Multiple Dialog Usages in the Session Initiation Protocol
draft-ietf-sipping-dialogusage-06
The information below is for an old version of the document that is already published as an RFC.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 5057.
|
|
---|---|---|---|
Author | Robert Sparks | ||
Last updated | 2018-12-20 (Latest revision 2007-02-20) | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | Informational | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | (None) | |
Document shepherd | (None) | ||
IESG | IESG state | Became RFC 5057 (Informational) | |
Action Holders |
(None)
|
||
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | Jon Peterson | ||
Send notices to | (None) |
draft-ietf-sipping-dialogusage-06
's-GRUU) | | Call-ID: (call-id four) | | Contact: (Alice's-GRUU) | |-------------------------------------------------------------->| | 200 OK | | Contact: (Carol's-GRUU) | |<--------------------------------------------------------------| | ACK | |-------------------------------------------------------------->| | | | | F7 NOTIFY (Bob's-GRUU) | | Sparks Expires August 20, 2007 [Page 21] Internet-Draft Multiple Dialog Usages February 2007 | Call-ID: (call-id three) | | |------------------------------->| | | 200 OK | | |<-------------------------------| | | BYE (Alice's-GRUU) | | | Call-ID: (call-id one) | | |<-------------------------------| BYE (Carol's-GRUU) | | | Call-ID: (call-id two) | | 200 OK |----------------------------->| |------------------------------->| 200 OK | | |<-----------------------------| | | | Figure 5: Transfer without dialog reuse In message F1, Alice invites Bob indicating support for GRUUs (and offering a GRUU for herself): Message F1 (abridged, detailing pertinent fields) INVITE sip:bob@example.com SIP/2.0 Call-ID: 13jfdwer230jsdw@alice.example.com Supported: gruu Contact: <sip:alice@example.com;gr=urn:uuid:(Alice's UA's bits)> Message F2 carries Bob's GRUU to Alice. Message F2 (abridged, detailing pertinent fields) SIP/2.0 200 OK Supported: gruu To: <sip:bob@example.com>;tag=totag1 From: <sip:alice@example.com>;tag=fromtag1 Contact: <sip:bob@example.com;gr=urn:uuid:(Bob's UA's bits)> Bob decides to try to transfer Alice to Carol, so he puts Alice on hold and sends an INVITE to Carol. Carol and Bob negotiate GRUU support similar to what happened in F1 and F2. Sparks Expires August 20, 2007 [Page 22] Internet-Draft Multiple Dialog Usages February 2007 Message F3 (abridged, detailing pertinent fields) INVITE sip:carol@example.com SIP/2.0 Supported: gruu Call-ID: 23rasdnfoa39i4jnasdf@bob.example.com Contact: <sip:bob@example.com;gr=urn:uuid:(Bob's UA's bits)> Message F4 (abridged, detailing pertinent fields) SIP/2.0 200 OK Supported: gruu To: <sip:carol@example.com>;tag=totag2 From: <sip:bob@example.com>;tag=fromtag2 Call-ID: 23rasdnfoa39i4jnasdf@bob.example.com Contact: <sip:carol@example.com;gr=urn:uuid:(Carol's UA's bits)> After consulting Carol, Bob places her on hold and refers Alice to her using message F5. Notice that the Refer-To URI is Carol's GRUU, and that this is on a different Call-ID than message F1. (The URI in the Refer-To header is line-broken for readability in this draft, it would not be valid to break the URI this way in a real message) Message F5 (abridged, detailing pertinent fields) REFER sip:aanewmr203raswdf@example.com SIP/2.0 Call-ID: 39fa99r0329493asdsf3n@bob.example.com Refer-To: <sip:carol@example.com;g=urn:uid:(Carol's UA's bits) ?Replaces=23rasdnfoa39i4jnasdf@bob.example.com; to-tag=totag2;from-tag=fromtag2> Target-Dialog: 13jfdwer230jsdw@alice.example.com; local-tag=fromtag1;remote-tag=totag1 Supported: gruu Contact: <sip:bob@example.com;gr=urn:uuid:(Bob's UA's bits)> Alice uses the information in the Target-Dialog header field to determine that this REFER is associated with the dialog she already has in place with Bob. Alice is now in a position to use the same admission policy she used for in-dialog REFERs: "Do I have a call with this person?". She accepts the REFER. sends Bob the obligatory immediate NOTIFY, and proceeds to INVITE Carol with message F6. Sparks Expires August 20, 2007 [Page 23] Internet-Draft Multiple Dialog Usages February 2007 Message F6 (abridged, detailing pertinent fields) sip:carol@example.com;gr=urn:uuid:(Carol's UA's bits) \ / \ / | | v v INVITE SIP/2.0 Call-ID: 