idnits 2.17.1 draft-ietf-geopriv-lis-discovery-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 8, 2009) is 5283 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) == Outdated reference: A later version (-07) exists of draft-ietf-dhc-container-opt-05 == Outdated reference: A later version (-09) exists of draft-ietf-geopriv-lbyr-requirements-08 Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 GEOPRIV M. Thomson 3 Internet-Draft J. Winterbottom 4 Intended status: Standards Track Andrew 5 Expires: May 12, 2010 November 8, 2009 7 Discovering the Local Location Information Server (LIS) 8 draft-ietf-geopriv-lis-discovery-12 10 Abstract 12 Discovery of the correct Location Information Server (LIS) in the 13 local access network is necessary for devices that wish to acquire 14 location information from the network. A method is described for the 15 discovery of a LIS in the access network serving a device. Dynamic 16 Host Configuration Protocol (DHCP) options for IP versions 4 and 6 17 are defined that specify a domain name. This domain name is then 18 used as input to a URI-enabled NAPTR (U-NAPTR) resolution process. 20 Status of This Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts.txt. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 This Internet-Draft will expire on May 12, 2010. 43 Copyright Notice 45 Copyright (c) 2009 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the BSD License. 58 Table of Contents 60 1. Introduction and Overview . . . . . . . . . . . . . . . . . . 3 61 1.1. Discovery Procedure Overview . . . . . . . . . . . . . . . 3 62 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 63 2. LIS Discovery Procedure . . . . . . . . . . . . . . . . . . . 4 64 2.1. Residential Gateways . . . . . . . . . . . . . . . . . . . 5 65 2.2. Virtual Private Networks (VPNs) . . . . . . . . . . . . . 6 66 3. Access Network Domain Name DHCP Option . . . . . . . . . . . . 7 67 3.1. Domain Name Encoding . . . . . . . . . . . . . . . . . . . 7 68 3.2. Access Network Domain Name DHCPv4 Option . . . . . . . . . 7 69 3.3. Access Network Domain Name DHCPv6 Option . . . . . . . . . 8 70 4. U-NAPTR Resolution of a LIS URI . . . . . . . . . . . . . . . 9 71 4.1. Determining a Domain Name . . . . . . . . . . . . . . . . 10 72 5. Security Considerations . . . . . . . . . . . . . . . . . . . 10 73 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 74 6.1. Registration of DHCPv4 and DHCPv6 Option Codes . . . . . . 11 75 6.2. Registration of a Location Server Application Service 76 Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 77 6.3. Registration of a Location Server Application Protocol 78 Tag for HELD . . . . . . . . . . . . . . . . . . . . . . . 12 79 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 80 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 81 8.1. Normative References . . . . . . . . . . . . . . . . . . . 13 82 8.2. Informative References . . . . . . . . . . . . . . . . . . 14 84 1. Introduction and Overview 86 The location of a device is a useful and sometimes necessary part of 87 many services. A Location Information Server (LIS) is responsible 88 for providing that location information to devices with an access 89 network. The LIS uses knowledge of the access network and its 90 physical topology to generate and serve location information to 91 devices. 93 Each access network requires specific knowledge about topology. 94 Therefore, it is important to discover the LIS that has the specific 95 knowledge necessary to locate a device. That is, the LIS that serves 96 the current access network. Automatic discovery is important where 97 there is any chance of movement outside a single access network. 98 Reliance on static configuration can lead to unexpected errors if a 99 device moves between access networks. 101 This document describes a process that a device can use to discover a 102 LIS. This process uses a DHCP option and the DNS. The product of 103 this discovery process is an http: or https: URI, which identifies a 104 LIS. 106 The URI result from the discovery process is suitable for location 107 configuration only; that is, the device MUST dereference the URI 108 using the process described in HELD 109 [I-D.ietf-geopriv-http-location-delivery]. URIs discovered in this 110 way are not "location URIs" [I-D.ietf-geopriv-lbyr-requirements]; 111 dereferencing one of them provides the location of the requester 112 only. Devices MUST NOT embed these URIs in fields in other protocols 113 designed to carry the location of the device. 