One document matched: draft-petithuguenin-vipr-reload-usage-02.xml
<?xml version="1.0" encoding="US-ASCII"?>
<?rfc toc="yes" ?>
<?rfc symrefs="yes" ?>
<?rfc iprnotified="yes" ?>
<?rfc strict="no" ?>
<?rfc compact="yes" ?>
<?rfc sortrefs="no" ?>
<?rfc colonspace="yes" ?>
<?rfc rfcedstyle="no" ?>
<?rfc tocdepth="4"?>
<rfc category="std" docName="draft-petithuguenin-vipr-reload-usage-02" ipr="trust200902">
<front>
<title abbrev="VIPR Reload Usage">A Usage of Resource Location and Discovery (RELOAD) for Public Switched Telephone Network (PSTN) Verification</title>
<author fullname="Jonathan Rosenberg" initials="J.R." surname="Rosenberg">
<organization>jdrosen.net</organization>
<address>
<postal>
<street/>
<city>Monmouth</city>
<region>NJ</region>
<country>US</country>
</postal>
<email>jdrosen@jdrosen.net</email>
<uri>http://www.jdrosen.net</uri>
</address>
</author>
<author fullname="Cullen Jennings" initials="C." surname="Jennings">
<organization>Cisco</organization>
<address>
<postal>
<street>170 West Tasman Drive</street>
<city>San Jose</city>
<region>CA</region>
<code>95134</code>
<country>USA</country>
</postal>
<phone>+1 408 421-9990</phone>
<email>fluffy@cisco.com</email>
</address>
</author>
<author fullname="Marc Petit-Huguenin" initials="M." surname="Petit-Huguenin">
<organization>Stonyfish</organization>
<address>
<email>marc@stonyfish.com</email>
</address>
</author>
<date day="10" month="July" year="2011"/>
<area>RAI</area>
<workgroup>VIPR</workgroup>
<abstract>
<t>
Verification Involving PSTN Reachability (VIPR) is a technique for inter-domain SIP federation.
VIPR makes use of the RELOAD protocol to store unverified mappings from phone numbers to RELOAD nodes, with whom a validation process can be run.
This document defines the usage of RELOAD for this purpose.
</t>
</abstract>
<note title="Legal">
<t>This documents and the information contained therein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.</t>
</note>
</front>
<middle>
<section title="Introduction">
<t>
This document relies heavily on the concepts and terminology defined in <xref target="VIPR-OVERVIEW"/> and will not make sense if you have not read that document first.
As it defines a usage for RELOAD <xref target="P2PSIP-BASE"/>, it assumes the reader is also familiar with that specification.
</t>
</section>
<section title="Terminology">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in <xref target="RFC2119"/>.</t>
</section>
<section title="Registering an E.164 number">
<t>
To register an E.164 number a VIPR server stores a ViprRegistration structure using the fully qualified E.164 based number without any non-digit characters but the '+' character as Resource Name.
For redundancy purpose, the VIPR server MUST store the same ViprRegistration structure two more times by using the same Resource Name prepended with the "COPY1" and "COPY2" character string respectively.
</t>
<t>The contents of the ViprRegistration structure are as follow:</t>
<figure>
<artwork><![CDATA[
enum { reserved(0), node_id(8200), (65535) } ViprRegistrationType;
struct {
select (ViprRegistrationType) {
case node_id:
NodeId pvp_provider;
/* This type can be extended */
} ViprRegistrationData;
struct {
ViprRegistrationType type;
uint16 length;
ViprRegistrationData data;
} ViprRegistration;
]]></artwork>
</figure>
<t>The ViprRegistration structure contains the following values:</t>
<t>
<list style="hanging">
<t hangText="type"/>
<t>The type of the registration</t>
<t/>
<t hangText="length"/>
<t>The length of the data structure, i.e. not counting the type and length fields</t>
<t/>
<t hangText="pvp_provider"/>
<t>The Node-ID of the peer to which an AppAttach request should be sent to initiate the PVP protocol</t>
<t/>
</list>
</t>
<t>The Node-ID used in the pvp_provider field and in the key MUST be ready to process AppAttach requests for Application-ID 8470 at the time the registration is done.</t>
<t>
VIPR supports multiple registrations for a single E.164 number by using a Dictionary Data Model.
The dictionary key is the concatenation of the Node-ID and the VServiceId, resulting in a 24 bytes long value.
