idnits 2.17.1 draft-ietf-sipcore-rfc3265bis-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (February 19, 2010) is 5179 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'Roach' is mentioned on line 1732, but not defined ** Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226) ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Downref: Normative reference to an Informational RFC: RFC 2779 ** Obsolete normative reference: RFC 3265 (Obsoleted by RFC 6665) -- Duplicate reference: RFC4660, mentioned in 'RFC4660', was also mentioned in 'RFC 4660'. Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. B. Roach 3 Internet-Draft Tekelec 4 Expires: August 23, 2010 February 19, 2010 6 SIP-Specific Event Notification 7 draft-ietf-sipcore-rfc3265bis-01 9 Abstract 11 This document describes an extension to the Session Initiation 12 Protocol (SIP). The purpose of this extension is to provide an 13 extensible framework by which SIP nodes can request notification from 14 remote nodes indicating that certain events have occurred. 16 Note that the event notification mechanisms defined herein are NOT 17 intended to be a general-purpose infrastructure for all classes of 18 event subscription and notification. 20 Status of this Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts.txt. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 This Internet-Draft will expire on August 23, 2010. 43 Copyright Notice 45 Copyright (c) 2010 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 61 1.1. Overview of Operation . . . . . . . . . . . . . . . . . . 5 62 1.2. Documentation Conventions . . . . . . . . . . . . . . . . 6 63 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 64 3. SIP Methods for Event Notification . . . . . . . . . . . . . . 7 65 3.1. SUBSCRIBE . . . . . . . . . . . . . . . . . . . . . . . . 7 66 3.1.1. Subscription Duration . . . . . . . . . . . . . . . . 7 67 3.1.2. Identification of Subscribed Events and Event 68 Classes . . . . . . . . . . . . . . . . . . . . . . . 8 69 3.1.3. Additional SUBSCRIBE Header Field Values . . . . . . . 9 70 3.2. NOTIFY . . . . . . . . . . . . . . . . . . . . . . . . . . 9 71 3.2.1. Identification of Reported Events, Event Classes, 72 and Current State . . . . . . . . . . . . . . . . . . 9 73 4. Node Behavior . . . . . . . . . . . . . . . . . . . . . . . . 10 74 4.1. Subscriber Behavior . . . . . . . . . . . . . . . . . . . 10 75 4.1.1. Detecting Support for SIP Events . . . . . . . . . . . 10 76 4.1.2. Creating and Maintaining Subscriptions . . . . . . . . 10 77 4.1.3. Receiving and Processing State Information . . . . . . 13 78 4.1.4. Forking of SUBSCRIBE Messages . . . . . . . . . . . . 16 79 4.2. Notifier Behavior . . . . . . . . . . . . . . . . . . . . 16 80 4.2.1. Subscription Establishment and Maintenance . . . . . . 16 81 4.2.2. Sending State Information to Subscribers . . . . . . . 20 82 4.2.3. PINT Compatibility . . . . . . . . . . . . . . . . . . 22 83 4.3. Proxy Behavior . . . . . . . . . . . . . . . . . . . . . . 22 84 4.4. Common Behavior . . . . . . . . . . . . . . . . . . . . . 23 85 4.4.1. Dialog Creation and Termination . . . . . . . . . . . 23 86 4.4.2. Notifier Migration . . . . . . . . . . . . . . . . . . 23 87 4.4.3. Polling Resource State . . . . . . . . . . . . . . . . 24 88 4.4.4. Allow-Events header field usage . . . . . . . . . . . 25 89 4.5. Targeting Subscriptions at Devices . . . . . . . . . . . . 25 90 4.5.1. Using GRUUs to Route to Devices . . . . . . . . . . . 26 91 4.5.2. Sharing Dialogs . . . . . . . . . . . . . . . . . . . 26 92 4.6. CANCEL Requests for SUBSCRIBE and NOTIFY . . . . . . . . . 28 93 5. Event Packages . . . . . . . . . . . . . . . . . . . . . . . . 28 94 5.1. Appropriateness of Usage . . . . . . . . . . . . . . . . . 28 95 5.2. Event Template-packages . . . . . . . . . . . . . . . . . 29 96 5.3. Amount of State to be Conveyed . . . . . . . . . . . . . . 29 97 5.3.1. Complete State Information . . . . . . . . . . . . . . 30 98 5.3.2. State Deltas . . . . . . . . . . . . . . . . . . . . . 30 99 5.4. Event Package Responsibilities . . . . . . . . . . . . . . 30 100 5.4.1. Event Package Name . . . . . . . . . . . . . . . . . . 31 101 5.4.2. Event Package Parameters . . . . . . . . . . . . . . . 31 102 5.4.3. SUBSCRIBE Bodies . . . . . . . . . . . . . . . . . . . 31 103 5.4.4. Subscription Duration . . . . . . . . . . . . . . . . 31 104 5.4.5. NOTIFY Bodies . . . . . . . . . . . . . . . . . . . . 31 105 5.4.6. Notifier processing of SUBSCRIBE requests . . . . . . 32 106 5.4.7. Notifier generation of NOTIFY requests . . . . . . . . 32 107 5.4.8. Subscriber processing of NOTIFY requests . . . . . . . 32 108 5.4.9. Handling of forked requests . . . . . . . . . . . . . 32 109 5.4.10. Rate of notifications . . . . . . . . . . . . . . . . 33 110 5.4.11. State Aggregation . . . . . . . . . . . . . . . . . . 33 111 5.4.12. Examples . . . . . . . . . . . . . . . . . . . . . . . 33 112 5.4.13. Use of URIs to Retrieve State . . . . . . . . . . . . 34 113 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 114 6.1. Access Control . . . . . . . . . . . . . . . . . . . . . . 34 115 6.2. Notifier Privacy Mechanism . . . . . . . . . . . . . . . . 34 116 6.3. Denial-of-Service attacks . . . . . . . . . . . . . . . . 35 117 6.4. Replay Attacks . . . . . . . . . . . . . . . . . . . . . . 35 118 6.5. Man-in-the middle attacks . . . . . . . . . . . . . . . . 35 119 6.6. Confidentiality . . . . . . . . . . . . . . . . . . . . . 36 120 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 121 7.1. Event Packages . . . . . . . . . . . . . . . . . . . . . . 36 122 7.1.1. Registration Information . . . . . . . . . . . . . . . 37 123 7.1.2. Registration Template . . . . . . . . . . . . . . . . 38 124 7.2. Reason Codes . . . . . . . . . . . . . . . . . . . . . . . 38 125 7.3. Header Field Names . . . . . . . . . . . . . . . . . . . . 39 126 7.4. Response Codes . . . . . . . . . . . . . . . . . . . . . . 39 127 8. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 128 8.1. New Methods . . . . . . . . . . . . . . . . . . . . . . . 40 129 8.1.1. SUBSCRIBE method . . . . . . . . . . . . . . . . . . . 41 130 8.1.2. NOTIFY method . . . . . . . . . . . . . . . . . . . . 41 131 8.2. New Header Fields . . . . . . . . . . . . . . . . . . . . 42 132 8.2.1. "Event" Header Field . . . . . . . . . . . . . . . . . 42 133 8.2.2. "Allow-Events" Header Field . . . . . . . . . . . . . 42 134 8.2.3. "Subscription-State" Header Field . . . . . . . . . . 43 135 8.3. New Response Codes . . . . . . . . . . . . . . . . . . . . 43 136 8.3.1. "202 Accepted" Response Code . . . . . . . . . . . . . 43 137 8.3.2. "489 Bad Event" Response Code . . . . . . . . . . . . 43 138 8.4. Augmented BNF Definitions . . . . . . . . . . . . . . . . 43 139 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 44 140 9.1. Normative References . . . . . . . . . . . . . . . . . . . 44 141 9.2. Informative References . . . . . . . . . . . . . . . . . . 45 142 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 46 143 Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . . 46 144 B.1. Bug 711: Allow-Events can't express template support . . . 47 145 B.2. Remove 202 Response Code? . . . . . . . . . . . . . . . . 47 146 B.3. Timer N and Resubscribes . . . . . . . . . . . . . . . . . 47 147 Appendix C. Changes . . . . . . . . . . . . . . . . . . . . . . . 48 148 C.1. Changes from draft-ietf-sipcore-rfc3265bis-00 to 149 draft-ietf-sipcore-rfc3265bis-01 . . . . . . . . . . . . . 48 150 C.2. Changes from draft-roach-sipcore-rfc3265bis-00 to 151 draft-ietf-sipcore-rfc3265bis-00 . . . . . . . . . . . . . 48 152 C.3. Changes since RFC 3265 . . . . . . . . . . . . . . . . . . 48 153 C.3.1. Bug 666: Clarify use of expires=xxx with terminated . 48 154 C.3.2. Bug 667: Reason code for unsub/poll not clearly 155 spelled out . . . . . . . . . . . . . . . . . . . . . 48 156 C.3.3. Bug 669: Clarify: SUBSCRIBE for a duration might 157 be answered with a NOTIFY/expires=0 . . . . . . . . . 48 158 C.3.4. Bug 670: Dialog State Machine needs clarification . . 48 159 C.3.5. Bug 671: Clarify timeout-based removal of 160 subscriptions . . . . . . . . . . . . . . . . . . . . 49 161 C.3.6. Bug 672: Mandate expires= in NOTIFY . . . . . . . . . 49 162 C.3.7. Bug 673: INVITE 481 response effect clarification . . 49 163 C.3.8. Bug 677: SUBSCRIBE response matching text in error . . 49 164 C.3.9. Bug 695: Document is not explicit about response 165 to NOTIFY at subscription termination . . . . . . . . 49 166 C.3.10. Bug 696: Subscription state machine needs 167 clarification . . . . . . . . . . . . . . . . . . . . 49 168 C.3.11. Bug 697: Unsubscription behavior could be clarified . 49 169 C.3.12. Bug 699: NOTIFY and SUBSCRIBE are target refresh 170 requests . . . . . . . . . . . . . . . . . . . . . . . 49 171 C.3.13. Bug 722: Inconsistent 423 reason phrase text . . . . . 50 172 C.3.14. Bug 741: guidance needed on when to not include 173 Allow-Events . . . . . . . . . . . . . . . . . . . . . 50 174 C.3.15. Bug 744: 5xx to NOTIFY terminates a subscription, 175 but should not . . . . . . . . . . . . . . . . . . . . 50 176 C.3.16. Bug 752: Detection of forked requests is incorrect . . 50 177 C.3.17. Bug 773: Reason code needs IANA registry . . . . . . . 50 178 C.3.18. Bug 774: Need new reason for terminating 179 subscriptions to resources that never change . . . . . 50 180 C.3.19. Clarify handling of Route/Record-Route in NOTIFY . . . 50 181 C.3.20. Eliminate implicit subscriptions . . . . . . . . . . . 50 182 C.3.21. Deprecate dialog re-use . . . . . . . . . . . . . . . 51 183 C.3.22. Rationalize dialog creation . . . . . . . . . . . . . 51 184 C.3.23. Refactor behavior sections . . . . . . . . . . . . . . 51 185 C.3.24. Clarify sections that need to be present in event 186 packages . . . . . . . . . . . . . . . . . . . . . . . 51 187 C.3.25. Make CANCEL handling more explicit . . . . . . . . . . 51 188 C.3.26. Remove State Agent Terminology . . . . . . . . . . . . 51 189 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 52 191 1. Introduction 193 The ability to request asynchronous notification of events proves 194 useful in many types of SIP services for which cooperation between 195 end-nodes is required. Examples of such services include automatic 196 callback services (based on terminal state events), buddy lists 197 (based on user presence events), message waiting indications (based 198 on mailbox state change events), and PSTN and Internet 199 Internetworking (PINT) [RFC2848] status (based on call state events). 201 The methods described in this document provide a framework by which 202 notification of these events can be ordered. 204 The event notification mechanisms defined herein are NOT intended to 205 be a general-purpose infrastructure for all classes of event 206 subscription and notification. Meeting requirements for the general 207 problem set of subscription and notification is far too complex for a 208 single protocol. Our goal is to provide a SIP-specific framework for 209 event notification which is not so complex as to be unusable for 210 simple features, but which is still flexible enough to provide 211 powerful services. Note, however, that event packages based on this 212 framework may define arbitrarily elaborate rules which govern the 213 subscription and notification for the events or classes of events 214 they describe. 216 This document does not describe an extension which may be used 217 directly; it must be extended by other documents (herein referred to 218 as "event packages"). In object-oriented design terminology, it may 219 be thought of as an abstract base class which must be derived into an 220 instantiatable class by further extensions. Guidelines for creating 221 these extensions are described in Section 5. 223 1.1. Overview of Operation 225 The general concept is that entities in the network can subscribe to 226 resource or call state for various resources or calls in the network, 227 and those entities (or entities acting on their behalf) can send 228 notifications when those states change. 230 A typical flow of messages would be: 232 Subscriber Notifier 233 |-----SUBSCRIBE---->| Request state subscription 234 |<-------200--------| Acknowledge subscription 235 |<------NOTIFY----- | Return current state information 236 |--------200------->| 237 |<------NOTIFY----- | Return current state information 238 |--------200------->| 240 Subscriptions are expired and must be refreshed by subsequent 241 SUBSCRIBE messages. 243 1.2. Documentation Conventions 245 There are several paragraphs throughout this document which provide 246 motivational or clarifying text. Such passages are non-normative, 247 and are provided only to assist with reader comprehension. These 248 passages are set off from the remainder of the text by being indented 249 thus: 251 This is an example of non-normative explanatory text. It does not 252 form part of the specification, and is used only for 253 clarification. 255 The all-capital terms "MUST", "SHOULD", "MAY", "SHOULD NOT", "MUST 256 NOT", and "RECOMMENDED" are used as defined in [RFC2119]. In 257 particular, implementors need to take careful note of the meaning of 258 "SHOULD" defined in RFC 2119. To rephrase: violation of SHOULD- 259 strength requirements requires careful analysis and clearly 260 enumerable reasons. It is inappropriate to fail to comply with 261 "SHOULD"-strength requirements whimsically or for ease of 262 implementation. 264 The use of quotation marks next to periods and commas follows the 265 convention used by the American Mathematical Society; although 266 contrary to traditional American English convention, this usage lends 267 clarity to certain passages. 