call is known to be placed by an in-vehicle system (which 515 has implications for PSAP operational processes), and, especially for 516 automatic calls, information that may indicate a likelihood of severe 517 injury and hence need for trauma services. Knowledge that a call is 518 an ACN and further that it was automatically or manually invoked 519 carries a range of implications about the call, the circumstances, 520 and the vehicle occupants. Calls by in-vehicle systems may be 521 considered a specific sub-class of general emergency calls and are 522 optimally handled by a PSAP with the technical and operational 523 capabilities to serve such calls. (This is especially so in 524 environments such as the U.S. where there are many PSAPs and where 525 individual PSAPs have a range of capabilities.) Technical 526 capabilities include the ability to recognize and process 527 standardized crash data. Operational capabilities include training 528 and processes for assessing severe injury likelihood and responding 529 appropriately (e.g., dispatching trauma-capable medical responders or 530 those trained and equipped to extract occupants from crashed vehicles 531 and handle gasoline or other hazardous materials, transporting 532 victims to a trauma center, alerting the receiving facility, etc.). 534 Because ACN calls differ in significant ways from general emergency 535 calls, and because such calls should be handled by specialized PSAPs 536 (equipped technically to interpet and make use of crash data, and 537 operationally to handle emergency calls placed by in-vehicle 538 systems), [I-D.ietf-ecrit-ecall] registers SOS sub-services. Using a 539 sub-service makes it readily obvious that the call is an ACN; a 540 further child element distinguishes calls automatically placed due to 541 a crash or other serious incident (such as a fire) from those 542 manually invoked by a vehicle occupant (specifically, 543 "SOS.ecall.automatic" and "SOS.ecall.manual"). The distinction 544 between automatic and manual invocation is also significant; 545 automatically triggered calls indicate a car crash or some other 546 serious incident (e.g., a fire) and carry a greater presumption of 547 risk of injury and hence need for specific responders (such as trauma 548 or fire). Manually triggered calls are often reports of serious 549 hazards (such as drunk drivers) and may require different responses 550 depending on the situation. Manually triggered calls are also more 551 likely to be false (e.g., accidental) calls and may thus be subject 552 to different handling by the PSAP. 554 A next-generation In-Vehicle System (IVS) transmits crash data by 555 encoding it in a standardized and registered format and attaching it 556 to an INVITE as an additional data block as specified in Section 4.1 557 of [I-D.ietf-ecrit-additional-data]. As described in that document, 558 the block is identified by its MIME content-type, and pointed to by a 559 CID URL in a Call-Info header with a 'purpose' parameter value 560 corresponding to the block. 562 Specifically, the steps required during standardization are: 564 o A set of crash data is standardized by an SDO or appropriate 565 organization 567 o A MIME Content-Type for the crash data set is registered with IANA 568 * If the data is specifically for use in emergency calling, the 569 MIME type is normally under the 'application' type with a 570 subtype starting with 'EmergencyCallData.' 572 * If the data format is XML, then by convention the name has a 573 suffix of '+xml' 575 o The item is registered in the Emergency Call Additional Data 576 registry, as defined in Section 9.1.7 of 577 [I-D.ietf-ecrit-additional-data] 579 * For emergency-call-specific formats, the registered name is the 580 root of the MIME Content-Type (not including the 581 'EmergencyCallData' prefix and any suffix such as '+xml') as 582 described in Section 4.1 of [I-D.ietf-ecrit-additional-data] 584 When placing an emergency call: 586 o The crash data set is created and encoded per its specification 588 o The crash data set is attached to the emergency call INVITE as 589 specified in Section 4.1 of [I-D.ietf-ecrit-additional-data], that 590 is, as a MIME body part identified by its MIME Content-Type in the 591 body part's Content-Type header field 593 o The body part is assigned a unique identifier label in a Content- 594 ID header field of the body part 596 o A Call-Info header field at the top level of the INVITE is added 597 that references the crash data and identifies it by its MIME root 598 (as registered in the Emergency Call Additional Data registry) 600 * The crash data is referenced in the Call-Info header field by a 601 CID URL that contains the unique Content ID assigned to the 602 crash data body part 604 * The crash data is identified in the Call-Info header field by a 605 'purpose' parameter whose value is 'EmergencyCallData.' 