Using the Node-ID of the node performing the store segments the keyspace of the dictionary so that no two peers ever store using the same key.
Using the VService allows for a single VIPR server to service multiple clusters, and to ensure that numbers published by one cluster (using one VServiceID) do not clobber or step on numbers published by another cluster (using a different VServiceID).
</t>
<t>
The Store operations are paced into the overlay at a fixed rate.
The VIPR server maintains a queue that is filled with store requests.
The VIPR server services that queue at a fixed, provisioned rate, which is stored in a kind configuration variable named <store-rate-limit>.
</t>
</section>
<section title="Fetching a registration">
<t>A VIPR server wishing to validate a E.164 number will start 3 Fetch transactions using respectivelly the fully qualified E.164 based number without any non-digit characters but the '+' character as Resource Name, the same Resource Name prepended with the "COPY1" character string and finally the same Resource Name prepended with the "COPY2" character string.</t>
<t>
The VIPR server will then inspects the elements in the 3 dictionary returned and will keep only the registrations that have the same key in at least 2 of the 3 dictionary returned.
For each registration kept, the VIPR server will fetch the certificates associated with the Node-ID in the key using the CERTIFICATE_BY_NODE usage and will verify that the signature of the registration is valid.
</t>
<t>
The VIPR server can then send an AppAttach to the Node-ID found in the key and registration, using the Application-ID 8470.
After the connection is established, the VIPR server can start PVP as specified in <xref target="VIPR-PVP"/>.
</t>
</section>
<section anchor="kind" title="VIPR-REGISTRATION Kind Definition">
<t>
<list style="hanging">
<t hangText="Name">VIPR-REGISTRATION</t>
<t/>
<t hangText="Kind Ids">
The Resource Name for the VIPR-REGISTRATION Kind-ID is a fully qualified E.164 based number without any non-digit characters but the '+' character, prepended by either an empty character string, the "COPY1" character string or the "COPY2" character string.
The data stored is a ViprRegistration, which contains the Node-ID of the peer to which an AppAttach request should be sent to initiate the PVP protocol.
</t>
<t/>
<t hangText="Data Model">
The data model for the VIPR Kind-ID is dictionary.
The dictionary key is the concatenation of the Node-ID and the VServiceId, resulting in a 24 bytes long value.
Using the Node-ID of the node performing the store segments the keyspace of the dictionary so that no two peers ever store using the same key and using the VService allows for a single VIPR server to service multiple clusters, and to ensure that numbers published by one cluster (using one VServiceID) do not clobber or step on numbers published by another cluster (using a different VServiceID).
</t>
<t/>
<t hangText="Access Control">
The VIPR-MATCH policy can only be used with a VIPR-REGISTRATION Kind-ID.
In this policy, a given value MUST be written (or overwritten) if and only if the Node-ID in the pvp_provider field of the ViprRegistration structure is equal to the first 16 bytes of the dictionary key and if the same Node-ID is the one indicated in the SignerIdentity of the value.
Note that VIPR always let the values stored expire, so the exists field is always equal to TRUE.
</t>
<t/>
<t hangText="Quota">
This kind MUST use the proportional quota algorithm described in <xref target="RELOAD-QUOTA"/> by adding the <max-count-per> element with a value of "SIGNER" to the configuration file.
The <max-count> value, which measures the amount of E.164 numbers a particular node can store, MUST be adjusted to account for the application-layer copies (COPY1 and COPY2).
A VIPR server MUST provide enough Node-IDs to store all the E.164 numbers it is responsible for by dividing this count by the <max-count> value, itself adjusted by an additional 3x factor to make sure that the probability is low that a rejection occurs due to imperfect distribution of Resource-IDs across the ring.
