Location Source Parameter for the SIP Geolocation Header FieldWinterb Consulting ServicesGwynnevilleNSW2500Australia+61 448 266004a.james.winterbottom@gmail.comDeutsche TelekomHeinrich-Hertz Str, 3-7Darmstadt64295Germanyr.jesske@telekom.dewww.telekom.deOrange Labs44, avenue de la RepubliqueChatillon F-92320Francebruno.chatras@orange.comAtosMid City PlaceLondonWC1V 6EAUnited Kingdomandrew.hutton@atos.net
ART
SIPCOREEmergencyCallLocationThere are some circumstances where a Geolocation header field may
contain more than one locationValue. Knowing the identity of the node
adding the locationValue allows the recipient more freedom in selecting
the value to look at first rather than relying solely on the order of
the locationValues. This document defines the "loc-src" parameter so
that the entity adding the locationValue to the Geolocation header
field can identify itself using its hostname. This document updates
RFC 6442.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Terminology
. Rationale
. Mechanism
. Example
. Privacy Considerations
. Security Considerations
. IANA Considerations
. Registration of "loc-src" Parameter for Geolocation Header Field
. References
. Normative References
. Informative References
Acknowledgements
Authors' Addresses
Introduction
The SIP Geolocation specification describes the "Geolocation" SIP header field,
which is used to indicate that the SIP message is conveying location
information. specifies
that SIP intermediaries should not add locationValues to a SIP
request that already contains a locationValue. also states that if a SIP intermediary adds
location, it is fully responsible for addressing the concerns of any
424 (Bad Location Information) SIP response it receives.
However, some communications architectures, such as 3GPP and ETSI , prefer to use information provided by edge
proxies or acquired through the use of core-network nodes before
using information provided solely by user equipment (UE). These
solutions don't preclude the use of UE-provided location but require
a means of being able to distinguish the identity of the node adding
the locationValue to the SIP message from that provided by the UE.
stipulates that the order
of locationValues in the Geolocation header field is the same as the
order in which they were added to the header field. Whilst this
order provides guidance to the recipient as to which values were
added to the message earlier in the communication chain, it does not
identify which node added the locationValue. Knowing the identity of
the entity that added the location to the message allows the
recipient to choose which location to consider first rather than
relying solely on the order of the locationValues in the Geolocation
header field.
This document extends the Geolocation header field of by allowing an entity adding the
locationValue to identify itself using a hostname. This is done by
defining a new geoloc-param header field parameter, "loc-src". How
the entity adding the locationValue to the header field obtains the
location information is out of scope of this document. Please note
that the "loc-src" parameter field does not alter the subject of the
locationValue.
Terminology
The key words "MUST", "MUST NOT",
"REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are
to be interpreted as described in BCP 14 when, and only when, they appear in all capitals,
as shown here.
RationaleThe primary intent of the "loc-src" parameter in this specification is for use in
emergency calling. There are various architectures defined for providing
emergency calling using SIP-based messaging. Each has its own characteristics
with corresponding pros and cons. All of them allow the UE to provide location
information; however, many also attach other sources of location information to
support veracity checks, to provide backup information, or to be used as the primary
location.
This document does not comment on these various architectures or on
the rationale for including multiple locationValues. It does recognize
that these architectures exist and that there is a need to identify the
entity adding the location information.
The "loc-src" parameter adds the location source generating the
locationValue to allow recipients to make informed decisions about which
of the multiple values to use.
The "loc-src" parameter is applicable within a single
private administrative domain or between different administrative
domains where there is a trust relationship between the domains.
Thus, it is intended to use this parameter only in trust domains
where Spec(T) as described in exists.
The "loc-src" parameter is not included in a SIP message
sent to another network if there is no trust relationship.
The "loc-src" parameter is not applicable if the administrative domain manages
emergency calls in a way that does not require any generation of the location.
The functional architecture to support emergency caller location described within ETSI is an
example of an architecture where it makes sense to use this
parameter.
Mechanism
The mechanism adds a geoloc-param parameter to the locationValue
defined in that identifies the hostname of the entity
adding the locationValue to the Geolocation header field.
The Augmented BNF (ABNF) for this parameter is shown in .
Only a fully qualified host name is valid. The syntax does not
support IP addresses, and if an entity conforming to this specification
receives a Geolocation header field with a "loc-src" parameter
containing an IP address, it MUST remove the
parameter.A SIP intermediary conformant to this specification adding a
locationValue to a Geolocation header field SHOULD also
add a "loc-src" header field parameter so that it is clearly identified
as the node adding the location. A User Agent (UA) MUST NOT insert a "loc-src" header field parameter. If a SIP
intermediary receives a message from an untrusted source with the
"loc-src" parameter set, then it MUST remove the "loc-src"
parameter before passing the message into a trusted network.
