idnits 2.17.1 draft-ietf-geopriv-lis-discovery-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 8, 2010) is 5161 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) == Outdated reference: A later version (-07) exists of draft-ietf-dhc-container-opt-05 Summary: 4 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 GEOPRIV M. Thomson 3 Internet-Draft J. Winterbottom 4 Intended status: Standards Track Andrew Corporation 5 Expires: September 9, 2010 March 8, 2010 7 Discovering the Local Location Information Server (LIS) 8 draft-ietf-geopriv-lis-discovery-15 10 Abstract 12 Discovery of the correct Location Information Server (LIS) in the 13 local access network is necessary for devices that wish to acquire 14 location information from the network. A method is described for the 15 discovery of a LIS in the access network serving a device. Dynamic 16 Host Configuration Protocol (DHCP) options for IP versions 4 and 6 17 are defined that specify a domain name. This domain name is then 18 used as input to a URI-enabled NAPTR (U-NAPTR) resolution process. 20 Status of This Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts.txt. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 This Internet-Draft will expire on September 9, 2010. 43 Copyright Notice 45 Copyright (c) 2010 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the BSD License. 58 Table of Contents 60 1. Introduction and Overview . . . . . . . . . . . . . . . . . . 3 61 1.1. Discovery Procedure Overview . . . . . . . . . . . . . . . 3 62 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 63 2. LIS Discovery Procedure . . . . . . . . . . . . . . . . . . . 4 64 2.1. Residential Gateways . . . . . . . . . . . . . . . . . . . 6 65 2.2. Virtual Private Networks (VPNs) . . . . . . . . . . . . . 7 66 3. Determining a Domain Name . . . . . . . . . . . . . . . . . . 8 67 3.1. Domain Name Encoding . . . . . . . . . . . . . . . . . . . 8 68 3.2. Access Network Domain Name DHCPv4 Option . . . . . . . . . 9 69 3.3. Access Network Domain Name DHCPv6 Option . . . . . . . . . 9 70 3.4. Alternative Domain Names . . . . . . . . . . . . . . . . . 10 71 4. U-NAPTR Resolution of a LIS URI . . . . . . . . . . . . . . . 11 72 5. Security Considerations . . . . . . . . . . . . . . . . . . . 12 73 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 74 6.1. Registration of DHCPv4 and DHCPv6 Option Codes . . . . . . 13 75 6.2. Registration of a Location Server Application Service 76 Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 77 6.3. Registration of a Location Server Application Protocol 78 Tag for HELD . . . . . . . . . . . . . . . . . . . . . . . 14 79 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14 80 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 81 8.1. Normative References . . . . . . . . . . . . . . . . . . . 14 82 8.2. Informative References . . . . . . . . . . . . . . . . . . 16 84 1. Introduction and Overview 86 The location of a device is a useful and sometimes necessary part of 87 many services. A Location Information Server (LIS) is responsible 88 for providing that location information to devices with attached 89 access networks used to provide Internet access. The LIS uses 90 knowledge of the access network and its physical topology to generate 91 and serve location information to devices. 93 Each access network requires specific knowledge about topology. 94 Therefore, it is important to discover the LIS that has the specific 95 knowledge necessary to locate a device. That is, the LIS that serves 96 the current access network. Automatic discovery is important where 97 there is any chance of movement outside a single access network. 98 Reliance on static configuration can lead to unexpected errors if a 99 device moves between access networks. 101 This document describes a process that a device can use to discover a 102 LIS. This process uses a DHCP option and the DNS. The product of 103 this discovery process is an http: [RFC2616] or https: [RFC2818] URI 104 that identifies a LIS. 106 The URI result from the discovery process is suitable for location 107 configuration only; that is, the device MUST dereference the URI 108 using the process described in HELD 109 [I-D.ietf-geopriv-http-location-delivery]. URIs discovered in this 110 way are not "location URIs" [I-D.ietf-geopriv-lbyr-requirements]; 111 dereferencing one of them provides the location of the requester 112 only. Devices MUST NOT embed these URIs in fields in other protocols 113 designed to carry the location of the device. 