idnits 2.17.1 draft-ietf-sipping-app-interaction-framework-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3667, Section 5.1 on line 14. -- Found old boilerplate from RFC 3978, Section 5.5 on line 1685. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1662. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1669. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1675. ** Found boilerplate matching RFC 3978, Section 5.4, paragraph 1 (on line 1691), which is fine, but *also* found old RFC 2026, Section 10.4C, paragraph 1 text on line 36. ** The document seems to lack an RFC 3978 Section 5.1 IPR Disclosure Acknowledgement -- however, there's a paragraph with a matching beginning. Boilerplate error? ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. ** The document uses RFC 3667 boilerplate or RFC 3978-like boilerplate instead of verbatim RFC 3978 boilerplate. After 6 May 2005, submission of drafts without verbatim RFC 3978 boilerplate is not accepted. The following non-3978 patterns matched text found in the document. That text should be removed or replaced: By submitting this Internet-Draft, I certify that any applicable patent or other IPR claims of which I am aware have been disclosed, or will be disclosed, and any of which I become aware will be disclosed, in accordance with RFC 3668. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 6 instances of too long lines in the document, the longest one being 4 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 749: '...ription). As such, user agents SHOULD...' RFC 2119 keyword, line 805: '... the application MAY push presentation...' RFC 2119 keyword, line 815: '... the application MAY push presentation...' RFC 2119 keyword, line 835: '... An application MUST NOT attempt to p...' RFC 2119 keyword, line 838: '...t an application MUST NOT push a user ...' (49 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 19, 2004) is 7193 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3265 (ref. '3') (Obsoleted by RFC 6665) -- Possible downref: Non-RFC (?) normative reference: ref. '4' == Outdated reference: A later version (-08) exists of draft-ietf-sipping-kpml-03 == Outdated reference: A later version (-15) exists of draft-ietf-sip-gruu-01 == Outdated reference: A later version (-06) exists of draft-ietf-sip-identity-02 == Outdated reference: A later version (-05) exists of draft-ietf-sipping-conferencing-framework-01 == Outdated reference: A later version (-06) exists of draft-ietf-sipping-dialog-package-04 -- Obsolete informational reference (is this intentional?): RFC 2833 (ref. '17') (Obsoleted by RFC 4733, RFC 4734) Summary: 9 errors (**), 0 flaws (~~), 7 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 SIPPING J. Rosenberg 2 Internet-Draft dynamicsoft 3 Expires: January 17, 2005 July 19, 2004 5 A Framework for Application Interaction in the Session Initiation 6 Protocol (SIP) 7 draft-ietf-sipping-app-interaction-framework-02 9 Status of this Memo 11 By submitting this Internet-Draft, I certify that any applicable 12 patent or other IPR claims of which I am aware have been disclosed, 13 and any of which I become aware will be disclosed, in accordance with 14 RFC 3668. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that 18 other groups may also distribute working documents as 19 Internet-Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six months 22 and may be updated, replaced, or obsoleted by other documents at any 23 time. It is inappropriate to use Internet-Drafts as reference 24 material or to cite them other than as "work in progress." 26 The list of current Internet-Drafts can be accessed at 27 http://www.ietf.org/ietf/1id-abstracts.txt. 29 The list of Internet-Draft Shadow Directories can be accessed at 30 http://www.ietf.org/shadow.html. 32 This Internet-Draft will expire on January 17, 2005. 34 Copyright Notice 36 Copyright (C) The Internet Society (2004). All Rights Reserved. 38 Abstract 40 This document describes a framework for the interaction between users 41 and Session Initiation Protocol (SIP) based applications. By 42 interacting with applications, users can guide the way in which they 43 operate. The focus of this framework is stimulus signaling, which 44 allows a user agent to interact with an application without knowledge 45 of the semantics of that application. Stimulus signaling can occur 46 to a user interface running locally with the client, or to a remote 47 user interface, through media streams. Stimulus signaling 48 encompasses a wide range of mechanisms, ranging from clicking on 49 hyperlinks, to pressing buttons, to traditional Dual Tone Multi 50 Frequency (DTMF) input. In all cases, stimulus signaling is 51 supported through the use of markup languages, which play a key role 52 in this framework. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 3. A Model for Application Interaction . . . . . . . . . . . . . 8 59 3.1 Functional vs. Stimulus . . . . . . . . . . . . . . . . . 9 60 3.2 Real-Time vs. Non-Real Time . . . . . . . . . . . . . . . 10 61 3.3 Client-Local vs. Client-Remote . . . . . . . . . . . . . . 10 62 3.4 Presentation Capable vs. Presentation Free . . . . . . . . 11 63 4. Interaction Scenarios on Telephones . . . . . . . . . . . . . 13 64 4.1 Client Remote . . . . . . . . . . . . . . . . . . . . . . 13 65 4.2 Client Local . . . . . . . . . . . . . . . . . . . . . . . 13 66 4.3 Flip-Flop . . . . . . . . . . . . . . . . . . . . . . . . 14 67 5. Framework Overview . . . . . . . . . . . . . . . . . . . . . . 16 68 6. Deployment Topologies . . . . . . . . . . . . . . . . . . . . 19 69 6.1 Third Party Application . . . . . . . . . . . . . . . . . 19 70 6.2 Co-Resident Application . . . . . . . . . . . . . . . . . 19 71 6.3 Third Party Application and User Device Proxy . . . . . . 20 72 6.4 Proxy Application . . . . . . . . . . . . . . . . . . . . 22 73 7. Application Behavior . . . . . . . . . . . . . . . . . . . . . 23 74 7.1 Client Local Interfaces . . . . . . . . . . . . . . . . . 23 75 7.1.1 Discovering Capabilities . . . . . . . . . . . . . . . 23 76 7.1.2 Pushing an Initial Interface Component . . . . . . . . 23 77 7.1.3 Updating an Interface Component . . . . . . . . . . . 25 78 7.1.4 Terminating an Interface Component . . . . . . . . . . 26 79 7.2 Client Remote Interfaces . . . . . . . . . . . . . . . . . 26 80 7.2.1 Originating and Terminating Applications . . . . . . . 27 81 7.2.2 Intermediary Applications . . . . . . . . . . . . . . 27 82 8. User Agent Behavior . . . . . . . . . . . . . . . . . . . . . 28 83 8.1 Advertising Capabilities . . . . . . . . . . . . . . . . . 28 84 8.2 Receiving User Interface Components . . . . . . . . . . . 28 85 8.3 Mapping User Input to User Interface Components . . . . . 30 86 8.4 Receiving Updates to User Interface Components . . . . . . 30 87 8.5 Terminating a User Interface Component . . . . . . . . . . 31 88 9. Inter-Application Feature Interaction . . . . . . . . . . . . 32 89 9.1 Client Local UI . . . . . . . . . . . . . . . . . . . . . 32 90 9.2 Client-Remote UI . . . . . . . . . . . . . . . . . . . . . 33 91 10. Intra Application Feature Interaction . . . . . . . . . . . 34 92 11. Example Call Flow . . . . . . . . . . . . . . . . . . . . . 35 93 12. Security Considerations . . . . . . . . . . . . . . . . . . 40 94 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . 41 95 13.1 SIP Option Tag . . . . . . . . . . . . . . . . . . . . . . 41 96 13.2 Header Field Parameter . . . . . . . . . . . . . . . . . . 41 98 14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 42 99 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 43 100 15.1 Normative References . . . . . . . . . . . . . . . . . . . . 43 101 15.2 Informative References . . . . . . . . . . . . . . . . . . . 43 102 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 44 103 Intellectual Property and Copyright Statements . . . . . . . . 45 105 1. Introduction 107 The Session Initiation Protocol (SIP) [1] provides the ability for 108 users to initiate, manage, and terminate communications sessions. 109 Frequently, these sessions will involve a SIP application. A SIP 110 application is defined as a program running on a SIP-based element 111 (such as a proxy or user agent) that provides some value-added 112 function to a user or system administrator. Examples of SIP 113 applications include pre-paid calling card calls, conferencing, and 114 presence-based [11] call routing. 116 In order for most applications to properly function, they need input 117 from the user to guide their operation. As an example, a pre-paid 118 calling card application requires the user to input their calling 119 card number, their PIN code, and the destination number they wish to 120 reach. The process by which a user provides input to an application 121 is called "application interaction". 123 Application interaction can be either functional or stimulus. 124 Functional interaction requires the user device to understand the 125 semantics of the application, whereas stimulus interaction does not. 126 Stimulus signaling allows for applications to be built without 127 requiring modifications to the user device. Stimulus interaction is 128 the subject of this framework. The framework provides a model for 129 how users interact with applications through user interfaces, and how 130 user interfaces and applications can be distributed throughout a 131 network. This model is then used to describe how applications can 132 instantiate and manage user interfaces. 134 2. Definitions 135 SIP Application: A SIP application is defined as a program running on 136 a SIP-based element (such as a proxy or user agent) that provides 137 some value-added function to a user or system administrator. 138 Examples of SIP applications include pre-paid calling card calls, 139 conferencing, and presence-based [11] call routing. 140 Application Interaction: The process by which a user provides input 141 to an application. 142 Real-Time Application Interaction: Application interaction that takes 143 place while an application instance is executing. For example, 144 when a user enters their PIN number into a pre-paid calling card 145 application, this is real-time application interaction. 146 Non-Real Time Application Interaction: Application interaction that 147 takes place asynchronously with the execution of the application. 148 Generally, non-real time application interaction is accomplished 149 through provisioning. 150 Functional Application Interaction: Application interaction is 151 functional when the user device has an understanding of the 152 semantics of the interaction with the application. 153 Stimulus Application Interaction: Application interaction is 154 considered to be stimulus when the user device has no 155 understanding of the semantics of the interaction with the 156 application. 