Internet Engineering Task Force Steve Donovan Internet Draft MCI Worldcom June, 1999 Expires December, 1999 draft-ietf-mmusic-sip-session-timer-02.txt SIP Session Timer Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference mate- rial or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/lid-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document proposes an extension to the SIP specification [1]. This extension adds a new message header, Session-Expires, which is used to specify the duration of a requested session. A session timer can be used to control the duration of a session if, for instance, one of the participants in the session wants to limit the cost of the session. Stateful SIP Proxy Servers can also use a session timer to track the status of sessions for which session state exists on the servers. Currently a stateful SIP Proxy Server that is not handling the media stream(s) for the session has no mechanism to definitively determine the state of all sessions for which it has state. While the SIP Specification does provide the BYE method for terminating the session, there is no mechanism for a SIP Proxy Server to detect the end of a session when the BYE message is not sent or is lost due to network problems. Donovan draft-ietf-mmusic-session-timer-02.txt Page 1 Internet Draft SIP Session Timer June 1999 1.0 Introduction The need for the addition of a session timer was initially motivated by the realization that stateful proxy servers currently have no method of determining the end of a session in certain anomalous situ- ations. For instance, when a user agent fails to send a BYE message at the end of a session or the BYE message gets lost due to network problems. In this situation, the stateful proxy will retain state for the session and has no deterministic method of determining when the state no longer applies. With the addition of a session timer to the SIP protocol, the state- ful proxy server will have the option of tearing down the session upon the expiration of the session timer. A session timer can also be used for other purposes. For instance, it could be used in the implementation of a prepaid service. In this case all session related signaling would be routed through a SIP server that would control the session time based on a subscriber's prepaid account. The SIP server could use the session timer to force the tear down of the session within a specific time. The session timer could also be used by the user agent as a trigger to indicate to the subscriber that the prepaid account requires more funds to extend the call. This document proposes the addition of the Session-Expires header to various SIP messages. In addition, a new Request Failure message is proposed. This message would be used to indicate session timer prob- lems, including the need for a session-expires header in an INVITE message and the need for a smaller session-expires time. 2.0 Session-Expires Header Field Definition The Session-Expires header shall be used by user agents or proxy servers to indicate the maximum duration of a session. The format of the Session-Expires header shall be equivalent to the format of the Expires header (see section 6.20 in [1]). As such, the end of the session can be specified as either an absolute or delta time. The Session-Expires header shall be valid in INVITE and ACK requests. In addition it shall be valid in certain response messages. This includes the 200 OK response and the new Request Failure responses defined in this document. The called UA or any SPS in the path of the session signaling shall have the option of rejecting an INVITE that does not contain the Ses- sion-Expires header if the service context in which the session request is made requires the use of the session timer. Donovan draft-ietf-mmusic-session-timer-02.txt Page 2 Internet Draft SIP Session Timer June 1999 The called UA has the option of adding the Session-Expires header to the 200 OK response in the case where there was not Session-Expires header in the INVITE message. An SPS shall also have the option of adding the Session-Expires header to an INVITE message. In addition, the called UA and SPS shall have the option of modifying the value in the Session-Expires header. This modification shall only be to decrease the requested duration of the session. The start time of the session shall be based on receipt of the 200 OK message by the calling UA and receipt of the ACK message by the SPS and called UA. If the called UA or the SPS requires a session timer for a requested session and the calling UA does not include the Session-Expires header in the INVITE message, then the called UA or the SPS should reject the request with a 487 request failure message. If the use of a session timer is desirable but optional for the ses- sion and the calling UA does not include the Session-Expires header in the INVITE then the called UA or SPS should add a Session-Expires header to the next session setup message. In this case the SPS shall add the Session-Expires header to the INVITE message and the called UA shall add the Session-Expires header to the 200 OK response mes- sage. The calling UA shall have the ability to request an extension to the duration of the session by sending a re-INVITE message for the ses- sion with a new Session-Expires header. See section 1.4.6, Changing an Existing Session, in [1]. The calling UA or any SPS in the path of the session signaling shall have the ability to reject the change in the session duration. Upon expiration of the session timer, the calling UA and called UA shall have the option of terminating the session using the normal BYE method. In addition, a SPS shall have the option of tearing down an expired session by sending a BYE to both the called UA and the calling UA. It is recommended that the SPS delay tearing down the session long enough for a retry of a lost re-INVITE to be received by the SPS. This will also reduce the possibility of both a UA and SPS attempting to tear down the call simultaneously. 