Internet Engineering Task Force SIP WG Internet Draft G. Camarillo Ericsson P. Kyzivat Cisco draft-camarillo-sip-rfc3312-update-00.txt August 28, 2003 Expires: February, 2004 Interactions of Preconditions with Session Mobility in the Session Initiation Protocol (SIP) STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt To view the list Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. Abstract This document describes how to use SIP preconditions in situations that involve session mobility. This document updates RFC3312, which defines the framework for SIP preconditions. G. Camarillo et. al. [Page 1] Internet Draft SIP August 28, 2003 Table of Contents 1 Introduction ........................................ 3 2 Terminology ......................................... 3 3 Issues Related to Session Mobility .................. 3 4 Update to RFC 3312 .................................. 4 5 Security Considerations ............................. 6 6 Authors' Addresses .................................. 6 7 Normative References ................................ 6 8 Informative References .............................. 7 G. Camarillo et. al. [Page 2] Internet Draft SIP August 28, 2003 1 Introduction RFC 3312 [1] defines the framework for SIP [2] preconditions and focuses on media sessions that do not move around. That is, media is sent between the same end-points throughout the duration of the session. However, media sessions established by SIP are not always static. SIP offers mechanisms to provide session mobility, namely re-INVITEs and UPDATEs [5]. While existing implementations of RFC 3312 [1] can probably handle session mobility, there is a need to explicitly point out the issues involved and make a slight update to some of the procedures defined there. With the updated procedures defined in this document, messages carrying precondition information become more explicit about the current status of the preconditions. 2 Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in RFC 2119 [3]. 3 Issues Related to Session Mobility Section 5 of RFC 3312 [1] describes how to use SIP [2] preconditions with the offer/answer model [4]. RFC 3312 gives a set of rules that allow a user agent to communicate changes in the current status of the preconditions to the remote user agent. The idea is that a given user agent knows about the current status of some part of the preconditions (e.g., send direction of the QoS precondition) through local information (e.g., an RSVP RESV is received indicating that resource reservation was successful). The UAC informs the UAS about changes in the current status by sending an offer to the UAS. The UAS, in turn, could (if needed) send an offer to the UAC informing it about the status of the part of the preconditions the UAS has local information about. Note, however, that UASs do not usually send updates about the current status to the UAC because UASs are the ones resuming session establishment when all the preconditions are met. Therefore, rather than performing an offer/answer exchange to inform the UAC that all the preconditions are met, they simply send a 180 (Ringing) response indicating that session establishment has been resumed. While RFC 3312 [1] allows to update current status information using offers as described above, it does not allow to downgrade current G. Camarillo et. al. [Page 3] Internet Draft SIP August 28, 2003 status values in answers, as shown in the third row of Table 3 of RFC 3312. However, such downgrades are sometimes needed. Figure 1 shows an example where performing such a downgrade in an answer would be needed. 3pcc A controller B C | | | | |<-dialog 1->|<-dialog 2->| | | | | | | *********************** | | |* MEDIA *| | | *********************** | | | | | | | | | | |<-dialog 1->|<------dialog 3----->| | | | | | ******************************** | |* MEDIA *| | ******************************** | | | | | | | | | Figure 1: Session Mobility using 3pcc The 3pcc [6] controller in Figure 1 has established a session between A and B using dialog 1 towards A and dialog 2 towards B. At that point, the controller wants A to have a session with C instead of B. To transfer A to C (configuration shown at the bottom of Figure 1), the controller sends an empty (no offer) re-INVITE to A. Since A does not know that the session will be moved, its offer in the 200 OK states that the current status of the media stream in the send direction is "Yes". The controller, after contacting C establishing dialog 3, sends back an answer to A. This answer contains a new destination for the media (C) and should have downgraded the current status of the media stream to "No", since there is no reservation of resources between A and C. 4 Update to RFC 3312 Below there are a