IETF Logo Mail Archive

Re: [Ecrit] [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt

Brian Rosen <br@brianrosen.net> Tue, 18 April 2023 19:35 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E004C151B2D for <ecrit@ietfa.amsl.com>; Tue, 18 Apr 2023 12:35:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.084
X-Spam-Level:
X-Spam-Status: No, score=-2.084 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=brianrosen.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rNGsdfjC4aZM for <ecrit@ietfa.amsl.com>; Tue, 18 Apr 2023 12:34:57 -0700 (PDT)
Received: from mail-yw1-x112f.google.com (mail-yw1-x112f.google.com [IPv6:2607:f8b0:4864:20::112f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 920E3C151B2B for <ecrit@ietf.org>; Tue, 18 Apr 2023 12:34:57 -0700 (PDT)
Received: by mail-yw1-x112f.google.com with SMTP id 00721157ae682-555ac76ecddso1674207b3.0 for <ecrit@ietf.org>; Tue, 18 Apr 2023 12:34:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brianrosen.net; s=google; t=1681846496; x=1684438496; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=KblHiv3CnkQjrYH0RGL2DGcn8V+0QKsXO86peTA8TkQ=; b=VEWIKdashoK+eN+rkuJb7jYGKhUr4w+W93GxnGZHA1RzrV7fiY2qqRyolEjFfCLa1Z J+eP4PPQWfW6TcDINlxU3YZbATMoAc0WxXk3Unz5CQKcKjr6zj2KjPnkAXuTB6gonX3V 64gvxFhVBy6Z6d4w5k4eIvXyH7i2mRD0X1lE8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681846496; x=1684438496; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KblHiv3CnkQjrYH0RGL2DGcn8V+0QKsXO86peTA8TkQ=; b=C76YMlOcqwYxY9p9UPtrqfLEPSdk/bLcvFN78li0dbPCGgsUl+Svum+Z8RIgy+Azwc 82a+Pt9HQVeyO1MEO+TnEO3f9Q2Xdz7/9V4HgUnCLk9G3411qSHoHOWggKTkqEM88cvY 3s3Ax1hJv1FFY5Se66UaEW1Uz/0YRGc9XqA6470TFqKokq0C75Eh/kclFlYJ/m0ZWE9o b/DkRYVgnwdk0G5qvdF+6u557/ZPk73pBJXA25EfEPYLehsazdviFFsxGhFCXLy5dZ4x SHiQJPU5p2VN5EYTU22684X1/aBu4aPGNWa4fBqHYUKtB8uD1CBvpvcPUPOaWWRkOD7d vdHw==
X-Gm-Message-State: AAQBX9eKWRsMW4jUMOcuILYL+gHqOpfSKZn91+b0mf/P/vSMom0hpd3q Y28j6hsjjfQxhVjseqeBAgZEWAEjJ3OaWzTTIHQ=
X-Google-Smtp-Source: AKy350bW/bR00Z30xUaV+cHureAX6e23jnmlC8CEpLiTW881MEzG2soJfmOK5xkwIJY0f/DJvgsSuA==
X-Received: by 2002:a81:1c87:0:b0:54f:8562:e36 with SMTP id c129-20020a811c87000000b0054f85620e36mr14116814ywc.1.1681846496126; Tue, 18 Apr 2023 12:34:56 -0700 (PDT)
Received: from smtpclient.apple (dynamic-acs-24-154-121-237.zoominternet.net. [24.154.121.237]) by smtp.gmail.com with ESMTPSA id 140-20020a811692000000b00545b9498c1asm4009164yww.12.2023.04.18.12.34.54 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Apr 2023 12:34:55 -0700 (PDT)
From: Brian Rosen <br@brianrosen.net>
Message-Id: <EFF229A6-0481-4E83-9427-12170C37D409@brianrosen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C738E404-ED3C-4C44-83E4-C80C54C5D385"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.300.101.1.3\))
Date: Tue, 18 Apr 2023 15:34:43 -0400
In-Reply-To: <551EFA9A-9BD1-47DB-A611-D6988AA8CF22@cisco.com>
Cc: "R.Jesske@telekom.de" <R.Jesske@telekom.de>, Christer Holmberg <christer.holmberg@ericsson.com>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com>, ECRIT <ecrit@ietf.org>
To: "Sri Gundavelli (sgundave)" <sgundave@cisco.com>
