SIPPING Working Group G. Camarillo Internet-Draft Ericsson Expires: January 5, 2005 A. Johnston MCI July 7, 2004 Conference Establishment Using Request-Contained Lists in the Session Initiation Protocol (SIP) draft-ietf-sipping-uri-list-conferencing-00.txt Status of this Memo By submitting this Internet-Draft, I certify that any applicable patent or other IPR claims of which I am aware have been disclosed, and any of which I become aware will be disclosed, in accordance with RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 5, 2005. Copyright Notice Copyright (C) The Internet Society (2004). All Rights Reserved. Abstract This document describes how to create a conference using SIP URI-list services. In particular, we describe a mechanism that allows a client to provide a conference server with the initial list of participants using an INVITE-contained URI-list. Camarillo & Johnston Expires January 5, 2005 [Page 1] Internet-Draft INVITE-Contained Lists July 2004 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Providing a Conference Server with a URI-List . . . . . . . . 3 4. URI List Format . . . . . . . . . . . . . . . . . . . . . . . 3 5. Conference Server Behavior . . . . . . . . . . . . . . . . . . 4 6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 8. Acknowledges . . . . . . . . . . . . . . . . . . . . . . . . . 6 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 6 9.2 Informational References . . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 7 Intellectual Property and Copyright Statements . . . . . . . . 8 Camarillo & Johnston Expires January 5, 2005 [Page 2] Internet-Draft INVITE-Contained Lists July 2004 1. Introduction Section 4.5 of [3] describes how to create a conference using ad-hoc SIP [2] methods. The client sends an INVITE request to a conference factory URI, and receives the actual conference URI, which contains the "IsFocus" feature tag, in the Contact header field of a response (typically a 200 OK). Once the client obtains the conference URI, it can add participants to the newly created conference in several ways, which are described in [3]. Some environments have tough requirements regarding conference establishment time. So, they require the client to be able to request the creation of an ad-hoc conference and to provide the server with the initial set of participants in a single operation. This document describes how to meet this requirement using the mechanism to transport URI lists in SIP messages described in [4]. 2. Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 [1] and indicate requirement levels for compliant implementations. 3. Providing a Conference Server with a URI-List A client that wants to include the set of initial participants in its initial INVITE to create an ad-hoc conference, adds a body whose disposition type is uri-list, as defined in [4], with a URI list that contains the participants that the client wants the server to INVITE. The client sends this INVITE to the conference factory URI. 4. URI List Format As described in [4], the default format for URI lists in SIP is the XCAP resource list format [5]. Still, specific services need to describe which information clients should include in their URI lists, as described in [4]. Conferencing UAs SHOULD use flat lists (i.e., no hierarchical lists), SHOULD NOT use any entry's attributes but "uri", and SHOULD NOT include any elements inside entries but "display-name" elements. A conference factory application receiving a URI list with more information than what we have just described SHOULD discard all the Camarillo & Johnston Expires January 5, 2005 [Page 3] Internet-Draft INVITE-Contained Lists July 2004 extra information. 5. Conference Server Behavior On reception of an INVITE with a uri-list body as described in Section 3, a conference server MUST follow the rules described in [3] to create ad-hoc conferences. Once the ad-hoc conference is created, the conference server SHOULD attempt to add the participants in the URI list to the conference as if their addition had been requested using any of the methods described in [3] (e.g., using CPCP [7]). Once the conference server has created the ad-hoc conference and has attempted to add the initial set of participants, the conference server behaves as a regular conference server and MUST follow the rules in [3]. Note that the status code in the response to the INVITE does not provide any information about whether or not the conference server was able to bring the users in the URI-list into the conference. That is, a 200 (OK) means that the conference was created successfully, that the client that generated the INVITE is in the conference, and that the server understood the URI list. If the client wishes to obtain information about the status of other users in the conference it SHOULD use general conference mechanisms, such as the conference package [8]. 