wdiff draft-rosenberg-sip-route-construct-01.txt draft-rosenberg-sip-route-construct-02.txt

SIP J. Rosenberg
Internet-Draft Cisco Systems
Expires: September 7, 2006 March 6, April 20, 2007 October 17, 2006

Construction of the Route Header Field in the Session Initiation
Protocol (SIP)
draft-rosenberg-sip-route-construct-01
draft-rosenberg-sip-route-construct-02

Status of this Memo

By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

This Internet-Draft will expire on September 7, 2006. April 20, 2007.

Abstract

The Route header field in the Session Initiation Protocol (SIP) is
used to cause a request to visit a set of hops on its way towards the
final destination. Several specifications have defined rules for how
a user agent obtains and then uses a set of Route header fields in
the transmission of a request. These include the SIP specification
itself, the Service-Route header field specification, the SIP server
option in the Dynamic Host Configuration Protocol (DHCP), and others.
Unfortunately, these specifications are not consistent and the
resulting behavior at clients and servers is not clear or complete.
This document resolves this problem by defining a consistent set of
logic.
logic, and in the process, serves as an update to the Service-Route
specification.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Existing Sources . . . . . . . . . . . . . . . . . . . . . . . 3
2.1
2.1. Default Outbound Proxies . . . . . . . . . . . . . . . . . 3
2.2
2.2. Service Route . . . . . . . . . . . . . . . . . . . . . . 4
2.3
2.3. Record-Routes . . . . . . . . . . . . . . . . . . . . . . 4
2.4 305 Use Proxy
2.4. Loose Routes . . . . . . . . . . . . . . . . . . . . . . . 4
3. Problems with Current Specifications . . . . . . . . . . . . . 5
4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7
5. Overview of Operation . . . . . . . . . . . . . . . . . . . . 7
5.
6. Detailed Processing Rules . . . . . . . . . . . . . . . . . 9
5.1 . 7
6.1. Registrar Behavior . . . . . . . . . . . . . . . . . . . . 9
5.2 8
6.2. Proxy Behavior . . . . . . . . . . . . . . . . . . . . . . 10
5.3
6.3. UAC Behavior . . . . . . . . . . . . . . . . . . . . . . . 11
5.4 Client Behavior 10
6.3.1. REGISTER Processing . . . . . . . . . . . . . . . . . 10
6.3.2. Request Origination . . . . 13
5.5 Server Behavior . . . . . . . . . . . . . 11
7. Grammar . . . . . . . . . . . 14
6. Grammar . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . 14
7. Security . . . . . . . . . 12
9. IANA Considerations . . . . . . . . . . . . . . . . . . 15
8. IANA Considerations . . . 13
9.1. SIP Option Tag . . . . . . . . . . . . . . . . . . . . 15
9. . . 13
9.2. Header Field Parameter . . . . . . . . . . . . . . . . . . 13
10. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 15
10. . 13
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15
11. . 14
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 15
11.1 . 14
12.1. Normative References . . . . . . . . . . . . . . . . . . 15
11.2 . 14
12.2. Informative References . . . . . . . . . . . . . . . . . 16 . 14
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 16
Intellectual Property and Copyright Statements . . . . . . . . . . 17

1. Introduction

The Route header field in the Session Initiation Protocol (SIP)
protocol is used to cause a request to visit a set of hops on its way
towards the final destination. RFC 3261 [2] discusses how a client
constructs the Route header field for requests. However, this logic
is restricted to mid-dialog requests, where the route set was learned
as a result of record-routing.

However, additional sources of routes can exist for a UA. These
include default outbound proxies, a service route learned from the
Service-Route header field [3], and a redirection coming from a 305
response. utilizing loose
routing [7]. In total, there are four sources of potential route
headers. The way in which these various sources are reconciled is
unclear. Furthermore, the various specifications are unclear about
which requests these Route headers are applicable to. Do they apply
to REGISTER? Do they apply to mid-dialog requests? Finally, the
existing specifications are incomplete and inconsistent. RFC
3608 is underspecified, which can result in interoperability
problems.

Section 2 reviews the existing sources of route sources. Section 3
discusses problems with the existing specifications. Section 4 5
overviews the proposed changes in behavior. Section 5 6 provides a
detailed description of element behavior, and Section 6 7 defines the
grammar for the new headers parameters specified here.

2. Existing Sources

This section examines the current set of route header field sources.

2.1

2.1. Default Outbound Proxies

RFC 3261 discusses default outbound proxies. In Section 8.1.1.1, it
makes reference to its interaction with Route header fields:

In some special circumstances, the presence of a pre-existing
route set can affect the Request-URI of the message. A pre-
existing route set is an ordered set of URIs that identify a chain
of servers, to which a UAC will send outgoing requests that are
outside of a dialog. Commonly, they are configured on the UA by a
user or service provider manually, or through some other non-SIP
mechanism. When a provider wishes to configure a UA with an
outbound proxy, it is RECOMMENDED that this be done by providing
it with a pre-existing route set with a single URI, that of the
outbound proxy.

