idnits 2.17.1 draft-ietf-sipcore-rfc4244bis-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? -- The draft header indicates that this document obsoletes RFC4244, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 419 has weird spacing: '... Alice atla...' == Line 1683 has weird spacing: '... Alice exam...' == Line 1937 has weird spacing: '... Alice atla...' == Line 1990 has weird spacing: '... Alice atla...' == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 14, 2011) is 4819 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFCXXXX' is mentioned on line 1071, but not defined == Unused Reference: 'RFC3969' is defined on line 1517, but no explicit reference was found in the text ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 4244 (Obsoleted by RFC 7044) Summary: 2 errors (**), 0 flaws (~~), 8 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Barnes 3 Internet-Draft Polycom 4 Obsoletes: 4244 (if approved) F. Audet 5 Intended status: Standards Track Skype 6 Expires: August 18, 2011 S. Schubert 7 NTT 8 J. van Elburg 9 Detecon International Gmbh 10 C. Holmberg 11 Ericsson 12 February 14, 2011 14 An Extension to the Session Initiation Protocol (SIP) for Request 15 History Information 16 draft-ietf-sipcore-rfc4244bis-03.txt 18 Abstract 20 This document defines a standard mechanism for capturing the history 21 information associated with a Session Initiation Protocol (SIP) 22 request. This capability enables many enhanced services by providing 23 the information as to how and why a SIP request arrives at a specific 24 application or user. This document defines an optional SIP header 25 field, History-Info, for capturing the history information in 26 requests. The document also defines SIP header field parameters for 27 the History-Info and Contact header fields to tag the method by which 28 the target of a request is determined. In addition, this document 29 defines a value for the Privacy header field specific to the History- 30 Info header field. 32 Status of this Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at http://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on August 18, 2011. 49 Copyright Notice 51 Copyright (c) 2011 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (http://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 This document may contain material from IETF Documents or IETF 65 Contributions published or made publicly available before November 66 10, 2008. The person(s) controlling the copyright in some of this 67 material may not have granted the IETF Trust the right to allow 68 modifications of such material outside the IETF Standards Process. 69 Without obtaining an adequate license from the person(s) controlling 70 the copyright in such materials, this document may not be modified 71 outside the IETF Standards Process, and derivative works of it may 72 not be created outside the IETF Standards Process, except to format 73 it for publication as an RFC or to translate it into languages other 74 than English. 76 Table of Contents 78 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 79 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 4 80 3. Background . . . . . . . . . . . . . . . . . . . . . . . . . . 5 81 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 82 5. History-Info Header Field Protocol Structure . . . . . . . . . 7 83 5.1. History-Info Header Field Example Scenario . . . . . . . . 9 84 6. User Agent Handling of the History-Info Header Field . . . . . 12 85 6.1. User Agent Client (UAC) Behavior . . . . . . . . . . . . . 12 86 6.2. User Agent Server (UAS) Behavior . . . . . . . . . . . . . 12 87 6.2.1. Processing of Requests with History-Info . . . . . . . 12 88 6.2.2. Generation of Responses with History-Info . . . . . . 13 89 7. Proxy/Intermediary Handling of History-Info Header Fields . . 13 90 7.1. Adding the History-Info Header Field to Requests . . . . . 13 91 7.1.1. Forwarding a Request . . . . . . . . . . . . . . . . . 14 92 7.1.2. Retargeting based on failure or 3xx response . . . . . 14 93 7.2. Sending History-Info in Responses . . . . . . . . . . . . 15 94 8. Redirect Server Handling of History-Info Header Fields . . . . 16 95 9. Processing the History-Info Header Field Parameters . . . . . 16 96 9.1. Privacy in the History-Info Header Field . . . . . . . . . 16 97 9.1.1. Indicating Privacy . . . . . . . . . . . . . . . . . . 16 98 9.1.2. Applying Privacy . . . . . . . . . . . . . . . . . . . 17 99 9.2. Reason in the History-info Header Field . . . . . . . . . 18 100 9.3. Indexing in the History-Info Header Field . . . . . . . . 19 101 9.4. Mechanism for Target Determination in the History-Info 102 Header Field . . . . . . . . . . . . . . . . . . . . . . . 20 103 10. Application Considerations . . . . . . . . . . . . . . . . . . 21 104 11. Security Considerations . . . . . . . . . . . . . . . . . . . 23 105 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 106 12.1. Registration of New SIP History-Info Header Field . . . . 24 107 12.2. Registration of "history" for SIP Privacy Header Field . . 24 108 12.3. Registration of Header Field Parameters . . . . . . . . . 25 109 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 25 110 14. Changes from RFC 4244 . . . . . . . . . . . . . . . . . . . . 25 111 14.1. Backwards compatibility . . . . . . . . . . . . . . . . . 27 112 15. Changes since last Version . . . . . . . . . . . . . . . . . . 27 113 16. References . . . . . . . . . . . . . . . . . . . . . . . . . . 33 114 16.1. Normative References . . . . . . . . . . . . . . . . . . . 33 115 16.2. Informative References . . . . . . . . . . . . . . . . . . 34 116 Appendix A. Request History Requirements . . . . . . . . . . . . 34 117 A.1. Security Requirements . . . . . . . . . . . . . . . . . . 35 118 A.2. Privacy Requirements . . . . . . . . . . . . . . . . . . . 36 119 Appendix B. Example call flows . . . . . . . . . . . . . . . . . 37 120 B.1. Sequentially Forking (History-Info in Response) . . . . . 37 121 B.2. History-Info with Privacy Header Field . . . . . . . . . . 44 122 B.3. Privacy for a Specific History-Info Entry . . . . . . . . 46 123 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 47 125 1. Introduction 127 Many services that SIP is anticipated to support require the ability 128 to determine why and how a SIP requests arrived at a specific 129 application. Examples of such services include (but are not limited 130 to) sessions initiated to call centers via "click to talk" SIP 131 Uniform Resource Locators (URLs) on a web page, "call history/ 132 logging" style services within intelligent "call management" software 133 for SIP User Agents (UAs), and calls to voicemail servers. Although 134 SIP implicitly provides the retarget capabilities that enable SIP 135 requests to be routed to chosen applications, there is a need for a 136 standard mechanism within SIP for communicating the retargeting 137 history of the requests. This "request history" information allows 138 the receiving application to determine hints about how and why the 139 SIP request arrived at the application/user. 141 This document defines a SIP header field, History-Info, to provide a 142 standard mechanism for capturing the request history information to 143 enable a wide variety of services for networks and end-users. SIP 144 header field parameters are defined for the History-Info and Contact 145 header fields to tag the method by which the target of a request is 146 determined. In addition, this document defines a value for the 147 Privacy header field specific to the History-Info header. 149 The History-info header field provides a building block for 150 development of SIP based applications and services. The requirements 151 for the solution described in this document are included in 152 Appendix A. Example scenarios using the History-info header field 153 are included in Appendix B. 155 2. Conventions and Terminology 157 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 158 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 159 document are to be interpreted as described in [RFC2119]. 161 The term "retarget" is used in this document to refer to the process 162 of a SIP entity changing a Uniform Resource Identifier (URI) in a 163 request based on the rules for determining request targets as 164 described in Section 16.5 of [RFC3261] and of the subsequent 165 forwarding of that request as described in step 2 in section 16.6 of 166 [RFC3261]. This includes changing the Request-URI due to a location 167 service lookup and redirect processing. This also includes internal 168 (to a proxy/SIP intermediary) changes of the URI prior to forwarding 169 of the request. 171 The terms "location service", "forward", "redirect" and "AOR" are 172 used consistent with the terminology in [RFC3261]. 174 The references to "domain for which the SIP entity/Proxy/Intermediary 175 is responsible" are consistent with and intended to convey the same 176 context as the usage of that terminology in [RFC3261]. The 177 applicability of History-Info to architectures or models outside the 178 context of [RFC3261] is outside the scope of this specification. 180 3. Background 182 SIP implicitly provides retargeting capabilities that enable SIP 183 requests to be routed to specific applications as defined in 184 [RFC3261]. The motivation for capturing the request history is that 185 in the process of retargeting a request, old routing information can 186 be forever lost. This lost information may be important history that 187 allows elements to which the request is retargeted to process the 188 request in a locally defined, application-specific manner. This 189 document defines a mechanism for transporting the request history. 190 Application-specific behavior is outside the scope of this 191 specification. 193 Current network applications provide the ability for elements 194 involved with the request to obtain additional information relating 195 to how and why the request was routed to a particular destination. 196 The following are examples of such applications: 198 1. Web "referral" applications, whereby an application residing 199 within a web server determines that a visitor to a website has 200 arrived at the site via an "associate" site that will receive 201 some "referral" commission for generating this traffic 203 2. Email forwarding whereby the forwarded-to user obtains a 204 "history" of who sent the email to whom and at what time 206 3. Traditional telephony services such as voicemail, call-center 207 "automatic call distribution", and "follow-me" style services 209 Several of the aforementioned applications currently define 210 application-specific mechanisms through which it is possible to 211 obtain the necessary history information. 213 In addition, request history information could be used to enhance 214 basic SIP functionality by providing the following: 216 o Some diagnostic information for debugging SIP requests. 