One document matched: draft-ietf-sipping-gruu-reg-event-07.txt
Differences from draft-ietf-sipping-gruu-reg-event-06.txt
Sipping P. Kyzivat
Internet-Draft Cisco Systems, Inc.
Intended status: Informational October 13, 2006
Expires: April 16, 2007
Registration Event Package Extension for Session Initiation Protocol
(SIP) Globally Routable User Agent URIs (GRUUs)
draft-ietf-sipping-gruu-reg-event-07
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 16, 2007.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
RFC 3680 defines a Session Initiation Protocol (SIP) event package
for registration state. This package allows a watcher to learn about
information stored by a SIP registrar, including its registered
contact.
However, the registered contact is frequently unreachable and thus
not useful for watchers. The Globally Routable User Agent URI
Kyzivat Expires April 16, 2007 [Page 1]
Internet-Draft Reg Event GRUU Extension October 2006
(GRUU), defined in RFC YYYY [3], is a URI that is capable of reaching
a particular contact. However this URI is not included in the
document format defined in RFC 3680. This specification defines an
extension to the registration event package to include GRUUs assigned
by the registrar.
[[NOTE TO RFC-EDITOR/IANA: Please replace YYYY throughout this
document with the RFC number assigned to the referenced draft [3]
when it is published.]]
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Description . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Notifier Processing of SUBSCRIBE Requests . . . . . . . . . . 4
5. Notifier Generation of NOTIFY Requests . . . . . . . . . . . . 4
6. Subscriber Processing of NOTIFY Requests . . . . . . . . . . . 5
7. Sample reginfo Document . . . . . . . . . . . . . . . . . . . 5
8. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
8.1. Example: Welcome Notice . . . . . . . . . . . . . . . . . 6
8.2. Example: Implicit Registration . . . . . . . . . . . . . . 7
9. XML Schema Definition . . . . . . . . . . . . . . . . . . . . 10
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
10.1. URN Sub-Namespace Registration . . . . . . . . . . . . . . 10
10.2. XML Schema Registration . . . . . . . . . . . . . . . . . 11
11. Security Considerations . . . . . . . . . . . . . . . . . . . 11
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12
13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
13.1. Normative References . . . . . . . . . . . . . . . . . . . 12
13.2. Informative References . . . . . . . . . . . . . . . . . . 13
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 13
Intellectual Property and Copyright Statements . . . . . . . . . . 14
Kyzivat Expires April 16, 2007 [Page 2]
Internet-Draft Reg Event GRUU Extension October 2006
1. Introduction
RFC 3680 [2] defines a Session Initiation Protocol (SIP) event
package for registration state. This package allows a watcher to
learn about information stored by a SIP registrar, including the
registered contacts.
However, a registered contact is frequently unreachable from hosts
outside of the domain of the user agent. It is commonly a private
address, or even when public direct access to it may be blocked by
firewalls.
The Globally Routable User Agent URI (GRUU), defined in RFC YYYY [3],
is a URI that reaches a particular UA instance, but is reachable by
any host on the Internet. GRUUs assigned by the registrar represent
additional registration state. However, GRUUs assigned by the
registrar are not included in the notifications provided by RFC 3680.
For many applications of the registration event package, a GRUU is
needed, and not the registered contact.
For example, the Welcome Notices example in [2] will only operate
correctly if the contact address in the "reg" event notification is
reachable by the sender of the welcome notice. When the registering
device is using the GRUU extension, it is likely that the registered
contact address will not be globally addressable, and a GRUU should
be used as the target address for the MESSAGE.
Another case where this feature may be helpful is within the 3GPP IP
Multimedia Subsystem (IMS). IMS employs a technique where a REGISTER
of a contact address to one Address of Record (AOR) causes the
implicit registration of the same contact to other associated AORs.