When a pre-existing route set is present, the procedures for
populating the Request-URI and Route header field detailed in
Section 12.2.1.1 MUST be followed (even though there is no
dialog), using the desired Request-URI as the remote target URI.

The default outbound proxy can be learned either through DHCP [6], [8],
through configuration (such as the SIP configuration framework [8]), [9]),
or through other means. In the IP Multimedia Subsystem (IMS), the
default outbound proxy is the P-CSCF and is learned through GPRS
specific techniques.

RFC 3261 does not explicitly say the set of messages to which this
route set applies. However, the text above implies that it is for
all requests outside of a dialog.

2.2

2.2. Service Route

RFC 3608 specifies the Service-Route header field. This header field
is provided to the UA in a 2xx response to a REGISTER request. The
client uses this to populate its Route header fields for outgoing
requests. However, RFC 3608 explicitly says that the decision a UA
makes about how it combines the service route with other outbound
routes is a matter of local policy. Furthermore, RFC 3608 does not
clearly define to which requests the service route applies, and in
particular, whether or not it applies to a REGISTER request or a mid-
dialog request.

Furthermore, RFC 3608 specifies that a service-route is associated
with an Address-of-Record (AOR), and is shared by all contacts
associated with the same AOR. It also specifies that the Service-
Route URI can only be ones known to the registrar apriori, as opposed
to learned through the registration itself.

2.3

2.3. Record-Routes

RFC 3261 provides a detailed description of the record-routing
mechanism, and how the user agents in a dialog construct route sets
from the Record-Route header field values. RFC 3261 is also clear
that the resulting route set applies to mid-dialog requests. It
implies (though does not explicitly say) that the resulting route set
overrides any default outbound proxies (which represent a pre-loaded
route set).

2.4 305 Use Proxy

RFC 3261

2.4. Loose Routes

Loose routing, introduced in [7], defines the 305 "Use Proxy" response code, but says
extremely little about exactly how it is used. It has this to say:

The requested resource MUST be accessed through the proxy given by
the Contact field. The Contact field gives the URI of the proxy.
The recipient is expected mechanisms for using Route
header fields to repeat this single request via the
proxy. 305 (Use Proxy) responses MUST only be generated by UASs.

It is unclear how the Contact address and invoke services in the a user agent. It
also specifies a redirection mechanism whereby a server can redirect is used. Does it
populate the request URI of the resulting request? Or, does
a client, and ask it get
used to populate either modify the topmost Route header field? The restriction to UASs is
also not explained.

Historically, the reason for the restriction to UAs was to avoid
routing loops. Consider an outbound proxy that generates a 305,
instead field
of proxying its request, or add a new Route header field to the topmost
request. The concern was specification indicates that the client
would then recurse on the response, populate the Contact into a new
request URI, and send the request it is applicable to its default outbound proxy,
which redirects once more. To avoid this, both
mid-dialog and out-of-dialog requests. Since the RFC says that only a
UAS client can redirect with a 305, not be a proxy.

However,
user agent, this design decision on 305 handling was made prior to the
conception of loose routing, although both ended up in RFC 3261. The
design forms another potential source of the 305 mechanism, unfortunately, was not revisited after
loose routing was specified. As such, the draft is not clear about
whether or not the contact gets utilized as a Route header
field
value or whether it replaces the Request URI. The assumption,
unstated, is that it populates the Request-URI, since redirection
works that way in general. for user agents.

3. Problems with Current Specifications

Numerous problems have arisen as a consequence of the combination of
these specifications. These problems fit into two categories. The
first are interoperability problems, and the second are missing
capabilities.

An interoperability problem that has arisen is keeping an outbound
proxy on the path for outbound requests. Consider a proxy in a hotel
which a client discovers via DHCP and uses as its outbound proxy.
This proxy wishes to be used for incoming and outgoing requests, both
in and out of a dialog. If the home proxy provides a service route,
the hotel proxy will not be able to determine what it needs to do in
order to stay on the path. If the client implementation is such that
it appends the service route to its default outbound proxy, then the
hotel proxy need not do anything to stay on the path. If, however,
the client abandons its default proxy in favor of the service route,
the hotel proxy would fall off the path of subsequent requests unless
it inserted a Service-Route into the response of a REGISTER request.
Interestingly, the latter is illegal behavior according to RFC 3608,
but is the only mechanism available for ensuring that a proxy stay on
the request path. Since RFC 3608 does not provide any normative
behavior for combining service routes and outbound proxies, the hotel
proxy cannot know what to do, thus causing the interoperability
problem.

This points to the first major functional gap with the existing
specifications. RFC 3608. There
is no standards-based way for keeping an outbound proxy on the path
for outbound requests, when it is not the default outbound proxy.
Consider a proxy in a hotel, PH-1 which a client discovers via DHCP
and uses as its outbound proxy. When the client sends a REGISTER to
this proxy, it forwards it to a second proxy in the hotel, PH-2,
which then forwards it to the home proxy of the user, PA. PH-2 needs
to be on the outbound path for all requests leaving the hotel. PA
includes itself in a Service-Route header field in the response. The
client receives this Service-Route. For an initial INVITE request,
the client constructs a route set which includes its outbound proxy
PH-1 followed by the URI from the Service-Route, PA. This request
will traverse PH-1, which now follows the next Route header, sending
it to PA. This is not the desired behavior. The problem is that the
Service-Route URI has provided a route that overrides the default
outbound route behavior at PH-1.