218 o Capturing aliases and Globally Routable User Agent URIs (GRUUs) 219 [RFC5627], which can be overwritten by a home proxy upon receipt 220 of the initial request. 222 o Facilitating the use of limited use addresses (minted on demand) 223 and sub-addressing. 225 o Preserving service specific URIs that can be overwritten by a 226 downstream proxy, such as those defined in [RFC3087], and control 227 of network announcements and IVR with SIP URI [RFC4240]. 229 4. Overview 231 The fundamental functionality provided by the request history 232 information is the ability to inform proxies and UAs involved in 233 processing a request about the history or progress of that request. 234 The solution is to capture the Request-URIs as a request is 235 retargeted, in a SIP header field: History-Info. This allows for the 236 capturing of the history of a request that would be lost with the 237 normal SIP processing involved in the subsequent retargeting of the 238 request. 240 The History-info header field is added to a Request when a new 241 request is created by a UAC or forwarded by a Proxy, or when the 242 target of a request is changed. It is possible for the target of a 243 request to be changed by the same proxy/SIP Intermediary multiple 244 times (referred to as 'internal retargeting'). A SIP entity changing 245 the target of a request in response to a redirect also propagates any 246 History-info header field from the initial request in the new 247 request. The ABNF and detailed description of the History-Info 248 header field parameters, along with examples is provided in 249 Section 5. Section 6, Section 7 and Section 8 provide the detailed 250 handling of the History-Info header field by SIP User Agents, Proxies 251 and Redirect Servers respectively. 253 This specification also defines two new SIP header field parameters, 254 "rc" and "mp", for the History-Info and Contact header fields, to tag 255 the method by which the target of a request is determined. Further 256 detail on the use of these header field parameters is provided in 257 Section 9.4. 259 In addition, this specification defines a priv-value for the Privacy 260 header, "history", that applies to all the History-info header field 261 entries in a Request or to a specific History-info header field hi- 262 entry as described above. Further detail is provided in Section 9.1. 264 5. History-Info Header Field Protocol Structure 266 The History-info header field can appear in any request not 267 associated with an early or established dialog (e.g., INVITE, 268 REGISTER, MESSAGE, REFER and OPTIONS, PUBLISH and SUBSCRIBE, etc.) 269 and any non-100 provisional or final responses to these requests 270 (ISSUER-req, see Appendix A). 272 The following provides details for the information that is captured 273 in the History-Info header field entries for each target used for 274 forwarding a request: 276 o hi-targeted-to-uri: A mandatory parameter for capturing the 277 Request-URI for the specific request as it is forwarded. 279 o hi-index: A mandatory parameter for History-Info reflecting the 280 chronological order of the information, indexed to also reflect 281 the forking and nesting of requests. The format for this 282 parameter is a string of digits, separated by dots to indicate the 283 number of forward hops and retargets. This results in a tree 284 representation of the history of the request, with the lowest- 285 level index reflecting a branch of the tree. By adding the new 286 entries in order (i.e., following existing entries per the details 287 in Section 9.3), including the index and securing the header, the 288 ordering of the History-info header fields in the request is 289 assured. In addition, applications may extract a variety of 290 metrics (total number of retargets, total number of retargets from 291 a specific branch, etc.) based upon the index values. 293 o hi-target-param: An optional parameter reflecting the mechanism by 294 which the Request URI captured in the hi-targeted-to-uri in the 295 hi-entry was determined. This parameter contains either an "rc" 296 or "mp" header field parameter, which is interpreted as follows: 298 "rc": The hi-targeted-to-URI is a contact for the Request-URI, 299 in the incoming request, that is bound to an AOR in an abstract 300 location service. The AOR-to-contact binding has been placed 301 into the location service by a SIP Registrar that received a 302 SIP REGISTER request. The "rc" header field parameter contains 303 the value of the hi-index in the hi-entry with an 304 hi-targeted-to- uri that reflects the Request-URI that was 305 retargeted 307 "mp": The hi-targeted-to-URI represents a user other than the 308 user associated with the Request-URI in the incoming request 309 that was retargeted. This occurs when a request is to 310 statically or dynamically retargeted to another user. The 311 value of the index in the "mp" header field parameter 312 represents the value of the hi-index in the hi-entry with an 313 hi-targeted-to- uri that reflects the Request-URI that was 314 retargeted, thus identifying the "mapped from" target. 316 o Extension (hi-extension): A parameter to allow for future optional 317 extensions. As per [RFC3261], any implementation not 318 understanding an extension MUST ignore it. 320 The ABNF syntax for the History-info header field and header field 321 parameters is as follows: 323 History-Info = "History-Info" HCOLON hi-entry *(COMMA hi-entry) 325 hi-entry = hi-targeted-to-uri *(SEMI hi-param) 327 hi-targeted-to-uri = name-addr 329 hi-param = hi-index / hi-target / hi-extension 331 index-val = 1*DIGIT *("." 1*DIGIT) 333 hi-index = "index" EQUAL index-val 335 hi-target-param = rc-param / mp-param 337 rc-param = "rc" EQUAL index-val 339 mp-param = "mp" EQUAL index-val 341 hi-extension = generic-param 343 The ABNF definitions for "generic-param" and "name-addr" are from 344 [RFC3261]. 346 This document also extends the "contact-params" for the Contact 347 header field as defined in [RFC3261] with the "rc" and "mp" header 348 field parameters defined above. 350 In addition to the parameters defined by the ABNF, an hi-entry may 351 also include a Reason header field and a Privacy header field, which 352 are both escaped in the hi-targeted-to-uri as described below: 354 o Reason: An optional parameter for History-Info, reflected in the 355 History-info header field by including the Reason header field 356 [RFC3326] escaped in the hi-targeted-to-uri. A reason is included 357 for the hi-targeted-to-uri that was retargeted as opposed to the 358 hi-targeted-to-uri to which it was retargeted. 360 o Privacy: An optional parameter for History-Info, reflected in the 361 History-Info header field values by including the Privacy Header 362 [RFC3323] escaped in the hi- targeted-to-uri or by adding the 363 Privacy header field to the request. The latter case indicates 364 that the History-Info entries for the domain MUST be anonymized 365 prior to forwarding, whereas the use of the Privacy header field 366 escaped in the hi-targeted-to-uri means that a specific hi-entry 367 MUST be anonymized. 369 Note that since both the Reason and Privacy parameters are escaped in 370 the hi-targeted-to-uri, these fields will not be available in the 371 case that the hi-targeted-to-uri is a Tel-URI [RFC3966]. In such 372 cases, the Tel-URI SHOULD be transformed into a SIP URI per section 373 19.1.6 of [RFC3261]. 375 The following provides examples of the format for the History-info 376 header field. Note that the backslash and CRLF between the fields in 377 the examples below are for readability purposes only. 379 History-Info: ;index=1;foo=bar 381 History-Info: ;index=1.1,\ 383 ;index=1.2;mp=1.1,\ 385 ;index=1.3;rc=1.2 387 5.1. History-Info Header Field Example Scenario 389 The following is an illustrative example of usage of History-Info. 391 In this example, Alice (sip:alice@atlanta.example.com) calls Bob 392 (sip:bob@biloxi.example.com). Alice's proxy in her home domain (sip: 393 atlanta.example.com) forwards the request to Bob's proxy (sip: 394 biloxi.example.com). When the request arrives at sip: 395 biloxi.example.com, it does a location service lookup for 396 bob@biloxi.example.com and changes the target of the request to Bob's 397 Contact URIs provided as part of normal SIP registration. In this 398 example, Bob is simultaneously contacted on a PC client and on a 399 phone, and Bob answers on the PC client. 401 One important thing illustrated by this call flow is that without 402 History-Info, Bob would "lose" the target information, including any 403 parameters in the request URI. Bob can recover that information by 404 locating the last hi-entry with an "rc" header field parameter. This 405 "rc" parameter contains the index of the hi-entry containing the lost 406 target information - i.e., the sip:bob@biloxi.example.com hi-entry 407 with index=1.1. Note that an hi-entry is not included for the fork 408 to sip:bob@192.0.2.7 since there was no response at the time the 200 409 OK is sent to Alice. 411 The formatting in this scenario is for visual purposes; thus, 412 backslash and CRLF are used between the fields for readability and 413 the headers in the URI are not shown properly formatted for escaping. 414 Refer to Section 5.1 for the proper formatting. Additional detailed 415 scenarios are available in Appendix B. 417 Note: This example uses loose routing procedures. 419 Alice atlanta.example.com biloxi.example.com Bob@pc Bob@phone 420 | | | | | 421 | INVITE sip:bob@biloxi.example.com;p=x | | 422 |--------------->| | | | 423 | Supported: histinfo | | | 424 | | | | | 425 | | INVITE sip:bob@biloxi.example.com;p=x | 426 | |--------------->| | | 427 | History-Info: ;index=1 428 | History-Info: ;index=1.1 | 429 | | | | | 430 | | | INVITE sip:bob@192.0.2.3| 431 | | |--------------->| | 432 | History-Info: ;index=1 433 | History-Info: ;index=1.1 434 | History-Info: ;index=1.1.1;rc=1.1 435 | | | | | 436 | | | INVITE sip:bob@192.0.2.7| 437 | | |-------------------------->| 438 | History-Info: ;index=1 439 | History-Info: ;index=1.1 440 | History-Info: ;index=1.1.2;rc=1.1 441 | | | 200 | | 442 | | |<---------------| | 443 | History-Info: ;index=1 444 | History-Info: ;index=1.1 445 | History-Info: ;index=1.1.1;rc=1.1 446 | | | | | 447 | | 200 | | | 448 | |<---------------| | | 449 | History-Info: ;index=1 450 | History-Info: ;index=1.1 451 | History-Info: ;index=1.1.1;rc=1.1 452 | | | | | 453 | | | Proxy Cancels INVITE | 454 | | |<=========================>| 455 | | | | | 456 | 200 | | | | 457 |<---------------| | | | 458 | History-Info: ;index=1 459 | History-Info: ;index=1.1 460 | History-Info: | ACK | | | 464 | |--------------->| ACK | | 465 | | |--------------->| | 466 Figure 1: Basic Call 468 6. User Agent Handling of the History-Info Header Field 470 This section describes the processing specific to UAs for the 471 History-info header field. 