ETSI TS 103 120 V1.4.1 (2019-12)

TECHNICAL SPECIFICATION
Lawful Interception (LI);
Interface for warrant information


2 ETSI TS 103 120 V1.4.1 (2019-12)

Reference
RTS/LI-00172
Keywords
eWarrant, lawful disclosure, lawful interception,
warrant, warrantry
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2019.
All rights reserved.
DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.

3GPP™ and LTE™ are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners. ®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI
3 ETSI TS 103 120 V1.4.1 (2019-12)
Contents
Intellectual Property Rights . 7
Foreword . 7
Modal verbs terminology . 7
Executive summary . 7
Introduction . 7
1 Scope . 8
2 References . 8
2.1 Normative references . 8
2.2 Informative references . 9
3 Definition of terms, symbols and abbreviations . 10
3.1 Terms . 10
3.2 Symbols . 10
3.3 Abbreviations . 10
4 Structure and model. 11
4.1 Structure of the standard . 11
4.2 Structure of the present document . 11
4.3 Reference model . 12
5 Message Exchange . 13
6 Message Structure . 13
6.1 Overview . 13
6.2 Message Header . 14
6.2.1 Introduction. 14
6.2.2 Structure . 14
6.2.3 Version . 14
6.2.4 EndpointID . 15
6.2.5 Transaction Identifiers . 15
6.3 Message Payload . 16
6.3.1 Introduction. 16
6.3.2 Request Payload . 16
6.3.3 Response Payload . 16
6.4 Action Request and Responses . 16
6.4.1 Overview . 16
6.4.2 Action Requests . 16
6.4.3 Action Responses . 17
6.4.4 Action Identifiers . 17
6.4.5 GET . 17
6.4.6 CREATE . 18
6.4.7 UPDATE . 18
6.4.8 LIST . 19
6.4.9 Action Unsuccessful Information . 20
6.4.10 DELIVER . 21
7 Data Definitions . 21
7.1 HI-1 Object . 21
7.1.1 Overview . 21
7.1.2 ObjectIdentifier . 22
7.1.3 Generation. 22
7.1.4 AssociatedObjects . 22
7.1.5 LastChanged . 22
7.1.6 NationalHandlingParameters . 22
7.2 Authorisation Object . 22
7.2.1 Overview . 22
ETSI
4 ETSI TS 103 120 V1.4.1 (2019-12)
7.2.2 AuthorisationReference . 23
7.2.3 AuthorisationLegalType . 23
7.2.4 AuthorisationPriority . 24
7.2.5 AuthorisationStatus . 24
7.2.6 AuthorisationDesiredStatus . 25
7.2.7 AuthorisationTimespan . 25
7.2.8 AuthorisationCSPID . 25
7.2.9 AuthorisationCreationTimestamp . 25
7.2.10 AuthorisationServedTimestamp . 25
7.2.11 AuthorisationApprovalDetails . 25
7.2.12 AuthorisationFlags . 26
7.3 Document Object . 26
7.3.1 Overview . 26
7.3.2 DocumentReference. 27
7.3.3 DocumentName . 27
7.3.4 DocumentStatus . 27
7.3.5 DocumentDesiredStatus . 27
7.3.6 DocumentTimespan . 28
7.3.7 DocumentType . 28
7.3.8 DocumentProperties. 28
7.3.9 DocumentBody . 28
7.3.10 DocumentSignature . 29
7.4 Notification Object . 29
7.4.1 Overview . 29
7.4.2 NotificationDetails . 30
7.4.3 NotificationType . 30
7.4.4 NewNotification . 30
7.4.5 NotificationTimestamp . 30
7.4.6 NationalNotificationParameters . 30
8 Task Objects . 31
8.1 Overview . 31
8.2 LITaskObject . 31
8.2.1 Overview . 31
8.2.2 Reference . 32
8.2.3 Status . 32
8.2.4 DesiredStatus . 32
8.2.5 TimeSpan . 33
8.2.6 TargetIdentifier . 33
8.2.6.1 Overview . 33
8.2.6.2 TargetIdentifierValues Field . 33
8.2.6.3 FormatType . 34
8.2.6.4 Task Service Type . 34
8.2.7 DeliveryType . 34
8.2.8 TaskDeliveryDetails . 35
8.2.8.1 Overview . 35
8.2.8.2 DeliveryDestination . 35
8.2.8.3 DeliveryAddress . 36
8.2.8.4 HandoverFormat . 36
8.2.9 ApprovalDetails . 36
