The LoST-Validation Straightforward-Naming Authority PoinTeR (S-NAPTR) Application Service TagCore Technology ConsultingUnited States of Americarg+ietf@coretechnologyconsulting.comhttp://www.coretechnologyconsulting.com470 Conrad Dr.MarsPA16046United States of Americabr@brianrosen.net
Real-Time Applications and Infrastructure
locationLoSTemergencyemergency servicesecrflvfi3This document adds the 'LoST-Validation' service tag to the
Straightforward-Naming Authority PoinTeR (S-NAPTR) Application Service
Tag IANA registry. This tag can appear in a Naming Authority Pointer
(NAPTR) Domain Name System (DNS) record to assist clients of the
Location-to-Service Translation (LoST) Protocol in identifying LoST
servers designated for location validation. This tag and
the information about its use update RFC 5222, which enables the explicit discovery of a server that supports location validation.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Document Scope
. Introduction
. Requirements Language
. The LoST-Validation Application Service Tag
. Backwards Compatibility
. Security Considerations
. IANA Considerations
. S-NAPTR Registration
. References
. Normative References
. Informative References
Acknowledgements
Authors' Addresses
Document ScopeThis document adds 'LoST-Validation' to the S-NAPTR Application
Service Tag IANA registry and describes how this tag fits in the LoST
server discovery procedure described in . This tag is used with Naming Authority Pointer
(NAPTR) Domain Name System (DNS) records so that clients of the
Location-to-Service Translation (LoST) Protocol can identify servers designated for location validation. This tag and the information on its use is an update to that enables the explicit discovery of a server that supports location validation.IntroductionThe LoST Protocol defines a mapping service with the
additional ability for a client to request that a civic address be
validated. The LoST protocol allows servers to ignore a request to
perform location validation. The National Emergency Number Association
(NENA) has defined an architecture for all-IP emergency services (known
as "i3" ), which defines the
mapping (routing) and validation functions as two distinct functional
elements, defined as an Emergency Call Routing Function (ECRF) and a
Location Validation Function (LVF). NENA i3 requires that the mapping
(ECRF) and validation (LVF) functions be separable; an entity
responsible for a LoST server cluster can decide to provide mapping and
validation services using consolidated or separate server clusters
(i.e., using the same or separate boxes). The rationale is that the
mapping service is used in real time during emergency call routing,
while the validation service is used in advance, typically when data is
provisioned; therefore, the mapping service has much higher availability
and response-time requirements than the validation service. An
organization might choose to deploy these services using different
server clusters to make it easier to provide higher levels of service
for the mapping function while shielding it from the potentially bursty
load of validation. Another organization might choose to use the same
sets of servers for both services, configured and deployed to offer the high service level demanded of the mapping service.In order to permit this separability, any entity querying a LoST
server needs to be able to resolve an Application Unique String (AUS)
into a URL for a LoST server designated for the required service (mapping
or validation). This separability needs to be maintained throughout the
LoST tree structure, from forest guide to leaf node (LoST architecture
is described in ). Because
LoST referrals return an AUS rather than a URL, either a different
service tag or a DNS name convention (e.g., "ecrf.example.org" and
"lvf.example.org") is needed to differentiate between the services. DNS name conventions are inflexible and fragile, making a different service tag the preferred approach.Because LoST servers may ignore a request to perform location
validation, a service tag explicitly for location validation also
reduces the likelihood (which has existed since ) that a client needing location validation will reach servers that are not doing so
(due to configuration and/or conditions).Requirements Language
The key words "MUST", "MUST NOT",
"REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT",
"RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be
interpreted as described in BCP 14 when, and only when, they appear in all capitals, as
shown here.
The LoST-Validation Application Service TagThis document adds 'LoST-Validation' to the "S-NAPTR Application
Service Tags" registry created by . The 'LoST-Validation' tag serves as a counterpart
to the 'LoST' tag added by :
the 'LoST' tag identifies servers able to perform the core mapping
function, while 'LoST-Validation' identifies servers designated for the validation function.Because some servers might be configured to provide both mapping and
validation functions, a server identified using the 'LoST' service tag
might also perform the validation function (and resolving the two tags
might result in the same URL). Because the two functions might be
separate, clients seeking a LoST server for location validation can
first try a URI-Enabled NAPTR (U-NAPTR) resolution using the
'LoST-Validation' service tag and can fall back to the 'LoST' service tag if this does not resolve to a usable LoST server.LoST specifies that LoST
servers are located by resolving an AUS using U-NAPTR/DDDS (URI-Enabled
NAPTR / Dynamic Delegation Discovery Service) and defines the 'LoST' application service tag. In
order to permit separability of the mapping and validation services
performed using LoST, this document defines the 'LoST-Validation'
service tag. This tag also reduces the likelihood that a client needing
location validation might reach servers that are not performing validation (due to
configuration and/or conditions). NAPTR records for LoST servers available for location validation contain the 'LoST-Validation' service tag. An entity needing to perform location validation using LoST performs the discovery procedure as described in , except that the 'LoST-Validation' service tag is used in preference to the 'LoST' service tag. For both service tags, the HTTP and HTTPS URL schemes are used. In the absence of any NAPTR records containing the 'LoST-Validation' service tag, the 'LoST' service tag is used. Fallback to the 'LoST' service tag may follow if the 'LoST-Validation' service tag fails to result in a usable LoST server. The discovery procedure with the 'LoST-Validation' service tag might result in the same URL as the 'LoST' service tag, or it may result in a different URL. When the URLs are different, they could lead to the same physical servers or different servers.Backwards CompatibilityThe primary use of LoST in general, and the location validation functionality in particular, is within the emergency services area. Within North America, the NENA i3 document specifies how protocols including LoST are used. The i3 document is expected to reference the 'LoST-Validation' service tag and specify its use in both server NAPTR DNS records and client resolution of AUS.LoST allows a server to refuse to perform location validation and
