Network Working Group E. Wilde
Internet-Draft UC Berkeley
Intended status: Standards Track A. Vaha-Sipila
Expires: January 24, 2008 Nokia
Jul 23, 2007
URI Scheme for GSM Short Message Service
draft-wilde-sms-uri-12
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 24, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
This memo specifies the Universal Resource Identifier (URI) scheme
"sms" for specifying a recipient (and optionally a gateway) for an
SMS message. SMS messages are two-way paging messages that can be
sent from and received by a mobile phone or a suitably equipped
computer.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 1]
�
Internet-Draft SMS URI Scheme Jul 2007
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. What is GSM? . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. What is SMS? . . . . . . . . . . . . . . . . . . . . . . . 3
1.3. Universal Resource Identifiers . . . . . . . . . . . . . . 7
1.4. SMS Messages and the Internet . . . . . . . . . . . . . . 7
2. The "sms" URI Scheme . . . . . . . . . . . . . . . . . . . . . 9
2.1. Applicability . . . . . . . . . . . . . . . . . . . . . . 9
2.2. Formal Definition . . . . . . . . . . . . . . . . . . . . 9
2.3. Processing an "sms" URI . . . . . . . . . . . . . . . . . 11
2.4. Examples of Use . . . . . . . . . . . . . . . . . . . . . 11
2.5. Using "sms" URIs in HTML Forms . . . . . . . . . . . . . . 12
3. "sms" URIs and SMS Web Services . . . . . . . . . . . . . . . 13
3.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 13
4. URI Scheme Registration . . . . . . . . . . . . . . . . . . . 14
4.1. URI Scheme Name . . . . . . . . . . . . . . . . . . . . . 14
4.2. Status . . . . . . . . . . . . . . . . . . . . . . . . . . 14
4.3. URI Scheme Syntax . . . . . . . . . . . . . . . . . . . . 14
4.4. URI Scheme Semantics . . . . . . . . . . . . . . . . . . . 14
4.5. Encoding Considerations . . . . . . . . . . . . . . . . . 14
4.6. Applications/Protocols that use this URI Scheme Name . . . 15
4.7. Interoperability Considerations . . . . . . . . . . . . . 15
4.8. Security Considerations . . . . . . . . . . . . . . . . . 15
4.9. Contact . . . . . . . . . . . . . . . . . . . . . . . . . 15
5. Security Considerations . . . . . . . . . . . . . . . . . . . 15
6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 18
6.1. From -11 to -12 . . . . . . . . . . . . . . . . . . . . . 18
6.2. From -10 to -11 . . . . . . . . . . . . . . . . . . . . . 18
6.3. From -09 to -10 . . . . . . . . . . . . . . . . . . . . . 18
6.4. From -08 to -09 . . . . . . . . . . . . . . . . . . . . . 18
6.5. From -07 to -08 . . . . . . . . . . . . . . . . . . . . . 19
6.6. From -06 to -07 . . . . . . . . . . . . . . . . . . . . . 19
6.7. From -05 to -06 . . . . . . . . . . . . . . . . . . . . . 19
6.8. From -04 to -05 . . . . . . . . . . . . . . . . . . . . . 19
6.9. From -03 to -04 . . . . . . . . . . . . . . . . . . . . . 19
6.10. From -02 to -03 . . . . . . . . . . . . . . . . . . . . . 19
6.11. From -01 to -02 . . . . . . . . . . . . . . . . . . . . . 19
6.12. From -00 to -01 . . . . . . . . . . . . . . . . . . . . . 19
6.13. Change Log of draft-wilde-sms-service . . . . . . . . . . 20
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
7.1. Normative References . . . . . . . . . . . . . . . . . . . 21
7.2. Non-Normative References . . . . . . . . . . . . . . . . . 22
Appendix A. Where to send Comments . . . . . . . . . . . . . . . 23
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 23
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23
Intellectual Property and Copyright Statements . . . . . . . . . . 24
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 2]
�
Internet-Draft SMS URI Scheme Jul 2007
1. Introduction
Compliant software MUST follow this specification. The capitalized
key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
1.1. What is GSM?
GSM (Global System for Mobile Communications) is a digital mobile
phone standard which is used extensively in many parts of the world.
First named after its frequency band around 900 MHz, GSM-900 has
provided the basis for several other networks utilizing GSM
technology, in particular GSM networks operating in the frequency
bands around 1800 MHz and 1900 MHz. When referring to "GSM" in this
document, we mean any of these GSM-based networks that operate a
short message service.
1.2. What is SMS?
The Short Message Service (SMS) [SMS] is an integral part of the GSM
network technology. It has been very successful and currently is a
major source of revenue for many GSM operators. SMS as a service is
so successful that other Global Switched Telephone Network (GSTN)
technologies have adapted it as well, in particular the Integrated
Services Digital Network (ISDN). Because of this development, this
memo uses the term "SMS client" to refer to user agents who are able
to send and/or receive SMS messages.