8.2.10 CSPID . 36
8.2.11 HandlingProfile . 36
8.2.12 Flags. 36
8.3 LDTaskObject . 37
8.3.1 Overview . 37
8.3.2 Reference . 37
8.3.3 Status . 38
8.3.4 DesiredStatus . 38
8.3.5 RequestDetails . 38
8.3.5.1 Overview . 38
8.3.5.2 Type . 39
8.3.5.3 RequestValues . 39
ETSI
5 ETSI TS 103 120 V1.4.1 (2019-12)
8.3.5.4 FormatType . 40
8.3.6 DeliveryDetails . 40
8.3.6.1 Overview . 40
8.3.6.2 LDDeliveryDestination . 41
8.3.6.3 HandoverFormat . 41
8.3.7 Flags. 41
9 Transport and Encoding . 42
9.1 Overview . 42
9.2 Encoding. 42
9.2.1 XML Schema . 42
9.2.2 Error conditions . 42
9.2.3 Message signing and encryption . 42
9.3 HTTP Transport . 42
9.3.1 Use of HTTP . 42
9.3.2 Client/Server architecture . 42
9.3.3 HTTP Configuration . 42
9.3.4 Transport security . 43
9.4 Nationally-defined Transport . 43
10 Delivery Object . 43
10.1 Overview . 43
10.2 DeliveryObject . 43
10.2.1 Overview . 43
10.2.2 Manifest . 44
10.2.3 Delivery . 44
Annex A (informative): Example usage scenarios for HI-1 . 46
A.1 Overview . 46
A.2 Direct communication . 46
A.3 Single "Central Authority" . 46
A.4 Multiple Approving Authorities . 47
A.4.1 Overview . 47
A.4.2 "Serial" interaction . 47
A.4.3 "Parallel" interaction . 48
Annex B (informative): Example Template National Profile . 50
B.1 Introduction . 50
B.1.1 Overview . 50
B.1.2 Structure of this annex . 50
B.1.3 Checklist for National Profile authors . 50
B.1.4 Details of the fictional national jurisdiction . 51
B.2 Example National Profile . 52
B.2.1 Approach and reference model . 52
B.2.1.1 Overview . 52
B.2.1.2 Warrants . 52
B.2.1.3 Tasking Instructions . 52
B.2.1.4 Representation by HI-1 Objects . 53
B.2.2 Message Structure . 53
B.2.2.1 Overview . 53
B.2.2.2 Version information . 53
B.2.2.3 Sender and Receiver Identifiers . 53
B.2.2.4 LIST semantics . 53
B.2.3 Data Definitions . 54
B.2.3.1 Overview . 54
B.2.3.2 Object Identifiers . 54
B.2.3.3 Generic Object Fields . 54
B.2.3.4 Authorisation Objects . 54
B.2.3.5 Document Objects . 55
ETSI
6 ETSI TS 103 120 V1.4.1 (2019-12)
B.2.3.6 Notification Objects . 56
B.2.3.7 LITaskObjects . 56
B.2.4 Transport and Encoding . 57
B.2.5 Example XML . 57
B.2.5.1 Introduction. 57
B.2.5.2 Void . 58
B.2.5.3 Void . 58
B.2.5.4 Void . 58
B.2.5.5 Void . 58
B.2.5.6 Void . 58
B.2.5.7 Void . 58
Annex C (normative): ETSI Target Identifier and Request Value Format Definitions . 59
C.1 Overview . 59
C.2 Definitions . 59
Annex D (normative): Error Codes . 61
D.1 Detailed error codes. 61
Annex E (normative): Approval Details . 62
E.1 Overview . 62
E.2 ApprovalType . 62
E.3 ApprovalDescription . 62
E.4 ApprovalReference . 62
E.5 ApproverDetails . 63
E.5.1 Overview . 63
E.5.2 ApproverIdentity . 63
E.6 ApprovalTimestamp . 63
E.7 ApprovalIsEmergency . 63
E.8 ApprovalDigitalSignature . 64
E.8.1 Overview . 64
Annex F (normative): Dictionaries . 65
F.1 Overview . 65
F.2 DictionaryEntry type . 65
F.3 Definition and use of dictionaries . 65
F.3.1 Overview . 65
F.3.2 Owner . 66
F.3.3 Name . 66
F.3.4 Use of dictionaries . 66
F.3.5 Machine-readable dictionary definitions . 66
Annex G (normative): Drafting conventions for National Parameters . 67
G.1 Overview . 67
G.2 Drafting conventions . 67
Annex H (informative): Bibliography . 68
Annex I (informative): Change Request history . 69
History . 70

