From afa0ae4c95c02928f29d80b627662c0aa4323f77 Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Sat, 11 Jun 2011 20:30:15 +0200 Subject: [PATCH] sip: Initial version of the Grammar capable of parsing a response There is still an issue with the white space handling in the message header. --- .gitignore | 1 + docs/RFC3261.txt | 15067 ++++++++++++++++++++++++++++++++++++ example/invite | 29 + example/invite2 | 29 + grammar/SIPGrammar.st | 183 + grammar/SIPGrammarTest.st | 107 + 6 files changed, 15416 insertions(+) create mode 100644 .gitignore create mode 100644 docs/RFC3261.txt create mode 100644 example/invite create mode 100644 example/invite2 create mode 100644 grammar/SIPGrammar.st create mode 100644 grammar/SIPGrammarTest.st diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..45d62d8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.sw? diff --git a/docs/RFC3261.txt b/docs/RFC3261.txt new file mode 100644 index 0000000..00456a9 --- /dev/null +++ b/docs/RFC3261.txt @@ -0,0 +1,15067 @@ + + + + + + +Network Working Group J. Rosenberg +Request for Comments: 3261 dynamicsoft +Obsoletes: 2543 H. Schulzrinne +Category: Standards Track Columbia U. + G. Camarillo + Ericsson + A. Johnston + WorldCom + J. Peterson + Neustar + R. Sparks + dynamicsoft + M. Handley + ICIR + E. Schooler + AT&T + June 2002 + + SIP: Session Initiation Protocol + +Status of this Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2002). All Rights Reserved. + +Abstract + + This document describes Session Initiation Protocol (SIP), an + application-layer control (signaling) protocol for creating, + modifying, and terminating sessions with one or more participants. + These sessions include Internet telephone calls, multimedia + distribution, and multimedia conferences. + + SIP invitations used to create sessions carry session descriptions + that allow participants to agree on a set of compatible media types. + SIP makes use of elements called proxy servers to help route requests + to the user's current location, authenticate and authorize users for + services, implement provider call-routing policies, and provide + features to users. SIP also provides a registration function that + allows users to upload their current locations for use by proxy + servers. SIP runs on top of several different transport protocols. + + + +Rosenberg, et. al. Standards Track [Page 1] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Table of Contents + + 1 Introduction ........................................ 8 + 2 Overview of SIP Functionality ....................... 9 + 3 Terminology ......................................... 10 + 4 Overview of Operation ............................... 10 + 5 Structure of the Protocol ........................... 18 + 6 Definitions ......................................... 20 + 7 SIP Messages ........................................ 26 + 7.1 Requests ............................................ 27 + 7.2 Responses ........................................... 28 + 7.3 Header Fields ....................................... 29 + 7.3.1 Header Field Format ................................. 30 + 7.3.2 Header Field Classification ......................... 32 + 7.3.3 Compact Form ........................................ 32 + 7.4 Bodies .............................................. 33 + 7.4.1 Message Body Type ................................... 33 + 7.4.2 Message Body Length ................................. 33 + 7.5 Framing SIP Messages ................................ 34 + 8 General User Agent Behavior ......................... 34 + 8.1 UAC Behavior ........................................ 35 + 8.1.1 Generating the Request .............................. 35 + 8.1.1.1 Request-URI ......................................... 35 + 8.1.1.2 To .................................................. 36 + 8.1.1.3 From ................................................ 37 + 8.1.1.4 Call-ID ............................................. 37 + 8.1.1.5 CSeq ................................................ 38 + 8.1.1.6 Max-Forwards ........................................ 38 + 8.1.1.7 Via ................................................. 39 + 8.1.1.8 Contact ............................................. 40 + 8.1.1.9 Supported and Require ............................... 40 + 8.1.1.10 Additional Message Components ....................... 41 + 8.1.2 Sending the Request ................................. 41 + 8.1.3 Processing Responses ................................ 42 + 8.1.3.1 Transaction Layer Errors ............................ 42 + 8.1.3.2 Unrecognized Responses .............................. 42 + 8.1.3.3 Vias ................................................ 43 + 8.1.3.4 Processing 3xx Responses ............................ 43 + 8.1.3.5 Processing 4xx Responses ............................ 45 + 8.2 UAS Behavior ........................................ 46 + 8.2.1 Method Inspection ................................... 46 + 8.2.2 Header Inspection ................................... 46 + 8.2.2.1 To and Request-URI .................................. 46 + 8.2.2.2 Merged Requests ..................................... 47 + 8.2.2.3 Require ............................................. 47 + 8.2.3 Content Processing .................................. 48 + 8.2.4 Applying Extensions ................................. 49 + 8.2.5 Processing the Request .............................. 49 + + + +Rosenberg, et. al. Standards Track [Page 2] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 8.2.6 Generating the Response ............................. 49 + 8.2.6.1 Sending a Provisional Response ...................... 49 + 8.2.6.2 Headers and Tags .................................... 50 + 8.2.7 Stateless UAS Behavior .............................. 50 + 8.3 Redirect Servers .................................... 51 + 9 Canceling a Request ................................. 53 + 9.1 Client Behavior ..................................... 53 + 9.2 Server Behavior ..................................... 55 + 10 Registrations ....................................... 56 + 10.1 Overview ............................................ 56 + 10.2 Constructing the REGISTER Request ................... 57 + 10.2.1 Adding Bindings ..................................... 59 + 10.2.1.1 Setting the Expiration Interval of Contact Addresses 60 + 10.2.1.2 Preferences among Contact Addresses ................. 61 + 10.2.2 Removing Bindings ................................... 61 + 10.2.3 Fetching Bindings ................................... 61 + 10.2.4 Refreshing Bindings ................................. 61 + 10.2.5 Setting the Internal Clock .......................... 62 + 10.2.6 Discovering a Registrar ............................. 62 + 10.2.7 Transmitting a Request .............................. 62 + 10.2.8 Error Responses ..................................... 63 + 10.3 Processing REGISTER Requests ........................ 63 + 11 Querying for Capabilities ........................... 66 + 11.1 Construction of OPTIONS Request ..................... 67 + 11.2 Processing of OPTIONS Request ....................... 68 + 12 Dialogs ............................................. 69 + 12.1 Creation of a Dialog ................................ 70 + 12.1.1 UAS behavior ........................................ 70 + 12.1.2 UAC Behavior ........................................ 71 + 12.2 Requests within a Dialog ............................ 72 + 12.2.1 UAC Behavior ........................................ 73 + 12.2.1.1 Generating the Request .............................. 73 + 12.2.1.2 Processing the Responses ............................ 75 + 12.2.2 UAS Behavior ........................................ 76 + 12.3 Termination of a Dialog ............................. 77 + 13 Initiating a Session ................................ 77 + 13.1 Overview ............................................ 77 + 13.2 UAC Processing ...................................... 78 + 13.2.1 Creating the Initial INVITE ......................... 78 + 13.2.2 Processing INVITE Responses ......................... 81 + 13.2.2.1 1xx Responses ....................................... 81 + 13.2.2.2 3xx Responses ....................................... 81 + 13.2.2.3 4xx, 5xx and 6xx Responses .......................... 81 + 13.2.2.4 2xx Responses ....................................... 82 + 13.3 UAS Processing ...................................... 83 + 13.3.1 Processing of the INVITE ............................ 83 + 13.3.1.1 Progress ............................................ 84 + 13.3.1.2 The INVITE is Redirected ............................ 84 + + + +Rosenberg, et. al. Standards Track [Page 3] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 13.3.1.3 The INVITE is Rejected .............................. 85 + 13.3.1.4 The INVITE is Accepted .............................. 85 + 14 Modifying an Existing Session ....................... 86 + 14.1 UAC Behavior ........................................ 86 + 14.2 UAS Behavior ........................................ 88 + 15 Terminating a Session ............................... 89 + 15.1 Terminating a Session with a BYE Request ............ 90 + 15.1.1 UAC Behavior ........................................ 90 + 15.1.2 UAS Behavior ........................................ 91 + 16 Proxy Behavior ...................................... 91 + 16.1 Overview ............................................ 91 + 16.2 Stateful Proxy ...................................... 92 + 16.3 Request Validation .................................. 94 + 16.4 Route Information Preprocessing ..................... 96 + 16.5 Determining Request Targets ......................... 97 + 16.6 Request Forwarding .................................. 99 + 16.7 Response Processing ................................. 107 + 16.8 Processing Timer C .................................. 114 + 16.9 Handling Transport Errors ........................... 115 + 16.10 CANCEL Processing ................................... 115 + 16.11 Stateless Proxy ..................................... 116 + 16.12 Summary of Proxy Route Processing ................... 118 + 16.12.1 Examples ............................................ 118 + 16.12.1.1 Basic SIP Trapezoid ................................. 118 + 16.12.1.2 Traversing a Strict-Routing Proxy ................... 120 + 16.12.1.3 Rewriting Record-Route Header Field Values .......... 121 + 17 Transactions ........................................ 122 + 17.1 Client Transaction .................................. 124 + 17.1.1 INVITE Client Transaction ........................... 125 + 17.1.1.1 Overview of INVITE Transaction ...................... 125 + 17.1.1.2 Formal Description .................................. 125 + 17.1.1.3 Construction of the ACK Request ..................... 129 + 17.1.2 Non-INVITE Client Transaction ....................... 130 + 17.1.2.1 Overview of the non-INVITE Transaction .............. 130 + 17.1.2.2 Formal Description .................................. 131 + 17.1.3 Matching Responses to Client Transactions ........... 132 + 17.1.4 Handling Transport Errors ........................... 133 + 17.2 Server Transaction .................................. 134 + 17.2.1 INVITE Server Transaction ........................... 134 + 17.2.2 Non-INVITE Server Transaction ....................... 137 + 17.2.3 Matching Requests to Server Transactions ............ 138 + 17.2.4 Handling Transport Errors ........................... 141 + 18 Transport ........................................... 141 + 18.1 Clients ............................................. 142 + 18.1.1 Sending Requests .................................... 142 + 18.1.2 Receiving Responses ................................. 144 + 18.2 Servers ............................................. 145 + 18.2.1 Receiving Requests .................................. 145 + + + +Rosenberg, et. al. Standards Track [Page 4] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 18.2.2 Sending Responses ................................... 146 + 18.3 Framing ............................................. 147 + 18.4 Error Handling ...................................... 147 + 19 Common Message Components ........................... 147 + 19.1 SIP and SIPS Uniform Resource Indicators ............ 148 + 19.1.1 SIP and SIPS URI Components ......................... 148 + 19.1.2 Character Escaping Requirements ..................... 152 + 19.1.3 Example SIP and SIPS URIs ........................... 153 + 19.1.4 URI Comparison ...................................... 153 + 19.1.5 Forming Requests from a URI ......................... 156 + 19.1.6 Relating SIP URIs and tel URLs ...................... 157 + 19.2 Option Tags ......................................... 158 + 19.3 Tags ................................................ 159 + 20 Header Fields ....................................... 159 + 20.1 Accept .............................................. 161 + 20.2 Accept-Encoding ..................................... 163 + 20.3 Accept-Language ..................................... 164 + 20.4 Alert-Info .......................................... 164 + 20.5 Allow ............................................... 165 + 20.6 Authentication-Info ................................. 165 + 20.7 Authorization ....................................... 165 + 20.8 Call-ID ............................................. 166 + 20.9 Call-Info ........................................... 166 + 20.10 Contact ............................................. 167 + 20.11 Content-Disposition ................................. 168 + 20.12 Content-Encoding .................................... 169 + 20.13 Content-Language .................................... 169 + 20.14 Content-Length ...................................... 169 + 20.15 Content-Type ........................................ 170 + 20.16 CSeq ................................................ 170 + 20.17 Date ................................................ 170 + 20.18 Error-Info .......................................... 171 + 20.19 Expires ............................................. 171 + 20.20 From ................................................ 172 + 20.21 In-Reply-To ......................................... 172 + 20.22 Max-Forwards ........................................ 173 + 20.23 Min-Expires ......................................... 173 + 20.24 MIME-Version ........................................ 173 + 20.25 Organization ........................................ 174 + 20.26 Priority ............................................ 174 + 20.27 Proxy-Authenticate .................................. 174 + 20.28 Proxy-Authorization ................................. 175 + 20.29 Proxy-Require ....................................... 175 + 20.30 Record-Route ........................................ 175 + 20.31 Reply-To ............................................ 176 + 20.32 Require ............................................. 176 + 20.33 Retry-After ......................................... 176 + 20.34 Route ............................................... 177 + + + +Rosenberg, et. al. Standards Track [Page 5] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 20.35 Server .............................................. 177 + 20.36 Subject ............................................. 177 + 20.37 Supported ........................................... 178 + 20.38 Timestamp ........................................... 178 + 20.39 To .................................................. 178 + 20.40 Unsupported ......................................... 179 + 20.41 User-Agent .......................................... 179 + 20.42 Via ................................................. 179 + 20.43 Warning ............................................. 180 + 20.44 WWW-Authenticate .................................... 182 + 21 Response Codes ...................................... 182 + 21.1 Provisional 1xx ..................................... 182 + 21.1.1 100 Trying .......................................... 183 + 21.1.2 180 Ringing ......................................... 183 + 21.1.3 181 Call Is Being Forwarded ......................... 183 + 21.1.4 182 Queued .......................................... 183 + 21.1.5 183 Session Progress ................................ 183 + 21.2 Successful 2xx ...................................... 183 + 21.2.1 200 OK .............................................. 183 + 21.3 Redirection 3xx ..................................... 184 + 21.3.1 300 Multiple Choices ................................ 184 + 21.3.2 301 Moved Permanently ............................... 184 + 21.3.3 302 Moved Temporarily ............................... 184 + 21.3.4 305 Use Proxy ....................................... 185 + 21.3.5 380 Alternative Service ............................. 185 + 21.4 Request Failure 4xx ................................. 185 + 21.4.1 400 Bad Request ..................................... 185 + 21.4.2 401 Unauthorized .................................... 185 + 21.4.3 402 Payment Required ................................ 186 + 21.4.4 403 Forbidden ....................................... 186 + 21.4.5 404 Not Found ....................................... 186 + 21.4.6 405 Method Not Allowed .............................. 186 + 21.4.7 406 Not Acceptable .................................. 186 + 21.4.8 407 Proxy Authentication Required ................... 186 + 21.4.9 408 Request Timeout ................................. 186 + 21.4.10 410 Gone ............................................ 187 + 21.4.11 413 Request Entity Too Large ........................ 187 + 21.4.12 414 Request-URI Too Long ............................ 187 + 21.4.13 415 Unsupported Media Type .......................... 187 + 21.4.14 416 Unsupported URI Scheme .......................... 187 + 21.4.15 420 Bad Extension ................................... 187 + 21.4.16 421 Extension Required .............................. 188 + 21.4.17 423 Interval Too Brief .............................. 188 + 21.4.18 480 Temporarily Unavailable ......................... 188 + 21.4.19 481 Call/Transaction Does Not Exist ................. 188 + 21.4.20 482 Loop Detected ................................... 188 + 21.4.21 483 Too Many Hops ................................... 189 + 21.4.22 484 Address Incomplete .............................. 189 + + + +Rosenberg, et. al. Standards Track [Page 6] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 21.4.23 485 Ambiguous ....................................... 189 + 21.4.24 486 Busy Here ....................................... 189 + 21.4.25 487 Request Terminated .............................. 190 + 21.4.26 488 Not Acceptable Here ............................. 190 + 21.4.27 491 Request Pending ................................. 190 + 21.4.28 493 Undecipherable .................................. 190 + 21.5 Server Failure 5xx .................................. 190 + 21.5.1 500 Server Internal Error ........................... 190 + 21.5.2 501 Not Implemented ................................. 191 + 21.5.3 502 Bad Gateway ..................................... 191 + 21.5.4 503 Service Unavailable ............................. 191 + 21.5.5 504 Server Time-out ................................. 191 + 21.5.6 505 Version Not Supported ........................... 192 + 21.5.7 513 Message Too Large ............................... 192 + 21.6 Global Failures 6xx ................................. 192 + 21.6.1 600 Busy Everywhere ................................. 192 + 21.6.2 603 Decline ......................................... 192 + 21.6.3 604 Does Not Exist Anywhere ......................... 192 + 21.6.4 606 Not Acceptable .................................. 192 + 22 Usage of HTTP Authentication ........................ 193 + 22.1 Framework ........................................... 193 + 22.2 User-to-User Authentication ......................... 195 + 22.3 Proxy-to-User Authentication ........................ 197 + 22.4 The Digest Authentication Scheme .................... 199 + 23 S/MIME .............................................. 201 + 23.1 S/MIME Certificates ................................. 201 + 23.2 S/MIME Key Exchange ................................. 202 + 23.3 Securing MIME bodies ................................ 205 + 23.4 SIP Header Privacy and Integrity using S/MIME: + Tunneling SIP ....................................... 207 + 23.4.1 Integrity and Confidentiality Properties of SIP + Headers ............................................. 207 + 23.4.1.1 Integrity ........................................... 207 + 23.4.1.2 Confidentiality ..................................... 208 + 23.4.2 Tunneling Integrity and Authentication .............. 209 + 23.4.3 Tunneling Encryption ................................ 211 + 24 Examples ............................................ 213 + 24.1 Registration ........................................ 213 + 24.2 Session Setup ....................................... 214 + 25 Augmented BNF for the SIP Protocol .................. 219 + 25.1 Basic Rules ......................................... 219 + 26 Security Considerations: Threat Model and Security + Usage Recommendations ............................... 232 + 26.1 Attacks and Threat Models ........................... 233 + 26.1.1 Registration Hijacking .............................. 233 + 26.1.2 Impersonating a Server .............................. 234 + 26.1.3 Tampering with Message Bodies ....................... 235 + 26.1.4 Tearing Down Sessions ............................... 235 + + + +Rosenberg, et. al. Standards Track [Page 7] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 26.1.5 Denial of Service and Amplification ................. 236 + 26.2 Security Mechanisms ................................. 237 + 26.2.1 Transport and Network Layer Security ................ 238 + 26.2.2 SIPS URI Scheme ..................................... 239 + 26.2.3 HTTP Authentication ................................. 240 + 26.2.4 S/MIME .............................................. 240 + 26.3 Implementing Security Mechanisms .................... 241 + 26.3.1 Requirements for Implementers of SIP ................ 241 + 26.3.2 Security Solutions .................................. 242 + 26.3.2.1 Registration ........................................ 242 + 26.3.2.2 Interdomain Requests ................................ 243 + 26.3.2.3 Peer-to-Peer Requests ............................... 245 + 26.3.2.4 DoS Protection ...................................... 246 + 26.4 Limitations ......................................... 247 + 26.4.1 HTTP Digest ......................................... 247 + 26.4.2 S/MIME .............................................. 248 + 26.4.3 TLS ................................................. 249 + 26.4.4 SIPS URIs ........................................... 249 + 26.5 Privacy ............................................. 251 + 27 IANA Considerations ................................. 252 + 27.1 Option Tags ......................................... 252 + 27.2 Warn-Codes .......................................... 252 + 27.3 Header Field Names .................................. 253 + 27.4 Method and Response Codes ........................... 253 + 27.5 The "message/sip" MIME type. ....................... 254 + 27.6 New Content-Disposition Parameter Registrations ..... 255 + 28 Changes From RFC 2543 ............................... 255 + 28.1 Major Functional Changes ............................ 255 + 28.2 Minor Functional Changes ............................ 260 + 29 Normative References ................................ 261 + 30 Informative References .............................. 262 + A Table of Timer Values ............................... 265 + Acknowledgments ................................................ 266 + Authors' Addresses ............................................. 267 + Full Copyright Statement ....................................... 269 + +1 Introduction + + There are many applications of the Internet that require the creation + and management of a session, where a session is considered an + exchange of data between an association of participants. The + implementation of these applications is complicated by the practices + of participants: users may move between endpoints, they may be + addressable by multiple names, and they may communicate in several + different media - sometimes simultaneously. Numerous protocols have + been authored that carry various forms of real-time multimedia + session data such as voice, video, or text messages. The Session + Initiation Protocol (SIP) works in concert with these protocols by + + + +Rosenberg, et. al. Standards Track [Page 8] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + enabling Internet endpoints (called user agents) to discover one + another and to agree on a characterization of a session they would + like to share. For locating prospective session participants, and + for other functions, SIP enables the creation of an infrastructure of + network hosts (called proxy servers) to which user agents can send + registrations, invitations to sessions, and other requests. SIP is + an agile, general-purpose tool for creating, modifying, and + terminating sessions that works independently of underlying transport + protocols and without dependency on the type of session that is being + established. + +2 Overview of SIP Functionality + + SIP is an application-layer control protocol that can establish, + modify, and terminate multimedia sessions (conferences) such as + Internet telephony calls. SIP can also invite participants to + already existing sessions, such as multicast conferences. Media can + be added to (and removed from) an existing session. SIP + transparently supports name mapping and redirection services, which + supports personal mobility [27] - users can maintain a single + externally visible identifier regardless of their network location. + + SIP supports five facets of establishing and terminating multimedia + communications: + + User location: determination of the end system to be used for + communication; + + User availability: determination of the willingness of the called + party to engage in communications; + + User capabilities: determination of the media and media parameters + to be used; + + Session setup: "ringing", establishment of session parameters at + both called and calling party; + + Session management: including transfer and termination of + sessions, modifying session parameters, and invoking + services. + + SIP is not a vertically integrated communications system. SIP is + rather a component that can be used with other IETF protocols to + build a complete multimedia architecture. Typically, these + architectures will include protocols such as the Real-time Transport + Protocol (RTP) (RFC 1889 [28]) for transporting real-time data and + providing QoS feedback, the Real-Time streaming protocol (RTSP) (RFC + 2326 [29]) for controlling delivery of streaming media, the Media + + + +Rosenberg, et. al. Standards Track [Page 9] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Gateway Control Protocol (MEGACO) (RFC 3015 [30]) for controlling + gateways to the Public Switched Telephone Network (PSTN), and the + Session Description Protocol (SDP) (RFC 2327 [1]) for describing + multimedia sessions. Therefore, SIP should be used in conjunction + with other protocols in order to provide complete services to the + users. However, the basic functionality and operation of SIP does + not depend on any of these protocols. + + SIP does not provide services. Rather, SIP provides primitives that + can be used to implement different services. For example, SIP can + locate a user and deliver an opaque object to his current location. + If this primitive is used to deliver a session description written in + SDP, for instance, the endpoints can agree on the parameters of a + session. If the same primitive is used to deliver a photo of the + caller as well as the session description, a "caller ID" service can + be easily implemented. As this example shows, a single primitive is + typically used to provide several different services. + + SIP does not offer conference control services such as floor control + or voting and does not prescribe how a conference is to be managed. + SIP can be used to initiate a session that uses some other conference + control protocol. Since SIP messages and the sessions they establish + can pass through entirely different networks, SIP cannot, and does + not, provide any kind of network resource reservation capabilities. + + The nature of the services provided make security particularly + important. To that end, SIP provides a suite of security services, + which include denial-of-service prevention, authentication (both user + to user and proxy to user), integrity protection, and encryption and + privacy services. + + SIP works with both IPv4 and IPv6. + +3 Terminology + + In this document, the key words "MUST", "MUST NOT", "REQUIRED", + "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT + RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as + described in BCP 14, RFC 2119 [2] and indicate requirement levels for + compliant SIP implementations. + +4 Overview of Operation + + This section introduces the basic operations of SIP using simple + examples. This section is tutorial in nature and does not contain + any normative statements. + + + + + +Rosenberg, et. al. Standards Track [Page 10] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The first example shows the basic functions of SIP: location of an + end point, signal of a desire to communicate, negotiation of session + parameters to establish the session, and teardown of the session once + established. + + Figure 1 shows a typical example of a SIP message exchange between + two users, Alice and Bob. (Each message is labeled with the letter + "F" and a number for reference by the text.) In this example, Alice + uses a SIP application on her PC (referred to as a softphone) to call + Bob on his SIP phone over the Internet. Also shown are two SIP proxy + servers that act on behalf of Alice and Bob to facilitate the session + establishment. This typical arrangement is often referred to as the + "SIP trapezoid" as shown by the geometric shape of the dotted lines + in Figure 1. + + Alice "calls" Bob using his SIP identity, a type of Uniform Resource + Identifier (URI) called a SIP URI. SIP URIs are defined in Section + 19.1. It has a similar form to an email address, typically + containing a username and a host name. In this case, it is + sip:bob@biloxi.com, where biloxi.com is the domain of Bob's SIP + service provider. Alice has a SIP URI of sip:alice@atlanta.com. + Alice might have typed in Bob's URI or perhaps clicked on a hyperlink + or an entry in an address book. SIP also provides a secure URI, + called a SIPS URI. An example would be sips:bob@biloxi.com. A call + made to a SIPS URI guarantees that secure, encrypted transport + (namely TLS) is used to carry all SIP messages from the caller to the + domain of the callee. From there, the request is sent securely to + the callee, but with security mechanisms that depend on the policy of + the domain of the callee. + + SIP is based on an HTTP-like request/response transaction model. + Each transaction consists of a request that invokes a particular + method, or function, on the server and at least one response. In + this example, the transaction begins with Alice's softphone sending + an INVITE request addressed to Bob's SIP URI. INVITE is an example + of a SIP method that specifies the action that the requestor (Alice) + wants the server (Bob) to take. The INVITE request contains a number + of header fields. Header fields are named attributes that provide + additional information about a message. The ones present in an + INVITE include a unique identifier for the call, the destination + address, Alice's address, and information about the type of session + that Alice wishes to establish with Bob. The INVITE (message F1 in + Figure 1) might look like this: + + + + + + + + +Rosenberg, et. al. Standards Track [Page 11] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + atlanta.com . . . biloxi.com + . proxy proxy . + . . + Alice's . . . . . . . . . . . . . . . . . . . . Bob's + softphone SIP Phone + | | | | + | INVITE F1 | | | + |--------------->| INVITE F2 | | + | 100 Trying F3 |--------------->| INVITE F4 | + |<---------------| 100 Trying F5 |--------------->| + | |<-------------- | 180 Ringing F6 | + | | 180 Ringing F7 |<---------------| + | 180 Ringing F8 |<---------------| 200 OK F9 | + |<---------------| 200 OK F10 |<---------------| + | 200 OK F11 |<---------------| | + |<---------------| | | + | ACK F12 | + |------------------------------------------------->| + | Media Session | + |<================================================>| + | BYE F13 | + |<-------------------------------------------------| + | 200 OK F14 | + |------------------------------------------------->| + | | + + Figure 1: SIP session setup example with SIP trapezoid + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bK776asdhds + Max-Forwards: 70 + To: Bob + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710@pc33.atlanta.com + CSeq: 314159 INVITE + Contact: + Content-Type: application/sdp + Content-Length: 142 + + (Alice's SDP not shown) + + The first line of the text-encoded message contains the method name + (INVITE). The lines that follow are a list of header fields. This + example contains a minimum required set. The header fields are + briefly described below: + + + + + + +Rosenberg, et. al. Standards Track [Page 12] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Via contains the address (pc33.atlanta.com) at which Alice is + expecting to receive responses to this request. It also contains a + branch parameter that identifies this transaction. + + To contains a display name (Bob) and a SIP or SIPS URI + (sip:bob@biloxi.com) towards which the request was originally + directed. Display names are described in RFC 2822 [3]. + + From also contains a display name (Alice) and a SIP or SIPS URI + (sip:alice@atlanta.com) that indicate the originator of the request. + This header field also has a tag parameter containing a random string + (1928301774) that was added to the URI by the softphone. It is used + for identification purposes. + + Call-ID contains a globally unique identifier for this call, + generated by the combination of a random string and the softphone's + host name or IP address. The combination of the To tag, From tag, + and Call-ID completely defines a peer-to-peer SIP relationship + between Alice and Bob and is referred to as a dialog. + + CSeq or Command Sequence contains an integer and a method name. The + CSeq number is incremented for each new request within a dialog and + is a traditional sequence number. + + Contact contains a SIP or SIPS URI that represents a direct route to + contact Alice, usually composed of a username at a fully qualified + domain name (FQDN). While an FQDN is preferred, many end systems do + not have registered domain names, so IP addresses are permitted. + While the Via header field tells other elements where to send the + response, the Contact header field tells other elements where to send + future requests. + + Max-Forwards serves to limit the number of hops a request can make on + the way to its destination. It consists of an integer that is + decremented by one at each hop. + + Content-Type contains a description of the message body (not shown). + + Content-Length contains an octet (byte) count of the message body. + + The complete set of SIP header fields is defined in Section 20. + + The details of the session, such as the type of media, codec, or + sampling rate, are not described using SIP. Rather, the body of a + SIP message contains a description of the session, encoded in some + other protocol format. One such format is the Session Description + Protocol (SDP) (RFC 2327 [1]). This SDP message (not shown in the + + + + +Rosenberg, et. al. Standards Track [Page 13] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + example) is carried by the SIP message in a way that is analogous to + a document attachment being carried by an email message, or a web + page being carried in an HTTP message. + + Since the softphone does not know the location of Bob or the SIP + server in the biloxi.com domain, the softphone sends the INVITE to + the SIP server that serves Alice's domain, atlanta.com. The address + of the atlanta.com SIP server could have been configured in Alice's + softphone, or it could have been discovered by DHCP, for example. + + The atlanta.com SIP server is a type of SIP server known as a proxy + server. A proxy server receives SIP requests and forwards them on + behalf of the requestor. In this example, the proxy server receives + the INVITE request and sends a 100 (Trying) response back to Alice's + softphone. The 100 (Trying) response indicates that the INVITE has + been received and that the proxy is working on her behalf to route + the INVITE to the destination. Responses in SIP use a three-digit + code followed by a descriptive phrase. This response contains the + same To, From, Call-ID, CSeq and branch parameter in the Via as the + INVITE, which allows Alice's softphone to correlate this response to + the sent INVITE. The atlanta.com proxy server locates the proxy + server at biloxi.com, possibly by performing a particular type of DNS + (Domain Name Service) lookup to find the SIP server that serves the + biloxi.com domain. This is described in [4]. As a result, it + obtains the IP address of the biloxi.com proxy server and forwards, + or proxies, the INVITE request there. Before forwarding the request, + the atlanta.com proxy server adds an additional Via header field + value that contains its own address (the INVITE already contains + Alice's address in the first Via). The biloxi.com proxy server + receives the INVITE and responds with a 100 (Trying) response back to + the atlanta.com proxy server to indicate that it has received the + INVITE and is processing the request. The proxy server consults a + database, generically called a location service, that contains the + current IP address of Bob. (We shall see in the next section how + this database can be populated.) The biloxi.com proxy server adds + another Via header field value with its own address to the INVITE and + proxies it to Bob's SIP phone. + + Bob's SIP phone receives the INVITE and alerts Bob to the incoming + call from Alice so that Bob can decide whether to answer the call, + that is, Bob's phone rings. Bob's SIP phone indicates this in a 180 + (Ringing) response, which is routed back through the two proxies in + the reverse direction. Each proxy uses the Via header field to + determine where to send the response and removes its own address from + the top. As a result, although DNS and location service lookups were + required to route the initial INVITE, the 180 (Ringing) response can + be returned to the caller without lookups or without state being + + + + +Rosenberg, et. al. Standards Track [Page 14] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + maintained in the proxies. This also has the desirable property that + each proxy that sees the INVITE will also see all responses to the + INVITE. + + When Alice's softphone receives the 180 (Ringing) response, it passes + this information to Alice, perhaps using an audio ringback tone or by + displaying a message on Alice's screen. + + In this example, Bob decides to answer the call. When he picks up + the handset, his SIP phone sends a 200 (OK) response to indicate that + the call has been answered. The 200 (OK) contains a message body + with the SDP media description of the type of session that Bob is + willing to establish with Alice. As a result, there is a two-phase + exchange of SDP messages: Alice sent one to Bob, and Bob sent one + back to Alice. This two-phase exchange provides basic negotiation + capabilities and is based on a simple offer/answer model of SDP + exchange. If Bob did not wish to answer the call or was busy on + another call, an error response would have been sent instead of the + 200 (OK), which would have resulted in no media session being + established. The complete list of SIP response codes is in Section + 21. The 200 (OK) (message F9 in Figure 1) might look like this as + Bob sends it out: + + SIP/2.0 200 OK + Via: SIP/2.0/UDP server10.biloxi.com + ;branch=z9hG4bKnashds8;received=192.0.2.3 + Via: SIP/2.0/UDP bigbox3.site3.atlanta.com + ;branch=z9hG4bK77ef4c2312983.1;received=192.0.2.2 + Via: SIP/2.0/UDP pc33.atlanta.com + ;branch=z9hG4bK776asdhds ;received=192.0.2.1 + To: Bob ;tag=a6c85cf + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710@pc33.atlanta.com + CSeq: 314159 INVITE + Contact: + Content-Type: application/sdp + Content-Length: 131 + + (Bob's SDP not shown) + + The first line of the response contains the response code (200) and + the reason phrase (OK). The remaining lines contain header fields. + The Via, To, From, Call-ID, and CSeq header fields are copied from + the INVITE request. (There are three Via header field values - one + added by Alice's SIP phone, one added by the atlanta.com proxy, and + one added by the biloxi.com proxy.) Bob's SIP phone has added a tag + parameter to the To header field. This tag will be incorporated by + both endpoints into the dialog and will be included in all future + + + +Rosenberg, et. al. Standards Track [Page 15] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + requests and responses in this call. The Contact header field + contains a URI at which Bob can be directly reached at his SIP phone. + The Content-Type and Content-Length refer to the message body (not + shown) that contains Bob's SDP media information. + + In addition to DNS and location service lookups shown in this + example, proxy servers can make flexible "routing decisions" to + decide where to send a request. For example, if Bob's SIP phone + returned a 486 (Busy Here) response, the biloxi.com proxy server + could proxy the INVITE to Bob's voicemail server. A proxy server can + also send an INVITE to a number of locations at the same time. This + type of parallel search is known as forking. + + In this case, the 200 (OK) is routed back through the two proxies and + is received by Alice's softphone, which then stops the ringback tone + and indicates that the call has been answered. Finally, Alice's + softphone sends an acknowledgement message, ACK, to Bob's SIP phone + to confirm the reception of the final response (200 (OK)). In this + example, the ACK is sent directly from Alice's softphone to Bob's SIP + phone, bypassing the two proxies. This occurs because the endpoints + have learned each other's address from the Contact header fields + through the INVITE/200 (OK) exchange, which was not known when the + initial INVITE was sent. The lookups performed by the two proxies + are no longer needed, so the proxies drop out of the call flow. This + completes the INVITE/200/ACK three-way handshake used to establish + SIP sessions. Full details on session setup are in Section 13. + + Alice and Bob's media session has now begun, and they send media + packets using the format to which they agreed in the exchange of SDP. + In general, the end-to-end media packets take a different path from + the SIP signaling messages. + + During the session, either Alice or Bob may decide to change the + characteristics of the media session. This is accomplished by + sending a re-INVITE containing a new media description. This re- + INVITE references the existing dialog so that the other party knows + that it is to modify an existing session instead of establishing a + new session. The other party sends a 200 (OK) to accept the change. + The requestor responds to the 200 (OK) with an ACK. If the other + party does not accept the change, he sends an error response such as + 488 (Not Acceptable Here), which also receives an ACK. However, the + failure of the re-INVITE does not cause the existing call to fail - + the session continues using the previously negotiated + characteristics. Full details on session modification are in Section + 14. + + + + + + +Rosenberg, et. al. Standards Track [Page 16] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + At the end of the call, Bob disconnects (hangs up) first and + generates a BYE message. This BYE is routed directly to Alice's + softphone, again bypassing the proxies. Alice confirms receipt of + the BYE with a 200 (OK) response, which terminates the session and + the BYE transaction. No ACK is sent - an ACK is only sent in + response to a response to an INVITE request. The reasons for this + special handling for INVITE will be discussed later, but relate to + the reliability mechanisms in SIP, the length of time it can take for + a ringing phone to be answered, and forking. For this reason, + request handling in SIP is often classified as either INVITE or non- + INVITE, referring to all other methods besides INVITE. Full details + on session termination are in Section 15. + + Section 24.2 describes the messages shown in Figure 1 in full. + + In some cases, it may be useful for proxies in the SIP signaling path + to see all the messaging between the endpoints for the duration of + the session. For example, if the biloxi.com proxy server wished to + remain in the SIP messaging path beyond the initial INVITE, it would + add to the INVITE a required routing header field known as Record- + Route that contained a URI resolving to the hostname or IP address of + the proxy. This information would be received by both Bob's SIP + phone and (due to the Record-Route header field being passed back in + the 200 (OK)) Alice's softphone and stored for the duration of the + dialog. The biloxi.com proxy server would then receive and proxy the + ACK, BYE, and 200 (OK) to the BYE. Each proxy can independently + decide to receive subsequent messages, and those messages will pass + through all proxies that elect to receive it. This capability is + frequently used for proxies that are providing mid-call features. + + Registration is another common operation in SIP. Registration is one + way that the biloxi.com server can learn the current location of Bob. + Upon initialization, and at periodic intervals, Bob's SIP phone sends + REGISTER messages to a server in the biloxi.com domain known as a SIP + registrar. The REGISTER messages associate Bob's SIP or SIPS URI + (sip:bob@biloxi.com) with the machine into which he is currently + logged (conveyed as a SIP or SIPS URI in the Contact header field). + The registrar writes this association, also called a binding, to a + database, called the location service, where it can be used by the + proxy in the biloxi.com domain. Often, a registrar server for a + domain is co-located with the proxy for that domain. It is an + important concept that the distinction between types of SIP servers + is logical, not physical. + + Bob is not limited to registering from a single device. For example, + both his SIP phone at home and the one in the office could send + registrations. This information is stored together in the location + + + + +Rosenberg, et. al. Standards Track [Page 17] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + service and allows a proxy to perform various types of searches to + locate Bob. Similarly, more than one user can be registered on a + single device at the same time. + + The location service is just an abstract concept. It generally + contains information that allows a proxy to input a URI and receive a + set of zero or more URIs that tell the proxy where to send the + request. Registrations are one way to create this information, but + not the only way. Arbitrary mapping functions can be configured at + the discretion of the administrator. + + Finally, it is important to note that in SIP, registration is used + for routing incoming SIP requests and has no role in authorizing + outgoing requests. Authorization and authentication are handled in + SIP either on a request-by-request basis with a challenge/response + mechanism, or by using a lower layer scheme as discussed in Section + 26. + + The complete set of SIP message details for this registration example + is in Section 24.1. + + Additional operations in SIP, such as querying for the capabilities + of a SIP server or client using OPTIONS, or canceling a pending + request using CANCEL, will be introduced in later sections. + +5 Structure of the Protocol + + SIP is structured as a layered protocol, which means that its + behavior is described in terms of a set of fairly independent + processing stages with only a loose coupling between each stage. The + protocol behavior is described as layers for the purpose of + presentation, allowing the description of functions common across + elements in a single section. It does not dictate an implementation + in any way. When we say that an element "contains" a layer, we mean + it is compliant to the set of rules defined by that layer. + + Not every element specified by the protocol contains every layer. + Furthermore, the elements specified by SIP are logical elements, not + physical ones. A physical realization can choose to act as different + logical elements, perhaps even on a transaction-by-transaction basis. + + The lowest layer of SIP is its syntax and encoding. Its encoding is + specified using an augmented Backus-Naur Form grammar (BNF). The + complete BNF is specified in Section 25; an overview of a SIP + message's structure can be found in Section 7. + + + + + + +Rosenberg, et. al. Standards Track [Page 18] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The second layer is the transport layer. It defines how a client + sends requests and receives responses and how a server receives + requests and sends responses over the network. All SIP elements + contain a transport layer. The transport layer is described in + Section 18. + + The third layer is the transaction layer. Transactions are a + fundamental component of SIP. A transaction is a request sent by a + client transaction (using the transport layer) to a server + transaction, along with all responses to that request sent from the + server transaction back to the client. The transaction layer handles + application-layer retransmissions, matching of responses to requests, + and application-layer timeouts. Any task that a user agent client + (UAC) accomplishes takes place using a series of transactions. + Discussion of transactions can be found in Section 17. User agents + contain a transaction layer, as do stateful proxies. Stateless + proxies do not contain a transaction layer. The transaction layer + has a client component (referred to as a client transaction) and a + server component (referred to as a server transaction), each of which + are represented by a finite state machine that is constructed to + process a particular request. + + The layer above the transaction layer is called the transaction user + (TU). Each of the SIP entities, except the stateless proxy, is a + transaction user. When a TU wishes to send a request, it creates a + client transaction instance and passes it the request along with the + destination IP address, port, and transport to which to send the + request. A TU that creates a client transaction can also cancel it. + When a client cancels a transaction, it requests that the server stop + further processing, revert to the state that existed before the + transaction was initiated, and generate a specific error response to + that transaction. This is done with a CANCEL request, which + constitutes its own transaction, but references the transaction to be + cancelled (Section 9). + + The SIP elements, that is, user agent clients and servers, stateless + and stateful proxies and registrars, contain a core that + distinguishes them from each other. Cores, except for the stateless + proxy, are transaction users. While the behavior of the UAC and UAS + cores depends on the method, there are some common rules for all + methods (Section 8). For a UAC, these rules govern the construction + of a request; for a UAS, they govern the processing of a request and + generating a response. Since registrations play an important role in + SIP, a UAS that handles a REGISTER is given the special name + registrar. Section 10 describes UAC and UAS core behavior for the + REGISTER method. Section 11 describes UAC and UAS core behavior for + the OPTIONS method, used for determining the capabilities of a UA. + + + + +Rosenberg, et. al. Standards Track [Page 19] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Certain other requests are sent within a dialog. A dialog is a + peer-to-peer SIP relationship between two user agents that persists + for some time. The dialog facilitates sequencing of messages and + proper routing of requests between the user agents. The INVITE + method is the only way defined in this specification to establish a + dialog. When a UAC sends a request that is within the context of a + dialog, it follows the common UAC rules as discussed in Section 8 but + also the rules for mid-dialog requests. Section 12 discusses dialogs + and presents the procedures for their construction and maintenance, + in addition to construction of requests within a dialog. + + The most important method in SIP is the INVITE method, which is used + to establish a session between participants. A session is a + collection of participants, and streams of media between them, for + the purposes of communication. Section 13 discusses how sessions are + initiated, resulting in one or more SIP dialogs. Section 14 + discusses how characteristics of that session are modified through + the use of an INVITE request within a dialog. Finally, section 15 + discusses how a session is terminated. + + The procedures of Sections 8, 10, 11, 12, 13, 14, and 15 deal + entirely with the UA core (Section 9 describes cancellation, which + applies to both UA core and proxy core). Section 16 discusses the + proxy element, which facilitates routing of messages between user + agents. + +6 Definitions + + The following terms have special significance for SIP. + + Address-of-Record: An address-of-record (AOR) is a SIP or SIPS URI + that points to a domain with a location service that can map + the URI to another URI where the user might be available. + Typically, the location service is populated through + registrations. An AOR is frequently thought of as the "public + address" of the user. + + Back-to-Back User Agent: A back-to-back user agent (B2BUA) is a + logical entity that receives a request and processes it as a + user agent server (UAS). In order to determine how the request + should be answered, it acts as a user agent client (UAC) and + generates requests. Unlike a proxy server, it maintains dialog + state and must participate in all requests sent on the dialogs + it has established. Since it is a concatenation of a UAC and + UAS, no explicit definitions are needed for its behavior. + + + + + + +Rosenberg, et. al. Standards Track [Page 20] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Call: A call is an informal term that refers to some communication + between peers, generally set up for the purposes of a + multimedia conversation. + + Call Leg: Another name for a dialog [31]; no longer used in this + specification. + + Call Stateful: A proxy is call stateful if it retains state for a + dialog from the initiating INVITE to the terminating BYE + request. A call stateful proxy is always transaction stateful, + but the converse is not necessarily true. + + Client: A client is any network element that sends SIP requests + and receives SIP responses. Clients may or may not interact + directly with a human user. User agent clients and proxies are + clients. + + Conference: A multimedia session (see below) that contains + multiple participants. + + Core: Core designates the functions specific to a particular type + of SIP entity, i.e., specific to either a stateful or stateless + proxy, a user agent or registrar. All cores, except those for + the stateless proxy, are transaction users. + + Dialog: A dialog is a peer-to-peer SIP relationship between two + UAs that persists for some time. A dialog is established by + SIP messages, such as a 2xx response to an INVITE request. A + dialog is identified by a call identifier, local tag, and a + remote tag. A dialog was formerly known as a call leg in RFC + 2543. + + Downstream: A direction of message forwarding within a transaction + that refers to the direction that requests flow from the user + agent client to user agent server. + + Final Response: A response that terminates a SIP transaction, as + opposed to a provisional response that does not. All 2xx, 3xx, + 4xx, 5xx and 6xx responses are final. + + Header: A header is a component of a SIP message that conveys + information about the message. It is structured as a sequence + of header fields. + + Header Field: A header field is a component of the SIP message + header. A header field can appear as one or more header field + rows. Header field rows consist of a header field name and zero + or more header field values. Multiple header field values on a + + + +Rosenberg, et. al. Standards Track [Page 21] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + given header field row are separated by commas. Some header + fields can only have a single header field value, and as a + result, always appear as a single header field row. + + Header Field Value: A header field value is a single value; a + header field consists of zero or more header field values. + + Home Domain: The domain providing service to a SIP user. + Typically, this is the domain present in the URI in the + address-of-record of a registration. + + Informational Response: Same as a provisional response. + + Initiator, Calling Party, Caller: The party initiating a session + (and dialog) with an INVITE request. A caller retains this + role from the time it sends the initial INVITE that established + a dialog until the termination of that dialog. + + Invitation: An INVITE request. + + Invitee, Invited User, Called Party, Callee: The party that + receives an INVITE request for the purpose of establishing a + new session. A callee retains this role from the time it + receives the INVITE until the termination of the dialog + established by that INVITE. + + Location Service: A location service is used by a SIP redirect or + proxy server to obtain information about a callee's possible + location(s). It contains a list of bindings of address-of- + record keys to zero or more contact addresses. The bindings + can be created and removed in many ways; this specification + defines a REGISTER method that updates the bindings. + + Loop: A request that arrives at a proxy, is forwarded, and later + arrives back at the same proxy. When it arrives the second + time, its Request-URI is identical to the first time, and other + header fields that affect proxy operation are unchanged, so + that the proxy would make the same processing decision on the + request it made the first time. Looped requests are errors, + and the procedures for detecting them and handling them are + described by the protocol. + + Loose Routing: A proxy is said to be loose routing if it follows + the procedures defined in this specification for processing of + the Route header field. These procedures separate the + destination of the request (present in the Request-URI) from + + + + + +Rosenberg, et. al. Standards Track [Page 22] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + the set of proxies that need to be visited along the way + (present in the Route header field). A proxy compliant to + these mechanisms is also known as a loose router. + + Message: Data sent between SIP elements as part of the protocol. + SIP messages are either requests or responses. + + Method: The method is the primary function that a request is meant + to invoke on a server. The method is carried in the request + message itself. Example methods are INVITE and BYE. + + Outbound Proxy: A proxy that receives requests from a client, even + though it may not be the server resolved by the Request-URI. + Typically, a UA is manually configured with an outbound proxy, + or can learn about one through auto-configuration protocols. + + Parallel Search: In a parallel search, a proxy issues several + requests to possible user locations upon receiving an incoming + request. Rather than issuing one request and then waiting for + the final response before issuing the next request as in a + sequential search, a parallel search issues requests without + waiting for the result of previous requests. + + Provisional Response: A response used by the server to indicate + progress, but that does not terminate a SIP transaction. 1xx + responses are provisional, other responses are considered + final. + + Proxy, Proxy Server: An intermediary entity that acts as both a + server and a client for the purpose of making requests on + behalf of other clients. A proxy server primarily plays the + role of routing, which means its job is to ensure that a + request is sent to another entity "closer" to the targeted + user. Proxies are also useful for enforcing policy (for + example, making sure a user is allowed to make a call). A + proxy interprets, and, if necessary, rewrites specific parts of + a request message before forwarding it. + + Recursion: A client recurses on a 3xx response when it generates a + new request to one or more of the URIs in the Contact header + field in the response. + + Redirect Server: A redirect server is a user agent server that + generates 3xx responses to requests it receives, directing the + client to contact an alternate set of URIs. + + + + + + +Rosenberg, et. al. Standards Track [Page 23] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Registrar: A registrar is a server that accepts REGISTER requests + and places the information it receives in those requests into + the location service for the domain it handles. + + Regular Transaction: A regular transaction is any transaction with + a method other than INVITE, ACK, or CANCEL. + + Request: A SIP message sent from a client to a server, for the + purpose of invoking a particular operation. + + Response: A SIP message sent from a server to a client, for + indicating the status of a request sent from the client to the + server. + + Ringback: Ringback is the signaling tone produced by the calling + party's application indicating that a called party is being + alerted (ringing). + + Route Set: A route set is a collection of ordered SIP or SIPS URI + which represent a list of proxies that must be traversed when + sending a particular request. A route set can be learned, + through headers like Record-Route, or it can be configured. + + Server: A server is a network element that receives requests in + order to service them and sends back responses to those + requests. Examples of servers are proxies, user agent servers, + redirect servers, and registrars. + + Sequential Search: In a sequential search, a proxy server attempts + each contact address in sequence, proceeding to the next one + only after the previous has generated a final response. A 2xx + or 6xx class final response always terminates a sequential + search. + + Session: From the SDP specification: "A multimedia session is a + set of multimedia senders and receivers and the data streams + flowing from senders to receivers. A multimedia conference is + an example of a multimedia session." (RFC 2327 [1]) (A session + as defined for SDP can comprise one or more RTP sessions.) As + defined, a callee can be invited several times, by different + calls, to the same session. If SDP is used, a session is + defined by the concatenation of the SDP user name, session id, + network type, address type, and address elements in the origin + field. + + SIP Transaction: A SIP transaction occurs between a client and a + server and comprises all messages from the first request sent + from the client to the server up to a final (non-1xx) response + + + +Rosenberg, et. al. Standards Track [Page 24] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + sent from the server to the client. If the request is INVITE + and the final response is a non-2xx, the transaction also + includes an ACK to the response. The ACK for a 2xx response to + an INVITE request is a separate transaction. + + Spiral: A spiral is a SIP request that is routed to a proxy, + forwarded onwards, and arrives once again at that proxy, but + this time differs in a way that will result in a different + processing decision than the original request. Typically, this + means that the request's Request-URI differs from its previous + arrival. A spiral is not an error condition, unlike a loop. A + typical cause for this is call forwarding. A user calls + joe@example.com. The example.com proxy forwards it to Joe's + PC, which in turn, forwards it to bob@example.com. This + request is proxied back to the example.com proxy. However, + this is not a loop. Since the request is targeted at a + different user, it is considered a spiral, and is a valid + condition. + + Stateful Proxy: A logical entity that maintains the client and + server transaction state machines defined by this specification + during the processing of a request, also known as a transaction + stateful proxy. The behavior of a stateful proxy is further + defined in Section 16. A (transaction) stateful proxy is not + the same as a call stateful proxy. + + Stateless Proxy: A logical entity that does not maintain the + client or server transaction state machines defined in this + specification when it processes requests. A stateless proxy + forwards every request it receives downstream and every + response it receives upstream. + + Strict Routing: A proxy is said to be strict routing if it follows + the Route processing rules of RFC 2543 and many prior work in + progress versions of this RFC. That rule caused proxies to + destroy the contents of the Request-URI when a Route header + field was present. Strict routing behavior is not used in this + specification, in favor of a loose routing behavior. Proxies + that perform strict routing are also known as strict routers. + + Target Refresh Request: A target refresh request sent within a + dialog is defined as a request that can modify the remote + target of the dialog. + + Transaction User (TU): The layer of protocol processing that + resides above the transaction layer. Transaction users include + the UAC core, UAS core, and proxy core. + + + + +Rosenberg, et. al. Standards Track [Page 25] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Upstream: A direction of message forwarding within a transaction + that refers to the direction that responses flow from the user + agent server back to the user agent client. + + URL-encoded: A character string encoded according to RFC 2396, + Section 2.4 [5]. + + User Agent Client (UAC): A user agent client is a logical entity + that creates a new request, and then uses the client + transaction state machinery to send it. The role of UAC lasts + only for the duration of that transaction. In other words, if + a piece of software initiates a request, it acts as a UAC for + the duration of that transaction. If it receives a request + later, it assumes the role of a user agent server for the + processing of that transaction. + + UAC Core: The set of processing functions required of a UAC that + reside above the transaction and transport layers. + + User Agent Server (UAS): A user agent server is a logical entity + that generates a response to a SIP request. The response + accepts, rejects, or redirects the request. This role lasts + only for the duration of that transaction. In other words, if + a piece of software responds to a request, it acts as a UAS for + the duration of that transaction. If it generates a request + later, it assumes the role of a user agent client for the + processing of that transaction. + + UAS Core: The set of processing functions required at a UAS that + resides above the transaction and transport layers. + + User Agent (UA): A logical entity that can act as both a user + agent client and user agent server. + + The role of UAC and UAS, as well as proxy and redirect servers, are + defined on a transaction-by-transaction basis. For example, the user + agent initiating a call acts as a UAC when sending the initial INVITE + request and as a UAS when receiving a BYE request from the callee. + Similarly, the same software can act as a proxy server for one + request and as a redirect server for the next request. + + Proxy, location, and registrar servers defined above are logical + entities; implementations MAY combine them into a single application. + +7 SIP Messages + + SIP is a text-based protocol and uses the UTF-8 charset (RFC 2279 + [7]). + + + +Rosenberg, et. al. Standards Track [Page 26] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + A SIP message is either a request from a client to a server, or a + response from a server to a client. + + Both Request (section 7.1) and Response (section 7.2) messages use + the basic format of RFC 2822 [3], even though the syntax differs in + character set and syntax specifics. (SIP allows header fields that + would not be valid RFC 2822 header fields, for example.) Both types + of messages consist of a start-line, one or more header fields, an + empty line indicating the end of the header fields, and an optional + message-body. + + generic-message = start-line + *message-header + CRLF + [ message-body ] + start-line = Request-Line / Status-Line + + The start-line, each message-header line, and the empty line MUST be + terminated by a carriage-return line-feed sequence (CRLF). Note that + the empty line MUST be present even if the message-body is not. + + Except for the above difference in character sets, much of SIP's + message and header field syntax is identical to HTTP/1.1. Rather + than repeating the syntax and semantics here, we use [HX.Y] to refer + to Section X.Y of the current HTTP/1.1 specification (RFC 2616 [8]). + + However, SIP is not an extension of HTTP. + +7.1 Requests + + SIP requests are distinguished by having a Request-Line for a start- + line. A Request-Line contains a method name, a Request-URI, and the + protocol version separated by a single space (SP) character. + + The Request-Line ends with CRLF. No CR or LF are allowed except in + the end-of-line CRLF sequence. No linear whitespace (LWS) is allowed + in any of the elements. + + Request-Line = Method SP Request-URI SP SIP-Version CRLF + + Method: This specification defines six methods: REGISTER for + registering contact information, INVITE, ACK, and CANCEL for + setting up sessions, BYE for terminating sessions, and + OPTIONS for querying servers about their capabilities. SIP + extensions, documented in standards track RFCs, may define + additional methods. + + + + + +Rosenberg, et. al. Standards Track [Page 27] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Request-URI: The Request-URI is a SIP or SIPS URI as described in + Section 19.1 or a general URI (RFC 2396 [5]). It indicates + the user or service to which this request is being addressed. + The Request-URI MUST NOT contain unescaped spaces or control + characters and MUST NOT be enclosed in "<>". + + SIP elements MAY support Request-URIs with schemes other than + "sip" and "sips", for example the "tel" URI scheme of RFC + 2806 [9]. SIP elements MAY translate non-SIP URIs using any + mechanism at their disposal, resulting in SIP URI, SIPS URI, + or some other scheme. + + SIP-Version: Both request and response messages include the + version of SIP in use, and follow [H3.1] (with HTTP replaced + by SIP, and HTTP/1.1 replaced by SIP/2.0) regarding version + ordering, compliance requirements, and upgrading of version + numbers. To be compliant with this specification, + applications sending SIP messages MUST include a SIP-Version + of "SIP/2.0". The SIP-Version string is case-insensitive, + but implementations MUST send upper-case. + + Unlike HTTP/1.1, SIP treats the version number as a literal + string. In practice, this should make no difference. + +7.2 Responses + + SIP responses are distinguished from requests by having a Status-Line + as their start-line. A Status-Line consists of the protocol version + followed by a numeric Status-Code and its associated textual phrase, + with each element separated by a single SP character. + + No CR or LF is allowed except in the final CRLF sequence. + + Status-Line = SIP-Version SP Status-Code SP Reason-Phrase CRLF + + The Status-Code is a 3-digit integer result code that indicates the + outcome of an attempt to understand and satisfy a request. The + Reason-Phrase is intended to give a short textual description of the + Status-Code. The Status-Code is intended for use by automata, + whereas the Reason-Phrase is intended for the human user. A client + is not required to examine or display the Reason-Phrase. + + While this specification suggests specific wording for the reason + phrase, implementations MAY choose other text, for example, in the + language indicated in the Accept-Language header field of the + request. + + + + + +Rosenberg, et. al. Standards Track [Page 28] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The first digit of the Status-Code defines the class of response. + The last two digits do not have any categorization role. For this + reason, any response with a status code between 100 and 199 is + referred to as a "1xx response", any response with a status code + between 200 and 299 as a "2xx response", and so on. SIP/2.0 allows + six values for the first digit: + + 1xx: Provisional -- request received, continuing to process the + request; + + 2xx: Success -- the action was successfully received, understood, + and accepted; + + 3xx: Redirection -- further action needs to be taken in order to + complete the request; + + 4xx: Client Error -- the request contains bad syntax