1.2.1. SMS content
GSM SMS messages are alphanumeric paging messages that can be sent to
and from SMS clients. SMS messages have a maximum length of 160
characters (7-bit characters from the GSM character set [SMS-CHAR]),
or 140 octets. Other character sets (such as UCS-2 16-bit
characters, resulting in 70 character messages) MAY also be supported
[SMS-CHAR], but are defined as being OPTIONAL by the SMS
specification. Consequently, applications handling SMS messages as
part of a chain of character processing applications MUST make sure
that character sets are correctly mapped to and from the character
set used for SMS messages.
While the 160 character variety for SMS messages is by far the most
widely used one, there are numerous other content types for SMS
messages, such as small bitmaps ("operator logos") and simple formats
for musical notes ("ring tones"). However, these formats are
proprietary and are not considered in this memo.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 3]
�
Internet-Draft SMS URI Scheme Jul 2007
SMS messages are very limited in length (140 octets), and the first
versions of the SMS specification did not specify any standardized
methods for concatenating SMS messages. As a consequence, several
proprietary methods were invented, but the current SMS specification
does specify message concatenation. In order to deal with this
situation, SMS clients composing messages SHOULD use the standard
concatenation method based on the header in the TP-User Data field as
specified in the SMS specification [SMS]. When sending a message to
an SMS recipient whose support for concatenated messages is unknown,
the SMS client MAY opt to use the backwards-compatible (text-based)
concatenation method defined in the SMS specification [SMS].
Proprietary concatenation methods SHOULD NOT be used except in closed
systems, where the capabilities of the recipient(s) are always known.
1.2.2. SMS infrastructure
SMS messages can be transmitted over an SMS client's network
interface using the signaling channels of the underlying GSTN
infrastructure, so there is no delay for call setup. Alternatively,
SMS messages MAY be submitted through other front-ends (for example
Web services), which makes it possible for SMS clients to run on
computers which are not directly connected to a GSTN network
supporting SMS.
SMS messages sent with the GSTN SMS service MUST be sent as class 1
SMS messages, if the client is able to specify the message class.
1.2.2.1. SMS Centers
SMS messages are stored by an entity called SMS Center (SMSC), and
sent to the recipient when the subscriber connects to the network.
The number of a cooperative SMSC must be known to the SMS sender
(i.e., the entity submitting the SMS message to a GSTN
infrastructure) when sending the message (usually, the SMSC's number
is configured in the SMS client and specific for the network operator
to which the sender has subscribed). In most situations, the SMSC
number is part of the sending SMS client's configuration. However,
in some special cases (such as when the SMS recipient only accepts
messages from a certain SMSC), it may be necessary to send the SMS
message over a specific SMSC.
Short messages can be mobile terminated (MT) or mobile originated
(MO). MT messages are the ones that arrive at SMS clients; MO
messages are sent by SMS clients. Networks may support either, both,
or none of these. For the purpose of this memo, it is important that
the sending SMS client is allowed to submit MO messages, and that the
receiver is allowed to receive MT messages.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 4]
�
Internet-Draft SMS URI Scheme Jul 2007
The exact setup of message submission and delivery is not subject of
this memo, it may incorporate additional hops in addition to the pure
SMS transport. For example, the sending SMS client may use a Web
service to submit the SMS message, and the receiving SMS client may
be set up to forward the SMS to an email account. For the purpose of
this memo, it is important that the receiver can be addressed by a
GSTN number, and that the sender can submit an SMS message using this
number.
1.2.3. SMS Telematic Interworking
While in most cases SMS messages are exchanged between SMS clients,
the SMS specification also includes provisions for so-called
"Telematic Interworking". In this scenario, the SMS message
specifies a Protocol Identifier, which identifies the service to
which the SMS message has to be submitted. In effect, this
implements a gateway functionality in the SMSC.
Telematic Interworking supports a number of services from Fax through
Telex and Internet Email up to voice telephone, where the gateway is
expected to make a text-to-speech transformation. The set of
possible services is defined by the SMS specification [SMS], but
network operators are not required to support any of these services.
SMS clients SHOULD implement support for Telematic Interworking,
which among other things means that users must be able to set the
Protocol Identifier field of generated SMS messages. If clients
support Telematic Interworking, they MUST indicate to the user the
changed semantics of the receiver number (e.g., if Fax is selected,
the receiver will be contacted via Fax rather than SMS).
In the following list the telematic devices (i.e., the services that
can be addressed using the Telematic Interworking mechanism) defined
by the SMS specification are described. The abbreviations are not
taken from the SMS specification, but are introduced by this memo for
identifying the device type using an SMS service qualifier keyword.
"IMPL": In this case the device type is implicitly defined, either
because the SMS Center knows it, or because it can be concluded on
the basis of the address.
