Network Working Group K. Mimura Request for Comments: 4160 K. Yokoyama Category: Informational T. Satoh C. Kanaide TOYO Communication Equipment C. Allocchio Consortium GARR August 2005 Internet Fax Gateway Requirements Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005).
AbstractTo allow connectivity between the General Switched Telephone Network facsimile service (GSTN fax) and the e-mail-based Internet Fax service (i-fax) an "Internet Fax Gateway" is required. This document provides recommendations for the functionality of Internet Fax Gateways. In this context, an "offramp gateway" provides facsimile data transmission from i-fax to GSTN fax; vice versa, an "onramp gateway" provides data transmission form GSTN fax to i-fax. The recommendations in this document apply to the integrated service including Internet Fax terminals, computers with i-fax software on the Internet, and GSTN Fax terminals on the GSTN. 1].
This document provides recommendations only for the specific case hereunder: 1) the operational mode of the Internet Fax is "store and forward", as defined in Section 2.5 of . 2) The format of image data is the data format defined by "simple mode" in . This document does not apply to the gateway functions for "real-time Internet Fax", as described and defined in . Additional recommendations for optional functionality are described in . 5]. 4], while the GSTN side of the gateway acts as a GSTN fax device, as described in . In this document we will only thus recommend the actions that occur while 1) the onramp gateway converts a fax received from GSTN and forwards it to the Internet Fax service; 2) the offramp gateway converts a fax received from the Internet and forwards it to the GSTN fax service.
9]. Other methods of adding a digital signature to a mail message (such as OpenPGP  ) MAY also be used to authenticate and authorize the user. The agent sending the Internet Fax (which may include an onramp gateway) sends the digitally-signed S/MIME or OpenPGP Fax message to the offramp gateway. The offramp gateway then compares the credentials of the user to determine if he/she is authorized to send faxes to the GSTN fax service. If the authorization process fails, then the offramp gateway MUST generate an error delivery notification for the sender of the Internet Fax.
The GSTN destination address SHOULD normally be encoded inside the left-hand side of the e-mail address, according to . However, an offramp gateway MAY use locally implemented translation rules to map left-hand side strings into GSTN addresses. In any case, the offramp gateway MUST process the resultant GSTN address and convert it to a "local-phone", in accordance with local dialing rules. "Global-phone" is defined in Section 2 of . "Local-phone" is defined in Section 2 of . "Exit-code" is defined in Section 2.1 of . The offramp gateway SHOULD also have a function to apply translation to originator addresses and other addresses referred to into the Internet Fax, in order to ensure a possible return path from GSTN fax service to Internet Fax destinations, including other offramp gateways. These functions MUST be compliant with the address handling of onramp gateways that is described in Section 4.2 of this document.
The next example shows how an offramp gateway converts a "global- phone" to "local-phone" by removing the "+" and "44" (recognizing the international country code is local), and then adding the long distance "0" in front of the string: global-phone: +441164960348 resulting in: local-phone: 01164960348 The last example shows how an offramp gateway converts a "global- phone" to a "local-phone" by removing the "+", recognizing the international country code is non-local, and adding the local international dialing prefix "00" in front of the string: global-phone: +441164960348 resulting in: local-phone: 00441164960348 7], then it MUST be used by the offramp gateway, as specified in T.33 , to reach the final GSTN fax recipient. 16]) into the GSTN fax image format. Other Internet Fax file formats are not considered in this document. 4]) when a transmission error occurs over the GSTN fax service and the facsimile is not delivered to the destination. The return notice MUST be in Message Delivery Notification (MDN) format and delivered by the offramp gateway over the Internet e-mail transport service used by Internet Fax. The MDN disposition-type MUST be set as "processed", and the disposition-modifier MUST be set as an "error".
If the offramp gateway fails to transmit the MDN, the error information MAY be recorded to a log, and processing MAY end, or the administrator of the gateway system MAY be notified of these errors through a specific method (for example, by an e-mail message). The more complex case of Delivery Status Notification (DSN) requests handling is not considered in this document.
Section 3.4.1 of . If the address mapping lookup fails, an error MUST be reported to the originating GSTN fax device.
