< draft-ietf-p2psip-sip-18.txt   draft-ietf-p2psip-sip-19.txt >
P2PSIP C. Jennings P2PSIP C. Jennings
Internet-Draft Cisco Internet-Draft Cisco
Intended status: Standards Track B. Lowekamp Intended status: Standards Track B. Lowekamp
Expires: October 9, 2016 Skype Expires: October 19, 2016 Skype
E. Rescorla E. Rescorla
RTFM, Inc. RTFM, Inc.
S. Baset S. Baset
H. Schulzrinne H. Schulzrinne
Columbia University Columbia University
T. Schmidt, Ed. T. Schmidt, Ed.
HAW Hamburg HAW Hamburg
April 7, 2016 April 17, 2016
A SIP Usage for RELOAD A SIP Usage for RELOAD
draft-ietf-p2psip-sip-18 draft-ietf-p2psip-sip-19
Abstract Abstract
This document defines a SIP Usage for REsource LOcation And Discovery This document defines a SIP Usage for REsource LOcation And Discovery
(RELOAD). The SIP Usage provides the functionality of a SIP proxy or (RELOAD). The SIP Usage provides the functionality of a SIP proxy or
registrar in a fully-distributed system and includes a lookup service registrar in a fully-distributed system and includes a lookup service
for Address of Records (AORs) stored in the overlay. It also defines for Address of Records (AORs) stored in the overlay. It also defines
Globally Routable User Agent URIs (GRUUs) that allow the Globally Routable User Agent URIs (GRUUs) that allow the
registrations to map an AOR to a specific node reachable through the registrations to map an AOR to a specific node reachable through the
overlay. After such initial contact of a peer, the RELOAD AppAttach overlay. After such initial contact of a peer, the RELOAD AppAttach
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 9, 2016. This Internet-Draft will expire on October 19, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 41 skipping to change at page 2, line 41
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Registering AORs in the Overlay . . . . . . . . . . . . . . . 5 3. Registering AORs in the Overlay . . . . . . . . . . . . . . . 5
3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 6 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2. Data Structure . . . . . . . . . . . . . . . . . . . . . 6 3.2. Data Structure . . . . . . . . . . . . . . . . . . . . . 6
3.3. Access Control . . . . . . . . . . . . . . . . . . . . . 8 3.3. Access Control . . . . . . . . . . . . . . . . . . . . . 8
3.4. Overlay Configuration Document Extension . . . . . . . . 9 3.4. Overlay Configuration Document Extension . . . . . . . . 9
4. Looking up an AOR . . . . . . . . . . . . . . . . . . . . . . 11 4. Looking up an AOR . . . . . . . . . . . . . . . . . . . . . . 10
4.1. Finding a Route to an AOR . . . . . . . . . . . . . . . . 11 4.1. Finding a Route to an AOR . . . . . . . . . . . . . . . . 10
4.2. Resolving an AOR . . . . . . . . . . . . . . . . . . . . 11 4.2. Resolving an AOR . . . . . . . . . . . . . . . . . . . . 11
5. Forming a Direct Connection . . . . . . . . . . . . . . . . . 12 5. Forming a Direct Connection . . . . . . . . . . . . . . . . . 11
5.1. Setting Up a Connection . . . . . . . . . . . . . . . . . 12 5.1. Setting Up a Connection . . . . . . . . . . . . . . . . . 11
5.2. Keeping a Connection Alive . . . . . . . . . . . . . . . 12 5.2. Keeping a Connection Alive . . . . . . . . . . . . . . . 12
6. Using GRUUs . . . . . . . . . . . . . . . . . . . . . . . . . 13 6. Using GRUUs . . . . . . . . . . . . . . . . . . . . . . . . . 12
7. SIP-REGISTRATION Kind Definition . . . . . . . . . . . . . . 13 7. SIP-REGISTRATION Kind Definition . . . . . . . . . . . . . . 13
8. Security Considerations . . . . . . . . . . . . . . . . . . . 14 8. Security Considerations . . . . . . . . . . . . . . . . . . . 14
8.1. RELOAD-Specific Issues . . . . . . . . . . . . . . . . . 14 8.1. RELOAD-Specific Issues . . . . . . . . . . . . . . . . . 14
8.2. SIP-Specific Issues . . . . . . . . . . . . . . . . . . . 14 8.2. SIP-Specific Issues . . . . . . . . . . . . . . . . . . . 14