"TELEX": Telex device
"G3FAX": Group 3 telefax device
"G4FAX": Group 4 telefax device
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 5]
�
Internet-Draft SMS URI Scheme Jul 2007
"VOICE": Voice telephone (this requires conversion to speech, but
there is no mechanism to specify a language)
"ERMES": ERMES (European Radio Messaging System)
"NATPAG": National paging system (this does not specify a specific
paging system but implies that the SMS center knows about a
particular national paging system)
"VIDEOTEX": Videotex
teletex: Teletex, either with an unspecified carrier or using PSPDN,
CSPDN, PSTN, or ISDN as carrier
"UCI": UCI (Universal Computer Interface)
reserved: 7 combinations are reserved which do not have a specified
meaning
"MH": Some message handling facility known to the SMS center (not
further specified)
x400: X.400-based message handling system
The SMS specification fails to specify how X.400 OR addresses are
actually embedded into SMS messages, so even though there is a
Protocol Identifier for X.400, it is impossible to encode the
recipient(s) of a message.
email: Internet electronic mail
The recipient(s) of SMS messages gatewayed to Internet electronic
mail are specified in the message's user data in a way defined by
the SMS specification.
specific: 7 combinations are defined to have a meaning specific to
each SMS center, their usage is based on mutual agreement between
SMS clients and the SMS center.
It is important to notice that some of the above devices require
additional information to be specified (in particular, the "Internet
electronic mail" format). The SMS specification defines the methods
how this has to be done (effectively by embedding the email
information into the SMS message's text).
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 6]
�
Internet-Draft SMS URI Scheme Jul 2007
1.3. Universal Resource Identifiers
One of the core specifications for identifying resources on the
Internet is RFC 3986 [RFC3986], specifying the syntax and semantics
of a Universal Resource Identifier (URI). The most important notion
of URIs are "schemes", which define a framework within which
resources can be uniquely identified and addressed. URIs enable
users to access resources, and are used for very diverse schemes such
as access protocols (HTTP, FTP), broadcast media (TV channels
[RFC2838]), messaging (email [RFC2368]), and even telephone numbers
(voice [RFC3966]).
URIs often are mentioned together with Universal Resource Names
(URNs) and/or Uniform Resource Locators (URLs), and it often is
unclear how to separate these concepts. For the purpose of this
memo, only the term URI will be used, referring to the most
fundamental concept. The World Wide Web Consortium (W3C) has issued
a note [uri-clarification] discussing the topic of URIs, URNs, and
URLs in detail.
1.4. SMS Messages and the Internet
One of the important reasons for the universal access of the Web is
the ability to access all information through a unique interface.
This kind of integration makes it easy to provide information as well
as to consume it. One aspect of this integration is the support of
user agents (in the case of the Web, commonly referred to as
browsers) for multiple content formats (such as HTML, GIF, JPEG) and
access schemes (such as HTTP, HTTP-S, FTP).
The "mailto" scheme has proven to be very useful and popular, because
most user agents support it by providing an email composition
facility when the user selects (e.g., clicks on) the URI. Similarly,
the "sms" scheme can be supported by user agents by providing an SMS
message composition facility when the user selects the URI. In cases
where the user agent does not provide a built-in SMS message
composition facility, the scheme could still be supported by opening
a Web page which provides such a service. The specific Web page to
be used could be configured by the user, so that each user could use
the SMS message composition service of his choice.
The goal of this memo is to specify the "sms" URI scheme, so that
user agents (such as Web browsers and email clients) could start to
support it. The "sms" URI scheme identifies SMS message endpoints as
resources. When "sms" URIs are dereferenced, implementations MAY
create a message and present it to be edited before being sent, or
they MAY use additional services to provide the functionality
necessary for composing a message and sending it to the SMS message
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 7]
�
Internet-Draft SMS URI Scheme Jul 2007
endpoint.
1.4.1. SMS Messages and the Web
SMS messages can provide an alternative to "mailto" URIs [RFC2368],
or "tel" or "fax" URIs [RFC3966]. When a "sms" URI is activated, the
user agent MAY start a program for sending an SMS message, just as
"mailto" may open a mail client. Unfortunately, most browsers do not
support the external handling of internally unsupported URI schemes
in the same generalized way as most of them support external handling
of content for MIME types which they do not support internally.
Ideally, user agents should implement generic URI parsers and provide
a way to associate unsupported schemes with external applications (or
Web services).
The recipient of an SMS message need not be a mobile phone. It can
be a server that can process SMS messages, either by gatewaying them
to another messaging system (such as regular electronic mail), or by
parsing them for supplementary services.
SMS messages can be used to transport almost any kind of data (even
though there is a very tight size limit), but the only standardized
data formats are character-based messages in different character
encodings. SMS messages have a maximum length of 160 characters
(when using 7-bit characters from the SMS character set), or 140
octets. However, SMS messages can be concatenated to form longer
messages. It is up to the user agent to decide whether to limit the
length of the message, and how to indicate this limit in its user
interface, if necessary. There is one exception to this, see
Section 2.5.
