idnits 2.17.1 draft-ietf-sipcore-refer-explicit-subscription-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 21, 2014) is 3443 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 4474 (Obsoleted by RFC 8224) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Sparks 3 Internet-Draft Oracle 4 Intended status: Standards Track November 21, 2014 5 Expires: May 25, 2015 7 Explicit Subscriptions for the REFER Method 8 draft-ietf-sipcore-refer-explicit-subscription-00 10 Abstract 12 The Session Initiation Protocol (SIP) REFER request, as defined by 13 RFC3515, triggers an implicit SIP-Specific Event Notification 14 framework subscription. Conflating the start of the subscription 15 with handling the REFER request makes negotiating SUBSCRIBE 16 extensions impossible, and complicates avoiding SIP dialog sharing. 17 This document defines extensions to REFER to remove the implicit 18 subscription and, if desired, replace it with an explicit one. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on May 25, 2015. 37 Copyright Notice 39 Copyright (c) 2014 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Conventions and Definitions . . . . . . . . . . . . . . . . . 2 55 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 3.1. Explicit Subscriptions . . . . . . . . . . . . . . . . . 3 58 3.2. No Subscriptions . . . . . . . . . . . . . . . . . . . . 4 59 4. The Explicit Subscription Extension . . . . . . . . . . . . . 5 60 4.1. Sending a REFER . . . . . . . . . . . . . . . . . . . . . 5 61 4.2. Processing a REFER Response . . . . . . . . . . . . . . . 5 62 4.3. Processing a Received REFER . . . . . . . . . . . . . . . 5 63 4.4. Subscribing to the 'refer' Event . . . . . . . . . . . . 6 64 4.5. Processing a Received SUBSCRIBE . . . . . . . . . . . . . 7 65 4.6. Sending a NOTIFY . . . . . . . . . . . . . . . . . . . . 7 66 4.7. Managing 'refer' Event State . . . . . . . . . . . . . . 7 67 4.8. The Refer-Events-At Header Field . . . . . . . . . . . . 8 68 5. The No Subscription Extension . . . . . . . . . . . . . . . . 8 69 5.1. Sending a REFER . . . . . . . . . . . . . . . . . . . . . 8 70 5.2. Processing a REFER Response . . . . . . . . . . . . . . . 9 71 5.3. Processing a Received REFER . . . . . . . . . . . . . . . 9 72 6. The 'explicitsub' and 'nosub' Option Tags . . . . . . . . . . 9 73 7. Updates to RFC 3515 . . . . . . . . . . . . . . . . . . . . . 10 74 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 75 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 76 9.1. Register the 'explicitsub' Option Tag . . . . . . . . . . 11 77 9.2. Register the 'nosub' Option Tag . . . . . . . . . . . . . 11 78 9.3. Register the 'Refer-Events-At' Header Field . . . . . . . 12 79 10. Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . 12 80 10.1. -sparks- 02 to -ietf- 00 . . . . . . . . . . . . . . . . 12 81 10.2. -sparks- 01 to 02 . . . . . . . . . . . . . . . . . . . 12 82 10.3. -sparks- 00 to 01 . . . . . . . . . . . . . . . . . . . 13 83 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 84 11.1. Normative References . . . . . . . . . . . . . . . . . . 13 85 11.2. Informative References . . . . . . . . . . . . . . . . . 13 86 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 14 88 1. Conventions and Definitions 90 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 91 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 92 document are to be interpreted as described in [RFC2119]. 94 2. Introduction 96 REFER as defined by [RFC3515] triggers an implicit SIP-Specific Event 97 Framework subscription. Sending a REFER within a dialog established 98 by an INVITE results in dialog reuse and the associated problems 99 described in [RFC5057]. The SIP-Specific Event Notification 100 framework definition [RFC6665] disallows such dialog reuse. Call 101 transfer, as defined in [RFC5589], thus requires sending a REFER 102 request on a new dialog, associating it with an existing dialog using 103 the 'Target-Dialog' mechanism defined in [RFC4538]. 105 Because there is no explicit SUBSCRIBE request, the tools for 106 negotiating subscription details are unavailable for REFER 107 subscriptions. This includes negotiating subscription duration and 108 providing information through Event header field parameters. The use 109 of the SIP 'Supported' and 'Require' extension mechanisms [RFC3261] 110 is complicated by the implicit subscription. It is unclear whether 111 the extension applies to handling the REFER request itself, or to the 112 messages in the subscription created by the REFER, or both. Avoiding 113 this confusion requires careful specification in each extension. 114 Existing extensions do not provide this clarity. 