References: <167875162972.58518.19006032661356449@ietfa.amsl.com> <385DA58A-5118-44EF-9E8A-B8FA5F28F4EA@cisco.com> <3E83FA22-CF07-4C38-B73C-41AC1AEEB688@brianrosen.net> <39CED79A-41C3-4EDD-AC5D-E12EC3961DB4@cisco.com> <79EE2266-C2D9-4022-98D9-23549987EC6A@brianrosen.net> <C863C7D9-AC88-4A13-94C6-82456DD88D7E@cisco.com> <HE1PR07MB4441359E8633CA7FC004C74A93929@HE1PR07MB4441.eurprd07.prod.outlook.com> <11AD2ACE-5AE1-4FA3-B5E7-3F4A364FDAC6@cisco.com> <FR3P281MB150306DC0BA41BBB0E0F5CD5F9939@FR3P281MB1503.DEUP281.PROD.OUTLOOK.COM> <4A6640AB-A55C-41A3-88A7-E5170000B609@cisco.com> <8E78998E-4987-411E-82A2-6BF7ADAAA0F9@brianrosen.net> <1183A4BD-58D3-4D6F-9FD5-A62E2F732969@cisco.com> <0047223D-225C-47E0-8050-EBA509369B96@brianrosen.net> <75FC02E0-19C1-42D2-9443-4E00ED6902A8@cisco.com> <1F5090C1-F98A-438C-BA80-46585428D68D@brianrosen.net> <551EFA9A-9BD1-47DB-A611-D6988AA8CF22@cisco.com>
X-Mailer: Apple Mail (2.3731.300.101.1.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/S_F6L93W6iKnCudosWceOBAgAOA>
Subject: Re: [Ecrit] [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Emergency Context Resolution with Internet Technologies <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Apr 2023 19:35:02 -0000

Generally speaking, supporting emergency calls is not trivial.  There is a bunch of code to do that, even assuming that the device is already some kind of phone.  Please look at RFC6881.  What is deployed doesn’t exactly follow 68881, but it’s close.

The location MUST be validated before use.  It’s not enough to just use the RFC4776 civic address elements: it has to be a location the 9-1-1 system recognizes as valid.  There is a protocol (LoST, RFC5222) and a profile of PIDF-LO (nation specific) that has to be used to construct and validate the address.  These days, you also need Z (floor).  Generally, nearest hotspot isn’t adequate, especially if it’s on the wrong floor.  I wouldn’t say it’s totally wrong to use the location of the nearest hotspot, but that would be a fallback when whatever you use to reasonably accurately estimate location fails. 

We don’t use pANIs any more.  Also, that was US (or really US and Canada) specific.  There never was a “P-ANI” header.  We do use the SIP Geolocation header to carry the location.  The emergency system doesn’t “look up” a location any more.  The location is included in the signaling with the call.

Brian

> On Apr 18, 2023, at 11:26 AM, Sri Gundavelli (sgundave) <sgundave@cisco.com> wrote:
> 
> Hi Brian,
>  
> The use-case is about the device in the vicinity of a Wi-Fi hotspot which support emergency passpoint profiles. The device with the emergency passpoint profile, but with no specific access credentials to that hotspot, should be able to discover the network, perform an attach and complete access authentication to the IDP associated with the emergency realm. This will enable to the device to have internet connectivity with limited access for making emergency calls.
>  
> Passpoint profiles are widely supported by the device eco-system and so the definition of a new profile should not require any new code/development on the device. The aspects around network discovery, selection and association will still be based on the elements in the profile. The emergency profile can be installed at the time of manufacturing (requires rule making from the local regulator), or installed by the enterprise IT.