4zsd9f234jasdfasn3jsad@alice.example.com Replaces: 23rasdnfoa39i4jnasdf@bob.example.com; to-tag=totag2;from-tag=fromtag2 Supported: gruu Contact: <sip:alice@example.com;gr=urn:uuid:(Alice's UA's bits)> Carol accepts Alice's invitation to replace her dialog (invite usage) with Bob and notifies him that the REFERenced INVITE succeeded with F7: Message F7 (abridged, detailing pertinent fields) NOTIFY sip:boaiidfjjereis@example.com SIP/2.0 Subscription-State: terminated;reason=noresource Call-ID: 39fa99r0329493asdsf3n@bob.example.com Contact: <sip:alice@example.com;gr=urn:uuid:(Alice's UA's bits)> Content-Type: message/sipfrag SIP/2.0 200 OK Bob then ends his invite usages with both Alice and Carol using BYEs. 7. Security Considerations Handling multiple usages within a single dialog is complex and introduces scenarios where the right thing to do is not clear. The ambiguities described here can result in unexpected disruption of communication if response codes are chosen carelessly. Furthermore, these ambiguities could be exploited, particularly by third-parties injecting unauthenticated requests or inappropriate responses. Implementations choosing to create or accept multiple usages within a dialog should give extra attention to the security considerations in [1], especially those concerning authenticity of requests and processing of responses. Service implementations should carefully consider the effects on their service of peers making different choices in these areas of Sparks Expires August 20, 2007 [Page 24] Internet-Draft Multiple Dialog Usages February 2007 ambiguity. A service that requires multiple usages needs to pay particular attention to the effect on service and network utilization when a client fails to destroy a dialog the service believes should be destroyed. A service that disallows multiple usages should consider the effect on clients that, for instance, destroy the entire dialog when only a usage should be torn down. In the worst case of a service deployed into a network with a large number of misbehaving clients trying to create multiple usages in an automated fashion, a retry storm similar to an avalanche restart could be induced. 8. IANA Considerations This document has no actions for IANA. 9. Conclusion Handling multiple usages within a single dialog is complex and introduces scenarios where the right thing to do is not clear. Implementations should avoid entering into multiple usages whenever possible. New applications should be designed to never introduce multiple usages. There are some accepted SIP practices, including transfer, that currently require multiple usages. Recent work, most notably GRUU, makes those practices unnecessary. The standardization of those practices and the implementations should be revised as soon as possible to use only single-usage dialogs. 10. Acknowledgments The ideas in this draft have been refined over several IETF meetings with many participants. Significant contribution was provided by Adam Roach, Alan Johnston, Ben Campbell, Cullen Jennings, Jonathan Rosenberg, Paul Kyzivat, and Rohan Mahy. Members of the reSIProcate project also shared their difficulties and discoveries while implementing multiple-usage dialog handlers. 11. Informative References [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [2] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol Sparks Expires August 20, 2007 [Page 25] Internet-Draft Multiple Dialog Usages February 2007 (SIP): Locating SIP Servers", RFC 3263, June 2002. [3] Roach, A., "Session Initiation Protocol (SIP)-Specific Event Notification", RFC 3265, June 2002. [4] Sparks, R., "The Session Initiation Protocol (SIP) Refer Method", RFC 3515, April 2003. [5] Mahy, R. and D. Petrie, "The Session Initiation Protocol (SIP) "Join" Header", RFC 3911, October 2004. [6] Mahy, R., Biggs, B., and R. Dean, "The Session Initiation Protocol (SIP) "Replaces" Header", RFC 3891, September 2004. [7] Rosenberg, J., "Obtaining and Using Globally Routable User Agent (UA) URIs (GRUU) in the Session Initiation Protocol (SIP)", draft-ietf-sip-gruu-11 (work in progress), October 2006. [8] Levin, O., "Suppression of Session Initiation Protocol (SIP) REFER Method Implicit Subscription", RFC 4488, May 2006. [9] Rosenberg, J., "Request Authorization through Dialog Identification in the Session Initiation Protocol (SIP)", RFC 