SIPCORE Working GroupInternet Engineering Task Force (IETF) C. HolmbergInternet-DraftRequest for Comments: 8262 I. Sedlacek Updates:5621,5368, 5621, 6442(if approved)EricssonIntended status:Category: Standards TrackSeptember 2,October 2017Expires: March 6, 2018ISSN: 2070-1721 Content-IDheader fieldHeader Field in the Session Initiation Protocol (SIP)draft-ietf-sipcore-content-id-10Abstract This document specifies the Content-ID header field for usage in the Session Initiation Protocol (SIP).TheThis document also updates RFC 5621, which only allows a Content-ID URL to reference a body part that is part of a multipart message-body. This update enables a Content-ID URL to reference a complete message-body and metadata provided by some additional SIP header fields. This document updates RFC 5368 and RFC6442,6442 by clarifying their usage of the SIP Content-ID header field. Status of This Memo ThisInternet-Draftissubmitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documentsan Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF).Note that other groups may also distribute working documents as Internet-Drafts. The listIt represents the consensus ofcurrent Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents validthe IETF community. It has received public review and has been approved fora maximumpublication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status ofsix monthsthis document, any errata, and how to provide feedback on it may beupdated, replaced, or obsoleted by other documentsobtained atany time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on March 6, 2018.https://www.rfc-editor.org/info/rfc8262. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents(http://trustee.ietf.org/license-info)(https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Identifying abody partBody Part . . . . . . . . . . . . . . . . . 2 1.2. Referencing abody partBody Part . . . . . . . . . . . . . . . . . 3 1.3. ProblemstatementStatement . . . . . . . . . . . . . . . . . . . . 3 1.4. Consequences . . . . . . . . . . . . . . . . . . . . . . 4 1.4.1. Example1 . . . . . .1: SIP INVITE . . . . . . . . . . . . . . . . 4 1.4.2. Example2 . . . . . .2: SIP REFER . . . . . . . . . . . . . . . . 5 1.5. Solution . . . . . . . . . . . . . . . . . . . . . . . . 6 1.6. BackwardcompatibilityCompatibility . . . . . . . . . . . . . . . . . 7 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 7 3. Content-IDheader fieldHeader Field . . . . . . . . . . . . . . . . . . . 7 3.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 7 3.2. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.3. Semantics . . . . . . . . . . . . . . . . . . . . . . . . 8 3.4. Procedures . . . . . . . . . . . . . . . . . . . . . . . 8 3.4.1. User Agent (UA)proceduresProcedures . . . . . . . . . . . . . 8 3.4.2. ProxyproceduresProcedures . . . . . . . . . . . . . . . . . . 9 3.4.3.ExampleExample: Referencing the Message-Body of a SIP Message . . . . . . . . . . . . . . . . . . . . . . . 9 4. Update to RFC 5368 . . . . . . . . . . . . . . . . . . . . . 10 5. Update to RFC 5621 . . . . . . . . . . . . . . . . . . . . .1011 6. Update to RFC 6442 . . . . . . . . . . . . . . . . . . . . . 11 7. SecurityconsiderationsConsiderations . . . . . . . . . . . . . . . . . . . 12 8. IANAconsiderationsConsiderations . . . . . . . . . . . . . . . . . . . . . 12 8.1. HeaderfieldField . . . . . . . . . . . . . . . . . . . . . .1312 9.Change log . . . . . . . . . . . . . . . . . . . . . . . . . 13 10.References . . . . . . . . . . . . . . . . . . . . . . . . .14 10.1.13 9.1. NormativereferencesReferences . . . . . . . . . . . . . . . . . .14 10.2.13 9.2. InformativereferencesReferences . . . . . . . . . . . . . . . . .1514 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . .1514 1. Introduction 1.1. Identifying abody partBody Part A SIP message consists of a start-line, one or more header fields, an empty line indicating the end of the header fields, and an optionalmessage-body,message-body as specified in [RFC3261]. The message-body can be a non-multipart message-body or a multipart message-body as specified in [RFC3261]. [RFC5621] defines generic handling of a multipart message-body in a SIP message. A multipart message-body contains zero,oneone, or several bodyparts,parts encoded using[RFC2045] format.the format define in [RFC2045]. A body part in the multipart message-body is described using header fields such as Content-Disposition, Content-Encoding, and Content- Type, which provide information on the content of the bodypart,part as specified in [RFC5621]. A body part in the multipart message-body can also contain a Content-ID header field with an ID value uniquely identifying the bodypart,part as specified in [RFC2045]. 