SIP Working Group B. Biggs Internet Draft R. Dean Document: draft-ietf-sip-replaces-00.txt R. Mahy (editor) Expires: July 2002 January 2002 The SIP Replaces Header Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [RFC2026]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract This document proposes a new header for use with the SIP call control architecture. The Replaces header is used in peer-to-peer call control to logically replace an existing SIP dialog with a new SIP dialog. This primitive can be used to enable a variety of features, for example: "Attended Transfer" and "Retrieve from Call Park". Note that definition of these example features is non- normative. 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]. Throughout this document, an "established dialog" means an active SIP dialog in which the request that created the dialog has received a successful final response (200 OK). An "early dialog" means transaction and dialog state that exists after a request is sent which would create a new dialog, but before a final response is received for the initial request. Biggs, Dean, Mahy Expires: July 2002 1 SIP Replaces Header 3. Overview This document describes a [SIP] extension for distributed call control as part of the SIP call control architecture [framework]. The Replaces header is used in peer-to-peer call control to logically replace an existing SIP dialog with a new SIP dialog. INVITEs are requests which can be accepted, rejected or declined. A User Agent that accepts a request with call-control semantics agrees to take responsibility for setting up the appropriate requested media relationships. In the parlance of the SIP Call Control Model document [cc-models], the "Replaces" header is used to replace one participant with another in a conversation space. This functionality is already available using 3rd party call control [3pcc] style call control. The 3pcc model requires a central point of control which may not be desirable in many environments. As such, a method of performing these same call control primitives in a distributed, peer-to-peer fashion is very desirable. Use of a new INVITE with a new header for dialog matching was chosen over making implicit associations in an incoming INVITE based on call-id or other fields for the following reasons: - An INVITE already has the correct semantics for a new call - Using an explicit Replaces header in a new request makes the intent of the request obvious. - A unique call-id may be given to the replacement call. This avoids call-leg matching problems in any of the clients. - There are no adverse effects if the header is unsupported. The Replaces header enables services such as attended call transfer, retrieve from park, and transition from locally mixed conferences to two party calls in a distributed peer-to-peer way. This list of services is not exhaustive. Although the Replaces header is frequently used in combination with the [REFER] method as used in [cc-transfer], they may be used independently. 4. Syntax 4.1. The Replaces Header The Replaces header indicates that the dialog identified by the header is to be shut down and logically replaced by the incoming INVITE in which it is contained. It is a request header only, and defined here only for INVITE requests. The Replaces header MAY be encrypted as part of end-to-end encryption. This document adds the following entry to Table 3 of [bis]: Biggs, Dean, Mahy Expires: July 2002 2 SIP Replaces Header Header field where proxy ACK BYE CAN INV OPT REG ------------ ----- ----- --- --- --- --- --- --- Replaces R - - - o - - Note that the Replaces header has specific call control semantics. If both a Replaces header and another header with contradictory semantics are present in a request, the request MUST be rejected with a 400 "Bad Request" response. 4.1.1. Formal Syntax The following syntax specification uses the augmented Backus-Naur Form (BNF) as described in RFC-2234 [BNF]. Replaces = "Replaces" ":" 1#replaces-values replaces-values = callid *( ";" replaces-param ) callid = token [ "@" token ] replaces-param = to-tag | from-tag | extension-param to-tag = "to-tag=" UUID from-tag = "from-tag=" UUID extension-param = token [ "=" ( token | quoted-string ) ] A Replaces header MUST contain exactly one to-tag and exactly one from-tag, as they are required for unique dialog matching. Since we rely on the tags for matching purposes, implementations which support Replaces MUST support the SIP [bis] specification, which requires tags. For compatibility with early dialogs and dialogs initiated