157 User Interface (UI): The user interface provides the user with 158 context in order to make decisions about what they want. The user 159 enters information into the user interface. The user interface 160 interprets the information, and passes it to the application. 161 User Interface Component: A piece of user interface which operates 162 independently of other pieces of the user interface. For example, 163 a user might have two separate web interfaces to a pre-paid 164 calling card application - one for hanging up and making another 165 call, and another for entering the username and PIN. 166 User Device: The software or hardware system that the user directly 167 interacts with in order to communicate with the application. An 168 example of a user device is a telephone. Another example is a PC 169 with a web browser. 170 User Device Proxy: A software or hardware system that a user 171 indirectly interacts through in order to communicate with the 172 application. This indirection can be through a network. An 173 example is a gateway from IP to the Public Switched Telephone 174 Network (PSTN). It acts a user device proxy, acting on behalf of 175 the user on the circuit network. 176 User Input: The "raw" information passed from a user to a user 177 interface. Examples of user input include a spoken word or a 178 click on a hyperlink. 180 Client-Local User Interface: A user interface which is co-resident 181 with the user device. 182 Client-Remote User Interface: A user interface which executes 183 remotely from the user device. In this case, a standardized 184 interface is needed between the user device and the user 185 interface. Typically, this is done through media sessions - 186 audio, video, or application sharing. 187 Media Interaction: A means of separating a user and a user interface 188 by connecting them with media streams. 189 Interactive Voice Response (IVR): An IVR is a type of user interface 190 that allows users to speak commands to the application, and hear 191 responses to those commands prompting for more information. 192 Prompt-and-Collect: The basic primitive of an IVR user interface. 193 The user is presented with a voice option, and the user speaks 194 their choice. 195 Barge-In: In an IVR user interface, a user is prompted to enter some 196 information. With some prompts, the user may enter the requested 197 information before the prompt completes. In that case, the prompt 198 ceases. The act of entering the information before completion of 199 the prompt is referred to as barge-in. 200 Focus: A user interface component has focus when user input is 201 provided fed to it, as opposed to any other user interface 202 components. This is not to be confused with the term focus within 203 the SIP conferencing framework, which refers to the center user 204 agent in a conference [13]. 205 Focus Determination: The process by which the user device determines 206 which user interface component will receive the user input. 207 Focusless User Interface: A user interface which has no ability to 208 perform focus determination. An example of a focusless user 209 interface is a keypad on a telephone. 210 Presentation Capable UI: A user interface which can prompt the user 211 with input, collect results, and then prompt the user with new 212 information based on those results. 213 Presentation Free UI: A user interface which cannot prompt the user 214 with information. 215 Feature Interaction: A class of problems which result when multiple 216 applications or application components are trying to provide 217 services to a user at the same time. 218 Inter-Application Feature Interaction: Feature interactions that 219 occur between applications. 220 DTMF: Dual-Tone Multi-Frequency. DTMF refer to a class of tones 221 generated by circuit switched telephony devices when the user 222 presses a key on the keypad. As a result, DTMF and keypad input 223 are often used synonymously, when in fact one of them (DTMF) is 224 merely a means of conveying the other (the keypad input) to a 225 client-remote user interface (the switch, for example). 227 Application Instance: A single execution path of a SIP application. 228 Originating Application: A SIP application which acts as a UAC, 229 making a call on behalf of the user. 230 Terminating Application: A SIP application which acts as a UAS, 231 answering a call generated by a user. IVR applications are 232 terminating applications. 233 Intermediary Application: A SIP application which is neither the 234 caller or callee, but rather, a third party involved in a call. 236 3. A Model for Application Interaction 238 +---+ +---+ +---+ +---+ 239 | | | | | | | | 240 | | | U | | U | | A | 241 | | Input | s | Input | s | Results | p | 242 | | ---------> | e | ---------> | e | ----------> | p | 243 | U | | r | | r | | l | 244 | s | | | | | | i | 245 | e | | D | | I | | c | 246 | r | Output | e | Output | f | Update | a | 247 | | <--------- | v | <--------- | a | <.......... | t | 248 | | | i | | c | | i | 249 | | | c | | e | | o | 250 | | | e | | | | n | 251 | | | | | | | | 252 +---+ +---+ +---+ +---+ 254 Figure 1: Model for Real-Time Interactions 256 Figure 1 presents a general model for how users interact with 257 applications. Generally, users interact with a user interface 258 through a user device. A user device can be a telephone, or it can 259 be a PC with a web browser. Its role is to pass the user input from 260 the user, to the user interface. The user interface provides the 261 user with context in order to make decisions about what they want. 262 The user enters information into the user interface. The user 263 interface interprets the information, and passes it as a user 264 interface event to the application. The application may be able to 265 modify the user interface based on this event. Whether or not this 266 is possible depends on the type of user interface. 268 User interfaces are fundamentally about rendering and interpretation. 269 Rendering refers to the way in which the user is provided context. 270 This can be through hyperlinks, images, sounds, videos, text, and so 271 on. Interpretation refers to the way in which the user interface 272 takes the "raw" data provided by the user, and returns the result to 273 the application as a meaningful event, abstracted from the 274 particulars of the user interface. As an example, consider a 275 pre-paid calling card application. The user interface worries about 276 details such as what prompt the user is provided, whether the voice 277 is male or female, and so on. It is concerned with recognizing the 278 speech that the user provides, in order to obtain the desired 279 information. In this case, the desired information is the calling 280 card number, the PIN code, and the destination number. The 281 application needs that data, and it doesn't matter to the application 282 whether it was collected using a male prompt or a female one. 284 User interfaces generally have real-time requirements towards the 285 user. That is, when a user interacts with the user interface, the 286 user interface needs to react quickly, and that change needs to be 287 propagated to the user right away. However, the interface between 288 the user interface and the application need not be that fast. Faster 289 is better, but the user interface itself can frequently compensate 290 for long latencies there. In the case of a pre-paid calling card 291 application, when the user is prompted to enter their PIN, the prompt 292 should generally stop immediately once the first digit of the PIN is 293 entered. This is referred to as barge-in. After the user-interface 294 collects the rest of the PIN, it can tell the user to "please wait 295 while processing". The PIN can then be gradually transmitted to the 296 application. In this example, the user interface has compensated for 297 a slow UI to application interface by asking the user to wait. 299 The separation between user interface and application is absolutely 300 fundamental to the entire framework provided in this document. Its 301 importance cannot be overstated. 303 With this basic model, we can begin to taxonomize the types of 304 systems that can be built. 306 3.1 Functional vs. Stimulus 308 The first way to taxonomize the system is to consider the interface 309 between the UI and the application. There are two fundamentally 310 different models for this interface. In a functional interface, the 311 user interface has detailed knowledge about the application, and is, 312 in fact, specific to the application. The interface between the two 313 components is through a functional protocol, capable of representing 314 the semantics which can be exposed through the user interface. 315 Because the user interface has knowledge of the application, it can 316 be optimally designed for that application. As a result, functional 317 user interfaces are almost always the most user friendly, the fastest 318 and the most responsive. However, in order to allow interoperability 319 between user devices and applications, the details of the functional 320 protocols need to be specified in standards. This slows down 321 innovation and limits the scope of applications that can be built. 323 An alternative is a stimulus interface. In a stimulus interface, the 324 user interface is generic; totally ignorant of the details of the 325 application. Indeed, the application may pass instructions to the 326 user interface describing how it should operate. The user interface 327 translates user input into "stimulus" - which are data understood 328 only by the application, and not by the user interface. Because they 329 are generic, and because they require communications with the 330 application in order to change the way in which they render 331 information to the user, stimulus user interfaces are usually slower, 332 less user friendly, and less responsive than a functional 333 counterpart. However, they allow for substantial innovation in 334 applications, since no standardization activity is needed to build a 335 new application, as long as it can interact with the user within the 336 confines of the user interface mechanism. The web is an example of a 337 stimulus user interface to applications. 339 In SIP systems, functional interfaces are provided by extending the 340 SIP protocol to provide the needed functionality. For example, the 341 SIP caller preferences specification [14] provides a functional 342 interface that allows a user to request applications to route the 343 call to specific types of user agents. Functional interfaces are 344 important, but are not the subject of this framework. The primary 345 goal of this framework is to address the role of stimulus interfaces 346 to SIP applications. 