269 2. Definitions 271 Event Package: An event package is an additional specification which 272 defines a set of state information to be reported by a notifier to 273 a subscriber. Event packages also define further syntax and 274 semantics based on the framework defined by this document required 275 to convey such state information. 277 Event Template-Package: An event template-package is a special kind 278 of event package which defines a set of states which may be 279 applied to all possible event packages, including itself. 281 Notification: Notification is the act of a notifier sending a NOTIFY 282 message to a subscriber to inform the subscriber of the state of a 283 resource. 285 Notifier: A notifier is a user agent which generates NOTIFY requests 286 for the purpose of notifying subscribers of the state of a 287 resource. Notifiers typically also accept SUBSCRIBE requests to 288 create subscriptions. 290 Subscriber: A subscriber is a user agent which receives NOTIFY 291 requests from notifiers; these NOTIFY requests contain information 292 about the state of a resource in which the subscriber is 293 interested. Subscribers typically also generate SUBSCRIBE 294 requests and send them to notifiers to create subscriptions. 296 Subscription: A subscription is a set of application state 297 associated with a dialog. This application state includes a 298 pointer to the associated dialog, the event package name, and 299 possibly an identification token. Event packages will define 300 additional subscription state information. By definition, 301 subscriptions exist in both a subscriber and a notifier. 303 Subscription Migration: Subscription migration is the act of moving 304 a subscription from one notifier to another notifier. 306 3. SIP Methods for Event Notification 308 3.1. SUBSCRIBE 310 The SUBSCRIBE method is used to request current state and state 311 updates from a remote node. SUBSCRIBE is a target refresh request, 312 as that term is defined in SIP [RFC3261]. 314 3.1.1. Subscription Duration 316 SUBSCRIBE requests SHOULD contain an "Expires" header field (defined 317 in SIP [RFC3261]). This expires value indicates the duration of the 318 subscription. In order to keep subscriptions effective beyond the 319 duration communicated in the "Expires" header field, subscribers need 320 to refresh subscriptions on a periodic basis using a new SUBSCRIBE 321 message on the same dialog as defined in SIP [RFC3261]. 323 If no "Expires" header field is present in a SUBSCRIBE request, the 324 implied default is defined by the event package being used. 326 200-class responses to SUBSCRIBE requests also MUST contain an 327 "Expires" header field. The period of time in the response MAY be 328 shorter but MUST NOT be longer than specified in the request. The 329 notifier is explicitly allowed to shorten the duration to zero. The 330 period of time in the response is the one which defines the duration 331 of the subscription. 333 An "expires" parameter on the "Contact" header field has no semantics 334 for SUBSCRIBE and is explicitly not equivalent to an "Expires" header 335 field in a SUBSCRIBE request or response. 337 A natural consequence of this scheme is that a SUBSCRIBE with an 338 "Expires" of 0 constitutes a request to unsubscribe from an event. 340 In addition to being a request to unsubscribe, a SUBSCRIBE message 341 with "Expires" of 0 also causes a fetch of state; see 342 Section 4.4.3. 344 Notifiers may also wish to cancel subscriptions to events; this is 345 useful, for example, when the resource to which a subscription refers 346 is no longer available. Further details on this mechanism are 347 discussed in Section 4.2.2. 349 3.1.2. Identification of Subscribed Events and Event Classes 351 Identification of events is provided by three pieces of information: 352 Request URI, Event Type, and (optionally) message body. 354 The Request URI of a SUBSCRIBE request, most importantly, contains 355 enough information to route the request to the appropriate entity per 356 the request routing procedures outlined in SIP [RFC3261]. It also 357 contains enough information to identify the resource for which event 358 notification is desired, but not necessarily enough information to 359 uniquely identify the nature of the event (e.g., 360 "sip:adam@example.com" would be an appropriate URI to subscribe to 361 for my presence state; it would also be an appropriate URI to 362 subscribe to the state of my voice mailbox). 364 Subscribers MUST include exactly one "Event" header field in 365 SUBSCRIBE requests, indicating to which event or class of events they 366 are subscribing. The "Event" header field will contain a token which 367 indicates the type of state for which a subscription is being 368 requested. This token will be registered with the IANA and will 369 correspond to an event package which further describes the semantics 370 of the event or event class. 372 If the event package to which the event token corresponds defines 373 behavior associated with the body of its SUBSCRIBE requests, those 374 semantics apply. 376 Event packages may also define parameters for the Event header field; 377 if they do so, they must define the semantics for such parameters. 379 3.1.3. Additional SUBSCRIBE Header Field Values 381 Because SUBSCRIBE requests create a dialog as defined in SIP 382 [RFC3261], they MAY contain an "Accept" header field. This header 383 field, if present, indicates the body formats allowed in subsequent 384 NOTIFY requests. Event packages MUST define the behavior for 385 SUBSCRIBE requests without "Accept" header fields; usually, this will 386 connote a single, default body type. 388 Header values not described in this document are to be interpreted as 389 described in SIP [RFC3261]. 391 3.2. NOTIFY 393 NOTIFY messages are sent to inform subscribers of changes in state to 394 which the subscriber has a subscription. Subscriptions are typically 395 put in place using the SUBSCRIBE method; however, it is possible that 396 other means have been used. 398 NOTIFY is a target refresh request, as that term is defined in SIP 399 [RFC3261]. 401 A NOTIFY does not terminate its corresponding subscription; in other 402 words, a single SUBSCRIBE request may trigger several NOTIFY 403 requests. 405 3.2.1. Identification of Reported Events, Event Classes, and Current 406 State 408 Identification of events being reported in a notification is very 409 similar to that described for subscription to events (see 410 Section 3.1.2). 412 As in SUBSCRIBE requests, NOTIFY "Event" header fields will contain a 413 single event package name for which a notification is being 414 generated. The package name in the "Event" header field MUST match 415 the "Event" header field in the corresponding SUBSCRIBE message. 417 Event packages may define semantics associated with the body of their 418 NOTIFY requests; if they do so, those semantics apply. NOTIFY bodies 419 are expected to provide additional details about the nature of the 420 event which has occurred and the resultant resource state. 422 When present, the body of the NOTIFY request MUST be formatted into 423 one of the body formats specified in the "Accept" header field of the 424 corresponding SUBSCRIBE request. This body will contain either the 425 state of the subscribed resource or a pointer to such state in the 426 form of a URI (see Section 5.4.13). 428 4. Node Behavior 430 4.1. Subscriber Behavior 432 4.1.1. Detecting Support for SIP Events 434 The extension described in this document does not make use of the use 435 of "Require" or "Proxy-Require" header fields; similarly, there is no 436 token defined for "Supported" header fields. Potential subscribers 437 may probe for the support of SIP Events using the OPTIONS request 438 defined in SIP [RFC3261]. 440 The presence of "SUBSCRIBE" in the "Allow" header field of any 441 request or response indicates support for SIP Events; further, in the 442 absence of an "Allow" header field, the simple presence of an "Allow- 443 Events" header field is sufficient to indicate that the node that 444 sent the message is capable of acting as a notifier (see 445 Section 4.4.4. 447 The "methods" parameter for Contact may also be used to 448 specifically announce support for SUBSCRIBE and NOTIFY messages 449 when registering. (See [RFC3840] for details on the "methods" 450 parameter). 452 4.1.2. Creating and Maintaining Subscriptions 454 From the subscriber's perspective, a subscription proceeds according 455 to the following state diagram: 457 +-------------+ 458 | init |<-----------------------+ 459 +-------------+ | 460 | Retry-after 461 Send SUBSCRIBE expires 462 | | 463 V Timer N Fires; | 464 +-------------+ SUBSCRIBE failure | 465 +------------| notify_wait |-- response; --------+ | 466 | +-------------+ or NOTIFY, | | 467 | | state=terminated | | 468 | | | | 469 ++========|===================|============================|==|====++ 470 || | | V | || 471 || Receive NOTIFY, Receive NOTIFY, +-------------+ || 472 || state=active state=pending | terminated | || 473 || | | +-------------+ || 474 || | | A A || 475 || | V Receive NOTIFY, | | || 476 || | +-------------+ state=terminated; | | || 477 || | | pending |-- or 481 response ----+ | || 478 || | +-------------+ to SUBSCRIBE | || 479 || | | refresh | || 480 || | Receive NOTIFY, | || 481 || | state=active | || 482 || | | | || 483 || | V Receive NOTIFY, | || 484 || | +-------------+ state=terminated; | || 485 || +----------->| active |-- or 481 response -------+ || 486 || +-------------+ to SUBSCRIBE || 487 || refresh || 488 || Subscription || 489 ++=================================================================++ 491 Any transition from "notify_wait" into a "pending" or "active" state 492 results in a new subscription. Note that multiple subscriptions can 493 be generated as the result of a single SUBSCRIBE request (see 494 Section 4.4.1). Each of these new subscriptions exists in its own 495 independent state machine. 497 4.1.2.1. Requesting a Subscription 499 SUBSCRIBE is a dialog-creating method, as described in SIP [RFC3261]. 501 When a subscriber wishes to subscribe to a particular state for a 502 resource, it forms a SUBSCRIBE message. If the initial SUBSCRIBE 503 represents a request outside of a dialog (as it typically will), its 504 construction follows the procedures outlined in SIP [RFC3261] for UAC 505 request generation outside of a dialog. 507 This SUBSCRIBE request will be confirmed with a final response. 200- 508 class responses indicate that the subscription has been accepted, and 509 that a NOTIFY will be sent immediately. A 200 response indicates 510 that the subscription has been accepted and that the user is 511 authorized to subscribe to the requested resource. A 202 response 512 merely indicates that the subscription has been understood, and that 513 authorization may or may not have been granted. 515 The "Expires" header field in a 200-class response to SUBSCRIBE 516 indicates the actual duration for which the subscription will remain 517 active (unless refreshed). 519 Non-200 class final responses indicate that no subscription or dialog 520 has been created, and no subsequent NOTIFY message will be sent. All 521 non-200 class responses (with the exception of "489", described 522 herein) have the same meanings and handling as described in SIP 523 [RFC3261]. For the sake of clarity: if a SUBSCRIBE request contains 524 an "Accept" header field, but that field does not indicate a MIME 525 type that the notifier is capable of generating in its NOTIFY 526 requests, then the proper error response is 406 (Not Acceptable). 528 4.1.2.2. Refreshing of Subscriptions 530 At any time before a subscription expires, the subscriber may refresh 531 the timer on such a subscription by sending another SUBSCRIBE request 532 on the same dialog as the existing subscription. The handling for 533 such a request is the same as for the initial creation of a 534 subscription except as described below. 536 If a SUBSCRIBE request to refresh a subscription receives a 404, 405, 537 410, 416, 480-485, 489, 501, or 604 response, the subscriber should 538 consider the subscription terminated. (See [RFC5057] for further 539 details and notes about the effect of error codes on dialogs and 540 usages within dialog, such as subscriptions). If the subscriber 541 wishes to re-subscribe to the state, he does so by composing an 542 unrelated initial SUBSCRIBE request with a freshly-generated Call-ID 543 and a new, unique "From" tag (see Section 4.1.2.1.) 545 If a SUBSCRIBE request to refresh a subscription fails with any error 546 code other than those listed above, the original subscription is 547 still considered valid for the duration of the most recently known 548 "Expires" value as negotiated by SUBSCRIBE and its response, or as 549 communicated by NOTIFY in the "Subscription-State" header field 550 "expires" parameter. 552 Note that many such errors indicate that there may be a problem 553 with the network or the notifier such that no further NOTIFY 554 messages will be received. 556 4.1.2.3. Unsubscribing 558 Unsubscribing is handled in the same way as refreshing of a 559 subscription, with the "Expires" header field set to "0". Note that 560 a successful unsubscription will also trigger a final NOTIFY message. 562 The final NOTIFY may or may not contain information about the state 563 of the resource; subscribers need to be prepared to receive final 564 NOTIFY messages both with and without state. 