116 This document defines two mechanisms that remove the implicit 117 subscription, one of which replaces it with an explicit one. The 118 benefits of doing so include: 120 o Allowing REFER to be used within INVITE-created dialogs without 121 creating dialog reuse. 123 o Allowing standard subscription parameter negotiation. 125 o Allowing standard negotiation of SIP extensions. 127 There are limitations on when it is appropriate to use the extension 128 that allows an explicit subscription, related directly to definition 129 of non-INVITE transaction handling SIP. These limitations are 130 discussed in Section 4.1. 132 3. Overview 134 This section provides a non-normative overview of the behaviors 135 defined in subsequent sections. 137 3.1. Explicit Subscriptions 139 A SIP User-Agent (UA) that wishes to issue a REFER request that will 140 not create an implicit subscription, but will allow an explicit one, 141 will include a new option tag, 'explicitsub', in the Require header 142 field of the REFER request. This REFER could be sent either within 143 an existing dialog, or as an out-of-dialog request. 145 If the recipient of the REFER accepts the request, it will begin 146 managing the 'refer' event state described in RFC 3515, and will 147 provide a URI that will reach an event server that will service 148 subscriptions to that state. (In many cases, the recipient of the 149 REFER will perform the role of event server itself.) That URI is 150 returned in a new header field in the REFER response named 'Refer- 151 Events-At'. 153 The UA that issued the REFER can now subscribe to the 'refer' event 154 at the provided URI, using a SUBSCRIBE request with a new dialog 155 identifier. The full range of negotiation mechanisms is available 156 for its use in that request. As detailed in RFC 6665 and RFC 3515, 157 the event server accepting the subscription will send an immediate 158 NOTIFY with the current refer event state, additional NOTIFY messages 159 as the refer state changes, and a terminal NOTIFY message when the 160 referred action is complete. It is, of course, possible that the 161 initial NOTIFY is also the terminal NOTIFY. 163 It is possible that the referred action is completed before the 164 SUBSCRIBE arrives at the event server. The server needs to retain 165 the final refer event state for some period of time to include in the 166 terminal NOTIFY that will be sent for such subscriptions. It is also 167 possible that a SUBSCRIBE will never arrive. 169 This extension makes it possible to separate the event server that 170 will handle subscriptions from the UA that accepted the REFER. Such 171 a UA could use mechanisms such as PUBLISH [RFC3903] to convey the 172 refer event state to the event server. This extension also makes it 173 possible to allow more than one subscription to the refer event 174 state. 176 3.2. No Subscriptions 178 A UA that wishes to issue a REFER request that will not create an 179 implicit subscription, and tell the recipient that it is not 180 interested in creating an explicit subscription, will include a new 181 option tag, 'nosub', in the Require header field of the REFER 182 request. This REFER could be sent either within an existing dialog 183 or as an out-of-dialog request. 185 If the recipient of the REFER accepts the request, it knows not to 186 create an implicit subscription, and that no explicit subscription 187 will be forthcoming. The recipient will continue to process the 188 request indicated in the Refer-To header field as specified in RFC 189 3515, but it can avoid the cost of preparing to handle any 190 subscriptions to the state of handling that request. 192 4. The Explicit Subscription Extension 194 4.1. Sending a REFER 196 To suppress the creation of any implicit subscription, and allow for 197 an explicit one, a UA forming a REFER request will include the option 198 tag 'explicitsub' in the "Require" header field of the request. The 199 REFER request is otherwise formed following the requirements of 200 [RFC3515]. Since this REFER has no chance of creating an implicit 201 subscription, the UA MAY send the REFER request within an existing 202 dialog or out-of-dialog. 204 Note that if the REFER forks (see [RFC3261]), only one final response 205 will be returned to the issuing UA. If it is important that the UA 206 be able to subscribe to any refer state generated by accepting this 207 request, the request needs to be formed to limit the number of places 208 that it will be accepted to one. This can be achieved by sending the 209 REFER request within an existing dialog, or by using the Target- 210 Dialog mechanism defined in [RFC4538]. If it is possible for the 211 request to be accepted in more than one location, and things would go 212 wrong if the UA did not learn about each location that the request 213 was accepted, using this extension is not appropriate. 