idnits 2.17.1 draft-ietf-geopriv-lis-discovery-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 15. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 898. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 909. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 916. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 922. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 2 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 30, 2008) is 5658 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) == Outdated reference: A later version (-10) exists of draft-ietf-geopriv-l7-lcp-ps-08 == Outdated reference: A later version (-16) exists of draft-ietf-geopriv-http-location-delivery-10 == Outdated reference: A later version (-07) exists of draft-cheshire-nat-pmp-03 Summary: 2 errors (**), 0 flaws (~~), 7 warnings (==), 8 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 GEOPRIV M. Thomson 3 Internet-Draft J. Winterbottom 4 Intended status: Standards Track Andrew 5 Expires: May 3, 2009 October 30, 2008 7 Discovering the Local Location Information Server (LIS) 8 draft-ietf-geopriv-lis-discovery-04 10 Status of this Memo 12 By submitting this Internet-Draft, each author represents that any 13 applicable patent or other IPR claims of which he or she is aware 14 have been or will be disclosed, and any of which he or she becomes 15 aware will be disclosed, in accordance with Section 6 of BCP 79. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt. 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html. 33 This Internet-Draft will expire on May 3, 2009. 35 Abstract 37 A method is described for the discovery of a Location Information 38 Server. The method uses a Dynamic Host Configuration Protocol (DHCP) 39 option. DHCP options are defined for both IPv4 and IPv6 DHCP. A 40 URI-enabled NAPTR (U-NAPTR) method is described for use where the 41 DHCP option is unsuccessful. This document defines a U-NAPTR 42 Application Service for a LIS, with a specific Application Protocol 43 for the HTTP Enabled Location Delivery (HELD) protocol. 45 Table of Contents 47 1. Introduction and Overview . . . . . . . . . . . . . . . . . . 3 48 1.1. DHCP Discovery . . . . . . . . . . . . . . . . . . . . . . 3 49 1.2. U-NAPTR Discovery . . . . . . . . . . . . . . . . . . . . 3 50 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 51 2. LIS Discovery Using DHCP . . . . . . . . . . . . . . . . . . . 5 52 2.1. DHCPv4 Option for a LIS Address . . . . . . . . . . . . . 5 53 2.2. DHCPv6 Option for a LIS Address . . . . . . . . . . . . . 5 54 3. U-NAPTR for LIS Discovery . . . . . . . . . . . . . . . . . . 7 55 4. Determining the Access Network Domain Name . . . . . . . . . . 8 56 4.1. DHCP Domain Name Option . . . . . . . . . . . . . . . . . 8 57 4.2. Reverse DNS . . . . . . . . . . . . . . . . . . . . . . . 8 58 4.2.1. Determining an External IP Address using STUN . . . . 9 59 4.2.2. Alternate Methods for External IP Addresses . . . . . 10 60 5. Overall Discovery Procedure . . . . . . . . . . . . . . . . . 12 61 5.1. Virtual Private Networks (VPNs) . . . . . . . . . . . . . 13 62 6. Access Network Guidance . . . . . . . . . . . . . . . . . . . 14 63 7. Security Considerations . . . . . . . . . . . . . . . . . . . 16 64 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 65 8.1. Registration of DHCPv4 and DHCPv6 Option Codes . . . . . . 17 66 8.2. Registration of a Location Server Application Service 67 Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 68 8.3. Registration of a Location Server Application Protocol 69 Tag for HELD . . . . . . . . . . . . . . . . . . . . . . . 17 70 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 19 71 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 72 10.1. Normative References . . . . . . . . . . . . . . . . . . . 20 73 10.2. Informative References . . . . . . . . . . . . . . . . . . 20 74 Appendix A. Residential Broadband LIS Discovery Example . . . . . 22 75 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 25 76 Intellectual Property and Copyright Statements . . . . . . . . . . 26 78 1. Introduction and Overview 80 Discovering a Location Information Server (LIS) is an important part 81 of the location acquisition process. The LIS is an access network 82 service that needs to be discovered before it can be used. This 83 document describes a method that a host can use to discover a URI for 84 a LIS. 86 The product of a discovery process, such as the one described in this 87 document, is the address of the service. In this document, the 88 result is an http: or https: URI, which identifies a LIS. 90 The URI result from the discovery process is suitable for location 91 configuration only; that is, the client MUST dereference the URI 92 using the process described in HELD 93 [I-D.ietf-geopriv-http-location-delivery]. URIs discovered in this 94 way are not "location by reference" URIs; dereferencing one of them 95 provides the location of the requester only. Clients MUST NOT embed 96 these URIs in fields in other protocols designed to carry the 97 location of the client. 