566 4.1.2.4. Confirmation of Subscription Creation 568 The subscriber can expect to receive a NOTIFY message from each node 569 which has processed a successful subscription or subscription 570 refresh. To ensure that subscribers do not wait indefinitely for a 571 subscription to be established, a subscriber starts a Timer N, set to 572 64*T1. If this Timer N expires prior to the receipt of a NOTIFY 573 message, the subscriber considers the subscription failed, and cleans 574 up any state associated with the subscription attempt. 576 Until Timer N expires, several NOTIFY messages may arrive from 577 different destinations (see Section 4.4.1). Each of these messages 578 establish a new dialog and a new subscription. After the expiration 579 of Timer N, the subscriber SHOULD reject any such NOTIFY messages 580 that would otherwise establish a new dialog with a "481" response 581 code. 583 Until the first NOTIFY message arrives, the subscriber should 584 consider the state of the subscribed resource to be in a neutral 585 state. Documents which define new event packages MUST define this 586 "neutral state" in such a way that makes sense for their application 587 (see Section 5.4.7). 589 Due to the potential for both out-of-order messages and forking, the 590 subscriber MUST be prepared to receive NOTIFY messages before the 591 SUBSCRIBE transaction has completed. 593 Except as noted above, processing of this NOTIFY is the same as in 594 Section 4.1.3. 596 4.1.3. Receiving and Processing State Information 598 Subscribers receive information about the state of a resource to 599 which they have subscribed in the form of NOTIFY requests. 601 Upon receiving a NOTIFY request, the subscriber should check that it 602 matches at least one of its outstanding subscriptions; if not, it 603 MUST return a "481 Subscription does not exist" response unless 604 another 400- or 500-class response is more appropriate. The rules 605 for matching NOTIFY requests with subscriptions that create a new 606 dialog are described in Section 4.4.1. Notifications for 607 subscriptions which were created inside an existing dialog match if 608 they are in the same dialog and the "Event" header fields match (as 609 described in Section 8.2.1). 611 If, for some reason, the event package designated in the "Event" 612 header field of the NOTIFY request is not supported, the subscriber 613 will respond with a "489 Bad Event" response. 615 To prevent spoofing of events, NOTIFY requests SHOULD be 616 authenticated, using any defined SIP authentication mechanism. 618 NOTIFY requests MUST contain "Subscription-State" header fields which 619 indicate the status of the subscription. 621 If the "Subscription-State" header field value is "active", it means 622 that the subscription has been accepted and (in general) has been 623 authorized. If the header field also contains an "expires" 624 parameter, the subscriber SHOULD take it as the authoritative 625 subscription duration and adjust accordingly. The "retry-after" and 626 "reason" parameters have no semantics for "active". 628 If the "Subscription-State" value is "pending", the subscription has 629 been received by the notifier, but there is insufficient policy 630 information to grant or deny the subscription yet. If the header 631 field also contains an "expires" parameter, the subscriber SHOULD 632 take it as the authoritative subscription duration and adjust 633 accordingly. No further action is necessary on the part of the 634 subscriber. The "retry-after" and "reason" parameters have no 635 semantics for "pending". 637 If the "Subscription-State" value is "terminated", the subscriber 638 should consider the subscription terminated. The "expires" parameter 639 has no semantics for "terminated" -- notifiers SHOULD NOT include an 640 "expires" parameter on a "Subscription-State" header field with a 641 value of "terminated," and subscribers MUST ignore any such 642 parameter, if present. If a reason code is present, the client 643 should behave as described below. If no reason code or an unknown 644 reason code is present, the client MAY attempt to re-subscribe at any 645 time (unless a "retry-after" parameter is present, in which case the 646 client SHOULD NOT attempt re-subscription until after the number of 647 seconds specified by the "retry-after" parameter). The reason codes 648 defined by this document are: 650 deactivated: The subscription has been terminated, but the 651 subscriber SHOULD retry immediately with a new subscription. One 652 primary use of such a status code is to allow migration of 653 subscriptions between nodes. The "retry-after" parameter has no 654 semantics for "deactivated". 656 probation: The subscription has been terminated, but the client 657 SHOULD retry at some later time. If a "retry-after" parameter is 658 also present, the client SHOULD wait at least the number of 659 seconds specified by that parameter before attempting to re- 660 subscribe. 662 rejected: The subscription has been terminated due to change in 663 authorization policy. Clients SHOULD NOT attempt to re-subscribe. 664 The "retry-after" parameter has no semantics for "rejected". 666 timeout: The subscription has been terminated because it was not 667 refreshed before it expired. Clients MAY re-subscribe 668 immediately. The "retry-after" parameter has no semantics for 669 "timeout". This reason code is also associated with polling of 670 resource state, as detailed in Section 4.4.3 672 giveup: The subscription has been terminated because the notifier 673 could not obtain authorization in a timely fashion. If a "retry- 674 after" parameter is also present, the client SHOULD wait at least 675 the number of seconds specified by that parameter before 676 attempting to re-subscribe; otherwise, the client MAY retry 677 immediately, but will likely get put back into pending state. 679 noresource: The subscription has been terminated because the 680 resource state which was being monitored no longer exists. 681 Clients SHOULD NOT attempt to re-subscribe. The "retry-after" 682 parameter has no semantics for "noresource". 684 invariant: The subscription has been terminated because the resource 685 state is guaranteed not to change for the foreseeable future. 686 This may be the case, for example, when subscribing to the 687 location information of a fixed-location land-line telephone. 688 When using this reason code, notifiers are advised to include a 689 "retry-after" parameter with a large value (for example, 31536000 690 -- or one year) to prevent older, RFC 3265-compliant clients from 691 periodically resubscribing. Clients SHOULD NOT attempt to 692 resubscribe after receiving a reason code of "invariant," 693 regardless of the presence of or value of a "retry-after" 694 parameter. 696 Other specifications may define new reason codes for use with the 697 "Subscription-State" header field. 699 Once the notification is deemed acceptable to the subscriber, the 700 subscriber SHOULD return a 200 response. In general, it is not 701 expected that NOTIFY responses will contain bodies; however, they 702 MAY, if the NOTIFY request contained an "Accept" header field. 704 Other responses defined in SIP [RFC3261] may also be returned, as 705 appropriate. In no case should a NOTIFY transaction extend for any 706 longer than the time necessary for automated processing. In 707 particular, subscribers MUST NOT wait for a user response before 708 returning a final response to a NOTIFY request. 710 4.1.4. Forking of SUBSCRIBE Messages 712 In accordance with the rules for proxying non-INVITE requests as 713 defined in SIP [RFC3261], successful SUBSCRIBE requests will receive 714 only one 200-class response; however, due to forking, the 715 subscription may have been accepted by multiple nodes. The 716 subscriber MUST therefore be prepared to receive NOTIFY requests with 717 "From:" tags which differ from the "To:" tag received in the 718 SUBSCRIBE 200-class response. 720 If multiple NOTIFY messages are received in different dialogs in 721 response to a single SUBSCRIBE message, each dialog represents a 722 different destination to which the SUBSCRIBE request was forked. 723 Subscriber handling in such situations varies by event package; see 724 Section 5.4.9 for details. 726 4.2. Notifier Behavior 728 4.2.1. Subscription Establishment and Maintenance 730 Notifiers learn about subscription requests by receiving SUBSCRIBE 731 requests from interested parties. Notifiers MUST NOT create 732 subscriptions except upon receipt of a SUBSCRIBE message. However, 733 for historical reasons, the implicit creation of subscriptions as 734 defined in [RFC3515] is still permitted. 736 [RFC3265] allowed the creation of subscriptions using means other 737 than SUBSCRIBE. The only standardized use of this mechanism is 738 the REFER method [RFC3515]. Implementation experience with REFER 739 has shown that the implicit creation of a subscription has a 740 number of undesirable effects, such as the inability to signal the 741 success of a REFER while signaling a problem with the 742 subscription; and difficulty performing one action without the 743 other. Additionally, the proper exchange of dialog identifiers is 744 difficult without dialog re-use (which has its own set of 745 problems; see Section 4.5). 747 4.2.1.1. Initial SUBSCRIBE Transaction Processing 749 In no case should a SUBSCRIBE transaction extend for any longer than 750 the time necessary for automated processing. In particular, 751 notifiers MUST NOT wait for a user response before returning a final 752 response to a SUBSCRIBE request. 754 This requirement is imposed primarily to prevent the non-INVITE 755 transaction timeout timer F (see [RFC3261]) from firing during the 756 SUBSCRIBE transaction, since interaction with a user would often 757 exceed 64*T1 seconds. 759 The notifier SHOULD check that the event package specified in the 760 "Event" header field is understood. If not, the notifier SHOULD 761 return a "489 Bad Event" response to indicate that the specified 762 event/event class is not understood. 764 The notifier SHOULD also perform any necessary authentication and 765 authorization per its local policy. See Section 4.2.1.3. 767 The notifier MAY also check that the duration in the "Expires" header 768 field is not too small. If and only if the expiration interval is 769 greater than zero AND smaller than one hour AND less than a notifier- 770 configured minimum, the notifier MAY return a "423 Interval Too 771 Brief" error which contains a "Min-Expires" header field field. The 772 "Min-Expires" header field is described in SIP [RFC3261]. 774 If the notifier is able to immediately determine that it understands 775 the event package, that the authenticated subscriber is authorized to 776 subscribe, and that there are no other barriers to creating the 777 subscription, it creates the subscription and a dialog (if 778 necessary), and returns a "200 OK" response (unless doing so would 779 reveal authorization policy in an undesirable fashion; see 780 Section 6.2). 782 If the notifier cannot immediately create the subscription (e.g., it 783 needs to wait for user input for authorization, or is acting for 784 another node which is not currently reachable), or wishes to mask 785 authorization policy, it will return a "202 Accepted" response. This 786 response indicates that the request has been received and understood, 787 but does not necessarily imply that the subscription has been 788 authorized yet. 790 When a subscription is created in the notifier, it stores the event 791 package name as part of the subscription information. 793 The "Expires" values present in SUBSCRIBE 200-class responses behave 794 in the same way as they do in REGISTER responses: the server MAY 795 shorten the interval, but MUST NOT lengthen it. 797 If the duration specified in a SUBSCRIBE message is unacceptably 798 short, the notifier may be able to send a 423 response, as 799 described earlier in this section. 801 200-class responses to SUBSCRIBE requests will not generally contain 802 any useful information beyond subscription duration; their primary 803 purpose is to serve as a reliability mechanism. State information 804 will be communicated via a subsequent NOTIFY request from the 805 notifier. 807 The other response codes defined in SIP [RFC3261] may be used in 808 response to SUBSCRIBE requests, as appropriate. 810 4.2.1.2. Confirmation of Subscription Creation/Refreshing 812 Upon successfully accepting or refreshing a subscription, notifiers 813 MUST send a NOTIFY message immediately to communicate the current 814 resource state to the subscriber. This NOTIFY message is sent on the 815 same dialog as created by the SUBSCRIBE response. If the resource 816 has no meaningful state at the time that the SUBSCRIBE message is 817 processed, this NOTIFY message MAY contain an empty or neutral body. 818 See Section 4.2.2 for further details on NOTIFY message generation. 820 Note that a NOTIFY message is always sent immediately after any 200- 821 class response to a SUBSCRIBE request, regardless of whether the 822 subscription has already been authorized. 824 4.2.1.3. Authentication/Authorization of SUBSCRIBE requests 826 Privacy concerns may require that notifiers apply policy to determine 827 whether a particular subscriber is authorized to subscribe to a 828 certain set of events. Such policy may be defined by mechanisms such 829 as access control lists or real-time interaction with a user. In 830 general, authorization of subscribers prior to authentication is not 831 particularly useful. 