Internet Engineering Task Force Steve Donovan Internet Draft MCI Worldcom October, 1999 Expires April, 2000 draft-ietf-sip-session-timer-00.txt SIP Session Timer Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference mate- rial or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/lid-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document proposes an extension to the SIP specification [1]. This extension adds a new message header, Session-Expires, which is used to specify the duration of a requested session. A session timer can be used to control the duration of a session if, for instance, one of the participants in the session wants to limit the cost of the session. Call Stateful SIP Proxy Servers can also use a session timer to track the status of sessions for which session state exists on the servers. Currently a call stateful SIP Proxy Server that is not handling the media stream(s) for the session has no mechanism to definitively determine the state of all sessions for which it has state. While the SIP Specification does provide the BYE method for terminating the session, there is no mechanism for a SIP Proxy Server to detect the end of a session when the BYE message is not sent or is lost due to network problems. Donovan draft-ietf-sip-session-timer-00.txt Page 1 Internet Draft SIP Session Timer October 1999 1.0 Introduction The need for the addition of a session timer was initially motivated by the realization that call stateful proxy servers currently have no method of determining the end of a session in certain anomalous situ- ations. For instance, when a user agent fails to send a BYE message at the end of a session or the BYE message gets lost due to network problems. In this situation, the call stateful proxy will retain state for the session and has no deterministic method of determining when the state no longer applies. With the addition of a session timer to the SIP protocol, the call stateful proxy server will have the option of tearing down the ses- sion upon the expiration of the session timer. A session timer can also be used for other purposes. For instance, it could be used in the implementation of a prepaid service. In this case all session related signaling would be routed through a SIP Pre- paid Server that would control the session time based on a sub- scriber's prepaid account. The SIP Prepaid Server could use the ses- sion timer to force the tear down of the session within a specific time. The session timer could also be used by the SIP Prepaid Server as a trigger to indicate to the subscriber that the prepaid account requires more funds to extend the call. This document proposes the addition of the Session-Expires header to various SIP messages. In addition, a new Request Failure message is proposed. This message would be used to indicate session timer prob- lems, including the need for a session-expires header in an INVITE message and the need for a smaller session-expires time. 2.0 Session-Expires Header Field Definition User agents or proxy servers needing to indicate the maximum duration of a session shall use the Session-Expires header. The format of the Session-Expires header shall be equivalent to the format of the Expires header (see section 6.20 in [1]). As such, the end of the session can be specified as either an absolute or delta time. The Session-Expires header shall be valid in INVITE and ACK requests. In addition it shall be valid in certain response messages. This includes the 200 OK response and the new Request Failure responses defined in this document. The called UA or any SPS in the path of the session signaling shall have the option of rejecting an INVITE that does not contain the Ses- sion-Expires header if the service context in which the session request is made requires the use of the session timer. Donovan draft-ietf-sip-session-timer-00.txt Page 2 Internet Draft SIP Session Timer October 1999 The called UA has the option of adding the Session-Expires header to the 200 OK response in the case where there was not a Session-Expires header in the INVITE message. An SPS shall also have the option of adding the Session-Expires header to an INVITE message. In addition, the called UA and SPS shall have the option of modifying the value in the Session-Expires header. This modification shall only be to decrease the requested duration of the session. The start time of the session shall be based on the sending of the ACK by the calling UA and receipt of the ACK message by the SPS and called UA. If the called UA or the SPS requires a session timer for a requested session and the calling UA does not include the Session-Expires header in the INVITE message, then the called UA or the SPS may reject the request with a 487 request failure message. If the use of a session timer is desirable but optional for the ses- sion and the calling UA does not include the Session-Expires header in the INVITE then the called UA or SPS may add a Session-Expires header to the next session setup message. In this case the SPS shall add the Session-Expires header to the INVITE message and the called UA shall add the Session-Expires header to the 200 OK response mes- sage. The calling UA shall have the ability to request an extension to the duration of the session by sending a re-INVITE message for the ses- sion with a new Session-Expires header. See section 1.4.6, Changing an Existing Session, in [1]. The called UA or any SPS in the path of the session signaling shall have the ability to reject the change in the session duration. Upon expiration of the session timer, the calling UA and called UA shall have the option of terminating the session using the normal BYE method. 