8.2.1. Fork Explosion . . . . . . . . . . . . . . . . . . . 14 8.2.1. Fork Explosion . . . . . . . . . . . . . . . . . . . 14
8.2.2. Malicious Retargeting . . . . . . . . . . . . . . . . 15 8.2.2. Malicious Retargeting . . . . . . . . . . . . . . . . 14
8.2.3. Misuse of AORs . . . . . . . . . . . . . . . . . . . 15 8.2.3. Misuse of AORs . . . . . . . . . . . . . . . . . . . 15
8.2.4. Privacy Issues . . . . . . . . . . . . . . . . . . . 15 8.2.4. Privacy Issues . . . . . . . . . . . . . . . . . . . 15
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
9.1. Data Kind-ID . . . . . . . . . . . . . . . . . . . . . . 15 9.1. Data Kind-ID . . . . . . . . . . . . . . . . . . . . . . 15
9.2. XML Name Space Registration . . . . . . . . . . . . . . . 16 9.2. XML Name Space Registration . . . . . . . . . . . . . . . 16
10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
11.1. Normative References . . . . . . . . . . . . . . . . . . 16 11.1. Normative References . . . . . . . . . . . . . . . . . . 16
11.2. Informative References . . . . . . . . . . . . . . . . . 17 11.2. Informative References . . . . . . . . . . . . . . . . . 18
Appendix A. Third Party Registration . . . . . . . . . . . . . . 18 Appendix A. Third Party Registration . . . . . . . . . . . . . . 18
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 18 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 18
B.1. Changes since draft-ietf-p2psip-sip-09 . . . . . . . . . 18 B.1. Changes since draft-ietf-p2psip-sip-09 . . . . . . . . . 18
B.2. Changes since draft-ietf-p2psip-sip-08 . . . . . . . . . 18 B.2. Changes since draft-ietf-p2psip-sip-08 . . . . . . . . . 19
B.3. Changes since draft-ietf-p2psip-sip-07 . . . . . . . . . 19 B.3. Changes since draft-ietf-p2psip-sip-07 . . . . . . . . . 19
B.4. Changes since draft-ietf-p2psip-sip-06 . . . . . . . . . 19 B.4. Changes since draft-ietf-p2psip-sip-06 . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19
1. Introduction 1. Introduction
REsource LOcation And Discovery (RELOAD) [RFC6940] specifies a peer- REsource LOcation And Discovery (RELOAD) [RFC6940] specifies a peer-
to-peer (P2P) signaling protocol for the general use on the Internet. to-peer (P2P) signaling protocol for the general use on the Internet.
This document defines a SIP Usage of RELOAD that allows SIP [RFC3261] This document defines a SIP Usage of RELOAD that allows SIP [RFC3261]
user agents (UAs) to establish peer-to-peer SIP (or SIPS) sessions user agents (UAs) to establish peer-to-peer SIP (or SIPS) sessions
skipping to change at page 5, line 44 skipping to change at page 5, line 44
We use the terminology and definitions from Concepts and Terminology We use the terminology and definitions from Concepts and Terminology
for Peer to Peer SIP [I-D.ietf-p2psip-concepts] and the RELOAD Base for Peer to Peer SIP [I-D.ietf-p2psip-concepts] and the RELOAD Base
Protocol [RFC6940] extensively in this document. Protocol [RFC6940] extensively in this document.
In addition, term definitions from SIP [RFC3261] apply to this memo. In addition, term definitions from SIP [RFC3261] apply to this memo.
The term AOR is the SIP "Address of Record" used to identify a user The term AOR is the SIP "Address of Record" used to identify a user
in SIP. For example, alice@example.com could be the AOR for Alice. in SIP. For example, alice@example.com could be the AOR for Alice.
For the purposes of this specification, an AOR is considered not to For the purposes of this specification, an AOR is considered not to
include the scheme (e.g. sip:) as the AOR needs to match the include the scheme (e.g. sip:) as the AOR needs to match the
rfc822Name in the X509v3 certificates. It is worth noting that SIP rfc822Name in the X509v3 certificates [RFC5280]. It is worth noting
and SIPS are distinguished in P2PSIP by the Application-ID. that SIP and SIPS are distinguished in P2PSIP by the Application-ID.