99 The discovery process requires that the host first attempt LIS 100 discovery using Dynamic Host Configuration protocol (DHCP). If DHCP 101 is not available, or the option is not supported by the network, the 102 host attempts to discover the LIS using the DNS and URI-enabled 103 Naming Authority Pointer (U-NAPTR). Finally, the host can rely on 104 proprietary methods for determining the address of the LIS, including 105 static configuration. 107 1.1. DHCP Discovery 109 DHCP ([RFC2131], [RFC3315]) is a commonly used mechanism for 110 providing bootstrap configuration information allowing a host to 111 operate in a specific network environment. The bulk of DHCP 112 information is largely static; consisting of configuration 113 information that does not change over the period that the host is 114 attached to the network. Physical location information might change 115 over this time, however the address of the LIS does not. Thus, DHCP 116 is suitable for configuring a host with the address of a LIS. 118 1.2. U-NAPTR Discovery 120 Where DHCP is not available, the DNS might be able to provide a URI. 121 This document describes a method that uses URI-enabled NAPTR 122 (U-NAPTR) [RFC4848], a Dynamic Delegation Discovery Service (DDDS) 123 profile that supports URI results. 125 For the LIS discovery DDDS application, an Application Service tag 126 "LIS" and an Application Protocol tag "HELD" are created and 127 registered with the IANA. Taking a domain name, this U-NAPTR 128 application uses the two tags to determine the LIS URI. 130 A domain name is the crucial input to the U-NAPTR resolution process. 131 Section 4 of this document describes several methods for deriving an 132 appropriate domain name. 134 1.3. Terminology 136 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 137 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 138 document are to be interpreted as described in [RFC2119]. 140 This document also uses the term "host" to refer to an end host, 141 consistent with its use in DHCP documents. In RFC3693 [RFC3693] 142 parlance, the host is the Device, which might also be the Target. 144 The terms "access network" refers to the network that a host connects 145 to for Internet access. The "access network provider" is the entity 146 that operates the access network. This is consistent with the 147 definition in [I-D.ietf-geopriv-l7-lcp-ps] which combines the 148 Internet Access Provider (IAP) and Internet Service Provider (ISP). 149 The access network provider is responsible for allocating the host a 150 public IP address and for directly or indirectly providing a LIS 151 service. 153 2. LIS Discovery Using DHCP 155 DHCP allows the access network provider to specify the address of a 156 LIS as part of network configuration. If the host is able to acquire 157 a LIS URI using DHCP then this URI is used directly; the U-NAPTR 158 process is not necessary if this option is provided. 160 This document registers DHCP options for a LIS address for both IPv4 161 and IPv6. 163 2.1. DHCPv4 Option for a LIS Address 165 This section defines a DHCP for IPv4 (DHCPv4) option for the address 166 of a LIS. 168 0 1 2 3 169 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 170 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 171 | LIS_URI | Length | URI ... . 172 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 173 | URI ... 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 176 Figure 1: DHCPv4 LIS URI Option 178 LIS_URI: The IANA assigned option number (TBD). 180 Length: The length of the URI in octets. 182 URI: The address of the LIS. This URI SHOULD NOT be more than 253 183 bytes in length, but MAY be extended by concatenating multiple 184 option values, as described in [RFC3396]. The URI MUST NOT be 185 NULL terminated. 187 2.2. DHCPv6 Option for a LIS Address 189 This section defines a DHCP for IPv6 (DHCPv6) option for the address 190 of a LIS. The DHCPv6 option for this parameter is similarly 191 formatted to the DHCPv4 option. 193 0 1 2 3 194 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 195 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 196 | OPTION_LIS_URI | Length | 197 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 198 | URI ... 199 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 200 Figure 2: DHCPv6 LIS URI Option 202 OPTION_LIS_URI: The IANA assigned option number (TBD). 204 Length: The length of the URI in octets. 206 URI: The address of the LIS. The URI MUST NOT be NULL terminated. 208 3. U-NAPTR for LIS Discovery 210 U-NAPTR resolution for a LIS takes a domain name as input and 211 produces a URI that identifies the LIS. This process also requires 212 an Application Service tag and an Application Protocol tag, which 213 differentiate LIS-related NAPTR records from other records for that 214 domain. 216 Section 8.2 defines an Application Service tag of "LIS", which is 217 used to identify the location service for a particular domain. The 218 Application Protocol tag "HELD", defined in Section 8.3, is used to 219 identify a LIS that understands the HELD protocol 220 [I-D.ietf-geopriv-http-location-delivery]. 