One document matched: draft-ietf-sipcore-rfc3265bis-00.xml


<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd"[
  <!ENTITY rfc2119 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml'>
  <!ENTITY rfc2434 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2434.xml'>
  <!ENTITY rfc2616 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2616.xml'>
  <!ENTITY rfc2779 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2779.xml'>
  <!ENTITY rfc2848 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2848.xml'>
  <!ENTITY rfc3261 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3261.xml'>
  <!ENTITY rfc3265 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3265.xml'>
  <!ENTITY rfc3515 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3515.xml'>
  <!ENTITY rfc3840 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3840.xml'>
  <!ENTITY rfc3903 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3903.xml'>
  <!ENTITY rfc4483 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4483.xml'>
  <!ENTITY rfc4485 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4485.xml'>
  <!ENTITY rfc4660 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4660.xml'>
  <!ENTITY rfc5057 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5057.xml'>
  <!ENTITY draft-ietf-sip-gruu PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.draft-ietf-sip-gruu-15.xml'>

]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc compact="yes" ?>
<?rfc sortrefs="no" ?>
<?rfc symrefs="yes" ?>

<rfc ipr="pre5378Trust200902">
  <front>
    <title>SIP-Specific Event Notification</title>

    <author fullname="Adam Roach" initials="A. B." surname="Roach">
      <organization>Tekelec</organization>

      <address>
        <postal>
          <street>17210 Campbell Rd.</street>
          <street>Suite 250</street>
          <city>Dallas</city>
          <region>TX</region>
          <code>75252</code>
          <country>US</country>
        </postal>
        <email>adam@nostrum.com</email>
      </address>
    </author>

    <date month="July" year="2009" />

    <area>Real Time Applications and Infrastructure</area>

    <abstract>
      <t>This document describes an extension to the Session Initiation
      Protocol (SIP). The purpose of this extension is to provide an
      extensible framework by which SIP nodes can request notification from
      remote nodes indicating that certain events have occurred.</t>

      <t>Note that the event notification mechanisms defined herein are NOT
      intended to be a general-purpose infrastructure for all classes of event
      subscription and notification.</t>
    </abstract>

  </front>

  <middle>
    <section title="Introduction">
      <t>The ability to request asynchronous notification of events proves
      useful in many types of SIP services for which cooperation between
      end-nodes is required. Examples of such services include automatic
      callback services (based on terminal state events), buddy lists (based
      on user presence events), message waiting indications (based on mailbox
      state change events), and PSTN and Internet Internetworking (PINT) <xref
      target="RFC2848"></xref> status (based on call state events).</t>

      <t>The methods described in this document provide a framework by which
      notification of these events can be ordered.</t>

      <t>The event notification mechanisms defined herein are NOT intended to
      be a general-purpose infrastructure for all classes of event
      subscription and notification. Meeting requirements for the general
      problem set of subscription and notification is far too complex for a
      single protocol. Our goal is to provide a SIP-specific framework for
      event notification which is not so complex as to be unusable for simple
      features, but which is still flexible enough to provide powerful
      services. Note, however, that event packages based on this framework may
      define arbitrarily elaborate rules which govern the subscription and
      notification for the events or classes of events they describe.</t>

      <t>This document does not describe an extension which may be used directly;
      it must be extended by other documents (herein referred to as "event
      packages"). In object-oriented design terminology, it may be thought of
      as an abstract base class which must be derived into an instantiatable
      class by further extensions. Guidelines for creating these extensions
      are described in <xref target="event-packages"></xref>.</t>

      <section title="Overview of Operation">
        <t>The general concept is that entities in the network can subscribe
        to resource or call state for various resources or calls in the
        network, and those entities (or entities acting on their behalf) can
        send notifications when those states change.</t>

        <t>A typical flow of messages would be:</t>

        <figure>
          <artwork><![CDATA[
Subscriber          Notifier
    |-----SUBSCRIBE---->|     Request state subscription
    |<-------200--------|     Acknowledge subscription
    |<------NOTIFY----- |     Return current state information
    |--------200------->|
    |<------NOTIFY----- |     Return current state information
    |--------200------->|
]]></artwork>
        </figure>

        <t>Subscriptions are expired and must be refreshed by subsequent
        SUBSCRIBE messages.</t>
      </section>

      <section title="Documentation Conventions">
        <t>There are several paragraphs throughout this document which provide
        motivational or clarifying text. Such passages are non-normative, and
        are provided only to assist with reader comprehension. These passages
        are set off from the remainder of the text by being indented thus:</t>

        <t><list style="hanging">
          <t>This is an example of non-normative explanatory text. It does not
          form part of the specification, and is used only for
          clarification.</t>
        </list></t>

	<t>The all-capital terms "MUST", "SHOULD", "MAY", "SHOULD NOT", 
        "MUST NOT", and "RECOMMENDED" are used as defined in 
        <xref target="RFC2119" />. In particular, implementors need to
        take careful note of the meaning of "SHOULD" defined in RFC 2119.
        To rephrase: violation of SHOULD-strength requirements requires
        careful analysis and clearly enumerable reasons.
        It is inappropriate to fail to comply with "SHOULD"-strength
        requirements whimsically or for ease of implementation.</t>

        <t>The use of quotation marks next to periods and commas follows the
        convention used by the American Mathematical Society; although
        contrary to traditional American English convention, this usage lends
        clarity to certain passages.</t>
      </section>
    </section>

    <section anchor="definitions" title="Definitions">
      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Event Package:">An event package is an additional
        specification which defines a set of state information to be reported
        by a notifier to a subscriber. Event packages also define further
        syntax and semantics based on the framework defined by this document
        required to convey such state information.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Event Template-Package:">An event template-package is a
        special kind of event package which defines a set of states which may
        be applied to all possible event packages, including itself.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Notification:">Notification is the act of a notifier
        sending a NOTIFY message to a subscriber to inform the subscriber of
        the state of a resource.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Notifier:">A notifier is a user agent which generates
        NOTIFY requests for the purpose of notifying subscribers of the state
        of a resource. Notifiers typically also accept SUBSCRIBE requests to
        create subscriptions.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Subscriber:">A subscriber is a user agent which receives
        NOTIFY requests from notifiers; these NOTIFY requests contain
        information about the state of a resource in which the subscriber is
        interested. Subscribers typically also generate SUBSCRIBE requests and
        send them to notifiers to create subscriptions.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Subscription:">A subscription is a set of application
        state associated with a dialog. This application state includes a
        pointer to the associated dialog, the event package name, and possibly
        an identification token. Event packages will define additional
        subscription state information. By definition, subscriptions exist in
        both a subscriber and a notifier.</t>
      </list></t>

      <t><vspace /></t>
      <t><list style="hanging">
        <t hangText="Subscription Migration:">Subscription migration is the
        act of moving a subscription from one notifier to another
        notifier.</t>
      </list></t>
    </section>

    <section anchor="methods" title="SIP Methods for Event Notification">
      <section anchor="subscribe" title="SUBSCRIBE">
        <t>The SUBSCRIBE method is used to request current state and state
        updates from a remote node. 
        SUBSCRIBE is a target refresh request, as that term is defined in SIP
        <xref target="RFC3261"/>.
        </t>
        <section anchor="duration" title="Subscription Duration">
          <t>SUBSCRIBE requests SHOULD contain an "Expires" header field (defined in
          SIP <xref target="RFC3261" />). This expires value indicates the
          duration of the subscription. In order to keep subscriptions
          effective beyond the duration communicated in the "Expires" header field,
          subscribers need to refresh subscriptions on a periodic basis using
          a new SUBSCRIBE message on the same dialog as defined in SIP <xref
          target="RFC3261" />.</t>

          <t>If no "Expires" header field is present in a SUBSCRIBE request, the
          implied default is defined by the event package being used.</t>

          <t>200-class responses to SUBSCRIBE requests also MUST contain an
          "Expires" header field. The period of time in the response MAY be shorter
          but MUST NOT be longer than specified in the request. The notifier
          is explicitly allowed to shorten the duration to zero.
          The period of time in the response is the one which defines the duration
          of the subscription.</t>

          <t>An "expires" parameter on the "Contact" header field has no semantics
          for SUBSCRIBE and is explicitly not equivalent to an "Expires"
          header field in a SUBSCRIBE request or response.</t>

          <t>A natural consequence of this scheme is that a SUBSCRIBE with an
          "Expires" of 0 constitutes a request to unsubscribe from an
          event.</t>

          <t><list style="hanging">
            <t>In addition to being a request to unsubscribe, a SUBSCRIBE
            message with "Expires" of 0 also causes a fetch of state; see
            <xref target="polling-state" />.</t>
          </list></t>

          <t>Notifiers may also wish to cancel subscriptions to events; this
          is useful, for example, when the resource to which a subscription
          refers is no longer available. Further details on this mechanism are
          discussed in <xref target="notifier-notifies" />.</t>
        </section>

        <section anchor="event-identification"
                 title="Identification of Subscribed Events and Event Classes">
          <t>Identification of events is provided by three pieces of
          information: Request URI, Event Type, and (optionally) message
          body.</t>

          <t>The Request URI of a SUBSCRIBE request, most importantly,
          contains enough information to route the request to the appropriate
          entity per the request routing procedures outlined in SIP <xref
          target="RFC3261"></xref>. It also contains enough information to
          identify the resource for which event notification is desired, but
          not necessarily enough information to uniquely identify the nature
          of the event (e.g., "sip:adam@example.com" would be an
          appropriate URI to subscribe to for my presence state; it would also
          be an appropriate URI to subscribe to the state of my voice
          mailbox).</t>

          <t>Subscribers MUST include exactly one "Event" header field in SUBSCRIBE
          requests, indicating to which event or class of events they are
          subscribing. The "Event" header field will contain a token which indicates
          the type of state for which a subscription is being requested. This
          token will be registered with the IANA and will correspond to an
          event package which further describes the semantics of the event or
          event class.</t>

          <t>If the event package to which the event token corresponds defines
          behavior associated with the body of its SUBSCRIBE requests, those
          semantics apply.</t>

          <t>Event packages may also define parameters for the Event header field;
          if they do so, they must define the semantics for such
          parameters.</t>
        </section>

        <section title="Additional SUBSCRIBE Header Values">
          <t>Because SUBSCRIBE requests create a dialog as defined in SIP
          <xref target="RFC3261"></xref>, they MAY contain an "Accept" header field.
          This header field, if present, indicates the body formats allowed in
          subsequent NOTIFY requests. Event packages MUST define the behavior
          for SUBSCRIBE requests without "Accept" header fields; usually, this will
          connote a single, default body type.</t>

          <t>Header values not described in this document are to be
          interpreted as described in SIP <xref target="RFC3261"></xref>.</t>
        </section>
      </section>

      <section anchor="notify" title="NOTIFY">
        <t>NOTIFY messages are sent to inform subscribers of changes in state
        to which the subscriber has a subscription. Subscriptions are
        typically put in place using the SUBSCRIBE method; however, it is
        possible that other means have been used.</t>

        <t>
        NOTIFY is a target refresh request, as that term is defined in SIP <xref target="RFC3261"/>.
        </t>

        <t>A NOTIFY does not terminate its corresponding subscription; in
        other words, a single SUBSCRIBE request may trigger several NOTIFY
        requests.</t>

        <section title="Identification of Reported Events, Event Classes, and Current State">
          <t>Identification of events being reported in a notification is very
          similar to that described for subscription to events (see <xref
          target="event-identification"></xref>).</t>

          <t>As in SUBSCRIBE requests, NOTIFY "Event" header fields will contain a
          single event package name for which a notification is being
          generated. The package name in the "Event" header field MUST match the
          "Event" header field in the corresponding SUBSCRIBE message.</t>

