ETSI TS 102 232-2-2016 Lawful Interception (LI) Handover Interface and Service-Specific Details (SSD) for IP delivery Part 2 Service-specific details for messaging services (V3 10 .pdf

1、 ETSI TS 102 232-2 V3.9.1 (2016-03) Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 2: Service-specific details for messaging services floppy3TECHNICAL SPECIFICATION ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)2 Reference RTS/LI-00132-2 Keywords email

2、, handover, interface, IP, Lawful Interception, security, traffic ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/8

3、8 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior w

4、ritten authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present docu

5、ment should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one o

6、f the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content o

7、f the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks

8、of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)3 Cont

9、ents Intellectual Property Rights 6g3Foreword . 6g3Modal verbs terminology 6g3Introduction 6g31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 Informative references 9g33 Definitions and abbreviations . 9g33.1 Definitions 9g33.2 Abbreviations . 10g34 General . 11g34.1 E-mail services . 1

10、1g34.2 Unified messaging 11g35 E-mail system model 11g35.1 Reference network topology. 11g35.2 Reference scenarios 12g35.2.1 E-mail send failure 12g35.2.2 E-mail send success 13g35.2.3 E-mail download detail . 14g35.2.4 E-mail send detail . 15g36 E-mail events 16g36.1 Introduction 16g36.2 E-mail sen

11、d event . 16g36.2.1 Introduction. 16g36.2.2 E-mail send captured content 17g36.2.3 E-mail send IRI . 17g36.3 E-mail receive event . 17g36.3.1 Introduction. 17g36.3.2 E-mail receive captured content 18g36.3.3 E-mail receive IRI . 18g36.4 E-mail download event . 18g36.4.1 Introduction. 18g36.4.2 E-mai

12、l download captured content . 19g36.4.3 E-mail download IRI 19g37 E-mail attributes . 19g37.0 Availability of information . 19g37.1 E-mail protocol ID 19g37.2 E-mail address 20g37.3 E-mail recipient list 20g37.4 E-mail sender 20g37.5 Total recipient count . 20g37.6 Message ID . 20g37.7 Status 20g37.

13、8 Server and client port . 20g37.9 Server and client octets sent . 21g37.10 AAAInformation 21g38 Unified Messaging events 21g38.0 Generic description. 21g38.1 Delivery of CC . 22g38.2 Messaging events . 23g38.3 Messaging box events 23g3ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)4 8.4 Messaging notificat

14、ion events 25g38.5 Messaging call events . 25g38.6 Signalling of party information 26g38.7 Messaging properties 27g3Annex A (normative): SMTP 30g3A.1 SMTP introduction . 30g3A.2 SMTP HI2 events . 30g3A.2.1 E-mail login event 30g3A.2.2 E-mail send event . 30g3A.2.3 E-mail receive event . 30g3A.3 SMTP

15、 HI2 attributes 31g3A.4 SMTP HI2 event-record mapping 31g3Annex B (normative): POP3 . 32g3B.1 POP3 introduction 32g3B.2 POP3 HI2 events 32g3B.2.1 E-mail login event 32g3B.2.2 E-mail download event . 32g3B.2.3 E-mail partial download event 32g3B.3 POP3 HI2 attributes . 33g3B.4 POP3 HI2 event-record m

16、apping . 33g3B.5 POP3 HI3 delivery of Content of Communication 34g3B.6 POP3 Interception example 34g3Annex C (normative): IMAP4 . 35g3C.1 IMAP4 introduction . 35g3C.2 IMAP4 HI2 event-record mapping . 35g3C.3 IMAP4 HI3 delivery of call content . 36g3C.4 IMAP4 Interception example . 36g3Annex D (norma

17、tive): Messaging ASN.1 . 38g3Annex E (informative): E-mail LI requirements . 46g3E.1 HI2 requirements 46g3E.2 HI3 requirements 47g3E.3 General requirements . 48g3E.4 Requirements mapping . 48g3Annex F (informative): SMTP characteristics 49g3F.1 SMTP service characteristics . 49g3F.2 SMTP protocol ch

18、aracteristics . 49g3Annex G (informative): POP3 characteristics 50g3G.1 POP3 service characteristics 50g3G.2 POP3 protocol characteristics 50g3Annex H (informative): Discussion of webmail interception 51g3ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)5 H.1 Webmail network topology 51g3H.2 Webmail protocols

19、 . 51g3H.3 Webmail interception . 52g3Annex I (informative): Discussion for Driving HI2 of HI3 53g3I.1 Introduction 53g3I.2 Discussion 53g3I.2.1 Introduction 53g3I.2.2 IP packets . 53g3I.2.3 TCP packets 54g3I.2.4 SMTP packets 54g3I.2.5 E-mail messages . 54g3I.3 Conclusion 54g3Annex J (informative):

20、Change Request History 55g3Annex K (informative): Bibliography . 58g3History 59g3ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)6 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, i

21、f any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are availab

22、le on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are,

23、or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI). The present document is part 2 of a multi-part deliverable. Full details of the entire series can be found in part 1 3. The

24、ASN.1 module is also available as an electronic attachment to the original document from the ETSI site (see details in annex D). Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpret

25、ed as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Introduction The present document describes what information is required for the handover of inter

26、cepted IP-based messaging traffic from a Communications Service Provider to an LEMF. The present document covers a stage 2 description of the data, but does not specify any functionality within the scope of ETSI TS 102 232-1 3. The Recommendation ITU-T I.130 6 method for characterizing a service wil

27、l be used as a general framework for the present document. The modified concept of a “stage 1“ will be called the “attributes“ of the interface. The attributes of the interface are the sum total of the entire constituent attributes that an interface may need to communicate. The modified concept of a