1.2. Referencing abody partBody Part A SIP header field can reference a body part using a Content-IDURL,URL as specified in [RFC5621]. The Content-ID URL is specified in [RFC2392]. [RFC2392] specifies how to identify the body part referenced by a Content-ID URL. The Content-ID URL value is included in the Content-ID header field of the body part. Examples of SIP header fields referencing a body part using a Content-ID URL are: o [RFC6442] specifies how a Geolocation header field references a body part using a Content-IDURL,URL for providing location information. o [RFC5368] specifies how a Refer-To header field references a body part using a Content-IDURL,URL to provide a list of targets. 1.3. Problemstatement It is currently not specified howStatement How to uniquely identify a complete message-body of a SIP message using a Content-ID headerfield,field and how to reference a complete message-body using a Content-IDURL. NOTE:URL are not currently specified. Note: In [RFC5621], the Content-ID URL references a specific body part only. Some existing specifications, such as [RFC5368], contain examples that show usage of a SIP Content-ID header field referencing a complete message-body, even though such usage has never been specified. Many implementors have interpreted these examples to indicate that such usage is allowed by the corresponding specification, despite the absence of language allowing it. This document updates the normative language in the affected documents to explicitly allow such usage. 1.4. Consequences The examples belowshowsshow the consequences of the problem described above. 1.4.1. Example11: SIP INVITE If a User Agent Client (UAC) sends an INVITE requestconveyingthat conveys locationasby value (as specified in[RFC6442], if the UAC[RFC6442]) and decides not to includean SDPa Session Description Protocol (SDP) offer,and if the location is conveyed by value,then the UAC needs to include only one MIME entity in the INVITE request. This MIME entity can be, for example, of theapplication/pidf+xml'application/pidf+xml' MIME type. However, due to [RFC6442] requiring inclusion of a Geolocation header field referencing the body part with the location information, the UAC includes a multipart message-body with a single body part in the INVITE request, and includes the location information ofapplication/ pidf+xml'application/pidf+xml' MIME type and an associated Content-ID header field in the body part. Example message (SIP INVITE): INVITE sips:bob@biloxi.example.com SIP/2.0 Via: SIPS/2.0/TLS pc33.atlanta.example.com;branch=z9hG4bK74bf9 Max-Forwards: 70 To: Bob <sips:bob@biloxi.example.com> From: Alice <sips:alice@atlanta.example.com>;tag=9fxced76sl Call-ID: 3848276298220188511@atlanta.example.com Geolocation: <cid:target123@atlanta.example.com> Geolocation-Routing: no Accept: application/sdp, application/pidf+xml CSeq: 31862 INVITE Contact: <sips:alice@atlanta.example.com> Content-Type: multipart/mixed; boundary=boundary1 Content-Length: ... --boundary1 Content-Type: application/pidf+xml Content-ID: <target123@atlanta.example.com> <?xml version="1.0" encoding="UTF-8"?> <presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10" xmlns:gbp="urn:ietf:params:xml:ns:pidf:geopriv10:basicPolicy" xmlns:cl="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr" xmlns:gml="http://www.opengis.net/gml" xmlns:dm="urn:ietf:params:xml:ns:pidf:data-model" entity="pres:alice@atlanta.example.com" > <dm:device id="target123-1"> <gp:geopriv> <gp:location-info> <gml:location> <gml:Point srsName="urn:ogc:def:crs:EPSG::4326"> <gml:pos>32.86726 -97.16054</gml:pos> </gml:Point> </gml:location> </gp:location-info> <gp:usage-rules><gbp:retransmission-allowed>false<gbp:retransmission-allowed>no </gbp:retransmission-allowed> <gbp:retention-expiry>2010-11-14T20:00:00Z </gbp:retention-expiry> </gp:usage-rules> <gp:method>802.11</gp:method> </gp:geopriv> <dm:deviceID>mac:1234567890ab</dm:deviceID> <dm:timestamp>2010-11-04T20:57:29Z</dm:timestamp> </dm:device> </presence> --boundary1-- 