>  
> Location of the emergency caller is an important element in the system. The access point configured to support emergency calling will have to be configured with the location of the access point. When a device is permitted to attach to the network using the emergency passpoint profile, the access point will report RFC-5580 location elements, AP identifier and/or the secure location tag in the RADIUS signaling to the IDP.
>  
> The IDP will update these location elements and associate them to the access point (AP identifier and/or the Secure Location Tag).  The device making the emergency call will include these elements in the SIP P-ANI header. The emergency calling system will be able to look up the location from the IDP by using the elements in the P-ANI header. This allows the network to validate the device reported location with a trusted access point reported location. The reporting element, which is the access point, is a trusted network element with the OpenRoaming federation issued certificates and this provides an additional layer of validation of the caller reported location. This approach eliminates rogue calls with incorrect location in the SIP signaling.
>  
>  
> Regards
> Sri
>  
>  
>  
>  
>  
>  
>  
>  
> From: Brian Rosen <br@brianrosen.net>
> Date: Tuesday, April 18, 2023 at 5:30 AM
> To: Sri Gundavelli <sgundave@cisco.com>
> Cc: "R.Jesske@telekom.de" <R.Jesske@telekom.de>, Christer Holmberg <christer.holmberg@ericsson.com>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com>, ECRIT <ecrit@ietf.org>
> Subject: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>  
> I’m tempted to say “call me when the FCC does this”, but we’ll put that aside for now :)
>  
> This is the IETF, so when you say “FCC” you really need to say “the local regulator”.  You need to discuss how that actually works, especially when you are near borders.  you may have a hotspot connection in another country from the one that would provide emergency services,  
>  
> Are you assuming Internet connectivity everywhere here, so that the device can contact the voice service provider?  You should probably say that.
>  
> This is a fair amount of code on a device that would only be used in this very specific circumstance.  Lots of testing/certification.  Any ideas of how that would be done?  What is the incentive/imperative for a device mfg to make this work?
>  
> Are you aware of the “dispatchable location” issues?  Your location has to be dispatchable.  How are you getting that?
>  
>  
> Brian
> 
> 
>> On Apr 13, 2023, at 4:09 PM, Sri Gundavelli (sgundave) <sgundave@cisco.com> wrote:
>>  
>> Hi Brian,
>>  
>> On the second part of your question, few thoughts:
>>  
>> We are mainly targeting Wi-Fi hotspots supporting passpoint profiles. For example, taking the WBA’s OpenRoaming federation, there are identity providers, and access network providers, all part of the same roaming federation and with a legal framework between them. A user with a  given passpoint profile identifying a given RCOI (Roaming Consortium Id) will be able to latch on to any of the access network and complete access authentication.  IDP/RCOI policies are enforced on the session.
>>  
>> With the proposal, there will be IDP specific to the emergency realm and FCC will be the legal entity. FCC can authorize an MNO with the IMS network, or choose a voice service provider for supporting the emergency realm. When the user with emergency passpoint profile attaches to the hotspot support emergency profile, the authentication signaling from the Wi-Fi AP/hotspot will be terminated in the authentication server in the IDP, and the policies and configurations (including SIP service configuration)  associated with the emergency profile will be delivered to the device (IDP -> AN -> Device).  The device will complete SIP registration with the Proxy (obtained from the IDP).  So, to you question who is providing the SIP path, it is the entity designated by FCC and not the access network providing the voice services. The below diagram should provide some context of the environment.
>>  
>> The legal framework between ANP and IDP is an important aspect, as there will by now means to provide immunity to the ANP (with FCC as the IDP) against any call failures. We are thinking such legal provisions will improve the adoption of emergency calling by any access providers. This approach brings FCC into the equation; it helps promote the adoption.
>>  
>> You also talked about enterprise environment.  The above framework should technically work for enterprise use-case, including tele-worker use-cases. But as you point out we need to layout some considerations on the interconnect with the enterprise PBX and the emergency system. Some more thinking is needed here.
