SIST-TS TS 101 321 V2.1.1:2004

SLOVENSKI STANDARD
01-april-2004
+DUPRQL]DFLMDWHOHNRPXQLNDFLMLQLQWHUQHWQHJDSURWRNRODSUHNRPUHåLM7,3+21
3URWRNRORGSUWHJDGRJRYRUD263]DPHGGRPHQVNRL]PHQMDYR]DUDþXQDYDQMD
DYWRUL]DFLMHLQXSRUDEH
Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON);
Open Settlement Protocol (OSP) for Inter-Domain pricing, authorization, and usage
exchange
Ta slovenski standard je istoveten z: ETSI TS 101 321 V2.1.1 (2000-08)
ICS:
33.040.30 Komutacijski in signalizacijski Switching and signalling
sistem systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

Technical Specification
Telecommunications and Internet Protocol
Harmonization Over Networks (TIPHON);
Open Settlement Protocol (OSP) for
Inter-Domain pricing, authorization,
and usage exchange
2 ETSI TS 101 321 V2.1.1 (2000-08)
Reference
RTS/TIPHON-03004.2
Keywords
internet, network, interoperability, protocol,
telephony, IP
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.:+33492944200 Fax:+33 493654716
Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88
Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at http://www.etsi.org/tb/status/
If you find errors in the present document, send your comment to:
editor@etsi.fr
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2000.
All rights reserved.
ETSI
3 ETSI TS 101 321 V2.1.1 (2000-08)
Contents
Intellectual Property Rights.7
Foreword.7
Introduction .7
1 Scope .8
2 References .8
3 Abbreviations .9
4 Open Settlement Protocol Architecture.10
4.1 Communication Protocols .10
4.1.1 Secure Sockets Layer/Transport Layer Security.10
4.1.2 Hypertext Transfer Protocol .10
4.2 Message Format .11
4.2.1 Multipurpose Internet Mail Extensions.11
4.2.2 Extensible Markup Language .11
4.2.3 Secure MIME.12
5 Protocol Profiles.12
5.1 Secure Sockets Layer/Transport Layer Security .12
5.1.1 Protocol Version .12
5.1.2 Client/Server Roles.12
5.1.3 CipherSuites.12
5.2 Hypertext Transfer Protocol.12
5.2.1 Protocol Version .12
5.2.2 Client/Server Roles.12
5.2.3 TCP Port .13
5.2.4 HTTP Methods .13
5.2.5 Uniform Resource Identifier.13
5.2.6 HTTP Headers .13
5.2.7 HTTP Entity Body.13
6 XML Content .13
6.1 Document Structure.13
6.1.1 Multipurpose Internet Mail Extensions Conformance.13
6.1.1.1 Content-Type .13
6.1.1.2 Content-Length .14
6.1.1.3 Transfer Encoding.14
6.1.2 XML Conformance.14
6.1.2.1 XML Version .14
6.1.2.2 Well-Formed Constraint.14
6.1.2.3 Character Encoding.14
6.1.3 XML Framework .15
6.1.3.1 Root Entity .15
6.1.3.2 Random Attribute.15
6.1.3.3 Identifier Attribute .15
6.1.3.4 Critical Attribute .16
6.1.3.5 Extensions .16
6.2 Components.16
6.2.1 PricingIndication.16
6.2.2 PricingConfirmation .17
6.2.3 AuthorizationRequest .17
6.2.4 AuthorizationResponse.18
6.2.5 AuthorizationIndication .18
6.2.6 AuthorizationConfirmation.18
6.2.7 UsageIndication .18
ETSI
4 ETSI TS 101 321 V2.1.1 (2000-08)
6.2.8 UsageConfirmation.18
6.2.9 ReauthorizationRequest .19
6.2.10 ReauthorizationResponse.19
6.2.11 SubscriberAuthenticationRequest.19
6.2.12 SubscriberAuthenticationResponse .19
6.2.13 CapabilitiesIndication .19
6.2.14 CapabilitiesConfirmation.20
6.3 Elements.20
6.3.1 Amount .20
6.3.2 AuthorityURL.20
6.3.3 CallId .20
6.3.4 Code.21
6.3.5 Currency .21
6.3.6 Description.22
6.3.7 Destination.22
6.3.8 DestinationAlternate .22
6.3.9 DestinationInfo .22
6.3.10 DestinationSignalAddress.23
6.3.11 Increment .23
6.3.12 MaximumDestinations.23
6.3.13 Role.23
6.3.14 Service .24
6.3.15 SourceAlternate .24
6.3.16 SourceInfo.24
6.3.17 SourceSignalAddress.24
6.3.18 Status .25
6.3.19 Timestamp .25
6.3.20 Token.25
6.3.21 TransactionId .25
6.3.22 Unit .26
6.3.23 UsageDetail.26
6.3.24 ValidAfter.26
6.3.25 ValidUntil .26