by RFC2543 compliant UAs, a tag of zero must match both tags of zero and null tags. 4.1.2. Examples Replaces: 98732@sip.billybiggs.com ;from-tag=r33th4x0r ;to-tag=ff87ff Replaces: 12345@149.112.118.3;to-tag=12345;from-tag=54321 Replaces: 87134@171.161.34.23;to-tag=24796;from-tag=0 4.2 New option tag for Require and Supported headers This specification defines a new Require/Supported header option tag "replaces". UAs which support the Replaces header MUST include the "replaces" option in the Supported header. UAs that want explicit failure notification if Replaces is not supported MAY send include the "replaces" option in the Require header. Example: Biggs, Dean, Mahy Expires: July 2002 3 SIP Replaces Header Require: replaces, 100rel 4.3 687 Response Code: "Dialog Terminated" This specification defines a new SIP response code. The 687 "Dialog Terminated" response code indicates that an early dialog has been completely replaced by a new dialog. A new response code was chosen from the 6xx class to prevent intervening proxies from attempting to fork additional branches of the replaced dialog. 5. User Agent Behavior: Receiving a Replaces Header 5.1 Matching Dialogs The Replaces header contains information used to match an existing SIP dialog (call-id, to-tag, and from-tag). Upon receiving an INVITE with the Replaces header, the UA MUST attempt to match this information with an established or early dialog. The to-tag and from-tag are matched as if they were present in an incoming request. In other words the to-tag is compared to the local tag, and the from-tag is compared to the remote tag. If the Replaces header matches more than one dialog, the UA MAY use other headers if present (ex: the Referred-By header) to attempt to match a single dialog. If a single matching dialog is not found, the UA MUST act as if no match is found. If no match is found, the UAS MUST ignore the header and process the INVITE normally. OPEN ISSUE: If no match is found, should the UAS ignore the header and process normally, or return a 481? If the Replaces header matches a dialog which was not created with an INVITE, the UAS MUST reject the request with an appropriate response. If the Replaces header matches a dialog which has already terminated, the UA SHOULD decline the request with a 603 Declined response. This prevents phantom ringing in cases like example 6.4. Once a matching call-leg is found, the UAS MAY authenticate the INVITE request. If the request is successfully authenticated or already preauthorized, the UAS SHOULD proceed with processing. The UAS MAY prompt the user to accept or reject unauthenticated requests. The UAS MAY reject the request with any appropriate response (for example: 603 "Decline", 403 "Forbidden", or 488 "Not Acceptable Here") 5.2. Replaces Semantics Biggs, Dean, Mahy Expires: July 2002 4 SIP Replaces Header If the Replaces header matches an established active dialog, the UA SHOULD attempt to accept the new INVITE, reassign the user interface and other resources of the matched dialog to the new INVITE, and shut down the replaced dialog by sending a BYE. If the UA cannot accept the new INVITE (for example: it cannot establish required QoS or keying, or it has incompatible media), the UA MUST return an appropriate response and leave the matched dialog unchanged. If the Replaces header matches an early dialog that was initiated by the UA, the UA SHOULD attempt to accept the new INVITE. If the UA cannot accept the new INVITE, the UA MUST return an appropriate response and leave the matched dialog unchanged. If the UA successfully accepts the new INVITE, the UA MUST reassign the resources of the early dialog to the new INVITE, and CANCEL the replaced early dialog. If the Replaces header matches an early dialog that was not initiated by the UA, the UA SHOULD attempt to provisionally accept the new INVITE. In other words, the UA should attempt whatever steps are necessary to return a provisional or final response suitable for the state of the resources used by the matched dialog. If this is successful, the UA MUST reassign the resources of the early dialog to the new INVITE, and respond to the replaced early dialog with a 687 "Transaction Terminated" response (defined later in this document). 6. Usage Examples The following non-normative examples are not intended to enumerate all the possibilities for the usage of these extensions, but rather to provide examples or ideas only. For more examples, please see [service-examples]. 