Similarly, there is no way in the current specifications RFC 3608 to change the outbound proxy,
outside of an update in the client configuration. Such changes are
extremely useful for many operational reasons. One example is
movement of subscribers between geographically distributed sites in
cases where a site must be gracefully taken out of service, and the
subscribers using it need to be moved gracefully, over a period of an
hour or two, from one site to the other. Since, at best, the impact
of Service-Route on the outbound proxy is ambiguous, there is
generally no way to affect it excepting configuration change. Using
configuration updates as the only way to alter the outbound proxy is
problematic. In practice, systems providing automated updates to
client configuration (when they exist, as they often do not) are
decoupled from the operational systems that manage subscriber
capacity and software upgrades of sites, making the change hard to
affect through configuration. Furthermore, configuration updates are
typically passed to clients once they are made. Here, however, the
objective is to gracefully move subscribers. Using the randomized
nature of REGISTER timings helps provide that; such a function is
difficult to accomplish through configuration updates. Finally, many
deployments use mechanisms other than [8] [9] for updating client
configurations. As a consequence, there is no common way across
deployments to provide this very basic operational feature.

Finally,

Another problem that has come up with RFC 3608 is that it will not
work well with mid-dialog failover techniques identified for SIP
Outbound [10]. These techniques require that the outbound proxy
construct a URI for the Service-Route that is important used by the UA for new
requests outside of a dialog.

Finally, RFC 3608 is defined such that the service route is identical
for all contacts registered to note a specific AOR. This makes it
applicable only for selecting a set of configured, well-known servers
to use, and only ones within the domain of the owner of that AOR.
This is a fairly narrow scope of applicability, and introduces a
configuration burden on the registrar.

Architecturally, there is an architectural inconsistency between record-routing and
service route. With record-
route, record-route, each proxy on the path of the
request inserts a Record-Route header field, and this dictates the
path of subsequent messages within a dialog both to and from the UA.
With REGISTER, each proxy on the path of the request inserts a Path
[4] header field to receive requests directed towards the client.
However, the Service-Route is not the inverse of the Path, and is
instead created through proprietary means by the registrar.

4. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1].

5. Overview of Operation

Firstly, new behavior for generation and processing of the 305 Use
Proxy is specified. Any element in

This specification updates the network, proxy or UAS, can
generate a 305, not just a UAS as specified behaviors in RFC3261. The 305 is
directed towards a specific upstream element, whether it is RFC 3608. In particular,
a proxy
or UAC, through the inclusion registrar, upon receipt of a REGISTER, uses the Redirect-Target Path header field
values to construct the Service-Route in the response. This In addition,
the registrar retains an instance of the Path (and resulting Service
Route) for each registered contact. The Path and Service-Route
remain valid for the duration of the registration, and are updated
for each registration refresh.

In order to retain backwards compatibility with systems based on RFC
3608, proxies compliant to this specification include a flag, "p2sr",
in their Path header field contains a counter that is
decremented as the response is forwarded upstream. values. When it hits
zero, that element recurses on it.

This only works if the server that sends registrar receives the 305 can be sure that all
of
REGISTER request, it examines the upstream elements between sequence of Path header field URI.
If it and sees that one or more contiguous proxies at the target end of the redirect Path
sequence do not support this mechanism. To make this determination, mechanism, the registrar omits those URI
from the Service-Route, and omits the Target-Range Require header field is used. parameter
indicating support for this specification in the response. This header field contains a pair of integers,
start-range and end-range. These integers correspond to
causes the values
of UA to revert to existing behavior, augmenting the Max-Forwards header field across a route
set of compliant elements.
When with the first element outbound proxy [[OPEN ISSUE: well, thats true for IMS at
least. UA behavior isn't defined at all in a compliant chain (for example, a UAC
supporting this mechanism) emits a request, it sets both start-range
and end-range area in RFC 3608.
Alternative is to the value have two option tags - one that says to augment,
and one that says don't.]] If, however, all of Max-Forwards in the request it emits.
A compliant element decrements both Max-Forwards and end-range before
forwarding Path URI include
the request if its policy says that downstream elements
are permitted to redirect elements upstream from it. If this "p2sr" flag, an option tag is not
permitted, placed into the element sets both start-range and end-range to Max-
Forwards Require header
field is placed in the response, indicating that the Service-Route
overrides the outbound request, effectively starting proxy.

The rules for constructing the chain
afresh. However, Route for a non-compliant element will only decrement request at the
value of Max-Forwards. As such, UA follow
in a compliant server can determine
whether the previous hop was compliant by comparing straightforward manner from this. Mid-dialog requests always
use the value set of Max-
Forwards in URI learned from the received Record-Route. A request with the value outside
of end-range. If
they are identical, it means the previous hop supports the mechanism.
Therefore, this proxy is is extended an existing chain scope of compliant
elements, and it decrements both end-range a dialog, including a REGISTER refresh, uses the
Service-Route, and Max-Forwards before
sending based on the request. However, Require flag, may or may not override
the outbound proxy. Finally, in all cases, if a request generates a
redirect response that contains a loose route, the values of Max-Forwards and end-
range Route set is
further modified or augmented based on the redirection.

