idnits 2.17.1 draft-ietf-sipping-3pcc-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 66 instances of too long lines in the document, the longest one being 8 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 27, 2003) is 7485 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '8' is defined on line 1235, but no explicit reference was found in the text == Unused Reference: '11' is defined on line 1248, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. '1' -- Obsolete informational reference (is this intentional?): RFC 3330 (ref. '11') (Obsoleted by RFC 5735) == Outdated reference: A later version (-12) exists of draft-ietf-mmusic-sdescriptions-02 == Outdated reference: A later version (-09) exists of draft-ietf-iptel-cpl-08 Summary: 2 errors (**), 0 flaws (~~), 7 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SIPPING J. Rosenberg 3 Internet-Draft dynamicsoft 4 Expires: April 26, 2004 J. Peterson 5 Neustar 6 H. Schulzrinne 7 Columbia University 8 G. Camarillo 9 Ericsson Advanced Signalling 10 Research Lab 11 October 27, 2003 13 Best Current Practices for Third Party Call Control in the Session 14 Initiation Protocol 15 draft-ietf-sipping-3pcc-05 17 Status of this Memo 19 This document is an Internet-Draft and is in full conformance with 20 all provisions of Section 10 of RFC2026. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that other 24 groups may also distribute working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at http:// 32 www.ietf.org/ietf/1id-abstracts.txt. 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 This Internet-Draft will expire on April 26, 2004. 39 Copyright Notice 41 Copyright (C) The Internet Society (2003). All Rights Reserved. 43 Abstract 45 Third party call control refers to the ability of one entity to 46 create a call in which communications is actually between other 47 parties. Third party call control is possible using the mechanisms 48 specified within the Session Initiation Protocol (SIP). However, 49 there are several possible approaches, each with different benefits 50 and drawbacks. This document discusses best current practices for the 51 usage of SIP for third party call control. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 57 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . 4 58 4. 3pcc Call Establishment . . . . . . . . . . . . . . . . . . 4 59 4.1 Flow I . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 60 4.2 Flow II . . . . . . . . . . . . . . . . . . . . . . . . . . 5 61 4.3 Flow III . . . . . . . . . . . . . . . . . . . . . . . . . . 7 62 4.4 Flow IV . . . . . . . . . . . . . . . . . . . . . . . . . . 9 63 5. Recommendations . . . . . . . . . . . . . . . . . . . . . . 10 64 6. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 10 65 7. Continued Processing . . . . . . . . . . . . . . . . . . . . 11 66 8. 3pcc and Early Media . . . . . . . . . . . . . . . . . . . . 13 67 9. Third Party Call Control and SDP Preconditions . . . . . . . 16 68 9.1 Controller Initiates . . . . . . . . . . . . . . . . . . . . 16 69 9.2 Party A Initiates . . . . . . . . . . . . . . . . . . . . . 18 70 10. Example Call Flows . . . . . . . . . . . . . . . . . . . . . 21 71 10.1 Click to Dial . . . . . . . . . . . . . . . . . . . . . . . 21 72 10.2 Mid-Call Announcement Capability . . . . . . . . . . . . . . 23 73 11. Implementation Recommendations . . . . . . . . . . . . . . . 25 74 12. Security Considerations . . . . . . . . . . . . . . . . . . 25 75 12.1 Authorization and Authentication . . . . . . . . . . . . . . 25 76 12.2 End-to-End Encryption and Integrity . . . . . . . . . . . . 27 77 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . 27 78 14. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 79 Normative References . . . . . . . . . . . . . . . . . . . . 27 80 Informative References . . . . . . . . . . . . . . . . . . . 28 81 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 29 82 Intellectual Property and Copyright Statements . . . . . . . 30 84 1. Introduction 86 In the traditional telephony context, third party call control allows 87 one entity (which we call the controller) to set up and manage a 88 communications relationship between two or more other parties. Third 89 party call control (referred to as 3pcc) is often used for operator 90 services (where an operator creates a call that connects two 91 participants together), and conferencing. 93 Similarly, many SIP services are possible through third party call 94 control. These include the traditional ones on the PSTN, but also new 95 ones such as click-to-dial. Click-to-dial allows a user to click on a 96 web page when they wish to speak to a customer service 97 representative. The web server then creates a call between the user 98 and a customer service representative. The call can be between two 99 phones, a phone and an IP host, or two IP hosts. 101 Third party call control is possible using only the mechanisms 102 specified within RFC 3261 [1]. Indeed, many different call flows are 103 possible, each of which will work with SIP compliant user agents. 104 However, there are benefits and drawbacks to each of these flows. The 105 usage of third party call control also becomes more complex when 106 aspects of the call utilize SIP extensions or optional features of 107 SIP. In particular, the usage of RFC 3312 [2] (used for coupling of 108 signaling to resource reservation) with third party call control is 109 non-trivial, and is discussed in Section 9. Similarly, the usage of 110 early media (where session data is exchanged before the call is 111 accepted) with third party call control is not trivial, and is 112 discussed in Section 8. 114 This document serves as a best current practice for implementing 115 third party call control without usage of any extensions specifically 116 designed for that purpose. Section 4 presents the known call flows 117 that can be used to achieve third party call control, and provides 118 guidelines on their usage. Section 9 discusses the interactions of 119 RFC 3312 [2] with third party call control. Section 8 discusses the 120 interactions of early media with third party call control. Section 10 121 provides example applications that make usage of the flows 122 recommended here. 124 2. Terminology 126 In this document, the key words "MUST", "MUST NOT", "REQUIRED", 127 "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", 128 and "OPTIONAL" are to be interpreted as described in RFC 2119 [3] and 129 indicate requirement levels for compliant implementations. 131 3. Definitions 133 The following terms are used throughout this document: 135 3pcc: Third Party Call Control, which refers to the general ability 136 to manipulate calls between other parties. 138 Controller: A controller is a SIP User Agent that wishes to create a 139 session between two other user agents. 141 4. 3pcc Call Establishment 143 The primary primitive operation of third party call control is the 144 establishment of a session between participants A and B. 145 Establishment of this session is orchestrated by a third party, 146 referred to as the controller. 