TOC 
ECRITH. Schulzrinne
Internet-DraftColumbia University
Intended status: ExperimentalH. Tschofenig
Expires: September 7, 2010Nokia Siemens Networks
 March 06, 2010


Synchronizing Location-to-Service Translation (LoST) Protocol based Service Boundaries and Mapping Elements
draft-ietf-ecrit-lost-sync-09.txt

Abstract

The Location-to-Service Translation (LoST) protocol is an XML-based protocol for mapping service identifiers and geodetic or civic location information to service URIs and service boundaries. In particular, it can be used to determine the location-appropriate Public Safety Answering Point (PSAP) for emergency services.

The main data structure, the <mapping> element, used for encapsulating information about service boundaries is defined in the LoST protocol specification and circumscribes the region within which all locations map to the same service Uniform Resource Identifier (URI) or set of URIs for a given service.

This document defines an XML protocol to exchange these mappings between two nodes. This mechanism is designed for the exchange of authoritative <mapping> elements between two entities. Exchanging cached <mapping> elements, i.e. non-authoritative elements, is possible but not envisioned. In any case, this document can also be used without the LoST protocol even though the format of the <mapping> element is re-used from the LoST specification.

Status of this Memo

This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on September 7, 2010.

Copyright Notice

Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License.



Table of Contents

1.  Introduction
2.  Terminology
3.  Querying for Mappings with a <getMappingsRequest> / <getMappingsResponse> Exchange
    3.1.  Behavior of the LoST Sync Source
    3.2.  Behavior of the LoST Sync Source
    3.3.  Examples
4.  Pushing Mappings via <pushMappings> and <pushMappingsResponse>
    4.1.  Behavior of the LoST Sync Source
    4.2.  Behavior of the LoST Sync Destination
    4.3.  Example
5.  Transport
6.  RelaxNG
7.  Operational Considerations
8.  Security Considerations
9.  IANA Considerations
    9.1.  Content-type registration for 'application/lostsync+xml'
    9.2.  LoST Sync Relax NG Schema Registration
    9.3.  LoST Synchronization Namespace Registration
10.  Acknowledgments
11.  References
    11.1.  Normative References
    11.2.  Informative References
§  Authors' Addresses




 TOC 

1.  Introduction

The LoST (Location-to-Service Translation) protocol (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” August 2008.) [RFC5222] maps service identifiers and geodetic or civic location information to service URIs. The main data structure, the <mapping> element, used for encapsulating information about service boundaries is defined in the LoST protocol specification and circumscribes the region within which all locations map to the same service Uniform Resource Identifier (URI) or set of URIs for a given service.

This mechanism is designed for the exchange of authoritative <mapping> elements between two entities (the LoST Sync source and the LoST Sync destination).

The LoST Sync mechanism can, for example, be used in the LoST architecture, as specified in the [RFC5582] (Schulzrinne, H., “Location-to-URL Mapping Architecture and Framework,” September 2009.). There, LoST servers act in different roles that cooperate to provide an ubiquitous, globally scalable and resilient mapping service. In the LoST mapping architecture, LoST servers can peer, i.e., have an on-going data exchange relationship. Peering relationships are set up manually, based on local policies. A server can peer with any number of other servers. Forest guides peer with other forest guides; resolvers peer with forest guides and other resolvers (in the same cluster); authoritative mapping servers peer with forest guides and other authoritative servers, either in the same cluster or above or below them in the tree. Authoritative mapping servers push coverage regions "up" the tree, i.e., from child nodes to parent nodes. The child informs the parent of the geospatial or civic region that it covers for a specific service.

Consider a hypothetical deployent of LoST in two countries, we call them Austria and Finland. Austria, in our example, runs three authoritative LoST servers labeled as 'East', 'West' and 'Vienna' whereby the former two cover the entire country expect for Vienna, which is covered by a separate LoST server. There may be other caching LoST servers run by ISPs, universities, and VSPs but they are not relevant for this illustration. Finland, on the other hand, decided to only deploy a single LoST server that also acts as a Forest Guide. For this simplistic illustration we assume that only one service is available, namely 'urn:service:sos' since otherwise the number of stored mappings would have to be multiplied by the number of used services.

Figure 1 (LoST Deployment Example) shows the example deployment.


