Internet Engineering Task Force (IETF) A. Allen, Ed. Request for Comments: 7255 Blackberry Category: Informational May 2014 ISSN: 2070-1721
Internet Engineering Task Force (IETF) A. Allen, Ed. Request for Comments: 7255 Blackberry Category: Informational May 2014 ISSN: 2070-1721
Using the International Mobile station Equipment Identity (IMEI) Uniform Resource Name (URN) as an Instance ID
使用国际移动站设备标识(IMEI)统一资源名称(URN)作为实例ID
Abstract
摘要
This specification defines how the Uniform Resource Name (URN) reserved for the Global System for Mobile Communications Association (GSMA) identities and its sub-namespace for the International Mobile station Equipment Identity (IMEI) can be used as an instance-id. Its purpose is to fulfill the requirements for defining how a specific URN needs to be constructed and used in the '+sip.instance' Contact header field parameter for outbound behavior.
本规范定义了为全球移动通信系统协会(GSMA)标识保留的统一资源名称(URN)及其用于国际移动站设备标识(IMEI)的子名称空间可以用作实例id。其目的是满足定义特定URN需要如何构造和在出站行为的“+sip.instance”联系人标头字段参数中使用的要求。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7255.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7255.
Copyright Notice
版权公告
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2014 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2 2. Terminology .....................................................3 3. Background ......................................................3 4. 3GPP Use Cases ..................................................5 5. User Agent Client Procedures ....................................5 6. User Agent Server Procedures ....................................6 7. 3GPP SIP Registrar Procedures ...................................6 8. Security Considerations .........................................7 9. Acknowledgements ................................................7 10. References .....................................................8 10.1. Normative References ......................................8 10.2. Informative References ....................................8
1. Introduction ....................................................2 2. Terminology .....................................................3 3. Background ......................................................3 4. 3GPP Use Cases ..................................................5 5. User Agent Client Procedures ....................................5 6. User Agent Server Procedures ....................................6 7. 3GPP SIP Registrar Procedures ...................................6 8. Security Considerations .........................................7 9. Acknowledgements ................................................7 10. References .....................................................8 10.1. Normative References ......................................8 10.2. Informative References ....................................8
This specification defines how the Uniform Resource Name (URN) reserved for the Global System for Mobile Communications Association (GSMA) identities and its sub-namespace for the International Mobile station Equipment Identity (IMEI) as specified in RFC 7254 [1] can be used as an instance-id as specified in RFC 5626 [2] and also as used by RFC 5627 [3].
本规范定义了为全球移动通信系统协会(GSMA)标识保留的统一资源名(URN)以及RFC 7254[1]中规定的国际移动站设备标识(IMEI)的子命名空间如何用作RFC 5626[2]中规定的实例id以及RFC 5627[3]所使用的。
RFC 5626 [2] specifies the '+sip.instance' Contact header field parameter that contains a URN as specified in RFC 2141 [4]. The instance-id uniquely identifies a specific User Agent (UA) instance. This instance-id is used as specified in RFC 5626 [2] so that the Session Initiation Protocol (SIP) registrar (as specified in RFC 3261 [9]) can recognize that the contacts from multiple registrations correspond to the same UA. The instance-id is also used as specified
RFC 5626[2]指定包含RFC 2141[4]中指定的URN的“+sip.instance”联系人标头字段参数。实例id唯一标识特定的用户代理(UA)实例。按照RFC 5626[2]中的规定使用该实例id,以便会话发起协议(SIP)注册器(按照RFC 3261[9]中的规定)能够识别来自多个注册的联系人对应于同一UA。实例id也按指定方式使用
by RFC 5627 [3] to create Globally Routable User Agent URIs (GRUUs) that can be used to uniquely address a UA when multiple UAs are registered with the same Address of Record (AoR).
由RFC 5627[3]创建全局可路由用户代理URI(GROU),当多个UA使用相同的记录地址(AoR)注册时,该URI可用于唯一寻址UA。
RFC 5626 [2] requires that a UA SHOULD create a Universally Unique Identifier (UUID) URN as specified in RFC 4122 [6] as its instance-id but allows for the possibility to use other URN schemes. Per RFC 5626, "If a URN scheme other than UUID is used, the UA MUST only use URNs for which an RFC (from the IETF stream) defines how the specific URN needs to be constructed and used in the "+sip.instance" Contact header field parameter for outbound behavior". This specification meets this requirement by specifying how the GSMA IMEI URN is used in the '+sip.instance' Contact header field parameter for outbound behavior, and RFC 7254 [1] specifies how the GSMA IMEI URN is constructed.
