Internet Engineering Task Force Stephen Thomas, TransNexus Internet Draft Butch Anton, hereUare draft-thomas-sip-mime-osp-token-00.txt Richard Brennan, GRIC July 14, 2000 David Oran, Cisco Expires January 14, 2001 The application/osp-token MIME type STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as work in progress. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract The Open Settlement Protocol (OSP)[1], an open standard from the European Telecommunications Standards Institute, specifies a means by which IP telephony equipment in one administrative domain may request access to IP telephony equipment (including, but not limited to: Gateways, Proxy Servers, Gatekeepers, etc.) in another administrative domain. OSP grants such access by returning authorization tokens, which must then be passed to the destination IP telephony device during call signaling. In order to support access control via OSP, IP telephony signaling protocols must be capable of carrying these authorization tokens in an interoperable way. This memo defines just such a method for protocols, such as the Session Initiation Protocol[2], that can support carriage of MIME types during call signaling. This memo conforms to the requirements for MIME type registration defined in RFC 2048[3]. 2. Registration Information MIME media type name: application Thomas, et al Expires January 14, 2001 [Page 1] Internet Draft The application/osp-token MIME type July 2000 MIME subtype name: osp-token Required parameters: none Optional parameters: osp-token-format: a value of "asn.1" indicates the token contents use the ASN.1 format defined in Annex D, section D.2.1 of the OSP specification; a value of "xml" indicates the token contents use the XML format defined in Annex D, section D.2.2 of the OSP specification, and a value of "bxml" indicates the token contents use the Binary XML format defined in Annex D, section D.2.3 of the OSP specification. In the absence of any value for this parameter, the token contents shall be self identifying or otherwise understood by appropriate parties. osp-token-version: a character string indicating the earliest revision of the OSP specification to which the token contents conform. In the absence of any value for this parameter, the token contents shall conform to version "2.1.0" of the OSP specification. Encoding considerations: OSP tokens are normally carried as binary data by the call signaling protocol. Call signaling protocols which cannot reliably transfer binary data must use alternate encodings such as base-64, in which case standard MIME content-encoding parameters may indicate the particular encoding. Security considerations: OSP tokens are intended to provide access control to resources of other administrative domains, and, as such, are inherently designed to address security concerns. For that reason, OSP tokens are digitally signed and, optionally, encrypted, as defined in the OSP specification. Interoperability considerations: The means and/or algorithms by which a receiving system determines whether or not an OSP token is valid are a local matter. However, at a minimum, receiving systems should verify the digital signature of the token, and they should ensure that any call details included in the token contents (e.g. called number, calling number, etc.) are appropriate for the contemplated call. Published specification: "Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); Open Settlement Protocol (OSP) for Inter-domain pricing, authorization, and usage exchange". Technical Specification 101 321. European Telecommunications Standards Institute. Version 2.1.0. Thomas, et al Expires January 14, 2001 [Page 2] Internet Draft The application/osp-token MIME type July 2000 Applications which use this media type: IP telephony call signaling protocols that use MIME types to convey additional information during call setup. Additional information: Magic number(s): none File extension(s): none Macintosh File Type Code(s): none Person & email address to contact for further information: Stephen Thomas, stephen.thomas@transnexus.com Intended usage: COMMON Author/Change controller: European Telecommunications Standards Institute 3. References [1] European Telecommunications Standards Institute. "Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); Open Settlement Protocol (OSP) for Inter-domain pricing, authorization, and usage exchange". Technical Specification 101 321. Version 2.1.0. [2] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg. "SIP: Session Initiation Protocol". RFC 2543, March 1999. [3] N. Freed, J. Klensin, and J. Postel. "Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures". RFC 2048, November 1996. 4. Authors' Addresses For more information, the authors of this document are best contacted via Internet mail: Stephen Thomas TransNexus 430 Tenth Street NW, Suite N204 Atlanta, GA 30318 USA Phone: +1 404 872 4887 Fax: +1 404 872 9515 EMail: stephen.thomas@transnexus.com Thomas, et al Expires January 14, 2001 [Page 3] Internet Draft The application/osp-token MIME type July 2000 Butch Anton hereUare Communications, Inc. 3707 Williams Road, Suite 100 San Jose, CA 95117 USA Phone: +1 408 551 0909 Fax: +1 408 985 0895 EMail: butch@hereuare.com Richard Brennan GRIC Communications Inc. 1421 McCarthy Blvd Milpitas, CA 95035 USA Phone: +1 408 965 1193 Fax: +1 408 955 1967 EMail: rbrennan@gric.com David Oran Cisco Systems, Inc. 7 Ladyslipper Lane Acton, MA 01720 USA Phone: +1 508 264 2048 EMail: oran@cisco.com Thomas, et al Expires January 14, 2001 [Page 4]