SIP Working Group G. Camarillo Internet-Draft Ericsson Expires: November 30, 2004 P. Kyzivat Cisco Systems June 2004 Update to the Session Initiation Protocol (SIP) Preconditions Framework draft-ietf-sip-rfc3312-update-01.txt Status of this Memo By submitting this Internet-Draft, I certify that any applicable patent or other IPR claims of which I am aware have been disclosed, and any of which I become aware will be disclosed, in accordance with RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on November 30, 2004. Copyright Notice Copyright (C) The Internet Society (2004). All Rights Reserved. Abstract This document updates the framework for preconditions in SIP. We provide guidelines for authors of new precondition types and describe how to use SIP preconditions in situations that involve session mobility. Camarillo & Kyzivat Expires November 30, 2004 [Page 1] Internet-Draft Preconditions Framework Update June 2004 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Defining New Precondition Types . . . . . . . . . . . . . . . 3 3.1 Precondition Type Tag . . . . . . . . . . . . . . . . . . 3 3.2 Status Type . . . . . . . . . . . . . . . . . . . . . . . 4 3.3 Precondition Strength . . . . . . . . . . . . . . . . . . 4 3.4 Suspending and Resuming Session Establishment . . . . . . 4 4. Issues Related to Session Mobility . . . . . . . . . . . . . . 5 4.1 Update to RFC 3312 . . . . . . . . . . . . . . . . . . . . 6 4.2 Desired Status . . . . . . . . . . . . . . . . . . . . . . 8 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Acknowledges . . . . . . . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7.1 Normative References . . . . . . . . . . . . . . . . . . . . 8 7.2 Informational References . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 9 Intellectual Property and Copyright Statements . . . . . . . . 10 Camarillo & Kyzivat Expires November 30, 2004 [Page 2] Internet-Draft Preconditions Framework Update June 2004 1. Introduction RFC 3312 [3] defines the framework for SIP [2] preconditions, which is a generic framework that allows SIP UAs (User Agents) to suspend the establishment of a session until a set of preconditions are met. Although only Quality of Service (QoS) preconditions have been defined so far, this framework supports different preconditions types. (QoS preconditions are defined by RFC 3312 [3] as well.) This document updates RFC 3312 [3]. We provide guidelines for authors of new precondition types and explain which topics they need to discuss when defining them. In addition, we update some of the procedures in RFC 3312 to be able to use SIP preconditions in situations that involve session mobility, as described below. RFC 3312 [3] focuses on media sessions that do not move around. That is, media is sent between the same end-points throughout the duration of the session. Nevertheless, media sessions established by SIP are not always static. SIP offers mechanisms to provide session mobility, namely re-INVITEs and UPDATEs [5]. While existing implementations of RFC 3312 [3] can probably handle session mobility, there is a need to explicitly point out the issues involved and make a slight update to some of the procedures defined there. With the updated procedures defined in this document, messages carrying precondition information become more explicit about the current status of the preconditions. 2. Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 [1] and indicate requirement levels for compliant implementations. 3. Defining New Precondition Types Specifications defining new precondition types need to discuss the topics described in this section. Having clear definitions of new precondition types is essential to ensure interoperability among different implementations. 3.1 Precondition Type Tag New precondition types MUST have an associated precondition type tag (e.g., "qos" is the tag for QoS preconditions). The IANA registry for precondition types can be found at: Camarillo & Kyzivat Expires November 30, 2004 [Page 3] Internet-Draft Preconditions Framework Update June 2004 http://www.iana.org/assignments/sip-precond-types Authors of new preconditions MUST register new precondition types, and their tags, with the IANA following the instructions in Section 15 of RFC 3312 [3]. 3.2 Status Type RFC 3312 [3] defines two status types: end-to-end and segmented. Specifications defining new precondition types MUST indicate which of these status applies to the new precondition. New preconditions can use only one status type or both. For example, the QoS preconditions defined in RFC 3312 can use both [3]. 3.3 Precondition Strength RFC 3312 [3] defines optional and mandatory preconditions. Specifications defining new precondition types MUST describe whether or not optional preconditions are applicable, and in case they are, what is the expected behavior of a UA on reception of optional preconditions. 