SIST-TS ETSI/TS 102 051 V1.1.1:2005

SLOVENSKI STANDARD
01-januar-2005
Upravljanje sistema ENUM v Evropi
ENUM Administration in Europe
Ta slovenski standard je istoveten z: TS 102 051 Version 1.1.1
ICS:
33.040.30 Komutacijski in signalizacijski Switching and signalling
sistem systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

Technical Specification
ENUM Administration in Europe
2 ETSI TS 102 051 V1.1.1 (2002-07)

Reference
DTS/SPAN-110106
Keywords
ENUM
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, send your comment to:
editor@etsi.fr
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2002.
All rights reserved.
TM TM TM
DECT , PLUGTESTS and UMTS are Trade Marks of ETSI registered for the benefit of its Members.
TM
TIPHON and the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
ETSI
3 ETSI TS 102 051 V1.1.1 (2002-07)
Contents
Intellectual Property Rights.5
Foreword.5
1 Scope.6
2 References.6
3 Definitions and abbreviations.6
3.1 Definitions.6
3.2 Abbreviations.8
4 Background.8
5 Description of ENUM.9
6 Opportunities threats and risks.12
6.1 Possible opportunities from ENUM .12
6.2 Possible threats from ENUM.13
6.3 Possible risks from specific implementations of ENUM.13
6.3.1 Integrity and security aspects.13
6.3.2 Abuse of market power.14
6.3.3 Universal resolvability and uniqueness of data in DNS.14
6.4 Other risks.15
7 Principles for ENUM implementation within Europe.15
7.1 Basic principles.15
7.2 Opt-in principle for the individual E.164 number holder .16
7.3 Principle for calling users and communications providers.16
8 Functional model.16
9 DNS responsibilities.17
9.1 Administrative responsibility for a domain .18
9.2 Registry for a domain .18
9.3 Registrar for a domain.18
10 General administrative and operating assumptions and requirements .18
10.1 ENUM Tier 1 manager assumptions .19
10.2 ENUM Tier 1 registry assumptions.19
10.3 ENUM Tier 2 Nameserver Provider assumptions .19
10.4 ENUM Registrar assumptions.20
10.5 Application Service Provider assumptions.21
10.6 Registrant assumptions.21
10.7 Validation assumptions.21
10.8 Removal assumption.21
10.9 Other assumptions.22
11 Operational and administrative processes .22
11.1 Processes for the provision of records in ENUM database at the Tier 0 level .22
11.2 Processes for the provision of records in the databases at the Tier 1 and Tier 2 levels.22
11.2.1 Registration of an E.164 number in the ENUM database.22
11.2.2 Processes for creation, modification and deletion of NAPTR Records in the Tier 2 database .23
11.2.3 Processes for removal of E.164 numbers from ENUM databases .24
11.3 Processes for changing Registrars .25
11.4 Other provisioning processes .26
12 Considerations in development and assessment of options for national implementations.26
12.1 Validation.26
12.2 Types of numbers .29
12.3 Openness to competition .29
12.4 Complexity and effort associated with provisioning .29
ETSI
4 ETSI TS 102 051 V1.1.1 (2002-07)
13 Recommendation for ENUM implementation within Europe.29
Annex A (informative): Examples for grouping of functionalities in national implementations.31
A.0 Introduction.31
A.1 Example 1.32
A.2 Example 2.34
A.3 Example 3.36
A.4 Example 4.38
Annex B (informative): ENUM entities - functions and responsibilities .40
Annex C (informative): DNS Concepts.41
C.1 DNS related definitions.41
C.2 DNS administration related definitions.42
Annex D (informative): Bibliography.44
History .45

ETSI
5 ETSI TS 102 051 V1.1.1 (2002-07)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://webapp.etsi.org/IPR/home.asp).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Services and Protocols for
Advanced Networks (SPAN).
ETSI
6 ETSI TS 102 051 V1.1.1 (2002-07)
1 Scope
The present document aims to assist European countries in the development of their national implementations of
ENUM. The present document builds upon the concept of ENUM as specified in IETF RFC 2916 [1] limited to E.164.