6.3.26 EndTime .26
6.3.27 StartTime .26
6.3.28 TCCode.27
6.3.29 TerminationCause.28
6.3.30 Certificate .28
6.3.31 CertificateChain.28
6.3.32 OSPCapability .29
6.3.33 OSPService.29
6.3.34 OSPServiceURL .29
6.3.35 OSPSignatureRequired .29
6.3.36 OSPVersion .30
6.3.37 SubscriberAuthenticationInfo.30
6.3.38 DeviceInfo .30
6.3.39 DeviceId.30
6.3.40 Resources.30
6.3.41 DataRate .30
6.3.42 NumberOfChannels .31
6.3.43 Bandwidth.31
6.3.44 AlmostOutOfResources .31
7 Signature Format.31
7.1 Canonical Form.31
7.2 Signature Algorithms .32
7.3 Transfer Encoding .32
8 Protocol Behaviour.32
8.1 Message Sequencing .32
8.2 Exception Handling.33
8.2.1 Transmission Control Protocol .33
ETSI
5 ETSI TS 101 321 V2.1.1 (2000-08)
8.2.2 Secure Socket Layer/Transport Layer Security .33
8.2.3 Hypertext Transfer Protocol .34
8.2.4 Status Element .34
Annex A (normative): Document Type Definition .35
Annex B (normative): Cryptographic Algorithms.38
B.1 SSL/TLS CipherSuites .38
B.2 S/MIME Signatures.38
B.3 Tokens .38
Annex C (normative): Enhanced Usage Reports.39
C.1 Enhanced Usage Elements .39
C.1.1 Statistics .39
C.1.2 LossSent .39
C.1.3 Packets.39
C.1.4 Fraction .39
C.1.5 LossReceived .39
C.1.6 OneWayDelay .39
C.1.7 Minimum.40
C.1.8 Mean.40
C.1.9 Variance .40
C.1.10 Samples .40
C.1.11 RoundTripDelay.40
Annex D (informative): Token Formats .41
D.1 Cryptographic Encoding.41
D.2 Token Content.42
D.2.1 ASN.1 Format .42
D.2.2 XML Format .43
D.2.3 Binary XML Format.43
D.3 Token Carriage.43
D.4 Sample Token.45
Annex E (informative): Example Messages .46
E.1 Pricing Exchange.46
E.2 Authorization Exchange.48
E.3 Usage Exchange .50
E.4 Subscriber Authentication Exchange .51
E.5 Capabilities Exchange .52
Annex F (informative): Billing Format Conversion.54
Annex G (informative): XML Overview.58
G.1 Document Definition.58
G.2 Element Declaration.58
G.3 Attribute Declaration.59
Annex H (informative): Binary XML Content Format for OSP.60
H.1 Global Extension Tokens .61
H.2 Example Application.63
ETSI
6 ETSI TS 101 321 V2.1.1 (2000-08)
H.2.1 Standard XML Format (505 bytes) .63
H.2.2 Binary XML Content Format (160 bytes) .63
Annex I (normative): PICS proforma for OSP (TS 101 321) v2.1.1.64
I.1 Guidance for completing the PICS proforma.64
I.1.1 Purposes and structure.64
I.1.2 Abbreviations and conventions .64
I.1.3 Instructions for completing the PICS proforma.66
I.2 Identification of the implementation .66
I.2.1 Date of the statement.66
I.2.2 Implementation Under Test (IUT) identification .67
I.2.3 System Under Test (SUT) identification.67
I.2.4 Product supplier.67
I.2.5 Client (if different from product supplier).68
I.2.6 PICS contact person .68
I.3 PICS .69
I.3.1 Identification of the protocol.69
I.3.2 Global Statement of Conformance .69
I.3.3 Roles.69
I.3.4 Major capabilities.69
I.3.5 Secure Socket Layer Security Capabilities.70
I.3.6 Hypertext Transfer Protocol Capabilities .70
I.3.7 Multipurpose Internet Mail Extensions Capabilities .72
I.3.8 Extensible Markup Language Capabilities.72
I.3.9 Root Message Capabilities .73
I.3.10 Message support.74
I.3.11 Authorization Token Support.77
I.3.12 XML Extensions .82
Annex J (informative): OSP Applications and Implementations.83
J.1 Call Control Protocols.83
J.1.1 Peer-to-Peer Architecture .83
J.1.1.1 H.323 Gateways.83
J.1.1.1.1 Call Routing and Authorization .84
J.1.1.1.2 Usage Reports .86
J.1.1.2 Session Initiation Protocol Gateways .87
J.1.1.2.1 Call Routing and Authorization .88
J.1.1.2.2 Usage Reports .90
J.1.2 Tightly Controlled Distributed Architecture .91
J.1.2.1 H.323 Gatekeeper Routed Calls.92
J.1.2.1.1 Call Routing and Authorization .92
J.1.2.1.2 Usage Reports .94
J.1.2.2 Session Initiation Protocol Proxy Servers.95