833 SIP authentication mechanisms are discussed in SIP [RFC3261]. Note 834 that, even if the notifier node typically acts as a proxy, 835 authentication for SUBSCRIBE requests will always be performed via a 836 "401" response, not a "407;" notifiers always act as a user agents 837 when accepting subscriptions and sending notifications. 839 Of course, when acting as a proxy, a node will perform normal 840 proxy authentication (using 407). The foregoing explanation is a 841 reminder that notifiers are always UAs, and as such perform UA 842 authentication. 844 If authorization fails based on an access list or some other 845 automated mechanism (i.e., it can be automatically authoritatively 846 determined that the subscriber is not authorized to subscribe), the 847 notifier SHOULD reply to the request with a "403 Forbidden" or "603 848 Decline" response, unless doing so might reveal information that 849 should stay private; see Section 6.2. 851 If the notifier owner is interactively queried to determine whether a 852 subscription is allowed, a "202 Accept" response is returned 853 immediately. Note that a NOTIFY message is still formed and sent 854 under these circumstances, as described in the previous section. 856 If subscription authorization was delayed and the notifier wishes to 857 convey that such authorization has been declined, it may do so by 858 sending a NOTIFY message containing a "Subscription-State" header 859 field with a value of "terminated" and a reason parameter of 860 "rejected". 862 4.2.1.4. Refreshing of Subscriptions 864 When a notifier receives a subscription refresh, assuming that the 865 subscriber is still authorized, the notifier updates the expiration 866 time for subscription. As with the initial subscription, the server 867 MAY shorten the amount of time until expiration, but MUST NOT 868 increase it. The final expiration time is placed in the "Expires" 869 header field in the response. If the duration specified in a 870 SUBSCRIBE message is unacceptably short, the notifier SHOULD respond 871 with a "423 Interval Too Brief" message. 873 If no refresh for a notification address is received before its 874 expiration time, the subscription is removed. When removing a 875 subscription, the notifier SHOULD send a NOTIFY message with a 876 "Subscription-State" value of "terminated" to inform it that the 877 subscription is being removed. If such a message is sent, the 878 "Subscription-State" header field SHOULD contain a "reason=timeout" 879 parameter. 881 Clients can cause a subscription to be terminated immediately by 882 sending a SUBSCRIBE with an "Expires" header field set to '0'. 883 Notifiers largely treat this the same way as any other subscription 884 expiration: they send a NOTIFY message containing a "Subscription- 885 State" of "terminated", with a reason code of "timeout." For 886 consistency with state polling (see Section 4.4.3) and subscription 887 refreshes, the notifier may choose to include resource state in this 888 final NOTIFY. However, in some cases, including such state makes no 889 sense. Under such circumstances, the notifier may choose to omit 890 state information from the terminal NOTIFY message. 892 The sending of a NOTIFY when a subscription expires allows the 893 corresponding dialog to be terminated, if appropriate. 895 4.2.2. Sending State Information to Subscribers 897 Notifiers use the NOTIFY method to send information about the state 898 of a resource to subscribers. The notifier's view of a subscription 899 is shown in the following state diagram: 901 +-------------+ 902 | init | 903 +-------------+ 904 | 905 Receive SUBSCRIBE, 906 Send NOTIFY 907 | 908 V NOTIFY failure, 909 +-------------+ subscription expires, 910 +------------| resp_wait |-- or terminated ----+ 911 | +-------------+ per local policy | 912 | | | 913 | | | 914 | | V 915 Policy grants Policy needed +-------------+ 916 permission | | terminated | 917 | | +-------------+ 918 | | A A 919 | V NOTIFY failure, | | 920 | +-------------+ subscription expires,| | 921 | | pending |-- or terminated -------+ | 922 | +-------------+ per local policy | 923 | | | 924 | Policy changed to | 925 | grant permission | 926 | | | 927 | V NOTIFY failure, | 928 | +-------------+ subscription expires, | 929 +----------->| active |-- or terminated ---------+ 930 +-------------+ per local policy 932 When a SUBSCRIBE request is answered with a 200-class response, the 933 notifier MUST immediately construct and send a NOTIFY request to the 934 subscriber. When a change in the subscribed state occurs, the 935 notifier SHOULD immediately construct and send a NOTIFY request, 936 subject to authorization, local policy, and throttling 937 considerations. 939 If the NOTIFY request fails due to expiration of SIP Timer F 940 (transaction timeout), the notifier SHOULD remove the subscription. 942 This behavior prevents unnecessary transmission of state 943 information for subscribers who have crashed or disappeared from 944 the network. Because such transmissions will be sent multiple 945 times, per the retransmission algorithm defined in SIP [RFC3261] 946 (instead of the typical single transmission for functioning 947 clients), continuing to service them when no client is available 948 to acknowledge them could place undue strain on a network. Upon 949 client restart or reestablishment of a network connection, it is 950 expected that clients will send SUBSCRIBE messages to refresh 951 potentially stale state information; such messages will re-install 952 subscriptions in all relevant nodes. 954 If the NOTIFY transaction fails due to the receipt of a 404, 405, 955 410, 416, 480-485, 489, 501, or 604 response to the NOTIFY, the 956 notifier MUST remove the corresponding subscription. See [RFC5057] 957 for further details and notes about the effect of error codes on 958 dialogs and usages within dialog (such as subscriptions). 960 A notify error response would generally indicate that something 961 has gone wrong with the subscriber or with some proxy on the way 962 to the subscriber. If the subscriber is in error, it makes the 963 most sense to allow the subscriber to rectify the situation (by 964 re-subscribing) once the error condition has been handled. If a 965 proxy is in error, the periodic SUBSCRIBE refreshes will re- 966 install subscription state once the network problem has been 967 resolved. 969 NOTIFY requests MUST contain a "Subscription-State" header field with 970 a value of "active", "pending", or "terminated". The "active" value 971 indicates that the subscription has been accepted and has been 972 authorized (in most cases; see Section 6.2). The "pending" value 973 indicates that the subscription has been received, but that policy 974 information is insufficient to accept or deny the subscription at 975 this time. The "terminated" value indicates that the subscription is 976 not active. 978 If the value of the "Subscription-State" header field is "active" or 979 "pending", the notifier MUST also include in the "Subscription-State" 980 header field an "expires" parameter which indicates the time 981 remaining on the subscription. The notifier MAY use this mechanism 982 to shorten a subscription; however, this mechanism MUST NOT be used 983 to lengthen a subscription. 985 Including expiration information for active and pending 986 subscriptions is necessary in case the SUBSCRIBE request forks, 987 since the response to a forked SUBSCRIBE may not be received by 988 the subscriber. [RFC3265] allowed the notifier some discretion in 989 the inclusion of this parameter, so subscriber implementations are 990 warned to handle the lack of an "expires" parameter gracefully. 991 Note well that this "expires" value is a parameter on the 992 "Subscription-State" header field, NOT an "Expires" header field. 994 The period of time for a subscription can be shortened to zero by 995 the notifier. In other words, it is perfectly valid for a 996 SUBSCRIBE with a non-zero expires to be answered with a NOTIFY 997 that contains "Subscription-Status: terminated;reason=expired". 998 This merely means that the notifier has shortened the subscription 999 timeout to zero, and the subscription has expired instantaneously. 1000 The body may contain valid state, or it may contain a neutral 1001 state (see Section 5.4.7). 1003 If the value of the "Subscription-State" header field is 1004 "terminated", the notifier SHOULD also include a "reason" parameter. 1005 The notifier MAY also include a "retry-after" parameter, where 1006 appropriate. For details on the value and semantics of the "reason" 1007 and "retry-after" parameters, see Section 4.1.3. 1009 4.2.3. PINT Compatibility 1011 The "Event" header field is considered mandatory for the purposes of 1012 this document. However, to maintain compatibility with PINT (see 1013 [RFC2848]), notifiers MAY interpret a SUBSCRIBE request with no 1014 "Event" header field as requesting a subscription to PINT events. If 1015 a notifier does not support PINT, it SHOULD return "489 Bad Event" to 1016 any SUBSCRIBE messages without an "Event" header field. 1018 4.3. Proxy Behavior 1020 Proxies need no additional behavior beyond that described in SIP 1021 [RFC3261] to support SUBSCRIBE and NOTIFY. If a proxy wishes to see 1022 all of the SUBSCRIBE and NOTIFY requests for a given dialog, it MUST 1023 add a Record-Route header field to the initial SUBSCRIBE request and 1024 all NOTIFY requests. It MAY choose to include Record-Route in 1025 subsequent SUBSCRIBE messages; however, these requests cannot cause 1026 the dialog's route set to be modified. 1028 Proxies that did not add a Record-Route header field to the initial 1029 SUBSCRIBE request MUST NOT add a Record-Route header field to any of 1030 the associated NOTIFY requests. 1032 Note that subscribers and notifiers may elect to use S/MIME 1033 encryption of SUBSCRIBE and NOTIFY requests; consequently, proxies 1034 cannot rely on being able to access any information that is not 1035 explicitly required to be proxy-readable by SIP [RFC3261]. 1037 4.4. Common Behavior 1039 4.4.1. Dialog Creation and Termination 1041 Dialogs are created upon completion of a NOTIFY transaction for a new 1042 subscription, unless the NOTIFY contains a "Subscription-State" of 1043 "terminated." 1045 Because the dialog is established by the NOTIFY request, the route 1046 set at the subscriber is taken from the NOTIFY request itself, as 1047 opposed to the route set present in the 200-class response to the 1048 SUBSCRIBE request. 1050 NOTIFY requests are matched to such SUBSCRIBE requests if they 1051 contain the same "Call-ID", a "To" header field "tag" parameter which 1052 matches the "From" header field "tag" parameter of the SUBSCRIBE, and 1053 the same "Event" header field. Rules for comparisons of the "Event" 1054 header fields are described in Section 8.2.1. 1056 A subscription is destroyed after a notifier sends a NOTIFY request 1057 with a "Subscription-State" of "terminated." The subscriber will 1058 generally answer such final requests with a "200 OK" response (unless 1059 a condition warranting an alternate response has arisen). Except 1060 when the mechanism described in Section 4.5.2 is used, the 1061 destruction of a subscription results in the termination of its 1062 associated dialog. 1064 A subscriber may send a SUBSCRIBE request with an "Expires" header 1065 field of 0 in order to trigger the sending of such a NOTIFY 1066 request; however, for the purposes of subscription and dialog 1067 lifetime, the subscription is not considered terminated until the 1068 NOTIFY transaction with a "Subscription-State" of "terminated" 1069 completes. 1071 4.4.2. Notifier Migration 1073 It is often useful to allow migration of subscriptions between 1074 notifiers. Such migration may be effected by sending a NOTIFY 1075 message with a "Subscription-State" header field of "terminated", and 1076 a reason parameter of "deactivated". This NOTIFY request is 1077 otherwise normal, and is formed as described in Section 4.2.2. 1079 Upon receipt of this NOTIFY message, the subscriber SHOULD attempt to 1080 re-subscribe (as described in the preceding sections). Note that 1081 this subscription is established on a new dialog, and does not re-use 1082 the route set from the previous subscription dialog. 1084 The actual migration is effected by making a change to the policy 1085 (such as routing decisions) of one or more servers to which the 1086 SUBSCRIBE request will be sent in such a way that a different node 1087 ends up responding to the SUBSCRIBE request. This may be as simple 1088 as a change in the local policy in the notifier from which the 1089 subscription is migrating so that it serves as a proxy or redirect 1090 server instead of a notifier. 1092 Whether, when, and why to perform notifier migrations may be 1093 described in individual event packages; otherwise, such decisions are 1094 a matter of local notifier policy, and are left up to individual 1095 implementations. 1097 4.4.3. Polling Resource State 1099 A natural consequence of the behavior described in the preceding 1100 sections is that an immediate fetch without a persistent subscription 1101 may be effected by sending a SUBSCRIBE with an "Expires" of 0. 1103 Of course, an immediate fetch while a subscription is active may be 1104 effected by sending a SUBSCRIBE with an "Expires" equal to the number 1105 of seconds remaining in the subscription. 1107 Upon receipt of this SUBSCRIBE request, the notifier (or notifiers, 1108 if the SUBSCRIBE request was forked) will send a NOTIFY request 1109 containing resource state in the same dialog. 1111 Note that the NOTIFY messages triggered by SUBSCRIBE messages with 1112 "Expires" header fields of 0 will contain a "Subscription-State" 1113 value of "terminated", and a "reason" parameter of "timeout". 