222 The NAPTR records in the following example demonstrate the use of the 223 Application Service and Protocol tags. Iterative NAPTR resolution is 224 used to delegate responsibility for the LIS service from 225 "zonea.example.com." and "zoneb.example.com." to 226 "outsource.example.com.". 228 zonea.example.com. 229 ;; order pref flags 230 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 231 "" ; regex 232 outsource.example.com. ; replacement 233 ) 234 zoneb.example.com. 235 ;; order pref flags 236 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 237 "" ; regex 238 outsource.example.com. ; replacement 239 ) 240 outsource.example.com. 241 ;; order pref flags 242 IN NAPTR 100 10 "u" "LIS:HELD" ( ; service 243 "!*.!https://lis.outsource.example.com/!" ; regex 244 . ; replacement 245 ) 247 Figure 3: Sample LIS:HELD Service NAPTR Records 249 Details for the "LIS" Application Service tag and the "HELD" 250 Application Protocol tag are included in Section 8. 252 4. Determining the Access Network Domain Name 254 The U-NAPTR discovery method described in Section 3 requires that the 255 domain name applicable to the access network is known. An 256 unconfigured host might not have this information, therefore it must 257 determine this value before the U-NAPTR method can be attempted. 259 This section describes several methods for discovering a domain name 260 for the local access network. Each method is attempted where 261 applicable until a domain name is derived. If a domain name is 262 successfully derived but that domain name does not produce any 263 U-NAPTR records, alternative methods can be attempted to determine 264 additional domain names. Reattempting with different methods is 265 particularly applicable when NAT is used, as is shown in 266 Section 4.2.1. 268 4.1. DHCP Domain Name Option 270 For IP version 4, Dynamic Host Configuration Protocol (DHCP) option 271 15 [RFC2131] includes the domain name suffix for the host. If DHCP 272 and option 15 are available, this value should be used as input the 273 U-NAPTR procedure. 275 Alternatively, a fully qualified domain name (FQDN) for the host 276 might be provided by the server ([RFC4702] for DHCPv4, [RFC4704] for 277 DHCPv6). The domain part of the FQDN can be used as input to the 278 U-NAPTR resolution and is obtained by removing the first label. If 279 the host has provided a fully qualified domain name using this 280 option, it SHOULD NOT be used - the domain known to the host might 281 not be the same as that of the access network. 283 Note that these options should only be used if the LIS address option 284 is not available; they SHOULD be used if DHCP is available. 286 4.2. Reverse DNS 288 DNS "PTR" records in the "in-addr.arpa." domain can be used to 289 determine the domain name of a host, and therefore, the name of the 290 domain for that host. The use of the "in-addr.arpa." domain is 291 described in [RFC1034] and results in the domain name of the host. 292 Likewise, IPv6 hosts use the "ip6.arpa." domain. In the majority of 293 cases, the domain part of this name (everything excluding the first 294 label) is also the domain name for the access network. Assuming that 295 this is true, this domain name can be used as input to the U-NAPTR 296 process. 298 For example, for an address of "192.0.2.3", if the "PTR" record at 299 "3.2.0.192.in-addr.arpa." refers to "h3-2-0-192.example.com.", this 300 results in a U-NAPTR search for "example.com." 302 The DNS hierarchy does not necessarily directly map onto a network 303 topology (see [RFC4367]); therefore, this method MUST only be used 304 for the domain name determined by removing the first label only. 305 This method assumes that the access network provider also provides 306 the reverse DNS record and they control the domain that is indicated 307 in the "PTR" record. 309 Furthermore, this method might not apply where a host is given a 310 domain name that is different from the domain name of the access 311 network. This might occur in some hosting configurations, such as 312 where a number of web server hosts, with widely varying domain names, 313 are co-located. From the above example, the access network provider 314 allocated "10.1.2.3" to the host; therefore, they also need to 315 control the DNS domain "example.com" and the associated NAPTR 316 records. DNS Security Extensions (DNSSEC) [RFC4033] provides a 317 cryptographic means of validating this association, through data 318 origin authentication. 320 4.2.1. Determining an External IP Address using STUN 322 Reverse DNS relies on knowing the IP address of a host within the 323 access domain. Initially, this SHOULD be attempted using the IP 324 address that is assigned to a local interface on the host. However, 325 when a NAT device exists between the device and the Internet, the 326 public IP address of the NAT device is substituted for the source IP 327 address. The IP address of the NAT device and the corresponding 328 domain name can be used to discover the LIS. 330 In order to use reverse DNS in this configuration, the hosts need to 331 know the IP address that the NAT device uses. A host can use the 332 Session Traversal Utilities for NAT (STUN) 333 [I-D.ietf-behave-rfc3489bis] to determine a public IP address. The 334 host uses the "Binding Request" message and the resulting 335 "XOR-MAPPED-ADDRESS" parameter that is returned in the response. 