J.1.2.2.1 Call Routing and Authorization .96
J.1.2.2.2 Usage Reports .98
J.1.3 Loosely Controlled Distributed Architecture .99
J.1.3.1 H.323 Direct Routed Calls (with Gatekeepers).100
J.1.3.1.1 Call Routing and Authorization .100
J.1.3.1.2 Usage Reports .102
J.1.3.2 Session Initiation Protocol Redirect Servers.104
J.1.3.2.1 Call Routing and Authorization .105
J.1.3.2.2 Usage Reports .107
J.2 Prepaid Calling Card and Roaming User Support.110
J.2.1 Call Routing and Authorization.111
J.2.2 Reauthorization .112
Bibliography.116
History .117
ETSI
7 ETSI TS 101 321 V2.1.1 (2000-08)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://www.etsi.org/ipr).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Specification (TS) has been produced by ETSI Project Telecommunications and Internet Protocol
Harmonization Over Networks (TIPHON).
Introduction
The contents of the present document are the result of contributions and discussions in Working Group 3.
ETSI
8 ETSI TS 101 321 V2.1.1 (2000-08)
1 Scope
The present document shall be called the Open Settlement Protocol (OSP). The present document specifies a set of
protocols and associated profiles to permit the exchange of inter-domain pricing, authorization, and settlement
information between internet telephony operators. The protocols specified fulfil the essential requirements of such
services, by providing appropriate functionality between multiple administrative domains in a secure manner. The
specification also provides for non-standard extensions that permit co-operating parties to augment or replace the basic
functionality.
2 References
The following documents contain provisions which, through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication, edition number, version number, etc.) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies.
• A non-specific reference to an ETS shall also be taken to refer to later versions published as an EN with the same
number.
[1] American National Standards Institute. Accredited Standards Committee X9 Working Draft:
American National Standard X9.42-1993: Public Key Cryptography for the Financial Services
Industry: Management of Symmetric Algorithm Keys Using Diffie-Hellman. American Bankers
Association, September 21, 1994.
[2] RFC 1945 (1996): Hypertext Transfer Protocol - HTTP/1.0. Berners Lee, T., R. Fielding, and
H. Frystyk.
[3] Bray, Tim, Jean Paoli, and C. M. Sperberg-McQueen. Extensible Markup Language (XML) 1.0.
World Wide Web Consortium (W3C): 10 February 1998. [http://www.w3.org/TR/REC-xml].
[4] RFC 2068 (1997): Hypertext Transfer Protocol - HTTP/1.1. Fielding R., J. Gettys, J. Mogul,
H. Frystyk, and T. Berners-Lee.
[5] RFC 2045 (1996): Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet
Message Bodies.Freed,N.and N. Borenstein.
[6] Freier, Alan O., Philip Karlton, and Paul C. Kocher. The SSL Protocol Version 3.0
[http://www.netscape.com/eng/ssl3/ssl-toc.html]. Netscape Communications Corporation:
March 1996. As amended by SSL 3.0 Errata of August 26, 1996
[http://www.netscape.com/eng/ssl3/ssl-errata.html].
[7] ISO 4217 (1995): "Codes for the representation of currencies and funds".
[8] ISO 8601 (1988): "Data elements and interchange formats -- Information
interchange -- Representation of dates and times".
[9] ITU-T Recommendation H.225.0 (1998): "Call signalling protocols and media stream
packetization for packet-based multimedia communication systems".
[10] ITU-T Recommendation H.245 (1998): "Control protocol for multimedia communication".
[11] ITU-T Recommendation X.691 (1995): "Information technology - ASN.1 encoding
rules - Specification of Packed Encoding Rules (PER)".