115 1.1. Discovery Procedure Overview 117 DHCP ([RFC2131], [RFC3315]) is a commonly used mechanism for 118 providing bootstrap configuration information allowing a device to 119 operate in a specific network environment. The DHCP information is 120 largely static; consisting of configuration information that does not 121 change over the period that the device is attached to the network. 122 Physical location information might change over this time, however 123 the address of the LIS does not. Thus, DHCP is suitable for 124 configuring a device with the address of a LIS. 126 This document defines a DHCP option that produces a domain name that 127 identifies the local access network in Section 3. 129 Section 4 describes a method that uses URI-enabled NAPTR (U-NAPTR) 130 [RFC4848], a Dynamic Delegation Discovery Service (DDDS) profile that 131 produces a URI for the LIS. The input to this process is provided by 132 the DHCP option. 134 For the LIS discovery DDDS application, an Application Service tag 135 "LIS" and an Application Protocol tag "HELD" are created and 136 registered with the IANA. Based on the domain name, this U-NAPTR 137 application uses the two tags to determine a URI for a LIS that 138 supports the HELD protocol. 140 1.2. Terminology 142 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 143 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 144 document are to be interpreted as described in [RFC2119]. 146 This document also uses the term "device" to refer to an end host, or 147 client consistent with its use in HELD. In HELD and RFC3693 148 [RFC3693] parlance, the Device is also the Target. 150 The terms "access network" refers to the network that a device 151 connects to for Internet access. The "access network provider" is 152 the entity that operates the access network. This is consistent with 153 the definition in [I-D.ietf-geopriv-l7-lcp-ps] which combines the 154 Internet Access Provider (IAP) and Internet Service Provider (ISP). 155 The access network provider is responsible for allocating the device 156 a public IP address and for directly or indirectly providing a LIS 157 service. 159 2. LIS Discovery Procedure 161 A device that has multiple network interfaces could potentially be 162 served by a different access network on each interface, each with a 163 different LIS. The device SHOULD attempt to discover the LIS 164 applicable to each network interface, stopping when a LIS is 165 successfully discovered on any interface. 167 The LIS discovery procedure follows this process: 169 1. Acquire the access network domain name (Section 3). 171 This process might be repeated for each of the network interfaces 172 on the device. Domain names acquired from other sources might 173 also be added. 175 2. Apply U-NAPTR resolution (Section 4) to discover a LIS URI. 177 The U-NAPTR process is applied using each of the domain names as 178 input. 180 3. Verify that the LIS is able to provide location information. 182 The first URI that results in a successful response from the LIS 183 is used. 185 A device MUST support discovery using the access network domain name 186 DHCP option (Section 3) as input to U-NAPTR resolution (Section 4). 187 If this option is not available, DHCPv4 option 15 [RFC2132] is used. 188 Other domain names MAY be used, as described in Section 3.4. 190 A device that discovers a LIS URI MUST attempt to verify that the LIS 191 is able to provide location information. For the HELD protocol, the 192 device verifies the URI by making a location request to the LIS. Any 193 HTTP 200 response containing a HELD response signifies success. This 194 includes HELD error responses, with the exception of the 195 "notLocatable" error. 197 If - at any time - the LIS responds to a request with the 198 "notLocatable" error code (see Section 4.3.2 of 199 [I-D.ietf-geopriv-http-location-delivery]), the device MUST continue 200 or restart the discovery process. A device SHOULD NOT make further 201 requests to a LIS that provides a "notLocatable" error until its 202 network attachment changes, or it discovers the LIS on an alternative 203 network interface. 