337 These methods are particularly useful in residential broadband 338 configurations. A large proportion of residential broadband services 339 employ a NAT device so that several hosts can share the same Internet 340 access. Since the network behind the NAT device are generally very 341 small, both in numbers and geographical area, it isn't necessary for 342 a LIS to operate within that network; the hosts are able to access a 343 LIS in the access network outside of the NAT device. 345 The following figure shows a typical home broadband deployment 346 scenario. In this scenario, the public address of the Router/NAT can 347 be used to discover the LIS in the access network. 349 +-----+ 350 | LIS | 351 +--+--+ 352 / ________ 353 +------+ +------------+ / (/ \) +------+ 354 | Host |-----| Router/NAT |----+----(( Internet ))----| STUN | 355 +------+ ^ +------------+ ^ (\________/) +------+ 356 | | 357 Home Network Access Network 358 (Private) 360 Using STUN requires cooperation from a publicly accessible STUN 361 server. The host also requires configuration information that 362 identifies the STUN server, or a domain name that can be used for 363 STUN server discovery. To be selected for this purpose, the STUN 364 server needs to provide the public reflexive transport address of the 365 host; STUN servers that provide private addresses for any reason are 366 not appropriate for LIS discovery. 368 4.2.2. Alternate Methods for External IP Addresses 370 Alternative methods for determining other IP addresses MAY be used by 371 the host. Universal Plug and Play (UPnP) [UPnP-IGD-WANIPConnection1] 372 and NAT Port Mapping Protocol (NAT-PMP) [I-D.cheshire-nat-pmp] are 373 both able to provide the external address of a routing device. 374 Proprietary methods for determining other addresses might also be 375 available. Because there is no assurance that these methods will be 376 supported by any access network these methods are not mandated. 378 The source IP address in any IP packet can be used to determine the 379 public IP address of a host. While the STUN method uses a small part 380 of a more sophisticated protocol, this principle can be applied using 381 any other protocol. Like STUN, this method requires prior knowledge 382 of the publicly accessible server and the method that it supports. 384 For instance, a publicly accessible host could be configured to 385 respond to a UDP packet on a predefined port; the data of the 386 response could contain the source IP address that was in the request. 387 Alternatively, a HTTP server at a particular URL could be configured 388 to respond to a GET request with a "text/plain" body containing the 389 IP address of the requester. HTTP proxies render this method 390 unusable; in particular, transparent HTTP proxies might affect the 391 results of this method without the knowledge of the host. Such 392 services already exist on the public Internet. 394 The discovery procedure assumes that the correct LIS is in a network 395 segment that is closer to the host. Each network segment between the 396 host and LIS decreases the chance that the LIS is able to correctly 397 determine a location for the host. 399 Discovery methods follow an order of precedence. The exception is 400 for alternative methods of determining the hosts IP address in each 401 network segment; precedence is given to addresses in the network 402 segments closer to the host. Therefore, the host attempts to use the 403 IP address assigned to its local network interface before attempting 404 to determine alternative IP addresses. Precedence is given to 405 methods that provide an IP address in network segments closer to the 406 host, since these networks are more likely to have knowledge of the 407 physical network access. Methods for determining addresses on the 408 public Internet are given lower precedence. 410 5. Overall Discovery Procedure 412 To claim compliance with this document, a host MUST support both DHCP 413 discovery and U-NAPTR discovery. Further, the host MUST support 414 retrieval of domain name from DHCP and reverse DNS, using a local 415 interface address and the reflexive transport address provided by 416 STUN. Additional methods for determining the IP address of the host 417 in different network segments are optional. 