473 6.1. User Agent Client (UAC) Behavior 475 The UAC MUST include the "histinfo" option tag in the Supported 476 header in any new or out-of-dialog request for which the UAC would 477 like the History-info header field in the response. In addition, the 478 UAC MUST add a History-info header field, using the Request-URI of 479 the request as the hi-targeted-to-uri. The hi-index MUST be set to a 480 value of 1 in the hi-entry. This allows intermediaries and the UAS 481 to at least know the original Request-URI. In the case of a B2BUA, a 482 UAC MAY add the hi-entries received in the incoming request at the 483 UAS to the subsequent outgoing request. 485 In the case where a UAC receives a 3xx response with a Contact header 486 field and sends a new request in response to it, the UAC MAY include 487 in the outgoing request the previous hi-entry(s) received in the 488 response. In this case, the UAC MUST escape the Reason header field 489 in the previous (last) hi-entry, as described in Section 9.2. The 490 UAC MUST add an hi-entry using the Request-URI of the outgoing 491 request as the hi-targeted-to-uri. An hi-index MUST be added to the 492 hi-entry. The value for the index is determined following the rules 493 for "Retargeting based upon a Response" as prescribed in Section 9.3. 494 If the Contact header field contains an "rc" or "mp" header field 495 parameter, the UAC MUST add the header field parameter to the new hi- 496 entry as described in Section 9.4. The procedures defined in 497 Section 9.1 are followed to indicate any privacy that the UAC wants 498 applied to the hi-targeted-to-uri. 500 6.2. User Agent Server (UAS) Behavior 502 6.2.1. Processing of Requests with History-Info 504 Once the request terminates at the UAS, the UAS evaluates the 505 History-info header field. The last hi-entry reflects the most 506 recent target and contains the Request-URI for the received request, 507 unless the previous entity that forwarded the request does not 508 support the History-info header field. If the Request-URI of the 509 incoming request does not match the last hi-entry (e.g., the previous 510 entity does not support History-Info), the UAS MUST insert an hi- 511 entry. The UAS MUST set the hi-targeted-to-uri based to the value of 512 Request-URI in the incoming request. If privacy is required for the 513 hi-entry in the response, the UAS MUST escape a Privacy header field 514 with a value of "history" in the hi-entry. The UAS MUST include an 515 hi-index parameter as described in Section 9.3. The UAS MUST NOT 516 include a hi-target attribute, since the UAS has no way to know the 517 mechanism by which the Request-URI was determined. The addition of 518 the missing hi-entry ensures that the most complete information can 519 be provided in the response and provides consistency in the 520 information presented to applications. The information can also be 521 useful for implementations with B2BUAs that include the History-Info, 522 received in the incoming request, in the outgoing request. 524 Prior to any application usage of the information, the UAS ascertains 525 the validity of the information as described in Section 10. 527 6.2.2. Generation of Responses with History-Info 529 If the "histinfo" option tag is received in a request, the UAS MUST 530 include any History-Info received in the request and any hi-entries 531 added by the UAS. In addition, in the case of a B2BUA, the UAS MAY 532 include any hi-entries received by the UAC in the subsequent 533 response. If privacy is required, entries MUST be anonymized as 534 described in Section 9.1. The UAS MUST follow the rules for a 535 redirect server per Section 8 in generating a 3xx response. 537 7. Proxy/Intermediary Handling of History-Info Header Fields 539 This section describes the procedures for proxies and other SIP 540 intermediaries for adding History-Info headers when requests are 541 retargeted. 543 7.1. Adding the History-Info Header Field to Requests 545 This section describes the process of adding the History-Info header 546 to requests in the case of retargeting due to normal forwarding of 547 requests (Section 7.1.1) and in the case of failure or redirection 548 responses (Section 7.1.2). Retargeting is an iterative process, 549 i.e., an intermediary may retarget "internally " more than one time. 550 A typical example would be a proxy that retargets a request first to 551 a different user (i.e., it maps to a different AOR), and then 552 forwards to a registered contact bound to that new AOR. In cases of 553 internal retargeting, an intermediary MUST add multiple hi-entries. 554 For example, an intermediary that retargets bob@example.com to 555 office@example.com and then to office@192.0.2.5 adds hi-entries for 556 both office@example.com and office@192.0.2.5, in order to provide a 557 logical description of the retargeting process internal to the 558 intermediary. Thus, the intermediary MAY escape a Reason header 559 field in the hi-entry with the hi-targeted-to-uri that has been 560 retargeted as shown in the INVITE (F6) in the example in 561 Appendix B.1. 563 7.1.1. Forwarding a Request 565 Upon receipt of a request for a dialog, or a standalone request, a 566 proxy or intermediary forwarding the request performs the following 567 steps. Note that those steps below do not apply if the request is 568 being retargeted as a result of failure (i.e., timeout, reception of 569 an error response). 571 Step 1: Adding Entries on Behalf of Previous Hops 573 If an incoming request does not already have a History-Info header 574 field (i.e., the UAC does not include any History-info header 575 field and none of the previous SIP intermediaries support History- 576 Info) or if the Request-URI of the incoming request does not match 577 the hi-targeted-to-uri in the last hi-entry (i.e., the previous 578 intermediary does not support History-Info) an hi-entry MUST be 579 inserted on behalf of the UAC or intermediary. The SIP 580 intermediary MUST set the hi-targeted-to-uri to the value of the 581 Request-URI in the incoming request. If privacy is required, the 582 procedures of Section 9.1 are followed. The SIP intermediary MUST 583 NOT include an "rc" or "mp" header field parameter. The hi-index 584 parameter MUST be set to a value of "1", as described in 585 Section 9.3. 587 Step 2: Generating New Entries for Each Outgoing Request 589 The SIP intermediary then proceeds to request forwarding as per 590 16.6/[RFC3261]. For each outgoing request relating to a target in 591 the target set, the intermediary MUST add an hi-entry for the 592 specific target. The intermediary MUST set the hi-targeted-to-uri 593 in the hi-entry to the value of the Request-URI of the current 594 (outgoing) request. If privacy is required, the procedures of 595 Section 9.1 are followed. The proxy MUST include an hi-index for 596 the hi-entry as described in Section 9.3. The proxy then includes 597 an "rc" or "mp" header field parameter in the hi-entry, if 598 applicable, as described in Section 9.4. 600 7.1.2. Retargeting based on failure or 3xx response 602 When retargeting a request because of a failure (i.e., either 603 reception of error responses or a timeout which is considered to be 604 an implicit 408 error response) or receipt of a 3XX response, the SIP 605 entity performs the following steps: 607 Step 1: Including the Entries from Responses 609 Along with the History-Info header fields sent in the original 610 request that received an error or 3xx response or timed out, the 611 SIP entity MUST include any new History-Info header field(s) 612 contained in all responses received thus far (including any new 613 hi-entries in the error or 3xx response) in the new outgoing 614 request. The hi-entries MUST be added to the new outgoing request 615 in the order indicated by the values in the hi-index parameters of 616 the hi-entries. 618 Step 2: Tagging the Last Entries 620 The SIP entity then examines the History-Info header fields 621 generated in Step 1. For each of the branches that generated 622 failures or timeouts or received a 3xx response, the SIP entity 623 MUST add a Reason header field to the hi-entry for each of those 624 branches per the procedures of Section 9.2. 626 Step 3: Generating New Entries for Each Outgoing Requests 628 Same as per Step 2 above for the normal forwarding case 629 Section 7.1.1. 631 7.2. Sending History-Info in Responses 633 A SIP entity that receives a request with the "histinfo" option tag 634 in the Supported header, MUST forward captured History-Info in 635 subsequent, provisional, and final responses to the request sent by 636 the ultimate UAS (see Section 6.2), applying the privacy procedures 637 as described in Section 9.1.2. The captured History-Info includes 638 all hi-entries received in the request, as well as the hi-entries 639 that are generated by a SIP entity as a request is retargeted as 640 described in Section 7.1, which also includes hi-entries that are 641 received in other responses. Note that in the case of parallel 642 forking where one branch is successful, only the branches for which 643 responses have been received at the time the proxy sends the 644 successful response are included in that response. For example, an 645 intermediary receives a request with the last hi-entry having an hi- 646 index of 1.1. The intermediary forks three requests in parallel with 647 each request containing a unique hi-entry with the hi-targeted-to- 648 uris set to the value of the Request URI for the request. The hi- 649 entries each have unique hi-index values of 1.1.1, 1.1.2 and 1.1.3 650 respectively. If the processing entity receives a failure response 651 for the branch reflected by the hi-entry with the index of 1.1.2 and 652 a successful response for the branch reflected by the hi-entry with 653 the index of 1.1.3, but has not yet received a response for the 654 branch reflected by the hi-entry with an index of 1.1.1, it would 655 return only the 1.1.2 and 1.1.3 entries with indices of 1.1.2 and 656 1.1.3 to the entity that generated the hi-entry with index of 1.1. 657 See Appendix B.1 for an example. 659 The the addition of the History-Info header fields to responses 660 described above follows the methodology described in Section 16.7 of 661 [RFC3261] for the addition of header fields, with the inclusion of 662 History-info header fields adding an additional step, just before 663 Step 9, "Forwarding the Response". 665 8. Redirect Server Handling of History-Info Header Fields 667 A redirect server MUST include the History-info header fields 668 received in the request in the 3XX response that it sends. A 669 redirect server MUST add any new History-Info entries in cases of 670 retargeting (both internal and to other SIP entities) in the same 671 manner as prescribed for SIP intermediaries Section 7. In generating 672 the Contact header field in the 3xx response, the redirect server 673 adds the appropriate target header field parameter to each Contact 674 header field as described in Section 9.4. 