(2) The destination number is encoded as a "global-phone", so "+" is added to the head of the string. +441164960348 (3) "FAX=" is added in order to build the "fax-mbox" address item FAX=+441164960348 (4) The destination address is completed, adding the specification of the appropriate offramp gateway, which is supposed to handle the delivery of the fax message to a global-phone address. FAXemail@example.com The procedure for choosing the domain name of an offramp gateway is defined in Section 4.3 ("Relay Function"). "Global-phone", "fax-mbox", and "fax-address" are defined in Section 2 of . "Mta-I-fax" is defined in Section 3 of . "Fax-email" is defined in Section 4 of . Section 4.2.2 of this document). The sender address SHOULD be completed using the onramp gateway address, unless the onramp gateway has additional information with which to specify a different return path. If the onramp gateway does not have any sender address information, the Internet Fax sender address SHOULD be set to either a "no-reply" address or an appropriate default mailbox. 15] specification, and encoded as given in . In the case of indirect address mapping, the subaddress MAY be contained inside the address mapping table.
16]. Section 3.1 ("User Authorization") for authentication for an offramp gateway. OpenPGP   can be used to provide authorization services instead of S/MIME. Refer to Section 4.1 ("User Authorization") for authentication for an onramp gateway. S/MIME and OpenPGP can also be used to encrypt a message. A signed or encrypted message is protected while transported along the network; however, when a message reaches an Internet Fax Gateway, either onramp or offramp, this kind of protection cannot be applied anymore. Here, security must rely on trusted operations of the gateway itself. A gateway might have its own certificate/key to improve security operations when sending Internet Faxes, but, as with any gateway, it breaks the end-to-end security pattern of both S/MIME and PGP. Other security mechanisms, like IPsec  or TLS  also do not ensure a secure gateway operation.
Denial-of-service attacks are beyond the scope of this document. Host compromise caused by flaws in the implementation is beyond the scope of this document.  Masinter, L., "Terminology and Goals for Internet Fax", RFC 2542, March 1999.  Thayer, R., Doraswamy, N., and R. Glenn, "IP Security Document Roadmap", RFC 2411, November 1998.  "Procedures for real-time Group 3 facsimile communication over IP networks", ITU-T Recommendation T.38, June 1998.  Toyoda, K., Ohno, H., Murai, J., and D. Wing, "A Simple Mode of Facsimile Using Internet Mail", RFC 3965, December 2004.  Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.  "Procedures for document facsimile transmission in the general switched telephone network", ITU-T Recommendation T.30, April 1999.  Allocchio, C., "Minimal FAX address format in Internet Mail", RFC 3192, October 2001.  Allocchio, C., "GSTN Address Element Extensions in E-mail Services", RFC 2846, June 2000.  Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3852, July 2004.  Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC 2631, June 1999.  Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling", RFC 3850, July 2004.  Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004.
 Hoffman, P., "Enhanced Security Services for S/MIME", RFC 2634, June 1999.  Resnick, P., "Internet Message Format", RFC 2822, April 2001.  "Facsimile routing utilizing the subaddress", ITU recommendation T.33, July 1996.  Buckley, R., Venable, D., McIntyre, L., Parsons, G., and J. Rafferty, "File Format for Internet Fax", RFC 3949, February 2005.  Callas, J., Donnerhacke, L., Finney, H., and R. Thayer, "OpenPGP Message Format", RFC 2440, November 1998.  Kent, S. and R. Atkinson, "Security Architecture for the Internet Protocol", RFC 2401, November 1998.  Kent, S. and R. Atkinson, "IP Authentication Header", RFC 2402, November 1998.  Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001.  Piper, D., "The Internet IP Security Domain of Interpretation for ISAKMP", RFC 2407, November 1998.  Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", RFC 3546, June 2003.  Mimura, K., Yokoyama, K., Satoh, T., Watanabe, K., and C. Kanaide, "Guidelines for Optional Services for Internet Fax Gateways", RFC 4161, August 2005.  Elkins, M., Del Torto, D., Levien, R., and T. Roessler, "MIME Security with OpenPGP", RFC 3156, August 2001.
Full Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- firstname.lastname@example.org. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society.