606 concatenated with the specific crash data entry in the 607 Emergency Call Additional Data registry 609 * The Call-Info header field MAY be either solely to reference 610 the crash data (and hence have only the one URL) or may also 611 contain other URLs referencing other data 613 o Additional crash data sets MAY be included by following the same 614 steps 616 The Vehicle Emergency Data Set (VEDS) is an XML structure defined by 617 the Association of Public-Safety Communications Officials (APCO) and 618 the National Emergency Number Association (NENA) [VEDS]. The 619 'application/EmergencyCallData.VEDS+xml' MIME content-type is used to 620 identify it. The 'VEDS' entry in the Emergency Call Additional Data 621 registry is used to construct a 'purpose' parameter value for 622 conveying VEDS data in a Call-Info header. 624 The VEDS data is attached as a body part with MIME content type 625 'application/EmergencyCallData.VEDS+xml' which is pointed at by a 626 Call-Info URL of type CID with a 'purpose' parameter of 627 'EmergencyCallData.VEDS'. 629 Entities along the path between the vehicle and the PSAP are able to 630 identify the call as an ACN call and handle it appropriately. The 631 PSAP is able to identify the crash data as well as any other 632 additional data attached to the INVITE by examining the Call-Info 633 header fields for 'purpose' parameters whose values start with 634 'EmergencyCallData.' The PSAP is able to access and the data it is 635 capable of handling and is interested in by checking the 'purpose' 636 parameter values. 638 8. Call Routing 640 An Emergency Services IP Network (ESInet) is a network operated by or 641 on behalf of emergency services authorities. It handles emergency 642 call routing and processing before delivery to a PSAP. In the 643 NG9-1-1 architecture adopted by NENA as well as the NG1-1-2 644 architecture adopted by EENA, each PSAP is connected to one or more 645 ESInets. Each originating network is also connected to one or more 646 ESInets. The ESInets maintain policy-based routing rules which 647 control the routing and processing of emergency calls. The 648 centralization of such rules within ESInets provides for a cleaner 649 separation between the responsibilities of the originating network 650 and that of the emergency services network, and provides greater 651 flexibility and control over processing of emergency calls by the 652 emergency services authorities. This makes it easier to react 653 quickly to unusual situations that require changes in how emergency 654 calls are routed or handled (e.g., a natural disaster closes a PSAP), 655 as well as ease in making long-term changes that affect such routing 656 (e.g., cooperative agreements to specially handle calls requiring 657 translation or relay services). 659 In an environment that uses ESInets, the originating network need 660 only detect that the service URN of an emergency call is or starts 661 with "sos", passing all types of emergency calls to an ESInet. The 662 ESInet is then responsible for routing such calls to an appropriate 663 PSAP. In an environment without an ESInet, the emergency services 664 authorities and the originating carriers would need to determine how 665 such calls are routed. 667 9. Test Calls 669 This document uses [I-D.ietf-ecrit-ecall], which inherits the ability 670 to utilize test call functionality from Section 15 of [RFC6881]. 672 A service URN starting with "test." indicates a request for an 673 automated test. Per [I-D.ietf-ecrit-ecall], 674 "urn:service:test.sos.ecall.automatic" indicates such a test feature. 675 This functionality is defined in [RFC6881]. 677 Note that since test calls are placed using "test" as the parent 678 service URN and "sos" as a child, such calls are not treated as an 679 emergency call and so some functionality will not apply (such as 680 preemption or service availability for devices lacking service ("non- 681 service-initialized" or "NSI") if those are available for emergency 682 calls); this is by design. MNOs may recognize test calls and treat 683 them in a way that tests as much functionality as desired, but this 684 is outside the scope of this document. 686 10. Example 688 Figure 7 shows an emergency call placed by a vehicle whereby location 689 information and VEDS crash data are both attached to the SIP INVITE 690 message. The INVITE has a request URI containing the 691 'urn:service:sos.ecall.automatic' service URN and is thus recognized 692 as an ACN type of emergency call, and is also recognized as a type of 693 emergency call because the request URI starts with 'urn:service:sos'. 