115 1.1. Discovery Procedure Overview 117 DHCP ([RFC2131], [RFC3315]) is a commonly used mechanism for 118 providing bootstrap configuration information allowing a device to 119 operate in a specific network environment. The bulk of DHCP 120 information is largely static; consisting of configuration 121 information that does not change over the period that the device is 122 attached to the network. Physical location information might change 123 over this time, however the address of the LIS does not. Thus, DHCP 124 is suitable for configuring a device with the address of a LIS. 126 This document defines a DHCP option that produces a domain name that 127 identifies the local access network in Section 3. 129 Section 4 describes a method that uses URI-enabled NAPTR (U-NAPTR) 130 [RFC4848], a Dynamic Delegation Discovery Service (DDDS) profile that 131 produces a URI for the LIS. The input to this process is provided by 132 the DHCP option. 134 For the LIS discovery DDDS application, an Application Service tag 135 "LIS" and an Application Protocol tag "HELD" are created and 136 registered with the IANA. Based on the domain name, this U-NAPTR 137 application uses the two tags to determine a URI for a LIS that 138 supports the HELD protocol. 140 1.2. Terminology 142 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 143 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 144 document are to be interpreted as described in [RFC2119]. 146 This document also uses the term "device" to refer to an end host, or 147 client consistent with its use in HELD. In HELD and RFC3693 148 [RFC3693] parlance, the Device is also the Target. 150 The terms "access network" refers to the network that a device 151 connects to for Internet access. The "access network provider" is 152 the entity that operates the access network. This is consistent with 153 the definition in [I-D.ietf-geopriv-l7-lcp-ps] which combines the 154 Internet Access Provider (IAP) and Internet Service Provider (ISP). 155 The access network provider is responsible for allocating the device 156 a public IP address and for directly or indirectly providing a LIS 157 service. 159 2. LIS Discovery Procedure 161 A device that has multiple network interfaces could potentially be 162 served by a different access network on each interface, each with a 163 different LIS. The device SHOULD attempt to discover the LIS 164 applicable to each network interface, stopping when a LIS is 165 successfully discovered on any interface. 167 The LIS discovery procedure follows the following process: 169 1. Acquire the access network domain name DHCP option (Section 3). 171 This process might be repeated for each of the network interfaces 172 on the device. Domain names acquired from other sources might 173 also be added. 175 2. Apply U-NAPTR resolution (Section 4) to discover a LIS URI. 177 The U-NAPTR process is applied using each of the domain names as 178 input. 180 3. Verify that the LIS is able to provide location information. 182 The first URI that results in a successful response from the LIS 183 is used. 185 A device MUST support discovery using the access network domain name 186 DHCP option (Section 3) as input to U-NAPTR resolution (Section 4). 187 Other domain names MAY be used, as described in Section 4.1. 189 A device that discovers a LIS URI MUST attempt to verify that the LIS 190 is able to provide location information. For the HELD protocol, the 191 device verifies the URI by making a location request to the LIS. If 192 - at any time - the LIS responds to a request with the "notLocatable" 193 error code (see Section 4.3.2 of 194 [I-D.ietf-geopriv-http-location-delivery]), the device MUST continue 195 or restart the discovery process. A device SHOULD NOT make further 196 requests to a LIS that provides a "notLocatable" error until its 197 network attachment changes, or it discovers the LIS on an alternative 198 network interface. 200 Static configuration of a domain name or a LIS URI MAY be used if all 201 other discovery methods fail. Note that if a device has moved from 202 its customary location, static configuration might indicate a LIS 203 that is unable to provide accurate location information. 