defines the 'locationValidationUnavailable' warning. LoST also allows a
server to refer to another server rather than answering itself. So, in a
deployment where a LoST tree has separate server clusters for mapping
and for validation, mapping servers receiving a request for validation
could either perform the validation as requested or return the
'locationValidationUnavailable' warning and potentially also include a
<redirect> element to redirect to a validation server. However,
the <redirect> element contains an AUS, so
unless the AUSs for validation and mapping are different (e.g.,
'ecrf.example.org' and 'lvf.example.org'), we still need a different
service tag to allow for flexible deployment choices (i.e., not
requiring a DNS name convention).LoST clients performing emergency services operations in North
America are expected to
comply with the NENA i3 specification and hence support the
'LoST-Validation' service tag when defined. A LoST client implemented
prior to the addition of the 'LoST-Validation' tag would use the 'LoST'
tag to resolve an AUS. Such a client might not be performing location
validation, but if it is, the LoST server it contacts may perform the
service. Even in a deployment where mapping and validation are split,
the data is identical; the split is a load and deployment optimization
strategy. Servers designated for mapping might perform validation when
requested (potentially depending on load or other factors). If an older
client attempts validation using a designated mapping server that
refuses the request, the client will retry later, at which point the
server might provide the function (e.g., if its load or other conditions
have changed). Even
in the case of a designated mapping server that refuses to
perform validation at any time, the server could return a redirect with
a different AUS (e.g., "lvf.example.com") that resolves to a designated
validation server. In the worst case, the client will be
unable to reach a server willing to perform validation and will follow
up (e.g., submit a discrepancy report as specified in NENA i3). The
resolution may be to update the client with the 'LoST-Validation'
service tag, update the AUS returned in a redirect and DNS to use a
different DNS host name, or permit the server to perform validation when
not under stress (or a combination). Note that, because LoST does not
require servers to perform validation, the situation described can exist
regardless of the addition of the 'LoST-Validation' service tag. Use of
the tag improves the likelihood that a client is able to validate a
location when needed.Security ConsiderationsThe security considerations described in , , and apply here. No additional security
aspects are foreseen by the addition of an extra tag. Separation of
services might be desired, for example, to be able to allocate different levels of resources (such as server capacity, attack mitigation, bandwidth, etc.) to the mapping and validation services, in which case separate tags are needed to allow LoST clients (which may include other LoST servers) to identify the correct server cluster. descriptively discusses the
use of DNS security to
mitigate the risk of DNS-based attacks. Because DNS security has become
more widely deployed since the publication of , such measures SHOULD be used when
performing NAPTR resolution. Note that, while there are valid reasons
to proceed with a LoST mapping query despite security failures while
initiating or processing an emergency call, these concerns generally do
not apply to a LoST validation query done in advance of an emergency
call.IANA ConsiderationsIANA has added 'LoST-Validation' to the "S-NAPTR Application Service
Tags" registry created by .
This tag serves as a counterpart to the 'LoST' tag added by .(Note that IANA and call this registry "S-NAPTR Application Service Tags", while calls it "U-NAPTR application service tag".)S-NAPTR RegistrationThis document registers an S-NAPTR application service tag:
Application Service Tag:
LoST-Validation
Defining Publication:
This document
ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS)This memo defines a generalized mechanism for application service naming that allows service location without relying on rigid domain naming conventions (so-called name hacks). The proposal defines a Dynamic Delegation Discovery System (DDDS) Application to map domain name, application service name, and application protocol dynamically to target server and port. [STANDARDS-TRACK]DNS Security Introduction and RequirementsThe Domain Name System Security Extensions (DNSSEC) add data origin authentication and data integrity to the Domain Name System. This document introduces these extensions and describes their capabilities and limitations. This document also discusses the services that the DNS security extensions do and do not provide. Last, this document describes the interrelationships between the documents that collectively describe DNSSEC. [STANDARDS-TRACK]Domain-Based Application Service Location Using URIs and the Dynamic Delegation Discovery Service (DDDS)The purpose of this document is to define a new, straightforward Dynamic Delegation Discovery Service (DDDS) application to allow mapping of domain names to URIs for particular application services and protocols. Although defined as a new DDDS application, dubbed U-NAPTR, this is effectively an extension of the Straightforward NAPTR (S-NAPTR) DDDS Application. [STANDARDS-TRACK]LoST: A Location-to-Service Translation ProtocolThis document describes an XML-based protocol for mapping service identifiers and geodetic or civic location information to service contact URIs. In particular, it can be used to determine the location-appropriate Public Safety Answering Point (PSAP) for emergency services. [STANDARDS-TRACK]Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Informative ReferencesDetailed Functional and Interface Standards for the NENA i3 SolutionLocation-to-URL Mapping Architecture and FrameworkThis document describes an architecture for a global, scalable, resilient, and administratively distributed system for mapping geographic location information to URLs, using the Location-to-Service Translation (LoST) protocol. The architecture generalizes well-known approaches found in hierarchical lookup systems such as DNS. This memo provides information for the Internet community.AcknowledgementsMany thanks to , , , , , , , and for their helpful reviews and suggestions and to for shepherding the document.Authors' AddressesCore Technology ConsultingUnited States of Americarg+ietf@coretechnologyconsulting.comhttp://www.coretechnologyconsulting.com470 Conrad Dr.MarsPA16046United States of Americabr@brianrosen.net