215 4.2. Processing a REFER Response 217 The UA will process responses to the REFER request as specified in 218 [RFC3515] (and, consequently, [RFC3261]). In particular, if the 219 REFER was sent to an element that does not support or is unwilling to 220 use this extension, the response will contain a 420 Bad Extension 221 response code (see section 8.1.3.5 of [RFC3261]). As that document 222 states, the UA can retry the request without using this extension. 224 If the UA receives a 2xx-class response, it will contain a Refer- 225 Events-At header field (Section 4.8) with a single URI as its value. 226 If the UA is interested in the state of the referenced action, it 227 will subscribe to the 'refer' event at that URI. 229 4.3. Processing a Received REFER 231 An element receiving a REFER request requiring the 'explicitsub' 232 extension will use the same admissions policies that would be used 233 without the extension, with the addition that it is acceptable to 234 admit an in-dialog REFER request requiring this extension since it 235 can not create another usage inside that dialog. In particular, see 236 section 5.2 of [RFC3515]. 238 Accepting a REFER request that requires 'explicitsub' does not create 239 a dialog, or a new usage within an existing dialog. The element MUST 240 NOT create an implicit subscription when accepting the REFER request. 242 If the REFER request was recieved within an existing dialog, the 243 accepting element will not be acting as a SIP-Events notifier in the 244 context of that dialog. If it is not otherwise subject to becoming a 245 notifier in the context of the dialog, none of the requirements in 246 RFC6665, particularly the requirement to provide a GRUU as the local 247 contact, apply to the message accepting the REFER request. 249 An element that accepts a REFER request with 'explicitsub' in its 250 Require header field MUST return a 200 response containing a sip: or 251 sips: URI that can be used to subscribe to the refer event state 252 associated with this REFER request. This URI MUST uniquely identify 253 this refer event state. The URI needs to reach the event server when 254 used in a SUBSCRIBE request from the element that sent the REFER. 255 One good way to ensure the URI provided has that property is to use a 256 GRUU [RFC5627] for the event server. As discussed in Section 8, 257 possession of this URI is often the only requirement for authorizing 258 a subscription to it. Implementations may wish to provide a URI 259 constructed in a way that is hard to guess. Again, using a GRUU 260 (specifically, a temporary GRUU) is one good way to achieve this 261 property. 263 The accepting element will otherwise proceed with the processing 264 defined in [RFC3515]. 266 The event server identified by the Refer-Events-At URI could receive 267 SUBSCRIBE requests at any point after the response containing the 268 Refer-Events-At header is sent. Implementations should take care to 269 ensure the event server is ready to receive those SUBSCRIBE requests 270 before sending the REFER response, but as with all non-INVITE 271 responses, the response should be sent as soon as possible (see 272 [RFC4321]). It is also possible that the referred action may 273 complete before any SUBSCRIBE request arrives. The event server will 274 need to maintain the final refer event state for a period of time 275 after the action completes in order to serve such subscriptions (see 276 Section 4.6). 278 4.4. Subscribing to the 'refer' Event 280 A UA that possesses a URI obtained from a Refer-Events-At header 281 field, MAY subscribe to the refer event state at that URI. It does 282 so following the requirements of [RFC6665], placing the token 'refer' 283 in the Event: header field and the URI in the Request-URI of the 284 SUBSCRIBE request. The SUBSCRIBE request MUST NOT reuse any existing 285 dialog identifiers. 287 Subsequent handling of the subscription MUST follow the requirements 288 of [RFC6665] and [RFC3515]. In particular, as discussed in section 289 2.4.6, the NOTIFY messages in the subscription might include an id 290 parameter in their Event header fields. Subsequent SUBSCRIBE 291 requests used to refresh or terminate this subscription MUST contain 292 this id parameter. Note that the rationale for the id parameter 293 provided in that section is not relevant when this extension is used. 294 The URI returned in the Refer-Events-At header field uniquely 295 identifies appropriate state, making the id parameter redundant. 296 However, this behavioral requirement is preserved to reduce the 297 number of changes to existing implementations in order to support 298 this extension, and to make it more likely that existing diagnostic 299 tools will work with little or no modification. 