4538, June 2006. [10] Niemi, A., "Session Initiation Protocol (SIP) Extension for Event State Publication", RFC 3903, October 2004. [11] Dolly, M. and E. Burger, "A Session Initiation Protocol (SIP) Event Package for Key Press Stimulus (KPML)", draft-ietf-sipping-kpml-08 (work in progress), July 2006. Appendix A. Change Log RFC-EDITOR: Please remove this entire Change Log section while formatting this document for publication. A.1. draft-ietf-05->draft-ietf-06 o Noted that 481 to CANCEL is special and affects only the CANCEL transaction, not any associated INVITE usage. o Noted that certain errors to BYE can effectively terminate a usage in the usage creation and destruction overview. Sparks Expires August 20, 2007 [Page 26] Internet-Draft Multiple Dialog Usages February 2007 A.2. draft-ietf-04->draft-ietf-05 o Fixed the flaw with the GRUU message description text that Paul caught. o Integrated Paul's table and further simplified the comment/ exception text. A.3. draft-ietf-03->draft-ietf-04 o Many minor editorial fixes addressing WGLC comments o Aligned with changes to GRUU o Added a short overview o Added a table summarizing the survey of responses and removed the description from those responses that were not exceptional. A.4. draft-ietf-02->draft-ietf-03 o Removed discussion of the retargetting affect of provisional responses - that is a general problem that will now be addressed in SIP. o Added a Security Considerations section (blush) summarizing points from the document and the list discussion. o Added a no-op IANA Considerations section. A.5. draft-ietf-01->draft-ietf-02 o Incorporated editorial-fix contributions from the list o Noted that REFERs using norefersub (RFC4488) don't create a new subscribe usage o Changed the affect of 403 to affect only the transaction, not the usage. This is motivated by text in 3261 (bottom of page 87 - pointed out by Brian Stucker) which states that a UA receiving a non-2xx final response to a re-INVITE must leave the session parameters unchanged as if the re-INVITE had not been issued. There are other recommendations in this document that violate that normative must (404,410, etc) but on review, I believe they are correct (except for 403) and that this text in 3261 needs to be updated to recognize the conditions under which they're sent. o Added text concerning the race condition wherein endpoints failing over rapidly to 3263 destinations may stimulate a merged-request response. o Corrected the 481 inconsistency Paul Kyzivat pointed out (by removing the inconsistent paragraph) A.6. draft-ietf-00->draft-ietf-01 Sparks Expires August 20, 2007 [Page 27] Internet-Draft Multiple Dialog Usages February 2007 o Changed 481 to only affect the usage the response occurred in, closing the last open issue. Added some text justifying this recommendation. o Added 422 Session Interval Too Small o Added 417 Unknown Resource-Priority o Added 428 Use Identity Header o Added 436 Bad Identity-Info o Added 437 Unsupported Certificate o Added 438 Invalid Identity header o Added a section categorizing messages that create and destroy usages o Made sure all descriptions in Section 5 addressed the generic multi-usage case. o Clarified that the mechanics described in matching messages to usages applied equally to UACs and UASs. o More explicitly noted that REFER creates a subscribe-usage A.7. draft-sparks-01->draft-ietf-00 o Draft rename A.8. draft-sparks-00->01 o Changed 480 to affect only the usage the response occurred in. o Closed the open issue on 482. Usages and dialogs are destroyed even though there is an edge condition in which the response is only stimulated by certain methods (due to method specific routing rules). o Closed the open issue on 483. Usages are not terminated since the request might succeed if retried with a greater initial Max- Forwards o Closed the open issue on 502, accepting -00s suggestion that the same reasoning used for 482 applies. o Redid the transfer example to not require a GRUU per usage, but instead leverage the target-dialog concepts common to Join and Replaces. Author's Address Robert J. Sparks Estacado Systems Email: RjS@estacado.net Sparks Expires August 20, 2007 [Page 28] Internet-Draft Multiple Dialog Usages February 2007 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Sparks Expires August 20, 2007 [Page 29]