Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TS 24.229  Word version:  17.5.0

Top   Top   Up   Prev   Next
1…   3…   4…   4.5…   5…   5.1.1.4…   5.1.2…   5.1.4…   5.2…   5.2.3…   5.2.6…   5.2.7…   5.3…   5.4…   5.4.1.2.2…   5.4.1.3…   5.4.2   5.4.3…   5.4.3.3…   5.4.4…   5.5…   5.7…   5.7.2…   5.8…   5.11…   6…   6.6…   7…   7.2A…   7.2A.6…   7.3…   7.9A…   8…   A…   A.2…   A.2.1.4…   A.2.1.4.7…   A.2.1.4.8…   A.2.1.4.10A…   A.2.1.4.12…   A.2.2…   A.2.2.4…   A.2.2.4.7…   A.2.2.4.8…   A.2.2.4.10A…   A.2.2.4.12…   A.3…   A.3.3…   B…   C…   E…   F…   H…   I…   K…   L…   L.2A…   M…   N…   O…   Q…   R…   S…   U…   U.2A…   V…   W…

 

V (Normative)  HTTP Profiling |R15|Word‑p. 970

V.1  ScopeWord‑p. 970

The present annex defines the HTTP messages and data types sent over reference points specified in the present document.

V.2  Ms reference pointWord‑p. 970

V.2.1  GeneralWord‑p. 970

The Ms reference point is used to request signing of an Identity header field or request verification of a signed assertion in an Identity header field.
HTTP POST method is used for the verification request.
HTTP 200 (OK) is used when the AS for verification has successfully processed the verification request.
HTTP POST method is used for the signing request.
HTTP 200 (OK) is used when the AS for signing has successfully processed the signing request.
HTTP POST method is used for the diversion signing request.
HTTP 200 (OK) is used when the AS for signing has successfully processed the diversion signing request.
HTTP POST method is used for the Resource-Priority header field signing request.
HTTP 200 (OK) is used when the AS for signing has successfully processed the Resource-Priority header field signing request.
HTTP POST method is used for the Resource-Priority and Priority header fields signing request.
HTTP 200 (OK) is used when the AS for signing has successfully processed the Resource-Priority and Priority header field signing request.
Reproduction of 3GPP TS 24.229, Fig. V.2.1-1: Usage of the Ms reference point
Up

V.2.2  Resource structureWord‑p. 971

API resources are defined with respect to a "server root". The server root is a URI:
  • {hostname}:{port}/{RoutingPath},
The resource URI structure is:
Reproduction of 3GPP TS 24.229, Fig. V.2.2-1: Resource structure for the resource exposed over the Ms reference point
Up
Variable Description Presence
hostnameHost name used to reach the resource.M
portPort where the resource is reachedM
RoutingPathPath identifying the resourceM
Up

V.2.3  Request requirementsWord‑p. 972

V.2.3.1  GeneralWord‑p. 972

V.2.3.2  Request header requirementsWord‑p. 972

Table V.2.3.2-1 lists reqest header field requirements.
Header field name Description Presence
Content-TypeDescribes the format of the request body. Shall be set to "application/json"M
AcceptDescribes the supported format of the response body. Shall be set to "application/json" if presentO
Up

V.2.4  Response requirementsWord‑p. 973

V.2.4.1  GeneralWord‑p. 973

V.2.4.2  Response header requirementsWord‑p. 973

Header field name Description Presence
Content-TypeDescribes the format of the response body. Shall be set to "application/json"M
Up

V.2.4.3  Error response requirementsWord‑p. 973

V.2.4.3.1  GeneralWord‑p. 973
If the server cannot process the request, the server provides an HTTP error response. The error response contains JSON object specifying the error type.
The server provides a service error when the server is unable to process the request.
The server provides a policy error when the server is able to process the request, but not able to complete the service execution due to a policy restriction.
V.2.4.3.2  Service errorsWord‑p. 974
Exception ID Exception text HTTP status code Exception variables Description
-Error: Missing request body.400-The request could not be processed due to missing request body.
-Error: Missing mandatory parameter.400-The request could not be processed due to missing parameters.
-Error: Requested response body type is not supported.406-The request could not be processed due to a not supported message body format.
-Error: Requested resource not found.404-The request could not be processed due to no resource available related to the Request-URI
-Error: Unsupported request body type.415-The request could not be processed due to not supported message body.
-Error: Invalid parameter value.400-The request could not be processed due to invalid parameter value.
-Error: Failed to parse message body.400-The request could not be processed due to failure to parse the message body.
-Error: Missing mandatory Content-Length headers411-The request could not be processed due to a missing Content-Length header.
Up
V.2.4.3.3  Policy errorsWord‑p. 974
Exception ID Exception text HTTP status code Exception variables Description
-Method not allowed405-The resource was invoked with unsupported operation
-Internal server error.500-The request failed due to internal error
Up

V.2.5  signingWord‑p. 974

V.2.5.1  GeneralWord‑p. 974

To get an asserted identity signed the client sends an HTTP POST request towards the AS for signing containing a PASSporT SHAKEN object, specified in RFC 8588; a PASSporT rph object, specified in RFC 8443; a PASSporT sph object, specified in RFC 9027; or a PASSporT div object, specified in RFC 8946. The received signingResponse contains for successful requests the signed Identity header field value in a JSON object. Unsuccessful requests are responded with an HTTP 4xx or 5xx response.
Up