It introduces a set of basic principles that should be adhered to in order to maximize potential benefits from publicly
available ENUM implementations within Europe. A functional architecture for ENUM administration is put forward
and a number of options for provisioning flows are also proposed.
ENUM-like mechanisms can also be used for other identifiers or purposes such as private dialling plans, routeing, etc.
These functions are out of the scope of the present document.
The description of applications that can be offered by using ENUM capabilities and the role to be performed by
Application Service Providers are specified in TS 102 055 (see bibliography).
2 References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication and/or edition number or version number) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies.
[1] IETF RFC 2916: "E.164 number and DNS".
[2] IETF RFC 1591: "Domain Name System Structure and Delegation".
[3] ITU-T Recommendation E.105 (08/92): "International telephone service".
[4] ITU-T Recommendation E.164 (05/97): "The international public telecommunication numbering
plan".
[5] ITU-T Recommendation E.191 (03/00): "B-ISDN addressing".
[6] IETF RFC 954: "NICNAME/WHOIS".
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
accreditation: processes by which organizations are approved to act as the entities at the Tier 1 or Tier 2 levels
NOTE: The nature of accreditation, indeed whether it applies at all, is a national matter.
Application Service Provider (ASP): entity that provides specific application(s) which may be linked to an E.164
number using ENUM e.g. email or voice messaging to the end user
assignment entity: entity (e.g. Telephony service provider or National Number Plan Administrator or his agent)
responsible for the assignment of E.164 numbers to end users
ETSI
7 ETSI TS 102 051 V1.1.1 (2002-07)
designated manager or responsible administrative organization: entity, in any level of the ENUM-based
architecture, which is responsible for a domain
NOTE: See clause 9.1 of the present document.
domain: set of host names within the DNS consisting of a single domain name and all the domain names below it
domain name: unique designator made up of symbols separated by dots
NOTE: The individual words or characters between the dots are called labels. The label furthest right represents
the top level domain. The second most right represents the second level of domain, or "second level
domain.
E.164: International Public Telecommunication Numbering Plan
NOTE: See ITU-T Recommendation E.164 [4].
E.164 Number: number taken from ITU-T Recommendation E.164
ENUM root: domain in which ENUM is hosted (according to IETF RFC 2916, this is e164.arpa)
ENUM domain name: domain name for an E.164 number
ENUM database: ENUM database is that part of the DNS below the ENUM root
ENUM end user: assignee of an E.164 number who has agreed to insert its E.164 number in the ENUM DNS-based
architecture
ENUM registrar: entity that provides direct services to domain name registrants by processing name registrations
ENUM registrant: entity initiating the ENUM registration process (end user or agent)
ENUM subscriber: assignee of an E.164 number who has agreed to insert its E.164 number in the ENUM DNS-based
architecture
ENUM Tier 0: level in the tiered architecture corresponding to the ENUM root, i.e. e164.arpa
NOTE: Records at this level contain pointers to Tier 1 for an E.164 Country Code or portion thereof.
ENUM Tier 1: level in the tiered architecture corresponding to the E.164 Country Code (CC), i.e. .e164.arpa
NOTE: Records at this level contain pointers to Tier 2 for an E.164 number.
ENUM Tier 2: level in the tiered architecture corresponding to the E.164 number, i.e., ..e164.arpa
NOTE: Records at this level contain NAPTR records for an E.164 number.
ENUM Tier 2 Nameserver Provider: entity responsible for the servers within DNS that hold the NAPTR resource
records
NOTE: In some other documents this entity is also referred to as the ENUM Tier 2 Registry or the ENUM Tier 2
provider.