RFC 5626[2]要求UA按照RFC 4122[6]中的规定创建一个通用唯一标识符(UUID)URN作为其实例id,但允许使用其他URN方案。根据RFC 5626,“如果使用UUID以外的URN方案,UA必须仅使用RFC(来自IETF流)定义需要如何构造特定URN并在“+sip.instance”出站行为的联系人标头字段参数中使用的URN”。本规范通过指定出站行为的“+sip.instance”联系人标头字段参数中GSMA IMEI URN的使用方式,以及RFC 7254[1]指定GSMA IMEI URN的构造方式,满足了这一要求。
The GSMA IMEI is a URN for the IMEI -- a globally unique identifier that identifies mobile devices used in the GSM, Universal Mobile Telecommunications System (UMTS), and 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE) networks. The IMEI allocation is managed by the GSMA to ensure that the IMEI values are globally unique. Details of the formatting of the IMEI as a URN are specified in RFC 7254 [1], and the definition of the IMEI is contained in 3GPP TS 23.003 [10]. Further details about the GSMA's role in allocating the IMEI, and the IMEI allocation guidelines, can be found in GSMA PRD TS.06 [11].
GSMA IMEI是IMEI的URN,IMEI是全球唯一的标识符,用于标识GSM、通用移动通信系统(UMTS)和第三代合作伙伴计划(3GPP)长期演进(LTE)网络中使用的移动设备。IMEI分配由GSMA管理,以确保IMEI值是全局唯一的。将IMEI格式化为URN的详细信息在RFC 7254[1]中规定,IMEI的定义包含在3GPP TS 23.003[10]中。有关GSMA在分配IMEI中的作用以及IMEI分配指南的更多详细信息,请参见GSMA PRD TS.06[11]。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [7].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[7]中所述进行解释。
GSM, UMTS, and LTE capable mobile devices represent 90% of the mobile devices in use worldwide. Every manufactured GSM, UMTS, or LTE mobile device has an allocated IMEI that uniquely identifies this specific mobile device. Among other things, in some regulatory jurisdictions the IMEI is used to identify that a stolen mobile device is being used, to help to identify the subscription that is using it, and to prevent use of the mobile device. While GSM was originally a circuit switched system, enhancements such as the General Packet Radio Service (GPRS) and UMTS have added IP data capabilities that, along with the definition of the IP Multimedia Subsystem (IMS), have made SIP-based calls and IP multimedia sessions from mobile devices possible.
支持GSM、UMTS和LTE的移动设备占全球使用的移动设备的90%。每个制造的GSM、UMTS或LTE移动设备都有一个分配的IMEI,该IMEI唯一地标识该特定移动设备。除其他事项外,在一些监管辖区,IMEI用于识别正在使用被盗移动设备,帮助识别正在使用该设备的订阅,并防止使用该移动设备。虽然GSM最初是一个电路交换系统,但通用分组无线业务(GPRS)和UMTS等增强功能增加了IP数据功能,这些功能与IP多媒体子系统(IMS)的定义一起,使得基于SIP的呼叫和来自移动设备的IP多媒体会话成为可能。
The latest enhancement, known as LTE, introduces even higher data rates and dispenses with the circuit switched infrastructure completely. This means that with LTE networks, voice calls will need to be conducted using IP and IMS. However, the transition to all IP SIP-based IMS networks worldwide will take a great many years, and mobile devices, being mobile, will need to operate in both IP/SIP/IMS mode and circuit switched mode. This means that calls and sessions will need to be handed over between IP/SIP/IMS mode and circuit switched mode mid-call or mid-session. Also, since many existing GSM and UMTS radio access networks are unable to support IP/SIP/IMS-based voice services in a commercially acceptable manner, some sessions could have some media types delivered via IP/IMS simultaneously with voice media delivered via the circuit switched domain to the same mobile device. To achieve this, the mobile device needs to be simultaneously attached via both the IP/SIP/IMS domain and the circuit switched domain.