1.4.2. SMS Messages and Forms
The Hypertext Markup Language (HTML) [HTML401] provides a way to
collect information from a user and pass it to a server for
processing. This functionality is known as "HTML forms". A
filled-in form is usually sent to the destination using the Hypertext
Transfer Protocol (HTTP) or email. However, SMS messages can also be
used as the transport mechanism for these forms. As SMS transport is
"out-of-band" as far as normal HTTP over TCP/IP is concerned, this
provides a way to fill in forms offline, and send the data without
making a TCP connection to the server, as the set-up time, cost, and
overhead for a TCP connection are large compared to an SMS message.
Also, depending on the network configuration, the sender's telephone
number may be included in the SMS message, thus providing a weak form
of authentication.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 8]
�
Internet-Draft SMS URI Scheme Jul 2007
2. The "sms" URI Scheme
Syntax definitions are given using the Augmented BNF for Syntax
Specifications [RFC4234].
2.1. Applicability
This URI scheme is intended for sending an SMS message to certain
recipient(s). The functionality is quite similar to that of the
"mailto" URI, which (as per RFC 2368 [RFC2368]) can also be used with
a comma-separated list of email addresses.
In some situations, it may be necessary to guide the sender to send
the SMS message via a certain SMS Center (SMSC). For this purpose,
the URI may specify the number of a specific SMSC.
SMS messages may be sent through gateways to other services. These
gateways are operated inside SMS centers. An "sms" URI may specify
that a certain gateway should be used.
The notation for phone numbers is taken from [RFC3966]. Refer to
this document for information on why this particular format was
chosen.
How the SMS message is sent to the SMSC is outside the scope of this
specification. SMS messages can be sent over the GSM air interface,
by using a modem and a suitable protocol, or by accessing services
over other protocols, such as a Web service for sending SMS messages.
Also, SMS message service options like deferred delivery and delivery
notification requests are not within the scope of this document.
Such services MAY be requested from the network by the user agent if
necessary.
SMS messages sent as a result of this URI MUST be sent as class 1 SMS
messages, if the user agent is able to specify the message class.
2.2. Formal Definition
The URI scheme's keywords specified in the following syntax
description are case-insensitive. The syntax of an "sms" URI is
formally described as follows, where the URI base syntax is taken
from RFC 3986 [RFC3986]:
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 9]
�
Internet-Draft SMS URI Scheme Jul 2007
sms-uri = scheme ":" hier-part [ "?" sms-body ]
scheme = "sms"
hier-part = sms-recipient *( "," sms-recipient )
sms-recipient = sms-number sms-qualifier
sms-number = ( global-number / local-number )
global-number = "+" local-number
local-number = *phonedigit DIGIT *phonedigit
sms-qualifier = *( smsc-qualifier / pid-qualifier )
smsc-qualifier = ";smsc=" sms-number
pid-qualifier = ";pid=" pid-value
sms-body = "body=" query
pid-value = "IMPL" / "TELEX" / "G3FAX" / "G4FAX" / "VOICE"
/ "ERMES" / "NATPAG" / "VIDEOTEX" / teletex / "UCI"
/ reserved / "MH" / "X400" / email / specific
teletex = "TELETEX-"
( "UNSPEC" / "PSPDN" / "CSPDN" / "PSTN" / "ISDN" )
email = "SMTP:" address
reserved = "RES" ( "1" / "2" / "3" / "4" / "5" / "6" / "7" )
specific = "SPEC" ( "1" / "2" / "3" / "4" / "5" / "6" / "7" )
Some illustrative examples using this syntax are given in
Section 2.4.
The syntax definition for "phonedigit" is taken from RFC 3966
[RFC3966].
The syntax definition for "query" is taken from RFC 3986 [RFC3986],
please refer to that document.
The "sms-body" is used to define the body of the SMS message to be
composed. It consists of percent-encoded UTF-8 characters.
Implementations MUST make sure that the sms-body characters are
converted to a suitable character encoding before sending, the most
popular being the 7-bit SMS character encoding, another variant
(though not as universally supported as 7-bit SMS) is the UCS-2
character encoding (both specified in [SMS-CHAR]). Implementations
MAY choose to discard (or convert) characters in the sms-body that
are not supported by the SMS character set they are using to send the
SMS message. If they do discard or convert characters, they MUST
notify the user.
It should be noted that both the SMSC as well as the PID qualifier
may appear only once per sms-recipient. If multiple SMSC or PID
qualifiers are present, conforming software MUST interpret the first
occurrence and ignore all other occurrences.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 10]
�
Internet-Draft SMS URI Scheme Jul 2007
2.3. Processing an "sms" URI
The following list describes the steps for processing an "sms" URI:
1. The "gstn-phone" of the first "sms-recipient" is extracted. It
is the phone number of the final recipient and it MUST be written
in international form with country code, unless the number only
works from inside a certain geographical area or a network. Note
that some numbers may work from several networks but not from the
whole world - these SHOULD be written in international form.