676 9. Processing the History-Info Header Field Parameters 678 The following sections describe the procedures for processing 679 History-Info header field parameters and the header fields escaped in 680 the History-info header field. These procedures are applicable to 681 SIP entities such as Proxies/Intermediaries, Redirect Servers or User 682 Agents. 684 9.1. Privacy in the History-Info Header Field 686 The privacy requirements for this document are described in 687 Appendix A.2. Section 9.1.1 describes the use of the Privacy header 688 field defined in [RFC3323] to indicate the privacy to be applied to 689 the History-Info header field entries. Section 9.1.2 describes the 690 processing of the priv-values in the Privacy header field to privacy 691 protect the History-Info header field entries in the request or 692 response that is being forwarded. 694 9.1.1. Indicating Privacy 696 As with other SIP headers described in [RFC3323], the hi-targeted-to- 697 uris in the History-info header field can inadvertently reveal 698 information about the initiator of the request. Thus, the UAC needs 699 a mechanism to indicate that the hi-targeted-to-uris in the hi- 700 entries need to be privacy protected. The Privacy header field is 701 used by the UAC to indicate the privacy to be applied to all the hi- 702 entries in the request as follows: 704 o If the UAC is including a Privacy header field with a priv-value 705 of "header" in the request, then the UAC SHOULD NOT include a 706 priv-value of "history" in the the Privacy header field in the 707 Request. 709 o If the UAC is including any priv-values other than "header" in the 710 Privacy header field, then the UAC MUST also include a priv-value 711 of "history" in the Privacy header field in the Request. 713 o If the UAC is not including any priv-values in the Privacy header 714 field in the request, then the UAC MUST add a Privacy header 715 field, with a priv-value of "history", to the request. The UAC 716 MUST NOT include a priv-value of "critical" in the Privacy header 717 field in the Request in this case. 719 In addition, the History-info header field can reveal general routing 720 and diverting information within an intermediary, which the 721 intermediary wants to privacy protect. In this case, the 722 intermediary MUST set a Privacy header field to a priv-value of 723 "history" and escape the Privacy header field in the hi-targeted-to- 724 uri, for each hi-entry added by intermediary, as the request is 725 retargeted within the domain for which the SIP entity is responsible. 726 The intermediary MUST NOT include any other priv-values in this 727 Privacy header field. Note that the priv-value in the Privacy header 728 for the incoming request does not necessarily influence whether the 729 intermediary includes a Privacy header field in the hi-entries. For 730 example, even if the Privacy header for the incoming request 731 contained a priv-value of "none", the Proxy can still set a priv- 732 value of "history" in the Privacy header field escaped in the hi- 733 targeted-to-uri. 735 Finally, the terminator of the request may not want to reveal the 736 final reached target to the originator. In this case, the terminator 737 MUST include a Privacy header field with a priv-value of "history", 738 escaped in the hi-targeted-to-uri in the last hi-entry, in the 739 response. As noted above, the terminator of the request MUST NOT use 740 any other priv-values in the Privacy header field escaped in the hi- 741 entry. 743 9.1.2. Applying Privacy 745 When a request is retargeted to a URI associated with a domain for 746 which the SIP intermediary is not responsible or a response is 747 forwarded, a Privacy Service at the boundary of the domain applies 748 the appropriate privacy based on the value of the Privacy header 749 field in the request and in the individual hi-entries. 751 If there is a Privacy header field in the request with a priv-value 752 of "header" or "history", then the hi-targeted-to-uris in the hi- 753 entries, associated with the domain for which a SIP intermediary is 754 responsible, are anonymized. The Privacy Service MUST change any hi- 755 targeted-to-uris in the hi-entries that have not been anonymized to 756 anonymous URIs containing a domain of anonymous.invalid (e.g., 757 anonymous@anonymous.invalid). If the hi-entry has an escaped Privacy 758 header field value, then the Privacy header field value MUST be 759 removed from the hi-entry. Once all the appropriate hi-entries have 760 been anonymized, the priv-value of "history" MUST be removed from the 761 Privacy header field. If there are no remaining priv-values in the 762 Privacy header field, the Privacy header field MUST be removed from 763 the request per [RFC3323]. 765 If there is not a Privacy header field in the request or response 766 that is being forwarded, the Privacy Service MUST anonymize any hi- 767 entries, associated with the domain for which a SIP intermediary is 768 responsible, that contain a Privacy header field with a priv-value of 769 "history". The Privacy Service MUST populate the hi-targeted-to-uri 770 with an anonymous URI with a domain of anonymous.invalid (e.g., 771 anonymous@anonymous.invalid). Any other priv-values in the Privacy 772 header field in the hi-entries MUST be ignored. In any case, the 773 Privacy Service MUST remove the Privacy header field from the hi- 774 entries prior to forwarding. 776 9.2. Reason in the History-info Header Field 778 If the retargeting is due to receipt of an explicit SIP response and 779 the response contains any Reason header fields (see [RFC3326]), then 780 the SIP entity MUST escape the Reason header fields in the hi-entry 781 with the hi-targeted-to-uri containing the URI of the request that 782 was retargeted. If the SIP response does not contain a Reason header 783 field, the SIP entity MUST include an escaped Reason header field, 784 containing the SIP Response Code that triggered the retargeting, in 785 the hi-entry with the hi-targeted-to-uri containing the URI of the 786 request that was retargeted. 788 If a request has timed out (instead of being explicitly rejected), 789 the SIP entity MUST escape a Reason header field, containing a SIP 790 error response code of 408 "Request Timeout" in in the hi-entry with 791 the hi-targeted-to-uri containing the URI of the request that was 792 retargeted. The SIP entity MAY also be escape a Reason header field 793 in the hi-entry with the hi-targeted-to-uri containing the URI of the 794 request that was retargeted as a result of internal retargeting. 796 If additional Reason headers are defined in the future per [RFC3326], 797 the use of these Reason headers for the History-Info header field 798 MUST follow the same rules as described above. 800 9.3. Indexing in the History-Info Header Field 802 In order to maintain ordering and accurately reflect the retargeting 803 of the request, the SIP entity MUST add an hi-index to each hi-entry. 804 Per the syntax in Section 5, the hi-index consists of a series of 805 digits separated by dots (e.g., 1.1.2). Each dot reflects a SIP 806 forwarding hop. The digit following each dot reflects the order in 807 which a request was retargeted at the hop. The highest digit at each 808 hop reflects the number of entities to which the request has been 809 retargeted at the specific hop (i.e., the number of branches). Thus, 810 the indexing results in a logical tree representation for the history 811 of the request. 813 The first index in a series of History-Info entries MUST be set to 1. 814 In the case that a SIP entity (intermediary or UAS) adds an hi-entry 815 on behalf of the previous hop, the hi-index MUST be set to 1. For 816 each forward hop (i.e., each new level of indexing), the hi-index 817 MUST start at 1. An increment of 1 MUST be used for advancing to a 818 new branch. 820 The basic rules for adding the hi-index are summarized as follows: 822 1. Basic Forwarding: In the case of a request that is being 823 forwarded, the hi-index reflects the increasing length of the 824 branch. In this case, the SIP entity MUST read the value from 825 the History-info header field in the received request and MUST 826 add another level of indexing by appending the dot delimiter 827 followed by an initial hi-index for the new level of 1. For 828 example, if the hi-index in the last History-info header field in 829 the received request is 1.1, a proxy would add an hi-entry with 830 an hi-index to 1.1.1 and forward the request. 832 2. Retargeting within a processing entity - 1st instance: For the 833 first instance of retargeting within a processing entity, the SIP 834 entity MUST calculate the hi-index as prescribed for basic 835 forwarding. 837 3. Retargeting within a processing entity - subsequent instance: For 838 each subsequent retargeting of a request by the same SIP entity, 839 the SIP entity MUST add another branch. The SIP entity MUST 840 calculate the hi-index for each new branch by incrementing the 841 value from the hi-index in the last hi-entry at the current 842 level. Per the example above, the hi-index in the next request 843 forwarded by this same SIP entity would be 1.1.2. 845 4. Retargeting based upon a Response: In the case of retargeting due 846 to a specific response (e.g., 302), the SIP entity MUST calculate 847 the hi-index calculated per rule 3. That is, the lowest/last 848 digit of the hi-index MUST be incremented (i.e., a new branch is 849 created), with the increment of 1. For example, if the hi-index 850 in the History-Info header of the sent request is 1.2 and the 851 response to the request is a 302, then the hi-index in the 852 History-Info header field for the new hi-targeted- to-URI would 853 be 1.3. 855 5. Forking requests: If the request forwarding is done in multiple 856 forks (sequentially or in parallel), the SIP entity MUST set the 857 hi-index for each hi-entry for each forked request per the rules 858 above, with each new request having a unique index. Each index 859 MUST be sequentially assigned. For example, if the index in the 860 last History-Info header field in the received request is 1.1, 861 this processing entity would initialize its index to 1.1.1 for 862 the first fork, 1.1.2 for the second, and so forth (see Figure 1 863 for an example). Note that for each individual fork, only the 864 hi-entry corresponding to that fork is included (e.g., the hi- 865 entry for fork 1.1.1 is not included in the request sent to fork 866 1.1.2, and vice-versa). 868 9.4. Mechanism for Target Determination in the History-Info Header 869 Field 871 This specification defines two header field parameters, "rc" and 872 "mp", indicating two non-inclusive mechanisms by which a new target 873 for a request is determined. Both parameters contain an index whose 874 value is the hi-index of the hi-entry with an hi-targeted-to-uri that 875 represents the Request-URI that was retargeted. 