3.4 Suspending and Resuming Session Establishment Section 6 of RFC 3312 [3] describes the behavior of UAs from the moment session establishment is suspended due to a set of preconditions until is resumed when these preconditions are met. In general, the called users is not alterted until the preconditions are met. Still, in addition to not alerting the user, each precondition type MUST define any extra actions UAs should perform or keep from performing when session establishment is suspended. So, the behavior of media streams during session suspension is part of the definition of a particular precondition type. Some precondition types may allow media streams to send and receive packets during session suspension; others may not. Consequently, the following paragraph from RFC 3312 only appplies to QoS preconditions: While session establishment is suspended, user agents SHOULD not send any data over any media stream. In the case of RTP, neither RTP nor RTCP packets are sent. As a clarification to the previous paragraph, the control messages used to establish connections in connection-oriented transport protocols (e.g., TCP SYNs) are not affected by the previous rule. So, user agents follow standard rules (e.g., the SDP a:setup attribute [7]) to decide when to establish the connection, regardless of the Camarillo & Kyzivat Expires November 30, 2004 [Page 4] Internet-Draft Preconditions Framework Update June 2004 presence of QoS preconditions. New precondition types MUST also describe the behaviour of UAs on reception of a re-INVITE or an UPDATE with preconditions for an ongoing session. 4. Issues Related to Session Mobility Section 5 oft RFC 3312 [3] describes how to use SIP [2] preconditions with the offer/answer model [4]. RFC 3312 gives a set of rules that allow a user agent to communicate changes in the current status of the preconditions to the remote user agent. The idea is that a given user agent knows about the current status of some part of the preconditions (e.g., send direction of the QoS precondition) through local information (e.g., an RSVP RESV is received indicating that resource reservation was successful). The UAC (User Agent Client) informs the UAS (User Agent Server) about changes in the current status by sending an offer to the UAS. The UAS, in turn, could (if needed) send an offer to the UAC informing it about the status of the part of the preconditions the UAS has local information about. Note, however, that UASs do not usually send updates about the current status to the UAC because UASs are the ones resuming session establishment when all the preconditions are met. Therefore, rather than performing an offer/answer exchange to inform the UAC that all the preconditions are met, they simply send a 180 (Ringing) response indicating that session establishment has been resumed. While RFC 3312 [3] allows to update current status information using offers as described above, it does not allow to downgrade current status values in answers, as shown in the third row of Table 3 of RFC 3312. However, such downgrades are sometimes needed. Figure 1 shows an example where performing such a downgrade in an answer would be needed. Camarillo & Kyzivat Expires November 30, 2004 [Page 5] Internet-Draft Preconditions Framework Update June 2004 3pcc A Controller B C | | | | |<-dialog 1->|<-dialog 2->| | | | | | | *********************** | | |* MEDIA *| | | *********************** | | | | | | | | | | |<-dialog 1->|<------dialog 3----->| | | | | | ******************************** | |* MEDIA *| | ******************************** | | | | | | | | | Figure 1: Session mobility using 3pcc The 3pcc (Third Party Call Control) [6] controller in Figure 1 has established a session between A and B using dialog 1 towards A and dialog 2 towards B. At that point, the controller wants A to have a session with C instead of B. To transfer A to C (configuration shown at the bottom of Figure 1, the controller sends an empty (no offer) re-INVITE to A. Since A does not know that the session will be moved, its offer in the 200 OK states that the current status of the media stream in the send direction is "Yes". The controller, after contacting C establishing dialog 3, sends back an answer to A. This answer contains a new destination for the media (C) and should have downgraded the current status of the media stream to "No", since there is no reservation of resources between A and C. 4.1 Update to RFC 3312 Below there are a set of new rules that update RFC 3312 [3] to address the issues above. The rule below applies to offerers that are moving a media stream to a new address: When a stream is being moved to a new transport address, the offerer MUST set all the current status values it does not have local information about to "No". Note that for streams using segmented status (as opposed to end-to-end status), the fact that the address for the media stream at Camarillo & Kyzivat Expires