205 Static configuration of a domain name or a LIS URI MAY be used. Note 206 that if a device has moved from its customary location, static 207 configuration might indicate a LIS that is unable to provide accurate 208 location information. 210 The product of the LIS discovery process for HELD is an "https:" or 211 "http:" URI. Nothing distinguishes this URI from other URIs with the 212 same scheme, aside from the fact that it is the product of this 213 process. Only URIs produced by the discovery process can be used for 214 location configuration using HELD. 216 The overall discovery process is summarized in Figure 1. 218 ----------- 219 ( Start ) 220 -----+----- 221 |<--------------------------------------+ 222 | | 223 V | 224 ------^------- ------^------ | 225 / \ / 1. \ | 226 < Next interface >------->< Get domain >-----+ 227 \ / Y ^ \ / N 228 ------v------- | ------v------ 229 | N | | Y 230 | | V 231 | | ------^------ 232 | | / 2. \ 233 | +----< Get URI ><----+ 234 | N \ / | 235 | ------v------ | 236 | | Y | 237 | V | 238 | ------^------ | 239 | / 3. \ | 240 | < Check URI >-----+ 241 | \ / N 242 | ------v------ 243 | | Y 244 V V 245 ----------- ----------- 246 ( Failure ) ( Success ) 247 ----------- ----------- 249 Figure 1: LIS Discovery Flowchart 251 2.1. Residential Gateways 253 The options available in residential gateways will affect the success 254 of this algorithm in residential network scenarios. A fixed wireline 255 scenario is described in more detail in [I-D.ietf-geopriv-l7-lcp-ps], 256 Section 3.1. In this fixed wireline environment an intervening 257 residential gateway exists between the device and the access network. 258 If the residential gateway does not provide the appropriate 259 information to the devices it serves, those devices are unable to 260 discover a LIS. 262 Support of this specification by residential gateways ensures that 263 the devices they serve are able to acquire location information. In 264 many cases the residential gateway configures the devices it serves 265 using DHCP. A residential gateway is able to use DHCP to assist 266 devices in gaining access to their location information. This can be 267 accomplished by providing an access network domain name DHCP option 268 suitable for LIS discovery, or by acting as a LIS directly. To 269 actively assist devices, a residential gateway can either: 271 o acquire an access network domain name from the access network 272 provider (possibly using DHCP) and pass the resulting value to 273 devices; or 275 o discover a LIS on its external interface, then provide devices 276 with the domain name that was used to successfully discover the 277 LIS; or 279 o explicitly include configuration that refers to a particular LIS; 280 or 282 o act as a LIS and directly provide location information to the 283 devices it serves, including providing a means to discover this 284 service. 286 As with devices, configuration of a specific domain name or location 287 information is only accurate as long as the residential gateway does 288 not move. If a residential gateway that relies on configuration 289 rather than automatic discovery is moved, the devices it serves could 290 be provided with inaccurate information. Devices could be led to 291 discover a LIS that is unable to provide accurate location 292 information, or - if location is configured on the residential 293 gateway - the residential gateway could provide incorrect location 294 information. 296 [I-D.ietf-dhc-container-opt] might be used by an access network 297 provider to convey configuration information to a residential gateway 298 for use by the devices it serves. Support and use of this option is 299 RECOMMENDED for both residential gateways and devices. Option values 300 found within the container MUST be used after values that are 301 directly in the DHCP response. 303 2.2. Virtual Private Networks (VPNs) 305 A device MUST NOT attempt LIS discovery over a VPN network interface 306 until it has attempted and failed to perform discovery on all other 307 non-VPN interfaces. A device MAY perform discovery over a VPN 308 network interface if it has first attempted discovery on non-VPN 309 interfaces, but a LIS discovered in this way is unlikely to have the 310 information necessary to determine an accurate location. 