348 3.2 Real-Time vs. Non-Real Time 350 Application interaction systems can also be real-time or 351 non-real-time. Non-real interaction allows the user to enter 352 information about application operation asynchronously with its 353 invocation. Frequently, this is done through provisioning systems. 354 As an example, a user can set up the forwarding number for a 355 call-forward on no-answer application using a web page. Real-time 356 interaction requires the user to interact with the application at the 357 time of its invocation. 359 3.3 Client-Local vs. Client-Remote 361 Another axis in the taxonomization is whether the user interface is 362 co-resident with the user device (which we refer to as a client-local 363 user interface), or the user interface runs in a host separated from 364 the client (which we refer to as a client-remote user interface). In 365 a client-remote user interface, there exists some kind of protocol 366 between the client device and the UI that allows the client to 367 interact with the user interface over a network. 369 The most important way to separate the UI and the client device is 370 through media interaction. In media interaction, the interface 371 between the user and the user interface is through media - audio, 372 video, messaging, and so on. This is the classic mode of operation 373 for VoiceXML [4], where the user interface (also referred to as the 374 voice browser) runs on a platform in the network. Users communicate 375 with the voice browser through the telephone network (or using a SIP 376 session). The voice browser interacts with the application using 377 HTTP to convey the information collected from the user. 379 In the case of a client-local user interface, the user interface runs 380 co-located with the user device. The interface between them is 381 through the software that interprets the users input and passes them 382 to the user interface. The classic example of this is the web. In 383 the web, the user interface is a web browser, and the interface is 384 defined by the HTML document that it's rendering. The user interacts 385 directly with the user interface running in the browser. The results 386 of that user interface are sent to the application (running on the 387 web server) using HTTP. 389 It is important to note that whether or not the user interface is 390 local or remote (in the case of media interaction) is not a property 391 of the modality of the interface, but rather a property of the 392 system. As an example, it is possible for a web-based user interface 393 to be provided with a client-remote user interface. In such a 394 scenario, video and application sharing media sessions can be used 395 between the user and the user interface. The user interface, still 396 guided by HTML, now runs "in the network", remote from the client. 397 Similarly, a VoiceXML document can be interpreted locally by a client 398 device, with no media streams at all. Indeed, the VoiceXML document 399 can be rendered using text, rather than media, with no impact on the 400 interface between the user interface and the application. 402 It is also important to note that systems can be hybrid. In a hybrid 403 user interface, some aspects of it (usually those associated with a 404 particular modality) run locally, and others run remotely. 406 3.4 Presentation Capable vs. Presentation Free 408 A user interface can be capable of presenting information to the user 409 (a presentation capable UI), or it can be capable only of collecting 410 user input (a presentation free UI). These are very different types 411 of user interfaces. A presentation capable UI can provide the user 412 with feedback after every input, providing the context for collecting 413 the next input. As a result, presentation capable user interfaces 414 require an update to the information provided to the user after each 415 input. The web is a classic example of this. After every input 416 (i.e., a click), the browser provides the input to the application 417 and fetches the next page to render. In a presentation free user 418 interface, this is not the case. Since the user is not provided with 419 feedback, these user interfaces tend to merely collect information as 420 its entered, and pass it to the application. 422 Another difference is that a presentation-free user interface cannot 423 support the concept of a focus. As a result, if multiple 424 applications wish to gather input from the user, there is no way for 425 the user to select which application the input is destined for. The 426 input provided to applications through presentation-free user 427 interfaces is more of a broadcast or notification operation, as a 428 result. 430 4. Interaction Scenarios on Telephones 432 In this section, we applied the model of Section 3 to telephones. 434 In a traditional telephone, the user interface consists of a 12-key 435 keypad, a speaker, and a microphone. Indeed, from here forward, the 436 term "telephone" is used to represent any device that meets, at a 437 minimum, the characteristics described in the previous sentence. 438 Circuit-switched telephony applications are almost universally 439 client-remote user interfaces. In the Public Switched Telephone 440 Network (PSTN), there is usually a circuit interface between the user 441 and the user interface. The user input from the keypad is conveyed 442 used Dual-Tone Multi-Frequency (DTMF), and the microphone input as 443 Pulse Code Modulated (PCM) encoded voice. 445 In an IP-based system, there is more variability in how the system 446 can be instantiated. Both client-remote and client-local user 447 interfaces to a telephone can be provided. 449 In this framework, a PSTN gateway can be considered a User Device 450 Proxy. It is a proxy for the user because it can provide, to a user 451 interface on an IP network, input taken from a user on a circuit 452 switched telephone. The gateway may be able to run a client-local 453 user interface, just as an IP telephone might. 455 4.1 Client Remote 457 The most obvious instantiation is the "classic" circuit-switched 458 telephony model. In that model, the user interface runs remotely 459 from the client. The interface between the user and the user 460 interface is through media, set up by SIP and carried over the Real 461 Time Transport Protocol (RTP) [16]. The microphone input can be 462 carried using any suitable voice encoding algorithm. The keypad 463 input can be conveyed in one of two ways. The first is to convert 464 the keypad input to DTMF, and then convey that DTMF using a suitance 465 encoding algorithm for it (such as PCMU). An alternative, and 466 generally the preferred approach, is to transmit the keypad input 467 using RFC 2833 [17], which provides an encoding mechanism for 468 carrying keypad input within RTP. 470 In this classic model, the user interface would run on a server in 471 the IP network. It would perform speech recognition and DTMF 472 recognition to derive the user intent, feed them through the user 473 interface, and provide the result to an application. 475 4.2 Client Local 477 An alternative model is for the entire user interface to reside on 478 the telephone. The user interface can be a VoiceXML browser, running 479 speech recognition on the microphone input, and feeding the keypad 480 input directly into the script. As discussed above, the VoiceXML 481 script could be rendered using text instead of voice, if the 482 telephone had a textual display. 484 For simpler phones without a display, the user interface can be 485 described by a Keypad Markup Language request document [7]. As the 486 user enters digits in the keypad, they are passed to the user 487 interface, which generates user interface events that can be 488 transported to the application. 490 4.3 Flip-Flop 492 A middle-ground approach is to flip back and forth between a 493 client-local and client-remote user interface. Many voice 494 applications are of the type which listen to the media stream and 495 wait for some specific trigger that kicks off a more complex user 496 interaction. The long pound in a pre-paid calling card application 497 is one example. Another example is a conference recording 498 application, where the user can press a key at some point in the call 499 to begin recording. When the key is pressed, the user hears a 500 whisper to inform them that recording has started. 502 The ideal way to support such an application is to install a 503 client-local user interface component that waits for the trigger to 504 kick off the real interaction. Once the trigger is received, the 505 application connects the user to a client-remote user interface that 506 can play announements, collect more information, and so on. 508 The benefit of flip-flopping between a client-local and client-remote 509 user interface is cost. The client-local user interface will 510 eliminate the need to send media streams into the network just to 511 wait for the user to press the pound key on the keypad. 513 The Keypad Markup Language (KPML) was designed to support exactly 514 this kind of need [7]. It models the keypad on a phone, and allows 515 an application to be informed when any sequence of keys have been 516 pressed. However, KPML has no presentation component. Since user 517 interfaces generally require a response to user input, the 518 presentation will need to be done using a client-remote user 519 interface that gets instantiated as a result of the trigger. 521 It is tempting to use a hybrid model, where a prompt-and-collect 522 application is implemented by using a client-remote user interface 523 that plays the prompts, and a client-local user interface, described 524 by KPML, that collects digits. However, this only complicates the 525 application. Firstly, the keypad input will be sent to both the 526 media stream and the KPML user interface. This requires the 527 application to sort out which user inputs are duplicates, a process 528 that is very complicated. Secondly, the primary benefit of KPML is 529 to avoid having a media stream towards a user interface. However, 530 there is already a media stream for the prompting, so there is no 531 real savings. 533 5. Framework Overview 535 In this framework, we use the term "SIP application" to refer to a 536 broad set of functionality. A SIP application is a program running 537 on a SIP-based element (such as a proxy or user agent) that provides 538 some value-added function to a user or system administrator. SIP 539 applications can execute on behalf of a caller, a called party, or a 540 multitude of users at once. 542 Each application has a number of instances that are executing at any 543 given time. An instance represents a single execution path for an 544 application. Each instance has a well defined lifecycle. It is 545 established as a result of some event. That event can be a SIP 546 event, such as the reception of a SIP INVITE request, or it can be a 547 non-SIP event, such as a web form post or even a timer. Application 548 instances also have a specific end time. Some instances have a 549 lifetime that is coupled with a SIP transaction or dialog. For 550 example, a proxy application might begin when an INVITE arrives, and 551 terminate when the call is answered. Other applications have a 552 lifetime that spans multiple dialogs or transactions. For example, a 553 conferencing application instance may exist so long as there are any 554 dialogs connected to it. When the last dialog terminates, the 555 application instance terminates. Other applications have a liftime 556 that is completely decoupled from SIP events. 