idnits 2.17.1 draft-ietf-geopriv-lis-discovery-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 8, 2009) is 5225 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) == Outdated reference: A later version (-07) exists of draft-ietf-dhc-container-opt-05 Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 GEOPRIV M. Thomson 3 Internet-Draft J. Winterbottom 4 Intended status: Standards Track Andrew 5 Expires: June 11, 2010 December 8, 2009 7 Discovering the Local Location Information Server (LIS) 8 draft-ietf-geopriv-lis-discovery-13 10 Abstract 12 Discovery of the correct Location Information Server (LIS) in the 13 local access network is necessary for devices that wish to acquire 14 location information from the network. A method is described for the 15 discovery of a LIS in the access network serving a device. Dynamic 16 Host Configuration Protocol (DHCP) options for IP versions 4 and 6 17 are defined that specify a domain name. This domain name is then 18 used as input to a URI-enabled NAPTR (U-NAPTR) resolution process. 20 Status of This Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts.txt. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 This Internet-Draft will expire on June 11, 2010. 43 Copyright Notice 45 Copyright (c) 2009 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the BSD License. 58 Table of Contents 60 1. Introduction and Overview . . . . . . . . . . . . . . . . . . 3 61 1.1. Discovery Procedure Overview . . . . . . . . . . . . . . . 3 62 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 63 2. LIS Discovery Procedure . . . . . . . . . . . . . . . . . . . 4 64 2.1. Residential Gateways . . . . . . . . . . . . . . . . . . . 6 65 2.2. Virtual Private Networks (VPNs) . . . . . . . . . . . . . 7 66 3. Determining a Domain Name . . . . . . . . . . . . . . . . . . 8 67 3.1. Domain Name Encoding . . . . . . . . . . . . . . . . . . . 8 68 3.2. Access Network Domain Name DHCPv4 Option . . . . . . . . . 8 69 3.3. Access Network Domain Name DHCPv6 Option . . . . . . . . . 9 70 3.4. Alternative Domain Names . . . . . . . . . . . . . . . . . 10 71 4. U-NAPTR Resolution of a LIS URI . . . . . . . . . . . . . . . 10 72 5. Security Considerations . . . . . . . . . . . . . . . . . . . 11 73 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 74 6.1. Registration of DHCPv4 and DHCPv6 Option Codes . . . . . . 13 75 6.2. Registration of a Location Server Application Service 76 Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 77 6.3. Registration of a Location Server Application Protocol 78 Tag for HELD . . . . . . . . . . . . . . . . . . . . . . . 13 79 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14 80 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 81 8.1. Normative References . . . . . . . . . . . . . . . . . . . 14 82 8.2. Informative References . . . . . . . . . . . . . . . . . . 16 84 1. Introduction and Overview 86 The location of a device is a useful and sometimes necessary part of 87 many services. A Location Information Server (LIS) is responsible 88 for providing that location information to devices with an access 89 network. The LIS uses knowledge of the access network and its 90 physical topology to generate and serve location information to 91 devices. 93 Each access network requires specific knowledge about topology. 94 Therefore, it is important to discover the LIS that has the specific 95 knowledge necessary to locate a device. That is, the LIS that serves 96 the current access network. Automatic discovery is important where 97 there is any chance of movement outside a single access network. 98 Reliance on static configuration can lead to unexpected errors if a 99 device moves between access networks. 101 This document describes a process that a device can use to discover a 102 LIS. This process uses a DHCP option and the DNS. The product of 103 this discovery process is an http: or https: URI, which identifies a 104 LIS. 106 The URI result from the discovery process is suitable for location 107 configuration only; that is, the device MUST dereference the URI 108 using the process described in HELD 109 [I-D.ietf-geopriv-http-location-delivery]. URIs discovered in this 110 way are not "location URIs" [I-D.ietf-geopriv-lbyr-requirements]; 111 dereferencing one of them provides the location of the requester 112 only. Devices MUST NOT embed these URIs in fields in other protocols 113 designed to carry the location of the device. 