148 This section documents three call flows that the controller can 149 utilize in order to provide this primitive operation. 151 4.1 Flow I 153 A Controller B 154 |(1) INVITE no SDP | | 155 |<------------------| | 156 |(2) 200 offer1 | | 157 |------------------>| | 158 | |(3) INVITE offer1 | 159 | |------------------>| 160 | |(4) 200 OK answer1 | 161 | |<------------------| 162 | |(5) ACK | 163 | |------------------>| 164 |(6) ACK answer1 | | 165 |<------------------| | 166 |(7) RTP | | 167 |.......................................| 169 Figure 1 171 The call flow for Flow I is shown in Figure 1. The controller first 172 sends an INVITE A (1). This INVITE has no session description. A's 173 phone rings, and A answers. This results in a 200 OK (2) that 174 contains an offer [4]. The controller needs to send its answer in the 175 ACK, as mandated by [1]. To obtain the answer, it sends the offer it 176 got from A (offer1) in an INVITE to B (3). B's phone rings. When B 177 answers, the 200 OK (4) contains the answer to this offer, answer1. 178 The controller sends an ACK to B (5), and then passes answer1 to A in 179 an ACK sent to it (6). Because the offer was generated by A, and the 180 answer generated by B, the actual media session is between A and B. 181 Therefore, media flows between them (7). 183 This flow is simple, requires no manipulation of the SDP by the 184 controller, and works for any media types supported by both 185 endpoints. However, it has a serious timeout problem. User B may not 186 answer the call immediately. The result is that the controller cannot 187 send the ACK to A right away. This causes A to retransmit the 200 OK 188 response periodically. As specified in RFC 3261 Section 13.3.1.4, the 189 200 OK will be retransmitted for 64*T1 seconds. If an ACK does not 190 arrive by then, the call is considered to have failed. This limits 191 the applicability of this flow to scenarios where the controller 192 knows that B will answer the INVITE immediately. 194 4.2 Flow II 196 A Controller B 197 |(1) INVITE bh sdp1 | | 198 |<------------------| | 199 |(2) 200 sdp2 | | 200 |------------------>| | 201 | |(3) INVITE sdp2 | 202 | |------------------>| 203 |(4) ACK | | 204 |<------------------| | 205 | |(5) 200 OK sdp3 | 206 | |<------------------| 207 | |(6) ACK | 208 | |------------------>| 209 |(7) INVITE sdp3 | | 210 |<------------------| | 211 |(8) 200 OK sdp2 | | 212 |------------------>| | 213 |(9) ACK | | 214 |<------------------| | 215 |(10) RTP | | 216 |.......................................| 218 Figure 2 220 An alternative flow, Flow II, is shown in Figure 2. The controller 221 first sends an INVITE to user A (1). This is a standard INVITE, 222 containing an offer (sdp1) with a single audio media line, one codec, 223 a random port number (but not zero), and a connection address of 224 0.0.0.0. This creates an initial media stream that is ``black 225 holed'', since no media (or RTCP packets [9] will flow from A. The 226 INVITE causes A's phone to ring. 228 Note that the usage of 0.0.0.0, though recommended by RFC 3264, 229 has numerous drawbacks. It is anticipated that a future 230 specification will recommend usage of a domain within the .invalid 231 DNS top level domain instead of the 0.0.0.0 IP address. As a 232 result, implementors are encouraged to track such developments 233 once they arise. 235 When A answers (2), the 200 OK contains an answer, sdp2, with a valid 236 address in the connection line. The controller sends an ACK (4). It 237 then generates a second INVITE (3). This INVITE is addressed to user 238 B, and it contains sdp2 as the offer to B. Note that the role of sdp2 239 has changed. In the 200 OK (message 2), it was an answer, but in the 240 INVITE, it is an offer. Fortunatly, all valid answers are valid 241 initial offers. This INVITE causes B's phone to ring. When it 242 answers, it generates a 200 OK (5) with an answer, sdp3. The 243 controller then generates an ACK (6). Next, it sends a re-INVITE to A 244 (7) containing sdp3 as the offer. Once again, there has been a 245 reversal of roles. sdp3 was an answer, and now it is an offer. 246 Fortunately, an answer to an answer recast as an offer is, in turn, a 247 valid offer. This re-INVITE generates a 200 OK (8) with sdp2, 248 assuming that A doesn't decide to change any aspects of the session 249 as a result of this re-INVITE. This 200 OK is ACKed (9), and then 250 media can flow from A to B. Media from B to A could already start 251 flowing once message 5 was sent. 253 This flow has the advantage that all final responses are immediately 254 ACKed. It therefore does not suffer from the timeout and message 255 inefficiency problems of flow 1. However, it too has troubles. First 256 off, it requires that the controller know the media types to be used 257 for the call (since it must generate a "blackhole" SDP, which 258 requires media lines). Secondly, the first INVITE to A (1) contains 259 media with a 0.0.0.0 connection address. The controller expects that 260 the response contains a valid, non-zero connection address for A. 261 However, experience has shown that many UAs respond to an offer of a 262 0.0.0.0 connection address with an answer containing a 0.0.0.0 263 connection address. The offer-answer specification [4] explicitly 264 tells implementors not to do this, but at the time of publication of 265 this document, many implementations still did. If A should respond 266 with a 0.0.0.0 connection address in sdp2, the flow will not work. 268 However, the most serious flaw in this flow is the assumption that 269 the 200 OK to the re-INVITE (message 8) contains the same SDP as in 270 message 2. This may not be the case. If it is not, the controller 271 needs to re-INVITE B with that SDP (say, sdp4), which may result in 272 getting a different SDP, sdp5 , in the 200 OK from B. Then, the 273 controller needs to re-INVITE A again, and so on. The result is an 274 infinite loop of re-INVITEs. It is possible to break this cycle by 275 having very smart UAs which can return the same SDP whenever 276 possible, or really smart controllers that can analyze the SDP to 277 determine if a re-INVITE is really needed. However, we wish to keep 278 this mechanism simple, and avoid SDP awareness in the controller. As 279 a result, this flow is not really workable. It is therefore NOT 280 RECOMMENDED. 282 4.3 Flow III 284 A Controller B 285 |(1) INVITE no SDP | | 286 |<---------------------| | 287 |(2) 200 offer1 | | 288 |--------------------->| | 289 |(3) ACK answer1 (bh) | | 290 |<---------------------| | 291 | |(4) INVITE no SDP | 292 | |--------------------->| 293 | |(5) 200 OK offer2 | 294 | |<---------------------| 295 |(6) INVITE offer2' | | 296 |<---------------------| | 297 |(7) 200 answer2' | | 298 |--------------------->| | 299 | |(8) ACK answer2 | 300 | |--------------------->| 301 |(9) ACK | | 302 |<---------------------| | 303 |(10) RTP | | 304 |.............................................