SIP WG R. Mahy Internet-Draft Cisco Systems, Inc. Expires: October 28, 2002 B. Biggs R. Dean April 29, 2002 The SIP Replaces Header draft-ietf-sip-replaces-01.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on October 28, 2002. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved. Abstract This document proposes a new header for use with the SIP call control architecture. The Replaces header is used in peer-to-peer call control to logically replace an existing SIP dialog with a new SIP dialog. This primitive can be used to enable a variety of features, for example: "Attended Transfer" and "Retrieve from Call Park". Note that definition of these example features is non-normative. Mahy, et al. Expires October 28, 2002 [Page 1] Internet-Draft Replaces April 2002 Table of Contents 1. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.1 The Replaces Header . . . . . . . . . . . . . . . . . . . . . 4 3.2 Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 4 3.3 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.4 New option tag for Require and Supported headers . . . . . . . 5 3.5 687 Response Code: "Dialog Terminated" . . . . . . . . . . . . 5 4. User Agent Behavior: Receiving a Replaces Header . . . . . . . 5 4.1 Matching Dialogs . . . . . . . . . . . . . . . . . . . . . . . 5 4.2 Matching with Explicit Local Tags . . . . . . . . . . . . . . 6 4.3 Matching with the * to-tag . . . . . . . . . . . . . . . . . . 6 4.4 Replaces Semantics . . . . . . . . . . . . . . . . . . . . . . 7 4.5 Proxy behavior . . . . . . . . . . . . . . . . . . . . . . . . 7 4.6 Consequences of a forking proxy not supporting this extension 8 5. Usage Examples . . . . . . . . . . . . . . . . . . . . . . . . 9 5.1 Replacing an Active Dialog . . . . . . . . . . . . . . . . . . 9 5.2 Replacing an Early Dialog initiated by someone else . . . . . 10 5.3 Replacing an Early Dialog you initiated . . . . . . . . . . . 12 5.4 Handling Replaces for a Terminated Dialog . . . . . . . . . . 14 5.5 An Error Case . . . . . . . . . . . . . . . . . . . . . . . . 15 5.6 Backwards compatibility with RFC2543 User Agents . . . . . . . 16 5.7 Replacing with to-tag set to '*' . . . . . . . . . . . . . . . 18 5.8 A non-compliant forking proxy . . . . . . . . . . . . . . . . 19 6. Security Considerations . . . . . . . . . . . . . . . . . . . 21 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 7.1 Registration of "Replaces" SIP header . . . . . . . . . . . . 21 7.2 Registration of "replaces" SIP Option-tag . . . . . . . . . . 22 7.3 Registration of "687" SIP Response code . . . . . . . . . . . 22 8. To Do and Open Issues . . . . . . . . . . . . . . . . . . . . 22 8.1 Open Issues: . . . . . . . . . . . . . . . . . . . . . . . . . 22 8.2 To Do: . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 8.3 Changes Since -00 . . . . . . . . . . . . . . . . . . . . . . 22 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 23 Normative References . . . . . . . . . . . . . . . . . . . . . 23 Informational References . . . . . . . . . . . . . . . . . . . 23 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 24 Full Copyright Statement . . . . . . . . . . . . . . . . . . . 25 Mahy, et al. Expires October 28, 2002 [Page 2] Internet-Draft Replaces April 2002 1. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [3]. Throughout this document, an "established dialog" means an active SIP dialog in which the request that created the dialog has received a successful (2xx-class) final response (ex: 200 OK). An "early dialog" means transaction and dialog state that exists after a request is sent which would create a new dialog, but before a final response is received for the initial request. 2. Overview This document describes a SIP [1] extension for distributed call control as part of the SIP multiparty applications architecture framework [6]. The Replaces header is used in peer-to-peer call control to logically replace an existing SIP dialog with a new SIP dialog. INVITEs are requests which can be accepted, rejected or declined. A User Agent that accepts a request with call-control semantics agrees to take responsibility for setting up the appropriate requested media relationships. In the parlance of the SIP multiparty architecture, the "Replaces" header is used to replace one participant with another in a conversation space. This functionality is already available using 3rd party call control [8] style call control. The 3pcc model requires a central point of control which may not be desirable in many environments. As such, a method of