3.0 Behavior of SIP User Agents 3.1 Behavior of User Agent Clients A User Agent Client (UAC) shall have the ability to include the Ses- sion-Expires header in an INVITE message. The UAC shall have the ability to request an extension of the session timer by sending an INVITE message for an existing session with a Session-Expires header. This should be done enough in advance of the session timeout to prevent the called UA or the SPS from timing out the session prior to receipt of the new INVITE. Donovan draft-ietf-sip-session-timer-00.txt Page 3 Internet Draft SIP Session Timer October 1999 When requesting an extension of the session, the UAC shall use a value in the Session-Expires header that is less-than or equal to the value of the Session-Expires header received in the 200 OK from the original setup of the session. The UAC shall have the ability to receive a Session-Expires header in a 200 OK message. This is independent of whether or not a Session- Expires was included in the original INVITE message. The UAC shall have the ability to accept the session time indicated in the 200 OK Session-Expires header by including unchanged Session- Expires header in the ACK generated as a result of the 200 OK. The UAC shall have the ability to reject the session time indicated in the 200 OK message by not including a Session-Expires header in the ACK generated as a result of the 200 OK message. In general, if the UAC is able to support session timers then it should accept the session time included in the 200 OK, even if it changed between the INVITE and the 200 OK. 3.2 Behavior of User Agent Servers The User Agent Server shall have the ability to reject an INVITE mes- sage that does not contain a Session-Expires header if the INVITE is received in a service context that requires a session timer. The UAS shall reject the INVITE using the following response: 487 Session-Expires Header Problem Session-Expires: n The UAS shall have the ability to provisionally reject an INVITE request based on the contents of the Session-Expires header received in the INVITE message. For instance, the UAS may choose to reject the INVITE if the requested session time is longer than the UAS desires to participate in the session. The UAS shall use the follow- ing message to reject the request: 487 Session-Expires Header Problem Session-Expires: n In both cases, the UAS shall include in the 487 response an accept- able delta time for the session. If the Session-Expires header contains a delta time then the UAS shall calculate the end of the session based on receipt of the ACK message that completes a successful session initiation: End of session time = Receipt of ACK time + Session-Expires time Donovan draft-ietf-sip-session-timer-00.txt Page 4 Internet Draft SIP Session Timer October 1999 The UAS shall have the ability to reject a request to extend the length of the session. The UAS shall do so by sending the following response: 487 Session Time Request Problem Session-Expires: n A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. Any other value should be less than that received in the re-INVITE message and should indicate an acceptable extension to the session timer. If the Session-Expires header in the re-INVITE contains a delta time then the UAS shall calculate the new end of the session from the pre- vious end of session time: New end of session time = Previous end of session time + delta time If a request to extend the session time is rejected by the UAS then the end of session time that existed prior to the extension request shall be remain in effect. The UAS shall have the ability to add a Session-Expires header to a 200 OK response for an INVITE request that did not contain a session- Expires header. If the UAS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the UAS has the following options: - The UAS can choose to participate in the session without a session timer. - The UAS can choose to not participate in the session. In this case, the UAS shall send a BYE message to tear down the session. The UAS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. If the UAS is sending a 200 OK to an INVITE that contained a Session- Expires header then the UAS shall include a Session-Expires header in the 200 OK. The content of the Session-Expires header shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or a decreased value of the session timer desired by the UAS. 4.0 Behavior of SIP Proxy Servers A SIP Proxy Server has the option of tracking the duration of ses- sions for which it is a proxy. Donovan draft-ietf-sip-session-timer-00.txt Page 5 Internet Draft SIP Session Timer October 1999 If the SPS receives an INVITE without a Session-Expires header, it has the option of sending the following request failure response indicating that the Session-Expires header is required: 487 Session-Expires Header Problem Session-Expires: n A SPS has the option of rejecting an INVITE with a Session-Expires header based on the time specified in the header. For instance, if the time specified is too long. The proxy server shall do so by send- ing the following request failure response: 487 Session-Expires Header Problem Session-Expires: n In both cases, the SPS shall include in the 487 response an accept- able delta time for the session. If the Session-Expires header contains a delta time then the SPS shall use the method of calculating the session time specified in section 3.2. A SPS has the