312 Not all interfaces connected to a VPN can be detected by devices or 313 the software running on them. In these cases, it might be that a LIS 314 on the remote side of a VPN is inadvertently discovered. A LIS 315 provides a "notLocatable" error code in response to a request that is 316 unable to fulfill (see [I-D.ietf-geopriv-http-location-delivery], 317 Section 6.3). This ensures that even if a device discovers a LIS 318 over the VPN, it does not rely on a LIS that is unable to provide 319 accurate location information. 321 3. Determining a Domain Name 323 DHCP provides a direct means for the access network provider to 324 configure a device. The access network domain name option identifies 325 a domain name that is suitable for service discovery within the 326 access network. This domain name is used as input to the U-NAPTR 327 resolution process for LIS discovery. 329 The domain name provided in this option is one owned by the access 330 network operator. This domain name is intended for use in 331 discovering services within the access network. 333 This document registers a DHCP option for the access network domain 334 name for both IPv4 and IPv6. 336 3.1. Domain Name Encoding 338 This section describes the encoding of the domain name used in the 339 DHCPv4 option defined in Section 3.2 and also used in the DHCPv6 340 option defined in Section 3.3. 342 The domain name is encoded according to Section 3.1 of [RFC1035]. 343 Each label is represented as a one-octet length field followed by 344 that number of octets. Since every domain name ends with the null 345 label of the root, a domain name is terminated by a length byte of 346 zero. The high-order two bits of every length octet MUST be zero, 347 and the remaining six bits of the length field limit the label to 63 348 octets or less. To simplify implementations, the total length of a 349 domain name (i.e., label octets and label length octets) is 350 restricted to 255 octets or less. 352 For example, the domain "example.com." is encoded in 13 octets as: 354 +---+---+---+---+---+---+---+---+---+---+---+---+---+ 355 | 7 | e | x | a | m | p | l | e | 3 | c | o | m | 0 | 356 +---+---+---+---+---+---+---+---+---+---+---+---+---+ 358 Note that the length field in either option represents the length of 359 the entire domain name encoding, whereas the length fields in the 360 domain name encoding is the length of a single domain name label. 362 3.2. Access Network Domain Name DHCPv4 Option 364 This section defines a DHCP for IPv4 (DHCPv4) option for the domain 365 name associated with the access network. 367 0 1 2 3 368 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 369 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 370 | Code | Length | Access Network Domain Name . 371 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 372 . Access Network Domain Name (cont.) . 373 . ... . 374 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 376 Figure 2: Access Network Domain Name DHCPv4 Option 378 option-code: OPTION_V4_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: 379 Please replace TBD with the assigned DHCPv4 option code, both here 380 and in Figure 2.]] 382 option-length: The length of the entire access network domain name 383 option in octets. 385 option-value: The domain name associated with the access network, 386 encoded as described in Section 3.1. 388 A DHCPv4 client MAY request a access network domain name option in a 389 Parameter Request List option, as described in [RFC2131]. 391 This option contains a single domain name and, as such, MUST contain 392 precisely one root label. 394 3.3. Access Network Domain Name DHCPv6 Option 396 This section defines a DHCP for IPv6 (DHCPv6) option for the domain 397 name associated with the access network. The DHCPv6 option for this 398 parameter is similarly formatted to the DHCPv4 option. 400 0 1 2 3 401 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 403 | OPTION_V6_ACCESS_DOMAIN | Length | 404 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 405 . Access Network Domain Name . 406 . ... . 407 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 409 Figure 3: DHCPv6 Access Network Domain Name Option 411 option-code: OPTION_V6_ACCESS_DOMAIN (TBD). [[IANA/RFC-Editor Note: 412 Please replace TBD with the assigned DHCPv6 option code.]] 414 option-length: The length of the entire access network domain name 415 option in octets. 417 option-value: The domain name associated with the access network, 418 encoded as described in Section 3.1. 