| 306 Figure 3 308 A third flow, Flow III, is shown in Figure 3 310 First, the controller sends an INVITE (1) to user A without any SDP 311 (which is good, since it means that the controller doesn't need to 312 assume anything about the media composition of the session). A's 313 phone rings. When A answers, a 200 OK is generated (2) containing its 314 offer, offer1. The controller generates an immediate ACK containing 315 an answer (3). This answer is a "black hole" SDP, with its connection 316 address equal to 0.0.0.0. 318 The controller then sends an INVITE to B without SDP (4). This causes 319 B's phone to ring. When they answer, a 200 OK is sent, containing 320 their offer, offer2 (5). This SDP is used to create a re-INVITE back 321 to A (6). That re-INVITE is based on offer2, but may need to be 322 reorganized to match up media lines, or to trim media lines. For 323 example, if offer1 contained an audio and a video line, in that 324 order, but offer2 contained just an audio line, the controller would 325 need to add a video line to the offer (setting its port to zero) to 326 create offer2'. Since this is a re-INVITE, it should complete quickly 327 in the general case. Thats good, since user B is retransmitting their 328 200 OK, waiting for an ACK. The SDP in the 200 OK (7) from A, 329 answer2', may also need to be reorganized or trimmed before sending 330 it an the ACK to B (8) as answer2. Finally, an ACK is sent to A (9), 331 and then media can flow. 333 This flow has many benefits. First, it will usually operate without 334 any spurious retransmissions or timeouts (although this may still 335 happen if a re-INVITE is not responded to quickly). Secondly, it does 336 not require the controller to guess the media that will be used by 337 the participants. 339 There are some drawbacks. The controller does need to perform SDP 340 manipulations. Specifically, it must take some SDP, and generate 341 another SDP which has the same media composition, but has connection 342 addresses equal to 0.0.0.0. This is needed for message 3. Secondly, 343 it may need to reorder and trim on SDP X, so that its media lines 344 match up with those in some other SDP, Y. Thirdly, the offer from B 345 (offer2) may have no codecs or media streams in common with the offer 346 from A (offer 1). The controller will need to detect this condition, 347 and terminate the call. Finally, the flow is far more complicated 348 than the simple and elegant Flow I (Figure 1). 350 4.4 Flow IV 352 A Controller B 353 |(1) INVITE offer1 | | 354 |no media | | 355 |<---------------------| | 356 |(2) 200 answer1 | | 357 |no media | | 358 |--------------------->| | 359 |(3) ACK | | 360 |<---------------------| | 361 | |(4) INVITE no SDP | 362 | |--------------------->| 363 | |(5) 200 OK offer2 | 364 | |<---------------------| 365 |(6) INVITE offer2' | | 366 |<---------------------| | 367 |(7) 200 answer2' | | 368 |--------------------->| | 369 | |(8) ACK answer2 | 370 | |--------------------->| 371 |(9) ACK | | 372 |<---------------------| | 373 |(10) RTP | | 374 |.............................................| 376 Figure 4 378 Flow IV shows a variation on Flow III that reduces its complexity. 379 The actual message flow is identical, but the SDP placement and 380 construction differs. The initial INVITE (1) contains SDP with no 381 media at all, meaning that there are no m lines. This is valid, and 382 implies that the media makeup of the session will be established 383 later through a re-INVITE [4]. Once the INVITE is received, user A is 384 alerted. When they answer the call, the 200 OK (2) has an answer with 385 no media either. This is acknowledged by the controller (3). The flow 386 from this point onwards is identical to Flow III. However, the 387 manipulations required to convert offer2 to offer2', and answer2' to 388 answer2, are much simpler. Indeed, no media manipulations are needed 389 at all. The only change that is needed is to modify the origin lines, 390 so that the origin line in offer2' is valid based on the value in 391 offer1 (validify requires that the version increments by one, and 392 that the other parameters remain unchanged). 394 There are some limitations associated with this flow. First, user A 395 will be alerted without any media having been established yet. This 396 means that user A will not be able to reject or accept the call based 397 on its media composition. Secondly, both A and B will end up 398 answering the call (i.e., generating a 200 OK) before it is known 399 whether their is compatible media. If there is no media in common, 400 the call can be terminated later with a BYE. However, the users will 401 have already been alerted, resulting in user annoyance and possibly 402 resulting in billing events. 404 5. Recommendations 406 Flow I (Figure 1) represents the simplest and the most efficient 407 flow. This flow SHOULD be used by a controller if it knows with 408 certainty that user B is actually an automata that will answer the 409 call immediately. This is the case for devices such as media servers, 410 conferencing servers, and messaging servers, for example. Since we 411 expect a great deal of third party call control to be to automata, 412 special caseing this scenario is reasonable. 414 For calls to unknown entities, or to entities known to represent 415 people, it is RECOMMENDED that Flow IV (Figure 4) be used for third 416 party call control. Flow III MAY be used instead, but it provides no 417 additional benefits over Flow IV. However, Flow II SHOULD NOT be 418 used, because of the potential for infinite ping-ponging of 419 re-INVITEs. 421 Several of these flows use a ``black hole'' connection address of 422 0.0.0.0. This is an IPV4 address with the property that packets sent 423 to it will never leave the host which sent them; they are just 424 discarded. Those flows are therefore specific to IPv4. For other 425 network or address types, an address with an equivalent property 426 SHOULD be used. 428 6. Error Handling 430 There are numerous error cases which merit discussion. 432 With all of the call flows in Section 4, one call is established to 433 A, and then the controller attempts to establish a call to B. 434 However, this call attempt may fail, for any number of reasons. User 435 B might be busy (resulting in a 486 response to the INVITE), there 436 may not be any media in common, the request may time out, and so on. 437 If the call attempt to B should fail, it is RECOMMENDED that the 438 controller send a BYE to A. This BYE SHOULD include a Reason header 439 [5] which carries the status code from the error response. This will 440 inform A of the precise reason for the failure. The information is 441 important from a user interface perspective. For example, if A was 442 calling from a black phone, and B generated a 486, the BYE will 443 contain a Reason code of 486, and this could be used to generate a 444 local busy signal so that A knows that B is busy. 446 A Controller B 447 |(1) INVITE offer1 | | 448 |no media | | 449 |<---------------------| | 450 |(2) 200 answer1 | | 451 |no media | | 452 |--------------------->| | 453 |(3) ACK | | 454 |<---------------------| | 455 | |(4) INVITE no SDP | 456 | |--------------------->| 457 | |(5) 180 | 458 | |<---------------------| 459 |(6) INVITE offer2 | | 460 |--------------------->| | 461 |(7) 491 | | 462 |<---------------------| | 463 |(8) ACK | | 464 |--------------------->| | 466 Figure 5 468 Another error condition worth discussion is shown in Figure 5. After 469 the controller establishes the dialog with A (messages 1-3) it 470 attempts to contact B (message 4). Contacting B may take some time. 471 During that interval, A could possibly attempt a re-INVITE, providing 472 an updated offer. However, the controller cannot pass this offer on 473 to B, since it has an INVITE transaction pending with it. As a 474 result, the controller needs to reject the request. It is RECOMMENDED 475 that a 491 response be used. The situation here is similar to the 476 glare condition described in [1], and thus the same error handling is 477 sensible. However, A is likely to retry its request (as a result of 478 the 491), and this may occur before the exchange with B is completed. 