or cannot be + fulfilled at this server; + + 5xx: Server Error -- the server failed to fulfill an apparently + valid request; + + 6xx: Global Failure -- the request cannot be fulfilled at any + server. + + Section 21 defines these classes and describes the individual codes. + +7.3 Header Fields + + SIP header fields are similar to HTTP header fields in both syntax + and semantics. In particular, SIP header fields follow the [H4.2] + definitions of syntax for the message-header and the rules for + extending header fields over multiple lines. However, the latter is + specified in HTTP with implicit whitespace and folding. This + specification conforms to RFC 2234 [10] and uses only explicit + whitespace and folding as an integral part of the grammar. + + [H4.2] also specifies that multiple header fields of the same field + name whose value is a comma-separated list can be combined into one + header field. That applies to SIP as well, but the specific rule is + different because of the different grammars. Specifically, any SIP + header whose grammar is of the form + + header = "header-name" HCOLON header-value *(COMMA header-value) + + allows for combining header fields of the same name into a comma- + separated list. The Contact header field allows a comma-separated + list unless the header field value is "*". + + + +Rosenberg, et. al. Standards Track [Page 29] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +7.3.1 Header Field Format + + Header fields follow the same generic header format as that given in + Section 2.2 of RFC 2822 [3]. Each header field consists of a field + name followed by a colon (":") and the field value. + + field-name: field-value + + The formal grammar for a message-header specified in Section 25 + allows for an arbitrary amount of whitespace on either side of the + colon; however, implementations should avoid spaces between the field + name and the colon and use a single space (SP) between the colon and + the field-value. + + Subject: lunch + Subject : lunch + Subject :lunch + Subject: lunch + + Thus, the above are all valid and equivalent, but the last is the + preferred form. + + Header fields can be extended over multiple lines by preceding each + extra line with at least one SP or horizontal tab (HT). The line + break and the whitespace at the beginning of the next line are + treated as a single SP character. Thus, the following are + equivalent: + + Subject: I know you're there, pick up the phone and talk to me! + Subject: I know you're there, + pick up the phone + and talk to me! + + The relative order of header fields with different field names is not + significant. However, it is RECOMMENDED that header fields which are + needed for proxy processing (Via, Route, Record-Route, Proxy-Require, + Max-Forwards, and Proxy-Authorization, for example) appear towards + the top of the message to facilitate rapid parsing. The relative + order of header field rows with the same field name is important. + Multiple header field rows with the same field-name MAY be present in + a message if and only if the entire field-value for that header field + is defined as a comma-separated list (that is, if follows the grammar + defined in Section 7.3). It MUST be possible to combine the multiple + header field rows into one "field-name: field-value" pair, without + changing the semantics of the message, by appending each subsequent + field-value to the first, each separated by a comma. The exceptions + to this rule are the WWW-Authenticate, Authorization, Proxy- + Authenticate, and Proxy-Authorization header fields. Multiple header + + + +Rosenberg, et. al. Standards Track [Page 30] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + field rows with these names MAY be present in a message, but since + their grammar does not follow the general form listed in Section 7.3, + they MUST NOT be combined into a single header field row. + + Implementations MUST be able to process multiple header field rows + with the same name in any combination of the single-value-per-line or + comma-separated value forms. + + The following groups of header field rows are valid and equivalent: + + Route: + Subject: Lunch + Route: + Route: + + Route: , + Route: + Subject: Lunch + + Subject: Lunch + Route: , , + + + Each of the following blocks is valid but not equivalent to the + others: + + Route: + Route: + Route: + + Route: + Route: + Route: + + Route: ,, + + + The format of a header field-value is defined per header-name. It + will always be either an opaque sequence of TEXT-UTF8 octets, or a + combination of whitespace, tokens, separators, and quoted strings. + Many existing header fields will adhere to the general form of a + value followed by a semi-colon separated sequence of parameter-name, + parameter-value pairs: + + field-name: field-value *(;parameter-name=parameter-value) + + + + + + +Rosenberg, et. al. Standards Track [Page 31] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Even though an arbitrary number of parameter pairs may be attached to + a header field value, any given parameter-name MUST NOT appear more + than once. + + When comparing header fields, field names are always case- + insensitive. Unless otherwise stated in the definition of a + particular header field, field values, parameter names, and parameter + values are case-insensitive. Tokens are always case-insensitive. + Unless specified otherwise, values expressed as quoted strings are + case-sensitive. For example, + + Contact: ;expires=3600 + + is equivalent to + + CONTACT: ;ExPiReS=3600 + + and + + Content-Disposition: session;handling=optional + + is equivalent to + + content-disposition: Session;HANDLING=OPTIONAL + + The following two header fields are not equivalent: + + Warning: 370 devnull "Choose a bigger pipe" + Warning: 370 devnull "CHOOSE A BIGGER PIPE" + +7.3.2 Header Field Classification + + Some header fields only make sense in requests or responses. These + are called request header fields and response header fields, + respectively. If a header field appears in a message not matching + its category (such as a request header field in a response), it MUST + be ignored. Section 20 defines the classification of each header + field. + +7.3.3 Compact Form + + SIP provides a mechanism to represent common header field names in an + abbreviated form. This may be useful when messages would otherwise + become too large to be carried on the transport available to it + (exceeding the maximum transmission unit (MTU) when using UDP, for + example). These compact forms are defined in Section 20. A compact + form MAY be substituted for the longer form of a header field name at + any time without changing the semantics of the message. A header + + + +Rosenberg, et. al. Standards Track [Page 32] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + field name MAY appear in both long and short forms within the same + message. Implementations MUST accept both the long and short forms + of each header name. + +7.4 Bodies + + Requests, including new requests defined in extensions to this + specification, MAY contain message bodies unless otherwise noted. + The interpretation of the body depends on the request method. + + For response messages, the request method and the response status + code determine the type and interpretation of any message body. All + responses MAY include a body. + +7.4.1 Message Body Type + + The Internet media type of the message body MUST be given by the + Content-Type header field. If the body has undergone any encoding + such as compression, then this MUST be indicated by the Content- + Encoding header field; otherwise, Content-Encoding MUST be omitted. + If applicable, the character set of the message body is indicated as + part of the Content-Type header-field value. + + The "multipart" MIME type defined in RFC 2046 [11] MAY be used within + the body of the message. Implementations that send requests + containing multipart message bodies MUST send a session description + as a non-multipart message body if the remote implementation requests + this through an Accept header field that does not contain multipart. + + SIP messages MAY contain binary bodies or body parts. When no + explicit charset parameter is provided by the sender, media subtypes + of the "text" type are defined to have a default charset value of + "UTF-8". + +7.4.2 Message Body Length + + The body length in bytes is provided by the Content-Length header + field. Section 20.14 describes the necessary contents of this header + field in detail. + + The "chunked" transfer encoding of HTTP/1.1 MUST NOT be used for SIP. + (Note: The chunked encoding modifies the body of a message in order + to transfer it as a series of chunks, each with its own size + indicator.) + + + + + + + +Rosenberg, et. al. Standards Track [Page 33] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +7.5 Framing SIP Messages + + Unlike HTTP, SIP implementations can use UDP or other unreliable + datagram protocols. Each such datagram carries one request or + response. See Section 18 on constraints on usage of unreliable + transports. + + Implementations processing SIP messages over stream-oriented + transports MUST ignore any CRLF appearing before the start-line + [H4.1]. + + The Content-Length header field value is used to locate the end of + each SIP message in a stream. It will always be present when SIP + messages are sent over stream-oriented transports. + +8 General User Agent Behavior + + A user agent represents an end system. It contains a user agent + client (UAC), which generates requests, and a user agent server + (UAS), which responds to them. A UAC is capable of generating a + request based on some external stimulus (the user clicking a button, + or a signal on a PSTN line) and processing a response. A UAS is + capable of receiving a request and generating a response based on + user input, external stimulus, the result of a program execution, or + some other mechanism. + + When a UAC sends a request, the request passes through some number of + proxy servers, which forward the request towards the UAS. When the + UAS generates a response, the response is forwarded towards the UAC. + + UAC and UAS procedures depend strongly on two factors. First, based + on whether the request or response is inside or outside of a dialog, + and second, based on the method of a request. Dialogs are discussed + thoroughly in Section 12; they represent a peer-to-peer relationship + between user agents and are established by specific SIP methods, such + as INVITE. + + In this section, we discuss the method-independent rules for UAC and + UAS behavior when processing requests that are outside of a dialog. + This includes, of course, the requests which themselves establish a + dialog. + + Security procedures for requests and responses outside of a dialog + are described in Section 26. Specifically, mechanisms exist for the + UAS and UAC to mutually authenticate. A limited set of privacy + features are also supported through encryption of bodies using + S/MIME. + + + + +Rosenberg, et. al. Standards Track [Page 34] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.1 UAC Behavior + + This section covers UAC behavior outside of a dialog. + +8.1.1 Generating the Request + + A valid SIP request formulated by a UAC MUST, at a minimum, contain + the following header fields: To, From, CSeq, Call-ID, Max-Forwards, + and Via; all of these header fields are mandatory in all SIP + requests. These six header fields are the fundamental building + blocks of a SIP message, as they jointly provide for most of the + critical message routing services including the addressing of + messages, the routing of responses, limiting message propagation, + ordering of messages, and the unique identification of transactions. + These header fields are in addition to the mandatory request line, + which contains the method, Request-URI, and SIP version. + + Examples of requests sent outside of a dialog include an INVITE to + establish a session (Section 13) and an OPTIONS to query for + capabilities (Section 11). + +8.1.1.1 Request-URI + + The initial Request-URI of the message SHOULD be set to the value of + the URI in the To field. One notable exception is the REGISTER + method; behavior for setting the Request-URI of REGISTER is given in + Section 10. It may also be undesirable for privacy reasons or + convenience to set these fields to the same value (especially if the + originating UA expects that the Request-URI will be changed during + transit). + + In some special circumstances, the presence of a pre-existing route + set can affect the Request-URI of the message. A pre-existing route + set is an ordered set of URIs that identify a chain of servers, to + which a UAC will send outgoing requests that are outside of a dialog. + Commonly, they are configured on the UA by a user or service provider + manually, or through some other non-SIP mechanism. When a provider + wishes to configure a UA with an outbound proxy, it is RECOMMENDED + that this be done by providing it with a pre-existing route set with + a single URI, that of the outbound proxy. + + When a pre-existing route set is present, the procedures for + populating the Request-URI and Route header field detailed in Section + 12.2.1.1 MUST be followed (even though there is no dialog), using the + desired Request-URI as the remote target URI. + + + + + + +Rosenberg, et. al. Standards Track [Page 35] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.1.1.2 To + + The To header field first and foremost specifies the desired + "logical" recipient of the request, or the address-of-record of the + user or resource that is the target of this request. This may or may + not be the ultimate recipient of the request. The To header field + MAY contain a SIP or SIPS URI, but it may also make use of other URI + schemes (the tel URL (RFC 2806 [9]), for example) when appropriate. + All SIP implementations MUST support the SIP URI scheme. Any + implementation that supports TLS MUST support the SIPS URI scheme. + The To header field allows for a display name. + + A UAC may learn how to populate the To header field for a particular + request in a number of ways. Usually the user will suggest the To + header field through a human interface, perhaps inputting the URI + manually or selecting it from some sort of address book. Frequently, + the user will not enter a complete URI, but rather a string of digits + or letters (for example, "bob"). It is at the discretion of the UA + to choose how to interpret this input. Using the string to form the + user part of a SIP URI implies that the UA wishes the name to be + resolved in the domain to the right-hand side (RHS) of the at-sign in + the SIP URI (for instance, sip:bob@example.com). Using the string to + form the user part of a SIPS URI implies that the UA wishes to + communicate securely, and that the name is to be resolved in the + domain to the RHS of the at-sign. The RHS will frequently be the + home domain of the requestor, which allows for the home domain to + process the outgoing request. This is useful for features like + "speed dial" that require interpretation of the user part in the home + domain. The tel URL may be used when the UA does not wish to specify + the domain that should interpret a telephone number that has been + input by the user. Rather, each domain through which the request + passes would be given that opportunity. As an example, a user in an + airport might log in and send requests through an outbound proxy in + the airport. If they enter "411" (this is the phone number for local + directory assistance in the United States), that needs to be + interpreted and processed by the outbound proxy in the airport, not + the user's home domain. In this case, tel:411 would be the right + choice. + + A request outside of a dialog MUST NOT contain a To tag; the tag in + the To field of a request identifies the peer of the dialog. Since + no dialog is established, no tag is present. + + For further information on the To header field, see Section 20.39. + The following is an example of a valid To header field: + + To: Carol + + + + +Rosenberg, et. al. Standards Track [Page 36] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.1.1.3 From + + The From header field indicates the logical identity of the initiator + of the request, possibly the user's address-of-record. Like the To + header field, it contains a URI and optionally a display name. It is + used by SIP elements to determine which processing rules to apply to + a request (for example, automatic call rejection). As such, it is + very important that the From URI not contain IP addresses or the FQDN + of the host on which the UA is running, since these are not logical + names. + + The From header field allows for a display name. A UAC SHOULD use + the display name "Anonymous", along with a syntactically correct, but + otherwise meaningless URI (like sip:thisis@anonymous.invalid), if the + identity of the client is to remain hidden. + + Usually, the value that populates the From header field in requests + generated by a particular UA is pre-provisioned by the user or by the + administrators of the user's local domain. If a particular UA is + used by multiple users, it might have switchable profiles that + include a URI corresponding to the identity of the profiled user. + Recipients of requests can authenticate the originator of a request + in order to ascertain that they are who their From header field + claims they are (see Section 22 for more on authentication). + + The From field MUST contain a new "tag" parameter, chosen by the UAC. + See Section 19.3 for details on choosing a tag. + + For further information on the From header field, see Section 20.20. + Examples: + + From: "Bob" ;tag=a48s + From: sip:+12125551212@phone2net.com;tag=887s + From: Anonymous ;tag=hyh8 + +8.1.1.4 Call-ID + + The Call-ID header field acts as a unique identifier to group + together a series of messages. It MUST be the same for all requests + and responses sent by either UA in a dialog. It SHOULD be the same + in each registration from a UA. + + In a new request created by a UAC outside of any dialog, the Call-ID + header field MUST be selected by the UAC as a globally unique + identifier over space and time unless overridden by method-specific + behavior. All SIP UAs must have a means to guarantee that the Call- + ID header fields they produce will not be inadvertently generated by + any other UA. Note that when requests are retried after certain + + + +Rosenberg, et. al. Standards Track [Page 37] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + failure responses that solicit an amendment to a request (for + example, a challenge for authentication), these retried requests are + not considered new requests, and therefore do not need new Call-ID + header fields; see Section 8.1.3.5. + + Use of cryptographically random identifiers (RFC 1750 [12]) in the + generation of Call-IDs is RECOMMENDED. Implementations MAY use the + form "localid@host". Call-IDs are case-sensitive and are simply + compared byte-by-byte. + + Using cryptographically random identifiers provides some + protection against session hijacking and reduces the likelihood of + unintentional Call-ID collisions. + + No provisioning or human interface is required for the selection of + the Call-ID header field value for a request. + + For further information on the Call-ID header field, see Section + 20.8. + + Example: + + Call-ID: f81d4fae-7dec-11d0-a765-00a0c91e6bf6@foo.bar.com + +8.1.1.5 CSeq + + The CSeq header field serves as a way to identify and order + transactions. It consists of a sequence number and a method. The + method MUST match that of the request. For non-REGISTER requests + outside of a dialog, the sequence number value is arbitrary. The + sequence number value MUST be expressible as a 32-bit unsigned + integer and MUST be less than 2**31. As long as it follows the above + guidelines, a client may use any mechanism it would like to select + CSeq header field values. + + Section 12.2.1.1 discusses construction of the CSeq for requests + within a dialog. + + Example: + + CSeq: 4711 INVITE + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 38] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.1.1.6 Max-Forwards + + The Max-Forwards header field serves to limit the number of hops a + request can transit on the way to its destination. It consists of an + integer that is decremented by one at each hop. If the Max-Forwards + value reaches 0 before the request reaches its destination, it will + be rejected with a 483(Too Many Hops) error response. + + A UAC MUST insert a Max-Forwards header field into each request it + originates with a value that SHOULD be 70. This number was chosen to + be sufficiently large to guarantee that a request would not be + dropped in any SIP network when there were no loops, but not so large + as to consume proxy resources when a loop does occur. Lower values + should be used with caution and only in networks where topologies are + known by the UA. + +8.1.1.7 Via + + The Via header field indicates the transport used for the transaction + and identifies the location where the response is to be sent. A Via + header field value is added only after the transport that will be + used to reach the next hop has been selected (which may involve the + usage of the procedures in [4]). + + When the UAC creates a request, it MUST insert a Via into that + request. The protocol name and protocol version in the header field + MUST be SIP and 2.0, respectively. The Via header field value MUST + contain a branch parameter. This parameter is used to identify the + transaction created by that request. This parameter is used by both + the client and the server. + + The branch parameter value MUST be unique across space and time for + all requests sent by the UA. The exceptions to this rule are CANCEL + and ACK for non-2xx responses. As discussed below, a CANCEL request + will have the same value of the branch parameter as the request it + cancels. As discussed in Section 17.1.1.3, an ACK for a non-2xx + response will also have the same branch ID as the INVITE whose + response it acknowledges. + + The uniqueness property of the branch ID parameter, to facilitate + its use as a transaction ID, was not part of RFC 2543. + + The branch ID inserted by an element compliant with this + specification MUST always begin with the characters "z9hG4bK". These + 7 characters are used as a magic cookie (7 is deemed sufficient to + ensure that an older RFC 2543 implementation would not pick such a + value), so that servers receiving the request can determine that the + branch ID was constructed in the fashion described by this + + + +Rosenberg, et. al. Standards Track [Page 39] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + specification (that is, globally unique). Beyond this requirement, + the precise format of the branch token is implementation-defined. + + The Via header maddr, ttl, and sent-by components will be set when + the request is processed by the transport layer (Section 18). + + Via processing for proxies is described in Section 16.6 Item 8 and + Section 16.7 Item 3. + +8.1.1.8 Contact + + The Contact header field provides a SIP or SIPS URI that can be used + to contact that specific instance of the UA for subsequent requests. + The Contact header field MUST be present and contain exactly one SIP + or SIPS URI in any request that can result in the establishment of a + dialog. For the methods defined in this specification, that includes + only the INVITE request. For these requests, the scope of the + Contact is global. That is, the Contact header field value contains + the URI at which the UA would like to receive requests, and this URI + MUST be valid even if used in subsequent requests outside of any + dialogs. + + If the Request-URI or top Route header field value contains a SIPS + URI, the Contact header field MUST contain a SIPS URI as well. + + For further information on the Contact header field, see Section + 20.10. + +8.1.1.9 Supported and Require + + If the UAC supports extensions to SIP that can be applied by the + server to the response, the UAC SHOULD include a Supported header + field in the request listing the option tags (Section 19.2) for those + extensions. + + The option tags listed MUST only refer to extensions defined in + standards-track RFCs. This is to prevent servers from insisting that + clients implement non-standard, vendor-defined features in order to + receive service. Extensions defined by experimental and + informational RFCs are explicitly excluded from usage with the + Supported header field in a request, since they too are often used to + document vendor-defined extensions. + + If the UAC wishes to insist that a UAS understand an extension that + the UAC will apply to the request in order to process the request, it + MUST insert a Require header field into the request listing the + option tag for that extension. If the UAC wishes to apply an + extension to the request and insist that any proxies that are + + + +Rosenberg, et. al. Standards Track [Page 40] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + traversed understand that extension, it MUST insert a Proxy-Require + header field into the request listing the option tag for that + extension. + + As with the Supported header field, the option tags in the Require + and Proxy-Require header fields MUST only refer to extensions defined + in standards-track RFCs. + +8.1.1.10 Additional Message Components + + After a new request has been created, and the header fields described + above have been properly constructed, any additional optional header + fields are added, as are any header fields specific to the method. + + SIP requests MAY contain a MIME-encoded message-body. Regardless of + the type of body that a request contains, certain header fields must + be formulated to characterize the contents of the body. For further + information on these header fields, see Sections 20.11 through 20.15. + +8.1.2 Sending the Request + + The destination for the request is then computed. Unless there is + local policy specifying otherwise, the destination MUST be determined + by applying the DNS procedures described in [4] as follows. If the + first element in the route set indicated a strict router (resulting + in forming the request as described in Section 12.2.1.1), the + procedures MUST be applied to the Request-URI of the request. + Otherwise, the procedures are applied to the first Route header field + value in the request (if one exists), or to the request's Request-URI + if there is no Route header field present. These procedures yield an + ordered set of address, port, and transports to attempt. Independent + of which URI is used as input to the procedures of [4], if the + Request-URI specifies a SIPS resource, the UAC MUST follow the + procedures of [4] as if the input URI were a SIPS URI. + + Local policy MAY specify an alternate set of destinations to attempt. + If the Request-URI contains a SIPS URI, any alternate destinations + MUST be contacted with TLS. Beyond that, there are no restrictions + on the alternate destinations if the request contains no Route header + field. This provides a simple alternative to a pre-existing route + set as a way to specify an outbound proxy. However, that approach + for configuring an outbound proxy is NOT RECOMMENDED; a pre-existing + route set with a single URI SHOULD be used instead. If the request + contains a Route header field, the request SHOULD be sent to the + locations derived from its topmost value, but MAY be sent to any + server that the UA is certain will honor the Route and Request-URI + policies specified in this document (as opposed to those in RFC + 2543). In particular, a UAC configured with an outbound proxy SHOULD + + + +Rosenberg, et. al. Standards Track [Page 41] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + attempt to send the request to the location indicated in the first + Route header field value instead of adopting the policy of sending + all messages to the outbound proxy. + + This ensures that outbound proxies that do not add Record-Route + header field values will drop out of the path of subsequent + requests. It allows endpoints that cannot resolve the first Route + URI to delegate that task to an outbound proxy. + + The UAC SHOULD follow the procedures defined in [4] for stateful + elements, trying each address until a server is contacted. Each try + constitutes a new transaction, and therefore each carries a different + topmost Via header field value with a new branch parameter. + Furthermore, the transport value in the Via header field is set to + whatever transport was determined for the target server. + +8.1.3 Processing Responses + + Responses are first processed by the transport layer and then passed + up to the transaction layer. The transaction layer performs its + processing and then passes the response up to the TU. The majority + of response processing in the TU is method specific. However, there + are some general behaviors independent of the method. + +8.1.3.1 Transaction Layer Errors + + In some cases, the response returned by the transaction layer will + not be a SIP message, but rather a transaction layer error. When a + timeout error is received from the transaction layer, it MUST be + treated as if a 408 (Request Timeout) status code has been received. + If a fatal transport error is reported by the transport layer + (generally, due to fatal ICMP errors in UDP or connection failures in + TCP), the condition MUST be treated as a 503 (Service Unavailable) + status code. + +8.1.3.2 Unrecognized Responses + + A UAC MUST treat any final response it does not recognize as being + equivalent to the x00 response code of that class, and MUST be able + to process the x00 response code for all classes. For example, if a + UAC receives an unrecognized response code of 431, it can safely + assume that there was something wrong with its request and treat the + response as if it had received a 400 (Bad Request) response code. A + UAC MUST treat any provisional response different than 100 that it + does not recognize as 183 (Session Progress). A UAC MUST be able to + process 100 and 183 responses. + + + + + +Rosenberg, et. al. Standards Track [Page 42] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.1.3.3 Vias + + If more than one Via header field value is present in a response, the + UAC SHOULD discard the message. + + The presence of additional Via header field values that precede + the originator of the request suggests that the message was + misrouted or possibly corrupted. + +8.1.3.4 Processing 3xx Responses + + Upon receipt of a redirection response (for example, a 301 response + status code), clients SHOULD use the URI(s) in the Contact header + field to formulate one or more new requests based on the redirected + request. This process is similar to that of a proxy recursing on a + 3xx class response as detailed in Sections 16.5 and 16.6. A client + starts with an initial target set containing exactly one URI, the + Request-URI of the original request. If a client wishes to formulate + new requests based on a 3xx class response to that request, it places + the URIs to try into the target set. Subject to the restrictions in + this specification, a client can choose which Contact URIs it places + into the target set. As with proxy recursion, a client processing + 3xx class responses MUST NOT add any given URI to the target set more + than once. If the original request had a SIPS URI in the Request- + URI, the client MAY choose to recurse to a non-SIPS URI, but SHOULD + inform the user of the redirection to an insecure URI. + + Any new request may receive 3xx responses themselves containing + the original URI as a contact. Two locations can be configured to + redirect to each other. Placing any given URI in the target set + only once prevents infinite redirection loops. + + As the target set grows, the client MAY generate new requests to the + URIs in any order. A common mechanism is to order the set by the "q" + parameter value from the Contact header field value. Requests to the + URIs MAY be generated serially or in parallel. One approach is to + process groups of decreasing q-values serially and process the URIs + in each q-value group in parallel. Another is to perform only serial + processing in decreasing q-value order, arbitrarily choosing between + contacts of equal q-value. + + If contacting an address in the list results in a failure, as defined + in the next paragraph, the element moves to the next address in the + list, until the list is exhausted. If the list is exhausted, then + the request has failed. + + + + + + +Rosenberg, et. al. Standards Track [Page 43] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Failures SHOULD be detected through failure response codes (codes + greater than 399); for network errors the client transaction will + report any transport layer failures to the transaction user. Note + that some response codes (detailed in 8.1.3.5) indicate that the + request can be retried; requests that are reattempted should not be + considered failures. + + When a failure for a particular contact address is received, the + client SHOULD try the next contact address. This will involve + creating a new client transaction to deliver a new request. + + In order to create a request based on a contact address in a 3xx + response, a UAC MUST copy the entire URI from the target set into the + Request-URI, except for the "method-param" and "header" URI + parameters (see Section 19.1.1 for a definition of these parameters). + It uses the "header" parameters to create header field values for the + new request, overwriting header field values associated with the + redirected request in accordance with the guidelines in Section + 19.1.5. + + Note that in some instances, header fields that have been + communicated in the contact address may instead append to existing + request header fields in the original redirected request. As a + general rule, if the header field can accept a comma-separated list + of values, then the new header field value MAY be appended to any + existing values in the original redirected request. If the header + field does not accept multiple values, the value in the original + redirected request MAY be overwritten by the header field value + communicated in the contact address. For example, if a contact + address is returned with the following value: + + sip:user@host?Subject=foo&Call-Info= + + Then any Subject header field in the original redirected request is + overwritten, but the HTTP URL is merely appended to any existing + Call-Info header field values. + + It is RECOMMENDED that the UAC reuse the same To, From, and Call-ID + used in the original redirected request, but the UAC MAY also choose + to update the Call-ID header field value for new requests, for + example. + + Finally, once the new request has been constructed, it is sent using + a new client transaction, and therefore MUST have a new branch ID in + the top Via field as discussed in Section 8.1.1.7. + + + + + + +Rosenberg, et. al. Standards Track [Page 44] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + In all other respects, requests sent upon receipt of a redirect + response SHOULD re-use the header fields and bodies of the original + request. + + In some instances, Contact header field values may be cached at UAC + temporarily or permanently depending on the status code received and + the presence of an expiration interval; see Sections 21.3.2 and + 21.3.3. + +8.1.3.5 Processing 4xx Responses + + Certain 4xx response codes require specific UA processing, + independent of the method. + + If a 401 (Unauthorized) or 407 (Proxy Authentication Required) + response is received, the UAC SHOULD follow the authorization + procedures of Section 22.2 and Section 22.3 to retry the request with + credentials. + + If a 413 (Request Entity Too Large) response is received (Section + 21.4.11), the request contained a body that was longer than the UAS + was willing to accept. If possible, the UAC SHOULD retry the + request, either omitting the body or using one of a smaller length. + + If a 415 (Unsupported Media Type) response is received (Section + 21.4.13), the request contained media types not supported by the UAS. + The UAC SHOULD retry sending the request, this time only using + content with types listed in the Accept header field in the response, + with encodings listed in the Accept-Encoding header field in the + response, and with languages listed in the Accept-Language in the + response. + + If a 416 (Unsupported URI Scheme) response is received (Section + 21.4.14), the Request-URI used a URI scheme not supported by the + server. The client SHOULD retry the request, this time, using a SIP + URI. + + If a 420 (Bad Extension) response is received (Section 21.4.15), the + request contained a Require or Proxy-Require header field listing an + option-tag for a feature not supported by a proxy or UAS. The UAC + SHOULD retry the request, this time omitting any extensions listed in + the Unsupported header field in the response. + + In all of the above cases, the request is retried by creating a new + request with the appropriate modifications. This new request + constitutes a new transaction and SHOULD have the same value of the + Call-ID, To, and From of the previous request, but the CSeq should + contain a new sequence number that is one higher than the previous. + + + +Rosenberg, et. al. Standards Track [Page 45] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + With other 4xx responses, including those yet to be defined, a retry + may or may not be possible depending on the method and the use case. + +8.2 UAS Behavior + + When a request outside of a dialog is processed by a UAS, there is a + set of processing rules that are followed, independent of the method. + Section 12 gives guidance on how a UAS can tell whether a request is + inside or outside of a dialog. + + Note that request processing is atomic. If a request is accepted, + all state changes associated with it MUST be performed. If it is + rejected, all state changes MUST NOT be performed. + + UASs SHOULD process the requests in the order of the steps that + follow in this section (that is, starting with authentication, then + inspecting the method, the header fields, and so on throughout the + remainder of this section). + +8.2.1 Method Inspection + + Once a request is authenticated (or authentication is skipped), the + UAS MUST inspect the method of the request. If the UAS recognizes + but does not support the method of a request, it MUST generate a 405 + (Method Not Allowed) response. Procedures for generating responses + are described in Section 8.2.6. The UAS MUST also add an Allow + header field to the 405 (Method Not Allowed) response. The Allow + header field MUST list the set of methods supported by the UAS + generating the message. The Allow header field is presented in + Section 20.5. + + If the method is one supported by the server, processing continues. + +8.2.2 Header Inspection + + If a UAS does not understand a header field in a request (that is, + the header field is not defined in this specification or in any + supported extension), the server MUST ignore that header field and + continue processing the message. A UAS SHOULD ignore any malformed + header fields that are not necessary for processing requests. + +8.2.2.1 To and Request-URI + + The To header field identifies the original recipient of the request + designated by the user identified in the From field. The original + recipient may or may not be the UAS processing the request, due to + call forwarding or other proxy operations. A UAS MAY apply any + policy it wishes to determine whether to accept requests when the To + + + +Rosenberg, et. al. Standards Track [Page 46] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + header field is not the identity of the UAS. However, it is + RECOMMENDED that a UAS accept requests even if they do not recognize + the URI scheme (for example, a tel: URI) in the To header field, or + if the To header field does not address a known or current user of + this UAS. If, on the other hand, the UAS decides to reject the + request, it SHOULD generate a response with a 403 (Forbidden) status + code and pass it to the server transaction for transmission. + + However, the Request-URI identifies the UAS that is to process the + request. If the Request-URI uses a scheme not supported by the UAS, + it SHOULD reject the request with a 416 (Unsupported URI Scheme) + response. If the Request-URI does not identify an address that the + UAS is willing to accept requests for, it SHOULD reject the request + with a 404 (Not Found) response. Typically, a UA that uses the + REGISTER method to bind its address-of-record to a specific contact + address will see requests whose Request-URI equals that contact + address. Other potential sources of received Request-URIs include + the Contact header fields of requests and responses sent by the UA + that establish or refresh dialogs. + +8.2.2.2 Merged Requests + + If the request has no tag in the To header field, the UAS core MUST + check the request against ongoing transactions. If the From tag, + Call-ID, and CSeq exactly match those associated with an ongoing + transaction, but the request does not match that transaction (based + on the matching rules in Section 17.2.3), the UAS core SHOULD + generate a 482 (Loop Detected) response and pass it to the server + transaction. + + The same request has arrived at the UAS more than once, following + different paths, most likely due to forking. The UAS processes + the first such request received and responds with a 482 (Loop + Detected) to the rest of them. + +8.2.2.3 Require + + Assuming the UAS decides that it is the proper element to process the + request, it examines the Require header field, if present. + + The Require header field is used by a UAC to tell a UAS about SIP + extensions that the UAC expects the UAS to support in order to + process the request properly. Its format is described in Section + 20.32. If a UAS does not understand an option-tag listed in a + Require header field, it MUST respond by generating a response with + status code 420 (Bad Extension). The UAS MUST add an Unsupported + header field, and list in it those options it does not understand + amongst those in the Require header field of the request. + + + +Rosenberg, et. al. Standards Track [Page 47] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Note that Require and Proxy-Require MUST NOT be used in a SIP CANCEL + request, or in an ACK request sent for a non-2xx response. These + header fields MUST be ignored if they are present in these requests. + + An ACK request for a 2xx response MUST contain only those Require and + Proxy-Require values that were present in the initial request. + + Example: + + UAC->UAS: INVITE sip:watson@bell-telephone.com SIP/2.0 + Require: 100rel + + UAS->UAC: SIP/2.0 420 Bad Extension + Unsupported: 100rel + + This behavior ensures that the client-server interaction will + proceed without delay when all options are understood by both + sides, and only slow down if options are not understood (as in the + example above). For a well-matched client-server pair, the + interaction proceeds quickly, saving a round-trip often required + by negotiation mechanisms. In addition, it also removes ambiguity + when the client requires features that the server does not + understand. Some features, such as call handling fields, are only + of interest to end systems. + +8.2.3 Content Processing + + Assuming the UAS understands any extensions required by the client, + the UAS examines the body of the message, and the header fields that + describe it. If there are any bodies whose type (indicated by the + Content-Type), language (indicated by the Content-Language) or + encoding (indicated by the Content-Encoding) are not understood, and + that body part is not optional (as indicated by the Content- + Disposition header field), the UAS MUST reject the request with a 415 + (Unsupported Media Type) response. The response MUST contain an + Accept header field listing the types of all bodies it understands, + in the event the request contained bodies of types not supported by + the UAS. If the request contained content encodings not understood + by the UAS, the response MUST contain an Accept-Encoding header field + listing the encodings understood by the UAS. If the request + contained content with languages not understood by the UAS, the + response MUST contain an Accept-Language header field indicating the + languages understood by the UAS. Beyond these checks, body handling + depends on the method and type. For further information on the + processing of content-specific header fields, see Section 7.4 as well + as Section 20.11 through 20.15. + + + + + +Rosenberg, et. al. Standards Track [Page 48] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +8.2.4 Applying Extensions + + A UAS that wishes to apply some extension when generating the + response MUST NOT do so unless support for that extension is + indicated in the Supported header field in the request. If the + desired extension is not supported, the server SHOULD rely only on + baseline SIP and any other extensions supported by the client. In + rare circumstances, where the server cannot process the request + without the extension, the server MAY send a 421 (Extension Required) + response. This response indicates that the proper response cannot be + generated without support of a specific extension. The needed + extension(s) MUST be included in a Require header field in the + response. This behavior is NOT RECOMMENDED, as it will generally + break interoperability. + + Any extensions applied to a non-421 response MUST be listed in a + Require header field included in the response. Of course, the server + MUST NOT apply extensions not listed in the Supported header field in + the request. As a result of this, the Require header field in a + response will only ever contain option tags defined in standards- + track RFCs. + +8.2.5 Processing the Request + + Assuming all of the checks in the previous subsections are passed, + the UAS processing becomes method-specific. Section 10 covers the + REGISTER request, Section 11 covers the OPTIONS request, Section 13 + covers the INVITE request, and Section 15 covers the BYE request. + +8.2.6 Generating the Response + + When a UAS wishes to construct a response to a request, it follows + the general procedures detailed in the following subsections. + Additional behaviors specific to the response code in question, which + are not detailed in this section, may also be required. + + Once all procedures associated with the creation of a response have + been completed, the UAS hands the response back to the server + transaction from which it received the request. + +8.2.6.1 Sending a Provisional Response + + One largely non-method-specific guideline for the generation of + responses is that UASs SHOULD NOT issue a provisional response for a + non-INVITE request. Rather, UASs SHOULD generate a final response to + a non-INVITE request as soon as possible. + + + + + +Rosenberg, et. al. Standards Track [Page 49] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + When a 100 (Trying) response is generated, any Timestamp header field + present in the request MUST be copied into this 100 (Trying) + response. If there is a delay in generating the response, the UAS + SHOULD add a delay value into the Timestamp value in the response. + This value MUST contain the difference between the time of sending of + the response and receipt of the request, measured in seconds. + +8.2.6.2 Headers and Tags + + The From field of the response MUST equal the From header field of + the request. The Call-ID header field of the response MUST equal the + Call-ID header field of the request. The CSeq header field of the + response MUST equal the CSeq field of the request. The Via header + field values in the response MUST equal the Via header field values + in the request and MUST maintain the same ordering. + + If a request contained a To tag in the request, the To header field + in the response MUST equal that of the request. However, if the To + header field in the request did not contain a tag, the URI in the To + header field in the response MUST equal the URI in the To header + field; additionally, the UAS MUST add a tag to the To header field in + the response (with the exception of the 100 (Trying) response, in + which a tag MAY be present). This serves to identify the UAS that is + responding, possibly resulting in a component of a dialog ID. The + same tag MUST be used for all responses to that request, both final + and provisional (again excepting the 100 (Trying)). Procedures for + the generation of tags are defined in Section 19.3. + +8.2.7 Stateless UAS Behavior + + A stateless UAS is a UAS that does not maintain transaction state. + It replies to requests normally, but discards any state that would + ordinarily be retained by a UAS after a response has been sent. If a + stateless UAS receives a retransmission of a request, it regenerates + the response and resends it, just as if it were replying to the first + instance of the request. A UAS cannot be stateless unless the request + processing for that method would always result in the same response + if the requests are identical. This rules out stateless registrars, + for example. Stateless UASs do not use a transaction layer; they + receive requests directly from the transport layer and send responses + directly to the transport layer. + + The stateless UAS role is needed primarily to handle unauthenticated + requests for which a challenge response is issued. If + unauthenticated requests were handled statefully, then malicious + floods of unauthenticated requests could create massive amounts of + + + + + +Rosenberg, et. al. Standards Track [Page 50] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + transaction state that might slow or completely halt call processing + in a UAS, effectively creating a denial of service condition; for + more information see Section 26.1.5. + + The most important behaviors of a stateless UAS are the following: + + o A stateless UAS MUST NOT send provisional (1xx) responses. + + o A stateless UAS MUST NOT retransmit responses. + + o A stateless UAS MUST ignore ACK requests. + + o A stateless UAS MUST ignore CANCEL requests. + + o To header tags MUST be generated for responses in a stateless + manner - in a manner that will generate the same tag for the + same request consistently. For information on tag construction + see Section 19.3. + + In all other respects, a stateless UAS behaves in the same manner as + a stateful UAS. A UAS can operate in either a stateful or stateless + mode for each new request. + +8.3 Redirect Servers + + In some architectures it may be desirable to reduce the processing + load on proxy servers that are responsible for routing requests, and + improve signaling path robustness, by relying on redirection. + + Redirection allows servers to push routing information for a request + back in a response to the client, thereby taking themselves out of + the loop of further messaging for this transaction while still aiding + in locating the target of the request. When the originator of the + request receives the redirection, it will send a new request based on + the URI(s) it has received. By propagating URIs from the core of the + network to its edges, redirection allows for considerable network + scalability. + + A redirect server is logically constituted of a server transaction + layer and a transaction user that has access to a location service of + some kind (see Section 10 for more on registrars and location + services). This location service is effectively a database + containing mappings between a single URI and a set of one or more + alternative locations at which the target of that URI can be found. + + A redirect server does not issue any SIP requests of its own. After + receiving a request other than CANCEL, the server either refuses the + request or gathers the list of alternative locations from the + + + +Rosenberg, et. al. Standards Track [Page 51] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + location service and returns a final response of class 3xx. For + well-formed CANCEL requests, it SHOULD return a 2xx response. This + response ends the SIP transaction. The redirect server maintains + transaction state for an entire SIP transaction. It is the + responsibility of clients to detect forwarding loops between redirect + servers. + + When a redirect server returns a 3xx response to a request, it + populates the list of (one or more) alternative locations into the + Contact header field. An "expires" parameter to the Contact header + field values may also be supplied to indicate the lifetime of the + Contact data. + + The Contact header field contains URIs giving the new locations or + user names to try, or may simply specify additional transport + parameters. A 301 (Moved Permanently) or 302 (Moved Temporarily) + response may also give the same location and username that was + targeted by the initial request but specify additional transport + parameters such as a different server or multicast address to try, or + a change of SIP transport from UDP to TCP or vice versa. + + However, redirect servers MUST NOT redirect a request to a URI equal + to the one in the Request-URI; instead, provided that the URI does + not point to itself, the server MAY proxy the request to the + destination URI, or MAY reject it with a 404. + + If a client is using an outbound proxy, and that proxy actually + redirects requests, a potential arises for infinite redirection + loops. + + Note that a Contact header field value MAY also refer to a different + resource than the one originally called. For example, a SIP call + connected to PSTN gateway may need to deliver a special informational + announcement such as "The number you have dialed has been changed." + + A Contact response header field can contain any suitable URI + indicating where the called party can be reached, not limited to SIP + URIs. For example, it could contain URIs for phones, fax, or irc (if + they were defined) or a mailto: (RFC 2368 [32]) URL. Section 26.4.4 + discusses implications and limitations of redirecting a SIPS URI to a + non-SIPS URI. + + The "expires" parameter of a Contact header field value indicates how + long the URI is valid. The value of the parameter is a number + indicating seconds. If this parameter is not provided, the value of + the Expires header field determines how long the URI is valid. + Malformed values SHOULD be treated as equivalent to 3600. + + + + +Rosenberg, et. al. Standards Track [Page 52] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + This provides a modest level of backwards compatibility with RFC + 2543, which allowed absolute times in this header field. If an + absolute time is received, it will be treated as malformed, and + then default to 3600. + + Redirect servers MUST ignore features that are not understood + (including unrecognized header fields, any unknown option tags in + Require, or even method names) and proceed with the redirection of + the request in question. + +9 Canceling a Request + + The previous section has discussed general UA behavior for generating + requests and processing responses for requests of all methods. In + this section, we discuss a general purpose method, called CANCEL. + + The CANCEL request, as the name implies, is used to cancel a previous + request sent by a client. Specifically, it asks the UAS to cease + processing the request and to generate an error response to that + request. CANCEL has no effect on a request to which a UAS has + already given a final response. Because of this, it is most useful + to CANCEL requests to which it can take a server long time to + respond. For this reason, CANCEL is best for INVITE requests, which + can take a long time to generate a response. In that usage, a UAS + that receives a CANCEL request for an INVITE, but has not yet sent a + final response, would "stop ringing", and then respond to the INVITE + with a specific error response (a 487). + + CANCEL requests can be constructed and sent by both proxies and user + agent clients. Section 15 discusses under what conditions a UAC + would CANCEL an INVITE request, and Section 16.10 discusses proxy + usage of CANCEL. + + A stateful proxy responds to a CANCEL, rather than simply forwarding + a response it would receive from a downstream element. For that + reason, CANCEL is referred to as a "hop-by-hop" request, since it is + responded to at each stateful proxy hop. + +9.1 Client Behavior + + A CANCEL request SHOULD NOT be sent to cancel a request other than + INVITE. + + Since requests other than INVITE are responded to immediately, + sending a CANCEL for a non-INVITE request would always create a + race condition. + + + + + +Rosenberg, et. al. Standards Track [Page 53] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The following procedures are used to construct a CANCEL request. The + Request-URI, Call-ID, To, the numeric part of CSeq, and From header + fields in the CANCEL request MUST be identical to those in the + request being cancelled, including tags. A CANCEL constructed by a + client MUST have only a single Via header field value matching the + top Via value in the request being cancelled. Using the same values + for these header fields allows the CANCEL to be matched with the + request it cancels (Section 9.2 indicates how such matching occurs). + However, the method part of the CSeq header field MUST have a value + of CANCEL. This allows it to be identified and processed as a + transaction in its own right (See Section 17). + + If the request being cancelled contains a Route header field, the + CANCEL request MUST include that Route header field's values. + + This is needed so that stateless proxies are able to route CANCEL + requests properly. + + The CANCEL request MUST NOT contain any Require or Proxy-Require + header fields. + + Once the CANCEL is constructed, the client SHOULD check whether it + has received any response (provisional or final) for the request + being cancelled (herein referred to as the "original request"). + + If no provisional response has been received, the CANCEL request MUST + NOT be sent; rather, the client MUST wait for the arrival of a + provisional response before sending the request. If the original + request has generated a final response, the CANCEL SHOULD NOT be + sent, as it is an effective no-op, since CANCEL has no effect on + requests that have already generated a final response. When the + client decides to send the CANCEL, it creates a client transaction + for the CANCEL and passes it the CANCEL request along with the + destination address, port, and transport. The destination address, + port, and transport for the CANCEL MUST be identical to those used to + send the original request. + + If it was allowed to send the CANCEL before receiving a response + for the previous request, the server could receive the CANCEL + before the original request. + + Note that both the transaction corresponding to the original request + and the CANCEL transaction will complete independently. However, a + UAC canceling a request cannot rely on receiving a 487 (Request + Terminated) response for the original request, as an RFC 2543- + compliant UAS will not generate such a response. If there is no + final response for the original request in 64*T1 seconds (T1 is + + + + +Rosenberg, et. al. Standards Track [Page 54] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + defined in Section 17.1.1.1), the client SHOULD then consider the + original transaction cancelled and SHOULD destroy the client + transaction handling the original request. + +9.2 Server Behavior + + The CANCEL method requests that the TU at the server side cancel a + pending transaction. The TU determines the transaction to be + cancelled by taking the CANCEL request, and then assuming that the + request method is anything but CANCEL or ACK and applying the + transaction matching procedures of Section 17.2.3. The matching + transaction is the one to be cancelled. + + The processing of a CANCEL request at a server depends on the type of + server. A stateless proxy will forward it, a stateful proxy might + respond to it and generate some CANCEL requests of its own, and a UAS + will respond to it. See Section 16.10 for proxy treatment of CANCEL. + + A UAS first processes the CANCEL request according to the general UAS + processing described in Section 8.2. However, since CANCEL requests + are hop-by-hop and cannot be resubmitted, they cannot be challenged + by the server in order to get proper credentials in an Authorization + header field. Note also that CANCEL requests do not contain a + Require header field. + + If the UAS did not find a matching transaction for the CANCEL + according to the procedure above, it SHOULD respond to the CANCEL + with a 481 (Call Leg/Transaction Does Not Exist). If the transaction + for the original request still exists, the behavior of the UAS on + receiving a CANCEL request depends on whether it has already sent a + final response for the original request. If it has, the CANCEL + request has no effect on the processing of the original request, no + effect on any session state, and no effect on the responses generated + for the original request. If the UAS has not issued a final response + for the original request, its behavior depends on the method of the + original request. If the original request was an INVITE, the UAS + SHOULD immediately respond to the INVITE with a 487 (Request + Terminated). A CANCEL request has no impact on the processing of + transactions with any other method defined in this specification. + + Regardless of the method of the original request, as long as the + CANCEL matched an existing transaction, the UAS answers the CANCEL + request itself with a 200 (OK) response. This response is + constructed following the procedures described in Section 8.2.6 + noting that the To tag of the response to the CANCEL and the To tag + in the response to the original request SHOULD be the same. The + response to CANCEL is passed to the server transaction for + transmission. + + + +Rosenberg, et. al. Standards Track [Page 55] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +10 Registrations + +10.1 Overview + + SIP offers a discovery capability. If a user wants to initiate a + session with another user, SIP must discover the current host(s) at + which the destination user is reachable. This discovery process is + frequently accomplished by SIP network elements such as proxy servers + and redirect servers which are responsible for receiving a request, + determining where to send it based on knowledge of the location of + the user, and then sending it there. To do this, SIP network + elements consult an abstract service known as a location service, + which provides address bindings for a particular domain. These + address bindings map an incoming SIP or SIPS URI, sip:bob@biloxi.com, + for example, to one or more URIs that are somehow "closer" to the + desired user, sip:bob@engineering.biloxi.com, for example. + Ultimately, a proxy will consult a location service that maps a + received URI to the user agent(s) at which the desired recipient is + currently residing. + + Registration creates bindings in a location service for a particular + domain that associates an address-of-record URI with one or more + contact addresses. Thus, when a proxy for that domain receives a + request whose Request-URI matches the address-of-record, the proxy + will forward the request to the contact addresses registered to that + address-of-record. Generally, it only makes sense to register an + address-of-record at a domain's location service when requests for + that address-of-record would be routed to that domain. In most + cases, this means that the domain of the registration will need to + match the domain in the URI of the address-of-record. + + There are many ways by which the contents of the location service can + be established. One way is administratively. In the above example, + Bob is known to be a member of the engineering department through + access to a corporate database. However, SIP provides a mechanism + for a UA to create a binding explicitly. This mechanism is known as + registration. + + Registration entails sending a REGISTER request to a special type of + UAS known as a registrar. A registrar acts as the front end to the + location service for a domain, reading and writing mappings based on + the contents of REGISTER requests. This location service is then + typically consulted by a proxy server that is responsible for routing + requests for that domain. + + An illustration of the overall registration process is given in + Figure 2. Note that the registrar and proxy server are logical roles + that can be played by a single device in a network; for purposes of + + + +Rosenberg, et. al. Standards Track [Page 56] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + clarity the two are separated in this illustration. Also note that + UAs may send requests through a proxy server in order to reach a + registrar if the two are separate elements. + + SIP does not mandate a particular mechanism for implementing the + location service. The only requirement is that a registrar for some + domain MUST be able to read and write data to the location service, + and a proxy or a redirect server for that domain MUST be capable of + reading that same data. A registrar MAY be co-located with a + particular SIP proxy server for the same domain. + +10.2 Constructing the REGISTER Request + + REGISTER requests add, remove, and query bindings. A REGISTER + request can add a new binding between an address-of-record and one or + more contact addresses. Registration on behalf of a particular + address-of-record can be performed by a suitably authorized third + party. A client can also remove previous bindings or query to + determine which bindings are currently in place for an address-of- + record. + + Except as noted, the construction of the REGISTER request and the + behavior of clients sending a REGISTER request is identical to the + general UAC behavior described in Section 8.1 and Section 17.1. + + A REGISTER request does not establish a dialog. A UAC MAY include a + Route header field in a REGISTER request based on a pre-existing + route set as described in Section 8.1. The Record-Route header field + has no meaning in REGISTER requests or responses, and MUST be ignored + if present. In particular, the UAC MUST NOT create a new route set + based on the presence or absence of a Record-Route header field in + any response to a REGISTER request. + + The following header fields, except Contact, MUST be included in a + REGISTER request. A Contact header field MAY be included: + + Request-URI: The Request-URI names the domain of the location + service for which the registration is meant (for example, + "sip:chicago.com"). The "userinfo" and "@" components of the + SIP URI MUST NOT be present. + + To: The To header field contains the address of record whose + registration is to be created, queried, or modified. The To + header field and the Request-URI field typically differ, as + the former contains a user name. This address-of-record MUST + be a SIP URI or SIPS URI. + + + + + +Rosenberg, et. al. Standards Track [Page 57] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + From: The From header field contains the address-of-record of the + person responsible for the registration. The value is the + same as the To header field unless the request is a third- + party registration. + + Call-ID: All registrations from a UAC SHOULD use the same Call-ID + header field value for registrations sent to a particular + registrar. + + If the same client were to use different Call-ID values, a + registrar could not detect whether a delayed REGISTER request + might have arrived out of order. + + CSeq: The CSeq value guarantees proper ordering of REGISTER + requests. A UA MUST increment the CSeq value by one for each + REGISTER request with the same Call-ID. + + Contact: REGISTER requests MAY contain a Contact header field with + zero or more values containing address bindings. + + UAs MUST NOT send a new registration (that is, containing new Contact + header field values, as opposed to a retransmission) until they have + received a final response from the registrar for the previous one or + the previous REGISTER request has timed out. + + + + + + + + + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 58] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + bob + +----+ + | UA | + | | + +----+ + | + |3)INVITE + | carol@chicago.com + chicago.com +--------+ V + +---------+ 2)Store|Location|4)Query +-----+ + |Registrar|=======>| Service|<=======|Proxy|sip.chicago.com + +---------+ +--------+=======>+-----+ + A 5)Resp | + | | + | | + 1)REGISTER| | + | | + +----+ | + | UA |<-------------------------------+ + cube2214a| | 6)INVITE + +----+ carol@cube2214a.chicago.com + carol + + Figure 2: REGISTER example + + The following Contact header parameters have a special meaning in + REGISTER requests: + + action: The "action" parameter from RFC 2543 has been deprecated. + UACs SHOULD NOT use the "action" parameter. + + expires: The "expires" parameter indicates how long the UA would + like the binding to be valid. The value is a number + indicating seconds. If this parameter is not provided, the + value of the Expires header field is used instead. + Implementations MAY treat values larger than 2**32-1 + (4294967295 seconds or 136 years) as equivalent to 2**32-1. + Malformed values SHOULD be treated as equivalent to 3600. + +10.2.1 Adding Bindings + + The REGISTER request sent to a registrar includes the contact + address(es) to which SIP requests for the address-of-record should be + forwarded. The address-of-record is included in the To header field + of the REGISTER request. + + + + + + +Rosenberg, et. al. Standards Track [Page 59] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The Contact header field values of the request typically consist of + SIP or SIPS URIs that identify particular SIP endpoints (for example, + "sip:carol@cube2214a.chicago.com"), but they MAY use any URI scheme. + A SIP UA can choose to register telephone numbers (with the tel URL, + RFC 2806 [9]) or email addresses (with a mailto URL, RFC 2368 [32]) + as Contacts for an address-of-record, for example. + + For example, Carol, with address-of-record "sip:carol@chicago.com", + would register with the SIP registrar of the domain chicago.com. Her + registrations would then be used by a proxy server in the chicago.com + domain to route requests for Carol's address-of-record to her SIP + endpoint. + + Once a client has established bindings at a registrar, it MAY send + subsequent registrations containing new bindings or modifications to + existing bindings as necessary. The 2xx response to the REGISTER + request will contain, in a Contact header field, a complete list of + bindings that have been registered for this address-of-record at this + registrar. + + If the address-of-record in the To header field of a REGISTER request + is a SIPS URI, then any Contact header field values in the request + SHOULD also be SIPS URIs. Clients should only register non-SIPS URIs + under a SIPS address-of-record when the security of the resource + represented by the contact address is guaranteed by other means. + This may be applicable to URIs that invoke protocols other than SIP, + or SIP devices secured by protocols other than TLS. + + Registrations do not need to update all bindings. Typically, a UA + only updates its own contact addresses. + +10.2.1.1 Setting the Expiration Interval of Contact Addresses + + When a client sends a REGISTER request, it MAY suggest an expiration + interval that indicates how long the client would like the + registration to be valid. (As described in Section 10.3, the + registrar selects the actual time interval based on its local + policy.) + + There are two ways in which a client can suggest an expiration + interval for a binding: through an Expires header field or an + "expires" Contact header parameter. The latter allows expiration + intervals to be suggested on a per-binding basis when more than one + binding is given in a single REGISTER request, whereas the former + suggests an expiration interval for all Contact header field values + that do not contain the "expires" parameter. + + + + + +Rosenberg, et. al. Standards Track [Page 60] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If neither mechanism for expressing a suggested expiration time is + present in a REGISTER, the client is indicating its desire for the + server to choose. + +10.2.1.2 Preferences among Contact Addresses + + If more than one Contact is sent in a REGISTER request, the + registering UA intends to associate all of the URIs in these Contact + header field values with the address-of-record present in the To + field. This list can be prioritized with the "q" parameter in the + Contact header field. The "q" parameter indicates a relative + preference for the particular Contact header field value compared to + other bindings for this address-of-record. Section 16.6 describes + how a proxy server uses this preference indication. + +10.2.2 Removing Bindings + + Registrations are soft state and expire unless refreshed, but can + also be explicitly removed. A client can attempt to influence the + expiration interval selected by the registrar as described in Section + 10.2.1. A UA requests the immediate removal of a binding by + specifying an expiration interval of "0" for that contact address in + a REGISTER request. UAs SHOULD support this mechanism so that + bindings can be removed before their expiration