| DRINKS | K.C. Cartwright |
| Internet-Draft | V.B. Bhatia |
| Intended status: Standards Track | TNS |
| Expires: January 15, 2013 | S.A. Ali |
| NeuStar | |
| D.S. Schwartz | |
| XConnect | |
| July 16, 2012 |
Session Peering Provisioning Framework (SPPF)
draft-ietf-drinks-spp-framework-02
This document specifies the data model and the overall structure for a framework to provision session establishment data into Session Data Registries and SIP Service Provider data stores. The framework is called the Session Peering Provisioning Framework (SPPF). The provisioned data is typically used by network elements for session peering.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http:/⁠/⁠datatracker.ietf.org/⁠drafts/⁠current/⁠.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 15, 2013.
Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http:/⁠/⁠trustee.ietf.org/⁠license-⁠info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Service providers and enterprises use registries to make session routing decisions for Voice over IP, SMS and MMS traffic exchanges. This document is narrowly focused on the provisioning framework for these registries. This framework prescribes a way for an entity to provision session-related data into a registry. The data being provisioned can be optionally shared with other participating peering entities. The requirements and use cases driving this framework have been documented in [RFC6461]. The reader is expected to be familiar with the terminology defined in the previously mentioned document.
Three types of provisioning flows have been described in the use case document: client to registry provisioning, registry to local data repository and registry to registry. This document addresses client to registry aspect to fulfill the need to provision Session Establishment Data (SED). The framework that supports flow of messages to facilitate client to registry provisioning is referred to as Session Peering Provisioning Framework (SPPF).
Please note that the role of the "client" and the "server" only applies to the connection, and those roles are not related in any way to the type of entity that participates in a protocol exchange. For example, a registry might also include a "client" when such a registry initiates a connection (for example, for data distribution to SSP).
*--------* *------------* *------------*
| | (1). Client | | (3).Registry | |
| Client | ------------> | Registry |<------------->| Registry |
| | to Registry | | to Registry | |
*--------* *------------* *------------*
/ \ \
/ \ \
/ \ \
/ \ v
/ \ ...
/ \
/ (2). Distrib \
/ Registry data \
/ to local data \
V store V
+----------+ +----------+
|Local Data| |Local Data|
|Repository| |Repository|
+----------+ +----------+
Three Registry Provisioning Flows
Figure 1
The data provisioned for session establishment is typically used by various downstream SIP signaling systems to route a call to the next hop associated with the called domain. These systems typically use a local data store ("Local Data Repository") as their source of session routing information. More specifically, the SED data is the set of parameters that the outgoing signaling path border elements (SBEs) need to initiate the session. See [RFC5486] for more details.
A "terminating" SIP Service Provider (SSP) provisions SED into the registry to be selectively shared with other peer SSPs. Subsequently, a registry may distribute the provisioned data into local data repositories used for look-up queries (identifier -> URI) or for lookup and location resolution (identifier -> URI -> ingress SBE of terminating SSP). In some cases, the registry may additionally offer a central query resolution service (not shown in the above figure).
A key requirement for the SPPF is to be able to accommodate two basic deployment scenarios:
In terms of framework design, SPPF is agnostic to the transport protocol. This document includes the specification of the data model and identifies, but does not specify, the means to enable protocol operations within a request and response structure. That aspect of the specification has been delegated to the "protocol" specification for the framework. To encourage interoperability, the framework supports extensibility aspects.
Transport requirements are provided in this document to help with the selection of the optimum transport mechanism. The SPP Protocol over SOAP document identifies a protocol for SPPF that uses SOAP/HTTP as the transport mechanism.
This document is organized as follows:
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
This document reuses terms from [RFC3261], [RFC5486], use cases and requirements documented in [RFC6461] and the ENUM Validation Architecture [RFC4725].
In addition, this document specifies the following additional terms:
This section introduces the structure of the data model and provides the information framework for the SPPF. The data model is defined along with all the objects manipulated by the protocol and their relationships.
The data model illustrated and described in Figure 2 defines the logical objects and the relationships between these objects that the SPPF protocol supports. SPPF defines the protocol operations through which an SPPF client populates a registry with these logical objects. Various clients belonging to different registrars may use the protocol for populating the registry's data.
The logical structure presented below is consistent with the terminology and requirements defined in [RFC6461].
+-------------+ +-----------------+
| all object | |Egress Route: |
| types | 0..n | rant, |
+-------------+ +--| egrRteName, |
|0..n / | pref, |
| / | regxRewriteRule,|
|2 / | ingrSedGrp, |
+----------------------+ / | svcs |
|Organization: | / +-----------------+
| orgId | /
+----------------------+ /
|0..n /
| /
|A SED Group is /
|associated with /
|zero or more / +---[abstract]----+
|Peering / | SED Record: |
|Organizations / | rant, |
| / | sedName, |0..n
|0..n / | sedFunction, |------|
+--------+--------------+0..n 0..n| isInSvc, | |
|SED Group: |------------------| ttl | |
| rant, | +-----------------+ |
| sedGrpName, | ^ |
| isInSvc, | |Various types |
| sedRecRef, | |of SED |
| peeringOrg, | |Records |
| sourceIdent, | +-----+------------+ |
| priority, | | | | |
| dgName | +----+ +-------+ +----+ |
+-----------------------+ | URI| | NAPTR | | NS | |
|0..n +----+ +-------+ +----+ |
| |
| +-----[abstract]------+ |
| |Public Identifier: | |
|0..n | rant, | |
+----------------------+0..n 0..n| publicIdentifier, | |
| Dest Group: |--------------| destGrpRef, | |
| rant, | | sedRecRef | |
| dgName | +---------------------+ |
+----------------------+ ^Various types |
|of Public |
|Identifiers |
+---------+-------+------+----------+ |
| | | | | |
+------+ +-----+ +-----+ +-----+ +------+ |
| URI | | TNP | | TNR | | RN | |TN |----------|
+------+ +-----+ +-----+ +-----+ +------+ 0..n
Figure 2
The objects and attributes that comprise the data model can be described as follows (objects listed from the bottom up):
Some request and response messages in SPPF framework include time value(s) defined as type xs:dateTime, a built-in W3C XML Schema Datatype. Use of unqualified local time value is discouraged as it can lead to interoperability issues. The value of time attribute MUST BE expressed in Coordinated Universal Time (UTC) format without the timezone digits.