>>  
>>  
>>  
>> <image001.png>
>>  
>>  
>> Regards
>> Sri
>>  
>>  
>> From: Brian Rosen <br@brianrosen.net>
>> Date: Thursday, April 13, 2023 at 10:12 AM
>> To: Sri Gundavelli <sgundave@cisco.com>
>> Cc: "R.Jesske@telekom.de" <R.Jesske@telekom.de>, Christer Holmberg <christer.holmberg@ericsson.com>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com>, ECRIT <ecrit@ietf.org>
>> Subject: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>  
>> The emergency services are firmly against so-called “unitialiized devices”.  They are stuck with the regulatory requirement that has been put on the providers of such devices to support emergency calls, but they would be strongly against expanding the scope of such devices: there are roughly no cases of real emergency calls using such devices, and many, many cases of false emergency calls that cannot be traced to the caller.  I would strongly suggest you don’t pursue such an expansion of that requirement.  It’s a bad idea, and it doesn’t do what proponent’s hoped it would do.  We have substantial real world experience.
>>  
>> You need a reliable identity that can be traced to a real person.  It’s never ironclad (pre-paid cellular for example), but it has to work most of the time.
>>  
>> I’m still confused who the entity that is providing the SIP path is supposed to be.  Are you expecting the WiFi access point owner to do that or some mobile network operator?  If it’s the WiFi AP owner, then they don’t have an interconnect in most cases: they might have a PBX on that network with a PSTN interconnect (like a SIP Trunk) that supports emergency calling, but that’s fairly far removed from the WiFi network and assuming they will allow a random WiFi user to connect to their AP, and then provide a SIP path to emergency services seems very far fetched to me.
>>  
>> But if it was some kind of mobile network operator, what relationship do they have with the enterprise that has the AP?
>>  
>> Callbacks require identity: see above
>>  
>> Brian
>>  
>> 
>> 
>> 
>>> On Apr 13, 2023, at 11:25 AM, Sri Gundavelli (sgundave) <sgundave@cisco.com> wrote:
>>>  
>>> Hi Brian,
>>>  
>>> Thanks for the follow-up. These are very good comments. In the revised version, we will capture all these points.
>>>  
>>> On the requirement around interconnect to emergency network, we are thinking the FCC designated entity providing identity and voice services for the realm, “sos.fcc-authorized.org <http://sos.fcc-authorized.org/>” will be able to meet the requirements, and the interconnect will be similar to how any MNO’s IMS interconnect is realized today. We will analyze this and add some text.
>>>  
>>> On traceability comment, the current cellular systems allow emergency call from a device with an expired SIM subscription, or no SIM card. At least in some countries this is allowed. Most GSM phones allow calling of emergency numbers without a SIM card, 112, 911, 118, 000, 110, 08, and 999. Calling these numbers will force the device to use any available network. I need to check the call flow if there is exchange of IMEI, but AFAIK there is no traceability there. In the proposal we have we require the use of emergency passpoint profile, it is possible to signal device specific identifiers in the signaling, and that is one way to realize device traceability. We already have mechanisms for location traceability. But, this allows traceability to a device, not to a person. Mark may have some additional thoughts here.
>>>  
>>> On the call backs, once the device is able to perform SIP registration with the emergency SIP proxy, it will be possible to support the callbacks. Will analyze this in detail.
>>>  
>>> Regards
>>> Sri
>>>  
>>>  
>>>  
>>>  
>>>  
>>>  
>>>  
>>> From: Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>> Date: Wednesday, April 12, 2023 at 4:36 PM
>>> To: Sri Gundavelli <sgundave@cisco.com <mailto:sgundave@cisco.com>>
>>> Cc: "R.Jesske@telekom.de <mailto:R.Jesske@telekom.de>" <R.Jesske@telekom.de <mailto:R.Jesske@telekom.de>>, Christer Holmberg <christer.holmberg@ericsson.com <mailto:christer.holmberg@ericsson.com>>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com <mailto:mgrayson@cisco.com>>, ECRIT <ecrit@ietf.org <mailto:ecrit@ietf.org>>
>>> Subject: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>  
>>> <moving to ecrit>
>>> Some entity has to connect to the emergency network (in North America and EU Next Gen systems, this is the “Emergency Services IP Network” or ESInet.  Although the standards say that calls must be accepted over the Internet, in practice all current implementations have direct interconnect between the originating service provider and the ESInet.  If it’s an IMS network operator, they have such connections, and would use their E-CSCF.  I think it’s pretty unlikely that they would support a non-IMS call path.  But there has to be some OSP.  It could be an enterprise, as long as the enterprise permitted access, had a reasonable authentication system tied to some kind of identity and a SIP proxy server.