419 These individual components of discovery are combined into a single 420 discovery procedure. Some networks maintain a topology analogous to 421 an onion and are comprised of layers, or segments, separating hosts 422 from the Internet through intermediate networks. Applying the 423 individual discovery methods in the following order provides a higher 424 probability that a host discovers the LIS physically closest to it: 426 1. DHCP LIS URI Option 428 2. DNS U-NAPTR Discovery, using the domain name from: 430 A. DHCP Domain Name Option 432 B. Reverse DNS, using the IP address from: 434 1. the local network interface and immediate network segment 436 2. the public reflexive transport address, as revealed by 437 STUN 439 3. Alternative methods, including static configuration 441 A host that has multiple network interfaces could potentially be 442 served by a different access network on each interface, each with a 443 different LIS. The host SHOULD attempt to discover the LIS 444 applicable to each network interface, stopping when a LIS is 445 successfully discovered on any interface. 447 A host that discovers a LIS URI MUST attempt to verify that the LIS 448 is able to provide location information. For the HELD protocol, the 449 host MUST make a location request to the LIS. If the LIS responds to 450 this request with the "notLocatable" error code (see Section 4.3.2 of 451 [I-D.ietf-geopriv-http-location-delivery]), the host MUST continue 452 the discovery process and not make further requests to that LIS on 453 that network interface. 455 DHCP discovery MUST be attempted before DNS discovery. This allows 456 the network access provider a direct and explicit means of 457 configuring a LIS address. DNS discovery is used as a failsafe, 458 providing a means to discover a LIS where the DHCP infrastructure 459 does not support the LIS URI option. 461 LIS discovery through DNS requires the host to determine the domain 462 name of the local access network. Where DHCP is available, the DHCP 463 domain name option (Section 4.1) can be used to provide this 464 information. If the domain name cannot be determined from DHCP, or 465 the resulting domain name fails to yield a valid LIS address then 466 reverse DNS is used. Alternative methods for determining the domain 467 name MAY be used, providing they consider the guidance in 468 Section 4.2.2. 470 Static host configuration MAY be used to provide a LIS address if 471 both DHCP and DNS methods fail. Note however, that if a host has 472 moved from its customary location, static configuration might 473 indicate a LIS that is unable to provide a location. 475 If the discovery process fails, user interaction is NOT RECOMMENDED. 476 The discovery process is not easily diagnosed by a user. 478 The product of the LIS discovery process is an http: or https: URI. 479 Nothing distinguishes this URI from other URIs with the same scheme, 480 aside from the fact that it is the product of this process. Only 481 URIs produced by the discovery process can be used for location 482 configuration using HELD. URIs that are not a product of LIS 483 discovery MUST NOT be used for location configuration. 485 5.1. Virtual Private Networks (VPNs) 487 LIS discovery over a VPN network interface SHOULD NOT be performed 488 since such a LIS does not have the physical presence generally 489 necessary to determine location. However, since not all interfaces 490 connected to a VPN can be detected by hosts, a LIS SHOULD NOT provide 491 location information in response to requests originating from a VPN 492 pool. This ensures that even if a host discovers a LIS over the VPN, 493 it does not rely on a LIS that is unable to provide accurate location 494 information. The exception to this is where the LIS and host are 495 able to determine a location without access network support. 497 6. Access Network Guidance 499 In order to successfully discover a LIS, a host relies on information 500 provided by the access network. DHCP and DNS servers need to be able 501 to provide the data that the device depends on. This section 502 provides guidance on what information needs to be made available to a 503 host for it to successfully discover a LIS. 505 Access networks that provide both a LIS and a DHCP server must 506 provide the DHCP option for the LIS address. Since DHCP must be 507 attempted first, if it can be guaranteed that DHCP can be used by all 508 hosts in the network, no further configuration is necessary. 510 Unless DHCP can be relied upon for all hosts in the network (see 511 [I-D.ietf-geopriv-l7-lcp-ps] for common scenarios where this isn't 512 the case), DNS discovery methods must also be supported. To support 513 the DNS discovery methods, the access network must provide two sets 514 of DNS records: the (U-)NAPTR records that enable the discovery of a 515 LIS URI from a domain name; and the reverse DNS records that enable 516 the discovery of a domain name based on the IP address of the host. 518 Access networks that provide a LIS should also provide reverse DNS 519 records for all IP addresses they administer. For each domain that 520 is referenced in reverse DNS records, a NAPTR record in that domain 521 must be provided for the "LIS:HELD" service that can be used to 522 resolve the address of a LIS. 524 The requirement for PTR and NAPTR records extends to both public and 525 private addresses used by access networks. A host that discovers the 526 external address of a router by proprietary means must be able to use 527 the resulting private address as input to a reverse DNS lookup and 528 U-NAPTR discovery. Similarly, a host that discovers a public 529 reflexive transport address using STUN must be able to use the public 530 address. 