115 1.1. Discovery Procedure Overview 117 DHCP ([RFC2131], [RFC3315]) is a commonly used mechanism for 118 providing bootstrap configuration information allowing a device to 119 operate in a specific network environment. The bulk of DHCP 120 information is largely static; consisting of configuration 121 information that does not change over the period that the device is 122 attached to the network. Physical location information might change 123 over this time, however the address of the LIS does not. Thus, DHCP 124 is suitable for configuring a device with the address of a LIS. 126 This document defines a DHCP option that produces a domain name that 127 identifies the local access network in Section 3. 129 Section 4 describes a method that uses URI-enabled NAPTR (U-NAPTR) 130 [RFC4848], a Dynamic Delegation Discovery Service (DDDS) profile that 131 produces a URI for the LIS. The input to this process is provided by 132 the DHCP option. 134 For the LIS discovery DDDS application, an Application Service tag 135 "LIS" and an Application Protocol tag "HELD" are created and 136 registered with the IANA. Based on the domain name, this U-NAPTR 137 application uses the two tags to determine a URI for a LIS that 138 supports the HELD protocol. 140 1.2. Terminology 142 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 143 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 144 document are to be interpreted as described in [RFC2119]. 146 This document also uses the term "device" to refer to an end host, or 147 client consistent with its use in HELD. In HELD and RFC3693 148 [RFC3693] parlance, the Device is also the Target. 150 The terms "access network" refers to the network that a device 151 connects to for Internet access. The "access network provider" is 152 the entity that operates the access network. This is consistent with 153 the definition in [I-D.ietf-geopriv-l7-lcp-ps] which combines the 154 Internet Access Provider (IAP) and Internet Service Provider (ISP). 155 The access network provider is responsible for allocating the device 156 a public IP address and for directly or indirectly providing a LIS 157 service. 159 2. LIS Discovery Procedure 161 A device that has multiple network interfaces could potentially be 162 served by a different access network on each interface, each with a 163 different LIS. The device SHOULD attempt to discover the LIS 164 applicable to each network interface, stopping when a LIS is 165 successfully discovered on any interface. 167 The LIS discovery procedure follows this process: 169 1. Acquire the access network domain name (Section 3). 171 This process might be repeated for each of the network interfaces 172 on the device. Domain names acquired from other sources might 173 also be added. 175 2. Apply U-NAPTR resolution (Section 4) to discover a LIS URI. 177 The U-NAPTR process is applied using each of the domain names as 178 input. 180 3. Verify that the LIS is able to provide location information. 182 The first URI that results in a successful response from the LIS 183 is used. 185 A device MUST support discovery using the access network domain name 186 DHCP option (Section 3) as input to U-NAPTR resolution (Section 4). 187 If this option is not available, DHCPv4 option 15 [RFC2132] is used. 188 Other domain names MAY be used, as described in Section 3.4. 190 A device that discovers a LIS URI MUST attempt to verify that the LIS 191 is able to provide location information. For the HELD protocol, the 192 device verifies the URI by making a location request to the LIS. If 193 - at any time - the LIS responds to a request with the "notLocatable" 194 error code (see Section 4.3.2 of 195 [I-D.ietf-geopriv-http-location-delivery]), the device MUST continue 196 or restart the discovery process. A device SHOULD NOT make further 197 requests to a LIS that provides a "notLocatable" error until its 198 network attachment changes, or it discovers the LIS on an alternative 199 network interface. 