          <t>Event packages may define semantics associated with the body of
          their NOTIFY requests; if they do so, those semantics apply. NOTIFY
          bodies are expected to provide additional details about the nature
          of the event which has occurred and the resultant resource
          state.</t>

          <t>When present, the body of the NOTIFY request MUST be formatted
          into one of the body formats specified in the "Accept" header field of the
          corresponding SUBSCRIBE request. This body will contain either the
          state of the subscribed resource or a pointer to such state in the
          form of a URI (see <xref target="uri-use" />).</t>
        </section>
      </section>

    </section>
    
    <section anchor="node-behavior" title="Node Behavior">
      <section anchor="subscriber" title="Subscriber Behavior">

        <section title="Detecting Support for SIP Events">
          <t>The extension described in this document does not
          make use of the use of "Require" or
          "Proxy-Require" header fields; similarly, there is no token defined for
          "Supported" header fields. Potential subscribers may probe for the support
          of SIP Events using the OPTIONS request defined in
          SIP <xref target="RFC3261" />. </t>

          <t>The presence of "SUBSCRIBE" in the
          "Allow" header field of any request or response indicates
          support for SIP Events; further, in the absence of an "Allow"
          header field, the simple presence of an "Allow-Events" header field 
          is sufficient to indicate that the node that sent the message
          is capable of acting as a notifier (see <xref target="allow-events"/>.</t>

          <t><list style="hanging">
            <t>The "methods" parameter for Contact may also be used to
            specifically announce support for SUBSCRIBE and NOTIFY messages
            when registering. (See <xref target="RFC3840" /> for
            details on the "methods" parameter).</t>
          </list></t>
        </section>

        <section anchor="subscribing" title="Creating and Maintaining Subscriptions">
          <t>
            From the subscriber's perspective, a subscription proceeds
            according to the following state diagram:
          </t>

          <figure>
            <artwork><![CDATA[
                       +-------------+
                       |    init     |<-----------------------+
                       +-------------+                        |
                              |                           Retry-after
                        Send SUBSCRIBE                    expires
                              |                               |
                              V          Timer L Fires;       |
                       +-------------+   SUBSCRIBE failure    |
          +------------| notify_wait |-- response; --------+  |
          |            +-------------+   or NOTIFY,        |  |
          |                   |          state=terminated  |  |
          |                   |                            |  |
++========|===================|============================|==|====++
||        |                   |                            V  |    ||
||  Receive NOTIFY,    Receive NOTIFY,             +-------------+ ||
||  state=active       state=pending               | terminated  | ||
||        |                   |                    +-------------+ ||
||        |                   |                              A  A  ||
||        |                   V          Receive NOTIFY,     |  |  ||
||        |            +-------------+   state=terminated;   |  |  ||
||        |            |   pending   |-- or 481 response ----+  |  ||
||        |            +-------------+   to SUBSCRIBE           |  ||
||        |                   |          refresh                |  ||
||        |            Receive NOTIFY,                          |  ||
||        |            state=active                             |  ||
||        |                   |                                 |  ||
||        |                   V          Receive NOTIFY,        |  ||
||        |            +-------------+   state=terminated;      |  ||
||        +----------->|   active    |-- or 481 response -------+  ||
||                     +-------------+   to SUBSCRIBE              ||
||                                       refresh                   ||
|| Subscription                                                    ||
++=================================================================++
]]></artwork>
            </figure>
          <t>
            Any transition from "notify_wait" into a "pending" or
            "active" state results in a new subscription. Note
            that multiple subscriptions can be generated as the
            result of a single SUBSCRIBE request (see 
            <xref target="dialog-handling" />). Each of these
            new subscriptions exists in its own independent
            state machine.
          </t>

          <section anchor="request-sub" title="Requesting a Subscription">
            <t>SUBSCRIBE is a dialog-creating method, as described in SIP
            <xref target="RFC3261"></xref>.</t>

            <t>When a subscriber wishes to subscribe to a particular state for
            a resource, it forms a SUBSCRIBE message. If the initial SUBSCRIBE
            represents a request outside of a dialog (as it typically will),
            its construction follows the procedures outlined in SIP <xref
            target="RFC3261"></xref> for UAC request generation outside of a
            dialog.</t>

            <t>This SUBSCRIBE request will be confirmed with a final response.
            200-class responses indicate that the subscription has been
            accepted, and that a NOTIFY will be sent immediately. A 200
            response indicates that the subscription has been accepted and
            that the user is authorized to subscribe to the requested
            resource. A 202 response merely indicates that the subscription
            has been understood, and that authorization may or may not have
            been granted.</t>

            <t>The "Expires" header field in a 200-class response to SUBSCRIBE
            indicates the actual duration for which the subscription will
            remain active (unless refreshed).</t>

            <t>Non-200 class final responses indicate that no subscription or
            dialog has been created, and no subsequent NOTIFY message will be
            sent. All non-200 class responses (with the exception of "489",
            described herein) have the same meanings and handling as described
            in SIP <xref target="RFC3261"></xref>.</t>
          </section>

          <section title="Refreshing of Subscriptions">
            <t>At any time before a subscription expires, the subscriber may
            refresh the timer on such a subscription by sending another
            SUBSCRIBE request on the same dialog as the existing subscription.
            The handling for such a
            request is the same as for the initial creation of a subscription
            except as described below.</t>

            <t>If a SUBSCRIBE request to refresh a subscription receives a
            404, 405, 410, 416, 480-485, 489, 501, or 604 response, the
            subscriber should consider the subscription terminated.
            (See
            <xref target="RFC5057"/> for further details and notes about the 
            effect of error codes on dialogs and usages within dialog, 
            such as subscriptions).
            If the subscriber wishes to re-subscribe to
            the state, he does so by composing an unrelated initial SUBSCRIBE
            request with a freshly-generated Call-ID and a new, unique "From"
            tag (see <xref target="request-sub" />.)</t>

            <t>If a SUBSCRIBE request to refresh a subscription fails with 
            any error code other than those listed above, the original
            subscription is still considered
            valid for the duration of the most recently known "Expires" value
            as negotiated by SUBSCRIBE and its response, or as communicated by
            NOTIFY in the "Subscription-State" header field "expires" parameter.</t>

            <t><list style="hanging">
              <t>Note that many such errors indicate that there may be a
              problem with the network or the notifier such that no further
              NOTIFY messages will be received.</t>
            </list></t>
          </section>

          <section anchor="unsubscribing" title="Unsubscribing">
            <t>Unsubscribing is handled in the same way as refreshing of a
            subscription, with the "Expires" header field set to "0". Note that a
            successful unsubscription will also trigger a final NOTIFY
            message.</t>
            <t>
              The final NOTIFY may or may not contain information about the
              state of the resource; subscribers need to be prepared to
              receive final NOTIFY messages both with and without state.
            </t>
          </section>

          <section anchor="subscription-confirmation" title="Confirmation of Subscription Creation">
            <t>The subscriber can expect to receive a NOTIFY message from each
            node which has processed a successful subscription or subscription
            refresh. To ensure that subscribers do not wait indefinitely
            for a subscription to be established, a subscriber starts a
            Timer L, set to 64*T1. If this Timer L expires prior to the
            receipt of a NOTIFY message, the subscriber considers the
            subscription failed, and cleans up any state associated with
            the subscription attempt.</t>

            <t>
              Until Timer L expires, several NOTIFY messages may arrive
              from different destinations (see <xref target="dialog-handling" />).
              Each of these messages establish a new dialog and a new
              subscription. After the expiration of Timer L, the subscriber
              SHOULD reject any such NOTIFY messages that would otherwise
              establish a new dialog with a "481" response code.
            </t>

            <t>Until the first NOTIFY message arrives, the subscriber
            should consider the state of the subscribed resource to be in a
            neutral state. Documents which define new event packages MUST
            define this "neutral state" in such a way that makes sense for
            their application (see <xref target="template-notifier-notifies"></xref>).</t>

            <t>Due to the potential for both out-of-order messages and
            forking, the subscriber MUST be prepared to receive NOTIFY
            messages before the SUBSCRIBE transaction has completed.</t>

            <t>Except as noted above, processing of this NOTIFY is the same as
            in <xref target="subscriber-notifies"></xref>.</t>
          </section>
        </section>

        <section anchor="subscriber-notifies" 
                 title="Receiving and Processing State Information">
          <t>
            Subscribers receive information about the state of a resource
            to which they have subscribed in the form of NOTIFY requests.
          </t>
          <t>Upon receiving a NOTIFY request, the subscriber should check that
          it matches at least one of its outstanding subscriptions; if not, it
          MUST return a "481 Subscription does not exist" response unless
          another 400- or 500-class response is more appropriate. The rules
          for matching NOTIFY requests with subscriptions that create a new
          dialog are described in 
          <xref target="dialog-handling" />.
          Notifications for
          subscriptions which were created inside an existing dialog match if
          they are in the same dialog and the "Event" header fields match (as
          described in <xref target="event-header field" />).</t>

          <t>If, for some reason, the event package designated in the "Event"
          header field of the NOTIFY request is not supported, the subscriber will
          respond with a "489 Bad Event" response.</t>

          <t>To prevent spoofing of events, NOTIFY requests SHOULD be
          authenticated, using any defined SIP authentication mechanism.</t>

          <t>NOTIFY requests MUST contain "Subscription-State" header fields which
          indicate the status of the subscription.</t>

          <t>If the "Subscription-State" header field value is "active", it means
          that the subscription has been accepted and (in general) has been
          authorized. If the header field also contains an "expires" parameter, the
          subscriber SHOULD take it as the authoritative subscription duration
          and adjust accordingly. The "retry-after" and "reason" parameters
          have no semantics for "active".</t>

          <t>If the "Subscription-State" value is "pending", the subscription
          has been received by the notifier, but there is insufficient policy
          information to grant or deny the subscription yet. If the header field
          also contains an "expires" parameter, the subscriber SHOULD take it
          as the authoritative subscription duration and adjust accordingly.
          No further action is necessary on the part of the subscriber. The
          "retry-after" and "reason" parameters have no semantics for
          "pending".</t>

          <t>If the "Subscription-State" value is "terminated", the subscriber
          should consider the subscription terminated. The "expires" parameter
          has no semantics for "terminated" -- notifiers SHOULD NOT include
          an "expires" parameter on a "Subscription-State" header field with a
          value of "terminated," and subscribers MUST ignore any such parameter,
          if present. If a reason code is present, the
          client should behave as described below. If no reason code or an
          unknown reason code is present, the client MAY attempt to
          re-subscribe at any time (unless a "retry-after" parameter is
          present, in which case the client SHOULD NOT attempt re-subscription
          until after the number of seconds specified by the "retry-after"
          parameter). The reason codes defined by this document are:</t>

           <t></t>
          <t><list style="hanging">
            <t hangText="deactivated:">The subscription has been terminated,
            but the subscriber SHOULD retry immediately with a new subscription.
            One primary use of such a status code is to allow migration of
            subscriptions between nodes. The "retry-after" parameter has no
            semantics for "deactivated".</t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="probation:">The subscription has been terminated, but
            the client SHOULD retry at some later time. If a "retry-after"
            parameter is also present, the client SHOULD wait at least the
            number of seconds specified by that parameter before attempting to
            re-subscribe.</t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="rejected:">The subscription has been terminated due
            to change in authorization policy. Clients SHOULD NOT attempt to
            re-subscribe. The "retry-after" parameter has no semantics for
            "rejected".</t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="timeout:">The subscription has been terminated
            because it was not refreshed before it expired. Clients MAY
            re-subscribe immediately. The "retry-after" parameter has no
            semantics for "timeout". This reason code is also associated
            with polling of resource state, as detailed in <xref target="polling-state"/></t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="giveup:">The subscription has been terminated because
            the notifier could not obtain authorization in a timely fashion.
            If a "retry-after" parameter is also present, the client SHOULD
            wait at least the number of seconds specified by that parameter
            before attempting to re-subscribe; otherwise, the client MAY retry
            immediately, but will likely get put back into pending state.</t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="noresource:">The subscription has been terminated
            because the resource state which was being monitored no longer
            exists. Clients SHOULD NOT attempt to re-subscribe. The
            "retry-after" parameter has no semantics for "noresource".</t>
          </list></t>