最新的增强,被称为LTE,引入了更高的数据速率,完全取消了电路交换基础设施。这意味着在LTE网络中,语音呼叫将需要使用IP和IMS进行。然而,向全世界所有基于IP SIP的IMS网络的过渡将需要很多年的时间,而作为移动设备的移动设备将需要在IP/SIP/IMS模式和电路交换模式下运行。这意味着呼叫和会话需要在IP/SIP/IMS模式和电路交换模式中间呼叫或中间会话之间切换。此外,由于许多现有GSM和UMTS无线电接入网络无法以商业上可接受的方式支持基于IP/SIP/IMS的语音服务,因此一些会话可以具有通过IP/IMS传送的某些媒体类型,同时具有通过电路交换域传送到同一移动设备的语音媒体。为了实现这一点,移动设备需要同时经由IP/SIP/IMS域和电路交换域连接。
To meet this need, the 3GPP has specified how to maintain session continuity between the IP/SIP/IMS domain and the circuit switched domain in 3GPP TS 24.237 [12], and in 3GPP TS 24.292 [13] has specified how to access IMS hosted services via both the IP/SIP/IMS domain and the circuit switched domain.
为了满足这一需求,3GPP在3GPP TS 24.237[12]中规定了如何保持IP/SIP/IMS域和电路交换域之间的会话连续性,并且在3GPP TS 24.292[13]中规定了如何通过IP/SIP/IMS域和电路交换域访问IMS承载的服务。
In order for the mobile device to access SIP/IMS services via the circuit switched domain, the 3GPP has specified a Mobile Switching Center (MSC) server enhanced for IMS Centralized Services (ICS) and a MSC server enhanced for Single Radio Voice Call Continuity (SR-VCC) that control mobile voice call setup over the circuit switched radio access while establishing the corresponding voice session in the core network using SIP/IMS. To enable this, the MSC server enhanced for ICS or the MSC server enhanced for SR-VCC performs SIP registration on behalf of the mobile device, which is also simultaneously directly registered with the IP/SIP/IMS domain. The only mobile device identifier that is transportable using GSM/UMTS/LTE signaling is the IMEI; therefore, the instance-id included by the MSC server enhanced for ICS or the MSC server enhanced for SR-VCC when acting on behalf of the mobile device, and the instance-id directly included by the mobile device, both need to be based on the IMEI.
为了使移动设备经由电路交换域访问SIP/IMS服务,3GPP已指定为IMS集中服务(ICS)而增强的移动交换中心(MSC)服务器和为单无线电语音呼叫连续性(SR-VCC)而增强的MSC服务器通过电路交换无线电接入控制移动语音呼叫设置,同时使用SIP/IMS在核心网络中建立相应的语音会话。为了实现这一点,针对ICS增强的MSC服务器或针对SR-VCC增强的MSC服务器代表移动设备执行SIP注册,移动设备也同时直接注册到IP/SIP/IMS域。使用GSM/UMTS/LTE信令可传输的唯一移动设备标识符是IMEI;因此,当代表移动设备时,由针对ICS增强的MSC服务器或针对SR-VCC增强的MSC服务器包括的实例id,以及由移动设备直接包括的实例id,都需要基于IMEI。
Additionally, in order to meet the above requirements, the same IMEI that is obtained from the circuit switched signaling by the MSC server needs to be obtainable from SIP signaling so that it can be determined that both the SIP signaling and circuit switched signaling originate from the same mobile device.
另外,为了满足上述要求,MSC服务器从电路交换信令获得的相同IMEI需要可从SIP信令获得,以便可以确定SIP信令和电路交换信令两者都来自同一移动设备。
For these reasons, 3GPP TS 24.237 [12] and 3GPP TS 24.292 [13] already specify the use of the URN namespace for the GSMA IMEI URN as specified in RFC 7254 [1] as the instance-id used by GSM/UMTS/LTE
出于这些原因,3GPP TS 24.237[12]和3GPP TS 24.292[13]已经指定使用RFC 7254[1]中指定的GSMA IMEI URN的URN名称空间作为GSM/UMTS/LTE使用的实例id
mobile devices, the MSC server enhanced for SR-VCC, and the MSC server enhanced for ICS, for SIP/IMS registrations and emergency-related SIP requests.