Example
The following example shows a SIP INVITE message containing a
Geolocation header field with two locationValues. The first
locationValue points to a Presence Information Data Format
Location Object (PIDF-LO) in the SIP body using a
content-indirection (cid:) URI per , and this is provided by the UE. The second
locationValue is an https URI provided by a SIP intermediary,
which identifies itself using the "loc-src" parameter.
Privacy ConsiderationsThis document doesn't change any of the privacy considerations described in
. While the addition of the "loc-src"
parameter identifies the entity that added the location in the
signaling path, this addition provides little more exposure
than adding a proxy identity to the Record-Route header field (privacy defined in ).Security ConsiderationsThis document introduces the ability of a SIP intermediary to insert
a host name indicating that they added the specific locationValue to the
Geolocation header field. The intent is for this field to be used by the location
recipient in the event that the SIP message contains multiple locationValues.
As a consequence, this parameter should only be used by the location recipient
in a trusted network. Adding this parameter in an untrusted network serves solely to give location information to untrusted parties and is NOT RECOMMENDED.
As already stated in ,
securing the location hop by hop, using TLS, protects the message from
eavesdropping and modification in transit but exposes the information
to all SIP intermediaries on the path as well as the endpoint. The
"loc-src" parameter is applicable within a single private administrative
domain or between different administrative domains where there is a
relationship between the domains. If such a trust relationship is not
given, it is strongly recommended to delete the location information.
The use of this parameter is not restricted to a specific architecture, but
using multiple locations and loc-src may end in compatibility issues. already addresses the issue of multiple
locations. To avoid problems of a possible corruption of the location
information including the "loc-src" parameter when using an untrusted
relationship, it is strongly recommended to delete location information when
passed to another domain out of the trust domain.
IANA ConsiderationsRegistration of "loc-src" Parameter for Geolocation Header FieldIANA has added a new SIP header field parameter for
the Geolocation header field in the "Header Field Parameters and
Parameter Values" subregistry (created by ) of the
"Session Initiation Protocol (SIP) Parameters" registry found at
.
Header Field:
Geolocation
Parameter Name:
loc-src
Predefined Values:
No
Reference:
RFC 8787
ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.A Privacy Mechanism for the Session Initiation Protocol (SIP)Private Extensions to the Session Initiation Protocol (SIP) for Asserted Identity within Trusted NetworksThe Internet Assigned Number Authority (IANA) Header Field Parameter Registry for the Session Initiation Protocol (SIP)This document creates an Internet Assigned Number Authority (IANA) registry for the Session Initiation Protocol (SIP) header field parameters and parameter values. It also lists the already existing parameters and parameter values to be used as the initial entries for this registry. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Augmented BNF for Syntax Specifications: ABNFInternet technical specifications often need to define a formal syntax. Over the years, a modified version of Backus-Naur Form (BNF), called Augmented BNF (ABNF), has been popular among many Internet specifications. The current specification documents ABNF. It balances compactness and simplicity with reasonable representational power. The differences between standard BNF and ABNF involve naming rules, repetition, alternatives, order-independence, and value ranges. This specification also supplies additional rule definitions and encoding for a core lexical analyzer of the type common to several Internet specifications. [STANDARDS-TRACK]Location Conveyance for the Session Initiation ProtocolThis document defines an extension to the Session Initiation Protocol (SIP) to convey geographic location information from one SIP entity to another SIP entity. The SIP extension covers end-to-end conveyance as well as location-based routing, where SIP intermediaries make routing decisions based upon the location of the Location Target. [STANDARDS-TRACK]Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Informative ReferencesFunctional architecture to support European requirements on emergency caller location determination and transportEuropean Telecommunications Standards InstituteES 203 178V 1.1.1
A Mechanism for Content Indirection in Session Initiation Protocol (SIP) MessagesThis document defines an extension to the URL MIME External-Body Access-Type to satisfy the content indirection requirements for the Session Initiation Protocol (SIP). These extensions are aimed at allowing any MIME part in a SIP message to be referred to indirectly via a URI. [STANDARDS-TRACK]Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS) emergency sessions3rd Generation Partnership ProjectTS 23.167V12.1.0
AcknowledgementsThe authors would like to thank ,
, and for their
extensive review of this document. The authors would like to
acknowledge the constructive feedback provided by and
.Authors' AddressesWinterb Consulting ServicesGwynnevilleNSW2500Australia+61 448 266004a.james.winterbottom@gmail.comDeutsche TelekomHeinrich-Hertz Str, 3-7Darmstadt64295Germanyr.jesske@telekom.dewww.telekom.deOrange Labs44, avenue de la RepubliqueChatillon F-92320Francebruno.chatras@orange.comAtosMid City PlaceLondonWC1V 6EAUnited Kingdomandrew.hutton@atos.net