3.0 Behavior of SIP User Agents 3.1 Behavior of User Agent Clients Donovan draft-ietf-mmusic-session-timer-02.txt Page 3 Internet Draft SIP Session Timer June 1999 A User Agent Client (UAC) shall have the ability to include the Ses- sion-Expires header in an INVITE message. The UAC shall have the ability to request an extension of the session timer by sending an INVITE message for an existing session with a Session-Expires header. This should be done enough in advance of the session timeout to prevent the called UA or the SPS from timing out the session prior to receipt of the new INVITE. When requesting an extension of the session, the UAC shall use a value in the Session-Expires header that is less-than or equal to the value of the Session-Expires header received in the 200 OK from the original setup of the session. The UAC shall have the ability to receive a Session-Expires header in a 200 OK message. This is independent of whether or not a Session- Expires was included in the original INVITE message. The UAC shall have the ability to accept the session time indicated in the 200 OK Session-Expires header by including unchanged Session- Expires header in the ACK to the 200 OK. The UAC shall have the ability to reject the session time indicated in the 200 OK message by not including a Session-Expires header in the ACK to the 200 OK message. In general, if the UAC is able to support session timers then it should accept the session time included in the 200 OK, even if it changed between the INVITE and the 200 OK. 3.2 Behavior of User Agent Servers The User Agent Server shall have the ability to reject an INVITE mes- sage that does not contain a Session-Expires header if the INVITE is received in a service context that requires a session timer. The UAS shall reject the INVITE using the following response: 487 Session-Expires Header Problem Session-Expires: n The UAS shall have the ability to provisionally reject an INVITE request based on the contents of the Session-Expires header received in the INVITE message. For instance, the UAS may choose to reject the INVITE if the requested session time is longer than the UAS desires to participate in the session. The UAS shall use the follow- ing message to reject the request: 487 Session-Expires Header Problem Session-Expires: n Donovan draft-ietf-mmusic-session-timer-02.txt Page 4 Internet Draft SIP Session Timer June 1999 In both cases, the UAS shall include in the 487 response an accept- able delta time for the session. If the Session-Expires header contains a delta time then the UAS shall calculate the end of the session based on receipt of the ACK message that completes a successful session initiation: End of session time = Receipt of ACK time + Session-Expires time The UAS shall have the ability to reject a request to extend the length of the session. The UAS shall do so by sending the following response: 487 Session Time Request Problem Session-Expires: n A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. Any other value should be less than that received in the re-INVITE message and should indicate an acceptable extension to the session timer. If the Session-Expires header in the re-INVITE contains a delta time then the UAS shall calculate the new end of the session from the pre- vious end of session time: New end of session time = Previous end of session time + delta time If a request to extend the session time is rejected by the UAS then the end of session time that existed prior to the extension request shall be remain in effect. The UAS shall have the ability to add a Session-Expires header to a 200 OK response for an INVITE request that did not contain a session- Expires header. If the UAS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the UAS has the following options: The UAS can choose to participate in the session without a session timer. The UAS can choose to not participate in the session. In this case, the UAS shall send a BYE message to tear down the session. The UAS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. If the UAS is sending a 200 OK to an INVITE that contained a Session- Expires header then the UAS shall include a Session-Expires header in the 200 OK. The content of the Session-Expires header shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or a Donovan draft-ietf-mmusic-session-timer-02.txt Page 5 Internet Draft SIP Session Timer June 1999 decreased value of the session timer desired by the UAS. 4.0 Behavior of SIP Proxy Servers A SIP Proxy Server has the option of tracking the duration of ses- sions for which it is a proxy. If the SPS receives an INVITE without a Session-Expires header, it has the option of sending the following request failure response indicating that the Session-Expires header is required: 487 Session-Expires Header Problem Session-Expires: n A SPS has the option of rejecting an INVITE with a Session-Expires header based on the time specified in the header. For instance, if the time specified is too long. The proxy server shall do so by send- ing the following request failure response: 487 Session-Expires Header Problem Session-Expires: n In both cases, the SPS shall include in the 487 response an accept- able delta time for the session. If the Session-Expires header contains a delta time then the SPS shall use the method of calculating the session time specified in section 3.2. A SPS has the option of rejecting a request for an extension of the session timer for an existing session by sending the following request failure response: 487 Session-Expires Header Problem Session-Expires: n A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. Any other value should be less than that received in the re-INVITE message and should indicate an