201 Static configuration of a domain name or a LIS URI MAY be used. Note 202 that if a device has moved from its customary location, static 203 configuration might indicate a LIS that is unable to provide accurate 204 location information. 206 The product of the LIS discovery process for HELD is an "https:" or 207 "http:" URI. Nothing distinguishes this URI from other URIs with the 208 same scheme, aside from the fact that it is the product of this 209 process. Only URIs produced by the discovery process can be used for 210 location configuration using HELD. 212 The overall discovery process is summarized in Figure 1. 214 ----------- 215 ( Start ) 216 -----+----- 217 |<--------------------------------------+ 218 | | 219 V | 220 ------^------- ------^------ | 221 / \ / 1. \ | 222 < Next interface >------->< Get domain >-----+ 223 \ / Y ^ \ / N 224 ------v------- | ------v------ 225 | N | | Y 226 | | V 227 | | ------^------ 228 | | / 2. \ 229 | +----< Get URI > 230 | | N \ / 231 | | ------v------ 232 | | | Y 233 | | V 234 | | ------^------ 235 | | / 3. \ 236 | +----< Check URI > 237 | N \ / 238 | ------v------ 239 | | Y 240 V V 241 ----------- ----------- 242 ( Failure ) ( Success ) 243 ----------- ----------- 245 Figure 1: LIS Discovery Flowchart 247 2.1. Residential Gateways 249 The process described in this document is likely to fail in many 250 residential network scenarios. A fixed wireline scenario is 251 described in more detail in Section 3.1 of 252 [I-D.ietf-geopriv-l7-lcp-ps]. In this fixed wireline environment an 253 intervening residential gateway exists between the device and the 254 access network. If the residential gateway does not provide this 255 option to the devices it serves, those devices are unable to discover 256 a LIS. 258 Support of this specification by residential gateways ensures that 259 the devices they serve are able to acquire location information. In 260 many cases the residential gateway configures the devices it serves 261 using DHCP. A residential gateway is able to use DHCP to assist 262 devices in gaining access to their location information. This can be 263 accomplished by providing an access network domain name DHCP option 264 suitable for LIS discovery, or by acting as a LIS directly. To 265 actively assist devices, a residential gateway can either: 267 o acquire an access network domain name from the access network 268 provider (possibly using DHCP) and pass the resulting value to 269 devices; or 271 o discover a LIS on its external interface, then provide devices 272 with the domain name that was used to successfully discover the 273 LIS; or 275 o explicitly include configuration that refers to a particular LIS; 276 or 278 o act as a LIS and directly provide location information to the 279 devices it serves, including providing a means to discover this 280 service. 282 As with devices, configuration of a specific domain name or location 283 information is only accurate as long as the residential gateway does 284 not move. If a residential gateway that relies on configuration 285 rather than automatic discovery is moved, the devices it serves could 286 be provided with inaccurate information. Devices could be led to 287 discover a LIS that is unable to provide accurate location 288 information, or - if location is configured on the residential 289 gateway - the residential gateway could provide incorrect location 290 information. 292 [I-D.ietf-dhc-container-opt] might be used by an access network 293 provider to convey configuration information to a residential gateway 294 for use by the devices it serves. Support and use of this option is 295 RECOMMENDED for both residential gateways and devices. Option values 296 found within the container MUST be used after values that are 297 directly in the DHCP response. 299 2.2. Virtual Private Networks (VPNs) 301 A Device MUST avoid performing LIS discovery over a VPN network 302 interface unless discovery on other interfaces is unsuccessful. A 303 LIS discovered in this way is unlikely to have the information 304 necessary to determine an accurate location. 