                   +---LoST-Sync-->\\     //<--LoST-Sync----+
                   |                 -----                  |
                   |                                        |
                   \/                                       \/
                 -----                                     -----
               //     \\                                 //     \\
              /         \                               /         \
             |  Forest   |                             |   Forest  |
             |  Guide    |                             |   Guide   |
             |  Austria  |                             |   Finland
              \         /                               \         /
    +--------->\\     //<--------+                       \\     //
    |            -----           |                         -----
    |             /\             |                           |
  LoST            |             LoST                     //------\\
  Sync           LoST           Sync                    |Co-Located|
    |            Sync            |                      |   LoST   |
    \/            |              \/                     | Server   |
 //----\\         \/          //----\\                   \\------//
|  LoST  |     //----\\      |  LoST  |
| Server |    |  LoST  |     | Server |
| (East) |    | Server |     |(Vienna)|
 \\----//     | (West) |      \\----//
               \\----//

 Figure 1: LoST Deployment Example 

The configuration of these nodes would therefore be as follows:

Forest Guide Austria:
This forest guide would contain mappings for the three authoritative LoST servers (East, West and Vienna) describing what area they are responsible for. Note that each mapping would contain a service URN and these mappings point to LoST servers rather than to PSAPs or ESRPs.
LoST Server 'East':
This LoST server would contain all the mappings to PSAPs covering one half of the country.
Additionally, the LoST server aggregates all the information it has and provides an abstracted view towards the Forest Guide indicating that it is responsible for a certain area (for a given service, and for a given location profile). Such a mapping would have the following structure:

<mapping
    expires="2009-01-01T01:44:33Z"
    lastUpdated="2009-12-01T01:00:00Z"
    source="east-austria.lost-example.com"
    sourceId="e8b05a41d8d1415b80f2cdbb96ccf109">
    <displayName xml:lang="en">LoST Server 'East' </displayName>
    <service>urn:service:sos</service>
    <serviceBoundary profile="geodetic-2d">
        <p2:Polygon srsName="urn:ogc:def::crs:EPSG::4326">
            <p2:exterior>
                <p2:LinearRing>
                    <p2:pos> ... </p2:pos>
                    ..... list of coordinates for
                    boundary of LoST server 'East'
                    <p2:pos> ... </p2:pos>
                </p2:LinearRing>
            </p2:exterior>
        </p2:Polygon>
    </serviceBoundary>
    <uri/>
</mapping>
 Figure 2: Forest Guide Austria Mapping Example 

As it can be seen in this example there the <uri> element is left empty and the 'source' attribute is used to indicate the identity of the LoST server, namely "east-austria.lost-example.com".

The above-shown mapping is what is the LoST server "east-austria.lost-example.com" provides to the Austrian Forest Guide.
LoST Server 'West':
This LoST server would contain all the mappings to PSAPs covering the other half of the country.
LoST Server 'Vienna':
This LoST server would contain all the mappings to PSAPs in the area of Vienna.
Forest Guide Finland:
In our example we assume that Finland would deploy a single ESRP for the entire country as their IP-based emergency services solution. There is only a single LoST server and it is co-located with the Forest Guide, as shown in Figure 1 (LoST Deployment Example). The mapping data this FG would distribute via LoST sync is shown in Figure 3 (Forest Guide Finland Mapping Example).

<mapping
    expires="2007-01-01T01:44:33Z"
    lastUpdated="2006-11-01T01:00:00Z"
    source="finland.lost-example.com"
    sourceId="7e3f40b098c711dbb6060800200c9a66">
    <displayName xml:lang="en"> Finland ESRP </displayName>
    <service>urn:service:sos</service>
    <serviceBoundary profile="civic">
        <civicAddress
            xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
            <country>FI</country>
        </civicAddress>
    </serviceBoundary>
    <uri/>
</mapping>
 Figure 3: Forest Guide Finland Mapping Example 

An example mapping stored at the co-located LoST server is shown in Figure 4 (Forest Guide Finland / Co-Located LoST Server Mapping Example).

<mapping
    expires="2007-01-01T01:44:33Z"
    lastUpdated="2006-11-01T01:00:00Z"
    source="finland.lost-example.com"
    sourceId="7e3f40b098c711dbb6060800200c9a66">
    <displayName xml:lang="en"> Finland ESRP </displayName>
    <service>urn:service:sos</service>
    <serviceBoundary profile="civic">
        <civicAddress
            xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
            <country>FI</country>
        </civicAddress>
    </serviceBoundary>
    <uri>sip:esrp@finland-example.com</uri>
    <uri>xmpp:esrp@finland-example.com</uri>
    <serviceNumber>112</serviceNumber>
</mapping>
 Figure 4: Forest Guide Finland / Co-Located LoST Server Mapping Example 

The LoST sync mechanism described in this document could be run between the two Forest Guides. Thereby, the three mappings stored in the Austria FG are sent to the FG Finland and a single mapping in the FG Finland is sent to the FG Austria. Additionally, the three Austrian LoST servers could utilize LoST sync to inform the Austrian FG about their boundaries. These three authoritative LoST servers in Austria would be responsible to maintain their own mapping information. Since the amount of data being exchanged is small and the expected rate of change is low the nodes are configured to always exchange all their mapping information whenever a change happens.