option of rejecting a request for an extension of the session timer for an existing session by sending the following request failure response: 487 Session-Expires Header Problem Session-Expires: n A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. Any other value should be less than that received in the re-INVITE message and should indicate an acceptable extension to the session timer. If the SPS accepts the request to extend the session timer then it shall use the method of calculating the new end of session time spec- ified in section 3.2. The SPS shall have the ability to add a Session-Expires header to an INVITE request that does not contain a Session-Expires header. The SPS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. The content of the Session-Expires header included in the INVITE sent by the SPS shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or a decreased value of the session timer desired by the SPS. Donovan draft-ietf-sip-session-timer-00.txt Page 6 Internet Draft SIP Session Timer October 1999 If the SPS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the SPS has the following options: - The SPS can choose to allow the session without a session timer. - The SPS can choose to not allow the session. 5.0 Header Field Definitions The following is an extension of tables 4 and 5 in [1] for the Ses- sion-Expires header: where enc. e-e ACK BYE CAN INV OPT REG Session-Expires R e o - - o - - Session-Expires 200 e - - - o - - Session-Expires 487 e - - - o - - 6.0 Request Failure Messages 6.1 487 Session-Expires Header Problem The server received an INVITE request with one of the following prob- lems: - The server requires a Session-Expires header. In this case the response should contain a Session-Expires header with an acceptable session time. - The server received an INVITE with a Session-Expires header with an expiration time longer than the server is willing to accept. In this case the response should contain a Session-Expires header with an acceptable session time. - The server received an INVITE with a Session-Expires header for an existing session and the server does not wish to extend the session. In this case the response should contain a Session-Expires header with a value of zero (0). - The server received an INVITE with a Session-Expires header for an existing session with an expiration time longer than the server is willing to accept. In this case the response should contain a Ses- sion-Expires header with an acceptable session time. 7.0 Security Considerations There are no new security considerations introduced by the Session- Expires header. Donovan draft-ietf-sip-session-timer-00.txt Page 7 Internet Draft SIP Session Timer October 1999 8.0 Examples The following examples are meant to illustrate the functionality associated with the Session-Expires header. In the interest of brevity, other headers are intentionally left out of the SIP mes- sages. 8.1 Basic session-timer setup with UAS detected timeout Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA starts session timer Session-Expires: 120 Called UA Receipt of ACK Called UA starts session timer Calling UA determines need to extend session time Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA resets session end time Session-Expires: 120 Called UA Receipt of ACK Called UA resets session timer Session timeout detected by Called UA Calling UA <- Called UA BYE Calling UA -> Called UA 200 OK Donovan draft-ietf-sip-session-timer-00.txt Page 8 Internet Draft SIP Session Timer October 1999 8.2 Basic negotiation Calling UA -> SPS INVITE Session-Expires: 240 SPS -> Called UA INVITE SPS wants a shorter timer Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants a shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA starts session timer Session-Expires: 120 SPS Receipt of ACK SPS starts session timer SPS -> Called UA ACK Called UA starts session timer Session-Expires: 120 Calling UA -> SPS BYE SPS -> Called UA BYE SPS <- Called UA 200 OK Calling UA <- SPS 200 OK Donovan draft-ietf-sip-session-timer-00.txt Page 9 Internet Draft SIP Session Timer October 1999 8.3 No Session-Expires Header Rejection by SPS Calling UA -> SPS INVITE No Session-Expires header Calling UA <- SPS 4xx Session-Expires Header Required Session-Expires: 120 Suggested session time Calling UA -> SPS INVITE Session-Expires: 120 Session setup continues 8.4 Invalid Session-Expires Header Rejection by Called UA Calling UA -> Called UA INVITE No Session-Expires header Session-Expires: 1000 Calling UA <- Called UA 4xx Session Time Request Rejected Session-Expires: 120 Suggested session time Calling UA -> Called UA INVITE Session-Expires: 120 Session setup continues Donovan draft-ietf-sip-session-timer-00.txt Page 10 Internet Draft SIP Session Timer October 1999 8.5 Session-Expires Header Added by SPS, Rejected by UAC Calling UA -> SPS INVITE SPS -> Called UA INVITE SPS adds S-E header Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA does not include S-E header The SPS has the choice of allowing or not allowing the call as a result of the Calling UA not supporting the Session-Expires function. 9.0 Changes in this version The changes in this version of the document were primarily editorial in nature. 10.0 References [1] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP: Session Initiation Protocol", RFC 2543, March 1999. 11.0 Author's Address Steven R. Donovan MCI Worldcom 1493/678 901 International Parkway Richardson, Texas 75081 Email: steven.r.donovan@wcom.com Donovan draft-ietf-sip-session-timer-00.txt Page 11