interval has passed. + + The REGISTER-specific Contact header field value of "*" applies to + all registrations, but it MUST NOT be used unless the Expires header + field is present with a value of "0". + + Use of the "*" Contact header field value allows a registering UA + to remove all bindings associated with an address-of-record + without knowing their precise values. + +10.2.3 Fetching Bindings + + A success response to any REGISTER request contains the complete list + of existing bindings, regardless of whether the request contained a + Contact header field. If no Contact header field is present in a + REGISTER request, the list of bindings is left unchanged. + +10.2.4 Refreshing Bindings + + Each UA is responsible for refreshing the bindings that it has + previously established. A UA SHOULD NOT refresh bindings set up by + other UAs. + + + + + + +Rosenberg, et. al. Standards Track [Page 61] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The 200 (OK) response from the registrar contains a list of Contact + fields enumerating all current bindings. The UA compares each + contact address to see if it created the contact address, using + comparison rules in Section 19.1.4. If so, it updates the expiration + time interval according to the expires parameter or, if absent, the + Expires field value. The UA then issues a REGISTER request for each + of its bindings before the expiration interval has elapsed. It MAY + combine several updates into one REGISTER request. + + A UA SHOULD use the same Call-ID for all registrations during a + single boot cycle. Registration refreshes SHOULD be sent to the same + network address as the original registration, unless redirected. + +10.2.5 Setting the Internal Clock + + If the response for a REGISTER request contains a Date header field, + the client MAY use this header field to learn the current time in + order to set any internal clocks. + +10.2.6 Discovering a Registrar + + UAs can use three ways to determine the address to which to send + registrations: by configuration, using the address-of-record, and + multicast. A UA can be configured, in ways beyond the scope of this + specification, with a registrar address. If there is no configured + registrar address, the UA SHOULD use the host part of the address- + of-record as the Request-URI and address the request there, using the + normal SIP server location mechanisms [4]. For example, the UA for + the user "sip:carol@chicago.com" addresses the REGISTER request to + "sip:chicago.com". + + Finally, a UA can be configured to use multicast. Multicast + registrations are addressed to the well-known "all SIP servers" + multicast address "sip.mcast.net" (224.0.1.75 for IPv4). No well- + known IPv6 multicast address has been allocated; such an allocation + will be documented separately when needed. SIP UAs MAY listen to + that address and use it to become aware of the location of other + local users (see [33]); however, they do not respond to the request. + + Multicast registration may be inappropriate in some environments, + for example, if multiple businesses share the same local area + network. + +10.2.7 Transmitting a Request + + Once the REGISTER method has been constructed, and the destination of + the message identified, UACs follow the procedures described in + Section 8.1.2 to hand off the REGISTER to the transaction layer. + + + +Rosenberg, et. al. Standards Track [Page 62] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If the transaction layer returns a timeout error because the REGISTER + yielded no response, the UAC SHOULD NOT immediately re-attempt a + registration to the same registrar. + + An immediate re-attempt is likely to also timeout. Waiting some + reasonable time interval for the conditions causing the timeout to + be corrected reduces unnecessary load on the network. No specific + interval is mandated. + +10.2.8 Error Responses + + If a UA receives a 423 (Interval Too Brief) response, it MAY retry + the registration after making the expiration interval of all contact + addresses in the REGISTER request equal to or greater than the + expiration interval within the Min-Expires header field of the 423 + (Interval Too Brief) response. + +10.3 Processing REGISTER Requests + + A registrar is a UAS that responds to REGISTER requests and maintains + a list of bindings that are accessible to proxy servers and redirect + servers within its administrative domain. A registrar handles + requests according to Section 8.2 and Section 17.2, but it accepts + only REGISTER requests. A registrar MUST not generate 6xx responses. + + A registrar MAY redirect REGISTER requests as appropriate. One + common usage would be for a registrar listening on a multicast + interface to redirect multicast REGISTER requests to its own unicast + interface with a 302 (Moved Temporarily) response. + + Registrars MUST ignore the Record-Route header field if it is + included in a REGISTER request. Registrars MUST NOT include a + Record-Route header field in any response to a REGISTER request. + + A registrar might receive a request that traversed a proxy which + treats REGISTER as an unknown request and which added a Record- + Route header field value. + + A registrar has to know (for example, through configuration) the set + of domain(s) for which it maintains bindings. REGISTER requests MUST + be processed by a registrar in the order that they are received. + REGISTER requests MUST also be processed atomically, meaning that a + particular REGISTER request is either processed completely or not at + all. Each REGISTER message MUST be processed independently of any + other registration or binding changes. + + + + + + +Rosenberg, et. al. Standards Track [Page 63] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + When receiving a REGISTER request, a registrar follows these steps: + + 1. The registrar inspects the Request-URI to determine whether it + has access to bindings for the domain identified in the + Request-URI. If not, and if the server also acts as a proxy + server, the server SHOULD forward the request to the addressed + domain, following the general behavior for proxying messages + described in Section 16. + + 2. To guarantee that the registrar supports any necessary + extensions, the registrar MUST process the Require header field + values as described for UASs in Section 8.2.2. + + 3. A registrar SHOULD authenticate the UAC. Mechanisms for the + authentication of SIP user agents are described in Section 22. + Registration behavior in no way overrides the generic + authentication framework for SIP. If no authentication + mechanism is available, the registrar MAY take the From address + as the asserted identity of the originator of the request. + + 4. The registrar SHOULD determine if the authenticated user is + authorized to modify registrations for this address-of-record. + For example, a registrar might consult an authorization + database that maps user names to a list of addresses-of-record + for which that user has authorization to modify bindings. If + the authenticated user is not authorized to modify bindings, + the registrar MUST return a 403 (Forbidden) and skip the + remaining steps. + + In architectures that support third-party registration, one + entity may be responsible for updating the registrations + associated with multiple addresses-of-record. + + 5. The registrar extracts the address-of-record from the To header + field of the request. If the address-of-record is not valid + for the domain in the Request-URI, the registrar MUST send a + 404 (Not Found) response and skip the remaining steps. The URI + MUST then be converted to a canonical form. To do that, all + URI parameters MUST be removed (including the user-param), and + any escaped characters MUST be converted to their unescaped + form. The result serves as an index into the list of bindings. + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 64] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 6. The registrar checks whether the request contains the Contact + header field. If not, it skips to the last step. If the + Contact header field is present, the registrar checks if there + is one Contact field value that contains the special value "*" + and an Expires field. If the request has additional Contact + fields or an expiration time other than zero, the request is + invalid, and the server MUST return a 400 (Invalid Request) and + skip the remaining steps. If not, the registrar checks whether + the Call-ID agrees with the value stored for each binding. If + not, it MUST remove the binding. If it does agree, it MUST + remove the binding only if the CSeq in the request is higher + than the value stored for that binding. Otherwise, the update + MUST be aborted and the request fails. + + 7. The registrar now processes each contact address in the Contact + header field in turn. For each address, it determines the + expiration interval as follows: + + - If the field value has an "expires" parameter, that value + MUST be taken as the requested expiration. + + - If there is no such parameter, but the request has an + Expires header field, that value MUST be taken as the + requested expiration. + + - If there is neither, a locally-configured default value MUST + be taken as the requested expiration. + + The registrar MAY choose an expiration less than the requested + expiration interval. If and only if the requested expiration + interval is greater than zero AND smaller than one hour AND + less than a registrar-configured minimum, the registrar MAY + reject the registration with a response of 423 (Interval Too + Brief). This response MUST contain a Min-Expires header field + that states the minimum expiration interval the registrar is + willing to honor. It then skips the remaining steps. + + Allowing the registrar to set the registration interval + protects it against excessively frequent registration refreshes + while limiting the state that it needs to maintain and + decreasing the likelihood of registrations going stale. The + expiration interval of a registration is frequently used in the + creation of services. An example is a follow-me service, where + the user may only be available at a terminal for a brief + period. Therefore, registrars should accept brief + registrations; a request should only be rejected if the + interval is so short that the refreshes would degrade registrar + performance. + + + +Rosenberg, et. al. Standards Track [Page 65] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + For each address, the registrar then searches the list of + current bindings using the URI comparison rules. If the + binding does not exist, it is tentatively added. If the + binding does exist, the registrar checks the Call-ID value. If + the Call-ID value in the existing binding differs from the + Call-ID value in the request, the binding MUST be removed if + the expiration time is zero and updated otherwise. If they are + the same, the registrar compares the CSeq value. If the value + is higher than that of the existing binding, it MUST update or + remove the binding as above. If not, the update MUST be + aborted and the request fails. + + This algorithm ensures that out-of-order requests from the same + UA are ignored. + + Each binding record records the Call-ID and CSeq values from + the request. + + The binding updates MUST be committed (that is, made visible to + the proxy or redirect server) if and only if all binding + updates and additions succeed. If any one of them fails (for + example, because the back-end database commit failed), the + request MUST fail with a 500 (Server Error) response and all + tentative binding updates MUST be removed. + + 8. The registrar returns a 200 (OK) response. The response MUST + contain Contact header field values enumerating all current + bindings. Each Contact value MUST feature an "expires" + parameter indicating its expiration interval chosen by the + registrar. The response SHOULD include a Date header field. + +11 Querying for Capabilities + + The SIP method OPTIONS allows a UA to query another UA or a proxy + server as to its capabilities. This allows a client to discover + information about the supported methods, content types, extensions, + codecs, etc. without "ringing" the other party. For example, before + a client inserts a Require header field into an INVITE listing an + option that it is not certain the destination UAS supports, the + client can query the destination UAS with an OPTIONS to see if this + option is returned in a Supported header field. All UAs MUST support + the OPTIONS method. + + The target of the OPTIONS request is identified by the Request-URI, + which could identify another UA or a SIP server. If the OPTIONS is + addressed to a proxy server, the Request-URI is set without a user + part, similar to the way a Request-URI is set for a REGISTER request. + + + + +Rosenberg, et. al. Standards Track [Page 66] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Alternatively, a server receiving an OPTIONS request with a Max- + Forwards header field value of 0 MAY respond to the request + regardless of the Request-URI. + + This behavior is common with HTTP/1.1. This behavior can be used + as a "traceroute" functionality to check the capabilities of + individual hop servers by sending a series of OPTIONS requests + with incremented Max-Forwards values. + + As is the case for general UA behavior, the transaction layer can + return a timeout error if the OPTIONS yields no response. This may + indicate that the target is unreachable and hence unavailable. + + An OPTIONS request MAY be sent as part of an established dialog to + query the peer on capabilities that may be utilized later in the + dialog. + +11.1 Construction of OPTIONS Request + + An OPTIONS request is constructed using the standard rules for a SIP + request as discussed in Section 8.1.1. + + A Contact header field MAY be present in an OPTIONS. + + An Accept header field SHOULD be included to indicate the type of + message body the UAC wishes to receive in the response. Typically, + this is set to a format that is used to describe the media + capabilities of a UA, such as SDP (application/sdp). + + The response to an OPTIONS request is assumed to be scoped to the + Request-URI in the original request. However, only when an OPTIONS + is sent as part of an established dialog is it guaranteed that future + requests will be received by the server that generated the OPTIONS + response. + + Example OPTIONS request: + + OPTIONS sip:carol@chicago.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKhjhs8ass877 + Max-Forwards: 70 + To: + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 63104 OPTIONS + Contact: + Accept: application/sdp + Content-Length: 0 + + + + +Rosenberg, et. al. Standards Track [Page 67] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +11.2 Processing of OPTIONS Request + + The response to an OPTIONS is constructed using the standard rules + for a SIP response as discussed in Section 8.2.6. The response code + chosen MUST be the same that would have been chosen had the request + been an INVITE. That is, a 200 (OK) would be returned if the UAS is + ready to accept a call, a 486 (Busy Here) would be returned if the + UAS is busy, etc. This allows an OPTIONS request to be used to + determine the basic state of a UAS, which can be an indication of + whether the UAS will accept an INVITE request. + + An OPTIONS request received within a dialog generates a 200 (OK) + response that is identical to one constructed outside a dialog and + does not have any impact on the dialog. + + This use of OPTIONS has limitations due to the differences in proxy + handling of OPTIONS and INVITE requests. While a forked INVITE can + result in multiple 200 (OK) responses being returned, a forked + OPTIONS will only result in a single 200 (OK) response, since it is + treated by proxies using the non-INVITE handling. See Section 16.7 + for the normative details. + + If the response to an OPTIONS is generated by a proxy server, the + proxy returns a 200 (OK), listing the capabilities of the server. + The response does not contain a message body. + + Allow, Accept, Accept-Encoding, Accept-Language, and Supported header + fields SHOULD be present in a 200 (OK) response to an OPTIONS + request. If the response is generated by a proxy, the Allow header + field SHOULD be omitted as it is ambiguous since a proxy is method + agnostic. Contact header fields MAY be present in a 200 (OK) + response and have the same semantics as in a 3xx response. That is, + they may list a set of alternative names and methods of reaching the + user. A Warning header field MAY be present. + + A message body MAY be sent, the type of which is determined by the + Accept header field in the OPTIONS request (application/sdp is the + default if the Accept header field is not present). If the types + include one that can describe media capabilities, the UAS SHOULD + include a body in the response for that purpose. Details on the + construction of such a body in the case of application/sdp are + described in [13]. + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 68] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example OPTIONS response generated by a UAS (corresponding to the + request in Section 11.1): + + SIP/2.0 200 OK + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKhjhs8ass877 + ;received=192.0.2.4 + To: ;tag=93810874 + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 63104 OPTIONS + Contact: + Contact: + Allow: INVITE, ACK, CANCEL, OPTIONS, BYE + Accept: application/sdp + Accept-Encoding: gzip + Accept-Language: en + Supported: foo + Content-Type: application/sdp + Content-Length: 274 + + (SDP not shown) + +12 Dialogs + + A key concept for a user agent is that of a dialog. A dialog + represents a peer-to-peer SIP relationship between two user agents + that persists for some time. The dialog facilitates sequencing of + messages between the user agents and proper routing of requests + between both of them. The dialog represents a context in which to + interpret SIP messages. Section 8 discussed method independent UA + processing for requests and responses outside of a dialog. This + section discusses how those requests and responses are used to + construct a dialog, and then how subsequent requests and responses + are sent within a dialog. + + A dialog is identified at each UA with a dialog ID, which consists of + a Call-ID value, a local tag and a remote tag. The dialog ID at each + UA involved in the dialog is not the same. Specifically, the local + tag at one UA is identical to the remote tag at the peer UA. The + tags are opaque tokens that facilitate the generation of unique + dialog IDs. + + A dialog ID is also associated with all responses and with any + request that contains a tag in the To field. The rules for computing + the dialog ID of a message depend on whether the SIP element is a UAC + or UAS. For a UAC, the Call-ID value of the dialog ID is set to the + Call-ID of the message, the remote tag is set to the tag in the To + field of the message, and the local tag is set to the tag in the From + + + +Rosenberg, et. al. Standards Track [Page 69] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + field of the message (these rules apply to both requests and + responses). As one would expect for a UAS, the Call-ID value of the + dialog ID is set to the Call-ID of the message, the remote tag is set + to the tag in the From field of the message, and the local tag is set + to the tag in the To field of the message. + + A dialog contains certain pieces of state needed for further message + transmissions within the dialog. This state consists of the dialog + ID, a local sequence number (used to order requests from the UA to + its peer), a remote sequence number (used to order requests from its + peer to the UA), a local URI, a remote URI, remote target, a boolean + flag called "secure", and a route set, which is an ordered list of + URIs. The route set is the list of servers that need to be traversed + to send a request to the peer. A dialog can also be in the "early" + state, which occurs when it is created with a provisional response, + and then transition to the "confirmed" state when a 2xx final + response arrives. For other responses, or if no response arrives at + all on that dialog, the early dialog terminates. + +12.1 Creation of a Dialog + + Dialogs are created through the generation of non-failure responses + to requests with specific methods. Within this specification, only + 2xx and 101-199 responses with a To tag, where the request was + INVITE, will establish a dialog. A dialog established by a non-final + response to a request is in the "early" state and it is called an + early dialog. Extensions MAY define other means for creating + dialogs. Section 13 gives more details that are specific to the + INVITE method. Here, we describe the process for creation of dialog + state that is not dependent on the method. + + UAs MUST assign values to the dialog ID components as described + below. + +12.1.1 UAS behavior + + When a UAS responds to a request with a response that establishes a + dialog (such as a 2xx to INVITE), the UAS MUST copy all Record-Route + header field values from the request into the response (including the + URIs, URI parameters, and any Record-Route header field parameters, + whether they are known or unknown to the UAS) and MUST maintain the + order of those values. The UAS MUST add a Contact header field to + the response. The Contact header field contains an address where the + UAS would like to be contacted for subsequent requests in the dialog + (which includes the ACK for a 2xx response in the case of an INVITE). + Generally, the host portion of this URI is the IP address or FQDN of + the host. The URI provided in the Contact header field MUST be a SIP + or SIPS URI. If the request that initiated the dialog contained a + + + +Rosenberg, et. al. Standards Track [Page 70] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + SIPS URI in the Request-URI or in the top Record-Route header field + value, if there was any, or the Contact header field if there was no + Record-Route header field, the Contact header field in the response + MUST be a SIPS URI. The URI SHOULD have global scope (that is, the + same URI can be used in messages outside this dialog). The same way, + the scope of the URI in the Contact header field of the INVITE is not + limited to this dialog either. It can therefore be used in messages + to the UAC even outside this dialog. + + The UAS then constructs the state of the dialog. This state MUST be + maintained for the duration of the dialog. + + If the request arrived over TLS, and the Request-URI contained a SIPS + URI, the "secure" flag is set to TRUE. + + The route set MUST be set to the list of URIs in the Record-Route + header field from the request, taken in order and preserving all URI + parameters. If no Record-Route header field is present in the + request, the route set MUST be set to the empty set. This route set, + even if empty, overrides any pre-existing route set for future + requests in this dialog. The remote target MUST be set to the URI + from the Contact header field of the request. + + The remote sequence number MUST be set to the value of the sequence + number in the CSeq header field of the request. The local sequence + number MUST be empty. The call identifier component of the dialog ID + MUST be set to the value of the Call-ID in the request. The local + tag component of the dialog ID MUST be set to the tag in the To field + in the response to the request (which always includes a tag), and the + remote tag component of the dialog ID MUST be set to the tag from the + From field in the request. A UAS MUST be prepared to receive a + request without a tag in the From field, in which case the tag is + considered to have a value of null. + + This is to maintain backwards compatibility with RFC 2543, which + did not mandate From tags. + + The remote URI MUST be set to the URI in the From field, and the + local URI MUST be set to the URI in the To field. + +12.1.2 UAC Behavior + + When a UAC sends a request that can establish a dialog (such as an + INVITE) it MUST provide a SIP or SIPS URI with global scope (i.e., + the same SIP URI can be used in messages outside this dialog) in the + Contact header field of the request. If the request has a Request- + URI or a topmost Route header field value with a SIPS URI, the + Contact header field MUST contain a SIPS URI. + + + +Rosenberg, et. al. Standards Track [Page 71] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + When a UAC receives a response that establishes a dialog, it + constructs the state of the dialog. This state MUST be maintained + for the duration of the dialog. + + If the request was sent over TLS, and the Request-URI contained a + SIPS URI, the "secure" flag is set to TRUE. + + The route set MUST be set to the list of URIs in the Record-Route + header field from the response, taken in reverse order and preserving + all URI parameters. If no Record-Route header field is present in + the response, the route set MUST be set to the empty set. This route + set, even if empty, overrides any pre-existing route set for future + requests in this dialog. The remote target MUST be set to the URI + from the Contact header field of the response. + + The local sequence number MUST be set to the value of the sequence + number in the CSeq header field of the request. The remote sequence + number MUST be empty (it is established when the remote UA sends a + request within the dialog). The call identifier component of the + dialog ID MUST be set to the value of the Call-ID in the request. + The local tag component of the dialog ID MUST be set to the tag in + the From field in the request, and the remote tag component of the + dialog ID MUST be set to the tag in the To field of the response. A + UAC MUST be prepared to receive a response without a tag in the To + field, in which case the tag is considered to have a value of null. + + This is to maintain backwards compatibility with RFC 2543, which + did not mandate To tags. + + The remote URI MUST be set to the URI in the To field, and the local + URI MUST be set to the URI in the From field. + +12.2 Requests within a Dialog + + Once a dialog has been established between two UAs, either of them + MAY initiate new transactions as needed within the dialog. The UA + sending the request will take the UAC role for the transaction. The + UA receiving the request will take the UAS role. Note that these may + be different roles than the UAs held during the transaction that + established the dialog. + + Requests within a dialog MAY contain Record-Route and Contact header + fields. However, these requests do not cause the dialog's route set + to be modified, although they may modify the remote target URI. + Specifically, requests that are not target refresh requests do not + modify the dialog's remote target URI, and requests that are target + refresh requests do. For dialogs that have been established with an + + + + +Rosenberg, et. al. Standards Track [Page 72] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + INVITE, the only target refresh request defined is re-INVITE (see + Section 14). Other extensions may define different target refresh + requests for dialogs established in other ways. + + Note that an ACK is NOT a target refresh request. + + Target refresh requests only update the dialog's remote target URI, + and not the route set formed from the Record-Route. Updating the + latter would introduce severe backwards compatibility problems with + RFC 2543-compliant systems. + +12.2.1 UAC Behavior + +12.2.1.1 Generating the Request + + A request within a dialog is constructed by using many of the + components of the state stored as part of the dialog. + + The URI in the To field of the request MUST be set to the remote URI + from the dialog state. The tag in the To header field of the request + MUST be set to the remote tag of the dialog ID. The From URI of the + request MUST be set to the local URI from the dialog state. The tag + in the From header field of the request MUST be set to the local tag + of the dialog ID. If the value of the remote or local tags is null, + the tag parameter MUST be omitted from the To or From header fields, + respectively. + + Usage of the URI from the To and From fields in the original + request within subsequent requests is done for backwards + compatibility with RFC 2543, which used the URI for dialog + identification. In this specification, only the tags are used for + dialog identification. It is expected that mandatory reflection + of the original To and From URI in mid-dialog requests will be + deprecated in a subsequent revision of this specification. + + The Call-ID of the request MUST be set to the Call-ID of the dialog. + Requests within a dialog MUST contain strictly monotonically + increasing and contiguous CSeq sequence numbers (increasing-by-one) + in each direction (excepting ACK and CANCEL of course, whose numbers + equal the requests being acknowledged or cancelled). Therefore, if + the local sequence number is not empty, the value of the local + sequence number MUST be incremented by one, and this value MUST be + placed into the CSeq header field. If the local sequence number is + empty, an initial value MUST be chosen using the guidelines of + Section 8.1.1.5. The method field in the CSeq header field value + MUST match the method of the request. + + + + + +Rosenberg, et. al. Standards Track [Page 73] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + With a length of 32 bits, a client could generate, within a single + call, one request a second for about 136 years before needing to + wrap around. The initial value of the sequence number is chosen + so that subsequent requests within the same call will not wrap + around. A non-zero initial value allows clients to use a time- + based initial sequence number. A client could, for example, + choose the 31 most significant bits of a 32-bit second clock as an + initial sequence number. + + The UAC uses the remote target and route set to build the Request-URI + and Route header field of the request. + + If the route set is empty, the UAC MUST place the remote target URI + into the Request-URI. The UAC MUST NOT add a Route header field to + the request. + + If the route set is not empty, and the first URI in the route set + contains the lr parameter (see Section 19.1.1), the UAC MUST place + the remote target URI into the Request-URI and MUST include a Route + header field containing the route set values in order, including all + parameters. + + If the route set is not empty, and its first URI does not contain the + lr parameter, the UAC MUST place the first URI from the route set + into the Request-URI, stripping any parameters that are not allowed + in a Request-URI. The UAC MUST add a Route header field containing + the remainder of the route set values in order, including all + parameters. The UAC MUST then place the remote target URI into the + Route header field as the last value. + + For example, if the remote target is sip:user@remoteua and the route + set contains: + + ,,, + + The request will be formed with the following Request-URI and Route + header field: + + METHOD sip:proxy1 + Route: ,,, + + If the first URI of the route set does not contain the lr + parameter, the proxy indicated does not understand the routing + mechanisms described in this document and will act as specified in + RFC 2543, replacing the Request-URI with the first Route header + field value it receives while forwarding the message. Placing the + Request-URI at the end of the Route header field preserves the + + + + +Rosenberg, et. al. Standards Track [Page 74] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + information in that Request-URI across the strict router (it will + be returned to the Request-URI when the request reaches a loose- + router). + + A UAC SHOULD include a Contact header field in any target refresh + requests within a dialog, and unless there is a need to change it, + the URI SHOULD be the same as used in previous requests within the + dialog. If the "secure" flag is true, that URI MUST be a SIPS URI. + As discussed in Section 12.2.2, a Contact header field in a target + refresh request updates the remote target URI. This allows a UA to + provide a new contact address, should its address change during the + duration of the dialog. + + However, requests that are not target refresh requests do not affect + the remote target URI for the dialog. + + The rest of the request is formed as described in Section 8.1.1. + + Once the request has been constructed, the address of the server is + computed and the request is sent, using the same procedures for + requests outside of a dialog (Section 8.1.2). + + The procedures in Section 8.1.2 will normally result in the + request being sent to the address indicated by the topmost Route + header field value or the Request-URI if no Route header field is + present. Subject to certain restrictions, they allow the request + to be sent to an alternate address (such as a default outbound + proxy not represented in the route set). + +12.2.1.2 Processing the Responses + + The UAC will receive responses to the request from the transaction + layer. If the client transaction returns a timeout, this is treated + as a 408 (Request Timeout) response. + + The behavior of a UAC that receives a 3xx response for a request sent + within a dialog is the same as if the request had been sent outside a + dialog. This behavior is described in Section 8.1.3.4. + + Note, however, that when the UAC tries alternative locations, it + still uses the route set for the dialog to build the Route header + of the request. + + When a UAC receives a 2xx response to a target refresh request, it + MUST replace the dialog's remote target URI with the URI from the + Contact header field in that response, if present. + + + + + +Rosenberg, et. al. Standards Track [Page 75] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If the response for a request within a dialog is a 481 + (Call/Transaction Does Not Exist) or a 408 (Request Timeout), the UAC + SHOULD terminate the dialog. A UAC SHOULD also terminate a dialog if + no response at all is received for the request (the client + transaction would inform the TU about the timeout.) + + For INVITE initiated dialogs, terminating the dialog consists of + sending a BYE. + +12.2.2 UAS Behavior + + Requests sent within a dialog, as any other requests, are atomic. If + a particular request is accepted by the UAS, all the state changes + associated with it are performed. If the request is rejected, none + of the state changes are performed. + + Note that some requests, such as INVITEs, affect several pieces of + state. + + The UAS will receive the request from the transaction layer. If the + request has a tag in the To header field, the UAS core computes the + dialog identifier corresponding to the request and compares it with + existing dialogs. If there is a match, this is a mid-dialog request. + In that case, the UAS first applies the same processing rules for + requests outside of a dialog, discussed in Section 8.2. + + If the request has a tag in the To header field, but the dialog + identifier does not match any existing dialogs, the UAS may have + crashed and restarted, or it may have received a request for a + different (possibly failed) UAS (the UASs can construct the To tags + so that a UAS can identify that the tag was for a UAS for which it is + providing recovery). Another possibility is that the incoming + request has been simply misrouted. Based on the To tag, the UAS MAY + either accept or reject the request. Accepting the request for + acceptable To tags provides robustness, so that dialogs can persist + even through crashes. UAs wishing to support this capability must + take into consideration some issues such as choosing monotonically + increasing CSeq sequence numbers even across reboots, reconstructing + the route set, and accepting out-of-range RTP timestamps and sequence + numbers. + + If the UAS wishes to reject the request because it does not wish to + recreate the dialog, it MUST respond to the request with a 481 + (Call/Transaction Does Not Exist) status code and pass that to the + server transaction. + + + + + + +Rosenberg, et. al. Standards Track [Page 76] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Requests that do not change in any way the state of a dialog may be + received within a dialog (for example, an OPTIONS request). They are + processed as if they had been received outside the dialog. + + If the remote sequence number is empty, it MUST be set to the value + of the sequence number in the CSeq header field value in the request. + If the remote sequence number was not empty, but the sequence number + of the request is lower than the remote sequence number, the request + is out of order and MUST be rejected with a 500 (Server Internal + Error) response. If the remote sequence number was not empty, and + the sequence number of the request is greater than the remote + sequence number, the request is in order. It is possible for the + CSeq sequence number to be higher than the remote sequence number by + more than one. This is not an error condition, and a UAS SHOULD be + prepared to receive and process requests with CSeq values more than + one higher than the previous received request. The UAS MUST then set + the remote sequence number to the value of the sequence number in the + CSeq header field value in the request. + + If a proxy challenges a request generated by the UAC, the UAC has + to resubmit the request with credentials. The resubmitted request + will have a new CSeq number. The UAS will never see the first + request, and thus, it will notice a gap in the CSeq number space. + Such a gap does not represent any error condition. + + When a UAS receives a target refresh request, it MUST replace the + dialog's remote target URI with the URI from the Contact header field + in that request, if present. + +12.3 Termination of a Dialog + + Independent of the method, if a request outside of a dialog generates + a non-2xx final response, any early dialogs created through + provisional responses to that request are terminated. The mechanism + for terminating confirmed dialogs is method specific. In this + specification, the BYE method terminates a session and the dialog + associated with it. See Section 15 for details. + +13 Initiating a Session + +13.1 Overview + + When a user agent client desires to initiate a session (for example, + audio, video, or a game), it formulates an INVITE request. The + INVITE request asks a server to establish a session. This request + may be forwarded by proxies, eventually arriving at one or more UAS + that can potentially accept the invitation. These UASs will + frequently need to query the user about whether to accept the + + + +Rosenberg, et. al. Standards Track [Page 77] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + invitation. After some time, those UASs can accept the invitation + (meaning the session is to be established) by sending a 2xx response. + If the invitation is not accepted, a 3xx, 4xx, 5xx or 6xx response is + sent, depending on the reason for the rejection. Before sending a + final response, the UAS can also send provisional responses (1xx) to + advise the UAC of progress in contacting the called user. + + After possibly receiving one or more provisional responses, the UAC + will get one or more 2xx responses or one non-2xx final response. + Because of the protracted amount of time it can take to receive final + responses to INVITE, the reliability mechanisms for INVITE + transactions differ from those of other requests (like OPTIONS). + Once it receives a final response, the UAC needs to send an ACK for + every final response it receives. The procedure for sending this ACK + depends on the type of response. For final responses between 300 and + 699, the ACK processing is done in the transaction layer and follows + one set of rules (See Section 17). For 2xx responses, the ACK is + generated by the UAC core. + + A 2xx response to an INVITE establishes a session, and it also + creates a dialog between the UA that issued the INVITE and the UA + that generated the 2xx response. Therefore, when multiple 2xx + responses are received from different remote UAs (because the INVITE + forked), each 2xx establishes a different dialog. All these dialogs + are part of the same call. + + This section provides details on the establishment of a session using + INVITE. A UA that supports INVITE MUST also support ACK, CANCEL and + BYE. + +13.2 UAC Processing + +13.2.1 Creating the Initial INVITE + + Since the initial INVITE represents a request outside of a dialog, + its construction follows the procedures of Section 8.1.1. Additional + processing is required for the specific case of INVITE. + + An Allow header field (Section 20.5) SHOULD be present in the INVITE. + It indicates what methods can be invoked within a dialog, on the UA + sending the INVITE, for the duration of the dialog. For example, a + UA capable of receiving INFO requests within a dialog [34] SHOULD + include an Allow header field listing the INFO method. + + A Supported header field (Section 20.37) SHOULD be present in the + INVITE. It enumerates all the extensions understood by the UAC. + + + + + +Rosenberg, et. al. Standards Track [Page 78] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + An Accept (Section 20.1) header field MAY be present in the INVITE. + It indicates which Content-Types are acceptable to the UA, in both + the response received by it, and in any subsequent requests sent to + it within dialogs established by the INVITE. The Accept header field + is especially useful for indicating support of various session + description formats. + + The UAC MAY add an Expires header field (Section 20.19) to limit the + validity of the invitation. If the time indicated in the Expires + header field is reached and no final answer for the INVITE has been + received, the UAC core SHOULD generate a CANCEL request for the + INVITE, as per Section 9. + + A UAC MAY also find it useful to add, among others, Subject (Section + 20.36), Organization (Section 20.25) and User-Agent (Section 20.41) + header fields. They all contain information related to the INVITE. + + The UAC MAY choose to add a message body to the INVITE. Section + 8.1.1.10 deals with how to construct the header fields -- Content- + Type among others -- needed to describe the message body. + + There are special rules for message bodies that contain a session + description - their corresponding Content-Disposition is "session". + SIP uses an offer/answer model where one UA sends a session + description, called the offer, which contains a proposed description + of the session. The offer indicates the desired communications means + (audio, video, games), parameters of those means (such as codec + types) and addresses for receiving media from the answerer. The + other UA responds with another session description, called the + answer, which indicates which communications means are accepted, the + parameters that apply to those means, and addresses for receiving + media from the offerer. An offer/answer exchange is within the + context of a dialog, so that if a SIP INVITE results in multiple + dialogs, each is a separate offer/answer exchange. The offer/answer + model defines restrictions on when offers and answers can be made + (for example, you cannot make a new offer while one is in progress). + This results in restrictions on where the offers and answers can + appear in SIP messages. In this specification, offers and answers + can only appear in INVITE requests and responses, and ACK. The usage + of offers and answers is further restricted. For the initial INVITE + transaction, the rules are: + + o The initial offer MUST be in either an INVITE or, if not there, + in the first reliable non-failure message from the UAS back to + the UAC. In this specification, that is the final 2xx + response. + + + + + +Rosenberg, et. al. Standards Track [Page 79] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o If the initial offer is in an INVITE, the answer MUST be in a + reliable non-failure message from UAS back to UAC which is + correlated to that INVITE. For this specification, that is + only the final 2xx response to that INVITE. That same exact + answer MAY also be placed in any provisional responses sent + prior to the answer. The UAC MUST treat the first session + description it receives as the answer, and MUST ignore any + session descriptions in subsequent responses to the initial + INVITE. + + o If the initial offer is in the first reliable non-failure + message from the UAS back to UAC, the answer MUST be in the + acknowledgement for that message (in this specification, ACK + for a 2xx response). + + o After having sent or received an answer to the first offer, the + UAC MAY generate subsequent offers in requests based on rules + specified for that method, but only if it has received answers + to any previous offers, and has not sent any offers to which it + hasn't gotten an answer. + + o Once the UAS has sent or received an answer to the initial + offer, it MUST NOT generate subsequent offers in any responses + to the initial INVITE. This means that a UAS based on this + specification alone can never generate subsequent offers until + completion of the initial transaction. + + Concretely, the above rules specify two exchanges for UAs compliant + to this specification alone - the offer is in the INVITE, and the + answer in the 2xx (and possibly in a 1xx as well, with the same + value), or the offer is in the 2xx, and the answer is in the ACK. + All user agents that support INVITE MUST support these two exchanges. + + The Session Description Protocol (SDP) (RFC 2327 [1]) MUST be + supported by all user agents as a means to describe sessions, and its + usage for constructing offers and answers MUST follow the procedures + defined in [13]. + + The restrictions of the offer-answer model just described only apply + to bodies whose Content-Disposition header field value is "session". + Therefore, it is possible that both the INVITE and the ACK contain a + body message (for example, the INVITE carries a photo (Content- + Disposition: render) and the ACK a session description (Content- + Disposition: session)). + + If the Content-Disposition header field is missing, bodies of + Content-Type application/sdp imply the disposition "session", while + other content types imply "render". + + + +Rosenberg, et. al. Standards Track [Page 80] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Once the INVITE has been created, the UAC follows the procedures + defined for sending requests outside of a dialog (Section 8). This + results in the construction of a client transaction that will + ultimately send the request and deliver responses to the UAC. + +13.2.2 Processing INVITE Responses + + Once the INVITE has been passed to the INVITE client transaction, the + UAC waits for responses for the INVITE. If the INVITE client + transaction returns a timeout rather than a response the TU acts as + if a 408 (Request Timeout) response had been received, as described + in Section 8.1.3. + +13.2.2.1 1xx Responses + + Zero, one or multiple provisional responses may arrive before one or + more final responses are received. Provisional responses for an + INVITE request can create "early dialogs". If a provisional response + has a tag in the To field, and if the dialog ID of the response does + not match an existing dialog, one is constructed using the procedures + defined in Section 12.1.2. + + The early dialog will only be needed if the UAC needs to send a + request to its peer within the dialog before the initial INVITE + transaction completes. Header fields present in a provisional + response are applicable as long as the dialog is in the early state + (for example, an Allow header field in a provisional response + contains the methods that can be used in the dialog while this is in + the early state). + +13.2.2.2 3xx Responses + + A 3xx response may contain one or more Contact header field values + providing new addresses where the callee might be reachable. + Depending on the status code of the 3xx response (see Section 21.3), + the UAC MAY choose to try those new addresses. + +13.2.2.3 4xx, 5xx and 6xx Responses + + A single non-2xx final response may be received for the INVITE. 4xx, + 5xx and 6xx responses may contain a Contact header field value + indicating the location where additional information about the error + can be found. Subsequent final responses (which would only arrive + under error conditions) MUST be ignored. + + All early dialogs are considered terminated upon reception of the + non-2xx final response. + + + + +Rosenberg, et. al. Standards Track [Page 81] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + After having received the non-2xx final response the UAC core + considers the INVITE transaction completed. The INVITE client + transaction handles the generation of ACKs for the response (see + Section 17). + +13.2.2.4 2xx Responses + + Multiple 2xx responses may arrive at the UAC for a single INVITE + request due to a forking proxy. Each response is distinguished by + the tag parameter in the To header field, and each represents a + distinct dialog, with a distinct dialog identifier. + + If the dialog identifier in the 2xx response matches the dialog + identifier of an existing dialog, the dialog MUST be transitioned to + the "confirmed" state, and the route set for the dialog MUST be + recomputed based on the 2xx response using the procedures of Section + 12.2.1.2. Otherwise, a new dialog in the "confirmed" state MUST be + constructed using the procedures of Section 12.1.2. + + Note that the only piece of state that is recomputed is the route + set. Other pieces of state such as the highest sequence numbers + (remote and local) sent within the dialog are not recomputed. The + route set only is recomputed for backwards compatibility. RFC + 2543 did not mandate mirroring of the Record-Route header field in + a 1xx, only 2xx. However, we cannot update the entire state of + the dialog, since mid-dialog requests may have been sent within + the early dialog, modifying the sequence numbers, for example. + + The UAC core MUST generate an ACK request for each 2xx received from + the transaction layer. The header fields of the ACK are constructed + in the same way as for any request sent within a dialog (see Section + 12) with the exception of the CSeq and the header fields related to + authentication. The sequence number of the CSeq header field MUST be + the same as the INVITE being acknowledged, but the CSeq method MUST + be ACK. The ACK MUST contain the same credentials as the INVITE. If + the 2xx contains an offer (based on the rules above), the ACK MUST + carry an answer in its body. If the offer in the 2xx response is not + acceptable, the UAC core MUST generate a valid answer in the ACK and + then send a BYE immediately. + + Once the ACK has been constructed, the procedures of [4] are used to + determine the destination address, port and transport. However, the + request is passed to the transport layer directly for transmission, + rather than a client transaction. This is because the UAC core + handles retransmissions of the ACK, not the transaction layer. The + ACK MUST be passed to the client transport every time a + retransmission of the 2xx final response that triggered the ACK + arrives. + + + +Rosenberg, et. al. Standards Track [Page 82] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The UAC core considers the INVITE transaction completed 64*T1 seconds + after the reception of the first 2xx response. At this point all the + early dialogs that have not transitioned to established dialogs are + terminated. Once the INVITE transaction is considered completed by + the UAC core, no more new 2xx responses are expected to arrive. + + If, after acknowledging any 2xx response to an INVITE, the UAC does + not want to continue with that dialog, then the UAC MUST terminate + the dialog by sending a BYE request as described in Section 15. + +13.3 UAS Processing + +13.3.1 Processing of the INVITE + + The UAS core will receive INVITE requests from the transaction layer. + It first performs the request processing procedures of Section 8.2, + which are applied for both requests inside and outside of a dialog. + + Assuming these processing states are completed without generating a + response, the UAS core performs the additional processing steps: + + 1. If the request is an INVITE that contains an Expires header + field, the UAS core sets a timer for the number of seconds + indicated in the header field value. When the timer fires, the + invitation is considered to be expired. If the invitation + expires before the UAS has generated a final response, a 487 + (Request Terminated) response SHOULD be generated. + + 2. If the request is a mid-dialog request, the method-independent + processing described in Section 12.2.2 is first applied. It + might also modify the session; Section 14 provides details. + + 3. If the request has a tag in the To header field but the dialog + identifier does not match any of the existing dialogs, the UAS + may have crashed and restarted, or may have received a request + for a different (possibly failed) UAS. Section 12.2.2 provides + guidelines to achieve a robust behavior under such a situation. + + Processing from here forward assumes that the INVITE is outside of a + dialog, and is thus for the purposes of establishing a new session. + + The INVITE may contain a session description, in which case the UAS + is being presented with an offer for that session. It is possible + that the user is already a participant in that session, even though + the INVITE is outside of a dialog. This can happen when a user is + invited to the same multicast conference by multiple other + participants. If desired, the UAS MAY use identifiers within the + session description to detect this duplication. For example, SDP + + + +Rosenberg, et. al. Standards Track [Page 83] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + contains a session id and version number in the origin (o) field. If + the user is already a member of the session, and the session + parameters contained in the session description have not changed, the + UAS MAY silently accept the INVITE (that is, send a 2xx response + without prompting the user). + + If the INVITE does not contain a session description, the UAS is + being asked to participate in a session, and the UAC has asked that + the UAS provide the offer of the session. It MUST provide the offer + in its first non-failure reliable message back to the UAC. In this + specification, that is a 2xx response to the INVITE. + + The UAS can indicate progress, accept, redirect, or reject the + invitation. In all of these cases, it formulates a response using + the procedures described in Section 8.2.6. + +13.3.1.1 Progress + + If the UAS is not able to answer the invitation immediately, it can + choose to indicate some kind of progress to the UAC (for example, an + indication that a phone is ringing). This is accomplished with a + provisional response between 101 and 199. These provisional + responses establish early dialogs and therefore follow the procedures + of Section 12.1.1 in addition to those of Section 8.2.6. A UAS MAY + send as many provisional responses as it likes. Each of these MUST + indicate the same dialog ID. However, these will not be delivered + reliably. + + If the UAS desires an extended period of time to answer the INVITE, + it will need to ask for an "extension" in order to prevent proxies + from canceling the transaction. A proxy has the option of canceling + a transaction when there is a gap of 3 minutes between responses in a + transaction. To prevent cancellation, the UAS MUST send a non-100 + provisional response at every minute, to handle the possibility of + lost provisional responses. + + An INVITE transaction can go on for extended durations when the + user is placed on hold, or when interworking with PSTN systems + which allow communications to take place without answering the + call. The latter is common in Interactive Voice Response (IVR) + systems. + +13.3.1.2 The INVITE is Redirected + + If the UAS decides to redirect the call, a 3xx response is sent. A + 300 (Multiple Choices), 301 (Moved Permanently) or 302 (Moved + Temporarily) response SHOULD contain a Contact header field + + + + +Rosenberg, et. al. Standards Track [Page 84] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + containing one or more URIs of new addresses to be tried. The + response is passed to the INVITE server transaction, which will deal + with its retransmissions. + +13.3.1.3 The INVITE is Rejected + + A common scenario occurs when the callee is currently not willing or + able to take additional calls at this end system. A 486 (Busy Here) + SHOULD be returned in such a scenario. If the UAS knows that no + other end system will be able to accept this call, a 600 (Busy + Everywhere) response SHOULD be sent instead. However, it is unlikely + that a UAS will be able to know this in general, and thus this + response will not usually be used. The response is passed to the + INVITE server transaction, which will deal with its retransmissions. + + A UAS rejecting an offer contained in an INVITE SHOULD return a 488 + (Not Acceptable Here) response. Such a response SHOULD include a + Warning header field value explaining why the offer was rejected. + +13.3.1.4 The INVITE is Accepted + + The UAS core generates a 2xx response. This response establishes a + dialog, and therefore follows the procedures of Section 12.1.1 in + addition to those of Section 8.2.6. + + A 2xx response to an INVITE SHOULD contain the Allow header field and + the Supported header field, and MAY contain the Accept header field. + Including these header fields allows the UAC to determine the + features and extensions supported by the UAS for the duration of the + call, without probing. + + If the INVITE request contained an offer, and the UAS had not yet + sent an answer, the 2xx MUST contain an answer. If the INVITE did + not contain an offer, the 2xx MUST contain an offer if the UAS had + not yet sent an offer. + + Once the response has been constructed, it is passed to the INVITE + server transaction. Note, however, that the INVITE server + transaction will be destroyed as soon as it receives this final + response and passes it to the transport. Therefore, it is necessary + to periodically pass the response directly to the transport until the + ACK arrives. The 2xx response is passed to the transport with an + interval that starts at T1 seconds and doubles for each + retransmission until it reaches T2 seconds (T1 and T2 are defined in + Section 17). Response retransmissions cease when an ACK request for + the response is received. This is independent of whatever transport + protocols are used to send the response. + + + + +Rosenberg, et. al. Standards Track [Page 85] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Since 2xx is retransmitted end-to-end, there may be hops between + UAS and UAC that are UDP. To ensure reliable delivery across + these hops, the response is retransmitted periodically even if the + transport at the UAS is reliable. + + If the server retransmits the 2xx response for 64*T1 seconds without + receiving an ACK, the dialog is confirmed, but the session SHOULD be + terminated. This is accomplished with a BYE, as described in Section + 15. + +14 Modifying an Existing Session + + A successful INVITE request (see Section 13) establishes both a + dialog between two user agents and a session using the offer-answer + model. Section 12 explains how to modify an existing dialog using a + target refresh request (for example, changing the remote target URI + of the dialog). This section describes how to modify the actual + session. This modification can involve changing addresses or ports, + adding a media stream, deleting a media stream, and so on. This is + accomplished by sending a new INVITE request within the same dialog + that established the session. An INVITE request sent within an + existing dialog is known as a re-INVITE. + + Note that a single re-INVITE can modify the dialog and the + parameters of the session at the same time. + + Either the caller or callee can modify an existing session. + + The behavior of a UA on detection of media failure is a matter of + local policy. However, automated generation of re-INVITE or BYE is + NOT RECOMMENDED to avoid flooding the network with traffic when there + is congestion. In any case, if these messages are sent + automatically, they SHOULD be sent after some randomized interval. + + Note that the paragraph above refers to automatically generated + BYEs and re-INVITEs. If the user hangs up upon media failure, the + UA would send a BYE request as usual. + +14.1 UAC Behavior + + The same offer-answer model that applies to session descriptions in + INVITEs (Section 13.2.1) applies to re-INVITEs. As a result, a UAC + that wants to add a media stream, for example, will create a new + offer that contains this media stream, and send that in an INVITE + request to its peer. It is important to note that the full + description of the session, not just the change, is sent. This + supports stateless session processing in various elements, and + supports failover and recovery capabilities. Of course, a UAC MAY + + + +Rosenberg, et. al. Standards Track [Page 86] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + send a re-INVITE with no session description, in which case the first + reliable non-failure response to the re-INVITE will contain the offer + (in this specification, that is a 2xx response). + + If the session description format has the capability for version + numbers, the offerer SHOULD indicate that the version of the session + description has changed. + + The To, From, Call-ID, CSeq, and Request-URI of a re-INVITE are set + following the same rules as for regular requests within an existing + dialog, described in Section 12. + + A UAC MAY choose not to add an Alert-Info header field or a body with + Content-Disposition "alert" to re-INVITEs because UASs do not + typically alert the user upon reception of a re-INVITE. + + Unlike an INVITE, which can fork, a re-INVITE will never fork, and + therefore, only ever generate a single final response. The reason a + re-INVITE will never fork is that the Request-URI identifies the + target as the UA instance it established the dialog with, rather than + identifying an address-of-record for the user. + + Note that a UAC MUST NOT initiate a new INVITE transaction within a + dialog while another INVITE transaction is in progress in either + direction. + + 1. If there is an ongoing INVITE client transaction, the TU MUST + wait until the transaction reaches the completed or terminated + state before initiating the new INVITE. + + 2. If there is an ongoing INVITE server transaction, the TU MUST + wait until the transaction reaches the confirmed or terminated + state before initiating the new INVITE. + + However, a UA MAY initiate a regular transaction while an INVITE + transaction is in progress. A UA MAY also initiate an INVITE + transaction while a regular transaction is in progress. + + If a UA receives a non-2xx final response to a re-INVITE, the session + parameters MUST remain unchanged, as if no re-INVITE had been issued. + Note that, as stated in Section 12.2.1.2, if the non-2xx final + response is a 481 (Call/Transaction Does Not Exist), or a 408 + (Request Timeout), or no response at all is received for the re- + INVITE (that is, a timeout is returned by the INVITE client + transaction), the UAC will terminate the dialog. + + + + + + +Rosenberg, et. al. Standards Track [Page 87] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If a UAC receives a 491 response to a re-INVITE, it SHOULD start a + timer with a value T chosen as follows: + + 1. If the UAC is the owner of the Call-ID of the dialog ID + (meaning it generated the value), T has a randomly chosen value + between 2.1 and 4 seconds in units of 10 ms. + + 2. If the UAC is not the owner of the Call-ID of the dialog ID, T + has a randomly chosen value of between 0 and 2 seconds in units + of 10 ms. + + When the timer fires, the UAC SHOULD attempt the re-INVITE once more, + if it still desires for that session modification to take place. For + example, if the call was already hung up with a BYE, the re-INVITE + would not take place. + + The rules for transmitting a re-INVITE and for generating an ACK for + a 2xx response to re-INVITE are the same as for the initial INVITE + (Section 13.2.1). + +14.2 UAS Behavior + + Section 13.3.1 describes the procedure for distinguishing incoming + re-INVITEs from incoming initial INVITEs and handling a re-INVITE for + an existing dialog. + + A UAS that receives a second INVITE before it sends the final + response to a first INVITE with a lower CSeq sequence number on the + same dialog MUST return a 500 (Server Internal Error) response to the + second INVITE and MUST include a Retry-After header field with a + randomly chosen value of between 0 and 10 seconds. + + A UAS that receives an INVITE on a dialog while an INVITE it had sent + on that dialog is in progress MUST return a 491 (Request Pending) + response to the received INVITE. + + If a UA receives a re-INVITE for an existing dialog, it MUST check + any version identifiers in the session description or, if there are + no version identifiers, the content of the session description to see + if it has changed. If the session description has changed, the UAS + MUST adjust the session parameters accordingly, possibly after asking + the user for confirmation. + + Versioning of the session description can be used to accommodate + the capabilities of new arrivals to a conference, add or delete + media, or change from a unicast to a multicast conference. + + + + + +Rosenberg, et. al. Standards Track [Page 88] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If the new session description is not acceptable, the UAS can reject + it by returning a 488 (Not Acceptable Here) response for the re- + INVITE. This response SHOULD include a Warning header field. + + If a UAS generates a 2xx response and never receives an ACK, it + SHOULD generate a BYE to terminate the dialog. + + A UAS MAY choose not to generate 180 (Ringing) responses for a re- + INVITE because UACs do not typically render this information to the + user. For the same reason, UASs MAY choose not to use an Alert-Info + header field or a body with Content-Disposition "alert" in responses + to a re-INVITE. + + A UAS providing an offer in a 2xx (because the INVITE did not contain + an offer) SHOULD construct the offer as if the UAS were making a + brand new call, subject to the constraints of sending an offer that + updates an existing session, as described in [13] in the case of SDP. + Specifically, this means that it SHOULD include as many media formats + and media types that the UA is willing to support. The UAS MUST + ensure that the session description overlaps with its previous + session description in media formats, transports, or other parameters + that require support from the peer. This is to avoid the need for + the peer to reject the session description. If, however, it is + unacceptable to the UAC, the UAC SHOULD generate an answer with a + valid session description, and then send a BYE to terminate the + session. + +15 Terminating a Session + + This section describes the procedures for terminating a session + established by SIP. The state of the session and the state of the + dialog are very closely related. When a session is initiated with an + INVITE, each 1xx or 2xx response from a distinct UAS creates a + dialog, and if that response completes the offer/answer exchange, it + also creates a session. As a result, each session is "associated" + with a single dialog - the one which resulted in its creation. If an + initial INVITE generates a non-2xx final response, that terminates + all sessions (if any) and all dialogs (if any) that were created + through responses to the request. By virtue of completing the + transaction, a non-2xx final response also prevents further sessions + from being created as a result of the INVITE. The BYE request is + used to terminate a specific session or attempted session. In this + case, the specific session is the one with the peer UA on the other + side of the dialog. When a BYE is received on a dialog, any session + associated with that dialog SHOULD terminate. A UA MUST NOT send a + BYE outside of a dialog. The caller's UA MAY send a BYE for either + confirmed or early dialogs, and the callee's UA MAY send a BYE on + confirmed dialogs, but MUST NOT send a BYE on early dialogs. + + + +Rosenberg, et. al. Standards Track [Page 89] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + However, the callee's UA MUST NOT send a BYE on a confirmed dialog + until it has received an ACK for its 2xx response or until the server + transaction times out. If no SIP extensions have defined other + application layer states associated with the dialog, the BYE also + terminates the dialog. + + The impact of a non-2xx final response to INVITE on dialogs and + sessions makes the use of CANCEL attractive. The CANCEL attempts to + force a non-2xx response to the INVITE (in particular, a 487). + Therefore, if a UAC wishes to give up on its call attempt entirely, + it can send a CANCEL. If the INVITE results in 2xx final response(s) + to the INVITE, this means that a UAS accepted the invitation while + the CANCEL was in progress. The UAC MAY continue with the sessions + established by any 2xx responses, or MAY terminate them with BYE. + + The notion of "hanging up" is not well defined within SIP. It is + specific to a particular, albeit common, user interface. + Typically, when the user hangs up, it indicates a desire to + terminate the attempt to establish a session, and to terminate any + sessions already created. For the caller's UA, this would imply a + CANCEL request if the initial INVITE has not generated a final + response, and a BYE to all confirmed dialogs after a final + response. For the callee's UA, it would typically imply a BYE; + presumably, when the user picked up the phone, a 2xx was + generated, and so hanging up would result in a BYE after the ACK + is received. This does not mean a user cannot hang up before + receipt of the ACK, it just means that the software in his phone + needs to maintain state for a short while in order to clean up + properly. If the particular UI allows for the user to reject a + call before its answered, a 403 (Forbidden) is a good way to + express that. As per the rules above, a BYE can't be sent. + +15.1 Terminating a Session with a BYE Request + +15.1.1 UAC Behavior + + A BYE request is constructed as would any other request within a + dialog, as described in Section 12. + + Once the BYE is constructed, the UAC core creates a new non-INVITE + client transaction, and passes it the BYE request. The UAC MUST + consider the session terminated (and therefore stop sending or + listening for media) as soon as the BYE request is passed to the + client transaction. If the response for the BYE is a 481 + (Call/Transaction Does Not Exist) or a 408 (Request Timeout) or no + + + + + + +Rosenberg, et. al. Standards Track [Page 90] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + response at all is received for the BYE (that is, a timeout is + returned by the client transaction), the UAC MUST consider the + session and the dialog terminated. + +15.1.2 UAS Behavior + + A UAS first processes the BYE request according to the general UAS + processing described in Section 8.2. A UAS core receiving a BYE + request checks if it matches an existing dialog. If the BYE does not + match an existing dialog, the UAS core SHOULD generate a 481 + (Call/Transaction Does Not Exist) response and pass that to the + server transaction. + + This rule means that a BYE sent without tags by a UAC will be + rejected. This is a change from RFC 2543, which allowed BYE + without tags. + + A UAS core receiving a BYE request for an existing dialog MUST follow + the procedures of Section 12.2.2 to process the request. Once done, + the UAS SHOULD terminate the session (and therefore stop sending and + listening for media). The only case where it can elect not to are + multicast sessions, where participation is possible even if the other + participant in the dialog has terminated its involvement in the + session. Whether or not it ends its participation on the session, + the UAS core MUST generate a 2xx response to the BYE, and MUST pass + that to the server transaction for transmission. + + The UAS MUST still respond to any pending requests received for that + dialog. It is RECOMMENDED that a 487 (Request Terminated) response + be generated to those pending requests. + +16 Proxy Behavior + +16.1 Overview + + SIP proxies are elements that route SIP requests to user agent + servers and SIP responses to user agent clients. A request may + traverse several proxies on its way to a UAS. Each will make routing + decisions, modifying the request before forwarding it to the next + element. Responses will route through the same set of proxies + traversed by the request in the reverse order. + + Being a proxy is a logical role for a SIP element. When a request + arrives, an element that can play the role of a proxy first decides + if it needs to respond to the request on its own. For instance, the + request may be malformed or the element may need credentials from the + client before acting as a proxy. The element MAY respond with any + + + + +Rosenberg, et. al. Standards Track [Page 91] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + appropriate error code. When responding