performing these same call control primitives in a distributed, peer-to-peer fashion is very desirable. Use of a new INVITE with a new header for dialog matching was chosen over making implicit associations in an incoming INVITE based on call-id or other fields for the following reasons: o An INVITE already has the correct semantics for a new call o Using an explicit Replaces header in a new request makes the intent of the request obvious. o A unique call-id may be given to the replacement call. This avoids call-leg matching problems in any of the clients. o There are no adverse effects if the header is unsupported. Mahy, et al. Expires October 28, 2002 [Page 3] Internet-Draft Replaces April 2002 The Replaces header enables services such as attended call transfer, retrieve from park, and transition from locally mixed conferences to two party calls in a distributed peer-to-peer way. This list of services is not exhaustive. Although the Replaces header is frequently used in combination with the REFER [2] method as used in cc-transfer [7], they may be used independently. 3. Syntax 3.1 The Replaces Header The Replaces header indicates that the dialog identified by the header is to be shut down and logically replaced by the incoming INVITE in which it is contained. It is a request header only, and defined here only for INVITE requests. The Replaces header MAY be encrypted as part of end-to-end encryption. This document adds the following entry to Table 3 of [1]: Header field where proxy ACK BYE CAN INV OPT REG ------------ ----- ----- --- --- --- --- --- --- Replaces R - - - o - - SUB NOT REF INF UPD PRA --- --- --- --- --- --- Replaces R - - - - - - Note that the Replaces header has specific call control semantics. If both a Replaces header and another header with contradictory semantics are present in a request, the request MUST be rejected with a 400 "Bad Request" response. 3.2 Formal Syntax The following syntax specification uses the augmented Backus-Naur Form (BNF) as described in RFC-2234 [4]. Replaces = "Replaces" HCOLON replaces-values *(COMMA replaces-values) replaces-values = callid *( SEMI replaces-param ) callid = token [ "@" token ] replaces-param = to-tag | from-tag | extension-param to-tag = "to-tag" EQUAL ( UUID | "*" ) from-tag = "from-tag" EQUAL UUID extension-param = token [ EQUAL ( token | quoted-string ) ] Mahy, et al. Expires October 28, 2002 [Page 4] Internet-Draft Replaces April 2002 A Replaces header MUST contain exactly one to-tag and exactly one from-tag, as they are required for unique dialog matching. Since we rely on the tags for matching purposes, implementations which support Replaces MUST support the SIP specification, which requires tags. For compatibility with early dialogs and dialogs initiated by RFC2543 [5] compliant UAs, a tag of zero must match both tags of zero and null tags. 3.3 Examples Replaces: 98732@sip.billybiggs.com ;from-tag=r33th4x0r ;to-tag=ff87ff Replaces: 12345@149.112.118.3;to-tag=12345;from-tag=54321 Replaces: 87134@171.161.34.23;to-tag=24796;from-tag=0 Replaces: 12345@149.112.118.3;to-tag=*;from-tag=24583 3.4 New option tag for Require and Supported headers This specification defines a new Require/Supported header option tag "replaces". UAs which support the Replaces header MUST include the "replaces" option in the Supported header. UAs that want explicit failure notification if Replaces is not supported MAY include the "replaces" option in the Require header. Example: Require: replaces, 100rel 3.5 687 Response Code: "Dialog Terminated" This specification defines a new SIP response code. The 687 "Dialog Terminated" response code indicates that an early dialog has been completely replaced by a new dialog. A new response code was chosen from the 6xx class to prevent intervening proxies from attempting to fork additional branches of the replaced dialog. 4. User Agent Behavior: Receiving a Replaces Header 4.1 Matching Dialogs The Replaces header contains information used to match an existing SIP dialog (call-id, to-tag, and from-tag). Upon receiving an INVITE Mahy, et al. Expires October 28, 2002 [Page 5] Internet-Draft Replaces April 2002 with the Replaces header, the UA MUST attempt to match this information with an established or early dialog. The to-tag and from-tag are matched as if they were present in an incoming request. In other words the to-tag is compared to the local tag, and the from- tag is compared to the remote tag. The to-tag of "*" is a special token which matches all local tags. When this special "*" token is present, the matching semantics are slightly different. 