301 4.5. Processing a Received SUBSCRIBE 303 An event server receiving a SUBSCRIBE request will process it 304 according to the requirements of [RFC6665]. The event server MAY 305 choose to authorize the SUBSCRIBE request based on the Request-URI 306 corresponding to existing refer event state. It MAY also require 307 further authorization as discussed in Section 8. 309 When accepting a subscription, the event server will establish the 310 initial subscription duration using the guidance in section 3.4 of 311 [RFC3515]. 313 4.6. Sending a NOTIFY 315 NOTIFY messages within a subscription are formed and sent following 316 the requirements in [RFC3515]. See, in particular, section 2.4.5 of 317 that document. 319 4.7. Managing 'refer' Event State 321 As described in [RFC3515], an element creates the state for event 322 'refer' when it accepts a REFER request. It updates that state as 323 the referred request proceeds, ultimately reaching a state where the 324 request has completed, and the final state is known. 326 In RFC 3515 implementations, it was a reasonable design choice to 327 destroy the refer event state immediately after sending the NOTIFY 328 that terminated the implicit subscription. This is not the case when 329 using this extension. It is possible for the referenced request to 330 complete very quickly, perhaps sooner than the time it takes the 331 response to the REFER to traverse the network to the UA that sent the 332 request, and the time it takes that agent to send the SUBSCRIBE 333 request for the event state to the URI the response provides. Thus 334 the event server MUST retain the final refer event state for a 335 reasonable period of time, which SHOULD be at least 2*64*T1 (that is, 336 64 seconds), representing an upper-bound estimate of the time it 337 would take to complete two non-INVITE transactions: the REFER, and an 338 immediate SUBSCRIBE. 340 If an otherwise acceptable SUBSCRIBE arrives during this retention 341 period, the subscription would be accepted, and immediately 342 terminated with a NOTIFY containing the final event state with a 343 Subscription-State of terminated with a reason value of "noresource". 345 4.8. The Refer-Events-At Header Field 347 The 'Refer-Events-At' header field is an extension-header as defined 348 by [RFC3261]. Its ABNF is as follows: 350 Refer-Events-At: "Refer-Events-At" HCOLON 351 LAQUOT ( SIP-URI / SIPS-URI ) RAQUOT 352 * ( SEMI generic-param ) 354 See [RFC3261] for the definition of the elements used in that 355 production. 357 Note that this rule does not allow a full addr-spec as defined in RFC 358 3261, and it mandates the use of the angle brackets. That is: 360 Refer-Events-At: 362 is well formed, but 364 Refer-Events-At: sip:wsXa9mkHtPcGu8@example.com 366 is invalid. 368 The 'Refer-Events-At' header field is only meaningful in a 2xx-class 369 response to a REFER request. If it appears in the header of any 370 other SIP message, its meaning is undefined and it MUST be ignored. 372 5. The No Subscription Extension 374 5.1. Sending a REFER 376 To suppress the creation of any implicit subscription, and signal 377 that no explicit subscription will be forthcoming, a UA forming a 378 REFER request will include the option tag 'nosub' in the "Require" 379 header field of the request. The REFER request is otherwise formed 380 following the requirements of [RFC3515]. Since this REFER has no 381 chance of creating an implicit subscription, the UA MAY send the 382 REFER request within an existing dialog or out-of-dialog. 384 5.2. Processing a REFER Response 386 The UA will process responses to the REFER request as specified in 387 [RFC3515] (and, consequently, [RFC3261]). In particular, if the 388 REFER was sent to an element that does not support or is unwilling to 389 use this extension, the response will contain a 420 Bad Extension 390 response code (see section 8.1.3.5 of [RFC3261]). As that document 391 states, the UA can retry the request without using this extension. 393 5.3. Processing a Received REFER 395 An element receiving a REFER request requiring the 'nosub' extension 396 will use the same admissions policies that would be used without the 397 extension, with the addition that it is acceptable to admit an in- 398 dialog REFER request requiring this extension since it can not create 399 another usage inside that dialog. In particular, see section 5.2 of 400 [RFC3515]. 402 Accepting a REFER request that requires 'nosub' does not create a 403 dialog, or a new usage within an existing dialog. The element MUST 404 NOT create an implicit subscription when accepting the REFER request. 405 Futhermore, the element accepting the REFER request is not required 406 to maintain any state for serving refer event subscriptions. 