National Number Plan Administrator (NNPA): entity responsible for the administration of a national numbering
Plan that is part of the international E.164 numbering plan
number portability: ability of an end user to change location within a geographic area, between service providers or
services, without changing their number
opt in: concept by which no action is taken unless with the explicit permission of the end user
telephony service provider: entity that provides the telephony service for which an E.164 number is assigned. In most
cases the telephony service provider may act as the assignment entity
Uniform Resource Identifier (URI): compact string of characters for identifying an abstract or physical resource that
is accessible via the Internet
ETSI
8 ETSI TS 102 051 V1.1.1 (2002-07)
Uniform Resource Locator (URL): refers to the subset of URI that identify resources via a representation of their
primary access mechanism (e.g., their network "location"), rather than identifying the resource by name or by some
other attribute(s) of that resource e.g. http://www.etsi.org or sip:user@etsi.org
validation entity: entity (e.g. Telephony service provider or National Number Plan Administrator or his agent) that
validates the assignment of E.164 numbers to end users
WHOIS: database function that provides a look up capability of those on the Internet
3.2 Abbreviations
For the purposes of the present document, the following abbreviations apply:
ASP Application Service Provider
DNS Domain Name System
DNSSEC DNS SECurity extension
ENF European Numbering Forum
IAB Internet Architecture Board
IETF Internet Engineering Task Force
IP Internet Protocol
ISDN Integrated Services Digital Network
ISOC Internet Society
ITU-T International Telecommunication Union - Telecommunication Standardization Sector
LS Location Server
NAPTR Naming Authority PoinTeR
NNPA National Number Plan Administrator
NRA National Regulatory Authority
ONP Open Network Provision
PSPDN Packet Switched Public Data Network
PSTN Public Switched Telephone Network
RFC Request For Comment (IETF related standard)
RRs (DNS) Resource Records
SCN Switched Circuit Network
SIP Session Initiation Protocol
TLD Top Level Domain
TSP Telephony Service Provider
URI Uniform Resource Identifier
URL Uniform Resource Locator
4 Background
ENUM is a mechanism (see note 1) that maps E.164 numbers to Internet domain names. Every E.164 number can
potentially be used in ENUM. All portions of international or national numbering plans can be considered for inclusion,
meaning that every E.164 number can potentially be used in ENUM. Much attention now surrounds ENUM as it
facilitates interworking between telephony networks and applications that are reliant on the Internet. ENUM transforms,
in real time, end users' E.164 numbers to other communications identities (see note 2) used for setting up connections.
For example, this could be used for communications from the circuit switched telephone network (PSTN) to IP-based
services and vice-versa. It can also assist end users who wish to be able to be reachable via several means of
communication. ENUM capabilities are described in more detail in clause 5 of the present document.
NOTE 1: While ENUM strictly refers to the mechanism, in practical terms it is also used to refer to the wider
implementation of ENUM, i.e. the populated database.
NOTE 2: Communications identity is a generic term including a name, a number or an address. For explanation of
these three terms refer to ITU-T Recommendation E.191 [5]. This new English term is introduced in the
present document in the absence of a suitable well-known generic English term covering both a name, a
number and an address for use in electronic communications networks (e.g. PSTN, ISDN, PLMN,
Internet and PSPDN).
ETSI
9 ETSI TS 102 051 V1.1.1 (2002-07)
Following completion of work on IETF RFC 2916 [1] by the IETF which introduced the ENUM mechanism, the focus
of attention turned towards the ITU-T who began working with the ISOC/IAB to determine the Administrative
requirements (see note 3).
NOTE 3: ITU-T Study Group 2 is developing a Recommendation, E.A-ENUM "Principles and procedures for the
administration of E.164 geographic country codes for registration into the domain name system", and a
Supplement entitled "Operational and administrative issues associated with national implementations of
enum functions" which will offer guidance to national Administrations/NRA. Approval of the
Recommendation is targeted for 12/2002.
Work is now under way in some European countries in order to understand the implications of ENUM and how it could
be implemented. However this is occurring in a rather fragmented manner. Concerns over ENUM have also been
expressed by a number of other parties, including the European Commission (see note 4) in the production of a paper
that has been submitted to the ONP Committee. An experts group on Numbering, Naming and Addressing, created by
the ONP committee, will also be considering whether any specific action relating to ENUM is required.
NOTE 4: The ONP expert group meet in December 2001 and in January 2002. Their results were provided to the
ONP Committee. Then the ONP Committee made a contribution to the ITU-T SG2-meeting in May 2002
that was supported by the 15 MS in EU.
The numbering and addressing environment within Europe exhibits marked differences from that within the US and
other parts of the world, so it is considered important that Europe looks closely at the administration issues that occur
with ENUM. Efforts at drawing together a co-ordinated approach should not only result in a firm foundation for ENUM
activities within the European environment, but should also assist in enhancing the competitive communications
environment.