This document defines two types of exchanges and those are best described by the exchange between two nodes as shown in Figure 5 (Querying for Mappings with a <getMappingsRequest> Message) and Figure 6 (Pushing Mappings with a <pushMappingsRequest> Message). The protocol exchange always runs between a LoST Sync source and a LoST Sync destination. Node A in the examples of Figure 5 (Querying for Mappings with a <getMappingsRequest> Message) and Figure 6 (Pushing Mappings with a <pushMappingsRequest> Message) has mappings that Node B is going to retrieve. Node A acts as the source for the data and Node B is the destination.

The <getMappingsRequest> request allows a LoST Sync source to request mappings from a LoST Sync destination.


   +---------+                   +---------+
   | Node B  |                   | Node A  |
   | acting  |                   | acting  |
   | as      |                   | as      |
   | LoST    |                   | LoST    |
   | Sync    |                   | Sync    |
   | Dest.   |                   | Source  |
   +---------+                   +---------+
       |                              |
       |                              |
       |                              |
       | <getMappingsRequest>         |
       |----------------------------->|
       |                              |
       | <getMappingsResponse>        |
       |<-----------------------------|
       |                              |
       |                              |
       |                              |

 Figure 5: Querying for Mappings with a <getMappingsRequest> Message 

Note that in the exchange illustrated in Figure 5 (Querying for Mappings with a <getMappingsRequest> Message) Node B issuing the first request and plays the role of the HTTP/HTTPS client (with HTTP as selected transport) and Node A plays the role of the HTTP/HTTPS server.

The <pushMappingsRequest> exchange allows a LoST Sync source to push mappings to LoST Sync destination. The assumption is being made that Node A and B have previously been configured in a way that they push mappings in such a fashion and that Node A maintains state about the mappings have to be pushed to Node B. No subscribe mechanism is defined in this document that would allow Node B to tell Node A about what mappings it is interested nor a mechanism for learning to which entities mappings have to be pushed.


    +---------+                   +---------+
    | Node A  |                   | Node B  |
    | acting  |                   | acting  |
    | as      |                   | as      |
    | LoST    |                   | LoST    |
    | Sync    |                   | Sync    |
    | Source  |                   | Dest.   |
    +---------+                   +---------+
        |                              |
        |                              |
        |                              |
        | <pushMappingsRequest>        |
        |----------------------------->|
        |                              |
        | <pushMappingsResponse>       |
        |<-----------------------------|
        |                              |
        |                              |
        |                              |

 Figure 6: Pushing Mappings with a <pushMappingsRequest> Message 

Note that in the exchange illustrated in Figure 6 (Pushing Mappings with a <pushMappingsRequest> Message) Node A issuing the first request and plays the role of the HTTP/HTTPS client (with HTTP as selected transport) and Node B plays the role of the HTTP/HTTPS server.



 TOC 

2.  Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).

This document reuses terminology introduced by the mapping architecture document (Schulzrinne, H., “Location-to-URL Mapping Architecture and Framework,” September 2009.) [RFC5582].

Throughout this document we use the term LoST Sync source and LoST Sync destination to denote the protocol end points of the exchange. The protocol is referred as LoST Sync within the text.



 TOC 

3.  Querying for Mappings with a <getMappingsRequest> / <getMappingsResponse> Exchange



 TOC 

3.1.  Behavior of the LoST Sync Source

A LoST Sync destination has two ways to retrieve mapping elements from a LoST Sync source.

  1. A mechanisms that is suitable when no mappings are available on the LoST Sync destination is to submit an empty <getMappingsRequest> message, as shown in Figure 7 (Example of empty <getMappingsRequest> message). The intent by the LoST Sync destination thereby is to retrieve all mappings from the LoST Sync source. Note that the request does not propagate further to other nodes.
  2. In case a LoST Sync destination node has already obtained mappings in previous exchanges then it may want to check whether these mappings have been updated in the meanwhile. The policy when to poll for updated mapping information is outside the scope of this document. The <getMappingsRequest> message with one or multiple <exists> child element(s) allows to reduce the number of returned mappings to those that have been updated and also to those that are missing.