acceptable extension to the session timer. If the SPS accepts the request to extend the session timer then it shall use the method of calculating the new end of session time spec- ified in section 3.2. The SPS shall have the ability to add a Session-Expires header to an INVITE request that does not contain a Session-Expires header. Donovan draft-ietf-mmusic-session-timer-02.txt Page 6 Internet Draft SIP Session Timer June 1999 The SPS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. The content of the Session-Expires header included in the INVITE sent by the SPS shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or a decreased value of the session timer desired by the SPS. If the SPS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the SPS has the following options: - The SPS can choose to allow the session without a session timer. - The SPS can choose to not allow the session. A SPS shall have the option of tearing down sessions that have expired. Note that the SPS should wait for the calling UA or called UA to terminate the call using normal mechanisms. If the calling UA and the called UA fail to send a BYE as a result of session expira- tion then the SPS can choose to end the call. The SPS shall terminate the call by sending BYE requests to the call- ing UA and the called UA. 5.0 Header Field Definitions The following is an extension of tables 4 and 5 in [1] for the Ses- sion-Expires header: where enc. e-e ACK BYE CAN INV OPT REG Session-Expires R e o - - o - - Session-Expires 200 e - - - o - - Session-Expires 487 e - - - o - - 6.0 Request Failure Messages 6.1 487 Session-Expires Header Problem The server received an INVITE request with one of the following prob- lems: - The server requires a Session-Expires header. In this case the response should contain a Session-Expires header with an acceptable session time. - The server received an INVITE with a Session-Expires header with an expiration time longer than the server is willing to accept. In this case the response should contain a Session-Expires header with an acceptable session time. Donovan draft-ietf-mmusic-session-timer-02.txt Page 7 Internet Draft SIP Session Timer June 1999 - The server received an INVITE with a Session-Expires header for an existing session and the server does not wish to extend the session. In this case the response should contain a Session-Expires header with a value of zero (0). - The server received an INVITE with a Session-Expires header for an existing session with an expiration time longer than the server is willing to accept. In this case the response should contain a Ses- sion-Expires header with an acceptable session time. 7.0 Security Considerations There are no security considerations unique to the Session-Expires header. 8.0 Examples The following examples are meant to illustrate the functionality associated with the Session-Expires header. In the interest of brevity, other headers are intentionally left out of the SIP mes- sages. Donovan draft-ietf-mmusic-session-timer-02.txt Page 8 Internet Draft SIP Session Timer June 1999 8.1 Basic session-timer setup with UAS detected timeout Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA starts session timer Session-Expires: 120 Called UA Receipt of ACK Called UA starts session timer Calling UA determines need to extend session time Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA resets session end time Session-Expires: 120 Called UA Receipt of ACK Called UA resets session timer Session timeout detected by Called UA Calling UA <- Called UA BYE Calling UA -> Called UA 200 OK Donovan draft-ietf-mmusic-session-timer-02.txt Page 9 Internet Draft SIP Session Timer June 1999 8.2 Basic negotiation with SPS Detected timeout Calling UA -> SPS INVITE Session-Expires: 240 SPS -> Called UA INVITE SPS wants a shorter timer Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants a shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA starts session timer Session-Expires: 120 SPS Receipt of ACK SPS starts session timer SPS -> Called UA ACK Called UA starts session timer Session-Expires: 120 Session timeout detected by SPS Calling UA <- SPS BYE SPS -> Called UA BYE Calling UA -> SPS 200 OK SPS <- Called UA 200 OK Donovan draft-ietf-mmusic-session-timer-02.txt Page 10 Internet Draft SIP Session Timer June 1999 8.3 No Session-Expires Header Rejection by SPS Calling UA -> SPS INVITE No Session-Expires header Calling UA <- SPS 4xx Session-Expires Header Required Session-Expires: 120 Suggested session time Calling UA -> SPS INVITE Session-Expires: 120 Session setup continues 8.4 Invalid Session-Expires Header Rejection by SPS Calling UA -> SPS INVITE No Session-Expires header Session-Expires: 1000 Calling UA <- SPS 4xx Session Time Request Rejected Session-Expires: 120 Suggested session time Calling UA -> SPS INVITE Session-Expires: 120 Session setup continues Donovan draft-ietf-mmusic-session-timer-02.txt Page 11 Internet Draft SIP Session Timer June 1999 8.5 Session-Expires Header Added by SPS, Rejected by UAC Calling UA -> SPS INVITE SPS -> Called UA INVITE SPS adds S-E header Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA does not include S-E header The SPS has the choice of allowing or not allowing the call as a result of the Calling UA not supporting the Session-Expires function. 9.0 Changes in this version The changes in this version of the document were primarily editorial in nature. It was also reworded to indicate that both the calling and the called user agents shall be able to request extensions to the session time. 10.0 References [1] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP: Session Initiation Protocol", RFC 2543, March 1999. 11.0 Author's Address Steven R. Donovan MCI Worldcom 1493/678 901 International Parkway Richardson, Texas 75081 Email: steven.r.donovan@mci.com Donovan draft-ietf-mmusic-session-timer-02.txt Page 12