The present document is presented to assist with that task. It has been developed taking due account of the views and
comments of other key European bodies, including the European Numbering Forum (ENF).
NOTE 5: In the present document, for consistency, the domain e164.arpa will be mentioned as the ENUM root
domain of the ENUM DNS-based architecture. In the case that a different domain results from
discussions between ISOC and the ITU the basic principles articulated in this paper will apply.
The single domain that is referred to throughout the present document as for the ENUM Tier 0 domain, is the e164.arpa
domain. This domain is used only for convenience and given that domain is specified in IETF RFC 2916 [1], the IETF
protocol in which ENUM is described. This should not assume that this domain will be the final choice which the ITU
and relevant Internet governance bodies will agree on for the implementation of ENUM. The principles set in the
present document are independent of the final choice of the ENUM Tier 0 domain and should not preclude a single
authoritative solution at some future point in time, should this become agreed policy.
5 Description of ENUM
ITU-T Recommendation E.164 [4] describes the format and types of use of public telephone numbers (E.164 numbers).
ENUM is a term that has been adopted to describe a Domain Name System (DNS) based mechanism which maps E.164
numbers into URIs.
Via ENUM, an E.164 number can be used as a single front-end to a variety of communication identities by which an
end user can be contacted, including those used for phone, fax and email. This enables users who are the recipient of
communications to indicate the means by which they wish to be contacted through a single number. The details of these
communications identities can also be easily amended, added to, or updated without changing the number used for
access.
The communications identities that can be accessed via a look-up of ENUM data may be associated with a wide range
of applications, some of which are shown within figure 1.
ETSI
10 ETSI TS 102 051 V1.1.1 (2002-07)

Typical Applications
Out
URI
ENUM
Instant
Messaging
DNS
InternetInternet
Voice
DomDomaainin
NaNammeess
Internet
Unified
Messaging
Fax
ININ
E.16E.1644
Switched
Personal
Circuit
Web Pages
(T(Teelleephonephone))
Networks
(SCN)
NumbersNumbers
Figure 1: Typical applications enabled through ENUM
Using ENUM capabilities, providers of IP telephony services could legitimately originate IP telephony calls from an
E.164 number or terminate IP telephony calls to an E.164 number that was assigned by the access network operator
rather than by the IP telephony service provider.
+41 22 730 5887 3 DNS returns record
as url
DNS
1 +33 4 92 94 42 00
tel:+33492944100
2 Client formats url
Location
server
4 SIP Client initiates
INVITE to server
LS returns
using tel url 6
IP address
IP
of Gateway
Network
5 SIP server looks
up gateway
address from LS
+33 4 92 94 42 00
7 Call routed
to Gateway
IP address
PSTN
Gateway
8 Gateway
completes
call to PSTN
Figure 2: Typical call flows IP-PSTN
Figure 2 shows a typical call flow with a call originating on a SIP based network, in this example in Switzerland
(+41 number), contacting a user on a SIP (IP based) network in France (+33 number).
ETSI
11 ETSI TS 102 051 V1.1.1 (2002-07)
4 DNS look up returns
DNS
+41 22 730 5887 NAPTR record with
itu@sipservice.arpa
7 SIP server 6 DNS returns
routes call to SIP server IP
user address
IP
Network
+33 4 92 94 42 00
Gateway looks up
host for
+41 22 730 5887
itu@sipservice.arpa
PSTN
Gateway
2 +41 22 730 5887
3 ( ENUM functionality)
formats url
7.8.8.5.0.3.7.2.2.1.4.e164.arpa

Figure 3: Typical call flows PSTN-IP
Figure 3 shows a typical call flow where a call originating on a on a circuit switched network in this case in France (+33
number), contacts a user on a SIP (IP based) network in Switzerland (+41 number).
It should be noted that ENUM can facilitate a wide range of different applications by providing access using an E.164
number, however ENUM itself does not provide these applications, merely a method that can facilitate access.