1115 Polling of event state can cause significant increases in load on the 1116 network and notifiers; as such, it should be used only sparingly. In 1117 particular, polling SHOULD NOT be used in circumstances in which it 1118 will typically result in more network messages than long-running 1119 subscriptions. 1121 When polling is used, subscribers SHOULD attempt to cache 1122 authentication credentials between polls so as to reduce the number 1123 of messages sent. 1125 Due to the requirement on notifiers to send a NOTIFY immediately 1126 upon receipt of a SUBSCRIBE request, the state provided by polling 1127 is limited to the information that the notifier has immediate 1128 local access to when it receives the SUBSCRIBE. If, for example, 1129 the notifier generally needs to retrieve state from another 1130 network server, then that state will be absent from the NOTIFY 1131 that results from polling. 1133 4.4.4. Allow-Events header field usage 1135 The "Allow-Events" header field, if present, includes a list of 1136 tokens which indicates the event packages supported by a notifier. 1137 In other words, a user agent sending an "Allow-Events" header field 1138 is advertising that it can process SUBSCRIBE requests and generate 1139 NOTIFY requests for all of the event packages listed in that header 1140 field. 1142 Any user agent that can act as a notifier for one or more event 1143 packages SHOULD include an appropriate "Allow-Events" header field 1144 indicating all supported events in all methods which initiate dialogs 1145 and their responses (such as INVITE) and OPTIONS responses. 1147 This information is very useful, for example, in allowing user 1148 agents to render particular interface elements appropriately 1149 according to whether the events required to implement the features 1150 they represent are supported by the appropriate nodes. 1151 On the other hand, it doesn't necessarily make much sense to 1152 indicate supported events inside a NOTIFY-established dialog if 1153 the only event package supported is the one associated with that 1154 subscription. 1156 Note that "Allow-Events" header fields MUST NOT be inserted by 1157 proxies. 1159 4.5. Targeting Subscriptions at Devices 1161 [RFC3265] defined a mechanism by which subscriptions could share 1162 dialogs with invite usages and with other subscriptions. The purpose 1163 of this behavior was to allow subscribers to ensure that a 1164 subscription arrived at the same device as an established dialog. 1165 Unfortunately, the re-use of dialogs has proven to be exceedingly 1166 confusing. [RFC5057] attempted to clarify proper behavior in a 1167 variety of circumstances; however, the ensuing rules remain confusing 1168 and prone to implementation error. At the same time, the mechanism 1169 described in [I-D.ietf-sip-gruu] now provides a far more elegant and 1170 unambiguous means to achieve the same goal. 1172 Consequently, the dialog re-use technique described in RFC 3265 is 1173 now deprecated. 1175 This dialog-sharing technique has also historically been used as a 1176 means for targeting an event package at a dialog. This usage can be 1177 seen, for example, in certain applications of the REFER method 1178 [RFC3515]. With the removal of dialog re-use, an alternate (and more 1179 explicit) means of targeting dialogs needs to be used for this type 1180 of correlation. The appropriate means of such targeting is left up 1181 to the actual event packages. Candidates include the "Target-Dialog" 1182 header field [RFC4528], the "Join" header field [RFC3911], and the 1183 "Replaces" header field [RFC3891], depending on the semantics 1184 desired. Alternately, if the semantics of those header fields do not 1185 match the event package's purpose for correlation, event packages can 1186 devise their own means of identifying dialogs. For an example of 1187 this approach, see the Dialog Event Package [RFC4235]. 1189 4.5.1. Using GRUUs to Route to Devices 1191 Notifiers MUST implement the GRUU extension defined in 1192 [I-D.ietf-sip-gruu], and MUST use a GRUU as their local target. This 1193 allows subscribers to explicitly target desired devices. 1195 If a subscriber wishes to subscribe to a resource on the same device 1196 as an established dialog, it should check whether the remote contact 1197 in that dialog is a GRUU (i.e., whether it contains a "gr" URI 1198 parameter). If so, the subscriber creates a new dialog, using the 1199 GRUU as the request URI for the new SUBSCRIBE. 1201 Because GRUUs are guaranteed to route to a a specific device, this 1202 ensures that the subscription will be routed to the same place as 1203 the established dialog. 1205 4.5.2. Sharing Dialogs 1207 For compatibility with older clients, subscriber and notifier 1208 implementations may choose to allow dialog sharing. The behavior of 1209 multiple usages within a dialog are described in [RFC5057]. 1211 Subscribers MUST NOT attempt to re-use dialogs whose remote target is 1212 a GRUU. 1214 Note that the techniques described in this section are included 1215 for backwards compatibility purposes only. Because subscribers 1216 cannot re-use dialogs with a GRUU for their remote target, and 1217 because notifiers must use GRUUs as their local target, any two 1218 implementations that conform to this specification will 1219 automatically use the mechanism described in Section 4.5.1. 1221 If a subscriber wishes to subscribe to a resource on the same device 1222 as an established dialog and the remote contact is not a GRUU, it MAY 1223 revert to dialog sharing behavior. Alternately, it MAY choose to 1224 treat the remote party as incapable of servicing the subscription 1225 (i.e., the same way it would behave if the remote party did not 1226 support SIP events at all). 1228 If a notifier receives a SUBSCRIBE request for a new subscription on 1229 an existing dialog, it MAY choose to implement dialog sharing 1230 behavior. Alternately, it may choose to fail the SUBSCRIBE request 1231 with a 403 response. The error text of such 403 responses SHOULD 1232 indicate that dialog sharing is not supported. 1234 To implement dialog sharing, subscribers and notifiers perform the 1235 following additional processing: 1237 o When subscriptions exist in dialogs associated with INVITE-created 1238 application state and/or other subscriptions, these sets of 1239 application state do not interact beyond the behavior described 1240 for a dialog (e.g., route set handling). In particular, multiple 1241 subscriptions within a dialog are expire independently, and 1242 require independent SUBSCRIBE refreshes. 1244 o If a subscription's destruction leaves no other application state 1245 associated with the dialog, the dialog terminates. The 1246 destruction of other application state (such as that created by an 1247 INVITE) will not terminate the dialog if a subscription is still 1248 associated with that dialog. This means that, when dialog are re- 1249 used, then a dialog created with an INVITE does not necessarily 1250 terminate upon receipt of a BYE. Similarly, in the case that 1251 several subscriptions are associated with a single dialog, the 1252 dialog does not terminate until all the subscriptions in it are 1253 destroyed. 1255 o Subscribers MAY include an "id" parameter in SUBSCRIBE request 1256 "Event" header field to allow differentiation between multiple 1257 subscriptions in the same dialog. This "id" parameter, if 1258 present, contains an opaque token which identifies the specific 1259 subscription within a dialog. An "id" parameter is only valid 1260 within the scope of a single dialog. 1262 o If an "id" parameter is present in the SUBSCRIBE message used to 1263 establish a subscription, that "id" parameter MUST also be present 1264 in all corresponding NOTIFY messages. 1266 o When a subscriber refreshes a the subscription timer, the 1267 SUBSCRIBE MUST contain the same "Event" header field "id" 1268 parameter as was present in the initial subscription. (Otherwise, 1269 the notifier will interpret the SUBSCRIBE message as a request for 1270 a new subscription in the same dialog). 1272 o When a subscription is created in the notifier, it stores the any 1273 "Event" header field "id" parameter as part of the subscription 1274 information (along with the event package name). 1276 o If an initial SUBSCRIBE is sent on a pre-existing dialog, a 1277 matching NOTIFY request merely creates a new subscription 1278 associated with that dialog. 1280 4.6. CANCEL Requests for SUBSCRIBE and NOTIFY 1282 Neither SUBSCRIBE nor NOTIFY messages can be canceled. If a UAS 1283 receives a CANCEL request that matches a known SUBSCRIBE or NOTIFY 1284 transaction, it MUST respond to the CANCEL request, but otherwise 1285 ignore it. In particular, the CANCEL request MUST NOT affect 1286 processing of the SUBSCRIBE or NOTIFY request in any way. 1288 UACs SHOULD NOT send CANCEL requests for SUBSCRIBE or NOTIFY 1289 transactions. 1291 5. Event Packages 1293 This section covers several issues which should be taken into 1294 consideration when event packages based on SUBSCRIBE and NOTIFY are 1295 proposed. Event package definitions contain sections addressing each 1296 of these issues, ideally in the same order and with the same titles 1297 as the following sections. 1299 5.1. Appropriateness of Usage 1301 When designing an event package using the methods described in this 1302 document for event notification, it is important to consider: is SIP 1303 an appropriate mechanism for the problem set? Is SIP being selected 1304 because of some unique feature provided by the protocol (e.g., user 1305 mobility), or merely because "it can be done?" If you find yourself 1306 defining event packages for notifications related to, for example, 1307 network management or the temperature inside your car's engine, you 1308 may want to reconsider your selection of protocols. 1310 Those interested in extending the mechanism defined in this 1311 document are urged to follow the development of "Guidelines for 1312 Authors of SIP Extensions" [RFC4485] for further guidance 1313 regarding appropriate uses of SIP. 1315 Further, it is expected that this mechanism is not to be used in 1316 applications where the frequency of reportable events is excessively 1317 rapid (e.g., more than about once per second). A SIP network is 1318 generally going to be provisioned for a reasonable signaling volume; 1319 sending a notification every time a user's GPS position changes by 1320 one hundredth of a second could easily overload such a network. 1322 5.2. Event Template-packages 1324 Normal event packages define a set of state applied to a specific 1325 type of resource, such as user presence, call state, and messaging 1326 mailbox state. 1328 Event template-packages are a special type of package which define a 1329 set of state applied to other packages, such as statistics, access 1330 policy, and subscriber lists. Event template-packages may even be 1331 applied to other event template-packages. 1333 To extend the object-oriented analogy made earlier, event template- 1334 packages can be thought of as templatized C++ packages which must be 1335 applied to other packages to be useful. 1337 The name of an event template-package as applied to a package is 1338 formed by appending a period followed by the event template-package 1339 name to the end of the package. For example, if a template-package 1340 called "winfo" were being applied to a package called "presence", the 1341 event token used in "Event" and "Allow-Events" would be 1342 "presence.winfo". 1344 Event template-packages must be defined so that they can be applied 1345 to any arbitrary package. In other words, event template-packages 1346 cannot be specifically tied to one or a few "parent" packages in such 1347 a way that they will not work with other packages. 1349 5.3. Amount of State to be Conveyed 1351 When designing event packages, it is important to consider the type 1352 of information which will be conveyed during a notification. 1354 A natural temptation is to convey merely the event (e.g., "a new 1355 voice message just arrived") without accompanying state (e.g., "7 1356 total voice messages"). This complicates implementation of 1357 subscribing entities (since they have to maintain complete state for 1358 the entity to which they have subscribed), and also is particularly 1359 susceptible to synchronization problems. 1361 There are two possible solutions to this problem that event packages 1362 may choose to implement. 1364 5.3.1. Complete State Information 1366 For packages which typically convey state information that is 1367 reasonably small (on the order of 1 KB or so), it is suggested that 1368 event packages are designed so as to send complete state information 1369 when an event occurs. 1371 In some circumstances, conveying the current state alone may be 1372 insufficient for a particular class of events. In these cases, the 1373 event packages should include complete state information along with 1374 the event that occurred. For example, conveying "no customer service 1375 representatives available" may not be as useful as conveying "no 1376 customer service representatives available; representative 1377 sip:46@cs.xyz.int just logged off". 1379 5.3.2. State Deltas 1381 In the case that the state information to be conveyed is large, the 1382 event package may choose to detail a scheme by which NOTIFY messages 1383 contain state deltas instead of complete state. 