If GRUUs are requested and obtained as part of the registration
request, then additional GRUUs will also be needed for the implicit
registrations. While assigning the additional GRUUs is
straightforward, informing the registering UA of them is not. In
IMS, UAs typically subscribe to the "reg" event, and subscriptions to
the "reg" event for an AOR result in notifications containing
registration state for all the associated AORs. The proposed
extension provides a way to easily deliver the GRUUs for the
associated AORs.
The "reg" event package has provision for including extension
elements within the <contact> element. This document defines new
elements that may be used in that context to deliver the public and
anonymous GRUUs corresponding to the contact.
Kyzivat Expires April 16, 2007 [Page 3]
Internet-Draft Reg Event GRUU Extension October 2006
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119. [1]
3. Description
Two new elements (<pub-gruu> and <anon-gruu>) are defined, each of
which contains a GRUU.
These optional elements may be included within the body of a NOTIFY
for the "reg" event package when GRUUs are associated with the
contact. The contact URI and the GRUUs are then all available to the
watcher.
4. Notifier Processing of SUBSCRIBE Requests
Unchanged from RFC 3680 [2].
5. Notifier Generation of NOTIFY Requests
A notifier for the "reg" event package [2] SHOULD include the <pub-
gruu> element when a contact has an Instance ID and a public GRUU is
associated with the combination of the AOR and the Instance ID. When
present, the <pub-gruu> element MUST be be positioned as a child of
the <contact> element.
A notifier for the "reg" event package [2] MAY include the <anon-
gruu> element when a contact has an Instance ID and an anonymous GRUU
is associated with the combination of the AOR and the Instance ID.
This element SHOULD be included if the subscriber is also authorized
to register to the AOR. This element SHOULD NOT be included if the
subscriber is not authorized to register to the AOR, unless there is
an explicitly configured policy directing that it be included. When
present, the <anon-gruu> element MUST be be positioned as a child of
the <contact> element.
Note that it is possible for multiple registered contacts to share
the same instance ID. In such a case, each <contact> element will
have child <pub-gruu> and <anon-gruu> elements, and those child
elements of each <contact> element will be identical. Since a
particular contact can not be associated with more than one instance
ID, a <contact> element will never have more than one <pub-gruu> and
one <anon-gruu> child element.
Kyzivat Expires April 16, 2007 [Page 4]
Internet-Draft Reg Event GRUU Extension October 2006
The content of the <pub-gruu> element is the public GRUU that is
associated with the instance ID and AOR of the registered contact.
The content of the <anon-gruu> element is the anonymous GRUU that is
associated with the instance ID and AOR of the registered contact.
6. Subscriber Processing of NOTIFY Requests
When a subscriber receives a "reg" event notification [2] with a
<contact> containing a <pub-gruu> and/or <anon-gruu>, it SHOULD use
one of the GRUUs in preference to the corresponding <uri> when
sending SIP requests to the contact.
Subscribers that are unaware of this extension will, as required by
[2], ignore the <pub-gruu> and <anon-gruu> elements.
7. Sample reginfo Document
Note: This example and others in the following section are
indented for readability by the addition of a fixed amount of
whitespace to the beginning of each line. This whitespace is not
part of the example. The conventions of [7] are used to describe
representation of long message lines.
The following is an example registration information document
including the new element:
Kyzivat Expires April 16, 2007 [Page 5]
Internet-Draft Reg Event GRUU Extension October 2006
<?xml version="1.0"?>
<reginfo xmlns="urn:ietf:params:xml:ns:reginfo"
xmlns:gr="urn:ietf:params:xml:ns:gruuinfo"
version="0" state="full">
<registration aor="sip:user@example.com" id="as9"
state="active">
<contact id="76" state="active" event="registered"
duration-registered="7322"
q="0.8">
<uri>sip:user@192.0.2.1</uri>
<allOneLine>
<unknown-param name="+sip.instance">
"<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
</unknown-param>
</allOneLine>
<allOneLine>
<gr:pub-gruu>sip:user@example.com
;gr;aor-qual=hha9s8d-999a</gr:pub-gruu>
</allOneLine>
<allOneLine>
<gr:anon-gruu>sip:8ffkas08af7fasklzi9@example.com
;gr</gr:anon-gruu>
</allOneLine>
</contact>
</registration>
</reginfo>
8. Examples
Note: In the following examples the SIP messages have been
simplified, removing headers that are not pertinent to the example.