6. Detailed Processing Rules
6.1. Registrar Behavior

This specification updates the procedures from RFC 3608.

The procedures in this specification MUST NOT be followed unless the received
REGISTER request were not identical, it means that contains a Supported header field with the
previous upstream element (and possibly ones upstream "sr"
option tag.

Assuming the REGISTER request contains this option tag, the registrar
examines the set of Path header field values, starting from that) were the top
(the proxy closes to, but not compliant. Therefore, this including the registrar itself) towards
the bottom (the proxy farthest away from the registrar). If the
registrar is planning on adding itself to the first in a chain of
compliant elements. It therefore resets start-range and end-range Service-Route, it adds
itself to the value top of Max-Forwards in the request it emits.

Now, when a server receives a request, if Max-Forwards equals end-
range, list. Its own URI MUST include the server knows some number "p2sr"
Path header field parameter.

If the resulting list is such that there are 0 or more contiguous
values starting at the top which contain the "p2sr" Path header field
parameter, followed by 0 or more contiguous values which do not
contain this parameter, the registrar SHOULD follow the remaining
procedures of upstream elements support this
mechanism. Indeed, specification in the exact number construction of such elements will the Service-
Route header field in the response. If not, the procedures defined
here MUST NOT be start-
range minus end-range plus one. Thus, used. In addition, if none of the server can insert Path header field
values contain the
Redirect-Target "p2sr" Path header field into parameters, the response with a value between 0
(directing
procedures defined here MUST NOT be used.

Consider the immediate upstream element to recurse) example network of Figure 1. The UAC is separated from
the registrar by three proxies, P1, P2 and start-range
minus end-range.

MF:70 MF:69 MF:68 MF:67 +
+-----+SR:70 .......SR:70 +-----+SR:68 +-----+SR:68 |-----+
| |ER:70 . .ER:70 | |ER:68 | |ER:67 | P3. The UAC supports the
mechanism in this specification and indicates this through the "sr"
option tag in the Supported header field of its REGISTER request.

+------+ +------+ +------+ +------+ +------+
| | |----->. .----->| |----->| |----->| | | UAC | . P-1 . | P-2 | | P-3 | | P-4
| UAC |---->| P1 |----->| P2 |----->| P3 |----->| Reg |
| . . | |<-----| |<-----| | | | . . | |RT:0 | |RT:1 + |
+-----+ ....... +-----+ +-----+ -----+ | |
V
+------+ +------+ +------+ +------+ +------+

Figure 1

This procedure is shown pictorially in Figure 1. The figure shows a
UAC and four proxies, P-1 through P-4. The UAC and proxies P-2
through P-4 support

When the mechanism, but P-1 does not. The UAC emits
an INVITE request. It populates Max-Forwards (shown as MF in registers, each of the
figure) with proxies inserts itself onto the initial value of 70. It also adds a Target-Range
Path header field to the request, with a start-range value (SR in the
figure) of 70, and an end-range value (ER in the figure) REGISTER. Each of 70. This
request is received by P-1. Since P-1 the proxies either
supports this extension (and thus inserts a "ps2r" parameter into its
Path header field value) or it does not understand Target-
Range, it only decrements Max-Forwards. The request (in which case no parameter
is now received
by P-2. P-2 sees that the value of Max-Forwards in the received
request (69) does inserted). The following table shows, for various Path sequences,
whether or not match the value modified Service-Route procedures of end-range (70). Thus, it
knows that its immediately upstream neighbor didn't this
specification would be used.

Path Header Field | Use New SR | Notes
| Procedures? |
--------------------------------------------------------------------
P3;p2sr, | |
P2;p2sr, | Y | All proxies support the
mechanism. As such, when it emits its request, it sets the value of
both start-range and end-range
P1;p2sr | |
--------------------------------------------------------------------
P3;p2sr, | | Proxies closest to the value of Max-Forwards, 68.
This request arrives at P-3. P-3 sees registrar
P2;p2sr, | Y | support, followed by ones
P1 | | that the value of Max-Forwards
matches end-range. So, it decrements both in the request don't
--------------------------------------------------------------------
P3;p2sr, | | Proxies closest to registrar
P2 | Y | support, followed by ones
P1 | | that don't
--------------------------------------------------------------------
P3, | |
P2, | N | No proxies support it emits.
This request arrives at P-4. Again,
P1 | |
--------------------------------------------------------------------
reg;p2sr | |
P3, | |Registrar planning on inserting
P2, | Y |itself onto the value Service-Route
P1 | |
--------------------------------------------------------------------
P3, | | Set of Max-Forwards equals
end-range. It subtracts end-range from start-range (68-67) and adds
1, which results in 2. This means proxies that the 2 upstream elements support the redirect targeting mechanism,
P2;p2sr, | N | it must be contiguous and P-4 generates a 305
response with a Redirect-Target value of 1. This is received by P-3,
which decrements Redirect-Target
P1 | | closest to zero. This is received by P-2,
which sees that the value is zero. This means registrar
--------------------------------------------------------------------
P3;p2sr, | | Set of proxies that support
P2, | N | it is the
intended target of the redirect. It therefore recurses on the
redirect and emits a new request.

