BLISS T. Zourzouvillys Internet-Draft VoIP.co.uk Intended status: Informational October 24, 2008 Expires: April 27, 2009 Automatic Call Handling (ACH) Configuration Requirements draft-zourzouvillys-bliss-ach-config-requirements-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 27, 2009. Abstract This document examines the requirements for a protocol that allows an agent to configure an ACH enabled proxy. Zourzouvillys Expires April 27, 2009 [Page 1] Internet-Draft ACH Config Requirements October 2008 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Requirements notation . . . . . . . . . . . . . . . . . . . . . 3 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . 3 5. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 6. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 4 6.1. High Level Requirements . . . . . . . . . . . . . . . . . . 4 6.1.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . 4 6.1.2. Settings Manipulation . . . . . . . . . . . . . . . . . 4 6.1.3. Optional: Multiple Profiles . . . . . . . . . . . . . . 4 6.1.4. Conflict Detection . . . . . . . . . . . . . . . . . . 5 6.1.5. Agent Notifications . . . . . . . . . . . . . . . . . . 5 6.1.6. Error Detection . . . . . . . . . . . . . . . . . . . . 5 6.1.7. Extending Settings . . . . . . . . . . . . . . . . . . 5 6.2. Profile Requirements . . . . . . . . . . . . . . . . . . . 5 6.2.1. Conditions . . . . . . . . . . . . . . . . . . . . . . 5 6.2.2. Semantic Meaning . . . . . . . . . . . . . . . . . . . 5 6.2.3. Extending Profiles . . . . . . . . . . . . . . . . . . 6 6.2.4. NAT Traversal . . . . . . . . . . . . . . . . . . . . . 6 6.2.5. Security . . . . . . . . . . . . . . . . . . . . . . . 6 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 9. Normative References . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 Intellectual Property and Copyright Statements . . . . . . . . . . 8 Zourzouvillys Expires April 27, 2009 [Page 2] Internet-Draft ACH Config Requirements October 2008 1. Introduction Automatic Call Handling (ACH) provides support for SIP proxies to apply automatic treatment to calls, as described in [I-D.ietf-bliss- ach-analysis]. In order to encourage interoperability, a protocol is needed for User Agents (or agents acting on behalf of the user) to be able to configure a proxy to apply treatment to calls. This document analyzes the requirements needed for such a protocol. 2. Requirements notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 3. Scope This document examines a range of requirements for an agent running on behalf of a user served by an ACH enabled proxy to be able to configure the proxy. This document only discusses the requirements for such functionality. A separate document will address solutions. 4. Definitions Agent- A client acting on behalf of a user Profile - A set of configuration parameters that define what treatment should be applied to incoming calls. 5. Overview ACH provides functionality for a SIP proxy hosted on a network to provide services on behalf of a user, for example to reject a call or forward it as needed. Currently, SIP vendors each define their own out of band methods for configuring these call handling rules - commonly via a web interface or an IVR application. Both of these examples have the drawback that they are suitable for use by a human user, but not for an agent acting on behalf of a user or automata. Zourzouvillys Expires April 27, 2009 [Page 3] Internet-Draft ACH Config Requirements October 2008 The ACH configuration mechanism will provide a mechanism more suited for use by a user's agent to modify the configuration on the proxy. This then allows an agent to present the user with an interface suitable to the device for manipulating this information, or an automaton acting on behalf of a user running somewhere within the network. 6. Requirements 6.1. High Level Requirements 6.1.1. Discovery REQ: Given a SIP AOR, an agent should be able to discover where to go to retrieve the ACH configuration settings. 6.1.2. Settings Manipulation REQ: It must be possible for an agent to add new ACH settings. REQ: It must be possible for an agent to modify existing ACH settings. REQ: It must be possible for an agent to delete existing ACH settings. 6.1.3. Optional: Multiple Profiles An optional part of the ACH configuration could allow multiple profiles to be configured on the server. An agent would then be able to switch between profiles without needing to know the configuration itself, by selecting the profile in the main configuration. This would be useful for a SIP UA without a UI - the active profile could be selected without needing an interface, and would not need to implement logic for manipulation of profiles, as this could be done using a UA with a display. It also allows a user with multiple devices to keep multiple profiles, and a change to the profile on one device would not need to be made on all devices. REQ: A means may be defined to allow multiple profiles to be created and stored on the server, and choose an active one for call treatment. Zourzouvillys Expires April 27, 2009 [Page 4] Internet-Draft ACH Config Requirements October 2008 6.1.3.1. Active Profile REQ: An agent must be able to discover the active profile given an AOR and valid credentials for accessing it. 6.1.3.2. Profile Manipulation REQ: It must be possible for an agent to define new profiles, list, modify, and delete existing ones. 6.1.4. Conflict Detection REQ: An agent must be able to fetch settings or a profile, modify them, and re-upload without any risk of conflicts. It must also be able to fetch the active profile, and attempt to change it without any risk of conflict from another agent attempting to also change the profile in the process. 6.1.5. Agent Notifications REQ: An agent should be able to register it's interest in receiving updates to settings for a given user. 6.1.6. Error Detection REQ: A server must have functionality for returning descriptive errors back to the agent when attempting to modify settings. 6.1.7. Extending Settings REQ: It must be possible for vendors to define extensions to the settings in a way that will not conflict with other vendors settings. 6.2. Profile Requirements 6.2.1. Conditions REQ: Apply different treatment based on sets of conditions: (1) Response code from sending call to a binding (2) Caller Identity (3) Time of day or week (4) Specific set of date/time periods 6.2.2. Semantic Meaning An agent should be able to download a profile uploaded by another agent from another vendor and be able to render an interface to a user to allow them to change the settings, or alter a UI based on the Zourzouvillys Expires April 27, 2009 [Page 5] Internet-Draft ACH Config Requirements October 2008 configuration - for example to illuminate an "call divert enabled" lamp. REQ: An agent must be able to extract the semantic meaning in a simple manner from an ACH configuration profile after fetching it. 6.2.3. Extending Profiles REQ: It must be possible to define extensions to the configuration format to define new primitive conditions or actions for call treatment within profiles. 6.2.4. NAT Traversal It is important that agents behind NAT will function correctly, both for direct configuration manipulation, and also for notifications of configuration changes. REQ: An agent must be fully functional behind NAT. 6.2.5. Security It is possible that a SIP proxy only has access to the RFC 2617 HA1 value of a user's credentials. REQ: Both the agent and server MUST support Digest authentication for authenticating the agent based on the same credentials used by a SIP user agent for registration operations. REQ: An agent must be able to validate the identity of the server in a secure fashion. REQ: Data transfered between the agent and server must have integrity protection. REQ: Data transfered between the agent and server must be secured from eavesdropping. 7. Security Considerations All operations described in this document should be subject to appropriate security, the requirements for which are stated earlier in the document. Zourzouvillys Expires April 27, 2009 [Page 6] Internet-Draft ACH Config Requirements October 2008 8. Acknowledgements The following individuals were part of the ACH Team, and have helped to shape this document: Christian Schmidt, John Elwell, John Zhao, Michael Procter, Shida Schubert, and Martin Dolly. 9. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. Author's Address Theo Zourzouvillys VoIP.co.uk Commerce House Telford Road Bicester, Oxfordshire OX26 4LD UK Phone: +44 1908 764196 Email: theo@voip.co.uk URI: http://voip.co.uk Zourzouvillys Expires April 27, 2009 [Page 7] Internet-Draft ACH Config Requirements October 2008 Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Zourzouvillys Expires April 27, 2009 [Page 8]