According to RFC 3966 [RFC3966], all international numbers MUST
begin with a "+" character. Hyphens, dots, and parentheses
(referred to as "visual separators" in RFC 3966) are used only to
improve readability and MUST NOT convey any other meaning.
2. The "smsc-qualifier" of the first "sms-recipient" is extracted,
if present.
3. The "pid-qualifier" of the first "sms-recipient" is extracted, if
present.
4. The "sms-body" is extracted, if present.
5. The user agent should provide some means for message composition,
either by implementing this itself, or by accessing a service
providing it. Message composition SHOULD start with the body
extracted from the "sms-body", if present. If the "pid-
qualifier" is set to "pid=SMTP:...", then the user agent must
make sure that the email address is correctly set (as defined by
the SMS specification [SMS]) in the message being composed.
6. After message composition, a user agent SHOULD try to send the
message first using the SMSC set in the "smsc-qualifier" (if
present). If that fails, the user agent MAY try another SMSC.
7. If the URI consists of a comma-separated list of recipients
(i.e., contains multiple "sms-recipient" parts), all of them are
processed in this manner. Exactly the same message SHOULD be
sent to all of the listed recipients.
2.4. Examples of Use
sms:+41796431851
This indicates an SMS message capable recipient at the given
telephone number. The message is sent using the user agent's default
SMSC.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 11]
�
Internet-Draft SMS URI Scheme Jul 2007
sms:+41796431851;smsc=+41794999000
This indicates that the SMS message should be sent using the SMSC at
the given number.
sms:+41796431851,+4116321035;pid=fax
This URI should result in two SMS messages being sent, one to the
recipient number as shown in the example above, the other one being
sent as a fax to the second number (the fax is sent by the SMSC
performing the gatewaying, not by the user agent).
sms:+41796431851;pid=smtp:dret@berkeley.edu?body=hello%20there
In this case, a message (initially being set to "hello there", which
may have been modified by the user before sending) will be sent via
SMS using the SMS to email functionality in the SMSC, so that it will
eventually result in an email being sent to the specified email
address. In this case, interpretation of the phone number is left to
the SMSC, and is typically not used if the delivery of the email is
done with SMTP or some other email delivery mechanism.
2.5. Using "sms" URIs in HTML Forms
When using a "sms" type URI as an action URI for HTML form submission
[HTML401], the form contents MUST be packaged in the SMS message just
as they are packaged when using a "mailto" URI [RFC2368], using the
"application/x-www-form-urlencoded" MIME type, effectively packaging
all form data into URI compliant syntax [RFC3986]. The SMS message
MUST NOT contain any HTTP headers, only the form data. The MIME type
is implicit. It MUST NOT be transferred in the SMS message.
The character encoding used for form submissions MUST be UTF-8
[RFC2279]. It should be noted, however, that user agents MUST
percent-encode form submissions before sending them.
The user agent SHOULD inform the user about the possible security
hazards involved when submitting the form (it is probably being sent
as plain text over an air interface).
If the form submission is longer than the maximum SMS message size,
the user agent MAY either concatenate SMS messages, if it is able to
do so, or it MAY refuse to send the message. The user agent MUST NOT
send out partial form submissions.
Form submission via an "sms" URI can be combined with Telematic
Interworking to result in form submissions being submitted via an SMS
message and finally being sent to an email account. In this case,
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 12]
�
Internet-Draft SMS URI Scheme Jul 2007
all provisions for using the email "pid-qualifier" and using "sms"
URIs with HTML forms must be followed.
3. "sms" URIs and SMS Web Services
In many cases, user agents will not be able to directly compose and
send SMS messages (because this requires that such a service is
accessible to the system the user agent is running on). However, it
is likely that the user has access to a Web service that provides an
SMS service, such as a Web site offering form-based SMS composition.
Ideally, the user agent should access this Web service when
activating an "sms" URI, thus enabling the user to use the Web
service.
One problem with this approach is that the Web service should somehow
get the "sms" URI, in order to interpret it and set the required
parameters (such as the receiver's phone number). The easiest way to
implement this is for the user agent to add the "sms" URI as query
string to the Web service's URI. Consequently, user agents
supporting SMS Web services identified by URIs SHOULD append the
"sms" URI as query string to the Web services URI when accessing the
Web service. Web services providing SMS composition facilities
SHOULD expect to receive an "sms" URI as query string and should
process it as described by this memo. This method only can be
applied for Web service URIs which permit query strings (such as
"http" and "https" URIs). For other Web service URIs (such as "ftp"
and "mailto"), user agents as well as Web services MUST NOT use the
query string.
It should be noted that RFC 3986 [RFC3986] defines that within query
strings, the "gen-delims" characters ":", "/", "?", "#", "[", "]",
and "@" are reserved. It is therefore necessary to encode the "sms"
URI accordingly before appending it as query string.