"2010-05-30T09:30:10Z" is an example of an acceptable time value for use in SPPF messages. "2010-05-30T06:30:10+3:00" is a valid UTC time, but it is not approved for use in SPPF messages.
This section provides requirements for transport protocols suitable for SPPF framework. More specifically, this section specifies the services, features, and assumptions that SPPF framework delegates to the chosen transport and envelope technologies.
The SPPF follows a model where a client establishes a connection to a server in order to further exchange SPPF messages over such point-to-point connection. A transport protocol for SPPF MUST therefore be connection oriented.
Provisioning operations in SPPF follow the request-response model, where a client sends a request message to initiate a transaction and the server responds with a response. Multiple subsequent request-response exchanges MAY be performed over a single persistent connection.
Therefore, a transport protocol for SPPF MUST follow the request-response model by allowing a response to be sent to the request initiator.
Some use cases involve provisioning a single request to a network element. Connections supporting such provisioning requests might be short-lived, and may be established only on demand. Other use cases involve either provisioning a large dataset, or a constant stream of small updates, either of which would likely require long-lived connections.
Therefore, a protocol suitable for SPPF SHOULD be able to support both short-lived as well as long-lived connections.
All SPPF objects are associated with a registrant identifier. SPPF Clients provisions SPPF objects on behalf of registrants. An authenticated SPP Client is a registrar. Therefore, the SPPF transport protocol MUST provide means for an SPPF server to authenticate an SPPF Client.
After successful authentication of the SPPF client as a registrar the registry performs authorization checks to determine if the registrar is authorized to act on behalf of the Registrant whose identifier is included in the SPPF request. Refer to the Security Considerations section for further guidance.
In some deployments, the SPPF objects that an SPPF registry manages can be private in nature. As a result it MAY NOT be appropriate to for transmission in plain text over a connection to the SPPF registry. Therefore, the transport protocol SHOULD provide means for end-to-end encryption between the SPPF client and server.
For some SPPF implementations, it may be acceptable for the data to be transmitted in plain text, but the failure to detect a change in data after it leaves the SPPF client and before it is received at the server, either by accident or with a malicious intent, will adversely affect the stability and integrity of the registry. Therefore, the transport protocol SHOULD provide means for data integrity protection.
Many use cases require near real-time responses from the server. Therefore, a DRINKS transport protocol MUST support near real-time response to requests submitted by the client.
Use of SPPF may involve simple updates that may consist of small number of bytes, such as, update of a single public identifier. Other provisioning operations may constitute large number of dataset as in adding millions records to a registry. As a result, a suitable transport protocol for SPPF SHOULD accommodate dataset of various sizes.
A transport protocol suitable for SPPF MUST allow responses to be correlated with requests.
Data transported in the SPPF is likely crucial for the operation of the communication network that is being provisioned. A SPPF client responsible for provisioning SED to the registry has a need to know if the submitted requests have been processed correctly.
Failed transactions can lead to situations where a subset of public identifiers or even SSPs might not be reachable, or the provisioning state of the network is inconsistent.
Therefore, a transport protocol for SPPF MUST provide a response for each request, so that a client can identify whether a request succeeded or failed.
At the time of this writing, a choice of transport protocol has been provided in SPP Protocol over SOAP document. To encourage interoperability, the SPPF server MUST provide support for this transport protocol. With time, it is possible that other transport layer choices may surface that agree with the requirements discussed above.
SPPF contains some common data structures for most of the supported object types. This section describes these common data structures.
This section introduces the basic object type that most first class objects derive from.
All first class objects extend the basic object type BasicObjType that contains the identifier of the registrant organization that owns this object, the identifier of the registrar organization that created this object, the date and time that the object was created by the server, and the date and time that the object was last modified.
<complexType name="BasicObjType" abstract="true">
<sequence>
<element name="rant" type="sppfb:OrgIdType"/>
<element name="rar" type="sppfb:OrgIdType"/>
<element name="cDate" type="dateTime" minOccurs="0"/>
<element name="mDate" type="dateTime" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
The identifiers used for registrants (rant), registrars (rar), and peering organizations (peeringOrg) are instances of OrgIdType. The OrgIdType is defined as a string and all OrgIdType instances SHOULD follow the textual convention: "namespace:value" (for example "iana-en:32473"). See the IANA Consideration section for more details.
The SPPF data model contains various object relationships. In some cases, these object relationships are established by embedding the unique identity of the related object inside the relating object. In addition, an object's unique identity is required to Delete or Get the details of an object. The following sub-sections normatively define the various object keys in SPPF and the attributes of those keys .
"Name" attributes that are used as components of object key types MUST be treated case insensitive.
Most objects in SPPF are uniquely identified by an object key that has the object's name, object's type and its registrant's organization ID as its attributes. The abstract type called ObjKeyType is where this unique identity is housed. Any concrete representation of the ObjKeyType MUST contain the following:
The structure of abstract ObjKeyType is as follows:
<complexType name="ObjKeyType" abstract="true">
<annotation>
<documentation>
---- Generic type that represents the
key for various objects in SPPF. ----
</documentation>
</annotation>
</complexType>
The SPPF data model contains certain objects that are uniquely identified by attributes, different from or in addition to, the attributes in the generic object key described in previous section. These kind of object keys are derived from the abstract ObjKeyType and defined in there own abstract key types. Because these object key types are abstract, these MUST be specified in a concrete form in any conforming SPPF "protocol" specification. These are used in Delete and Get operations, and may also be used in Accept and Reject operations.
<complexType name="SedGrpOfferKeyType"
abstract="true">
<complexContent>
<extension base="sppfb:ObjKeyType">
<annotation>
<documentation>
---- Generic type that represents
the key for a object offer. ----
</documentation>
</annotation>
</extension>
</complexContent>
</complexType>
<complexType name="PubIdKeyType" abstract="true">
<complexContent>
<extension base="sppfb:ObjKeyType">
<annotation>
<documentation>
---- Generic type that represents the key for a Pub Id. ----
</documentation>
</annotation>
</extension>
</complexContent>
</complexType>
Following are the derived object keys in SPPF data model:
The .PubIdKeyType is used in Delete and Get operations on a Public Identifier object.
A Public Identity object MUST use attributes of PubIdKeyType for its unique identification . Refer the "Framework Data Model Objects" section of this document for a description of Public Identity object.