558 It is fundamental to the framework described here that multiple 559 application instances may interact with a user during a single SIP 560 transaction or dialog. Each instance may be for the same 561 application, or different applications. Each of the applications may 562 be completely independent, in that they may be owned by different 563 providers, and may not be aware of each others existence. Similarly, 564 there may be application instances interacting with the caller, and 565 instances interacting with the callee, both within the same 566 transaction or dialog. 568 The first step in the interaction with the user is to instantiate one 569 or more user interface components for the application instance. A 570 user interface component is a single piece of the user interface that 571 is defined by a logical flow that is not synchronously coupled with 572 any other component. In other words, each component runs more or 573 less independently. 575 A user interface component can be instantiated in one of the user 576 agents in a dialog (for a client-local user interface), or within a 577 network element (for a client-remote user interface). If a 578 client-local user interface is to be used, the application needs to 579 determine whether or not the user agent is capable of supporting a 580 client-local user interface, and in what format. In this framework, 581 all client-local user interface components are described by a markup 582 language. A markup language describes a logical flow of presentation 583 of information to the user, collection of information from the user, 584 and transmission of that information to an application. Examples of 585 markup languages include HTML, WML, VoiceXML, and the Keypad Markup 586 Language (KPML) [7]. 588 Unlike an application instance, which has very flexible lifetimes, a 589 user interface component has a very fixed lifetime. A user interface 590 component is always associated with a dialog. The user interface 591 component can be created at any point after the dialog (or early 592 dialog) is created. However, the user interface component terminates 593 when the dialog terminates. The user interface component can be 594 terminated earlier by the user agent, and possibly by the 595 application, but its lifetime never exceeds that of its associated 596 dialog. 598 There are two ways to create a client local interface component. For 599 interface components that are presentation capable, the application 600 sends a REFER [6] request to the user agent. The Refer-To header 601 field contains an HTTP URI that points to the markup for the user 602 interface. For interface components that are presentation free (such 603 as those defined by KPML), the application sends a SUBSCRIBE request 604 to the user agent. The body of the SUBSCRIBE request contains a 605 filter, which, in this case, is the markup that defines when 606 information is to be sent to the application in a NOTIFY. 608 If a user interface component is to be instantiated in the network, 609 there is no need to determine the capabilities of the device on which 610 the user interface is instantiated. Presumably, it is on a device on 611 which the application knows a UI can be created. However, the 612 application does need to connect the user device to the user 613 interface. This will require manipulation of media streams in order 614 to establish that connection. 616 The interface between the user interface component and the 617 application depends on the type of user interface. For presentation 618 capable user interfaces, such as those described by HTML and 619 VoiceXML, HTTP form POST operations are used. For presentation free 620 user interfaces, a SIP NOTIFY is used. The differing needs and 621 capabilities of these two user interfaces, as described in Section 622 3.4, is what drives the different choices for the interactions. 623 Since presentation capable user interfaces require an update to the 624 presentation every time user data is entered, they are a good match 625 for HTTP. Since presentation free user interfaces merely transmit 626 user input to the application, a NOTIFY is more appropriate. 628 Indeed, for presentation free user interfaces, there are two 629 different modalities of operation. The first is called "one shot". 630 In the one-shot role, the markup waits for a user to enter some 631 information, and when they do, reports this event to the application. 632 The application then does something, and the markup is no longer 633 used. In the other modality, called "monitor", the markup stays 634 permanently resident, and reports information back to an application 635 until termination of the associated dialog. 637 6. Deployment Topologies 639 This section presents some of the network topologies in which this 640 framework can be instantiated. 642 6.1 Third Party Application 644 +-------------+ 645 /---| Application | 646 / +-------------+ 647 / 648 SUB/ / REFER/ 649 NOT / HTTP 650 / 651 +--------+ SIP (INVITE) +-----+ 652 | UI A--------------------X | 653 |........| | SIP | 654 | User | RTP | UA | 655 | Device B--------------------Y | 656 +--------+ +-----+ 658 Figure 2: Third Party Topology 660 In this topology, the application that is interested in interacting 661 with the users exists outside of the SIP dialog between the user 662 agents. In that case, the application learns about the initiation 663 and termination of the dialog, along with the dialog identifiers, 664 through some out of band means. One such possibility is the dialog 665 event package [15]. Dialog information is only revealed to trusted 666 parties, so the application would need to be trusted by one of the 667 users in order to obtain this information. 669 At any point during the dialog, the application can instantiate user 670 interface components on the user device of the caller or callee. It 671 can do this either using SUBSCRIBE or REFER, depending on the type of 672 user interface (presentation capable or presentation free). 674 6.2 Co-Resident Application 675 +--------+ SIP (INVITE) +-----+ 676 | User A--------------------X SIP | 677 | Device | RTP | UA | 678 |........B--------------------Y | 679 | | SUB/NOT | App)| 680 | UI A'-------------------X' | 681 +--------+ REFER/HTTP +-----+ 683 Figure 3: Co-Resident Topology 685 In this deployment topology, the application is co-resident with one 686 of the user agents (the one on the right in the picture above). This 687 application can install client-local user interface components on the 688 other user agent, which is acting as the user device. These 689 components can be installed using either SUBSCRIBE, for presentation 690 free user interfaces, or REFER, for presentation capable ones. 692 If the application resides in the called party, it is called a 693 terminating application. If it resides in the calling party, it is 694 called an originating application. 696 This kind of topology is common in protocol converter and gateway 697 applications. 699 6.3 Third Party Application and User Device Proxy 701 +-------------+ 702 /---| Application | 703 / +-------------+ 704 / 705 SUB/ / REFER/ 706 NOT / HTTP 707 / 708 +-----+ SIP +---M----+ SIP +-----+ 709 | V--------------------C A--------------------X | 710 | SIP | | UI | | SIP | 711 | UAa | RTP | | RTP | UAb | 712 | W--------------------D B--------------------Y | 713 +-----+ +--------+ +-----+ 714 User User 715 Device Device 716 Proxy 718 Figure 4: User Device Proxy Topology 720 In this deployment topology, there is a third party application as in 721 Section 6.1. However, instead of installing a user interface 722 component on the end user device, the component is installed in an 723 intermediate device, known as a User Device Proxy. From the 724 perspective of the actual user device (on the left), the User Device 725 Proxy is a client remote user interface. As such, media, typically 726 transported using RTP (including RFC 2833 for carrying user input), 727 is sent from the user device to the client remote user interface on 728 the User Device Proxy. As far as the application is concerned, it is 729 installing what it thinks is a client local user interface on the 730 user device, but it happens to be on a user device proxy which looks 731 like the user device to the application. 733 The user device proxy will need to terminate and re-originate both 734 signaling (SIP) and media traffic towards the actual peer in the 735 conversation. The User Device Proxy is a media relay in the 736 terminology of RFC 3550 [16]. The User Device Proxy will need to 737 monitor the media streams associated with each dialog, in order to 738 convert user input received in the media stream to events reported to 739 the user interface. This can pose a challenge in multi-media 740 systems, where it may be unclear on which media stream the user input 741 is being sent. As discussed in RFC 3264 [18], if a user agent has a 742 single media source and is supporting multiple streams, it is 743 supposed to send that source to all streams. In cases where there 744 are multiple sources, the mapping is a matter of local policy. In 745 the absence of a way to explicitly identify or request which sources 746 map to which streams, the user device proxy will need to do the best 747 job it can. This specification RECOMMENDS that the User Device Proxy 748 monitor the first stream (defined in terms of ordering of media 749 sessions within a session description). As such, user agents SHOULD 750 send their user input on the first stream, absent a policy to direct 751 it otherwise. 753 6.4 Proxy Application 755 +----------+ 756 SUB/NOT | App | SUB/NOT 757 +--------------->| |<-----------------+ 758 | REFER/HTTP |..........| REFER/HTTP | 759 | | SIP | | 760 | | Proxy | | 761 | +----------+ | 762 V ^ | V 763 +----------+ | | +----------+ 764 | UI | INVITE | | INVITE | UI | 765 | |------------+ +------------>| | 766 |......... | |..........| 767 | SIP |...................................| SIP | 768 | UA | | UA | 769 +----------+ RTP +----------+ 770 User Device User Device 772 Figure 5: Proxy Application Topology 774 In this topology, the application is co-resident with a transaction 775 stateful, record-routing proxy server on the call path between two 776 user devices. The application uses SUBSCRIBE or REFER to install 777 user interface components on one or both user devices. 