移动设备,增强的MSC服务器用于SR-VCC,增强的MSC服务器用于ICS,用于SIP/IMS注册和紧急相关SIP请求。
1. The mobile device includes its IMEI in the SIP REGISTER request so that the SIP registrar can perform a check of the Equipment Identity Register (EIR) to verify whether this mobile device is allowed to access the network for non-emergency services or is barred from doing so (e.g., because the device has been stolen). If the mobile device is not allowed to access the network for non-emergency services, the SIP registrar can reject the registration and thus prevent a barred mobile device from accessing the network for non-emergency services.
1. 移动设备在SIP注册请求中包括其IMEI,以便SIP注册器可以执行设备标识注册器(EIR)的检查,以验证该移动设备是否被允许访问网络以获得非紧急服务,或者是否被禁止这样做(例如,因为该设备已被盗)。如果不允许移动设备访问用于非紧急服务的网络,则SIP注册器可以拒绝注册,从而防止被禁止的移动设备访问用于非紧急服务的网络。
2. The mobile device includes its IMEI in SIP INVITE requests used to establish emergency sessions. This is so that the Public Safety Answering Point (PSAP) can obtain the IMEI of the mobile device for identification purposes if required by regulations.
2. 移动设备在用于建立紧急会话的SIP INVITE请求中包括其IMEI。这使得公共安全应答点(PSAP)可以在法规要求时获取移动设备的IMEI以用于识别目的。
3. The IMEI that is included in SIP INVITE requests by the mobile device and used to establish emergency sessions is also used in cases of unauthenticated emergency sessions to enable the network to identify the mobile device. This is especially important if the unauthenticated emergency session is handed over from the packet switched domain to the circuit switched domain. In this scenario, the IMEI is the only identifier that is common to both domains, so the Emergency Access Transfer Function (EATF) in the network, which in such cases coordinates the transfer between domains, can use the IMEI to determine that the circuit switched call is from the same mobile device that was in the emergency session in the packet switched domain.
3. 移动设备SIP INVITE请求中包括的用于建立紧急会话的IMEI也用于未经验证的紧急会话,以使网络能够识别移动设备。如果未经验证的紧急会话从分组交换域转移到电路交换域,这一点尤为重要。在这种情况下,IMEI是两个域共用的唯一标识符,因此网络中的紧急访问传输功能(EATF)在这种情况下协调域之间的传输,可以使用IMEI确定电路交换呼叫来自分组交换域中处于紧急会话中的同一移动设备。
A User Agent Client (UAC) that has an IMEI as specified in 3GPP TS 23.003 [10] and that is registering with a 3GPP IMS network MUST include in the "sip.instance" media feature tag the GSMA IMEI URN according to the syntax specified in RFC 7254 [1] when performing the registration procedures specified in RFC 5626 [2] or RFC 5627 [3], or any other procedure requiring the inclusion of the "sip.instance" media feature tag. The UAC SHOULD NOT include the optional 'svn' parameter in the GSMA IMEI URN in the "sip.instance" media feature tag, since the software version can change as a result of upgrades to the device firmware that would create a new instance-id. Any future non-zero values of the 'vers' parameter, or the future definition of additional parameters for the GSMA IMEI URN that are intended to be
当执行RFC 5626[2]或RFC 5627[3]中规定的注册程序时,具有3GPP TS 23.003[10]中规定的IMEI且正在向3GPP IMS网络注册的用户代理客户端(UAC)必须根据RFC 7254[1]中规定的语法在“sip.instance”媒体功能标签中包含GSMA IMEI URN,或要求包含“sip.instance”媒体功能标签的任何其他过程。UAC不应在“sip.instance”媒体功能标签中的GSMA IMEI URN中包含可选的“svn”参数,因为软件版本可能会因设备固件升级而改变,从而创建新的实例id。“vers”参数的任何未来非零值,或GSMA IMEI URN的其他参数的未来定义
used as part of an instance-id, will require that an update be made to this RFC. The UAC MUST provide character-by-character identical URNs in each registration according to RFC 5626 [2]. Hence, any optional or variable components of the URN (e.g., the 'vers' parameter) MUST be presented with the same values and in the same order in every registration as in the first registration.
