[Docs] [txt|pdf] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 07

Dispatch Working Group                                   R. Atarius, Ed.
Internet-Draft                                          January 13, 2018
Intended status: Informational
Expires: July 17, 2018


 Using the Mobile Equipment Identity (MEID) Uniform Resource Name (URN)
                           as an Instance ID
            draft-atarius-dispatch-meid-urn-as-instanceid-07

Abstract

   This specification specifies how the Uniform Resource Name (URN)
   namespace reserved for the Third Generation Partnership Project 2
   (3GPP2) identities and its Namespace Specific String (NSS) for the
   Mobile Equipment Identity (MEID) can be used as an instance-id.  Its
   purpose is to fulfill the requirements for defining how a specific
   URN needs to be constructed and used in the "+sip.instance" Contact
   header field parameter for outbound behavior.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on July 17, 2018.

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must



Atarius                   Expires July 17, 2018                 [Page 1]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Background  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  3GPP2 Use Cases . . . . . . . . . . . . . . . . . . . . . . .   4
   5.  User Agent Client Procedures  . . . . . . . . . . . . . . . .   5
   6.  User Agent Server Procedures  . . . . . . . . . . . . . . . .   5
   7.  3GPP/3GPP2 SIP Registrar Procedures . . . . . . . . . . . . .   6
   8.  IANA considerations . . . . . . . . . . . . . . . . . . . . .   6
   9.  Security considerations . . . . . . . . . . . . . . . . . . .   6
   10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   7
   11. References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     11.1.  Normative references . . . . . . . . . . . . . . . . . .   7
     11.2.  Informative references . . . . . . . . . . . . . . . . .   8
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Introduction

   This specification specifies how the Uniform Resource Name (URN)
   namespace reserved for Third Generation Partnership Project 2 (3GPP2)
   identities and its Namespace Specific String (NSS) for the Mobile
   Equipment Identity (MEID) as specified in draft-atarius-dispatch-
   meid-urn [9] can be used as an instance-id as specified in RFC 5626
   [3] and also as used by RFC 5627 [4].

   RFC 5626 [3] specifies the "+sip.instance" Contact header field
   parameter that contains a URN as specified in RFC 8141 [5].  The
   instance-id uniquely identifies a specific User Agent (UA) instance.
   This instance-id is used as specified in RFC 5626 [3] so that the
   Session Initiation Protocol (SIP) registrar (as specified in RFC 3261
   [1]) can recognize that the contacts from multiple registrations
   correspond to the same UA.  The instance-id is also used as specified
   by RFC 5627 [4] to create Globally Routable User Agent URIs (GRUUs)
   that can be used to uniquely address a UA when multiple UAs are
   registered with the same Address of Record (AoR).

   RFC 5626 [3] requires that a UA SHOULD create a Universally Unique
   Identifier (UUID) URN as specified in RFC 4122 [8] as its instance-id
   but allows for the possibility to use other URN schemes.







Atarius                   Expires July 17, 2018                 [Page 2]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   RFC 5626 [3] states:

       "If a URN scheme other than UUID is used, the UA MUST only
       use URNs for which an RFC (from the IETF stream) defines how
       the specific URN needs to be constructed and used in the
       "+sip.instance" Contact header field parameter for outbound
       behavior."

   This specification meets this requirement by specifying how the 3GPP2
   MEID URN is used in the "+sip.instance" Contact header field
   parameter for outbound behavior and draft-atarius-dispatch-meid-urn
   [9] specifies how the 3GPP2 MEID URN is constructed.

   The 3GPP2 MEID URN is a URN for the MEID a globally unique identifier
   that identifies mobile devices used in the 3GPP2 networks.  The MEID
   allocation is managed by the 3GPP2 to ensure that the MEID values are
   globally unique.  Details of the formatting of the MEID as a URN are
   specified in draft-atarius-dispatch-meid-urn [9] and the definition
   of the MEID is contained in 3GPP2 S.R0048-A [12].

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 8174 [6].

3.  Background

   Mobile communication has been rapidly improved from low bit rate
   circuit switched system to the higher data rate packet switched
   system.  The packet switched system has added mobile capability of
   Internet Protocol (IP) connectivity and thereby the IP Multimedia
   Subsystem (IMS) have made SIP based calls and IP multimedia sessions
   from mobile devices possible.