28、 “stage 2“ will be called the “events“ of the interface. The events of the interface define the rules of the relationships between the attributes that are required to arrange the disjoint attributes into meaningful information for a messaging service interaction. The present document is intended to

29、be general enough to be used in a variety of messaging services. It should be recognized that a side effect of this approach is some IRI fields identified may be difficult to extract or non-existent depending on the messaging service being intercepted. In such cases it may be completely reasonable t

30、hat the delivered IRI contain empty fields or fields with the value 0. ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)7 1 Scope The present document contains a stage 1 like description of the interception information in relation to the process of sending and receiving asynchronous messages. The present docu

31、ment also contains a stage 2 like description of when Intercept Related Information (IRI) and Content of Communication (CC) need to be sent, and what information it needs to contain. It is recognized that “Instant Messenger“ and “Chat“ applications are another way of exchanging electronic text messa

32、ges. While the present document may be applicable to such applications it is in no way a goal of the present document to address these methods of electronic text messaging. The definition of handover transport and encoding of HI2 and HI3 is outside the scope of the present document. Refer to ETSI TS

33、 102 232-1 3. The present document is designed to be used where appropriate in conjunction with other deliverables that define the service specific IRI data formats. The present document aligns with 3GPP TS 33.108 5, ETSI TS 101 671 4, ETSI TS 101 331 1 and ETSI TR 101 944 i.1. 2 References 2.1 Norm

34、ative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments)

35、applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The follo

36、wing referenced documents are necessary for the application of the present document. 1 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 2 Void. 3 ETSI TS 102 232-1: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery;

37、 Part 1: Handover specification for IP delivery“. 4 ETSI TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. NOTE: Periodically TS 101 671 is published as ES 201 671. A reference to the latest version of the TS as above reflects the l

38、atest stable content from ETSI/TC LI. 5 ETSI TS 133 108: “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Handover interface for Lawful Interception (LI) (3GPP TS 33.108)“. 6 Recommendation ITU-T I.130: “Method for the characterization of telecommunication services supported by

39、an ISDN and network capabilities of an ISDN“. 7 IETF RFC 5322: “Internet Message Format“. NOTE 1: IETF RFC 5322 obsoletes IETF RFC 2822: “Internet Message Format“. NOTE 2: IETF RFC 2822 obsoletes IETF RFC 0822: “Standard for the format of ARPA Internet text messages“. 8 IETF RFC 1939: “Post Office P

40、rotocol - Version 3“. 9 IETF RFC 5321: “Simple Mail Transfer Protocol“. ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)8 NOTE: IETF RFC 5321 obsoletes IETF RFC 2821: “Simple Mail Transfer Protocol“. 10 IETF RFC 3501: “Internet Message Access Protocol - Version 4rev1“. 11 Recommendation ITU-T X.680/ISO/IEC 8

41、824-1: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 12 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. 13 IETF RFC 4954: “SMTP Service Extension for Authentication“. NOTE: IETF RFC 4

42、954 obsoletes IETF RFC 2554: “SMTP Service Extension for Authentication“. 14 Void. 15 IETF RFC 3493: “Basic Socket Interface Extensions for IPv6“. 16 IETF RFC 4422: “Simple Authentication and Security Layer (SASL)“. NOTE: IETF RFC 4422 obsoletes IETF RFC 2222: “Simple Authentication and Security Lay

43、er (SASL)“. 17 IETF RFC 3207: “SMTP Service Extension for Secure SMTP over Transport Layer Security“. 18 IETF RFC 2595: “Using TLS with IMAP, POP3 and ACAP“. 19 IETF RFC 4616: “The PLAIN Simple Authentication and Security Layer (SASL) Mechanism“. 20 IETF RFC 2045: “Multipurpose Internet Mail Extensi

44、ons (MIME) Part One: Format of Internet Message Bodies“. 21 IETF RFC 2046: “Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types“. 22 Void. 23 ETSI EN 300 356 (all parts): “Integrated Services Digital Network (ISDN); Signalling System No.7 (SS7); ISDN User Part (ISUP) version 4 for the

45、 international interface“. 24 IETF RFC 3066: “Tags for the Identification of Languages“. 25 Recommendation ITU-T E.164: “The international public telecommunication numbering plan“. 26 IETF RFC 3696: “Application Techniques for Checking and Transformation of Names“. 27 Recommendation ITU-T E.212: “Th

46、e international identification plan for public networks and subscriptions“. 28 Void. 29 IETF RFC 2806: “URLs for Telephone Calls“. 30 ETSI TS 124 229: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; IP multimedia call control protocol b

47、ased on Session Initiation Protocol (SIP) and Session Description Protocol (SDP); Stage 3 (3GPP TS 24.229)“. 31 IETF RFC 791: “Internet Protocol“. 32 IETF RFC 3261: “SIP: Session Initiation Protocol“. 33 IETF RFC 4282: “The Network Access Identifier“. 34 IETF RFC 2460: “Internet Protocol, Version 6

48、(IPv6) Specification“. 35 IETF RFC 6335: “Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry“. ETSI ETSI TS 102 232-2 V3.9.1 (2016-03)9 36 ETSI TS 129 002: “Digital cellular telecommunications system (Phase 2+); Un

49、iversal Mobile Telecommunications System (UMTS); Mobile Application Part (MAP) specification (3GPP TS 29.002)“. 37 ETSI TS 123 003: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Numbering, addressing and identification (3GPP TS 23.003)“. 38 ETSI TS 102 232-5: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 5: Service-specific details for IP Multimedia Services“. 39 IET