877 The SIP entity MUST determine the specific parameter field to be 878 included in the History-info header field as the targets are added to 879 the target set per the procedures in section 16.5 of [RFC3261] or per 880 section 8.1.3.4 [RFC3261] in the case of 3xx responses. In the 881 latter case, the specific header parameter field in the Contact 882 header becomes the header field parameter that is used in the hi- 883 entry when the request is retargeted. If the Contact header field 884 does not contain an "rc" or "mp" header field parameter, then the SIP 885 entity MUST NOT include an "rc" or "mp" in the hi-entry when the 886 request is retargeted. 888 The SIP entity (intermediary or redirect server) determines the 889 specific header field parameter to be used based on the following 890 criteria: 892 o "rc": The target was determined based on a contact that is bound 893 to an AOR in an abstract location service for the Request-URI 894 being retargeted. 896 o "mp": The target was determined based on a mapping to a user other 897 than the user associated with the Request-URI being retargeted. 899 Note that there are two scenarios by which the "mp" parameter can be 900 derived. 902 o The mapping was done by the receiving entity on its own authority, 903 in which case the mp-value is the parent index of the hi-entry's 904 index. 906 o The mapping was done due to receiving a 3xx response, in which 907 case the mp-value is an earlier sibling of the hi-entry's index, 908 that of the downstream request which received the 3xx response. 910 The SIP entity MUST add the "rc" or "mp" header field parameter to 911 the hi-entry when the request is forwarded to the target per step 2 912 in Section 7.1.1. 914 10. Application Considerations 916 History-Info provides a very flexible building block that can be used 917 by intermediaries and UAs for a variety of services. Prior to any 918 application usage of the History-Info header field parameters, the 919 SIP entity that processes the hi-entries MUST evaluate the hi- 920 entries. The SIP entity MUST determine if there are gaps in the 921 indices. Gaps are possible if the request is forwarded through 922 intermediaries that do not support the History-info header field and 923 are reflected by the existence of multiple hi-entries with an index 924 of "1". Gaps are also possible in the case of parallel forking if 925 there is an outstanding request at the time the SIP entity sends a 926 response as described in Section 7.2. Thus, if gaps are detected, 927 the SIP entity MUST NOT treat this as an error, but rather indicate 928 to any applications that there are gaps. The most complete 929 information available to the application is the History-Info entries 930 starting with the last hi-entry with an index of "1". The 931 interpretation of the information in the History-info header field 932 depends upon the specific application; an application might need to 933 provide special handling in some cases where there are gaps. 935 The following summarizes the categories of information that 936 applications can use: 938 1. Complete history information - e.g., for debug or other 939 operational and management aspects, optimization of determining 940 targets to avoid retargeting to the same URI, etc. This 941 information is relevant to proxies, UACs and UASs. 943 2. Hi-entry with the index that matches the value of the last hi- 944 entry with a "rc" header parameter in the Request received by a 945 UAS - i.e., the Request URI associated with the destination of 946 the request was determined based on an AOR-to-contact binding in 947 an abstract location service. 949 3. Hi-entry with the index that matches the value of the last hi- 950 entry with a "mp" header parameter in the Request received by a 951 UAS - i.e., the last Request URI that was mapped to reach the 952 destination. 954 4. Hi-entry with the index that matches the value of the first hi- 955 entry with a "rc" header parameter in the Request received by a 956 UAS. Note, this would be the original AoR if all the entities 957 involved support the History-info header field and there is 958 absence of a "mp" header parameter prior to the "rc" header 959 parameter in the History-info header field. However, there is no 960 guarantee that all entities will support History-Info, thus the 961 first hi-entry with an "rc" header parameter within the domain 962 associated with the target URI at the destination is more likely 963 to be useful. 965 5. Hi-entry with the index that matches the value of the first hi- 966 entry with a "mp" header parameter in the Request received by a 967 UAS. Note, this would be the original mapped URI if all entities 968 supported the History-info header field. However, there is no 969 guarantee that all entities will support History-Info, thus the 970 first hi-entry with an "mp" header parameter within the domain 971 associated with the target URI at the destination is more likely 972 to be useful. 974 In many cases, applications are most interested in the information 975 within a particular domain(s), thus only a subset of the information 976 is required. 978 Some applications may use multiple types of information. For 979 example, an Automatic Call Distribution (ACD)/Call center application 980 that utilizes the hi-entry who index matches the index of the first 981 History-Info entry with an hi-target value of "mp", may also display 982 other agents, reflected by other History-Info entries prior to 983 entries with hi-target values of "rc", to whom the call was targeted 984 prior to its arrival at the current agent. This could allow the 985 agent the ability to decide how they might forward or reroute the 986 call if necessary (avoiding agents that were not previously available 987 for whatever reason, etc.). 989 Since support for History-info header field is optional, a service 990 MUST define default behavior for requests and responses not 991 containing History-Info headers. For example, an entity may receive 992 only partial History-Info entries or entries which are not tagged 993 appropriately with an hi-target parameter. This may not impact some 994 applications (e.g., debug), however, it could require some 995 applications to make some default assumptions in this case. For 996 example, in an ACD scenario, the application could select the oldest 997 hi-entry with the domain associated with the ACD system and display 998 that as the original called party. Depending upon how and where the 999 request may have been retargeted, the complete list of agents to whom 1000 the call was targeted may not be available. 1002 11. Security Considerations 1004 The security requirements for this document are specified in 1005 Appendix A.1. 1007 This document defines a header for SIP. The use of the Transport 1008 Layer Security (TLS) protocol [RFC5246] as a mechanism to ensure the 1009 overall confidentiality of the History-Info headers (SEC-req-4) is 1010 strongly RECOMMENDED. This results in History-Info having at least 1011 the same level of security as other headers in SIP that are inserted 1012 by intermediaries. With TLS, History-Info headers are no less, nor 1013 no more, secure than other SIP headers, which generally have even 1014 more impact on the subsequent processing of SIP sessions than the 1015 History-info header field. 1017 Note that while using the SIPS scheme (as per [RFC5630]) protects 1018 History-Info from tampering by arbitrary parties outside the SIP 1019 message path, all the intermediaries on the path are trusted 1020 implicitly. A malicious intermediary could arbitrarily delete, 1021 rewrite, or modify History-Info. This specification does not attempt 1022 to prevent or detect attacks by malicious intermediaries. 1024 12. IANA Considerations 1026 This document requires several IANA registrations detailed in the 1027 following sections. 1029 This document updates [RFC4244] but uses the same SIP header field 1030 name and option tag. The IANA registry needs to update the 1031 references to [RFC4244] with [RFCXXXX]. 1033 12.1. Registration of New SIP History-Info Header Field 1035 This document defines a SIP header field name: History-Info and an 1036 option tag: histinfo. The following changes have been made to 1037 http:///www.iana.org/assignments/sip-parameters The following row has 1038 been added to the header field section:. 1040 The following row has been added to the header field section: 1042 Header Name Compact Form Reference 1043 ----------- ------------ --------- 1044 History-Info none [RFCXXXX] 1046 The following has been added to the Options Tags section: 1048 Name Description Reference 1049 ---- ----------- --------- 1050 histinfo When used with the Supported header, [RFCXXXX] 1051 this option tag indicates the UAC 1052 supports the History Information to be 1053 captured for requests and returned in 1054 subsequent responses. This tag is not 1055 used in a Proxy-Require or Require 1056 header field since support of 1057 History-Info is optional. 1059 Note to RFC Editor: Please replace RFC XXXX with the RFC number of 1060 this specification. 1062 12.2. Registration of "history" for SIP Privacy Header Field 1064 This document defines a priv-value for the SIP Privacy header field: 1065 history The following changes have been made to 1066 http://www.iana.org/assignments/sip-priv-values The following has 1067 been added to the registration for the SIP Privacy header field: 1069 Name Description Registrant Reference 1070 ---- ----------- ---------- --------- 1071 history Privacy requested for Mary Barnes [RFCXXXX] 1072 History-info header mary.barnes@polycom.com 1073 fields(s) 1075 Note to RFC Editor: Please replace RFC XXXX with the RFC number of 1076 this specification. 1078 12.3. Registration of Header Field Parameters 1080 This specification defines the following new SIP header field 1081 parameters in the SIP Header Field parameter sub-registry in the SIP 1082 Parameter Registry, http:/www.iana.org/assignments/sip-parameters. 1084 Header Field Parameter Name Predefined Reference 1085 Values 1086 _____________________________________________________________________ 1087 History-Info mp No [RFC xxxx] 1088 History-Info rc No [RFC xxxx] 1089 Contact mp No [RFC xxxx] 1090 Contact rc No [RFC xxxx] 1092 Note to RFC Editor: Please replace RFC XXXX with the RFC number of 1093 this specification. 1095 13. Acknowledgements 1097 Jonathan Rosenberg et al produced the document that provided 1098 additional use cases precipitating the requirement for the new header 1099 parameters to capture the method by which a Request URI is 1100 determined. The authors would like to acknowledge the constructive 1101 feedback provided by Ian Elz, Paul Kyzivat, John Elwell, Hadriel 1102 Kaplan and Dale Worley. 