532 The following figure shows the addresses that could be revealed by a 533 first hop method, like UPnP [UPnP-IGD-WANIPConnection1] or NAT-PMP 534 [I-D.cheshire-nat-pmp] (the private address marked with '{N}') and 535 STUN (the public address marked with '{S}'). The access network 536 provider should provide the necessary DNS records for both of these 537 addresses. 539 +-----+ +------+ 540 | LIS | | STUN | 541 +--+--+ +---+--+ 542 {N} / {S} _____/__ 543 +------+ +------------+ / / +-----+ / (/ \) 544 | Host |-----| Router/NAT |----+----| NAT |----(( Internet )) 545 +------+ ^ +------------+ ^ +-----+ (\________/) 546 | | 547 Home Network Access Network 548 (Private) (Private) 550 Note: The DHCP domain name option is notably absent from this 551 guidance. The domain name option provides a quicker and more 552 reliable means to discover the domain name in the case where a 553 DHCP server does not support the LIS URI option. If DHCP is 554 available, it is expected that access network providers use the 555 LIS URI option. 557 7. Security Considerations 559 The primary attack against the methods described in this document is 560 one that would lead to impersonation of a LIS. The LIS is 561 responsible for providing location information and this information 562 is critical to a number of network services; furthermore, a host does 563 not necessarily have a prior relationship with a LIS. Several 564 methods are described here that can limit the probablity of, or 565 provide some protection against, such an attack. 567 The address of a LIS is usually well-known within an access network; 568 therefore, interception of messages does not introduce any specific 569 concerns. 571 If DHCP is used, the integrity of DHCP options is limited by the 572 security of the channel over which they are provided. Physical 573 security and separation of DHCP messages from other packets are 574 commonplace methods that can reduce the possibility of attack within 575 an access network; alternatively, DHCP authentication [RFC3118] can 576 provide a degree of protection against modification. 578 An attacker could attempt to compromise the U-NAPTR resolution. A 579 description of the security considerations for U-NAPTR applications 580 is included in [RFC4848]. 582 In addition to considerations related to U-NAPTR, it is important to 583 recognize that the output of this is entirely dependent on its input. 584 An attacker who can control the domain name can also control the 585 final URI. Because a number of methods are provided for determining 586 the domain name, a host implementation needs to consider attacks 587 against each of the methods that are used. 589 Reverse DNS is subject to the maintenance of the "in-addr.arpa." or 590 "ip6.arpa." domain and the integrity of the results that it provides. 591 DNSSEC [RFC4033] provides some measures that can improve the 592 reliability of DNS results. In particular, DNSSEC SHOULD be applied 593 to ensure that the reverse DNS record and the resulting domain are 594 provided by the same entity before this method is used. Without this 595 assurance, the host cannot be certain that the access network 596 provider has provided the NAPTR record for the domain name that is 597 provided. 599 Hosts behind NAT devices are also subject to attacks when retrieving 600 their public IP address. [I-D.ietf-behave-rfc3489bis] describes some 601 means of mitigating this attack for STUN. 603 8. IANA Considerations 605 8.1. Registration of DHCPv4 and DHCPv6 Option Codes 607 The IANA is requested to assign an option code for the DHCPv4 option 608 for a LIS address, as described in Section 2.1 of this document. 610 The IANA is requested to assign an option code for the DHCPv6 option 611 for a LIS address, as described in Section 2.2 of this document. 613 8.2. Registration of a Location Server Application Service Tag 615 This section registers a new S-NAPTR/U-NAPTR Application Service tag 616 for a LIS, as mandated by [RFC3958]. 618 Application Service Tag: LIS 620 Intended usage: Identifies a service that provides a host with its 621 location information. 623 Defining publication: RFCXXXX 625 Related publications: HELD [I-D.ietf-geopriv-http-location-delivery] 627 Contact information: The authors of this document 629 Author/Change controller: The IESG 631 8.3. Registration of a Location Server Application Protocol Tag for 632 HELD 634 This section registers a new S-NAPTR/U-NAPTR Application Protocol tag 635 for the HELD [I-D.ietf-geopriv-http-location-delivery] protocol, as 636 mandated by [RFC3958]. 638 Application Service Tag: HELD 640 Intended Usage: Identifies the HELD protocol. 642 Applicable Service Tag(s): LIS 644 Terminal NAPTR Record Type(s): U 646 Defining Publication: RFCXXXX 647 Related Publications: HELD [I-D.ietf-geopriv-http-location-delivery] 649 Contact Information: The authors of this document 651 Author/Change Controller: The IESG 653 9. Acknowledgements 655 The authors would like to thank Leslie Daigle for her work on 656 U-NAPTR; Peter Koch for his feedback on the DNS aspects of this 657 document; Andy Newton for constructive suggestions with regards to 658 document direction; Hannes Tschofenig and Richard Barnes for input 659 and reviews; Dean Willis for constructive feedback. 