[[OPEN ISSUE: This backwards compatibility mechanism could actually must be used for all redirects; providing a mechanism to know contiguous and control
where and when recursion is done. Indeed,
P1;p2sr | | closest to registrar
--------------------------------------------------------------------

Figure 2

This constraint basically says that the mechanism could
provide a general framework for allowing downstream servers Path has to
determine whether a sequence of upstream servers supports some
extension. If one uses a sequence of ranges instead of be built
either by a single
range, full proxy chain which all support information can be delivered to the UAS.
Is there a need for such a thing?]]

In addition to specifying new rules for generation and processing of
the 305, this specification updates the behaviors in RFC 3608. In
particular, spec, or by a registrar, upon receipt of chain
whereby a REGISTER, uses the Path
header field values to construct the Service-Route in the response.
The values from the Path are copied into the Service-Route, and the
registrar can then add some additional ones if they are within the
domain of the provider. By allowing the registrar to add values, the
mechanism defined here is made bunch didn't support it, followed by a superset of the behaviors defined bunch that did.
This works well in
RFC 3608. There, IMS deployments where the registrar can only add URI in its own domain.
Here, visited network
doesn't support the registrar can add such URI, mechanism, but also reflects Path headers
from the request, which may have come from other domains. In
addition, RFC 3608 defined the service route to be associated with an
AOR, rather than a registered contact. This specification modifies
that behavior. Instead, the service route will be associated with
each registered contact. Note that the registrar never needs to
store the service-route; it is computed as a function of home network does.

If the Path
header mechanisms in the REGISTER request.

5. Detailed Processing Rules

5.1 Registrar Behavior

This this specification updates are to be used, the procedures from RFC 3608.

The registrar
MUST construct the Service-Route in the registration response by
taking each URI from the Path list which contained the "p2sr" header field in the
REGISTER request,
parameter, and inverting the order. After inversion, the The registrar MAY MUST add additional URIs at the end of the list (that is,
the right hand side of the list, corresponding an option
tag to proxy elements that
will be the farthest away from the UA).

Furthermore, the registrar MAY replace or remove any URIs that are
within a domain under the control of the registrar. When replacing a
URI, one or more new ones can take its place. If the registrar is Require header field in
example.com, this would include any URIs whose domain part is
example.com. It would also include any URIs whose domain is a
subdomain of example.com, as long as that subdomain is under the
control of example.com. It could also include URIs whose domain part
is unrelated to example.com, as long as those are within the control
of example.com. It is difficult to provide a concise definition of
"under the control", but generally it means that the administrative
policies for the subservient domain are completely defined by the
controlling domain.

This behavior ensures that proxies outside of the domain of the
registrar have a way to appear on the service route, but provides a
way, within a domain, to provide service routes that are not coupled
to response (adding the Path.

[[OPEN ISSUE: Its unclear whether this mechanism is backwards
compatible header
field if necessary) with current IMS procedures. the value "sr". The P-CSCF will insert Path,
but not expect for its URI to be in the outbound Service-
Route set. The
procedures here, for a UA compliant to this specification, will
result in an outgoing INVITE being delivered to the P-CSCF as a
consequence of it being the default outbound proxy, but the request
will arrive with the topmost route equal to the outbound proxy URI,
and the next route will be the Path URI. The route after that will
be the S-CSCF (or I-CSCF in the home domain if added to header field values SHOULD NOT contain the service
route). Not clear "p2sr" parameter;
that this will work. If it doesn't, it parameter is easily
remedied by including a flag in the Path header which indicates
whether it needs to be reflected into Service-Route.]]

5.2 Proxy Behavior

When a proxy receives a request that contains the Target-Range header
field, it examines the field value of end-range. If end-range and is not equal
to the value of Max-Forwards needed in the received request, the proxy
Service-Route.

The resulting Service-Route MUST
set both end-range be recomputed for each registration
refresh, and start-range equal to the value of the Max-
Forwards header field in the request it emits. If they are equal,
the proxy for each new registration. The server MAY extend store the chain of compliant elements, or MAY reset
it, starting
values associated with itself. The decision depends on whether the proxy
wishes downstream elements to be able to generate redirects towards
upstream elements, and it, though this is a matter not necessary for proper
operation of local policy. If this specification.

In addition, the proxy
decides to reset it, it sets both end-range and start-range equal registrar MUST only return in a 200 OK response to
the value of REGISTER request, the Max-Forwards Contact header field in associated with the request
registration which was just performed. [[OPEN ISSUE: This is really
orthogonal, and it emits.
If is probably controversial. Basically it decides proposes
to extend it, it sets end-range equal use this new service route mechanism as a vehicle for eliminating
query registers and third party registrations.]]. A UA compliant to the value of
the Max-Forwards header field in the request it emits and retains the
value of start-range.

When
this specification will never generate a proxy receives registration with anything
except for a 305 response, it MUST check the value of the
Redirect-Target header field. single Contact.