306 Not all interfaces connected to a VPN can be detected by devices or 307 the software running on them. In these cases, it might be that a LIS 308 on the remote side of a VPN is inadvertently discovered. A LIS MUST 309 NOT provide location information in response to requests that it can 310 identify as originating from a device on the remote end of a VPN 311 tunnel, unless it is able to accurately determine location. The 312 "notLocatable" HELD error code can be used to indicate to a device 313 that discovery has revealed an unsuitable LIS. This ensures that 314 even if a device discovers a LIS over the VPN, it does not rely on a 315 LIS that is unable to provide accurate location information. 317 3. Determining a Domain Name 319 DHCP provides a direct means for the access network provider to 320 configure a device. The access network domain name option identifies 321 a domain name that is suitable for service discovery within the 322 access network. This domain name is used as input to the U-NAPTR 323 resolution process for LIS discovery. 325 The domain name provided in this option is one owned by the access 326 network operator. This domain name is intended for use in 327 discovering services within the access network. 329 This document registers a DHCP option for the access network domain 330 name for both IPv4 and IPv6. 332 3.1. Domain Name Encoding 334 This section describes the encoding of the domain name used in the 335 DHCPv4 option defined in Section 3.2 and also used in the DHCPv6 336 option defined in Section 3.3. 338 The domain name is encoded according to Section 3.1 of [RFC1035]. 339 Each label is represented as a one-octet length field followed by 340 that number of octets. Since every domain name ends with the null 341 label of the root, a domain name is terminated by a length byte of 342 zero. The high-order two bits of every length octet MUST be zero, 343 and the remaining six bits of the length field limit the label to 63 344 octets or less. To simplify implementations, the total length of a 345 domain name (i.e., label octets and label length octets) is 346 restricted to 255 octets or less. 348 3.2. Access Network Domain Name DHCPv4 Option 350 This section defines a DHCP for IPv4 (DHCPv4) option for the domain 351 name associated with the access network. 353 Code Len Access Network Domain Name 354 +-----+-----+-----+-----+-----+-----+-----+---- 355 | TBD | n | s1 | s2 | s3 | s4 | s5 | ... 356 +-----+-----+-----+-----+-----+-----+-----+---- 357 Figure 2: Access Network Domain Name DHCPv4 Option 359 The values s1, s2, s3, etc. represent the domain name labels in the 360 domain name encoding. Note that the length field in the DHCPv4 361 option represents the length of the entire domain name encoding, 362 whereas the length fields in the domain name encoding (see Section 3) 363 is the length of a single domain name label. 365 Code: OPTION_V4_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: Please 366 replace TBD with the assigned DHCPv4 option code, both here and in 367 Figure 2.]] 369 Length: The length of the entire access network domain name option 370 in octets. 372 Access Network Domain Name: The domain name associated with the 373 access network, encoded as described in Section 3.1. 375 A DHCPv4 client MAY request a access network domain name option in a 376 Parameter Request List option, as described in [RFC2131]. 378 This option contains a single domain name and, as such, MUST contain 379 precisely one root label. 381 3.3. Access Network Domain Name DHCPv6 Option 383 This section defines a DHCP for IPv6 (DHCPv6) option for the domain 384 name associated with the access network. The DHCPv6 option for this 385 parameter is similarly formatted to the DHCPv4 option. 387 0 1 2 3 388 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 389 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 390 | OPTION_V6_ACCESS_DOMAIN | Length | 391 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 392 . Access Network Domain Name . 393 . ... . 