6.1. Replacing an Active Dialog In this example, Alice is talking to Bob from phone1. She transfers Bob to a Parking Place while she goes to the lab. When she gets there she retrieves the "parked" call from phone2 by sending an INVITE with Replaces to Bob with the dialog information Bob shared with the Parking Place. How did Alice get this information? Maybe she subscribed to this information from the Parking Place, or went to a website and clicked on a URL. Alice Alice Parking phone1 phone2 Bob Place | | | | |<===============================>| | | | | | | Alice transfers Bob to Parking Place | | | | | |------------REFER/200----------->| *1 *2 | Biggs, Dean, Mahy Expires: July 2002 5 SIP Replaces Header | | |--INVITE/200/ACK-->| |<-----------NOTIFY/200-----------|<=================>| |------------BYE/200------------->| | | | | | | | | | | Alice later retrieves call from another phone | | | | | | *3 |-INV w/Replaces->| | | *4 |<--200-----------| *5 | | |---ACK---------->|----BYE/200------->| | |<===============>| | | | | | Message *1: Bob-> Parking Place INVITE sip:parkingplace@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 1 INVITE Contact: Referred-By: Message *2: Parking Place -> Bob SIP/2.0 200 OK To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 1 INVITE Contact: Message *3: Alice@phone2 -> Bob INVITE sip:bob@bobster.sip.org To: From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Replaces: 425928@bobster.sip.org;to-tag=7743;from-tag=6472 Message *4: Bob -> Alice@phone2 SIP/2.0 200 OK To: ;tag=9343 From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Biggs, Dean, Mahy Expires: July 2002 6 SIP Replaces Header Message *5: Bob -> Parking Place BYE sip:parkingplace@sip.org SIP/2.0 To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 2 BYE Contact: 6.2 Replacing an Early Dialog initiated by someone else In this example, a Customer tries calling a call center and for some reason cannot get through properly. The customer calls an Operator and asks for help. The operator calls the contact center, and upon receiving a provisional response, assumes that everything is OK and transfers the Customer to the Call Center, replacing the operator's place in the queue. Call Operator Customer Center | | | |<--INVITE/180/200/ACK--| | |<=====================>| "Hello, I'm having | | | trouble calling ..." | |"OK, I'll try it and | | | transfer you if it | | | works for me" | | | | | *1 |-----INVITE ----------------------------------->| *2 |<----182: You are caller number 7---------------| | | | | completes transfer | | | | | |---REFER/200---------->| | | |--INVITE with Replaces->| *3 | |<----182: caller #7-----| *4 |<----687 Dialog Terminated----------------------| *5 |-----ACK--------------------------------------->| |<--NOTIFY/200----------| | |---BYE/200------------>| | | | ...time passes.. | | | | | | | | | | | |<---200 OK--------------| |<--NOTIFY/200----------|----ACK---------------->| | | | | | | Message *1: Operator -> Call Center INVITE sip:helpdesk@clueless.org SIP/2.0 To: Biggs, Dean, Mahy Expires: July 2002 7 SIP Replaces Header From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Contact: Accept-Language: en Message *2: Call Center -> Operator SIP/2.0 182 You are 7th in Queue To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Contact: Message *3: Customer -> Call Center INVITE sip:helpdesk@frontline.clueless.org To: From: ;tag=8983 Call-ID: 09870@lobby12.acme.com CSeq: 1 INVITE Contact: Replaces: 425928@dhcp23311.acme.com;to-tag=7743;from-tag=6472 Accept-Language: en Referred-By: Message *4: Call Center -> Customer SIP/2.0 182 You are 7th in Queue To: From: ;tag=8983 Call-ID: 09870@lobby12.acme.com CSeq: 1 INVITE Contact: Message *5: Call Center -> Operator SIP/2.0 687 Dialog Terminated To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Contact: 6.3. Replacing an Early Dialog you initiated In this example, Bob just arrived in the lab and hasn't registered there yet. He hears his desk phone ring. He quickly logs into a software UA on a nearby computer. Among other things, the software Biggs, Dean, Mahy Expires: July 2002 8 SIP Replaces Header UA subscribes to the call-state of his desk phone. When it notices that his phone is ringing it offers him the choice to take the call there. The software UA sends an INVITE with Replaces to Alice. When Alice's UA receives this new INVITE, it CANCELs her original INVITE and connects Alice to Bob. Bob Bob Alice desk lab | | | *1 |-----INVITE----------->| | *2 |<----180---------------| Bob hears desk phone | | | ringing from lab but | | | isn't REGISTERed yet | | | | | |<--SUB callpackage/200--| | |---NOTIFY/200---------->| *3/4 |<-----INVITE with Replaces/200/ACK--------------| *5/6 |------CANCEL/200------>| | *7 |<-----487--------------| | |------ACK------------->| | | | | | | | Message *1: Alice -> Bob's desk phone INVITE sip:bob@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: Message *2: Bob's desk phone -> Alice SIP/2.0 180 Ringing To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: Message *3: Bob in lab -> Alice INVITE sip:alice@phone.sip.org To: From: ;tag=8983 Call-ID: 09870@labpc.sip.org CSeq: 1 INVITE Contact: Replaces: 425928@phone.sip.org;to-tag=7743;from-tag=6472 Message *4: Alice -> Bob in lab Biggs, Dean, Mahy Expires: July 2002 9 SIP Replaces Header SIP/2.0 200 OK To: ;tag=9232 From: ;tag=8983 Call-ID: 09870@labpc.sip.org CSeq: 1 INVITE Contact: Message *5: Alice -> Bob's desk CANCEL sip:bob@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 CANCEL Contact: Message *6: Bob's desk -> Alice SIP/2.0 200 OK To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 CANCEL Contact: Message *7: Bob's desk -> Alice SIP/2.0 487 Request Terminated To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: 6.4. Handling Replaces for a Terminated Dialog In this example, Alice, Bob, and Cathy participate in a 3-way call mixed locally by Bob's UA. Bob's UA is programmed to revert to a simple 2-party call when any party hangs up (including Bob). Ordinarily this would be a very polite feature--Cathy and Alice could continue to talk after Bob hangsup. If all three hang up at about the same time, but Bob hangs up first (this will happen about one-third of the time), an INVITE with Replaces header can arrive at Cathy's UA shortly after she has hung up. Because Cathy's UA needs to keep transaction state around for a while anyway (typically 32 seconds), the dialog information in the Replaces header should match a terminated dialog. Cathy declines the INVITE, and cleanup proceeds normally. Alice Bob Cathy | | | Alice, Bob, and Cathy are participants in | Biggs, Dean, Mahy Expires: July 2002 10 SIP Replaces Header | a 3-way call mixed by Bob | | | |<=====================>#<======================>| | | | | All three hang up at | | | about the same time | | | | | | Bob's UA tries to | | | setup a 2-way call | | | btwn Alice and Cathy | | | | | |<---REFER--------------| | |----INVITE with Replaces--->XX (lost or late) | | | | | |<-----BYE/200-----------| the dialog is | | | already dead |----INVITE with Replaces----------------------->| so |<---603 Declined--------------------------------| Cathy Declines |----ACK---------------------------------------->| |----NOTIFY/200-------->| | | | | |<-----BYE/200--------->| | | (either side sends) | | | | | | | | 6.5. An Error Case The following example illustrates one reason an INVITE with Replaces may fail. In this example, both Bob and Cathy have a common audio codec with Alice, but Bob and Cathy do not share a common codec. When Cathy receives an INVITE from Bob with the Replaces header, Cathy determines she cannot communicate, sends a 488 response to Bob, and maintains her session with Alice. Alice Bob Cathy | | | |--INVITE/200/ACK------>| | | | | |<=audio w/GSM codec===>| | | | | |----INVITE/200/ACK-------------------------------->| | | | |<===audio with G.729 codec========================>| | | | | | | |--REFER/200----------->| | | |--INVITE w/Replaces------->| | | | | | no codec in common! | | | | | |<-488 Not Acceptable Here--| Biggs, Dean, Mahy Expires: July 2002 11 SIP Replaces Header |<--NOTIFY/200----------|--ACK--------------------->| | | | |<=====================>| | |<=================================================>| | | | 6.6. Backwards compatibility with RFC2543 User Agents In this example, both Alice and Bob use tags, but Alice wishes to replace a dialog at Bob that was initiated by a User Agent that does not support tags. RFC2543 User Agent Alice Bob (no tags) | | | | |<---------INVITE-----------| *1 | |----------200--------------| *2 | |<---------ACK--------------| | | | | |<=========================>| | | | | | | *3 |--INVITE w/Replaces--->| | *4 |<----200 OK------------|----------BYE------------->| *5 |-----ACK-------------->|<---------200--------------| | | | |<=====================>| | | | | Message *1: Oldtimer (RFC 2543 User Agent)-> Bob INVITE sip:bob@sip.org SIP/2.0 To: From: Call-ID: 425928@test-ua.sip.org CSeq: 1 INVITE Contact: Message *2: Bob -> Oldtimer SIP/2.0 200 OK To: ;tag=3245 From: Call-ID: 425928@test-ua.sip.org CSeq: 1 INVITE Contact: Message *3: Alice -> Bob INVITE sip:bob@bobster.sip.org To: Biggs, Dean, Mahy