Network Working Group                                            S. Lind
Request for Comments: 5067                                     AT&T Labs
Category: Informational                                        P. Pfautz
                                                                    AT&T
                                                           November 2007
                    Infrastructure ENUM Requirements
Status of This Memo
   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.
Abstract
   This document provides requirements for "infrastructure" or "carrier"
   ENUM (E.164 Number Mapping), defined as the use of RFC 3761
   technology to facilitate interconnection of networks for E.164 number
   addressed services, in particular but not restricted to VoIP (Voice
   over IP.)
Table of Contents
   1.  Infrastructure ENUM . . . . . . . . . . . . . . . . . . . . . . 1
     1.1.  Definition  . . . . . . . . . . . . . . . . . . . . . . . . 1
     1.2.  Background  . . . . . . . . . . . . . . . . . . . . . . . . 2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 3
   3.  Requirements for Infrastructure ENUM  . . . . . . . . . . . . . 3
   4.  Security Considerations . . . . . . . . . . . . . . . . . . . . 4
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   6.  Normative References  . . . . . . . . . . . . . . . . . . . . . 5
1.  Infrastructure ENUM
1.1.  Definition
   Infrastructure ENUM is defined as the use of the technology in RFC
   3761 [1] by the carrier-of-record (as defined below) for a specific
   E.164 number [2] to publish the mapping of the E.164 number into a
   URI [3] that identifies a specific point of interconnection to that
   service provider's network.  It is separate from any URIs that the
   end user, who registers their E.164 number, may wish to associate
   with that E.164 number.
Lind & Pfautz                Informational                      [Page 1]
RFC 5067            Infrastructure ENUM Requirements       November 2007
   "Infrastructure ENUM" is distinguished from "End User ENUM", defined
   in RFC3761 [1], in which the entity or person having the right to use
   a number has the sole discretion about the content of the associated
   domain and thus the zone content.  From a domain registration
   perspective, the end user number assignee is thus the registrant.
   Within the infrastructure ENUM namespace, we use the term "carrier-
   of-record" for the entity having discretion over the domain and zone
   content and acting as the registrant.  The "carrier-of-record" is:
   o The Service Provider to which the E.164 number was allocated for
   end user assignment, whether by the National Regulatory Authority
   (NRA) or the International Telecommunication Union (ITU), for
   instance, a code under "International Networks" (+882) or "Universal
   Personal Telecommunications (UPT)" (+878) or,
   o if the number is ported, the service provider to which the number
   was ported, or
   o where numbers are assigned directly to end users, the service
   provider that the end user number assignee has chosen to provide a
   Public Switched Telephone Network/Public Land Mobile Network (PSTN/
   PLMN) point-of-interconnect for the number.
   It is understood that the definition of carrier-of-record within a
   given jurisdiction is subject to modification by national
   authorities.
1.2.  Background
   Voice service providers use E.164 numbers currently as their main
   naming and routing vehicle.  Infrastructure ENUM in e164.arpa or
   another publicly available tree allows service providers to link
   Internet-based resources such as URIs to E.164 numbers.  This allows
   service providers, in addition to interconnecting via the PSTN/PLMN
   (or exclusively), to peer via IP-based protocols.  Service providers
   may announce all E.164 numbers or number ranges they host, regardless
   of whether the final end user device is on the Internet, on IP-based
   open or closed Next Generation Networks (NGNs), or on the PSTN or
   PLMN, provided that an access point of some type to the destination
   service provider's network is available on the Internet.  There is
   also no guarantee that the originating service provider querying
   infrastructure ENUM is able to access the ingress network element of
   the destination provider's network.  Additional peering and
   accounting agreements requiring authentication may be necessary.  The
   access provided may also be to a shared network of a group of
   providers, resolving the final destination network within the shared
   network.
Lind & Pfautz                Informational                      [Page 2]
RFC 5067            Infrastructure ENUM Requirements       November 2007
2.  Terminology
   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14, RFC2119 [4].
3.  Requirements for Infrastructure ENUM
   1.  Infrastructure ENUM SHALL provide a means for a provider to
       populate DNS resource records (RRs) for the E.164 numbering
       resources for which it is the carrier-of-record in a single
       common publicly accessible namespace.  The single common
       namespace ultimately designated may or may not be the same as
       that designated for End User ENUM (e164.arpa.)  The Fully-
       Qualified Domain Name (FQDN) in the resulting resource records
       will not necessarily belong to or identify the carrier-of-record.
   2.  Queries of infrastructure ENUM fully qualified domain names MUST
       return a result, even if the result is Refused (RCODE = 5).
       Queries must not be rejected without response, e.g., based on
       access control lists.
   3.  Infrastructure ENUM SHALL support RRs providing a URI that can
       identify a point of interconnection for delivery to the carrier-
       of-record of communications addressed to the E.164 number.
   4.  Infrastructure ENUM SHOULD be able to support an Internet
       Registry Information Service (IRIS) [5] capability that allows
       qualified parties to obtain information regarding the E.164
       numbering resources and the corresponding carrier-of-record.