1.4.2. Example22: SIP REFER If a UAC sendsana REFER request including a list of targets as specified in [RFC5368], then the UAC needs to include only one MIME entity in the REFER request. This MIME entity is of theapplication/ resource-lists+xml'application/resource-lists+xml' MIME type. However, due to [RFC5368] requiring inclusion of a Refer-To header field referencing the body part containing the list of targets, the UAC includes a multipart message-body with a single body part in the REFERrequest,request and includes the list of targets ofapplication/ resource-lists+xml'application/ resource-lists+xml' MIME type and an associated Content-ID header field in the body part. Example message (SIP REFER): REFER sip:conf-123@example.com;gruu;opaque=hha9s8d-999a SIP/2.0 Via: SIP/2.0/TCP client.chicago.example.com;branch=z9hG4bKhjhs8ass83 Max-Forwards: 70 To: "Conference 123" <sip:conf-123@example.com> From: Carol <sip:carol@chicago.example.com>;tag=32331 Call-ID: d432fa84b4c76e66710 CSeq: 2 REFER Contact: <sip:carol@client.chicago.example.com> Refer-To: <cid:cn35t8jf02@example.com> Refer-Sub: false Require: multiple-refer, norefersub Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Allow-Events: dialog Accept: application/sdp, message/sipfrag Content-Type: multipart/mixed; boundary=boundary1 Content-Length: ... --boundary1 Content-Type: application/resource-lists+xml Content-Disposition: recipient-list Content-ID: <cn35t8jf02@example.com> <?xml version="1.0" encoding="UTF-8"?> <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > <list> <entry uri="sip:bill@example.com?method=BYE"/> <entry uri="sip:joe@example.org?method=BYE"/> <entry uri="sip:ted@example.net?method=BYE"/> </list> </resource-lists> --boundary1-- 1.5. Solution In order to solve the problems described above, this document: o Specifies and registers the Content-ID header field as a SIP headerfield; andfield. o Specifies that, when used as a SIP header field, the Content-ID header field identifies the completemessage-body,message-body and the metadata provided by some additional SIP headerfields,fields of the SIPmessage; andmessage. o Updates[RFC5621],[RFC5621] to enable a Content-ID URL to reference a complete message-body and the metadata provided by some additional SIP header fields. o Updates [RFC5368] and [RFC6442] by addingexplicittextsayingthat explicitly states that a SIP Content-ID header field can be used. 1.6. BackwardcompatibilityCompatibility If an existing specification only defines the usage of a multipart message-bodyfor carryingto carry a single body part to be referenced by a Content-ID URL, implementations MUST NOT carry the MIME entity in a non-multipart message-body unless the specification is updated to explicitly allow it. 2. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in[RFC2119].BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Content-IDheader fieldHeader Field 3.1. Introduction This section defines the usage of the Content-ID header field for SIP. 3.2. Syntax The ABNF [RFC5234] for the Content-ID header field is: Content-ID = "Content-ID" HCOLON msg-id msg-id = "<" id-left "@" id-right ">"NOTE:Note: id-left and id-right are specified in [RFC5322]. HCOLON is defined in [RFC3261].NOTE:Note: When used in a SIP header field, the msg-id syntax has been simplified, compared to the syntax in [RFC5322], to disallow the use of comments and to adopt to the SIP usage of leading white space. The value ofContent-Idthe Content-ID header field value must be unique in the context of a given SIP message, including any embedded MIMEContent-IdContent-ID header field values. Note that the SIP Content-ID header field value is not expected to be unique among all SIP messages; it has no meaning outside of the message in which it is included. 3.3. Semantics The Content-ID header field included in the header fields of a SIP message identifies the message-body of the SIPmessage,message and the metadata provided by: oaA MIME-Version header field, if included in the header fields of the SIPmessage; andmessage. oanyAny 'Content-' prefixed header fields (including the Content-ID header field itself) included in the header fields of the SIP message. The Content-ID header field can be included in any SIP messagewhichthat is allowed to contain a message-body.NOTE:Note: The message-body identified by the Content-ID header field can be a non-multipart message-body or a multipart message-body. 3.4. Procedures 3.4.1. User Agent (UA)proceduresProcedures A UA MAY include a Content-ID header field in any SIP message that is allowed to contain a message-body. A UA MUST NOT include a Content-ID header field in any SIP message that is not allowed to contain a message-body.TheA UA MUST set the value of the Content-ID header field to a value that is unique in the context of the SIP message. 