661 10. References 663 10.1. Normative References 665 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 666 STD 13, RFC 1034, November 1987. 668 [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", 669 RFC 2131, March 1997. 671 [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., 672 and M. Carney, "Dynamic Host Configuration Protocol for 673 IPv6 (DHCPv6)", RFC 3315, July 2003. 675 [RFC3396] Lemon, T. and S. Cheshire, "Encoding Long Options in the 676 Dynamic Host Configuration Protocol (DHCPv4)", RFC 3396, 677 November 2002. 679 [RFC4702] Stapp, M., Volz, B., and Y. Rekhter, "The Dynamic Host 680 Configuration Protocol (DHCP) Client Fully Qualified 681 Domain Name (FQDN) Option", RFC 4702, October 2006. 683 [RFC4704] Volz, B., "The Dynamic Host Configuration Protocol for 684 IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN) 685 Option", RFC 4704, October 2006. 687 [RFC4848] Daigle, L., "Domain-Based Application Service Location 688 Using URIs and the Dynamic Delegation Discovery Service 689 (DDDS)", RFC 4848, April 2007. 691 [I-D.ietf-behave-rfc3489bis] 692 Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 693 "Session Traversal Utilities for NAT (STUN)", 694 draft-ietf-behave-rfc3489bis-18 (work in progress), 695 July 2008. 697 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 698 Requirement Levels", BCP 14, RFC 2119, March 1997. 700 10.2. Informative References 702 [RFC3118] Droms, R. and W. Arbaugh, "Authentication for DHCP 703 Messages", RFC 3118, June 2001. 705 [RFC3693] Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and 706 J. Polk, "Geopriv Requirements", RFC 3693, February 2004. 708 [RFC3958] Daigle, L. and A. Newton, "Domain-Based Application 709 Service Location Using SRV RRs and the Dynamic Delegation 710 Discovery Service (DDDS)", RFC 3958, January 2005. 712 [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. 713 Rose, "DNS Security Introduction and Requirements", 714 RFC 4033, March 2005. 716 [RFC4367] Rosenberg, J. and IAB, "What's in a Name: False 717 Assumptions about DNS Names", RFC 4367, February 2006. 719 [I-D.ietf-geopriv-l7-lcp-ps] 720 Tschofenig, H. and H. Schulzrinne, "GEOPRIV Layer 7 721 Location Configuration Protocol; Problem Statement and 722 Requirements", draft-ietf-geopriv-l7-lcp-ps-08 (work in 723 progress), June 2008. 725 [I-D.ietf-geopriv-http-location-delivery] 726 Barnes, M., Winterbottom, J., Thomson, M., and B. Stark, 727 "HTTP Enabled Location Delivery (HELD)", 728 draft-ietf-geopriv-http-location-delivery-10 (work in 729 progress), October 2008. 731 [UPnP-IGD-WANIPConnection1] 732 UPnP Forum, "Internet Gateway Device (IGD) Standardized 733 Device Control Protocol V 1.0: WANIPConnection:1 Service 734 Template Version 1.01 For UPnP Version 1.0", DCP 05-001, 735 Nov 2001. 737 [I-D.cheshire-nat-pmp] 738 Cheshire, S., "NAT Port Mapping Protocol (NAT-PMP)", 739 draft-cheshire-nat-pmp-03 (work in progress), April 2008. 741 Appendix A. Residential Broadband LIS Discovery Example 743 This example shows how LIS discovery using U-NAPTR and DNS might be 744 performed in a residential broadband scenario. The assumed network 745 topology for this network is shown in Figure 4. 747 +-----+ 748 | DNS | 749 (DHCP Server) +-----+ 750 \ | ________ 751 +------+ +--------+ | (/ \) 752 | Host |-----| Router |-------+---+---(( Internet )) 753 +------+ +--------+ | (\________/) 754 {192.168.0.55} {192.0.2.75} | \ 755 +-----+ \ 756 | LIS | +--------+ 757 . +-----+ . | STUN | 758 : : | Server | 759 | Access | +--------+ 760 |<-- Network -->| 761 (my.isp.net) 763 Figure 4: Example Network Topology 765 In this example, the host sits behind a home router that includes a 766 NAT function. The host is assigned an address from the private 767 192.168.x.x address range, in this case 192.168.0.55. The outbound 768 IP address provided to the home router is public and and belongs to 769 the my.isp.net domain; in this example the home router is assigned 770 192.0.2.75, which is also given the domain name 192-0-2- 771 75.my.isp.net. 773 In this example, several methods are not possible due to the 774 configuration of the devices and network. The DHCP server on the 775 home router does not support the LIS URI option, and a domain name is 776 not configured on the router. In addition to this, the UPnP service 777 on home router is disabled. Therefore, the host attempts these 778 methods and is unsuccessful. 780 The example first covers the unsuccessful attempts to discover the 781 LIS, followed by a successful application of DNS discovery based on 782 an address provided by a STUN server. In this situation, the STUN 783 server is provided by a Voice Service Provider (VSP) that the owner 784 of the host purchases a voice service from. The address of the STUN 785 server is configured on the host. The VSP is a separate entity on 786 the public Internet with no relation to the access network provider. 