作为实例id的一部分使用,将要求对此RFC进行更新。根据RFC 5626[2],UAC必须在每次注册中提供一个字符接一个字符的相同URN。因此,URN的任何可选或可变组件(例如“vers”参数)在每次注册中必须以与第一次注册相同的值和顺序显示。
A UAC MUST NOT use the GSMA IMEI URN as an instance-id, except when registering with a 3GPP IMS network. When a UAC is operating in IMS mode, it will obtain from the Universal Integrated Circuit Card (UICC) (commonly known as the SIM card) the domain of the network with which to register. This is a carrier's IMS network domain. The UAC will also obtain the address of the IMS edge proxy to send the REGISTER request containing the IMEI using information elements in the Attach response when it attempts to connect to the carrier's packet data network. When registering with a non-3GPP IMS network, a UAC SHOULD use a UUID as an instance-id as specified in RFC 5626 [2].
UAC不得将GSMA IMEI URN用作实例id,除非在3GPP IMS网络中注册。当UAC在IMS模式下运行时,它将从通用集成电路卡(UICC)(通常称为SIM卡)获取要注册的网络域。这是运营商的IMS网络域。UAC还将获得IMS边缘代理的地址,以便在尝试连接到运营商的分组数据网络时,使用附加响应中的信息元素发送包含IMEI的注册请求。当向非3GPP IMS网络注册时,UAC应使用UUID作为RFC 5626[2]中指定的实例id。
A UAC MUST NOT include the "sip.instance" media feature tag containing the GSMA IMEI URN in the Contact header field of non-REGISTER requests, except when the request is related to an emergency session. Regulatory requirements can require that the IMEI be provided to the PSAP. Any future exceptions to this prohibition will require the publication of an RFC that addresses how privacy is not violated by such usage.
UAC不得在非注册请求的联系人标头字段中包含包含GSMA IMEI URN的“sip.instance”媒体功能标签,除非该请求与紧急会话相关。监管要求可能要求向PSAP提供IMEI。该禁令的任何未来例外情况将要求发布RFC,说明此类使用如何不侵犯隐私。
A User Agent Server (UAS) MUST NOT include its "sip.instance" media feature tag containing the GSMA IMEI URN in the Contact header field of responses, except when the response is related to an emergency session. Regulatory requirements can require that the IMEI be provided to the PSAP. Any future exceptions to this prohibition will require the publication of an RFC that addresses how privacy is not violated by such usage.
用户代理服务器(UAS)不得在响应的联系人标头字段中包含包含GSMA IMEI URN的“sip.instance”媒体功能标签,除非响应与紧急会话相关。监管要求可能要求向PSAP提供IMEI。该禁令的任何未来例外情况将要求发布RFC,说明此类使用如何不侵犯隐私。
In 3GPP IMS, when the SIP registrar receives in the Contact header field a "sip.instance" media feature tag containing the GSMA IMEI URN according to the syntax specified in RFC 7254 [1] the SIP registrar follows the procedures specified in RFC 5626 [2]. The IMEI URN MAY be validated as described in RFC 7254 [1]. If the UA indicates that it supports the extension in RFC 5627 [3] and the SIP registrar allocates a public GRUU according to the procedures specified in RFC 5627 [3], the instance-id MUST be obfuscated when creating the 'gr' parameter in order not to reveal the IMEI to other UAs when the
在3GPP IMS中,当SIP注册器根据RFC 7254[1]中指定的语法在联系人报头字段中接收到包含GSMA IMEI URN的“SIP.instance”媒体特征标签时,SIP注册器遵循RFC 5626[2]中指定的过程。IMEI URN可以按照RFC 7254[1]中所述进行验证。如果UA表示支持RFC 5627[3]中的扩展,并且SIP注册器根据RFC 5627[3]中指定的过程分配公共GRUU,则在创建“gr”参数时必须混淆实例id,以便在
public GRUU is included in non-REGISTER requests and responses. 3GPP TS 24.229 [8] subclause 5.4.7A.2 specifies the mechanism for obfuscating the IMEI when creating the 'gr' parameter.