</t>
</list>
</t>
<t>[[Open Issue: need to adjust the multiplier - basically birthday problem!]]</t>
<t>The method for merging data after a partition follows the normal RELOAD rules around temporal ordering.</t>
</section>
<section title="Overlay Configuration Document Extension">
<t>This document extends the overlay configuration document by defining a new element in the "urn:ietf:params:xml:ns:p2p:vipr" namespace.</t>
<t>The <store-rate-limit> defines the maximum rate in seconds that a VIPR server must use to execute Store requests.</t>
<t>The Compact Relax NG Grammar for this element is:</t>
<figure>
<artwork><![CDATA[
namespace vipr = "urn:ietf:params:xml:ns:p2p:vipr"
kind-parameter &= element vipr:store-rate-limit { xsd:unsignedInt }
]]></artwork>
</figure>
</section>
<section title="Security Considerations">
<t>TBD</t>
</section>
<section title="IANA Considerations">
<section title="Access Control Policies">
<t>This document adds a new access control policy to the "RELOAD Access Control Policy" Registry:</t>
<texttable>
<ttcol>Access-Policy</ttcol>
<ttcol>RFC</ttcol>
<c>VIPR-MATCH</c>
<c>This document</c>
</texttable>
<t>This access control policy was described in <xref target="kind"/>.</t>
</section>
<section title="Application-ID">
<t>This document adds a new application ID to the "RELOAD Application-ID" Registry:</t>
<texttable>
<ttcol>Application</ttcol>
<ttcol>Application-ID</ttcol>
<ttcol>Specification</ttcol>
<c>PVP</c>
<c>8470</c>
<c>This document</c>
</texttable>
<t>This access control policy was described in <xref target="kind"/>.</t>
</section>
<section title="Data Kind-ID">
<t>This document adds a new Data Kind-ID to the "RELOAD Data Kind-ID Registry":</t>
<texttable>
<ttcol>KIND</ttcol>
<ttcol>Kind-ID</ttcol>
<ttcol>RFC</ttcol>
<c>VIPR-REGISTRATION</c>
<c>17</c>
<c>This document</c>
</texttable>
<t>This Kind-ID was defined in <xref target="kind"/>.</t>
</section>
<section title="IETF XML Namespaces Registry">
<t>This document adds the following URN to the "XML Namespaces" class of the "IETF XML Registry":</t>
<t>urn:ietf:params:xml:ns:p2p:vipr</t>
</section>
</section>
</middle>
<back>
<references title="Normative References">
<reference anchor="RFC2119">
<front>
<title abbrev="RFC Key Words">Key words for use in RFCs to Indicate Requirement Levels</title>
<author fullname="Scott Bradner" initials="S." surname="Bradner">
<organization>Harvard University</organization>
<address>
<postal>
<street>1350 Mass. Ave.</street>
<street>Cambridge</street>
<street>MA 02138</street>
</postal>
<phone>- +1 617 495 3864</phone>
<email>sob@harvard.edu</email>
</address>
</author>
<date month="March" year="1997"/>
<area>General</area>
<keyword>keyword</keyword>
<abstract>
<t>
In many standards track documents several words are used to signify
the requirements in the specification. These words are often
capitalized. This document defines these words as they should be
interpreted in IETF documents. Authors who follow these guidelines
should incorporate this phrase near the beginning of their document:
<list>
<t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
RFC 2119.
</t>
</list>
</t>
<t>
Note that the force of these words is modified by the requirement
level of the document in which they are used.
</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<format octets="4723" target="http://www.rfc-editor.org/rfc/rfc2119.txt" type="TXT"/>
<format octets="17491" target="http://xml.resource.org/public/rfc/html/rfc2119.html" type="HTML"/>
<format octets="5777" target="http://xml.resource.org/public/rfc/xml/rfc2119.xml" type="XML"/>
</reference>
<reference anchor="P2PSIP-BASE">
<front>
<title>REsource LOcation And Discovery (RELOAD) Base Protocol</title>
<author fullname="Cullen Jennings" initials="C" surname="Jennings">
<organization/>
</author>
<author fullname="Bruce Lowekamp" initials="B" surname="Lowekamp">
<organization/>
</author>
<author fullname="Eric Rescorla" initials="E" surname="Rescorla">
<organization/>
</author>
<author fullname="Salman Baset" initials="S" surname="Baset">
<organization/>
</author>
<author fullname="Henning Schulzrinne" initials="H" surname="Schulzrinne">
<organization/>
</author>
<date day="7" month="July" year="2011"/>
<abstract>