394 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 396 Figure 3: DHCPv6 Access Network Domain Name Option 398 option-code: OPTION_V6_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: 399 Please replace TBD with the assigned DHCPv6 option code.]] 401 option-length: The length of the entire access network domain name 402 option in octets. 404 option-value: The access network domain name, encoded as described 405 in Section 3.1. 407 A DHCPv6 client MAY request a access network domain name option in a 408 Options Request Option (ORO), as described in [RFC3315]. 410 This option contains a single domain name and, as such, MUST contain 411 precisely one root label. 413 3.4. Alternative Domain Names 415 The U-NAPTR resolution method described requires a domain name as 416 input. The access network domain name DHCP options (Section 3.2 and 417 Section 3.3) is one source of this domain name. 419 If a device knows one or more alternative domain names that might be 420 used for discovery, it MAY repeat the U-NAPTR process using those 421 domain names as input. For instance, static configuration of a 422 device might be used to provide a device with a domain name. 424 DHCPv4 option 15 [RFC2132] provides an indication of the domain name 425 that a host uses when resolving hostnames in DNS. This option is 426 used when the DHCPv4 access domain name is not available. 428 Alternative domain names MUST NOT be used unless the access network 429 domain name option is unsuccessful or where external information 430 indicates that a particular domain name is to be used. 432 Other domain names might be provided by a DHCP server (for example, 433 [RFC4702] for DHCPv4, [RFC4704] for DHCPv6). However, these domain 434 names could be provided without considering their use for LIS 435 discovery; therefore, it is not likely that these options contain 436 useful values. 438 4. U-NAPTR Resolution of a LIS URI 440 U-NAPTR [RFC4848] resolution for a LIS takes a domain name as input 441 and produces a URI that identifies the LIS. This process also 442 requires an Application Service tag and an Application Protocol tag, 443 which differentiate LIS-related NAPTR records from other records for 444 that domain. 446 Section 6.2 defines an Application Service tag of "LIS", which is 447 used to identify the location service for a given domain. The 448 Application Protocol tag "HELD", defined in Section 6.3, is used to 449 identify a LIS that understands the HELD protocol 450 [I-D.ietf-geopriv-http-location-delivery]. 452 The NAPTR records in the following example demonstrate the use of the 453 Application Service and Protocol tags. Iterative NAPTR resolution is 454 used to delegate responsibility for the LIS service from 455 "zonea.example.net." and "zoneb.example.net." to 456 "outsource.example.com.". 458 zonea.example.net. 459 ;; order pref flags 460 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 461 "" ; regex 462 outsource.example.com. ; replacement 463 ) 464 zoneb.example.net. 465 ;; order pref flags 466 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 467 "" ; regex 468 outsource.example.com. ; replacement 469 ) 470 outsource.example.com. 471 ;; order pref flags 472 IN NAPTR 100 10 "u" "LIS:HELD" ( ; service 473 "!*.!https://lis.example.org:4802/?c=ex!" ; regex 474 . ; replacement 475 ) 477 Figure 4: Sample LIS:HELD Service NAPTR Records 479 Details for the "LIS" Application Service tag and the "HELD" 480 Application Protocol tag are included in Section 6. 482 An "https:" LIS URI that is a product of U-NAPTR MUST be 483 authenticated using the domain name method described in Section 3.1 484 of RFC 2818 [RFC2818]. The domain name that is used in this 485 authentication is the one extracted from the URI, not the input to 486 the U-NAPTR resolution process. 488 5. Security Considerations 490 The address of a LIS is usually well-known within an access network; 491 therefore, interception of messages does not introduce any specific 492 concerns. 