           <t></t>
          <t><list style="hanging">
            <t hangText="invariant:">The subscription has been terminated
            because the resource state is guaranteed not to change for
            the foreseeable future. This may be the case, for example, when
            subscribing to the location information of a fixed-location
            land-line telephone. When using this reason code, notifiers
            are advised to include a 
            "retry-after" parameter with a large value (for example, 
            31536000 -- or one year) to prevent older, RFC 3265-compliant
            clients from periodically resubscribing. Clients SHOULD NOT
            attempt to resubscribe after receiving a reason code of "invariant,"
            regardless of the presence of or value of a "retry-after" parameter.
            </t>
          </list></t>

          <t>
            Other specifications may define new reason codes for use with
            the "Subscription-State" header field.
         </t>

          <t>Once the notification is deemed acceptable to the subscriber, the
          subscriber SHOULD return a 200 response. In general, it is not
          expected that NOTIFY responses will contain bodies; however, they
          MAY, if the NOTIFY request contained an "Accept" header field.</t>

          <t>Other responses defined in SIP <xref target="RFC3261" /> may also
          be returned, as appropriate. In no case should a NOTIFY transaction
          extend for any longer than the time necessary for automated
          processing. In particular, subscribers MUST NOT wait for a user
          response before returning a final response to a NOTIFY request.</t>
        </section>

        <section title="Forking of SUBSCRIBE Messages">
          <t>In accordance with the rules for proxying non-INVITE requests as
          defined in SIP <xref target="RFC3261"></xref>, successful SUBSCRIBE
          requests will receive only one 200-class response; however, due to
          forking, the subscription may have been accepted by multiple nodes.
          The subscriber MUST therefore be prepared to receive NOTIFY requests
          with "From:" tags which differ from the "To:" tag received in the
          SUBSCRIBE 200-class response.</t>

          <t>If multiple NOTIFY messages are received in different dialogs
          in response to a single
          SUBSCRIBE message, each dialog represents a different destination
          to which
          the SUBSCRIBE request was forked. Subscriber
          handling in such situations varies by event package; 
          see <xref target="forking"/> for details.</t>
        </section>
      </section>

      <section anchor="notifier" title="Notifier Behavior">

        <section anchor="notifier-subscribe"
                 title="Subscription Establishment and Maintenance">
          <t>
            Notifiers learn about subscription requests by receiving
            SUBSCRIBE requests from interested parties.
            Notifiers MUST NOT create subscriptions except upon receipt
            of a SUBSCRIBE message. However, for historical reasons,
            the implicit creation of subscriptions as defined in
            <xref target="RFC3515"/> is still permitted.
          </t>
          <t><list style="hanging">
            <t><xref target="RFC3265"/> allowed the creation of subscriptions
            using means other than SUBSCRIBE. The only standardized use
            of this mechanism is the REFER method <xref target="RFC3515"/>.
            Implementation experience with REFER has shown that the implicit
            creation of a subscription has a number of undesirable effects,
            such as the inability to signal the success of a REFER while
            signaling a problem with the subscription; and difficulty
            performing one action without the other. Additionally, the
            proper exchange of dialog identifiers is difficult without
            dialog re-use (which has its own set of problems; see
            <xref target="device-targeting"/>).  </t>
          </list></t>

          <section anchor="notifier-initial-subscribe"
                   title="Initial SUBSCRIBE Transaction Processing">
            <t>In no case should a SUBSCRIBE transaction extend for any longer
            than the time necessary for automated processing. In particular,
            notifiers MUST NOT wait for a user response before returning a
            final response to a SUBSCRIBE request.</t>

            <t><list style="hanging">
              <t>This requirement is imposed primarily to prevent the
              non-INVITE transaction timeout timer F (see <xref
              target="RFC3261" />) from firing during the SUBSCRIBE transaction,
              since interaction with a user would often exceed 64*T1
              seconds.</t>
            </list></t>

            <t>The notifier SHOULD check that the event package specified in
            the "Event" header field is understood. If not, the notifier SHOULD
            return a "489 Bad Event" response to indicate that the specified
            event/event class is not understood.</t>

            <t>The notifier SHOULD also perform any necessary authentication
            and authorization per its local policy. See <xref
            target="subscribe-auth" />.</t>

            <t>The notifier MAY also check that the duration in the "Expires"
            header field is not too small. If and only if the expiration interval is
            greater than zero AND smaller than one hour AND less than a
            notifier-configured minimum, the notifier MAY return a "423
            Interval Too Brief" error which contains a "Min-Expires" header field
            field. The "Min-Expires" header field is described in SIP <xref
            target="RFC3261" />.</t>

            <t>If the notifier is able to immediately determine that it
            understands the event package, that the authenticated subscriber
            is authorized to subscribe, and that there are no other barriers
            to creating the subscription, it creates the subscription and a
            dialog (if necessary), and returns a "200 OK" response (unless
            doing so would reveal authorization policy in an undesirable
            fashion; see <xref target="notifier-privacy" />).</t>

            <t>If the notifier cannot immediately create the subscription
            (e.g., it needs to wait for user input for authorization, or is
            acting for another node which is not currently reachable), or
            wishes to mask authorization policy, it will return a "202
            Accepted" response. This response indicates that the request has
            been received and understood, but does not necessarily imply that
            the subscription has been authorized yet.</t>

            <t>When a subscription is created in the notifier, it stores the
            event package name as part of the subscription information.</t>

            <t>The "Expires" values present in SUBSCRIBE 200-class responses
            behave in the same way as they do in REGISTER responses: the
            server MAY shorten the interval, but MUST NOT lengthen it.</t>

            <t><list style="hanging">
              <t>If the duration specified in a SUBSCRIBE message is
              unacceptably short, the notifier may be able to send a 423
              response, as described earlier in this section.</t>
            </list></t>

            <t>200-class responses to SUBSCRIBE requests will not generally
            contain any useful information beyond subscription duration; their
            primary purpose is to serve as a reliability mechanism. State
            information will be communicated via a subsequent NOTIFY request
            from the notifier.</t>

            <t>The other response codes defined in SIP <xref target="RFC3261" />
            may be used in response to SUBSCRIBE requests, as appropriate.</t>
          </section>

          <section title="Confirmation of Subscription Creation/Refreshing">
            <t>Upon successfully accepting or refreshing a subscription,
            notifiers MUST send a NOTIFY message immediately to communicate
            the current resource state to the subscriber. This NOTIFY message
            is sent on the same dialog as created by the SUBSCRIBE response.
            If the resource has no meaningful state at the time that the
            SUBSCRIBE message is processed, this NOTIFY message MAY contain an
            empty or neutral body. See <xref target="notifier-notifies"></xref> for
            further details on NOTIFY message generation.</t>

            <t>Note that a NOTIFY message is always sent immediately after any
            200-class response to a SUBSCRIBE request, regardless of whether
            the subscription has already been authorized.</t>
          </section>

          <section anchor="subscribe-auth"
                   title="Authentication/Authorization of SUBSCRIBE requests">
            <t>Privacy concerns may require that notifiers apply policy to
            determine whether a particular subscriber is authorized to
            subscribe to a certain set of events. Such policy may be defined
            by mechanisms such as access control lists or real-time
            interaction with a user. In general, authorization of subscribers
            prior to authentication is not particularly useful.</t>

            <t>SIP authentication mechanisms are discussed in SIP <xref
            target="RFC3261" />. Note that, even if the notifier node typically
            acts as a proxy, authentication for SUBSCRIBE requests will always
            be performed via a "401" response, not a "407;" notifiers always
            act as a user agents when accepting subscriptions and sending
            notifications.</t>

            <t><list style="hanging">
              <t>Of course, when acting as a proxy, a node will perform normal
              proxy authentication (using 407). The foregoing explanation is a
              reminder that notifiers are always UAs, and as such perform UA
              authentication.</t>
            </list></t>

            <t>If authorization fails based on an access list or some other
            automated mechanism (i.e., it can be automatically authoritatively
            determined that the subscriber is not authorized to subscribe),
            the notifier SHOULD reply to the request with a "403 Forbidden" or
            "603 Decline" response, unless doing so might reveal information
            that should stay private; see <xref target="notifier-privacy" />.</t>

            <t>If the notifier owner is interactively queried to determine
            whether a subscription is allowed, a "202 Accept" response is
            returned immediately. Note that a NOTIFY message is still formed
            and sent under these circumstances, as described in the previous
            section.</t>

            <t>If subscription authorization was delayed and the notifier
            wishes to convey that such authorization has been declined, it may
            do so by sending a NOTIFY message containing a
            "Subscription-State" header field with a value of "terminated" and a
            reason parameter of "rejected".</t>
          </section>

          <section anchor="notifier-refresh" title="Refreshing of Subscriptions">
            <t>When a notifier receives a subscription refresh, assuming that
            the subscriber is still authorized, the notifier updates the
            expiration time for subscription. As with the initial
            subscription, the server MAY shorten the amount of time until
            expiration, but MUST NOT increase it. The final expiration time is
            placed in the "Expires" header field in the response. If the duration
            specified in a SUBSCRIBE message is unacceptably short, the
            notifier SHOULD respond with a "423 Interval Too Brief"
            message.</t>

            <t>If no refresh for a notification address is received before its
            expiration time, the subscription is removed. When removing a
            subscription, the notifier SHOULD send a NOTIFY message with a
            "Subscription-State" value of "terminated" to inform it that the
            subscription is being removed. If such a message is sent, the
            "Subscription-State" header field SHOULD contain a "reason=timeout"
            parameter.</t>

            <t>
              Clients can cause a subscription to be terminated immediately
              by sending a SUBSCRIBE with an "Expires" header field
              set to '0'. Notifiers largely treat this the same way
              as any other subscription expiration: they send a NOTIFY message
              containing a "Subscription-State" of "terminated", with a reason code
              of "timeout." For consistency with state polling (see 
              <xref target="polling-state"/>) and subscription refreshes,
              the notifier may choose to
              include resource state in this final NOTIFY. However, in some
              cases, including such state makes no sense. Under such circumstances,
              the notifier may choose to omit state information from the
              terminal NOTIFY message.
            </t>
            <t><list style="hanging">
              <t>The sending of a NOTIFY when a subscription expires allows
              the corresponding dialog to be terminated, if appropriate.</t>
            </list></t>
          </section>
        </section>

        <section anchor="notifier-notifies" 
                 title="Sending State Information to Subscribers">
          <t>
            Notifiers use the NOTIFY method to send information about
            the state of a resource to subscribers. The notifier's view
            of a subscription is shown in the following state diagram:
          </t>
          <figure>
            <artwork><![CDATA[
                      +-------------+
                      |    init     |
                      +-------------+
                             |
                       Receive SUBSCRIBE,
                       Send NOTIFY
                             |
                             V          NOTIFY failure,
                      +-------------+   subscription expires,
         +------------|  resp_wait  |-- or terminated ----+
         |            +-------------+   per local policy  |
         |                   |                            |
         |                   |                            |
         |                   |                            V
   Policy grants       Policy needed              +-------------+
   permission                |                    | terminated  |
         |                   |                    +-------------+
         |                   |                               A A
         |                   V          NOTIFY failure,      | |
         |            +-------------+   subscription expires,| |
         |            |   pending   |-- or terminated -------+ |
         |            +-------------+   per local policy       |
         |                   |                                 |
         |            Policy changed to                        |
         |            grant permission                         |
         |                   |                                 |
         |                   V          NOTIFY failure,        |
         |            +-------------+   subscription expires,  |
         +----------->|   active    |-- or terminated ---------+
                      +-------------+   per local policy
]]></artwork>
            </figure>