>>>  
>>> The emergency authorities don’t like unauthenticated calling sources.  That is how we get swatting.  So your proposal has to describe what identity is, and how that’s traceable to a real person.  You also have to describe how we do call-backs to the caller.
>>>  
>>> Brian
>>> 
>>> 
>>> 
>>> 
>>>> On Apr 4, 2023, at 1:38 PM, Sri Gundavelli (sgundave) <sgundave@cisco.com <mailto:sgundave@cisco.com>> wrote:
>>>>  
>>>> HI Roland,
>>>>  
>>>> Thank you for your comment.
>>>>  
>>>> I agree,  if IMS is unavailable P-CSCF/E-CSCF will all be unavailable.  The key point is non-availability of the cellular network, for PDU creation and/or accessing emergency voice functions. This goes back to Christer’s comment suggesting to use non-IMS terminology.  We will work on that.
>>>>  
>>>> On your other comment, access to IMS for wired/wireline devices with IMS-only subscription is a possibility. But we still need to allow the device to connect to the available hotspot with no access-network credentials and be able to obtain the IMS configuration. The IMS network in question can be based of a generic IETF defined voice function, which can do call routing to the PSAP. If a MNO is willing to let their IMS network be available for wired and non-cellular devices, that is an option.
>>>>  
>>>> Once the device gets connectivity to the access network based on the special emergency passpoint profile, the access network can deliver the associated IMS/voice-service configuration options to the device. The realm that we are proposing sos.fcc-authorized.org <http://sos.fcc-authorized.org/> and associated IDP can be configured with the IMS/voice-service configuration. These IMS/voice-service functions can be from an MNO, or some other service provider that FCC will authorize.
>>>>  
>>>> These configuration options will be signaled from the IDP to the access network, and in turn will be delivered it to the device over DHCP/ND/802.11. The device can perform registration with those voice functions and can initiate the emergency call. 
>>>>  
>>>> Regards
>>>> Sri
>>>>  
>>>>  
>>>>  
>>>>  
>>>> From: "R.Jesske@telekom.de <mailto:R.Jesske@telekom.de>" <R.Jesske@telekom.de <mailto:R.Jesske@telekom.de>>
>>>> Date: Tuesday, April 4, 2023 at 12:44 AM
>>>> To: Sri Gundavelli <sgundave@cisco.com <mailto:sgundave@cisco.com>>, "christer.holmberg@ericsson.com <mailto:christer.holmberg@ericsson.com>" <christer.holmberg@ericsson.com <mailto:christer.holmberg@ericsson.com>>, "br@brianrosen.net <mailto:br@brianrosen.net>" <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>> Cc: "dispatch@ietf.org <mailto:dispatch@ietf.org>" <dispatch@ietf.org <mailto:dispatch@ietf.org>>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com <mailto:mgrayson@cisco.com>>
>>>> Subject: AW: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>>  
>>>> Hi,
>>>> What does this mean that IMS is unavailable? 
>>>> When IMS is unavailable also the Emergency service (E-CSCF) is unavailable.
>>>>  
>>>> Did you also discover the IMS Access possibilities with Digest, where you have an IMS Subscription w/o any RAN connectivity and only via wireline/WIFI?