3.4.2. ProxyproceduresProcedures A proxy MUST NOT add a Content-ID header field in a SIP message. A proxy MUST NOT modify a Content-ID header field included in a SIP message. A proxy MUST NOT delete a Content-ID header field from a SIP message. 3.4.3.ExampleExample: Referencing the Message-Body of a SIP Message The figure shows an example from [RFC5368], where the SIP Content-ID header field is used to reference the message-body (non-multipart) of a SIP message. REFER sip:conf-123@example.com;gruu;opaque=hha9s8d-999a SIP/2.0 Via: SIP/2.0/TCP client.chicago.example.com ;branch=z9hG4bKhjhs8ass83 Max-Forwards: 70 To: "Conference 123" <sip:conf-123@example.com> From: Carol <sip:carol@chicago.example.com>;tag=32331 Call-ID: d432fa84b4c76e66710 CSeq: 2 REFER Contact: <sip:carol@client.chicago.example.com> Refer-To: <cid:cn35t8jf02@example.com> Refer-Sub: false Require: multiple-refer, norefersub Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Allow-Events: dialog Accept: application/sdp, message/sipfrag Content-Type: application/resource-lists+xml Content-Disposition: recipient-list Content-Length: 362 Content-ID: <cn35t8jf02@example.com> <?xml version="1.0" encoding="UTF-8"?> <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <list> <entry uri="sip:bill@example.com?method=BYE" /> <entry uri="sip:joe@example.org?method=BYE" /> <entry uri="sip:ted@example.net?method=BYE" /> </list> </resource-lists> 4. Update to RFC 5368 This section updates the second paragraph insectionSection 7 of[RFC5368],[RFC5368] by allowing usage of either a MIME Content-ID header field or a SIP Content-ID header field to label the body part or the message-body carrying the URI list. OLD TEXT: The Refer-To header field of a REFER request with multiple REFER- Targets MUST contain a pointer (i.e., a Content-ID Uniform Resource Locator (URL) as per RFC 2392 [RFC2392]) that points to the body part that carries the URI list. The REFER-Issuer SHOULD NOT include any particular URI more than once in the URI list. NEW TEXT: The Refer-To header field of a REFER request with multiple REFER- Targets MUST contain a pointer (i.e., a Content-ID Uniform Resource Locator (URL) as per RFC 2392 [RFC2392]) that points to the body part or message-body that carries the URI list. The REFER-Issuer SHOULD NOT include any particular URI more than once in the URI list. The REFER request can use either a MIMEContent-IDContent- ID header field [RFC4483] or a SIP Content-ID header field[RFCXXXX][RFC8262] to label the body part or the message-body. 5. Update to RFC 5621 This section updatessectionSection 9.1 of[RFC5621],[RFC5621] by allowing a Content- ID URL to reference a message-body and the related metadata (Section3.3),3.3) in addition to allowing a reference to a body part. OLD TEXT: Content-ID URLs allow creating references to body parts. A given Content-ID URL [RFC2392], which can appear in a header field or within a body part (e.g., in an SDP attribute), points to a particular body part. NEW TEXT: Content-ID URLs allow the creation of references to body parts or message-bodies (and the header fields describing themessage-bodies).message- bodies). A given Content-ID URL [RFC2392], which can appear in a header field or within a body part (e.g., in an SDP attribute), points to a particular body part or the message-body (and the header fields describing the message-body). 