494 The primary attack against the methods described in this document is 495 one that would lead to impersonation of a LIS. The LIS is 496 responsible for providing location information and this information 497 is critical to a number of network services; furthermore, a device 498 does not necessarily have a prior relationship with a LIS. Several 499 methods are described here that can limit the probablity of, or 500 provide some protection against, such an attack. These methods MUST 501 be applied unless similar protections are in place, or in cases - 502 such as an emergency - where location information of dubious origin 503 is arguably better than none at all. 505 An attacker could attempt to compromise LIS discovery at any of three 506 stages: 508 1. providing a falsified domain name to be used as input to U-NAPTR 510 2. altering the DNS records used in U-NAPTR resolution 512 3. impersonation of the LIS 514 U-NAPTR is entirely dependent on its inputs. In falsifying a domain 515 name, an attacker avoids any later protections, bypassing them 516 entirely. To ensure that the access network domain name DHCP option 517 can be relied upon, preventing DHCP messages from being modified or 518 spoofed by attackers is necessary. Physical or link layer security 519 are commonplace methods that can reduce the possibility of such an 520 attack within an access network; alternatively, DHCP authentication 521 [RFC3118] can provide a degree of protection against modification or 522 spoofing. 524 The domain name that is used to authenticated the LIS is the domain 525 name in the URI that is the result of the U-NAPTR resolution. 526 Therefore, if an attacker were able to modify or spoof any of the DNS 527 records used in the DDDS resolution, this URI could be replaced by an 528 invalid URI. The application of DNS security (DNSSEC) [RFC4033] 529 provides a means to limit attacks that rely on modification of the 530 DNS records used in U-NAPTR resolution. Security considerations 531 specific to U-NAPTR are described in more detail in [RFC4848]. 533 An "https:" URI is authenticated using the method described in 534 Section 3.1 of [RFC2818]. The domain name used for this 535 authentication is the domain name in the URI resulting from U-NAPTR 536 resolution, not the input domain name as in [RFC3958]. Using the 537 domain name in the URI is more compatible with existing HTTP client 538 software, which authenticate servers based on the domain name in the 539 URI. 541 A LIS that is identified by an "http:" URI cannot be authenticated. 542 Use of unsecured HTTP also does not meet requirements in HELD for 543 confidentiality and integrity. If an "http:" URI is the product of 544 LIS discovery, this leaves devices vulnerable to several attacks. 545 Lower layer protections, such as layer 2 traffic separation might be 546 used to provide some guarantees. 548 6. IANA Considerations 550 6.1. Registration of DHCPv4 and DHCPv6 Option Codes 552 The IANA has assigned an option code of (TBD) for the DHCPv4 option 553 for an access network domain name option, as described in Section 3.2 554 of this document. 556 The IANA has assigned an option code of (TBD) for the DHCPv6 option 557 for an access network domain name option, as described in Section 3.3 558 of this document. 560 6.2. Registration of a Location Server Application Service Tag 562 This section registers a new S-NAPTR/U-NAPTR Application Service tag 563 for a LIS, as mandated by [RFC3958]. 565 Application Service Tag: LIS 567 Intended usage: Identifies a service that provides a device with its 568 location information. 570 Defining publication: RFCXXXX 572 Related publications: HELD [I-D.ietf-geopriv-http-location-delivery] 574 Contact information: The authors of this document 576 Author/Change controller: The IESG 578 6.3. Registration of a Location Server Application Protocol Tag for 579 HELD 581 This section registers a new S-NAPTR/U-NAPTR Application Protocol tag 582 for the HELD [I-D.ietf-geopriv-http-location-delivery] protocol, as 583 mandated by [RFC3958]. 585 Application Protocol Tag: HELD 587 Intended Usage: Identifies the HELD protocol. 