4.2 Matching with Explicit Local Tags If the Replaces header matches more than one dialog, the UA MAY use other headers if present (ex: the Referred-By header) to attempt to match a single dialog. If a single matching dialog is not found, the UA MUST act as if no match is found. If no match is found, the UAS rejects the INVITE and returns a 481 Call/Transaction Does Not Exist response. If the Replaces header matches a dialog which was not created with an INVITE, the UAS MUST reject the request with an appropriate response. If the Replaces header matches a dialog which has already terminated, the UA SHOULD decline the request with a 603 Declined response. This prevents phantom ringing in cases like example 6.4. Once a matching call-leg is found, the UAS MAY authenticate the INVITE request. If the request is successfully authenticated or already preauthorized, the UAS SHOULD proceed with processing. The UAS MAY prompt the user to accept or reject unauthenticated requests. The UAS MAY reject the request with any appropriate response (for example: 603 "Decline", 403 "Forbidden", or 488 "Not Acceptable Here") 4.3 Matching with the * to-tag If the Replaces header matches more than one dialog, the UA MAY use other headers if present (ex: the Referred-By header) to attempt to match a single dialog. If a single matching dialog is not found, the UA MUST act as if no match is found. If the Replaces header matches a dialog which was not created with an INVITE, the UAS MUST reject the request with an appropriate response. If the Replaces header matches a dialog which has already been terminated with a CANCEL or BYE, the UAS MUST reject the INVITE and return a 481 Call/Transaction Does Not Exist response. If no match is found, the UAS MUST ignore the Replaces header and Mahy, et al. Expires October 28, 2002 [Page 6] Internet-Draft Replaces April 2002 continue processing the INVITE as if it was not present. Once a matching call-leg is found, the UAS MAY authenticate the INVITE request. If the request is successfully authenticated or already preauthorized, the UAS SHOULD proceed with processing. The UAS MAY prompt the user to accept or reject unauthenticated requests. The UAS MAY reject the request with any appropriate response (for example: 603 "Decline", 403 "Forbidden", or 488 "Not Acceptable Here") 4.4 Replaces Semantics If the Replaces header matches an established active dialog, the UA SHOULD attempt to accept the new INVITE, reassign the user interface and other resources of the matched dialog to the new INVITE, and shut down the replaced dialog by sending a BYE. If the UA cannot accept the new INVITE (for example: it cannot establish required QoS or keying, or it has incompatible media), the UA MUST return an appropriate response and leave the matched dialog unchanged. If the Replaces header matches an early dialog that was initiated by the UA, the UA SHOULD attempt to accept the new INVITE. If the UA cannot accept the new INVITE, the UA MUST return an appropriate response and leave the matched dialog unchanged. If the UA successfully accepts the new INVITE, the UA MUST reassign the resources of the early dialog to the new INVITE, and CANCEL the replaced early dialog. If the Replaces header matches an early dialog that was not initiated by the UA, the UA SHOULD attempt to provisionally accept the new INVITE. In other words, the UA should attempt whatever steps are necessary to return a provisional or final response suitable for the state of the resources used by the matched dialog. If this is successful, the UA MUST reassign the resources of the early dialog to the new INVITE, and respond to the replaced early dialog with a 687 "Transaction Terminated" response (defined earlier in this document). 4.5 Proxy behavior A proxy which does not fork merely needs to pass the Replaces header transparently as described in SIP. A forking proxy which supports this specification that would normally fork a request for the Request-URI in the request MUST examine that INVITE request for a Replaces header. Mahy, et al. Expires October 28, 2002 [Page 7] Internet-Draft Replaces April 2002 The proxy MUST attempt to match the Call-ID, to-tag, and from-tag with a transaction that that proxy (or cluster of proxies) previously forked. If the Replaces header includes a "*" in the to-tag, then the request will match all branches that match the Call-ID, and from- tag. If the proxy cannot locate a matching transaction, it continues processing the request as if the Replaces header did not