When the value of the Content-Length header field is "..." this means
that the value should be whatever the computed length of the body is.
8.1. Example: Welcome Notice
Consider the Welcome Notices example in [2]. When the application
server receives a notification of a new registration containing the
reginfo shown in Section 7 it should address messages using the
contained public GRUU as follows:
Kyzivat Expires April 16, 2007 [Page 6]
Internet-Draft Reg Event GRUU Extension October 2006
MESSAGE sip:user@example.com;gr;aor-qual=hha9s8d-999a SIP/2.0
To: <sip:user@example.com>
From: "SIPland Notifier" <sip:notifier@example.com>;tag=7xy8
Content-Type: text/plain
Content-Length: ...
Welcome to SIPland!
Blah, blah, blah.
8.2. Example: Implicit Registration
In an 3GPP IMS setting, a UA may send a single register message,
requesting assignment of GRUUs, as follows:
REGISTER sip:example.net SIP/2.0
From: <sip:user_aor_1@example.net>;tag=5ab4
To: <sip:user_aor_1@example.net>
Contact: <sip:ua.example.com>
;expires=3600
;+sip.instance="<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
Supported: path, gruu
Content-Length: 0
The response reports success of the registration and returns the
GRUUs assigned for the combination of AOR, Instance ID, and Contact.
It also indicates (via the P-Associated-URI header [6]) that there
are two other associated AORs that may have been implicitly
registered using the same contact. Each of those implicitly
registered AORs will have unique GRUUs assigned. The REGISTER
response will not include those GRUUs; it will only include the GRUUs
for the AOR and instance ID explicitly included in the registration.
SIP/2.0 200 OK
From: <sip:user_aor_1@example.net>;tag=5ab4
To: <sip:user_aor_1@example.net>;tag=373392
Path: <sip:proxy.example.net;lr>
Service-Route: <sip:proxy.example.net;lr>
Contact: <sip:ua.example.com>
;expires=3600
;+sip.instance="<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
;pub-gruu="sip:user_aor_1@example.net;gr;aor-qual=hha9s8d-999a"
;anon-gruu="sip:8ffkas08af7fasklzi9@example.net;gr"
P-Associated-URI: <sip:user_aor_2@example.net>,
<sip:+358504821437@example.net;user=phone>
Content-Length: 0
The UA then subscribes to the "reg" event package as follows:
Kyzivat Expires April 16, 2007 [Page 7]
Internet-Draft Reg Event GRUU Extension October 2006
SUBSCRIBE sip:user_aor_1@example.net SIP/2.0
From: <sip:user_aor_1@example.net>;tag=27182
To: <sip:user_aor_1@example.net>
Route: <sip:proxy.example.net;lr>
Event: reg
Expires: 3600
Accept: application/reginfo+xml
Contact: <sip:user_aor_1@example.net;gr;aor-qual=hha9s8d-999a>
Content-Length: 0
(The successful response to the subscription is not shown.) Once the
subscription is established an initial notification is sent giving
registration status. In IMS deployments the response includes, in
addition to the status for the requested URI, the status for the
other associated URIs.
NOTIFY sip:user_aor_1@example.net;gr;aor-qual=hha9s8d-999a SIP/2.0
From: <sip:user_aor_1@example.net>;tag=27182
To: <sip:user_aor_1@example.net>;tag=262281
Subscription-State: active;expires=3600
Event: reg
Content-Type: application/reginfo+xml
Contact: <sip:registrar.example.net>
Content-Length: ...