779 This topology is common in routing applications, such as a 780 web-assisted call routing application. 782 7. Application Behavior 784 The behavior of an application within this framework depends on 785 whether it seeks to use a client-local or client-remote user 786 interface. 788 7.1 Client Local Interfaces 790 One key component of this framework is support for client local user 791 interfaces. 793 7.1.1 Discovering Capabilities 795 A client local user interface can only be instantiated on a user 796 agent if the user agent supports that type of user interface 797 component. Support for client local user interface components is 798 declared by both the UAC and a UAS in its Accept, Allow, Contact and 799 Allow-Event header fields of dialog-initiating requests and 800 responses. If the Allow header field indicates support for the SIP 801 SUBSCRIBE method, and the Allow-Event header field indicates support 802 for the kpml package [7], and the Supported header field indicates 803 that its Contact URI is a GRUU [8], it means that the UA can 804 instantiate presentation free user interface components. In this 805 case, the application MAY push presentation free user interface 806 components according to the rules of Section 7.1.2. The specific 807 markup languages that can be supported are indicated in the Accept 808 header field. 810 If the Allow header field indicates support for the SIP REFER method, 811 the Supported header field indicates support for the "refer-context" 812 extension described below, and the Contact header field contains UA 813 capabilities [5] that indicate support for the HTTP URI scheme, it 814 means that the UA supports presentation capable user interface 815 components. In this case, the application MAY push presentation 816 capable user interface components to the client according to the 817 rules of Section 7.1.2. The specific markups that are supported are 818 indicated in the Accept header field. 820 A third party application that is not present on the call path will 821 not be privy to these headers in the dialog requests that pass by. 822 As such, it will need to obtain this capability information in other 823 ways. One way is through the registration event package [19], which 824 can contain user agent capability information provided in REGISTER 825 requests [5]. 827 7.1.2 Pushing an Initial Interface Component 829 Generally, we anticipate that interface components will need to be 830 created at various different points in a SIP session. Clearly, they 831 will need to be pushed during session setup, or after the session is 832 established. A user interface component is always associated with a 833 specific dialog, however. 835 An application MUST NOT attempt to push a user interface component to 836 a user agent until it has determined that the user agent has the 837 neccesary capabilities and a dialog has been created. In the case of 838 a UAC, this means that an application MUST NOT push a user interface 839 component for an INVITE initiated dialog until the application has 840 seen a request confirming the receipt of a dialog-creating response. 841 This could be an ACK for a 200 OK, or a PRACK for a provisional 842 response [2]. For SUBSCRIBE initiated dialogs, it MUST NOT push a 843 user interface component until the application has seen a 200 OK to 844 the NOTIFY request. For a user interface component on a UAS, the 845 application MUST NOT push a user interface component for an INVITE 846 initiated dialog until it has seen a dialog-creating response from 847 the UAS. For a SUBSCRIBE initiated dialog, it MUST NOT push a user 848 interface component until it has seen a NOTIFY request from the 849 notifier. 851 To create a presentation capable UI component on the UA, the 852 application sends a REFER request to the UA. This REFER MUST be sent 853 to the Globally Routable UA URI (GRUU) [8] advertised by that UA in 854 the Contact header field of the dialog initiating request or response 855 sent by that UA. Note that this REFER request creates a separate 856 dialog between the application and the UA. The Refer-To header field 857 of the REFER request MUST contain an HTTP URI that references the 858 markup document to be fetched. 860 Furthermore, it is essential for the REFER request to be correlated 861 with the dialog to which the user interface component will be 862 associated. This is necessary for authorization and for terminating 863 the user interface components when the dialog terminates. To provide 864 this context, this specification defines the "context" header field 865 parameter as an extension to the Refer-To heder field. The grammar 866 for this header field parameter is: 868 refer-to-ctxt = "context" EQUAL DQUOTE local-tag "," remote-tag 869 "," callid DQUOTE ; callid defined in RFC 3261 870 ;; NOTE: any DQUOTEs inside callid MUST be escaped 871 ;; using quoted pair 872 local-tag = token 873 remote-tag = token 875 Refer-To = ("Refer-To" / "r") HCOLON ( name-addr / addr-spec ) * 876 (SEMI (generic-param / refer-to-ctxt)) 878 The application MUST include the context header field parameter in 879 the REFER request. The remote-tag MUST be set to the remote tag of 880 the dialog as seen by the user device. The local-tag MUST be set to 881 the local tag of the dialog as seen by the user device. The callid 882 MUST be set to the Call-ID of the dialog as seen by the device. 883 Since the callid grammar allows it to contain double quotes, any such 884 double quotes MUST be represented with a quoted pair. 886 Since the "context" parameter in the Refer-To header field must be 887 understood by the UA to process the request, this specification 888 defines a new SIP option tag, "refer-context". A REFER request 889 generated by an application MUST include a Require header field with 890 this option tag value. Fortunately, the application will know ahead 891 of time whether this extension is supported, as discussed in Section 892 7.1.1. 894 To create a presentation free user interface component, the 895 application sends a SUBSCRIBE request to the UA. The SUBSCRIBE MUST 896 be sent to the GRUU advertised by the UA. This SUBSCRIBE request 897 creates a separate dialog. The SUBSCRIBE request MUST use the KPML 898 [7] event package. The Event header field MUST contain parameters 899 which identify the particular dialog that the interface component is 900 being instantiated against. The body of the SUBSCRIBE request 901 contains the markup document that defines the conditions under which 902 the application wishes to be notified of user input. 904 In both cases, the REFER or SUBSCRIBE request SHOULD include a 905 display name in the From header field which identifies the name of 906 the application. For example, a prepaid calling card might include a 907 From header field which looks like: 909 From: "Prepaid Calling Card" 911 Any of the SIP identity assertion mechanisms that have been defined, 912 such as [10] and [12] are applicable to these requests as well. 914 7.1.3 Updating an Interface Component 916 Once a user interface component has been created on a client, it can 917 be updated. The means for updating it depends on the type of UI 918 component. 920 Presentation capable UI components are updated using techniques 921 already in place for those markups. In particular, user input will 922 cause an HTTP POST operation to push the user input to the 923 application. The result of the POST operation is a new markup that 924 the UI is supposed to use. This allows the UI to updated in response 925 to user action. Some markups, such as HTML, provide the ability to 926 force a refresh after a certain period of time, so that the UI can be 927 updated without user input. Those mechanisms can be used here as 928 well. However, there is no support for an asynchronous push of an 929 updated UI component from the appliciation to the user agent. A new 930 REFER request to the same GRUU would create a new UI component rather 931 than updating any components already in place. 933 For presentation free UI, the story is different. The application 934 MAY update the filter at any time by generating a SUBSCRIBE refresh 935 with the new filter. The UA will immediately begin using this new 936 filter. 938 7.1.4 Terminating an Interface Component 940 User interface components have a well defined lifetime. They are 941 created when the component is first pushed to the client. User 942 interface components are always associated with the SIP dialog on 943 which they were pushed. As such, their lifetime is bound by the 944 lifetime of the dialog. When the dialog ends, so does the interface 945 component. 947 However, there are some cases where the application would like to 948 terminate the user interface component before its natural termination 949 point. For presentation capable user interfaces, this is not 950 possible. For presentation free user interfaces, the application MAY 951 terminate the component by sending a SUBSCRIBE with Expires equal to 952 zero. This terminates the subscription, which removes the UI 953 component. 955 A client can remove a UI component at any time. For presentation 956 capable UI, this is analagous to the user dismissing the web form 957 window. There is no mechanism provided for reporting this kind of 958 event to the application. The application MUST be prepared to time 959 out, and never receive input from a user. For presentation free user 960 interfaces, the UA can explicitly terminate the subscription. This 961 will result in the generation of a NOTIFY with a Subscription-State 962 header field equal to "terminated". 964 7.2 Client Remote Interfaces 966 As an alternative to, or in conjunction with client local user 967 interfaces, an application can make use of client remote user 968 interfaces. These user interfaces can execute co-resident with the 969 application itself (in which case no standardized interfaces between 970 the UI and the application need to be used), or it can run 971 separately. This framework assumes that the user interface runs on a 972 host that has a sufficient trust relationship with the application. 974 As such, the means for instantiating the user interface is not 975 considered here. 977 The primary issue is to connect the user device to the remote user 978 interface. Doing so requires the manipulation of media streams 979 between the client and the user interface. Such manipulation can 980 only be done by user agents. There are two types of user agent 981 applications within this framework - originating/terminating 982 applications, and intermediary applications. 984 7.2.1 Originating and Terminating Applications 986 Originating and terminating applications are applications which are 987 themselves the originator or the final recipient of a SIP invitation. 