ETSI
7 ETSI TS 103 120 V1.4.1 (2019-12)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI).
Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Executive summary
The present document defines a protocol for the electronic exchange of legal and technical information for the purposes
of establishing and managing lawfully required actions (e.g. Lawful Interception). In this phase, the present document is
intended to provide the underlying functionality for HI-1, as defined in the ETSI LI Reference Model, and it has been
designed for applicability beyond LI in future phases.
Introduction
The present document was constructed in multiple phases. The first phase of the present document consisted of a
reference architecture. It was created by investigating current practices and procedures across TC LI. It makes clear the
distinction between the process of communicating with the Communication Service Provider to inform them about the
interception details (commonly called "tasking") and also communication among government/law
enforcement/judiciary to establish the warrant (commonly called "warrantry"). The second phase of the present
document provided a standardized detailed interface based on the architecture in the first phase, in particular for LI. The
present document anticipates that future phases will add other requests for legal action.

ETSI
8 ETSI TS 103 120 V1.4.1 (2019-12)
1 Scope
The present document defines an electronic interface between two systems for the exchange of information relating to
the establishment and management of lawful required action, typically Lawful Interception. Typically this interface
would be used between: on one side, a Communications Service Provider; and, on the other side, a Government or Law
Enforcement Agency who is entitled to request a lawful action. The present document is a specific and detailed example
of one particular Warrantry interface for eWarrants [i.1].
The ETSI reference model for LI (ETSI TS 101 671 [1] or ETSI TS 102 232-1 [2]) defines three interfaces between law
enforcement and CSPs, called HI-1, HI-2 and HI-3. The protocol defined in the present document is designed to provide
a large part of the functionality for HI-1. It is not designed to be used for HI-2 (delivery of intercept related information)
or HI-3 (delivery of communications content). The protocol designed in the present document may also be used for
interfaces which require structured exchange of information relating to the establishment and management of Lawful
Interception. The general view is that the HI-1 concept can also be used for other legal actions than LI. For that reason
the present document could, besides LI, also be applied for retained data requests, seized data requests, data
preservation orders and other similar legal requests.
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference/.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI TS 101 671: "Lawful Interception (LI); Handover interface for the lawful interception of
telecommunications traffic".
NOTE: ETSI TS 101 671 is in status "historical" and is not maintained.
[2] ETSI TS 102 232-1: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 1: Handover specification for IP delivery".
[3] IETF RFC 4122: "A Universally Unique IDentifier (UUID) URN Namespace".
[4] W3C Recommendation 26 November 2008: "Extensible Markup Language (XML) 1.0".
[5] IETF RFC 2818: "HTTP over TLS".
[6] IETF RFC 4279: "Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)".
[7] ETSI TS 103 280: "Lawful Interception (LI); Dictionary for common parameters".
[8] IETF RFC 1738: "Uniform Resource Locators (URL)".
NOTE: Obsoleted by IETF RFC 4248 and IETF RFC 4266.
[9] IETF RFC 2045: "Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet
Message Bodies".
[10] IETF RFC 2046: "Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types".
[11] IETF RFC 1321: "The MD5 Message-Digest Algorithm".
ETSI
9 ETSI TS 103 120 V1.4.1 (2019-12)
[12] W3C Recommendation, 14 December 2017: "HTML 5.2".
[13] IEEE POSIX 1003.1™-2017: " IEEE Standard for Information Technology--Portable Operating
System Interface (POSIX(R)) Base Specifications, Issue 7".
[14] ISO 3166-1: "Codes for the representation of names of countries and their subdivisions - Part 1:
Country codes".
[15] ETSI TS 102 232-2: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 2: Service-specific details for messaging services".
[16] ETSI TS 102 232-3: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 3: Service-specific details for internet access services".
[17] ETSI TS 102 232-4: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 4: Service-specific details for Layer 2 services".
[18] ETSI TS 102 232-5: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 5: Service-specific details for IP Multimedia Services".
[19] ETSI TS 102 232-6: "Lawful Interception (LI); Handover Interface and Service-Specific Details
(SSD) for IP delivery; Part 6: Service-specific details for PSTN/ISDN services".
[20] ETSI TS 102 232-7: "Lawful Interception (LI); Handover Interface and Service-Specific Det
...