<?xml version="1.0"?>
<reginfo xmlns="urn:ietf:params:xml:ns:reginfo"
xmlns:gr="urn:ietf:params:xml:ns:gruuinfo"
version="1" state="full">
<registration aor="sip:user_aor_1@example.net" id="a7"
state="active">
<contact id="92" state="active" event="registered"
duration-registered="1" expires="3599">
<uri>
sip:ua.example.com
</uri>
<allOneLine>
<unknown-param name="+sip.instance">
"<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
</unknown-param>
</allOneLine>
<allOneLine>
<gr:pub-gruu>sip:user_aor_1@example.net
;gr;aor-qual=hha9s8d-999a</gr:pub-gruu>
</allOneLine>
<allOneLine>
<gr:anon-gruu>sip:8ffkas08af7fasklzi9@example.net
;gr</gr:anon-gruu>
Kyzivat Expires April 16, 2007 [Page 8]
Internet-Draft Reg Event GRUU Extension October 2006
</allOneLine>
</contact>
</registration>
<registration aor="sip:user_aor_2@example.net" id="a8"
state="active">
<contact id="93" state="active" event="created"
duration-registered="1" expires="3599">
<uri>
sip:ua.example.com
</uri>
<allOneLine>
<unknown-param name="+sip.instance">
"<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
</unknown-param>
</allOneLine>
<allOneLine>
<gr:pub-gruu>sip:user_aor_2@example.net
;gr;aor-qual=hha9s8d-999b</gr:pub-gruu>
</allOneLine>
<allOneLine>
<gr:anon-gruu>sip:07hcovy36vp6vngvbia@example.net
;gr</gr:anon-gruu>
</allOneLine>
</contact>
</registration>
<registration
aor="sip:+358504821437@example.net;user=phone"
id="a9"
state="active">
<contact id="94" state="active" event="created"
duration-registered="1" expires="3599">
<uri>
sip:ua.example.com
</uri>
<allOneLine>
<unknown-param name="+sip.instance">
"<urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6>"
</unknown-param>
</allOneLine>
<allOneLine>
<gr:pub-gruu>sip:+358504821437@example.net;user=phone
;gr;aor-qual=hha9s8d-999c</gr:pub-gruu>
</allOneLine>
<allOneLine>
<gr:anon-gruu>sip:h99egjbv17fe8ibvlka@example.net
;gr</gr:anon-gruu>
</allOneLine>
</contact>
Kyzivat Expires April 16, 2007 [Page 9]
Internet-Draft Reg Event GRUU Extension October 2006
</registration>
</reginfo>
The status indicates that the associated URIs all have the same
contact registered. It also includes the unique GRUUs that have been
assigned to each. The UA may then retain those GRUUs for use when
establishing dialogs using the corresponding AORs.
9. XML Schema Definition
The <pub-gruu> and <anon-gruu> elements are defined within a new XML
namespace URI. This namespace is "urn:ietf:params:xml:ns:gruuinfo".
The schema for these elements is:
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema targetNamespace="urn:ietf:params:xml:ns:gruuinfo"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="urn:ietf:params:xml:ns:gruuinfo">
<xs:element name="pub-gruu" type="xs:anyURI"/>
<xs:element name="anon-gruu" type="xs:anyURI"/>
</xs:schema>
10. IANA Considerations
There are two IANA considerations associated with this specification.
10.1. URN Sub-Namespace Registration
This section registers a new XML namespace, per the guidelines in
[4].
URI: The URI for this namespace is urn:ietf:params:xml:ns:gruuinfo
Registrant Contact: IETF, SIPPING working group, <sipping@ietf.org>,
Paul Kyzivat <pkyzivat@cisco.com>
XML:
Kyzivat Expires April 16, 2007 [Page 10]
Internet-Draft Reg Event GRUU Extension October 2006
BEGIN
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
"http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type"
content="text/html;charset=iso-8859-1"/>
<title>Reg Information GRUU Extension Namespace</title>
</head>
<body>
<h1>Namespace for Reg Information GRUU Extension</h1>
<h2>urn:ietf:params:xml:ns:gruuinfo</h2>
<p>See <a href="[URL of published RFC]">RFCXXXX [[NOTE
TO RFC-EDITOR/IANA: Please replace XXXX with the RFC Number of
this specification]]</a>.</p>
</body>
</html>
END
10.2. XML Schema Registration
This section registers an XML schema per the procedures in [4].