>>>>  
>>>> Best Regards
>>>>  
>>>> Roland
>>>>  
>>>> Von: dispatch <dispatch-bounces@ietf.org <mailto:dispatch-bounces@ietf.org>> Im Auftrag von Sri Gundavelli (sgundave)
>>>> Gesendet: Montag, 3. April 2023 16:56
>>>> An: Christer Holmberg <christer.holmberg=40ericsson.com@dmarc.ietf.org <mailto:christer.holmberg=40ericsson.com@dmarc.ietf.org>>; Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>> Cc: dispatch@ietf.org <mailto:dispatch@ietf.org>; Mark Grayson (mgrayson) <mgrayson@cisco.com <mailto:mgrayson@cisco.com>>
>>>> Betreff: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>>  
>>>> Hi Christer,
>>>>  
>>>> Yes, 3GPP does define the interworking architecture with Wi-Fi, where the UE can use Wi-Fi to reach 3GPP core network for PDU establishment. The scenario that we have and what FCC CSRIC 8 looked into is where H-PLMN/V-PLMN and IMS is unavailable. Also, the interworking procedures assume there is Wi-Fi access connectivity. The access network in question may not have any relation to the operator for the UE to perform SIM based authentication to the access network.
>>>>  
>>>> The UE may not even have a cellular modem or SIM/eSIM credentials. What are trying to enable is allow the device to use a special emergency passpoint profile for connecting to any of the available hotspots that support emergency calling services. The device may be Wi-Fi only or a dual-radio capable device. Furthermore, if I see the carrier documentation for Wi-Fi calling, it requires the user to configure a civic address prior making any emergency call, and which a caller in distress may never configure. We are addressing this issue, by allowing a trusted access network with the federation issued certificates to signal the location over RADIUS to the IDP/CLF, which the network can cross correlate with the reported location in the SIP signaling.
>>>>  
>>>> <image001.png>
>>>>  
>>>> Regards
>>>> Sri
>>>>  
>>>>  
>>>> From: Christer Holmberg <christer.holmberg=40ericsson.com@dmarc.ietf.org <mailto:christer.holmberg=40ericsson.com@dmarc.ietf.org>>
>>>> Date: Monday, April 3, 2023 at 3:21 AM
>>>> To: Sri Gundavelli <sgundave@cisco.com <mailto:sgundave@cisco.com>>, Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>> Cc: "dispatch@ietf.org <mailto:dispatch@ietf.org>" <dispatch@ietf.org <mailto:dispatch@ietf.org>>, "Mark Grayson (mgrayson)" <mgrayson@cisco.com <mailto:mgrayson@cisco.com>>
>>>> Subject: RE: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>>  
>>>> Hi,
>>>>  
>>>> Note that 3GPP has defined emergency calls over WiFi, so please indicate how your draft relates to that work.
>>>>  
>>>> Regards,
>>>>  
>>>> Christer
>>>>  
>>>> From: dispatch <dispatch-bounces@ietf.org <mailto:dispatch-bounces@ietf.org>> On Behalf Of Sri Gundavelli (sgundave)
>>>> Sent: Saturday, 1 April 2023 4.53
>>>> To: Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>> Cc: dispatch@ietf.org <mailto:dispatch@ietf.org>; Mark Grayson (mgrayson) <mgrayson@cisco.com <mailto:mgrayson@cisco.com>>
>>>> Subject: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>>  
>>>> Hi Brian,
>>>>  
>>>> Sure. Will move the discussion to ECRIT. 
>>>>  
>>>> Thanks for the pointers to the LoST and PIDF-LO work. Will add some considerations on how devices capable of LoST can obtain location-specific service configuration.
>>>>  
>>>> LoST also provides the mechanism to validate location (which you do at configuration time) to make sure the location you send is known by the emergency services.
>>>>  
>>>> Ok. We will analyze this. If the mechanisms around Location-validity also covers the cases around detecting rogue/compromised clients, beyond making sure the claimed civic address exists, it will be very useful know. Will add the considerations.
>>>>  
>>>> The text has to say how the device uses the location it discovers to make a call (‘perform”), which is what RFC6881 describes.  There are some practical differences in how NG9-1-1 and NG1-1-2 actually work that has to be taken into consideration when looking at 6881.