In response to the <getMappingsRequest> message the LoST Sync destination waits for the <getMappingsResponse> message. In case of a successful response the LoST Sync destination stores the received mappings and determines which mappings to replace.



 TOC 

3.2.  Behavior of the LoST Sync Source

When a LoST Sync source receives an empty <getMappingsRequest> message then all locally available mappings MUST be returned.

When a LoST Sync source receives a <getMappingsRequest> message with one or multiple <exists> child element(s) then it MUST consult with the local mapping database to determine whether any of the mappings of the client is stale and whether there are mappings locally that the client does not yet have. The former can be determined by finding mappings corresponding to the 'source' and 'sourceID' attribut where a mapping with a more recent lastUpdated date exists.

Processing a <getMappingsRequest> message MAY lead to a successful response in the form of a <getMappingsResponse> or an <errors> message. Only the <badRequest>, <forbidden>, <internalError>, <serverTimeout> errors, defined in [RFC5222] (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” August 2008.), are utilized by this specification. Neither the <redirect> nor the <warnings> messages are reused by this message.



 TOC 

3.3.  Examples

The first example shows an empty <getMappingsRequest> message that would retrieve all locally stored mappings at the LoST Sync source.


<?xml version="1.0" encoding="UTF-8"?>
<getMappingsRequest xmlns="urn:ietf:params:xml:ns:lostsync1"/>

 Figure 7: Example of empty <getMappingsRequest> message 

A further example request is shown in Figure 8 (Example <getMappingsRequest> Message) and the corresponding response is depicted in Figure 9 (Example <getMappingsResponse> Message). In this example a request is made for a specific mapping (with source="authoritative.bar.example" and sourceId="7e3f40b098c711dbb6060800200c9a66") that is more recent than "2006-11-01T01:00:00Z" as well as any missing mapping.



<?xml version="1.0" encoding="UTF-8"?>
<getMappingsRequest xmlns="urn:ietf:params:xml:ns:lostsync1">
    <exists>
        <mapping-fingerprint source="authoritative.bar.example"
        sourceId="7e3f40b098c711dbb6060800200c9a66"
        lastUpdated="2006-11-01T01:00:00Z">
        </mapping-fingerprint>
    </exists>
</getMappingsRequest>

 Figure 8: Example <getMappingsRequest> Message 

The response to the above request is shown in Figure 9 (Example <getMappingsResponse> Message). A more recent mapping was available with the identification of source="authoritative.bar.example" and sourceId="7e3f40b098c711dbb6060800200c9a66". Only one mapping that matched source="authoritative.foo.example" was found and returned.



<?xml version="1.0" encoding="UTF-8"?>
<sync:getMappingsResponse
    xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
    xmlns="urn:ietf:params:xml:ns:lost1"
    xmlns:p2="http://www.opengis.net/gml">

        <mapping source="authoritative.bar.example"
            sourceId="7e3f40b098c711dbb6060800200c9a66"
            lastUpdated="2008-11-26T01:00:00Z"
            expires="2009-12-26T01:00:00Z">
            <displayName xml:lang="en">
                Leonia Police Department
            </displayName>
            <service>urn:service:sos.police</service>
            <serviceBoundary
profile="urn:ietf:params:lost:location-profile:basic-civic">
                <civicAddress
xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
                    <country>US</country>
                    <A1>NJ</A1>
                    <A3>Leonia</A3>
                    <PC>07605</PC>
                </civicAddress>
            </serviceBoundary>
            <uri>sip:police@leonianj2.example.org</uri>
            <serviceNumber>911</serviceNumber>
        </mapping>

        <mapping expires="2009-01-01T01:44:33Z"
            lastUpdated="2008-11-01T01:00:00Z"
            source="authoritative.foo.example"
            sourceId="7e3f40b098c711dbb606011111111111">
            <displayName xml:lang="en">
                New York City Police Department
            </displayName>
            <service>urn:service:sos.police</service>
            <serviceBoundary profile="geodetic-2d">
                <p2:Polygon srsName="urn:ogc:def::crs:EPSG::4326">
                    <p2:exterior>
                        <p2:LinearRing>
                            <p2:pos>37.775 -122.4194</p2:pos>
                            <p2:pos>37.555 -122.4194</p2:pos>
                            <p2:pos>37.555 -122.4264</p2:pos>
                            <p2:pos>37.775 -122.4264</p2:pos>
                            <p2:pos>37.775 -122.4194</p2:pos>
                        </p2:LinearRing>
                    </p2:exterior>
                </p2:Polygon>
            </serviceBoundary>
            <uri>sip:nypd@example.com</uri>
            <uri>xmpp:nypd@example.com</uri>
            <serviceNumber>911</serviceNumber>
        </mapping>

</sync:getMappingsResponse>

 Figure 9: Example <getMappingsResponse> Message 



 TOC 

4.  Pushing Mappings via <pushMappings> and <pushMappingsResponse>



 TOC 

4.1.  Behavior of the LoST Sync Source

When a LoST Sync source obtains new information that is of interest to its peers, it may push the new mappings to its peers. Configuration settings at both peers decide whether this functionality is used and what mappings are pushed to which other peers. New mappings may arrive through various means, such as a manual addition to the local mapping database, or through the interaction with other entities. Deleting mappings may also trigger a protocol interaction.