This section contains the listing of response types that MUST be defined by the conforming "protocol" specification and implemented by a conforming SPPF server.
| Response Type | Description |
|---|---|
| Request Succeeded | Any conforming specification MUST define a response to indicate that a given request succeeded. |
| Request syntax invalid | Any conforming specification MUST define a response to indicate that a syntax of a given request was found invalid. |
| Request too large | Any conforming specification MUST define a response to indicate that the count of entities in the request is larger than the server is willing or able to process. |
| Version not supported | Any conforming specification MUST define a response to indicate that the server does not support the version of the SPPF protocol specified in the request. |
| Command invalid | Any conforming specification MUST define a response to indicate that the operation and/or command being requested by the client is invalid and/or not supported by the server. |
| System temporarily unavailable | Any conforming specification MUST define a response to indicate that the SPPF server is temporarily not available to serve client request. |
| Unexpected internal system or server error. | Any conforming specification MUST define a response to indicate that the SPPF server encountered an unexpected error that prevented the server from fulfilling the request. |
| Attribute value invalid | Any conforming specification MUST define a response to indicate that the SPPF server encountered an attribute or property in the request that had an invalid/bad value. Optionally, the specification MAY provide a way to indicate the Attribute Name and the Attribute Value to identify the object that was found to be invalid. |
| Object does not exist | Any conforming specification MUST define a response to indicate that an object present in the request does not exist on the SPPF server. Optionally, the specification MAY provide a way to indicate the Attribute Name and the Attribute Value that identifies the non-existent object. |
| Object status or ownership does not allow for operation. | Any conforming specification MUST define a response to indicate that the operation requested on an object present in the request cannot be performed because the object is in a status that does not allow the said operation or the user requesting the operation is not authorized to perform the said operation on the object. Optionally, the specification MAY provide a way to indicate the Attribute Name and the Attribute Value that identifies the object. |
When the response messages are "parameterized" with the Attribute Name and Attribute Value, then the use of these parameters MUST adhere to the following rules:
This section provides a description of the specification of each supported data model object (the nouns) and identifies the commands (the verbs) that MUST be supported for each data model object. However, the specification of the data structures necessary to support each command is delegated to the "protocol" specification.
As described in the introductory sections, a Destination Group represents a set of Public Identifiers with common session establishment information. The transport protocol MUST support the ability to Create, Modify, Get, and Delete Destination Groups (refer the "Framework Operations" section of this document for a generic description of various operations).
A Destination Group object MUST be uniquely identified by attributes as defined in the description of "ObjKeyType" in the section "Generic Object Key Type" of this document.
The DestGrpType object structure is defined as follows:
<complexType name="DestGrpType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="dgName" type="sppfb:ObjNameType"/>
</sequence>
</extension>
</complexContent>
</complexType>
The DestGrpType object is composed of the following elements:
A Public Identifier is the search key used for locating the session establishment data (SED). In many cases, a Public Identifier is attributed to the end user who has a retail relationship with the service provider or registrant organization. SPPF supports the notion of the carrier-of-record as defined in [RFC5067]. Therefore, the registrant under whom the Public Identity is being created can optionally claim to be a carrier-of-record.
SPPF identifies three types of Public Identifiers: telephone numbers (TN), routing numbers (RN), and URI type of Public Identifiers (like an email address). SPPF provides structures to manage a single TN, a contiguous range of TNs, and a TN prefix. The transport protocol MUST support the ability to Create, Modify, Get, and Delete Public Identifiers (refer the "Framework Operations" section of this document for a generic description of various operations).
A Public Identity object MUST be uniquely identified by attributes as defined in the description of "PubIdKeyType" in the section "Derived Object Key Types" of this document.
The abstract XML schema type definition PubIDType is a generalization for the concrete Public Identifier schema types. PubIDType element 'dgName' represents the name of the destination group that a given Public Identifier MAY be a member of. The PubIDType object structure is defined as follows:
<complexType name="PubIdType" abstract="true">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="dgName" type="sppfb:ObjNameType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
A Public Identifier may be provisioned as a member of a Destination Group or provisioned outside of a Destination Group. A Public Identifier that is provisioned as a member of a Destination Group is intended to be associated with its SED through the SED Group(s) that are associated with its containing Destination Group. A Public Identifier that is not provisioned as a member of a Destination Group is intended to be associated with its SED through the SED Records that are directly associated with the Public Identifier.
A telephone number is provisioned using the TNType, an extension of PubIDType. When a Public Identifier is provisioned as a member of a Destination Group, each TNType object is uniquely identified by the combination of its value contained within <tn> element, and the unique key of its parent Destination Group (dgName and rantId). In other words a given telephone number string may exist within one or more Destination Groups, but must not exist more than once within a Destination Group. A Public Identifier that is not provisioned as a member of a Destination Group is uniquely identified by the combination of its value, and its registrant ID. TNType is defined as follows:
<complexType name="TNType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="tn" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
<element name="sedRecRef" type="sppfb:SedRecRefType"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
<simpleType name="NumberValType">
<restriction base="token">
<maxLength value="20"/>
<pattern value="\+?\d\d*"/>
</restriction>
</simpleType>
TNType consists of the following attributes:
A routing number is provisioned using the RNType, an extension of PubIDType. SSPs that possess the number portability data may be able to leverage the RN search key to discover the ingress routes for session establishment. Therefore, the registrant organization can add the RN and associate it with the appropriate destination group to share the route information. Each RNType object is uniquely identified by the combination of its value inside the <rn> element, and the unique key of its parent Destination Group (dgName and rantId). In other words a given routing number string may exist within one or more Destination Groups, but must not exist more than once within a Destination Group. RNType is defined as follows:
<complexType name="RNType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="rn" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
RNType has the following attributes:
TNRType structure is used to provision a contiguous range of telephone numbers. The object definition requires a starting TN and an ending TN that together define the span of the TN range. Use of TNRType is particularly useful when expressing a TN range that does not include all the TNs within a TN block or prefix. The TNRType definition accommodates the open number plan as well such that the TNs that fall between the start and end TN range may include TNs with different length variance. Whether the registry can accommodate the open number plan semantics is a matter of policy and is beyond the scope of this document. Each TNRType object is uniquely identified by the combination of its value that in turn is a combination of the <startTn> and <endTn> elements, and the unique key of its parent Destination Group (dgName and rantId). In other words a given TN Range may exist within one or more Destination Groups, but must not exist more than once within a Destination Group. TNRType object structure definition is as follows:
<complexType name="TNRType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="range" type="sppfb:NumberRangeType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="NumberRangeType">
<sequence>
<element name="startTn" type="sppfb:NumberValType"/>
<element name="endTn" type="sppfb:NumberValType"/>
</sequence>
</complexType>
TNRType has the following attributes:
In some cases, it is useful to describe a set of TNs with the help of the first few digits of the telephone number, also referred to as the telephone number prefix or a block. A given TN prefix may include TNs with different length variance in support of open number plan. Once again, whether the registry supports the open number plan semantics is a matter of policy and it is beyond the scope of this document. The TNPType data structure is used to provision a TN prefix. Each TNPType object is uniquely identified by the combination of its value in the <tnPrefix> element, and the unique key of its parent Destination Group (dgName and rantId). TNPType is defined as follows:
<complexType name="TNPType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="tnPrefix" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
TNPType consists of the following attributes:
In some cases, a Public Identifier may be a URI, such as an email address. The URIPubIdType object is comprised of the data element necessary to house such Public Identifiers. Each URIPubIdType object is uniquely identified by the combination of its value in the <uri> element, and the unique key of its parent Destination Group (dgName and rantId). URIPubIdType is defined as follows:
<complexType name="URIPubIdType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="uri" type="anyURI"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
URIPubIdType consists of the following attributes:
As described in the introductory sections, a SED Group represents a combined grouping of Destination Groups containing a set of Public Identifiers with common Session Establishment Data(SED), The common Session Establishment Data Records, and the list of peer organizations that have access to these public identifiers using the associated SED information. It is this indirect linking of public identifiers to their Session Establishment Data that significantly improves the scalability and manageability of the peering data. Additions and changes to SED information are reduced to a single operation on a SED Group or SED Record , rather than millions of data updates to individual public identifier records that individually contain their peering data. The transport protocol MUST support the ability to Create, Modify, Get, and Delete SED Groups (refer the "Framework Operations" section of this document for a generic description of various operations).
A SED Group object MUST be uniquely identified by attributes as defined in the description of "ObjKeyType" in the section "Generic Object Key Type" of this document.
The SedGrpType object structure is defined as follows:
<complexType name="SedGrpType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedGrpName" type="sppfb:ObjNameType"/>
<element name="sedRecRef" type="sppfb:SedRecRefType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="dgName" type="sppfb:ObjNameType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="peeringOrg" type="sppfb:OrgIdType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="sourceIdent" type="sppfb:SourceIdentType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="isInSvc" type="boolean"/>
<element name="priority" type="unsignedShort"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="SedRecRefType">
<sequence>
<element name="sedKey" type="sppfb:ObjKeyType"/>
<element name="priority" type="unsignedShort"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
The SedGrpType object is composed of the following elements:
As described above, the SED Group contains a set of references to SED record objects. A SED record object is based on an abstract type: SedRecType. The concrete types that use SedRecType as an extension base are NAPTRType, NSType, and URIType. The definitions of these types are included the SED Record section of this document.
The SedGrpType object provides support for source-based routing via the peeringOrg data element and more granular source base routing via the source identity element. The source identity element provides the ability to specify zero or more of the following in association with a given SED Group: a regular expression that is matched against the resolution client IP address, a regular expression that is matched against the root domain name(s), and/or a regular expression that is matched against the calling party URI(s). The result will be that, after identifying the visible SED Groups whose associated Destination Group(s) contain the lookup key being queried and whose peeringOrg list contains the querying organizations organization ID, the resolution server will evaluate the characteristics of the Source URI, and Source IP address, and root domain of the lookup key being queried. The resolution server then compares these criteria against the source identity criteria associated with the SED Groups. The session establishment information contained in SED Groups that have source based routing criteria will only be included in the resolution response if one or more of the criteria matches the source criteria from the resolution request. The Source Identity data element is of type SourceIdentType, whose structure is defined as follows:
<complexType name="SourceIdentType">
<sequence>
<element name="sourceIdentRegex" type="sppfb:RegexType"/>
<element name="sourceIdentScheme"
type="sppfb:SourceIdentSchemeType"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
<simpleType name="SourceIdentSchemeType">
<restriction base="token">
<enumeration value="uri"/>
<enumeration value="ip"/>
<enumeration value="rootDomain"/>
</restriction>
</simpleType>
The SourceIdentType object is composed of the following data elements:
As described in the introductory sections, a SED Group represents a combined grouping of SED Records that define session establishment information. However, SED Records need not be created to just serve a single SED Group. SED Records can be created and managed to serve multiple SED Groups. As a result, a change for example to the properties of a network node used for multiple routes, would necessitate just a single update operation to change the properties of that node. The change would then be reflected in all the SED Groups whose SED record set contains a reference to that node. The transport protocol MUST support the ability to Create, Modify, Get, and Delete SED Records (refer the "Framework Operations" section of this document for a generic description of various operations).
A SED Record object MUST be uniquely identified by attributes as defined in the description of "ObjKeyType" in the section "Generic Object Key Type" of this document.
The SedRecType object structure is defined as follows:
<complexType name="SedRecType" abstract="true">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedName" type="sppfb:ObjNameType"/>
<element name="sedFunction" type="sppfb:SedFunctionType"
minOccurs="0"/>
<element name="isInSvc" type="boolean"/>
<element name="ttl" type="positiveInteger" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<simpleType name="SedFunctionType">
<restriction base="token">
<enumeration value="routing"/>
<enumeration value="lookup"/>
</restriction>
</simpleType>
The SedRecType object is composed of the following elements:
As described above, SED records are based on an abstract type: SedRecType. The concrete types that use SedRecType as an extension base are NAPTRType, NSType, and URIType. The definitions of these types are included below. The NAPTRType object is comprised of the data elements necessary for a NAPTR that contains routing information for a SED Group. The NSType object is comprised of the data elements necessary for a DNS name server that points to another DNS server that contains the desired routing information. The NSType is relevant only when the resolution protocol is ENUM. The URIType object is comprised of the data elements necessary to house a URI.