408 If the REFER is received within an existing dialog, the accepting 409 element will not be acting as a SIP-Events notifier in the context of 410 that dialog. If it is not otherwise subject to becoming a notifier 411 in the context of the dialog, none of the requirements in RFC6665, 412 particularly the requirement to provide a GRUU as the local contact, 413 apply to the message accepting the REFER request. 415 The accepting element will otherwise proceed with the processing 416 defined in [RFC3515]. 418 6. The 'explicitsub' and 'nosub' Option Tags 420 This document defines the 'explicitsub' option tag, used to signal 421 the use of the extension defined in Section 4, and the 'nosub' option 422 tag, used to signal the use of the extension defined in Section 5. 424 The use of either option tag in a Require header field is only 425 defined when it appears in a REFER request or a response to a REFER 426 request. A UA MUST NOT include the 'explicitsub' or 'nosub' option 427 tag in the Require header field of any request other than REFER. A 428 UA MUST NOT include the 'explicitsub' or 'nosub' option tag in the 429 Require header field of any SIP response other than a 200 or 421 430 response to a REFER request. 432 The 'explicitsub' and 'nosub' option tags MAY appear in the Supported 433 header field of SIP messages, and in sip.extensions feature tag 434 defined in [RFC3840]. This signals only that the UA including the 435 value is aware of the extensions. In particular, a UA can only 436 invoke the use of one of the extensions in a request. A UA MUST NOT 437 include either option tag in the Require header field of a 200 438 response to a REFER request if that tag was not present in the 439 Require header field of the request. A User-Agent Server (UAS) that 440 is processing a REFER request that lists 'explicitsub' or 'nosub' in 441 its Supported header field and wishes to use one of those extensions 442 will return a 421 response indicating which extension is required. 444 7. Updates to RFC 3515 446 The requirement in section 2.4.4 of [RFC3515] to reject out-of-dialog 447 SUBSCRIBE requests to event 'refer' is removed. An element MAY 448 accept a SUBSCRIBE request to event 'refer', following the 449 requirements and guidance in this document. REFER is no longer the 450 only mechanism that can create a subscription to event 'refer'. 452 [RFC6665] section 8.3.1 deprecates the 202 Accepted response code. 453 New implementations of REFER, whether using the 'explicitsub' 454 extension or not, will never emit a 202 response code. Where RFC 455 3515 specifies using 202, new implementations MUST use 200 instead. 457 8. Security Considerations 459 The considerations of [RFC3515] all still apply to a REFER request 460 using this extension. The considerations there for the implicit 461 subscription apply to any explicit subscription for the 'refer' 462 event. 464 This update to RFC 3515 introduces a new authorization consideration. 465 An element receiving an initial SUBSCRIBE request to the 'refer' 466 event needs to decide whether the subscriber should be allowed to see 467 the refer event state. In RFC 3515, this decision was conflated with 468 accepting the REFER request, and the only possible subscriber was the 469 element that sent the REFER. With this update, there may multiple 470 subscribers to any given refer event state. 472 This document allows an element to accept an initial SUBSCRIBE 473 request based on having a Request-URI that identifies existing refer 474 event state. (Such a URI will have previously been sent in the 475 Refer-Events-At header field in a successful REFER response). The 476 element retrieving that URI from the response, and any elements that 477 element shares the URI with are authorized to SUBSCRIBE to the event 478 state. Consequently, the URI should be constructed so that it is not 479 easy to guess, and should be protected against eavesdroppers when 480 transmitted. For instance, SIP messages containing this URI SHOULD 481 be sent using TLS or DTLS. An event server receiving a REFER request 482 over an unprotected transport can redirect the requester to use a 483 protected transport before accepting the request. A good way to 484 ensure that subscriptions use a protected transport is to only 485 construct sips: URIs. The event server can also require any of the 486 additional authorization mechanisms allowed for any SIP request. For 487 example, the event server could require a valid assertion of the 488 subscriber's identity using [RFC4474]. 