420 A DHCPv6 client MAY request a access network domain name option in a 421 Options Request Option (ORO), as described in [RFC3315]. 423 This option contains a single domain name and, as such, MUST contain 424 precisely one root label. 426 3.4. Alternative Domain Names 428 The U-NAPTR resolution method described requires a domain name as 429 input. The access network domain name DHCP options (Section 3.2 and 430 Section 3.3) is one source of this domain name. 432 If a device knows one or more alternative domain names that might be 433 used for discovery, it MAY repeat the U-NAPTR process using those 434 domain names as input. For instance, static configuration of a 435 device might be used to provide a device with a domain name. 437 DHCPv4 option 15 [RFC2132] provides an indication of the domain name 438 that a host uses when resolving hostnames in DNS. This option is 439 used when the DHCPv4 access domain name is not available. 441 DHCPv4 option 15 might not be suitable for some network deployments. 442 For instance, a global enterprise could operate multiple sites, with 443 devices at all sites using the same value for option 15. In this 444 type of deployment, it might be desirable to discover a LIS local to 445 a site. The access domain name option can be given a different value 446 at each site to enable discovery of a LIS at that site. 448 Alternative domain names MUST NOT be used unless the access network 449 domain name option is unsuccessful or where external information 450 indicates that a particular domain name is to be used. 452 Other domain names might be provided by a DHCP server (for example, 453 [RFC4702] for DHCPv4, [RFC4704] for DHCPv6). However, these domain 454 names could be provided without considering their use for LIS 455 discovery; therefore, it is not likely that these options contain 456 useful values. 458 4. U-NAPTR Resolution of a LIS URI 460 U-NAPTR [RFC4848] resolution for a LIS takes a domain name as input 461 and produces a URI that identifies the LIS. This process also 462 requires an Application Service tag and an Application Protocol tag, 463 which differentiate LIS-related NAPTR records from other records for 464 that domain. 466 Section 6.2 defines an Application Service tag of "LIS", which is 467 used to identify the location service for a given domain. The 468 Application Protocol tag "HELD", defined in Section 6.3, is used to 469 identify a LIS that understands the HELD protocol 470 [I-D.ietf-geopriv-http-location-delivery]. 472 The NAPTR records in the following example demonstrate the use of the 473 Application Service and Protocol tags. Iterative NAPTR resolution is 474 used to delegate responsibility for the LIS service from 475 "zonea.example.net." and "zoneb.example.net." to 476 "outsource.example.com.". 478 zonea.example.net. 479 ;; order pref flags 480 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 481 "" ; regex 482 outsource.example.com. ; replacement 483 ) 484 zoneb.example.net. 485 ;; order pref flags 486 IN NAPTR 100 10 "" "LIS:HELD" ( ; service 487 "" ; regex 488 outsource.example.com. ; replacement 489 ) 490 outsource.example.com. 491 ;; order pref flags 492 IN NAPTR 100 10 "u" "LIS:HELD" ( ; service 493 "!.*!https://lis.example.org:4802/?c=ex!" ; regex 494 . ; replacement 495 ) 497 Figure 4: Sample LIS:HELD Service NAPTR Records 499 Details for the "LIS" Application Service tag and the "HELD" 500 Application Protocol tag are included in Section 6. 502 U-NAPTR resolution might produce multiple results from each iteration 503 of the algorithm. Order and preference values in the NAPTR record 504 determine which value is chosen. A device MAY attempt to use 505 alternative choices if the first choice is not successful. However, 506 if a request to the resulting URI produces a HELD "notLocatable" 507 response, or equivalent, the device SHOULD NOT attempt to use any 508 alternative choices from the same domain name. 510 An "https:" LIS URI that is a product of U-NAPTR MUST be 511 authenticated using the domain name method described in Section 3.1 512 of RFC 2818 [RFC2818]. The domain name that is used in this 513 authentication is the one extracted from the URI, not the input to 514 the U-NAPTR resolution process. 516 5. Security Considerations 518 The address of a LIS is usually well-known within an access network; 519 therefore, interception of messages does not introduce any specific 520 concerns. 