The data provisioned in a registry can be leveraged for many purposes and queried using various protocols including SIP, ENUM and others. As such, the resolution data represented by the SedRecords must be in a form suitable for transport using one of these protocols. In the NPATRType for example, if the URI is associated with a destination group, the user part of the replacement string <uri> that may require the Public Identifier cannot be preset. As a SIP Redirect, the resolution server will apply <ere> pattern on the input Public Identifier in the query and process the replacement string by substituting any back reference(s) in the <uri> to arrive at the final URI that is returned in the SIP Contact header. For an ENUM query, the resolution server will simply return the values of the <ere> and <uri> members of the URI.
<complexType name="NAPTRType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="order" type="unsignedShort"/>
<element name="flags" type="sppfb:FlagsType" minOccurs="0"/>
<element name="svcs" type="sppfb:SvcType"/>
<element name="regx" type="sppfb:RegexParamType" minOccurs="0"/>
<element name="repl" type="sppfb:ReplType" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="NSType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="hostName" type="token"/>
<element name="ipAddr" type="sppfb:IPAddrType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="IPAddrType">
<sequence>
<element name="addr" type="sppfb:AddrStringType"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
<attribute name="type" type="sppfb:IPType" default="v4"/>
</complexType>
<simpleType name="IPType">
<restriction base="token">
<enumeration value="IPv4"/>
<enumeration value="IPv6"/>
</restriction>
</simpleType>
<complexType name="URIType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="ere" type="token" default="^(.*)$"/>
<element name="uri" type="anyURI"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<simpleType name="flagsType">
<restriction base="token">
<length value="1"/>
<pattern value="[A-Z]|[a-z]|[0-9]"/>
</restriction>
</simpleType>
The NAPTRType object is composed of the following elements:
The NSType object is composed of the following elements:
The URIType object is composed of the following elements:
The list of peer organizations whose resolution responses can include the session establishment information contained in a given SED Group is controlled by the organization to which a SED Group object belongs (its registrant), and the peer organization that submits resolution requests (a data recipient, also know as a peering organization). The registrant offers access to a SED Group by submitting a SED Group Offer. The data recipient can then accept or reject that offer. Not until access to a SED Group has been offered and accepted will the data recipient's organization ID be included in the peeringOrg list in a SED Group object, and that SED Group's peering information become a candidate for inclusion in the responses to the resolution requests submitted by that data recipient. The transport protocol MUST support the ability to Create, Modify, Get, Delete, Accept and Reject SED Group Offers (refer the "Framework Operations" section of this document for a generic description of various operations).
A SED Group Offer object MUST be uniquely identified by attributes as defined in the description of "SedGrpOfferKeyType" in the section "Derived Object Key Types" of this document.
The SedGrpOfferType object structure is defined as follows:
<complexType name="SedGrpOfferType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedGrpOfferKey" type="sppfb:SedGrpOfferKeyType"/>
<element name="status" type="sppfb:SedGrpOfferStatusType"/>
<element name="offerDateTime" type="dateTime"/>
<element name="acceptDateTime" type="dateTime" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="SedGrpOfferKeyType" abstract="true">
<annotation>
<documentation>
-- Generic type that represents the key for a SED group offer. Must
be defined in concrete form in the transport specificaiton. --
</documentation>
</annotation>
</complexType>
<simpleType name="SedGrpOfferStatusType">
<restriction base="token">
<enumeration value="offered"/>
<enumeration value="accepted"/>
</restriction>
</simpleType>
The SedGrpOfferType object is composed of the following elements:
In a high-availability environment, the originating SSP likely has more than one egress paths to the ingress SBE of the target SSP. If the originating SSP wants to exercise greater control and choose a specific egress SBE to be associated to the target ingress SBE, it can do so using the EgrRteType object.
A Egress Route object MUST be uniquely identified by attributes as defined in the description of "ObjKeyType" in the section "Generic Object Key Type" of this document.
Lets assume that the target SSP has offered as part of his session establishment data, to share one or more ingress routes and that the originating SSP has accepted the offer. In order to add the egress route to the registry, the originating SSP uses a valid regular expression to rewrite ingress route in order to include the egress SBE information. Also, more than one egress route can be associated with a given ingress route in support of fault-tolerant configurations. The supporting SPPF structure provides a way to include route precedence information to help manage traffic to more than one outbound egress SBE.
The transport protocol MUST support the ability to Add, Modify, Get, and Delete Egress Routes (refer the "Framework Operations" section of this document for a generic description of various operations). The EgrRteType object structure is defined as follows:
<complexType name="EgrRteType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="egrRteName" type="sppfb:ObjNameType"/>
<element name="pref" type="unsignedShort"/>
<element name="regxRewriteRule" type="sppfb:RegexParamType"/>
<element name="ingrSedGrp" type="sppfb:ObjKeyType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="svcs" type="sppfb:SvcType" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
The EgrRteType object is composed of the following elements:
Any conforming "protocol" specification MUST provide a definition for the operation that adds one or more SPPF objects into the registry. If the object, as identified by the request attributes that form part of the object's key, does not exist, then the registry MUST create the object. If the object does exist, then the registry MUST replace the current properties of the object with the properties passed in as part of the Add operation.
If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
Any conforming "protocol" specification MUST provide a definition for the operation that deletes one or more SPPF objects from the registry using the object's key.
If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
When an object is deleted, any references to that object must of course also be removed as the SPPF server implementation fulfills the deletion request. Furthermore, the deletion of a composite object must also result in the deletion of the objects it contains. As a result, the following rules apply to the deletion of SPPF object types:
At times, on behalf of the registrant, the registrar may need to have access to SPPF objects that were previously provisioned in the registry. A few examples include logging, auditing, and pre-provisioning dependency checking. This query mechanism is limited to aid provisioning scenarios and should not be confused with query protocols provided as part of the resolution system (e.g. ENUM and SIP). Any conforming "protocol" specification MUST provide a definition for the operation that queries the details of one or more SPPF objects from the registry using the object's key. If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
In SPPF, a SED Group Offer can be accepted or rejected by, or on behalf of, the registrant to whom the SED Group has been offered (refer "Framework Data Model Objects" section of this document for a description of the SED Group Offer object). The Accept operation is used to accept the SED Group Offers. Any conforming "protocol" specification MUST provide a definition for the operation to accept SED Group Offers by, or on behalf of the Registrant, using the SED Group Offer object key.