205 The product of the LIS discovery process for HELD is an "https:" or 206 "http:" URI. Nothing distinguishes this URI from other URIs with the 207 same scheme, aside from the fact that it is the product of this 208 process. Only URIs produced by the discovery process can be used for 209 location configuration using HELD. 211 2.1. Residential Gateways 213 The process described in this document is known to not work in a very 214 common deployment scenario. A fixed wireline scenario is described 215 in more detail in Section 3.1 of [I-D.ietf-geopriv-l7-lcp-ps]. In 216 this fixed wireline environment an intervening residential gateway 217 exists between the device and the access network. If the residential 218 gateway does not provide this option to the devices it serves, those 219 devices are unable to discover a LIS. 221 Support of this specification by residential gateways ensures that 222 the devices they serve are able to acquire location information. In 223 many cases the residential gateway configures the devices it serves 224 using DHCP. A residential gateway is able to use DHCP to assist 225 devices in gaining access to their location information. This can be 226 accomplished by providing an access network domain name DHCP option 227 suitable for LIS discovery, or by acting as a LIS directly. To 228 actively assist devices, a residential gateway can either: 230 o acquire an access network domain name from the access network 231 provider (possibly using DHCP) and pass the resulting value to 232 devices; or 234 o discover a LIS on its external interface, then provide devices 235 with the domain name that was used to successfully discover the 236 LIS; or 238 o explicitly include configuration that refers to a particular LIS; 239 or 241 o act as a LIS and directly provide location information to the 242 devices it serves, including providing a means to discover this 243 service. 245 As with devices, configuration of a specific domain name or location 246 information is only accurate as long as the residential gateway does 247 not move. If a residential gateway that relies on configuration 248 rather than automatic discovery is moved, the devices it serves could 249 be provided with inaccurate information. Devices could be led to 250 discover a LIS that is unable to provide accurate location 251 information, or - if location is configured on the residential 252 gateway - the residential gateway could provide incorrect location 253 information. 255 [I-D.ietf-dhc-container-opt] might be used by an access network 256 provider to convey configuration information to a residential gateway 257 for use by the devices it serves. Support and use of this option is 258 RECOMMENDED for both residential gateways and devices. Option values 259 found within the container MUST be used after values that are 260 directly in the DHCP response. 262 2.2. Virtual Private Networks (VPNs) 264 A Device MUST avoid performing LIS discovery over a VPN network 265 interface unless discovery on other interfaces is unsuccessful. A 266 LIS discovered in this way is unlikely to have the information 267 necessary to determine an accurate location. 269 Not all interfaces connected to a VPN can be detected by devices or 270 the software running on them. In these cases, it might be that a LIS 271 on the remote side of a VPN is inadvertently discovered. A LIS MUST 272 NOT provide location information in response to requests that it can 273 identify as originating from a device on the remote end of a VPN 274 tunnel, unless it is able to accurately determine location. The 275 "notLocatable" HELD error code can be used to indicate to a device 276 that discovery has revealed an unsuitable LIS. This ensures that 277 even if a device discovers a LIS over the VPN, it does not rely on a 278 LIS that is unable to provide accurate location information. 280 3. Access Network Domain Name DHCP Option 282 DHCP provides a direct means for the access network provider to 283 configure a device. The access network domain name option identifies 284 a domain name that is suitable for service discovery within the 285 access network. This domain name is used as input to the U-NAPTR 286 resolution process for LIS discovery. 288 The domain name provided in this option is one owned by the access 289 network operator. This domain name is intended for use in 290 discovering services within the access network. 292 This document registers a DHCP option for the access network domain 293 name for both IPv4 and IPv6. 295 3.1. Domain Name Encoding 297 This section describes the encoding of the domain name used in the 298 DHCPv4 option defined in Section 3.2 and also used in the DHCPv6 299 option defined in Section 3.3. 301 The domain name is encoded according to Section 3.1 of [RFC1035]. 302 Each label is represented as a one-octet length field followed by 303 that number of octets. Since every domain name ends with the null 304 label of the root, a domain name is terminated by a length byte of 305 zero. The high-order two bits of every length octet MUST be zero, 306 and the remaining six bits of the length field limit the label to 63 307 octets or less. To simplify implementations, the total length of a 308 domain name (i.e., label octets and label length octets) is 309 restricted to 255 octets or less. 311 3.2. Access Network Domain Name DHCPv4 Option 313 This section defines a DHCP for IPv4 (DHCPv4) option for the domain 314 name associated with the access network. 