1385 Such a scheme would work as follows: any NOTIFY sent in immediate 1386 response to a SUBSCRIBE contains full state information. NOTIFY 1387 messages sent because of a state change will contain only the state 1388 information that has changed; the subscriber will then merge this 1389 information into its current knowledge about the state of the 1390 resource. 1392 Any event package that supports delta changes to states MUST include 1393 a version number that increases by exactly one for each NOTIFY 1394 transaction in a subscription. Note that the state version number 1395 appears in the body of the message, not in a SIP header field. 1397 If a NOTIFY arrives that has a version number that is incremented by 1398 more than one, the subscriber knows that a state delta has been 1399 missed; it ignores the NOTIFY message containing the state delta 1400 (except for the version number, which it retains to detect message 1401 loss), and re-sends a SUBSCRIBE to force a NOTIFY containing a 1402 complete state snapshot. 1404 5.4. Event Package Responsibilities 1406 Event packages are not required to reiterate any of the behavior 1407 described in this document, although they may choose to do so for 1408 clarity or emphasis. In general, though, such packages are expected 1409 to describe only the behavior that extends or modifies the behavior 1410 described in this document. 1412 Note that any behavior designated with "SHOULD" or "MUST" in this 1413 document is not allowed to be weakened by extension documents; 1414 however, such documents may elect to strengthen "SHOULD" requirements 1415 to "MUST" strength if required by their application. 1417 In addition to the normal sections expected in standards-track 1418 RFCs and SIP extension documents, authors of event packages need 1419 to address each of the issues detailed in the following 1420 subsections, whenever applicable. 1422 5.4.1. Event Package Name 1424 This section, which MUST be present, defines the token name to be 1425 used to designate the event package. It MUST include the information 1426 which appears in the IANA registration of the token. For information 1427 on registering such types, see Section 7. 1429 5.4.2. Event Package Parameters 1431 If parameters are to be used on the "Event" header field to modify 1432 the behavior of the event package, the syntax and semantics of such 1433 header fields MUST be clearly defined. 1435 5.4.3. SUBSCRIBE Bodies 1437 It is expected that most, but not all, event packages will define 1438 syntax and semantics for SUBSCRIBE method bodies; these bodies will 1439 typically modify, expand, filter, throttle, and/or set thresholds for 1440 the class of events being requested. Designers of event packages are 1441 strongly encouraged to re-use existing MIME types for message bodies 1442 where practical. 1444 This mandatory section of an event package defines what type or types 1445 of event bodies are expected in SUBSCRIBE requests (or specify that 1446 no event bodies are expected). It should point to detailed 1447 definitions of syntax and semantics for all referenced body types. 1449 5.4.4. Subscription Duration 1451 It is RECOMMENDED that event packages give a suggested range of times 1452 considered reasonable for the duration of a subscription. Such 1453 packages MUST also define a default "Expires" value to be used if 1454 none is specified. 1456 5.4.5. NOTIFY Bodies 1458 The NOTIFY body is used to report state on the resource being 1459 monitored. Each package MUST define what type or types of event 1460 bodies are expected in NOTIFY requests. Such packages MUST specify 1461 or cite detailed specifications for the syntax and semantics 1462 associated with such event body. 1464 Event packages also MUST define which MIME type is to be assumed if 1465 none are specified in the "Accept" header field of the SUBSCRIBE 1466 request. 1468 5.4.6. Notifier processing of SUBSCRIBE requests 1470 This section describes the processing to be performed by the notifier 1471 upon receipt of a SUBSCRIBE request. Such a section is required. 1473 Information in this section includes details of how to authenticate 1474 subscribers and authorization issues for the package. Such 1475 authorization issues may include, for example, whether all SUBSCRIBE 1476 requests for this package are answered with 202 responses (see 1477 Section 6.2). 1479 5.4.7. Notifier generation of NOTIFY requests 1481 This section of an event package describes the process by which the 1482 notifier generates and sends a NOTIFY request. This includes 1483 detailed information about what events cause a NOTIFY to be sent, how 1484 to compute the state information in the NOTIFY, how to generate 1485 neutral or fake state information to hide authorization delays and 1486 decisions from users, and whether state information is complete or 1487 deltas for notifications; see Section 5.3. Such a section is 1488 required. 1490 This section may optionally describe the behavior used to process the 1491 subsequent response. 1493 5.4.8. Subscriber processing of NOTIFY requests 1495 This section of an event package describes the process followed by 1496 the subscriber upon receipt of a NOTIFY request, including any logic 1497 required to form a coherent resource state (if applicable). 1499 5.4.9. Handling of forked requests 1501 Each event package MUST specify whether forked SUBSCRIBE requests are 1502 allowed to install multiple subscriptions. 1504 If such behavior is not allowed, the first potential dialog- 1505 establishing message will create a dialog. All subsequent NOTIFY 1506 messages which correspond to the SUBSCRIBE message (i.e., match "To", 1507 "From", "From" header field "tag" parameter, "Call-ID", "Event", and 1508 "Event" header field "id" parameter) but which do not match the 1509 dialog would be rejected with a 481 response. Note that the 200- 1510 class response to the SUBSCRIBE can arrive after a matching NOTIFY 1511 has been received; such responses might not correlate to the same 1512 dialog established by the NOTIFY. Except as required to complete the 1513 SUBSCRIBE transaction, such non-matching 200-class responses are 1514 ignored. 1516 If installing of multiple subscriptions by way of a single forked 1517 SUBSCRIBE is allowed, the subscriber establishes a new dialog towards 1518 each notifier by returning a 200-class response to each NOTIFY. Each 1519 dialog is then handled as its own entity, and is refreshed 1520 independent of the other dialogs. 1522 In the case that multiple subscriptions are allowed, the event 1523 package MUST specify whether merging of the notifications to form a 1524 single state is required, and how such merging is to be performed. 1525 Note that it is possible that some event packages may be defined in 1526 such a way that each dialog is tied to a mutually exclusive state 1527 which is unaffected by the other dialogs; this MUST be clearly stated 1528 if it is the case. 1530 5.4.10. Rate of notifications 1532 Each event package is expected to define a requirement (SHOULD or 1533 MUST strength) which defines an absolute maximum on the rate at which 1534 notifications are allowed to be generated by a single notifier. 1536 Each package MAY further define a throttle mechanism which allows 1537 subscribers to further limit the rate of notification. 1539 5.4.11. State Aggregation 1541 Many event packages inherently work by collecting information about a 1542 resource from a number of other sources -- either through the use of 1543 PUBLISH [RFC3903], by subscribing to state information, or through 1544 other state gathering mechanisms. 1546 Event packages that involve retrieval of state information for a 1547 single resource from more than one source need to consider how 1548 notifiers aggregate information into a single, coherent state. Such 1549 packages MUST specify how notifiers aggregate information and how 1550 they provide authentication and authorization. 1552 5.4.12. Examples 1554 Event packages SHOULD include several demonstrative message flow 1555 diagrams paired with several typical, syntactically correct, and 1556 complete messages. 1558 It is RECOMMENDED that documents describing event packages clearly 1559 indicate that such examples are informative and not normative, with 1560 instructions that implementors refer to the main text of the document 1561 for exact protocol details. 1563 5.4.13. Use of URIs to Retrieve State 1565 Some types of event packages may define state information which is 1566 potentially too large to reasonably send in a SIP message. To 1567 alleviate this problem, event packages may include the ability to 1568 convey a URI instead of state information; this URI will then be used 1569 to retrieve the actual state information. 1571 [RFC4483] defines a mechanism that can be used by event packages to 1572 convey information in such a fashion. 1574 6. Security Considerations 1576 6.1. Access Control 1578 The ability to accept subscriptions should be under the direct 1579 control of the notifier's user, since many types of events may be 1580 considered sensitive for the purposes of privacy. Similarly, the 1581 notifier should have the ability to selectively reject subscriptions 1582 based on the subscriber identity (based on access control lists), 1583 using standard SIP authentication mechanisms. The methods for 1584 creation and distribution of such access control lists is outside the 1585 scope of this document. 1587 6.2. Notifier Privacy Mechanism 1589 The mere act of returning a 200 or certain 4xx and 6xx responses to 1590 SUBSCRIBE requests may, under certain circumstances, create privacy 1591 concerns by revealing sensitive policy information. In these cases, 1592 the notifier SHOULD always return a 202 response. While the 1593 subsequent NOTIFY message may not convey true state, it MUST appear 1594 to contain a potentially correct piece of data from the point of view 1595 of the subscriber, indistinguishable from a valid response. 1596 Information about whether a user is authorized to subscribe to the 1597 requested state is never conveyed back to the original user under 1598 these circumstances. 1600 Individual packages and their related documents for which such a mode 1601 of operation makes sense can further describe how and why to generate 1602 such potentially correct data. For example, such a mode of operation 1603 is mandated by [RFC2779] for user presence information. 1605 6.3. Denial-of-Service attacks 1607 The current model (one SUBSCRIBE request triggers a SUBSCRIBE 1608 response and one or more NOTIFY requests) is a classic setup for an 1609 amplifier node to be used in a smurf attack. 1611 Also, the creation of state upon receipt of a SUBSCRIBE request can 1612 be used by attackers to consume resources on a victim's machine, 1613 rendering it unusable. 1615 To reduce the chances of such an attack, implementations of notifiers 1616 SHOULD require authentication. Authentication issues are discussed 1617 in SIP [RFC3261]. 1619 6.4. Replay Attacks 1621 Replaying of either SUBSCRIBE or NOTIFY can have detrimental effects. 1623 In the case of SUBSCRIBE messages, attackers may be able to install 1624 any arbitrary subscription which it witnessed being installed at some 1625 point in the past. Replaying of NOTIFY messages may be used to spoof 1626 old state information (although a good versioning mechanism in the 1627 body of the NOTIFY messages may help mitigate such an attack). Note 1628 that the prohibition on sending NOTIFY messages to nodes which have 1629 not subscribed to an event also aids in mitigating the effects of 1630 such an attack. 1632 To prevent such attacks, implementations SHOULD require 1633 authentication with anti-replay protection. Authentication issues 1634 are discussed in SIP [RFC3261]. 1636 6.5. Man-in-the middle attacks 1638 Even with authentication, man-in-the-middle attacks using SUBSCRIBE 1639 may be used to install arbitrary subscriptions, hijack existing 1640 subscriptions, terminate outstanding subscriptions, or modify the 1641 resource to which a subscription is being made. To prevent such 1642 attacks, implementations SHOULD provide integrity protection across 1643 "Contact", "Route", "Expires", "Event", and "To" header fields of 1644 SUBSCRIBE messages, at a minimum. If SUBSCRIBE bodies are used to 1645 define further information about the state of the call, they SHOULD 1646 be included in the integrity protection scheme. 1648 Man-in-the-middle attacks may also attempt to use NOTIFY messages to 1649 spoof arbitrary state information and/or terminate outstanding 1650 subscriptions. To prevent such attacks, implementations SHOULD 1651 provide integrity protection across the "Call-ID", "CSeq", and 1652 "Subscription-State" header fields and the bodies of NOTIFY messages. 1654 Integrity protection of message header fields and bodies is discussed 1655 in SIP [RFC3261]. 1657 6.6. Confidentiality 1659 The state information contained in a NOTIFY message has the potential 1660 to contain sensitive information. Implementations MAY encrypt such 1661 information to ensure confidentiality. 1663 While less likely, it is also possible that the information contained 1664 in a SUBSCRIBE message contains information that users might not want 1665 to have revealed. Implementations MAY encrypt such information to 1666 ensure confidentiality. 1668 To allow the remote party to hide information it considers sensitive, 1669 all implementations SHOULD be able to handle encrypted SUBSCRIBE and 1670 NOTIFY messages. 1672 The mechanisms for providing confidentiality are detailed in SIP 1673 [RFC3261]. 