公共GRUU包含在非注册请求和响应中。3GPP TS 24.229[8]子条款5.4.7A.2规定了在创建“gr”参数时混淆IMEI的机制。
Because IMEIs, like other formats of instance-ids, can be correlated to a user, they are personally identifiable information and therefore MUST be treated in the same way as any other personally identifiable information. In particular, the "sip.instance" media feature tag containing the GSMA IMEI URN MUST NOT be included in requests or responses intended to convey any level of anonymity, as this could violate the user's privacy. RFC 5626 [2] states that "One case where a UA could prefer to omit the "sip.instance" media feature tag is when it is making an anonymous request or some other privacy concern requires that the UA not reveal its identity". The same concerns apply when using the GSMA IMEI URN as an instance-id. Publication of the GSMA IMEI URN to networks to which the UA is not attached, or with which the UA does not have a service relationship, is a security breach, and the "sip.instance" media feature tag MUST NOT be forwarded by the service provider's network elements when forwarding requests or responses towards the destination UA. Additionally, an instance-id containing the GSMA IMEI URN identifies a mobile device and not a user. The instance-id containing the GSMA IMEI URN MUST NOT be used alone as an address for a user or as an identification credential for a user. The GRUU mechanism specified in RFC 5627 [3] provides a means to create URIs that address the user at a specific device or User Agent.
由于IMEI与实例ID的其他格式一样,可以与用户关联,因此它们是个人可识别信息,因此必须以与任何其他个人可识别信息相同的方式进行处理。特别是,包含GSMA IMEI URN的“sip.instance”媒体功能标签不得包含在旨在传递任何匿名级别的请求或响应中,因为这可能会侵犯用户的隐私。RFC 5626[2]指出,“UA可能倾向于省略“sip.instance”媒体功能标签的一种情况是,当其发出匿名请求或其他一些隐私问题要求UA不披露其身份时”。当使用GSMA IMEI URN作为实例id时,同样的问题也适用。将GSMA IMEI URN发布到UA未连接或UA没有服务关系的网络是一种安全违规行为,“sip.instance”当向目标UA转发请求或响应时,服务提供商的网络元件不得转发媒体功能标签。此外,包含GSMA IMEI URN的实例id标识移动设备而不是用户。包含GSMA IMEI URN的实例id不能单独用作用户的地址或用户的标识凭据。RFC 5627[3]中指定的GRUU机制提供了一种创建URI的方法,该URI在特定设备或用户代理上为用户寻址。
Entities that log the instance-id need to protect them as personally identifiable information. Regulatory requirements can require that carriers log SIP IMEIs.
记录实例id的实体需要将其作为个人可识别信息进行保护。监管要求可能要求运营商记录SIP IMEIs。
In order to protect the "sip.instance" media feature tag containing the GSMA IMEI URN from being tampered with, those REGISTER requests containing the GSMA IMEI URN MUST be sent using a security mechanism such as Transport Layer Security (TLS) (RFC 5246 [5]) or another security mechanism that provides equivalent levels of protection such as hop-by-hop security based upon IPsec.
为了保护包含GSMA IMEI URN的“sip.instance”媒体功能标签不被篡改,必须使用传输层安全(TLS)等安全机制发送包含GSMA IMEI URN的那些注册请求(RFC 5246[5])或者提供同等保护级别的另一种安全机制,例如基于IPsec的逐跳安全性。
The author would like to thank Paul Kyzivat, Dale Worley, Cullen Jennings, Adam Roach, Keith Drage, Mary Barnes, Peter Leis, James Yu, S. Moonesamy, Roni Even, and Tim Bray for reviewing this document and providing their comments.
作者要感谢Paul Kyzivat、Dale Worley、Cullen Jennings、Adam Roach、Keith Drage、Mary Barnes、Peter Leis、James Yu、S.Moonesamy、Roni Even和Tim Bray对本文件的审阅并提供了他们的意见。
[1] Montemurro, M., Ed., Allen, A., McDonald, D., and P. Gosden, "A Uniform Resource Name Namespace for the Global System for Mobile Communications Association (GSMA) and the International Mobile station Equipment Identity (IMEI)", RFC 7254, May 2014.
[1] Montemurro,M.,Ed.,Allen,A.,McDonald,D.,和P.Gosden,“全球移动通信系统协会(GSMA)和国际移动站设备标识(IMEI)的统一资源名称空间”,RFC 7254,2014年5月。
[2] Jennings, C., Mahy, R., and F. Audet, "Managing Client-Initiated Connections in the Session Initiation Protocol (SIP)", RFC 5626, October 2009.