1104 Mark Watson, Cullen Jennings and Jon Peterson provided significant 1105 input into the initial work that resulted in the development of of 1106 [RFC4244]. The editor would like to acknowledge the constructive 1107 feedback provided by Robert Sparks, Paul Kyzivat, Scott Orton, John 1108 Elwell, Nir Chen, Palash Jain, Brian Stucker, Norma Ng, Anthony 1109 Brown, Jayshree Bharatia, Jonathan Rosenberg, Eric Burger, Martin 1110 Dolly, Roland Jesske, Takuya Sawada, Sebastien Prouvost, and 1111 Sebastien Garcin in the development of [RFC4244]. 1113 The editor would like to acknowledge the significant input from Rohan 1114 Mahy on some of the normative aspects of the ABNF for [RFC4244], 1115 particularly around the need for and format of the index and around 1116 the security aspects. 1118 14. Changes from RFC 4244 1120 This RFC replaces [RFC4244]. 1122 Deployment experience with [RFC4244] over the years has shown a 1123 number of issues, warranting an update: 1125 o In order to make [RFC4244] work in "real life", one needs to make 1126 "assumptions" on how History-Info is used. For example, many 1127 implementations filter out many entries, and only leave specific 1128 entries corresponding, for example, to first and last redirection. 1129 Since vendors uses different rules, it causes significant 1130 interoperability isssues. 1132 o [RFC4244] is overly permissive and evasive about recording 1133 entries, causing interoperability issues. 1135 o The examples in the call flows had errors, and confusing because 1136 they often assume "loose routing". 1138 o [RFC4244] has lots of repetitive and unclear text due to the 1139 combination of requirements with solution. 1141 o [RFC4244] gratuitously mandates the use of TLS on every hop. No 1142 existing implementation enforces this rule, and instead, the use 1143 of TLS or not is a general SIP issue, not an [RFC4244] issue per 1144 se. 1146 o [RFC4244] does not include clear procedures on how to deliver 1147 current target URI information to the UAS when the Request-URI is 1148 replaced with a contact. 1150 o [RFC4244] does not allow for marking History-Info entries for easy 1151 processing by User Agents. 1153 The following summarizes the functional changes between this 1154 specification and [RFC4244]: 1156 1. Added header field parameters to capture the specific method by 1157 which a target is determined to facilitate processing by users of 1158 the History-info header field entries. A specific header field 1159 parameter is captured for each of the target URIs as the target 1160 set is determined (per section 16.5 of [RFC3261]). The header 1161 field parameter is used in both the History-Info and the Contact 1162 header fields. 1164 2. Rather than recommending that entries be removed in the case of 1165 certain values of the Privacy header field, the entries are 1166 anonymized. 1168 3. Updated the security section to be equivalent to the security 1169 recommendations for other SIP headers inserted by intermediaries. 1171 The first 2 changes are intended to facilitate application usage of 1172 the History-info header field and eliminate the need to make 1173 assumptions based upon the order of the entries and ensure that the 1174 most complete set of information is available to the applications. 1176 In addition, editorial changes were done to both condense and clarify 1177 the text, moving the requirements to an appendix and removing the 1178 inline references to the requirements. The examples were simplified 1179 and updated to reflect the protocol changes. Several of the call 1180 flows in the appendix were removed and put into a separate document 1181 that includes additional use cases that require the new header 1182 parameters. 1184 14.1. Backwards compatibility 1186 This specification is backwards compatible since [RFC4244] allows for 1187 the addition of new optional parameters. This specification adds an 1188 optional SIP header field parameter to the History-Info and Contact 1189 headers. Entities that have not implemented this specification MUST 1190 ignore these parameters, however, per [RFC4244] an entity MUST NOT 1191 remove this parameter from an hi-entry. 1193 15. Changes since last Version 1195 NOTE TO THE RFC-Editor: Please remove this section prior to 1196 publication as an RFC. 1198 Changes from 02 to 03: 1200 1. Lots of editorial: 1202 A. Reorganized sections similar to the RFC 4244 order - i.e., 1203 introduce header field parameters and syntax first, then 1204 describe how the functional entities use the header. This 1205 removes redundant (and often inconsistent) text describing 1206 the parameters. 1208 B. Expanded use of "header" to "header field" 1210 C. More precision in terms of "escaping" of the Privacy and 1211 Reason headers in the hi-targeted-to-uri (versus 1212 "adding"/"setting"/etc. them to the hi-entry). 1214 D. Consistent use of parameter names (i.e., hi-entry versus 1215 entry, hi-target versus target, etc.) 1217 E. Moved item 6 in the Index section to the section on Response 1218 handling 1220 F. Removed last remaining vestiges of inline references to 1221 requirements. 1223 2. Clarifications of functionality/applicability including: 1225 A. which messages may contain History-Info 1227 B. removing security text with regards to being able to figure 1228 out if there are missing entries when using TLS (issue #44) 1230 C. More complete information on the new header field parameters 1231 as they relate to the hi-target parameter. 1233 D. Changed wording from passive to active for normative 1234 statements in many cases and removed superfluous normative 1235 language. 1237 3. Rewrite of the Privacy section to address issues and splitting 1238 into the setting of the Privacy header fields and the processing/ 1239 application of the privacy header field priv-values. 1241 4. Rewrite of the Reason header field section - simplifying the text 1242 and adding back the RFC 4244 text with regards to the use of the 1243 Reason header field in cases of internal retargeting. 1245 Changes from 01 to 02: 1247 1. Editorial nits/clarifications. [Issues: 1,6,17,18,21- 1248 23,25,26,30-33,35-37,39,40] 1250 2. Removing extraneous 4244 text - e.g., errors in flows, 1251 "stronger" security, "session" privacy. [Issues: 3,5,7,11 ] 1253 3. Updated definition of "retarget" to be all encompassing - i.e., 1254 also includes internal changes of target URI. Clarified text 1255 for "internal retarging" in proxy section. [Issues: 2,8,9] 1257 4. Clarified that the processing for Proxies is equally applicable 1258 to other SIP intermediaries. [Issue: 9]. 1260 5. Changed more SHOULDs to MUSTs. [Issue: 10] 1262 6. Fixes to Application considerations section. [Issues: 12-15] 1263 7. Changed language in the procedure for Indexing to normative 1264 language. 1266 8. Clarifications for UAC processing: 1268 * MUST add hi-entry. [Issue: 28] 1270 * Clarify applicability to B2BUA. [Issue: 29] 1272 * Fixed text for indexing for UAC in case of 3xx. 1274 9. Changed "hit" URI parameter to header parameters: [Issues:4,40] 1276 * Added index to all target header parameters. [Issues: 41] 1278 * Updated all the relevant sections documenting setting and use 1279 of new header parameters. [Issue: 40] 1281 10. Updated/clarified privacy handling. [Issue: 16] 1283 11. Updated Redirect Server section to allow adding History-info 1284 header fields. [Issue: 24 ] 1286 12. Added text around restrictions for Tel-URIs - i.e., no privacy 1287 or reason. [Issues: 4, 12] 1289 13. Updated text for forking - what goes in response. [Issues: 1290 19,20] 1292 Changes from 00 to 01: 1294 1. Moved examples (except first) in appendix to a new 1295 (informational) document. 1297 2. Updated UAS and UAC sections to clarify and expand on the 1298 handling of the History-info header field. 1300 3. Updated the Application considerations section: 1302 * Included more detail with regards to how applications can make 1303 use of the information, in particular based on the new tags. 1305 * Removed privacy consideration (2nd bullet) since privacy is 1306 now accomplished by anonymizing rather than removal of 1307 entries. 1309 Changes from (individual) barnes-sipcore-4244bis-03 to (WG) ietf- 1310 sipcore-4244bis-00: 1312 1. Added a new SIP/SIPS URI parameter to tag the URIs as they are 1313 added to the target list and those returned in the contact header 1314 in a 3xx response. 1316 2. Updated description of "target" parameter to use the new URI 1317 parameter value in setting the value for the parameter. 1319 3. Clarified privacy. 1321 4. Changed handling at redirect server to include the use of the new 1322 URI parameter and to remove the functionality of adding the 1323 History-Info entries (basically reverting to core 4244 1324 processing). 1326 5. Additional text to clarify that a service such as voicemail can 1327 be done in multiple ways. 1329 6. Editorial changes including removal of some vestiges of tagging 1330 all entries (including the "aor" tag). 1332 Changes from barnes-sipcore-4244bis-02 to 03: 1334 1. Fixed problem with indices in example in voicemail example. 1336 2. Removed oc and rt from the Hi-target parameter. 1338 3. Removed aor tag 1340 4. Added index parameter to "mp" 1342 5. Added use-cases and call-flows from target-uri into appendix. 1344 Changes from barnes-sipcore-4244bis-01 to 02: 1346 1. Added hi-aor parameter that gets marked on the "incoming" hi- 1347 entry. 1349 2. Hi-target parameter defined to be either rc, oc, mp, rt, and now 1350 gets included when adding an hi-entry. 1352 3. Added section on backwards compatibility, as well as added the 1353 recognition and handling of requests that do not support this 1354 specification in the appropriate sections. 1356 4. Updated redirect server/3xx handling to support the new 1357 parameters - i.e., the redirecting entity must add the new hi- 1358 entry since the proxy does not have access to the information as 1359 to how the Contact was determined. 1361 5. Added section on normative differences between this document and 1362 RFC 4244. 1364 6. Restructuring of document to be more in line with current IETF 1365 practices. 1367 7. Moved Requirements section into an Appendix. 1369 8. Fixed ABNF to remove unintended ordering requirement on hi-index 1370 that was introduced in attempting to illustrate it was a 1371 mandatory parameter. 1373 Changes from barnes-sipcore-4244bis-00 to 01 : 1375 1. Clarified "retarget" definition. 1377 2. Removed privacy discussion from optionality section - just refer 1378 to privacy section. 1380 3. Removed extraneous text from target-parameter (leftover from sip- 1381 4244bis). Changed the terminology from the "reason" to the 1382 "mechanism" to avoid ambiguity with parameter. 1384 4. Various changes to clarify some of the text around privacy. 1386 5. Reverted proxy response handling text to previous form - just 1387 changing the privacy aspects to anonymize, rather than remove. 1389 6. Other editorial changes to condense and simplify. 1391 7. Moved Privacy examples to Appendix. 1393 8. Added forking to Basic call example. 1395 Changes from barnes-sipcore-4244bis-00 to 01 : 1397 1. Clarified "retarget" definition. 