set of new rules that update RFC 3312 [1] to address the issues above. G. Camarillo et. al. [Page 4] Internet Draft SIP August 28, 2003 The rule below applies to offerers that are moving a media stream to a new address: When a stream is being moved to a new transport address, the offerer MUST set all the current status values it does not have local information about to "No". Note that for streams using segmented status (as opposed to end-to- end status), the fact that the address for the media stream at the local segment changes may or may not affect the status of the preconditions at the remote segment. However, moving an existing stream to a new location, from the preconditions point of view, is like establishing a new stream. Therefore, it is appropriate to set all the current status values to "No" and start a new precondition negotiation from scratch. The updated table and the rules below applies to an answerer that is moving a media stream. That is, the offerer was not aware of the move when it generated the offer. Table 3 of RFC 3312 [1] needs to be updated to allow answers to downgrade current status values. Table 1 below shows the result. Transac. status table Local status table New values transac./local ____________________________________________________________________ no no no/no yes yes yes/yes yes no depends on local info no yes depends on local info Table 1: Possible values for the "Current" fields An answerer MUST downgrade the current status values that received in the offer if it has local information about them or if the media stream is being moved to a new transport address. Note that for streams using segmented status the address change at the answerer may or may not affect the status of the preconditions at the offerer's segment. However, as stated above, moving an existing stream to a new location, from the preconditions point of view, is like establishing a new stream. Therefore, it is appropriate to set all the current status values to "No" and start a new precondition negotiation from scratch. The new table below applies to an offerer that receives an answer that updates or downgrades its local status tables. G. Camarillo et. al. [Page 5] Internet Draft SIP August 28, 2003 Offerers should update their local status tables when they receive an answer as shown in Table 2. Transac. status table Local status table New value Local Status _________________________________________________________________ no no no yes yes yes yes no yes no yes no Table 2: Possible values for the "Current" fields after an answer 5 Security Considerations An attacker adding preconditions to a session description or modifying existing preconditions could keep sessions from being established. An attacker removing preconditions from a session description could force sessions to be established without meeting mandatory preconditions. It is thus STRONGLY RECOMMENDED that integrity protection be applied to the SDP session descriptions. S/MIME is the natural choice to provide such end-to-end integrity protection, as described in RFC 3261 [2]. 6 Authors' Addresses Gonzalo Camarillo Ericsson Advanced Signalling Research Lab. FIN-02420 Jorvas Finland electronic mail: Gonzalo.Camarillo@ericsson.com Paul Kyzivat Cisco Systems 1414 Massachusetts Avenue, BXB500 C2-2 Boxborough, MA 01719 USA electronic mail: pkyzivat@cisco.com 7 Normative References [1] "Integration of resource management and session initiation protocol (SIP)," RFC 3312, Internet Engineering Task Force, Oct. 2002. G. Camarillo et. al. [Page 6] Internet Draft SIP August 28, 2003 [2] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. R. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler, "SIP: session initiation protocol," RFC 3261, Internet Engineering Task Force, June 2002. [3] S. Bradner, "Key words for use in RFCs to indicate requirement levels," RFC 2119, Internet Engineering Task Force, Mar. 1997. [4] J. Rosenberg and H. Schulzrinne, "An offer/answer model with session description protocol (SDP)," RFC 3264, Internet Engineering Task Force, June 2002. 8 Informative References [5] J. Rosenberg, "The session initiation protocol (SIP) UPDATE method," RFC 3311, Internet Engineering Task Force, Oct. 2002. [6] J. Rosenberg, J. L. Peterson, H. Schulzrinne, and G. Camarillo, "Best current practices for third party call control in the session initiation protocol," internet draft, Internet Engineering Task Force, July 2003. Work in progress. The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. Full Copyright Statement Copyright (c) The Internet Society (2003). All Rights Reserved. G. Camarillo et. al. [Page 7] Internet Draft SIP August 28, 2003 This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. G. Camarillo et. al. [Page 8]