988 They are "pure" user agent applications - not back-to-back user 989 agents. The classic example of such an application is an interactive 990 voice response (IVR) application, which is typically a terminating 991 application. It is a terminating application because the user 992 explicitly calls it; i.e., it is the actual called party. An example 993 of an originating application is a wakeup call application, which 994 calls a user at a specified time in order to wake them up. 996 Because originating and terminating applications are a natural 997 termination point of the dialog, manipulation of the media session by 998 the application is trivial. Traditional SIP techniques for adding 999 and removing media streams, modifying codecs, and changing the 1000 address of the recipient of the media streams, can be applied. 1001 Similarly, the application can directly authenticate itself to the 1002 user through S/MIME, since it is the peer UA in the dialog. 1004 7.2.2 Intermediary Applications 1006 Intermediary applications are, at the same time, more common than 1007 originating/terminating applications, and more complex. Intermediary 1008 applications are applications that are neither the actual caller or 1009 called party. Rather, they represent a "third party" that wishes to 1010 interact with the user. The classic example is the ubiquitous 1011 pre-paid calling card application. 1013 In order for the intermediary application to add a client remote user 1014 interface, it needs to manipulate the media streams of the user agent 1015 to terminate on that user interface. This also introduces a 1016 fundamental feature interaction issue. Since the intermediary 1017 application is not an actual participant in the call, how does the 1018 user interact with the intermediary application, and its actual peer 1019 in the dialog, at the same time? This is discussed in more detail in 1020 Section 9. 1022 8. User Agent Behavior 1024 8.1 Advertising Capabilities 1026 In order to participate in applications that make use of stimulus 1027 interfaces, a user agent needs to advertise its interaction 1028 capabilities. 1030 If a user agent supports presentation capable user interfaces, it 1031 MUST support the REFER method, along with the "context" extension 1032 defined here. It MUST include, in all dialog initiating requests and 1033 responses, an Allow header field that includes the REFER method and 1034 and the Supported header field that includes the value 1035 "refer-context". Furthermore, the UA MUST support the SIP user agent 1036 capabilities specification [5]. The UA MUST be capable of being 1037 REFER'd to an HTTP URI. It MUST include, in the Contact header field 1038 of its dialog initiating requests and responses, a "schemes" Contact 1039 header field parameter include the http URI scheme. The UA MUST 1040 include, in all dialog initiating requests and responses, an Accept 1041 header field listing all of those markups supported by the UA. It is 1042 RECOMMENDED that all user agents that support presentation capable 1043 user interfaces support HTML. 1045 If a user agent supports presentation free user interfaces, it MUST 1046 support the SUBSCRIBE [3] method. It MUST support the KPML [7] event 1047 package. It MUST include, in all dialog initiating requests and 1048 responses, an Allow header field that includes the SUBSCRIBE method. 1049 It MUST include, in all dialog initiating requests and responses, an 1050 Allow-Events header field that lists the KPML event package. The UA 1051 MUST include, in all dialog initiating requests and responses, an 1052 Accept header field listing those event filters it supports. At a 1053 minimum, a UA MUST support the "application/kpml-request+xml" MIME 1054 type. 1056 For either presentation free or presentation capable user interfaces, 1057 the user agent MUST support the GRUU [8] specification. The Contact 1058 header field in all dialog initiating requests and responses MUST 1059 contain a GRUU. The UA MUST include a Supported header field which 1060 contains the "gruu" option tag. 1062 Because these headers are examined by proxies which may be executing 1063 applications, a UA that wishes to support client local user 1064 interfaces should not encrypt them. 1066 8.2 Receiving User Interface Components 1068 Once the UA has created a dialog (in either the early or confirmed 1069 states), it MUST be prepared to receive a SUBSCRIBE or REFER request 1070 against its GRUU. If the UA receives such a request prior to the 1071 establishment of a dialog, the UA MUST reject the request. 1073 A user agent SHOULD attempt to authenticate the sender of the 1074 request. The sender will generally be an application, and therefore 1075 the user agent is unlikely to ever have a shared secret with it, 1076 making digest authentication useless. However, authenticated 1077 identities can be obtained through other means, such as [10]. 1079 A user agent MAY have pre-defined authorization policies which permit 1080 applications which have authenticated themselves with a particular 1081 identity, to push user interface components. If such a set of 1082 policies are present, it is checked first. If the application is 1083 authorized, processing proceeds. 1085 If the application has authenticated itself, but it is not explicitly 1086 authorized or blocked, this specification RECOMMENDS that the 1087 application be automatically authorized if it can prove that it was 1088 either on the call path, or is trusted by one of the elements on the 1089 call path. An application proves this to the user agent by 1090 presenting it with the dialog identifiers in the SUBSCRIBE or REFER 1091 request. In the case of SUBSCRIBE, those identifiers are present in 1092 the Event header field [7]. In the case of REFER, those identifiers 1093 are present in the "context" parameter of the Refer-To header field. 1095 Because of the dialog identifiers serve as a tool for authorization, 1096 a user agent compliant to this framework SHOULD use dialog 1097 identifiers that are cryptographically random, with at least 128 bits 1098 of randomness. It is recommended that this randomness be split 1099 between the Call-ID and From header field tag in the case of a UAC. 1101 Furthermore, to ensure that only applications resident in or trusted 1102 by on-path elements can instantiate a user interface component, a 1103 user agent compliant to this specification SHOULD use the sips URI 1104 scheme for all dialogs it initiates. This will guarantee secure 1105 links between all of the elements on the signaling path. 1107 If the dialog was not established with a sips URI, or the user agent 1108 did not choose cryptographically random dialog identifiers, then the 1109 application MUST NOT automatically be authorized, even if it 1110 presented valid dialog identifiers. A user agent MAY apply any other 1111 policies in addition to (but not instead of) the ones specified here 1112 in order to authorize the creation of the user interface component. 1113 One such mechanism would be to prompt the user, informing them of the 1114 identity of the application and the dialog it is associated with. If 1115 an authorization policy requires user interaction, the user agent 1116 SHOULD respond to the SUBSCRIBE or REFER request with a 202. In the 1117 case of SUBSCRIBE, if authorization is not granted, the user agent 1118 SHOULD generate a NOTIFY to terminate the subscription. In the case 1119 of REFER, the user agent MUST NOT act upon the URI in the Refer-To 1120 header field until user authorization was obtained. 1122 If an application does not present a valid dialog identifier in its 1123 REFER or SUBSCRIBE request, the user agent MUST reject the request 1124 with a 403 response. 1126 If a REFER request to an HTTP URI was authorized, the UA executes the 1127 URI and fetches the content to be rendered to the user. This 1128 instantiates a presentation capable user interface component. If a 1129 SUBSCRIBE was authorized, a presentation free user interface 1130 component was instantiated. 1132 8.3 Mapping User Input to User Interface Components 1134 Once the user interface components are instantiated, the user agent 1135 must direct user input to the appropriate component. In the case of 1136 presentation capable user interfaces, this process is known as focus 1137 selection. It is done by means that are specific to the user 1138 interface on the device. In the case of a PC, for example, the 1139 window manager would allow the user to select the appropriate user 1140 interface component that their input is directed to. 1142 For presentation free user interfaces, the situation is more 1143 complicated. In some cases, the device may support a mechanism that 1144 allows the user to select a "line", and thus the associated dialog. 1145 Any user input on the keypad while this line is selected are fed to 1146 the user interface components associated with that dialog. 1148 Otherwise, for client local user interfaces, the user input is 1149 assumed to be associated with all user interface components. For 1150 client remote user interfaces, the user device converts the user 1151 input to media, typically conveyed using RFC 2833, and sends this to 1152 the client remote user interface. This user interface then needs to 1153 map user input from potentially many media streams into user 1154 interface events. The process for doing this is described in Section 1155 6.3. 1157 8.4 Receiving Updates to User Interface Components 1159 For presentation capable user interfaces, updates to the user 1160 interface occur in ways specific to that user interface component. 1161 In the case of HTML, for example, the document can tell the client to 1162 fetch a new document periodically. However, this framework does not 1163 provide any additional machinery to asynchronously push a new user 1164 interface component to the client. 1166 For presentation free user interfaces, an application can push an 1167 update to a component by sending a SUBSCRIBE refresh with a new 1168 filter. The user agent will process these according to the rules of 1169 the event package. 1171 8.5 Terminating a User Interface Component 1173 Termination of a presentation capable user interface component is a 1174 trivial procedure. The user agent merely dismisses the window (or 1175 equivalent). The fact that the component is dismissed is not 1176 communicated to the application. As such, it is purely a local 1177 matter. 1179 In the case of a presentation free user interface, if the user wishes 1180 to cease interacting with the application, it SHOULD generate a 1181 NOTIFY request with a Subscription-State equal to "terminated" and a 1182 reason of "rejected". This tells the application that the component 1183 has been removed, and that it should not attempt to re-subscribe. 