The LoST Sync source SHOULD keep track to which LoST Sync destination it has pushed mapping elements. If it does not keep state information then it always has to push the complete data set. As discussed in Section 5.1 of [RFC5222] (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” August 2008.), mapping elements are identified by the 'source', 'sourceID' and 'lastUpdated' attributes. A mapping is considered the same if these three attributes match. It is RECOMMENDED not to push the same information to the same peer more than once.

A <pushMappings> request sent by a LoST Sync source MUST containing one or more <mapping> elements.

To delete a mapping, the content of the mapping is left empty. The node can delete the mapping from its internal mapping database, but has to remember which peers it has distributed this update to. The 'expires' attribute is required, but ignored. If an attempt is made to delete a non-existent mapping, the request is silently ignored.



 TOC 

4.2.  Behavior of the LoST Sync Destination

When a LoST Sync destination receives a <pushMappingsRequest> message then a newly received mapping M' MUST replace an existing mapping M if all of the following conditions hold:

  1. M'.source equals M.source
  2. M'.sourceID' equals M.sourceID
  3. M'.lastUpdated is greater than M.lastUpdated

If the received mapping M' does not update any existing mapping M then it MUST be added to the local cache as an independent mapping.

If a <pushMappingsRequest> message with an empty <mapping> element is received then a corresponding mapping has to be determined based on the 'source', 'sourceID' and 'lastUpdated' attributes. If a mapping has been found then it MUST be deleted. If no mapping can be identified then an <errors> response MUST be returned that contains the <notDeleted> child element. The <notDeleted> element MAY carry a <message> element and MUST contain the <mapping> element(s) that caused the error.

The response to a <pushMappingsRequest> request is a <pushMappingsResponse> message. With this specification, a successful response message returns no additional elements, whereas an <errors> response is returned in the response message, if the request failed. Only the <badRequest>, <forbidden>, <internalError> or <serverTimeout> errors defined in Section 13.1 of [RFC5222] (Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” August 2008.), are used. The <redirect> and <warnings> messages are not used for this query/response.

If the set of nodes that are synchronizing their data does not form a tree, it is possible that the same information arrives through several other nodes. This is unavoidable, but generally only imposes a modest overhead. (It would be possible to create a spanning tree in the same fashion as IP multicast, but the complexity does not seem warranted, given the relatively low volume of data.)



 TOC 

4.3.  Example

An example is shown in Figure 10 (Example <pushMappingsRequest> Message). Image a LoST node that obtained two new mappings identified as follows:

These two mappings have to be added to the peer's mapping database.

Additionally, the following mapping has to be deleted:



<?xml version="1.0" encoding="UTF-8"?>
<sync:pushMappingsRequest
    xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
    xmlns="urn:ietf:params:xml:ns:lost1"
    xmlns:p2="http://www.opengis.net/gml">

        <mapping source="authoritative.example"
            sourceId="7e3f40b098c711dbb6060800200c9a66"
            lastUpdated="2008-11-26T01:00:00Z"
            expires="2009-12-26T01:00:00Z">
            <displayName xml:lang="en">
                Leonia Police Department
            </displayName>
            <service>urn:service:sos.police</service>
            <serviceBoundary
     profile="urn:ietf:params:lost:location-profile:basic-civic">
                <civicAddress
     xmlns="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr">
                    <country>US</country>
                    <A1>NJ</A1>
                    <A3>Leonia</A3>
                    <PC>07605</PC>
                </civicAddress>
            </serviceBoundary>
            <uri>sip:police@leonianj.example.org</uri>
            <serviceNumber>911</serviceNumber>
        </mapping>