          <t>When a SUBSCRIBE request is answered with a 200-class response,
          the notifier MUST immediately construct and send a NOTIFY request to
          the subscriber. When a change in the subscribed state occurs, the
          notifier SHOULD immediately construct and send a NOTIFY request,
          subject to authorization, local policy, and throttling
          considerations.</t>

          <t>If the NOTIFY request fails due to expiration of SIP Timer F
          (transaction timeout), the notifier SHOULD remove the subscription.</t>

          <t><list style="hanging">
            <t>This behavior prevents unnecessary transmission of state
            information for subscribers who have crashed or disappeared from
            the network. Because such transmissions will be sent multiple
            times, per the retransmission algorithm defined in SIP <xref
            target="RFC3261" /> (instead of the typical single transmission for
            functioning clients), continuing to service them when no client is
            available to acknowledge them could place undue strain on a
            network. Upon client restart or reestablishment of a network
            connection, it is expected that clients will send SUBSCRIBE
            messages to refresh potentially stale state information; such
            messages will re-install subscriptions in all relevant nodes.</t>
          </list></t>

          <t>If the NOTIFY transaction fails due to the receipt of
          a 404, 405, 410, 416, 480-485, 489, 501, or 604 response to the NOTIFY, 
          the notifier MUST remove the corresponding subscription. 
          See
          <xref target="RFC5057"/> for further details and notes about the effect
          of error codes on dialogs and usages within dialog (such as subscriptions).
          </t>

          <t><list style="hanging">
            <t>A notify error response would generally indicate that something
            has gone wrong with the subscriber or with some proxy on the way
            to the subscriber. If the subscriber is in error, it makes the
            most sense to allow the subscriber to rectify the situation (by
            re-subscribing) once the error condition has been handled. If a
            proxy is in error, the periodic SUBSCRIBE refreshes will
            re-install subscription state once the network problem has been
            resolved.</t>
          </list></t>

          <t>NOTIFY requests MUST contain a "Subscription-State" header field with a
          value of "active", "pending", or "terminated". The "active" value
          indicates that the subscription has been accepted and has been
          authorized (in most cases; see <xref target="notifier-privacy" />). The
          "pending" value indicates that the subscription has been received,
          but that policy information is insufficient to accept or deny the
          subscription at this time. The "terminated" value indicates that the
          subscription is not active.</t>

          <t>If the value of the "Subscription-State" header field is "active" or
          "pending", the notifier MUST also include in the
          "Subscription-State" header field an "expires" parameter which indicates
          the time remaining on the subscription. The notifier MAY use this
          mechanism to shorten a subscription; however, this mechanism MUST
          NOT be used to lengthen a subscription.</t>

          <t><list style="hanging">
            <t>Including expiration information for active and pending
            subscriptions is necessary in case the SUBSCRIBE request forks, since
            the response to a forked SUBSCRIBE may not be received by the
            subscriber. <xref target="RFC3265"/> allowed the notifier some discretion in
            the inclusion of this parameter, so subscriber implementations
            are warned to handle the lack of an "expires" parameter gracefully.
            Note well that this "expires" value is a parameter on
            the "Subscription-State" header field, NOT an "Expires" header field.</t>
          </list></t>

          <t><list style="hanging"><t>
            The period of time for a subscription can
            be shortened to zero by the notifier. In other words,
            it is perfectly valid for a SUBSCRIBE with a non-zero expires 
            to be answered with a NOTIFY that contains "Subscription-Status: 
            terminated;reason=expired". This merely means that the notifier
            has shortened the subscription timeout to zero, and the subscription
            has expired instantaneously. The body may contain valid state, or 
            it may contain a neutral state (see <xref target="template-notifier-notifies"/>).
          </t></list></t>

          <t>If the value of the "Subscription-State" header field is "terminated",
          the notifier SHOULD also include a "reason" parameter. The notifier
          MAY also include a "retry-after" parameter, where appropriate. For
          details on the value and semantics of the "reason" and "retry-after"
          parameters, see <xref target="subscriber-notifies" />.</t>
        </section>

        <section title="PINT Compatibility">
          <t>The "Event" header field is considered mandatory for the purposes of
          this document. However, to maintain compatibility with PINT (see
          <xref target="RFC2848"></xref>), notifiers MAY interpret a SUBSCRIBE
          request with no "Event" header field as requesting a subscription to PINT
          events. If a notifier does not support PINT, it SHOULD return "489 Bad
          Event" to any SUBSCRIBE messages without an "Event" header field.</t>
        </section>
      </section>

      <section anchor="proxy" title="Proxy Behavior">
          <t>Proxies need no additional behavior beyond that described in SIP
          <xref target="RFC3261" /> to support SUBSCRIBE and NOTIFY. If a proxy wishes to
          see all of the SUBSCRIBE and NOTIFY requests for a given dialog, it
          MUST add a Record-Route header field to the initial SUBSCRIBE request
          and all NOTIFY requests.
          It MAY choose to include Record-Route in subsequent SUBSCRIBE messages;
          however, these requests cannot cause the dialog's route set to
          be modified.</t>
          <t><list style="hanging">
            <t>Note that subscribers and notifiers may elect to use S/MIME
            encryption of SUBSCRIBE and NOTIFY requests; consequently, proxies
            cannot rely on being able to access any information that is not
            explicitly required to be proxy-readable by SIP <xref
            target="RFC3261" />.</t>
          </list></t>
      </section>

      <section title="Common Behavior">
        <section anchor="dialog-handling" title="Dialog Creation and Termination">

          <t>
            Dialogs are created upon completion of a NOTIFY transaction for a new
            subscription, unless the NOTIFY contains a "Subscription-State"
            of "terminated."
          </t>

          <t>
          NOTIFY requests are matched to such SUBSCRIBE requests if they
          contain the same "Call-ID", a "To" header field "tag" parameter which
          matches the "From" header field "tag" parameter of the SUBSCRIBE, and the
          same "Event" header field. Rules for comparisons of the "Event"
          header fields are described in <xref target="event-header field" />.
          </t>

          <t>A subscription is destroyed after a notifier sends a NOTIFY
          request with a "Subscription-State" of "terminated." The subscriber
          will generally answer such final requests with a "200 OK" response (unless
          a condition warranting an alternate response has arisen). Except when
          the mechanism described in <xref target="dialog-reuse"/> is used,
          the destruction of a subscription results in the termination of
          its associated dialog.</t>

          <t><list style="hanging">
            <t>A subscriber may send a SUBSCRIBE request with an "Expires"
            header field of 0 in order to trigger the sending of such a NOTIFY
            request; however, for the purposes of subscription and dialog
            lifetime, the subscription is not considered terminated until the
            NOTIFY transaction with a "Subscription-State" of "terminated"
            completes.</t>
          </list></t>
        </section>

        <section anchor="migration" title="Notifier Migration">
          <t> It is often useful to allow migration of subscriptions between 
          notifiers. Such migration may be effected
          by sending a NOTIFY message with a "Subscription-State" header field of
          "terminated", and a reason parameter of "deactivated". This NOTIFY
          request is otherwise normal, and is formed as described in <xref
          target="notifier-notifies"/>.</t>

          <t>Upon receipt of this NOTIFY message, the subscriber SHOULD
          attempt to re-subscribe (as described in the preceding sections).
          Note that this subscription is established on a new dialog, and does
          not re-use the route set from the previous subscription dialog.</t>

          <t>The actual migration is effected by making a change to the policy
          (such as routing decisions) of one or more servers to which the
          SUBSCRIBE request will be sent in such a way that a different node
          ends up responding to the SUBSCRIBE request. This may be as simple
          as a change in the local policy in the notifier from which the
          subscription is migrating so that it serves as a proxy or redirect
          server instead of a notifier.</t>

          <t>Whether, when, and why to perform notifier migrations may be
          described in individual event packages; otherwise, such decisions
          are a matter of local notifier policy, and are left up to individual
          implementations.</t>
        </section>

        <section anchor="polling-state" title="Polling Resource State">
          <t>A natural consequence of the behavior described in the preceding
          sections is that an immediate fetch without a persistent
          subscription may be effected by sending a SUBSCRIBE with an
          "Expires" of 0.</t>

          <t>Of course, an immediate fetch while a subscription is active may
          be effected by sending a SUBSCRIBE with an "Expires" equal to the
          number of seconds remaining in the subscription.</t>

          <t>Upon receipt of this SUBSCRIBE request, the notifier (or
          notifiers, if the SUBSCRIBE request was forked) will send a NOTIFY
          request containing resource state in the same dialog.</t>

          <t>Note that the NOTIFY messages triggered by SUBSCRIBE messages
          with "Expires" header fields of 0 will contain a "Subscription-State"
          value of "terminated", and a "reason" parameter of "timeout".</t>

          <t>Polling of event state can cause significant increases in load on
          the network and notifiers; as such, it should be used only
          sparingly. In particular, polling SHOULD NOT be used in
          circumstances in which it will typically result in more network
          messages than long-running subscriptions.</t>

          <t>When polling is used, subscribers SHOULD attempt to cache
          authentication credentials between polls so as to reduce the number
          of messages sent.</t>
        </section>

        <section anchor="allow-events" title="Allow-Events header field usage">
          <t>The "Allow-Events" header field, if present, includes a list of tokens
          which indicates the event packages supported by a notifier.
          In other words, a
          user agent sending an "Allow-Events" header field is advertising that it can
          process SUBSCRIBE requests and generate NOTIFY requests for all of
          the event packages listed in that header field.</t>

          <t>Any user agent that can act as a notifier for one or more event packages
          SHOULD include
          an appropriate "Allow-Events" header field indicating all supported events
          in all methods which initiate dialogs and their responses (such as
          INVITE) and OPTIONS responses.</t>

          <t><list style="hanging">
            <t>This information is very useful, for example, in allowing user
            agents to render particular interface elements appropriately
            according to whether the events required to implement the features
            they represent are supported by the appropriate nodes.</t>
            <t>
              On the other hand, it doesn't necessarily make much sense
              to indicate supported events inside a NOTIFY-established
              dialog if the only event package supported is the
              one associated with that subscription.
            </t>
          </list></t>

          <t>Note that "Allow-Events" header fields MUST NOT be inserted by
          proxies.</t>
        </section>