>>>>  
>>>> Ok. Thanks for the pointers. Will add these considerations.
>>>>  
>>>>  
>>>> Regards
>>>> Sri
>>>>  
>>>> From: Brian Rosen <br@brianrosen.net <mailto:br@brianrosen.net>>
>>>> Date: Friday, March 31, 2023 at 11:05 AM
>>>> To: Sri Gundavelli <sgundave@cisco.com <mailto:sgundave@cisco.com>>
>>>> Cc: "dispatch@ietf.org <mailto:dispatch@ietf.org>" <dispatch@ietf.org <mailto:dispatch@ietf.org>>
>>>> Subject: Re: [dispatch] New Version Notification for draft-gundavelli-dispatch-e911-wifi-00.txt
>>>>  
>>>> I do think discussion on this draft should move to ecrit.
>>>>  
>>>> Obtaining the regulatory specific calling service configuration (including the numbers) is defined in LoST (RFC5222).
>>>> The location must be provided in PIDF-LO form (RFC4119 and its updates).  That is the form (at least the actual location information part) that you use to query the LoST server to get the configuration data and the form of the data you  send to the emergency services.
>>>> LoST also provides the mechanism to validate location (which you do at configuration time) to make sure the location you send is known by the emergency services.
>>>> The text has to say how the device uses the location it discovers to make a call (‘perform”), which is what RFC6881 describes.  There are some practical differences in how NG9-1-1 and NG1-1-2 actually work that has to be taken into consideration when looking at 6881.
>>>>  
>>>> Brian
>>>>  
>>>>  
>>>> 
>>>>> On Mar 31, 2023, at 4:55 PM, Sri Gundavelli (sgundave) <sgundave@cisco.com <mailto:sgundave@cisco.com>> wrote:
>>>>>  
>>>>> Hi Brian,
>>>>> 
>>>>> Thanks a lot for reviewing the document. I agree, the document should provide the larger emergency calling context. The current art, the elements in the system, interfaces with the PSAPs and other touch points. We are familiar with the prior efforts in IETF and also standards bodies including 3GPP and around ATIS reports. Perhaps a discussion on how NG911/NG211 emergency service network are deployed will be useful. The document requires more work, and this is just a starting point. 
>>>>> 
>>>>> The key technical objective for this work is around enabling a Wi-Fi capable device to be able to discover hotspots that support emergency calling, ability to perform a network attach, be able to obtain the regulatory-domain specific calling voice service configuration (including emergency calling numbers) and be able to perform the emergency call. The focus is also on how the network can obtain the location of the emergency caller and the mechanisms for detecting rogue device signaling incorrect location.  Finally, some considerations on the emergency passpoint profiles that are required to be present on the device. This work complements the prior IETF efforts on emergency support for greatly improving the access to emergency services. There are tens of thousands of Wi-Fi hotspots supporting Wi-Fi roaming based on passpoint standards. This approach allows the devices to be able to use any of those hotspots for making that emergency call. 
>>>>> 
>>>>> On the choice of the draft title, we do understand the emergency calling numbers are specific to the regulatory domain in question and the proposed approach is not specific to any one regulatory domain. In that sense, we should have been bit more sensitive about this. We will modify the draft title to be generic and not specific to one regulatory domain.
>>>>> 
>>>>> Thanks a lot for the feedback.
>>>>> 
>>>>> Regards
>>>>> Sri
>>>>> 
>>>>> 
>>>>> 
>>>>> On 3/31/23, 2:02 AM, "Brian Rosen" <br@brianrosen.net <mailto:br@brianrosen.net> <mailto:br@brianrosen.net>> wrote:
>>>>> 
>>>>> 
>>>>> I have read this draft.
>>>>> 
>>>>> 
>>>>> It is totally lacking context of current and evolving standards in emergency calling, including:
>>>>> 1. Basic IETF emergency calling standards (/RFC4119/RFC5222/RFC5985/RFC6881)
>>>>> 2. NG911 and NG112 standards that are being deployed, which are based on the IETF standards
>>>>> 3. ETSI and ATIS standards that support the above
>>>>> 
>>>>> 
>>>>> While I don’t know enough about WiFi or some of the 3GPP standards to comment on the technical approach in the doc, I am intimately familiar with what is deployed, and about to be deployed in emergency calling and this doc can’t begin to get considered until it deals with the issues associated with the IETF/NENA/EENA/ETSI/ATIS work.