Not until access to a SED Group has been offered and accepted will the registrant's organization ID be included in the peeringOrg list in that SED Group object, and that SED Group's peering information become a candidate for inclusion in the responses to the resolution requests submitted by that registrant. A SED Group Offer that is in the "offered" status is accepted by, or on behalf of, the registrant to which it has been offered. When the SED Group Offer is accepted the the SED Group Offer is moved to the "accepted" status and adds that data recipient's organization ID into the list of peerOrgIds for that SED Group.
If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
In SPPF, a SED Group Offer object can be accepted or rejected by, or on behalf of, the registrant to whom the SED Group has been offered (refer "Framework Data Model Objects" section of this document for a description of the SED Group Offer object). Furthermore, that offer may be rejected, regardless of whether or not it has been previously accepted. The Reject operation is used to reject the SED Group Offers. When the SED Group Offer is rejected that SED Group Offer is deleted, and, if appropriate, the data recipient's organization ID is removed from the list of peeringOrg IDs for that SED Group. Any conforming "protocol" specification MUST provide a definition for the operation to reject SED Group Offers by, or on behalf of the Registrant, using the SED Group Offer object key.
If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
In SPPF, Get Server Details operation can be used to request certain details about the SPPF server that include the SPPF server's current status, the major/minor version of the SPPF protocol supported by the SPPF server.
Any conforming "protocol" specification MUST provide a definition for the operation to request such details from the SPPF server. If the entity that issued the command is not authorized to perform this operation an appropriate error message MUST be returned from amongst the response messages defined in "Response Message Types" section of the document.
XML serves as the encoding format for SPPF, allowing complex hierarchical data to be expressed in a text format that can be read, saved, and manipulated with both traditional text tools and tools specific to XML.
XML is case sensitive. Unless stated otherwise, XML specifications and examples provided in this document MUST be interpreted in the character case presented to develop a conforming implementation.
This section discusses a small number of XML-related considerations pertaining to SPPF.
All SPPF elements are defined in the namespaces in the IANA Considerations section and in the Formal Framework Specification section of this document.
All XML instances SHOULD begin with an <?xml?> declaration to identify the version of XML that is being used, optionally identify use of the character encoding used, and optionally provide a hint to an XML parser that an external schema file is needed to validate the XML instance.
Conformant XML parsers recognize both UTF-8 (defined in [RFC3629]) and UTF-16 (defined in [RFC2781]); per [RFC2277] UTF-8 is the RECOMMENDED character encoding for use with SPPF.
Character encodings other than UTF-8 and UTF-16 are allowed by XML. UTF-8 is the default encoding assumed by XML in the absence of an "encoding" attribute or a byte order mark (BOM); thus, the "encoding" attribute in the XML declaration is OPTIONAL if UTF-8 encoding is used. SPPF clients and servers MUST accept a UTF-8 BOM if present, though emitting a UTF-8 BOM is NOT RECOMMENDED.
Example XML declarations:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
Many SPPF implementations manage data that is considered confidential and critical. Furthermore, SPPF implementations can support provisioning activities for multiple registrars and registrants. As a result any SPPF implementation must address the requirements for confidentiality, authentication, and authorization.
With respect to confidentiality and authentication, the transport protocol requirements section of this document contains security properties that the transport protocol must provide so that authenticated endpoints can exchange data confidentially and with integrity protection. Refer to that section and the resulting transport protocol specification document for the specific solutions to authentication and confidentiality.
With respect to authorization, the SPPF server implementation must define and implement a set of authorization rules that precisely address (1) which registrars will be authorized to create/modify/delete each SPPF object type for given registrant(s) and (2) which registrars will be authorized to view/get each SPPF object type for given registrant(s). These authorization rules are a matter of policy and are not specified within the context of SPPF. However, any SPPF implementation must specify these authorization rules in order to function in a reliable and safe manner.
Guidance on Denial-of-Service (DoS) issues in general is given in [RFC4732], "Internet Denial of Service Considerations", which also gives a general vocabulary for describing the DoS issue.
SPPF is a high-level client-server protocol that can be implemented on lower-level mechanisms such as remote procedure call and web-service API protocols. As such, it inherits any Denial-of-Service issues inherent to the specific lower-level mechanism used for any implementation of SPPF. SPPF also has its own set of higher-level exposures that are likely to be independent of lower-layer mechanism choices.
SPPF implementation is in general dependent on the selection and implementation of a lower-level transport protocol and a binding between that protocol and SPPF. The archetypal SPPF implementation uses XML (http://www.w3.org/TR/xml/) representation in a SOAP (http://www.w3.org/TR/soap/) request/response framework over HTTP ([RFC2616]), and probably also uses TLS ([RFC5246]) for on-the wire data integrity and participant authentication, and might use HTTP Digest authentication ([RFC2609]).
The typical deployment scenario for SPPF is to have servers in a managed facility, and therefor techniques such as Network Ingress Filtering ([RFC2609]) are generally applicable. In short, any DoS mechanism affecting a typical HTTP implementation would affect such an SPPF implementation, and the mitigation tools for HTTP in general also therefore apply to SPPF.
SPPF does not directly specify an authentication mechanism, instead relying on the lower-level transport protocol to provide for authentication. In general, authentication is an expensive operation, and one apparent attack vector is to flood an SPPF server with repeated requests for authentication, thereby exhausting its resources. SPPF implementations SHOULD therefore be prepared to handle authentication floods, perhaps by noting repeated failed login requests from a given source address and blocking that source address.
The primary defense mechanism against DoS within SPPF is authentication. Implementations MUST tightly control access to the SPPF service, SHOULD implement DoS and other policy control screening, and MAY employ a variety of policy violation reporting and response measures such as automatic blocking of specific users and alerting of operations personnel. In short, the primary SPPF response to DoS-like activity by a user is to block that user or subject their actions to additional review.
SPPF allows a client to submit multiple-element or "batch" requests that may insert or otherwise affect a large amount of data with a single request. In the simplest case, the server progresses sequentially through each element in a batch, completing one and before starting the next. Mid-batch failures are handled by stopping the batch and rolling-back the data store to its pre-request state. This "stop and roll-back" design provides a DoS opportunity. A hostile client could repeatedly issue large batch requests with one or more failing elements, causing the server to repeatedly stop and roll-back large transactions. The suggested response is to monitor clients for such failures, and take administrative action (such as blocking the user) when an excessive number of roll-backs is reported.
An additional suggested response is for an implementer to set their maximum allowable XML message size, and their maximum allowable batch size at a level that they feel protects their operational instance, given the hardware sizing they have in place and the expected load and size needs that their users expect.