3. Registering AORs in the Overlay 3. Registering AORs in the Overlay
3.1. Overview 3.1. Overview
In ordinary SIP, a UA registers its AOR and location with a In ordinary SIP, a UA registers its AOR and location with a
registrar. In RELOAD, this registrar function is provided by the registrar. In RELOAD, this registrar function is provided by the
overlay as a whole. To register its location, a RELOAD peer stores a overlay as a whole. To register its location, a RELOAD peer stores a
SipRegistration Resource Record under its own AOR using the SIP- SipRegistration Resource Record under its own AOR using the SIP-
REGISTRATION Kind, which is formally defined in Section 7. Note that REGISTRATION Kind, which is formally defined in Section 7. Note that
the registration lifetime known from the regular SIP REGISTER method the registration lifetime known from the regular SIP REGISTER method
skipping to change at page 7, line 41 skipping to change at page 7, line 41
length length
the length of the rest of the PDU the length of the rest of the PDU
data data
the registration data the registration data
o If the registration is of type "sip_registration_uri", then the o If the registration is of type "sip_registration_uri", then the
contents are an opaque string containing the AOR as specified in contents are an opaque string containing the AOR.
Section 2.
o If the registration is of type "sip_registration_route", then the o If the registration is of type "sip_registration_route", then the
contents are an opaque string containing the callee's contact contents are an opaque string containing the callee's contact
preferences and a destination list for the peer. preferences and a destination list for the peer.
The callee expresses its capabilities within the contact preferences The callee expresses its capabilities within the contact preferences
as specified in [RFC3840]. It encodes a media feature set comprised as specified in [RFC3840]. It encodes a media feature set comprised
of its capabilities as a contact predicate, i.e., a string of feature of its capabilities as a contact predicate, i.e., a string of feature
parameters that appear as part of the Contact header field. Feature parameters that appear as part of the Contact header field. Feature
parameters are derived from the media feature set syntax of [RFC2533] parameters are derived from the media feature set syntax of [RFC2533]
skipping to change at page 10, line 25 skipping to change at page 10, line 25
set to true, the overlay MUST only accept AORs that match patterns set to true, the overlay MUST only accept AORs that match patterns
specified in the <domain-restrictions> element. specified in the <domain-restrictions> element.
Example of Domain Patterns: Example of Domain Patterns:
dht\.example\.com dht\.example\.com
.*\.my\.example .*\.my\.example
In this example, any AOR will be accepted that is either of the form In this example, any AOR will be accepted that is either of the form
<user>@dht.example.com, or ends with the domain "my.example". <user>@dht.example.com, or ends with the domain "my.example".
The <domain-restrictions> element serves as a container for zero to
multiple <pattern> sub-elements. A <pattern> element MAY be present
if the "enable" attribute of its parent element is set to true. Each
<pattern> element defines a pattern for constructing admissible
resource names. It is of type xsd:string and interpreted as a
regular expression according to "POSIX Extended Regular Expression"
(see the specifications in [IEEE-Posix]).
The Relax NG Grammar for the AOR Domain Restriction reads: The Relax NG Grammar for the AOR Domain Restriction reads:
# AOR DOMAIN RESTRICTION URN SUB-NAMESPACE # AOR DOMAIN RESTRICTION URN SUB-NAMESPACE
namespace sip = "urn:ietf:params:xml:ns:p2p:config-base:sip" namespace sip = "urn:ietf:params:xml:ns:p2p:config-base:sip"
# AOR DOMAIN RESTRICTION ELEMENT # AOR DOMAIN RESTRICTION ELEMENT
Kind-parameter &= element sip:domain-restriction { Kind-parameter &= element sip:domain-restriction {
skipping to change at page 14, line 8 skipping to change at page 13, line 40
destination list to the peer which is acting for the user. destination list to the peer which is acting for the user.
Data Model The data model for the SIP-REGISTRATION Kind-ID is Data Model The data model for the SIP-REGISTRATION Kind-ID is
dictionary. The dictionary key is the Node-ID of the storing dictionary. The dictionary key is the Node-ID of the storing
peer. This allows each peer (presumably corresponding to a single peer. This allows each peer (presumably corresponding to a single
device) to store a single route mapping. device) to store a single route mapping.
Access Control USER-NODE-MATCH. Note that this matches the SIP AOR Access Control USER-NODE-MATCH. Note that this matches the SIP AOR
against the rfc822Name in the X509v3 certificate. The rfc822Name against the rfc822Name in the X509v3 certificate. The rfc822Name
does not include the scheme so that the "sip:" prefix needs to be does not include the scheme so that the "sip:" prefix needs to be
removed from the SIP AOR before matching. removed from the SIP AOR before matching. Escaped characters ('%'
encoding) in the SIP AOR also need to be decoded prior to
matching.