589 Applicable Service Tag(s): LIS 591 Terminal NAPTR Record Type(s): U 592 Defining Publication: RFCXXXX 594 Related Publications: HELD [I-D.ietf-geopriv-http-location-delivery] 596 Contact Information: The authors of this document 598 Author/Change Controller: The IESG 600 7. Acknowledgements 602 This document uses a mechanism that is largely identical to that in 603 [RFC5222] and [RFC5223]. The authors would like to thank Leslie 604 Daigle for her work on U-NAPTR; Peter Koch for feedback on how not to 605 use DNS for discovery; Andy Newton for constructive suggestions with 606 regards to document direction; Richard Barnes, Joe Salowey, Barbara 607 Stark, and Hannes Tschofenig for input and reviews; Dean Willis for 608 constructive feedback. 610 8. References 612 8.1. Normative References 614 [RFC1035] Mockapetris, P., "Domain 615 names - implementation and 616 specification", STD 13, 617 RFC 1035, November 1987. 619 [RFC2131] Droms, R., "Dynamic Host 620 Configuration Protocol", 621 RFC 2131, March 1997. 623 [RFC2132] Alexander, S. and R. 624 Droms, "DHCP Options and 625 BOOTP Vendor Extensions", 626 RFC 2132, March 1997. 628 [RFC2818] Rescorla, E., "HTTP Over 629 TLS", RFC 2818, May 2000. 631 [RFC3315] Droms, R., Bound, J., 632 Volz, B., Lemon, T., 633 Perkins, C., and M. 634 Carney, "Dynamic Host 635 Configuration Protocol for 636 IPv6 (DHCPv6)", RFC 3315, 637 July 2003. 639 [RFC4033] Arends, R., Austein, R., 640 Larson, M., Massey, D., 641 and S. Rose, "DNS Security 642 Introduction and 643 Requirements", RFC 4033, 644 March 2005. 646 [RFC4702] Stapp, M., Volz, B., and 647 Y. Rekhter, "The Dynamic 648 Host Configuration 649 Protocol (DHCP) Client 650 Fully Qualified Domain 651 Name (FQDN) Option", 652 RFC 4702, October 2006. 654 [RFC4704] Volz, B., "The Dynamic 655 Host Configuration 656 Protocol for IPv6 (DHCPv6) 657 Client Fully Qualified 658 Domain Name (FQDN) 659 Option", RFC 4704, 660 October 2006. 662 [RFC4848] Daigle, L., "Domain-Based 663 Application Service 664 Location Using URIs and 665 the Dynamic Delegation 666 Discovery Service (DDDS)", 667 RFC 4848, April 2007. 669 [I-D.ietf-geopriv-http-location-delivery] Barnes, M., Winterbottom, 670 J., Thomson, M., and B. 671 Stark, "HTTP Enabled 672 Location Delivery (HELD)", 673 draft-ietf-geopriv-http- 674 location-delivery-16 (work 675 in progress), August 2009. 677 [I-D.ietf-dhc-container-opt] Droms, R., "Container 678 Option for Server 679 Configuration", draft- 680 ietf-dhc-container-opt-05 681 (work in progress), 682 March 2009. 684 [RFC2119] Bradner, S., "Key words 685 for use in RFCs to 686 Indicate Requirement 687 Levels", BCP 14, RFC 2119, 688 March 1997. 690 8.2. Informative References 692 [RFC3118] Droms, R. and W. Arbaugh, 693 "Authentication for DHCP 694 Messages", RFC 3118, 695 June 2001. 697 [RFC3693] Cuellar, J., Morris, J., 698 Mulligan, D., Peterson, 699 J., and J. Polk, "Geopriv 700 Requirements", RFC 3693, 701 February 2004. 703 [RFC3958] Daigle, L. and A. Newton, 704 "Domain-Based Application 705 Service Location Using SRV 706 RRs and the Dynamic 707 Delegation Discovery 708 Service (DDDS)", RFC 3958, 709 January 2005. 711 [RFC5222] Hardie, T., Newton, A., 712 Schulzrinne, H., and H. 713 Tschofenig, "LoST: A 714 Location-to-Service 715 Translation Protocol", 716 RFC 5222, August 2008. 718 [RFC5223] Schulzrinne, H., Polk, J., 719 and H. Tschofenig, 720 "Discovering Location-to- 721 Service Translation (LoST) 722 Servers Using the Dynamic 723 Host Configuration 724 Protocol (DHCP)", 725 RFC 5223, August 2008. 727 [I-D.ietf-geopriv-l7-lcp-ps] Tschofenig, H. and H. 728 Schulzrinne, "GEOPRIV 729 Layer 7 Location 730 Configuration Protocol; 731 Problem Statement and 732 Requirements", draft-ietf- 733 geopriv-l7-lcp-ps-10 (work 734 in progress), July 2009. 736 [I-D.ietf-geopriv-lbyr-requirements] Marshall, R., 737 "Requirements for a 738 Location-by-Reference 739 Mechanism", draft-ietf- 740 geopriv-lbyr-requirements- 741 09 (work in progress), 742 November 2009. 744 Authors' Addresses 746 Martin Thomson 747 Andrew 748 PO Box U40 749 Wollongong University Campus, NSW 2500 750 AU 752 Phone: +61 2 4221 2915 753 EMail: martin.thomson@andrew.com 754 URI: http://www.andrew.com/ 756 James Winterbottom 757 Andrew 758 PO Box U40 759 Wollongong University Campus, NSW 2500 760 AU 762 Phone: +61 2 4221 2938 763 EMail: james.winterbottom@andrew.com 764 URI: http://www.andrew.com/