3.1. Example
A document contains this fragment of (X)HTML:
Send me an SMS!
The user agent interpreting this document does not internally support
SMS message composition or sending, but has been configured to access
a Web service for handling "sms" URIs. This Web service has the
following URI:
http://sms.example.com/sms-form
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 13]
�
Internet-Draft SMS URI Scheme Jul 2007
When the user activates the "sms" URI (e.g., by clicking on the text
"Send me an SMS!"), the user agent sends a request to the SMS Web
service and acts as if the activated URI had been:
http://sms.example.com/sms-form?sms%3A+41796431851
The SMS Web service is then responsible for parsing the query string
and providing an appropriate interface, for example by already
filling in the recipient address with the number provided by the
"sms" URI. This way, the non-SMS capable user agent and the SMS Web
service can interact to provide the best integration of Web browsing
and SMS messaging to the user.
4. URI Scheme Registration
This memo requests the registration of the Universal Resource
Identifier (URI) scheme "sms" for specifying a recipient (and
optionally a gateway) for an SMS message. The registration request
complies with RFC 4395 [RFC4395].
4.1. URI Scheme Name
sms
4.2. Status
Provisional
4.3. URI Scheme Syntax
See Section 2.
4.4. URI Scheme Semantics
The "sms" URI scheme defines a URI scheme which does not directly
address a resource. Thus, the usual operations that may be performed
on resources do not apply. Instead, the "sms" defines a way how a
message may be composed which is then transmitted using the SMS
message transmission method. This scheme can thus be compared to be
"mailto" URI scheme [RFC2368]. See Section 2.3 for the details of
operation.
4.5. Encoding Considerations
The optional body field of "sms" URIs may contain a message text, but
this text uses percent-encoded UTF-8 characters and thus can always
be represented using URI characters. See Section 2 for the details
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 14]
�
Internet-Draft SMS URI Scheme Jul 2007
of encoding.
4.6. Applications/Protocols that use this URI Scheme Name
The "sms" URI scheme is intended to be used in a similar way as the
"mailto" URI scheme [RFC2368]. By using "sms" URIs, authors can
embed information into documents which can be used as a starting
point for initiating message composition. Whether the client is
sending the message itself (for example over a GSM air interface) or
redirecting the user to a third party for message composition (such
as a Web service for sending SMS messages) is outside of the scope of
the URI scheme definition.
4.7. Interoperability Considerations
No interoperability issues have been identified.
4.8. Security Considerations
See Section 5.
4.9. Contact
Erik Wilde
UC Berkeley
Berkeley, CA 94720-4600
U.S.A.
tel:+1-510-6432252
mailto:dret@berkeley.edu
5. Security Considerations
SMS messages are transported without any provisions for privacy or
integrity, so SMS users should be aware of these inherent security
problems of SMS messages. Unlike electronic mail, where additional
mechanisms exist to layer security features on top of the basic
infrastructure, there currently is no such framework for SMS
messages.
SMS messages very often are delivered almost instantaneously (if the
receiving SMS client is online), but there is no guarantee for when
SMS messages will be delivered. In particular, SMS messages between
different network operators sometimes take a long time to be
delivered (hours or even days) or are not delivered at all, so
applications SHOULD NOT make any assumptions about the reliability
and performance of SMS message transmission.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 15]
�
Internet-Draft SMS URI Scheme Jul 2007
In most networks, sending SMS messages is not a free service.
Therefore, SMS clients MUST make sure that any action that incurs
costs is acknowledged by the end user, unless explicitly instructed
otherwise by the end user. If an SMS client has different ways of
submitting an SMS message (such as a Web service and a phone line),
then the end user MUST have a way to control which way is chosen.
SMS clients often are limited devices (typically mobile phones), and
the sending SMS client SHOULD NOT make any assumptions about the
receiving SMS client supporting any non-standard services, such as
proprietary message concatenation or proprietary content types.
However, if the sending SMS client has prior knowledge about the
receiving SMS client, then he MAY use this knowledge to compose non-
standard SMS messages.
There are certain special SMS messages defined in the SMS
specification [SMS] that can be used, for example, to turn on
indicators on the phone display, or to send data to certain
communication ports (comparable to UDP ports) on the device. Certain
proprietary systems (for example, the Wireless Application Protocol
[WAP]) define configuration messages that may be used to reconfigure
the devices remotely. Any SMS client SHOULD make sure that malicious
use of such messages is not possible, for example by filtering out
certain SMS User Data headers. Gateways that accept SMS messages
e.g. in e-mail messages or Web forms and pass them on to an SMSC,
SHOULD implement this kind of 'firewalling' approach as well.
Because the narrow bandwidth of the SMS communications channel, there
should also be checks in place for excessively long concatenated
messages. As an example, it may take two minutes to transfer thirty
concatenated text messages.
Unchecked input from a user MUST NOT be used to populate any other
fields in a SMS message other than the User Data field (not including
the User Data Header field). All other parts, including the User
Data Header, of the short message should only be generated by trusted
means.