Expires: July 2002 12 SIP Replaces Header From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Replaces: 425928@test-ua.sip.org;to-tag=3245;from-tag=0 Message *4: Bob -> Alice SIP/2.0 200 OK To: ;tag=9343 From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Message *5: Bob -> Oldtimer BYE sip:oldtimer@test-ua.sip.org SIP/2.0 To: From: ;tag=3245 Call-ID: 425928@test-ua.sip.org CSeq: 2 BYE Contact: 7. Security Considerations This extension can be used to disconnect or replace participants of a multimedia conversation with an attacker. As such, invitations with the Replaces header SHOULD only be accepted in a dialog in which the peer has been properly authenticated using a standard SIP mechanism, and for which message integrity is checked so that the header cannot be added or modified in transit. The extensions proposed in this document do not significantly change the relative security of SIP devices. Currently in SIP, an eavesdropper who learns the Call-ID, To, and From headers can easily modify or destroy a dialog using a reINVITE. In practice, dialog information (Call-ID, to-tag, and from-tag) for most uses of Replaces is obtained via subscription to a "call-package" event package or via transitivity using the REFER method. Encryption of SIP signaling to insure confidentiality of this information is RECOMMENDED. This extension was designed to take advantage of future signature parameters or authorization tokens defined by the SIP Working Group. In general, call control features would benefit considerably from such work. 8. IANA Considerations 8.1 Registration of "Replaces" SIP header Biggs, Dean, Mahy Expires: July 2002 13 SIP Replaces Header Name of Header: Replaces Short form: none Registrant: Rohan Mahy rohan@cisco.com Normative description: section 4.1 of this document 8.2 Registration of "replaces" SIP Option-tag Name of option: replaces Description: Support for the SIP Replaces header SIP headers defined: Replaces Normative description: This document Registrant: Rohan Mahy rohan@cisco.com 8.3 Registration of "687" SIP Response code Number of response code: 687 Default reason phrase: Dialog Terminated Registrant: Rohan Mahy rohan@cisco.com Normative description: section 4.3 of this document 9. To Do and Open Issues Open Issues: - MAJOR OPEN ISSUE: When no matching dialog is found should we ignore the Replaces header and accept the INVITE, or reject the INVITE? - Are the proposals for early dialog and terminated dialog matching acceptable? - Is the proposed tag matching scheme for pre-bis UAs acceptable? To Do: - Update references Biggs, Dean, Mahy Expires: July 2002 14 10. References [SIP] M. Handley, E. Schooler, and H. Schulzrinne, "SIP: Session Initiation Protocol", RFC2543, Internet Engineering Task Force, Nov 1998. [bis] Rosenberg, Schulzrinne, Camarillo, Johnston, Peterson, Sparks, Handley, and Schooler, "SIP: Session Initiation Protocol", Internet- Draft , IETF, Oct 2001. [cc-framework] B. Campbell, "SIP Call Control - Framework ", Internet Draft , IETF, Mar 2001. Work in progress. [cc-models] R. Mahy, "A Call Control Model for SIP", Internet Draft , IETF; July 2001. Work in progress. [REFER] R. Sparks, "The REFER Method", Internet Draft , IETF; Oct 2001. Work in progress. [cc-transfer] R. Sparks, "SIP Call Control - Transfer", Internet Draft , IETF; July 2001. Work in progress. [3pcc] J. Rosenberg, J. Peterson, H. Schulzrinne, "Third Party Call Control in SIP", Internet Draft , IETF; Nov. 2000. Work in progress [service-examples] A. Johnston, et al., "SIP Service Examples", Internet Draft , IETF; Nov 2001. Work in progress. [RFC2026] S Bradner, "The Internet Standards Process -- Revision 3", RFC2026 (BCP), IETF, October 1996. [RFC2119] S. Bradner, "Key words for use in RFCs to indicate requirement levels," Request for Comments (Best Current Practice) 2119, Internet Engineering Task Force, Mar. 1997. [BNF] D Crocker, P Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC2234, IETF, Nov 1997. 11. Acknowledgments Thanks to Robert Sparks, Alan Johnston, and Ben Campbell and many other members of the SIP WG for their continued support of the cause of distributed call control in SIP. 12. Author's Addresses Biggs, Dean, Mahy Expires: July 2002 15 SIP Replaces Header Billy Biggs bbiggs@dumbterm.net Rick Dean rfc@fdd.com Rohan Mahy Cisco Systems 170 West Tasman Dr, MS: SJC-21/3/3 Phone: +1 408 526 8570 Email: rohan@cisco.com Full Copyright Statement "Copyright (C) The Internet Society 2002. All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Biggs, Dean, Mahy Expires: July 2002 16