6. Example The following is an example of an INVITE request, which carries a URI list in a uri-list body, sent by a UA to a conference factory application. INVITE sip:conf-fact@example.com SIP/2.0 Via: SIP/2.0/TCP client.chicago.example.com ;branch=z9hG4bKhjhs8ass83 Max-Forwards: 70 To: Conf Factory From: Carol ;tag=32331 Call-ID: d432fa84b4c76e66710 CSeq: 1 INVITE Contact: Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Allow-Events: dialog Accept: application/sdp, message/sipfrag, Conten-Type: multipart/mixed;boundary="boundary1" Content-Length: 635 Camarillo & Johnston Expires January 5, 2005 [Page 4] Internet-Draft INVITE-Contained Lists July 2004 --boundary1 Content-Type: application/sdp v=0 o=carol 2890844526 2890842807 IN IP4 chicago.example.com s=Example Subject c=IN IP4 192.0.2.1 t=0 0 m=audio 20000 RTP/AVP 0 a=rtpmap:0 PCMU/8000 m=video 20002 RTP/AVP 31 a=rtpmap:31 H261/90000 --boundary1 Content-Type: application/resource-lists+xml Content-Disposition: uri-list --boundary1-- Figure 1: INVITE request 7. Security Considerations This document discusses setup of SIP conferences using a request-contained URI-list. Both conferencing and URI-lists services have specific security requirements which will be summarized here. Conferences generally have authorization rules about who may or may not join a conference, what type of media may or may not be used, etc. This information is used by the focus to admit or deny participation in a conference. It is RECOMMENDED that these types of authorization rules be used to provide security for a SIP conference. For this authorization information to be used, the focus needs to be able to authenticate potential participants. Normal SIP mechanisms including Digest authentication and certificates can be used. These conference specific security requirements are discussed further in the requirements and framework documents. For conference creation using a list, there are some additional Camarillo & Johnston Expires January 5, 2005 [Page 5] Internet-Draft INVITE-Contained Lists July 2004 security considerations. The Security Considerations Section of the Requirements and Framework for SIP URI-List Services [6] discusses issues related to SIP URI-list services. Given that a conference server sending INVITEs to a set of users acts as an URI-list service, implementations of conference servers that handle lists MUST follow the security-related rules in [6]. These rules include mandatory authentication and authorization of clients, and opt-in lists. 8. Acknowledges Cullen Jennings provided useful comments on this document. 9. References 9.1 Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [3] Johnston, A. and O. Levin, "Session Initiation Protocol Call Control - Conferencing for User Agents", draft-ietf-sipping-cc-conferencing-03 (work in progress), February 2004. [4] Camarillo, G., "Providing a Session Initiation Protocol (SIP) Application Server with a List of URIs", draft-camarillo-sipping-uri-list-01 (work in progress), February 2004. [5] Rosenberg, J., "An Extensible Markup Language (XML) Configuration Access Protocol (XCAP) Usage for Presence Lists", draft-ietf-simple-xcap-list-usage-02 (work in progress), February 2004. [6] Camarillo, G., "Requirements for Session Initiation Protocol (SIP) Exploder Invocation", draft-camarillo-sipping-exploders-02 (work in progress), February 2004. 9.2 Informational References [7] Koskelainen, P. and H. Khartabil, "An Extensible Markup Language (XML) Configuration Access Protocol (XCAP) Usage for Conference Policy Manipulation", draft-koskelainen-xcon-xcap-cpcp-usage-02 (work in progress), February 2004. Camarillo & Johnston Expires January 5, 2005 [Page 6] Internet-Draft INVITE-Contained Lists July 2004 [8] Rosenberg, J. and H. Schulzrinne, "A Session Initiation Protocol (SIP) Event Package for Conference State", draft-ietf-sipping-conference-package-03 (work in progress), February 2004. Authors' Addresses Gonzalo Camarillo Ericsson Hirsalantie 11 Jorvas 02420 Finland EMail: Gonzalo.Camarillo@ericsson.com Alan Johnston MCI 100 South 4th Street St. Louis, MO 63102 USA EMail: alan.johnston@mci.com Camarillo & Johnston Expires January 5, 2005 [Page 7] Internet-Draft INVITE-Contained Lists July 2004 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the IETF's procedures with respect to rights in IETF Documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Camarillo & Johnston Expires January 5, 2005 [Page 8]