ENUM utilizes a mechanism developed by the Internet Engineering Task Force (IETF), specified in
IETF RFC 2916 [1]. As stated previously ENUM resolution utilizes the DNS for resolution. The part of the DNS tree
applicable to ENUM is shown in figure 4.
Other roots
The root node
"" ""
arpa .com .xxx
.net .yyy
.
... ...
second- second- second- second- second-
e164.arpa in-addr
level node level node level node level node level node
3.3.e164.arpa
4.4.e164.arpa
third-level third-level
node node
6.4.e164.arpa
0.0.0.0.6.9.4.3.1.1.4.4.e164.arpa 0.0.2.4.4.9.2.9.4.3.3.e164.arpa
4.3.2.1.6.7.9.8.6.4.e164.arpa
Figure 4: shows how ENUM fits into the DNS structure
The DNS forms a distributed database which holds information about Internet hosts. Each domain path spreads down
from one 'root' domain at the highest level through its sub domains. In written form each sub domain is indicated by the
insertion of a dot (.) within the written string. “Other roots” can be found in clause 6.3.3.
ETSI
12 ETSI TS 102 051 V1.1.1 (2002-07)
Second-level domains in other top level domains (e.g. enumworld.org and e164.com) are also possible and it must be
recognized that multiple competitive ENUM DNS zones will be deployed. However, the approach in the present
document focuses on a single domain as such an approach will provide a more authoritative, consistent and robust
implementation of ENUM.
All types of assigned country codes: geographic country codes, Network country codes, global service country codes
and Group of countries country codes could be inserted in the DNS.
To find the DNS names for a specific E.164 number, the following procedure is to be followed:
1) The E.164 number is written in its full form, including the country code.
2) All non-digit characters with the exception of the leading '+' are removed. The '+' is kept in stage 2 to flag that
the number which the regular expression is operating on is an E.164 number.
3) All characters with the exception of the digits are removed.
4) Dots (".") are inserted between each digit.
5) The order of the digits is reversed.
6) The string ".e164.arpa" is appended to the end.
As an example E.164 number +33 492944200 is inserted in the DNS as the ENUM domain name
0.0.2.4.4.9.2.9.4.3.3.e164.arpa.
The ENUM domain name is resolved to other kinds of addresses (e.g. e-mail addresses, SIP URLs for "IP telephony",
mobile telephone numbers, web addresses stored in special records, known as NAPTR records) which can thereby
facilitate various communication solutions where telephone numbers are used as the only call identity.
These applications can all be provided using ENUM. To differentiate this use of ENUM from those that may use
ENUM capabilities to facilitate routeing within a network operator domain, or alternatively within a private network
environment the term "User ENUM" is sometimes used. The use of ENUM capabilities for Routeing within an
Operators network is likewise sometimes referred to as "Infrastructure ENUM" (See TS 102 055 in bibliography).
6 Opportunities threats and risks
6.1 Possible opportunities from ENUM
ENUM is a key element for the convergence between IP based networks and networks offering telephony service such
as PSTN, ISDN and GSM.
The introduction of ENUM may facilitate the development of IP telephony and other applications by enabling the
recipients of communications to indicate what methods of communications are available for reaching them. The
originator may be able to determine the most appropriate way to establish the communication.
Despite the staggering development of the Internet and the related addressing and naming schemes, it is worth
remembering that E.164 is still the most used and widespread addressing and naming scheme and the only one
supported by millions of devices currently in use. It is foreseeable that in the next few years both E.164 and Internet
domain names will exist and increasingly inter-operate. What ENUM offers is a solution for interoperability between
Internet domain names and any E.164 resource, establishing an environment for the creation of new services and
applications. Any E.164 number can potentially be used in ENUM.
The possibility to associate a single E.164 number with a list of URIs allows an end user to have a single contact point
(E.164 number) corresponding to a number of different services and applications such as voice, e-mail, fax, unified
messaging, etc. The end user, by using the functionalities provided by ENUM, can customize his service profile and
determine the preferred way to be contacted by the party initiating the communication.
It should be noted that the introduction of ENUM of itself does not require any change to the national numbering plans
and will not imply any additional demand of E.164 number resources. However, new services and applications triggered
by the availability of ENUM may generate demand for additional numbering resources.