directly to a request, the + element is playing the role of a UAS and MUST behave as described in + Section 8.2. + + A proxy can operate in either a stateful or stateless mode for each + new request. When stateless, a proxy acts as a simple forwarding + element. It forwards each request downstream to a single element + determined by making a targeting and routing decision based on the + request. It simply forwards every response it receives upstream. A + stateless proxy discards information about a message once the message + has been forwarded. A stateful proxy remembers information + (specifically, transaction state) about each incoming request and any + requests it sends as a result of processing the incoming request. It + uses this information to affect the processing of future messages + associated with that request. A stateful proxy MAY choose to "fork" + a request, routing it to multiple destinations. Any request that is + forwarded to more than one location MUST be handled statefully. + + In some circumstances, a proxy MAY forward requests using stateful + transports (such as TCP) without being transaction-stateful. For + instance, a proxy MAY forward a request from one TCP connection to + another transaction statelessly as long as it places enough + information in the message to be able to forward the response down + the same connection the request arrived on. Requests forwarded + between different types of transports where the proxy's TU must take + an active role in ensuring reliable delivery on one of the transports + MUST be forwarded transaction statefully. + + A stateful proxy MAY transition to stateless operation at any time + during the processing of a request, so long as it did not do anything + that would otherwise prevent it from being stateless initially + (forking, for example, or generation of a 100 response). When + performing such a transition, all state is simply discarded. The + proxy SHOULD NOT initiate a CANCEL request. + + Much of the processing involved when acting statelessly or statefully + for a request is identical. The next several subsections are written + from the point of view of a stateful proxy. The last section calls + out those places where a stateless proxy behaves differently. + +16.2 Stateful Proxy + + When stateful, a proxy is purely a SIP transaction processing engine. + Its behavior is modeled here in terms of the server and client + transactions defined in Section 17. A stateful proxy has a server + transaction associated with one or more client transactions by a + higher layer proxy processing component (see figure 3), known as a + proxy core. An incoming request is processed by a server + + + +Rosenberg, et. al. Standards Track [Page 92] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + transaction. Requests from the server transaction are passed to a + proxy core. The proxy core determines where to route the request, + choosing one or more next-hop locations. An outgoing request for + each next-hop location is processed by its own associated client + transaction. The proxy core collects the responses from the client + transactions and uses them to send responses to the server + transaction. + + A stateful proxy creates a new server transaction for each new + request received. Any retransmissions of the request will then be + handled by that server transaction per Section 17. The proxy core + MUST behave as a UAS with respect to sending an immediate provisional + on that server transaction (such as 100 Trying) as described in + Section 8.2.6. Thus, a stateful proxy SHOULD NOT generate 100 + (Trying) responses to non-INVITE requests. + + This is a model of proxy behavior, not of software. An + implementation is free to take any approach that replicates the + external behavior this model defines. + + For all new requests, including any with unknown methods, an element + intending to proxy the request MUST: + + 1. Validate the request (Section 16.3) + + 2. Preprocess routing information (Section 16.4) + + 3. Determine target(s) for the request (Section 16.5) + + +--------------------+ + | | +---+ + | | | C | + | | | T | + | | +---+ + +---+ | Proxy | +---+ CT = Client Transaction + | S | | "Higher" Layer | | C | + | T | | | | T | ST = Server Transaction + +---+ | | +---+ + | | +---+ + | | | C | + | | | T | + | | +---+ + +--------------------+ + + Figure 3: Stateful Proxy Model + + + + + + +Rosenberg, et. al. Standards Track [Page 93] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 4. Forward the request to each target (Section 16.6) + + 5. Process all responses (Section 16.7) + +16.3 Request Validation + + Before an element can proxy a request, it MUST verify the message's + validity. A valid message must pass the following checks: + + 1. Reasonable Syntax + + 2. URI scheme + + 3. Max-Forwards + + 4. (Optional) Loop Detection + + 5. Proxy-Require + + 6. Proxy-Authorization + + If any of these checks fail, the element MUST behave as a user agent + server (see Section 8.2) and respond with an error code. + + Notice that a proxy is not required to detect merged requests and + MUST NOT treat merged requests as an error condition. The endpoints + receiving the requests will resolve the merge as described in Section + 8.2.2.2. + + 1. Reasonable syntax check + + The request MUST be well-formed enough to be handled with a server + transaction. Any components involved in the remainder of these + Request Validation steps or the Request Forwarding section MUST be + well-formed. Any other components, well-formed or not, SHOULD be + ignored and remain unchanged when the message is forwarded. For + instance, an element would not reject a request because of a + malformed Date header field. Likewise, a proxy would not remove a + malformed Date header field before forwarding a request. + + This protocol is designed to be extended. Future extensions may + define new methods and header fields at any time. An element MUST + NOT refuse to proxy a request because it contains a method or + header field it does not know about. + + + + + + + +Rosenberg, et. al. Standards Track [Page 94] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 2. URI scheme check + + If the Request-URI has a URI whose scheme is not understood by the + proxy, the proxy SHOULD reject the request with a 416 (Unsupported + URI Scheme) response. + + 3. Max-Forwards check + + The Max-Forwards header field (Section 20.22) is used to limit the + number of elements a SIP request can traverse. + + If the request does not contain a Max-Forwards header field, this + check is passed. + + If the request contains a Max-Forwards header field with a field + value greater than zero, the check is passed. + + If the request contains a Max-Forwards header field with a field + value of zero (0), the element MUST NOT forward the request. If + the request was for OPTIONS, the element MAY act as the final + recipient and respond per Section 11. Otherwise, the element MUST + return a 483 (Too many hops) response. + + 4. Optional Loop Detection check + + An element MAY check for forwarding loops before forwarding a + request. If the request contains a Via header field with a sent- + by value that equals a value placed into previous requests by the + proxy, the request has been forwarded by this element before. The + request has either looped or is legitimately spiraling through the + element. To determine if the request has looped, the element MAY + perform the branch parameter calculation described in Step 8 of + Section 16.6 on this message and compare it to the parameter + received in that Via header field. If the parameters match, the + request has looped. If they differ, the request is spiraling, and + processing continues. If a loop is detected, the element MAY + return a 482 (Loop Detected) response. + + 5. Proxy-Require check + + Future extensions to this protocol may introduce features that + require special handling by proxies. Endpoints will include a + Proxy-Require header field in requests that use these features, + telling the proxy not to process the request unless the feature is + understood. + + + + + + +Rosenberg, et. al. Standards Track [Page 95] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If the request contains a Proxy-Require header field (Section + 20.29) with one or more option-tags this element does not + understand, the element MUST return a 420 (Bad Extension) + response. The response MUST include an Unsupported (Section + 20.40) header field listing those option-tags the element did not + understand. + + 6. Proxy-Authorization check + + If an element requires credentials before forwarding a request, + the request MUST be inspected as described in Section 22.3. That + section also defines what the element must do if the inspection + fails. + +16.4 Route Information Preprocessing + + The proxy MUST inspect the Request-URI of the request. If the + Request-URI of the request contains a value this proxy previously + placed into a Record-Route header field (see Section 16.6 item 4), + the proxy MUST replace the Request-URI in the request with the last + value from the Route header field, and remove that value from the + Route header field. The proxy MUST then proceed as if it received + this modified request. + + This will only happen when the element sending the request to the + proxy (which may have been an endpoint) is a strict router. This + rewrite on receive is necessary to enable backwards compatibility + with those elements. It also allows elements following this + specification to preserve the Request-URI through strict-routing + proxies (see Section 12.2.1.1). + + This requirement does not obligate a proxy to keep state in order + to detect URIs it previously placed in Record-Route header fields. + Instead, a proxy need only place enough information in those URIs + to recognize them as values it provided when they later appear. + + If the Request-URI contains a maddr parameter, the proxy MUST check + to see if its value is in the set of addresses or domains the proxy + is configured to be responsible for. If the Request-URI has a maddr + parameter with a value the proxy is responsible for, and the request + was received using the port and transport indicated (explicitly or by + default) in the Request-URI, the proxy MUST strip the maddr and any + non-default port or transport parameter and continue processing as if + those values had not been present in the request. + + + + + + + +Rosenberg, et. al. Standards Track [Page 96] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + A request may arrive with a maddr matching the proxy, but on a + port or transport different from that indicated in the URI. Such + a request needs to be forwarded to the proxy using the indicated + port and transport. + + If the first value in the Route header field indicates this proxy, + the proxy MUST remove that value from the request. + +16.5 Determining Request Targets + + Next, the proxy calculates the target(s) of the request. The set of + targets will either be predetermined by the contents of the request + or will be obtained from an abstract location service. Each target + in the set is represented as a URI. + + If the Request-URI of the request contains an maddr parameter, the + Request-URI MUST be placed into the target set as the only target + URI, and the proxy MUST proceed to Section 16.6. + + If the domain of the Request-URI indicates a domain this element is + not responsible for, the Request-URI MUST be placed into the target + set as the only target, and the element MUST proceed to the task of + Request Forwarding (Section 16.6). + + There are many circumstances in which a proxy might receive a + request for a domain it is not responsible for. A firewall proxy + handling outgoing calls (the way HTTP proxies handle outgoing + requests) is an example of where this is likely to occur. + + If the target set for the request has not been predetermined as + described above, this implies that the element is responsible for the + domain in the Request-URI, and the element MAY use whatever mechanism + it desires to determine where to send the request. Any of these + mechanisms can be modeled as accessing an abstract Location Service. + This may consist of obtaining information from a location service + created by a SIP Registrar, reading a database, consulting a presence + server, utilizing other protocols, or simply performing an + algorithmic substitution on the Request-URI. When accessing the + location service constructed by a registrar, the Request-URI MUST + first be canonicalized as described in Section 10.3 before being used + as an index. The output of these mechanisms is used to construct the + target set. + + If the Request-URI does not provide sufficient information for the + proxy to determine the target set, it SHOULD return a 485 (Ambiguous) + response. This response SHOULD contain a Contact header field + containing URIs of new addresses to be tried. For example, an INVITE + + + + +Rosenberg, et. al. Standards Track [Page 97] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + to sip:John.Smith@company.com may be ambiguous at a proxy whose + location service has multiple John Smiths listed. See Section + 21.4.23 for details. + + Any information in or about the request or the current environment of + the element MAY be used in the construction of the target set. For + instance, different sets may be constructed depending on contents or + the presence of header fields and bodies, the time of day of the + request's arrival, the interface on which the request arrived, + failure of previous requests, or even the element's current level of + utilization. + + As potential targets are located through these services, their URIs + are added to the target set. Targets can only be placed in the + target set once. If a target URI is already present in the set + (based on the definition of equality for the URI type), it MUST NOT + be added again. + + A proxy MUST NOT add additional targets to the target set if the + Request-URI of the original request does not indicate a resource this + proxy is responsible for. + + A proxy can only change the Request-URI of a request during + forwarding if it is responsible for that URI. If the proxy is not + responsible for that URI, it will not recurse on 3xx or 416 + responses as described below. + + If the Request-URI of the original request indicates a resource this + proxy is responsible for, the proxy MAY continue to add targets to + the set after beginning Request Forwarding. It MAY use any + information obtained during that processing to determine new targets. + For instance, a proxy may choose to incorporate contacts obtained in + a redirect response (3xx) into the target set. If a proxy uses a + dynamic source of information while building the target set (for + instance, if it consults a SIP Registrar), it SHOULD monitor that + source for the duration of processing the request. New locations + SHOULD be added to the target set as they become available. As + above, any given URI MUST NOT be added to the set more than once. + + Allowing a URI to be added to the set only once reduces + unnecessary network traffic, and in the case of incorporating + contacts from redirect requests prevents infinite recursion. + + For example, a trivial location service is a "no-op", where the + target URI is equal to the incoming request URI. The request is sent + to a specific next hop proxy for further processing. During request + + + + + +Rosenberg, et. al. Standards Track [Page 98] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + forwarding of Section 16.6, Item 6, the identity of that next hop, + expressed as a SIP or SIPS URI, is inserted as the top-most Route + header field value into the request. + + If the Request-URI indicates a resource at this proxy that does not + exist, the proxy MUST return a 404 (Not Found) response. + + If the target set remains empty after applying all of the above, the + proxy MUST return an error response, which SHOULD be the 480 + (Temporarily Unavailable) response. + +16.6 Request Forwarding + + As soon as the target set is non-empty, a proxy MAY begin forwarding + the request. A stateful proxy MAY process the set in any order. It + MAY process multiple targets serially, allowing each client + transaction to complete before starting the next. It MAY start + client transactions with every target in parallel. It also MAY + arbitrarily divide the set into groups, processing the groups + serially and processing the targets in each group in parallel. + + A common ordering mechanism is to use the qvalue parameter of targets + obtained from Contact header fields (see Section 20.10). Targets are + processed from highest qvalue to lowest. Targets with equal qvalues + may be processed in parallel. + + A stateful proxy must have a mechanism to maintain the target set as + responses are received and associate the responses to each forwarded + request with the original request. For the purposes of this model, + this mechanism is a "response context" created by the proxy layer + before forwarding the first request. + + For each target, the proxy forwards the request following these + steps: + + 1. Make a copy of the received request + + 2. Update the Request-URI + + 3. Update the Max-Forwards header field + + 4. Optionally add a Record-route header field value + + 5. Optionally add additional header fields + + 6. Postprocess routing information + + 7. Determine the next-hop address, port, and transport + + + +Rosenberg, et. al. Standards Track [Page 99] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 8. Add a Via header field value + + 9. Add a Content-Length header field if necessary + + 10. Forward the new request + + 11. Set timer C + + Each of these steps is detailed below: + + 1. Copy request + + The proxy starts with a copy of the received request. The copy + MUST initially contain all of the header fields from the + received request. Fields not detailed in the processing + described below MUST NOT be removed. The copy SHOULD maintain + the ordering of the header fields as in the received request. + The proxy MUST NOT reorder field values with a common field + name (See Section 7.3.1). The proxy MUST NOT add to, modify, + or remove the message body. + + An actual implementation need not perform a copy; the primary + requirement is that the processing for each next hop begin with + the same request. + + 2. Request-URI + + The Request-URI in the copy's start line MUST be replaced with + the URI for this target. If the URI contains any parameters + not allowed in a Request-URI, they MUST be removed. + + This is the essence of a proxy's role. This is the mechanism + through which a proxy routes a request toward its destination. + + In some circumstances, the received Request-URI is placed into + the target set without being modified. For that target, the + replacement above is effectively a no-op. + + 3. Max-Forwards + + If the copy contains a Max-Forwards header field, the proxy + MUST decrement its value by one (1). + + If the copy does not contain a Max-Forwards header field, the + proxy MUST add one with a field value, which SHOULD be 70. + + Some existing UAs will not provide a Max-Forwards header field + in a request. + + + +Rosenberg, et. al. Standards Track [Page 100] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 4. Record-Route + + If this proxy wishes to remain on the path of future requests + in a dialog created by this request (assuming the request + creates a dialog), it MUST insert a Record-Route header field + value into the copy before any existing Record-Route header + field values, even if a Route header field is already present. + + Requests establishing a dialog may contain a preloaded Route + header field. + + If this request is already part of a dialog, the proxy SHOULD + insert a Record-Route header field value if it wishes to remain + on the path of future requests in the dialog. In normal + endpoint operation as described in Section 12, these Record- + Route header field values will not have any effect on the route + sets used by the endpoints. + + The proxy will remain on the path if it chooses to not insert a + Record-Route header field value into requests that are already + part of a dialog. However, it would be removed from the path + when an endpoint that has failed reconstitutes the dialog. + + A proxy MAY insert a Record-Route header field value into any + request. If the request does not initiate a dialog, the + endpoints will ignore the value. See Section 12 for details on + how endpoints use the Record-Route header field values to + construct Route header fields. + + Each proxy in the path of a request chooses whether to add a + Record-Route header field value independently - the presence of + a Record-Route header field in a request does not obligate this + proxy to add a value. + + The URI placed in the Record-Route header field value MUST be a + SIP or SIPS URI. This URI MUST contain an lr parameter (see + Section 19.1.1). This URI MAY be different for each + destination the request is forwarded to. The URI SHOULD NOT + contain the transport parameter unless the proxy has knowledge + (such as in a private network) that the next downstream element + that will be in the path of subsequent requests supports that + transport. + + The URI this proxy provides will be used by some other element + to make a routing decision. This proxy, in general, has no way + of knowing the capabilities of that element, so it must + restrict itself to the mandatory elements of a SIP + implementation: SIP URIs and either the TCP or UDP transports. + + + +Rosenberg, et. al. Standards Track [Page 101] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The URI placed in the Record-Route header field MUST resolve to + the element inserting it (or a suitable stand-in) when the + server location procedures of [4] are applied to it, so that + subsequent requests reach the same SIP element. If the + Request-URI contains a SIPS URI, or the topmost Route header + field value (after the post processing of bullet 6) contains a + SIPS URI, the URI placed into the Record-Route header field + MUST be a SIPS URI. Furthermore, if the request was not + received over TLS, the proxy MUST insert a Record-Route header + field. In a similar fashion, a proxy that receives a request + over TLS, but generates a request without a SIPS URI in the + Request-URI or topmost Route header field value (after the post + processing of bullet 6), MUST insert a Record-Route header + field that is not a SIPS URI. + + A proxy at a security perimeter must remain on the perimeter + throughout the dialog. + + If the URI placed in the Record-Route header field needs to be + rewritten when it passes back through in a response, the URI + MUST be distinct enough to locate at that time. (The request + may spiral through this proxy, resulting in more than one + Record-Route header field value being added). Item 8 of + Section 16.7 recommends a mechanism to make the URI + sufficiently distinct. + + The proxy MAY include parameters in the Record-Route header + field value. These will be echoed in some responses to the + request such as the 200 (OK) responses to INVITE. Such + parameters may be useful for keeping state in the message + rather than the proxy. + + If a proxy needs to be in the path of any type of dialog (such + as one straddling a firewall), it SHOULD add a Record-Route + header field value to every request with a method it does not + understand since that method may have dialog semantics. + + The URI a proxy places into a Record-Route header field is only + valid for the lifetime of any dialog created by the transaction + in which it occurs. A dialog-stateful proxy, for example, MAY + refuse to accept future requests with that value in the + Request-URI after the dialog has terminated. Non-dialog- + stateful proxies, of course, have no concept of when the dialog + has terminated, but they MAY encode enough information in the + value to compare it against the dialog identifier of future + requests and MAY reject requests not matching that information. + Endpoints MUST NOT use a URI obtained from a Record-Route + header field outside the dialog in which it was provided. See + + + +Rosenberg, et. al. Standards Track [Page 102] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Section 12 for more information on an endpoint's use of + Record-Route header fields. + + Record-routing may be required by certain services where the + proxy needs to observe all messages in a dialog. However, it + slows down processing and impairs scalability and thus proxies + should only record-route if required for a particular service. + + The Record-Route process is designed to work for any SIP + request that initiates a dialog. INVITE is the only such + request in this specification, but extensions to the protocol + MAY define others. + + 5. Add Additional Header Fields + + The proxy MAY add any other appropriate header fields to the + copy at this point. + + 6. Postprocess routing information + + A proxy MAY have a local policy that mandates that a request + visit a specific set of proxies before being delivered to the + destination. A proxy MUST ensure that all such proxies are + loose routers. Generally, this can only be known with + certainty if the proxies are within the same administrative + domain. This set of proxies is represented by a set of URIs + (each of which contains the lr parameter). This set MUST be + pushed into the Route header field of the copy ahead of any + existing values, if present. If the Route header field is + absent, it MUST be added, containing that list of URIs. + + If the proxy has a local policy that mandates that the request + visit one specific proxy, an alternative to pushing a Route + value into the Route header field is to bypass the forwarding + logic of item 10 below, and instead just send the request to + the address, port, and transport for that specific proxy. If + the request has a Route header field, this alternative MUST NOT + be used unless it is known that next hop proxy is a loose + router. Otherwise, this approach MAY be used, but the Route + insertion mechanism above is preferred for its robustness, + flexibility, generality and consistency of operation. + Furthermore, if the Request-URI contains a SIPS URI, TLS MUST + be used to communicate with that proxy. + + If the copy contains a Route header field, the proxy MUST + inspect the URI in its first value. If that URI does not + contain an lr parameter, the proxy MUST modify the copy as + follows: + + + +Rosenberg, et. al. Standards Track [Page 103] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + - The proxy MUST place the Request-URI into the Route header + field as the last value. + + - The proxy MUST then place the first Route header field value + into the Request-URI and remove that value from the Route + header field. + + Appending the Request-URI to the Route header field is part of + a mechanism used to pass the information in that Request-URI + through strict-routing elements. "Popping" the first Route + header field value into the Request-URI formats the message the + way a strict-routing element expects to receive it (with its + own URI in the Request-URI and the next location to visit in + the first Route header field value). + + 7. Determine Next-Hop Address, Port, and Transport + + The proxy MAY have a local policy to send the request to a + specific IP address, port, and transport, independent of the + values of the Route and Request-URI. Such a policy MUST NOT be + used if the proxy is not certain that the IP address, port, and + transport correspond to a server that is a loose router. + However, this mechanism for sending the request through a + specific next hop is NOT RECOMMENDED; instead a Route header + field should be used for that purpose as described above. + + In the absence of such an overriding mechanism, the proxy + applies the procedures listed in [4] as follows to determine + where to send the request. If the proxy has reformatted the + request to send to a strict-routing element as described in + step 6 above, the proxy MUST apply those procedures to the + Request-URI of the request. Otherwise, the proxy MUST apply + the procedures to the first value in the Route header field, if + present, else the Request-URI. The procedures will produce an + ordered set of (address, port, transport) tuples. + Independently of which URI is being used as input to the + procedures of [4], if the Request-URI specifies a SIPS + resource, the proxy MUST follow the procedures of [4] as if the + input URI were a SIPS URI. + + As described in [4], the proxy MUST attempt to deliver the + message to the first tuple in that set, and proceed through the + set in order until the delivery attempt succeeds. + + For each tuple attempted, the proxy MUST format the message as + appropriate for the tuple and send the request using a new + client transaction as detailed in steps 8 through 10. + + + + +Rosenberg, et. al. Standards Track [Page 104] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Since each attempt uses a new client transaction, it represents + a new branch. Thus, the branch parameter provided with the Via + header field inserted in step 8 MUST be different for each + attempt. + + If the client transaction reports failure to send the request + or a timeout from its state machine, the proxy continues to the + next address in that ordered set. If the ordered set is + exhausted, the request cannot be forwarded to this element in + the target set. The proxy does not need to place anything in + the response context, but otherwise acts as if this element of + the target set returned a 408 (Request Timeout) final response. + + 8. Add a Via header field value + + The proxy MUST insert a Via header field value into the copy + before the existing Via header field values. The construction + of this value follows the same guidelines of Section 8.1.1.7. + This implies that the proxy will compute its own branch + parameter, which will be globally unique for that branch, and + contain the requisite magic cookie. Note that this implies that + the branch parameter will be different for different instances + of a spiraled or looped request through a proxy. + + Proxies choosing to detect loops have an additional constraint + in the value they use for construction of the branch parameter. + A proxy choosing to detect loops SHOULD create a branch + parameter separable into two parts by the implementation. The + first part MUST satisfy the constraints of Section 8.1.1.7 as + described above. The second is used to perform loop detection + and distinguish loops from spirals. + + Loop detection is performed by verifying that, when a request + returns to a proxy, those fields having an impact on the + processing of the request have not changed. The value placed + in this part of the branch parameter SHOULD reflect all of + those fields (including any Route, Proxy-Require and Proxy- + Authorization header fields). This is to ensure that if the + request is routed back to the proxy and one of those fields + changes, it is treated as a spiral and not a loop (see Section + 16.3). A common way to create this value is to compute a + cryptographic hash of the To tag, From tag, Call-ID header + field, the Request-URI of the request received (before + translation), the topmost Via header, and the sequence number + from the CSeq header field, in addition to any Proxy-Require + and Proxy-Authorization header fields that may be present. The + + + + + +Rosenberg, et. al. Standards Track [Page 105] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + algorithm used to compute the hash is implementation-dependent, + but MD5 (RFC 1321 [35]), expressed in hexadecimal, is a + reasonable choice. (Base64 is not permissible for a token.) + + If a proxy wishes to detect loops, the "branch" parameter it + supplies MUST depend on all information affecting processing of + a request, including the incoming Request-URI and any header + fields affecting the request's admission or routing. This is + necessary to distinguish looped requests from requests whose + routing parameters have changed before returning to this + server. + + The request method MUST NOT be included in the calculation of + the branch parameter. In particular, CANCEL and ACK requests + (for non-2xx responses) MUST have the same branch value as the + corresponding request they cancel or acknowledge. The branch + parameter is used in correlating those requests at the server + handling them (see Sections 17.2.3 and 9.2). + + 9. Add a Content-Length header field if necessary + + If the request will be sent to the next hop using a stream- + based transport and the copy contains no Content-Length header + field, the proxy MUST insert one with the correct value for the + body of the request (see Section 20.14). + + 10. Forward Request + + A stateful proxy MUST create a new client transaction for this + request as described in Section 17.1 and instructs the + transaction to send the request using the address, port and + transport determined in step 7. + + 11. Set timer C + + In order to handle the case where an INVITE request never + generates a final response, the TU uses a timer which is called + timer C. Timer C MUST be set for each client transaction when + an INVITE request is proxied. The timer MUST be larger than 3 + minutes. Section 16.7 bullet 2 discusses how this timer is + updated with provisional responses, and Section 16.8 discusses + processing when it fires. + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 106] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +16.7 Response Processing + + When a response is received by an element, it first tries to locate a + client transaction (Section 17.1.3) matching the response. If none + is found, the element MUST process the response (even if it is an + informational response) as a stateless proxy (described below). If a + match is found, the response is handed to the client transaction. + + Forwarding responses for which a client transaction (or more + generally any knowledge of having sent an associated request) is + not found improves robustness. In particular, it ensures that + "late" 2xx responses to INVITE requests are forwarded properly. + + As client transactions pass responses to the proxy layer, the + following processing MUST take place: + + 1. Find the appropriate response context + + 2. Update timer C for provisional responses + + 3. Remove the topmost Via + + 4. Add the response to the response context + + 5. Check to see if this response should be forwarded immediately + + 6. When necessary, choose the best final response from the + response context + + If no final response has been forwarded after every client + transaction associated with the response context has been terminated, + the proxy must choose and forward the "best" response from those it + has seen so far. + + The following processing MUST be performed on each response that is + forwarded. It is likely that more than one response to each request + will be forwarded: at least each provisional and one final response. + + 7. Aggregate authorization header field values if necessary + + 8. Optionally rewrite Record-Route header field values + + 9. Forward the response + + 10. Generate any necessary CANCEL requests + + + + + + +Rosenberg, et. al. Standards Track [Page 107] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Each of the above steps are detailed below: + + 1. Find Context + + The proxy locates the "response context" it created before + forwarding the original request using the key described in + Section 16.6. The remaining processing steps take place in + this context. + + 2. Update timer C for provisional responses + + For an INVITE transaction, if the response is a provisional + response with status codes 101 to 199 inclusive (i.e., anything + but 100), the proxy MUST reset timer C for that client + transaction. The timer MAY be reset to a different value, but + this value MUST be greater than 3 minutes. + + 3. Via + + The proxy removes the topmost Via header field value from the + response. + + If no Via header field values remain in the response, the + response was meant for this element and MUST NOT be forwarded. + The remainder of the processing described in this section is + not performed on this message, the UAC processing rules + described in Section 8.1.3 are followed instead (transport + layer processing has already occurred). + + This will happen, for instance, when the element generates + CANCEL requests as described in Section 10. + + 4. Add response to context + + Final responses received are stored in the response context + until a final response is generated on the server transaction + associated with this context. The response may be a candidate + for the best final response to be returned on that server + transaction. Information from this response may be needed in + forming the best response, even if this response is not chosen. + + If the proxy chooses to recurse on any contacts in a 3xx + response by adding them to the target set, it MUST remove them + from the response before adding the response to the response + context. However, a proxy SHOULD NOT recurse to a non-SIPS URI + if the Request-URI of the original request was a SIPS URI. If + + + + + +Rosenberg, et. al. Standards Track [Page 108] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + the proxy recurses on all of the contacts in a 3xx response, + the proxy SHOULD NOT add the resulting contactless response to + the response context. + + Removing the contact before adding the response to the response + context prevents the next element upstream from retrying a + location this proxy has already attempted. + + 3xx responses may contain a mixture of SIP, SIPS, and non-SIP + URIs. A proxy may choose to recurse on the SIP and SIPS URIs + and place the remainder into the response context to be + returned, potentially in the final response. + + If a proxy receives a 416 (Unsupported URI Scheme) response to + a request whose Request-URI scheme was not SIP, but the scheme + in the original received request was SIP or SIPS (that is, the + proxy changed the scheme from SIP or SIPS to something else + when it proxied a request), the proxy SHOULD add a new URI to + the target set. This URI SHOULD be a SIP URI version of the + non-SIP URI that was just tried. In the case of the tel URL, + this is accomplished by placing the telephone-subscriber part + of the tel URL into the user part of the SIP URI, and setting + the hostpart to the domain where the prior request was sent. + See Section 19.1.6 for more detail on forming SIP URIs from tel + URLs. + + As with a 3xx response, if a proxy "recurses" on the 416 by + trying a SIP or SIPS URI instead, the 416 response SHOULD NOT + be added to the response context. + + 5. Check response for forwarding + + Until a final response has been sent on the server transaction, + the following responses MUST be forwarded immediately: + + - Any provisional response other than 100 (Trying) + + - Any 2xx response + + If a 6xx response is received, it is not immediately forwarded, + but the stateful proxy SHOULD cancel all client pending + transactions as described in Section 10, and it MUST NOT create + any new branches in this context. + + This is a change from RFC 2543, which mandated that the proxy + was to forward the 6xx response immediately. For an INVITE + transaction, this approach had the problem that a 2xx response + could arrive on another branch, in which case the proxy would + + + +Rosenberg, et. al. Standards Track [Page 109] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + have to forward the 2xx. The result was that the UAC could + receive a 6xx response followed by a 2xx response, which should + never be allowed to happen. Under the new rules, upon + receiving a 6xx, a proxy will issue a CANCEL request, which + will generally result in 487 responses from all outstanding + client transactions, and then at that point the 6xx is + forwarded upstream. + + After a final response has been sent on the server transaction, + the following responses MUST be forwarded immediately: + + - Any 2xx response to an INVITE request + + A stateful proxy MUST NOT immediately forward any other + responses. In particular, a stateful proxy MUST NOT forward + any 100 (Trying) response. Those responses that are candidates + for forwarding later as the "best" response have been gathered + as described in step "Add Response to Context". + + Any response chosen for immediate forwarding MUST be processed + as described in steps "Aggregate Authorization Header Field + Values" through "Record-Route". + + This step, combined with the next, ensures that a stateful + proxy will forward exactly one final response to a non-INVITE + request, and either exactly one non-2xx response or one or more + 2xx responses to an INVITE request. + + 6. Choosing the best response + + A stateful proxy MUST send a final response to a response + context's server transaction if no final responses have been + immediately forwarded by the above rules and all client + transactions in this response context have been terminated. + + The stateful proxy MUST choose the "best" final response among + those received and stored in the response context. + + If there are no final responses in the context, the proxy MUST + send a 408 (Request Timeout) response to the server + transaction. + + Otherwise, the proxy MUST forward a response from the responses + stored in the response context. It MUST choose from the 6xx + class responses if any exist in the context. If no 6xx class + responses are present, the proxy SHOULD choose from the lowest + response class stored in the response context. The proxy MAY + select any response within that chosen class. The proxy SHOULD + + + +Rosenberg, et. al. Standards Track [Page 110] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + give preference to responses that provide information affecting + resubmission of this request, such as 401, 407, 415, 420, and + 484 if the 4xx class is chosen. + + A proxy which receives a 503 (Service Unavailable) response + SHOULD NOT forward it upstream unless it can determine that any + subsequent requests it might proxy will also generate a 503. + In other words, forwarding a 503 means that the proxy knows it + cannot service any requests, not just the one for the Request- + URI in the request which generated the 503. If the only + response that was received is a 503, the proxy SHOULD generate + a 500 response and forward that upstream. + + The forwarded response MUST be processed as described in steps + "Aggregate Authorization Header Field Values" through "Record- + Route". + + For example, if a proxy forwarded a request to 4 locations, and + received 503, 407, 501, and 404 responses, it may choose to + forward the 407 (Proxy Authentication Required) response. + + 1xx and 2xx responses may be involved in the establishment of + dialogs. When a request does not contain a To tag, the To tag + in the response is used by the UAC to distinguish multiple + responses to a dialog creating request. A proxy MUST NOT + insert a tag into the To header field of a 1xx or 2xx response + if the request did not contain one. A proxy MUST NOT modify + the tag in the To header field of a 1xx or 2xx response. + + Since a proxy may not insert a tag into the To header field of + a 1xx response to a request that did not contain one, it cannot + issue non-100 provisional responses on its own. However, it + can branch the request to a UAS sharing the same element as the + proxy. This UAS can return its own provisional responses, + entering into an early dialog with the initiator of the + request. The UAS does not have to be a discreet process from + the proxy. It could be a virtual UAS implemented in the same + code space as the proxy. + + 3-6xx responses are delivered hop-by-hop. When issuing a 3-6xx + response, the element is effectively acting as a UAS, issuing + its own response, usually based on the responses received from + downstream elements. An element SHOULD preserve the To tag + when simply forwarding a 3-6xx response to a request that did + not contain a To tag. + + A proxy MUST NOT modify the To tag in any forwarded response to + a request that contains a To tag. + + + +Rosenberg, et. al. Standards Track [Page 111] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + While it makes no difference to the upstream elements if the + proxy replaced the To tag in a forwarded 3-6xx response, + preserving the original tag may assist with debugging. + + When the proxy is aggregating information from several + responses, choosing a To tag from among them is arbitrary, and + generating a new To tag may make debugging easier. This + happens, for instance, when combining 401 (Unauthorized) and + 407 (Proxy Authentication Required) challenges, or combining + Contact values from unencrypted and unauthenticated 3xx + responses. + + 7. Aggregate Authorization Header Field Values + + If the selected response is a 401 (Unauthorized) or 407 (Proxy + Authentication Required), the proxy MUST collect any WWW- + Authenticate and Proxy-Authenticate header field values from + all other 401 (Unauthorized) and 407 (Proxy Authentication + Required) responses received so far in this response context + and add them to this response without modification before + forwarding. The resulting 401 (Unauthorized) or 407 (Proxy + Authentication Required) response could have several WWW- + Authenticate AND Proxy-Authenticate header field values. + + This is necessary because any or all of the destinations the + request was forwarded to may have requested credentials. The + client needs to receive all of those challenges and supply + credentials for each of them when it retries the request. + Motivation for this behavior is provided in Section 26. + + 8. Record-Route + + If the selected response contains a Record-Route header field + value originally provided by this proxy, the proxy MAY choose + to rewrite the value before forwarding the response. This + allows the proxy to provide different URIs for itself to the + next upstream and downstream elements. A proxy may choose to + use this mechanism for any reason. For instance, it is useful + for multi-homed hosts. + + If the proxy received the request over TLS, and sent it out + over a non-TLS connection, the proxy MUST rewrite the URI in + the Record-Route header field to be a SIPS URI. If the proxy + received the request over a non-TLS connection, and sent it out + over TLS, the proxy MUST rewrite the URI in the Record-Route + header field to be a SIP URI. + + + + + +Rosenberg, et. al. Standards Track [Page 112] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The new URI provided by the proxy MUST satisfy the same + constraints on URIs placed in Record-Route header fields in + requests (see Step 4 of Section 16.6) with the following + modifications: + + The URI SHOULD NOT contain the transport parameter unless the + proxy has knowledge that the next upstream (as opposed to + downstream) element that will be in the path of subsequent + requests supports that transport. + + When a proxy does decide to modify the Record-Route header + field in the response, one of the operations it performs is + locating the Record-Route value that it had inserted. If the + request spiraled, and the proxy inserted a Record-Route value + in each iteration of the spiral, locating the correct value in + the response (which must be the proper iteration in the reverse + direction) is tricky. The rules above recommend that a proxy + wishing to rewrite Record-Route header field values insert + sufficiently distinct URIs into the Record-Route header field + so that the right one may be selected for rewriting. A + RECOMMENDED mechanism to achieve this is for the proxy to + append a unique identifier for the proxy instance to the user + portion of the URI. + + When the response arrives, the proxy modifies the first + Record-Route whose identifier matches the proxy instance. The + modification results in a URI without this piece of data + appended to the user portion of the URI. Upon the next + iteration, the same algorithm (find the topmost Record-Route + header field value with the parameter) will correctly extract + the next Record-Route header field value inserted by that + proxy. + + Not every response to a request to which a proxy adds a + Record-Route header field value will contain a Record-Route + header field. If the response does contain a Record-Route + header field, it will contain the value the proxy added. + + 9. Forward response + + After performing the processing described in steps "Aggregate + Authorization Header Field Values" through "Record-Route", the + proxy MAY perform any feature specific manipulations on the + selected response. The proxy MUST NOT add to, modify, or + remove the message body. Unless otherwise specified, the proxy + MUST NOT remove any header field values other than the Via + header field value discussed in Section 16.7 Item 3. In + particular, the proxy MUST NOT remove any "received" parameter + + + +Rosenberg, et. al. Standards Track [Page 113] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + it may have added to the next Via header field value while + processing the request associated with this response. The + proxy MUST pass the response to the server transaction + associated with the response context. This will result in the + response being sent to the location now indicated in the + topmost Via header field value. If the server transaction is + no longer available to handle the transmission, the element + MUST forward the response statelessly by sending it to the + server transport. The server transaction might indicate + failure to send the response or signal a timeout in its state + machine. These errors would be logged for diagnostic purposes + as appropriate, but the protocol requires no remedial action + from the proxy. + + The proxy MUST maintain the response context until all of its + associated transactions have been terminated, even after + forwarding a final response. + + 10. Generate CANCELs + + If the forwarded response was a final response, the proxy MUST + generate a CANCEL request for all pending client transactions + associated with this response context. A proxy SHOULD also + generate a CANCEL request for all pending client transactions + associated with this response context when it receives a 6xx + response. A pending client transaction is one that has + received a provisional response, but no final response (it is + in the proceeding state) and has not had an associated CANCEL + generated for it. Generating CANCEL requests is described in + Section 9.1. + + The requirement to CANCEL pending client transactions upon + forwarding a final response does not guarantee that an endpoint + will not receive multiple 200 (OK) responses to an INVITE. 200 + (OK) responses on more than one branch may be generated before + the CANCEL requests can be sent and processed. Further, it is + reasonable to expect that a future extension may override this + requirement to issue CANCEL requests. + +16.8 Processing Timer C + + If timer C should fire, the proxy MUST either reset the timer with + any value it chooses, or terminate the client transaction. If the + client transaction has received a provisional response, the proxy + MUST generate a CANCEL request matching that transaction. If the + client transaction has not received a provisional response, the proxy + MUST behave as if the transaction received a 408 (Request Timeout) + response. + + + +Rosenberg, et. al. Standards Track [Page 114] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Allowing the proxy to reset the timer allows the proxy to dynamically + extend the transaction's lifetime based on current conditions (such + as utilization) when the timer fires. + +16.9 Handling Transport Errors + + If the transport layer notifies a proxy of an error when it tries to + forward a request (see Section 18.4), the proxy MUST behave as if the + forwarded request received a 503 (Service Unavailable) response. + + If the proxy is notified of an error when forwarding a response, it + drops the response. The proxy SHOULD NOT cancel any outstanding + client transactions associated with this response context due to this + notification. + + If a proxy cancels its outstanding client transactions, a single + malicious or misbehaving client can cause all transactions to fail + through its Via header field. + +16.10 CANCEL Processing + + A stateful proxy MAY generate a CANCEL to any other request it has + generated at any time (subject to receiving a provisional response to + that request as described in section 9.1). A proxy MUST cancel any + pending client transactions associated with a response context when + it receives a matching CANCEL request. + + A stateful proxy MAY generate CANCEL requests for pending INVITE + client transactions based on the period specified in the INVITE's + Expires header field elapsing. However, this is generally + unnecessary since the endpoints involved will take care of signaling + the end of the transaction. + + While a CANCEL request is handled in a stateful proxy by its own + server transaction, a new response context is not created for it. + Instead, the proxy layer searches its existing response contexts for + the server transaction handling the request associated with this + CANCEL. If a matching response context is found, the element MUST + immediately return a 200 (OK) response to the CANCEL request. In + this case, the element is acting as a user agent server as defined in + Section 8.2. Furthermore, the element MUST generate CANCEL requests + for all pending client transactions in the context as described in + Section 16.7 step 10. + + If a response context is not found, the element does not have any + knowledge of the request to apply the CANCEL to. It MUST statelessly + forward the CANCEL request (it may have statelessly forwarded the + associated request previously). + + + +Rosenberg, et. al. Standards Track [Page 115] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +16.11 Stateless Proxy + + When acting statelessly, a proxy is a simple message forwarder. Much + of the processing performed when acting statelessly is the same as + when behaving statefully. The differences are detailed here. + + A stateless proxy does not have any notion of a transaction, or of + the response context used to describe stateful proxy behavior. + Instead, the stateless proxy takes messages, both requests and + responses, directly from the transport layer (See section 18). As a + result, stateless proxies do not retransmit messages on their own. + They do, however, forward all retransmissions they receive (they do + not have the ability to distinguish a retransmission from the + original message). Furthermore, when handling a request statelessly, + an element MUST NOT generate its own 100 (Trying) or any other + provisional response. + + A stateless proxy MUST validate a request as described in Section + 16.3 + + A stateless proxy MUST follow the request processing steps described + in Sections 16.4 through 16.5 with the following exception: + + o A stateless proxy MUST choose one and only one target from the + target set. This choice MUST only rely on fields in the + message and time-invariant properties of the server. In + particular, a retransmitted request MUST be forwarded to the + same destination each time it is processed. Furthermore, + CANCEL and non-Routed ACK requests MUST generate the same + choice as their associated INVITE. + + A stateless proxy MUST follow the request processing steps described + in Section 16.6 with the following exceptions: + + o The requirement for unique branch IDs across space and time + applies to stateless proxies as well. However, a stateless + proxy cannot simply use a random number generator to compute + the first component of the branch ID, as described in Section + 16.6 bullet 8. This is because retransmissions of a request + need to have the same value, and a stateless proxy cannot tell + a retransmission from the original request. Therefore, the + component of the branch parameter that makes it unique MUST be + the same each time a retransmitted request is forwarded. Thus + for a stateless proxy, the branch parameter MUST be computed as + a combinatoric function of message parameters which are + invariant on retransmission. + + + + + +Rosenberg, et. al. Standards Track [Page 116] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The stateless proxy MAY use any technique it likes to guarantee + uniqueness of its branch IDs across transactions. However, the + following procedure is RECOMMENDED. The proxy examines the + branch ID in the topmost Via header field of the received + request. If it begins with the magic cookie, the first + component of the branch ID of the outgoing request is computed + as a hash of the received branch ID. Otherwise, the first + component of the branch ID is computed as a hash of the topmost + Via, the tag in the To header field, the tag in the From header + field, the Call-ID header field, the CSeq number (but not + method), and the Request-URI from the received request. One of + these fields will always vary across two different + transactions. + + o All other message transformations specified in Section 16.6 + MUST result in the same transformation of a retransmitted + request. In particular, if the proxy inserts a Record-Route + value or pushes URIs into the Route header field, it MUST place + the same values in retransmissions of the request. As for the + Via branch parameter, this implies that the transformations + MUST be based on time-invariant configuration or + retransmission-invariant properties of the request. + + o A stateless proxy determines where to forward the request as + described for stateful proxies in Section 16.6 Item 10. The + request is sent directly to the transport layer instead of + through a client transaction. + + Since a stateless proxy must forward retransmitted requests to + the same destination and add identical branch parameters to + each of them, it can only use information from the message + itself and time-invariant configuration data for those + calculations. If the configuration state is not time-invariant + (for example, if a routing table is updated) any requests that + could be affected by the change may not be forwarded + statelessly during an interval equal to the transaction timeout + window before or after the change. The method of processing + the affected requests in that interval is an implementation + decision. A common solution is to forward them transaction + statefully. + + Stateless proxies MUST NOT perform special processing for CANCEL + requests. They are processed by the above rules as any other + requests. In particular, a stateless proxy applies the same Route + header field processing to CANCEL requests that it applies to any + other request. + + + + + +Rosenberg, et. al. Standards Track [Page 117] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Response processing as described in Section 16.7 does not apply to a + proxy behaving statelessly. When a response arrives at a stateless + proxy, the proxy MUST inspect the sent-by value in the first + (topmost) Via header field value. If that address matches the proxy, + (it equals a value this proxy has inserted into previous requests) + the proxy MUST remove that header field value from the response and + forward the result to the location indicated in the next Via header + field value. The proxy MUST NOT add to, modify, or remove the + message body. Unless specified otherwise, the proxy MUST NOT remove + any other header field values. If the address does not match the + proxy, the message MUST be silently discarded. + +16.12 Summary of Proxy Route Processing + + In the absence of local policy to the contrary, the processing a + proxy performs on a request containing a Route header field can be + summarized in the following steps. + + 1. The proxy will inspect the Request-URI. If it indicates a + resource owned by this proxy, the proxy will replace it with + the results of running a location service. Otherwise, the + proxy will not change the Request-URI. + + 2. The proxy will inspect the URI in the topmost Route header + field value. If it indicates this proxy, the proxy removes it + from the Route header field (this route node has been + reached). + + 3. The proxy will forward the request to the resource indicated + by the URI in the topmost Route header field value or in the + Request-URI if no Route header field is present. The proxy + determines the address, port and transport to use when + forwarding the request by applying the procedures in [4] to + that URI. + + If no strict-routing elements are encountered on the path of the + request, the Request-URI will always indicate the target of the + request. + +16.12.1 Examples + +16.12.1.1 Basic SIP Trapezoid + + This scenario is the basic SIP trapezoid, U1 -> P1 -> P2 -> U2, with + both proxies record-routing. Here is the flow. + + + + + + +Rosenberg, et. al. Standards Track [Page 118] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + U1 sends: + + INVITE sip:callee@domain.com SIP/2.0 + Contact: sip:caller@u1.example.com + + to P1. P1 is an outbound proxy. P1 is not responsible for + domain.com, so it looks it up in DNS and sends it there. It also + adds a Record-Route header field value: + + INVITE sip:callee@domain.com SIP/2.0 + Contact: sip:caller@u1.example.com + Record-Route: + + P2 gets this. It is responsible for domain.com so it runs a location + service and rewrites the Request-URI. It also adds a Record-Route + header field value. There is no Route header field, so it resolves + the new Request-URI to determine where to send the request: + + INVITE sip:callee@u2.domain.com SIP/2.0 + Contact: sip:caller@u1.example.com + Record-Route: + Record-Route: + + The callee at u2.domain.com gets this and responds with a 200 OK: + + SIP/2.0 200 OK + Contact: sip:callee@u2.domain.com + Record-Route: + Record-Route: + + The callee at u2 also sets its dialog state's remote target URI to + sip:caller@u1.example.com and its route set to: + + (,) + + This is forwarded by P2 to P1 to U1 as normal. Now, U1 sets its + dialog state's remote target URI to sip:callee@u2.domain.com and its + route set to: + + (,) + + Since all the route set elements contain the lr parameter, U1 + constructs the following BYE request: + + BYE sip:callee@u2.domain.com SIP/2.0 + Route: , + + + + + +Rosenberg, et. al. Standards Track [Page 119] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + As any other element (including proxies) would do, it resolves the + URI in the topmost Route header field value using DNS to determine + where to send the request. This goes to P1. P1 notices that it is + not responsible for the resource indicated in the Request-URI so it + doesn't change it. It does see that it is the first value in the + Route header field, so it removes that value, and forwards the + request to P2: + + BYE sip:callee@u2.domain.com SIP/2.0 + Route: + + P2 also notices it is not responsible for the resource indicated by + the Request-URI (it is responsible for domain.com, not + u2.domain.com), so it doesn't change it. It does see itself in the + first Route header field value, so it removes it and forwards the + following to u2.domain.com based on a DNS lookup against the + Request-URI: + + BYE sip:callee@u2.domain.com SIP/2.0 + +16.12.1.2 Traversing a Strict-Routing Proxy + + In this scenario, a dialog is established across four proxies, each + of which adds Record-Route header field values. The third proxy + implements the strict-routing procedures specified in RFC 2543 and + many works in progress. + + U1->P1->P2->P3->P4->U2 + + The INVITE arriving at U2 contains: + + INVITE sip:callee@u2.domain.com SIP/2.0 + Contact: sip:caller@u1.example.com + Record-Route: + Record-Route: + Record-Route: + Record-Route: + + Which U2 responds to with a 200 OK. Later, U2 sends the following + BYE request to P4 based on the first Route header field value. + + BYE sip:caller@u1.example.com SIP/2.0 + Route: + Route: + Route: + Route: + + + + + +Rosenberg, et. al. Standards Track [Page 120] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + P4 is not responsible for the resource indicated in the Request-URI + so it will leave it alone. It notices that it is the element in the + first Route header field value so it removes it. It then prepares to + send the request based on the now first Route header field value of + sip:p3.middle.com, but it notices that this URI does not contain the + lr parameter, so before sending, it reformats the request to be: + + BYE sip:p3.middle.com SIP/2.0 + Route: + Route: + Route: + + P3 is a strict router, so it forwards the following to P2: + + BYE sip:p2.example.com;lr SIP/2.0 + Route: + Route: + + P2 sees the request-URI is a value it placed into a Record-Route + header field, so before further processing, it rewrites the request + to be: + + BYE sip:caller@u1.example.com SIP/2.0 + Route: + + P2 is not responsible for u1.example.com, so it sends the request to + P1 based on the resolution of the Route header field value. + + P1 notices itself in the topmost Route header field value, so it + removes it, resulting in: + + BYE sip:caller@u1.example.com SIP/2.0 + + Since P1 is not responsible for u1.example.com and there is no Route + header field, P1 will forward the request to u1.example.com based on + the Request-URI. + +16.12.1.3 Rewriting Record-Route Header Field Values + + In this scenario, U1 and U2 are in different private namespaces and + they enter a dialog through a proxy P1, which acts as a gateway + between the namespaces. + + U1->P1->U2 + + + + + + + +Rosenberg, et. al. Standards Track [Page 121] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + U1 sends: + + INVITE sip:callee@gateway.leftprivatespace.com SIP/2.0 + Contact: + + P1 uses its location service and sends the following to U2: + + INVITE sip:callee@rightprivatespace.com SIP/2.0 + Contact: + Record-Route: + + U2 sends this 200 (OK) back to P1: + + SIP/2.0 200 OK + Contact: + Record-Route: + + P1 rewrites its Record-Route header parameter to provide a value that + U1 will find useful, and sends the following to U1: + + SIP/2.0 200 OK + Contact: + Record-Route: + + Later, U1 sends the following BYE request to P1: + + BYE sip:callee@u2.rightprivatespace.com SIP/2.0 + Route: + + which P1 forwards to U2 as: + + BYE sip:callee@u2.rightprivatespace.com SIP/2.0 + +17 Transactions + + SIP is a transactional protocol: interactions between components take + place in a series of independent message exchanges. Specifically, a + SIP transaction consists of a single request and any responses to + that request, which include zero or more provisional responses and + one or more final responses. In the case of a transaction where the + request was an INVITE (known as an INVITE transaction), the + transaction also includes the ACK only if the final response was not + a 2xx response. If the response was a 2xx, the ACK is not considered + part of the transaction. + + The reason for this separation is rooted in the importance of + delivering all 200 (OK) responses to an INVITE to the UAC. To + deliver them all to the UAC, the UAS alone takes responsibility + + + +Rosenberg, et. al. Standards Track [Page 122] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + for retransmitting them (see Section 13.3.1.4), and the UAC alone + takes responsibility for acknowledging them with ACK (see Section + 13.2.2.4). Since this ACK is retransmitted only by the UAC, it is + effectively considered its own transaction. + + Transactions have a client side and a server side. The client side + is known as a client transaction and the server side as a server + transaction. The client transaction sends the request, and the + server transaction sends the response. The client and server + transactions are logical functions that are embedded in any number of + elements. Specifically, they exist within user agents and stateful + proxy servers. Consider the example in Section 4. In this example, + the UAC executes the client transaction, and its outbound proxy + executes the server transaction. The outbound proxy also executes a + client transaction, which sends the request to a server transaction + in the inbound proxy. That proxy also executes a client transaction, + which in turn sends the request to a server transaction in the UAS. + This is shown in Figure 4. + + +---------+ +---------+ +---------+ +---------+ + | +-+|Request |+-+ +-+|Request |+-+ +-+|Request |+-+ | + | |C||------->||S| |C||------->||S| |C||------->||S| | + | |l|| ||e| |l|| ||e| |l|| ||e| | + | |i|| ||r| |i|| ||r| |i|| ||r| | + | |e|| ||v| |e|| ||v| |e|| ||v| | + | |n|| ||e| |n|| ||e| |n|| ||e| | + | |t|| ||r| |t|| ||r| |t|| ||r| | + | | || || | | || || | | || || | | + | |T|| ||T| |T|| ||T| |T|| ||T| | + | |r|| ||r| |r|| ||r| |r|| ||r| | + | |a|| ||a| |a|| ||a| |a|| ||a| | + | |n|| ||n| |n|| ||n| |n|| ||n| | + | |s||Response||s| |s||Response||s| |s||Response||s| | + | +-+|<-------|+-+ +-+|<-------|+-+ +-+|<-------|+-+ | + +---------+ +---------+ +---------+ +---------+ + UAC Outbound Inbound UAS + Proxy Proxy + + Figure 4: Transaction relationships + + A stateless proxy does not contain a client or server transaction. + The transaction exists between the UA or stateful proxy on one side, + and the UA or stateful proxy on the other side. As far as SIP + transactions are concerned, stateless proxies are effectively + transparent. The purpose of the client transaction is to receive a + request from the element in which the client is embedded (call this + element the "Transaction User" or TU; it can be a UA or a stateful + proxy), and reliably deliver the request to a server transaction. + + + +Rosenberg, et. al. Standards Track [Page 123] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The client transaction is also responsible for receiving responses + and delivering them to the TU, filtering out any response + retransmissions or disallowed responses (such as a response to ACK). + Additionally, in the case of an INVITE request, the client + transaction is responsible for generating the ACK request for any + final response accepting a 2xx response. + + Similarly, the purpose of the server transaction is to receive + requests from the transport layer and deliver them to the TU. The + server transaction filters any request retransmissions from the + network. The server transaction accepts responses from the TU and + delivers them to the transport layer for transmission over the + network. In the case of an INVITE transaction, it absorbs the ACK + request for any final response excepting a 2xx response. + + The 2xx response and its ACK receive special treatment. This + response is retransmitted only by a UAS, and its ACK generated only + by the UAC. This end-to-end treatment is needed so that a caller + knows the entire set of users that have accepted the call. Because + of this special handling, retransmissions of the 2xx response are + handled by the UA core, not the transaction layer. Similarly, + generation of the ACK for the 2xx is handled by the UA core. Each + proxy along the path merely forwards each 2xx response to INVITE and + its corresponding ACK. + +17.1 Client Transaction + + The client transaction provides its functionality through the + maintenance of a state machine. + + The TU communicates with the client transaction through a simple + interface. When the TU wishes to initiate a new transaction, it + creates a client transaction and passes it the SIP request to send + and an IP address, port, and transport to which to send it. The + client transaction begins execution of its state machine. Valid + responses are passed up to the TU from the client transaction. + + There are two types of client transaction state machines, depending + on the method of the request passed by the TU. One handles client + transactions for INVITE requests. This type of machine is referred + to as an INVITE client transaction. Another type handles client + transactions for all requests except INVITE and ACK. This is + referred to as a non-INVITE client transaction. There is no client + transaction for ACK. If the TU wishes to send an ACK, it passes one + directly to the transport layer for transmission. + + + + + + +Rosenberg, et. al. Standards Track [Page 124] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The INVITE transaction is different from those of other methods + because of its extended duration. Normally, human input is required + in order to respond to an INVITE. The long delays expected for + sending a response argue for a three-way handshake. On the other + hand, requests of other methods are expected to complete rapidly. + Because of the non-INVITE transaction's reliance on a two-way + handshake, TUs SHOULD respond immediately to non-INVITE requests. + +17.1.1 INVITE Client Transaction + +17.1.1.1 Overview of INVITE Transaction + + The INVITE transaction consists of a three-way handshake. The client + transaction sends an INVITE, the server transaction sends responses, + and the client transaction sends an ACK. For unreliable transports + (such as UDP), the client transaction retransmits requests at an + interval that starts at T1 seconds and doubles after every + retransmission. T1 is an estimate of the round-trip time (RTT), and + it defaults to 500 ms. Nearly all of the transaction timers + described here scale with T1, and changing T1 adjusts their values. + The request is not retransmitted over reliable transports. After + receiving a 1xx response, any retransmissions cease altogether, and + the client waits for further responses. The server transaction can + send additional 1xx responses, which are not transmitted reliably by + the server transaction. Eventually, the server transaction decides + to send a final response. For unreliable transports, that response + is retransmitted periodically, and for reliable transports, it is + sent once. For each final response that is received at the client + transaction, the client transaction sends an ACK, the purpose of + which is to quench retransmissions of the response. + +17.1.1.2 Formal Description + + The state machine for the INVITE client transaction is shown in + Figure 5. The initial state, "calling", MUST be entered when the TU + initiates a new client transaction with an INVITE request. The + client transaction MUST pass the request to the transport layer for + transmission (see Section 18). If an unreliable transport is being + used, the client transaction MUST start timer A with a value of T1. + If a reliable transport is being used, the client transaction SHOULD + NOT start timer A (Timer A controls request retransmissions). For + any transport, the client transaction MUST start timer B with a value + of 64*T1 seconds (Timer B controls transaction timeouts). + + When timer A fires, the client transaction MUST retransmit the + request by passing it to the transport layer, and MUST reset the + timer with a value of 2*T1. The formal definition of retransmit + + + + +Rosenberg, et. al. Standards Track [Page 125] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + within the context of the transaction layer is to take the message + previously sent to the transport layer and pass it to the transport + layer once more. + + When timer A fires 2*T1 seconds later, the request MUST be + retransmitted again (assuming the client transaction is still in this + state). This process MUST continue so that the request is + retransmitted with intervals that double after each transmission. + These retransmissions SHOULD only be done while the client + transaction is in the "calling" state. + + The default value for T1 is 500 ms. T1 is an estimate of the RTT + between the client and server transactions. Elements MAY (though it + is NOT RECOMMENDED) use smaller values of T1 within closed, private + networks that do not permit general Internet connection. T1 MAY be + chosen larger, and this is RECOMMENDED if it is known in advance + (such as on high latency access links) that the RTT is larger. + Whatever the value of T1, the exponential backoffs on retransmissions + described in this section MUST be used. + + If the client transaction is still in the "Calling" state when timer + B fires, the client transaction SHOULD inform the TU that a timeout + has occurred. The client transaction MUST NOT generate an ACK. The + value of 64*T1 is equal to the amount of time required to send seven + requests in the case of an unreliable transport. + + If the client transaction receives a provisional response while in + the "Calling" state, it transitions to the "Proceeding" state. In the + "Proceeding" state, the client transaction SHOULD NOT retransmit the + request any longer. Furthermore, the provisional response MUST be + passed to the TU. Any further provisional responses MUST be passed + up to the TU while in the "Proceeding" state. + + When in either the "Calling" or "Proceeding" states, reception of a + response with status code from 300-699 MUST cause the client + transaction to transition to "Completed". The client transaction + MUST pass the received response up to the TU, and the client + transaction MUST generate an ACK request, even if the transport is + reliable (guidelines for constructing the ACK from the response are + given in Section 17.1.1.3) and then pass the ACK to the transport + layer for transmission. The ACK MUST be sent to the same address, + port, and transport to which the original request was sent. The + client transaction SHOULD start timer D when it enters the + "Completed" state, with a value of at least 32 seconds for unreliable + transports, and a value of zero seconds for reliable transports. + Timer D reflects the amount of time that the server transaction can + remain in the "Completed" state when unreliable transports are used. + This is equal to Timer H in the INVITE server transaction, whose + + + +Rosenberg, et. al. Standards Track [Page 126] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + default is 64*T1. However, the client transaction does not know the + value of T1 in use by the server transaction, so an absolute minimum + of 32s is used instead of basing Timer D on T1. + + Any retransmissions of the final response that are received while in + the "Completed" state MUST cause the ACK to be re-passed to the + transport layer for retransmission, but the newly received response + MUST NOT be passed up to the TU. A retransmission of the response is + defined as any response which would match the same client transaction + based on the rules of Section 17.1.3. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 127] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + |INVITE from TU + Timer A fires |INVITE sent + Reset A, V Timer B fires + INVITE sent +-----------+ or Transport Err. + +---------| |---------------+inform TU + | | Calling | | + +-------->| |-------------->| + +-----------+ 2xx | + | | 2xx to TU | + | |1xx | + 300-699 +---------------+ |1xx to TU | + ACK sent | | | +resp. to TU | 1xx V | + | 1xx to TU -----------+ | + | +---------| | | + | | |Proceeding |-------------->| + | +-------->| | 2xx | + | +-----------+ 2xx to TU | + | 300-699 | | + | ACK sent, | | + | resp. to TU| | + | | | NOTE: + | 300-699 V | + | ACK sent +-----------+Transport Err. | transitions + | +---------| |Inform TU | labeled with + | | | Completed |-------------->| the event + | +-------->| | | over the action + | +-----------+ | to take + | ^ | | + | | | Timer D fires | + +--------------+ | - | + | | + V | + +-----------+ | + | | | + | Terminated|<--------------+ + | | + +-----------+ + + Figure 5: INVITE client transaction + + If timer D fires while the client transaction is in the "Completed" + state, the client transaction MUST move to the terminated state. + + When in either the "Calling" or "Proceeding" states, reception of a + 2xx response MUST cause the client transaction to enter the + "Terminated" state, and the response MUST be passed up to the TU. + The handling of this response depends on whether the TU is a proxy + + + +Rosenberg, et. al. Standards Track [Page 128] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + core or a UAC core. A UAC core will handle generation of the ACK for + this response, while a proxy core will always forward the 200 (OK) + upstream. The differing treatment of 200 (OK) between proxy and UAC + is the reason that handling of it does not take place in the + transaction layer. + + The client transaction MUST be destroyed the instant it enters the + "Terminated" state. This is actually necessary to guarantee correct + operation. The reason is that 2xx responses to an INVITE are treated + differently; each one is forwarded by proxies, and the ACK handling + in a UAC is different. Thus, each 2xx needs to be passed to a proxy + core (so that it can be forwarded) and to a UAC core (so it can be + acknowledged). No transaction layer processing takes place. + Whenever a response is received by the transport, if the transport + layer finds no matching client transaction (using the rules of + Section 17.1.3), the response is passed directly to the core. Since + the matching client transaction is destroyed by the first 2xx, + subsequent 2xx will find no match and therefore be passed to the + core. + +17.1.1.3 Construction of the ACK Request + + This section specifies the construction of ACK requests sent within + the client transaction. A UAC core that generates an ACK for 2xx + MUST instead follow the rules described in Section 13. + + The ACK request constructed by the client transaction MUST contain + values for the Call-ID, From, and Request-URI that are equal to the + values of those header fields in the request passed to the transport + by the client transaction (call this the "original request"). The To + header field in the ACK MUST equal the To header field in the + response being acknowledged, and therefore will usually differ from + the To header field in the original request by the addition of the + tag parameter. The ACK MUST contain a single Via header field, and + this MUST be equal to the top Via header field of the original + request. The CSeq header field in the ACK MUST contain the same + value for the sequence number as was present in the original request, + but the method parameter MUST be equal to "ACK". + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 129] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + If the INVITE request whose response is being acknowledged had Route + header fields, those header fields MUST appear in the ACK. This is + to ensure that the ACK can be routed properly through any downstream + stateless proxies. + + Although any request MAY contain a body, a body in an ACK is special + since the request cannot be rejected if the body is not understood. + Therefore, placement of bodies in ACK for non-2xx is NOT RECOMMENDED, + but if done, the body types are restricted to any that appeared in + the INVITE, assuming that the response to the INVITE was not 415. If + it was, the body in the ACK MAY be any type listed in the Accept + header field in the 415. + + For example, consider the following request: + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKkjshdyff + To: Bob + From: Alice ;tag=88sja8x + Max-Forwards: 70 + Call-ID: 987asjd97y7atg + CSeq: 986759 INVITE + + The ACK request for a non-2xx final response to this request would + look like this: + + ACK sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKkjshdyff + To: Bob ;tag=99sa0xk + From: Alice ;tag=88sja8x + Max-Forwards: 70 + Call-ID: 987asjd97y7atg + CSeq: 986759 ACK + +17.1.2 Non-INVITE Client Transaction + +17.1.2.1 Overview of the non-INVITE Transaction + + Non-INVITE transactions do not make use of ACK. They are simple + request-response interactions. For unreliable transports, requests + are retransmitted at an interval which starts at T1 and doubles until + it hits T2. If a provisional response is received, retransmissions + continue for unreliable transports, but at an interval of T2. The + server transaction retransmits the last response it sent, which can + be a provisional or final response, only when a retransmission of the + request is received. This is why request retransmissions need to + continue even after a provisional response; they are to ensure + reliable delivery of the final response. + + + +Rosenberg, et. al. Standards Track [Page 130] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Unlike an INVITE transaction, a non-INVITE transaction has no special + handling for the 2xx response. The result is that only a single 2xx + response to a non-INVITE is ever delivered to a UAC. + +17.1.2.2 Formal Description + + The state machine for the non-INVITE client transaction is shown in + Figure 6. It is very similar to the state machine for INVITE. + + The "Trying" state is entered when the TU initiates a new client + transaction with a request. When entering this state, the client + transaction SHOULD set timer F to fire in 64*T1 seconds. The request + MUST be passed to the transport layer for transmission. If an + unreliable transport is in use, the client transaction MUST set timer + E to fire in T1 seconds. If timer E fires while still in this state, + the timer is reset, but this time with a value of MIN(2*T1, T2). + When the timer fires again, it is reset to a MIN(4*T1, T2). This + process continues so that retransmissions occur with an exponentially + increasing interval that caps at T2. The default value of T2 is 4s, + and it represents the amount of time a non-INVITE server transaction + will take to respond to a request, if it does not respond + immediately. For the default values of T1 and T2, this results in + intervals of 500 ms, 1 s, 2 s, 4 s, 4 s, 4 s, etc. + + If Timer F fires while the client transaction is still in the + "Trying" state, the client transaction SHOULD inform the TU about the + timeout, and then it SHOULD enter the "Terminated" state. If a + provisional response is received while in the "Trying" state, the + response MUST be passed to the TU, and then the client transaction + SHOULD move to the "Proceeding" state. If a final response (status + codes 200-699) is received while in the "Trying" state, the response + MUST be passed to the TU, and the client transaction MUST transition + to the "Completed" state. + + If Timer E fires while in the "Proceeding" state, the request MUST be + passed to the transport layer for retransmission, and Timer E MUST be + reset with a value of T2 seconds. If timer F fires while in the + "Proceeding" state, the TU MUST be informed of a timeout, and the + client transaction MUST transition to the terminated state. If a + final response (status codes 200-699) is received while in the + "Proceeding" state, the response MUST be passed to the TU, and the + client transaction MUST transition to the "Completed" state. + + Once the client transaction enters the "Completed" state, it MUST set + Timer K to fire in T4 seconds for unreliable transports, and zero + seconds for reliable transports. The "Completed" state exists to + buffer any additional response retransmissions that may be received + (which is why the client transaction remains there only for + + + +Rosenberg, et. al. Standards Track [Page 131] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + unreliable transports). T4 represents the amount of time the network + will take to clear messages between client and server transactions. + The default value of T4 is 5s. A response is a retransmission when + it matches the same transaction, using the rules specified in Section + 17.1.3. If Timer K fires while in this state, the client transaction + MUST transition to the "Terminated" state. + + Once the transaction is in the terminated state, it MUST be destroyed + immediately. + +17.1.3 Matching Responses to Client Transactions + + When the transport layer in the client receives a response, it has to + determine which client transaction will handle the response, so that + the processing of Sections 17.1.1 and 17.1.2 can take place. The + branch parameter in the top Via header field is used for this + purpose. A response matches a client transaction under two + conditions: + + 1. If the response has the same value of the branch parameter in + the top Via header field as the branch parameter in the top + Via header field of the request that created the transaction. + + 2. If the method parameter in the CSeq header field matches the + method of the request that created the transaction. The + method is needed since a CANCEL request constitutes a + different transaction, but shares the same value of the branch + parameter. + + If a request is sent via multicast, it is possible that it will + generate multiple responses from different servers. These responses + will all have the same branch parameter in the topmost Via, but vary + in the To tag. The first response received, based on the rules + above, will be used, and others will be viewed as retransmissions. + That is not an error; multicast SIP provides only a rudimentary + "single-hop-discovery-like" service that is limited to processing a + single response. See Section 18.1.1 for details. + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 132] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +17.1.4 Handling Transport Errors + + |Request from TU + |send request + Timer E V + send request +-----------+ + +---------| |-------------------+ + | | Trying | Timer F | + +-------->| | or Transport Err.| + +-----------+ inform TU | + 200-699 | | | + resp. to TU | |1xx | + +---------------+ |resp. to TU | + | | | + | Timer E V Timer F | + | send req +-----------+ or Transport Err. | + | +---------| | inform TU | + | | |Proceeding |------------------>| + | +-------->| |-----+ | + | +-----------+ |1xx | + | | ^ |resp to TU | + | 200-699 | +--------+ | + | resp. to TU | | + | | | + | V | + | +-----------+ | + | | | | + | | Completed | | + | | | | + | +-----------+ | + | ^ | | + | | | Timer K | + +--------------+ | - | + | | + V | + NOTE: +-----------+ | + | | | + transitions | Terminated|<------------------+ + labeled with | | + the event +-----------+ + over the action + to take + + Figure 6: non-INVITE client transaction + + When the client transaction sends a request to the transport layer to + be sent, the following procedures are followed if the transport layer + indicates a failure. + + + +Rosenberg, et. al. Standards Track [Page 133] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The client transaction SHOULD inform the TU that a transport failure + has occurred, and the client transaction SHOULD transition directly + to the "Terminated" state. The TU will handle the failover + mechanisms described in [4]. + +17.2 Server Transaction + + The server transaction is responsible for the delivery of requests to + the TU and the reliable transmission of responses. It accomplishes + this through a state machine. Server transactions are created by the + core when a request is received, and transaction handling is desired + for that request (this is not always the case). + + As with the client transactions, the state machine depends on whether + the received request is an INVITE request. + +17.2.1 INVITE Server Transaction + + The state diagram for the INVITE server transaction is shown in + Figure 7. + + When a server transaction is constructed for a request, it enters the + "Proceeding" state. The server transaction MUST generate a 100 + (Trying) response unless it knows that the TU will generate a + provisional or final response within 200 ms, in which case it MAY + generate a 100 (Trying) response. This provisional response is + needed to quench request retransmissions rapidly in order to avoid + network congestion. The 100 (Trying) response is constructed + according to the procedures in Section 8.2.6, except that the + insertion of tags in the To header field of the response (when none + was present in the request) is downgraded from MAY to SHOULD NOT. + The request MUST be passed to the TU. + + The TU passes any number of provisional responses to the server + transaction. So long as the server transaction is in the + "Proceeding" state, each of these MUST be passed to the transport + layer for transmission. They are not sent reliably by the + transaction layer (they are not retransmitted by it) and do not cause + a change in the state of the server transaction. If a request + retransmission is received while in the "Proceeding" state, the most + recent provisional response that was received from the TU MUST be + passed to the transport layer for retransmission. A request is a + retransmission if it matches the same server transaction based on the + rules of Section 17.2.3. + + If, while in the "Proceeding" state, the TU passes a 2xx response to + the server transaction, the server transaction MUST pass this + response to the transport layer for transmission. It is not + + + +Rosenberg, et. al. Standards Track [Page 134] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + retransmitted by the server transaction; retransmissions of 2xx + responses are handled by the TU. The server transaction MUST then + transition to the "Terminated" state. + + While in the "Proceeding" state, if the TU passes a response with + status code from 300 to 699 to the server transaction, the response + MUST be passed to the transport layer for transmission, and the state + machine MUST enter the "Completed" state. For unreliable transports, + timer G is set to fire in T1 seconds, and is not set to fire for + reliable transports. + + This is a change from RFC 2543, where responses were always + retransmitted, even over reliable transports. + + When the "Completed" state is entered, timer H MUST be set to fire in + 64*T1 seconds for all transports. Timer H determines when the server + transaction abandons retransmitting the response. Its value is + chosen to equal Timer B, the amount of time a client transaction will + continue to retry sending a request. If timer G fires, the response + is passed to the transport layer once more for retransmission, and + timer G is set to fire in MIN(2*T1, T2) seconds. From then on, when + timer G fires, the response is passed to the transport again for + transmission, and timer G is reset with a value that doubles, unless + that value exceeds T2, in which case it is reset with the value of + T2. This is identical to the retransmit behavior for requests in the + "Trying" state of the non-INVITE client transaction. Furthermore, + while in the "Completed" state, if a request retransmission is + received, the server SHOULD pass the response to the transport for + retransmission. + + If an ACK is received while the server transaction is in the + "Completed" state, the server transaction MUST transition to the + "Confirmed" state. As Timer G is ignored in this state, any + retransmissions of the response will cease. + + If timer H fires while in the "Completed" state, it implies that the + ACK was never received. In this case, the server transaction MUST + transition to the "Terminated" state, and MUST indicate to the TU + that a transaction failure has occurred. + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 135] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + |INVITE + |pass INV to TU + INVITE V send 100 if TU won't in 200ms + send response+-----------+ + +--------| |--------+101-199 from TU + | | Proceeding| |send response + +------->| |<-------+ + | | Transport Err. + | | Inform TU + | |--------------->+ + +-----------+ | + 300-699 from TU | |2xx from TU | + send response | |send response | + | +------------------>+ + | | + INVITE V Timer G fires | + send response+-----------+ send response | + +--------| |--------+ | + | | Completed | | | + +------->| |<-------+ | + +-----------+ | + | | | + ACK | | | + - | +------------------>+ + | Timer H fires | + V or Transport Err.| + +-----------+ Inform TU | + | | | + | Confirmed | | + | | | + +-----------+ | + | | + |Timer I fires | + |- | + | | + V | + +-----------+ | + | | | + | Terminated|<---------------+ + | | + +-----------+ + + Figure 7: INVITE server transaction + + + + + + + + +Rosenberg, et. al. Standards Track [Page 136] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The purpose of the "Confirmed" state is to absorb any additional ACK + messages that arrive, triggered from retransmissions of the final + response. When this state is entered, timer I is set to fire in T4 + seconds for unreliable transports, and zero seconds for reliable + transports. Once timer I fires, the server MUST transition to the + "Terminated" state. + + Once the transaction is in the "Terminated" state, it MUST be + destroyed immediately. As with client transactions, this is needed + to ensure reliability of the 2xx responses to INVITE. + +17.2.2 Non-INVITE Server Transaction + + The state machine for the non-INVITE server transaction is shown in + Figure 8. + + The state machine is initialized in the "Trying" state and is passed + a request other than INVITE or ACK when initialized. This request is + passed up to the TU. Once in the "Trying" state, any further request + retransmissions are discarded. A request is a retransmission if it + matches the same server transaction, using the rules specified in + Section 17.2.3. + + While in the "Trying" state, if the TU passes a provisional response + to the server transaction, the server transaction MUST enter the + "Proceeding" state. The response MUST be passed to the transport + layer for transmission. Any further provisional responses that are + received from the TU while in the "Proceeding" state MUST be passed + to the transport layer for transmission. If a retransmission of the + request is received while in the "Proceeding" state, the most + recently sent provisional response MUST be passed to the transport + layer for retransmission. If the TU passes a final response (status + codes 200-699) to the server while in the "Proceeding" state, the + transaction MUST enter the "Completed" state, and the response MUST + be passed to the transport layer for transmission. + + When the server transaction enters the "Completed" state, it MUST set + Timer J to fire in 64*T1 seconds for unreliable transports, and zero + seconds for reliable transports. While in the "Completed" state, the + server transaction MUST pass the final response to the transport + layer for retransmission whenever a retransmission of the request is + received. Any other final responses passed by the TU to the server + transaction MUST be discarded while in the "Completed" state. The + server transaction remains in this state until Timer J fires, at + which point it MUST transition to the "Terminated" state. + + The server transaction MUST be destroyed the instant it enters the + "Terminated" state. + + + +Rosenberg, et. al. Standards Track [Page 137] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +17.2.3 Matching Requests to Server Transactions + + When a request is received from the network by the server, it has to + be matched to an existing transaction. This is accomplished in the + following manner. + + The branch parameter in the topmost Via header field of the request + is examined. If it is present and begins with the magic cookie + "z9hG4bK", the request was generated by a client transaction + compliant to this specification. Therefore, the branch parameter + will be unique across all transactions sent by that client. The + request matches a transaction if: + + 1. the branch parameter in the request is equal to the one in the + top Via header field of the request that created the + transaction, and + + 2. the sent-by value in the top Via of the request is equal to the + one in the request that created the transaction, and + + 3. the method of the request matches the one that created the + transaction, except for ACK, where the method of the request + that created the transaction is INVITE. + + This matching rule applies to both INVITE and non-INVITE transactions + alike. + + The sent-by value is used as part of the matching process because + there could be accidental or malicious duplication of branch + parameters from different clients. + + If the branch parameter in the top Via header field is not present, + or does not contain the magic cookie, the following procedures are + used. These exist to handle backwards compatibility with RFC 2543 + compliant implementations. + + The INVITE request matches a transaction if the Request-URI, To tag, + From tag, Call-ID, CSeq, and top Via header field match those of the + INVITE request which created the transaction. In this case, the + INVITE is a retransmission of the original one that created the + transaction. The ACK request matches a transaction if the Request- + URI, From tag, Call-ID, CSeq number (not the method), and top Via + header field match those of the INVITE request which created the + transaction, and the To tag of the ACK matches the To tag of the + response sent by the server transaction. Matching is done based on + the matching rules defined for each of those header fields. + Inclusion of the tag in the To header field in the ACK matching + process helps disambiguate ACK for 2xx from ACK for other responses + + + +Rosenberg, et. al. Standards Track [Page 138] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + at a proxy, which may have forwarded both responses (This can occur + in unusual conditions. Specifically, when a proxy forked a request, + and then crashes, the responses may be delivered to another proxy, + which might end up forwarding multiple responses upstream). An ACK + request that matches an INVITE transaction matched by a previous ACK + is considered a retransmission of that previous ACK. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 139] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + |Request received + |pass to TU + V + +-----------+ + | | + | Trying |-------------+ + | | | + +-----------+ |200-699 from TU + | |send response + |1xx from TU | + |send response | + | | + Request V 1xx from TU | + send response+-----------+send response| + +--------| |--------+ | + | | Proceeding| | | + +------->| |<-------+ | + +<--------------| | | + |Trnsprt Err +-----------+ | + |Inform TU | | + | | | + | |200-699 from TU | + | |send response | + | Request V | + | send response+-----------+ | + | +--------| | | + | | | Completed |<------------+ + | +------->| | + +<--------------| | + |Trnsprt Err +-----------+ + |Inform TU | + | |Timer J fires + | |- + | | + | V + | +-----------+ + | | | + +-------------->| Terminated| + | | + +-----------+ + + Figure 8: non-INVITE server transaction + + For all other request methods, a request is matched to a transaction + if the Request-URI, To tag, From tag, Call-ID, CSeq (including the + method), and top Via header field match those of the request that + created the transaction. Matching is done based on the matching + + + + +Rosenberg, et. al. Standards Track [Page 140] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + rules defined for each of those header fields. When a non-INVITE + request matches an existing transaction, it is a retransmission of + the request that created that transaction. + + Because the matching rules include the Request-URI, the server cannot + match a response to a transaction. When the TU passes a response to + the server transaction, it must pass it to the specific server + transaction for which the response is targeted. + +17.2.4 Handling Transport Errors + + When the server transaction sends a response to the transport layer + to be sent, the following procedures are followed if the transport + layer indicates a failure. + + First, the procedures in [4] are followed, which attempt to deliver + the response to a backup. If those should all fail, based on the + definition of failure in [4], the server transaction SHOULD inform + the TU that a failure has occurred, and SHOULD transition to the + terminated state. + +18 Transport + + The transport layer is responsible for the actual transmission of + requests and responses over network transports. This includes + determination of the connection to use for a request or response in + the case of connection-oriented transports. + + The transport layer is responsible for managing persistent + connections for transport protocols like TCP and SCTP, or TLS over + those, including ones opened to the transport layer. This includes + connections opened by the client or server transports, so that + connections are shared between client and server transport functions. + These connections are indexed by the tuple formed from the address, + port, and transport protocol at the far end of the connection. When + a connection is opened by the transport layer, this index is set to + the destination IP, port and transport. When the connection is + accepted by the transport layer, this index is set to the source IP + address, port number, and transport. Note that, because the source + port is often ephemeral, but it cannot be known whether it is + ephemeral or selected through procedures in [4], connections accepted + by the transport layer will frequently not be reused. The result is + that two proxies in a "peering" relationship using a connection- + oriented transport frequently will have two connections in use, one + for transactions initiated in each direction. + + + + + + +Rosenberg, et. al. Standards Track [Page 141] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + It is RECOMMENDED that connections be kept open for some + implementation-defined duration after the last message was sent or + received over that connection. This duration SHOULD at least equal + the longest amount of time the element would need in order to bring a + transaction from instantiation to the terminated state. This is to + make it likely that transactions are completed over the same + connection on which they are initiated (for example, request, + response, and in the case of INVITE, ACK for non-2xx responses). + This usually means at least 64*T1 (see Section 17.1.1.1 for a + definition of T1). However, it could be larger in an element that + has a TU using a large value for timer C (bullet 11 of Section 16.6), + for example. + + All SIP elements MUST implement UDP and TCP. SIP elements MAY + implement other protocols. + + Making TCP mandatory for the UA is a substantial change from RFC + 2543. It has arisen out of the need to handle larger messages, + which MUST use TCP, as discussed below. Thus, even if an element + never sends large messages, it may receive one and needs to be + able to handle them. + +18.1 Clients + +18.1.1 Sending Requests + + The client side of the transport layer is responsible for sending the + request and receiving responses. The user of the transport layer + passes the client transport the request, an IP address, port, + transport, and possibly TTL for multicast destinations. + + If a request is within 200 bytes of the path MTU, or if it is larger + than 1300 bytes and the path MTU is unknown, the request MUST be sent + using an RFC 2914 [43] congestion controlled transport protocol, such + as TCP. If this causes a change in the transport protocol from the + one indicated in the top Via, the value in the top Via MUST be + changed. This prevents fragmentation of messages over UDP and + provides congestion control for larger messages. However, + implementations MUST be able to handle messages up to the maximum + datagram packet size. For UDP, this size is 65,535 bytes, including + IP and UDP headers. + + The 200 byte "buffer" between the message size and the MTU + accommodates the fact that the response in SIP can be larger than + the request. This happens due to the addition of Record-Route + header field values to the responses to INVITE, for example. With + the extra buffer, the response can be about 170 bytes larger than + the request, and still not be fragmented on IPv4 (about 30 bytes + + + +Rosenberg, et. al. Standards Track [Page 142] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + is consumed by IP/UDP, assuming no IPSec). 1300 is chosen when + path MTU is not known, based on the assumption of a 1500 byte + Ethernet MTU. + + If an element sends a request over TCP because of these message size + constraints, and that request would have otherwise been sent over + UDP, if the attempt to establish the connection generates either an + ICMP Protocol Not Supported, or results in a TCP reset, the element + SHOULD retry the request, using UDP. This is only to provide + backwards compatibility with RFC 2543 compliant implementations that + do not support TCP. It is anticipated that this behavior will be + deprecated in a future revision of this specification. + + A client that sends a request to a multicast address MUST add the + "maddr" parameter to its Via header field value containing the + destination multicast address, and for IPv4, SHOULD add the "ttl" + parameter with a value of 1. Usage of IPv6 multicast is not defined + in this specification, and will be a subject of future + standardization when the need arises. + + These rules result in a purposeful limitation of multicast in SIP. + Its primary function is to provide a "single-hop-discovery-like" + service, delivering a request to a group of homogeneous servers, + where it is only required to process the response from any one of + them. This functionality is most useful for registrations. In fact, + based on the transaction processing rules in Section 17.1.3, the + client transaction will accept the first response, and view any + others as retransmissions because they all contain the same Via + branch identifier. + + Before a request is sent, the client transport MUST insert a value of + the "sent-by" field into the Via header field. This field contains + an IP address or host name, and port. The usage of an FQDN is + RECOMMENDED. This field is used for sending responses under certain + conditions, described below. If the port is absent, the default + value depends on the transport. It is 5060 for UDP, TCP and SCTP, + 5061 for TLS. + + For reliable transports, the response is normally sent on the + connection on which the request was received. Therefore, the client + transport MUST be prepared to receive the response on the same + connection used to send the request. Under error conditions, the + server may attempt to open a new connection to send the response. To + handle this case, the transport layer MUST also be prepared to + receive an incoming connection on the source IP address from which + the request was sent and port number in the "sent-by" field. It also + + + + + +Rosenberg, et. al. Standards Track [Page 143] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + MUST be prepared to receive incoming connections on any address and + port that would be selected by a server based on the procedures + described in Section 5 of [4]. + + For unreliable unicast transports, the client transport MUST be + prepared to receive responses on the source IP address from which the + request is sent (as responses are sent back to the source address) + and the port number in the "sent-by" field. Furthermore, as with + reliable transports, in certain cases the response will be sent + elsewhere. The client MUST be prepared to receive responses on any + address and port that would be selected by a server based on the + procedures described in Section 5 of [4]. + + For multicast, the client transport MUST be prepared to receive + responses on the same multicast group and port to which the request + is sent (that is, it needs to be a member of the multicast group it + sent the request to.) + + If a request is destined to an IP address, port, and transport to + which an existing connection is open, it is RECOMMENDED that this + connection be used to send the request, but another connection MAY be + opened and used. + + If a request is sent using multicast, it is sent to the group + address, port, and TTL provided by the transport user. If a request + is sent using unicast unreliable transports, it is sent to the IP + address and port provided by the transport user. + +18.1.2 Receiving Responses + + When a response is received, the client transport examines the top + Via header field value. If the value of the "sent-by" parameter in + that header field value does not correspond to a value that the + client transport is configured to insert into requests, the response + MUST be silently discarded. + + If there are any client transactions in existence, the client + transport uses the matching procedures of Section 17.1.3 to attempt + to match the response to an existing transaction. If there is a + match, the response MUST be passed to that transaction. Otherwise, + the response MUST be passed to the core (whether it be stateless + proxy, stateful proxy, or UA) for further processing. Handling of + these "stray" responses is dependent on the core (a proxy will + forward them, while a UA will discard, for example). + + + + + + + +Rosenberg, et. al. Standards Track [Page 144] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +18.2 Servers + +18.2.1 Receiving Requests + + A server SHOULD be prepared to receive requests on any IP address, + port and transport combination that can be the result of a DNS lookup + on a SIP or SIPS URI [4] that is handed out for the purposes of + communicating with that server. In this context, "handing out" + includes placing a URI in a Contact header field in a REGISTER + request or a redirect response, or in a Record-Route header field in + a request or response. A URI can also be "handed out" by placing it + on a web page or business card. It is also RECOMMENDED that a server + listen for requests on the default SIP ports (5060 for TCP and UDP, + 5061 for TLS over TCP) on all public interfaces. The typical + exception would be private networks, or when multiple server + instances are running on the same host. For any port and interface + that a server listens on for UDP, it MUST listen on that same port + and interface for TCP. This is because a message may need to be sent + using TCP, rather than UDP, if it is too large. As a result, the + converse is not true. A server need not listen for UDP on a + particular address and port just because it is listening on that same + address and port for TCP. There may, of course, be other reasons why + a server needs to listen for UDP on a particular address and port. + + When the server transport receives a request over any transport, it + MUST examine the value of the "sent-by" parameter in the top Via + header field value. If the host portion of the "sent-by" parameter + contains a domain name, or if it contains an IP address that differs + from the packet source address, the server MUST add a "received" + parameter to that Via header field value. This parameter MUST + contain the source address from which the packet was received. This + is to assist the server transport layer in sending the response, + since it must be sent to the source IP address from which the request + came. + + Consider a request received by the server transport which looks like, + in part: + + INVITE sip:bob@Biloxi.com SIP/2.0 + Via: SIP/2.0/UDP bobspc.biloxi.com:5060 + + The request is received with a source IP address of 192.0.2.4. + Before passing the request up, the transport adds a "received" + parameter, so that the request would look like, in part: + + INVITE sip:bob@Biloxi.com SIP/2.0 + Via: SIP/2.0/UDP bobspc.biloxi.com:5060;received=192.0.2.4 + + + + +Rosenberg, et. al. Standards Track [Page 145] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Next, the server transport attempts to match the request to a server + transaction. It does so using the matching rules described in + Section 17.2.3. If a matching server transaction is found, the + request is passed to that transaction for processing. If no match is + found, the request is passed to the core, which may decide to + construct a new server transaction for that request. Note that when + a UAS core sends a 2xx response to INVITE, the server transaction is + destroyed. This means that when the ACK arrives, there will be no + matching server transaction, and based on this rule, the ACK is + passed to the UAS core, where it is processed. + +18.2.2 Sending Responses + + The server transport uses the value of the top Via header field in + order to determine where to send a response. It MUST follow the + following process: + + o If the "sent-protocol" is a reliable transport protocol such as + TCP or SCTP, or TLS over those, the response MUST be sent using + the existing connection to the source of the original request + that created the transaction, if that connection is still open. + This requires the server transport to maintain an association + between server transactions and transport connections. If that + connection is no longer open, the server SHOULD open a + connection to the IP address in the "received" parameter, if + present, using the port in the "sent-by" value, or the default + port for that transport, if no port is specified. If that + connection attempt fails, the server SHOULD use the procedures + in [4] for servers in order to determine the IP address and + port to open the connection and send the response to. + + o Otherwise, if the Via header field value contains a "maddr" + parameter, the response MUST be forwarded to the address listed + there, using the port indicated in "sent-by", or port 5060 if + none is present. If the address is a multicast address, the + response SHOULD be sent using the TTL indicated in the "ttl" + parameter, or with a TTL of 1 if that parameter is not present. + + o Otherwise (for unreliable unicast transports), if the top Via + has a "received" parameter, the response MUST be sent to the + address in the "received" parameter, using the port indicated + in the "sent-by" value, or using port 5060 if none is specified + explicitly. If this fails, for example, elicits an ICMP "port + unreachable" response, the procedures of Section 5 of [4] + SHOULD be used to determine where to send the response. + + + + + + +Rosenberg, et. al. Standards Track [Page 146] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Otherwise, if it is not receiver-tagged, the response MUST be + sent to the address indicated by the "sent-by" value, using the + procedures in Section 5 of [4]. + +18.3 Framing + + In the case of message-oriented transports (such as UDP), if the + message has a Content-Length header field, the message body is + assumed to contain that many bytes. If there are additional bytes in + the transport packet beyond the end of the body, they MUST be + discarded. If the transport packet ends before the end of the + message body, this is considered an error. If the message is a + response, it MUST be discarded. If the message is a request, the + element SHOULD generate a 400 (Bad Request) response. If the message + has no Content-Length header field, the message body is assumed to + end at the end of the transport packet. + + In the case of stream-oriented transports such as TCP, the Content- + Length header field indicates the size of the body. The Content- + Length header field MUST be used with stream oriented transports. + +18.4 Error Handling + + Error handling is independent of whether the message was a request or + response. + + If the transport user asks for a message to be sent over an + unreliable transport, and the result is an ICMP error, the behavior + depends on the type of ICMP error. Host, network, port or protocol + unreachable errors, or parameter problem errors SHOULD cause the + transport layer to inform the transport user of a failure in sending. + Source quench and TTL exceeded ICMP errors SHOULD be ignored. + + If the transport user asks for a request to be sent over a reliable + transport, and the result is a connection failure, the transport + layer SHOULD inform the transport user of a failure in sending. + +19 Common Message Components + + There are certain components of SIP messages that appear in various + places within SIP messages (and sometimes, outside of them) that + merit separate discussion. + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 147] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +19.1 SIP and SIPS Uniform Resource Indicators + + A SIP or SIPS URI identifies a communications resource. Like all + URIs, SIP and SIPS URIs may be placed in web pages, email messages, + or printed literature. They contain sufficient information to + initiate and maintain a communication session with the resource. + + Examples of communications resources include the following: + + o a user of an online service + + o an appearance on a multi-line phone + + o a mailbox on a messaging system + + o a PSTN number at a gateway service + + o a group (such as "sales" or "helpdesk") in an organization + + A SIPS URI specifies that the resource be contacted securely. This + means, in particular, that TLS is to be used between the UAC and the + domain that owns the URI. From there, secure communications are used + to reach the user, where the specific security mechanism depends on + the policy of the domain. Any resource described by a SIP URI can be + "upgraded" to a SIPS URI by just changing the scheme, if it is + desired to communicate with that resource securely. + +19.1.1 SIP and SIPS URI Components + + The "sip:" and "sips:" schemes follow the guidelines in RFC 2396 [5]. + They use a form similar to the mailto URL, allowing the specification + of SIP request-header fields and the SIP message-body. This makes it + possible to specify the subject, media type, or urgency of sessions + initiated by using a URI on a web page or in an email message. The + formal syntax for a SIP or SIPS URI is presented in Section 25. Its + general form, in the case of a SIP URI, is: + + sip:user:password@host:port;uri-parameters?headers + + The format for a SIPS URI is the same, except that the scheme is + "sips" instead of sip. These tokens, and some of the tokens in their + expansions, have the following meanings: + + user: The identifier of a particular resource at the host being + addressed. The term "host" in this context frequently refers + to a domain. The "userinfo" of a URI consists of this user + field, the password field, and the @ sign following them. The + userinfo part of a URI is optional and MAY be absent when the + + + +Rosenberg, et. al. Standards Track [Page 148] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + destination host does not have a notion of users or when the + host itself is the resource being identified. If the @ sign is + present in a SIP or SIPS URI, the user field MUST NOT be empty. + + If the host being addressed can process telephone numbers, for + instance, an Internet telephony gateway, a telephone- + subscriber field defined in RFC 2806 [9] MAY be used to + populate the user field. There are special escaping rules for + encoding telephone-subscriber fields in SIP and SIPS URIs + described in Section 19.1.2. + + password: A password associated with the user. While the SIP and + SIPS URI syntax allows this field to be present, its use is NOT + RECOMMENDED, because the passing of authentication information + in clear text (such as URIs) has proven to be a security risk + in almost every case where it has been used. For instance, + transporting a PIN number in this field exposes the PIN. + + Note that the password field is just an extension of the user + portion. Implementations not wishing to give special + significance to the password portion of the field MAY simply + treat "user:password" as a single string. + + host: The host providing the SIP resource. The host part contains + either a fully-qualified domain name or numeric IPv4 or IPv6 + address. Using the fully-qualified domain name form is + RECOMMENDED whenever possible. + + port: The port number where the request is to be sent. + + URI parameters: Parameters affecting a request constructed from + the URI. + + URI parameters are added after the hostport component and are + separated by semi-colons. + + URI parameters take the form: + + parameter-name "=" parameter-value + + Even though an arbitrary number of URI parameters may be + included in a URI, any given parameter-name MUST NOT appear + more than once. + + This extensible mechanism includes the transport, maddr, ttl, + user, method and lr parameters. + + + + + +Rosenberg, et. al. Standards Track [Page 149] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The transport parameter determines the transport mechanism to + be used for sending SIP messages, as specified in [4]. SIP can + use any network transport protocol. Parameter names are + defined for UDP (RFC 768 [14]), TCP (RFC 761 [15]), and SCTP + (RFC 2960 [16]). For a SIPS URI, the transport parameter MUST + indicate a reliable transport. + + The maddr parameter indicates the server address to be + contacted for this user, overriding any address derived from + the host field. When an maddr parameter is present, the port + and transport components of the URI apply to the address + indicated in the maddr parameter value. [4] describes the + proper interpretation of the transport, maddr, and hostport in + order to obtain the destination address, port, and transport + for sending a request. + + The maddr field has been used as a simple form of loose source + routing. It allows a URI to specify a proxy that must be + traversed en-route to the destination. Continuing to use the + maddr parameter this way is strongly discouraged (the + mechanisms that enable it are deprecated). Implementations + should instead use the Route mechanism described in this + document, establishing a pre-existing route set if necessary + (see Section 8.1.1.1). This provides a full URI to describe + the node to be traversed. + + The ttl parameter determines the time-to-live value of the UDP + multicast packet and MUST only be used if maddr is a multicast + address and the transport protocol is UDP. For example, to + specify a call to alice@atlanta.com using multicast to + 239.255.255.1 with a ttl of 15, the following URI would be + used: + + sip:alice@atlanta.com;maddr=239.255.255.1;ttl=15 + + The set of valid telephone-subscriber strings is a subset of + valid user strings. The user URI parameter exists to + distinguish telephone numbers from user names that happen to + look like telephone numbers. If the user string contains a + telephone number formatted as a telephone-subscriber, the user + parameter value "phone" SHOULD be present. Even without this + parameter, recipients of SIP and SIPS URIs MAY interpret the + pre-@ part as a telephone number if local restrictions on the + name space for user name allow it. + + The method of the SIP request constructed from the URI can be + specified with the method parameter. + + + + +Rosenberg, et. al. Standards Track [Page 150] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The lr parameter, when present, indicates that the element + responsible for this resource implements the routing mechanisms + specified in this document. This parameter will be used in the + URIs proxies place into Record-Route header field values, and + may appear in the URIs in a pre-existing route set. + + This parameter is used to achieve backwards compatibility with + systems implementing the strict-routing mechanisms of RFC 2543 + and the rfc2543bis drafts up to bis-05. An element preparing + to send a request based on a URI not containing this parameter + can assume the receiving element implements strict-routing and + reformat the message to preserve the information in the + Request-URI. + + Since the uri-parameter mechanism is extensible, SIP elements + MUST silently ignore any uri-parameters that they do not + understand. + + Headers: Header fields to be included in a request constructed + from the URI. + + Headers fields in the SIP request can be specified with the "?" + mechanism within a URI. The header names and values are + encoded in ampersand separated hname = hvalue pairs. The + special hname "body" indicates that the associated hvalue is + the message-body of the SIP request. + + Table 1 summarizes the use of SIP and SIPS URI components based on + the context in which the URI appears. The external column describes + URIs appearing anywhere outside of a SIP message, for instance on a + web page or business card. Entries marked "m" are mandatory, those + marked "o" are optional, and those marked "-" are not allowed. + Elements processing URIs SHOULD ignore any disallowed components if + they are present. The second column indicates the default value of + an optional element if it is not present. "--" indicates that the + element is either not optional, or has no default value. + + URIs in Contact header fields have different restrictions depending + on the context in which the header field appears. One set applies to + messages that establish and maintain dialogs (INVITE and its 200 (OK) + response). The other applies to registration and redirection + messages (REGISTER, its 200 (OK) response, and 3xx class responses to + any method). + + + + + + + + +Rosenberg, et. al. Standards Track [Page 151] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +19.1.2 Character Escaping Requirements + + dialog + reg./redir. Contact/ + default Req.-URI To From Contact R-R/Route external +user -- o o o o o o +password -- o o o o o o +host -- m m m m m m +port (1) o - - o o o +user-param ip o o o o o o +method INVITE - - - - - o +maddr-param -- o - - o o o +ttl-param 1 o - - o - o +transp.-param (2) o - - o o o +lr-param -- o - - - o o +other-param -- o o o o o o +headers -- - - - o - o + + (1): The default port value is transport and scheme dependent. The + default is 5060 for sip: using UDP, TCP, or SCTP. The default is + 5061 for sip: using TLS over TCP and sips: over TCP. + + (2): The default transport is scheme dependent. For sip:, it is UDP. + For sips:, it is TCP. + + Table 1: Use and default values of URI components for SIP header + field values, Request-URI and references + + SIP follows the requirements and guidelines of RFC 2396 [5] when + defining the set of characters that must be escaped in a SIP URI, and + uses its ""%" HEX HEX" mechanism for escaping. From RFC 2396 [5]: + + The set of characters actually reserved within any given URI + component is defined by that component. In general, a character + is reserved if the semantics of the URI changes if the character + is replaced with its escaped US-ASCII encoding [5]. Excluded US- + ASCII characters (RFC 2396 [5]), such as space and control + characters and characters used as URI delimiters, also MUST be + escaped. URIs MUST NOT contain unescaped space and control + characters. + + For each component, the set of valid BNF expansions defines exactly + which characters may appear unescaped. All other characters MUST be + escaped. + + For example, "@" is not in the set of characters in the user + component, so the user "j@s0n" must have at least the @ sign encoded, + as in "j%40s0n". + + + +Rosenberg, et. al. Standards Track [Page 152] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Expanding the hname and hvalue tokens in Section 25 show that all URI + reserved characters in header field names and values MUST be escaped. + + The telephone-subscriber subset of the user component has special + escaping considerations. The set of characters not reserved in the + RFC 2806 [9] description of telephone-subscriber contains a number of + characters in various syntax elements that need to be escaped when + used in SIP URIs. Any characters occurring in a telephone-subscriber + that do not appear in an expansion of the BNF for the user rule MUST + be escaped. + + Note that character escaping is not allowed in the host component of + a SIP or SIPS URI (the % character is not valid in its expansion). + This is likely to change in the future as requirements for + Internationalized Domain Names are finalized. Current + implementations MUST NOT attempt to improve robustness by treating + received escaped characters in the host component as literally + equivalent to their unescaped counterpart. The behavior required to + meet the requirements of IDN may be significantly different. + +19.1.3 Example SIP and SIPS URIs + + sip:alice@atlanta.com + sip:alice:secretword@atlanta.com;transport=tcp + sips:alice@atlanta.com?subject=project%20x&priority=urgent + sip:+1-212-555-1212:1234@gateway.com;user=phone + sips:1212@gateway.com + sip:alice@192.0.2.4 + sip:atlanta.com;method=REGISTER?to=alice%40atlanta.com + sip:alice;day=tuesday@atlanta.com + + The last sample URI above has a user field value of + "alice;day=tuesday". The escaping rules defined above allow a + semicolon to appear unescaped in this field. For the purposes of + this protocol, the field is opaque. The structure of that value is + only useful to the SIP element responsible for the resource. + +19.1.4 URI Comparison + + Some operations in this specification require determining whether two + SIP or SIPS URIs are equivalent. In this specification, registrars + need to compare bindings in Contact URIs in REGISTER requests (see + Section 10.3.). SIP and SIPS URIs are compared for equality + according to the following rules: + + o A SIP and SIPS URI are never equivalent. + + + + + +Rosenberg, et. al. Standards Track [Page 153] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Comparison of the userinfo of SIP and SIPS URIs is case- + sensitive. This includes userinfo containing passwords or + formatted as telephone-subscribers. Comparison of all other + components of the URI is case-insensitive unless explicitly + defined otherwise. + + o The ordering of parameters and header fields is not significant + in comparing SIP and SIPS URIs. + + o Characters other than those in the "reserved" set (see RFC 2396 + [5]) are equivalent to their ""%" HEX HEX" encoding. + + o An IP address that is the result of a DNS lookup of a host name + does not match that host name. + + o For two URIs to be equal, the user, password, host, and port + components must match. + + A URI omitting the user component will not match a URI that + includes one. A URI omitting the password component will not + match a URI that includes one. + + A URI omitting any component with a default value will not + match a URI explicitly containing that component with its + default value. For instance, a URI omitting the optional port + component will not match a URI explicitly declaring port 5060. + The same is true for the transport-parameter, ttl-parameter, + user-parameter, and method components. + + Defining sip:user@host to not be equivalent to + sip:user@host:5060 is a change from RFC 2543. When deriving + addresses from URIs, equivalent addresses are expected from + equivalent URIs. The URI sip:user@host:5060 will always + resolve to port 5060. The URI sip:user@host may resolve to + other ports through the DNS SRV mechanisms detailed in [4]. + + o URI uri-parameter components are compared as follows: + + - Any uri-parameter appearing in both URIs must match. + + - A user, ttl, or method uri-parameter appearing in only one + URI never matches, even if it contains the default value. + + - A URI that includes an maddr parameter will not match a URI + that contains no maddr parameter. + + - All other uri-parameters appearing in only one URI are + ignored when comparing the URIs. + + + +Rosenberg, et. al. Standards Track [Page 154] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o URI header components are never ignored. Any present header + component MUST be present in both URIs and match for the URIs + to match. The matching rules are defined for each header field + in Section 20. + + The URIs within each of the following sets are equivalent: + + sip:%61lice@atlanta.com;transport=TCP + sip:alice@AtLanTa.CoM;Transport=tcp + + sip:carol@chicago.com + sip:carol@chicago.com;newparam=5 + sip:carol@chicago.com;security=on + + sip:biloxi.com;transport=tcp;method=REGISTER?to=sip:bob%40biloxi.com + sip:biloxi.com;method=REGISTER;transport=tcp?to=sip:bob%40biloxi.com + + sip:alice@atlanta.com?subject=project%20x&priority=urgent + sip:alice@atlanta.com?priority=urgent&subject=project%20x + + The URIs within each of the following sets are not equivalent: + + SIP:ALICE@AtLanTa.CoM;Transport=udp (different usernames) + sip:alice@AtLanTa.CoM;Transport=UDP + + sip:bob@biloxi.com (can resolve to different ports) + sip:bob@biloxi.com:5060 + + sip:bob@biloxi.com (can resolve to different transports) + sip:bob@biloxi.com;transport=udp + + sip:bob@biloxi.com (can resolve to different port and transports) + sip:bob@biloxi.com:6000;transport=tcp + + sip:carol@chicago.com (different header component) + sip:carol@chicago.com?Subject=next%20meeting + + sip:bob@phone21.boxesbybob.com (even though that's what + sip:bob@192.0.2.4 phone21.boxesbybob.com resolves to) + + Note that equality is not transitive: + + o sip:carol@chicago.com and sip:carol@chicago.com;security=on are + equivalent + + o sip:carol@chicago.com and sip:carol@chicago.com;security=off + are equivalent + + + + +Rosenberg, et. al. Standards Track [Page 155] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o sip:carol@chicago.com;security=on and + sip:carol@chicago.com;security=off are not equivalent + +19.1.5 Forming Requests from a URI + + An implementation needs to take care when forming requests directly + from a URI. URIs from business cards, web pages, and even from + sources inside the protocol such as registered contacts may contain + inappropriate header fields or body parts. + + An implementation MUST include any provided transport, maddr, ttl, or + user parameter in the Request-URI of the formed request. If the URI + contains a method parameter, its value MUST be used as the method of + the request. The method parameter MUST NOT be placed in the + Request-URI. Unknown URI parameters MUST be placed in the message's + Request-URI. + + An implementation SHOULD treat the presence of any headers or body + parts in the URI as a desire to include them in the message, and + choose to honor the request on a per-component basis. + + An implementation SHOULD NOT honor these obviously dangerous header + fields: From, Call-ID, CSeq, Via, and Record-Route. + + An implementation SHOULD NOT honor any requested Route header field + values in order to not be used as an unwitting agent in malicious + attacks. + + An implementation SHOULD NOT honor requests to include header fields + that may cause it to falsely advertise its location or capabilities. + These include: Accept, Accept-Encoding, Accept-Language, Allow, + Contact (in its dialog usage), Organization, Supported, and User- + Agent. + + An implementation SHOULD verify the accuracy of any requested + descriptive header fields, including: Content-Disposition, Content- + Encoding, Content-Language, Content-Length, Content-Type, Date, + Mime-Version, and Timestamp. + + If the request formed from constructing a message from a given URI is + not a valid SIP request, the URI is invalid. An implementation MUST + NOT proceed with transmitting the request. It should instead pursue + the course of action due an invalid URI in the context it occurs. + + The constructed request can be invalid in many ways. These + include, but are not limited to, syntax error in header fields, + invalid combinations of URI parameters, or an incorrect + description of the message body. + + + +Rosenberg, et. al. Standards Track [Page 156] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Sending a request formed from a given URI may require capabilities + unavailable to the implementation. The URI might indicate use of an + unimplemented transport or extension, for example. An implementation + SHOULD refuse to send these requests rather than modifying them to + match their capabilities. An implementation MUST NOT send a request + requiring an extension that it does not support. + + For example, such a request can be formed through the presence of + a Require header parameter or a method URI parameter with an + unknown or explicitly unsupported value. + +19.1.6 Relating SIP URIs and tel URLs + + When a tel URL (RFC 2806 [9]) is converted to a SIP or SIPS URI, the + entire telephone-subscriber portion of the tel URL, including any + parameters, is placed into the userinfo part of the SIP or SIPS URI. + + Thus, tel:+358-555-1234567;postd=pp22 becomes + + sip:+358-555-1234567;postd=pp22@foo.com;user=phone + + or + sips:+358-555-1234567;postd=pp22@foo.com;user=phone + + not + sip:+358-555-1234567@foo.com;postd=pp22;user=phone + + or + + sips:+358-555-1234567@foo.com;postd=pp22;user=phone + + In general, equivalent "tel" URLs converted to SIP or SIPS URIs in + this fashion may not produce equivalent SIP or SIPS URIs. The + userinfo of SIP and SIPS URIs are compared as a case-sensitive + string. Variance in case-insensitive portions of tel URLs and + reordering of tel URL parameters does not affect tel URL equivalence, + but does affect the equivalence of SIP URIs formed from them. + + For example, + + tel:+358-555-1234567;postd=pp22 + tel:+358-555-1234567;POSTD=PP22 + + are equivalent, while + + sip:+358-555-1234567;postd=pp22@foo.com;user=phone + sip:+358-555-1234567;POSTD=PP22@foo.com;user=phone + + + + +Rosenberg, et. al. Standards Track [Page 157] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + are not. + + Likewise, + + tel:+358-555-1234567;postd=pp22;isub=1411 + tel:+358-555-1234567;isub=1411;postd=pp22 + + are equivalent, while + + sip:+358-555-1234567;postd=pp22;isub=1411@foo.com;user=phone + sip:+358-555-1234567;isub=1411;postd=pp22@foo.com;user=phone + + are not. + + To mitigate this problem, elements constructing telephone-subscriber + fields to place in the userinfo part of a SIP or SIPS URI SHOULD fold + any case-insensitive portion of telephone-subscriber to lower case, + and order the telephone-subscriber parameters lexically by parameter + name, excepting isdn-subaddress and post-dial, which occur first and + in that order. (All components of a tel URL except for future- + extension parameters are defined to be compared case-insensitive.) + + Following this suggestion, both + + tel:+358-555-1234567;postd=pp22 + tel:+358-555-1234567;POSTD=PP22 + + become + + sip:+358-555-1234567;postd=pp22@foo.com;user=phone + + and both + + tel:+358-555-1234567;tsp=a.b;phone-context=5 + tel:+358-555-1234567;phone-context=5;tsp=a.b + + become + + sip:+358-555-1234567;phone-context=5;tsp=a.b@foo.com;user=phone + +19.2 Option Tags + + Option tags are unique identifiers used to designate new options + (extensions) in SIP. These tags are used in Require (Section 20.32), + Proxy-Require (Section 20.29), Supported (Section 20.37) and + Unsupported (Section 20.40) header fields. Note that these options + appear as parameters in those header fields in an option-tag = token + form (see Section 25 for the definition of token). + + + +Rosenberg, et. al. Standards Track [Page 158] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Option tags are defined in standards track RFCs. This is a change + from past practice, and is instituted to ensure continuing multi- + vendor interoperability (see discussion in Section 20.32 and Section + 20.37). An IANA registry of option tags is used to ensure easy + reference. + +19.3 Tags + + The "tag" parameter is used in the To and From header fields of SIP + messages. It serves as a general mechanism to identify a dialog, + which is the combination of the Call-ID along with two tags, one from + each participant in the dialog. When a UA sends a request outside of + a dialog, it contains a From tag only, providing "half" of the dialog + ID. The dialog is completed from the response(s), each of which + contributes the second half in the To header field. The forking of + SIP requests means that multiple dialogs can be established from a + single request. This also explains the need for the two-sided dialog + identifier; without a contribution from the recipients, the + originator could not disambiguate the multiple dialogs established + from a single request. + + When a tag is generated by a UA for insertion into a request or + response, it MUST be globally unique and cryptographically random + with at least 32 bits of randomness. A property of this selection + requirement is that a UA will place a different tag into the From + header of an INVITE than it would place into the To header of the + response to the same INVITE. This is needed in order for a UA to + invite itself to a session, a common case for "hairpinning" of calls + in PSTN gateways. Similarly, two INVITEs for different calls will + have different From tags, and two responses for different calls will + have different To tags. + + Besides the requirement for global uniqueness, the algorithm for + generating a tag is implementation-specific. Tags are helpful in + fault tolerant systems, where a dialog is to be recovered on an + alternate server after a failure. A UAS can select the tag in such a + way that a backup can recognize a request as part of a dialog on the + failed server, and therefore determine that it should attempt to + recover the dialog and any other state associated with it. + +20 Header Fields + + The general syntax for header fields is covered in Section 7.3. This + section lists the full set of header fields along with notes on + syntax, meaning, and usage. Throughout this section, we use [HX.Y] + to refer to Section X.Y of the current HTTP/1.1 specification RFC + 2616 [8]. Examples of each header field are given. + + + + +Rosenberg, et. al. Standards Track [Page 159] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Information about header fields in relation to methods and proxy + processing is summarized in Tables 2 and 3. + + The "where" column describes the request and response types in which + the header field can be used. Values in this column are: + + R: header field may only appear in requests; + + r: header field may only appear in responses; + + 2xx, 4xx, etc.: A numerical value or range indicates response + codes with which the header field can be used; + + c: header field is copied from the request to the response. + + An empty entry in the "where" column indicates that the header + field may be present in all requests and responses. + + The "proxy" column describes the operations a proxy may perform on a + header field: + + a: A proxy can add or concatenate the header field if not present. + + m: A proxy can modify an existing header field value. + + d: A proxy can delete a header field value. + + r: A proxy must be able to read the header field, and thus this + header field cannot be encrypted. + + The next six columns relate to the presence of a header field in a + method: + + c: Conditional; requirements on the header field depend on the + context of the message. + + m: The header field is mandatory. + + m*: The header field SHOULD be sent, but clients/servers need to + be prepared to receive messages without that header field. + + o: The header field is optional. + + t: The header field SHOULD be sent, but clients/servers need to be + prepared to receive messages without that header field. + + If a stream-based protocol (such as TCP) is used as a + transport, then the header field MUST be sent. + + + +Rosenberg, et. al. Standards Track [Page 160] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + *: The header field is required if the message body is not empty. + See Sections 20.14, 20.15 and 7.4 for details. + + -: The header field is not applicable. + + "Optional" means that an element MAY include the header field in a + request or response, and a UA MAY ignore the header field if present + in the request or response (The exception to this rule is the Require + header field discussed in 20.32). A "mandatory" header field MUST be + present in a request, and MUST be understood by the UAS receiving the + request. A mandatory response header field MUST be present in the + response, and the header field MUST be