1399 2. Removed privacy discussion from optionality section - just refer 1400 to privacy section. 1402 3. Removed extraneous text from target-parameter (leftover from sip- 1403 4244bis). Changed the terminology from the "reason" to the 1404 "mechanism" to avoid ambiguity with parameter. 1406 4. Various changes to clarify some of the text around privacy. 1408 5. Reverted proxy response handling text to previous form - just 1409 changing the privacy aspects to anonymize, rather than remove. 1411 6. Other editorial changes to condense and simplify. 1413 7. Moved Privacy examples to Appendix. 1415 8. Added forking to Basic call example. 1417 Changes from barnes-sip-4244bis-00 to barnes-sipcore-4244bis-00: 1419 1. Added tags for each type of retargeting including proxy hops, 1420 etc. - i.e., a tag is defined for each specific mechanism by 1421 which the new Request-URI is determined. Note, this is 1422 extremely helpful in terms of backwards compatibility. 1424 2. Fixed all the examples. Made sure loose routing was used in all 1425 of them. 1427 3. Removed example where a proxy using strict routing is using 1428 History-Info for avoiding trying same route twice. 1430 4. Remove redundant Redirect Server example. 1432 5. Index is now mandated to start at "1" instead of recommended. 1434 6. Updated 3xx behavior as the entity sending the 3XX response MUST 1435 add the hi-target attribute to the previous hi-entry to ensure 1436 that it is appropriately tagged (i.e., it's the only one that 1437 knows how the contact in the 3xx was determined.) 1439 7. Removed lots of ambiguity by making many "MAYs" into "SHOULDs" 1440 and some "SHOULDs" into "MUSTs". 1442 8. Privacy is now recommended to be done by anonymizing entries as 1443 per RFC 3323 instead of by removing or omitting hi-entry(s). 1445 9. Requirement for TLS is now same level as per RFC 3261. 1447 10. Clarified behavior for "Privacy" (i.e., that Privacy is for Hi- 1448 entries, not headers). 1450 11. Removed "OPTIONALITY" as specific requirements, since it's 1451 rather superflous. 1453 12. Other editorial changes to remove redundant text/sections. 1455 Changes from RFC4244 to barnes-sip-4244bis-00: 1457 1. Clarified that HI captures both retargeting as well as cases of 1458 just forwarding a request. 1460 2. Added descriptions of the usage of the terms "retarget", 1461 "forward" and "redirect" to the terminology section. 1463 3. Added additional examples for the functionality provided by HI 1464 for core SIP. 1466 4. Added hi-target parameter values to HI header to ABNF and 1467 protocol description, as well as defining proxy, UAC and UAS 1468 behavior for the parameter. 1470 5. Simplified example call flow in section 4.5. Moved previous call 1471 flow to appendix. 1473 6. Fixed ABNF per RFC4244 errata "dot" -> "." and added new 1474 parameter. 1476 16. References 1478 16.1. Normative References 1480 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 1481 A., Peterson, J., Sparks, R., Handley, M., and E. 1482 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 1483 June 2002. 1485 [RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, "The Reason 1486 Header Field for the Session Initiation Protocol (SIP)", 1487 RFC 3326, December 2002. 1489 [RFC3323] Peterson, J., "A Privacy Mechanism for the Session 1490 Initiation Protocol (SIP)", RFC 3323, November 2002. 1492 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1493 Requirement Levels", BCP 14, RFC 2119, March 1997. 1495 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1496 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 1498 [RFC4244] Barnes, M., "An Extension to the Session Initiation 1499 Protocol (SIP) for Request History Information", RFC 4244, 1500 November 2005. 1502 16.2. Informative References 1504 [RFC5627] Rosenberg, J., "Obtaining and Using Globally Routable User 1505 Agent URIs (GRUUs) in the Session Initiation Protocol 1506 (SIP)", RFC 5627, October 2009. 1508 [RFC5630] Audet, F., "The Use of the SIPS URI Scheme in the Session 1509 Initiation Protocol (SIP)", RFC 5630, October 2009. 1511 [RFC3087] Campbell, B. and R. Sparks, "Control of Service Context 1512 using SIP Request-URI", RFC 3087, April 2001. 1514 [RFC4240] Burger, E., Van Dyke, J., and A. Spitzer, "Basic Network 1515 Media Services with SIP", RFC 4240, December 2005. 1517 [RFC3969] Camarillo, G., "The Internet Assigned Number Authority 1518 (IANA) Uniform Resource Identifier (URI) Parameter 1519 Registry for the Session Initiation Protocol (SIP)", 1520 BCP 99, RFC 3969, December 2004. 1522 [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", 1523 RFC 3966, December 2004. 1525 Appendix A. Request History Requirements 1527 The following list constitutes a set of requirements for a "Request 1528 History" capability. 1530 1. CAPABILITY-req: The "Request History" capability provides a 1531 capability to inform proxies and UAs involved in processing a 1532 request about the history/progress of that request. Although 1533 this is inherently provided when the retarget is in response to a 1534 SIP redirect, it is deemed useful for non-redirect retargeting 1535 scenarios, as well. 1537 2. GENERATION-req: "Request History" information is generated when 1538 the request is retargeted. 1540 A. In some scenarios, it might be possible for more than one 1541 instance of retargeting to occur within the same Proxy. A 1542 proxy MUST also generate Request History information for the 1543 'internal retargeting'. 1545 B. An entity (UA or proxy) retargeting in response to a redirect 1546 or REFER MUST include any Request History information from 1547 the redirect/REFER in the new request. 1549 3. ISSUER-req: "Request History" information can be generated by a 1550 UA or proxy. It can be passed in both requests and responses. 1552 4. CONTENT-req: The "Request History" information for each 1553 occurrence of retargeting shall include the following: 1555 A. The new URI or address to which the request is in the process 1556 of being retargeted, 1558 B. The URI or address from which the request was retargeted, and 1559 wether the retarget URI was an AOR 1561 C. The mechanism by which the new URI or address was determined, 1563 D. The reason for the Request-URI or address modification, 1565 E. Chronological ordering of the Request History information. 1567 5. REQUEST-VALIDITY-req: Request History is applicable to requests 1568 not sent within an early or established dialog (e.g., INVITE, 1569 REGISTER, MESSAGE, and OPTIONS). 1571 6. BACKWARDS-req: Request History information may be passed from the 1572 generating entity backwards towards the UAC. This is needed to 1573 enable services that inform the calling party about the dialog 1574 establishment attempts. 1576 7. FORWARDS-req: Request History information may also be included by 1577 the generating entity in the request, if it is forwarded onwards. 1579 A.1. Security Requirements 1581 The Request History information is being inserted by a network 1582 element retargeting a Request, resulting in a slightly different 1583 problem than the basic SIP header problem, thus requiring specific 1584 consideration. It is recognized that these security requirements can 1585 be generalized to a basic requirement of being able to secure 1586 information that is inserted by proxies. 1588 The potential security problems include the following: 1590 1. A rogue application could insert a bogus Request History-Info 1591 entry either by adding an additional hi-entry as a result of 1592 retargeting or entering invalid information. 1594 2. A rogue application could re-arrange the Request History 1595 information to change the nature of the end application or to 1596 mislead the receiver of the information. 1598 3. A rogue application could delete some or all of the Request 1599 History information. 1601 Thus, a security solution for "Request History" must meet the 1602 following requirements: 1604 1. SEC-req-1: The entity receiving the Request History must be able 1605 to determine whether any of the previously added Request History 1606 content has been altered. 1608 2. SEC-req-2: The ordering of the Request History information must 1609 be preserved at each instance of retargeting. 1611 3. SEC-req-3: The entity receiving the information conveyed by the 1612 Request History must be able to authenticate the entity providing 1613 the request. 1615 4. SEC-req-4: To ensure the confidentiality of the Request History 1616 information, only entities that process the request SHOULD have 1617 visibility to the information. 1619 It should be noted that these security requirements apply to any 1620 entity making use of the Request History information. 1622 A.2. Privacy Requirements 1624 Since the Request-URI that is captured could inadvertently reveal 1625 information about the originator, there are general privacy 1626 requirements that MUST be met: 1628 1. PRIV-req-1: The entity retargeting the Request must ensure that 1629 it maintains the network-provided privacy (as described in 1630 [RFC3323]) associated with the Request as it is retargeted. 1632 2. PRIV-req-2: The entity receiving the Request History must 1633 maintain the privacy associated with the information. In 1634 addition, local policy at a proxy may identify privacy 1635 requirements associated with the Request-URI being captured in 1636 the Request History information. 1638 3. PRIV-req-3: Request History information subject to privacy shall 1639 not be included in ougoing messages unless it is protected as 1640 described in [RFC3323]. 1642 Appendix B. Example call flows 1644 The scenarios in this section provide sample use cases for the 1645 History-info header field for informational purposes only. They are 1646 not intended to be normative. A basic forking use case is included, 1647 along with two use cases illustrating the use of the privacy. 1649 B.1. Sequentially Forking (History-Info in Response) 1651 This scenario highlights an example where the History-Info in the 1652 response is useful to an application or user that originated the 1653 request. 1655 Alice sends a call to Bob via sip:example.com. The proxy sip: 1656 example.com sequentially tries Bob on a SIP UA that has bound a 1657 contact with the sip:bob@example.com AOR, and then several alternate 1658 addresses (Office and Home) unsuccessfully before sending a response 1659 to Alice. The hi-entry containing the initial contact is the hi- 1660 entry just prior to the first hi-entry tagged with an hi-target value 1661 of "rc". In this example, the Office and Home are not the same AOR 1662 as sip:bob@example.com, but rather different AORs that have been 1663 configured as alternate addresses for Bob in the proxy. In other 1664 words, Office and Bob are not bound through SIP Registration with 1665 Bob's AOR. This type of arrangement is common for example when a 1666 "routing" rule to a PSTN number is manually configured in a Proxy. 