exist. If the proxy locates a matching transaction, if SHOULD treat the new request exactly as if it were the matching request. In other words, all the branching logic and state (including timers such as call forward timers) of the matched request should be copied and used for the new request. The proxy will skip contacts which have already failed and forward the new INVITE request to all the Contacts for which the replaced request has active matching branches. The proxy MUST NOT forward the original INVITE on to new branches. Furthermore, if the proxy forwards the new request to more than one active branch, it MUST wait until it receives a non-"100 Trying" response from all active branches of the new request, before sending CANCEL requests to any of the replaced branches. This prevents a race condition which is described in Section 7.8. If necessary, the proxy MUST continue to forward the new INVITE request to new branches as if it were the replaced INVITE. OPEN ISSE: This is a lot of work. Do we really want to do this or just punt on early attended transfer? 4.6 Consequences of a forking proxy not supporting this extension Forking proxies which do not support this extension may inadvertently forward an INVITE request with a Replaces header to a different set of Contacts than the original request it was intended to replace. This may occur as a result of many policy-based Contact selection algorithms, including time-of-day, load-sharing, presence-based, or caller-based policies. A parallel forking proxy may cause a race condition whereby only one branch of many caused by the initial INVITE is replaced. This race condition is illustrated in the example in Section 7.8. Call forwarding timers may be reset for active branches. For example, take a forking proxy which implements a call forwarding service after 12 seconds of inactivity. The original INVITE may have been tried already for 10 seconds. The replacement INVITE is likely to begin this timer again at 12 seconds. Mahy, et al. Expires October 28, 2002 [Page 8] Internet-Draft Replaces April 2002 5. Usage Examples The following non-normative examples are not intended to enumerate all the possibilities for the usage of these extensions, but rather to provide examples or ideas only. For more examples, please see service-examples [9]. 5.1 Replacing an Active Dialog In this example, Alice is talking to Bob from phone1. She transfers Bob to a Parking Place while she goes to the lab. When she gets there she retrieves the "parked" call from phone2 by sending an INVITE with Replaces to Bob with the dialog information Bob shared with the Parking Place. How did Alice get this information? Maybe she subscribed to this information from the Parking Place, or went to a website and clicked on a URL. Alice Alice Parking phone1 phone2 Bob Place | | | | |<===============================>| | | | | | | Alice transfers Bob to Parking Place | | | | | |------------REFER/200----------->| *1 *2 | | | |--INVITE/200/ACK-->| |<-----------NOTIFY/200-----------|<=================>| |------------BYE/200------------->| | | | | | | | | | | Alice later retrieves call from another phone | | | | | | *3 |-INV w/Replaces->| | | *4 |<--200-----------| *5 | | |---ACK---------->|----BYE/200------->| | |<===============>| | | | | | Message *1: Bob-> Parking Place INVITE sip:parkingplace@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 1 INVITE Contact: Referred-By: Mahy, et al. Expires October 28, 2002 [Page 9] Internet-Draft Replaces April 2002 Message *2: Parking Place -> Bob SIP/2.0 200 OK To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 1 INVITE Contact: Message *3: Alice@phone2 -> Bob INVITE sip:bob@bobster.sip.org To: From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Require: replaces Replaces: 425928@bobster.sip.org;to-tag=7743;from-tag=6472 Message *4: Bob -> Alice@phone2 SIP/2.0 200 OK To: ;tag=9343 From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Message *5: Bob -> Parking Place BYE sip:parkingplace@sip.org SIP/2.0 To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@bobster.sip.org CSeq: 2 BYE Contact: 5.2 Replacing an Early Dialog initiated by someone else In this example, a Customer tries calling a call center and for some reason cannot get through properly. The customer calls an Operator and asks for help. The operator calls the contact center, and upon receiving a provisional response, assumes that everything is OK and transfers the Customer to the Call Center, replacing the operator's place in the queue. Mahy, et al. Expires October 