   3GPP2 defines High Rate Packet Data (HRPD) with high data rates and
   it dispenses with the 1x Circuit Switched (1xCS) infrastructure.
   This means that with HRPD networks, voice calls will need to be
   conducted using IP and IMS.  However, the transition to all IP, SIP
   based IMS networks worldwide will take a great many years from the
   time of this writing and mobile devices will need to operate in both
   IP/SIP/IMS mode and circuit switched mode.  This means that calls and
   sessions will need to be handed over between IP/SIP/IMS mode and
   circuit switched mode mid-call or mid-session.  To achieve this the
   mobile device needs to simultaneously communicate via both the
   IP/SIP/IMS domain and the circuit switched domain.





Atarius                   Expires July 17, 2018                 [Page 3]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   To meet this need 3GPP2 has specified how to maintain voice session
   continuity between the IP/SIP/IMS domain and the circuit switched
   domain in 3GPP2 S.X0042-B [13].

   In order for the mobile device to access SIP/IMS voice service via
   the circuit switched domain 3GPP2 has specified that Mobile Switching
   Center (MSC) server either via IMS Media Gateway Control Function
   (MGCF) or directly, if enhanced by SIP interface, controls mobile
   voice call setup over the circuit switched radio access while
   establishing the corresponding voice session in the core network
   using SIP/IMS.  To enable this, the mobile device MUST be identified
   in both 1xCS and IP/SIP/IMS domains.  The only mobile device
   identifier that is transportable using 1xCS signaling is the MEID
   therefore the instance-id included by the MGCF or the MSC server, and
   the instance-id directly included by the mobile device both need to
   be based on the MEID.

   Additionally in order to meet the above requirements, the same MEID
   that is obtained from the circuit switched signaling by the MSC
   server needs to be obtainable from SIP signaling so that it can be
   determined that both the SIP signaling and circuit switched signaling
   originate from the same mobile device.

4.  3GPP2 Use Cases

   1.  The mobile device includes its MEID in the SIP REGISTER request
   so that the SIP registrar can perform a check of the Equipment
   Identity Register (EIR) to verify if this mobile device is allowed or
   barred from accessing the network for non-emergency services (e.g.,
   because it has been stolen).  If the mobile device is not allowed to
   access the network for non-emergency services the SIP registrar can
   reject the registration.  Thus a barred mobile device is prevented
   from accessing the network for non-emergency services.

   2.  The mobile device includes its MEID in SIP INVITE requests used
   to establish emergency sessions.  This is so that the Public Safety
   Answering Point (PSAP) can obtain the MEID of the mobile device for
   identification purposes if required by regulations.

   3.  The inclusion by the mobile device of its MEID in SIP INVITE
   requests used to establish emergency sessions is also used in the
   cases of unauthenticated emergency sessions to enable the network to
   identify the mobile device.  This is especially important if the
   unauthenticated emergency session is handed over from the packet
   switched domain to the circuit switched domain.  In this scenario the
   MEID is the only identifier that is common to both domains.  The
   Emergency Access Transfer Function (EATF) which coordinates the call
   transfer between the domains, can thus use the MEID to identify that



Atarius                   Expires July 17, 2018                 [Page 4]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   the circuit switched call is from the same mobile device that was in
   the emergency session in the packet switched domain.

5.  User Agent Client Procedures

   A single mode 3GPP2 User Agent Client (UAC) which uses only 3GPP2
   technology to transmit and receive voice or data has an MEID as
   specified in 3GPP2 S.R0048-A [12].  The single mode 3GPP2 UAC that is
   registering with a 3GPP2 IMS network includes in the "sip.instance"
   media feature tag the 3GPP2 MEID URN according to the syntax
   specified in draft-atarius-dispatch-meid-urn [9] when performing the
   registration procedures specified in RFC 5626 [3] or RFC 5627 [4] or
   any other procedure requiring the inclusion of the "sip.instance"
   media feature tag.