694 The mobile network operator (MNO) routes the call to an Emergency 695 services IP Network (ESInet), as for any emergency call. The ESInet 696 processes the call as an ACN and routes the call to an appropriate 697 ACN-capable PSAP (using location information and the fact that that 698 it is an ACN). (In deployments where there is no ESInet, the MNO 699 itself needs to route directly to an appropriate ACN-capable PSAP.) 700 The call is processed by the Emergency Services Routing Proxy (ESRP), 701 as the entry point to the ESInet. The ESRP routes the call to an 702 appropriate ACN-capable PSAP, where the call is received by a call 703 taker. 705 +---------------------------------------+ 706 | | 707 +------------+ | +-------+ | 708 | | | | PSAP2 | | 709 | | | +-------+ | 710 | Originating| | | 711 | Mobile | | +------+ +-------+ | 712 Vehicle-->| Network |--+->| ESRP |---->| PSAP1 |--> Call-Taker | 713 | | | +------+ +-------+ | 714 | | | | 715 +------------+ | +-------+ | 716 | | PSAP3 | | 717 | +-------+ | 718 | | 719 | | 720 | | 721 | ESInet | 722 +---------------------------------------+ 724 Figure 7: Example of Vehicle-Placed Emergency Call Message Flow 726 The example, shown in Figure 8, illustrates a SIP emergency call 727 INVITE that is being conveyed with location information (a PIDF-LO) 728 and crash data (as VEDS data). 730 INVITE urn:service:sos.ecall.automatic SIP/2.0 731 To: urn:service:sos.ecall.automatic 732 From: ;tag=9fxced76sl 733 Call-ID: 3848276298220188511@atlanta.example.com 734 Geolocation: 735 Geolocation-Routing: no 736 Call-Info: cid:1234567890@atlanta.example.com; 737 purpose=EmergencyCallData.VEDS 738 Accept: application/sdp, application/pidf+xml 739 CSeq: 31862 INVITE 740 Content-Type: multipart/mixed; boundary=boundary1 741 Content-Length: ... 743 --boundary1 745 Content-Type: application/sdp 747 ...Session Description Protocol (SDP) goes here 749 --boundary1 751 Content-Type: application/pidf+xml 752 Content-ID: 753 754 762 763 764 765 766 -34.407 150.883 767 768 769 278 770 771 772 773 774 gps 775 776 2012-04-5T10:18:29Z 777 1M8GDM9A_KP042788 778 779 781 --boundary1 783 Content-Type: application/EmergencyCallData.VEDS+xml 784 Content-ID: 1234567890@atlanta.example.com 786 ...VEDS data object goes here 788 --boundary1-- 790 Figure 8: SIP INVITE indicating a Vehicule-Initated Emergency Call 792 11. Security Considerations 794 This document does not raise security considerations beyond those 795 described in [RFC5069]. As with emergency service systems with end 796 host provided location information there is the possibility that that 797 location is incorrect, either intentially (in case of an a denial of 798 service attack against the emergency services infrastructure) or due 799 to a malfunctioning device. The reader is referred to 801 [I-D.ietf-ecrit-trustworthy-location] for a discussion of some of 802 these vulnerabilities. 804 12. IANA Considerations 806 12.1. MIME Content-type Registration for 'application/ 807 EmergencyCall.VEDS+xml' 809 This specification requests the registration of a new MIME type 810 according to the procedures of RFC 4288 [RFC4288] and guidelines in 811 RFC 3023 [RFC3023]. 813 MIME media type name: application 815 MIME subtype name: EmergencyCallData.VEDS+xml 817 Mandatory parameters: none 819 Optional parameters: charset 821 Indicates the character encoding of enclosed XML. 823 Encoding considerations: Uses XML, which can employ 8-bit 824 characters, depending on the character encoding used. See 825 Section 3.2 of RFC 3023 [RFC3023]. 827 Security considerations: This content type is designed to carry 828 vehicle crash data during an emergency call. This data may 829 contains personal information including vehicle VIN, location, 830 direction, etc. appropriate precautions need to be taken to limit 831 unauthorized access, inappropriate disclosure to third parties, 832 and eavesdropping of this information. Please refer to Section 7 833 and Section 8 of [I-D.ietf-ecrit-additional-data] for more 834 information. 836 Interoperability considerations: None 838 Published specification: [VEDS] 840 Applications which use this media type: Emergency Services 842 Additional information: None 844 Magic Number: None 846 File Extension: .xml 848 Macintosh file type code: 'TEXT' 849 Person and email address for further information: Hannes 850 Tschofenig, Hannes.Tschofenig@gmx.net 852 Intended usage: LIMITED USE 854 Author: This specification is a work item of the IETF ECRIT 855 working group, with mailing list address . 857 Change controller: The IESG 859 12.2. Registration of the 'VEDS' entry in the Emergency Call Additional 860 Data registry 862 This specification requests IANA to add the 'VEDS' entry to the 863 Emergency Call Additional Data registry, with a reference to this 864 document. The Emergency Call Additional Data registry has been 865 established by [I-D.ietf-ecrit-additional-data]. 