788 The sequence diagram below shows each of the failed attempts to 789 discover the LIS, followed by the successful discovery using the STUN 790 server, reverse DNS and the DNS discovery method. 792 +-------+ +--------+ +-----+ +-----+ +--------+ 793 | Host | | Router | | DNS | | LIS | | STUN | 794 +---+---+ +----+---+ +--+--+ +--+--+ +---+----+ 795 | | | | | 796 1 +--- DHCPINFORM -->| | | | 797 | | | | | 798 2 |<---- DHCPACK ----+ | | | 799 | | | | | 800 3 +------- DNS: PTR ------------->| | | 801 | 55.0.168.192.in-addr.arpa. | | | 802 | | | | | 803 4 |<------ DNS: no domain --------+ | | 804 | | | | | 805 5 +---------------- STUN: Binding Request --------------->| 806 | | | | | 807 6 |<-------- STUN: XOR-MAPPED-ADDRESS (192.0.2.75) -------+ 808 | | | | | 809 7 +------- DNS: PTR ------------->| | | 810 | 75.2.0.192.in-addr.arpa. | | | 811 | | | | | 812 8 |<--- 192-0-2-205.my.isp.net ---+ | | 813 | | | | | 814 9 +--- DNS: NAPTR my.isp.net ---->| | | 815 | | | | | 816 10 |<--- https://lis.my.isp.net/ --+ | | 817 | | | | | 818 11 +-------- HELD: locationRequest ----------->| | 819 | | | | | 820 . . . . . 822 Figure 5: LIS Discovery Sequence 824 1. The host makes a DHCP request for the LIS URI option. To reduce 825 the overall time required in case the LIS URI option is not 826 available, the host also requests the domain name option. 828 2. The DHCP server (in the home router) responds but cannot provide 829 either option. Therefore, the host is unable to use the DHCP 830 method, or use the domain name to perform U-NAPTR discovery. 832 3. The host then attempts reverse DNS based on its IP address 833 (192.168.0.55). The host makes a DNS PTR request for 834 "55.0.168.192.in-addr.arpa." 836 4. The DNS has no knowledge of the private network segment and so 837 indicates that there is no such domain. 839 5. The host contacts a STUN server, which is configured on the 840 host. It sends a Binding Request to the STUN server. 842 6. The STUN server responds to the Binding Request, including the 843 XOR-MAPPED-ADDRESS parameter, which reveals the IP address of 844 the home router: "192.0.2.75". 846 7. The host requests the domain name assigned to 192.0.2.75. It 847 makes a DNS PTR request to "75.2.0.192.in-addr.arpa." 849 8. The DNS server indicates that 192.0.2.75 is assigned the name 850 "192-0-2-75.my.isp.net." 852 9. The host removes the host part of the domain name and makes a 853 DNS NAPTR request for the domain "my.isp.net." 855 10. The DNS server provides all NAPTR records for the "my.isp.net." 856 domain. The host finds the record with a service tag of 857 "LIS:HELD" and retrieves the URI from the regexp field. The URI 858 of the LIS is found to be "https://lis.my.isp.net/". 860 11. The host sends a HELD "locationRequest" to the LIS. 862 Authors' Addresses 864 Martin Thomson 865 Andrew 866 PO Box U40 867 Wollongong University Campus, NSW 2500 868 AU 870 Phone: +61 2 4221 2915 871 Email: martin.thomson@andrew.com 872 URI: http://www.andrew.com/ 874 James Winterbottom 875 Andrew 876 PO Box U40 877 Wollongong University Campus, NSW 2500 878 AU 880 Phone: +61 2 4221 2938 881 Email: james.winterbottom@andrew.com 882 URI: http://www.andrew.com/ 884 Full Copyright Statement 886 Copyright (C) The IETF Trust (2008). 888 This document is subject to the rights, licenses and restrictions 889 contained in BCP 78, and except as set forth therein, the authors 890 retain all their rights. 892 This document and the information contained herein are provided on an 893 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 894 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 895 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 896 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 897 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 898 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 900 Intellectual Property 902 The IETF takes no position regarding the validity or scope of any 903 Intellectual Property Rights or other rights that might be claimed to 904 pertain to the implementation or use of the technology described in 905 this document or the extent to which any license under such rights 906 might or might not be available; nor does it represent that it has 907 made any independent effort to identify any such rights. Information 908 on the procedures with respect to rights in RFC documents can be 909 found in BCP 78 and BCP 79. 911 Copies of IPR disclosures made to the IETF Secretariat and any 912 assurances of licenses to be made available, or the result of an 913 attempt made to obtain a general license or permission for the use of 914 such proprietary rights by implementers or users of this 915 specification can be obtained from the IETF on-line IPR repository at 916 http://www.ietf.org/ipr. 918 The IETF invites any interested party to bring to its attention any 919 copyrights, patents or patent applications, or other proprietary 920 rights that may cover technology that may be required to implement 921 this standard. Please address the information to the IETF at 922 ietf-ipr@ietf.org.