ETSI
13 ETSI TS 102 051 V1.1.1 (2002-07)
ENUM is considered to be an enabler to the deployment of converged services and should therefore benefit Internet
service providers, network operators, and end users. In order to maximize these benefits and avoid dangerous "side
effects" such as incompatible implementations and leak of sensitive data it is crucial to develop an ENUM solution that
addresses these issues and provides a pragmatic approach.
Operator population of ENUM for call routeing purposes may also provide additional functionality. TS 102 055
(see bibliography) describes how ENUM functionality could be used by operators for call routeing and examines the
associated issues.
6.2 Possible threats from ENUM
It should be recognized that the potential of ENUM as a key enabler in the convergence between IP-based networks and
more traditional telephony networks may also result in additional complexity in commercial relationships and
regulation of the telecommunications sector. It is likely that both regulators and telephony service providers will face
challenges from the quantum changes to the familiar telecommunications market structure and behaviour that ENUM
may facilitate.
ENUM provides a significant risk for unscrupulous use of the information contained in NAPTR records. Any
communication attempt to an E.164 number for which ENUM records exist will enable the requesting ENUM client
application to access information on all of the service specific communication identifiers (telephone numbers, email
addresses, Instant Messaging addresses, etc.) contained in that person's NAPTR record. This information could be used
to determine the identity of the person associated with a randomly entered E.164 number (e.g. by looking at the name in
their email address, or by looking at any other entry in their NAPTR record that gives a clue to their name).
This potential abuse of ENUM could be used to assist "identity theft" or to help organizations that wish to build lists of
identities to use for the propagation of "Spam" communications across a wide range of different communications
services (e.g. people who would previously contact people by working through lists of telephone numbers could now
also generate lists of email addresses and instant messaging identifiers associated with those numbers).
Information contained in NAPTR records may reveal the types of communications applications and services that are
used by an ENUM end user, and potentially also the providers of these applications and services. It is possible that this
information could be used by third parties for commercial purposes; for example, to make offers to ENUM end user
regarding applications and services that compete with those used by the subscriber, or to develop and sell market
profiles showing the communications applications and services used by ENUM end users.
ENUM, like any system that maps multiple services to a single identifier (the E.164 number), can be vulnerable to
multi-service Denial of Service (DoS) attacks. For example, anyone mounting a "flood attack" on the DNS NAPTR
records can prevent the retrieval of any communication addresses from the NAPTR record. Such an attack would make
it impossible for anyone querying the NAPTR record to get a response to their query. The result of such an attack could
be that nobody would be able to communicate with the ENUM end user using any of their possible communication
services, thus completely disabling the subscriber's incoming communications. Where the E.164 number associated
with the NAPTR record is also provisioned in a PSTN network, it may still be possible to contact the person subjected
to the DoS attack using that E.164 number in the PSTN network.
6.3 Possible risks from specific implementations of ENUM
Further threats may arise from particular implementations of ENUM that suffer from poor supervision or controls.
6.3.1 Integrity and security aspects
Two of the principal threats are:
• Passing off.
• Hijacking.
"Passing off" is where an entity represents itself as someone or something that it is not, usually to achieve a commercial
advantage or for criminal purposes. In the context of ENUM, passing off could occur when an entity provisions another
end user's E.164 numbers in the DNS by having their own details inserted in the NAPTR records corresponding to
another person's or company's number.
ETSI
14 ETSI TS 102 051 V1.1.1 (2002-07)
Passing off is regarded as detrimental because it undermines the trust that individuals and organizations should have in
communications using ENUM capabilities.
"Hijacking" is where a provider of communications applications and services is inserted in a communications path
without an end user's permission. In the context of ENUM, hijacking could occur when:
• a provider of communications applications or services arranges for end users' E.164 numbers to be provisioned
in the DNS without their consent; and
• communications using ENUM capabilities for these numbers are redirected via a network, application or service
that end users have not chosen.
Hijacking regarded as detrimental because:
• it could allow a provider of communications applications or services to collect transit or other revenues
improperly; and
• contradict an end user's decision regarding the carriage of its incoming communications.