479 In that case, the controller would respond with another 491. 481 7. Continued Processing 483 Once the calls are established, both participants believe they are in 484 a single point-to-point call. However, they are exchanging media 485 directly with each other, rather than with the controller. The 486 controller is involved in two dialogs, yet sees no media. 488 Since the controller is still a central point for signaling, it now 489 has complete control over the call. If it receives a BYE from one of 490 the participants, it can create a new BYE and hang up with the other 491 participant. This is shown in Figure 6. 493 A Controller B 494 |(1) BYE | | 495 |------------------>| | 496 |(2) 200 OK | | 497 |<------------------| | 498 | |(3) BYE | 499 | |------------------>| 500 | |(4) 200 OK | 501 | |<------------------| 503 Figure 6 505 Similarly, if it receives a re-INVITE from one of the participants, 506 it can forward it to the other participant. Depending on which flow 507 was used, this may require some manipulation on the SDP before 508 passing it on. 510 However, the controller need not "proxy" the SIP messages received 511 from one of the parties. Since it is a B2BUA, it can invoke any 512 signaling mechanism on each dialog, as it sees fit. For example, if 513 the controller receives a BYE from A, it can generate a new INVITE to 514 a third party, C, and connect B to that participant instead. A call 515 flow for this is shown in Figure 7, assuming the case where C 516 represents an end user, not an automata. Note that it is just Flow 517 IV. 519 A Controller B C 520 |(1) BYE | | | 521 |--------------->| | | 522 |(2) 200 OK | | | 523 |<---------------| | | 524 | |(3) INV no media| | 525 | |-------------------------------->| 526 | |(4) 200 no media| | 527 | |<--------------------------------| 528 | |(5) ACK | | 529 | |-------------------------------->| 530 | |(6) INV no SDP | | 531 | |--------------->| | 532 | |(7) 200 offer3 | | 533 | |<---------------| | 534 | |(8) INV offer3' | | 535 | |-------------------------------->| 536 | |(9) 200 answer3'| | 537 | |<--------------------------------| 538 | |(10) ACK | | 539 | |-------------------------------->| 540 | |(11) ACK answer3| | 541 | |--------------->| | 542 | | |(12) RTP | 543 | | |................| 545 Figure 7 547 From here, new parties can be added, removed, transferred, and so on, 548 as the controller sees fit. 550 It is important to point out that the call need not have been 551 established by the controller in order for the processing of this 552 section to be used. Rather, the controller could have acted as a 553 B2BUA during a call established by A towards B (or vice a versa). 555 8. 3pcc and Early Media 557 Early media represents the condition where the session is established 558 (as a result of the completion of an offer/answer exchange), yet the 559 call itself has not been accepted. This is usually used to convey 560 tones or announcements regarding progress of the call. Handling of 561 early media in a third party call is straightforward. 563 A Controller B 564 | | | 565 |(1) INVITE offer1 | | 566 |no media | | 567 |<---------------------| | 568 | | | 569 | | | 570 | | | 571 | | | 572 | | | 573 |(2) 200 answer1 | | 574 |no media | | 575 |--------------------->| | 576 |(3) ACK | | 577 |<---------------------| | 578 | |(4) INVITE no SDP | 579 | |--------------------->| 580 | | | 581 | |(5) 183 offer2 | 582 | |<---------------------| 583 |(6) INVITE offer2' | | 584 |<---------------------| | 585 |(7) 200 answer2' | | 586 |--------------------->| | 587 |(8) ACK | | 588 |<---------------------| | 589 | |(9) PRACK answer2 | 590 | |--------------------->| 591 | |(10) 200 PRACK | 592 | |<---------------------| 593 |(11) RTP | | 594 |.............................................| 595 | | | 596 | |(12) 200 OK | 597 | |<---------------------| 598 | |(13) ACK | 599 | |--------------------->| 601 Figure 8 603 Figure 8 shows the case where user B generates early media before 604 answering the call. The flow is almost identical to Flow IV from 605 Figure 4. The only difference is that user B generates a reliable 606 provisional response (5) [6] instead of a final response, and answer2 607 is carried in a PRACK (8) instead of an ACK. When party B finally 608 does accept the call (11), there is no change in the session state, 609 and therefore, no signaling needs to be done with user A. The 610 controller simply ACKs the 200 OK (12) to confirm the dialog. 612 A Controller B 613 | | | 614 |(1) INVITE offer1 | | 615 |no media | | 616 |<---------------------| | 617 | | | 618 |ring | | 619 | | | 620 |(2) 183 answer1 | | 621 |no media | | 622 |--------------------->| | 623 |(3) PRACK | | 624 |<---------------------| | 625 |(4) 200 PRACK | | 626 |--------------------->| | 627 | |(5) INVITE no SDP | 628 | |--------------------->| 629 | | |ring 630 | | | 631 | | |answer 632 | | | 633 | |(6) 200 OK offer2 | 634 | |<---------------------| 635 |(7) UPDATE offer2' | | 636 |<---------------------| | 637 |answer | | 638 | | | 639 |(8) 200 answer2' | | 640 |--------------------->| | 641 | |(9) ACK answer2 | 642 | |--------------------->| 643 |(10) RTP | | 644 |.............................................| 645 |(11) 200 OK | | 646 |--------------------->| | 647 |(12) ACK | | 648 |<---------------------| | 650 Figure 9 652 The case where user A generates early media is more complicated, and 653 is shown in Figure 9. The flow is based on Flow IV. The controller 654 sends an INVITE to user A (1), with an offer containing no media 655 streams. User A generates a reliable provisional response (2) 656 containing an answer with no media streams. The controller PRACKs 657 this provisional response (3). Now, the controller sends an INVITE 658 without SDP to user B (5). User B's phone rings, and they answer, 659 resulting in a 200 OK (6) with an offer, offer2. The controller now 660 needs to update the session parameters with user A. However, since 661 the call has not been answered, it cannot use a re-INVITE. Rather, it 662 uses a SIP UPDATE request (7) [7], passing the offer (after modifying 663 it to get the origin field correct). User A generates its answer in 664 the 200 OK to the UPDATE (8). This answer is passed to user B in the 665 ACK (9). When user A finally answers (11), there is no change in 666 session state, so the controller simply ACKs the 200 OK (12). 