1675 7. IANA Considerations 1677 (This section is not applicable until this document is published as 1678 an RFC.) 1680 7.1. Event Packages 1682 This document defines an event-type namespace which requires a 1683 central coordinating body. The body chosen for this coordination is 1684 the Internet Assigned Numbers Authority (IANA). 1686 There are two different types of event-types: normal event packages, 1687 and event template-packages; see Section 5.2. To avoid confusion, 1688 template-package names and package names share the same namespace; in 1689 other words, an event template-package MUST NOT share a name with a 1690 package. 1692 Following the policies outlined in "Guidelines for Writing an IANA 1693 Considerations Section in RFCs" [RFC2434], normal event package 1694 identification tokens are allocated as First Come First Served, and 1695 event template-package identification tokens are allocated on a IETF 1696 Consensus basis. 1698 Registrations with the IANA MUST include the token being registered 1699 and whether the token is a package or a template-package. Further, 1700 packages MUST include contact information for the party responsible 1701 for the registration and/or a published document which describes the 1702 event package. Event template-package token registrations MUST 1703 include a pointer to the published RFC which defines the event 1704 template-package. 1706 Registered tokens to designate packages and template-packages MUST 1707 NOT contain the character ".", which is used to separate template- 1708 packages from packages. 1710 7.1.1. Registration Information 1712 As this document specifies no package or template-package names, the 1713 initial IANA registration for event types will be empty. The 1714 remainder of the text in this section gives an example of the type of 1715 information to be maintained by the IANA; it also demonstrates all 1716 five possible permutations of package type, contact, and reference. 1718 The table below lists the event packages and template-packages 1719 defined in "SIP-Specific Event Notification" [RFC xxxx]. Each name 1720 is designated as a package or a template-package under "Type". 1722 Package Name Type Contact Reference 1723 ------------ ---- ------- --------- 1724 example1 package [Roach] 1725 example2 package [Roach] [RFC xxxx] 1726 example3 package [RFC xxxx] 1727 example4 template [Roach] [RFC xxxx] 1728 example5 template [RFC xxxx] 1730 PEOPLE 1731 ------ 1732 [Roach] Adam Roach 1734 REFERENCES 1735 ---------- 1736 [RFC xxxx] A.B. Roach, "SIP-Specific Event Notification", RFC XXXX, 1737 Monthname 20XX 1739 7.1.2. Registration Template 1741 To: ietf-sip-events@iana.org 1742 Subject: Registration of new SIP event package 1744 Package Name: 1746 (Package names must conform to the syntax described in 1747 Section 8.2.1.) 1749 Is this registration for a Template Package: 1751 (indicate yes or no) 1753 Published Specification(s): 1755 (Template packages require a published RFC. Other packages may 1756 reference a specification when appropriate). 1758 Person & email address to contact for further information: 1760 7.2. Reason Codes 1762 This document further defines "reason" codes for use in the 1763 "Subscription-State" header field (see Section 4.1.3). 1765 Following the policies outlined in "Guidelines for Writing an IANA 1766 Considerations Section in RFCs" [RFC2434], new reason codes require a 1767 Standards Action. 1769 Registrations with the IANA include the reason code being registered 1770 and a reference to a published document which describes the event 1771 package. Insertion of such values takes place as part of the RFC 1772 publication process or as the result of inter-SDO liaison activity. 1773 New reason codes must conform to the syntax of the ABNF "token" 1774 element defined in SIP [RFC3261]. 1776 [RFC4660] defined a new reason code prior to the establishment of an 1777 IANA registry. We include its reason code ("badfilter") in the 1778 initial list of reason codes to ensure a complete registry. 1780 The IANA registry for reason code will be initialized with the 1781 following values: 1783 Reason Code Reference 1784 ----------- --------- 1785 deactivated [RFC xxxx] 1786 probation [RFC xxxx] 1787 rejected [RFC xxxx] 1788 timeout [RFC xxxx] 1789 giveup [RFC xxxx] 1790 noresource [RFC xxxx] 1791 invariant [RFC xxxx] 1792 badfilter [RFC 4660] 1794 REFERENCES 1795 ---------- 1796 [RFC xxxx] A.B. Roach, "SIP-Specific Event Notification", RFC XXXX, 1797 Monthname 20XX 1799 [RFC 4660] Khartabil, H., Leppanen, E., Lonnfors, M., and 1800 J. Costa-Requena, "Functional Description of Event 1801 Notification Filtering", September 2006. 1803 7.3. Header Field Names 1805 This document registers three new header field names, described 1806 elsewhere in this document. These header fields are defined by the 1807 following information, which is to be added to the header field sub- 1808 registry under http://www.iana.org/assignments/sip-parameters. 1810 Header Name: Allow-Events 1811 Compact Form: u 1813 Header Name: Subscription-State 1814 Compact Form: (none) 1816 Header Name: Event 1817 Compact Form: o 1819 7.4. Response Codes 1821 This document registers two new response codes. These response codes 1822 are defined by the following information, which is to be added to the 1823 method and response-code sub-registry under 1824 http://www.iana.org/assignments/sip-parameters. 1826 Response Code Number: 202 1827 Default Reason Phrase: Accepted 1829 Response Code Number: 489 1830 Default Reason Phrase: Bad Event 1832 8. Syntax 1834 This section describes the syntax extensions required for event 1835 notification in SIP. Semantics are described in Section 4. Note 1836 that the formal syntax definitions described in this document are 1837 expressed in the ABNF format used in SIP [RFC3261], and contain 1838 references to elements defined therein. 1840 8.1. New Methods 1842 This document describes two new SIP methods: SUBSCRIBE and NOTIFY. 1844 This table expands on tables 2 and 3 in SIP [RFC3261]. 1846 Header Where SUB NOT 1847 ------ ----- --- --- 1848 Accept R o o 1849 Accept 2xx - - 1850 Accept 415 o o 1851 Accept-Encoding R o o 1852 Accept-Encoding 2xx - - 1853 Accept-Encoding 415 o o 1854 Accept-Language R o o 1855 Accept-Language 2xx - - 1856 Accept-Language 415 o o 1857 Alert-Info R - - 1858 Alert-Info 180 - - 1859 Allow R o o 1860 Allow 2xx o o 1861 Allow r o o 1862 Allow 405 m m 1863 Authentication-Info 2xx o o 1864 Authorization R o o 1865 Call-ID c m m 1866 Call-Info R o o 1867 Contact R m m 1868 Contact 1xx o o 1869 Contact 2xx m o 1870 Contact 3xx m m 1871 Contact 485 o o 1872 Content-Disposition o o 1873 Content-Encoding o o 1874 Content-Language o o 1875 Content-Length t t 1876 Content-Type * * 1877 CSeq c m m 1878 Date o o 1879 Error-Info 300-699 o o 1880 Expires o - 1881 Expires 2xx m - 1882 From c m m 1883 In-Reply-To R - - 1884 Max-Forwards R m m 1885 Min-Expires 423 m - 1886 MIME-Version o o 1887 Organization o - 1888 Priority R o - 1889 Proxy-Authenticate 407 m m 1890 Proxy-Authorization R o o 1891 Proxy-Require R o o 1892 RAck R - - 1893 Record-Route R o o 1894 Record-Route 2xx,401,484 o o 1895 Reply-To - - 1896 Require o o 1897 Retry-After 404,413,480,486 o o 1898 Retry-After 500,503 o o 1899 Retry-After 600,603 o o 1900 Route R c c 1901 RSeq 1xx o o 1902 Server r o o 1903 Subject R - - 1904 Supported R o o 1905 Supported 2xx o o 1906 Timestamp o o 1907 To c(1) m m 1908 Unsupported 420 o o 1909 User-Agent o o 1910 Via c m m 1911 Warning R - o 1912 Warning r o o 1913 WWW-Authenticate 401 m m 1915 8.1.1. SUBSCRIBE method 1917 "SUBSCRIBE" is added to the definition of the element "Method" in the 1918 SIP message grammar. 1920 Like all SIP method names, the SUBSCRIBE method name is case 1921 sensitive. The SUBSCRIBE method is used to request asynchronous 1922 notification of an event or set of events at a later time. 1924 8.1.2. NOTIFY method 1926 "NOTIFY" is added to the definition of the element "Method" in the 1927 SIP message grammar. 1929 The NOTIFY method is used to notify a SIP node that an event which 1930 has been requested by an earlier SUBSCRIBE method has occurred. It 1931 may also provide further details about the event. 1933 8.2. New Header Fields 1935 This table expands on tables 2 and 3 in SIP [RFC3261], as amended by 1936 the changes described in Section 8.1. 1938 Header field where proxy ACK BYE CAN INV OPT REG PRA SUB NOT 1939 ----------------------------------------------------------------- 1940 Allow-Events R o o - o o o o o o 1941 Allow-Events 2xx - o - o o o o o o 1942 Allow-Events 489 - - - - - - - m m 1943 Event R - - - - - - - m m 1944 Subscription-State R - - - - - - - - m 1946 8.2.1. "Event" Header Field 1948 Event is added to the definition of the element "message-header 1949 field" in the SIP message grammar. 1951 For the purposes of matching NOTIFY messages with SUBSCRIBE messages, 1952 the event-type portion of the "Event" header field is compared byte- 1953 by-byte, and the "id" parameter token (if present) is compared byte- 1954 by-byte. An "Event" header field containing an "id" parameter never 1955 matches an "Event" header field without an "id" parameter. No other 1956 parameters are considered when performing a comparison. SUBSCRIBE 1957 responses are matched per the transaction handling rules in SIP 1958 [RFC3261]. 1960 Note that the forgoing text means that "Event: foo; id=1234" would 1961 match "Event: foo; param=abcd; id=1234", but not "Event: foo" (id 1962 does not match) or "Event: Foo; id=1234" (event portion does not 1963 match). 1965 This document does not define values for event-types. These values 1966 will be defined by individual event packages, and MUST be registered 1967 with the IANA. 1969 There MUST be exactly one event type listed per event header field. 1970 Multiple events per message are disallowed. 1972 8.2.2. "Allow-Events" Header Field 1974 Allow-Events is added to the definition of the element "general- 1975 header field" in the SIP message grammar. Its usage is described in 1976 Section 4.4.4. 1978 8.2.3. "Subscription-State" Header Field 1980 Subscription-State is added to the definition of the element 1981 "request-header field" in the SIP message grammar. Its usage is 1982 described in Section 4.1.3. 1984 8.3. New Response Codes 1986 8.3.1. "202 Accepted" Response Code 1988 The 202 response is added to the "Success" header field definition. 1989 "202 Accepted" has the same meaning as that defined in HTTP/1.1 1990 [RFC2616]. 1992 8.3.2. "489 Bad Event" Response Code 1994 The 489 event response is added to the "Client-Error" header field 1995 field definition. "489 Bad Event" is used to indicate that the server 1996 did not understand the event package specified in a "Event" header 1997 field. 1999 8.4. Augmented BNF Definitions 2001 The Augmented BNF definitions for the various new and modified syntax 2002 elements follows. The notation is as used in SIP [RFC3261], and any 2003 elements not defined in this section are as defined in SIP and the 2004 documents to which it refers. 2006 SUBSCRIBEm = %x53.55.42.53.43.52.49.42.45 ; SUBSCRIBE in caps 2007 NOTIFYm = %x4E.4F.54.49.46.59 ; NOTIFY in caps 2008 extension-method = SUBSCRIBEm / NOTIFYm / token 2010 Event = ( "Event" / "o" ) HCOLON event-type 2011 *( SEMI event-param ) 2012 event-type = event-package *( "." event-template ) 2013 event-package = token-nodot 2014 event-template = token-nodot 2015 token-nodot = 1*( alphanum / "-" / "!" / "%" / "*" 2016 / "_" / "+" / "`" / "'" / "~" ) 2018 ; The use of the "id" parameter is deprecated; it is included 2019 ; for backwards compatibility purposes only. 2020 event-param = generic-param / ( "id" EQUAL token ) 2022 Allow-Events = ( "Allow-Events" / "u" ) HCOLON event-type 2023 *(COMMA event-type) 2025 Subscription-State = "Subscription-State" HCOLON substate-value 2026 *( SEMI subexp-params ) 2027 substate-value = "active" / "pending" / "terminated" 2028 / extension-substate 2029 extension-substate = token 2030 subexp-params = ("reason" EQUAL event-reason-value) 2031 / ("expires" EQUAL delta-seconds) 2032 / ("retry-after" EQUAL delta-seconds) 2033 / generic-param 2034 event-reason-value = "deactivated" 2035 / "probation" 2036 / "rejected" 2037 / "timeout" 2038 / "giveup" 2039 / "noresource" 2040 / "invariant" 2041 / event-reason-extension 2042 event-reason-extension = token 2044 9. References 2046 9.1. Normative References 2048 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2049 Requirement Levels", BCP 14, RFC 2119, March 1997. 2051 [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an 2052 IANA Considerations Section in RFCs", BCP 26, RFC 2434, 2053 October 1998. 2055 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 2056 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 2057 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 2059 [RFC2779] Day, M., Aggarwal, S., Mohr, G., and J. Vincent, "Instant 2060 Messaging / Presence Protocol Requirements", RFC 2779, 2061 February 2000. 2063 [RFC2848] Petrack, S. and L. Conroy, "The PINT Service Protocol: 2064 Extensions to SIP and SDP for IP Access to Telephone Call 2065 Services", RFC 2848, June 2000. 2067 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 2068 A., Peterson, J., Sparks, R., Handley, M., and E. 2069 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 2070 June 2002. 2072 [RFC3265] Roach, A., "Session Initiation Protocol (SIP)-Specific 2073 Event Notification", RFC 3265, June 2002. 2075 [RFC4483] Burger, E., "A Mechanism for Content Indirection in 2076 Session Initiation Protocol (SIP) Messages", RFC 4483, 2077 May 2006. 2079 [I-D.ietf-sip-gruu] 2080 Rosenberg, J., "Obtaining and Using Globally Routable User 2081 Agent (UA) URIs (GRUU) in the Session Initiation Protocol 2082 (SIP)", draft-ietf-sip-gruu-15 (work in progress), 2083 October 2007. 