28, 2002 [Page 10] Internet-Draft Replaces April 2002 Call Operator Customer Center | | | |<--INVITE/180/200/ACK--| | |<=====================>| "Hello, I'm having | | | trouble calling ..." | |"OK, I'll try it and | | | transfer you if it | | | works for me" | | | | | *1 |-----INVITE ----------------------------------->| *2 |<----182: You are caller number 7---------------| | | | | completes transfer | | | | | |---REFER/200---------->| | | |--INVITE with Replaces->| *3 | |<----182: caller #7-----| *4 |<----687 Dialog Terminated----------------------| *5 |-----ACK--------------------------------------->| |<--NOTIFY/200----------| | |---BYE/200------------>| | | | ...time passes.. | | | | | | | | | | | |<---200 OK--------------| |<--NOTIFY/200----------|----ACK---------------->| | | | | | | Message *1: Operator -> Call Center INVITE sip:helpdesk@clueless.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Contact: Accept-Language: en Message *2: Call Center -> Operator SIP/2.0 182 You are 7th in Queue To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Mahy, et al. Expires October 28, 2002 [Page 11] Internet-Draft Replaces April 2002 Contact: Message *3: Customer -> Call Center INVITE sip:helpdesk@frontline.clueless.org To: From: ;tag=8983 Call-ID: 09870@lobby12.acme.com CSeq: 1 INVITE Contact: Replaces: 425928@dhcp23311.acme.com;to-tag=7743;from-tag=6472 Accept-Language: en Referred-By: Message *4: Call Center -> Customer SIP/2.0 182 You are 7th in Queue To: From: ;tag=8983 Call-ID: 09870@lobby12.acme.com CSeq: 1 INVITE Contact: Message *5: Call Center -> Operator SIP/2.0 687 Dialog Terminated To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@dhcp23311.acme.com CSeq: 1 INVITE Contact: 5.3 Replacing an Early Dialog you initiated In this example, Bob just arrived in the lab and hasn't registered there yet. He hears his desk phone ring. He quickly logs into a software UA on a nearby computer. Among other things, the software UA subscribes to the call-state of his desk phone. When it notices that his phone is ringing it offers him the choice to take the call there. The software UA sends an INVITE with Replaces to Alice. When Alice's UA receives this new INVITE, it CANCELs her original INVITE and connects Alice to Bob. Bob Bob Alice desk lab | | | *1 |-----INVITE----------->| | Mahy, et al. Expires October 28, 2002 [Page 12] Internet-Draft Replaces April 2002 *2 |<----180---------------| Bob hears desk phone | | | ringing from lab but | | | isn't REGISTERed yet | | | | | |<--SUB callpackage/200--| | |---NOTIFY/200---------->| *3/4 |<-----INVITE with Replaces/200/ACK--------------| *5/6 |------CANCEL/200------>| | *7 |<-----487--------------| | |------ACK------------->| | | | | | | | Message *1: Alice -> Bob's desk phone INVITE sip:bob@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: Message *2: Bob's desk phone -> Alice SIP/2.0 180 Ringing To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: Message *3: Bob in lab -> Alice INVITE sip:alice@phone.sip.org To: From: ;tag=8983 Call-ID: 09870@labpc.sip.org CSeq: 1 INVITE Contact: Replaces: 425928@phone.sip.org;to-tag=7743;from-tag=6472 Message *4: Alice -> Bob in lab SIP/2.0 200 OK To: ;tag=9232 From: ;tag=8983 Call-ID: 09870@labpc.sip.org CSeq: 1 INVITE Mahy, et al. Expires October 28, 2002 [Page 13] Internet-Draft Replaces April 2002 Contact: Message *5: Alice -> Bob's desk CANCEL sip:bob@sip.org SIP/2.0 To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 CANCEL Contact: Message *6: Bob's desk -> Alice SIP/2.0 200 OK To: From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 CANCEL Contact: Message *7: Bob's desk -> Alice SIP/2.0 487 Request Terminated To: ;tag=6472 From: ;tag=7743 Call-ID: 425928@phone.sip.org CSeq: 1 INVITE Contact: 5.4 Handling Replaces for a Terminated Dialog In this example, Alice, Bob, and Cathy participate in a 3-way call mixed locally by Bob's UA. Bob's UA is programmed to revert to a simple 2-party call when any party hangs up (including Bob). Ordinarily this would be a very polite feature--Cathy and Alice could continue to talk after Bob hangsup. If all three hang up at about the same time, but Bob hangs up first (this will happen about one- third of the time), an INVITE with Replaces header can arrive at Cathy's UA shortly after she has hung up. Because Cathy's UA needs to keep transaction state around for a while anyway (typically 32 seconds), the dialog information in the Replaces header should match a terminated dialog. Cathy declines the INVITE, and cleanup proceeds normally. Mahy, et