understood by the UAC + processing the response. "Not applicable" means that the header + field MUST NOT be present in a request. If one is placed in a + request by mistake, it MUST be ignored by the UAS receiving the + request. Similarly, a header field labeled "not applicable" for a + response means that the UAS MUST NOT place the header field in the + response, and the UAC MUST ignore the header field in the response. + + A UA SHOULD ignore extension header parameters that are not + understood. + + A compact form of some common header field names is also defined for + use when overall message size is an issue. + + The Contact, From, and To header fields contain a URI. If the URI + contains a comma, question mark or semicolon, the URI MUST be + enclosed in angle brackets (< and >). Any URI parameters are + contained within these brackets. If the URI is not enclosed in angle + brackets, any semicolon-delimited parameters are header-parameters, + not URI parameters. + +20.1 Accept + + The Accept header field follows the syntax defined in [H14.1]. The + semantics are also identical, with the exception that if no Accept + header field is present, the server SHOULD assume a default value of + application/sdp. + + An empty Accept header field means that no formats are acceptable. + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 161] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + Header field where proxy ACK BYE CAN INV OPT REG + ___________________________________________________________ + Accept R - o - o m* o + Accept 2xx - - - o m* o + Accept 415 - c - c c c + Accept-Encoding R - o - o o o + Accept-Encoding 2xx - - - o m* o + Accept-Encoding 415 - c - c c c + Accept-Language R - o - o o o + Accept-Language 2xx - - - o m* o + Accept-Language 415 - c - c c c + Alert-Info R ar - - - o - - + Alert-Info 180 ar - - - o - - + Allow R - o - o o o + Allow 2xx - o - m* m* o + Allow r - o - o o o + Allow 405 - m - m m m + Authentication-Info 2xx - o - o o o + Authorization R o o o o o o + Call-ID c r m m m m m m + Call-Info ar - - - o o o + Contact R o - - m o o + Contact 1xx - - - o - - + Contact 2xx - - - m o o + Contact 3xx d - o - o o o + Contact 485 - o - o o o + Content-Disposition o o - o o o + Content-Encoding o o - o o o + Content-Language o o - o o o + Content-Length ar t t t t t t + Content-Type * * - * * * + CSeq c r m m m m m m + Date a o o o o o o + Error-Info 300-699 a - o o o o o + Expires - - - o - o + From c r m m m m m m + In-Reply-To R - - - o - - + Max-Forwards R amr m m m m m m + Min-Expires 423 - - - - - m + MIME-Version o o - o o o + Organization ar - - - o o o + + Table 2: Summary of header fields, A--O + + + + + + +Rosenberg, et. al. Standards Track [Page 162] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Header field where proxy ACK BYE CAN INV OPT REG + ___________________________________________________________________ + Priority R ar - - - o - - + Proxy-Authenticate 407 ar - m - m m m + Proxy-Authenticate 401 ar - o o o o o + Proxy-Authorization R dr o o - o o o + Proxy-Require R ar - o - o o o + Record-Route R ar o o o o o - + Record-Route 2xx,18x mr - o o o o - + Reply-To - - - o - - + Require ar - c - c c c + Retry-After 404,413,480,486 - o o o o o + 500,503 - o o o o o + 600,603 - o o o o o + Route R adr c c c c c c + Server r - o o o o o + Subject R - - - o - - + Supported R - o o m* o o + Supported 2xx - o o m* m* o + Timestamp o o o o o o + To c(1) r m m m m m m + Unsupported 420 - m - m m m + User-Agent o o o o o o + Via R amr m m m m m m + Via rc dr m m m m m m + Warning r - o o o o o + WWW-Authenticate 401 ar - m - m m m + WWW-Authenticate 407 ar - o - o o o + + Table 3: Summary of header fields, P--Z; (1): copied with possible + addition of tag + + Accept: application/sdp;level=1, application/x-private, text/html + +20.2 Accept-Encoding + + The Accept-Encoding header field is similar to Accept, but restricts + the content-codings [H3.5] that are acceptable in the response. See + [H14.3]. The semantics in SIP are identical to those defined in + [H14.3]. + + An empty Accept-Encoding header field is permissible. It is + equivalent to Accept-Encoding: identity, that is, only the identity + encoding, meaning no encoding, is permissible. + + If no Accept-Encoding header field is present, the server SHOULD + assume a default value of identity. + + + + +Rosenberg, et. al. Standards Track [Page 163] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + This differs slightly from the HTTP definition, which indicates that + when not present, any encoding can be used, but the identity encoding + is preferred. + + Example: + + Accept-Encoding: gzip + +20.3 Accept-Language + + The Accept-Language header field is used in requests to indicate the + preferred languages for reason phrases, session descriptions, or + status responses carried as message bodies in the response. If no + Accept-Language header field is present, the server SHOULD assume all + languages are acceptable to the client. + + The Accept-Language header field follows the syntax defined in + [H14.4]. The rules for ordering the languages based on the "q" + parameter apply to SIP as well. + + Example: + + Accept-Language: da, en-gb;q=0.8, en;q=0.7 + +20.4 Alert-Info + + When present in an INVITE request, the Alert-Info header field + specifies an alternative ring tone to the UAS. When present in a 180 + (Ringing) response, the Alert-Info header field specifies an + alternative ringback tone to the UAC. A typical usage is for a proxy + to insert this header field to provide a distinctive ring feature. + + The Alert-Info header field can introduce security risks. These + risks and the ways to handle them are discussed in Section 20.9, + which discusses the Call-Info header field since the risks are + identical. + + In addition, a user SHOULD be able to disable this feature + selectively. + + This helps prevent disruptions that could result from the use of + this header field by untrusted elements. + + Example: + + Alert-Info: + + + + + +Rosenberg, et. al. Standards Track [Page 164] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +20.5 Allow + + The Allow header field lists the set of methods supported by the UA + generating the message. + + All methods, including ACK and CANCEL, understood by the UA MUST be + included in the list of methods in the Allow header field, when + present. The absence of an Allow header field MUST NOT be + interpreted to mean that the UA sending the message supports no + methods. Rather, it implies that the UA is not providing any + information on what methods it supports. + + Supplying an Allow header field in responses to methods other than + OPTIONS reduces the number of messages needed. + + Example: + + Allow: INVITE, ACK, OPTIONS, CANCEL, BYE + +20.6 Authentication-Info + + The Authentication-Info header field provides for mutual + authentication with HTTP Digest. A UAS MAY include this header field + in a 2xx response to a request that was successfully authenticated + using digest based on the Authorization header field. + + Syntax and semantics follow those specified in RFC 2617 [17]. + + Example: + + Authentication-Info: nextnonce="47364c23432d2e131a5fb210812c" + +20.7 Authorization + + The Authorization header field contains authentication credentials of + a UA. Section 22.2 overviews the use of the Authorization header + field, and Section 22.4 describes the syntax and semantics when used + with HTTP authentication. + + This header field, along with Proxy-Authorization, breaks the general + rules about multiple header field values. Although not a comma- + separated list, this header field name may be present multiple times, + and MUST NOT be combined into a single header line using the usual + rules described in Section 7.3. + + + + + + + +Rosenberg, et. al. Standards Track [Page 165] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + In the example below, there are no quotes around the Digest + parameter: + + Authorization: Digest username="Alice", realm="atlanta.com", + nonce="84a4cc6f3082121f32b42a2187831a9e", + response="7587245234b3434cc3412213e5f113a5432" + +20.8 Call-ID + + The Call-ID header field uniquely identifies a particular invitation + or all registrations of a particular client. A single multimedia + conference can give rise to several calls with different Call-IDs, + for example, if a user invites a single individual several times to + the same (long-running) conference. Call-IDs are case-sensitive and + are simply compared byte-by-byte. + + The compact form of the Call-ID header field is i. + + Examples: + + Call-ID: f81d4fae-7dec-11d0-a765-00a0c91e6bf6@biloxi.com + i:f81d4fae-7dec-11d0-a765-00a0c91e6bf6@192.0.2.4 + +20.9 Call-Info + + The Call-Info header field provides additional information about the + caller or callee, depending on whether it is found in a request or + response. The purpose of the URI is described by the "purpose" + parameter. The "icon" parameter designates an image suitable as an + iconic representation of the caller or callee. The "info" parameter + describes the caller or callee in general, for example, through a web + page. The "card" parameter provides a business card, for example, in + vCard [36] or LDIF [37] formats. Additional tokens can be registered + using IANA and the procedures in Section 27. + + Use of the Call-Info header field can pose a security risk. If a + callee fetches the URIs provided by a malicious caller, the callee + may be at risk for displaying inappropriate or offensive content, + dangerous or illegal content, and so on. Therefore, it is + RECOMMENDED that a UA only render the information in the Call-Info + header field if it can verify the authenticity of the element that + originated the header field and trusts that element. This need not + be the peer UA; a proxy can insert this header field into requests. + + Example: + + Call-Info: ;purpose=icon, + ;purpose=info + + + +Rosenberg, et. al. Standards Track [Page 166] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +20.10 Contact + + A Contact header field value provides a URI whose meaning depends on + the type of request or response it is in. + + A Contact header field value can contain a display name, a URI with + URI parameters, and header parameters. + + This document defines the Contact parameters "q" and "expires". + These parameters are only used when the Contact is present in a + REGISTER request or response, or in a 3xx response. Additional + parameters may be defined in other specifications. + + When the header field value contains a display name, the URI + including all URI parameters is enclosed in "<" and ">". If no "<" + and ">" are present, all parameters after the URI are header + parameters, not URI parameters. The display name can be tokens, or a + quoted string, if a larger character set is desired. + + Even if the "display-name" is empty, the "name-addr" form MUST be + used if the "addr-spec" contains a comma, semicolon, or question + mark. There may or may not be LWS between the display-name and the + "<". + + These rules for parsing a display name, URI and URI parameters, and + header parameters also apply for the header fields To and From. + + The Contact header field has a role similar to the Location header + field in HTTP. However, the HTTP header field only allows one + address, unquoted. Since URIs can contain commas and semicolons + as reserved characters, they can be mistaken for header or + parameter delimiters, respectively. + + The compact form of the Contact header field is m (for "moved"). + + Examples: + + Contact: "Mr. Watson" + ;q=0.7; expires=3600, + "Mr. Watson" ;q=0.1 + m: ;expires=60 + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 167] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +20.11 Content-Disposition + + The Content-Disposition header field describes how the message body + or, for multipart messages, a message body part is to be interpreted + by the UAC or UAS. This SIP header field extends the MIME Content- + Type (RFC 2183 [18]). + + Several new "disposition-types" of the Content-Disposition header are + defined by SIP. The value "session" indicates that the body part + describes a session, for either calls or early (pre-call) media. The + value "render" indicates that the body part should be displayed or + otherwise rendered to the user. Note that the value "render" is used + rather than "inline" to avoid the connotation that the MIME body is + displayed as a part of the rendering of the entire message (since the + MIME bodies of SIP messages oftentimes are not displayed to users). + For backward-compatibility, if the Content-Disposition header field + is missing, the server SHOULD assume bodies of Content-Type + application/sdp are the disposition "session", while other content + types are "render". + + The disposition type "icon" indicates that the body part contains an + image suitable as an iconic representation of the caller or callee + that could be rendered informationally by a user agent when a message + has been received, or persistently while a dialog takes place. The + value "alert" indicates that the body part contains information, such + as an audio clip, that should be rendered by the user agent in an + attempt to alert the user to the receipt of a request, generally a + request that initiates a dialog; this alerting body could for example + be rendered as a ring tone for a phone call after a 180 Ringing + provisional response has been sent. + + Any MIME body with a "disposition-type" that renders content to the + user should only be processed when a message has been properly + authenticated. + + The handling parameter, handling-param, describes how the UAS should + react if it receives a message body whose content type or disposition + type it does not understand. The parameter has defined values of + "optional" and "required". If the handling parameter is missing, the + value "required" SHOULD be assumed. The handling parameter is + described in RFC 3204 [19]. + + If this header field is missing, the MIME type determines the default + content disposition. If there is none, "render" is assumed. + + Example: + + Content-Disposition: session + + + +Rosenberg, et. al. Standards Track [Page 168] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +20.12 Content-Encoding + + The Content-Encoding header field is used as a modifier to the + "media-type". When present, its value indicates what additional + content codings have been applied to the entity-body, and thus what + decoding mechanisms MUST be applied in order to obtain the media-type + referenced by the Content-Type header field. Content-Encoding is + primarily used to allow a body to be compressed without losing the + identity of its underlying media type. + + If multiple encodings have been applied to an entity-body, the + content codings MUST be listed in the order in which they were + applied. + + All content-coding values are case-insensitive. IANA acts as a + registry for content-coding value tokens. See [H3.5] for a + definition of the syntax for content-coding. + + Clients MAY apply content encodings to the body in requests. A + server MAY apply content encodings to the bodies in responses. The + server MUST only use encodings listed in the Accept-Encoding header + field in the request. + + The compact form of the Content-Encoding header field is e. + Examples: + + Content-Encoding: gzip + e: tar + +20.13 Content-Language + + See [H14.12]. Example: + + Content-Language: fr + +20.14 Content-Length + + The Content-Length header field indicates the size of the message- + body, in decimal number of octets, sent to the recipient. + Applications SHOULD use this field to indicate the size of the + message-body to be transferred, regardless of the media type of the + entity. If a stream-based protocol (such as TCP) is used as + transport, the header field MUST be used. + + The size of the message-body does not include the CRLF separating + header fields and body. Any Content-Length greater than or equal to + zero is a valid value. If no body is present in a message, then the + Content-Length header field value MUST be set to zero. + + + +Rosenberg, et. al. Standards Track [Page 169] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The ability to omit Content-Length simplifies the creation of + cgi-like scripts that dynamically generate responses. + + The compact form of the header field is l. + + Examples: + + Content-Length: 349 + l: 173 + +20.15 Content-Type + + The Content-Type header field indicates the media type of the + message-body sent to the recipient. The "media-type" element is + defined in [H3.7]. The Content-Type header field MUST be present if + the body is not empty. If the body is empty, and a Content-Type + header field is present, it indicates that the body of the specific + type has zero length (for example, an empty audio file). + + The compact form of the header field is c. + + Examples: + + Content-Type: application/sdp + c: text/html; charset=ISO-8859-4 + +20.16 CSeq + + A CSeq header field in a request contains a single decimal sequence + number and the request method. The sequence number MUST be + expressible as a 32-bit unsigned integer. The method part of CSeq is + case-sensitive. The CSeq header field serves to order transactions + within a dialog, to provide a means to uniquely identify + transactions, and to differentiate between new requests and request + retransmissions. Two CSeq header fields are considered equal if the + sequence number and the request method are identical. Example: + + CSeq: 4711 INVITE + +20.17 Date + + The Date header field contains the date and time. Unlike HTTP/1.1, + SIP only supports the most recent RFC 1123 [20] format for dates. As + in [H3.3], SIP restricts the time zone in SIP-date to "GMT", while + RFC 1123 allows any time zone. An RFC 1123 date is case-sensitive. + + The Date header field reflects the time when the request or response + is first sent. + + + +Rosenberg, et. al. Standards Track [Page 170] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The Date header field can be used by simple end systems without a + battery-backed clock to acquire a notion of current time. + However, in its GMT form, it requires clients to know their offset + from GMT. + + Example: + + Date: Sat, 13 Nov 2010 23:29:00 GMT + +20.18 Error-Info + + The Error-Info header field provides a pointer to additional + information about the error status response. + + SIP UACs have user interface capabilities ranging from pop-up + windows and audio on PC softclients to audio-only on "black" + phones or endpoints connected via gateways. Rather than forcing a + server generating an error to choose between sending an error + status code with a detailed reason phrase and playing an audio + recording, the Error-Info header field allows both to be sent. + The UAC then has the choice of which error indicator to render to + the caller. + + A UAC MAY treat a SIP or SIPS URI in an Error-Info header field as if + it were a Contact in a redirect and generate a new INVITE, resulting + in a recorded announcement session being established. A non-SIP URI + MAY be rendered to the user. + + Examples: + + SIP/2.0 404 The number you have dialed is not in service + Error-Info: + +20.19 Expires + + The Expires header field gives the relative time after which the + message (or content) expires. + + The precise meaning of this is method dependent. + + The expiration time in an INVITE does not affect the duration of the + actual session that may result from the invitation. Session + description protocols may offer the ability to express time limits on + the session duration, however. + + The value of this field is an integral number of seconds (in decimal) + between 0 and (2**32)-1, measured from the receipt of the request. + + + + +Rosenberg, et. al. Standards Track [Page 171] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + Expires: 5 + +20.20 From + + The From header field indicates the initiator of the request. This + may be different from the initiator of the dialog. Requests sent by + the callee to the caller use the callee's address in the From header + field. + + The optional "display-name" is meant to be rendered by a human user + interface. A system SHOULD use the display name "Anonymous" if the + identity of the client is to remain hidden. Even if the "display- + name" is empty, the "name-addr" form MUST be used if the "addr-spec" + contains a comma, question mark, or semicolon. Syntax issues are + discussed in Section 7.3.1. + + Two From header fields are equivalent if their URIs match, and their + parameters match. Extension parameters in one header field, not + present in the other are ignored for the purposes of comparison. This + means that the display name and presence or absence of angle brackets + do not affect matching. + + See Section 20.10 for the rules for parsing a display name, URI and + URI parameters, and header field parameters. + + The compact form of the From header field is f. + + Examples: + + From: "A. G. Bell" ;tag=a48s + From: sip:+12125551212@server.phone2net.com;tag=887s + f: Anonymous ;tag=hyh8 + +20.21 In-Reply-To + + The In-Reply-To header field enumerates the Call-IDs that this call + references or returns. These Call-IDs may have been cached by the + client then included in this header field in a return call. + + This allows automatic call distribution systems to route return + calls to the originator of the first call. This also allows + callees to filter calls, so that only return calls for calls they + originated will be accepted. This field is not a substitute for + request authentication. + + + + + +Rosenberg, et. al. Standards Track [Page 172] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + In-Reply-To: 70710@saturn.bell-tel.com, 17320@saturn.bell-tel.com + +20.22 Max-Forwards + + The Max-Forwards header field must be used with any SIP method to + limit the number of proxies or gateways that can forward the request + to the next downstream server. This can also be useful when the + client is attempting to trace a request chain that appears to be + failing or looping in mid-chain. + + The Max-Forwards value is an integer in the range 0-255 indicating + the remaining number of times this request message is allowed to be + forwarded. This count is decremented by each server that forwards + the request. The recommended initial value is 70. + + This header field should be inserted by elements that can not + otherwise guarantee loop detection. For example, a B2BUA should + insert a Max-Forwards header field. + + Example: + + Max-Forwards: 6 + +20.23 Min-Expires + + The Min-Expires header field conveys the minimum refresh interval + supported for soft-state elements managed by that server. This + includes Contact header fields that are stored by a registrar. The + header field contains a decimal integer number of seconds from 0 to + (2**32)-1. The use of the header field in a 423 (Interval Too Brief) + response is described in Sections 10.2.8, 10.3, and 21.4.17. + + Example: + + Min-Expires: 60 + +20.24 MIME-Version + + See [H19.4.1]. + + Example: + + MIME-Version: 1.0 + + + + + + +Rosenberg, et. al. Standards Track [Page 173] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +20.25 Organization + + The Organization header field conveys the name of the organization to + which the SIP element issuing the request or response belongs. + + The field MAY be used by client software to filter calls. + + Example: + + Organization: Boxes by Bob + +20.26 Priority + + The Priority header field indicates the urgency of the request as + perceived by the client. The Priority header field describes the + priority that the SIP request should have to the receiving human or + its agent. For example, it may be factored into decisions about call + routing and acceptance. For these decisions, a message containing no + Priority header field SHOULD be treated as if it specified a Priority + of "normal". The Priority header field does not influence the use of + communications resources such as packet forwarding priority in + routers or access to circuits in PSTN gateways. The header field can + have the values "non-urgent", "normal", "urgent", and "emergency", + but additional values can be defined elsewhere. It is RECOMMENDED + that the value of "emergency" only be used when life, limb, or + property are in imminent danger. Otherwise, there are no semantics + defined for this header field. + + These are the values of RFC 2076 [38], with the addition of + "emergency". + + Examples: + + Subject: A tornado is heading our way! + Priority: emergency + + or + + Subject: Weekend plans + Priority: non-urgent + +20.27 Proxy-Authenticate + + A Proxy-Authenticate header field value contains an authentication + challenge. + + The use of this header field is defined in [H14.33]. See Section + 22.3 for further details on its usage. + + + +Rosenberg, et. al. Standards Track [Page 174] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + Proxy-Authenticate: Digest realm="atlanta.com", + domain="sip:ss1.carrier.com", qop="auth", + nonce="f84f1cec41e6cbe5aea9c8e88d359", + opaque="", stale=FALSE, algorithm=MD5 + +20.28 Proxy-Authorization + + The Proxy-Authorization header field allows the client to identify + itself (or its user) to a proxy that requires authentication. A + Proxy-Authorization field value consists of credentials containing + the authentication information of the user agent for the proxy and/or + realm of the resource being requested. + + See Section 22.3 for a definition of the usage of this header field. + + This header field, along with Authorization, breaks the general rules + about multiple header field names. Although not a comma-separated + list, this header field name may be present multiple times, and MUST + NOT be combined into a single header line using the usual rules + described in Section 7.3.1. + + Example: + + Proxy-Authorization: Digest username="Alice", realm="atlanta.com", + nonce="c60f3082ee1212b402a21831ae", + response="245f23415f11432b3434341c022" + +20.29 Proxy-Require + + The Proxy-Require header field is used to indicate proxy-sensitive + features that must be supported by the proxy. See Section 20.32 for + more details on the mechanics of this message and a usage example. + + Example: + + Proxy-Require: foo + +20.30 Record-Route + + The Record-Route header field is inserted by proxies in a request to + force future requests in the dialog to be routed through the proxy. + + Examples of its use with the Route header field are described in + Sections 16.12.1. + + + + + +Rosenberg, et. al. Standards Track [Page 175] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + Record-Route: , + + +20.31 Reply-To + + The Reply-To header field contains a logical return URI that may be + different from the From header field. For example, the URI MAY be + used to return missed calls or unestablished sessions. If the user + wished to remain anonymous, the header field SHOULD either be omitted + from the request or populated in such a way that does not reveal any + private information. + + Even if the "display-name" is empty, the "name-addr" form MUST be + used if the "addr-spec" contains a comma, question mark, or + semicolon. Syntax issues are discussed in Section 7.3.1. + + Example: + + Reply-To: Bob + +20.32 Require + + The Require header field is used by UACs to tell UASs about options + that the UAC expects the UAS to support in order to process the + request. Although an optional header field, the Require MUST NOT be + ignored if it is present. + + The Require header field contains a list of option tags, described in + Section 19.2. Each option tag defines a SIP extension that MUST be + understood to process the request. Frequently, this is used to + indicate that a specific set of extension header fields need to be + understood. A UAC compliant to this specification MUST only include + option tags corresponding to standards-track RFCs. + + Example: + + Require: 100rel + +20.33 Retry-After + + The Retry-After header field can be used with a 500 (Server Internal + Error) or 503 (Service Unavailable) response to indicate how long the + service is expected to be unavailable to the requesting client and + with a 404 (Not Found), 413 (Request Entity Too Large), 480 + (Temporarily Unavailable), 486 (Busy Here), 600 (Busy), or 603 + + + + +Rosenberg, et. al. Standards Track [Page 176] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + (Decline) response to indicate when the called party anticipates + being available again. The value of this field is a positive integer + number of seconds (in decimal) after the time of the response. + + An optional comment can be used to indicate additional information + about the time of callback. An optional "duration" parameter + indicates how long the called party will be reachable starting at the + initial time of availability. If no duration parameter is given, the + service is assumed to be available indefinitely. + + Examples: + + Retry-After: 18000;duration=3600 + Retry-After: 120 (I'm in a meeting) + +20.34 Route + + The Route header field is used to force routing for a request through + the listed set of proxies. Examples of the use of the Route header + field are in Section 16.12.1. + + Example: + + Route: , + + +20.35 Server + + The Server header field contains information about the software used + by the UAS to handle the request. + + Revealing the specific software version of the server might allow the + server to become more vulnerable to attacks against software that is + known to contain security holes. Implementers SHOULD make the Server + header field a configurable option. + + Example: + + Server: HomeServer v2 + +20.36 Subject + + The Subject header field provides a summary or indicates the nature + of the call, allowing call filtering without having to parse the + session description. The session description does not have to use + the same subject indication as the invitation. + + The compact form of the Subject header field is s. + + + +Rosenberg, et. al. Standards Track [Page 177] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Example: + + Subject: Need more boxes + s: Tech Support + +20.37 Supported + + The Supported header field enumerates all the extensions supported by + the UAC or UAS. + + The Supported header field contains a list of option tags, described + in Section 19.2, that are understood by the UAC or UAS. A UA + compliant to this specification MUST only include option tags + corresponding to standards-track RFCs. If empty, it means that no + extensions are supported. + + The compact form of the Supported header field is k. + + Example: + + Supported: 100rel + +20.38 Timestamp + + The Timestamp header field describes when the UAC sent the request to + the UAS. + + See Section 8.2.6 for details on how to generate a response to a + request that contains the header field. Although there is no + normative behavior defined here that makes use of the header, it + allows for extensions or SIP applications to obtain RTT estimates. + + Example: + + Timestamp: 54 + +20.39 To + + The To header field specifies the logical recipient of the request. + + The optional "display-name" is meant to be rendered by a human-user + interface. The "tag" parameter serves as a general mechanism for + dialog identification. + + See Section 19.3 for details of the "tag" parameter. + + + + + + +Rosenberg, et. al. Standards Track [Page 178] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Comparison of To header fields for equality is identical to + comparison of From header fields. See Section 20.10 for the rules + for parsing a display name, URI and URI parameters, and header field + parameters. + + The compact form of the To header field is t. + + The following are examples of valid To header fields: + + To: The Operator ;tag=287447 + t: sip:+12125551212@server.phone2net.com + +20.40 Unsupported + + The Unsupported header field lists the features not supported by the + UAS. See Section 20.32 for motivation. + + Example: + + Unsupported: foo + +20.41 User-Agent + + The User-Agent header field contains information about the UAC + originating the request. The semantics of this header field are + defined in [H14.43]. + + Revealing the specific software version of the user agent might allow + the user agent to become more vulnerable to attacks against software + that is known to contain security holes. Implementers SHOULD make + the User-Agent header field a configurable option. + + Example: + + User-Agent: Softphone Beta1.5 + +20.42 Via + + The Via header field indicates the path taken by the request so far + and indicates the path that should be followed in routing responses. + The branch ID parameter in the Via header field values serves as a + transaction identifier, and is used by proxies to detect loops. + + A Via header field value contains the transport protocol used to send + the message, the client's host name or network address, and possibly + the port number at which it wishes to receive responses. A Via + header field value can also contain parameters such as "maddr", + "ttl", "received", and "branch", whose meaning and use are described + + + +Rosenberg, et. al. Standards Track [Page 179] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + in other sections. For implementations compliant to this + specification, the value of the branch parameter MUST start with the + magic cookie "z9hG4bK", as discussed in Section 8.1.1.7. + + Transport protocols defined here are "UDP", "TCP", "TLS", and "SCTP". + "TLS" means TLS over TCP. When a request is sent to a SIPS URI, the + protocol still indicates "SIP", and the transport protocol is TLS. + +Via: SIP/2.0/UDP erlang.bell-telephone.com:5060;branch=z9hG4bK87asdks7 +Via: SIP/2.0/UDP 192.0.2.1:5060 ;received=192.0.2.207 + ;branch=z9hG4bK77asjd + + The compact form of the Via header field is v. + + In this example, the message originated from a multi-homed host with + two addresses, 192.0.2.1 and 192.0.2.207. The sender guessed wrong + as to which network interface would be used. Erlang.bell- + telephone.com noticed the mismatch and added a parameter to the + previous hop's Via header field value, containing the address that + the packet actually came from. + + The host or network address and port number are not required to + follow the SIP URI syntax. Specifically, LWS on either side of the + ":" or "/" is allowed, as shown here: + + Via: SIP / 2.0 / UDP first.example.com: 4000;ttl=16 + ;maddr=224.2.0.1 ;branch=z9hG4bKa7c6a8dlze.1 + + Even though this specification mandates that the branch parameter be + present in all requests, the BNF for the header field indicates that + it is optional. This allows interoperation with RFC 2543 elements, + which did not have to insert the branch parameter. + + Two Via header fields are equal if their sent-protocol and sent-by + fields are equal, both have the same set of parameters, and the + values of all parameters are equal. + +20.43 Warning + + The Warning header field is used to carry additional information + about the status of a response. Warning header field values are sent + with responses and contain a three-digit warning code, host name, and + warning text. + + The "warn-text" should be in a natural language that is most likely + to be intelligible to the human user receiving the response. This + decision can be based on any available knowledge, such as the + location of the user, the Accept-Language field in a request, or the + + + +Rosenberg, et. al. Standards Track [Page 180] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Content-Language field in a response. The default language is i- + default [21]. + + The currently-defined "warn-code"s are listed below, with a + recommended warn-text in English and a description of their meaning. + These warnings describe failures induced by the session description. + The first digit of warning codes beginning with "3" indicates + warnings specific to SIP. Warnings 300 through 329 are reserved for + indicating problems with keywords in the session description, 330 + through 339 are warnings related to basic network services requested + in the session description, 370 through 379 are warnings related to + quantitative QoS parameters requested in the session description, and + 390 through 399 are miscellaneous warnings that do not fall into one + of the above categories. + + 300 Incompatible network protocol: One or more network protocols + contained in the session description are not available. + + 301 Incompatible network address formats: One or more network + address formats contained in the session description are not + available. + + 302 Incompatible transport protocol: One or more transport + protocols described in the session description are not + available. + + 303 Incompatible bandwidth units: One or more bandwidth + measurement units contained in the session description were + not understood. + + 304 Media type not available: One or more media types contained in + the session description are not available. + + 305 Incompatible media format: One or more media formats contained + in the session description are not available. + + 306 Attribute not understood: One or more of the media attributes + in the session description are not supported. + + 307 Session description parameter not understood: A parameter + other than those listed above was not understood. + + 330 Multicast not available: The site where the user is located + does not support multicast. + + 331 Unicast not available: The site where the user is located does + not support unicast communication (usually due to the presence + of a firewall). + + + +Rosenberg, et. al. Standards Track [Page 181] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + 370 Insufficient bandwidth: The bandwidth specified in the session + description or defined by the media exceeds that known to be + available. + + 399 Miscellaneous warning: The warning text can include arbitrary + information to be presented to a human user or logged. A + system receiving this warning MUST NOT take any automated + action. + + 1xx and 2xx have been taken by HTTP/1.1. + + Additional "warn-code"s can be defined through IANA, as defined in + Section 27.2. + + Examples: + + Warning: 307 isi.edu "Session parameter 'foo' not understood" + Warning: 301 isi.edu "Incompatible network address type 'E.164'" + +20.44 WWW-Authenticate + + A WWW-Authenticate header field value contains an authentication + challenge. See Section 22.2 for further details on its usage. + + Example: + + WWW-Authenticate: Digest realm="atlanta.com", + domain="sip:boxesbybob.com", qop="auth", + nonce="f84f1cec41e6cbe5aea9c8e88d359", + opaque="", stale=FALSE, algorithm=MD5 + +21 Response Codes + + The response codes are consistent with, and extend, HTTP/1.1 response + codes. Not all HTTP/1.1 response codes are appropriate, and only + those that are appropriate are given here. Other HTTP/1.1 response + codes SHOULD NOT be used. Also, SIP defines a new class, 6xx. + +21.1 Provisional 1xx + + Provisional responses, also known as informational responses, + indicate that the server contacted is performing some further action + and does not yet have a definitive response. A server sends a 1xx + response if it expects to take more than 200 ms to obtain a final + response. Note that 1xx responses are not transmitted reliably. + They never cause the client to send an ACK. Provisional (1xx) + responses MAY contain message bodies, including session descriptions. + + + + +Rosenberg, et. al. Standards Track [Page 182] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.1.1 100 Trying + + This response indicates that the request has been received by the + next-hop server and that some unspecified action is being taken on + behalf of this call (for example, a database is being consulted). + This response, like all other provisional responses, stops + retransmissions of an INVITE by a UAC. The 100 (Trying) response is + different from other provisional responses, in that it is never + forwarded upstream by a stateful proxy. + +21.1.2 180 Ringing + + The UA receiving the INVITE is trying to alert the user. This + response MAY be used to initiate local ringback. + +21.1.3 181 Call Is Being Forwarded + + A server MAY use this status code to indicate that the call is being + forwarded to a different set of destinations. + +21.1.4 182 Queued + + The called party is temporarily unavailable, but the server has + decided to queue the call rather than reject it. When the callee + becomes available, it will return the appropriate final status + response. The reason phrase MAY give further details about the + status of the call, for example, "5 calls queued; expected waiting + time is 15 minutes". The server MAY issue several 182 (Queued) + responses to update the caller about the status of the queued call. + +21.1.5 183 Session Progress + + The 183 (Session Progress) response is used to convey information + about the progress of the call that is not otherwise classified. The + Reason-Phrase, header fields, or message body MAY be used to convey + more details about the call progress. + +21.2 Successful 2xx + + The request was successful. + +21.2.1 200 OK + + The request has succeeded. The information returned with the + response depends on the method used in the request. + + + + + + +Rosenberg, et. al. Standards Track [Page 183] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.3 Redirection 3xx + + 3xx responses give information about the user's new location, or + about alternative services that might be able to satisfy the call. + +21.3.1 300 Multiple Choices + + The address in the request resolved to several choices, each with its + own specific location, and the user (or UA) can select a preferred + communication end point and redirect its request to that location. + + The response MAY include a message body containing a list of resource + characteristics and location(s) from which the user or UA can choose + the one most appropriate, if allowed by the Accept request header + field. However, no MIME types have been defined for this message + body. + + The choices SHOULD also be listed as Contact fields (Section 20.10). + Unlike HTTP, the SIP response MAY contain several Contact fields or a + list of addresses in a Contact field. UAs MAY use the Contact header + field value for automatic redirection or MAY ask the user to confirm + a choice. However, this specification does not define any standard + for such automatic selection. + + This status response is appropriate if the callee can be reached + at several different locations and the server cannot or prefers + not to proxy the request. + +21.3.2 301 Moved Permanently + + The user can no longer be found at the address in the Request-URI, + and the requesting client SHOULD retry at the new address given by + the Contact header field (Section 20.10). The requestor SHOULD + update any local directories, address books, and user location caches + with this new value and redirect future requests to the address(es) + listed. + +21.3.3 302 Moved Temporarily + + The requesting client SHOULD retry the request at the new address(es) + given by the Contact header field (Section 20.10). The Request-URI + of the new request uses the value of the Contact header field in the + response. + + + + + + + + +Rosenberg, et. al. Standards Track [Page 184] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The duration of the validity of the Contact URI can be indicated + through an Expires (Section 20.19) header field or an expires + parameter in the Contact header field. Both proxies and UAs MAY + cache this URI for the duration of the expiration time. If there is + no explicit expiration time, the address is only valid once for + recursing, and MUST NOT be cached for future transactions. + + If the URI cached from the Contact header field fails, the Request- + URI from the redirected request MAY be tried again a single time. + + The temporary URI may have become out-of-date sooner than the + expiration time, and a new temporary URI may be available. + +21.3.4 305 Use Proxy + + The requested resource MUST be accessed through the proxy given by + the Contact field. The Contact field gives the URI of the proxy. + The recipient is expected to repeat this single request via the + proxy. 305 (Use Proxy) responses MUST only be generated by UASs. + +21.3.5 380 Alternative Service + + The call was not successful, but alternative services are possible. + + The alternative services are described in the message body of the + response. Formats for such bodies are not defined here, and may be + the subject of future standardization. + +21.4 Request Failure 4xx + + 4xx responses are definite failure responses from a particular + server. The client SHOULD NOT retry the same request without + modification (for example, adding appropriate authorization). + However, the same request to a different server might be successful. + +21.4.1 400 Bad Request + + The request could not be understood due to malformed syntax. The + Reason-Phrase SHOULD identify the syntax problem in more detail, for + example, "Missing Call-ID header field". + +21.4.2 401 Unauthorized + + The request requires user authentication. This response is issued by + UASs and registrars, while 407 (Proxy Authentication Required) is + used by proxy servers. + + + + + +Rosenberg, et. al. Standards Track [Page 185] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.4.3 402 Payment Required + + Reserved for future use. + +21.4.4 403 Forbidden + + The server understood the request, but is refusing to fulfill it. + Authorization will not help, and the request SHOULD NOT be repeated. + +21.4.5 404 Not Found + + The server has definitive information that the user does not exist at + the domain specified in the Request-URI. This status is also + returned if the domain in the Request-URI does not match any of the + domains handled by the recipient of the request. + +21.4.6 405 Method Not Allowed + + The method specified in the Request-Line is understood, but not + allowed for the address identified by the Request-URI. + + The response MUST include an Allow header field containing a list of + valid methods for the indicated address. + +21.4.7 406 Not Acceptable + + The resource identified by the request is only capable of generating + response entities that have content characteristics not acceptable + according to the Accept header field sent in the request. + +21.4.8 407 Proxy Authentication Required + + This code is similar to 401 (Unauthorized), but indicates that the + client MUST first authenticate itself with the proxy. SIP access + authentication is explained in Sections 26 and 22.3. + + This status code can be used for applications where access to the + communication channel (for example, a telephony gateway) rather than + the callee requires authentication. + +21.4.9 408 Request Timeout + + The server could not produce a response within a suitable amount of + time, for example, if it could not determine the location of the user + in time. The client MAY repeat the request without modifications at + any later time. + + + + + +Rosenberg, et. al. Standards Track [Page 186] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.4.10 410 Gone + + The requested resource is no longer available at the server and no + forwarding address is known. This condition is expected to be + considered permanent. If the server does not know, or has no + facility to determine, whether or not the condition is permanent, the + status code 404 (Not Found) SHOULD be used instead. + +21.4.11 413 Request Entity Too Large + + The server is refusing to process a request because the request + entity-body is larger than the server is willing or able to process. + The server MAY close the connection to prevent the client from + continuing the request. + + If the condition is temporary, the server SHOULD include a Retry- + After header field to indicate that it is temporary and after what + time the client MAY try again. + +21.4.12 414 Request-URI Too Long + + The server is refusing to service the request because the Request-URI + is longer than the server is willing to interpret. + +21.4.13 415 Unsupported Media Type + + The server is refusing to service the request because the message + body of the request is in a format not supported by the server for + the requested method. The server MUST return a list of acceptable + formats using the Accept, Accept-Encoding, or Accept-Language header + field, depending on the specific problem with the content. UAC + processing of this response is described in Section 8.1.3.5. + +21.4.14 416 Unsupported URI Scheme + + The server cannot process the request because the scheme of the URI + in the Request-URI is unknown to the server. Client processing of + this response is described in Section 8.1.3.5. + +21.4.15 420 Bad Extension + + The server did not understand the protocol extension specified in a + Proxy-Require (Section 20.29) or Require (Section 20.32) header + field. The server MUST include a list of the unsupported extensions + in an Unsupported header field in the response. UAC processing of + this response is described in Section 8.1.3.5. + + + + + +Rosenberg, et. al. Standards Track [Page 187] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.4.16 421 Extension Required + + The UAS needs a particular extension to process the request, but this + extension is not listed in a Supported header field in the request. + Responses with this status code MUST contain a Require header field + listing the required extensions. + + A UAS SHOULD NOT use this response unless it truly cannot provide any + useful service to the client. Instead, if a desirable extension is + not listed in the Supported header field, servers SHOULD process the + request using baseline SIP capabilities and any extensions supported + by the client. + +21.4.17 423 Interval Too Brief + + The server is rejecting the request because the expiration time of + the resource refreshed by the request is too short. This response + can be used by a registrar to reject a registration whose Contact + header field expiration time was too small. The use of this response + and the related Min-Expires header field are described in Sections + 10.2.8, 10.3, and 20.23. + +21.4.18 480 Temporarily Unavailable + + The callee's end system was contacted successfully but the callee is + currently unavailable (for example, is not logged in, logged in but + in a state that precludes communication with the callee, or has + activated the "do not disturb" feature). The response MAY indicate a + better time to call in the Retry-After header field. The user could + also be available elsewhere (unbeknownst to this server). The reason + phrase SHOULD indicate a more precise cause as to why the callee is + unavailable. This value SHOULD be settable by the UA. Status 486 + (Busy Here) MAY be used to more precisely indicate a particular + reason for the call failure. + + This status is also returned by a redirect or proxy server that + recognizes the user identified by the Request-URI, but does not + currently have a valid forwarding location for that user. + +21.4.19 481 Call/Transaction Does Not Exist + + This status indicates that the UAS received a request that does not + match any existing dialog or transaction. + +21.4.20 482 Loop Detected + + The server has detected a loop (Section 16.3 Item 4). + + + + +Rosenberg, et. al. Standards Track [Page 188] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.4.21 483 Too Many Hops + + The server received a request that contains a Max-Forwards (Section + 20.22) header field with the value zero. + +21.4.22 484 Address Incomplete + + The server received a request with a Request-URI that was incomplete. + Additional information SHOULD be provided in the reason phrase. + + This status code allows overlapped dialing. With overlapped + dialing, the client does not know the length of the dialing + string. It sends strings of increasing lengths, prompting the + user for more input, until it no longer receives a 484 (Address + Incomplete) status response. + +21.4.23 485 Ambiguous + + The Request-URI was ambiguous. The response MAY contain a listing of + possible unambiguous addresses in Contact header fields. Revealing + alternatives can infringe on privacy of the user or the organization. + It MUST be possible to configure a server to respond with status 404 + (Not Found) or to suppress the listing of possible choices for + ambiguous Request-URIs. + + Example response to a request with the Request-URI + sip:lee@example.com: + + SIP/2.0 485 Ambiguous + Contact: Carol Lee + Contact: Ping Lee + Contact: Lee M. Foote + + Some email and voice mail systems provide this functionality. A + status code separate from 3xx is used since the semantics are + different: for 300, it is assumed that the same person or service + will be reached by the choices provided. While an automated + choice or sequential search makes sense for a 3xx response, user + intervention is required for a 485 (Ambiguous) response. + +21.4.24 486 Busy Here + + The callee's end system was contacted successfully, but the callee is + currently not willing or able to take additional calls at this end + system. The response MAY indicate a better time to call in the + Retry-After header field. The user could also be available + + + + + +Rosenberg, et. al. Standards Track [Page 189] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + elsewhere, such as through a voice mail service. Status 600 (Busy + Everywhere) SHOULD be used if the client knows that no other end + system will be able to accept this call. + +21.4.25 487 Request Terminated + + The request was terminated by a BYE or CANCEL request. This response + is never returned for a CANCEL request itself. + +21.4.26 488 Not Acceptable Here + + The response has the same meaning as 606 (Not Acceptable), but only + applies to the specific resource addressed by the Request-URI and the + request may succeed elsewhere. + + A message body containing a description of media capabilities MAY be + present in the response, which is formatted according to the Accept + header field in the INVITE (or application/sdp if not present), the + same as a message body in a 200 (OK) response to an OPTIONS request. + +21.4.27 491 Request Pending + + The request was received by a UAS that had a pending request within + the same dialog. Section 14.2 describes how such "glare" situations + are resolved. + +21.4.28 493 Undecipherable + + The request was received by a UAS that contained an encrypted MIME + body for which the recipient does not possess or will not provide an + appropriate decryption key. This response MAY have a single body + containing an appropriate public key that should be used to encrypt + MIME bodies sent to this UA. Details of the usage of this response + code can be found in Section 23.2. + +21.5 Server Failure 5xx + + 5xx responses are failure responses given when a server itself has + erred. + +21.5.1 500 Server Internal Error + + The server encountered an unexpected condition that prevented it from + fulfilling the request. The client MAY display the specific error + condition and MAY retry the request after several seconds. + + If the condition is temporary, the server MAY indicate when the + client may retry the request using the Retry-After header field. + + + +Rosenberg, et. al. Standards Track [Page 190] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.5.2 501 Not Implemented + + The server does not support the functionality required to fulfill the + request. This is the appropriate response when a UAS does not + recognize the request method and is not capable of supporting it for + any user. (Proxies forward all requests regardless of method.) + + Note that a 405 (Method Not Allowed) is sent when the server + recognizes the request method, but that method is not allowed or + supported. + +21.5.3 502 Bad Gateway + + The server, while acting as a gateway or proxy, received an invalid + response from the downstream server it accessed in attempting to + fulfill the request. + +21.5.4 503 Service Unavailable + + The server is temporarily unable to process the request due to a + temporary overloading or maintenance of the server. The server MAY + indicate when the client should retry the request in a Retry-After + header field. If no Retry-After is given, the client MUST act as if + it had received a 500 (Server Internal Error) response. + + A client (proxy or UAC) receiving a 503 (Service Unavailable) SHOULD + attempt to forward the request to an alternate server. It SHOULD NOT + forward any other requests to that server for the duration specified + in the Retry-After header field, if present. + + Servers MAY refuse the connection or drop the request instead of + responding with 503 (Service Unavailable). + +21.5.5 504 Server Time-out + + The server did not receive a timely response from an external server + it accessed in attempting to process the request. 408 (Request + Timeout) should be used instead if there was no response within the + period specified in the Expires header field from the upstream + server. + +21.5.6 505 Version Not Supported + + The server does not support, or refuses to support, the SIP protocol + version that was used in the request. The server is indicating that + it is unable or unwilling to complete the request using the same + major version as the client, other than with this error message. + + + + +Rosenberg, et. al. Standards Track [Page 191] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +21.5.7 513 Message Too Large + + The server was unable to process the request since the message length + exceeded its capabilities. + +21.6 Global Failures 6xx + + 6xx responses indicate that a server has definitive information about + a particular user, not just the particular instance indicated in the + Request-URI. + +21.6.1 600 Busy Everywhere + + The callee's end system was contacted successfully but the callee is + busy and does not wish to take the call at this time. The response + MAY indicate a better time to call in the Retry-After header field. + If the callee does not wish to reveal the reason for declining the + call, the callee uses status code 603 (Decline) instead. This status + response is returned only if the client knows that no other end point + (such as a voice mail system) will answer the request. Otherwise, + 486 (Busy Here) should be returned. + +21.6.2 603 Decline + + The callee's machine was successfully contacted but the user + explicitly does not wish to or cannot participate. The response MAY + indicate a better time to call in the Retry-After header field. This + status response is returned only if the client knows that no other + end point will answer the request. + +21.6.3 604 Does Not Exist Anywhere + + The server has authoritative information that the user indicated in + the Request-URI does not exist anywhere. + +21.6.4 606 Not Acceptable + + The user's agent was contacted successfully but some aspects of the + session description such as the requested media, bandwidth, or + addressing style were not acceptable. + + A 606 (Not Acceptable) response means that the user wishes to + communicate, but cannot adequately support the session described. + The 606 (Not Acceptable) response MAY contain a list of reasons in a + Warning header field describing why the session described cannot be + supported. Warning reason codes are listed in Section 20.43. + + + + + +Rosenberg, et. al. Standards Track [Page 192] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + A message body containing a description of media capabilities MAY be + present in the response, which is formatted according to the Accept + header field in the INVITE (or application/sdp if not present), the + same as a message body in a 200 (OK) response to an OPTIONS request. + + It is hoped that negotiation will not frequently be needed, and when + a new user is being invited to join an already existing conference, + negotiation may not be possible. It is up to the invitation + initiator to decide whether or not to act on a 606 (Not Acceptable) + response. + + This status response is returned only if the client knows that no + other end point will answer the request. + +22 Usage of HTTP Authentication + + SIP provides a stateless, challenge-based mechanism for + authentication that is based on authentication in HTTP. Any time + that a proxy server or UA receives a request (with the exceptions + given in Section 22.1), it MAY challenge the initiator of the request + to provide assurance of its identity. Once the originator has been + identified, the recipient of the request SHOULD ascertain whether or + not this user is authorized to make the request in question. No + authorization systems are recommended or discussed in this document. + + The "Digest" authentication mechanism described in this section + provides message authentication and replay protection only, without + message integrity or confidentiality. Protective measures above and + beyond those provided by Digest need to be taken to prevent active + attackers from modifying SIP requests and responses. + + Note that due to its weak security, the usage of "Basic" + authentication has been deprecated. Servers MUST NOT accept + credentials using the "Basic" authorization scheme, and servers also + MUST NOT challenge with "Basic". This is a change from RFC 2543. + +22.1 Framework + + The framework for SIP authentication closely parallels that of HTTP + (RFC 2617 [17]). In particular, the BNF for auth-scheme, auth-param, + challenge, realm, realm-value, and credentials is identical (although + the usage of "Basic" as a scheme is not permitted). In SIP, a UAS + uses the 401 (Unauthorized) response to challenge the identity of a + UAC. Additionally, registrars and redirect servers MAY make use of + 401 (Unauthorized) responses for authentication, but proxies MUST + NOT, and instead MAY use the 407 (Proxy Authentication Required) + + + + + +Rosenberg, et. al. Standards Track [Page 193] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + response. The requirements for inclusion of the Proxy-Authenticate, + Proxy-Authorization, WWW-Authenticate, and Authorization in the + various messages are identical to those described in RFC 2617 [17]. + + Since SIP does not have the concept of a canonical root URL, the + notion of protection spaces is interpreted differently in SIP. The + realm string alone defines the protection domain. This is a change + from RFC 2543, in which the Request-URI and the realm together + defined the protection domain. + + This previous definition of protection domain caused some amount + of confusion since the Request-URI sent by the UAC and the + Request-URI received by the challenging server might be different, + and indeed the final form of the Request-URI might not be known to + the UAC. Also, the previous definition depended on the presence + of a SIP URI in the Request-URI and seemed to rule out alternative + URI schemes (for example, the tel URL). + + Operators of user agents or proxy servers that will authenticate + received requests MUST adhere to the following guidelines for + creation of a realm string for their server: + + o Realm strings MUST be globally unique. It is RECOMMENDED that + a realm string contain a hostname or domain name, following the + recommendation in Section 3.2.1 of RFC 2617 [17]. + + o Realm strings SHOULD present a human-readable identifier that + can be rendered to a user. + + For example: + + INVITE sip:bob@biloxi.com SIP/2.0 + Authorization: Digest realm="biloxi.com", <...