2085 9.2. Informative References 2087 [RFC3515] Sparks, R., "The Session Initiation Protocol (SIP) Refer 2088 Method", RFC 3515, April 2003. 2090 [RFC3840] Rosenberg, J., Schulzrinne, H., and P. Kyzivat, 2091 "Indicating User Agent Capabilities in the Session 2092 Initiation Protocol (SIP)", RFC 3840, August 2004. 2094 [RFC3891] Mahy, R., Biggs, B., and R. Dean, "The Session Initiation 2095 Protocol (SIP) "Replaces" Header", RFC 3891, 2096 September 2004. 2098 [RFC3903] Niemi, A., "Session Initiation Protocol (SIP) Extension 2099 for Event State Publication", RFC 3903, October 2004. 2101 [RFC3911] Mahy, R. and D. Petrie, "The Session Initiation Protocol 2102 (SIP) "Join" Header", RFC 3911, October 2004. 2104 [RFC4235] Rosenberg, J., Schulzrinne, H., and R. Mahy, "An INVITE- 2105 Initiated Dialog Event Package for the Session Initiation 2106 Protocol (SIP)", RFC 4235, November 2005. 2108 [RFC4485] Rosenberg, J. and H. Schulzrinne, "Guidelines for Authors 2109 of Extensions to the Session Initiation Protocol (SIP)", 2110 RFC 4485, May 2006. 2112 [RFC4528] Zeilenga, K., "Lightweight Directory Access Protocol 2113 (LDAP) Assertion Control", RFC 4528, June 2006. 2115 [RFC4660] Khartabil, H., Leppanen, E., Lonnfors, M., and J. Costa- 2116 Requena, "Functional Description of Event Notification 2117 Filtering", RFC 4660, September 2006. 2119 [RFC5057] Sparks, R., "Multiple Dialog Usages in the Session 2120 Initiation Protocol", RFC 5057, November 2007. 2122 Appendix A. Acknowledgements 2124 Thanks to the participants in the Events BOF at the 48th IETF meeting 2125 in Pittsburgh, as well as those who gave ideas and suggestions on the 2126 SIP Events mailing list. In particular, I wish to thank Henning 2127 Schulzrinne of Columbia University for coming up with the final 2128 three-tiered event identification scheme, Sean Olson for 2129 miscellaneous guidance, Jonathan Rosenberg for a thorough scrubbing 2130 of the -00 draft, and the authors of the "SIP Extensions for 2131 Presence" document for their input to SUBSCRIBE and NOTIFY request 2132 semantics. 2134 I also owe a debt of gratitude to all the implementors who have 2135 provided feedback on areas of confusion or difficulty in the original 2136 specification. In particular, Robert Sparks' Herculean efforts 2137 organizing, running, and collecting data from the SIPit events have 2138 proven invaluable in shaking out specification bugs. Robert Sparks 2139 is also responsible for untangling the dialog usage mess, in the form 2140 of RFC 5057. 2142 Appendix B. Open Issues 2143 B.1. Bug 711: Allow-Events can't express template support 2145 OPEN ISSUE: There are several things we can do here. I have not 2146 proposed on in particular; I would prefer to solicit initial feedback 2147 from implementors regarding what has been developed and deployed so 2148 far. 2150 The key problem is that support of template event packages can't be 2151 expressed in a complete yet bounded fashion. It would not be 2152 reasonable, for example, to require notifiers that support winfo on 2153 arbitrary packages to include an "Allow-Events" header field with 2154 contents like "presence, presence.winfo, presence.winfo.winfo, 2155 presence.winfo.winfo.winfo, presence.winfo.winfo.winfo.winfo, 2156 presence.winfo.winfo.winfo.winfo.winfo...." 2158 One alternative would be to list event packages and template event 2159 packages, without explicitly indicating which templates can be 2160 applied to which other packages. In such a case, the preceding 2161 example would be collapsed to "Allow-Events: presence, winfo". The 2162 notifier may have local policy that limits how they can be combined 2163 -- but we have plenty of other places where protocol allows 2164 something, but policy forbids it. 2166 B.2. Remove 202 Response Code? 2168 In practice, the 202 response code defined in RFC 3265 has proven to 2169 be nearly useless, due to its redundancy with the "pending" state, 2170 and its interaction with the HERFP problem. Given that 202 must be 2171 treated as 200 if an implementation does not understand it: would 2172 removing the 202 response code cause any issues for current 2173 implementations? 2175 B.3. Timer N and Resubscribes 2177 Section 4.1.2.4 defines a new Timer N that is used upon initial 2178 subscription to bound the amount of time that a subscriber needs to 2179 wait for a NOTIFY. Should this also apply to resubscribes? On one 2180 hand, the mechanism is not as necessary, since the subscriber already 2181 has a negotiated expiration time associated with the subscription. 2182 On the other hand, if no NOTIFY arrives in 64*T1, it is highly likely 2183 that the notifier has gone off the rails, which means that the 2184 subscriber can safely clean up state associated with that 2185 subscription. The key question involved in applying Timer N to 2186 resubscriptions is whether doing so makes subscriptions unnecessarily 2187 brittle. 2189 Appendix C. Changes 2191 This section, and all of its subsections, will be consolidated into a 2192 single "Changes Since RFC 3265" section prior to publication. Bug 2193 numbers refer to the identifiers for the bug reports kept on file at 2194 http://bugs.sipit.net/. 2196 C.1. Changes from draft-ietf-sipcore-rfc3265bis-00 to 2197 draft-ietf-sipcore-rfc3265bis-01 2199 o Renamed Timer L to Timer N, to avoid a naming conflict. 2200 o Added clarification about proper response when the SUBSCRIBE 2201 indicates an unkonwn MIME type in its Accept header field. 2202 o Clarification around Route and Record-Route behavior. 2203 o Added non-normative warning about the limitations of state 2204 polling. 2205 o Added information about targeting subscriptions at specific 2206 dialogs. 2207 o Added "Call-Info" header field to RFC 3261 Table 2 expansion. 2209 C.2. Changes from draft-roach-sipcore-rfc3265bis-00 to 2210 draft-ietf-sipcore-rfc3265bis-00 2212 None 2214 C.3. Changes since RFC 3265 2216 C.3.1. Bug 666: Clarify use of expires=xxx with terminated 2218 Strengthened language in Section 4.1.3 to clarify that expires should 2219 not be sent with terminated, and must be ignored if received. 2221 C.3.2. Bug 667: Reason code for unsub/poll not clearly spelled out 2223 Clarified description of "timeout" in Section 4.1.3. (n.b., the text 2224 in Section 4.4.3 is actually pretty clear about this). 2226 C.3.3. Bug 669: Clarify: SUBSCRIBE for a duration might be answered 2227 with a NOTIFY/expires=0 2229 Added clarifying text to Section 4.2.2 explaining that shortening a 2230 subscription to zero seconds is valid. Also added sentence to 2231 Section 3.1.1 explicitly allowing shortening to zero. 2233 C.3.4. Bug 670: Dialog State Machine needs clarification 2235 The issues associated with the bug deal exclusively with the handling 2236 of multiple usages with a dialog. This behavior has been deprecated 2237 and moved to Section 4.5.2. This section, in turn, cites [RFC5057], 2238 which addresses all of the issues in Bug 670. 2240 C.3.5. Bug 671: Clarify timeout-based removal of subscriptions 2242 Changed Section 4.2.2 to specifically cite Timer F (so as to avoid 2243 ambiguity between transaction timeouts and retransmission timeouts). 2245 C.3.6. Bug 672: Mandate expires= in NOTIFY 2247 Changed strength of including of "expires" in a NOTIFY from SHOULD to 2248 MUST in Section 4.2.2. 2250 C.3.7. Bug 673: INVITE 481 response effect clarification 2252 This bug was addressed in [RFC5057]. 2254 C.3.8. Bug 677: SUBSCRIBE response matching text in error 2256 Fixed Section 8.2.1 to remove incorrect "...responses and..." -- 2257 explicitly pointed to SIP for transaction response handling. 2259 C.3.9. Bug 695: Document is not explicit about response to NOTIFY at 2260 subscription termination 2262 Added text to Section 4.4.1 indicating that the typical response to a 2263 terminal NOTIFY is a "200 OK". 2265 C.3.10. Bug 696: Subscription state machine needs clarification 2267 Added state machine diagram to Section 4.1.2 with explicit handling 2268 of what to do when a SUBSCRIBE never shows up. Added definition of 2269 and handling for new Timer N to Section 4.1.2.4. Added state machine 2270 to Section 4.2.2 to reinforce text. 2272 C.3.11. Bug 697: Unsubscription behavior could be clarified 2274 Added text to Section 4.2.1.4 encouraging (but not requiring) full 2275 state in final NOTIFY message. Also added text to Section 4.1.2.3 2276 warning subscribers that full state may or may not be present in the 2277 final NOTIFY. 2279 C.3.12. Bug 699: NOTIFY and SUBSCRIBE are target refresh requests 2281 Added text to both Section 3.1 and Section 3.2 explicitly indicating 2282 that SUBSCRIBE and NOTIFY are target refresh methods. 2284 C.3.13. Bug 722: Inconsistent 423 reason phrase text 2286 Changed reason code to "Interval Too Brief" in Section 4.2.1.1 and 2287 Section 4.2.1.4, to match 423 reason code in SIP [RFC3261]. 2289 C.3.14. Bug 741: guidance needed on when to not include Allow-Events 2291 Added non-normative clarification to Section 4.4.4 regarding 2292 inclusion of Allow-Events in a NOTIFY for the one-and-only package 2293 supported by the notifier. 2295 C.3.15. Bug 744: 5xx to NOTIFY terminates a subscription, but should 2296 not 2298 Issue of subscription (usage) termination versus dialog termination 2299 is handled in [RFC5057]. The text in Section 4.2.2 has been updated 2300 to summarize the behavior described by 5057, and cites it for 2301 additional detail and rationale. 2303 C.3.16. Bug 752: Detection of forked requests is incorrect 2305 Removed erroneous "CSeq" from list of matching criteria in 2306 Section 5.4.9. 2308 C.3.17. Bug 773: Reason code needs IANA registry 2310 Added Section 7.2 to create and populate IANA registry. 2312 C.3.18. Bug 774: Need new reason for terminating subscriptions to 2313 resources that never change 2315 Added new "invariant" reason code to Section 4.1.3, ABNF syntax. 2317 C.3.19. Clarify handling of Route/Record-Route in NOTIFY 2319 Changed text in Section 4.3 mandating Record-Route in initial 2320 SUBSCRIBE and all NOTIFY messages, and adding "MAY" level statements 2321 for subsequent SUBSCRIBE messages. 2323 C.3.20. Eliminate implicit subscriptions 2325 Added text to Section 4.2.1 explaining some of the problems 2326 associated with implicit subscriptions, normative language 2327 prohibiting them. Removed language from Section 3.2 describing "non- 2328 SUBSCRIBE" mechanisms for creating subscriptions. Simplified 2329 language in Section 4.2.2, now that the soft-state/non-soft-state 2330 distinction is unnecessary. 2332 C.3.21. Deprecate dialog re-use 2334 Moved handling of dialog re-use and "id" handling to Section 4.5.2. 2335 It is documented only for backwards-compatibility purposes. 2337 C.3.22. Rationalize dialog creation 2339 Section 4.4.1 has been updated to specify that dialogs should be 2340 created when the NOTIFY arrives. Previously, the dialog was 2341 established by the SUBSCRIBE 200, or by the NOTIFY transaction. This 2342 was unnecessarily complicated; the newer rules are easier to 2343 implement (and result in effectively the same behavior on the wire). 2345 C.3.23. Refactor behavior sections 2347 Reorganized Section 4 to consolidate behavior along role lines 2348 (subscriber/notifier/proxy) instead of method lines. 2350 C.3.24. Clarify sections that need to be present in event packages 2352 Added sentence to Section 5 clarifying that event packages are 2353 expected to include explicit sections covering the issues discussed 2354 in this section. 2356 C.3.25. Make CANCEL handling more explicit 2358 Text in Section 4.6 now clearly calls out behavior upon receipt of a 2359 CANCEL. We also echo the "...SHOULD NOT send..." requirement from 2360 [RFC3261]. 2362 C.3.26. Remove State Agent Terminology 2364 As originally planned, we anticipated a fairly large number of event 2365 packages that would move back and forth between end-user devices and 2366 servers in the network. In practice, this has ended up not being the 2367 case. Certain events, like dialog state, are inherently hosted at 2368 end-user devices; others, like presence, are almost always hosted in 2369 the network (due to issues like composition, and the ability to 2370 deliver information when user devices are offline). Further, the 2371 concept of State Agents is the most misunderstood by event package 2372 authors. In my expert review of event packages, I have yet to find 2373 one that got the concept of State Agents completely correct -- and 2374 most of them start out with the concept being 100% backwards from the 2375 way RFC 3265 described it. 2377 Rather than remove the ability to perform the actions previously 2378 attributed to the widely misunderstood term "State Agent," we have 2379 simply eliminated this term. Instead, we talk about the behaviors 2380 required to create state agents (state aggregation, subscription 2381 notification) without defining a formal term to describe the servers 2382 that exhibit these behaviors. In effect, this is an editorial change 2383 to make life easier for event package authors; the actual protocol 2384 does not change as a result. 2386 The definition of "State Agent" has been removed from Section 2. 2387 Section 4.4.2 has been retooled to discuss migration of subscription 2388 in general, without calling out the specific example of state agents. 2389 Section 5.4.11 has been focused on state aggregation in particular, 2390 instead of state aggregation as an aspect of state agents. 2392 Author's Address 2394 Adam Roach 2395 Tekelec 2396 17210 Campbell Rd. 2397 Suite 250 2398 Dallas, TX 75252 2399 US 2401 Email: adam@nostrum.com