By including SMS URIs in unsolicited messages (a.k.a. "spam") or
other types of advertising, the originator of the SMS URIs may
attempt to reveal an individual's phone number and/or to link the
identity (i.e., e-mail address) used for messaging with the identity
(i.e., phone number) used for the mobile phone. This attempt to
collect information may be a privacy issue, and user agents may make
users aware of that risk before composing or sending SMS messages.
Users agents which do not provide any feedback about this privacy
issue make users more vulnerable to this kind of attack.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 16]
�
Internet-Draft SMS URI Scheme Jul 2007
A user agent SHOULD NOT send out SMS messages without the knowledge
of the user, because of associated risks, which include sending
masses of SMS messages to a subscriber without his consent, and the
costs involved in sending an SMS message.
The user agent SHOULD have some mechanism that the user can use to
filter out unwanted destinations for SMS messages. The user agent
SHOULD also have some means of restricting the number of SMS messages
being sent as the result of activating one "sms" URI.
If an "sms" URI contains a pid-qualifier and the user agent supports
the qualifier and its value, then the user agent MUST set the SMS
message's PID as specified by the qualifier. User agents MAY inform
users about the value and the functional consequences of PID
qualifiers (e.g., by notifying users that sending the SMS effectively
will result in a fax message being delivered, rather than an SMS
message).
The method described in Section 3 ("sms" URIs and SMS Web Services)
adds another level of indirection to the handling of "sms" URIs. If
this method is combined with the pid-qualifier gateway functionality,
SMS composition and reception will probably be distributed over three
different protocols (the Web service, SMS transport itself, and the
service selected by the pid-qualifier). User agents SHOULD make this
clear to users (either when the Web service is being configured, or
when it is accessed).
The Telematic Interworking functionality of the SMSC addressed by the
pid-qualifier is not necessarily implemented by the SMSC being used,
and SMSC providers are known for not or not correctly supporting some
or all pid-qualifier values. User agents SHOULD take into account
that the success rate of SMS messages being sent using pid-qualifiers
is lower than that of "plain" SMS messages.
As suggested functionality, the user agent MAY offer a possibility
for the user to filter out those gstn-phone numbers that are
expressed in local format, as most premium-rate numbers are expressed
in local format, and because determining the correct local context
(and hence the validity of the number to this specific user) may be
very difficult.
When using SMS URIs as targets of forms (as described in
Section 2.5), the user agent SHOULD inform the user about the
possible security hazards involved when submitting the form (it is
probably being sent as plain text over an air interface).
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 17]
�
Internet-Draft SMS URI Scheme Jul 2007
6. Change Log
This section will not be part of the final RFC text, it serves as a
container to collect the history of the individual draft versions.
6.1. From -11 to -12
o Integrated draft-wilde-sms-service-11 and
draft-wilde-sms-uri-registration-00 into this draft. This draft
is now self-contained.
o Changed the phone number notation to use the definition from RFC
3966 [RFC3966] rather than RFC 3601 (RFC 3966 is a simpler
notation disallowing some of the special characters allowed by RFC
3601).
o Rephrased various parts of Section 5.
o Removed Section "Author/Change Controller".
o RFC 2806 (tel URI scheme) has been obsoleted by [RFC3966].
6.2. From -10 to -11
o RFC 2234 (ABNF) has been obsoleted by [RFC4234].
o Updated reference information for [SMS] and [SMS-CHAR].
o Minor textual changes.
6.3. From -09 to -10
o Added security consideration about filtering local format phone
numbers.
o Changed IPR clause from RFC 3667 to RFC 3978 (updated version of
RFC 3667).
6.4. From -08 to -09
o Fixed syntax error in hier-part and sms-recipient non-terminals,
which allowed sms-recipients to be concatenated without comma
separation.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 18]
�
Internet-Draft SMS URI Scheme Jul 2007
6.5. From -07 to -08
o URIs are now defined by RFC 3986 [RFC3986], so the text (including
the syntax definitions) and the references have been updated.
6.6. From -06 to -07
o Changed IPR clause from RFC 2026 to RFC 3667 (updated version of
RFC 2026).
6.7. From -05 to -06
o Updated reference from draft-allocchio-gstn to RFC 3601.
6.8. From -04 to -05
o Updated reference to SMS spec to the version referenced in the SMS
service draft.
6.9. From -03 to -04
o Updated reference to draft-allocchio-gstn (to revision -05).
6.10. From -02 to -03
o Changed ordering of "change Log" section (descending to
ascending).
o Clarified the wording at the beginning of Section 2.2 about only
the keywords of the scheme being case-insensitive.
o Changed "sms-body" to be a URI query string.
o Added some text describing "sms" URIs as addressing resources.
6.11. From -01 to -02
o Changed the sms-body field to percent-encoded UTF-8 characters.