        <mapping expires="2009-01-01T01:44:33Z"
            lastUpdated="2008-11-01T01:00:00Z"
            source="authoritative.example"
            sourceId="7e3f40b098c711dbb606011111111111">
            <displayName xml:lang="en">
                New York City Police Department
            </displayName>
            <service>urn:service:sos.police</service>
            <serviceBoundary profile="geodetic-2d">
                <p2:Polygon srsName="urn:ogc:def::crs:EPSG::4326">
                    <p2:exterior>
                        <p2:LinearRing>
                            <p2:pos>37.775 -122.4194</p2:pos>
                            <p2:pos>37.555 -122.4194</p2:pos>
                            <p2:pos>37.555 -122.4264</p2:pos>
                            <p2:pos>37.775 -122.4264</p2:pos>
                            <p2:pos>37.775 -122.4194</p2:pos>
                        </p2:LinearRing>
                    </p2:exterior>
                </p2:Polygon>
            </serviceBoundary>
            <uri>sip:nypd@example.com</uri>
            <uri>xmpp:nypd@example.com</uri>
            <serviceNumber>911</serviceNumber>
        </mapping>

        <mapping source="nj.us.example"
            sourceId="123"
            lastUpdated="2008-11-01T01:00:00Z"
            expires="2008-11-01T01:00:00Z"/>

</sync:pushMappingsRequest>

 Figure 10: Example <pushMappingsRequest> Message 

In response, the peer performs the necessary operation and updates its mapping database. In particular, it will check whether the other peer is authorized to perform the update and whether the elements and attributes contain values that it understands. In our example, a positive response is returned as shown in Figure 11 (Example <pushMappingsResponse>).



<?xml version="1.0" encoding="UTF-8"?>
<pushMappingsResponse xmlns="urn:ietf:params:xml:ns:lostsync1" />

 Figure 11: Example <pushMappingsResponse> 

In case that a mapping could not be deleted as requested the following error response might be returned instead.


<?xml version="1.0" encoding="UTF-8"?>
<errors xmlns="urn:ietf:params:xml:ns:lost1"
    xmlns:sync="urn:ietf:params:xml:ns:lostsync1"
    source="nodeA.example.com">

    <sync:notDeleted
        message="Could not delete the indicated mapping."
        xml:lang="en">

        <mapping source="nj.us.example"
            sourceId="123"
            lastUpdated="2008-11-01T01:00:00Z"
            expires="2008-11-01T01:00:00Z"/>

    </sync:notDeleted>
</errors>

 Figure 12: Example <errors> Message 



 TOC 

5.  Transport

LoST Sync needs an underlying protocol transport mechanism to carry requests and responses. This document defines an XML protocol over HTTP and over HTTP-over-TLS. Client and server developers are reminded that full support of RFC 2616 HTTP facilities is expected. If clients or servers re-implement HTTP, rather than using available servers or client code as a base, careful attention must be paid to full interoperability. Other transport mechanisms are left to future documents. The selection of the transport mechanism will in most cases be determined through manual configuration although the usage of the U-NAPTR application defined in the LoST specification is possible. In protocols that support content type indication, LoST Sync uses the media type application/lostsync+xml.

When using HTTP [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) and HTTP-over-TLS [RFC2818] (Rescorla, E., “HTTP Over TLS,” May 2000.), LoST Sync messages use the HTTP POST method. The HTTP request MUST use the Cache-Control response directive "no-cache" to HTTP-level caching even by caches that have been configured to return stale responses to client requests.

All LoST Sync responses, including those indicating a LoST warning or error, are carried in 2xx responses, typically 200 (OK). Other 2xx responses, in particular 203 (Non-authoritative information) may be returned by HTTP caches that disregard the caching instructions. 3xx, 4xx and 5xx HTTP response codes indicates that the HTTP request itself failed or was redirected; these responses do not contain any LoST Sync XML elements.



 TOC 

6.  RelaxNG

<?xml version="1.0" encoding="utf-8"?>

     <grammar ns="urn:ietf:params:xml:ns:lostsync1"
     xmlns="http://relaxng.org/ns/structure/1.0"
     xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0"
     datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">

         <include href="lost.rng"/>

         <start combine="choice">

          <a:documentation> Location-to-Service Translation (LoST)
            Synchronization Protocol</a:documentation>

             <choice>
                 <ref name="pushMappings"/>
                 <ref name="pushMappingsResponse"/>
                 <ref name="getMappingsRequest"/>
                 <ref name="getMappingsResponse"/>
             </choice>
         </start>


         <define name="pushMappings">
             <element name="pushMappings">
                     <oneOrMore>
                         <ref name="mapping"/>
                     </oneOrMore>

                 <ref name="extensionPoint"/>
             </element>
         </define>

         <define name="pushMappingsResponse">
             <element name="pushMappingsResponse">
                 <ref name="extensionPoint"/>
             </element>
         </define>