1185 9. Inter-Application Feature Interaction 1187 The inter-application feature interaction problem is inherent to 1188 stimulus signaling. Whenever there are multiple applications, there 1189 are multiple user interfaces. When the user provides an input, to 1190 which user interface is the input destined? That question is the 1191 essence of the inter-application feature interaction problem. 1193 Inter-application feature interaction is not an easy problem to 1194 resolve. For now, we consider separately the issues for client-local 1195 and client-remote user interface components. 1197 9.1 Client Local UI 1199 When the user interface itself resides locally on the client device, 1200 the feature interaction problem is actually much simpler. The end 1201 device knows explicitly about each application, and therefore can 1202 present the user with each one separately. When the user provides 1203 input, the client device can determine to which user interface the 1204 input is destined. The user interface to which input is destined is 1205 referred to as the application in focus, and the means by which the 1206 focused application is selected is called focus determination. 1208 Generally speaking, focus determination is purely a local operation. 1209 In the PC universe, focus determination is provided by window 1210 managers. Each application does not know about focus, it merely 1211 receives the user input that has been targeted to it when its in 1212 focus. This basic concept applies to SIP-based applications as well. 1214 Focus determination will frequently be trivial, depending on the user 1215 interface type. Consider a user that makes a call from a PC. The 1216 call passes through a pre-paid calling card application, and a call 1217 recording application. Both of these wish to interact with the user. 1218 Both push an HTML-based user interface to the user. On the PC, each 1219 user interface would appear as a separate window. The user interacts 1220 with the call recording application by selecting its window, and with 1221 the pre-paid calling card application by selecting its window. Focus 1222 determination is literally provided by the PC window manager. It is 1223 clear to which application the user input is targeted. 1225 As another example, consider the same two applications, but on a 1226 "smart phone" that has a set of buttons, and next to each button, an 1227 LCD display that can provide the user with an option. This user 1228 interface can be represented using the Wireless Markup Language 1229 (WML). 1231 The phone would allocate some number of buttons to each application. 1232 The prepaid calling card would get one button for its "hangup" 1233 command, and the recording application would get one for its "start/ 1234 stop" command. The user can easily determine which application to 1235 interact with by pressing the appropriate button. Pressing a button 1236 determines focus and provides user input, both at the same time. 1238 Unfortunately, not all devices will have these advanced displays. A 1239 PSTN gateway, or a basic IP telephone, may only have a 12-key keypad. 1240 The user interfaces for these devices are provided through the Keypad 1241 Markup Language (KPML). Considering once again the feature 1242 interaction case above, the pre-paid calling card application and the 1243 call recording application would both pass a KPML document to the 1244 device. When the user presses a button on the keypad, to which 1245 document does the input apply? The user interface does not allow the 1246 user to select. A user interface where the user cannot provide focus 1247 is called a focusless user interface. This is quite a hard problem 1248 to solve. This framework does not make any explicit normative 1249 recommendation, but concludes that the best option is to send the 1250 input to both user interfaces unless the markup in one interface has 1251 indicated that it should be suppressed from others. This is a 1252 sensible choice by analogy - its exactly what the existing circuit 1253 switched telephone network will do. It is an explicit non-goal to 1254 provide a better mechanism for feature interaction resolution than 1255 the PSTN on devices which have the same user interface as they do on 1256 the PSTN. Devices with better displays, such as PCs or screen 1257 phones, can benefit from the capabilities of this framework, allowing 1258 the user to determine which application they are interacting with. 1260 Indeed, when a user provides input on a focusless device, the input 1261 must be passed to all client local user interfaces, AND all client 1262 remote user interfaces, unless the markup tells the UI to suppress 1263 the media. In the case of KPML, key events are passed to remote user 1264 interfaces by encoding them in RFC 2833 [17]. Of course, since a 1265 client cannot determine if a media stream terminates in a remote user 1266 interface or not, these key events are passed in all audio media 1267 streams unless the KPML request document is used to suppress. 1269 9.2 Client-Remote UI 1271 When the user interfaces run remotely, the determination of focus can 1272 be much, much harder. There are many architectures that can be 1273 deployed to handle the interaction. None are ideal. However, all 1274 are beyond the scope of this specification. 1276 10. Intra Application Feature Interaction 1278 An application can instantiate a multiplicity of user interface 1279 components. For example, a single application can instantiate two 1280 separate HTML components and one WML component. Furthermore, an 1281 application can instantiate both client local and client remote user 1282 interfaces. 1284 The feature interaction issues between these components within the 1285 same application are less severe. If an application has multiple 1286 client user interface components, their interaction is resolved 1287 identically to the inter-application case - through focus 1288 determination. However, the problems in focusless user interfaces 1289 (such as a keypad) generally won't exist, since the application can 1290 generate user interfaces which do not overlap in their usage of an 1291 input. 1293 The real issue is that the optimal user experience frequently 1294 requires some kind of coupling between the differing user interface 1295 components. This is a classic problem in multi-modal user 1296 interfaces, such as those described by Speech Application Language 1297 Tags (SALT). As an example, consider a user interface where a user 1298 can either press a labeled button to make a selection, or listen to a 1299 prompt, and speak the desired selection. Ideally, when the user 1300 presses the button, the prompt should cease immediately, since both 1301 of them were targeted at collecting the same information in parallel. 1302 Such interactions are best handled by markups which natively support 1303 such interactions, such as SALT, and thus require no explicit support 1304 from this framework. 1306 11. Example Call Flow 1308 This section shows the operation of a call recording application. 1309 This application allows a user to record the media in their call by 1310 clicking on a button in a web form. The application uses a 1311 presentation capable user interface component that is pushed to the 1312 caller. 1314 A Recording App B 1315 |(1) INVITE | | 1316 |----------------------->| | 1317 | |(2) INVITE | 1318 | |----------------------->| 1319 | |(3) 200 OK | 1320 | |<-----------------------| 1321 |(4) 200 OK | | 1322 |<-----------------------| | 1323 |(5) ACK | | 1324 |----------------------->| | 1325 | |(6) ACK | 1326 | |----------------------->| 1327 |(7) REFER | | 1328 |<-----------------------| | 1329 |(8) 200 OK | | 1330 |----------------------->| | 1331 |(9) NOTIFY | | 1332 |----------------------->| | 1333 |(10) 200 OK | | 1334 |<-----------------------| | 1335 |(11) HTTP GET | | 1336 |----------------------->| | 1337 |(12) 200 OK | | 1338 |<-----------------------| | 1339 |(13) NOTIFY | | 1340 |----------------------->| | 1341 |(14) 200 OK | | 1342 |<-----------------------| | 1343 |(15) HTTP POST | | 1344 |----------------------->| | 1345 |(16) 200 OK | | 1346 |<-----------------------| | 1348 Figure 8 1350 First, the caller, A, sends an INVITE to setup a call (message 1). 1351 Since the caller supports the framework, and can handle presentation 1352 capable user interface components, it includes the Supported header 1353 field indicating that the GRUU extension and the REFER context 1354 extension are understood, Allow indicating that REFER is understood, 1355 and a Contact header field that includes the "schemes" header field 1356 parameter. 1358 INVITE sips:B@example.com SIP/2.0 1359 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8 1360 From: Caller ;tag=kkaz- 1361 To: Callee 1362 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1363 CSeq: 1 INVITE 1364 Max-Forwards: 70 1365 Supported: gruu, refer-context 1366 Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER 1367 Contact: ;schemes="http,sip,sips" 1368 Content-Length: ... 1369 Content-Type: application/sdp 1371 --SDP not shown-- 1373 The proxy acts as a recording server, and forwards the INVITE to the 1374 called party (message 2): 1376 INVITE sips:B@pc.example.com SIP/2.0 1377 Record-Route: 1378 Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK97sh 1379 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8 1380 From: Caller ;tag=kkaz- 1381 To: Callee 1382 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1383 CSeq: 1 INVITE 1384 Max-Forwards: 69 1385 Supported: gruu, refer-context 1386 Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER 1387 Contact: ;schemes="http,sip,sips" 1388 Content-Length: ... 1389 Content-Type: application/sdp 1391 --SDP not shown-- 1393 B accepts the call with a 200 OK (message 3). It does not support 1394 the framework, and so the various header fields are not present. 1396 SIP/2.0 200 OK 1397 Record-Route: 1398 Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK97sh 1399 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8 1400 From: Caller ;tag=kkaz- 1401 To: Callee ;tag=7777 1402 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1403 CSeq: 1 INVITE 1404 Contact: 1405 Content-Length: ... 1406 Content-Type: application/sdp 1408 --SDP not shown-- 1410 This 200 OK is passed back to the caller (message 4): 1412 SIP/2.0 200 OK 1413 Record-Route: 1414 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8 1415 From: Caller ;tag=kkaz- 1416 To: Callee ;tag=7777 1417 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1418 CSeq: 1 INVITE 1419 Contact: 1420 Content-Length: ... 1421 Content-Type: application/sdp 1423 --SDP not shown-- 1425 The caller generates an ACK (message 5). 