<t>This specification defines REsource LOcation And Discovery (RELOAD), a peer-to-peer (P2P) signaling protocol for use on the Internet. A P2P signaling protocol provides its clients with an abstract storage and messaging service between a set of cooperating peers that form the overlay network. RELOAD is designed to support a P2P Session Initiation Protocol (P2PSIP) network, but can be utilized by other applications with similar requirements by defining new usages that specify the kinds of data that must be stored for a particular application. RELOAD defines a security model based on a certificate enrollment service that provides unique identities. NAT traversal is a fundamental service of the protocol. RELOAD also allows access from "client" nodes that do not need to route traffic or store data for others.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-ietf-p2psip-base-16"/>
<format target="http://www.ietf.org/internet-drafts/draft-ietf-p2psip-base-16.txt" type="TXT"/>
</reference>
<reference anchor="VIPR-OVERVIEW">
<front>
<title>Verification Involving PSTN Reachability: Requirements and Architecture Overview</title>
<author fullname="Cullen Jennings" initials="C" surname="Jennings">
<organization/>
</author>
<author fullname="Jonathan Rosenberg" initials="J" surname="Rosenberg">
<organization/>
</author>
<author fullname="Marc Petit-Huguenin" initials="M" surname="Petit-Huguenin">
<organization/>
</author>
<date day="1" month="April" year="2011"/>
<abstract>
<t>The Session Initiation Protocol (SIP) has seen widespread deployment within individual domains, typically supporting voice and video communications. Though it was designed from the outset to support inter-domain federation over the public Internet, such federation has not materialized. The primary reasons for this are the complexities of inter-domain phone number routing and concerns over security. This document reviews this problem space, outlines requirements, and then describes a new model and technique for inter-domain federation with SIP, called Verification Involving PSTN Reachability (ViPR). ViPR addresses the problems that have prevented inter-domain federation over the Internet. It provides fully distributed inter- domain routing for phone numbers, authorized mappings from phone numbers to domains, a new technique for automated VoIP anti-spam, and privacy of number ownership, all while preserving the trapezoidal model of SIP. Legal This documents and the information contained therein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-jennings-vipr-overview-00"/>
<format target="http://www.ietf.org/internet-drafts/draft-jennings-vipr-overview-00.txt" type="TXT"/>
</reference>
<reference anchor="VIPR-PVP">
<front>
<title>The Public Switched Telephone Network (PSTN) Validation Protocol (PVP)</title>
<author fullname="Jonathan Rosenberg" initials="J" surname="Rosenberg">
<organization/>
</author>
<author fullname="Cullen Jennings" initials="C" surname="Jennings">
<organization/>
</author>
<author fullname="Marc Petit-Huguenin" initials="M" surname="Petit-Huguenin">
<organization/>
</author>
<date day="14" month="June" year="2011"/>
<abstract>
<t>One of the main challenges in inter-domain federation of Session Initiation Protocol (SIP) calls is that many domains continue to utilize phone numbers, and not email-style SIP URI. Consequently, a mechanism is needed that enables secure mappings from phone numbers to domains. The main technical challenge in doing this securely is to verify that the domain in question truly is the "owner" of the phone number. This specification defines the PSTN Validation Protocol (PVP), which can be used by a domain to verify this ownership by means of a forward routability check in the PSTN.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-petithuguenin-vipr-pvp-01"/>
<format target="http://www.ietf.org/internet-drafts/draft-petithuguenin-vipr-pvp-01.txt" type="TXT"/>
</reference>
<reference anchor="RELOAD-QUOTA">
<front>
<title>Proportional Quota in REsource LOcation And Discovery (RELOAD)</title>
<author fullname="Jonathan Rosenberg" initials="J" surname="Rosenberg">
<organization/>
</author>
<author fullname="Cullen Jennings" initials="C" surname="Jennings">
<organization/>
</author>
<author fullname="Marc Petit-Huguenin" initials="M" surname="Petit-Huguenin">
<organization/>
</author>
<date day="4" month="July" year="2011"/>
<abstract>
<t>This document defines an extension to RELOAD [I-D.ietf-p2psip-base] that limits the number of a specific kind element that can be stored by one RELOAD peer.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-petithuguenin-p2psip-proportional-quota-01"/>
<format target="http://www.ietf.org/internet-drafts/draft-petithuguenin-p2psip-proportional-quota-01.txt" type="TXT"/>
</reference>
</references>
<references title="Informative References">