316 Code Len Access Network Domain Name 317 +-----+-----+-----+-----+-----+-----+-----+---- 318 | TBD | n | s1 | s2 | s3 | s4 | s5 | ... 319 +-----+-----+-----+-----+-----+-----+-----+---- 321 Figure 1: Access Network Domain Name DHCPv4 Option 323 The values s1, s2, s3, etc. represent the domain name labels in the 324 domain name encoding. Note that the length field in the DHCPv4 325 option represents the length of the entire domain name encoding, 326 whereas the length fields in the domain name encoding (see Section 3) 327 is the length of a single domain name label. 329 Code: OPTION_V4_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: Please 330 replace TBD with the assigned DHCPv4 option code, both here and in 331 Figure 1.]] 333 Length: The length of the entire access network domain name option 334 in octets. 336 Access Network Domain Name: The domain name associated with the 337 access network, encoded as described in Section 3.1. 339 A DHCPv4 client MAY request a access network domain name option in a 340 Parameter Request List option, as described in [RFC2131]. 342 This option contains a single domain name and, as such, MUST contain 343 precisely one root label. 345 3.3. Access Network Domain Name DHCPv6 Option 347 This section defines a DHCP for IPv6 (DHCPv6) option for the domain 348 name associated with the access network. The DHCPv6 option for this 349 parameter is similarly formatted to the DHCPv4 option. 351 0 1 2 3 352 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 353 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 354 | OPTION_V6_ACCESS_DOMAIN | Length | 355 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 356 . Access Network Domain Name . 357 . ... . 358 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 360 Figure 2: DHCPv6 Access Network Domain Name Option 362 option-code: OPTION_V6_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: 363 Please replace TBD with the assigned DHCPv6 option code.]] 365 option-length: The length of the entire access network domain name 366 option in octets. 368 option-value: The access network domain name, encoded as described 369 in Section 3.1. 371 A DHCPv6 client MAY request a access network domain name option in a 372 Options Request Option (ORO), as described in [RFC3315]. 374 This option contains a single domain name and, as such, MUST contain 375 precisely one root label. 377 4. U-NAPTR Resolution of a LIS URI 379 U-NAPTR [RFC4848] resolution for a LIS takes a domain name as input 380 and produces a URI that identifies the LIS. This process also 381 requires an Application Service tag and an Application Protocol tag, 382 which differentiate LIS-related NAPTR records from other records for 383 that domain. 385 Section 6.2 defines an Application Service tag of "LIS", which is 386 used to identify the location service for a given domain. The 387 Application Protocol tag "HELD", defined in Section 6.3, is used to 388 identify a LIS that understands the HELD protocol 389 [I-D.ietf-geopriv-http-location-delivery]. 391 The NAPTR records in the following example demonstrate the use of the 392 Application Service and Protocol tags. Iterative NAPTR resolution is 393 used to delegate responsibility for the LIS service from 394 "zonea.example.net." and "zoneb.example.net." to 395 "outsource.example.com.". 397 zonea.example.net. 398 ;; order pref flags 399 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 400 "" ; regex 401 outsource.example.com. ; replacement 402 ) 403 zoneb.example.net. 404 ;; order pref flags 405 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 406 "" ; regex 407 outsource.example.com. ; replacement 408 ) 409 outsource.example.com. 410 ;; order pref flags 411 IN NAPTR 100 10 "u" "LIS:HELD" ( ; service 412 "!*.!https://lis.example.org:4802/?c=ex!" ; regex 413 . ; replacement 414 ) 416 Figure 3: Sample LIS:HELD Service NAPTR Records 418 Details for the "LIS" Application Service tag and the "HELD" 419 Application Protocol tag are included in Section 6. 421 An "https:" LIS URI that is a product of U-NAPTR MUST be 422 authenticated using the domain name method described in Section 3.1 423 of RFC 2818 [RFC2818]. The domain name that is used in this 424 authentication is the one extracted from the URI, not the input to 425 the U-NAPTR resolution process. 