November 30, 2004 [Page 6] Internet-Draft Preconditions Framework Update June 2004 the local segment changes may or may not affect the status of the preconditions at the remote segment. However, moving an existing stream to a new location, from the preconditions point of view, is like establishing a new stream. Therefore, it is appropriate to set all the current status values to "No" and start a new precondition negotiation from scratch. The updated table and the rules below applies to an answerer that is moving a media stream. That is, the offerer was not aware of the move when it generated the offer. Table 3 of RFC 3312 [3] needs to be updated to allow answers to downgrade current status values. The following table shows the result. Transac. status table Local status table New values transac./local ____________________________________________________________________ no no no/no yes yes yes/yes yes no depends on local info no yes depends on local info An answerer MUST downgrade the current status values that received in the offer if it has local information about them or if the media stream is being moved to a new transport address. Note that for streams using segmented status the address change at the answerer may or may not affect the status of the preconditions at the offerer's segment. However, as stated above, moving an existing stream to a new location, from the preconditions point of view, is like establishing a new stream. Therefore, it is appropriate to set all the current status values to "No" and start a new precondition negotiation from scratch. The new table below applies to an offerer that receives an answer that updates or downgrades its local status tables. Offerers should update their local status tables when they receive an answer as shown in the following table. Transac. status table Local status table New value Local Status _________________________________________________________________ no no no yes yes yes yes no yes no yes no Camarillo & Kyzivat Expires November 30, 2004 [Page 7] Internet-Draft Preconditions Framework Update June 2004 4.2 Desired Status The desired status that a UA wants for a media stream after the stream is moved to a new transport address may be different than the desired status negotiated for the stream originally. A UA, for instance, may require mandatory QoS over a low-bandwidth link but be satisfied with optional QoS when the stream is moved to a high-bandwidth link. If the new desired status is higher than the previous one (e.g., optional to mandatory), the UA, following RFC 3312 procedures, may upgrade its desired status in an offer or in an answer. If the new desired status is lower that the previous one (e.g., mandatory to optional), the UA, following RFC 3312 procedures as well, may downgrade its desired status only in an offer (i.e., not in an answer.) 5. Security Considerations An attacker adding preconditions to a session description or modifying existing preconditions could keep sessions from being established. An attacker removing preconditions from a session description could force sessions to be established without meeting mandatory preconditions. It is thus STRONGLY RECOMMENDED that integrity protection be applied to the SDP session descriptions. S/MIME is the natural choice to provide such end-to-end integrity protection, as described in RFC 3261 [2]. 6. Acknowledges Dave Oran and Allison Mankin provided useful comments on this document. 7. References 7.1 Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [3] Camarillo, G., Marshall, W. and J. Rosenberg, "Integration of Resource Management and Session Initiation Protocol (SIP)", RFC Camarillo & Kyzivat Expires November 30, 2004 [Page 8] Internet-Draft Preconditions Framework Update June 2004 3312, October 2002. 7.2 Informational References [4] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with Session Description Protocol (SDP)", RFC 3264, June 2002. [5] Rosenberg, J., "The Session Initiation Protocol (SIP) UPDATE Method", RFC 3311, October 2002. [6] Rosenberg, J., Peterson, J., Schulzrinne, H. and G. Camarillo, "Best Current Practices for Third Party Call Control (3pcc) in the Session Initiation Protocol (SIP)", BCP 85, RFC 3725, April 2004. [7] Yon, D., "Connection-Oriented Media Transport in SDP", draft-ietf-mmusic-sdp-comedia-05 (work in progress), March 2003. Authors' Addresses Gonzalo Camarillo Ericsson Hirsalantie 11 Jorvas 02420 Finland EMail: Gonzalo.Camarillo@ericsson.com Paul Kyzivat Cisco Systems 1414 Massachusetts Avenue, BXB500 C2-2 Boxborough, MA 01719 USA EMail: pkyzivat@cisco.com Camarillo & Kyzivat Expires November 30, 2004 [Page 9] Internet-Draft Preconditions Framework Update June 2004 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the IETF's procedures with respect to rights in IETF Documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Camarillo & Kyzivat Expires November 30, 2004 [Page 10]