668 Note that it is likely that there will be clipping of media in this 669 call flow. User A is likely a PSTN gateway, and has generated a 670 provisional response because of early media from the PSTN side. The 671 PSTN will deliver this media even though the gateway does not have 672 anywhere to send it, since the initial offer from the controller had 673 no media streams. When user B answers, media can begin to flow. 674 However, any media sent to the gateway from the PSTN up to that point 675 will be lost. 677 9. Third Party Call Control and SDP Preconditions 679 A SIP extension has been specified that allows for the coupling of 680 signaling and resource reservation [2]. This specification relies on 681 exchanges of session descriptions before completion of the call 682 setup. These flows are initiated when certain SDP parameters are 683 passed in the initial INVITE. As a result, the interaction of this 684 mechanism with third party call control is not obvious, and worth 685 detailing. 687 9.1 Controller Initiates 689 In one usage scenario, the controller wishes to make use of 690 preconditions in order to avoid the call failure scenarios documented 691 in Section 4.4. Specifically, the controller can use preconditions in 692 order to guarantee that neither party is alerted unless there is a 693 common set of media and codecs. It can also provide both parties with 694 information on the media composition of the call before they decide 695 to accept it. 697 User Controller Customer Service 698 | | | 699 |(1) INVITE no SDP | | 700 |require precon | | 701 |<------------------| | 702 |(2) 183 offer1 | | 703 |optional precon | | 704 |------------------>| | 705 | | | 706 | |(3) INVITE offer1 | 707 | |------------------>| 708 | | | 709 | | | 710 | | | 711 | |(4) 200 OK answer1 | 712 | |no precon | 713 | |<------------------| 714 | |(5) ACK | 715 | |------------------>| 716 |(6) PRACK answer1 | | 717 |<------------------| | 718 | | | 719 | | | 720 |(7) 200 PRACK | | 721 |------------------>| | 722 | | | 723 | | | 724 |(8) 200 INVITE | | 725 |------------------>| | 726 |(9) ACK | | 727 |<------------------| | 729 Figure 10 731 The flow for this scenario is shown in Figure 10. In this example, we 732 assume that user B is an automata or agent of some sort which will 733 answer the call immediately. Therefore, the flow is based on Flow I. 734 The controller sends an INVITE to user A containing no SDP, but with 735 a Require header indicating that preconditions are required. This 736 specific scenario (an INVITE without an offer, but with a Require 737 header indicating preconditions) is not described in [2]. It is 738 RECOMMENDED that the UAS respond with an offer in a 1xx including the 739 media streams it wishes to use for the call, and for each, list all 740 preconditions it supports as optional. Of course, the user is not 741 alerted at this time. The controller takes this offer and passes it 742 to user B (3). User B does not support preconditions, or does, but is 743 not interested in them. Therefore, when it answers the call, the 200 744 OK contains an answer without any preconditions listed (4). This 745 answer is passed to user A in the PRACK (6). At this point, user A 746 knows that there are no preconditions actually in use for the call, 747 and therefore, it can alert the user. When the call is answered, user 748 A sends a 200 OK to the controller (8) and the call is complete. 750 In the event that the offer generated by user A was not acceptable to 751 user B (because of non-overlapping codecs or media, for example), 752 user B would immediately reject the INVITE (message 3). The 753 controller would then CANCEL the request to user A. In this 754 situation, neither user A nor user B would have been alerted, 755 achieving the desired effect. It is interesting to note that this 756 property is achieved using preconditions even though it doesn't 757 matter what specific types of preconditions are supported by user A. 759 It is also entirely possible that user B does actually desire 760 preconditions. In that case, it might generate a 1xx of its own with 761 an answer containing preconditions. That answer would still be passed 762 to user A, and both parties would proceed with whatever measures are 763 necessary to meet the preconditions. Neither user would be alerted 764 until the preconditions were met. 766 9.2 Party A Initiates 768 In Section 9.1, the controller requested the use of preconditions to 769 achieve a specific goal. It is also possible that the controller 770 doesn't care (or perhaps doesn't even know) about preconditions, but 771 one of the participants in the call does care. A call flow for this 772 case is shown in Figure 11. 774 A Controller B 775 |(1) INVITE offer1 | | 776 |no media | | 777 |<---------------------| | 778 |(2) 183 answer1 | | 779 |no media | | 780 |--------------------->| | 781 |(3) PRACK | | 782 |<---------------------| | 783 |(4) 200 OK | | 784 |--------------------->| | 785 | |(5) INVITE no SDP | 786 | |--------------------->| 787 | |(6) 183 offer2 | 788 | |des=sendrecv | 789 | |conf=recv | 790 | |cur=none | 791 | |<---------------------| 792 |(7) UPDATE offer2' | | 793 |des=sendrecv | | 794 |conf=recv | | 795 |cur=none | | 796 |<---------------------| | 797 |(8) 200 UPDATE | | 798 |answer2' | | 799 |des=sendrecv | | 800 |conf=recv | | 801 |cur=none | | 802 |--------------------->| | 803 | |(9) PRACK answer2 | 804 | |des=sendrecv | 805 | |conf=recv | 806 | |cur=none | 807 | |--------------------->| 808 | |(10) 200 PRACK | 809 | |<---------------------| 810 |(11) reservation | | 811 |-------------------------------------------->| 812 |(12) reservation | | 813 |<--------------------------------------------| 814 |(13) UPDATE offer3 | | 815 |des=sendrecv | | 816 |conf=recv | | 817 |cur=recv | | 818 |--------------------->| | 819 | |(14) UPDATE offer3' | 820 | |des=sendrecv | 821 | |conf=recv | 822 | |cur=recv | 823 | |--------------------->| 824 | |(15) 200 UPDATE | 825 | |answer3' | 826 | |des=sendrecv | 827 | |conf=recv | 828 | |cur=send | 829 | |<---------------------| 830 |(16) 200 UPDATE | | 831 |answer3 | | 832 |des=sendrecv | | 833 |conf=recv | | 834 |cur=send | | 835 |<---------------------| | 836 | | | 837 | |(17) UPDATE offer4 | 838 | |des=sendrecv | 839 | |conf=recv | 840 | |cur=sendrecv | 841 | |<---------------------| 842 |(18) UPDATE offer4' | | 843 |des=sendrecv | | 844 |conf=recv | | 845 |cur=sendrecv | | 846 |<---------------------| | 847 | | | 848 |(19) 200 UPDATE | | 849 |answer4' | | 850 |des=sendrecv | | 851 |conf=recv | | 852 |cur=sendrecv | | 853 |--------------------->| | 854 | |(20) 200 UPDATE | 855 | |answer4 | 856 | |des=sendrecv | 857 | |conf=recv | 858 | |cur=sendrecv | 859 | |--------------------->| 860 |(21) 180 INVITE | | 861 |--------------------->| | 862 | |(22) 180 INVITE | 863 | |<---------------------| 864 | | | 865 |(23) 200 INVITE | | 866 |--------------------->| | 867 |(24) ACK | | 868 |<---------------------| | 869 | | | 870 | |(25) 200 INVITE | 871 | |<---------------------| 872 | |(26) ACK | 873 | |--------------------->| 875 Figure 11 877 The controller follows Flow IV; it has no specific requirements for 878 support of the preconditions specification [2]. Therefore, it sends 879 an INVITE (1) with SDP that contains no media lines. User A is 880 interested in supporting preconditions, and does not want to ring its 881 phone until resources are reserved. Since there are no media streams 882 in the INVITE, it can't reserve resources for media streams, and 883 therefore it can't ring the phone until they are conveyed in a 884 subsequent offer and then reserved. Therefore, it generates a 183 885 with the answer, and doesn't alert the user (2). The controller 886 PRACKs this (3) and A responds to the PRACK (4). 