427 4.1. Determining a Domain Name 429 The U-NAPTR resolution method described requires a domain name as 430 input. The access network domain name DHCP option (Section 3) 431 describes one source of this domain name. 433 If a device knows one or more alternative domain names that might be 434 used for discovery, it MAY repeat the U-NAPTR process using those 435 domain names as input. For instance, static configuration of a 436 device might be used to provide a device with a domain name. 438 Alternative domain names MUST NOT be used unless the access network 439 domain name option is unsuccessful or where external information 440 indicates that a particular domain name is to be used. For instance, 441 domain names for the device might be provided by a DHCP server 442 ([RFC4702] for DHCPv4, [RFC4704] for DHCPv6); DHCPv4 option 15 443 [RFC2131] could also be used as a source of a domain name suffix for 444 the device. However, these domain names could be provided without 445 considering their use for LIS discovery; therefore, many DHCP servers 446 do not provide a sensible value for these options. 448 5. Security Considerations 450 The address of a LIS is usually well-known within an access network; 451 therefore, interception of messages does not introduce any specific 452 concerns. 454 The primary attack against the methods described in this document is 455 one that would lead to impersonation of a LIS. The LIS is 456 responsible for providing location information and this information 457 is critical to a number of network services; furthermore, a device 458 does not necessarily have a prior relationship with a LIS. Several 459 methods are described here that can limit the probablity of, or 460 provide some protection against, such an attack. These methods MUST 461 be applied unless similar protections are in place, or in cases - 462 such as an emergency - where location information of dubious origin 463 is arguably better than none at all. 465 An attacker could attempt to compromise LIS discovery at any of three 466 stages: 468 1. providing a falsified domain name to be used as input to U-NAPTR 470 2. altering the DNS records used in U-NAPTR resolution 472 3. impersonation of the LIS 474 U-NAPTR is entirely dependent on its inputs. In falsifying a domain 475 name, an attacker avoids any later protections, bypassing them 476 entirely. To ensure that the access network domain name DHCP option 477 can be relied upon, preventing DHCP messages from being modified or 478 spoofed by attackers is necessary. Physical or link layer security 479 are commonplace methods that can reduce the possibility of such an 480 attack within an access network; alternatively, DHCP authentication 481 [RFC3118] can provide a degree of protection against modification or 482 spoofing. 484 The domain name that is used to authenticated the LIS is the domain 485 name in the URI that is the result of the U-NAPTR resolution. 486 Therefore, if an attacker were able to modify or spoof any of the DNS 487 records used in the DDDS resolution, this URI could be replaced by an 488 invalid URI. The application of DNS security (DNSSEC) [RFC4033] 489 provides a means to limit attacks that rely on modification of the 490 DNS records used in U-NAPTR resolution. Security considerations 491 specific to U-NAPTR are described in more detail in [RFC4848]. 493 An "https:" URI is authenticated using the method described in 494 Section 3.1 of [RFC2818]. The domain name used for this 495 authentication is the domain name in the URI resulting from U-NAPTR 496 resolution, not the input domain name as in [RFC3958]. Using the 497 domain name in the URI is more compatible with existing HTTP client 498 software, which authenticate servers based on the domain name in the 499 URI. 501 A LIS that is identified by an "http:" URI cannot be authenticated. 502 Use of unsecured HTTP also does not meet requirements in HELD for 503 confidentiality and integrity. If an "http:" URI is the product of 504 LIS discovery, this leaves devices vulnerable to several attacks. 505 Lower layer protections, such as layer 2 traffic separation might be 506 used to provide some guarantees. 508 6. IANA Considerations 510 6.1. Registration of DHCPv4 and DHCPv6 Option Codes 512 The IANA has assigned an option code of (TBD) for the DHCPv4 option 513 for an access network domain name option, as described in Section 3.2 514 of this document. 516 The IANA has assigned an option code of (TBD) for the DHCPv6 option 517 for an access network domain name option, as described in Section 3.3 518 of this document. 520 6.2. Registration of a Location Server Application Service Tag 522 This section registers a new S-NAPTR/U-NAPTR Application Service tag 523 for a LIS, as mandated by [RFC3958]. 525 Application Service Tag: LIS 527 Intended usage: Identifies a service that provides a device with its 528 location information. 