It is not uncommon for the logging systems to document on-the-wire messages for various purposes, such as, debug, audit, and tracking. At the minimum, the various support and administration staff will have access to these logs. Also, if an unprivileged user gains access to the SPPF deployments and/or support systems, it will have access to the information that is potentially deemed confidential. To manage information disclosure concerns beyond the transport level, SPPF implementations MAY provide support for encryption at the SPPF object level.
In some situations, it may be required to protect against denial of involvement (see [RFC4949]) and tackle non-repudiation concerns in regards to SPPF messages. This type of protection is useful to satisfy authenticity concerns related to SPPF messages beyond the end-to-end connection integrity, confidentiality, and authentication protection that the transport layer provides. This is an optional feature and some SPPF implementations MAY provide support for it.
Anti-replay protection ensures that a given SPPF object replayed at a later time doesn't affect the integrity of the system. SPPF provides at least one mechanism to fight against replay attacks. Use of the optional client transaction identifier allows the SPPF client to correlate the request message with the response and to be sure that it is not a replay of a server response from earlier exchanges. Use of unique values for the client transaction identifier is highly encouraged to avoid chance matches to a potential replay message.
The SPPF client or registrar can be a separate entity acting on behalf of the registrant in facilitating provisioning transactions to the registry. Further, the transport layer provides end-to-end connection protection between SPPF client and the SPPF server. Therefore, man-in-the-middle attack is a possibility that may affect the integrity of the data that belongs to the registrant and/or expose peer data to unintended actors in case well-established peering relationships already exist.
Character encodings to be used for SPPF elements are described in Section 8.2. The use of time elements in the protocol is specified in Section 3.2. Where human-readable languages are used in the protocol, those messages SHOULD be tagged according to [RFC5646], and the transport protocol MUST support a respective mechanism to transmit such tags together with those human-readable messages. If tags are absent, the language of the message defaults to "en" (English).
This document uses URNs to describe XML namespaces and XML schemas conforming to a registry mechanism described in [RFC3688].
Two URI assignments are requested.
Registration request for the SPPF XML namespace:
urn:ietf:params:xml:ns:sppf:base:1
Registrant Contact: IESG
XML: None. Namespace URIs do not represent an XML specification.
Registration request for the XML schema:
URI: urn:ietf:params:xml:schema:sppf:1
Registrant Contact: IESG
XML: See the "Formal Specification" section of this document (Section 12).
IANA is requested to create a new SPPF registry for Organization Identifiers that will indicate valid strings to be used for well-known enterprise namespaces.
This document makes the following assignments for the OrgIdType namespaces:
Namespace OrgIdType namespace string
---- ----------------------------
IANA Enterprise Numbers iana-en
This section provides the draft XML Schema Definition for SPPF Protocol.
<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns:sppfb="urn:ietf:params:xml:ns:sppf:base:1"
xmlns="http://www.w3.org/2001/XMLSchema"
targetNamespace="urn:ietf:params:xml:ns:sppf:base:1"
elementFormDefault="qualified" xml:lang="EN">
<annotation>
<documentation>
---- Generic Object key types to be defined by specific
Transport/Architecture. The types defined here can
be extended by the specific architecture to
define the Object Identifiers ----
</documentation>
</annotation>
<complexType name="ObjKeyType"
abstract="true">
<annotation>
<documentation>
---- Generic type that represents the
key for various objects in SPPF. ----
</documentation>
</annotation>
</complexType>
<complexType name="SedGrpOfferKeyType" abstract="true">
<complexContent>
<extension base="sppfb:ObjKeyType">
<annotation>
<documentation>
---- Generic type that represents
the key for a SED group offer. ----
</documentation>
</annotation>
</extension>
</complexContent>
</complexType>
<complexType name="PubIdKeyType" abstract="true">
<complexContent>
<extension base="sppfb:ObjKeyType">
<annotation>
<documentation>
----Generic type that
represents the key
for a Pub Id. ----
</documentation>
</annotation>
</extension>
</complexContent>
</complexType>
<annotation>
<documentation>
---- Object Type Definitions ----
</documentation>
</annotation>
<complexType name="SedGrpType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedGrpName" type="sppfb:ObjNameType"/>
<element name="sedRecRef" type="sppfb:SedRecRefType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="dgName" type="sppfb:ObjNameType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="peeringOrg" type="sppfb:OrgIdType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="sourceIdent" type="sppfb:SourceIdentType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="isInSvc" type="boolean"/>
<element name="priority" type="unsignedShort"/>
<element name="ext"
type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="DestGrpType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="dgName"
type="sppfb:ObjNameType"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="PubIdType" abstract="true">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="dgName" type="sppfb:ObjNameType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="TNType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="tn" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
<element name="sedRecRef" type="sppfb:SedRecRefType"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="TNRType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="range" type="sppfb:NumberRangeType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="TNPType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="tnPrefix" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="RNType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="rn" type="sppfb:NumberValType"/>
<element name="corInfo" type="sppfb:CORInfoType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="URIPubIdType">
<complexContent>
<extension base="sppfb:PubIdType">
<sequence>
<element name="uri" type="anyURI"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="SedRecType" abstract="true">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedName" type="sppfb:ObjNameType"/>
<element name="sedFunction" type="sppfb:SedFunctionType"
minOccurs="0"/>
<element name="isInSvc" type="boolean"/>
<element name="ttl" type="positiveInteger" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="NAPTRType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="order" type="unsignedShort"/>