<reference anchor="ACCESS-CONTROL">
<front>
<title>Configuration of Access Control Policy in REsource LOcation And Discovery (RELOAD) Base Protocol</title>
<author fullname="Marc Petit-Huguenin" initials="M" surname="Petit-Huguenin">
<organization/>
</author>
<date day="5" month="July" year="2011"/>
<abstract>
<t>This document describes an extension to the REsource LOcation And Discovery (RELOAD) base protocol to distribute the code of new Access Control Policies without having to upgrade the RELOAD implementations in an overlay.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-petithuguenin-p2psip-access-control-03"/>
<format target="http://www.ietf.org/internet-drafts/draft-petithuguenin-p2psip-access-control-03.txt" type="TXT"/>
</reference>
</references>
<section title="Examples">
<t>The Resource Names and Resource-IDs for the E.164 number +1 408 555 5432 are:</t>
<texttable>
<ttcol>Resource Name</ttcol>
<ttcol>Resource-ID</ttcol>
<c>+14085555432</c>
<c>6abaec4308294521e2f600ab5fd01e5</c>
<c>COPY1+14085555432</c>
<c>9038006a8de78f818d318b60ed149d9</c>
<c>COPY2+14085555432</c>
<c>3d288c777bcf3aad38b077355026718</c>
</texttable>
<t>The VIPR-MATCH access control can be implemented with the following code (Using the notation in <xref target="ACCESS-CONTROL"/>):</t>
<t>
<figure>
<artwork><![CDATA[
var equals = function(a, b) {
if (a.length !== b.length) return false;
for (var i = 0; i < a.length; i++) {
if (a[i] !== b[i]) return false;
}
return true;
};
var length = configuration.node_id_length;
return equals(entry.key.slice(0, length),
entry.value.slice(4, length + 4))
&& equals(entry.key.slice(0, length), signature.node_id);]]></artwork>
</figure>
</t>
</section>
<section title="Release notes">
<t>This section must be removed before publication as an RFC.</t>
<section title="Modifications between vipr-02 and vipr-01">
<t>
<list style="symbols">
<t>Made clear in the access control policy that exists is always equal to TRUE.</t>
<t>Updated with new version of proportional-quota.</t>
<t>The access control code now uses the configuration parameter.</t>
<t>Assigned values to Application-ID and Kind-ID.</t>
<t>Added running code section.</t>
<t>Nits</t>
</list>
</t>
</section>
<section title="Modifications between vipr-01 and vipr-00">
<t>
<list style="symbols">
<t>Moved most of the quota algorithm to a separate I-D named draft-petithuguenin-p2psip-proportional-quota.</t>
<t>
Removed the text saying that the same DHT can also be used for a RELOAD SIP usage, as it contradicts text in overview.
Also the quota algorithm does not work with clients, but SIP registration uses clients.
</t>
<t>Added Terminology section</t>
<t>
Converted the TLV value stored to a structure using the syntax described in p2psip-base to not be dependent on VAP.
The new structure is bit compatible with the old definition.
</t>
<t>Changed the dictionary key to be binary based instead of text based.</t>
<t>Copied text from VAP explaining that the Store operations are queued and that the rate is limited.</t>
<t>Added voting algorithm when fetch returns different results for the 3 copies.</t>
<t>Added explanation on how to verify the signatures.</t>
<t>Added text on how to form the PVP connection</t>
<t>Rewrote some of the text so it looks more like a regular RELOAD usage.</t>
<t>Removed section 3 "PeerID Shim" now that support for multiple Node-ID in certificates in fully integrated in RELOAD base.</t>
<t>Filled IANA section</t>
<t>Added examples of conversion from E.164 number to Resource-ID</t>
<t>Added example code for the VIPR access control</t>
</list>
</t>
</section>
<section title="Modifications between vipr-00 and dispatch-03">
<t>
<list style="symbols">
<t>Moved to new Working Group.</t>
</list>
</t>
</section>
<section title="Modifications between dispatch-03 and dispatch-02">
<t>
<list style="symbols">
<t>Nits.</t>
<t>Shorter I-Ds references.</t>
<t>Fixed the peerID and VServiceID to be hexadecimal.</t>
<t>Fixed the description of the dictionary entry</t>
<t>Fixed the description of the TLV.</t>
<t>Used +1 408 555 prefix for phone numbers in examples.</t>
<t>Replaced peerId by Node-ID</t>
<t>Replaced resourceID by Resource-ID</t>
</list>
</t>
</section>
<section title="Running Code Considerations">
<t>
<list style="symbols">
<t>
Reference Implementation for the kind and access control policy (<http://debian.implementers.org/testing/source/reload.tar.gz>).
Marc Petit-Huguenin.
Implements version -02.
</t>
</list>
</t>
</section>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 11:07:19 |