      </section>

      <section anchor="device-targeting" title="Targeting Subscriptions at Devices">
        <t>
          <xref target="RFC3265"/> defined a mechanism by which subscriptions could share
          dialogs with invite usages and with other subscriptions. The
          purpose of this behavior was to allow subscribers to ensure
          that a subscription arrived at the same device as an established
          dialog. Unfortunately, the re-use of dialogs has proven to be
          exceedingly confusing. <xref target="RFC5057"/> attempted to
          clarify proper behavior in a variety of circumstances; however,
          the ensuing rules remain confusing and prone to implementation
          error. At the same time, the mechanism described in
          <xref target="I-D.ietf-sip-gruu"/> now provides a far more elegant
          and unambiguous means to achieve the same goal.  
        </t>
        <t>
          Consequently, the dialog re-use technique described in RFC 3265 is now deprecated.
        </t>
        <section anchor="gruu" title="Using GRUUs to Route to Devices">
          <t>
            Notifiers MUST implement the GRUU extension defined in
            <xref target="I-D.ietf-sip-gruu"/>, and MUST use a GRUU
            as their local target. This allows
            subscribers to explicitly target desired devices.
          </t>
          <t>
            If a subscriber wishes to subscribe to a resource on the same device
            as an established dialog, it should check whether the remote contact
            in that dialog is a GRUU (i.e., whether it contains a "gr" URI
            parameter). If so, the subscriber creates a new dialog, using
            the GRUU as the request URI for the new SUBSCRIBE.
          </t>
          <t><list style="hanging"><t>
            Because GRUUs are guaranteed to route to a a specific device,
            this ensures that the subscription will be routed to
            the same place as the established dialog.
          </t></list></t>
        </section>
        <section anchor="dialog-reuse" title="Sharing Dialogs">
          <t>
            For compatibility with older clients, subscriber and notifier
            implementations may choose to allow dialog sharing. The behavior
            of multiple usages within a dialog are described in 
            <xref target="RFC5057"/>.
          </t>
          <t>
            Subscribers MUST NOT attempt to re-use dialogs whose remote
            target is a GRUU.
          </t>
          <t><list style="hanging"><t>
            Note that the techniques described in this section are
            included for backwards compatibility purposes only.
            Because subscribers cannot re-use dialogs with a GRUU
            for their remote target, and because notifiers must
            use GRUUs as their local target, any two implementations
            that conform to this specification will automatically
            use the mechanism described in <xref target="gruu"/>.
          </t></list></t>
          <t>
            If a subscriber wishes to subscribe to a resource on the same
            device as an established dialog and the remote contact is not
            a GRUU, it MAY revert to dialog sharing behavior.
            Alternately, it MAY choose to
            treat the remote party as incapable of servicing the subscription
            (i.e., the same way it would behave if the remote party did
            not support SIP events at all).
          </t>
          <t>
            If a notifier receives a SUBSCRIBE request for a new subscription
            on an existing dialog, it MAY choose to implement dialog sharing
            behavior. Alternately, it may choose to fail the SUBSCRIBE
            request with a 403 response. The error text of such 403
            responses SHOULD indicate that dialog sharing is not supported.
          </t>
          <t>
            To implement dialog sharing, subscribers and notifiers perform
            the following additional processing:
          </t>

          <t><list style="symbols">
            <t>
            When subscriptions exist in dialogs associated with
            INVITE-created application state and/or other subscriptions,
            these sets of application state do not interact beyond the
            behavior described for a dialog (e.g., route set handling).
            In particular, multiple subscriptions within a dialog are expire
            independently, and require independent SUBSCRIBE refreshes.<vspace blankLines="1"/></t>

            <t>If a subscription's destruction leaves no other application state
            associated with the dialog, the dialog terminates. The destruction
            of other application state (such as that created by an INVITE) will
            not terminate the dialog if a subscription is still associated with
            that dialog. This means that, when dialog are re-used, then a dialog
            created with an INVITE does not necessarily terminate upon receipt
            of a BYE.  Similarly, in the case that several subscriptions are 
            associated with a single dialog, the dialog does not terminate 
            until all the subscriptions in it are destroyed.<vspace blankLines="1"/></t>

            <t>Subscribers MAY include an "id" parameter in SUBSCRIBE
            request "Event" header field to allow differentiation between multiple
            subscriptions in the same dialog.  This "id" parameter, if present, 
            contains an opaque token which identifies the specific subscription
            within a dialog. An "id" parameter is only valid within the scope of
            a single dialog.<vspace blankLines="1"/></t>

            <t> If an "id" parameter is present in the SUBSCRIBE message used
            to establish a subscription, that "id" parameter MUST also be present
            in all corresponding NOTIFY messages.<vspace blankLines="1"/></t>

            <t>When a subscriber refreshes a the subscription timer,
            the SUBSCRIBE MUST contain the same "Event" header field "id" parameter 
            as was present in the initial subscription. (Otherwise, the notifier
            will interpret the SUBSCRIBE message as a request for a new
            subscription in the same dialog).<vspace blankLines="1"/></t>

            <t>When a subscription is created in the notifier, it stores the
            any "Event" header field "id" parameter as part of the subscription
            information (along with the event package name).<vspace blankLines="1"/></t>

            <t>If an initial SUBSCRIBE is sent on a pre-existing dialog, a
            matching NOTIFY request merely creates a new subscription associated
            with that dialog.<vspace blankLines="1"/></t>
          </list></t>
        </section>
      </section>

      <section anchor="cancel" title="CANCEL Requests for SUBSCRIBE and NOTIFY">
        <t>Neither SUBSCRIBE nor NOTIFY messages can be canceled. If a 
        UAS receives a CANCEL request that matches a known SUBSCRIBE
        or NOTIFY transaction, it MUST respond to the CANCEL request,
        but otherwise ignore it. In particular, the CANCEL request
        MUST NOT affect processing of the SUBSCRIBE or NOTIFY request
        in any way.</t>
        <t>
          UACs SHOULD NOT send CANCEL requests for SUBSCRIBE or NOTIFY
          transactions.
        </t>
      </section>

    </section>

    <section anchor="event-packages" title="Event Packages">
      <t>This section covers several issues which should be taken into
      consideration when event packages based on SUBSCRIBE and NOTIFY are
      proposed. Event package definitions contain sections
      addressing each of these issues, ideally in the same order
      and with the same titles as the following sections.</t>

      <section title="Appropriateness of Usage">
        <t>When designing an event package using the methods described in this
        document for event notification, it is important to consider: is SIP an
        appropriate mechanism for the problem set? Is SIP being selected
        because of some unique feature provided by the protocol (e.g., user
        mobility), or merely because "it can be done?" If you find yourself
        defining event packages for notifications related to, for example,
        network management or the temperature inside your car's engine, you
        may want to reconsider your selection of protocols.</t>

        <t><list style="hanging">
          <t>Those interested in extending the mechanism defined in this
          document are urged to follow the development of "Guidelines for
          Authors of SIP Extensions" <xref target="RFC4485" /> for further
          guidance regarding appropriate uses of SIP.</t>
        </list></t>

        <t>Further, it is expected that this mechanism is not to be used in
        applications where the frequency of reportable events is excessively
        rapid (e.g., more than about once per second). A SIP network is
        generally going to be provisioned for a reasonable signaling volume;
        sending a notification every time a user's GPS position changes by one
        hundredth of a second could easily overload such a network.</t>
      </section>

      <section anchor="templates" title="Event Template-packages">
        <t>Normal event packages define a set of state applied to a specific
        type of resource, such as user presence, call state, and messaging
        mailbox state.</t>

        <t>Event template-packages are a special type of package which define
        a set of state applied to other packages, such as statistics, access
        policy, and subscriber lists. Event template-packages may even be
        applied to other event template-packages.</t>

        <t>To extend the object-oriented analogy made earlier, event
        template-packages can be thought of as templatized C++ packages which
        must be applied to other packages to be useful.</t>

        <t>The name of an event template-package as applied to a package is
        formed by appending a period followed by the event template-package
        name to the end of the package. For example, if a template-package
        called "winfo" were being applied to a package called "presence", the
        event token used in "Event" and "Allow-Events" would be
        "presence.winfo".</t>

        <t>Event template-packages must be defined so that they can be applied
        to any arbitrary package. In other words, event template-packages
        cannot be specifically tied to one or a few "parent" packages in such
        a way that they will not work with other packages.</t>
      </section>

      <section anchor="amount-of-state" title="Amount of State to be Conveyed">
        <t>When designing event packages, it is important to consider the type
        of information which will be conveyed during a notification.</t>

        <t>A natural temptation is to convey merely the event (e.g., "a new
        voice message just arrived") without accompanying state (e.g., "7 total
        voice messages"). This complicates implementation of subscribing
        entities (since they have to maintain complete state for the entity to
        which they have subscribed), and also is particularly susceptible to
        synchronization problems.</t>

        <t>There are two possible solutions to this problem that event
        packages may choose to implement.</t>

        <section title="Complete State Information">
          <t>For packages which typically convey state information that is
          reasonably small (on the order of 1 KB or so), it is suggested that
          event packages are designed so as to send complete state information
          when an event occurs.</t>

          <t>In some circumstances, conveying the current state alone may be
          insufficient for a particular class of events. In these cases, the
          event packages should include complete state information along with
          the event that occurred. For example, conveying "no customer service
          representatives available" may not be as useful as conveying "no
          customer service representatives available; representative
          sip:46@cs.xyz.int just logged off".</t>
        </section>

        <section title="State Deltas">
          <t>In the case that the state information to be conveyed is large,
          the event package may choose to detail a scheme by which NOTIFY
          messages contain state deltas instead of complete state.</t>

          <t>Such a scheme would work as follows: any NOTIFY sent in immediate
          response to a SUBSCRIBE contains full state information. NOTIFY
          messages sent because of a state change will contain only the state
          information that has changed; the subscriber will then merge this
          information into its current knowledge about the state of the
          resource.</t>

          <t>Any event package that supports delta changes to states MUST
          include a version number that increases by exactly one for each
          NOTIFY transaction in a subscription. Note that the state version number
          appears in the body of the message, not in a SIP header field.</t>

          <t>If a NOTIFY arrives that has a version number that is incremented
          by more than one, the subscriber knows that a state delta has been
          missed; it ignores the NOTIFY message containing the state delta
          (except for the version number, which it retains to detect message
          loss), and re-sends a SUBSCRIBE to force a NOTIFY containing a
          complete state snapshot.</t>
        </section>
      </section>

      <section anchor="packages" title="Event Package Responsibilities">
        <t>Event packages are not required to reiterate any of the behavior
        described in this document, although they may choose to do so for
        clarity or emphasis. In general, though, such packages are expected to
        describe only the behavior that extends or modifies the behavior
        described in this document.</t>

        <t>Note that any behavior designated with "SHOULD" or "MUST" in this
        document is not allowed to be weakened by extension documents;
        however, such documents may elect to strengthen "SHOULD" requirements
        to "MUST" strength if required by their application.</t>

        <t><list style="hanging">
          <t>In addition to the normal sections expected in standards-track
          RFCs and SIP extension documents, authors of event packages need to
          address each of the issues detailed in the following subsections,
          whenever applicable.</t>
        </list></t>

        <section title="Event Package Name">
          <t>This section, which MUST be present, defines the token name to be
          used to designate the event package. It MUST include the information
          which appears in the IANA registration of the token. For information
          on registering such types, see <xref target="iana-considerations" />.</t>
        </section>

        <section title="Event Package Parameters">
          <t>If parameters are to be used on the "Event" header field to modify the
          behavior of the event package, the syntax and semantics of such
          header fields MUST be clearly defined.</t>
        </section>

        <section title="SUBSCRIBE Bodies">
          <t>It is expected that most, but not all, event packages will define
          syntax and semantics for SUBSCRIBE method bodies; these bodies will
          typically modify, expand, filter, throttle, and/or set thresholds
          for the class of events being requested. Designers of event packages
          are strongly encouraged to re-use existing MIME types for message
          bodies where practical.</t>

          <t>This mandatory section of an event package defines what type or
          types of event bodies are expected in SUBSCRIBE requests (or specify
          that no event bodies are expected). It should point to detailed
          definitions of syntax and semantics for all referenced body
          types.</t>
        </section>

        <section title="Subscription Duration">
          <t>It is RECOMMENDED that event packages give a suggested range of
          times considered reasonable for the duration of a subscription. Such
          packages MUST also define a default "Expires" value to be used if
          none is specified.</t>
        </section>

        <section title="NOTIFY Bodies">
          <t>The NOTIFY body is used to report state on the resource being
          monitored. Each package MUST define what type or types of event
          bodies are expected in NOTIFY requests. Such packages MUST specify
          or cite detailed specifications for the syntax and semantics
          associated with such event body.</t>

          <t>Event packages also MUST define which MIME type is to be assumed
          if none are specified in the "Accept" header field of the SUBSCRIBE
          request.</t>
        </section>

        <section title="Notifier processing of SUBSCRIBE requests">
          <t>This section describes the processing to be performed by the
          notifier upon receipt of a SUBSCRIBE request. Such a section is
          required.</t>