6. Update to RFC 6442 This section updates the second paragraph insectionSection 3.1 of[RFC6442],[RFC6442] by allowing usage of either a MIME Content-ID header field or a SIP Content-ID header field to label the body part or the message-body carrying the location data. OLD TEXT: In Figure 1, Alice is both the Target and the LS that is conveying her location directly to Bob, who acts as an LR. This conveyance is point-to-point: it does not pass through any SIP-layer intermediary. A Location Object appears by-value in the initial SIP request as a MIME body, and Bob responds to that SIP request as appropriate. There is a 'Bad Location Information' response code introduced within this document to specifically inform Alice if she conveys bad location information to Bob (e.g., Bob "cannot parse the location provided", or "there is not enough location information to determine where Alice is"). NEW TEXT: In Figure 1, Alice is both the Target and the LS that is conveying her location directly to Bob, who acts as an LR. This conveyance is point-to-point: it does not pass through any SIP-layer intermediary. A Location Object appears by-value in the initial SIP request as a MIME body, and Bob responds to that SIP request as appropriate. Either a MIME Content-ID header field [RFC4483] or the SIP Content-ID header field[RFCXXXX][RFC8262] MUST be used to label the location information. There is a 'Bad Location Information' response code introduced within this document to specifically inform Alice if she conveys bad location information to Bob (e.g., Bob "cannot parse the location provided", or "there is not enough location information to determine where Alice is"). 7. SecurityconsiderationsConsiderations The Content-ID header field value MUST NOT reveal sensitive user information. If the message-body associated with the Content-ID header field is an encrypted body, it MUST NOT be possible to derive a key that can be used to decrypt the body from the Content-ID header field value. 8. IANAconsiderationsConsiderations This specification registers a new SIP header field according to the procedures defined in [RFC3261]. 8.1. HeaderfieldField The header field described in Section 3 has been registered in the "Header Fields" sub-registry of the "Session Initiation Protocol (SIP) Parameters" registry by adding a row with these values:[RFC EDITOR NOTE: Please replace XXXX with the RFC number of this document when publishing]Header Name: Content-ID compact: Reference:RFCXXXX 10.RFC 8262 9. References10.1.9.1. NormativereferencesReferences [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, <https://www.rfc-editor.org/info/rfc2045>. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997,<https://www.rfc- editor.org/info/rfc2119>.<https://www.rfc-editor.org/info/rfc2119>. [RFC2392] Levinson, E., "Content-ID and Message-ID Uniform Resource Locators", RFC 2392, DOI 10.17487/RFC2392, August 1998, <https://www.rfc-editor.org/info/rfc2392>. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, DOI 10.17487/RFC3261, June 2002, <https://www.rfc-editor.org/info/rfc3261>. [RFC4483] Burger, E., Ed., "A Mechanism for Content Indirection in Session Initiation Protocol (SIP) Messages", RFC 4483, DOI 10.17487/RFC4483, May 2006, <https://www.rfc-editor.org/info/rfc4483>. [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, DOI 10.17487/RFC5234, January 2008,<https://www.rfc- editor.org/info/rfc5234>.<https://www.rfc-editor.org/info/rfc5234>. [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, DOI 10.17487/RFC5322, October 2008,<https://www.rfc- editor.org/info/rfc5322>. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, DOI 10.17487/RFC3261, June 2002, <https://www.rfc- editor.org/info/rfc3261>.<https://www.rfc-editor.org/info/rfc5322>. [RFC5621] Camarillo, G., "Message Body Handling in the Session Initiation Protocol (SIP)", RFC 5621, DOI 10.17487/RFC5621, September 2009,<https://www.rfc- editor.org/info/rfc5621>. 10.2.<https://www.rfc-editor.org/info/rfc5621>. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>. 9.2. InformativereferencesReferences [RFC5368] Camarillo, G., Niemi, A., Isomaki, M., Garcia-Martin, M., and H. Khartabil, "Referring to Multiple Resources in the Session Initiation Protocol (SIP)", RFC 5368, DOI 10.17487/RFC5368, October 2008,<https://www.rfc- editor.org/info/rfc5368>.<https://www.rfc-editor.org/info/rfc5368>. [RFC6442] Polk, J., Rosen, B., and J. Peterson, "Location Conveyance for the Session Initiation Protocol", RFC 6442, DOI 10.17487/RFC6442, December 2011,<https://www.rfc- editor.org/info/rfc6442>.<https://www.rfc-editor.org/info/rfc6442>. Authors' Addresses Christer Holmberg Ericsson Hirsalantie 11 Jorvas 02420 Finland Email: christer.holmberg@ericsson.com Ivo Sedlacek Ericsson Sokolovska 79 Praha 18600 Czech Republic Email: ivo.sedlacek@ericsson.com