al. Expires October 28, 2002 [Page 14] Internet-Draft Replaces April 2002 Alice Bob Cathy | | | Alice, Bob, and Cathy are participants in | | a 3-way call mixed by Bob | | | |<=====================>#<======================>| | | | | All three hang up at | | | about the same time | | | | | | Bob's UA tries to | | | setup a 2-way call | | | btwn Alice and Cathy | | | | | |<---REFER--------------| | |----INVITE with Replaces--->XX (lost or late) | | | | | |<-----BYE/200-----------| the dialog is | | | already dead |----INVITE with Replaces----------------------->| so |<---603 Declined--------------------------------| Cathy Declines |----ACK---------------------------------------->| |----NOTIFY/200-------->| | | | | |<-----BYE/200--------->| | | (either side sends) | | | | | | | | 5.5 An Error Case The following example illustrates one reason an INVITE with Replaces may fail. In this example, both Bob and Cathy have a common audio codec with Alice, but Bob and Cathy do not share a common codec. When Cathy receives an INVITE from Bob with the Replaces header, Cathy determines she cannot communicate, sends a 488 response to Bob, and maintains her session with Alice. Mahy, et al. Expires October 28, 2002 [Page 15] Internet-Draft Replaces April 2002 Alice Bob Cathy | | | |--INVITE/200/ACK------>| | | | | |<=audio w/GSM codec===>| | | | | |----INVITE/200/ACK-------------------------------->| | | | |<===audio with G.729 codec========================>| | | | | | | |--REFER/200----------->| | | |--INVITE w/Replaces------->| | | | | | no codec in common! | | | | | |<-488 Not Acceptable Here--| |<--NOTIFY/200----------|--ACK--------------------->| | | | |<=====================>| | |<=================================================>| | | | 5.6 Backwards compatibility with RFC2543 User Agents In this example, both Alice and Bob use tags, but Alice wishes to replace a dialog at Bob that was initiated by a User Agent that does not support tags. RFC2543 User Agent Alice Bob (no tags) | | | | |<---------INVITE-----------| *1 | |----------200--------------| *2 | |<---------ACK--------------| | | | | |<=========================>| | | | | | | *3 |--INVITE w/Replaces--->| | *4 |<----200 OK------------|----------BYE------------->| *5 |-----ACK-------------->|<---------200--------------| | | | |<=====================>| | | | | Mahy, et al. Expires October 28, 2002 [Page 16] Internet-Draft Replaces April 2002 Message *1: Oldtimer (RFC 2543 User Agent)-> Bob INVITE sip:bob@sip.org SIP/2.0 To: From: Call-ID: 425928@test-ua.sip.org CSeq: 1 INVITE Contact: Message *2: Bob -> Oldtimer SIP/2.0 200 OK To: ;tag=3245 From: Call-ID: 425928@test-ua.sip.org CSeq: 1 INVITE Contact: Message *3: Alice -> Bob INVITE sip:bob@bobster.sip.org To: From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Replaces: 425928@test-ua.sip.org;to-tag=3245;from-tag=0 Message *4: Bob -> Alice SIP/2.0 200 OK To: ;tag=9343 From: ;tag=8983 Call-ID: 09870@phone2.sip.org CSeq: 1 INVITE Contact: Message *5: Bob -> Oldtimer BYE sip:oldtimer@test-ua.sip.org SIP/2.0 To: From: ;tag=3245 Call-ID: 425928@test-ua.sip.org CSeq: 2 BYE Contact: Mahy, et al. Expires October 28, 2002 [Page 17] Internet-Draft Replaces April 2002 5.7 Replacing with to-tag set to '*' In this example, Alice and Bob have a stable call. Bob call Cathy, who is available at a multiplicity of Contacts. Cathy's proxy first forwards INVITEs to her desk and lab for 6 seconds, and then tries here home and car for 6 seconds, finally arriving at her voicemail server if none of these contacts answer. Bob intends to talk with Cathy, and then transfer Alice to Cathy, but for whatever reason, becomes impatient and transfers Alice's call before an established dialog is created. Bob's intent is for Alice to reach Cathy at any of her contacts as opposed to at a single contact, so he asks her to send an INVITE replacing his entire call with the wildcard to-tag parameter. Cathy's proxy replaces Bob's entire chain of proxy forwarding logic and call forwarding timers with the new INVITE from Alice. Cathy's Contacts desk lab home car VM Alice Bob Proxy C1 C2 C3 C4 C5 | | | | | | | | | stable call | | | | | | | |<============>| | | | | | | | |--INVITE-(1)-->| | | | | | | | |-INVITE-(1a)->| | | | | | | |-INVITE-(1b)------>| | | | | | |<---18x-(1a)--| | | | | | |<----18x-(1a)--|<---18x-(1b)-------| | | | | |<----18x-(1b)--| | | | | | | | | proxy waits | | | | | | | | 6 seconds | | | | | | | | | | | | | | | |-CANCEL/200-->| | | | | | | |-CANCEL/200------->| | | | | | |<-487/ACK (1a)| | | | | | | |<-487/ACK (1b)-----| | | | | | |-INVITE-(1c)----------->| | | | | |-INVITE-(1d)---------------->| | | | |<---18x-(1c)------------| | | | |<----18x-(1c)--|<---18x-(1d)-----------------| | | |<----18x-(1d)--| | | | | | | | | proxy sets | | | | | | | Bob gets | timer for | | | | | | | impatient | 6 more secs | | | | | |<-REFER/202---| | | | | | | |--INVITE w/Replace to-tag=* ->| | | | | | | | |-INVITE w/Replaces(2c)->| | | | | |-INVITE w/Replaces(2d)------>| | | | |<---18x-(2c)------------| | | Mahy, et al. Expires October 28, 2002 [Page 18] Internet-Draft Replaces April 2002 |<---18x (2c)------------------|<-687/ACK (1c)----------| | | | | |<---18x-(2d)-----------------| | |<---18x (2d)------------------|<-687/ACK (1d)---------------| | | |<----687 (1)---| | | | | | | |-----ACK (1)-->| | | | | | |<---BYE/200---| | call forward | | | | | | | | timer expires| | | | | | | | | | | | | | | |-CANCEL/200------------>| | | | | |-CANCEL/200----------------->| | | | |<-487/ACK (2c)----------| | | | | |<-487/ACK (2d)----------| | | | | |-INVITE-(2e)--------------------->| | | |<---200-(2e)----------------------| |<---200 (2e)------------------| | | | | | |----ACK--------------------------------------------------------->| |--NOTIFY/200->| | | | | | | 5.8 A non-compliant forking proxy The following example illustrates two of the consequences of a forking proxy not supporting the Replaces extension. An annoying but less serious consequence is that the proxy is likely to start call forwarding timers from scratch (see the "#" sign in the call flow), resulting in longer delays than in the example in Section 5.7. A more serious consequence is that if an INVITE with a Replaces header is lost, as in INVITE 2d, a race condition can arise whereby a parallel branch (2c) of the same INVITE with Replaces (2) request will trigger a 687 to be sent to terminate the replaced branch (1c). Since the proxy does not understand the linkage between the matching INVITE and the replacement INVITE, the proxy will CANCEL remaining branches (1d) for INVITE 1. When the proxy later retransmits INVITE 2d, the request will fail, because the matching dialog was previously cancelled. Note however that despite these two problems (the race condition being unlikely, and the timing problem being merely annoying), the proxy will still work well enough that Alice's INVITE will continue to follow the proxy's chain of contact logic past the set of contacts originally visited by Bob. This is the intent of an INVITE request with a Replaces header with the wildcard to-tag parameter. The most serious consequence of a forking proxy not supporting Replaces is that it may decide to fork the replacement INVITE request to a completely orthogonal set of Contacts. In this case, neither a specific-dialog replacement, nor a wildcard replacement will work. Mahy, et al. Expires October 28, 2002 [Page 19] Internet-Draft Replaces April 2002 Cathy's Contacts desk lab home car VM Alice Bob Proxy C1 C2 C3 C4 C5 | | | | | | | | | stable call | | | | | | | |<============>| | | | | | | | |--INVITE-(1)-->| | | | | | | | |-INVITE-(1a)->| | | | | | | |-INVITE-(1b)------>| | | | | | |<---18x-(1a)--| | | | | | |<----18x-(1a)--|<---18x-(1b)-------| | | | | |<----18x-(1b)--| | | | | | | | | proxy waits | | | | | | | | 6 seconds | | | | | | | | | | | | | | | |-CANCEL/200-->| | | | | | | |-CANCEL/200------->| | | | | | |<-487/ACK (1a)| | | | | | | |<-487/ACK (1b)-----| | | | | | |-INVITE-(1c)----------->| | | | | |-INVITE-(1d)---------------->| | | | |<---18x-(1c)------------| | | | |<----18x-(1c)--|<---18x-(1d)---------------->| | | |<----18x-(1d)--| | | | | | | | | | | | | | | | Bob gets | | | | | | | | impatient | | | | | | |<-REFER/202---| | | | | | | |--INVITE w/Replace to-tag=* ->| | | | | | | | |-INVITE (2a)->| | | | | | | | Replaces * | | | | | | | |-INVITE (2b)->| | | | | | | | Replaces * | | | | | | | |<---481-(2a)--| | | | | | | |<---420-(2b)--| | | | | | | # proxy sets | | | | | | | | timer for |-INVITE w/Replaces(2c)->| | | | | 6 more secs|-INVITE w/Replaces(2d)-LOST..