SIP WG James Polk Internet-Draft Cisco Systems Intended status: Standards Track (PS) February 24, 2008 Expires: Aug 24, 2008 Updates: RFC 4412 (if published) Allowing SIP Resource-Priority Header in SIP Responses draft-polk-sip-rph-in-responses-01 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 24, 2008. Copyright Notice Copyright (C) The IETF Trust (2008). Abstract The Session Initiation Protocol (SIP) Resource-Priority Header is ignored in SIP responses, according to RFC 4412. This was a design choice during RFC 4412's development. This is now considered a bad design choice in certain scenarios. This document corrects RFC 4412's communications model by optionally allowing a SIP server or user agent (UA) to process the Resource-Priority Header in a response. Polk Expires Aug 24, 2008 [Page 1] Internet-Draft SIP Resource-Priority in Responses Feb 2008 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 1. Introduction The Session Initiation Protocol (SIP) Resource-Priority Header [RFC4412], in its current form, is ignored by SIP entities if in SIP responses. It was a design choice during RFC 4412's development that only stateful servers would grant SIP messages preferential treatment. This is now considered a bad design choice in certain scenarios, such as those entities within trusted networks, and where stateless servers are surrounded by more stateful servers. This document corrects RFC 4412's communications model by allowing a SIP server or user agent (UA) to process the Resource-Priority Header in a response. There are inconsistencies within RFC 4412 as to whether or not a SIP entity can process a Resource-Priority header in a response; Section 3.3 of [RFC4412] states (with a table) a Resource-Priority cannot be looked for in a response, whereas section 4.7.3 of [RFC4412] discusses how SIP entities deal with a Resource-Priority in a response. Here is a more thorough examination of what RFC 4412 says in both sections. RFC 4412 defines the SIP Resource-Priority header, and is a standards track extension to SIP [RFC3261]. Section 3.3 of RFC 4412 has the following table 2 entry: Header field where proxy INV ACK CAN BYE REG OPT PRA ---------------------------------------------------------------- Resource-Priority R amdr o o o o o o o Header field where proxy SUB NOT UPD MSG REF INF PUB ---------------------------------------------------------------- Resource-Priority R amdr o o o o o o o According to RFC 3261 [RFC3261], the 'R' in the "where" column states a particular header is found in requests, and ignored in responses. Table 2 is a quick reference of usage of a header, but alone, is insufficient to define the expected behavior of a SIP header, relying instead on what the header description text says in the RFC that creates the header. RFC 4412 fails to provide clear normative text indicating whether or not a Resource-Priority value can be found in a response, or what a SIP element is to do with it once one is received. Even though Tables 2 and 3 of RFC 3261 are not normative, this is frequently a discussion topic in and out of IETF meetings, and in other SDOs - resulting in industry confusion. Polk Expires Aug 24, 2008 [Page 2] Internet-Draft SIP Resource-Priority in Responses Feb 2008 The assumption at the time of RFC 4412 was that the Resource-Priority header would only be used in managed IP networks where all SIP servers were statefully aware of the Resource-Priority value within a transaction from the request message, maintaining state of the value for the response. Yet, Section 4.7.3 of RFC 4412 states this "If a stateful proxy has authorized a particular Resource-Priority level, and if it offers differentiated treatment to responses containing Resource-Priority levels, the proxy SHOULD ignore any higher value contained in responses, to prevent colluding user agents from artificially raising the priority level." The above quote from RFC 4412 was concerning stateful proxies, and there is a need now to have stateless SIP servers have the Resource-Priority header in responses in some environments, typically when surrounded by stateful proxy servers more towards the edge of the network. This is a design choice several vendors want to have, and they want SIP specifications to state what they want is not illegal, according to RFC(s). This document clarifies what was inconsistent in RFC 4412, by allowing a proxy to "amdr" an Resource-Priority value in a response, though this should only occur in certain network environments. There was a proposal to use SIP Resource-Priority in a SIP response, when that transaction's SIP request is received by a certain type of authorization server, to establish the namespace and priority-value for a dialog (as the signaling continued to set-up the call). This was loosely named "use-case#2" to establish how and why Resource-Priority is necessary in SIP responses. That user-case has been abandoned. What remains here is what was called "use-case#1" for how and why this update to RFC 4412 is necessary. This document updates RFC 4412, but requests no IANA changes. 2. Adding Resource-Priority Header in SIP Responses The following the correction of the table 2 entry for the Resource-Priority header: Header field where proxy INV ACK CAN BYE REG OPT PRA ---------------------------------------------------------------- Resource-Priority amdr o o o o o o o Header field where proxy SUB NOT UPD MSG REF INF PUB ---------------------------------------------------------------- Resource-Priority amdr o o o o o o o Polk Expires Aug 24, 2008 [Page 3] Internet-Draft SIP Resource-Priority in Responses Feb 2008 The difference is in the "where" column, in which the "R" is removed. The specific behaviors resulting from this are explained in the next 3 sub-sections. The above is to replace what is currently stated by RFC 4412, wherever this table is kept intact (knowing this table is not normative anywhere within current SIP RFCs, but is often used as a reference by readers where a header is to be used, and what the expectations are within SIP Methods). 