Data stored under the SIP-REGISTRATION Kind is of type Data stored under the SIP-REGISTRATION Kind is of type
SipRegistration. This comes in two varieties: SipRegistration. This comes in two varieties:
sip_registration_uri sip_registration_uri
a URI which the user can be reached at. a URI which the user can be reached at.
sip_registration_route sip_registration_route
skipping to change at page 15, line 34 skipping to change at page 15, line 28
admissible in the Overlay Instance, or by additional verification admissible in the Overlay Instance, or by additional verification
actions of the enrollment service. To prevent an (exclusive) routing actions of the enrollment service. To prevent an (exclusive) routing
to a bogus registration, a caller can in addition query the DNS (or to a bogus registration, a caller can in addition query the DNS (or
other discovery services at hand) to search for an alternative other discovery services at hand) to search for an alternative
presence of the callee in another overlay or a normal SIP presence of the callee in another overlay or a normal SIP
infrastructure. infrastructure.
8.2.4. Privacy Issues 8.2.4. Privacy Issues
All RELOAD SIP registration data is visible to all nodes in the All RELOAD SIP registration data is visible to all nodes in the
overlay. Methods of providing location and identity privacy are overlay. Location privacy can be gained from using anonymous GRUUs.
still being studied. Location privacy can be gained from using Methods of providing anonymity or deploying pseudonyms exist, but are
anonymous GRUUs. beyond the scope of this document.
9. IANA Considerations 9. IANA Considerations
9.1. Data Kind-ID 9.1. Data Kind-ID
IANA shall register the following code point in the "RELOAD Data IANA shall register the following code point in the "RELOAD Data
Kind-ID" Registry (cf., [RFC6940]) to represent the SIP-REGISTRATION Kind-ID" Registry (cf., [RFC6940]) to represent the SIP-REGISTRATION
Kind, as described in Section 7. [NOTE TO IANA/RFC-EDITOR: Please Kind, as described in Section 7. [NOTE TO IANA/RFC-EDITOR: Please
replace RFC-AAAA with the RFC number for this specification in the replace RFC-AAAA with the RFC number for this specification in the
following list.] following list.]
skipping to change at page 17, line 29 skipping to change at page 17, line 29
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
<http://www.rfc-editor.org/info/rfc4648>. <http://www.rfc-editor.org/info/rfc4648>.
[RFC5245] Rosenberg, J., "Interactive Connectivity Establishment [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment
(ICE): A Protocol for Network Address Translator (NAT) (ICE): A Protocol for Network Address Translator (NAT)
Traversal for Offer/Answer Protocols", RFC 5245, Traversal for Offer/Answer Protocols", RFC 5245,
DOI 10.17487/RFC5245, April 2010, DOI 10.17487/RFC5245, April 2010,
<http://www.rfc-editor.org/info/rfc5245>. <http://www.rfc-editor.org/info/rfc5245>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
<http://www.rfc-editor.org/info/rfc5280>.
[RFC5626] Jennings, C., Ed., Mahy, R., Ed., and F. Audet, Ed., [RFC5626] Jennings, C., Ed., Mahy, R., Ed., and F. Audet, Ed.,
"Managing Client-Initiated Connections in the Session "Managing Client-Initiated Connections in the Session
Initiation Protocol (SIP)", RFC 5626, Initiation Protocol (SIP)", RFC 5626,
DOI 10.17487/RFC5626, October 2009, DOI 10.17487/RFC5626, October 2009,
<http://www.rfc-editor.org/info/rfc5626>. <http://www.rfc-editor.org/info/rfc5626>.
[RFC5627] Rosenberg, J., "Obtaining and Using Globally Routable User [RFC5627] Rosenberg, J., "Obtaining and Using Globally Routable User
Agent URIs (GRUUs) in the Session Initiation Protocol Agent URIs (GRUUs) in the Session Initiation Protocol
(SIP)", RFC 5627, DOI 10.17487/RFC5627, October 2009, (SIP)", RFC 5627, DOI 10.17487/RFC5627, October 2009,
<http://www.rfc-editor.org/info/rfc5627>. <http://www.rfc-editor.org/info/rfc5627>.
 End of changes. 16 change blocks. 
28 lines changed or deleted 27 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/