1427 ACK sips:B@pc.example.com 1428 Route: 1429 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz9 1430 From: Caller ;tag=kkaz- 1431 To: Callee ;tag=7777 1432 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1433 CSeq: 1 ACK 1435 The ACK is forwarded to the called party (message 6). 1437 ACK sips:B@pc.example.com 1438 Via: SIP/2.0/TLS app.example.com;branch=z9hG4bKh7s 1439 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz9 1440 From: Caller ;tag=kkaz- 1441 To: Callee ;tag=7777 1442 Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com 1443 CSeq: 1 ACK 1445 Now, the application decides to push a user interface component to 1446 user A. So, it sends it a REFER request (message 7): 1448 REFER sips:bad998asd8asd0000a@example.com SIP/2.0 1449 Refer-To: https://app.example.com/script.pl 1450 ;context="kkaz-,7777,faif9ahhs9dd8==-sd98ajzz@host.example.com" 1451 Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK9zh6 1452 Max-Forwards: 70 1453 From: Recorder Application ;tag=jhgf 1454 To: Caller 1455 Call-ID: 66676776767@app.example.com 1456 CSeq: 1 REFER 1457 Event: refer 1458 Contact: 1460 The REFER is answered by a 200 OK (message 8). 1462 SIP/2.0 200 OK 1463 Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK9zh6 1464 From: Recorder Application ;tag=jhgf 1465 To: Caller ;tag=pqoew 1466 Call-ID: 66676776767@app.example.com 1467 Supported: gruu, refer-context 1468 Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER 1469 Contact: ;schemes="http,sip,sips" 1470 CSeq: 1 REFER 1472 User A sends a NOTIFY (message 9): 1474 NOTIFY sips:app.example.com SIP/2.0 1475 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9320394238995 1476 To: Recorder Application ;tag=jhgf 1477 From: Caller ;tag=pqoew 1478 Call-ID: 66676776767@app.example.com 1479 CSeq: 1 NOTIFY 1480 Max-Forwards: 70 1481 Event: refer;id=93809824 1482 Subscription-State: active;expires=3600 1483 Contact: ;schemes="http,sip,sips" 1484 Content-Type: message/sipfrag;version=2.0 1485 Content-Length: 20 1486 SIP/2.0 100 Trying 1488 And the recording server responds with a 200 OK (message 10) 1490 SIP/2.0 200 OK 1491 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9320394238995 1492 To: Recorder Application ;tag=jhgf 1493 From: Caller ;tag=pqoew 1494 Call-ID: 66676776767@app.example.com 1495 CSeq: 1 NOTIFY 1497 The REFER request contained a "context" Refer-To header field 1498 parameter with a valid dialog identifier. Furthermore, all of the 1499 signaling was over TLS and the dialog identifiers contain sufficient 1500 randomness. As such, the caller, A, automatically authorizes the 1501 application. It then acts on the Refer-To URI, fetching the script 1502 from app.example.com (message 11). The response, message 12, 1503 contains a web application that the user can click on to enable 1504 recording. Because the client executed the URL in the Refer-To, it 1505 generates another NOTIFY to the application, informing it of the 1506 successful response (message 13). This is answered with a 200 OK 1507 (message 14). When the user clicks on the link (message 15), the 1508 results are posted to the server, and an updated display is provided 1509 (message 16). 1511 12. Security Considerations 1513 There are many security considerations associated with this 1514 framework. It allows applications in the network to instantiate user 1515 interface components on a client device. Such instantiations need to 1516 be from authenticated applications, and also need to be authorized to 1517 place a UI into the client. Indeed, the stronger requirement is 1518 authorization. It is not so important to know that name of the 1519 provider of the application, but rather, that the provider is 1520 authorized to instantiate components. 1522 This specification defines specific authorization techniques and 1523 requirements. Automatic authorization is granted if the application 1524 can prove that it is on the call path, or is trusted by an element on 1525 the call path. As documented above, this can be accompished by the 1526 use of cryptographically random dialog identifiers and the usage of 1527 sips for message confidentiality. It is RECOMMENDED that sips be 1528 implemented by user agents compliant to this specification. This 1529 does not represent a change from the requirements in RFC 3261. 1531 13. IANA Considerations 1533 13.1 SIP Option Tag 1535 This specification registers a new SIP option tag, as per the 1536 guidelines in Section 27.1 of RFC 3261 [1]. 1537 Name: refer-context 1538 Description: This option tag is used to identify the REFER extension 1539 that defines the "context" parameter of the Refer-To header field. 1541 13.2 Header Field Parameter 1543 This specification defines a new header field parameter, as per the 1544 registry created by [9]. The required information is as follows: 1545 Header field in which the parameter can appear: Refer-To 1546 Name of the Parameter context 1547 RFC Reference RFC XXXX [[NOTE TO IANA: Please replace XXXX with the 1548 RFC number of this specification.]] 1550 14. Contributors 1552 This document was produced as a result of discussions amongst the 1553 application interaction design team. All members of this team 1554 contributed significantly to the ideas embodied in this document. 1555 The members of this team were: 1557 Eric Burger 1558 Cullen Jennings 1559 Robert Fairlie-Cuninghame 1561 15. References 1563 15.1 Normative References 1565 [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., 1566 Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: 1567 Session Initiation Protocol", RFC 3261, June 2002. 1569 [2] Rosenberg, J. and H. Schulzrinne, "Reliability of Provisional 1570 Responses in Session Initiation Protocol (SIP)", RFC 3262, June 1571 2002. 1573 [3] Roach, A., "Session Initiation Protocol (SIP)-Specific Event 1574 Notification", RFC 3265, June 2002. 1576 [4] McGlashan, S., Lucas, B., Porter, B., Rehor, K., Burnett, D., 1577 Carter, J., Ferrans, J. and A. Hunt, "Voice Extensible Markup 1578 Language (VoiceXML) Version 2.0", W3C CR CR-voicexml20-20030220, 1579 February 2003. 1581 [5] Rosenberg, J., "Indicating User Agent Capabilities in the 1582 Session Initiation Protocol (SIP)", 1583 draft-ietf-sip-callee-caps-03 (work in progress), January 2004. 1585 [6] Sparks, R., "The Session Initiation Protocol (SIP) Refer 1586 Method", RFC 3515, April 2003. 1588 [7] Burger, E., "A Session Initiation Protocol (SIP) Event Package 1589 for Key Press Stimulus (KPML)", draft-ietf-sipping-kpml-03 1590 (work in progress), May 2004. 1592 [8] Rosenberg, J., "Obtaining and Using Globally Routable User Agent 1593 (UA) URIs (GRUU) in the Session Initiation Protocol (SIP)", 1594 draft-ietf-sip-gruu-01 (work in progress), February 2004. 1596 [9] Camarillo, G., "The Internet Assigned Number Authority (IANA) 1597 Header Field Parameter Registry for the Session Initiation 1598 Protocol (SIP)", draft-ietf-sip-parameter-registry-02 (work in 1599 progress), June 2004. 1601 15.2 Informative References 1603 [10] Peterson, J., "Enhancements for Authenticated Identity 1604 Management in the Session Initiation Protocol (SIP)", 1605 draft-ietf-sip-identity-02 (work in progress), May 2004. 1607 [11] Day, M., Rosenberg, J. and H. Sugano, "A Model for Presence and 1608 Instant Messaging", RFC 2778, February 2000. 1610 [12] Jennings, C., Peterson, J. and M. Watson, "Private Extensions 1611 to the Session Initiation Protocol (SIP) for Asserted Identity 1612 within Trusted Networks", RFC 3325, November 2002. 1614 [13] Rosenberg, J., "A Framework for Conferencing with the Session 1615 Initiation Protocol", 1616 draft-ietf-sipping-conferencing-framework-01 (work in 1617 progress), October 2003. 1619 [14] Rosenberg, J., Schulzrinne, H. and P. Kyzivat, "Caller 1620 Preferences for the Session Initiation Protocol (SIP)", 1621 draft-ietf-sip-callerprefs-10 (work in progress), October 2003. 1623 [15] Rosenberg, J. and H. Schulzrinne, "An INVITE Inititiated Dialog 1624 Event Package for the Session Initiation Protocol (SIP)", 1625 draft-ietf-sipping-dialog-package-04 (work in progress), 1626 February 2004. 1628 [16] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson, 1629 "RTP: A Transport Protocol for Real-Time Applications", RFC 1630 3550, July 2003. 1632 [17] Schulzrinne, H. and S. Petrack, "RTP Payload for DTMF Digits, 1633 Telephony Tones and Telephony Signals", RFC 2833, May 2000. 1635 [18] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with 1636 Session Description Protocol (SDP)", RFC 3264, June 2002. 1638 [19] Rosenberg, J., "A Session Initiation Protocol (SIP) Event 1639 Package for Registrations", RFC 3680, March 2004. 1641 Author's Address 1643 Jonathan Rosenberg 1644 dynamicsoft 1645 600 Lanidex Plaza 1646 Parsippany, NJ 07054 1647 US 1649 Phone: +1 973 952-5000 1650 EMail: jdrosen@dynamicsoft.com 1651 URI: http://www.jdrosen.net 1653 Intellectual Property Statement 1655 The IETF takes no position regarding the validity or scope of any 1656 Intellectual Property Rights or other rights that might be claimed to 1657 pertain to the implementation or use of the technology described in 1658 this document or the extent to which any license under such rights 1659 might or might not be available; nor does it represent that it has 1660 made any independent effort to identify any such rights. Information 1661 on the procedures with respect to rights in RFC documents can be 1662 found in BCP 78 and BCP 79. 1664 Copies of IPR disclosures made to the IETF Secretariat and any 1665 assurances of licenses to be made available, or the result of an 1666 attempt made to obtain a general license or permission for the use of 1667 such proprietary rights by implementers or users of this 1668 specification can be obtained from the IETF on-line IPR repository at 1669 http://www.ietf.org/ipr. 1671 The IETF invites any interested party to bring to its attention any 1672 copyrights, patents or patent applications, or other proprietary 1673 rights that may cover technology that may be required to implement 1674 this standard. Please address the information to the IETF at 1675 ietf-ipr@ietf.org. 1677 Disclaimer of Validity 1679 This document and the information contained herein are provided on an 1680 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1681 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 1682 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 1683 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 1684 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1685 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1687 Copyright Statement 1689 Copyright (C) The Internet Society (2004). This document is subject 1690 to the rights, licenses and restrictions contained in BCP 78, and 1691 except as set forth therein, the authors retain all their rights. 1693 Acknowledgment 1695 Funding for the RFC Editor function is currently provided by the 1696 Internet Society.