1667 These hi-entries are identified by the index contained in the hi- 1668 target "mp" parameter in the hi-entries. 1670 This scenario illustrates that by providing the History-Info to 1671 Alice, the end-user or an application at Alice could make a decision 1672 on how best to attempt finding Bob without sending multiple requests 1673 to the same destination. Upon receipt of the response containing the 1674 History-Info entries, the Request URIs for the History-Info entries 1675 tagged with "mp" are extracted. Those Request-URIs can be compared 1676 to other URIs (if any) that might be attempted in order to establish 1677 the session with Bob. Thus, avoiding another INVITE to Bob's home 1678 phone. Without this mechanism, Alice might well attempt to reach Bob 1679 at his office phone, which would then retarget the request to Bob's 1680 home phone. When that attempt failed, then Alice might attempt to 1681 reach Bob directly at his home phone, unknowingly for a third time. 1683 Alice example.com Bob Office Home 1684 | | | | | 1685 | INVITE F1 | | | | 1686 |----------->| INVITE F2 | | | 1687 | |----------------->| | | 1688 | 100 Trying F3 | | | 1689 |<-----------| 302 Move Temporarily F4 | | 1690 | |<-----------------| | | 1691 | | ACK F5 | | | 1692 | |----------------->| | | 1693 | | INVITE F6 | | 1694 | |-------------------------->| | 1695 | | 180 Ringing F7 | | 1696 | |<--------------------------| | 1697 | 180 Ringing F8 | | 1698 |<-----------| retransmit INVITE | | 1699 | |-------------------------->| | 1700 | | ( timeout ) | | 1701 | | INVITE F9 | 1702 | |----------------------------------->| 1703 | | 100 Trying F10 | 1704 | |<-----------------------------------| 1705 | | 486 Busy Here F11 | 1706 | |<-----------------------------------| 1707 | 486 Busy Here F12 | 1708 |<-----------| ACK F13 | 1709 | |----------------------------------->| 1710 | ACK F14 | | 1711 |----------->| | 1713 Message Details 1715 F1 INVITE alice -> example.com 1717 INVITE sip:alice@example.com SIP/2.0 1718 Via: SIP/2.0/TCP 192.0.2.3:5060 1719 From: Alice 1720 To: Bob 1721 Supported: histinfo 1722 Call-Id: 12345600@example.com 1723 CSeq: 1 INVITE 1724 History-Info: ;index=1 1725 Contact: Alice 1726 Content-Type: application/sdp 1727 Content-Length: 1728 1729 F2 INVITE example.com -> Bob 1731 INVITE sip:bob@192.0.2.4 SIP/2.0 1732 Via: SIP/2.0/TCP proxy.example.com:5060 1733 Via: SIP/2.0/TCP 192.0.2.3:5060 1734 From: Alice 1735 To: Bob 1736 Supported: histinfo 1737 Call-Id: 12345600@example.com 1738 CSeq: 1 INVITE 1739 Record-Route: 1740 History-Info: ;index=1 1741 History-Info: ;index=1.1;rc=1 1742 Contact: Alice 1743 Content-Type: application/sdp 1744 Content-Length: 1745 1747 F3 100 Trying example.com -> alice 1749 SIP/2.0 100 Trying 1750 Via: SIP/2.0/TCP 192.0.2.3:5060 1751 From: Alice 1752 To: Bob 1753 Call-Id: 12345600@example.com 1754 CSeq: 1 INVITE 1755 Content-Length: 0 1757 F4 302 Moved Temporarily Bob -> example.com 1759 SIP/2.0 302 Moved Temporarily 1760 Via: SIP/2.0/TCP proxy.example.com:5060 1761 Via: SIP/2.0/TCP 192.0.2.3:5060 1762 From: Alice 1763 To: Bob ;tag=3 1764 Call-Id: 12345600@example.com 1765 CSeq: 1 INVITE 1766 Record-Route: 1767 History-Info: ;index=1 1768 History-Info: ;index=1.1;rc=1 1769 Contact: ;mp=1 1770 Content-Length: 0 1771 F5 ACK 192.0.2.4 -> Bob 1773 ACK sip:home@example.com SIP/2.0 1774 Via: SIP/2.0/TCP proxy.example.com:5060 1775 From: Alice 1776 To: Bob 1777 Call-Id: 12345600@example.com 1778 CSeq: 1 ACK 1779 Content-Length: 0 1781 F6 INVITE example.com -> office 1783 INVITE sip:office@192.0.2.3.com SIP/2.0 1784 Via: SIP/2.0/TCP proxy.example.com:5060;branch=2 1785 Via: SIP/2.0/TCP 192.0.2.3:5060 1786 From: Alice 1787 To: Bob 1788 Supported: histinfo 1789 Call-Id: 12345600@example.com 1790 Record-Route: 1791 History-Info: ;index=1 1792 History-Info: ;\ 1793 index=1.1;rc=1 1794 History-Info: ;index=1.2;mp=1 1795 History-Info: ;index=1.2.1 1796 CSeq: 1 INVITE 1797 Contact: Alice 1798 Content-Type: application/sdp 1799 Content-Length: 1800 1801 F7 180 Ringing office -> example.com 1803 SIP/2.0 180 Ringing 1804 Via: SIP/2.0/TCP proxy.example.com:5060;branch=2 1805 Via: SIP/2.0/TCP 192.0.2.3:5060 1806 From: Alice 1807 To: Bob ;tag=5 1808 Supported: histinfo 1809 Call-ID: 12345600@example.com 1810 Record-Route: 1811 History-Info: ;index=1 1812 History-Info: ;\ 1813 index=1.1;rc=1 1814 History-Info: ;index=1.2;mp=1 1815 History-Info: ;index=1.2.1 1816 CSeq: 1 INVITE 1817 Content-Length: 0 1819 F8 180 Ringing example.com -> alice 1821 SIP/2.0 180 Ringing 1822 Via: SIP/2.0/TCP example.com:5060 1823 From: Alice 1824 To: Bob 1825 Supported: histinfo 1826 Call-Id: 12345600@example.com 1827 History-Info: ;index=1 1828 History-Info: ;\ 1829 index=1.1;rc=1 1830 History-Info: ;index=1.2;mp=1 1831 History-Info: ;index=1.2.1 1832 CSeq: 1 INVITE 1833 Content-Length: 0 1834 F9 INVITE example.com -> home 1836 INVITE sip:home@192.0.2.6 SIP/2.0 1837 Via: SIP/2.0/TCP proxy.example.com:5060;branch=3 1838 Via: SIP/2.0/TCP 192.0.2.3:5060 1839 From: Alice 1840 To: Bob 1841 Supported: histinfo 1842 Call-Id: 12345600@example.com 1843 Record-Route: 1844 History-Info: ;index=1 1845 History-Info: ;\ 1846 index=1.1;rc=1 1847 History-Info: ;index=1.2;mp=1 1848 History-Info: ;\ 1849 index=1.2.1>;index=1.2.1 1850 History-Info: ;index=1.3;mp=1 1851 History-Info: ;index=1.3.1 1852 CSeq: 1 INVITE 1853 Contact: Alice 1854 Content-Type: application/sdp 1855 Content-Length: 1856 1858 F10 100 Trying home -> example.com 1860 SIP/2.0 100 Trying 1861 Via: SIP/2.0/TCP proxy.example.com:5060;branch=3 1862 Via: SIP/2.0/TCP 192.0.2.3:5060 1863 From: Alice 1864 To: Bob 1865 Call-Id: 12345600@example.com 1866 CSeq: 1 INVITE 1867 Content-Length: 0 1868 F11 486 Busy Here home -> example.com 1870 SIP/2.0 486 Busy Here 1871 Via: SIP/2.0/TCP proxy.example.com:5060;branch=3 1872 Via: SIP/2.0/TCP 192.0.2.3:5060 1873 From: Alice 1874 To: Bob 1875 Call-Id: 12345600@example.com 1876 Record-Route: 1877 History-Info: ;index=1 1878 History-Info: ;\ 1879 index=1.1;rc=1 1880 History-Info: ;index=1.2;mp=1 1881 History-Info: ;\ 1882 index=1.2.1>;index=1.2.1 1883 History-Info: ;index=1.3;mp=1 1884 History-Info: ;index=1.3.1 1885 CSeq: 1 INVITE 1886 Content-Length: 0 1888 F12 486 Busy Here example.com -> alice 1890 SIP/2.0 486 Busy Here 1891 Via: SIP/2.0/TCP 192.0.2.3:5060 1892 From: Alice 1893 To: Bob 1894 Call-Id: 12345600@example.com 1895 History-Info: ;index=1 1896 History-Info: ;\ 1897 index=1.1;rc=1 1898 History-Info: ;index=1.2;mp=1 1899 History-Info: ;\ 1900 index=1.2.1>;index=1.2.1 1901 History-Info: ;index=1.3;mp=1 1902 History-Info: ;index=1.3.1 1903 CSeq: 1 INVITE 1904 Content-Length: 0 1905 F13 ACK example.com -> home 1907 ACK sip:home@example.com SIP/2.0 1908 Via: SIP/2.0/TCP proxy.example.com:5060 1909 From: Alice 1910 To: Bob 1911 Call-Id: 12345600@example.com 1912 CSeq: 1 ACK 1913 Content-Length: 0 1915 F14 ACK alice -> example.com 1917 ACK sip:bob@example.com SIP/2.0 1918 Via: SIP/2.0/TCP 192.0.2.3:5060 1919 From: Alice 1920 To: Bob 1921 Call-Id: 12345600@example.com 1922 Route: 1923 CSeq: 1 ACK 1924 Content-Length: 0 1926 B.2. History-Info with Privacy Header Field 1928 This example provides a basic call scenario without forking. Alice 1929 has indicated that she wants Privacy associated with the History-Info 1930 header field entries. In addition, sip:biloxi.example.com adds 1931 Privacy header fields indicating that the History-info header field 1932 information is anonymized outside the biloxi.example.com domain. 1933 Note, that if the atlanta.example.com proxy had added privacy header 1934 fields to all its hi-entries, then all the hi-entries in the response 1935 would be anonymous. 1937 Alice atlanta.example.com biloxi.example.com Bob 1938 | | | | 1939 | INVITE sip:bob@biloxi.example.com;p=x | 1940 |--------------->| | | 1941 | Supported: histinfo | | 1942 | Privacy: History | | 1943 | History-Info: ;index=1 1944 | | | | 1945 | | INVITE sip:bob@biloxi.example.com;p=x 1946 | |--------------->| | 1947 | History-Info: ;index=1 1948 | History-Info: ;index=1.1 1949 | | | | 1950 | | | INVITE sip:bob@192.0.2.3 1951 | | |--------------->| 1952 | History-Info: ;index=1 1953 | History-Info: ;index=1.1 1954 | History-Info: ;index=1.1.1;rc=1.1 1955 | | | | 1956 | | | 200 | 1957 | | |<---------------| 1958 | History-Info: ;index=1 1959 | History-Info: ;index=1.1 1960 | History-Info: ;index=1.1.1;rc=1.1 1961 | | | | 1962 | | 200 | | 1963 | |<---------------| | 1964 | History-Info: ;index=1 1965 | History-Info: ;index=1.1 1966 | History-Info: ;index=1.1.1;rc=1.1 1967 | | | | 1968 | 200 | | | 1969 |<---------------| | | 1970 | History-Info: ;index=1 1971 | History-Info: ;index=1.1 1972 | History-Info: ;index=1.1.1;rc=1.1 1973 | | | | 1974 | ACK | | | 1975 |--------------->| ACK | | 1976 | |--------------->| ACK | 1977 | | |--------------->| 1979 Figure 2: Example with Privacy Header Fields 1981 B.3. Privacy for a Specific History-Info Entry 1983 This example provides a basic call scenario similar to Appendix B.2, 1984 however, due to local policy at sip:biloxi.example.com, only the 1985 final hi-entry in the History-Info, which is Bob's local URI, 1986 contains a privacy header field with a priv-value of "history", thus 1987 providing Alice with some information about the history of the 1988 request, but anonymizing Bob's local URI. 1990 Alice atlanta.example.com biloxi.example.com Bob 1991 | | | | 1992 | INVITE sip:bob@biloxi.example.com;p=x | 1993 |--------------->| | | 1994 | Supported: histinfo | | 1995 | | | | 1996 | | INVITE sip:bob@biloxi.example.com;p=x 1997 | |--------------->| | 1998 | History-Info: ;index=1 1999 | History-Info: ;index=1.1 2000 | | | | 2001 | | | INVITE sip:bob@192.0.2.3 2002 | | |--------------->| 2003 | History-Info: ;index=1 2004 | History-Info: ;index=1.1 2005 | History-Info: ;index=1.1.1;rc=1.1 2006 | | | | 2007 | | | 200 | 2008 | | |<---------------| 2009 | History-Info: ;index=1 2010 | History-Info: ;index=1.1 2011 | History-Info: ;index=1.1.1;rc=1.1 2012 | | | | 2013 | | 200 | | 2014 | |<---------------| | 2015 | History-Info: ;index=1 2016 | History-Info: ;index=1.1 2017 | History-Info: ;index=1.1.1;rc=1.1 2018 | | | | 2019 | 200 | | | 2020 |<---------------| | | 2021 | History-Info: ;index=1 2022 | History-Info: ;index=1.1 2023 | History-Info: ;index=1.1.1;rc=1.1 2024 | | | | 2025 | ACK | | | 2026 |--------------->| ACK | | 2027 | |--------------->| ACK | 2028 | | |--------------->| 2030 Figure 3: Example with Privacy Header Field for Specific URI 2032 Authors' Addresses 2034 Mary Barnes 2035 Polycom 2036 TX 2037 US 2039 Email: mary.ietf.barnes@gmail.com 2041 Francois Audet 2042 Skype 2044 Email: francois.audet@skype.net 2046 Shida Schubert 2047 NTT 2049 Email: shida@agnada.com 2051 Hans Erik van Elburg 2052 Detecon International Gmbh 2053 Oberkasseler str. 2 2054 Bonn, 2055 Germany 2057 Email: ietf.hanserik@gmail.com 2059 Christer Holmberg 2060 Ericsson 2061 Hirsalantie 11, Jorvas 2062 Finland 2064 Email: christer.holmberg@ericsson.com