522 The primary attack against the methods described in this document is 523 one that would lead to impersonation of a LIS. The LIS is 524 responsible for providing location information and this information 525 is critical to a number of network services; furthermore, a device 526 does not necessarily have a prior relationship with a LIS. Several 527 methods are described here that can limit the probability of, or 528 provide some protection against, such an attack. These methods MUST 529 be applied unless similar protections are in place, or in cases - 530 such as an emergency - where location information of dubious origin 531 is arguably better than none at all. 533 An attacker could attempt to compromise LIS discovery at any of three 534 stages: 536 1. providing a falsified domain name to be used as input to U-NAPTR 538 2. altering the DNS records used in U-NAPTR resolution 540 3. impersonation of the LIS 542 U-NAPTR is entirely dependent on its inputs. In falsifying a domain 543 name, an attacker avoids any later protections, bypassing them 544 entirely. To ensure that the access network domain name DHCP option 545 can be relied upon, preventing DHCP messages from being modified or 546 spoofed by attackers is necessary. Physical or link layer security 547 are commonplace methods that can reduce the possibility of such an 548 attack within an access network; alternatively, DHCP authentication 549 [RFC3118] can provide a degree of protection against modification or 550 spoofing. 552 The domain name that is used to authenticated the LIS is the domain 553 name in the URI that is the result of the U-NAPTR resolution. 554 Therefore, if an attacker were able to modify or spoof any of the DNS 555 records used in the DDDS resolution, this URI could be replaced by an 556 invalid URI. The application of DNS security (DNSSEC) [RFC4033] 557 provides a means to limit attacks that rely on modification of the 558 DNS records used in U-NAPTR resolution. Security considerations 559 specific to U-NAPTR are described in more detail in [RFC4848]. 561 An "https:" URI is authenticated using the method described in 562 Section 3.1 of [RFC2818]. The domain name used for this 563 authentication is the domain name in the URI resulting from U-NAPTR 564 resolution, not the input domain name as in [RFC3958]. Using the 565 domain name in the URI is more compatible with existing HTTP client 566 software, which authenticate servers based on the domain name in the 567 URI. 569 A LIS that is identified by an "http:" URI cannot be authenticated. 570 Use of unsecured HTTP also does not meet requirements in HELD for 571 confidentiality and integrity. If an "http:" URI is the product of 572 LIS discovery, this leaves devices vulnerable to several attacks. 573 Lower layer protections, such as layer 2 traffic separation might be 574 used to provide some guarantees. 576 6. IANA Considerations 578 6.1. Registration of DHCPv4 and DHCPv6 Option Codes 580 The IANA has assigned an option code of (TBD) for the DHCPv4 option 581 for an access network domain name option, as described in Section 3.2 582 of this document. 584 The IANA has assigned an option code of (TBD) for the DHCPv6 option 585 for an access network domain name option, as described in Section 3.3 586 of this document. 588 6.2. Registration of a Location Server Application Service Tag 590 This section registers a new S-NAPTR/U-NAPTR Application Service tag 591 for a LIS, as mandated by [RFC3958]. 593 Application Service Tag: LIS 595 Intended usage: Identifies a service that provides a device with its 596 location information. 598 Defining publication: RFCXXXX 600 Related publications: HELD [I-D.ietf-geopriv-http-location-delivery] 602 Contact information: The authors of this document 604 Author/Change controller: The IESG 606 6.3. Registration of a Location Server Application Protocol Tag for 607 HELD 609 This section registers a new S-NAPTR/U-NAPTR Application Protocol tag 610 for the HELD [I-D.ietf-geopriv-http-location-delivery] protocol, as 611 mandated by [RFC3958]. 613 Application Protocol Tag: HELD 615 Intended Usage: Identifies the HELD protocol. 