          <define name="getMappingsRequest">
               <element name="getMappingsRequest">
                 <choice>
                      <ref name="exists"></ref>
                      <ref name="extensionPoint"/>
                 </choice>
             </element>
         </define>

          <define name="exists">
               <element name="exists">
                    <oneOrMore>
                         <element name="mapping-fingerprint">
                              <attribute name="source">
                                   <data type="token"/>
                              </attribute>
                              <attribute name="sourceId">
                                   <data type="token"/>
                              </attribute>
                              <attribute name="lastUpdated">
                                   <data type="dateTime"/>
                              </attribute>
                              <ref name="extensionPoint"/>
                         </element>
                    </oneOrMore>
               </element>
          </define>

         <define name="getMappingsResponse">
             <element name="getMappingsResponse">
                     <oneOrMore>
                         <ref name="mapping"/>
                     </oneOrMore>
                 <ref name="extensionPoint"/>
             </element>
         </define>

          <!-- error messages -->

          <define name="notDeleted">
               <element name="notDeleted">
                    <ref name="basicException"/>
                    <oneOrMore>
                         <ref name="mapping"/>
                    </oneOrMore>
               </element>
          </define>
     </grammar>



 TOC 

7.  Operational Considerations

When different LoST servers use the mechanism described in this document to synchronize their mapping data then it is important to ensure that loops are avoided. The example shown in Figure 13 (Synchronization Configuration Example) with three LoST servers A, B and C (each of them acts as a sync source and a sync destination) illustrates the challenge in more detail. A and B synchronize data between each other; the same is true for A and C, and B and C, respectively.



     A -------- B
      \        /
       \      /
        \    /
         \  /
          C

 Figure 13: Synchronization Configuration Example 

Now, imagine that server A adds a new mapping. This mapping is uniquely identified by the combination of "source", "sourceid" and "last updated". Assume that A would push this new mapping to B and C. When B obtained this new mapping it would find out that it has to distribute it to its peer C. C would also want to distribute the mapping to B (and vice versa). If the originally mapping with the "source", "sourceid" and "last updated" is not modified by either B or C then these two servers would recognize that they already possess the mapping and can ignore the update.

It is important that implementations MUST NOT modify mappings they receive. An entity acting maliciously would, however, intentially modify mappings or inject bogus mappings. To avoid the possibility of an untrustworthy member claiming a coverage region that it is not authorized for, any node introducing a new service boundary MUST sign the object by protecting the data with an XML digital signature [W3C.REC‑xmldsig‑core‑20020212] (Solo, D., Eastlake, D., and J. Reagle, “XML-Signature Syntax and Processing,” February 2002.). A recipient MUST verify that the signing entity is indeed authorized to speak for that region. Determining who can speak for a particular region is inherently difficult unless there is a small set of authorizing entities that participants in the mapping architecture can trust. Receiving systems should be particularly suspicious if an existing coverage region is replaced with a new one with a new mapping address. With this mechanism it is also possible to avoid the distribution of mappings that have been modified by servers forwarding mappings as part of the synchronization procedure.



 TOC 

8.  Security Considerations

This document defines a protocol for exchange of mapping information between two entities. Hence, the operations described in this document involve mutually-trusting LoST nodes. These nodes need to authenticate each other, using mechanisms such as HTTP Digest (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) [RFC2617], HTTP Basic (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) [RFC2617] over TLS (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.2,” August 2008.) [RFC5246] or TLS client and server certificates. Manual configuration for the setup of the peering relationships is required and hence the choice of the security mechanisms used between the two entities is a deployment specific decision. In any case, it MUST be ensured that the two end points are authenticated and that a secure communication channel (i.e., an integrity protected exchange of data with the help of the TLS Record Layer) is setup to avoid the possibility of injecting bogus mappings. If an adversary manages to inject false mappings then this could lead to denial of service attacks. If the mapping data contains a URL that does not exist then emergency services for the indicated area are not reachable. If all mapping data contains URLs that point to a single PSAP (rather than a large number) then this PSAP is likely to experience overload conditions. If the mapping data contains a URL that points to a server controlled by the adversary itself then it might impersonate PSAPs.



 TOC 

9.  IANA Considerations



 TOC 

9.1.  Content-type registration for 'application/lostsync+xml'

This specification requests the registration of a new MIME type according to the procedures of RFC 4288 [RFC4288] (Freed, N. and J. Klensin, “Media Type Specifications and Registration Procedures,” December 2005.) and guidelines in RFC 3023 [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.).