888 At this point, the controller attempts to bring B into the call. It 889 sends B an INVITE without SDP (5). B is interested in having 890 preconditions for this call. Therefore, it generates its offer in a 891 183 that contains the appropriate SDP attributes (6). The controller 892 passes this offer to A in an UPDATE request (7). The controller uses 893 UPDATE because the call has not been answered yet, and therefore, it 894 cannot use a re-INVITE. User A sees that its peer is capable of 895 supporting preconditions. Since it desires preconditions for the 896 call, it generates an answer in the 200 OK (8) to the UPDATE. This 897 answer, in turn, is passed to B in the PRACK for the provisional 898 response (9). Now, both sides perform resource reservation. User A 899 succeeds first, and passes an updated session description in an 900 UPDATE request (13). The controller simply passes this to A (after 901 the manipulation of the origin field, as required in Flow IV) in an 902 UPDATE (14), and the answer (15) is passed back to A (16). The same 903 flow happens, but from B to A, when B's reservation succeeds (17-20). 904 Since the preconditions have been met, both sides ring (21 and 22), 905 and then both answer (23 and 25), completing the call. 907 What is important about this flow is that the controller doesn't know 908 anything about preconditions. It merely passes the SDP back and forth 909 as needed. The trick is the usage of UPDATE and PRACK to pass the SDP 910 when needed. That determination is made entirely based on the offer/ 911 answer rules described in [6] and [7], and is independent of 912 preconditions. 914 10. Example Call Flows 916 10.1 Click to Dial 918 The first application of this capability we discuss is click to dial. 919 In this service, a user is browsing the web page of an e-commerce 920 site, and would like to speak to a customer service representative. 921 They click on a link, and a call is placed to a customer service 922 representative. When the representative picks up, the phone on the 923 user's desk rings. When they pick up, the customer service 924 representative is there, ready to talk to the user. 926 Customer Service Controller Users Phone Users Browser 927 | |(1) HTTP POST | | 928 | |<--------------------------------------| 929 | |(2) HTTP 200 OK | | 930 | |-------------------------------------->| 931 |(3) INVITE offer1 | | | 932 |no media | | | 933 |<------------------| | | 934 |(4) 200 answer1 | | | 935 |no media | | | 936 |------------------>| | | 937 |(5) ACK | | | 938 |<------------------| | | 939 | |(6) INVITE no SDP | | 940 | |------------------>| | 941 | |(7) 200 OK offer2 | | 942 | |<------------------| | 943 |(8) INVITE offer2' | | | 944 |<------------------| | | 945 |(9) 200 answer2' | | | 946 |------------------>| | | 947 | |(10) ACK answer2 | | 948 | |------------------>| | 949 |(11) ACK | | | 950 |<------------------| | | 951 |(12) RTP | | | 952 |.......................................| | 954 Figure 12 956 The call flow for this service is given in Figure 12. It is identical 957 to that of Figure 4, with the exception that the service is triggered 958 through an http GET request when the user clicks on the link. 960 We note that this service can be provided through other mechanisms, 961 namely PINT [10]. However, there are numerous differences between the 962 way in which the service is provided by pint, and the way in which it 963 is provided here: 965 o The pint solution enables calls only between two PSTN endpoints. 966 The solution described here allows calls between PSTN phones 967 (through SIP enabled gateways) and native IP phones. 969 o When used for calls between two PSTN phones, the solution here may 970 result in a portion of the call being routed over the Internet. In 971 pint, the call is always routed only over the PSTN. This may 972 result in better quality calls with the pint solution, depending 973 on the codec in use and QoS capabilities of the network routing 974 the Internet portion of the call. 976 o The PINT solution requires extensions to SIP (PINT is an extension 977 to SIP), whereas the solution described here is done with baseline 978 SIP. 980 o The PINT solution allows the controller (acting as a PINT client) 981 to "step out" once the call is established. The solution described 982 here requires the controller to maintain call state for the entire 983 duration of the call. 985 10.2 Mid-Call Announcement Capability 987 The third party call control mechanism described here can also be 988 used to enable mid-call announcements. Consider a service for 989 pre-paid calling cards. Once the pre-paid call is established, the 990 system needs to set a timer to fire when they run out of minutes. 991 When this timer fires, we would like the user to hear an announcement 992 which tells them to enter a credit card to continue. Once they enter 993 the credit card info, more money is added to the pre-paid card, and 994 the user is reconnected to the destination party. 996 We consider here the usage of third party call control just for 997 playing the mid-call dialog to collect the credit card information. 999 Pre-Paid User Controller Called Party Media Server 1000 | |(1) INV SDP c=bh | | 1001 | |------------------>| | 1002 | |(2) 200 answer1 | | 1003 | |<------------------| | 1004 | |(3) ACK | | 1005 | |------------------>| | 1006 |(4) INV no SDP | | | 1007 |<------------------| | | 1008 |(5) 200 offer2 | | | 1009 |------------------>| | | 1010 | |(6) INV offer2 | | 1011 | |-------------------------------------->| 1012 | |(7) 200 answer2 | | 1013 | |<--------------------------------------| 1014 |(8) ACK answer2 | | | 1015 |<------------------| | | 1016 | |(9) ACK | | 1017 | |-------------------------------------->| 1018 |(10) RTP | | | 1019 |...........................................................| 1020 | |(11) BYE | | 1021 | |-------------------------------------->| 1022 | |(12) 200 OK | | 1023 | |<--------------------------------------| 1024 | |(13) INV no SDP | | 1025 | |------------------>| | 1026 | |(14) 200 offer3 | | 1027 | |<------------------| | 1028 |(15) INV offer3' | | | 1029 |<------------------| | | 1030 |(16) 200 answer3' | | | 1031 |------------------>| | | 1032 | |(17) ACK answer3' | | 1033 | |------------------>| | 1034 |(18) ACK | | | 1035 |<------------------| | | 1036 |(19) RTP | | | 1037 |.......................................