490 The URI provided in a 'Refer-Events-At' header field will be used as 491 the Request-URI of SUBSCRIBE requests. A malicious agent could take 492 advantage of being able to choose this URI in ways similar to the 493 ways an agent sending a REFER request can take advantage of the 494 Refer-To URI, as described in the security considerations section of 495 RFC 3515. In particular, the malicious agent could cause a SIP 496 SUBSCRIBE to be sent as raw traffic towards a victim. If the victim 497 is not SIP aware, and the SUBSCRIBE is sent over UDP, there is (at 498 most) a factor of 11 amplification due to retransmissions of the 499 request. The potential for abuse in this situation is lower than 500 that of the Refer-To URI, since the URI can only have a sip: or sips: 501 scheme, and is only provided in a REFER response. A malicious agent 502 would have to first receive a REFER request to take advantage of 503 providing a Refer-Events-At URI. 505 9. IANA Considerations 507 9.1. Register the 'explicitsub' Option Tag 509 The option tag 'explicitsub' is registered in the 'Option Tag' 510 subregistry of the 'Session Initiation Protocol (SIP) Parameters' 511 registry by adding a row with these values: 513 Name: explicitsub 515 Description: This option tag identifies an extension to REFER to 516 suppress the implicit subscription, and provide a URI for an explicit 517 subscription. 519 Reference: (this document) 521 9.2. Register the 'nosub' Option Tag 523 The option tag 'nosub' is registered in the 'Option Tag' subregistry 524 of the 'Session Initiation Protocol (SIP) Parameters' registry by 525 adding a row with these values: 527 Name: nosub 528 Description: This option tag identifies an extension to REFER to 529 suppress the implicit subscription, and indicate that no explicit 530 subscription is forthcoming. 532 Reference: (this document) 534 9.3. Register the 'Refer-Events-At' Header Field 536 The header field described in Section 4.8 is registered in the 537 'Header Fields' subregistry of the 'Session Initiation Protocol (SIP) 538 Parameters' registry by adding a row with these values: 540 Header Name: Refer-Events-At 542 compact: (none: the entry in this column should be blank) 544 Reference: (this document) 546 10. Changelog 548 RFC Editor - please remove this section when formatting this document 549 as an RFC. 551 10.1. -sparks- 02 to -ietf- 00 553 1. Incorporated the change to section 6 discussed on list 555 2. Changed "only meaningful in 200" to "only meaningful in 2xx- 556 class" 558 3. Explicitly stated that the RFC6665 rules on populating Contact 559 when becoming a notifier do not apply to the message accepting a 560 REFER request requiring either of these extensions 562 4. Pointed out that _temporary_ GRUUs are what have the good 563 security property discussed in the security considerations 564 section 566 10.2. -sparks- 01 to 02 568 1. Added the 'nosub' option tag 570 2. Added text calling out the limitations on explicitsub when the 571 REFER might be accepted in more than one place. 573 10.3. -sparks- 00 to 01 575 1. Replaced strawman proposal with a formal definition of the 576 mechanism. Added an overview, and detailed security 577 considerations. 579 11. References 581 11.1. Normative References 583 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 584 Requirement Levels", BCP 14, RFC 2119, March 1997. 586 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 587 A., Peterson, J., Sparks, R., Handley, M., and E. 588 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 589 June 2002. 591 [RFC3515] Sparks, R., "The Session Initiation Protocol (SIP) Refer 592 Method", RFC 3515, April 2003. 594 [RFC3840] Rosenberg, J., Schulzrinne, H., and P. Kyzivat, 595 "Indicating User Agent Capabilities in the Session 596 Initiation Protocol (SIP)", RFC 3840, August 2004. 598 [RFC6665] Roach, A., "SIP-Specific Event Notification", RFC 6665, 599 July 2012. 601 11.2. Informative References 603 [RFC3903] Niemi, A., "Session Initiation Protocol (SIP) Extension 604 for Event State Publication", RFC 3903, October 2004. 606 [RFC4321] Sparks, R., "Problems Identified Associated with the 607 Session Initiation Protocol's (SIP) Non-INVITE 608 Transaction", RFC 4321, January 2006. 610 [RFC4474] Peterson, J. and C. Jennings, "Enhancements for 611 Authenticated Identity Management in the Session 612 Initiation Protocol (SIP)", RFC 4474, August 2006. 614 [RFC4538] Rosenberg, J., "Request Authorization through Dialog 615 Identification in the Session Initiation Protocol (SIP)", 616 RFC 4538, June 2006. 618 [RFC5057] Sparks, R., "Multiple Dialog Usages in the Session 619 Initiation Protocol", RFC 5057, November 2007. 621 [RFC5589] Sparks, R., Johnston, A., and D. Petrie, "Session 622 Initiation Protocol (SIP) Call Control - Transfer", BCP 623 149, RFC 5589, June 2009. 625 [RFC5627] Rosenberg, J., "Obtaining and Using Globally Routable User 626 Agent URIs (GRUUs) in the Session Initiation Protocol 627 (SIP)", RFC 5627, October 2009. 629 Author's Address 631 Robert Sparks 632 Oracle 633 7460 Warren Parkway 634 Suite 300 635 Frisco, Texas 75034 636 US 638 Email: rjsparks@nostrum.com