>>>>> 
>>>>> 
>>>>> As a really simple start, authors might consider that 9-1-1 is North America only, while the IETF is world-wide.
>>>>> 
>>>>> 
>>>>> Brian
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>>> On Mar 27, 2023, at 12:35 AM, Sri Gundavelli (sgundave) <sgundave=40cisco.com@dmarc.ietf.org <mailto:sgundave=40cisco.com@dmarc.ietf.org> <mailto:40cisco.com@dmarc.ietf.org>> wrote:
>>>>>> 
>>>>>> Dear All:
>>>>>> 
>>>>>> Attached is the link to the document on Supporting emergency 911 services over Wi-Fi. The attached document proposes an approach based on WBA's Wi-Fi OpenRoaming and uses many other elements which are already in standards. 
>>>>>> 
>>>>>> We are looking for some technical feedback. We believe there is value in IETF identifying new methods for improving e911 service access.
>>>>>> 
>>>>>> Appreciate any feedback.
>>>>>> 
>>>>>> Regards
>>>>>> Sri
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> Name: draft-gundavelli-dispatch-e911-wifi
>>>>>> Revision: 00
>>>>>> Title: Emergency 911 Services over Wi-Fi
>>>>>> Document date: 2023-03-13
>>>>>> Group: Individual Submission
>>>>>> Pages: 15
>>>>>> URL: https://www.ietf.org/archive/id/draft-gundavelli-dispatch-e911-wifi-00.txt <https://www.ietf.org/archive/id/draft-gundavelli-dispatch-e911-wifi-00.txt> <https://www.ietf.org/archive/id/draft-gundavelli-dispatch-e911-wifi-00.txt> <https://www.ietf.org/archive/id/draft-gundavelli-dispatch-e911-wifi-00.txt&gt;>
>>>>>> Status: https://datatracker.ietf.org/doc/draft-gundavelli-dispatch-e911-wifi/ <https://datatracker.ietf.org/doc/draft-gundavelli-dispatch-e911-wifi/> <https://datatracker.ietf.org/doc/draft-gundavelli-dispatch-e911-wifi/> <https://datatracker.ietf.org/doc/draft-gundavelli-dispatch-e911-wifi/&gt;>
>>>>>> Htmlized: https://datatracker.ietf.org/doc/html/draft-gundavelli-dispatch-e911-wifi <https://datatracker.ietf.org/doc/html/draft-gundavelli-dispatch-e911-wifi> <https://datatracker.ietf.org/doc/html/draft-gundavelli-dispatch-e911-wifi> <https://datatracker.ietf.org/doc/html/draft-gundavelli-dispatch-e911-wifi&gt;>
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> Abstract:
>>>>>> Proposed is an approach for supporting emergency 911 services over
>>>>>> IEEE 802.11 based Wi-Fi access networks. This approach leverages the
>>>>>> legal framework and the building blocks of the OpenRoaming federation
>>>>>> for extending emergency 911 calling support to already deployed tens
>>>>>> of thousands of OpenRoaming Wi-Fi hotspots. The proposal addresses
>>>>>> the key issues in emergency calling, around discovery and
>>>>>> authentication to access network supporting emergency services,
>>>>>> emergency access credentials, location determination of the emergency
>>>>>> caller, and delivering emergency voice service configuration to the
>>>>>> device and call routing.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> The IETF Secretariat
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> dispatch mailing list
>>>>>> dispatch@ietf.org <mailto:dispatch@ietf.org> <mailto:dispatch@ietf.org>
>>>>>> https://www.ietf.org/mailman/listinfo/dispatch <https://www.ietf.org/mailman/listinfo/dispatch>

v2.23.0 | Report a Bug | By Email