617 Applicable Service Tag(s): LIS 619 Terminal NAPTR Record Type(s): U 621 Defining Publication: RFCXXXX 623 Related Publications: HELD [I-D.ietf-geopriv-http-location-delivery] 625 Contact Information: The authors of this document 627 Author/Change Controller: The IESG 629 7. Acknowledgements 631 This document uses a mechanism that is largely identical to that in 632 [RFC5222] and [RFC5223]. The authors would like to thank Leslie 633 Daigle for her work on U-NAPTR; Peter Koch for feedback on how not to 634 use DNS for discovery; Andy Newton for constructive suggestions with 635 regards to document direction; Richard Barnes, Joe Salowey, Barbara 636 Stark, and Hannes Tschofenig for input and reviews; Dean Willis for 637 constructive feedback. 639 8. References 641 8.1. Normative References 643 [RFC1035] Mockapetris, P., "Domain 644 names - implementation and 645 specification", STD 13, 646 RFC 1035, November 1987. 648 [RFC2131] Droms, R., "Dynamic Host 649 Configuration Protocol", 650 RFC 2131, March 1997. 652 [RFC2132] Alexander, S. and R. 653 Droms, "DHCP Options and 654 BOOTP Vendor Extensions", 655 RFC 2132, March 1997. 657 [RFC2616] Fielding, R., Gettys, J., 658 Mogul, J., Frystyk, H., 659 Masinter, L., Leach, P., 660 and T. Berners-Lee, 661 "Hypertext Transfer 662 Protocol -- HTTP/1.1", 663 RFC 2616, June 1999. 665 [RFC2818] Rescorla, E., "HTTP Over 666 TLS", RFC 2818, May 2000. 668 [RFC3315] Droms, R., Bound, J., 669 Volz, B., Lemon, T., 670 Perkins, C., and M. 671 Carney, "Dynamic Host 672 Configuration Protocol for 673 IPv6 (DHCPv6)", RFC 3315, 674 July 2003. 676 [RFC4033] Arends, R., Austein, R., 677 Larson, M., Massey, D., 678 and S. Rose, "DNS Security 679 Introduction and 680 Requirements", RFC 4033, 681 March 2005. 683 [RFC4702] Stapp, M., Volz, B., and 684 Y. Rekhter, "The Dynamic 685 Host Configuration 686 Protocol (DHCP) Client 687 Fully Qualified Domain 688 Name (FQDN) Option", 689 RFC 4702, October 2006. 691 [RFC4704] Volz, B., "The Dynamic 692 Host Configuration 693 Protocol for IPv6 (DHCPv6) 694 Client Fully Qualified 695 Domain Name (FQDN) 696 Option", RFC 4704, 697 October 2006. 699 [RFC4848] Daigle, L., "Domain-Based 700 Application Service 701 Location Using URIs and 702 the Dynamic Delegation 703 Discovery Service (DDDS)", 704 RFC 4848, April 2007. 706 [I-D.ietf-geopriv-http-location-delivery] Barnes, M., Winterbottom, 707 J., Thomson, M., and B. 708 Stark, "HTTP Enabled 709 Location Delivery (HELD)", 710 draft-ietf-geopriv-http- 711 location-delivery-16 (work 712 in progress), August 2009. 714 [I-D.ietf-dhc-container-opt] Droms, R., "Container 715 Option for Server 716 Configuration", draft- 717 ietf-dhc-container-opt-05 718 (work in progress), 719 March 2009. 721 [RFC2119] Bradner, S., "Key words 722 for use in RFCs to 723 Indicate Requirement 724 Levels", BCP 14, RFC 2119, 725 March 1997. 727 8.2. Informative References 729 [RFC3118] Droms, R. and W. Arbaugh, 730 "Authentication for DHCP 731 Messages", RFC 3118, 732 June 2001. 734 [RFC3693] Cuellar, J., Morris, J., 735 Mulligan, D., Peterson, 736 J., and J. Polk, "Geopriv 737 Requirements", RFC 3693, 738 February 2004. 740 [RFC3958] Daigle, L. and A. Newton, 741 "Domain-Based Application 742 Service Location Using SRV 743 RRs and the Dynamic 744 Delegation Discovery 745 Service (DDDS)", RFC 3958, 746 January 2005. 748 [RFC5222] Hardie, T., Newton, A., 749 Schulzrinne, H., and H. 750 Tschofenig, "LoST: A 751 Location-to-Service 752 Translation Protocol", 753 RFC 5222, August 2008. 755 [RFC5223] Schulzrinne, H., Polk, J., 756 and H. Tschofenig, 757 "Discovering Location-to- 758 Service Translation (LoST) 759 Servers Using the Dynamic 760 Host Configuration 761 Protocol (DHCP)", 762 RFC 5223, August 2008. 764 [I-D.ietf-geopriv-l7-lcp-ps] Tschofenig, H. and H. 765 Schulzrinne, "GEOPRIV 766 Layer 7 Location 767 Configuration Protocol; 768 Problem Statement and 769 Requirements", draft-ietf- 770 geopriv-l7-lcp-ps-10 (work 771 in progress), July 2009. 773 [I-D.ietf-geopriv-lbyr-requirements] Marshall, R., 774 "Requirements for a 775 Location-by-Reference 776 Mechanism", draft-ietf- 777 geopriv-lbyr-requirements- 778 09 (work in progress), 779 November 2009. 781 Authors' Addresses 783 Martin Thomson 784 Andrew Corporation 785 Andrew Building (39) 786 Wollongong University Campus 787 Northfields Avenue 788 Wollongong, NSW 2522 789 AU 791 EMail: martin.thomson@andrew.com 793 James Winterbottom 794 Andrew Corporation 795 Andrew Building (39) 796 Wollongong University Campus 797 Northfields Avenue 798 Wollongong, NSW 2522 799 AU 801 EMail: james.winterbottom@andrew.com