V.2.5.2  Data typesWord‑p. 974

Table V.2.5.2-1 specifies the data types included in the signing request. The signing request contains the claims included in:
  • a PASSporT SHAKEN JSON Web Token, specified in RFC 8588;
  • a PASSporT div JSON Web Token specified in RFC 8946]; or
  • a PASSporT rph JSON Web Token specified in RFC 8443] and optionally a PASSporT sph JSON Web Token specified in RFC 9027.
Parameter Type; Value Presence Description
attest string; "A", "B" or "C" O Identifying the relation between the service provider attesting the identity and the subscriber. Specified in RFC 8588 [261].
destarray of identity claim JSON objects representing destination identities; tn or uriMIdentifying the called user taken from the To header field for a PASSporT SHAKEN Token, and from the Request-URI for a PASSporT div Token. Specified in RFC 8225 [262].
dividentity claim JSON object, tn or uri. A hi element should be included.OIdentifying the diverting user, taken from the corresponding Identity header field as pecified in RFC 8946 [265].
iatinteger; time and date of issuance of the PASSporT tokenMTime since 1 January 1970 in Numeric Date format as specified in RFC 7519 [235].
origidentity claim JSON object; tn or uriMIdentifying the calling user. Specified in RFC 8225 [262].
origidString; UUIDOSpecified in RFC 8588 [261]
rpharray of strings that correspond to the r-values indicated in the SIP Resource-Priority header fieldOContains assertion of the priority level of the user to be used for a given communication session as specified in RFC 8443 [279].
sph string "psap-callback" O Contains header field value "psap-callback" of the SIP Priority header field as specified in RFC 9027 [278].
Table V.2.5.2-2 further specifies the data types contained in the signing request parameters.
Parameter Type; Value Presence Description
hi string. An "index" header field parameter as specified in RFC 7044 [66] O The "index" header field parameter is included in the entry identifying the diverting user in the History-Info header field.
tnstring; allowed characters as for local-number-digits and global-number-digits defined in RFC 3966 [22]MThe number needs to be canonicalized by the AS for signing following the procedure in RFC 8224 section 8.3.
uristring; A SIP URI as specified in RFC 3261 [26] following the generic guidelines in RFC [3986].O Used if the "orig" or "dest" is given in a SIP URI.
Table V.2.5.2-3 specifies the data types included in the signing response.
Parameter Type; Value Presence Description
identityHeader string; Identity header field value as specified in RFC 8224 [252]MThis string cannot be NULL
Up

V.2.6  verificationWord‑p. 976

V.2.6.1  GeneralWord‑p. 976

To get a received identity claim verified, the client sends an HTTP POST request towards the AS for verification containing a PASSporT object, including one or more claims with the contents of the received Identity header field(s) signing:
  • the originating identity and optionally all the Identity header fields signing diverting identities; and/or
  • the Resource-Priority header field and optionally the header field value "psap-callback" of the Priority header field.
The verificationResponse contains the outcome of the verification in a verstat claim with values as specified for the verstat tel URI parameter in subclause 7.2A.20 and in a verstatPriority claim with values as specified for the Priority-Verstat header field in subclause 7.2.21. Unsuccessful requests are responded with an HTTP 4xx or 5xx response.
Up

V.2.6.2  Data typesWord‑p. 976

Table V.2.6.2-1 specifies the data types included in the verification request.
Parameter Type; Value Presence Description
identityHeaderstring; Identity header field value for the originating identity as specified in RFC 8224 [252].MThis string cannot be NULL
IdentityHeadersarray of string; Identity header field values as specified in RFC 8224 [252]. One identityHeader claim per received Identity header field is sent.OIdentity headers containing the div, rph or sph claims to be verified.
toString; identity claim JSON object; tn or uriMThe destination identity taken from the To header field. Used when no div claim is included.
deststring; identity claim JSON object; tn or uriOThe destination identity taken from the R-URI in the incoming request. Used when div claim is included.
timeinteger; Numeric date format defined in RFC 7519 [235]MTime based on the Date header field in the incoming request.
fromstring; identity claim JSON object; tn or uriMThe asserted identity, taken from the P-Asserted-Identity or the From header field of the incoming request
Table V.2.6.2-2 specifies the data types included in the verification response.
Parameter Type; Value Presence Description
divResultarray of one or more [div, verstatValue] tuplesOParameter informing of the result of the verification of diverting identities. For each verified identity the verstat parameter is added to the verified identity.
verstatValue string; set to a value defined in Table 7.2A.20.3-1 OParameter informing of the result of the verification of originating identity. To be used in the verstat parameter added to the verified identity. The parameter is mandatory if the request contained a PASSporT SHAKEN JSON Web Token.
verstatPriority string; set to a value defined in Table 7.2.21-1 O Parameter informing of the result of the verification of the Resource-Priority header field and optionally the header field value "psap-callback" of the Priority header field.
Up

Up   Top   ToC