| | 1039 Figure 13 1041 We assume the call is set up so that the controller is in the call as 1042 a B2BUA. When the timer fires, we wish to connect the caller to a 1043 media server. The flow for this is shown in Figure 13. When the timer 1044 expires, the controller places the called party with a connection 1045 address of 0.0.0.0 (1). This effectively ``disconnects'' the called 1046 party. The controller then sends an INVITE without SDP to the the 1047 pre-paid caller (4). The offer returned from the caller (5) is used 1048 in an INVITE to the media server which will be collecting digits (6). 1049 This is an instantiation of Flow I. This flow can only be used here 1050 because the media server is an automata, and will answer the INVITE 1051 immediately. If the controller was connecting the pre-paid user with 1052 another end user, Flow III would need to be used. The media server 1053 returns an immediate 200 OK (7) with an answer, which is passed to 1054 the caller in an ACK (8). The result is that the media server and the 1055 pre-paid caller have their media streams connected. 1057 The media server plays an announcement, and prompts the user to enter 1058 a credit card number. After collecting the number, the card number is 1059 validated. The media server then passes the card number to the 1060 controller (using some means outside the scope of this 1061 specification), and then hangs up the call (11). 1063 After hanging up with the media server, the controller reconnects the 1064 user to the original called party. To do this, the controller sends 1065 an INVITE without SDP to the called party (13). The 200 OK (14) 1066 contains an offer, offer3. The controller modifies the SDP (as is 1067 done in Flow III), and passes the offer in an INVITE to the pre-paid 1068 user (15). The pre-paid user generates an answer in a 200 OK (16) 1069 which the controller passes to user B in the ACK (17). At this point, 1070 the caller and called party are reconnected. 1072 11. Implementation Recommendations 1074 Most of the work involved in supporting third party call control is 1075 within the controller. A standard SIP UA should be controllable using 1076 the mechanisms described here. However, third party call control 1077 relies on a few features that might not be implemented. As such, we 1078 RECOMMEND that implementors of user agent servers to support the 1079 following: 1081 o Offers and answers that contain a connection line with an address 1082 of 0.0.0.0. 1084 o Re-invites that change the port to which media should be sent 1086 o Re-invites that change the connection address 1088 o Re-invites that add a media stream 1090 o Re-invites that remove a media stream (setting its port to zero) 1092 o Re-invites that add a codec amongst the set in a media stream 1094 o SDP Connection address of zero 1096 o Initial invites with a connection address of zero 1098 o Initial invites with no SDP 1100 o Initial invites with SDP but no media lines 1102 o Re-invites with no SDP 1104 o The UPDATE method [7] 1106 o Reliability of provisional responses [6] 1108 o Integration of resource management and SIP [2]. 1110 12. Security Considerations 1112 12.1 Authorization and Authentication 1114 In most uses of SIP INVITE, whether or not a call is accepted is 1115 based on a decision made by a human when presented information about 1116 the call, such as the identity of the caller. In other cases, 1117 automata answer the calls, and whether or not they do so may depend 1118 on the particular application to which SIP is applied. For example, 1119 if a caller makes a SIP call to a voice portal service, the call may 1120 be rejected unless the caller has previously signed up (perhaps via a 1121 web site). In other cases, call handling policies are made based on 1122 automated scripts, such as those desribed by the Call Processing 1123 Language [13]. Frequently, those decisions are also made based on the 1124 identity of the caller. 1126 These authorization mechanisms would be applied to normal first party 1127 calls and third party calls, as these two are indistinguishable. As a 1128 result, it is important for these authorization policies to continue 1129 to operate correctly for third party calls. Of course, third party 1130 calls introduce a new party - the one initiating the third party 1131 call. Do the authorization policies apply based on the identity of 1132 that third party, or do they apply based on the participants in the 1133 call? Ideally, the participants would be able to know the identities 1134 of both other parties, and have authorization policies be based on 1135 those, as appropriate. However, this is not possible using existing 1136 mechanisms. As a result, the next best thing is for the INVITE 1137 requests to contain the identity of the third party. Ultimately, this 1138 is the user who is requesting communication, and it makes sense for 1139 call authorization policies to be based on that identity. 1141 This requires, in turn, that the controller authenticate itself as 1142 that third party. This can be challenging, and the appropriate 1143 mechanism depends on the specific application scenario. 1145 In one common scenario, the controller is acting on behalf of one of 1146 the participants in the call. A typical example is click-to-dial, 1147 where the controller and the customer service representative are run 1148 by the same administrative domain. Indeed, for the purposes of 1149 identification, the controller can legitimately claim to be the 1150 customer service representative. In this scenario, it would be 1151 appropriate for the INVITE to the end user to contain a From field 1152 identifying the customer service rep, and authenticate the request 1153 using S/MIME (see RFC 3261 [1], Section 23) signed by the key of the 1154 customer service rep (which is held by the controller) 1156 This requires the controller to actually have credentials with which 1157 it can authenticate itself as the customer support representative. In 1158 many other cases, the controller is representing one of the 1159 participants, but does not possess their credentials. Unfortunately, 1160 there are currently no standardized mechanisms that allow a user to 1161 delegate credentials to the controller in a way that limits their 1162 usage to specific third party call control operations. In the absence 1163 of such a mechanisms, the best that can be done is to use the display 1164 name in the From field to indicate the identity of the user on who's 1165 behalf the call is being made. It is RECOMMENDED that the display 1166 name be set to ``[controller] on behalf of [user]'', where user and 1167 controller are textual identities of the user and controller, 1168 respectively. In this case, the URI in the From field would identify 1169 the controller. 