[2] Jennings,C.,Mahy,R.,和F.Audet,“在会话启动协议(SIP)中管理客户端启动的连接”,RFC 5626,2009年10月。
[3] Rosenberg, J., "Obtaining and Using Globally Routable User Agent URIs (GRUUs) in the Session Initiation Protocol (SIP)", RFC 5627, October 2009.
[3] Rosenberg,J.,“在会话启动协议(SIP)中获取和使用全局可路由用户代理URI(GROUS)”,RFC 5627,2009年10月。
[4] Moats, R., "URN Syntax", RFC 2141, May 1997.
[4] 护城河,R.,“瓮语法”,RFC 21411997年5月。
[5] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, August 2008.
[5] Dierks,T.和E.Rescorla,“传输层安全(TLS)协议版本1.2”,RFC 5246,2008年8月。
[6] Leach, P., Mealling, M., and R. Salz, "A Universally Unique IDentifier (UUID) URN Namespace", RFC 4122, July 2005.
[6] Leach,P.,Mealling,M.和R.Salz,“通用唯一标识符(UUID)URN名称空间”,RFC 4122,2005年7月。
[7] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[7] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[8] 3GPP, "IP multimedia call control protocol based on Session Initiation Protocol (SIP) and Session Description Protocol (SDP); Stage 3", 3GPP TS 24.229 (Release 8), March 2014, <ftp://ftp.3gpp.org/Specs/archive/24_series/ 24.229/>.
[8] 3GPP,“基于会话发起协议(SIP)和会话描述协议(SDP)的IP多媒体呼叫控制协议;第3阶段”,3GPP TS 24.229(版本8),2014年3月<ftp://ftp.3gpp.org/Specs/archive/24_series/ 24.229/>.
[9] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002.
[9] Rosenberg,J.,Schulzrinne,H.,Camarillo,G.,Johnston,A.,Peterson,J.,Sparks,R.,Handley,M.,和E.Schooler,“SIP:会话启动协议”,RFC 3261,2002年6月。
[10] 3GPP, "Numbering, addressing and identification", 3GPP TS 23.003 (Release 8), March 2014, <ftp://ftp.3gpp.org/Specs/ archive/23_series/23.003/>.
[10] 3GPP,“编号、寻址和标识”,3GPP TS 23.003(第8版),2014年3月<ftp://ftp.3gpp.org/Specs/ 存档/23_系列/23.003/>。
[11] GSM Association, "IMEI Allocation and Approval Guidelines", PRD TS.06 (DG06) Version 6.0, July 2011, <http://www.gsma.com/newsroom/wp-content/uploads/2012/06/ ts0660tacallocationprocessapproved.pdf>.
[11] GSM协会,“IMEI分配和批准指南”,PRD TS.06(DG06)版本6.0,2011年7月<http://www.gsma.com/newsroom/wp-content/uploads/2012/06/ ts0660tacallocationprocessapproved.pdf>。
[12] 3GPP, "Mobile radio interface Layer 3 specification; Core network protocols; Stage 3", 3GPP TS 24.237 (Release 8), September 2013, <ftp://ftp.3gpp.org/Specs/archive/ 24_series/24.237/>.
[12] 3GPP,“移动无线电接口第3层规范;核心网络协议;第3阶段”,3GPP TS 24.237(第8版),2013年9月<ftp://ftp.3gpp.org/Specs/archive/ 24_系列/24.237/>。
[13] 3GPP, "IP Multimedia (IM) Core Network (CN) subsystem Centralized Services (ICS); Stage 3", 3GPP TS 24.292 (Release 8), December 2013, <ftp://ftp.3gpp.org/Specs/ archive/24_series/24.292/>.
[13] 3GPP,“IP多媒体(IM)核心网络(CN)子系统集中服务(ICS);第3阶段”,3GPP TS 24.292(第8版),2013年12月<ftp://ftp.3gpp.org/Specs/ 存档/24_系列/24.292/>。
Author's Address
作者地址
Andrew Allen (editor) Blackberry 1200 Sawgrass Corporate Parkway Sunrise, Florida 33323 USA
Andrew Allen(编辑)Blackberry 1200 Sawgrass Corporate Parkway Sunrise,美国佛罗里达州33323
EMail: aallen@blackberry.com
EMail: aallen@blackberry.com