[12] ITU-T Recommendation E.164 (1997): "The international public telecommunication numbering
plan".
ETSI
9 ETSI TS 101 321 V2.1.1 (2000-08)
[13] ITU-T Recommendation H.323 (1998): "Packet-based multimedia communications systems".
[14] ITU-T Recommendation H.235 (1998): "Security and encryption for H-Series (H.323 and other
H.245-based) multimedia terminals".
[15] National Institute of Standards and Technology, U.S. Department of Commerce NIST FIPS PUB
46-1 (January 1988): "Data Encryption Standard".
[16] National Institute of Standards and Technology, U.S. Department of Commerce NIST FIPS PUB
186 (18 May 1994): "Digital Signature Standard"
[17] National Institute of Standards and Technology, U.S. Department of Commerce NIST FIPS PUB
180-1 (31 May 1994): "Secure Hash Standard".
[18] RFC 2311 (1998): S/MIME Version 2 Message Specification. S. Dusse, P. Hoffman, B. Ramsdell,
L. Lundblade, and L. Repka.
[19] RFC 2268 (1998): Description of the RC2® Encryption Algorithm. R. Rivest.
[20] RFC 1321 (1992): The MD5 Message-Digest Algorithm. R. Rivest.
[21] RSA Laboratories. PKCS #1: RSA Encryption Standard. Version 1.5, November 1993.
[22] RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5,
November 1993.
[23] The Unicode Consortium. The Unicode Standard. Version 2.0.
[24] Dierks, Tim and Christopher Allen. The TLS Protocol Version 1.0. Work in progress.
[25] The Open Trading Protocol Consortium. Internet Open Trading Protocol Part 2: Specification.
Version 0.9, 12 January 1998.
[26] ISO/IEC 9646-7 (1995): "Information technology -- Open Systems Interconnection --
Conformance testing methodology and framework -- Part 7: Implementation Conformance
Statements".
[27] ISO/IEC 10646 (1993): "Information technology -- Universal Multiple-Octet Coded Character Set
(UCS)".
[28] RFC 2630 (1999): Cryptographic Message Syntax. Housley, R.
[29] WAP-154, Binary XML Content Format Specification
[30] ISO/IEC 7812-1: "Identification cards -- Identification of issuers -- Part 1: Numbering system".
3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
CMS Cryptographic Message Syntax
DES Data Encryption Standard
DSA Digital Signature Algorithm
DTD Document Type Definition
HTML Hypertext Markup Language
HTTP Hypertext Transfer Protocol
IETF Internet Engineering Task Force
IP Internet Protocol
IPSEC Internet Protocol Security
MD5 Message Digest 5
MIME Multipurpose Internet Mail Extensions
OSP Open Settlement Protocol
PIN Personal Identification Number (e.g. for automated teller machines)
PKCS Public Key Cryptography Standard
ETSI
10 ETSI TS 101 321 V2.1.1 (2000-08)
RAS Registration Admission and Status
RSA Rivest Shamir Adleman
SHA Secure Hash Algorithm
S/MIME Secure Multipurpose Internet Mail Extensions
SSL Secure Socket Layer
TCP Transmission Control Protocol
TLS Transport Layer Security
URL Uniform Resource Locator
UTC Universal Time Co-ordinated
UTF Universal Text Format
XML Extensible Markup Language
4 Open Settlement Protocol Architecture
This clause introduces the protocol architecture for the OSP specification. It identifies the major protocols used by
communicating parties, and it outlines their relationship to each other. The clause also describes the overall format of
messages exchanged by the protocols. The intent of this clause is to outline the framework for the standard’s protocols
and message formats; later clauses detail specific profiles for these protocols and the specific message content.
4.1 Communication Protocols
As figure 1 shows, systems conforming to the OSP specification use a combination of the Hypertext Transfer Protocol
(HTTP), and either the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to transfer pricing, authorization,
and usage information. As the figure indicates, these protocols are layered on top of the Transmission Control Protocol
(TCP) for communication across Internet Protocol (IP) networks.
OSP
XML (presentation)
HTTPv1.0
SSLv3
TCP port 80
TCP port 443
IP
Figure 1: Open Settlement Protocol Architecture for Pricing,
Authorization, and Usage Exchange
4.1.1 Secure Sockets Layer/Transport Layer Security
The Secure Sockets Layer and Transport Layer Security protocols add authentication and privacy to TCP connections.
SSL is the standard protocol for securing web browsing. As such, it is widely deployed on the Internet and is
distinguished b
...