   A UAC MUST NOT use the 3GPP2 MEID URN as an instance-id except when
   registering with a 3GPP2 IMS network.  When a UAC is operating in IMS
   mode it will obtain the domain of the carrier's IMS network to
   register with, from the Universal Integrated Circuit Card (UICC),
   pre-configuration, or the network at the time of establishing the
   Packet Data Protocol (PDP) context.  These three methods are carrier
   specific and are only performed by the carrier IMS networks.  The UAC
   will also obtain the address of the IMS edge proxy to send the
   REGISTER request containing the MEID using information elements in
   the Attach response when it attempts to connect to the carriers
   packet data network.  When registering with a non-3GPP or non-3GPP2
   IMS network a UAC SHOULD use a Universally Unique Identifier (UUID)
   as an instance-id as specified in RFC 5626 [3].

   A UAC MUST NOT include the "sip.instance" media feature tag
   containing the 3GPP2 MEID URN in the Contact header field of non-
   REGISTER requests except when the request is related to an emergency
   session.  Regulatory requirements can require the MEID to be provided
   to the PSAP.  Any future exceptions to this prohibition require an
   RFC that addresses how privacy is not violated by such a usage.

6.  User Agent Server Procedures

   A User Agent Server (UAS) MUST NOT include its "sip.instance" media
   feature tag containing the 3GPP2 MEID URN in the Contact header field
   of responses except when the response is related to an emergency
   session.  Regulatory requirements can require the MEID to be provided
   to the PSAP.  Any future exceptions to this prohibition require an
   RFC that addresses how privacy is not violated by such a usage.







Atarius                   Expires July 17, 2018                 [Page 5]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


7.  3GPP/3GPP2 SIP Registrar Procedures

   In 3GPP/3GPP2 IMS when the SIP Registrar receives in the Contact
   header field a "sip.instance" media feature tag containing the 3GPP2
   MEID URN according to the syntax specified in draft-atarius-dispatch-
   meid-urn [9] the SIP registrar follows the procedures specified in
   RFC 5626 [3].  The MEID URN MAY be validated as described in the
   draft-atarius-dispatch-meid-urn [9].  If the UA indicates that it
   supports the extension in RFC 5627 [4] and the SIP Registrar
   allocates a GRUU according to the procedures specified in RFC 5627
   [4] the instance-id MUST be obfuscated when creating the "gr"
   parameter in order not to reveal the MEID to other UAs when the
   public GRUU is included in non-REGISTER requests and responses.  3GPP
   TS 24.229 [10] subclause 5.4.7A.2 specifies the mechanism for
   obfuscating the MEID when creating the "gr" parameter.

8.  IANA considerations

   This document defines no items requiring action by IANA.

9.  Security considerations

   Since MEIDs like other formats of instance-ids can be correlated to a
   user, they are personally identifiable information and MUST be
   treated as such.  In particular, the "sip.instance" media feature tag
   containing the 3GPP2 MEID URN MUST NOT be included in requests or
   responses intended to convey any level of anonymity, as this could
   violate the users privacy.  RFC 5626 [3] states "One case where a UA
   could prefer to omit the "sip.instance" media feature tag is when it
   is making an anonymous request or some other privacy concern requires
   that the UA not reveal its identity".  The same concerns apply when
   using the 3GPP2 MEID URN as an instance-id.  Publication of the 3GPP2
   MEID URN to networks that the UA is not attached to or the UA does
   not have a service relationship with is a security breach and the
   "sip.instance" media feature tag MUST NOT be forwarded by the service
   provider's network elements when forwarding requests or responses
   towards the destination UA.  The 3GPP2 MEID URN MUST NOT accidentally
   leak in other contexts, such as and in particular when application
   servers subscribe to user registration state using the event package
   defined in RFC 3680 [2].  Additionally, an instance-id containing the
   3GPP2 MEID URN identifies a mobile device and not a user.  The
   instance-id containing the 3GPP2 MEID URN MUST NOT be used alone as
   an address for a user or as an identification credential for a user.
   The GRUU mechanism specified in RFC 5627 [4] provides a means to
   create URIs that address the user at a specific device or User Agent.






Atarius                   Expires July 17, 2018                 [Page 6]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   Entities that log the instance-id need to protect them as personally
   identifiable information.  Regulatory requirements can require
   carriers to log SIP MEIDs.