530 Defining publication: RFCXXXX 532 Related publications: HELD [I-D.ietf-geopriv-http-location-delivery] 534 Contact information: The authors of this document 536 Author/Change controller: The IESG 538 6.3. Registration of a Location Server Application Protocol Tag for 539 HELD 541 This section registers a new S-NAPTR/U-NAPTR Application Protocol tag 542 for the HELD [I-D.ietf-geopriv-http-location-delivery] protocol, as 543 mandated by [RFC3958]. 545 Application Protocol Tag: HELD 547 Intended Usage: Identifies the HELD protocol. 549 Applicable Service Tag(s): LIS 551 Terminal NAPTR Record Type(s): U 553 Defining Publication: RFCXXXX 555 Related Publications: HELD [I-D.ietf-geopriv-http-location-delivery] 557 Contact Information: The authors of this document 559 Author/Change Controller: The IESG 561 7. Acknowledgements 563 This document uses a mechanism that is largely identical to that in 564 [RFC5222] and [RFC5223]. The authors would like to thank Leslie 565 Daigle for her work on U-NAPTR; Peter Koch for feedback on how not to 566 use DNS for discovery; Andy Newton for constructive suggestions with 567 regards to document direction; Richard Barnes, Joe Salowey, Barbara 568 Stark, and Hannes Tschofenig for input and reviews; Dean Willis for 569 constructive feedback. 571 8. References 573 8.1. Normative References 575 [RFC1035] Mockapetris, P., "Domain 576 names - implementation and 577 specification", STD 13, 578 RFC 1035, November 1987. 580 [RFC2131] Droms, R., "Dynamic Host 581 Configuration Protocol", 582 RFC 2131, March 1997. 584 [RFC2818] Rescorla, E., "HTTP Over 585 TLS", RFC 2818, May 2000. 587 [RFC3315] Droms, R., Bound, J., 588 Volz, B., Lemon, T., 589 Perkins, C., and M. 590 Carney, "Dynamic Host 591 Configuration Protocol for 592 IPv6 (DHCPv6)", RFC 3315, 593 July 2003. 595 [RFC4033] Arends, R., Austein, R., 596 Larson, M., Massey, D., 597 and S. Rose, "DNS Security 598 Introduction and 599 Requirements", RFC 4033, 600 March 2005. 602 [RFC4702] Stapp, M., Volz, B., and 603 Y. Rekhter, "The Dynamic 604 Host Configuration 605 Protocol (DHCP) Client 606 Fully Qualified Domain 607 Name (FQDN) Option", 608 RFC 4702, October 2006. 610 [RFC4704] Volz, B., "The Dynamic 611 Host Configuration 612 Protocol for IPv6 (DHCPv6) 613 Client Fully Qualified 614 Domain Name (FQDN) 615 Option", RFC 4704, 616 October 2006. 618 [RFC4848] Daigle, L., "Domain-Based 619 Application Service 620 Location Using URIs and 621 the Dynamic Delegation 622 Discovery Service (DDDS)", 623 RFC 4848, April 2007. 625 [I-D.ietf-geopriv-http-location-delivery] Barnes, M., Winterbottom, 626 J., Thomson, M., and B. 627 Stark, "HTTP Enabled 628 Location Delivery (HELD)", 629 draft-ietf-geopriv-http- 630 location-delivery-16 (work 631 in progress), August 2009. 633 [I-D.ietf-dhc-container-opt] Droms, R., "Container 634 Option for Server 635 Configuration", draft- 636 ietf-dhc-container-opt-05 637 (work in progress), 638 March 2009. 640 [RFC2119] Bradner, S., "Key words 641 for use in RFCs to 642 Indicate Requirement 643 Levels", BCP 14, RFC 2119, 644 March 1997. 646 8.2. Informative References 648 [RFC3118] Droms, R. and W. Arbaugh, 649 "Authentication for DHCP 650 Messages", RFC 3118, 651 June 2001. 653 [RFC3693] Cuellar, J., Morris, J., 654 Mulligan, D., Peterson, 655 J., and J. Polk, "Geopriv 656 Requirements", RFC 3693, 657 February 2004. 659 [RFC3958] Daigle, L. and A. Newton, 660 "Domain-Based Application 661 Service Location Using SRV 662 RRs and the Dynamic 663 Delegation Discovery 664 Service (DDDS)", RFC 3958, 665 January 2005. 667 [RFC5222] Hardie, T., Newton, A., 668 Schulzrinne, H., and H. 669 Tschofenig, "LoST: A 670 Location-to-Service 671 Translation Protocol", 672 RFC 5222, August 2008. 674 [RFC5223] Schulzrinne, H., Polk, J., 675 and H. Tschofenig, 676 "Discovering Location-to- 677 Service Translation (LoST) 678 Servers Using the Dynamic 679 Host Configuration 680 Protocol (DHCP)", 681 RFC 5223, August 2008. 683 [I-D.ietf-geopriv-l7-lcp-ps] Tschofenig, H. and H. 684 Schulzrinne, "GEOPRIV 685 Layer 7 Location 686 Configuration Protocol; 687 Problem Statement and 688 Requirements", draft-ietf- 689 geopriv-l7-lcp-ps-10 (work 690 in progress), July 2009. 692 [I-D.ietf-geopriv-lbyr-requirements] Marshall, R., 693 "Requirements for a 694 Location-by-Reference 695 Mechanism", draft-ietf- 696 geopriv-lbyr-requirements- 697 08 (work in progress), 698 September 2009. 700 Authors' Addresses 702 Martin Thomson 703 Andrew 704 PO Box U40 705 Wollongong University Campus, NSW 2500 706 AU 708 Phone: +61 2 4221 2915 709 EMail: martin.thomson@andrew.com 710 URI: http://www.andrew.com/ 712 James Winterbottom 713 Andrew 714 PO Box U40 715 Wollongong University Campus, NSW 2500 716 AU 718 Phone: +61 2 4221 2938 719 EMail: james.winterbottom@andrew.com 720 URI: http://www.andrew.com/