If the mechanisms in this value is non-zero, specification are not used, the proxy registrar
MUST decrement it by one before forwarding follow the 305 upstream, procedures of RFC 3608 and MUST
NOT recurse on the 305. If the value is zero, construct the proxy follows Service-
Route as it would otherwise. It MUST omit the
procedures "sr" option tag from a
Require header field in Section 5.4. the response.

6.2. Proxy Behavior

This specification updates the proxy processing rules in RFC 3608.
In particular, if a

A proxy compliant to this specification which inserts a Path header
field in value into a REGISTER
request, it means that request MUST include a compliant registrar will echo the "p2sr" Path header
field back into parameter with its value. If the REGISTER response to the REGISTER
request includes the Require header field that includes the "sr"
option tag, it means that the UA will be using that URI (which will
be echoed in the Service-Route) as a Service-Route Route header field value. The value for
requests outside of a dialog. In this case, the proxy MAY remove its
value from the Service-
Route Service-Route in the response, or MAY modify it. If

When the REGISTER response
does not contain UA initiates a Service-Route value request outside of a dialog, that request
will contain a route set which includes the Path URIs learned from the
Service-Route. Consequently, a proxy MUST be prepared to receive
such a request, in which case the topmost Route header will be the
URI
inserted by the proxy, it means that proxy passed to the registrar is not UA in the 200 OK response to REGISTER.

6.3. UAC Behavior

6.3.1. REGISTER Processing

A UA compliant to this specification. [[OPEN ISSUE: specification MUST include the "sr" option tag
in the Supported header field of its REGISTER request. Such a UA
MUST include only a single Contact in each REGISTER request, which
points to the UA performing the registration. It MUST NOT generate a
"query REGISTER" which contains no contacts, MUST NOT include
multiple Contact header field values in its registration, and then it MUST
NOT register a Contact which does what??]

[[OPEN ISSUE: not sure if directly point to the following belongs here or not; its not
elaborated on anywhere else UA
itself.

When the REGISTER response arrives, and it is just a placeholder]]

If 2xx response, the proxy receives a request destined UA
looks for the AOR presence of a subscriber,
and Supported header field in the proxy is response
with the responsible proxy for that domain, it looks up "sr" option tag. If present, the AOR UA is operating in
"override" mode, as described below. If not present, the location database, and retrieves UA is
operating in "augment" mode, as described below. In either case, the Path URI and
UA MUST cache the
registered Contact. However, instead contents of rewriting the request-URI to
be equal to the registered contact, if that contact contains the URI
loose-route parameter, the proxy retains Service-Route header field for the request URI, and instead
uses that registered contact URI
duration of its registration.

A single UA may still be performing multiple registrations, for
purposes of high availability, as a consequence of the last Route header field
value. procedures
defined in SIP outbound [6]. In this way, case, the UAS UA will receive new requests with the AOR
retained in the request URI, and a topmost Route header field
present, end up with a URI containing the registered contact.

5.3 UAC Behavior

A UAC
multiple sets of Service-Route, each of which supports the 305 recursion mechanism, including the
Response-Target and Target-Range header fields, MUST include is bound to the
Target-Range header field in all requests it emits, excepting CANCEL
and ACK.
particular flow that was registered (and its associated Contact).

6.3.2. Request Origination

It is RECOMMENDED that a UA compliant to this specification also be
compliant to UA loose routing [7]. This header field MUST have the start range and end range
values equal allows proxies to utilize a
redirection to further augment the value of Max-Forwards way in which the route set for a
request emitted is constructed.

The primary question addressed by this specification is how the UA
constructs the UAC. route set for a request.

Determination of the route set for a request depends on whether the
request is done generated as a consequence of a redirection. If the UA
indicated support for loose routing in two steps.
The first its request (as described in
[7], the Route set for the recursed request is generated from the
request which generated the recursion, as described there.

This specification assumes that a UA may have one or more configured
outbound proxies, each in the determination form of a baseline SIP URI. Each of these will
either be a loose route set. This set is (in which case the route set determined strictly by protocol mechanisms, and has request would contain that
URI in the Route header field) or not
yet been subject to UA policies (in which might require alteration of the
route set. Those policies are then applied, and case the result is UA will just
send the
final route set for request to that target without including its URI in the request.
topmost Route request).

For a request sent by a UAC that is not the result of recursion on a
305, loose route
recursion, the following logic MUST be used to compute the baseline route set:

o If the request is a mid-dialog request, the route set is computed
per the procedures in Section 12.2.1.1 of RFC 3261. The baseline route set
will not contain any routes learned from configuration, DHCP,
Service-Route or any other mechanism.

o If the request is not a mid-dialog request, the client checks to
see if it has learned a service route as a result of registration.
The UAC may have learned numerous service routes, one for each
unique AOR/Contact that it registered. In the case of
registrations using the mechanisms of [5], [6], the Contact includes
the flow ID and instance ID, so that the client may have a
distinct service route for each unique AOR/Flow ID/Instance ID
combination. As such, when sending a request, the client selects
the service route corresponding to the contact which is sending
the request. [[OPEN ISSUE: Need to say more about this
selection.]]. Once a service If the UA is operating in "override" mode for this
route has been selected, set, the URIs from this service route become the baseline route set. Here too,
If the UA is operating in the baseline "augment" mode for this route set will not contain any routes learned from
configuration, DHCP, or other set,
the UA takes the outbound proxy URI it used for the REGISTER
request which created the route set, and appends that URI to the
top of the service routes. route.

o If the request is not a mid-dialog request, and there are are no
service routes associated with the contact generating the request,
the UAC uses the route set learned through configuration. [[OPEN
ISSUE: Do we need to specify how to reconcile route sources
learned across disparate configuration sources? For example DHCP
and a config file? These can come from different providers.]]