> + + Generally, SIP authentication is meaningful for a specific realm, a + protection domain. Thus, for Digest authentication, each such + protection domain has its own set of usernames and passwords. If a + server does not require authentication for a particular request, it + MAY accept a default username, "anonymous", which has no password + (password of ""). Similarly, UACs representing many users, such as + PSTN gateways, MAY have their own device-specific username and + password, rather than accounts for particular users, for their realm. + + While a server can legitimately challenge most SIP requests, there + are two requests defined by this document that require special + handling for authentication: ACK and CANCEL. + + + + + +Rosenberg, et. al. Standards Track [Page 194] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Under an authentication scheme that uses responses to carry values + used to compute nonces (such as Digest), some problems come up for + any requests that take no response, including ACK. For this reason, + any credentials in the INVITE that were accepted by a server MUST be + accepted by that server for the ACK. UACs creating an ACK message + will duplicate all of the Authorization and Proxy-Authorization + header field values that appeared in the INVITE to which the ACK + corresponds. Servers MUST NOT attempt to challenge an ACK. + + Although the CANCEL method does take a response (a 2xx), servers MUST + NOT attempt to challenge CANCEL requests since these requests cannot + be resubmitted. Generally, a CANCEL request SHOULD be accepted by a + server if it comes from the same hop that sent the request being + canceled (provided that some sort of transport or network layer + security association, as described in Section 26.2.1, is in place). + + When a UAC receives a challenge, it SHOULD render to the user the + contents of the "realm" parameter in the challenge (which appears in + either a WWW-Authenticate header field or Proxy-Authenticate header + field) if the UAC device does not already know of a credential for + the realm in question. A service provider that pre-configures UAs + with credentials for its realm should be aware that users will not + have the opportunity to present their own credentials for this realm + when challenged at a pre-configured device. + + Finally, note that even if a UAC can locate credentials that are + associated with the proper realm, the potential exists that these + credentials may no longer be valid or that the challenging server + will not accept these credentials for whatever reason (especially + when "anonymous" with no password is submitted). In this instance a + server may repeat its challenge, or it may respond with a 403 + Forbidden. A UAC MUST NOT re-attempt requests with the credentials + that have just been rejected (though the request may be retried if + the nonce was stale). + +22.2 User-to-User Authentication + + When a UAS receives a request from a UAC, the UAS MAY authenticate + the originator before the request is processed. If no credentials + (in the Authorization header field) are provided in the request, the + UAS can challenge the originator to provide credentials by rejecting + the request with a 401 (Unauthorized) status code. + + The WWW-Authenticate response-header field MUST be included in 401 + (Unauthorized) response messages. The field value consists of at + least one challenge that indicates the authentication scheme(s) and + parameters applicable to the realm. + + + + +Rosenberg, et. al. Standards Track [Page 195] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + An example of the WWW-Authenticate header field in a 401 challenge + is: + + WWW-Authenticate: Digest + realm="biloxi.com", + qop="auth,auth-int", + nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", + opaque="5ccc069c403ebaf9f0171e9517f40e41" + + When the originating UAC receives the 401 (Unauthorized), it SHOULD, + if it is able, re-originate the request with the proper credentials. + The UAC may require input from the originating user before + proceeding. Once authentication credentials have been supplied + (either directly by the user, or discovered in an internal keyring), + UAs SHOULD cache the credentials for a given value of the To header + field and "realm" and attempt to re-use these values on the next + request for that destination. UAs MAY cache credentials in any way + they would like. + + If no credentials for a realm can be located, UACs MAY attempt to + retry the request with a username of "anonymous" and no password (a + password of ""). + + Once credentials have been located, any UA that wishes to + authenticate itself with a UAS or registrar -- usually, but not + necessarily, after receiving a 401 (Unauthorized) response -- MAY do + so by including an Authorization header field with the request. The + Authorization field value consists of credentials containing the + authentication information of the UA for the realm of the resource + being requested as well as parameters required in support of + authentication and replay protection. + + An example of the Authorization header field is: + + Authorization: Digest username="bob", + realm="biloxi.com", + nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", + uri="sip:bob@biloxi.com", + qop=auth, + nc=00000001, + cnonce="0a4f113b", + response="6629fae49393a05397450978507c4ef1", + opaque="5ccc069c403ebaf9f0171e9517f40e41" + + When a UAC resubmits a request with its credentials after receiving a + 401 (Unauthorized) or 407 (Proxy Authentication Required) response, + it MUST increment the CSeq header field value as it would normally + when sending an updated request. + + + +Rosenberg, et. al. Standards Track [Page 196] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +22.3 Proxy-to-User Authentication + + Similarly, when a UAC sends a request to a proxy server, the proxy + server MAY authenticate the originator before the request is + processed. If no credentials (in the Proxy-Authorization header + field) are provided in the request, the proxy can challenge the + originator to provide credentials by rejecting the request with a 407 + (Proxy Authentication Required) status code. The proxy MUST populate + the 407 (Proxy Authentication Required) message with a Proxy- + Authenticate header field value applicable to the proxy for the + requested resource. + + The use of Proxy-Authenticate and Proxy-Authorization parallel that + described in [17], with one difference. Proxies MUST NOT add values + to the Proxy-Authorization header field. All 407 (Proxy + Authentication Required) responses MUST be forwarded upstream toward + the UAC following the procedures for any other response. It is the + UAC's responsibility to add the Proxy-Authorization header field + value containing credentials for the realm of the proxy that has + asked for authentication. + + If a proxy were to resubmit a request adding a Proxy-Authorization + header field value, it would need to increment the CSeq in the new + request. However, this would cause the UAC that submitted the + original request to discard a response from the UAS, as the CSeq + value would be different. + + When the originating UAC receives the 407 (Proxy Authentication + Required) it SHOULD, if it is able, re-originate the request with the + proper credentials. It should follow the same procedures for the + display of the "realm" parameter that are given above for responding + to 401. + + If no credentials for a realm can be located, UACs MAY attempt to + retry the request with a username of "anonymous" and no password (a + password of ""). + + The UAC SHOULD also cache the credentials used in the re-originated + request. + + The following rule is RECOMMENDED for proxy credential caching: + + If a UA receives a Proxy-Authenticate header field value in a 401/407 + response to a request with a particular Call-ID, it should + incorporate credentials for that realm in all subsequent requests + that contain the same Call-ID. These credentials MUST NOT be cached + across dialogs; however, if a UA is configured with the realm of its + local outbound proxy, when one exists, then the UA MAY cache + + + +Rosenberg, et. al. Standards Track [Page 197] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + credentials for that realm across dialogs. Note that this does mean + a future request in a dialog could contain credentials that are not + needed by any proxy along the Route header path. + + Any UA that wishes to authenticate itself to a proxy server -- + usually, but not necessarily, after receiving a 407 (Proxy + Authentication Required) response -- MAY do so by including a Proxy- + Authorization header field value with the request. The Proxy- + Authorization request-header field allows the client to identify + itself (or its user) to a proxy that requires authentication. The + Proxy-Authorization header field value consists of credentials + containing the authentication information of the UA for the proxy + and/or realm of the resource being requested. + + A Proxy-Authorization header field value applies only to the proxy + whose realm is identified in the "realm" parameter (this proxy may + previously have demanded authentication using the Proxy-Authenticate + field). When multiple proxies are used in a chain, a Proxy- + Authorization header field value MUST NOT be consumed by any proxy + whose realm does not match the "realm" parameter specified in that + value. + + Note that if an authentication scheme that does not support realms is + used in the Proxy-Authorization header field, a proxy server MUST + attempt to parse all Proxy-Authorization header field values to + determine whether one of them has what the proxy server considers to + be valid credentials. Because this is potentially very time- + consuming in large networks, proxy servers SHOULD use an + authentication scheme that supports realms in the Proxy-Authorization + header field. + + If a request is forked (as described in Section 16.7), various proxy + servers and/or UAs may wish to challenge the UAC. In this case, the + forking proxy server is responsible for aggregating these challenges + into a single response. Each WWW-Authenticate and Proxy-Authenticate + value received in responses to the forked request MUST be placed into + the single response that is sent by the forking proxy to the UA; the + ordering of these header field values is not significant. + + When a proxy server issues a challenge in response to a request, + it will not proxy the request until the UAC has retried the + request with valid credentials. A forking proxy may forward a + request simultaneously to multiple proxy servers that require + authentication, each of which in turn will not forward the request + until the originating UAC has authenticated itself in their + respective realm. If the UAC does not provide credentials for + + + + + +Rosenberg, et. al. Standards Track [Page 198] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + each challenge, the proxy servers that issued the challenges will + not forward requests to the UA where the destination user might be + located, and therefore, the virtues of forking are largely lost. + + When resubmitting its request in response to a 401 (Unauthorized) or + 407 (Proxy Authentication Required) that contains multiple + challenges, a UAC MAY include an Authorization value for each WWW- + Authenticate value and a Proxy-Authorization value for each Proxy- + Authenticate value for which the UAC wishes to supply a credential. + As noted above, multiple credentials in a request SHOULD be + differentiated by the "realm" parameter. + + It is possible for multiple challenges associated with the same realm + to appear in the same 401 (Unauthorized) or 407 (Proxy Authentication + Required). This can occur, for example, when multiple proxies within + the same administrative domain, which use a common realm, are reached + by a forking request. When it retries a request, a UAC MAY therefore + supply multiple credentials in Authorization or Proxy-Authorization + header fields with the same "realm" parameter value. The same + credentials SHOULD be used for the same realm. + +22.4 The Digest Authentication Scheme + + This section describes the modifications and clarifications required + to apply the HTTP Digest authentication scheme to SIP. The SIP + scheme usage is almost completely identical to that for HTTP [17]. + + Since RFC 2543 is based on HTTP Digest as defined in RFC 2069 [39], + SIP servers supporting RFC 2617 MUST ensure they are backwards + compatible with RFC 2069. Procedures for this backwards + compatibility are specified in RFC 2617. Note, however, that SIP + servers MUST NOT accept or request Basic authentication. + + The rules for Digest authentication follow those defined in [17], + with "HTTP/1.1" replaced by "SIP/2.0" in addition to the following + differences: + + 1. The URI included in the challenge has the following BNF: + + URI = SIP-URI / SIPS-URI + + 2. The BNF in RFC 2617 has an error in that the 'uri' parameter + of the Authorization header field for HTTP Digest + + + + + + + + +Rosenberg, et. al. Standards Track [Page 199] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + authentication is not enclosed in quotation marks. (The + example in Section 3.5 of RFC 2617 is correct.) For SIP, the + 'uri' MUST be enclosed in quotation marks. + + 3. The BNF for digest-uri-value is: + + digest-uri-value = Request-URI ; as defined in Section 25 + + 4. The example procedure for choosing a nonce based on Etag does + not work for SIP. + + 5. The text in RFC 2617 [17] regarding cache operation does not + apply to SIP. + + 6. RFC 2617 [17] requires that a server check that the URI in the + request line and the URI included in the Authorization header + field point to the same resource. In a SIP context, these two + URIs may refer to different users, due to forwarding at some + proxy. Therefore, in SIP, a server MAY check that the + Request-URI in the Authorization header field value + corresponds to a user for whom the server is willing to accept + forwarded or direct requests, but it is not necessarily a + failure if the two fields are not equivalent. + + 7. As a clarification to the calculation of the A2 value for + message integrity assurance in the Digest authentication + scheme, implementers should assume, when the entity-body is + empty (that is, when SIP messages have no body) that the hash + of the entity-body resolves to the MD5 hash of an empty + string, or: + + H(entity-body) = MD5("") = + "d41d8cd98f00b204e9800998ecf8427e" + + 8. RFC 2617 notes that a cnonce value MUST NOT be sent in an + Authorization (and by extension Proxy-Authorization) header + field if no qop directive has been sent. Therefore, any + algorithms that have a dependency on the cnonce (including + "MD5-Sess") require that the qop directive be sent. Use of + the "qop" parameter is optional in RFC 2617 for the purposes + of backwards compatibility with RFC 2069; since RFC 2543 was + based on RFC 2069, the "qop" parameter must unfortunately + remain optional for clients and servers to receive. However, + servers MUST always send a "qop" parameter in WWW-Authenticate + and Proxy-Authenticate header field values. If a client + receives a "qop" parameter in a challenge header field, it + MUST send the "qop" parameter in any resulting authorization + header field. + + + +Rosenberg, et. al. Standards Track [Page 200] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + RFC 2543 did not allow usage of the Authentication-Info header field + (it effectively used RFC 2069). However, we now allow usage of this + header field, since it provides integrity checks over the bodies and + provides mutual authentication. RFC 2617 [17] defines mechanisms for + backwards compatibility using the qop attribute in the request. + These mechanisms MUST be used by a server to determine if the client + supports the new mechanisms in RFC 2617 that were not specified in + RFC 2069. + +23 S/MIME + + SIP messages carry MIME bodies and the MIME standard includes + mechanisms for securing MIME contents to ensure both integrity and + confidentiality (including the 'multipart/signed' and + 'application/pkcs7-mime' MIME types, see RFC 1847 [22], RFC 2630 [23] + and RFC 2633 [24]). Implementers should note, however, that there + may be rare network intermediaries (not typical proxy servers) that + rely on viewing or modifying the bodies of SIP messages (especially + SDP), and that secure MIME may prevent these sorts of intermediaries + from functioning. + + This applies particularly to certain types of firewalls. + + The PGP mechanism for encrypting the header fields and bodies of + SIP messages described in RFC 2543 has been deprecated. + +23.1 S/MIME Certificates + + The certificates that are used to identify an end-user for the + purposes of S/MIME differ from those used by servers in one important + respect - rather than asserting that the identity of the holder + corresponds to a particular hostname, these certificates assert that + the holder is identified by an end-user address. This address is + composed of the concatenation of the "userinfo" "@" and "domainname" + portions of a SIP or SIPS URI (in other words, an email address of + the form "bob@biloxi.com"), most commonly corresponding to a user's + address-of-record. + + These certificates are also associated with keys that are used to + sign or encrypt bodies of SIP messages. Bodies are signed with the + private key of the sender (who may include their public key with the + message as appropriate), but bodies are encrypted with the public key + of the intended recipient. Obviously, senders must have + foreknowledge of the public key of recipients in order to encrypt + message bodies. Public keys can be stored within a UA on a virtual + keyring. + + + + + +Rosenberg, et. al. Standards Track [Page 201] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Each user agent that supports S/MIME MUST contain a keyring + specifically for end-users' certificates. This keyring should map + between addresses of record and corresponding certificates. Over + time, users SHOULD use the same certificate when they populate the + originating URI of signaling (the From header field) with the same + address-of-record. + + Any mechanisms depending on the existence of end-user certificates + are seriously limited in that there is virtually no consolidated + authority today that provides certificates for end-user applications. + However, users SHOULD acquire certificates from known public + certificate authorities. As an alternative, users MAY create self- + signed certificates. The implications of self-signed certificates + are explored further in Section 26.4.2. Implementations may also use + pre-configured certificates in deployments in which a previous trust + relationship exists between all SIP entities. + + Above and beyond the problem of acquiring an end-user certificate, + there are few well-known centralized directories that distribute + end-user certificates. However, the holder of a certificate SHOULD + publish their certificate in any public directories as appropriate. + Similarly, UACs SHOULD support a mechanism for importing (manually or + automatically) certificates discovered in public directories + corresponding to the target URIs of SIP requests. + +23.2 S/MIME Key Exchange + + SIP itself can also be used as a means to distribute public keys in + the following manner. + + Whenever the CMS SignedData message is used in S/MIME for SIP, it + MUST contain the certificate bearing the public key necessary to + verify the signature. + + When a UAC sends a request containing an S/MIME body that initiates a + dialog, or sends a non-INVITE request outside the context of a + dialog, the UAC SHOULD structure the body as an S/MIME + 'multipart/signed' CMS SignedData body. If the desired CMS service + is EnvelopedData (and the public key of the target user is known), + the UAC SHOULD send the EnvelopedData message encapsulated within a + SignedData message. + + When a UAS receives a request containing an S/MIME CMS body that + includes a certificate, the UAS SHOULD first validate the + certificate, if possible, with any available root certificates for + certificate authorities. The UAS SHOULD also determine the subject + of the certificate (for S/MIME, the SubjectAltName will contain the + appropriate identity) and compare this value to the From header field + + + +Rosenberg, et. al. Standards Track [Page 202] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + of the request. If the certificate cannot be verified, because it is + self-signed, or signed by no known authority, or if it is verifiable + but its subject does not correspond to the From header field of + request, the UAS MUST notify its user of the status of the + certificate (including the subject of the certificate, its signer, + and any key fingerprint information) and request explicit permission + before proceeding. If the certificate was successfully verified and + the subject of the certificate corresponds to the From header field + of the SIP request, or if the user (after notification) explicitly + authorizes the use of the certificate, the UAS SHOULD add this + certificate to a local keyring, indexed by the address-of-record of + the holder of the certificate. + + When a UAS sends a response containing an S/MIME body that answers + the first request in a dialog, or a response to a non-INVITE request + outside the context of a dialog, the UAS SHOULD structure the body as + an S/MIME 'multipart/signed' CMS SignedData body. If the desired CMS + service is EnvelopedData, the UAS SHOULD send the EnvelopedData + message encapsulated within a SignedData message. + + When a UAC receives a response containing an S/MIME CMS body that + includes a certificate, the UAC SHOULD first validate the + certificate, if possible, with any appropriate root certificate. The + UAC SHOULD also determine the subject of the certificate and compare + this value to the To field of the response; although the two may very + well be different, and this is not necessarily indicative of a + security breach. If the certificate cannot be verified because it is + self-signed, or signed by no known authority, the UAC MUST notify its + user of the status of the certificate (including the subject of the + certificate, its signator, and any key fingerprint information) and + request explicit permission before proceeding. If the certificate + was successfully verified, and the subject of the certificate + corresponds to the To header field in the response, or if the user + (after notification) explicitly authorizes the use of the + certificate, the UAC SHOULD add this certificate to a local keyring, + indexed by the address-of-record of the holder of the certificate. + If the UAC had not transmitted its own certificate to the UAS in any + previous transaction, it SHOULD use a CMS SignedData body for its + next request or response. + + On future occasions, when the UA receives requests or responses that + contain a From header field corresponding to a value in its keyring, + the UA SHOULD compare the certificate offered in these messages with + the existing certificate in its keyring. If there is a discrepancy, + the UA MUST notify its user of a change of the certificate + (preferably in terms that indicate that this is a potential security + breach) and acquire the user's permission before continuing to + + + + +Rosenberg, et. al. Standards Track [Page 203] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + process the signaling. If the user authorizes this certificate, it + SHOULD be added to the keyring alongside any previous value(s) for + this address-of-record. + + Note well however, that this key exchange mechanism does not + guarantee the secure exchange of keys when self-signed certificates, + or certificates signed by an obscure authority, are used - it is + vulnerable to well-known attacks. In the opinion of the authors, + however, the security it provides is proverbially better than + nothing; it is in fact comparable to the widely used SSH application. + These limitations are explored in greater detail in Section 26.4.2. + + If a UA receives an S/MIME body that has been encrypted with a public + key unknown to the recipient, it MUST reject the request with a 493 + (Undecipherable) response. This response SHOULD contain a valid + certificate for the respondent (corresponding, if possible, to any + address of record given in the To header field of the rejected + request) within a MIME body with a 'certs-only' "smime-type" + parameter. + + A 493 (Undecipherable) sent without any certificate indicates that + the respondent cannot or will not utilize S/MIME encrypted messages, + though they may still support S/MIME signatures. + + Note that a user agent that receives a request containing an S/MIME + body that is not optional (with a Content-Disposition header + "handling" parameter of "required") MUST reject the request with a + 415 Unsupported Media Type response if the MIME type is not + understood. A user agent that receives such a response when S/MIME + is sent SHOULD notify its user that the remote device does not + support S/MIME, and it MAY subsequently resend the request without + S/MIME, if appropriate; however, this 415 response may constitute a + downgrade attack. + + If a user agent sends an S/MIME body in a request, but receives a + response that contains a MIME body that is not secured, the UAC + SHOULD notify its user that the session could not be secured. + However, if a user agent that supports S/MIME receives a request with + an unsecured body, it SHOULD NOT respond with a secured body, but if + it expects S/MIME from the sender (for example, because the sender's + From header field value corresponds to an identity on its keychain), + the UAS SHOULD notify its user that the session could not be secured. + + A number of conditions that arise in the previous text call for the + notification of the user when an anomalous certificate-management + event occurs. Users might well ask what they should do under these + circumstances. First and foremost, an unexpected change in a + certificate, or an absence of security when security is expected, are + + + +Rosenberg, et. al. Standards Track [Page 204] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + causes for caution but not necessarily indications that an attack is + in progress. Users might abort any connection attempt or refuse a + connection request they have received; in telephony parlance, they + could hang up and call back. Users may wish to find an alternate + means to contact the other party and confirm that their key has + legitimately changed. Note that users are sometimes compelled to + change their certificates, for example when they suspect that the + secrecy of their private key has been compromised. When their + private key is no longer private, users must legitimately generate a + new key and re-establish trust with any users that held their old + key. + + Finally, if during the course of a dialog a UA receives a certificate + in a CMS SignedData message that does not correspond with the + certificates previously exchanged during a dialog, the UA MUST notify + its user of the change, preferably in terms that indicate that this + is a potential security breach. + +23.3 Securing MIME bodies + + There are two types of secure MIME bodies that are of interest to + SIP: use of these bodies should follow the S/MIME specification [24] + with a few variations. + + o "multipart/signed" MUST be used only with CMS detached + signatures. + + This allows backwards compatibility with non-S/MIME- + compliant recipients. + + o S/MIME bodies SHOULD have a Content-Disposition header field, + and the value of the "handling" parameter SHOULD be "required." + + o If a UAC has no certificate on its keyring associated with the + address-of-record to which it wants to send a request, it + cannot send an encrypted "application/pkcs7-mime" MIME message. + UACs MAY send an initial request such as an OPTIONS message + with a CMS detached signature in order to solicit the + certificate of the remote side (the signature SHOULD be over a + "message/sip" body of the type described in Section 23.4). + + Note that future standardization work on S/MIME may define + non-certificate based keys. + + o Senders of S/MIME bodies SHOULD use the "SMIMECapabilities" + (see Section 2.5.2 of [24]) attribute to express their + capabilities and preferences for further communications. Note + especially that senders MAY use the "preferSignedData" + + + +Rosenberg, et. al. Standards Track [Page 205] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + capability to encourage receivers to respond with CMS + SignedData messages (for example, when sending an OPTIONS + request as described above). + + o S/MIME implementations MUST at a minimum support SHA1 as a + digital signature algorithm, and 3DES as an encryption + algorithm. All other signature and encryption algorithms MAY + be supported. Implementations can negotiate support for these + algorithms with the "SMIMECapabilities" attribute. + + o Each S/MIME body in a SIP message SHOULD be signed with only + one certificate. If a UA receives a message with multiple + signatures, the outermost signature should be treated as the + single certificate for this body. Parallel signatures SHOULD + NOT be used. + + The following is an example of an encrypted S/MIME SDP body + within a SIP message: + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + To: Bob + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 314159 INVITE + Max-Forwards: 70 + Contact: + Content-Type: application/pkcs7-mime; smime-type=enveloped-data; + name=smime.p7m + Content-Disposition: attachment; filename=smime.p7m + handling=required + + ******************************************************* + * Content-Type: application/sdp * + * * + * v=0 * + * o=alice 53655765 2353687637 IN IP4 pc33.atlanta.com * + * s=- * + * t=0 0 * + * c=IN IP4 pc33.atlanta.com * + * m=audio 3456 RTP/AVP 0 1 3 99 * + * a=rtpmap:0 PCMU/8000 * + ******************************************************* + + + + + + + + +Rosenberg, et. al. Standards Track [Page 206] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +23.4 SIP Header Privacy and Integrity using S/MIME: Tunneling SIP + + As a means of providing some degree of end-to-end authentication, + integrity or confidentiality for SIP header fields, S/MIME can + encapsulate entire SIP messages within MIME bodies of type + "message/sip" and then apply MIME security to these bodies in the + same manner as typical SIP bodies. These encapsulated SIP requests + and responses do not constitute a separate dialog or transaction, + they are a copy of the "outer" message that is used to verify + integrity or to supply additional information. + + If a UAS receives a request that contains a tunneled "message/sip" + S/MIME body, it SHOULD include a tunneled "message/sip" body in the + response with the same smime-type. + + Any traditional MIME bodies (such as SDP) SHOULD be attached to the + "inner" message so that they can also benefit from S/MIME security. + Note that "message/sip" bodies can be sent as a part of a MIME + "multipart/mixed" body if any unsecured MIME types should also be + transmitted in a request. + +23.4.1 Integrity and Confidentiality Properties of SIP Headers + + When the S/MIME integrity or confidentiality mechanisms are used, + there may be discrepancies between the values in the "inner" message + and values in the "outer" message. The rules for handling any such + differences for all of the header fields described in this document + are given in this section. + + Note that for the purposes of loose timestamping, all SIP messages + that tunnel "message/sip" SHOULD contain a Date header in both the + "inner" and "outer" headers. + +23.4.1.1 Integrity + + Whenever integrity checks are performed, the integrity of a header + field should be determined by matching the value of the header field + in the signed body with that in the "outer" messages using the + comparison rules of SIP as described in 20. + + Header fields that can be legitimately modified by proxy servers are: + Request-URI, Via, Record-Route, Route, Max-Forwards, and Proxy- + Authorization. If these header fields are not intact end-to-end, + implementations SHOULD NOT consider this a breach of security. + Changes to any other header fields defined in this document + constitute an integrity violation; users MUST be notified of a + discrepancy. + + + + +Rosenberg, et. al. Standards Track [Page 207] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +23.4.1.2 Confidentiality + + When messages are encrypted, header fields may be included in the + encrypted body that are not present in the "outer" message. + + Some header fields must always have a plaintext version because they + are required header fields in requests and responses - these include: + + To, From, Call-ID, CSeq, Contact. While it is probably not useful to + provide an encrypted alternative for the Call-ID, CSeq, or Contact, + providing an alternative to the information in the "outer" To or From + is permitted. Note that the values in an encrypted body are not used + for the purposes of identifying transactions or dialogs - they are + merely informational. If the From header field in an encrypted body + differs from the value in the "outer" message, the value within the + encrypted body SHOULD be displayed to the user, but MUST NOT be used + in the "outer" header fields of any future messages. + + Primarily, a user agent will want to encrypt header fields that have + an end-to-end semantic, including: Subject, Reply-To, Organization, + Accept, Accept-Encoding, Accept-Language, Alert-Info, Error-Info, + Authentication-Info, Expires, In-Reply-To, Require, Supported, + Unsupported, Retry-After, User-Agent, Server, and Warning. If any of + these header fields are present in an encrypted body, they should be + used instead of any "outer" header fields, whether this entails + displaying the header field values to users or setting internal + states in the UA. They SHOULD NOT however be used in the "outer" + headers of any future messages. + + If present, the Date header field MUST always be the same in the + "inner" and "outer" headers. + + Since MIME bodies are attached to the "inner" message, + implementations will usually encrypt MIME-specific header fields, + including: MIME-Version, Content-Type, Content-Length, Content- + Language, Content-Encoding and Content-Disposition. The "outer" + message will have the proper MIME header fields for S/MIME bodies. + These header fields (and any MIME bodies they preface) should be + treated as normal MIME header fields and bodies received in a SIP + message. + + It is not particularly useful to encrypt the following header fields: + Min-Expires, Timestamp, Authorization, Priority, and WWW- + Authenticate. This category also includes those header fields that + can be changed by proxy servers (described in the preceding section). + UAs SHOULD never include these in an "inner" message if they are not + + + + + +Rosenberg, et. al. Standards Track [Page 208] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + included in the "outer" message. UAs that receive any of these + header fields in an encrypted body SHOULD ignore the encrypted + values. + + Note that extensions to SIP may define additional header fields; the + authors of these extensions should describe the integrity and + confidentiality properties of such header fields. If a SIP UA + encounters an unknown header field with an integrity violation, it + MUST ignore the header field. + +23.4.2 Tunneling Integrity and Authentication + + Tunneling SIP messages within S/MIME bodies can provide integrity for + SIP header fields if the header fields that the sender wishes to + secure are replicated in a "message/sip" MIME body signed with a CMS + detached signature. + + Provided that the "message/sip" body contains at least the + fundamental dialog identifiers (To, From, Call-ID, CSeq), then a + signed MIME body can provide limited authentication. At the very + least, if the certificate used to sign the body is unknown to the + recipient and cannot be verified, the signature can be used to + ascertain that a later request in a dialog was transmitted by the + same certificate-holder that initiated the dialog. If the recipient + of the signed MIME body has some stronger incentive to trust the + certificate (they were able to validate it, they acquired it from a + trusted repository, or they have used it frequently) then the + signature can be taken as a stronger assertion of the identity of the + subject of the certificate. + + In order to eliminate possible confusions about the addition or + subtraction of entire header fields, senders SHOULD replicate all + header fields from the request within the signed body. Any message + bodies that require integrity protection MUST be attached to the + "inner" message. + + If a Date header is present in a message with a signed body, the + recipient SHOULD compare the header field value with its own internal + clock, if applicable. If a significant time discrepancy is detected + (on the order of an hour or more), the user agent SHOULD alert the + user to the anomaly, and note that it is a potential security breach. + + If an integrity violation in a message is detected by its recipient, + the message MAY be rejected with a 403 (Forbidden) response if it is + a request, or any existing dialog MAY be terminated. UAs SHOULD + notify users of this circumstance and request explicit guidance on + how to proceed. + + + + +Rosenberg, et. al. Standards Track [Page 209] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The following is an example of the use of a tunneled "message/sip" + body: + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + To: Bob + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 314159 INVITE + Max-Forwards: 70 + Date: Thu, 21 Feb 2002 13:02:03 GMT + Contact: + Content-Type: multipart/signed; + protocol="application/pkcs7-signature"; + micalg=sha1; boundary=boundary42 + Content-Length: 568 + + --boundary42 + Content-Type: message/sip + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + To: Bob + From: Alice ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 314159 INVITE + Max-Forwards: 70 + Date: Thu, 21 Feb 2002 13:02:03 GMT + Contact: + Content-Type: application/sdp + Content-Length: 147 + + v=0 + o=UserA 2890844526 2890844526 IN IP4 here.com + s=Session SDP + c=IN IP4 pc33.atlanta.com + t=0 0 + m=audio 49172 RTP/AVP 0 + a=rtpmap:0 PCMU/8000 + + --boundary42 + Content-Type: application/pkcs7-signature; name=smime.p7s + Content-Transfer-Encoding: base64 + Content-Disposition: attachment; filename=smime.p7s; + handling=required + + + + + + +Rosenberg, et. al. Standards Track [Page 210] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + ghyHhHUujhJhjH77n8HHGTrfvbnj756tbB9HG4VQpfyF467GhIGfHfYT6 + 4VQpfyF467GhIGfHfYT6jH77n8HHGghyHhHUujhJh756tbB9HGTrfvbnj + n8HHGTrfvhJhjH776tbB9HG4VQbnj7567GhIGfHfYT6ghyHhHUujpfyF4 + 7GhIGfHfYT64VQbnj756 + + --boundary42- + +23.4.3 Tunneling Encryption + + It may also be desirable to use this mechanism to encrypt a + "message/sip" MIME body within a CMS EnvelopedData message S/MIME + body, but in practice, most header fields are of at least some use to + the network; the general use of encryption with S/MIME is to secure + message bodies like SDP rather than message headers. Some + informational header fields, such as the Subject or Organization + could perhaps warrant end-to-end security. Headers defined by future + SIP applications might also require obfuscation. + + Another possible application of encrypting header fields is selective + anonymity. A request could be constructed with a From header field + that contains no personal information (for example, + sip:anonymous@anonymizer.invalid). However, a second From header + field containing the genuine address-of-record of the originator + could be encrypted within a "message/sip" MIME body where it will + only be visible to the endpoints of a dialog. + + Note that if this mechanism is used for anonymity, the From header + field will no longer be usable by the recipient of a message as an + index to their certificate keychain for retrieving the proper + S/MIME key to associated with the sender. The message must first + be decrypted, and the "inner" From header field MUST be used as an + index. + + In order to provide end-to-end integrity, encrypted "message/sip" + MIME bodies SHOULD be signed by the sender. This creates a + "multipart/signed" MIME body that contains an encrypted body and a + signature, both of type "application/pkcs7-mime". + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 211] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + In the following example, of an encrypted and signed message, the + text boxed in asterisks ("*") is encrypted: + + INVITE sip:bob@biloxi.com SIP/2.0 + Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + To: Bob + From: Anonymous ;tag=1928301774 + Call-ID: a84b4c76e66710 + CSeq: 314159 INVITE + Max-Forwards: 70 + Date: Thu, 21 Feb 2002 13:02:03 GMT + Contact: + Content-Type: multipart/signed; + protocol="application/pkcs7-signature"; + micalg=sha1; boundary=boundary42 + Content-Length: 568 + + --boundary42 + Content-Type: application/pkcs7-mime; smime-type=enveloped-data; + name=smime.p7m + Content-Transfer-Encoding: base64 + Content-Disposition: attachment; filename=smime.p7m + handling=required + Content-Length: 231 + + *********************************************************** + * Content-Type: message/sip * + * * + * INVITE sip:bob@biloxi.com SIP/2.0 * + * Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 * + * To: Bob * + * From: Alice ;tag=1928301774 * + * Call-ID: a84b4c76e66710 * + * CSeq: 314159 INVITE * + * Max-Forwards: 70 * + * Date: Thu, 21 Feb 2002 13:02:03 GMT * + * Contact: * + * * + * Content-Type: application/sdp * + * * + * v=0 * + * o=alice 53655765 2353687637 IN IP4 pc33.atlanta.com * + * s=Session SDP * + * t=0 0 * + * c=IN IP4 pc33.atlanta.com * + * m=audio 3456 RTP/AVP 0 1 3 99 * + * a=rtpmap:0 PCMU/8000 * + *********************************************************** + + + +Rosenberg, et. al. Standards Track [Page 212] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + --boundary42 + Content-Type: application/pkcs7-signature; name=smime.p7s + Content-Transfer-Encoding: base64 + Content-Disposition: attachment; filename=smime.p7s; + handling=required + + ghyHhHUujhJhjH77n8HHGTrfvbnj756tbB9HG4VQpfyF467GhIGfHfYT6 + 4VQpfyF467GhIGfHfYT6jH77n8HHGghyHhHUujhJh756tbB9HGTrfvbnj + n8HHGTrfvhJhjH776tbB9HG4VQbnj7567GhIGfHfYT6ghyHhHUujpfyF4 + 7GhIGfHfYT64VQbnj756 + + --boundary42- + +24 Examples + + In the following examples, we often omit the message body and the + corresponding Content-Length and Content-Type header fields for + brevity. + +24.1 Registration + + Bob registers on start-up. The message flow is shown in Figure 9. + Note that the authentication usually required for registration is not + shown for simplicity. + + biloxi.com Bob's + registrar softphone + | | + | REGISTER F1 | + |<---------------| + | 200 OK F2 | + |--------------->| + + Figure 9: SIP Registration Example + + F1 REGISTER Bob -> Registrar + + REGISTER sip:registrar.biloxi.com SIP/2.0 + Via: SIP/2.0/UDP bobspc.biloxi.com:5060;branch=z9hG4bKnashds7 + Max-Forwards: 70 + To: Bob + From: Bob ;tag=456248 + Call-ID: 843817637684230@998sdasdh09 + CSeq: 1826 REGISTER + Contact: + Expires: 7200 + Content-Length: 0 + + + + +Rosenberg, et. al. Standards Track [Page 213] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The registration expires after two hours. The registrar responds + with a 200 OK: + + F2 200 OK Registrar -> Bob + + SIP/2.0 200 OK + Via: SIP/2.0/UDP bobspc.biloxi.com:5060;branch=z9hG4bKnashds7 + ;received=192.0.2.4 + To: Bob ;tag=2493k59kd + From: Bob ;tag=456248 + Call-ID: 843817637684230@998sdasdh09 + CSeq: 1826 REGISTER + Contact: + Expires: 7200 + Content-Length: 0 + +24.2 Session Setup + + This example contains the full details of the example session setup + in Section 4. The message flow is shown in Figure 1. Note that + these flows show the minimum required set of header fields - some + other header fields such as Allow and Supported would normally be + present. + +F1 INVITE Alice -> atlanta.com proxy + +INVITE sip:bob@biloxi.com SIP/2.0 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 +Max-Forwards: 70 +To: Bob +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 142 + +(Alice's SDP not shown) + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 214] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +F2 100 Trying atlanta.com proxy -> Alice + +SIP/2.0 100 Trying +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Content-Length: 0 + +F3 INVITE atlanta.com proxy -> biloxi.com proxy + +INVITE sip:bob@biloxi.com SIP/2.0 +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +Max-Forwards: 69 +To: Bob +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 142 + +(Alice's SDP not shown) + +F4 100 Trying biloxi.com proxy -> atlanta.com proxy + +SIP/2.0 100 Trying +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Content-Length: 0 + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 215] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +F5 INVITE biloxi.com proxy -> Bob + +INVITE sip:bob@192.0.2.4 SIP/2.0 +Via: SIP/2.0/UDP server10.biloxi.com;branch=z9hG4bK4b43c2ff8.1 +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +Max-Forwards: 68 +To: Bob +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 142 + +(Alice's SDP not shown) + +F6 180 Ringing Bob -> biloxi.com proxy + +SIP/2.0 180 Ringing +Via: SIP/2.0/UDP server10.biloxi.com;branch=z9hG4bK4b43c2ff8.1 + ;received=192.0.2.3 +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +Contact: +CSeq: 314159 INVITE +Content-Length: 0 + +F7 180 Ringing biloxi.com proxy -> atlanta.com proxy + +SIP/2.0 180 Ringing +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +Contact: +CSeq: 314159 INVITE +Content-Length: 0 + + + +Rosenberg, et. al. Standards Track [Page 216] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +F8 180 Ringing atlanta.com proxy -> Alice + +SIP/2.0 180 Ringing +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +Contact: +CSeq: 314159 INVITE +Content-Length: 0 + +F9 200 OK Bob -> biloxi.com proxy + +SIP/2.0 200 OK +Via: SIP/2.0/UDP server10.biloxi.com;branch=z9hG4bK4b43c2ff8.1 + ;received=192.0.2.3 +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 131 + +(Bob's SDP not shown) + +F10 200 OK biloxi.com proxy -> atlanta.com proxy + +SIP/2.0 200 OK +Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hG4bK77ef4c2312983.1 + ;received=192.0.2.2 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 131 + +(Bob's SDP not shown) + + + + +Rosenberg, et. al. Standards Track [Page 217] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +F11 200 OK atlanta.com proxy -> Alice + +SIP/2.0 200 OK +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds8 + ;received=192.0.2.1 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 INVITE +Contact: +Content-Type: application/sdp +Content-Length: 131 + +(Bob's SDP not shown) + +F12 ACK Alice -> Bob + +ACK sip:bob@192.0.2.4 SIP/2.0 +Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bKnashds9 +Max-Forwards: 70 +To: Bob ;tag=a6c85cf +From: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 314159 ACK +Content-Length: 0 + + The media session between Alice and Bob is now established. + + Bob hangs up first. Note that Bob's SIP phone maintains its own CSeq + numbering space, which, in this example, begins with 231. Since Bob + is making the request, the To and From URIs and tags have been + swapped. + +F13 BYE Bob -> Alice + +BYE sip:alice@pc33.atlanta.com SIP/2.0 +Via: SIP/2.0/UDP 192.0.2.4;branch=z9hG4bKnashds10 +Max-Forwards: 70 +From: Bob ;tag=a6c85cf +To: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 231 BYE +Content-Length: 0 + + + + + + + + +Rosenberg, et. al. Standards Track [Page 218] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +F14 200 OK Alice -> Bob + +SIP/2.0 200 OK +Via: SIP/2.0/UDP 192.0.2.4;branch=z9hG4bKnashds10 +From: Bob ;tag=a6c85cf +To: Alice ;tag=1928301774 +Call-ID: a84b4c76e66710 +CSeq: 231 BYE +Content-Length: 0 + + The SIP Call Flows document [40] contains further examples of SIP + messages. + +25 Augmented BNF for the SIP Protocol + + All of the mechanisms specified in this document are described in + both prose and an augmented Backus-Naur Form (BNF) defined in RFC + 2234 [10]. Section 6.1 of RFC 2234 defines a set of core rules that + are used by this specification, and not repeated here. Implementers + need to be familiar with the notation and content of RFC 2234 in + order to understand this specification. Certain basic rules are in + uppercase, such as SP, LWS, HTAB, CRLF, DIGIT, ALPHA, etc. Angle + brackets are used within definitions to clarify the use of rule + names. + + The use of square brackets is redundant syntactically. It is used as + a semantic hint that the specific parameter is optional to use. + +25.1 Basic Rules + + The following rules are used throughout this specification to + describe basic parsing constructs. The US-ASCII coded character set + is defined by ANSI X3.4-1986. + + alphanum = ALPHA / DIGIT + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 219] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Several rules are incorporated from RFC 2396 [5] but are updated to + make them compliant with RFC 2234 [10]. These include: + + reserved = ";" / "/" / "?" / ":" / "@" / "&" / "=" / "+" + / "$" / "," + unreserved = alphanum / mark + mark = "-" / "_" / "." / "!" / "~" / "*" / "'" + / "(" / ")" + escaped = "%" HEXDIG HEXDIG + + SIP header field values can be folded onto multiple lines if the + continuation line begins with a space or horizontal tab. All linear + white space, including folding, has the same semantics as SP. A + recipient MAY replace any linear white space with a single SP before + interpreting the field value or forwarding the message downstream. + This is intended to behave exactly as HTTP/1.1 as described in RFC + 2616 [8]. The SWS construct is used when linear white space is + optional, generally between tokens and separators. + + LWS = [*WSP CRLF] 1*WSP ; linear whitespace + SWS = [LWS] ; sep whitespace + + To separate the header name from the rest of value, a colon is used, + which, by the above rule, allows whitespace before, but no line + break, and whitespace after, including a linebreak. The HCOLON + defines this construct. + + HCOLON = *( SP / HTAB ) ":" SWS + + The TEXT-UTF8 rule is only used for descriptive field contents and + values that are not intended to be interpreted by the message parser. + Words of *TEXT-UTF8 contain characters from the UTF-8 charset (RFC + 2279 [7]). The TEXT-UTF8-TRIM rule is used for descriptive field + contents that are n t quoted strings, where leading and trailing LWS + is not meaningful. In this regard, SIP differs from HTTP, which uses + the ISO 8859-1 character set. + + TEXT-UTF8-TRIM = 1*TEXT-UTF8char *(*LWS TEXT-UTF8char) + TEXT-UTF8char = %x21-7E / UTF8-NONASCII + UTF8-NONASCII = %xC0-DF 1UTF8-CONT + / %xE0-EF 2UTF8-CONT + / %xF0-F7 3UTF8-CONT + / %xF8-Fb 4UTF8-CONT + / %xFC-FD 5UTF8-CONT + UTF8-CONT = %x80-BF + + + + + + +Rosenberg, et. al. Standards Track [Page 220] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + A CRLF is allowed in the definition of TEXT-UTF8-TRIM only as part of + a header field continuation. It is expected that the folding LWS + will be replaced with a single SP before interpretation of the TEXT- + UTF8-TRIM value. + + Hexadecimal numeric characters are used in several protocol elements. + Some elements (authentication) force hex alphas to be lower case. + + LHEX = DIGIT / %x61-66 ;lowercase a-f + + Many SIP header field values consist of words separated by LWS or + special characters. Unless otherwise stated, tokens are case- + insensitive. These special characters MUST be in a quoted string to + be used within a parameter value. The word construct is used in + Call-ID to allow most separators to be used. + + token = 1*(alphanum / "-" / "." / "!" / "%" / "*" + / "_" / "+" / "`" / "'" / "~" ) + separators = "(" / ")" / "<" / ">" / "@" / + "," / ";" / ":" / "\" / DQUOTE / + "/" / "[" / "]" / "?" / "=" / + "{" / "}" / SP / HTAB + word = 1*(alphanum / "-" / "." / "!" / "%" / "*" / + "_" / "+" / "`" / "'" / "~" / + "(" / ")" / "<" / ">" / + ":" / "\" / DQUOTE / + "/" / "[" / "]" / "?" / + "{" / "}" ) + + When tokens are used or separators are used between elements, + whitespace is often allowed before or after these characters: + + STAR = SWS "*" SWS ; asterisk + SLASH = SWS "/" SWS ; slash + EQUAL = SWS "=" SWS ; equal + LPAREN = SWS "(" SWS ; left parenthesis + RPAREN = SWS ")" SWS ; right parenthesis + RAQUOT = ">" SWS ; right angle quote + LAQUOT = SWS "<"; left angle quote + COMMA = SWS "," SWS ; comma + SEMI = SWS ";" SWS ; semicolon + COLON = SWS ":" SWS ; colon + LDQUOT = SWS DQUOTE; open double quotation mark + RDQUOT = DQUOTE SWS ; close double quotation mark + + + + + + + +Rosenberg, et. al. Standards Track [Page 221] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Comments can be included in some SIP header fields by surrounding the + comment text with parentheses. Comments are only allowed in fields + containing "comment" as part of their field value definition. In all + other fields, parentheses are considered part of the field value. + + comment = LPAREN *(ctext / quoted-pair / comment) RPAREN + ctext = %x21-27 / %x2A-5B / %x5D-7E / UTF8-NONASCII + / LWS + + ctext includes all chars except left and right parens and backslash. + A string of text is parsed as a single word if it is quoted using + double-quote marks. In quoted strings, quotation marks (") and + backslashes (\) need to be escaped. + + quoted-string = SWS DQUOTE *(qdtext / quoted-pair ) DQUOTE + qdtext = LWS / %x21 / %x23-5B / %x5D-7E + / UTF8-NONASCII + + The backslash character ("\") MAY be used as a single-character + quoting mechanism only within quoted-string and comment constructs. + Unlike HTTP/1.1, the characters CR and LF cannot be escaped by this + mechanism to avoid conflict with line folding and header separation. + +quoted-pair = "\" (%x00-09 / %x0B-0C + / %x0E-7F) + +SIP-URI = "sip:" [ userinfo ] hostport + uri-parameters [ headers ] +SIPS-URI = "sips:" [ userinfo ] hostport + uri-parameters [ headers ] +userinfo = ( user / telephone-subscriber ) [ ":" password ] "@" +user = 1*( unreserved / escaped / user-unreserved ) +user-unreserved = "&" / "=" / "+" / "$" / "," / ";" / "?" / "/" +password = *( unreserved / escaped / + "&" / "=" / "+" / "$" / "," ) +hostport = host [ ":" port ] +host = hostname / IPv4address / IPv6reference +hostname = *( domainlabel "." ) toplabel [ "." ] +domainlabel = alphanum + / alphanum *( alphanum / "-" ) alphanum +toplabel = ALPHA / ALPHA *( alphanum / "-" ) alphanum + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 222] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +IPv4address = 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT +IPv6reference = "[" IPv6address "]" +IPv6address = hexpart [ ":" IPv4address ] +hexpart = hexseq / hexseq "::" [ hexseq ] / "::" [ hexseq ] +hexseq = hex4 *( ":" hex4) +hex4 = 1*4HEXDIG +port = 1*DIGIT + + The BNF for telephone-subscriber can be found in RFC 2806 [9]. Note, + however, that any characters allowed there that are not allowed in + the user part of the SIP URI MUST be escaped. + +uri-parameters = *( ";" uri-parameter) +uri-parameter = transport-param / user-param / method-param + / ttl-param / maddr-param / lr-param / other-param +transport-param = "transport=" + ( "udp" / "tcp" / "sctp" / "tls" + / other-transport) +other-transport = token +user-param = "user=" ( "phone" / "ip" / other-user) +other-user = token +method-param = "method=" Method +ttl-param = "ttl=" ttl +maddr-param = "maddr=" host +lr-param = "lr" +other-param = pname [ "=" pvalue ] +pname = 1*paramchar +pvalue = 1*paramchar +paramchar = param-unreserved / unreserved / escaped +param-unreserved = "[" / "]" / "/" / ":" / "&" / "+" / "$" + +headers = "?" header *( "&" header ) +header = hname "=" hvalue +hname = 1*( hnv-unreserved / unreserved / escaped ) +hvalue = *( hnv-unreserved / unreserved / escaped ) +hnv-unreserved = "[" / "]" / "/" / "?" / ":" / "+" / "$" + +SIP-message = Request / Response +Request = Request-Line + *( message-header ) + CRLF + [ message-body ] +Request-Line = Method SP Request-URI SP SIP-Version CRLF +Request-URI = SIP-URI / SIPS-URI / absoluteURI +absoluteURI = scheme ":" ( hier-part / opaque-part ) +hier-part = ( net-path / abs-path ) [ "?" query ] +net-path = "//" authority [ abs-path ] +abs-path = "/" path-segments + + + +Rosenberg, et. al. Standards Track [Page 223] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +opaque-part = uric-no-slash *uric +uric = reserved / unreserved / escaped +uric-no-slash = unreserved / escaped / ";" / "?" / ":" / "@" + / "&" / "=" / "+" / "$" / "," +path-segments = segment *( "/" segment ) +segment = *pchar *( ";" param ) +param = *pchar +pchar = unreserved / escaped / + ":" / "@" / "&" / "=" / "+" / "$" / "," +scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) +authority = srvr / reg-name +srvr = [ [ userinfo "@" ] hostport ] +reg-name = 1*( unreserved / escaped / "$" / "," + / ";" / ":" / "@" / "&" / "=" / "+" ) +query = *uric +SIP-Version = "SIP" "/" 1*DIGIT "." 1*DIGIT + +message-header = (Accept + / Accept-Encoding + / Accept-Language + / Alert-Info + / Allow + / Authentication-Info + / Authorization + / Call-ID + / Call-Info + / Contact + / Content-Disposition + / Content-Encoding + / Content-Language + / Content-Length + / Content-Type + / CSeq + / Date + / Error-Info + / Expires + / From + / In-Reply-To + / Max-Forwards + / MIME-Version + / Min-Expires + / Organization + / Priority + / Proxy-Authenticate + / Proxy-Authorization + / Proxy-Require + / Record-Route + / Reply-To + + + +Rosenberg, et. al. Standards Track [Page 224] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + / Require + / Retry-After + / Route + / Server + / Subject + / Supported + / Timestamp + / To + / Unsupported + / User-Agent + / Via + / Warning + / WWW-Authenticate + / extension-header) CRLF + +INVITEm = %x49.4E.56.49.54.45 ; INVITE in caps +ACKm = %x41.43.4B ; ACK in caps +OPTIONSm = %x4F.50.54.49.4F.4E.53 ; OPTIONS in caps +BYEm = %x42.59.45 ; BYE in caps +CANCELm = %x43.41.4E.43.45.4C ; CANCEL in caps +REGISTERm = %x52.45.47.49.53.54.45.52 ; REGISTER in caps +Method = INVITEm / ACKm / OPTIONSm / BYEm + / CANCELm / REGISTERm + / extension-method +extension-method = token +Response = Status-Line + *( message-header ) + CRLF + [ message-body ] + +Status-Line = SIP-Version SP Status-Code SP Reason-Phrase CRLF +Status-Code = Informational + / Redirection + / Success + / Client-Error + / Server-Error + / Global-Failure + / extension-code +extension-code = 3DIGIT +Reason-Phrase = *(reserved / unreserved / escaped + / UTF8-NONASCII / UTF8-CONT / SP / HTAB) + +Informational = "100" ; Trying + / "180" ; Ringing + / "181" ; Call Is Being Forwarded + / "182" ; Queued + / "183" ; Session Progress + + + + +Rosenberg, et. al. Standards Track [Page 225] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Success = "200" ; OK + +Redirection = "300" ; Multiple Choices + / "301" ; Moved Permanently + / "302" ; Moved Temporarily + / "305" ; Use Proxy + / "380" ; Alternative Service + +Client-Error = "400" ; Bad Request + / "401" ; Unauthorized + / "402" ; Payment Required + / "403" ; Forbidden + / "404" ; Not Found + / "405" ; Method Not Allowed + / "406" ; Not Acceptable + / "407" ; Proxy Authentication Required + / "408" ; Request Timeout + / "410" ; Gone + / "413" ; Request Entity Too Large + / "414" ; Request-URI Too Large + / "415" ; Unsupported Media Type + / "416" ; Unsupported URI Scheme + / "420" ; Bad Extension + / "421" ; Extension Required + / "423" ; Interval Too Brief + / "480" ; Temporarily not available + / "481" ; Call Leg/Transaction Does Not Exist + / "482" ; Loop Detected + / "483" ; Too Many Hops + / "484" ; Address Incomplete + / "485" ; Ambiguous + / "486" ; Busy Here + / "487" ; Request Terminated + / "488" ; Not Acceptable Here + / "491" ; Request Pending + / "493" ; Undecipherable + +Server-Error = "500" ; Internal Server Error + / "501" ; Not Implemented + / "502" ; Bad Gateway + / "503" ; Service Unavailable + / "504" ; Server Time-out + / "505" ; SIP Version not supported + / "513" ; Message Too Large + + + + + + + +Rosenberg, et. al. Standards Track [Page 226] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Global-Failure = "600" ; Busy Everywhere + / "603" ; Decline + / "604" ; Does not exist anywhere + / "606" ; Not Acceptable + +Accept = "Accept" HCOLON + [ accept-range *(COMMA accept-range) ] +accept-range = media-range *(SEMI accept-param) +media-range = ( "*/*" + / ( m-type SLASH "*" ) + / ( m-type SLASH m-subtype ) + ) *( SEMI m-parameter ) +accept-param = ("q" EQUAL qvalue) / generic-param +qvalue = ( "0" [ "." 0*3DIGIT ] ) + / ( "1" [ "." 0*3("0") ] ) +generic-param = token [ EQUAL gen-value ] +gen-value = token / host / quoted-string + +Accept-Encoding = "Accept-Encoding" HCOLON + [ encoding *(COMMA encoding) ] +encoding = codings *(SEMI accept-param) +codings = content-coding / "*" +content-coding = token + +Accept-Language = "Accept-Language" HCOLON + [ language *(COMMA language) ] +language = language-range *(SEMI accept-param) +language-range = ( ( 1*8ALPHA *( "-" 1*8ALPHA ) ) / "*" ) + +Alert-Info = "Alert-Info" HCOLON alert-param *(COMMA alert-param) +alert-param = LAQUOT absoluteURI RAQUOT *( SEMI generic-param ) + +Allow = "Allow" HCOLON [Method *(COMMA Method)] + +Authorization = "Authorization" HCOLON credentials +credentials = ("Digest" LWS digest-response) + / other-response +digest-response = dig-resp *(COMMA dig-resp) +dig-resp = username / realm / nonce / digest-uri + / dresponse / algorithm / cnonce + / opaque / message-qop + / nonce-count / auth-param +username = "username" EQUAL username-value +username-value = quoted-string +digest-uri = "uri" EQUAL LDQUOT digest-uri-value RDQUOT +digest-uri-value = rquest-uri ; Equal to request-uri as specified + by HTTP/1.1 +message-qop = "qop" EQUAL qop-value + + + +Rosenberg, et. al. Standards Track [Page 227] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +cnonce = "cnonce" EQUAL cnonce-value +cnonce-value = nonce-value +nonce-count = "nc" EQUAL nc-value +nc-value = 8LHEX +dresponse = "response" EQUAL request-digest +request-digest = LDQUOT 32LHEX RDQUOT +auth-param = auth-param-name EQUAL + ( token / quoted-string ) +auth-param-name = token +other-response = auth-scheme LWS auth-param + *(COMMA auth-param) +auth-scheme = token + +Authentication-Info = "Authentication-Info" HCOLON ainfo + *(COMMA ainfo) +ainfo = nextnonce / message-qop + / response-auth / cnonce + / nonce-count +nextnonce = "nextnonce" EQUAL nonce-value +response-auth = "rspauth" EQUAL response-digest +response-digest = LDQUOT *LHEX RDQUOT + +Call-ID = ( "Call-ID" / "i" ) HCOLON callid +callid = word [ "@" word ] + +Call-Info = "Call-Info" HCOLON info *(COMMA info) +info = LAQUOT absoluteURI RAQUOT *( SEMI info-param) +info-param = ( "purpose" EQUAL ( "icon" / "info" + / "card" / token ) ) / generic-param + +Contact = ("Contact" / "m" ) HCOLON + ( STAR / (contact-param *(COMMA contact-param))) +contact-param = (name-addr / addr-spec) *(SEMI contact-params) +name-addr = [ display-name ] LAQUOT addr-spec RAQUOT +addr-spec = SIP-URI / SIPS-URI / absoluteURI +display-name = *(token LWS)/ quoted-string + +contact-params = c-p-q / c-p-expires + / contact-extension +c-p-q = "q" EQUAL qvalue +c-p-expires = "expires" EQUAL delta-seconds +contact-extension = generic-param +delta-seconds = 1*DIGIT + +Content-Disposition = "Content-Disposition" HCOLON + disp-type *( SEMI disp-param ) +disp-type = "render" / "session" / "icon" / "alert" + / disp-extension-token + + + +Rosenberg, et. al. Standards Track [Page 228] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +disp-param = handling-param / generic-param +handling-param = "handling" EQUAL + ( "optional" / "required" + / other-handling ) +other-handling = token +disp-extension-token = token + +Content-Encoding = ( "Content-Encoding" / "e" ) HCOLON + content-coding *(COMMA content-coding) + +Content-Language = "Content-Language" HCOLON + language-tag *(COMMA language-tag) +language-tag = primary-tag *( "-" subtag ) +primary-tag = 1*8ALPHA +subtag = 1*8ALPHA + +Content-Length = ( "Content-Length" / "l" ) HCOLON 1*DIGIT +Content-Type = ( "Content-Type" / "c" ) HCOLON media-type +media-type = m-type SLASH m-subtype *(SEMI m-parameter) +m-type = discrete-type / composite-type +discrete-type = "text" / "image" / "audio" / "video" + / "application" / extension-token +composite-type = "message" / "multipart" / extension-token +extension-token = ietf-token / x-token +ietf-token = token +x-token = "x-" token +m-subtype = extension-token / iana-token +iana-token = token +m-parameter = m-attribute EQUAL m-value +m-attribute = token +m-value = token / quoted-string + +CSeq = "CSeq" HCOLON 1*DIGIT LWS Method + +Date = "Date" HCOLON SIP-date +SIP-date = rfc1123-date +rfc1123-date = wkday "," SP date1 SP time SP "GMT" +date1 = 2DIGIT SP month SP 4DIGIT + ; day month year (e.g., 02 Jun 1982) +time = 2DIGIT ":" 2DIGIT ":" 2DIGIT + ; 00:00:00 - 23:59:59 +wkday = "Mon" / "Tue" / "Wed" + / "Thu" / "Fri" / "Sat" / "Sun" +month = "Jan" / "Feb" / "Mar" / "Apr" + / "May" / "Jun" / "Jul" / "Aug" + / "Sep" / "Oct" / "Nov" / "Dec" + +Error-Info = "Error-Info" HCOLON error-uri *(COMMA error-uri) + + + +Rosenberg, et. al. Standards Track [Page 229] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +error-uri = LAQUOT absoluteURI RAQUOT *( SEMI generic-param ) + +Expires = "Expires" HCOLON delta-seconds +From = ( "From" / "f" ) HCOLON from-spec +from-spec = ( name-addr / addr-spec ) + *( SEMI from-param ) +from-param = tag-param / generic-param +tag-param = "tag" EQUAL token + +In-Reply-To = "In-Reply-To" HCOLON callid *(COMMA callid) + +Max-Forwards = "Max-Forwards" HCOLON 1*DIGIT + +MIME-Version = "MIME-Version" HCOLON 1*DIGIT "." 1*DIGIT + +Min-Expires = "Min-Expires" HCOLON delta-seconds + +Organization = "Organization" HCOLON [TEXT-UTF8-TRIM] + +Priority = "Priority" HCOLON priority-value +priority-value = "emergency" / "urgent" / "normal" + / "non-urgent" / other-priority +other-priority = token + +Proxy-Authenticate = "Proxy-Authenticate" HCOLON challenge +challenge = ("Digest" LWS digest-cln *(COMMA digest-cln)) + / other-challenge +other-challenge = auth-scheme LWS auth-param + *(COMMA auth-param) +digest-cln = realm / domain / nonce + / opaque / stale / algorithm + / qop-options / auth-param +realm = "realm" EQUAL realm-value +realm-value = quoted-string +domain = "domain" EQUAL LDQUOT URI + *( 1*SP URI ) RDQUOT +URI = absoluteURI / abs-path +nonce = "nonce" EQUAL nonce-value +nonce-value = quoted-string +opaque = "opaque" EQUAL quoted-string +stale = "stale" EQUAL ( "true" / "false" ) +algorithm = "algorithm" EQUAL ( "MD5" / "MD5-sess" + / token ) +qop-options = "qop" EQUAL LDQUOT qop-value + *("," qop-value) RDQUOT +qop-value = "auth" / "auth-int" / token + +Proxy-Authorization = "Proxy-Authorization" HCOLON credentials + + + +Rosenberg, et. al. Standards Track [Page 230] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Proxy-Require = "Proxy-Require" HCOLON option-tag + *(COMMA option-tag) +option-tag = token + +Record-Route = "Record-Route" HCOLON rec-route *(COMMA rec-route) +rec-route = name-addr *( SEMI rr-param ) +rr-param = generic-param + +Reply-To = "Reply-To" HCOLON rplyto-spec +rplyto-spec = ( name-addr / addr-spec ) + *( SEMI rplyto-param ) +rplyto-param = generic-param +Require = "Require" HCOLON option-tag *(COMMA option-tag) + +Retry-After = "Retry-After" HCOLON delta-seconds + [ comment ] *( SEMI retry-param ) + +retry-param = ("duration" EQUAL delta-seconds) + / generic-param + +Route = "Route" HCOLON route-param *(COMMA route-param) +route-param = name-addr *( SEMI rr-param ) + +Server = "Server" HCOLON server-val *(LWS server-val) +server-val = product / comment +product = token [SLASH product-version] +product-version = token + +Subject = ( "Subject" / "s" ) HCOLON [TEXT-UTF8-TRIM] + +Supported = ( "Supported" / "k" ) HCOLON + [option-tag *(COMMA option-tag)] + +Timestamp = "Timestamp" HCOLON 1*(DIGIT) + [ "." *(DIGIT) ] [ LWS delay ] +delay = *(DIGIT) [ "." *(DIGIT) ] + +To = ( "To" / "t" ) HCOLON ( name-addr + / addr-spec ) *( SEMI to-param ) +to-param = tag-param / generic-param + +Unsupported = "Unsupported" HCOLON option-tag *(COMMA option-tag) +User-Agent = "User-Agent" HCOLON server-val *(LWS server-val) + + + + + + + + +Rosenberg, et. al. Standards Track [Page 231] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Via = ( "Via" / "v" ) HCOLON via-parm *(COMMA via-parm) +via-parm = sent-protocol LWS sent-by *( SEMI via-params ) +via-params = via-ttl / via-maddr + / via-received / via-branch + / via-extension +via-ttl = "ttl" EQUAL ttl +via-maddr = "maddr" EQUAL host +via-received = "received" EQUAL (IPv4address / IPv6address) +via-branch = "branch" EQUAL token +via-extension = generic-param +sent-protocol = protocol-name SLASH protocol-version + SLASH transport +protocol-name = "SIP" / token +protocol-version = token +transport = "UDP" / "TCP" / "TLS" / "SCTP" + / other-transport +sent-by = host [ COLON port ] +ttl = 1*3DIGIT ; 0 to 255 + +Warning = "Warning" HCOLON warning-value *(COMMA warning-value) +warning-value = warn-code SP warn-agent SP warn-text +warn-code = 3DIGIT +warn-agent = hostport / pseudonym + ; the name or pseudonym of the server adding + ; the Warning header, for use in debugging +warn-text = quoted-string +pseudonym = token + +WWW-Authenticate = "WWW-Authenticate" HCOLON challenge + +extension-header = header-name HCOLON header-value +header-name = token +header-value = *(TEXT-UTF8char / UTF8-CONT / LWS) +message-body = *OCTET + +26 Security Considerations: Threat Model and Security Usage + Recommendations + + SIP is not an easy protocol to secure. Its use of intermediaries, + its multi-faceted trust relationships, its expected usage between + elements with no trust at all, and its user-to-user operation make + security far from trivial. Security solutions are needed that are + deployable today, without extensive coordination, in a wide variety + of environments and usages. In order to meet these diverse needs, + several distinct mechanisms applicable to different aspects and + usages of SIP will be required. + + + + + +Rosenberg, et. al. Standards Track [Page 232] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Note that the security of SIP signaling itself has no bearing on the + security of protocols used in concert with SIP such as RTP, or with + the security implications of any specific bodies SIP might carry + (although MIME security plays a substantial role in securing SIP). + Any media associated with a session can be encrypted end-to-end + independently of any associated SIP signaling. Media encryption is + outside the scope of this document. + + The considerations that follow first examine a set of classic threat + models that broadly identify the security needs of SIP. The set of + security services required to address these threats is then detailed, + followed by an explanation of several security mechanisms that can be + used to provide these services. Next, the requirements for + implementers of SIP are enumerated, along with exemplary deployments + in which these security mechanisms could be used to improve the + security of SIP. Some notes on privacy conclude this section. + +26.1 Attacks and Threat Models + + This section details some threats that should be common to most + deployments of SIP. These threats have been chosen specifically to + illustrate each of the security services that SIP requires. + + The following examples by no means provide an exhaustive list of the + threats against SIP; rather, these are "classic" threats that + demonstrate the need for particular security services that can + potentially prevent whole categories of threats. + + These attacks assume an environment in which attackers can + potentially read any packet on the network - it is anticipated that + SIP will frequently be used on the public Internet. Attackers on the + network may be able to modify packets (perhaps at some compromised + intermediary). Attackers may wish to steal services, eavesdrop on + communications, or disrupt sessions. + +26.1.1 Registration Hijacking + + The SIP registration mechanism allows a user agent to identify itself + to a registrar as a device at which a user (designated by an address + of record) is located. A registrar assesses the identity asserted in + the From header field of a REGISTER message to determine whether this + request can modify the contact addresses associated with the + address-of-record in the To header field. While these two fields are + frequently the same, there are many valid deployments in which a + third-party may register contacts on a user's behalf. + + + + + + +Rosenberg, et. al. Standards Track [Page 233] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The From header field of a SIP request, however, can be modified + arbitrarily by the owner of a UA, and this opens the door to + malicious registrations. An attacker that successfully impersonates + a party authorized to change contacts associated with an address-of- + record could, for example, de-register all existing contacts for a + URI and then register their own device as the appropriate contact + address, thereby directing all requests for the affected user to the + attacker's device. + + This threat belongs to a family of threats that rely on the absence + of cryptographic assurance of a request's originator. Any SIP UAS + that represents a valuable service (a gateway that interworks SIP + requests with traditional telephone calls, for example) might want to + control access to its resources by authenticating requests that it + receives. Even end-user UAs, for example SIP phones, have an + interest in ascertaining the identities of originators of requests. + + This threat demonstrates the need for security services that enable + SIP entities to authenticate the originators of requests. + +26.1.2 Impersonating a Server + + The domain to which a request is destined is generally specified in + the Request-URI. UAs commonly contact a server in this domain + directly in order to deliver a request. However, there is always a + possibility that an attacker could impersonate the remote server, and + that the UA's request could be intercepted by some other party. + + For example, consider a case in which a redirect server at one + domain, chicago.com, impersonates a redirect server at another + domain, biloxi.com. A user agent sends a request to biloxi.com, but + the redirect server at chicago.com answers with a forged response + that has appropriate SIP header fields for a response from + biloxi.com. The forged contact addresses in the redirection response + could direct the originating UA to inappropriate or insecure + resources, or simply prevent requests for biloxi.com from succeeding. + + This family of threats has a vast membership, many of which are + critical. As a converse to the registration hijacking threat, + consider the case in which a registration sent to biloxi.com is + intercepted by chicago.com, which replies to the intercepted + registration with a forged 301 (Moved Permanently) response. This + response might seem to come from biloxi.com yet designate chicago.com + as the appropriate registrar. All future REGISTER requests from the + originating UA would then go to chicago.com. + + Prevention of this threat requires a means by which UAs can + authenticate the servers to whom they send requests. + + + +Rosenberg, et. al. Standards Track [Page 234] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +26.1.3 Tampering with Message Bodies + + As a matter of course, SIP UAs route requests through trusted proxy + servers. Regardless of how that trust is established (authentication + of proxies is discussed elsewhere in this section), a UA may trust a + proxy server to route a request, but not to inspect or possibly + modify the bodies contained in that request. + + Consider a UA that is using SIP message bodies to communicate session + encryption keys for a media session. Although it trusts the proxy + server of the domain it is contacting to deliver signaling properly, + it may not want the administrators of that domain to be capable of + decrypting any subsequent media session. Worse yet, if the proxy + server were actively malicious, it could modify the session key, + either acting as a man-in-the-middle, or perhaps changing the + security characteristics requested by the originating UA. + + This family of threats applies not only to session keys, but to most + conceivable forms of content carried end-to-end in SIP. These might + include MIME bodies that should be rendered to the user, SDP, or + encapsulated telephony signals, among others. Attackers might + attempt to modify SDP bodies, for example, in order to point RTP + media streams to a wiretapping device in order to eavesdrop on + subsequent voice communications. + + Also note that some header fields in SIP are meaningful end-to-end, + for example, Subject. UAs might be protective of these header fields + as well as bodies (a malicious intermediary changing the Subject + header field might make an important request appear to be spam, for + example). However, since many header fields are legitimately + inspected or altered by proxy servers as a request is routed, not all + header fields should be secured end-to-end. + + For these reasons, the UA might want to secure SIP message bodies, + and in some limited cases header fields, end-to-end. The security + services required for bodies include confidentiality, integrity, and + authentication. These end-to-end services should be independent of + the means used to secure interactions with intermediaries such as + proxy servers. + +26.1.4 Tearing Down Sessions + + Once a dialog has been established by initial messaging, subsequent + requests can be sent that modify the state of the dialog and/or + session. It is critical that principals in a session can be certain + that such requests are not forged by attackers. + + + + + +Rosenberg, et. al. Standards Track [Page 235] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Consider a case in which a third-party attacker captures some initial + messages in a dialog shared by two parties in order to learn the + parameters of the session (To tag, From tag, and so forth) and then + inserts a BYE request into the session. The attacker could opt to + forge the request such that it seemed to come from either + participant. Once the BYE is received by its target, the session + will be torn down prematurely. + + Similar mid-session threats include the transmission of forged re- + INVITEs that alter the session (possibly to reduce session security + or redirect media streams as part of a wiretapping attack). + + The most effective countermeasure to this threat is the + authentication of the sender of the BYE. In this instance, the + recipient needs only know that the BYE came from the same party with + whom the corresponding dialog was established (as opposed to + ascertaining the absolute identity of the sender). Also, if the + attacker is unable to learn the parameters of the session due to + confidentiality, it would not be possible to forge the BYE. However, + some intermediaries (like proxy servers) will need to inspect those + parameters as the session is established. + +26.1.5 Denial of Service and Amplification + + Denial-of-service attacks focus on rendering a particular network + element unavailable, usually by directing an excessive amount of + network traffic at its interfaces. A distributed denial-of-service + attack allows one network user to cause multiple network hosts to + flood a target host with a large amount of network traffic. + + In many architectures, SIP proxy servers face the public Internet in + order to accept requests from worldwide IP endpoints. SIP creates a + number of potential opportunities for distributed denial-of-service + attacks that must be recognized and addressed by the implementers and + operators of SIP systems. + + Attackers can create bogus requests that contain a falsified source + IP address and a corresponding Via header field that identify a + targeted host as the originator of the request and then send this + request to a large number of SIP network elements, thereby using + hapless SIP UAs or proxies to generate denial-of-service traffic + aimed at the target. + + Similarly, attackers might use falsified Route header field values in + a request that identify the target host and then send such messages + to forking proxies that will amplify messaging sent to the target. + + + + + +Rosenberg, et. al. Standards Track [Page 236] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Record-Route could be used to similar effect when the attacker is + certain that the SIP dialog initiated by the request will result in + numerous transactions originating in the backwards direction. + + A number of denial-of-service attacks open up if REGISTER requests + are not properly authenticated and authorized by registrars. + Attackers could de-register some or all users in an administrative + domain, thereby preventing these users from being invited to new + sessions. An attacker could also register a large number of contacts + designating the same host for a given address-of-record in order to + use the registrar and any associated proxy servers as amplifiers in a + denial-of-service attack. Attackers might also attempt to deplete + available memory and disk resources of a registrar by registering + huge numbers of bindings. + + The use of multicast to transmit SIP requests can greatly increase + the potential for denial-of-service attacks. + + These problems demonstrate a general need to define architectures + that minimize the risks of denial-of-service, and the need to be + mindful in recommendations for security mechanisms of this class of + attacks. + +26.2 Security Mechanisms + + From the threats described above, we gather that the fundamental + security services required for the SIP protocol are: preserving the + confidentiality and integrity of messaging, preventing replay attacks + or message spoofing, providing for the authentication and privacy of + the participants in a session, and preventing denial-of-service + attacks. Bodies within SIP messages separately require the security + services of confidentiality, integrity, and authentication. + + Rather than defining new security mechanisms specific to SIP, SIP + reuses wherever possible existing security models derived from the + HTTP and SMTP space. + + Full encryption of messages provides the best means to preserve the + confidentiality of signaling - it can also guarantee that messages + are not modified by any malicious intermediaries. However, SIP + requests and responses cannot be naively encrypted end-to-end in + their entirety because message fields such as the Request-URI, Route, + and Via need to be visible to proxies in most network architectures + so that SIP requests are routed correctly. Note that proxy servers + need to modify some features of messages as well (such as adding Via + header field values) in order for SIP to function. Proxy servers + must therefore be trusted, to some degree, by SIP UAs. To this + purpose, low-layer security mechanisms for SIP are recommended, which + + + +Rosenberg, et. al. Standards Track [Page 237] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + encrypt the entire SIP requests or responses on the wire on a hop- + by-hop basis, and that allow endpoints to verify the identity of + proxy servers to whom they send requests. + + SIP entities also have a need to identify one another in a secure + fashion. When a SIP endpoint asserts the identity of its user to a + peer UA or to a proxy server, that identity should in some way be + verifiable. A cryptographic authentication mechanism is provided in + SIP to address this requirement. + + An independent security mechanism for SIP message bodies supplies an + alternative means of end-to-end mutual