          <t>Information in this section includes details of how to
          authenticate subscribers and authorization issues for the package.
          Such authorization issues may include, for example, whether all
          SUBSCRIBE requests for this package are answered with 202 responses
          (see <xref target="notifier-privacy" />).</t>
        </section>

        <section anchor="template-notifier-notifies" title="Notifier generation of NOTIFY requests">
          <t>This section of an event package describes the process by which
          the notifier generates and sends a NOTIFY request. This includes
          detailed information about what events cause a NOTIFY to be sent,
          how to compute the state information in the NOTIFY, how to generate
          neutral or fake state information to hide authorization delays and
          decisions from users, and whether state information is complete or
          deltas for notifications; see <xref target="amount-of-state" />. Such a section
          is required.</t>

          <t>This section may optionally describe the behavior used to process
          the subsequent response.</t>
        </section>

        <section title="Subscriber processing of NOTIFY requests">
          <t>This section of an event package describes the process followed
          by the subscriber upon receipt of a NOTIFY request, including any
          logic required to form a coherent resource state (if
          applicable).</t>
        </section>

        <section anchor="forking" title="Handling of forked requests">
          <t>Each event package MUST specify whether forked SUBSCRIBE requests
          are allowed to install multiple subscriptions.</t>

          <t>If such behavior is not allowed, the first potential
          dialog-establishing message will create a dialog. All subsequent
          NOTIFY messages which correspond to the SUBSCRIBE message (i.e.,
          match "To", "From", "From" header field "tag" parameter, "Call-ID",
          "Event", and "Event" header field "id" parameter) but which do not
          match the dialog would be rejected with a 481 response. Note that
          the 200-class response to the SUBSCRIBE can arrive after a matching
          NOTIFY has been received; such responses might not correlate to the
          same dialog established by the NOTIFY. Except as required to
          complete the SUBSCRIBE transaction, such non-matching 200-class
          responses are ignored.</t>

          <t>If installing of multiple subscriptions by way of a single forked
          SUBSCRIBE is allowed, the subscriber establishes a new dialog
          towards each notifier by returning a 200-class response to each
          NOTIFY. Each dialog is then handled as its own entity, and is
          refreshed independent of the other dialogs.</t>

          <t>In the case that multiple subscriptions are allowed, the event
          package MUST specify whether merging of the notifications to form a
          single state is required, and how such merging is to be performed.
          Note that it is possible that some event packages may be defined in
          such a way that each dialog is tied to a mutually exclusive state
          which is unaffected by the other dialogs; this MUST be clearly
          stated if it is the case.</t>
        </section>

        <section title="Rate of notifications">
          <t>Each event package is expected to define a requirement (SHOULD or
          MUST strength) which defines an absolute maximum on the rate at
          which notifications are allowed to be generated by a single
          notifier.</t>

          <t>Each package MAY further define a throttle mechanism which allows
          subscribers to further limit the rate of notification.</t>
        </section>

        <section anchor="aggregation" title="State Aggregation">
          <t>
            Many event packages inherently work by collecting information
            about a resource from a number of other sources -- either 
            through the use of PUBLISH <xref target="RFC3903"/>, by
            subscribing to state information, or through other state
            gathering mechanisms.
          </t>
          <t>Event packages that involve retrieval of state information
          for a single resource from more than one source need to
          consider how notifiers aggregate information into
          a single, coherent state.  Such packages MUST
          specify how notifiers aggregate information and how they
          provide authentication and authorization.</t>
        </section>

        <section title="Examples">
          <t>Event packages SHOULD include several demonstrative message flow
          diagrams paired with several typical, syntactically correct, and
          complete messages.</t>

          <t>It is RECOMMENDED that documents describing event packages
          clearly indicate that such examples are informative and not
          normative, with instructions that implementors refer to the main
          text of the document for exact protocol details.</t>
        </section>

        <section title="Use of URIs to Retrieve State" anchor="uri-use">
          <t>Some types of event packages may define state information which
          is potentially too large to reasonably send in a SIP message. To
          alleviate this problem, event packages may include the ability to
          convey a URI instead of state information; this URI will then be
          used to retrieve the actual state information.</t>

          <t><xref target="RFC4483"/> defines a mechanism that can be used
          by event packages to convey information in such a fashion.</t>
        </section>
      </section>
    </section>

    <section title="Security Considerations">
      <section title="Access Control">
        <t>The ability to accept subscriptions should be under the direct
        control of the notifier's user, since many types of events may be
        considered sensitive for the purposes of privacy. Similarly, the
        notifier should have the ability to selectively reject subscriptions
        based on the subscriber identity (based on access control lists),
        using standard SIP authentication mechanisms. The methods for creation
        and distribution of such access control lists is outside the scope of
        this document.</t>
      </section>

      <section anchor="notifier-privacy" title="Notifier Privacy Mechanism">
        <t>The mere act of returning a 200 or certain 4xx and 6xx responses to
        SUBSCRIBE requests may, under certain circumstances, create privacy
        concerns by revealing sensitive policy information. In these cases,
        the notifier SHOULD always return a 202 response. While the subsequent
        NOTIFY message may not convey true state, it MUST appear to contain a
        potentially correct piece of data from the point of view of the
        subscriber, indistinguishable from a valid response. Information about
        whether a user is authorized to subscribe to the requested state is
        never conveyed back to the original user under these
        circumstances.</t>

        <t>Individual packages and their related documents for which such a mode
        of operation makes sense can further describe how and why to generate
        such potentially correct data. For example, such a mode of operation
        is mandated by <xref target="RFC2779"></xref> for user presence
        information.</t>
      </section>

      <section title="Denial-of-Service attacks">
        <t>The current model (one SUBSCRIBE request triggers a SUBSCRIBE
        response and one or more NOTIFY requests) is a classic setup for an
        amplifier node to be used in a smurf attack.</t>

        <t>Also, the creation of state upon receipt of a SUBSCRIBE request can
        be used by attackers to consume resources on a victim's machine,
        rendering it unusable.</t>

        <t>To reduce the chances of such an attack, implementations of
        notifiers SHOULD require authentication. Authentication issues are
        discussed in SIP <xref target="RFC3261"></xref>.</t>
      </section>

      <section title="Replay Attacks">
        <t>Replaying of either SUBSCRIBE or NOTIFY can have detrimental
        effects.</t>

        <t>In the case of SUBSCRIBE messages, attackers may be able to install
        any arbitrary subscription which it witnessed being installed at some
        point in the past. Replaying of NOTIFY messages may be used to spoof
        old state information (although a good versioning mechanism in the
        body of the NOTIFY messages may help mitigate such an attack). Note
        that the prohibition on sending NOTIFY messages to nodes which have
        not subscribed to an event also aids in mitigating the effects of such
        an attack.</t>

        <t>To prevent such attacks, implementations SHOULD require
        authentication with anti-replay protection. Authentication issues are
        discussed in SIP <xref target="RFC3261"></xref>.</t>
      </section>

      <section title="Man-in-the middle attacks">
        <t>Even with authentication, man-in-the-middle attacks using SUBSCRIBE
        may be used to install arbitrary subscriptions, hijack existing
        subscriptions, terminate outstanding subscriptions, or modify the
        resource to which a subscription is being made. To prevent such
        attacks, implementations SHOULD provide integrity protection across
        "Contact", "Route", "Expires", "Event", and "To" header fields of SUBSCRIBE
        messages, at a minimum. If SUBSCRIBE bodies are used to define further
        information about the state of the call, they SHOULD be included in
        the integrity protection scheme.</t>

        <t>Man-in-the-middle attacks may also attempt to use NOTIFY messages
        to spoof arbitrary state information and/or terminate outstanding
        subscriptions. To prevent such attacks, implementations SHOULD provide
        integrity protection across the "Call-ID", "CSeq", and
        "Subscription-State" header fields and the bodies of NOTIFY messages.</t>

        <t>Integrity protection of message header fields and bodies is discussed in
        SIP <xref target="RFC3261"></xref>.</t>
      </section>

      <section title="Confidentiality">
        <t>The state information contained in a NOTIFY message has the
        potential to contain sensitive information. Implementations MAY
        encrypt such information to ensure confidentiality.</t>

        <t>While less likely, it is also possible that the information
        contained in a SUBSCRIBE message contains information that users might
        not want to have revealed. Implementations MAY encrypt such
        information to ensure confidentiality.</t>

        <t>To allow the remote party to hide information it considers
        sensitive, all implementations SHOULD be able to handle encrypted
        SUBSCRIBE and NOTIFY messages.</t>

        <t>The mechanisms for providing confidentiality are detailed in SIP
        <xref target="RFC3261"></xref>.</t>
      </section>
    </section>

    <section anchor="iana-considerations" title="IANA Considerations">
      <t>(This section is not applicable until this document is published as
      an RFC.)</t>

      <!-- ====================================================================== -->
      <section title="Event Packages">
      <t>This document defines an event-type namespace which requires a
      central coordinating body. The body chosen for this coordination is the
      Internet Assigned Numbers Authority (IANA).</t>

      <t>There are two different types of event-types: normal event packages,
      and event template-packages; see <xref target="templates"></xref>. To avoid
      confusion, template-package names and package names share the same
      namespace; in other words, an event template-package MUST NOT share a
      name with a package.</t>

      <t>Following the policies outlined in "Guidelines for Writing an IANA
      Considerations Section in RFCs" <xref target="RFC2434"></xref>, normal
      event package identification tokens are allocated as First Come First
      Served, and event template-package identification tokens are allocated
      on a IETF Consensus basis.</t>

      <t>Registrations with the IANA MUST include the token being registered
      and whether the token is a package or a template-package. Further,
      packages MUST include contact information for the party responsible for
      the registration and/or a published document which describes the event
      package. Event template-package token registrations MUST include a
      pointer to the published RFC which defines the event
      template-package.</t>

      <t>Registered tokens to designate packages and template-packages MUST
      NOT contain the character ".", which is used to separate
      template-packages from packages.</t>

      <section title="Registration Information">
        <t>As this document specifies no package or template-package names,
        the initial IANA registration for event types will be empty. The
        remainder of the text in this section gives an example of the type of
        information to be maintained by the IANA; it also demonstrates all
        five possible permutations of package type, contact, and
        reference.</t>

        <t>The table below lists the event packages and template-packages
        defined in "SIP-Specific Event Notification" [RFC xxxx]. Each name is
        designated as a package or a template-package under "Type".</t>

        <figure>
          <artwork><![CDATA[
Package Name      Type         Contact      Reference
------------      ----         -------      ---------
example1          package      [Roach]
example2          package      [Roach]      [RFC xxxx]
example3          package                   [RFC xxxx]
example4          template     [Roach]      [RFC xxxx]
example5          template                  [RFC xxxx]


PEOPLE
------
[Roach] Adam Roach <adam.roach@tekelec.com>

REFERENCES
----------
[RFC xxxx] A.B. Roach, "SIP-Specific Event Notification", RFC XXXX,
           Monthname 20XX

]]></artwork>
        </figure>
      </section>

      <section title="Registration Template">
        <figure>
          <artwork><![CDATA[
To: ietf-sip-events@iana.org
Subject: Registration of new SIP event package

Package Name:
]]></artwork>
        </figure>

        <t><list style="hanging">
          <t>(Package names must conform to the syntax described in <xref
          target="event-header field" />.)</t>
        </list></t>

        <figure>
          <artwork><![CDATA[
Is this registration for a Template Package:
]]></artwork>
        </figure>

        <t><list style="hanging">
          <t>(indicate yes or no)</t>
        </list></t>

        <figure>
          <artwork><![CDATA[
Published Specification(s):
]]></artwork>
        </figure>

        <t><list style="hanging">
          <t>(Template packages require a published RFC. Other packages may
          reference a specification when appropriate).</t>
        </list></t>