If the request is being generated as a consequence of a 305, the
baseline route set is computed as described in Section 5.4.

With the baseline route set computed, the UAC applies policy to
determine whether this route set needs to be modified. The primary
factor involved is whether or not the client needs to send this
request through its outbound proxy or not. The following logic is
RECOMMENDED. If the topmost URI in the baseline route set equals the
configured default outbound proxy for the UAC, then the baseline
route set is used unmodified, and used as the final route set. If,
however, it does not, the UAC checks a white list of URI that it
maintains. If the topmost URI appears on that white list, the
baseline resulting route set is used as the final route set. If it is not
present, the default outbound proxy URI is appended to the top of the a loose route set.

The white list represents destinations that the UA has confidence are
ones permitted to be used. Here, this implies that the provider of
the default outbound proxy allows that URI to be used in its place.
This white list
(which can be provided by configuration, but this is
cumbersome and NOT RECOMMENDED. Instead, the following algorithm is
RECOMMENDED. Initially, the white list is empty happen when there is a UA starts up.
If a UA receives a 305 to a REGISTER request it generates, the URI in
the Contact header field of the redirect are added to the white list.
This will cause the REGISTER to be sent with one of these URI as the
topmost URI in the route set. If that registration succeeds, the URI
are retained in the white list for the duration of the registration.
The client maintains a separate white list for each registered
contact.

This algorithm works because of two factors. Firstly, registrations
are always targeted towards the domain of the subscriber, and are
never delivered to user agents. As such, the mechanism relies on
trust between the provider of the configured outbound proxy and provider of the
AOR for the subscriber to follow the 305 mechanism described here
correctly. However, if that trust doesn't exist, basic call
processing is
not possible in any case. The second factor is the 305
mechanism itself. If the outbound proxy doesn't support this
specification, or the provider of the outbound proxy doesn't wish the
provider of the AOR to bypass the outbound proxy, the 305 mechanism
allows this to be known to the provider of the AOR. Thus, the
provider of the AOR can only bypass the outbound proxy if permitted
by the provider of the outbound proxy. Typically, this would only be
allowed when they are the same provider. The 305 mechanism allows
the outbound proxy to bypass itself, since the outbound proxy can
generate a 305 as long as the client supports the mechanism in this
specification.

5.4 Client Behavior

The following logic defined here applies to all clients, both UAC and
proxies, and applies to the processing of a 305 response.

When a client receives a 305 response, it MUST check for the presence
of the Response-Target header field. If this header field is absent,
the client MAY recurse on the request. However, in this case, the
recursion MUST be accomplished by replacing the request URI of the
request it generates with the value of the Contact header field in
the 305 response. This provides backwards compatibility with the
existing usage of 305, since all redirection defined in RFC 3261
updates the Request-URI. If the Response-Target header field is
present, but has a non-zero value, the client MUST NOT recurse on the
redirect. If the Response-Target header field is present and has a
value of zero, the client MUST recurse on the redirect.

To compute the request that is sent as a result of the recursion, loose route), the
client UA MUST take the route set used for the request that generated
the 305 response. If remove that request had a Route header field, the
first value MUST be replaced with the value of the Contact header
field in the 305 with the highest q-value. If there are multiple
such Contacts with the same q-value, one is chosen at random. The
result is used as the route set for the new request. If the client
is a UAC, it follows the procedures defined in Section 5.3. If the
client is a proxy, it follows the procedures definde in Section 5.2.

[[ISSUE: There are three choices about how to process the contact in
the 305. The URI there can replace the route set at the client
completely, they can be appended to from the route Route set, or they can
replace the topmost route. This draft employs the latter technique.
Further consideration is needed to determine whether or not this is
the right thing. Since the contact can contain multiple URI, we
could actually have
but still use it contain the entire route set that should
replace the one from the request.]]

If a 305 response had multiple Contact header field values, and the
recursed request generated a 503 response, and the client had
exhausted all alternative servers learned from DNS [7] for the
previous Contact header field value, the client SHOULD choose the
Contact from the 305 with the next highest q-value, and construct
another recursed request using the procedures defined above. In the
event the 305 had multiple Contact header field values with
equivalent q-values, the next highest one might have a q-value equal
to the one that was just tried.