1171 In other situations, there is no real relationship between the 1172 controller and the participants in the call. In these situations, 1173 ideally the controller would have a means to assert that the call is 1174 from a particular identity (which could be one of the participants, 1175 or even a third party, depending on the application), and to validate 1176 that assertion with a signature using the key of the controller. 1178 12.2 End-to-End Encryption and Integrity 1180 With third party call control, the controller is actually one of the 1181 participants as far as the SIP dialog is concerened. Therefore, 1182 encryption and integrity of the SIP messages, as provided by S/MIME, 1183 will occur between participants and the controller, rather than 1184 directly between participants. 1186 However, end-to-end integrity, authenticity and confidentiality of 1187 the media sessions can be guaranteed through a controller. End-to-end 1188 media security is based on the exchange of keying material within SDP 1189 [12]. The proper operation of these mechanisms with third party call 1190 control depends on the controller behaving properly. So long as it is 1191 not attempting to explicitly disable these mechanisms, the protocols 1192 will properly operate end-to-end, resulting in a secure media session 1193 that even the controller cannot eavesdrop or modify. Since third 1194 party call control is based on a model of trust between the users and 1195 the controller, it is reasonable to assume it is operating in a 1196 well-behaved manner. 1198 13. IANA Considerations 1200 There are no IANA considerations associated with this specification. 1202 14. Acknowledgements 1204 The authors would like to thank Paul Kyzivat, Rohan Mahy, Eric 1205 Rescorla, Allison Mankin and Sriram Parameswar for their comments. 1207 Normative References 1209 [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., 1210 Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: 1212 Session Initiation Protocol", RFC 3261, June 2002. 1214 [2] Camarillo, G., Marshall, W. and J. Rosenberg, "Integration of 1215 Resource Management and Session Initiation Protocol (SIP)", RFC 1216 3312, October 2002. 1218 [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement 1219 Levels", BCP 14, RFC 2119, March 1997. 1221 [4] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with 1222 Session Description Protocol (SDP)", RFC 3264, June 2002. 1224 [5] Schulzrinne, H., Oran, D. and G. Camarillo, "The Reason Header 1225 Field for the Session Initiation Protocol (SIP)", RFC 3326, 1226 December 2002. 1228 [6] jdrosen@dynamicsoft.com and schulzrinne@cs.columbia.edu, 1229 "Reliability of Provisional Responses in Session Initiation 1230 Protocol (SIP)", RFC 3262, June 2002. 1232 [7] Rosenberg, J., "The Session Initiation Protocol (SIP) UPDATE 1233 Method", RFC 3311, October 2002. 1235 [8] Eastlake, D. and A. Panitz, "Reserved Top Level DNS Names", BCP 1236 32, RFC 2606, June 1999. 1238 Informative References 1240 [9] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson, 1241 "RTP: A Transport Protocol for Real-Time Applications", RFC 1242 3550, July 2003. 1244 [10] Petrack, S. and L. Conroy, "The PINT Service Protocol: 1245 Extensions to SIP and SDP for IP Access to Telephone Call 1246 Services", RFC 2848, June 2000. 1248 [11] IANA, "Special-Use IPv4 Addresses", RFC 3330, September 2002. 1250 [12] Andreasen, F., Baugher, M. and D. Wing, "SDP Security 1251 Descriptions for Media Streams", 1252 draft-ietf-mmusic-sdescriptions-02 (work in progress), October 1253 2003. 1255 [13] Lennox, J., Wu, X. and H. Schulzrinne, "CPL: A Language for 1256 User Control of Internet Telephony Services", 1257 draft-ietf-iptel-cpl-08 (work in progress), August 2003. 1259 Authors' Addresses 1261 Jonathan Rosenberg 1262 dynamicsoft 1263 600 Lanidex Plaza 1264 Parsippany, NJ 07054 1265 US 1267 Phone: +1 973 952-5000 1268 EMail: jdrosen@dynamicsoft.com 1269 URI: http://www.jdrosen.net 1271 Jon Peterson 1272 Neustar 1273 1800 Sutter Street 1274 Suite 570 1275 Concord, CA 94520 1276 US 1278 Phone: +1 925 363-8720 1279 EMail: jon.peterson@neustar.biz 1280 URI: http://www.neustar.biz 1282 Henning Schulzrinne 1283 Columbia University 1284 M/S 0401 1285 1214 Amsterdam Ave. 1286 New York, NY 10027 1287 US 1289 EMail: schulzrinne@cs.columbia.edu 1290 URI: http://www.cs.columbia.edu/~hgs 1292 Gonzalo Camarillo 1293 Ericsson Advanced Signalling Research Lab 1294 FIN-02420 Jorvas 1295 Finland 1297 EMail: Gonzalo.Camarillo@ericsson.com 1299 Intellectual Property Statement 1301 The IETF takes no position regarding the validity or scope of any 1302 intellectual property or other rights that might be claimed to 1303 pertain to the implementation or use of the technology described in 1304 this document or the extent to which any license under such rights 1305 might or might not be available; neither does it represent that it 1306 has made any effort to identify any such rights. Information on the 1307 IETF's procedures with respect to rights in standards-track and 1308 standards-related documentation can be found in BCP-11. Copies of 1309 claims of rights made available for publication and any assurances of 1310 licenses to be made available, or the result of an attempt made to 1311 obtain a general license or permission for the use of such 1312 proprietary rights by implementors or users of this specification can 1313 be obtained from the IETF Secretariat. 1315 The IETF invites any interested party to bring to its attention any 1316 copyrights, patents or patent applications, or other proprietary 1317 rights which may cover technology that may be required to practice 1318 this standard. Please address the information to the IETF Executive 1319 Director. 1321 Full Copyright Statement 1323 Copyright (C) The Internet Society (2003). All Rights Reserved. 1325 This document and translations of it may be copied and furnished to 1326 others, and derivative works that comment on or otherwise explain it 1327 or assist in its implementation may be prepared, copied, published 1328 and distributed, in whole or in part, without restriction of any 1329 kind, provided that the above copyright notice and this paragraph are 1330 included on all such copies and derivative works. However, this 1331 document itself may not be modified in any way, such as by removing 1332 the copyright notice or references to the Internet Society or other 1333 Internet organizations, except as needed for the purpose of 1334 developing Internet standards in which case the procedures for 1335 copyrights defined in the Internet Standards process must be 1336 followed, or as required to translate it into languages other than 1337 English. 1339 The limited permissions granted above are perpetual and will not be 1340 revoked by the Internet Society or its successors or assignees. 1342 This document and the information contained herein is provided on an 1343 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1344 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1345 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1346 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1347 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1349 Acknowledgement 1351 Funding for the RFC Editor function is currently provided by the 1352 Internet Society.