        <figure>
          <artwork><![CDATA[
Person & email address to contact for further information:
]]></artwork>
        </figure>
      </section>
      </section>

      <!-- ====================================================================== -->
      <section anchor="reason-codes" title="Reason Codes">
        <t>
          This document further defines "reason" codes for use in the "Subscription-State"
          header field (see <xref target="subscriber-notifies"/>).
        </t>
        <t>
          Following the policies outlined in "Guidelines for Writing an IANA
          Considerations Section in RFCs" <xref target="RFC2434"></xref>, new
          reason codes require a Standards Action.
        </t>
        <t>
          Registrations with the IANA include the reason code being registered
          and a reference to a published document which describes the event
          package. Insertion of such values takes place as part of the RFC
          publication process or as the result of inter-SDO liaison activity.
          New reason codes must conform to the syntax of the ABNF "token"
          element defined in SIP <xref target="RFC3261"/>.
        </t>
        <t>
          <xref target="RFC4660"/> defined a new reason code prior to the establishment
          of an IANA registry. We include its reason code ("badfilter") in the
          initial list of reason codes to ensure a complete registry.
        </t>
        <t>
          The IANA registry for reason code will be initialized with the following
          values:
        </t>
        <figure>
          <artwork><![CDATA[
Reason Code            Reference
-----------            ---------
deactivated            [RFC xxxx]
probation              [RFC xxxx]
rejected               [RFC xxxx]
timeout                [RFC xxxx]
giveup                 [RFC xxxx]
noresource             [RFC xxxx]
invariant              [RFC xxxx]
badfilter              [RFC 4660]

REFERENCES
----------
[RFC xxxx] A.B. Roach, "SIP-Specific Event Notification", RFC XXXX,
           Monthname 20XX

[RFC 4660] Khartabil, H., Leppanen, E., Lonnfors, M., and 
           J. Costa-Requena, "Functional Description of Event
           Notification Filtering", September 2006.
]]></artwork></figure>

      </section>

      <!-- ====================================================================== -->


      <section title="Header Field Names">
        <t>This document registers three new header field names, described
        elsewhere in this document. These header fields are defined by the following
        information, which is to be added to the header field sub-registry under
        http://www.iana.org/assignments/sip-parameters.</t>

        <figure>
          <artwork><![CDATA[
Header Name:   Allow-Events
Compact Form:  u

Header Name:   Subscription-State
Compact Form:  (none)

Header Name:   Event
Compact Form:  o
]]></artwork>
        </figure>
      </section>

      <section title="Response Codes">
        <t>This document registers two new response codes.
        These response codes are defined
        by the following information, which is to be added to the method and
        response-code sub-registry under
        http://www.iana.org/assignments/sip-parameters.</t>

        <figure>
          <artwork><![CDATA[
Response Code Number:   202
Default Reason Phrase:  Accepted

Response Code Number:   489
Default Reason Phrase:  Bad Event
]]></artwork>
        </figure>
      </section>
    </section>

    <section title="Syntax">
      <t>This section describes the syntax extensions required for event
      notification in SIP. Semantics are described in <xref
      target="node-behavior"></xref>. Note that the formal syntax definitions described
      in this document are expressed in the ABNF format used in SIP <xref
      target="RFC3261"></xref>, and contain references to elements defined
      therein.</t>

      <section anchor="new-methods" title="New Methods">
        <t>This document describes two new SIP methods: SUBSCRIBE and
        NOTIFY.</t>

        <t>This table expands on tables 2 and 3 in SIP <xref
        target="RFC3261"></xref>.</t>

        <figure>
          <artwork><![CDATA[
Header                    Where    SUB NOT
------                    -----    --- ---
Accept                      R       o   o
Accept                     2xx      -   -
Accept                     415      o   o
Accept-Encoding             R       o   o
Accept-Encoding            2xx      -   -
Accept-Encoding            415      o   o
Accept-Language             R       o   o
Accept-Language            2xx      -   -
Accept-Language            415      o   o
Alert-Info                  R       -   -
Alert-Info                 180      -   -
Allow                       R       o   o
Allow                      2xx      o   o
Allow                       r       o   o
Allow                      405      m   m
Authentication-Info        2xx      o   o
Authorization               R       o   o
Call-ID                     c       m   m
Contact                     R       m   m
Contact                    1xx      o   o
Contact                    2xx      m   o
Contact                    3xx      m   m
Contact                    485      o   o
Content-Disposition                 o   o
Content-Encoding                    o   o
Content-Language                    o   o
Content-Length                      t   t
Content-Type                        *   *
CSeq                        c       m   m
Date                                o   o
Error-Info               300-699    o   o
Expires                             o   -
Expires                    2xx      m   -
From                        c       m   m
In-Reply-To                 R       -   -
Max-Forwards                R       m   m
Min-Expires                423      m   -
MIME-Version                        o   o
Organization                        o   -
Priority                    R       o   -
Proxy-Authenticate         407      m   m
Proxy-Authorization         R       o   o
Proxy-Require               R       o   o
RAck                        R       -   -
Record-Route                R       o   o
Record-Route           2xx,401,484  o   o
Reply-To                            -   -
Require                             o   o
Retry-After        404,413,480,486  o   o
Retry-After              500,503    o   o
Retry-After              600,603    o   o
Route                       R       c   c
RSeq                       1xx      o   o
Server                      r       o   o
Subject                     R       -   -
Supported                   R       o   o
Supported                  2xx      o   o
Timestamp                           o   o
To                         c(1)     m   m
Unsupported                420      o   o
User-Agent                          o   o
Via                         c       m   m
Warning                     R       -   o
Warning                     r       o   o
WWW-Authenticate           401      m   m
]]></artwork>
        </figure>

        <section title="SUBSCRIBE method">
          <t>"SUBSCRIBE" is added to the definition of the element "Method" in
          the SIP message grammar.</t>

          <t>Like all SIP method names, the SUBSCRIBE method name is case
          sensitive. The SUBSCRIBE method is used to request asynchronous
          notification of an event or set of events at a later time.</t>
        </section>

        <section title="NOTIFY method">
          <t>"NOTIFY" is added to the definition of the element "Method" in
          the SIP message grammar.</t>

          <t>The NOTIFY method is used to notify a SIP node that an event
          which has been requested by an earlier SUBSCRIBE method has
          occurred. It may also provide further details about the event.</t>
        </section>
      </section>

      <section title="New Header Fields">
        <t>This table expands on tables 2 and 3 in SIP <xref
        target="RFC3261"></xref>, as amended by the changes described in <xref
        target="new-methods"></xref>.</t>

        <figure>
          <artwork><![CDATA[
Header field      where proxy ACK BYE CAN INV OPT REG PRA SUB NOT
-----------------------------------------------------------------
Allow-Events        R          o   o   -   o   o   o   o   o   o
Allow-Events       2xx         -   o   -   o   o   o   o   o   o
Allow-Events       489         -   -   -   -   -   -   -   m   m
Event               R          -   -   -   -   -   -   -   m   m
Subscription-State  R          -   -   -   -   -   -   -   -   m

]]></artwork>
        </figure>

        <section anchor="event-header field" title=""Event" Header Field">
          <t>Event is added to the definition of the element "message-header field"
          in the SIP message grammar.</t>

          <t>For the purposes of matching NOTIFY messages with
          SUBSCRIBE messages, the event-type portion of the "Event" header field is
          compared byte-by-byte, and the "id" parameter token (if present) is
          compared byte-by-byte. An "Event" header field containing an "id"
          parameter never matches an "Event" header field without an "id" parameter.
          No other parameters are considered when performing a comparison. SUBSCRIBE
          responses are matched per the transaction handling rules in SIP
          <xref target="RFC3261"/>.</t>

          <t><list style="hanging">
            <t>Note that the forgoing text means that "Event: foo; id=1234"
            would match "Event: foo; param=abcd; id=1234", but not "Event:
            foo" (id does not match) or "Event: Foo; id=1234" (event portion
            does not match).</t>
          </list></t>

          <t>This document does not define values for event-types. These
          values will be defined by individual event packages, and MUST be
          registered with the IANA.</t>

          <t>There MUST be exactly one event type listed per event header field.
          Multiple events per message are disallowed.</t>
        </section>

        <section title=""Allow-Events" Header Field">
          <t>Allow-Events is added to the definition of the element
          "general-header field" in the SIP message grammar. Its usage is described
          in <xref target="allow-events"></xref>.</t>
        </section>

        <section title=""Subscription-State" Header Field">
          <t>Subscription-State is added to the definition of the element
          "request-header field" in the SIP message grammar. Its usage is described
          in <xref target="subscriber-notifies"></xref>.</t>
        </section>
      </section>

      <section title="New Response Codes">
        <section title=""202 Accepted" Response Code">
          <t>The 202 response is added to the "Success" header field
          definition. "202 Accepted" has the same meaning as that defined in
          HTTP/1.1 <xref target="RFC2616"></xref>.</t>
        </section>

        <section title=""489 Bad Event" Response Code">
          <t>The 489 event response is added to the "Client-Error" header field
          field definition. "489 Bad Event" is used to indicate that the
          server did not understand the event package specified in a "Event"
          header field.</t>
        </section>
      </section>

      <section title="Augmented BNF Definitions">
        <t>The Augmented BNF definitions for the various new and modified
        syntax elements follows. The notation is as used in SIP <xref
        target="RFC3261"></xref>, and any elements not defined in this section
        are as defined in SIP and the documents to which it refers.</t>

        <figure>
          <artwork><![CDATA[
SUBSCRIBEm        = %x53.55.42.53.43.52.49.42.45 ; SUBSCRIBE in caps
NOTIFYm           = %x4E.4F.54.49.46.59 ; NOTIFY in caps
extension-method = SUBSCRIBEm / NOTIFYm / token

Event             =  ( "Event" / "o" ) HCOLON event-type
                     *( SEMI event-param )
event-type        =  event-package *( "." event-template )
event-package     =  token-nodot
event-template    =  token-nodot
token-nodot       =  1*( alphanum / "-"  / "!" / "%" / "*"
                         / "_" / "+" / "`" / "'" / "~" )

; The use of the "id" parameter is deprecated; it is included
; for backwards compatibility purposes only.
event-param      =  generic-param / ( "id" EQUAL token )

Allow-Events =  ( "Allow-Events" / "u" ) HCOLON event-type
                *(COMMA event-type)

Subscription-State   = "Subscription-State" HCOLON substate-value
                       *( SEMI subexp-params )
substate-value       = "active" / "pending" / "terminated"
                       / extension-substate
extension-substate   = token
subexp-params        =   ("reason" EQUAL event-reason-value)
                       / ("expires" EQUAL delta-seconds)
                       / ("retry-after" EQUAL delta-seconds)
                       / generic-param
event-reason-value   =   "deactivated"
                       / "probation"
                       / "rejected"
                       / "timeout"
                       / "giveup"
                       / "noresource"
                       / "invariant"
                       / event-reason-extension
event-reason-extension = token
]]></artwork>
        </figure>
      </section>
    </section>
  </middle>

  <back>
    <references title="Normative References">
      &rfc2119;
      &rfc2434;
      &rfc2616;
      &rfc2779;
      &rfc2848;
      &rfc3261;
      &rfc3265;
      &rfc4483;
      &draft-ietf-sip-gruu;
    </references>

    <references title="Informative References">
      &rfc3515;
      &rfc3840;
      &rfc3903;
      &rfc4485;
      &rfc4660;
      &rfc5057;
    </references>