   In order to protect the "sip.instance" media feature tag containing
   the 3GPP2 MEID URN from being tampered with, those REGISTER requests
   containing the 3GPP2 MEID URN MUST be sent using a security mechanism
   such as Transport Layer Security (TLS) as specified in RFC 4346 [7]
   or any other security mechanism that provides equivalent levels of
   protection such as hop-by-hop security based upon IP Security
   (IPsec).

10.  Acknowledgments

   This document draws heavily on draft-atarius-dispatch-meid-urn [9]
   and also on the style and structure used in RFC 7255 [11].

   The author thanks for the detailed comments, provided by Andrew
   Allen.

11.  References

11.1.  Normative references

   [1]        Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
              A., Peterson, J., Sparks, R., Handley, M., and E.
              Schooler, "SIP: Session Initiation Protocol", RFC 3261,
              DOI 10.17487/RFC3261, June 2002,
              <https://www.rfc-editor.org/info/rfc3261>.

   [2]        Rosenberg, J., "A Session Initiation Protocol (SIP) Event
              Package for Registrations", RFC 3680,
              DOI 10.17487/RFC3680, March 2004,
              <https://www.rfc-editor.org/info/rfc3680>.

   [3]        Jennings, C., Ed., Mahy, R., Ed., and F. Audet, Ed.,
              "Managing Client-Initiated Connections in the Session
              Initiation Protocol (SIP)", RFC 5626,
              DOI 10.17487/RFC5626, October 2009,
              <https://www.rfc-editor.org/info/rfc5626>.

   [4]        Rosenberg, J., "Obtaining and Using Globally Routable User
              Agent URIs (GRUUs) in the Session Initiation Protocol
              (SIP)", RFC 5627, DOI 10.17487/RFC5627, October 2009,
              <https://www.rfc-editor.org/info/rfc5627>.






Atarius                   Expires July 17, 2018                 [Page 7]


Internet-Draft      Using MEID URN as an Instance ID        January 2018


   [5]        Saint-Andre, P. and J. Klensin, "Uniform Resource Names
              (URNs)", RFC 8141, DOI 10.17487/RFC8141, April 2017,
              <https://www.rfc-editor.org/info/rfc8141>.

   [6]        Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [7]        Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.1", RFC 4346,
              DOI 10.17487/RFC4346, April 2006,
              <https://www.rfc-editor.org/info/rfc4346>.

   [8]        Leach, P., Mealling, M., and R. Salz, "A Universally
              Unique IDentifier (UUID) URN Namespace", RFC 4122,
              DOI 10.17487/RFC4122, July 2005,
              <https://www.rfc-editor.org/info/rfc4122>.

   [9]        Atarius, R., "A Uniform Resource Name Namespace for the
              Device Identity and the Mobile Equipment Identity (MEID)",
              Internet Draft draft-atarius-dispatch-meid-urn, January
              2018.

   [10]       3GPP, "TS 24.229: IP multimedia call control protocol
              based on Session Initiation Protocol (SIP) and Session
              Description Protocol (SDP); Stage 3 (Release 10)",
              3GPP 24.229, September 2013, <ftp://ftp.3gpp.org/Specs/
              archive/24_series/24.229/>.

11.2.  Informative references

   [11]       Allen, A., Ed., "Using the International Mobile station
              Equipment Identity (IMEI) Uniform Resource Name (URN) as
              an Instance ID", RFC 7255, DOI 10.17487/RFC7255, May 2014,
              <https://www.rfc-editor.org/info/rfc7255>.

   [12]       3GPP2, "S.R0048-A: 3G Mobile Equipment Identifier (MEID) -
              Stage 1, Version 4.0", 3GPP2 S.R0048-A 4.0, June 2005.

   [13]       3GPP2, "S.X0042-B: Voice Call Continuity between IMS and
              Circuit Switched Systems - Version 1.0", 3GPP2 S.X0042-B
              1.0, December 2013.

Author's Address

   Roozbeh Atarius (editor)

   Email: r_atarius@yahoo.com



Atarius                   Expires July 17, 2018                 [Page 8]

Html markup produced by rfcmarkup 1.124, available from https://tools.ietf.org/tools/rfcmarkup/