3. Use-Case #1 and SIP Resource-Priority in Responses The usage for SIP Resource-Priority in Responses has been described as "use-case#1". Use-Case#1 involves large networks that will no longer have to maintain stateful proxies throughout their networks in order to comply with RFC 4412. With this update to RFC 4412, large networks can now have transaction or dialog stateful servers at the perimeter of their network, but now can have the faster and more scalable stateless servers in the core of their networks - knowing no SIP requests or responses will be received by these stateless servers without first being processed by the stateful servers (i.e., at least providing the necessary authentication/authorization on the usage of Resource-Priority values in the messages). What was described briefly in the Intro section of this document as "use-case#2" (using a SIP response to carry an authorized new Resource-Priority header value to a server that will continue the transaction towards the UAS with this Resource-Priority in the request) MUST NOT be done. There are more appropriate protocols to do this function than a SIP response message. A SIP SUB/NOT transaction MAY be used for that function, but the scoping and defining of that operation is outside the scope of this document - which focuses exclusively on use-case#1, described above. 4. SIP Element Behaviors for Resource-Priority in Responses 4.1 UAC Behavior The UAC MAY process SIP responses containing the Resource-Priority header according to the local policy of the network or UAC. If the response header value is different than the original request value, it is RECOMMENDED local policy determine which bi-direction priority-value to process the messages within this transaction on, which will likely be at the same priority-value as was in the SIP request. Polk Expires Aug 24, 2008 [Page 4] Internet-Draft SIP Resource-Priority in Responses Feb 2008 4.2 UAS Behavior The UAS MAY include the Resource-Priority header in responses. It is RECOMMENDED the Resource-Priority header value be the same in the response as it was in the request. The UAS MAY change the Resource-Priority header value, depending on local policy. Reasons for this are outside the scope of this document. 4.3 Proxy Behavior SIP Proxies MAY process the Resource-Priority header in responses; meaning, in certain environments, the choice of whether or not to process the Resource-Priority value(s) in a response will not be in doubt. This configuration choice could be on a per transaction basis, on a per server basis, or under some other parameter choice, all based on local policy of the proxy. This Resource-Priority header value MAY be the same or different between request and response, depending on local policy downstream of a proxy (or UAS). SIP Proxies MAY add or modify the Resource-Priority header value in responses with this update. SIP Proxies MAY, but SHOULD NOT delete Resource-Priority header value in responses, as a Resource-Priority header value MAY have use other than at this particular proxy. Local policy will determine this configuration. SIP Proxies SHOULD be able to ignore the header by configuration, in such environments that have Resource-Priority enabled SIP entities that are configured to remain aware of the Resource-Priority value in a request part of the transaction, or do not trust the possibility of a priority mark up, from what was in the request message. 5. IANA Considerations There are no IANA considerations in this document. [NOTE: If this document is to be published as an RFC, this section can be removed.] 6. Security Considerations The Security considerations that apply to RFC 4412 [RFC4412] apply here. The only new security threat this document introduces relative to RFC 4412 is in SIP entities that grant unconditional, stateless, preferential treatment based on the Resource-Priority value. This is a configuration issue, and not a implementation issue, and operators should avoided allowing the configuration of blind SIP entities to process according to a priority marking without having a means of checking if the marking is valid. Invalid Polk Expires Aug 24, 2008 [Page 5] Internet-Draft SIP Resource-Priority in Responses Feb 2008 marking could grant inappropriate treatment to SIP messages that do not deserve it. 7. Acknowledgements Thanks to Janet Gunn, Keith Drage, Dean Willis, Tim Dwight and Martin Dolly for the helpful comments. 8. References 8.1 Normative References [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, March 1997 [RFC4412] Schulzrinne, H., Polk, J., "Communications Resource Priority for the Session Initiation Protocol (SIP)", RFC 4411, Feb 2006 [RFC3261] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, May 2002. Author's Addresses James Polk 3913 Treemont Circle Colleyville, Texas 76034 USA Phone: +1-817-271-3552 Fax: none Email: jmpolk@cisco.com Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE Polk Expires Aug 24, 2008 [Page 6] Internet-Draft SIP Resource-Priority in Responses Feb 2008 ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Polk Expires Aug 24, 2008 [Page 7]