These risks may arise from the following situation:
• that the contents of the IETF RFC 2916 [1] ENUM domain, together with those of various competing ENUM-
like instantiations e.g. e164.com do not represent a consistent set of data; and
• that the contents of the IETF RFC 2916 [1] ENUM domain conflict with the assignments made in the E.164
numbering plan as maintained by the ITU and sub-delegations,
Both of these risks point to the need for adequate mechanisms to ensure that the request to provision a number in the
DNS originates from the rightful assignee of the number. One possible method could involve authentication by the
relevant Validation Entity. Whatever solution is developed, any effective method is likely to involve some degree of
Validation. While these methods overcome the problem of "passing off", they may not completely solve the problem of
"hijacking", as it is conceivably the Validation Entity which could be attempting to hijack the number. Similar issues
occur in the case of amendment and withdrawal of a number. The challenge is to ensure that the processes meet
requirements in order to maintain consistency between ENUM domain names and E.164 numbers, while not imposing
an excessive administrative burden on any involved entities.
6.3.2 Abuse of market power
Additional risks arise due to the potential that ill-considered administration models could allow entities to abuse
positions of significant market power. This chiefly arises around the Tier 1 Registry (see clause 8), which is a natural
monopoly for a given CC or portion of a CC. Were a country to delegate rights to operation of this Registry without
adequate controls, the Tier-1 Registry could potentially abuse its unique position, for example by charging a
disproportionate fee for entering E.164 numbers into its database. Alternatively having more than one registry at the
Tier-1 leads to many additional complications, including complex and difficult inter-working requirements. Measures to
limit this potential abuse should be considered when national procedures are formulated.
6.3.3 Universal resolvability and uniqueness of data in DNS
The global, public DNS has a strictly hierarchical structure in which information for a given domain name is held in
one, and not more than one, location in the DNS tree. It can be expected that multiple parallel ENUM-like zones will be
deployed under other TLDs. This presents a fundamental risk to ENUM, as it undermines the principle of a unique
location in the DNS tree for the data associated with a given E.164 number.
With parallel ENUM-like zones, there is no longer a unique location in the DNS tree for the data to be associated with a
given E.164 number. Moreover, different data may exist for a given number in different zones. Note that in practice, the
hierarchical structures of both DNS and the E.164 numbering plan have not inhibited competition in Internet and
communication services: the hierarchical structure brings the stability in naming needed by all market parties.
The same fundamental risk would appear if ENUM-like zones were created under what is known as 'alternative roots'
(domain name trees which are not under the purview of ICANN/IANA). These roots are a serious threat to the universal
resolvability of the DNS - the basic functionality of the Internet that guarantees consistent and reliable name
resolution - because a given name may be resolvable only in a particular root.
ETSI
15 ETSI TS 102 051 V1.1.1 (2002-07)
6.4 Other risks
It is possible that control of the domain in which ENUM is hosted by managers of a single country or region could
provide that country or region with undue influence over the operations of converged Internet-telephony networks.
Similarly, if the location of Domain Name Servers upon which the ENUM mechanism depends lies predominantly in a
single country or region this may result in communications within Europe or between Europe and other regions being
unduly reliant on infrastructure outside Europe. Any resolution of this issue is outside the scope of the present
document.
7 Principles for ENUM implementation within Europe
ENUM shall conform to relevant regional directives, national laws and telecommunications specific regulations where
appropriate. Specific principles that shall be applied to ENUM are set out in the following clauses.
7.1 Basic principles
The following basic principles shall be considered as key requirements when ENUM implementation administration
aspects are considered.
• The ENUM end user must be the assignee of an E.164 number to ensure the integrity of the E.164 numbering
plan.
• The integrity of the ENUM data shall not be compromised.
• Administration requirements must take due account of the different number types and methods of management
of the E.164 Numbering Plan.
• The tenets of relevant ITU-T Recommendations, and IETF technical specifications should be adhered to.
• A competitive environment within Europe and compliance with all aspects of competition law shall be
facilitated.
• A stable and secure environment which does not jeopardize the stability and functionality of the Internet and
telecommunication networks (e.g. PSTN, ISDN and PLMN) shall be provided. The use of DNSSEC to provide
additional security should be considered.
• There must be full conformity with regional
...