6.12. From -00 to -01
o Added the "sms-body" field and its processing rules.
o Added Section 3 about using "sms" URIs as query strings for SMS
Web services.
o Fixed typo in ABNF (said "global-phone" instead of "gstn-phone").
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 19]
�
Internet-Draft SMS URI Scheme Jul 2007
o Added some explanatory text about form submissions using email
Telematic Interworking.
o Added some text about character encoding in form submissions.
6.13. Change Log of draft-wilde-sms-service
This section contains the change log of draft-wilde-sms-service-11
before it was incorporated into this document at version
draft-wilde-sms-uri-12.
6.13.1. From -10 to -11
o RFC 2234 (ABNF) has been obsoleted by [RFC4234].
o Added new security issue in Section 5.
o Updated reference information for [SMS] and [SMS-CHAR].
o Minor textual changes.
6.13.2. From -09 to -10
o Changed IPR clause from RFC 3667 to RFC 3978 (updated version of
RFC 3667).
6.13.3. From -08 to -09
o No changes, re-release for alignment with draft-wilde-sms-uri.
6.13.4. From -07 to -08
o No changes, re-release for alignment with draft-wilde-sms-uri.
6.13.5. From -06 to -07
o Changed IPR clause from RFC 2026 to RFC 3667 (updated version of
RFC 2026).
6.13.6. From -05 to -06
o Updated reference from draft-allocchio-gstn-05 to RFC 3601.
6.13.7. From -04 to -05
o No changes, re-release for alignment with draft-wilde-sms-uri.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 20]
�
Internet-Draft SMS URI Scheme Jul 2007
6.13.8. From -03 to -04
o Updated reference to draft-allocchio-gstn (to revision -05).
6.13.9. From -02 to -03
o Changed ordering of "change Log" section (descending to
ascending).
o Fixed some spelling errors.
6.13.10. From -01 to -02
o Removed address specification for X.400 SMS from ABNF
(surprisingly not part of the SMS spec).
o Added some explanatory text about character set mapping for SMS
messages.
o Added text requiring the use of message class 1 for sending SMS
messages.
6.13.11. From -00 to -01
o Added a number of new security considerations.
o Added the "PID" qualif-type1 keyword and the section about "SMS
Telematic Interworking" Section 1.2.3.
7. References
7.1. Normative References
[HTML401] Raggett, D., Le Hors, A., and I. Jacobs, "HTML 4.01
Specification", W3C REC-html401, December 1999,
.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997.
[RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO
10646", RFC 2279, January 1998.
[RFC2822] Resnick, P., "Internet Message Format", RFC 2822,
April 2001.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 21]
�
Internet-Draft SMS URI Scheme Jul 2007
RFC 3966, December 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", RFC 3986,
January 2005.
[RFC4234] Crocker, D. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", RFC 4234, October 2005.
[RFC4395] Hansen, T., Hardie, T., and L. Masinter, "Guidelines and
Registration Procedures for New URI Schemes", RFC 4395,
February 2006.
[SMS] European Telecommunications Standards Institute, "3GPP TS
03.40 (Version 7.5.0 Release 1998): 3rd Generation
Partnership Project; Technical Specification Group
Terminals; Technical realization of the Short Message
Service (SMS)", December 2001, .
[SMS-CHAR]
European Telecommunications Standards Institute, "TS 100
900 (GSM 03.38 version 7.2.0 Release 1998): Digital
Cellular Telecommunications System (Phase 2+); Alphabets
and language-specific information", July 1999, .
7.2. Non-Normative References
[RFC2368] Hoffmann, P., Masinter, L., and J. Zawinski, "The mailto
URL scheme", RFC 2368, June 1998.
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
June 1999.
[RFC2838] Zigmond, D. and M. Vickers, "Uniform Resource Identifiers
for Television Broadcasts", RFC 2838, May 2000.
[WAP] WAP Forum, "Wireless Application Protocol - Architecture
Specification (WAP-210-WAPArch-20010712)", July 2001.
[uri-clarification]
World Wide Web Consortium, "URIs, URLs, and URNs:
Clarifications and Recommendations 1.0", W3C uri-
clarification , September 2001,
.
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 22]
�
Internet-Draft SMS URI Scheme Jul 2007
Appendix A. Where to send Comments
Please send all comments and questions concerning this document to
Erik Wilde.
Appendix B. Acknowledgements
This document has been prepared using the IETF document DTD described
in RFC 2629 [RFC2629].
Thanks to Claudio Allocchio for his comments.
Authors' Addresses
Erik Wilde
UC Berkeley
Berkeley, CA 94720-4600
U.S.A.
Phone: +1-510-6432253
Email: dret@berkeley.edu
URI: http://dret.net/netdret/
Antti Vaha-Sipila
Nokia
Email: antti.vaha-sipila@nokia.com
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 23]
�
Internet-Draft SMS URI Scheme Jul 2007
Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Wilde & Vaha-Sipila Expires January 24, 2008 [Page 24]