|* | | | |<---18x-(2c)------------| | | |<---18x (2c)------------------|<-687/ACK (1c)----------| |* | | |<----687 (1)---|-CANCEL/200-(1d)------------>|* | | |-----ACK (1)-->|<-487/ACK (1d)---------------| | |<---BYE/200---| | | | | | | | | |-INVITE (2d) retransmitted-->|* | | | |<-481/ACK (2d)---------------|* | | | | | | | | | | | | call forward | | | | | | | | timer expires| | | | | Mahy, et al. Expires October 28, 2002 [Page 20] Internet-Draft Replaces April 2002 | | | | | | | | | | |-CANCEL/200------------>| | | | | |<-487/ACK (2c)----------| | | | | |-INVITE-(2e)--------------------->| | | |<---200-(2e)----------------------| |<---200 (2e)------------------| | | | | | |----ACK--------------------------------------------------------->| |--NOTIFY/200->| | | | | | | 6. Security Considerations This extension can be used to disconnect or replace participants of a multimedia conversation with an attacker. As such, invitations with the Replaces header SHOULD only be accepted in a dialog in which the peer has been properly authenticated using a standard SIP mechanism, and for which message integrity is checked so that the header cannot be added or modified in transit. The extensions proposed in this document do not significantly change the relative security of SIP devices. Currently in SIP, an eavesdropper who learns the Call-ID, To, and From headers can easily modify or destroy a dialog using a reINVITE. In practice, dialog information (Call-ID, to-tag, and from-tag) for most uses of Replaces is obtained via subscription to a "call-package" event package or via transitivity using the REFER method. Encryption of SIP signaling to insure confidentiality of this information is RECOMMENDED. This extension was designed to take advantage of future signature or authorization schemes defined by the SIP Working Group. In general, call control features would benefit considerably from such work. 7. IANA Considerations 7.1 Registration of "Replaces" SIP header Name of Header: Replaces Short form: none Registrant: Rohan Mahy rohan@cisco.com Normative description: section 4.1 of this document Mahy, et al. Expires October 28, 2002 [Page 21] Internet-Draft Replaces April 2002 7.2 Registration of "replaces" SIP Option-tag Name of option: replaces Description: Support for the SIP Replaces header SIP headers defined: Replaces Normative description: This document Registrant: Rohan Mahy rohan@cisco.com 7.3 Registration of "687" SIP Response code Number of response code: 687 Default reason phrase: Dialog Terminated Registrant: Rohan Mahy rohan@cisco.com Normative description: section 4.3 of this document 8. To Do and Open Issues 8.1 Open Issues: - Are the proposals for early dialog and terminated dialog matching acceptable? - Is the proposed tag matching scheme for pre-bis UAs acceptable? 8.2 To Do: - Update references 8.3 Changes Since -00 o When no dialog matches the Call-ID and tags in a Replaces header, the UAS now returns a 481 instead of silently accepting the INVITE. o Changed the BNF to match the explicit whitespace BNF now used by SIP. o Added the to-tag=* matching mechanism. Mahy, et al. Expires October 28, 2002 [Page 22] Internet-Draft Replaces April 2002 o Added requirements for forking proxies and a discussion of the consequences if forking proxies do not support Replaces. o Added last two examples. o Split normative and non-normative references 9. Acknowledgments Thanks to Robert Sparks, Alan Johnston, and Ben Campbell and many other members of the SIP WG for their continued support of the cause of distributed call control in SIP. Normative References [1] Rosenberg, J. and H. Schulzrinne, "SIP: Session Initiation Protocol", draft-ietf-sip-rfc2543bis-09 (work in progress), February 2002. [2] Sparks, R., "The Refer Method", draft-ietf-sip-refer-02 (work in progress), October 2001. [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [4] Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, November 1997. Informational References [5] Handley, M., Schulzrinne, H., Schooler, E. and J. Rosenberg, "SIP: Session Initiation Protocol", RFC 2543, March 1999. [6] Mahy, R., "A Multi-party Application Framework for SIP", draft- ietf-sipping-cc-framework-00 (work in progress), March 2002. [7] Sparks, R., "SIP Call Control - Transfer", draft-ietf-sip-cc- transfer-05.txt (work in progress), July 2001. [8] Rosenberg, J., Schulzrinne, H., Camarillo, G. and J. Peterson, "Third Party Call Control in SIP", draft-rosenberg-sip-3pcc-03 (work in progress), November 2001. [9] Johnston, A., "SIP Service Examples", draft-ietf-sipping- service-examples-01 (work in progress), April 2002. Mahy, et al. Expires October 28, 2002 [Page 23] Internet-Draft Replaces April 2002 Authors' Addresses Rohan Mahy Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: rohan@cisco.com Billy Biggs EMail: bbiggs@dumbterm.net Rick Dean EMail: rfc@fdd.com Mahy, et al. Expires October 28, 2002 [Page 24] Internet-Draft Replaces April 2002 Full Copyright Statement Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Mahy, et al. Expires October 28, 2002 [Page 25]