URI: urn:ietf:params:xml:schema:gruuinfo.
Registrant Contact: IETF, SIPPING working group, <sipping@ietf.org>,
Paul Kyzivat <pkyzivat@cisco.com>
The XML for this schema can be found in Section 9.
11. Security Considerations
Security considerations for the registration event package are
discussed in RFC 3680 [2], and those considerations apply here.
If a contact address obtained via subscription to the registration
event package is not reachable by the subscriber then its disclosure
may arguably be considered a minimal security risk. In that case the
inclusion of a GRUU may be considered to increase the risk by
providing a reachable address. On the other hand requests addressed
to a GRUU are always first processed by the servicing proxy before
they reach the intended user agent. The proxy may control access as
desired, just as it may for the AOR. For instance, the proxy
servicing a GRUU may accept requests from senders whose identity
appears on a white list, and reject other requests. In this respect
disclosing a GRUU presents no more risk than disclosing the AOR.
Kyzivat Expires April 16, 2007 [Page 11]
Internet-Draft Reg Event GRUU Extension October 2006
Anonymous GRUUs have an additional security consideration. The
intent of the anonymous GRUU is to provide a contact address that
cannot be correlated to the identity of the calling party. The
recipient of a call using an anonymous GRUU may guess the identity of
the calling party and then attempt to obtain the anonymous GRUUs
assigned to that caller to confirm the conjecture. Two possible
approaches to obtaining the anonymous GRUUs are:
o Send a REGISTER request to a conjectured caller.
o Send a SUBSCRIBE request for the "reg" event package to the
conjectured caller.
Typically REGISTER is restricted to devices or users that are
authorized to originate and received calls with the AOR. Anonymity
among users of the same AOR is hard to achieve and typically
unnecessary. It is recommended (see Section 5) that the
authorization policy for the "reg" event package permit only those
subscribers authorized to register to the AOR to receive anonymous
GRUUs. With this policy, the confidentiality of the anonymous GRUU
will be the same with and without the "reg" event package. User
agents that use an anonymous GRUU should note that confidentiality
does not extend to parties that are permitted to register to the AOR
or obtain the anonymous GRUU when subscribing the "reg" event
package.
12. Acknowledgements
The author would like to thank Jonathan Rosenberg for help with this
draft, and Jari Urpalainen for assistance with the XML.
13. References
13.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[2] Rosenberg, J., "A Session Initiation Protocol (SIP) Event
Package for Registrations", RFC 3680, March 2004.
[3] Rosenberg, J., "Obtaining and Using Globally Routable User Agent
(UA) URIs (GRUU) in the Session Initiation Protocol (SIP)",
draft-ietf-sip-gruu-10 (work in progress), August 2006.
[4] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
January 2004.
Kyzivat Expires April 16, 2007 [Page 12]
Internet-Draft Reg Event GRUU Extension October 2006
13.2. Informative References
[5] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002.
[6] Garcia-Martin, M., Henrikson, E., and D. Mills, "Private Header
(P-Header) Extensions to the Session Initiation Protocol (SIP)
for the 3rd-Generation Partnership Project (3GPP)", RFC 3455,
January 2003.
[7] Sparks, R., "Session Initiation Protocol Torture Test Messages",
draft-ietf-sipping-torture-tests-09 (work in progress),
November 2005.
Author's Address
Paul H. Kyzivat
Cisco Systems, Inc.
1414 Massachusetts Avenue
Boxborough, MA 01719
USA
Email: pkyzivat@cisco.com
Kyzivat Expires April 16, 2007 [Page 13]
Internet-Draft Reg Event GRUU Extension October 2006
Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Kyzivat Expires April 16, 2007 [Page 14]
| PAFTECH AB 2003-2026 | 2026-04-23 01:15:21 |