appsawg L. Goix
Internet-Draft Telecom Italia
Intended status: Standards Track K. Li
Expires: September 3, 2012 Huawei Technologies
March 2, 2012
ENUM Service Registration for Social Networking (SN) Services
draft-goix-appsawg-enum-sn-service-00
Abstract
This document registers a Telephone Number Mapping (ENUM) service for
Social Networking (SN). Specifically, this document focuses on
provisioning 'acct:' URIs (Uniform Resource Identifiers) in ENUM.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 3, 2012.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Goix & Li Expires September 3, 2012 [Page 1]
Internet-Draft Enum Service SN registration March 2012
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Justification . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IANA Registration . . . . . . . . . . . . . . . . . . . . . . 3
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. DNS Considerations . . . . . . . . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
8.1. Normative References . . . . . . . . . . . . . . . . . . . . 6
8.2. Informative References . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 7
Goix & Li Expires September 3, 2012 [Page 2]
Internet-Draft Enum Service SN registration March 2012
1. Introduction
ENUM (E.164 Number Mapping, [RFC6116]) is a system that uses DNS
(Domain Name Service, [RFC1034]) to translate telephone numbers, such
as '+39026210000', into URIs (Uniform Resource Identifiers,
[RFC3986], such as 'acct:user@example.com'. ENUM exists primarily to
facilitate the interconnection of systems that rely on telephone
numbers with those that use URIs to identify resources.
Social Networking (SN) services allow users to post and retrieve
activities, typically representing status udpates, media uploads or
follow-up actions, such as comments or likes.
[I-D.jones-appsawg-webfinger] is proposing a generic URI to identify
an SN service account for a particular resource: the 'acct:' URI
scheme.
This document registers an enumservice for advertising SN information
associated with an E.164 number.
1.1. Justification
The requirement to map an SN account with an E.164 number is from the
Open Mobile Alliance (OMA) Mobile Social Networking Enabler Release
[OMA-MobSocNet-ER].
In Mobile networks, users are traditionally identified through a
Mobile Subscriber ISDN (MSISDN) number. In order to provide SN
functionality to mobile subscribers identified by their MSISDN, a
mapping is needed to identify the corresponding SN account and
provider.
1.2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
2. IANA Registration
As defined in [RFC6117], the following is a template covering
information needed for the registration of the enumservice specified
in this document:
Goix & Li Expires September 3, 2012 [Page 3]
Internet-Draft Enum Service SN registration March 2012
Application-Based, Common
sn
acct
This Enumservice indicates that the resource
can be addressed by the associated URI using SN
protocols, including
to discover additional information.
See .
COMMON
This document.
Laurent-Walter Goix
Telecom Italia
mailto:laurentwalter.goix@telecomitalia.it
2012-01-20
Question: should the subtype/URI schemes include explicitely "acct",
"http"? (in case the http URI scheme is allowed as well)
3. Examples
The following is an example of the use of the enumservice registered
by this document in a NAPTR resource record.
$ORIGIN 7.6.5.4.3.2.1.5.3.3.9.3.e164.arpa.
IN NAPTR 10 100 "u" "E2U+acct" "!^.*$!acct:john.doe@example.com!" .
Goix & Li Expires September 3, 2012 [Page 4]
Internet-Draft Enum Service SN registration March 2012
4. DNS Considerations
As per [RFC6116] section 2 the specific domain apex (domain name)
depends on the administrative control of the ENUM implementation. As
such, private domains (e.g. e164.example.com) are allowed by this
specification.
If no "E2U+acct" NAPTR record exist for the requested number, the
resolution process may be recursively performed in case of "E2U+
pstn:tel" to support, amongst others, number portability as per
[RFC4769], Section 4.
5. Security Considerations
DNS, as used by ENUM, is a global, distributed database. Should
implementers of this specification use e164.arpa or any other
publicly available domain as the tree for maintaining PSTN
Enumservice data, this information would be visible to anyone
anonymously.
As noted earlier, carriers, service providers, and other users may
simply choose not to publish such information in the public e164.arpa
tree. They may instead simply publish this in their internal ENUM
routing database that is only able to be queried by trusted elements
of their network. They may also choose to publish such information
in a carrier-only branch of the e164.arpa tree, should one be
created.
Per se, this enumservice does not introduce specific security
considerations beyond [RFC6116], section 7. However, it has to be
acknowledged that the proposed Enumservice could lead to the
discovery or disclosure of Personally Identifiable Information (PII)
if used in combination with the WebFinger protocol. Please see
[I-D.jones-appsawg-webfinger] , section 7 for additional information
regarding WebFinger security to avoid unwanted disclosure of
information.
Similar security concerns are associated with potential attacks
against an underlying Social Networking system. Unlike a traditional
telephone number, and as per the indirect nature of SN communication
(typically through an activity wall), the resource identified by an
'acct:' URI may not be subject to direct communication with other
peers. However (e.g. in case of private message exchange) it may
require that peers provide cryptographic credentials for
authentication and authorization before messages are exchanged. For
this reason, SN protocols should have a number of security
requirements that call for authentication, integrity and
Goix & Li Expires September 3, 2012 [Page 5]
Internet-Draft Enum Service SN registration March 2012
confidentiality properties, and similar measures to prevent such
attacks. [As such, any Social Networking protocol used in
conjunction with the 'acct:' URI scheme is required to meet these
requirements. Question: is it the right place to say this?]
6. IANA Considerations
This document requests the IANA registration of the Enumservice with
Type "sn" according to the definitions in this document, [RFC6116]
and [RFC6117].
Details of the registration are given in Section 2.
7. Acknowledgements
8. References
8.1. Normative References
[I-D.jones-appsawg-webfinger]
Jones, P., Salgueiro, G., and J. Smarr, "Webfinger",
draft-jones-appsawg-webfinger-00 (work in progress),
October 2011.
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005.
[RFC4769] Livingood, J. and R. Shockey, "IANA Registration for an
Enumservice Containing Public Switched Telephone Network
(PSTN) Signaling Information", RFC 4769, November 2006.
[RFC6116] Bradner, S., Conroy, L., and K. Fujiwara, "The E.164 to
Uniform Resource Identifiers (URI) Dynamic Delegation
Discovery System (DDDS) Application (ENUM)", RFC 6116,
March 2011.
[RFC6117] Hoeneisen, B., Mayrhofer, A., and J. Livingood, "IANA
Registration of Enumservices: Guide, Template, and IANA
Goix & Li Expires September 3, 2012 [Page 6]
Internet-Draft Enum Service SN registration March 2012
Considerations", RFC 6117, March 2011.
8.2. Informative References
[OMA-MobSocNet-ER]
Open Mobile Alliance, "Mobile Social Networking Enabler",
OMA-ER-MobSocNet-V1_0 20120228-D, February 2012.
Authors' Addresses
Laurent-Walter Goix
Telecom Italia
P.za Einaudi, 8
Milano 20124
Italy
Email: laurentwalter.goix@telecomitalia.it
Kepeng Li
Huawei Technologies
Huawei Base, Bantian, Longgang District
Shenzhen, Guangdong 518129
P. R. China
Phone: +86-755-28974289
Email: likepeng@huawei.com
Goix & Li Expires September 3, 2012 [Page 7]