5.5 Server Behavior

Any server, either a UAS or a proxy, MAY generate a 305 in response
to a request. However, it MUST NOT do so unless the request contains
a Target-Range header field, and the value of end-range in that
header field equals the value purposes of Max-Forwards in sending the received request. If the server generates a 305, it MUST direct that redirect
to a specific upstream element. To do so, it includes a Redirect-
Target header field in the response. That header field identifies a
specific element that is the target of the redirect. A value of 0
indicates that the element immediately upstream is the target, 1
indicates that the target is the second upstream element, and so on.
The value of Redirect-Target MUST be between 0 and start range minus
end range.

7. Grammar

This specification defines two new header fields - the Target-Range an option tag and Redirect-Target a Path header fields. field
parameter. Their syntax is as follows:

Target-Range = "Target-Range" HCOLON start-range SWS "-" SWS end-range
Redirect-Target = "Redirect-Target" HCOLON target-val
start-range = 1*DIGIT
end-range = 1*DIGIT
target-val = 1*DIGIT

option-tag \= "sr"
rr-param \= "p2sr"

8. Security Considerations

The route set used by a user agent for generating initial requests
into the network is very sensitive information. If this information
is manipulated by an attacker, it can cause calls to be directed
towards intermediaries, which can then observe call patterns,
intercept communications, and so on. As Consequently, a consequence, the
mechanisms in UA using this
specification to take care SHOULD use sips when performing a registration. This
makes sure that this only entities along the request path can modify the
route set can
only be updated on very specific conditions. Furthermore, used by the 305
mechanism defined here gives service providers policy hooks UA.

Even with sips, it is possible that
allow them to control whether such redirection can a malicious home proxy could
modify the route set used by the UA, eliminating the outbound proxy
that would otherwise be employed used by
exteranl it. This kind of attack is only
meaningful in environments where the outbound proxy is in a different
domain than the home proxy. However, presumably the outbound proxy
is present to authorize access to services, and removing it will only
result in denial of service providers.

[[ISSUE: needs more verbiage here]]

8. to the user, which would appear to
provide no benefit.

9. IANA Considerations

9. Examples

This specification registers a new option tag and a new Path header
field parameter.

9.1. SIP Option Tag

This specification registers a new SIP option tag, as per the
guidelines in Section 27.1 of RFC 3261.

Name: sr

Description: This option tag is used to identify the usage of Path
reflected Service-Route, as defined by RFC XXXX [[NOTE TO IANA:
Please replace XXXX with the RFC number of this specification]]

9.2. Header Field Parameter

This specification defines the "p2sr" header field parameter, as per
the registry created by [5]. The required information is as follows:

Header field in which the parameter can appear: Path

Name of the Parameter: p2sr

RFC Reference: RFC XXXX [[NOTE TO IANA: Please replace XXXX with the
RFC number of this specification.]]

10. Examples

TODO.

11. Acknowledgements

The author would like to thank Paul Kyzivat and Anders Kristensen for
their comments.

11.

12. References

11.1

12.1. Normative References

[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.

[2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002.

[3] Willis, D. and B. Hoeneisen, "Session Initiation Protocol (SIP)
Extension Header Field for Service Route Discovery During
Registration", RFC 3608, October 2003.

[4] Willis, D. and B. Hoeneisen, "Session Initiation Protocol (SIP)
Extension Header Field for Registering Non-Adjacent Contacts",
RFC 3327, December 2002.

[5] Camarillo, G., "The Internet Assigned Number Authority (IANA)
Header Field Parameter Registry for the Session Initiation
Protocol (SIP)", BCP 98, RFC 3968, December 2004.

[6] Jennings, C. and R. Mahy, "Managing Client Initiated Connections
in the Session Initiation Protocol (SIP)",
draft-ietf-sip-outbound-02
draft-ietf-sip-outbound-04 (work in progress), March June 2006.

11.2

[7] Rosenberg, J., "User Agent Loose Routing in the Session
Initiation Protocol (SIP)",
draft-rosenberg-sip-ua-loose-route-00 (work in progress),
October 2006.

12.2. Informative References

[6]

[8] Schulzrinne, H., "Dynamic Host Configuration Protocol (DHCP-for-
IPv4) (DHCP-
for-IPv4) Option for Session Initiation Protocol (SIP)
Servers", RFC 3361, August 2002.

[7] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol
(SIP): Locating SIP Servers", RFC 3263, June 2002.

[8]

[9] Petrie, D., "A Framework for Session Initiation Protocol User
Agent Profile Delivery", draft-ietf-sipping-config-framework-07 draft-ietf-sipping-config-framework-09
(work in progress), July 2005. October 2006.

[10] Rosenberg, J., "Discovering Outbound Proxies and Providing High
Availability with Client Initiated Connections in the Session
Initiation Protocol (SIP)",
draft-rosenberg-sip-outbound-discovery-mid-dialog-00 (work in
progress), October 2006.

Author's Address

Jonathan Rosenberg
Cisco Systems
600 Lanidex Plaza
Parsippany, NJ 07054
US

Phone: +1 973 952-5000
Email: jdrosen@cisco.com
URI: http://www.jdrosen.net

Intellectual Property Statement

The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.

Disclaimer of Validity

This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.

Acknowledgment

Funding for the RFC Editor function is currently provided by the
Internet Society.