867 13. Contributors 869 We would like to thank Ulrich Dietz for his help with earlier 870 versions of the original version of this document. 872 14. Acknowledgements 874 We would like to thank Michael Montag, Arnoud van Wijk, Ban Al-Bakri, 875 and Gunnar Hellstrom for their feedback. 877 15. Changes from Previous Versions 879 15.1. Changes from draft-ietf-01 to draft-ietf-02 881 o This document now refers to [I-D.ietf-ecrit-ecall] for technical 882 aspects including the service URN; this document no longer 883 proposes a unique service URN for non-eCall NG-ACN calls; the same 884 service URN is now used for all NG-ACN calls including NG-eCall 885 and non-eCall 886 o Added discussion of an NG-ACN call placed to a PSAP that doesn't 887 support it 888 o Minor wording improvements and clarifications 890 15.2. Changes from draft-ietf-00 to draft-ietf-01 892 o Added further discussion of test calls 893 o Added further clarification to the document scope 894 o Mentioned that multi-region vehicles may need to support other 895 crash notification specifications such as eCall 896 o Minor wording improvements and clarifications 898 15.3. Changes from draft-gellens-02 to draft-ietf-00 900 o Renamed from draft-gellens- to draft-ietf- 901 o Added text to Introduction to clarify that during a CS ACN, the 902 PSAP call taker usually needs to listen to the data and transcribe 903 it 905 15.4. Changes from draft-gellens-01 to -02 907 o Fixed case of 'EmergencyCallData', in accordance with changes to 908 [I-D.ietf-ecrit-additional-data] 910 15.5. Changes from draft-gellens-00 to -01 912 o Now using 'EmergencyCallData' for purpose parameter values and 913 MIME subtypes, in accordance with changes to 914 [I-D.ietf-ecrit-additional-data] 915 o Added reference to RFC 6443 916 o Fixed bug that caused Figure captions to not appear 918 16. References 920 16.1. Normative References 922 [I-D.ietf-ecrit-additional-data] 923 Randy, R., Rosen, B., Tschofenig, H., Marshall, R., and J. 924 Winterbottom, "Additional Data related to an Emergency 925 Call", draft-ietf-ecrit-additional-data-24 (work in 926 progress), October 2014. 928 [I-D.ietf-ecrit-ecall] 929 Gellens, R. and H. Tschofenig, "Next-Generation Pan- 930 European eCall", draft-ietf-ecrit-ecall (work in 931 progress), March 2015. 933 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 934 Requirement Levels", BCP 14, RFC 2119, March 1997. 936 [RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media 937 Types", RFC 3023, January 2001. 939 [RFC4119] Peterson, J., "A Presence-based GEOPRIV Location Object 940 Format", RFC 4119, December 2005. 942 [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and 943 Registration Procedures", RFC 4288, December 2005. 945 [RFC5031] Schulzrinne, H., "A Uniform Resource Name (URN) for 946 Emergency and Other Well-Known Services", RFC 5031, 947 January 2008. 949 [RFC5491] Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV 950 Presence Information Data Format Location Object (PIDF-LO) 951 Usage Clarification, Considerations, and Recommendations", 952 RFC 5491, March 2009. 954 [RFC5962] Schulzrinne, H., Singh, V., Tschofenig, H., and M. 955 Thomson, "Dynamic Extensions to the Presence Information 956 Data Format Location Object (PIDF-LO)", RFC 5962, 957 September 2010. 959 [RFC6443] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, 960 "Framework for Emergency Calling Using Internet 961 Multimedia", RFC 6443, December 2011. 963 [RFC6881] Rosen, B. and J. Polk, "Best Current Practice for 964 Communications Services in Support of Emergency Calling", 965 BCP 181, RFC 6881, March 2013. 967 [VEDS] "Vehicular Emergency Data Set (VEDS) version 3", July 968 2012, . 971 16.2. Informative references 973 [I-D.ietf-ecrit-trustworthy-location] 974 Tschofenig, H., Schulzrinne, H., and B. Aboba, 975 "Trustworthy Location", draft-ietf-ecrit-trustworthy- 976 location-14 (work in progress), July 2014. 978 [RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for 979 Emergency Context Resolution with Internet Technologies", 980 RFC 5012, January 2008. 982 [RFC5069] Taylor, T., Tschofenig, H., Schulzrinne, H., and M. 983 Shanmugam, "Security Threats and Requirements for 984 Emergency Call Marking and Mapping", RFC 5069, January 985 2008. 987 Authors' Addresses 988 Randall Gellens 989 Qualcomm Technologies, Inc 990 5775 Morehouse Drive 991 San Diego 92651 992 US 994 Email: rg+ietf@qti.qualcomm.com 996 Brian Rosen 997 NeuStar, Inc. 998 470 Conrad Dr 999 Mars, PA 16046 1000 US 1002 Email: br@brianrosen.net 1004 Hannes Tschofenig 1006 Email: Hannes.Tschofenig@gmx.net 1007 URI: http://www.tschofenig.priv.at