    <section title="Acknowledgements">
      <t>Thanks to the participants in the Events BOF at the 48th IETF meeting
      in Pittsburgh, as well as those who gave ideas and suggestions on the
      SIP Events mailing list. In particular, I wish to thank Henning
      Schulzrinne of Columbia University for coming up with the final
      three-tiered event identification scheme, Sean Olson for miscellaneous
      guidance, Jonathan Rosenberg for a thorough scrubbing of the -00 draft,
      and the authors of the "SIP Extensions for Presence" document for their
      input to SUBSCRIBE and NOTIFY request semantics.</t>
      <t>
        I also owe a debt of gratitude to all the implementors who have
        provided feedback on areas of confusion or difficulty in the
        original specification. In particular, Robert Sparks' Herculean
        efforts organizing, running, and collecting data from the SIPit
        events have proven invaluable in shaking out specification bugs.
        Robert Sparks is also responsible for untangling the dialog usage
        mess, in the form of RFC 5057.
      </t>
    </section>

    <section title="Open Issues">
        <section anchor="bug711" title="Bug 711: Allow-Events can't express template support">
          <t>
             OPEN ISSUE: There are several things we can do here. I have not proposed
             on in particular; I would prefer to solicit initial feedback from
             implementors regarding what has been developed and deployed so far.
          </t>
          <t>
            The key problem is that support of template event packages can't be
            expressed in a complete yet bounded fashion. It would not be
            reasonable, for example, to require notifiers that support winfo
            on arbitrary packages to include an "Allow-Events" header field
            with contents like "presence, presence.winfo, presence.winfo.winfo, 
            presence.winfo.winfo.winfo, presence.winfo.winfo.winfo.winfo, 
            presence.winfo.winfo.winfo.winfo.winfo...."
          </t>
          <t>
            One alternative would be to list event packages and template event
            packages, without explicitly indicating which templates can be applied
            to which other packages. In such a case, the preceding example would
            be collapsed to "Allow-Events: presence, winfo". The notifier may
            have local policy that limits how they can be combined -- but we have
            plenty of other places where protocol allows something, but policy
            forbids it.
          </t>
        </section>
        <section title="Remove 202 Response Code?">
        <t>
          In practice, the 202 response code defined in RFC 3265 has proven to be
          nearly useless, due to its redundancy with the "pending" state, and
          its interaction with the HERFP problem. Given that 202 must be treated
          as 200 if an implementation does not understand it: would removing the
          202 response code cause any issues for current implementations?
        </t>
        </section>
        <section title="Timer L and Resubscribes">
          <t>
            <xref target="subscription-confirmation"/> defines a new
            Timer L that is used upon initial subscription to bound the
            amount of time that a subscriber needs to wait for a NOTIFY.
            Should this also apply to resubscribes? On one hand, the
            mechanism is not as necessary, since the subscriber already
            has a negotiated expiration time associated with the
            subscription. On the other hand, if no NOTIFY arrives in
            64*T1, it is highly likely that the notifier has gone
            off the rails, which means that the subscriber can safely
            clean up state associated with that subscription. The key
            question involved in applying Timer L to resubscriptions is
            whether doing so makes subscriptions unnecessarily brittle.
          </t>
        </section>
    </section>

    <section title="Changes">
      <t>
        This section, and all of its subsections, will be consolidated into 
        a single "Changes Since RFC 3265" section prior to publication.
        Bug numbers refer to the identifiers for the bug reports kept on file
        at http://bugs.sipit.net/.
      </t>

      <section title="Changes since RFC 3265">
        <section title="Bug 666: Clarify use of expires=xxx with terminated">
          <t>
            Strengthened language in <xref target="subscriber-notifies"/> to
            clarify that expires should not be sent with terminated, and
            must be ignored if received.
          </t>
        </section>
        <section title="Bug 667: Reason code for unsub/poll not clearly spelled out">
          <t>
            Clarified description of "timeout" in <xref target="subscriber-notifies"/>.
            (n.b., the text in <xref target="polling-state"/> is actually pretty clear
            about this).
          </t>
        </section>
        <section title="Bug 669: Clarify: SUBSCRIBE for a duration might be answered with a NOTIFY/expires=0">
          <t>
            Added clarifying text to <xref target="notifier-notifies"/> explaining
            that shortening a subscription to zero seconds is valid. Also added
            sentence to <xref target="duration"/> explicitly allowing shortening
            to zero.
          </t>
        </section>
        <section title="Bug 670: Dialog State Machine needs clarification">
          <t>
            The issues associated with the bug deal exclusively with the
            handling of multiple usages with a dialog. This behavior
            has been deprecated and moved to <xref target="dialog-reuse"/>.
            This section, in turn, cites <xref target="RFC5057"/>, which
            addresses all of the issues in Bug 670.
          </t>
        </section>
        <section title="Bug 671: Clarify timeout-based removal of subscriptions">
          <t>
            Changed <xref target="notifier-notifies"/> to specifically cite
            Timer F (so as to avoid ambiguity between transaction timeouts
            and retransmission timeouts).
          </t>
        </section>
        <section title="Bug 672: Mandate expires= in NOTIFY">
          <t>
            Changed strength of including of "expires" in a NOTIFY from
            SHOULD to MUST in <xref target="notifier-notifies"/>.
          </t>
        </section>
        <section title="Bug 673: INVITE 481 response effect clarification">
          <t>
            This bug was addressed in <xref target="RFC5057"/>.
          </t>
        </section>
        <section title="Bug 677: SUBSCRIBE response matching text in error">
          <t>
            Fixed <xref target="event-header field"/> to remove incorrect
            "...responses and..." -- explicitly pointed to SIP for
            transaction response handling.
          </t>
        </section>
        <section title="Bug 695: Document is not explicit about response to NOTIFY at subscription termination">
          <t>
            Added text to <xref target="dialog-handling"/> indicating that
            the typical response to a terminal NOTIFY is a "200 OK".
          </t>
        </section>
        <section title="Bug 696: Subscription state machine needs clarification">
          <t>
            Added state machine diagram to <xref target="subscribing"/> with
            explicit handling of what to do when a SUBSCRIBE never shows up.
            Added definition of and handling for new Timer L to 
            <xref target="subscription-confirmation"/>.
            Added state machine to <xref target="notifier-notifies"/> to
            reinforce text.
          </t>
        </section>
        <section title="Bug 697: Unsubscription behavior could be clarified">
          <t>
            Added text to <xref target="notifier-refresh"/> encouraging (but
            not requiring) full state in final NOTIFY message. Also added
            text to <xref target="unsubscribing"/> warning subscribers that
            full state may or may not be present in the final NOTIFY.
          </t>
        </section>
        <section title="Bug 699: NOTIFY and SUBSCRIBE are target refresh requests">
          <t>
            Added text to both <xref target="subscribe"/> and <xref target="notify"/>
            explicitly indicating that SUBSCRIBE and NOTIFY are target refresh
            methods.
          </t>
        </section>
        <section title="Bug 722: Inconsistent 423 reason phrase text">
          <t>
            Changed reason code to "Interval Too Brief" in 
            <xref target="notifier-initial-subscribe"/> and
            <xref target="notifier-refresh"/>, to match 423 reason
            code in SIP <xref target="RFC3261"/>.
          </t>
        </section>
        <section title="Bug 741: guidance needed on when to not include Allow-Events">
          <t>
            Added non-normative clarification to <xref target="allow-events"/>
            regarding inclusion of Allow-Events in a NOTIFY for the one-and-only
            package supported by the notifier.
          </t>
        </section>
        <section title="Bug 744: 5xx to NOTIFY terminates a subscription, but should not">
          <t>
            Issue of subscription (usage) termination versus dialog termination
            is handled in <xref target="RFC5057"/>. The text in <xref target="notifier-notifies"/>
            has been updated to summarize the behavior described by 5057, and cites it
            for additional detail and rationale.
          </t>
        </section>
        <section title="Bug 752: Detection of forked requests is incorrect">
          <t>
            Removed erroneous "CSeq" from list of matching criteria in <xref target="forking"/>.
          </t>
        </section>
        <section title="Bug 773: Reason code needs IANA registry">
          <t>
            Added <xref target="reason-codes"/> to create and populate IANA registry.
          </t>
        </section>
        <section title="Bug 774: Need new reason for terminating subscriptions to resources that never change">
          <t>
            Added new "invariant" reason code to <xref target="subscriber-notifies"/>,
            ABNF syntax.
          </t>
        </section>
        <section title="Clarify handling of Route/Record-Route in NOTIFY">
          <t>
            Changed text in <xref target="proxy"/> mandating Record-Route in
            initial SUBSCRIBE and all NOTIFY messages, and adding "MAY" level
            statements for subsequent SUBSCRIBE messages.
          </t>
        </section>
        <section title="Eliminate implicit subscriptions">
          <t>
              Added text to <xref target="notifier-subscribe"/> explaining
              some of the problems associated with implicit subscriptions,
              normative language prohibiting them.
              Removed language from <xref target="notify"/> describing
              "non-SUBSCRIBE" mechanisms for creating subscriptions.
              Simplified language in <xref target="notifier-notifies"/>,
              now that the soft-state/non-soft-state distinction is
              unnecessary.
          </t>
        </section>
        <section title="Deprecate dialog re-use">
          <t>
            Moved handling of dialog re-use and "id" handling
            to <xref target="dialog-reuse"/>. It is documented only
            for backwards-compatibility purposes.
          </t>
        </section>
        <section title="Rationalize dialog creation">
          <t>
            <xref target="dialog-handling"/> has been updated to specify that
            dialogs should be created when the NOTIFY arrives. Previously, the
            dialog was established by the SUBSCRIBE 200, or by the NOTIFY
            transaction. This was unnecessarily complicated; the newer rules are
            easier to implement (and result in effectively the same behavior
            on the wire).
          </t>
        </section>
        <section title="Refactor behavior sections">
          <t>
            Reorganized <xref target="node-behavior"/> to consolidate behavior along
            role lines (subscriber/notifier/proxy) instead of method lines.
          </t>
        </section>
        <section title="Clarify sections that need to be present in event packages">
          <t>
            Added sentence to
            <xref target="event-packages"/>
            clarifying that event packages are expected to include
            explicit sections covering the issues discussed in this
            section.
          </t>
        </section>
        <section title="Make CANCEL handling more explicit">
          <t>
            Text in <xref target="cancel"/> now clearly calls out
            behavior upon receipt of a CANCEL. We also echo the
            "...SHOULD NOT send..." requirement from <xref target="RFC3261"/>.
          </t>
        </section>
        <section title="Remove State Agent Terminology">
          <t>
            As originally planned, we anticipated a fairly large number of
            event packages that would move back and forth between end-user devices
            and servers in the network. In practice, this has ended up not being
            the case. Certain events, like dialog state, are inherently hosted at
            end-user devices; others, like presence, are almost always hosted in
            the network (due to issues like composition, and the ability to deliver
            information when user devices are offline). Further, the concept of
            State Agents is the most misunderstood by event package authors. In
            my expert review of event packages, I have yet to find one that got
            the concept of State Agents completely correct -- and most of them 
            start out with the concept being 100% backwards from the way RFC 3265
            described it.
          </t>
          <t>
            Rather than remove the ability to perform the actions previously
            attributed to the widely misunderstood term "State Agent," we have
            simply eliminated this term. Instead, we talk about the behaviors
            required to create state agents (state aggregation, subscription
            notification) without defining a formal term to describe the
            servers that exhibit these behaviors. In effect, this is an
            editorial change to make life easier for event package authors;
            the actual protocol does not change as a result.
          </t>
          <t>
            The definition of "State Agent" has been removed from
            <xref target="definitions"/>.
            <xref target="migration"/> has been retooled to discuss
            migration of subscription in general, without calling
            out the specific example of state agents.
            <xref target="aggregation"/> has been focused on 
            state aggregation in particular, instead of state
            aggregation as an aspect of state agents.
          </t>
        </section>
      </section>
    </section>

  </back>
</rfc>

PAFTECH AB 2003-20262026-04-23 20:48:39