authentication, as well as + providing a limit on the degree to which user agents must trust + intermediaries. + +26.2.1 Transport and Network Layer Security + + Transport or network layer security encrypts signaling traffic, + guaranteeing message confidentiality and integrity. + + Oftentimes, certificates are used in the establishment of lower-layer + security, and these certificates can also be used to provide a means + of authentication in many architectures. + + Two popular alternatives for providing security at the transport and + network layer are, respectively, TLS [25] and IPSec [26]. + + IPSec is a set of network-layer protocol tools that collectively can + be used as a secure replacement for traditional IP (Internet + Protocol). IPSec is most commonly used in architectures in which a + set of hosts or administrative domains have an existing trust + relationship with one another. IPSec is usually implemented at the + operating system level in a host, or on a security gateway that + provides confidentiality and integrity for all traffic it receives + from a particular interface (as in a VPN architecture). IPSec can + also be used on a hop-by-hop basis. + + In many architectures IPSec does not require integration with SIP + applications; IPSec is perhaps best suited to deployments in which + adding security directly to SIP hosts would be arduous. UAs that + have a pre-shared keying relationship with their first-hop proxy + server are also good candidates to use IPSec. Any deployment of + IPSec for SIP would require an IPSec profile describing the protocol + tools that would be required to secure SIP. No such profile is given + in this document. + + + + + + +Rosenberg, et. al. Standards Track [Page 238] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + TLS provides transport-layer security over connection-oriented + protocols (for the purposes of this document, TCP); "tls" (signifying + TLS over TCP) can be specified as the desired transport protocol + within a Via header field value or a SIP-URI. TLS is most suited to + architectures in which hop-by-hop security is required between hosts + with no pre-existing trust association. For example, Alice trusts + her local proxy server, which after a certificate exchange decides to + trust Bob's local proxy server, which Bob trusts, hence Bob and Alice + can communicate securely. + + TLS must be tightly coupled with a SIP application. Note that + transport mechanisms are specified on a hop-by-hop basis in SIP, thus + a UA that sends requests over TLS to a proxy server has no assurance + that TLS will be used end-to-end. + + The TLS_RSA_WITH_AES_128_CBC_SHA ciphersuite [6] MUST be supported at + a minimum by implementers when TLS is used in a SIP application. For + purposes of backwards compatibility, proxy servers, redirect servers, + and registrars SHOULD support TLS_RSA_WITH_3DES_EDE_CBC_SHA. + Implementers MAY also support any other ciphersuite. + +26.2.2 SIPS URI Scheme + + The SIPS URI scheme adheres to the syntax of the SIP URI (described + in 19), although the scheme string is "sips" rather than "sip". The + semantics of SIPS are very different from the SIP URI, however. SIPS + allows resources to specify that they should be reached securely. + + A SIPS URI can be used as an address-of-record for a particular user + - the URI by which the user is canonically known (on their business + cards, in the From header field of their requests, in the To header + field of REGISTER requests). When used as the Request-URI of a + request, the SIPS scheme signifies that each hop over which the + request is forwarded, until the request reaches the SIP entity + responsible for the domain portion of the Request-URI, must be + secured with TLS; once it reaches the domain in question it is + handled in accordance with local security and routing policy, quite + possibly using TLS for any last hop to a UAS. When used by the + originator of a request (as would be the case if they employed a SIPS + URI as the address-of-record of the target), SIPS dictates that the + entire request path to the target domain be so secured. + + The SIPS scheme is applicable to many of the other ways in which SIP + URIs are used in SIP today in addition to the Request-URI, including + in addresses-of-record, contact addresses (the contents of Contact + headers, including those of REGISTER methods), and Route headers. In + each instance, the SIPS URI scheme allows these existing fields to + + + + +Rosenberg, et. al. Standards Track [Page 239] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + designate secure resources. The manner in which a SIPS URI is + dereferenced in any of these contexts has its own security properties + which are detailed in [4]. + + The use of SIPS in particular entails that mutual TLS authentication + SHOULD be employed, as SHOULD the ciphersuite + TLS_RSA_WITH_AES_128_CBC_SHA. Certificates received in the + authentication process SHOULD be validated with root certificates + held by the client; failure to validate a certificate SHOULD result + in the failure of the request. + + Note that in the SIPS URI scheme, transport is independent of TLS, + and thus "sips:alice@atlanta.com;transport=tcp" and + "sips:alice@atlanta.com;transport=sctp" are both valid (although + note that UDP is not a valid transport for SIPS). The use of + "transport=tls" has consequently been deprecated, partly because + it was specific to a single hop of the request. This is a change + since RFC 2543. + + Users that distribute a SIPS URI as an address-of-record may elect to + operate devices that refuse requests over insecure transports. + +26.2.3 HTTP Authentication + + SIP provides a challenge capability, based on HTTP authentication, + that relies on the 401 and 407 response codes as well as header + fields for carrying challenges and credentials. Without significant + modification, the reuse of the HTTP Digest authentication scheme in + SIP allows for replay protection and one-way authentication. + + The usage of Digest authentication in SIP is detailed in Section 22. + +26.2.4 S/MIME + + As is discussed above, encrypting entire SIP messages end-to-end for + the purpose of confidentiality is not appropriate because network + intermediaries (like proxy servers) need to view certain header + fields in order to route messages correctly, and if these + intermediaries are excluded from security associations, then SIP + messages will essentially be non-routable. + + However, S/MIME allows SIP UAs to encrypt MIME bodies within SIP, + securing these bodies end-to-end without affecting message headers. + S/MIME can provide end-to-end confidentiality and integrity for + message bodies, as well as mutual authentication. It is also + possible to use S/MIME to provide a form of integrity and + confidentiality for SIP header fields through SIP message tunneling. + + + + +Rosenberg, et. al. Standards Track [Page 240] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The usage of S/MIME in SIP is detailed in Section 23. + +26.3 Implementing Security Mechanisms + +26.3.1 Requirements for Implementers of SIP + + Proxy servers, redirect servers, and registrars MUST implement TLS, + and MUST support both mutual and one-way authentication. It is + strongly RECOMMENDED that UAs be capable initiating TLS; UAs MAY also + be capable of acting as a TLS server. Proxy servers, redirect + servers, and registrars SHOULD possess a site certificate whose + subject corresponds to their canonical hostname. UAs MAY have + certificates of their own for mutual authentication with TLS, but no + provisions are set forth in this document for their use. All SIP + elements that support TLS MUST have a mechanism for validating + certificates received during TLS negotiation; this entails possession + of one or more root certificates issued by certificate authorities + (preferably well-known distributors of site certificates comparable + to those that issue root certificates for web browsers). + + All SIP elements that support TLS MUST also support the SIPS URI + scheme. + + Proxy servers, redirect servers, registrars, and UAs MAY also + implement IPSec or other lower-layer security protocols. + + When a UA attempts to contact a proxy server, redirect server, or + registrar, the UAC SHOULD initiate a TLS connection over which it + will send SIP messages. In some architectures, UASs MAY receive + requests over such TLS connections as well. + + Proxy servers, redirect servers, registrars, and UAs MUST implement + Digest Authorization, encompassing all of the aspects required in 22. + Proxy servers, redirect servers, and registrars SHOULD be configured + with at least one Digest realm, and at least one "realm" string + supported by a given server SHOULD correspond to the server's + hostname or domainname. + + UAs MAY support the signing and encrypting of MIME bodies, and + transference of credentials with S/MIME as described in Section 23. + If a UA holds one or more root certificates of certificate + authorities in order to validate certificates for TLS or IPSec, it + SHOULD be capable of reusing these to verify S/MIME certificates, as + appropriate. A UA MAY hold root certificates specifically for + validating S/MIME certificates. + + + + + + +Rosenberg, et. al. Standards Track [Page 241] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Note that is it anticipated that future security extensions may + upgrade the normative strength associated with S/MIME as S/MIME + implementations appear and the problem space becomes better + understood. + +26.3.2 Security Solutions + + The operation of these security mechanisms in concert can follow the + existing web and email security models to some degree. At a high + level, UAs authenticate themselves to servers (proxy servers, + redirect servers, and registrars) with a Digest username and + password; servers authenticate themselves to UAs one hop away, or to + another server one hop away (and vice versa), with a site certificate + delivered by TLS. + + On a peer-to-peer level, UAs trust the network to authenticate one + another ordinarily; however, S/MIME can also be used to provide + direct authentication when the network does not, or if the network + itself is not trusted. + + The following is an illustrative example in which these security + mechanisms are used by various UAs and servers to prevent the sorts + of threats described in Section 26.1. While implementers and network + administrators MAY follow the normative guidelines given in the + remainder of this section, these are provided only as example + implementations. + +26.3.2.1 Registration + + When a UA comes online and registers with its local administrative + domain, it SHOULD establish a TLS connection with its registrar + (Section 10 describes how the UA reaches its registrar). The + registrar SHOULD offer a certificate to the UA, and the site + identified by the certificate MUST correspond with the domain in + which the UA intends to register; for example, if the UA intends to + register the address-of-record 'alice@atlanta.com', the site + certificate must identify a host within the atlanta.com domain (such + as sip.atlanta.com). When it receives the TLS Certificate message, + the UA SHOULD verify the certificate and inspect the site identified + by the certificate. If the certificate is invalid, revoked, or if it + does not identify the appropriate party, the UA MUST NOT send the + REGISTER message and otherwise proceed with the registration. + + When a valid certificate has been provided by the registrar, the + UA knows that the registrar is not an attacker who might redirect + the UA, steal passwords, or attempt any similar attacks. + + + + + +Rosenberg, et. al. Standards Track [Page 242] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The UA then creates a REGISTER request that SHOULD be addressed to a + Request-URI corresponding to the site certificate received from the + registrar. When the UA sends the REGISTER request over the existing + TLS connection, the registrar SHOULD challenge the request with a 401 + (Proxy Authentication Required) response. The "realm" parameter + within the Proxy-Authenticate header field of the response SHOULD + correspond to the domain previously given by the site certificate. + When the UAC receives the challenge, it SHOULD either prompt the user + for credentials or take an appropriate credential from a keyring + corresponding to the "realm" parameter in the challenge. The + username of this credential SHOULD correspond with the "userinfo" + portion of the URI in the To header field of the REGISTER request. + Once the Digest credentials have been inserted into an appropriate + Proxy-Authorization header field, the REGISTER should be resubmitted + to the registrar. + + Since the registrar requires the user agent to authenticate + itself, it would be difficult for an attacker to forge REGISTER + requests for the user's address-of-record. Also note that since + the REGISTER is sent over a confidential TLS connection, attackers + will not be able to intercept the REGISTER to record credentials + for any possible replay attack. + + Once the registration has been accepted by the registrar, the UA + SHOULD leave this TLS connection open provided that the registrar + also acts as the proxy server to which requests are sent for users in + this administrative domain. The existing TLS connection will be + reused to deliver incoming requests to the UA that has just completed + registration. + + Because the UA has already authenticated the server on the other + side of the TLS connection, all requests that come over this + connection are known to have passed through the proxy server - + attackers cannot create spoofed requests that appear to have been + sent through that proxy server. + +26.3.2.2 Interdomain Requests + + Now let's say that Alice's UA would like to initiate a session with a + user in a remote administrative domain, namely "bob@biloxi.com". We + will also say that the local administrative domain (atlanta.com) has + a local outbound proxy. + + The proxy server that handles inbound requests for an administrative + domain MAY also act as a local outbound proxy; for simplicity's sake + we'll assume this to be the case for atlanta.com (otherwise the user + agent would initiate a new TLS connection to a separate server at + this point). Assuming that the client has completed the registration + + + +Rosenberg, et. al. Standards Track [Page 243] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + process described in the preceding section, it SHOULD reuse the TLS + connection to the local proxy server when it sends an INVITE request + to another user. The UA SHOULD reuse cached credentials in the + INVITE to avoid prompting the user unnecessarily. + + When the local outbound proxy server has validated the credentials + presented by the UA in the INVITE, it SHOULD inspect the Request-URI + to determine how the message should be routed (see [4]). If the + "domainname" portion of the Request-URI had corresponded to the local + domain (atlanta.com) rather than biloxi.com, then the proxy server + would have consulted its location service to determine how best to + reach the requested user. + + Had "alice@atlanta.com" been attempting to contact, say, + "alex@atlanta.com", the local proxy would have proxied to the + request to the TLS connection Alex had established with the + registrar when he registered. Since Alex would receive this + request over his authenticated channel, he would be assured that + Alice's request had been authorized by the proxy server of the + local administrative domain. + + However, in this instance the Request-URI designates a remote domain. + The local outbound proxy server at atlanta.com SHOULD therefore + establish a TLS connection with the remote proxy server at + biloxi.com. Since both of the participants in this TLS connection + are servers that possess site certificates, mutual TLS authentication + SHOULD occur. Each side of the connection SHOULD verify and inspect + the certificate of the other, noting the domain name that appears in + the certificate for comparison with the header fields of SIP + messages. The atlanta.com proxy server, for example, SHOULD verify + at this stage that the certificate received from the remote side + corresponds with the biloxi.com domain. Once it has done so, and TLS + negotiation has completed, resulting in a secure channel between the + two proxies, the atlanta.com proxy can forward the INVITE request to + biloxi.com. + + The proxy server at biloxi.com SHOULD inspect the certificate of the + proxy server at atlanta.com in turn and compare the domain asserted + by the certificate with the "domainname" portion of the From header + field in the INVITE request. The biloxi proxy MAY have a strict + security policy that requires it to reject requests that do not match + the administrative domain from which they have been proxied. + + Such security policies could be instituted to prevent the SIP + equivalent of SMTP 'open relays' that are frequently exploited to + generate spam. + + + + + +Rosenberg, et. al. Standards Track [Page 244] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + This policy, however, only guarantees that the request came from the + domain it ascribes to itself; it does not allow biloxi.com to + ascertain how atlanta.com authenticated Alice. Only if biloxi.com + has some other way of knowing atlanta.com's authentication policies + could it possibly ascertain how Alice proved her identity. + biloxi.com might then institute an even stricter policy that forbids + requests that come from domains that are not known administratively + to share a common authentication policy with biloxi.com. + + Once the INVITE has been approved by the biloxi proxy, the proxy + server SHOULD identify the existing TLS channel, if any, associated + with the user targeted by this request (in this case + "bob@biloxi.com"). The INVITE should be proxied through this channel + to Bob. Since the request is received over a TLS connection that had + previously been authenticated as the biloxi proxy, Bob knows that the + From header field was not tampered with and that atlanta.com has + validated Alice, although not necessarily whether or not to trust + Alice's identity. + + Before they forward the request, both proxy servers SHOULD add a + Record-Route header field to the request so that all future requests + in this dialog will pass through the proxy servers. The proxy + servers can thereby continue to provide security services for the + lifetime of this dialog. If the proxy servers do not add themselves + to the Record-Route, future messages will pass directly end-to-end + between Alice and Bob without any security services (unless the two + parties agree on some independent end-to-end security such as + S/MIME). In this respect the SIP trapezoid model can provide a nice + structure where conventions of agreement between the site proxies can + provide a reasonably secure channel between Alice and Bob. + + An attacker preying on this architecture would, for example, be + unable to forge a BYE request and insert it into the signaling + stream between Bob and Alice because the attacker has no way of + ascertaining the parameters of the session and also because the + integrity mechanism transitively protects the traffic between + Alice and Bob. + +26.3.2.3 Peer-to-Peer Requests + + Alternatively, consider a UA asserting the identity + "carol@chicago.com" that has no local outbound proxy. When Carol + wishes to send an INVITE to "bob@biloxi.com", her UA SHOULD initiate + a TLS connection with the biloxi proxy directly (using the mechanism + described in [4] to determine how to best to reach the given + Request-URI). When her UA receives a certificate from the biloxi + proxy, it SHOULD be verified normally before she passes her INVITE + across the TLS connection. However, Carol has no means of proving + + + +Rosenberg, et. al. Standards Track [Page 245] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + her identity to the biloxi proxy, but she does have a CMS-detached + signature over a "message/sip" body in the INVITE. It is unlikely in + this instance that Carol would have any credentials in the biloxi.com + realm, since she has no formal association with biloxi.com. The + biloxi proxy MAY also have a strict policy that precludes it from + even bothering to challenge requests that do not have biloxi.com in + the "domainname" portion of the From header field - it treats these + users as unauthenticated. + + The biloxi proxy has a policy for Bob that all non-authenticated + requests should be redirected to the appropriate contact address + registered against 'bob@biloxi.com', namely . + Carol receives the redirection response over the TLS connection she + established with the biloxi proxy, so she trusts the veracity of the + contact address. + + Carol SHOULD then establish a TCP connection with the designated + address and send a new INVITE with a Request-URI containing the + received contact address (recomputing the signature in the body as + the request is readied). Bob receives this INVITE on an insecure + interface, but his UA inspects and, in this instance, recognizes the + From header field of the request and subsequently matches a locally + cached certificate with the one presented in the signature of the + body of the INVITE. He replies in similar fashion, authenticating + himself to Carol, and a secure dialog begins. + + Sometimes firewalls or NATs in an administrative domain could + preclude the establishment of a direct TCP connection to a UA. In + these cases, proxy servers could also potentially relay requests + to UAs in a way that has no trust implications (for example, + forgoing an existing TLS connection and forwarding the request + over cleartext TCP) as local policy dictates. + +26.3.2.4 DoS Protection + + In order to minimize the risk of a denial-of-service attack against + architectures using these security solutions, implementers should + take note of the following guidelines. + + When the host on which a SIP proxy server is operating is routable + from the public Internet, it SHOULD be deployed in an administrative + domain with defensive operational policies (blocking source-routed + traffic, preferably filtering ping traffic). Both TLS and IPSec can + also make use of bastion hosts at the edges of administrative domains + that participate in the security associations to aggregate secure + tunnels and sockets. These bastion hosts can also take the brunt of + denial-of-service attacks, ensuring that SIP hosts within the + administrative domain are not encumbered with superfluous messaging. + + + +Rosenberg, et. al. Standards Track [Page 246] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + No matter what security solutions are deployed, floods of messages + directed at proxy servers can lock up proxy server resources and + prevent desirable traffic from reaching its destination. There is a + computational expense associated with processing a SIP transaction at + a proxy server, and that expense is greater for stateful proxy + servers than it is for stateless proxy servers. Therefore, stateful + proxies are more susceptible to flooding than stateless proxy + servers. + + UAs and proxy servers SHOULD challenge questionable requests with + only a single 401 (Unauthorized) or 407 (Proxy Authentication + Required), forgoing the normal response retransmission algorithm, and + thus behaving statelessly towards unauthenticated requests. + + Retransmitting the 401 (Unauthorized) or 407 (Proxy Authentication + Required) status response amplifies the problem of an attacker + using a falsified header field value (such as Via) to direct + traffic to a third party. + + In summary, the mutual authentication of proxy servers through + mechanisms such as TLS significantly reduces the potential for rogue + intermediaries to introduce falsified requests or responses that can + deny service. This commensurately makes it harder for attackers to + make innocent SIP nodes into agents of amplification. + +26.4 Limitations + + Although these security mechanisms, when applied in a judicious + manner, can thwart many threats, there are limitations in the scope + of the mechanisms that must be understood by implementers and network + operators. + +26.4.1 HTTP Digest + + One of the primary limitations of using HTTP Digest in SIP is that + the integrity mechanisms in Digest do not work very well for SIP. + Specifically, they offer protection of the Request-URI and the method + of a message, but not for any of the header fields that UAs would + most likely wish to secure. + + The existing replay protection mechanisms described in RFC 2617 also + have some limitations for SIP. The next-nonce mechanism, for + example, does not support pipelined requests. The nonce-count + mechanism should be used for replay protection. + + Another limitation of HTTP Digest is the scope of realms. Digest is + valuable when a user wants to authenticate themselves to a resource + with which they have a pre-existing association, like a service + + + +Rosenberg, et. al. Standards Track [Page 247] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + provider of which the user is a customer (which is quite a common + scenario and thus Digest provides an extremely useful function). By + way of contrast, the scope of TLS is interdomain or multirealm, since + certificates are often globally verifiable, so that the UA can + authenticate the server with no pre-existing association. + +26.4.2 S/MIME + + The largest outstanding defect with the S/MIME mechanism is the lack + of a prevalent public key infrastructure for end users. If self- + signed certificates (or certificates that cannot be verified by one + of the participants in a dialog) are used, the SIP-based key exchange + mechanism described in Section 23.2 is susceptible to a man-in-the- + middle attack with which an attacker can potentially inspect and + modify S/MIME bodies. The attacker needs to intercept the first + exchange of keys between the two parties in a dialog, remove the + existing CMS-detached signatures from the request and response, and + insert a different CMS-detached signature containing a certificate + supplied by the attacker (but which seems to be a certificate for the + proper address-of-record). Each party will think they have exchanged + keys with the other, when in fact each has the public key of the + attacker. + + It is important to note that the attacker can only leverage this + vulnerability on the first exchange of keys between two parties - on + subsequent occasions, the alteration of the key would be noticeable + to the UAs. It would also be difficult for the attacker to remain in + the path of all future dialogs between the two parties over time (as + potentially days, weeks, or years pass). + + SSH is susceptible to the same man-in-the-middle attack on the first + exchange of keys; however, it is widely acknowledged that while SSH + is not perfect, it does improve the security of connections. The use + of key fingerprints could provide some assistance to SIP, just as it + does for SSH. For example, if two parties use SIP to establish a + voice communications session, each could read off the fingerprint of + the key they received from the other, which could be compared against + the original. It would certainly be more difficult for the man-in- + the-middle to emulate the voices of the participants than their + signaling (a practice that was used with the Clipper chip-based + secure telephone). + + The S/MIME mechanism allows UAs to send encrypted requests without + preamble if they possess a certificate for the destination address- + of-record on their keyring. However, it is possible that any + particular device registered for an address-of-record will not hold + the certificate that has been previously employed by the device's + current user, and that it will therefore be unable to process an + + + +Rosenberg, et. al. Standards Track [Page 248] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + encrypted request properly, which could lead to some avoidable error + signaling. This is especially likely when an encrypted request is + forked. + + The keys associated with S/MIME are most useful when associated with + a particular user (an address-of-record) rather than a device (a UA). + When users move between devices, it may be difficult to transport + private keys securely between UAs; how such keys might be acquired by + a device is outside the scope of this document. + + Another, more prosaic difficulty with the S/MIME mechanism is that it + can result in very large messages, especially when the SIP tunneling + mechanism described in Section 23.4 is used. For that reason, it is + RECOMMENDED that TCP should be used as a transport protocol when + S/MIME tunneling is employed. + +26.4.3 TLS + + The most commonly voiced concern about TLS is that it cannot run over + UDP; TLS requires a connection-oriented underlying transport + protocol, which for the purposes of this document means TCP. + + It may also be arduous for a local outbound proxy server and/or + registrar to maintain many simultaneous long-lived TLS connections + with numerous UAs. This introduces some valid scalability concerns, + especially for intensive ciphersuites. Maintaining redundancy of + long-lived TLS connections, especially when a UA is solely + responsible for their establishment, could also be cumbersome. + + TLS only allows SIP entities to authenticate servers to which they + are adjacent; TLS offers strictly hop-by-hop security. Neither TLS, + nor any other mechanism specified in this document, allows clients to + authenticate proxy servers to whom they cannot form a direct TCP + connection. + +26.4.4 SIPS URIs + + Actually using TLS on every segment of a request path entails that + the terminating UAS must be reachable over TLS (perhaps registering + with a SIPS URI as a contact address). This is the preferred use of + SIPS. Many valid architectures, however, use TLS to secure part of + the request path, but rely on some other mechanism for the final hop + to a UAS, for example. Thus SIPS cannot guarantee that TLS usage + will be truly end-to-end. Note that since many UAs will not accept + incoming TLS connections, even those UAs that do support TLS may be + required to maintain persistent TLS connections as described in the + TLS limitations section above in order to receive requests over TLS + as a UAS. + + + +Rosenberg, et. al. Standards Track [Page 249] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Location services are not required to provide a SIPS binding for a + SIPS Request-URI. Although location services are commonly populated + by user registrations (as described in Section 10.2.1), various other + protocols and interfaces could conceivably supply contact addresses + for an AOR, and these tools are free to map SIPS URIs to SIP URIs as + appropriate. When queried for bindings, a location service returns + its contact addresses without regard for whether it received a + request with a SIPS Request-URI. If a redirect server is accessing + the location service, it is up to the entity that processes the + Contact header field of a redirection to determine the propriety of + the contact addresses. + + Ensuring that TLS will be used for all of the request segments up to + the target domain is somewhat complex. It is possible that + cryptographically authenticated proxy servers along the way that are + non-compliant or compromised may choose to disregard the forwarding + rules associated with SIPS (and the general forwarding rules in + Section 16.6). Such malicious intermediaries could, for example, + retarget a request from a SIPS URI to a SIP URI in an attempt to + downgrade security. + + Alternatively, an intermediary might legitimately retarget a request + from a SIP to a SIPS URI. Recipients of a request whose Request-URI + uses the SIPS URI scheme thus cannot assume on the basis of the + Request-URI alone that SIPS was used for the entire request path + (from the client onwards). + + To address these concerns, it is RECOMMENDED that recipients of a + request whose Request-URI contains a SIP or SIPS URI inspect the To + header field value to see if it contains a SIPS URI (though note that + it does not constitute a breach of security if this URI has the same + scheme but is not equivalent to the URI in the To header field). + Although clients may choose to populate the Request-URI and To header + field of a request differently, when SIPS is used this disparity + could be interpreted as a possible security violation, and the + request could consequently be rejected by its recipient. Recipients + MAY also inspect the Via header chain in order to double-check + whether or not TLS was used for the entire request path until the + local administrative domain was reached. S/MIME may also be used by + the originating UAC to help ensure that the original form of the To + header field is carried end-to-end. + + If the UAS has reason to believe that the scheme of the Request-URI + has been improperly modified in transit, the UA SHOULD notify its + user of a potential security breach. + + + + + + +Rosenberg, et. al. Standards Track [Page 250] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + As a further measure to prevent downgrade attacks, entities that + accept only SIPS requests MAY also refuse connections on insecure + ports. + + End users will undoubtedly discern the difference between SIPS and + SIP URIs, and they may manually edit them in response to stimuli. + This can either benefit or degrade security. For example, if an + attacker corrupts a DNS cache, inserting a fake record set that + effectively removes all SIPS records for a proxy server, then any + SIPS requests that traverse this proxy server may fail. When a user, + however, sees that repeated calls to a SIPS AOR are failing, they + could on some devices manually convert the scheme from SIPS to SIP + and retry. Of course, there are some safeguards against this (if the + destination UA is truly paranoid it could refuse all non-SIPS + requests), but it is a limitation worth noting. On the bright side, + users might also divine that 'SIPS' would be valid even when they are + presented only with a SIP URI. + +26.5 Privacy + + SIP messages frequently contain sensitive information about their + senders - not just what they have to say, but with whom they + communicate, when they communicate and for how long, and from where + they participate in sessions. Many applications and their users + require that this sort of private information be hidden from any + parties that do not need to know it. + + Note that there are also less direct ways in which private + information can be divulged. If a user or service chooses to be + reachable at an address that is guessable from the person's name and + organizational affiliation (which describes most addresses-of- + record), the traditional method of ensuring privacy by having an + unlisted "phone number" is compromised. A user location service can + infringe on the privacy of the recipient of a session invitation by + divulging their specific whereabouts to the caller; an implementation + consequently SHOULD be able to restrict, on a per-user basis, what + kind of location and availability information is given out to certain + classes of callers. This is a whole class of problem that is + expected to be studied further in ongoing SIP work. + + In some cases, users may want to conceal personal information in + header fields that convey identity. This can apply not only to the + From and related headers representing the originator of the request, + but also the To - it may not be appropriate to convey to the final + destination a speed-dialing nickname, or an unexpanded identifier for + a group of targets, either of which would be removed from the + Request-URI as the request is routed, but not changed in the To + + + + +Rosenberg, et. al. Standards Track [Page 251] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + header field if the two were initially identical. Thus it MAY be + desirable for privacy reasons to create a To header field that + differs from the Request-URI. + +27 IANA Considerations + + All method names, header field names, status codes, and option tags + used in SIP applications are registered with IANA through + instructions in an IANA Considerations section in an RFC. + + The specification instructs the IANA to create four new sub- + registries under http://www.iana.org/assignments/sip-parameters: + Option Tags, Warning Codes (warn-codes), Methods and Response Codes, + added to the sub-registry of Header Fields that is already present + there. + +27.1 Option Tags + + This specification establishes the Option Tags sub-registry under + http://www.iana.org/assignments/sip-parameters. + + Option tags are used in header fields such as Require, Supported, + Proxy-Require, and Unsupported in support of SIP compatibility + mechanisms for extensions (Section 19.2). The option tag itself is a + string that is associated with a particular SIP option (that is, an + extension). It identifies the option to SIP endpoints. + + Option tags are registered by the IANA when they are published in + standards track RFCs. The IANA Considerations section of the RFC + must include the following information, which appears in the IANA + registry along with the RFC number of the publication. + + o Name of the option tag. The name MAY be of any length, but + SHOULD be no more than twenty characters long. The name MUST + consist of alphanum (Section 25) characters only. + + o Descriptive text that describes the extension. + +27.2 Warn-Codes + + This specification establishes the Warn-codes sub-registry under + http://www.iana.org/assignments/sip-parameters and initiates its + population with the warn-codes listed in Section 20.43. Additional + warn-codes are registered by RFC publication. + + + + + + + +Rosenberg, et. al. Standards Track [Page 252] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + The descriptive text for the table of warn-codes is: + + Warning codes provide information supplemental to the status code in + SIP response messages when the failure of the transaction results + from a Session Description Protocol (SDP) (RFC 2327 [1]) problem. + + The "warn-code" consists of three digits. A first digit of "3" + indicates warnings specific to SIP. Until a future specification + describes uses of warn-codes other than 3xx, only 3xx warn-codes may + be registered. + + Warnings 300 through 329 are reserved for indicating problems with + keywords in the session description, 330 through 339 are warnings + related to basic network services requested in the session + description, 370 through 379 are warnings related to quantitative QoS + parameters requested in the session description, and 390 through 399 + are miscellaneous warnings that do not fall into one of the above + categories. + +27.3 Header Field Names + + This obsoletes the IANA instructions about the header sub-registry + under http://www.iana.org/assignments/sip-parameters. + + The following information needs to be provided in an RFC publication + in order to register a new header field name: + + o The RFC number in which the header is registered; + + o the name of the header field being registered; + + o a compact form version for that header field, if one is + defined; + + Some common and widely used header fields MAY be assigned one-letter + compact forms (Section 7.3.3). Compact forms can only be assigned + after SIP working group review, followed by RFC publication. + +27.4 Method and Response Codes + + This specification establishes the Method and Response-Code sub- + registries under http://www.iana.org/assignments/sip-parameters and + initiates their population as follows. The initial Methods table is: + + + + + + + + +Rosenberg, et. al. Standards Track [Page 253] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + INVITE [RFC3261] + ACK [RFC3261] + BYE [RFC3261] + CANCEL [RFC3261] + REGISTER [RFC3261] + OPTIONS [RFC3261] + INFO [RFC2976] + + The response code table is initially populated from Section 21, the + portions labeled Informational, Success, Redirection, Client-Error, + Server-Error, and Global-Failure. The table has the following + format: + + Type (e.g., Informational) + Number Default Reason Phrase [RFC3261] + + The following information needs to be provided in an RFC publication + in order to register a new response code or method: + + o The RFC number in which the method or response code is + registered; + + o the number of the response code or name of the method being + registered; + + o the default reason phrase for that response code, if + applicable; + +27.5 The "message/sip" MIME type. + + This document registers the "message/sip" MIME media type in order to + allow SIP messages to be tunneled as bodies within SIP, primarily for + end-to-end security purposes. This media type is defined by the + following information: + + Media type name: message + Media subtype name: sip + Required parameters: none + + Optional parameters: version + version: The SIP-Version number of the enclosed message (e.g., + "2.0"). If not present, the version defaults to "2.0". + Encoding scheme: SIP messages consist of an 8-bit header + optionally followed by a binary MIME data object. As such, SIP + messages must be treated as binary. Under normal circumstances + SIP messages are transported over binary-capable transports, no + special encodings are needed. + + + + +Rosenberg, et. al. Standards Track [Page 254] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Security considerations: see below + Motivation and examples of this usage as a security mechanism + in concert with S/MIME are given in 23.4. + +27.6 New Content-Disposition Parameter Registrations + + This document also registers four new Content-Disposition header + "disposition-types": alert, icon, session and render. The authors + request that these values be recorded in the IANA registry for + Content-Dispositions. + + Descriptions of these "disposition-types", including motivation and + examples, are given in Section 20.11. + + Short descriptions suitable for the IANA registry are: + + alert the body is a custom ring tone to alert the user + icon the body is displayed as an icon to the user + render the body should be displayed to the user + session the body describes a communications session, for + example, as RFC 2327 SDP body + +28 Changes From RFC 2543 + + This RFC revises RFC 2543. It is mostly backwards compatible with + RFC 2543. The changes described here fix many errors discovered in + RFC 2543 and provide information on scenarios not detailed in RFC + 2543. The protocol has been presented in a more cleanly layered + model here. + + We break the differences into functional behavior that is a + substantial change from RFC 2543, which has impact on + interoperability or correct operation in some cases, and functional + behavior that is different from RFC 2543 but not a potential source + of interoperability problems. There have been countless + clarifications as well, which are not documented here. + +28.1 Major Functional Changes + + o When a UAC wishes to terminate a call before it has been answered, + it sends CANCEL. If the original INVITE still returns a 2xx, the + UAC then sends BYE. BYE can only be sent on an existing call leg + (now called a dialog in this RFC), whereas it could be sent at any + time in RFC 2543. + + o The SIP BNF was converted to be RFC 2234 compliant. + + + + + +Rosenberg, et. al. Standards Track [Page 255] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o SIP URL BNF was made more general, allowing a greater set of + characters in the user part. Furthermore, comparison rules were + simplified to be primarily case-insensitive, and detailed handling + of comparison in the presence of parameters was described. The + most substantial change is that a URI with a parameter with the + default value does not match a URI without that parameter. + + o Removed Via hiding. It had serious trust issues, since it relied + on the next hop to perform the obfuscation process. Instead, Via + hiding can be done as a local implementation choice in stateful + proxies, and thus is no longer documented. + + o In RFC 2543, CANCEL and INVITE transactions were intermingled. + They are separated now. When a user sends an INVITE and then a + CANCEL, the INVITE transaction still terminates normally. A UAS + needs to respond to the original INVITE request with a 487 + response. + + o Similarly, CANCEL and BYE transactions were intermingled; RFC 2543 + allowed the UAS not to send a response to INVITE when a BYE was + received. That is disallowed here. The original INVITE needs a + response. + + o In RFC 2543, UAs needed to support only UDP. In this RFC, UAs + need to support both UDP and TCP. + + o In RFC 2543, a forking proxy only passed up one challenge from + downstream elements in the event of multiple challenges. In this + RFC, proxies are supposed to collect all challenges and place them + into the forwarded response. + + o In Digest credentials, the URI needs to be quoted; this is unclear + from RFC 2617 and RFC 2069 which are both inconsistent on it. + + o SDP processing has been split off into a separate specification + [13], and more fully specified as a formal offer/answer exchange + process that is effectively tunneled through SIP. SDP is allowed + in INVITE/200 or 200/ACK for baseline SIP implementations; RFC + 2543 alluded to the ability to use it in INVITE, 200, and ACK in a + single transaction, but this was not well specified. More complex + SDP usages are allowed in extensions. + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 256] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Added full support for IPv6 in URIs and in the Via header field. + Support for IPv6 in Via has required that its header field + parameters allow the square bracket and colon characters. These + characters were previously not permitted. In theory, this could + cause interop problems with older implementations. However, we + have observed that most implementations accept any non-control + ASCII character in these parameters. + + o DNS SRV procedure is now documented in a separate specification + [4]. This procedure uses both SRV and NAPTR resource records and + no longer combines data from across SRV records as described in + RFC 2543. + + o Loop detection has been made optional, supplanted by a mandatory + usage of Max-Forwards. The loop detection procedure in RFC 2543 + had a serious bug which would report "spirals" as an error + condition when it was not. The optional loop detection procedure + is more fully and correctly specified here. + + o Usage of tags is now mandatory (they were optional in RFC 2543), + as they are now the fundamental building blocks of dialog + identification. + + o Added the Supported header field, allowing for clients to indicate + what extensions are supported to a server, which can apply those + extensions to the response, and indicate their usage with a + Require in the response. + + o Extension parameters were missing from the BNF for several header + fields, and they have been added. + + o Handling of Route and Record-Route construction was very + underspecified in RFC 2543, and also not the right approach. It + has been substantially reworked in this specification (and made + vastly simpler), and this is arguably the largest change. + Backwards compatibility is still provided for deployments that do + not use "pre-loaded routes", where the initial request has a set + of Route header field values obtained in some way outside of + Record-Route. In those situations, the new mechanism is not + interoperable. + + o In RFC 2543, lines in a message could be terminated with CR, LF, + or CRLF. This specification only allows CRLF. + + + + + + + + +Rosenberg, et. al. Standards Track [Page 257] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Usage of Route in CANCEL and ACK was not well defined in RFC 2543. + It is now well specified; if a request had a Route header field, + its CANCEL or ACK for a non-2xx response to the request need to + carry the same Route header field values. ACKs for 2xx responses + use the Route values learned from the Record-Route of the 2xx + responses. + + o RFC 2543 allowed multiple requests in a single UDP packet. This + usage has been removed. + + o Usage of absolute time in the Expires header field and parameter + has been removed. It caused interoperability problems in elements + that were not time synchronized, a common occurrence. Relative + times are used instead. + + o The branch parameter of the Via header field value is now + mandatory for all elements to use. It now plays the role of a + unique transaction identifier. This avoids the complex and bug- + laden transaction identification rules from RFC 2543. A magic + cookie is used in the parameter value to determine if the previous + hop has made the parameter globally unique, and comparison falls + back to the old rules when it is not present. Thus, + interoperability is assured. + + o In RFC 2543, closure of a TCP connection was made equivalent to a + CANCEL. This was nearly impossible to implement (and wrong) for + TCP connections between proxies. This has been eliminated, so + that there is no coupling between TCP connection state and SIP + processing. + + o RFC 2543 was silent on whether a UA could initiate a new + transaction to a peer while another was in progress. That is now + specified here. It is allowed for non-INVITE requests, disallowed + for INVITE. + + o PGP was removed. It was not sufficiently specified, and not + compatible with the more complete PGP MIME. It was replaced with + S/MIME. + + o Added the "sips" URI scheme for end-to-end TLS. This scheme is + not backwards compatible with RFC 2543. Existing elements that + receive a request with a SIPS URI scheme in the Request-URI will + likely reject the request. This is actually a feature; it ensures + that a call to a SIPS URI is only delivered if all path hops can + be secured. + + + + + + +Rosenberg, et. al. Standards Track [Page 258] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Additional security features were added with TLS, and these are + described in a much larger and complete security considerations + section. + + o In RFC 2543, a proxy was not required to forward provisional + responses from 101 to 199 upstream. This was changed to MUST. + This is important, since many subsequent features depend on + delivery of all provisional responses from 101 to 199. + + o Little was said about the 503 response code in RFC 2543. It has + since found substantial use in indicating failure or overload + conditions in proxies. This requires somewhat special treatment. + Specifically, receipt of a 503 should trigger an attempt to + contact the next element in the result of a DNS SRV lookup. Also, + 503 response is only forwarded upstream by a proxy under certain + conditions. + + o RFC 2543 defined, but did no sufficiently specify, a mechanism for + UA authentication of a server. That has been removed. Instead, + the mutual authentication procedures of RFC 2617 are allowed. + + o A UA cannot send a BYE for a call until it has received an ACK for + the initial INVITE. This was allowed in RFC 2543 but leads to a + potential race condition. + + o A UA or proxy cannot send CANCEL for a transaction until it gets a + provisional response for the request. This was allowed in RFC + 2543 but leads to potential race conditions. + + o The action parameter in registrations has been deprecated. It was + insufficient for any useful services, and caused conflicts when + application processing was applied in proxies. + + o RFC 2543 had a number of special cases for multicast. For + example, certain responses were suppressed, timers were adjusted, + and so on. Multicast now plays a more limited role, and the + protocol operation is unaffected by usage of multicast as opposed + to unicast. The limitations as a result of that are documented. + + o Basic authentication has been removed entirely and its usage + forbidden. + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 259] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + o Proxies no longer forward a 6xx immediately on receiving it. + Instead, they CANCEL pending branches immediately. This avoids a + potential race condition that would result in a UAC getting a 6xx + followed by a 2xx. In all cases except this race condition, the + result will be the same - the 6xx is forwarded upstream. + + o RFC 2543 did not address the problem of request merging. This + occurs when a request forks at a proxy and later rejoins at an + element. Handling of merging is done only at a UA, and procedures + are defined for rejecting all but the first request. + +28.2 Minor Functional Changes + + o Added the Alert-Info, Error-Info, and Call-Info header fields for + optional content presentation to users. + + o Added the Content-Language, Content-Disposition and MIME-Version + header fields. + + o Added a "glare handling" mechanism to deal with the case where + both parties send each other a re-INVITE simultaneously. It uses + the new 491 (Request Pending) error code. + + o Added the In-Reply-To and Reply-To header fields for supporting + the return of missed calls or messages at a later time. + + o Added TLS and SCTP as valid SIP transports. + + o There were a variety of mechanisms described for handling failures + at any time during a call; those are now generally unified. BYE + is sent to terminate. + + o RFC 2543 mandated retransmission of INVITE responses over TCP, but + noted it was really only needed for 2xx. That was an artifact of + insufficient protocol layering. With a more coherent transaction + layer defined here, that is no longer needed. Only 2xx responses + to INVITEs are retransmitted over TCP. + + o Client and server transaction machines are now driven based on + timeouts rather than retransmit counts. This allows the state + machines to be properly specified for TCP and UDP. + + o The Date header field is used in REGISTER responses to provide a + simple means for auto-configuration of dates in user agents. + + o Allowed a registrar to reject registrations with expirations that + are too short in duration. Defined the 423 response code and the + Min-Expires for this purpose. + + + +Rosenberg, et. al. Standards Track [Page 260] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +29 Normative References + + [1] Handley, M. and V. Jacobson, "SDP: Session Description + Protocol", RFC 2327, April 1998. + + [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement + Levels", BCP 14, RFC 2119, March 1997. + + [3] Resnick, P., "Internet Message Format", RFC 2822, April 2001. + + [4] Rosenberg, J. and H. Schulzrinne, "SIP: Locating SIP Servers", + RFC 3263, June 2002. + + [5] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource + Identifiers (URI): Generic Syntax", RFC 2396, August 1998. + + [6] Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for + Transport Layer Security (TLS)", RFC 3268, June 2002. + + [7] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC + 2279, January 1998. + + [8] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., + Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol -- + HTTP/1.1", RFC 2616, June 1999. + + [9] Vaha-Sipila, A., "URLs for Telephone Calls", RFC 2806, April + 2000. + + [10] Crocker, D. and P. Overell, "Augmented BNF for Syntax + Specifications: ABNF", RFC 2234, November 1997. + + [11] Freed, F. and N. Borenstein, "Multipurpose Internet Mail + Extensions (MIME) Part Two: Media Types", RFC 2046, November + 1996. + + [12] Eastlake, D., Crocker, S. and J. Schiller, "Randomness + Recommendations for Security", RFC 1750, December 1994. + + [13] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with + SDP", RFC 3264, June 2002. + + [14] Postel, J., "User Datagram Protocol", STD 6, RFC 768, August + 1980. + + [15] Postel, J., "DoD Standard Transmission Control Protocol", RFC + 761, January 1980. + + + + +Rosenberg, et. al. Standards Track [Page 261] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + [16] Stewart, R., Xie, Q., Morneault, K., Sharp, C., Schwarzbauer, + H., Taylor, T., Rytina, I., Kalla, M., Zhang, L. and V. Paxson, + "Stream Control Transmission Protocol", RFC 2960, October 2000. + + [17] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., + Leach, P., Luotonen, A. and L. Stewart, "HTTP authentication: + Basic and Digest Access Authentication", RFC 2617, June 1999. + + [18] Troost, R., Dorner, S. and K. Moore, "Communicating Presentation + Information in Internet Messages: The Content-Disposition Header + Field", RFC 2183, August 1997. + + [19] Zimmerer, E., Peterson, J., Vemuri, A., Ong, L., Audet, F., + Watson, M. and M. Zonoun, "MIME media types for ISUP and QSIG + Objects", RFC 3204, December 2001. + + [20] Braden, R., "Requirements for Internet Hosts - Application and + Support", STD 3, RFC 1123, October 1989. + + [21] Alvestrand, H., "IETF Policy on Character Sets and Languages", + BCP 18, RFC 2277, January 1998. + + [22] Galvin, J., Murphy, S., Crocker, S. and N. Freed, "Security + Multiparts for MIME: Multipart/Signed and Multipart/Encrypted", + RFC 1847, October 1995. + + [23] Housley, R., "Cryptographic Message Syntax", RFC 2630, June + 1999. + + [24] Ramsdell B., "S/MIME Version 3 Message Specification", RFC 2633, + June 1999. + + [25] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC + 2246, January 1999. + + [26] Kent, S. and R. Atkinson, "Security Architecture for the + Internet Protocol", RFC 2401, November 1998. + +30 Informative References + + [27] R. Pandya, "Emerging mobile and personal communication systems," + IEEE Communications Magazine, Vol. 33, pp. 44--52, June 1995. + + [28] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson, + "RTP: A Transport Protocol for Real-Time Applications", RFC + 1889, January 1996. + + + + + +Rosenberg, et. al. Standards Track [Page 262] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + [29] Schulzrinne, H., Rao, R. and R. Lanphier, "Real Time Streaming + Protocol (RTSP)", RFC 2326, April 1998. + + [30] Cuervo, F., Greene, N., Rayhan, A., Huitema, C., Rosen, B. and + J. Segers, "Megaco Protocol Version 1.0", RFC 3015, November + 2000. + + [31] Handley, M., Schulzrinne, H., Schooler, E. and J. Rosenberg, + "SIP: Session Initiation Protocol", RFC 2543, March 1999. + + [32] Hoffman, P., Masinter, L. and J. Zawinski, "The mailto URL + scheme", RFC 2368, July 1998. + + [33] E. M. Schooler, "A multicast user directory service for + synchronous rendezvous," Master's Thesis CS-TR-96-18, Department + of Computer Science, California Institute of Technology, + Pasadena, California, Aug. 1996. + + [34] Donovan, S., "The SIP INFO Method", RFC 2976, October 2000. + + [35] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April + 1992. + + [36] Dawson, F. and T. Howes, "vCard MIME Directory Profile", RFC + 2426, September 1998. + + [37] Good, G., "The LDAP Data Interchange Format (LDIF) - Technical + Specification", RFC 2849, June 2000. + + [38] Palme, J., "Common Internet Message Headers", RFC 2076, + February 1997. + + [39] Franks, J., Hallam-Baker, P., Hostetler, J., Leach, P., + Luotonen, A., Sink, E. and L. Stewart, "An Extension to HTTP: + Digest Access Authentication", RFC 2069, January 1997. + + [40] Johnston, A., Donovan, S., Sparks, R., Cunningham, C., Willis, + D., Rosenberg, J., Summers, K. and H. Schulzrinne, "SIP Call + Flow Examples", Work in Progress. + + [41] E. M. Schooler, "Case study: multimedia conference control in a + packet-switched teleconferencing system," Journal of + Internetworking: Research and Experience, Vol. 4, pp. 99--120, + June 1993. ISI reprint series ISI/RS-93-359. + + + + + + + +Rosenberg, et. al. Standards Track [Page 263] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + [42] H. Schulzrinne, "Personal mobility for multimedia services in + the Internet," in European Workshop on Interactive Distributed + Multimedia Systems and Services (IDMS), (Berlin, Germany), Mar. + 1996. + + [43] Floyd, S., "Congestion Control Principles", RFC 2914, September + 2000. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 264] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +A Table of Timer Values + + Table 4 summarizes the meaning and defaults of the various timers + used by this specification. + +Timer Value Section Meaning +---------------------------------------------------------------------- +T1 500ms default Section 17.1.1.1 RTT Estimate +T2 4s Section 17.1.2.2 The maximum retransmit + interval for non-INVITE + requests and INVITE + responses +T4 5s Section 17.1.2.2 Maximum duration a + message will + remain in the network +Timer A initially T1 Section 17.1.1.2 INVITE request retransmit + interval, for UDP only +Timer B 64*T1 Section 17.1.1.2 INVITE transaction + timeout timer +Timer C > 3min Section 16.6 proxy INVITE transaction + bullet 11 timeout +Timer D > 32s for UDP Section 17.1.1.2 Wait time for response + 0s for TCP/SCTP retransmits +Timer E initially T1 Section 17.1.2.2 non-INVITE request + retransmit interval, + UDP only +Timer F 64*T1 Section 17.1.2.2 non-INVITE transaction + timeout timer +Timer G initially T1 Section 17.2.1 INVITE response + retransmit interval +Timer H 64*T1 Section 17.2.1 Wait time for + ACK receipt +Timer I T4 for UDP Section 17.2.1 Wait time for + 0s for TCP/SCTP ACK retransmits +Timer J 64*T1 for UDP Section 17.2.2 Wait time for + 0s for TCP/SCTP non-INVITE request + retransmits +Timer K T4 for UDP Section 17.1.2.2 Wait time for + 0s for TCP/SCTP response retransmits + + Table 4: Summary of timers + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 265] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Acknowledgments + + We wish to thank the members of the IETF MMUSIC and SIP WGs for their + comments and suggestions. Detailed comments were provided by Ofir + Arkin, Brian Bidulock, Jim Buller, Neil Deason, Dave Devanathan, + Keith Drage, Bill Fenner, Cedric Fluckiger, Yaron Goland, John + Hearty, Bernie Hoeneisen, Jo Hornsby, Phil Hoffer, Christian Huitema, + Hisham Khartabil, Jean Jervis, Gadi Karmi, Peter Kjellerstedt, Anders + Kristensen, Jonathan Lennox, Gethin Liddell, Allison Mankin, William + Marshall, Rohan Mahy, Keith Moore, Vern Paxson, Bob Penfield, Moshe + J. Sambol, Chip Sharp, Igor Slepchin, Eric Tremblay, and Rick + Workman. + + Brian Rosen provided the compiled BNF. + + Jean Mahoney provided technical writing assistance. + + This work is based, inter alia, on [41,42]. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 266] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Authors' Addresses + + Authors addresses are listed alphabetically for the editors, the + writers, and then the original authors of RFC 2543. All listed + authors actively contributed large amounts of text to this document. + + Jonathan Rosenberg + dynamicsoft + 72 Eagle Rock Ave + East Hanover, NJ 07936 + USA + + EMail: jdrosen@dynamicsoft.com + + + Henning Schulzrinne + Dept. of Computer Science + Columbia University + 1214 Amsterdam Avenue + New York, NY 10027 + USA + + EMail: schulzrinne@cs.columbia.edu + + + Gonzalo Camarillo + Ericsson + Advanced Signalling Research Lab. + FIN-02420 Jorvas + Finland + + EMail: Gonzalo.Camarillo@ericsson.com + + + Alan Johnston + WorldCom + 100 South 4th Street + St. Louis, MO 63102 + USA + + EMail: alan.johnston@wcom.com + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 267] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + + Jon Peterson + NeuStar, Inc + 1800 Sutter Street, Suite 570 + Concord, CA 94520 + USA + + EMail: jon.peterson@neustar.com + + + Robert Sparks + dynamicsoft, Inc. + 5100 Tennyson Parkway + Suite 1200 + Plano, Texas 75024 + USA + + EMail: rsparks@dynamicsoft.com + + + Mark Handley + International Computer Science Institute + 1947 Center St, Suite 600 + Berkeley, CA 94704 + USA + + EMail: mjh@icir.org + + + Eve Schooler + AT&T Labs-Research + 75 Willow Road + Menlo Park, CA 94025 + USA + + EMail: schooler@research.att.com + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 268] + +RFC 3261 SIP: Session Initiation Protocol June 2002 + + +Full Copyright Statement + + Copyright (C) The Internet Society (2002). All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph are + included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + This document and the information contained herein is provided on an + "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING + TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING + BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION + HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF + MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + + + + + + + + + + + + + +Rosenberg, et. al. Standards Track [Page 269] + diff --git a/example/invite b/example/invite new file mode 100644 index 0000000..c02ec16 --- /dev/null +++ b/example/invite @@ -0,0 +1,29 @@ +INVITE sip:9198@172.18.1.72 SIP/2.0 +Via: SIP/2.0/UDP 172.16.254.24;rport;branch=z9hG4bKrebupeuh +Max-Forwards: 70 +To: +From: "zecke" ;tag=wmycl +Call-ID: ofcwnpmulmceasg@xiaoyu +CSeq: 982 INVITE +Contact: +Content-Type: application/sdp +Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE +Supported: replaces,norefersub,100rel +User-Agent: Twinkle/1.4.2 +Content-Length: 310 + +v=0 +o=twinkle 2038576622 441641029 IN IP4 172.18.254.24 +s=- +c=IN IP4 172.18.254.24 +t=0 0 +m=audio 8000 RTP/AVP 98 97 8 0 3 101 +a=rtpmap:98 speex/16000 +a=rtpmap:97 speex/8000 +a=rtpmap:8 PCMA/8000 +a=rtpmap:0 PCMU/8000 +a=rtpmap:3 GSM/8000 +a=rtpmap:101 telephone-event/8000 +a=fmtp:101 0-15 +a=ptime:20 + diff --git a/example/invite2 b/example/invite2 new file mode 100644 index 0000000..dc1fe59 --- /dev/null +++ b/example/invite2 @@ -0,0 +1,29 @@ +INVITE sip:9198@172.18.1.72 SIP/2.0 +Via: SIP/2.0/UDP 172.18.254.24;rport;branch=z9hG4bKrebupeuh +Max-Forwards: 70 +To: +From: "zecke" ;tag=wmycl +Call-ID: ofcwnpmulmceasg@xiaoyu +CSeq: 982 INVITE +Contact: +Content-Type: application/sdp +Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE +Supported: replaces,norefersub,100rel +User-Agent: Twinkle/1.4.2 +Content-Length: 310 + +v=0 +o=twinkle 2038576622 441641029 IN IP4 172.18.254.25 +s=- +c=IN IP4 172.18.254.25 +t=0 0 +m=audio 8000 RTP/AVP 98 97 8 0 3 101 +a=rtpmap:98 speex/16000 +a=rtpmap:97 speex/8000 +a=rtpmap:8 PCMA/8000 +a=rtpmap:0 PCMU/8000 +a=rtpmap:3 GSM/8000 +a=rtpmap:101 telephone-event/8000 +a=fmtp:101 0-15 +a=ptime:20 + diff --git a/grammar/SIPGrammar.st b/grammar/SIPGrammar.st new file mode 100644 index 0000000..ca30888 --- /dev/null +++ b/grammar/SIPGrammar.st @@ -0,0 +1,183 @@ +" + (C) 2011 by Holger Hans Peter Freyther + All Rights Reserved + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +" + +PackageLoader fileInPackage: 'PetitParser'. + +PP.PPCompositeParser subclass: SIPGrammar [ + | Response StatusLine message_header + CRLF SP HTAB HCOLON SWS LWS WSP + message_body SIPVersion StatusCode ReasonPhrase + extension_header header_name header_value | + "http://sofia-sip.org/repos/sofia-sip/libsofia-sip-ua/sip/GRAMMAR" + + + + start [ + + ^ Response + ] + + CRLF [ + + ^ Character cr asParser, Character nl asParser + ] + + SP [ + + ^ $ asParser + ] + + Response [ + + ^ StatusLine, message_header star, CRLF, message_body optional + ] + + StatusLine [ + + ^ SIPVersion, SP, StatusCode, SP, ReasonPhrase, CRLF + ] + + SIPVersion [ + + ^ 'SIP/' asParser, #digit asParser, $. asParser, #digit asParser + ] + + StatusCode [ + + "Combined into one..." + ^ '100' asParser / "Trying" + '180' asParser / "Ringing" + '181' asParser / "Call Is Being Forwarded" + '182' asParser / "Queued" + '183' asParser / "Session Progress" + + '200' asParser / "OK" + + '300' asParser / "Multiple Choices" + '301' asParser / "Moved Permanently" + '302' asParser / "Moved Temporarily" + '380' asParser / "Alternative Service" + + '400' asParser / "Bad Request" + '401' asParser / "Unauthorized" + '402' asParser / "Payment Required" + '403' asParser / "Forbidden" + '404' asParser / "Not Found" + '405' asParser / "Method Not Allowed" + '406' asParser / "Not Acceptable" + '407' asParser / "Proxy Authentication Required" + '408' asParser / "Request Timeout" + '410' asParser / "Gone" + '413' asParser / "Request Entity Too Large" + '414' asParser / "Request-URI Too Large" + '415' asParser / "Unsupported Media Type" + '416' asParser / "Unsupported URI Scheme" + '420' asParser / "Bad Extension" + '421' asParser / "Extension Required" + '423' asParser / "Interval Too Brief" + '480' asParser / "Temporarily not available" + '481' asParser / "Call Leg/Transaction Does Not Exist" + '482' asParser / "Loop Detected" + '483' asParser / "Too Many Hops" + '484' asParser / "Address Incomplete" + '485' asParser / "Ambiguous" + '486' asParser / "Busy Here" + '487' asParser / "Request Terminated" + '488' asParser / "Not Acceptable Here" + '491' asParser / "Request Pending" + '493' asParser / "Undecipherable" + + '500' asParser / "Internal Server Error" + '501' asParser / "Not Implemented" + '502' asParser / "Bad Gateway" + '503' asParser / "Service Unavailable" + '504' asParser / "Server Time-out" + '505' asParser / "SIP Version not supported" + '513' asParser / "Message Too Large" + + '600' asParser / "Busy Everywhere" + '603' asParser /"Decline" + '604' asParser /"Does not exist anywhere" + '606' asParser "Not Acceptable" + ] + + ReasonPhrase [ + + + ^ (#digit asParser / Character space asParser / HTAB / #letter asParser) star flatten + ] + + message_header [ + "Simplified..." + + + ^ (extension_header), CRLF + ] + + message_body [ + ^ #any asParser plus flatten + ] + + extension_header [ + + ^ header_name, HCOLON, header_value + ] + + header_name [ + + "hmm 1*() should be optional but it must be star here" + ^ (#letter asParser / #digit asParser / + $- asParser / $. asParser / + $! asParser / $% asParser / + $* asParser / $_ asParser / + $+ asParser / $` asParser / + $' asParser / $~ asParser) star flatten + ] + + header_value [ + + "TODO: TEXT-UTF8char / UTF8-CONT" + ^ (#letter asParser / #digit asParser / #punctuation asParser / #blank asParser / LWS) star flatten + ] + + HTAB [ + + ^ Character tab asParser + ] + + HCOLON [ + + + ^ (SP / HTAB) star, $: asParser, SWS + ] + + WSP [ + + ^ #blank asParser + ] + + LWS [ + + (WSP star, CRLF) optional, WSP plus + ] + + SWS [ + + ^ LWS optional + ] +] diff --git a/grammar/SIPGrammarTest.st b/grammar/SIPGrammarTest.st new file mode 100644 index 0000000..d60509e --- /dev/null +++ b/grammar/SIPGrammarTest.st @@ -0,0 +1,107 @@ +" + (C) 2011 by Holger Hans Peter Freyther + All Rights Reserved + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +" + +PackageLoader fileInPackage: 'PetitParserTests'. + +PP.PPCompositeParserTest subclass: SIPGrammarTest [ + + + + SIPGrammarTest class >> packageNamesUnderTest [ + + ^ #('SIPGrammar') + ] + + parserClass [ + + ^ SIPGrammar + ] + + + testTrying [ + | data res hdr | + data := #(16r53 16r49 16r50 16r2F 16r32 16r2E 16r30 16r20 + 16r31 16r30 16r30 16r20 16r54 16r72 16r79 16r69 + 16r6E 16r67 16r0D 16r0A 16r56 16r69 16r61 16r3A + 16r20 16r53 16r49 16r50 16r2F 16r32 16r2E 16r30 + 16r2F 16r55 16r44 16r50 16r20 16r31 16r37 16r32 + 16r2E 16r31 16r36 16r2E 16r32 16r35 16r34 16r2E + 16r32 16r34 16r3B 16r72 16r70 16r6F 16r72 16r74 + 16r3D 16r35 16r30 16r36 16r30 16r3B 16r62 16r72 + 16r61 16r6E 16r63 16r68 16r3D 16r7A 16r39 16r68 + 16r47 16r34 16r62 16r4B 16r66 16r77 16r6A 16r6C + 16r78 16r64 16r72 16r76 16r0D 16r0A 16r46 16r72 + 16r6F 16r6D 16r3A 16r20 16r22 16r7A 16r65 16r63 + 16r6B 16r65 16r22 16r20 16r3C 16r73 16r69 16r70 + 16r3A 16r31 16r30 16r30 16r30 16r40 16r6F 16r6E + 16r2D 16r77 16r61 16r76 16r65 16r73 16r2E 16r63 + 16r6F 16r6D 16r3E 16r3B 16r74 16r61 16r67 16r3D + 16r77 16r6D 16r79 16r63 16r6C 16r0D 16r0A 16r54 + 16r6F 16r3A 16r20 16r3C 16r73 16r69 16r70 16r3A + 16r39 16r31 16r39 16r38 16r40 16r31 16r37 16r32 + 16r2E 16r31 16r36 16r2E 16r31 16r2E 16r37 16r32 + 16r3E 16r0D 16r0A 16r43 16r61 16r6C 16r6C 16r2D + 16r49 16r44 16r3A 16r20 16r6F 16r66 16r63 16r77 + 16r6E 16r70 16r6D 16r75 16r6C 16r6D 16r63 16r65 + 16r61 16r73 16r67 16r40 16r78 16r69 16r61 16r6F + 16r79 16r75 16r0D 16r0A 16r43 16r53 16r65 16r71 + 16r3A 16r20 16r39 16r38 16r33 16r20 16r49 16r4E + 16r56 16r49 16r54 16r45 16r0D 16r0A 16r55 16r73 + 16r65 16r72 16r2D 16r41 16r67 16r65 16r6E 16r74 + 16r3A 16r20 16r46 16r72 16r65 16r65 16r53 16r57 + 16r49 16r54 16r43 16r48 16r2D 16r6D 16r6F 16r64 + 16r5F 16r73 16r6F 16r66 16r69 16r61 16r2F 16r31 + 16r2E 16r30 16r2E 16r68 16r65 16r61 16r64 16r2D + 16r67 16r69 16r74 16r2D 16r64 16r66 16r66 16r34 + 16r31 16r61 16r66 16r20 16r32 16r30 16r31 16r31 + 16r2D 16r30 16r34 16r2D 16r32 16r30 16r20 16r31 + 16r34 16r2D 16r31 16r31 16r2D 16r32 16r34 16r20 + 16r2B 16r30 16r32 16r30 16r30 16r0D 16r0A 16r43 + 16r6F 16r6E 16r74 16r65 16r6E 16r74 16r2D 16r4C + 16r65 16r6E 16r67 16r74 16r68 16r3A 16r20 16r30 + 16r0D 16r0A 16r0D 16r0A) asByteArray. + + res := self parse: data asString. + self assert: res size = 4. + self assert: res first third = '100'. + self assert: (res first at: 5) = 'Trying'. + + hdr := res second. + + self assert: (hdr at: 1) first first = 'Via'. + self assert: (hdr at: 1) first third = ' SIP/2.0/UDP 172.16.254.24;rport=5060;branch=z9hG4bKfwjlxdrv'. + + self assert: (hdr at: 2) first first = 'From'. + self assert: (hdr at: 2) first third = ' "zecke" ;tag=wmycl'. + + self assert: (hdr at: 3) first first = 'To'. + self assert: (hdr at: 3) first third = ' '. + + self assert: (hdr at: 4) first first = 'Call-ID'. + self assert: (hdr at: 4) first third = ' ofcwnpmulmceasg@xiaoyu'. + + self assert: (hdr at: 5) first first = 'CSeq'. + self assert: (hdr at: 5) first third = ' 983 INVITE'. + + self assert: (hdr at: 6) first first = 'User-Agent'. + self assert: (hdr at: 6) first third = ' FreeSWITCH-mod_sofia/1.0.head-git-dff41af 2011-04-20 14-11-24 +0200'. + + self assert: (hdr at: 7) first first = 'Content-Length'. + self assert: (hdr at: 7) first third = ' 0'. + ] +]