       Determination of what information, if any, shall be available
       which parties for geographic numbers is a national matter.
   5.  Implementation of infrastructure ENUM MUST NOT restrict the
       ability of an end user, in a competitive environment, to choose a
       Registrar and/or name server provider for End User ENUM
       registrations.
   6.  The domain name chosen for infrastructure ENUM and any parent
       domains MUST be hosted on name servers that have performance
       characteristics and supporting infrastructure that is comparable
       to those deployed for the Internet root name servers.  Those name
       servers for infrastructure ENUM should be configured and operated
       according to the guidelines described in [6].
   7.  Infrastructure ENUM MUST meet all reasonable privacy concerns
       about visibility of information over which an end user has no
       control.  It should, for example, support mechanisms to prevent
Lind & Pfautz                Informational                      [Page 3]
RFC 5067            Infrastructure ENUM Requirements       November 2007
       discovery of unlisted numbers by comparison of ENUM registrations
       against directory listings, or inadvertent disclosure of user
       identity.
   8.  Proposed implementations of infrastructure ENUM SHOULD:
       A.  Minimize changes required to existing requirements that are
           part of RFC 3761.
       B.  Work with open as well as closed numbering plans.
       C.  Not require additional functionality of resolvers at large
           though they may require additional functionality in service
           provider resolvers that would make use of infrastructure
           ENUM.
       D.  Minimize the number of lookups required to obtain as many
           NAPTR (Naming Authority Pointer) records (end user and
           infrastructure) as possible.
       E.  Minimize knowledge of the numbering plan required of
           resolvers making use of Infrastructure ENUM.
       F.  Maximize synergies with End User ENUM.
       G.  Support interworking with private ENUM trees.  (In this
           context, a private ENUM tree is one that is not under
           e164.arpa or whatever namespace is chosen for infrastructure
           ENUM but uses instead a privately held domain.)
4.  Security Considerations
   Existing security considerations for ENUM (detailed in [1]) still
   apply.  Since infrastructure ENUM involves carriers where RFC 3761
   mainly considered indviduals, implementations meeting these
   requirements SHOULD reconsider the RFC 3761 security model given this
   difference in actors concerned.  Note that some registration
   validation issues concerning End User ENUM may not apply to
   infrastructure ENUM.  Where the Tier 1 registry is able to identify
   the provider serving a number, e.g., based on industry data for
   number block assignments and number portability, registration might
   be more easily automated and a separate registrar not required.
   Some parties have expressed concern that an infrastructure ENUM could
   compromise end user privacy by making it possible for others to
   identify unlisted or unpublished numbers based on their registration
   in ENUM.  This can be avoided if providers register all of the their
   allocated (as opposed to assigned) numbers.  Unassigned numbers
Lind & Pfautz                Informational                      [Page 4]
RFC 5067            Infrastructure ENUM Requirements       November 2007
   should be provisioned to route to the provider's network in the same
   fashion as assigned numbers and only then provide an indication that
   they are unassigned.  In that way, provider registration of a number
   in ENUM provides no more information about the status of a number
   than could be obtained by dialing it.
   Implementers should take care to avoid inadvertent disclosure of user
   identities, for example, in the URIs returned in response to
   infrastructure ENUM queries.
5.  IANA Considerations
   This document includes no actions to be taken by IANA.  The
   architecture ultimately chosen to meet the requirements may require
   IANA actions.
6.  Normative References
   [1]  Faltstrom, P. and M. Mealling, "The E.164 to Uniform Resource
        Identifiers (URI) Dynamic Delegation Discovery System (DDDS)
        Application (ENUM)", RFC 3761, April 2004.
   [2]  International Telecommunication Union-Telecommunication
        Standardization Sector, "The International Public
        Telecommunication Numbering Plan", Recommendation E.164",
        February 2005.
   [3]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
        Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986,
        January 2005.
   [4]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.
   [5]  Newton, A. and M. Sanz, "IRIS: The Internet Registry Information
        Service (IRIS) Core Protocol", RFC 3981, January 2005.
   [6]  Bush, R., Karrenberg, D., Kosters, M., and R. Plzak, "Root Name
        Server Operational Requirements", BCP 40, RFC 2870, June 2000.
Lind & Pfautz                Informational                      [Page 5]
RFC 5067            Infrastructure ENUM Requirements       November 2007
Authors' Addresses
   Steven Lind
   AT&T Labs
   180 Park Ave
   Florham Park, NJ  07932-0971
   USA
   EMail: sdlind@att.com
   Penn Pfautz
   AT&T
   200 S. Laurel Ave
   Middletown, NJ  07748
   USA
   EMail: ppfautz@att.com
Lind & Pfautz                Informational                      [Page 6]
RFC 5067            Infrastructure ENUM Requirements       November 2007
Full Copyright Statement
   Copyright (C) The IETF Trust (2007).
   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.
   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.
   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.
   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.
Lind & Pfautz                Informational                      [Page 7]