<element name="flags" type="sppfb:FlagsType" minOccurs="0"/>
<element name="svcs" type="sppfb:SvcType"/>
<element name="regx" type="sppfb:RegexParamType" minOccurs="0"/>
<element name="repl" type="sppfb:ReplType" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="NSType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="hostName" type="token"/>
<element name="ipAddr" type="sppfb:IPAddrType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="URIType">
<complexContent>
<extension base="sppfb:SedRecType">
<sequence>
<element name="ere" type="token" default="^(.*)$"/>
<element name="uri" type="anyURI"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="SedGrpOfferType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="sedGrpOfferKey" type="sppfb:SedGrpOfferKeyType"/>
<element name="status" type="sppfb:SedGrpOfferStatusType"/>
<element name="offerDateTime" type="dateTime"/>
<element name="acceptDateTime" type="dateTime" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<complexType name="EgrRteType">
<complexContent>
<extension base="sppfb:BasicObjType">
<sequence>
<element name="egrRteName" type="sppfb:ObjNameType"/>
<element name="pref" type="unsignedShort"/>
<element name="regxRewriteRule" type="sppfb:RegexParamType"/>
<element name="ingrSedGrp" type="sppfb:ObjKeyType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="svcs" type="sppfb:SvcType" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</extension>
</complexContent>
</complexType>
<annotation>
<documentation>
---- Abstract Object and Element Type Definitions ----
</documentation>
</annotation>
<complexType name="BasicObjType" abstract="true">
<sequence>
<element name="rant" type="sppfb:OrgIdType"/>
<element name="rar" type="sppfb:OrgIdType"/>
<element name="cDate" type="dateTime" minOccurs="0"/>
<element name="mDate" type="dateTime" minOccurs="0"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
<complexType name="RegexParamType">
<sequence>
<element name="ere" type="sppfb:RegexType" default="^(.*)$"/>
<element name="repl" type="sppfb:ReplType"/>
</sequence>
</complexType>
<complexType name="IPAddrType">
<sequence>
<element name="addr" type="sppfb:AddrStringType"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
<attribute name="type" type="sppfb:IPType" default="v4"/>
</complexType>
<complexType name="SedRecRefType">
<sequence>
<element name="sedKey" type="sppfb:ObjKeyType"/>
<element name="priority" type="unsignedShort"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
<complexType name="SourceIdentType">
<sequence>
<element name="sourceIdentRegex" type="sppfb:RegexType"/>
<element name="sourceIdentScheme"
type="sppfb:SourceIdentSchemeType"/>
<element name="ext" type="sppfb:ExtAnyType" minOccurs="0"/>
</sequence>
</complexType>
<complexType name="CORInfoType">
<sequence>
<element name="corClaim" type="boolean" default="true"/>
<element name="cor" type="boolean" default="false" minOccurs="0"/>
<element name="corDate" type="dateTime" minOccurs="0"/>
</sequence>
</complexType>
<complexType name="SvcMenuType">
<sequence>
<element name="serverStatus" type="sppfb:ServerStatusType"/>
<element name="majMinVersion" type="token" maxOccurs="unbounded"/>
<element name="objURI" type="anyURI" maxOccurs="unbounded"/>
<element name="extURI" type="anyURI"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</complexType>
<complexType name="ExtAnyType">
<sequence>
<any namespace="##other" maxOccurs="unbounded"/>
</sequence>
</complexType>
<simpleType name="FlagsType">
<restriction base="token">
<length value="1"/>
<pattern value="[A-Z]|[a-z]|[0-9]"/>
</restriction>
</simpleType>
<simpleType name="SvcType">
<restriction base="token">
<minLength value="1"/>
</restriction>
</simpleType>
<simpleType name="RegexType">
<restriction base="token">
<minLength value="1"/>
</restriction>
</simpleType>
<simpleType name="ReplType">
<restriction base="token">
<minLength value="1"/>
<maxLength value="255"/>
</restriction>
</simpleType>
<simpleType name="OrgIdType">
<restriction base="token"/>
</simpleType>
<simpleType name="ObjNameType">
<restriction base="token">
<minLength value="3"/>
<maxLength value="80"/>
</restriction>
</simpleType>
<simpleType name="TransIdType">
<restriction base="token">
<minLength value="3"/>
<maxLength value="120"/>
</restriction>
</simpleType>
<simpleType name="MinorVerType">
<restriction base="unsignedLong"/>
</simpleType>
<simpleType name="AddrStringType">
<restriction base="token">
<minLength value="3"/>
<maxLength value="45"/>
</restriction>
</simpleType>
<simpleType name="IPType">
<restriction base="token">
<enumeration value="v4"/>
<enumeration value="v6"/>
</restriction>
</simpleType>
<simpleType name="SourceIdentSchemeType">
<restriction base="token">
<enumeration value="uri"/>
<enumeration value="ip"/>
<enumeration value="rootDomain"/>
</restriction>
</simpleType>
<simpleType name="ServerStatusType">
<restriction base="token">
<enumeration value="inService"/>
<enumeration value="outOfService"/>
</restriction>
</simpleType>
<simpleType name="SedGrpOfferStatusType">
<restriction base="token">
<enumeration value="offered"/>
<enumeration value="accepted"/>
</restriction>
</simpleType>
<simpleType name="NumberValType">
<restriction base="token">
<maxLength value="20"/>
<pattern value="\+?\d\d*"/>
</restriction>
</simpleType>
<simpleType name="NumberTypeEnum">
<restriction base="token">
<enumeration value="TN"/>
<enumeration value="TNPrefix"/>
<enumeration value="RN"/>
</restriction>
</simpleType>
<simpleType name="SedFunctionType">
<restriction base="token">
<enumeration value="routing"/>
<enumeration value="lookup"/>
</restriction>
</simpleType>
<complexType name="NumberType">
<sequence>
<element name="value" type="sppfb:NumberValType"/>
<element name="type" type="sppfb:NumberTypeEnum"/>
</sequence>
</complexType>
<complexType name="NumberRangeType">
<sequence>
<element name="startRange" type="sppfb:NumberValType"/>
<element name="endRange" type="sppfb:NumberValType"/>
</sequence>
</complexType>
</schema>
This document is a result of various discussions held in the DRINKS working group and within the DRINKS protocol design team, with contributions from the following individuals, in alphabetical order: Alexander Mayrhofer, David Schwartz, Deborah A Guyton, Lisa Dusseault, Manjul Maharishi, Mickael Marrache, Otmar Lendl, Richard Shockey, Samuel Melloul, Sumanth Channabasappa, Syed Ali, and Vikas Bhatia .
| [RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. |
| [RFC2277] | Alvestrand, H.T., "IETF Policy on Character Sets and Languages", BCP 18, RFC 2277, January 1998. |
| [RFC3629] | Yergeau, F., "UTF-8, a transformation format of ISO 10646", STD 63, RFC 3629, November 2003. |
| [RFC3688] | Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, January 2004. |
| [RFC3986] | Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005. |
| [RFC5067] | Lind, S. and P. Pfautz, "Infrastructure ENUM Requirements", RFC 5067, November 2007. |
| [RFC4949] | Shirey, R., "Internet Security Glossary, Version 2", RFC 4949, August 2007. |