MIME media type name:
application
MIME subtype name:
lostsync+xml
Mandatory parameters:
none
Optional parameters:
charset
Indicates the character encoding of enclosed XML.

Encoding considerations:
Uses XML, which can employ 8-bit characters, depending on the character encoding used. See RFC 3023 [RFC3023] (Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” January 2001.), Section 3.2.
Security considerations:
This content type is designed to carry LoST Syncronization protocol payloads.
Interoperability considerations:
None


Published specification:
RFCXXXX [NOTE TO IANA/RFC-EDITOR: Please replace XXXX with the RFC number of this specification.]
Applications which use this media type:
Emergency and Location-based Systems
Additional information:
Magic Number:
None
File Extension:
.lostsyncxml
Macintosh file type code:
'TEXT'
Personal and email address for further information:
Hannes Tschofenig, Hannes.Tschofenig@nsn.com
Intended usage:
LIMITED USE
Author:

This specification is a work item of the IETF ECRIT working group, with mailing list address <ecrit@ietf.org>.

Change controller:

The IESG <iesg@ietf.org>



 TOC 

9.2.  LoST Sync Relax NG Schema Registration

URI:
urn:ietf:params:xml:schema:lostsync1
Registrant Contact:
IETF ECRIT Working Group, Hannes Tschofenig (Hannes.Tschofenig@gmx.net).
Relax NG Schema:
The Relax NG schema to be registered is contained in Section 6 (RelaxNG).



 TOC 

9.3.  LoST Synchronization Namespace Registration

URI:
urn:ietf:params:xml:ns:lostsync1
Registrant Contact:
IETF ECRIT Working Group, Hannes Tschofenig (Hannes.Tschofenig@gmx.net).
XML:
BEGIN
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
  "http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="content-type"
        content="text/html;charset=iso-8859-1"/>
  <title>LoST Synchronization Namespace</title>
</head>
<body>
  <h1>Namespace for LoST server synchronization</h1>
  <h2>urn:ietf:params:xml:ns:lost1:sync</h2>
<p>See <a href="[URL of published RFC]">RFCXXXX
    [NOTE TO IANA/RFC-EDITOR:
     Please replace XXXX with the RFC number of this
    specification.]</a>.</p>
</body>
</html>
END



 TOC 

10.  Acknowledgments

Robins George, Cullen Jennings, Karl Heinz Wolf, Richard Barnes, Mayutan Arumaithurai, Alexander Mayrhofer, and Andrew Newton provided helpful input. Jari Urpalainen assisted with the Relax NG schema. We would also like to thank our PROTO shepherd Roger Marshall for his help with the document.



 TOC 

11.  References



 TOC 

11.1. Normative References

[RFC2119] Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997 (TXT, HTML, XML).
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” RFC 2616, June 1999 (TXT, PS, PDF, HTML, XML).
[RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” RFC 2617, June 1999 (TXT, HTML, XML).
[RFC2818] Rescorla, E., “HTTP Over TLS,” RFC 2818, May 2000 (TXT).
[RFC3023] Murata, M., St. Laurent, S., and D. Kohn, “XML Media Types,” RFC 3023, January 2001 (TXT).
[RFC4288] Freed, N. and J. Klensin, “Media Type Specifications and Registration Procedures,” BCP 13, RFC 4288, December 2005 (TXT).
[RFC5222] Hardie, T., Newton, A., Schulzrinne, H., and H. Tschofenig, “LoST: A Location-to-Service Translation Protocol,” RFC 5222, August 2008 (TXT).
[RFC5246] Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.2,” RFC 5246, August 2008 (TXT).
[W3C.REC-xmldsig-core-20020212] Solo, D., Eastlake, D., and J. Reagle, “XML-Signature Syntax and Processing,” World Wide Web Consortium FirstEdition REC-xmldsig-core-20020212, February 2002 (HTML).


 TOC 

11.2. Informative References

[RFC5582] Schulzrinne, H., “Location-to-URL Mapping Architecture and Framework,” RFC 5582, September 2009 (TXT).


 TOC 

Authors' Addresses

  Henning Schulzrinne
  Columbia University
  Department of Computer Science
  450 Computer Science Building
  New York, NY 10027
  US
Phone:  +1 212 939 7004
Email:  hgs+ecrit@cs.columbia.edu
URI:  http://www.cs.columbia.edu
  
  Hannes Tschofenig
  Nokia Siemens Networks
  Linnoitustie 6
  Espoo 02600
  Finland
Phone:  +358 (50) 4871445
Email:  Hannes.Tschofenig@gmx.net
URI:  http://www.tschofenig.priv.at