Registration of media type "application/nss"
Mike Hammer
mhammer at cisco.com
Tue Jan 4 17:51:24 CET 2005
Scott,
Link:
http://www.itu.int/rec/recommendation.asp?type=folders&lang=e&parent=T-REC-Q
.1980.1
Thanks,
Mike
-----Original Message-----
From: Scott Hollenbeck [mailto:sah at 428cobrajet.net]
Sent: Thursday, December 30, 2004 7:59 PM
To: 'Mike Hammer'; iesg at ietf.org
Cc: ietf-types at iana.org; iana at iana.org
Subject: RE: Registration of media type "application/nss"
Mike,
Request received. I will shepherd your request once the ietf-types review
has been completed and any comments have been addressed. Please contact me
directly at the end of the two-week review period and we'll go from there.
Can you provide a link to the published specification referenced below?
-Scott-
> -----Original Message-----
> From: Mike Hammer [mailto:mhammer at cisco.com]
> Sent: Thursday, December 30, 2004 1:52 PM
> To: iesg at ietf.org
> Cc: ietf-types at iana.org; iana at iana.org
> Subject: Registration of media type "application/nss"
>
> This email requests that the IESG approve the assignment of the media
> subtype as described in the registration template below.
>
> Reference: draft-freed-media-type-reg-01.txt, August 17, 2004,
> Media Type Specifications and Registration Procedures,
> Section 5, Registration Procedures,
> Section 10, Registration Template.
>
> To: ietf-types at iana.org
> Subject: Registration of media type "application/nss"
>
> Type name: application
>
> Subtype name: nss
>
> Required parameters: none
>
> Optional parameters: charset
>
> Encoding considerations: binary (Note: Data is in US-ASCII range.)
>
> Restrictions on usage: none
>
> Security considerations:
>
> NSS has the potential to disclose private customer information
> and the potential for modification of NSS bodies during message
> transport to manipulate call setup, mid-call events, or call
> release. Modification means the addition of an NSS body where
> none existed, the removal of an NSS body where one existed, or
> the changing of contents of existing NSS bodies in messages.
> NSS can reveal information about telephone subscribers that is
> requested to remain private. Security mechanisms must be
> provided to meet privacy agreements and regulations.
>
> NSS can be deployed as an interdomain signaling mechanism and
> may be subject to trust relationships and agreements between
> administrative domains as well as legal requirements in various
> jurisdictions. NSS can affect routing of telephone calls and
> associated billing. Security mechanisms must be provided to
> control fraud, malicious intents, and unintended consequences.
> Such mechanisms include the ability to selectively filter or map
> and forward each information element within NSS upon entry or exit
> of an administrative domain. All information from unauthenticated
> entities must be validated and authorized before being mapped and
> forwarded in subsequent signaling messages. Such checks are
> particularly needed when information is mapped to/from SIP headers.
>
> When encapsulated by SIP, the integrity and confidentiality of SIP
> messages containing NSS bodies MUST be addressed through the use of
> Transport Layer Security (TLS) or Internet Protocol Security
> (IPSEC)
> mechanisms as described in the Session Initiation Protocol RFC 3261
> on signaling hops between nodes trusted to handle PSTN signaling.
> When intermediate hops are not trusted, end-to-end integrity and
> confidentiality may be addressed using RFC 2633,
> "Secure/Multipurpose
> Internet Mail Extensions (S/MIME) Version 3 Message Specification",
> June 1999. NSS MIME bodies SHOULD be secured using S/MIME to
> mitigate
> concerns with authentication of the sender, integrity protection
> during transit, and confidentiality protection from disclosure to
> unauthorized third parties. NSS endpoints MUST support S/MIME
> signatures and SHOULD support S/MIME encryption.
>
> For H.323-based encapsulation of NSS bodies, the security
> mechanisms
> of ITU-T Recommendation H.235, "Security and encryption for
> H-series
> (H.323 and other H.245-based) multimedia terminals", August 2003,
> must
> be used to provide integrity and confidentiality.
>
> NSS consists of well defined message types and parameters.
> Arbitrary
> content or directives within field values is not permitted.
>
> NSS does not employ "active content."
>
> NSS contains fields which instruct whether privacy data such as
> calling party's number is to be presented or restricted.
>
> NSS is used without and is silent about compression. Use of
> compression
> in conjunction with NSS does not present any security issues.
>
> Interoperability considerations: Compatibility mechanisms are
> defined in Q.1980.1.
>
> Published specification: ITU-T Recommendation Q.1980.1, "The
> Narrowband
> Signalling Syntax (NSS) - Syntax Definition", December 2004.
>
> Applications which use this media type: Applications in PSTN
> Gateways and call control application servers.
>
> Additional Information:
>
> Magic numbers: None
>
> File Extensions: None
>
> Macintosh File Type Codes: None
>
> Object Identifiers: {itu-t(0) recommendation(0) q(17) 1980 1}
> (0.0.17.1980.1)
> See ITU-T Recommendation H.323 Annex M.4 "Tunnelling of
> Narrowband Signalling Syntax (NSS) for H.323", December 2004.
>
> Intended Usage: COMMON
>
> Person to contact for further information:
>
> Name: Michael Hammer
> E-Mail: mhammer at cisco.com
> Author/Change controller: ITU-T Study Group 11
>
> END
>
>
More information about the Ietf-types
mailing list