Rfc3261

2,224 views

Published on

Published in: Design, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,224
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
43
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Rfc3261

  1. 1. SIP: Session Initiation Protocol June 2002 RFC: 3261 Network Dictionary http://www.javvin.com/networkdiction- ary.html Network Protocols MapNetwork Working Group J. Rosenberg http://www.javvin.com/map.htmlRequest for Comments: 326 dynamicsoft Network Security MapObsoletes: 2543 H. Schulzrinne http://www.javvin.com/securitymap.Category: Standards Track Columbia U. html G. Camarillo Wireless Communications Ericsson Technology Map A. Johnston http://www.javvin.com/wirelessmap. html WorldCom Network Protocols Hand- J. Peterson book Neustar http://www.javvin.com/model.html R. Sparks TCP/IP Quick Guide dynamicsoft http://www.javvin.com/tcpipguide.html M. Handley ICIR Ethernet Quick Guide E. Schooler http://www.javvin.com/ethernetguide. ATT html June 2002 Packet Analyzer http://www.javvin.com/packet.html DiskShare http://www.javvin.com/diskshare.html SIP: Session Initiation Protocol DiskAccess http://www.javvin.com/diskaccess.html LANsurveyor http://www.javvin.com/LANsurveyor. html CyberGauge http://www.javvin.com/CyberGauge. html Easy Network Service Monitor http://www.javvin.com/easy.html Business Card Scanner http://www.javvin.com/businesscard- scanner.html Color Cards and Picture Scanner http://www.javvin.com/colorcardscan- ner.html Portable Document Scan- ner http://www.javvin.com/portablescan- ner.html www.javvin.com www.networkdictionary. com [ Page ]
  2. 2. SIP: Session Initiation Protocol June 2002Status of this Memo Network Dictionary http://www.javvin.com/networkdiction-This document specifies an Internet standards track protocol for the Internet community, and requests ary.htmldiscussion and suggestions for improvements. Please refer to the current edition of the Internet OfficialProtocol Standards (STD ) for the standardization state and status of this protocol. Distribution of this Network Protocols Mapmemo is unlimited. http://www.javvin.com/map.html Network Security MapCopyright Notice http://www.javvin.com/securitymap. htmlCopyright (C) The Internet Society (2002). All Rights Reserved. Wireless Communications Technology MapAbstract http://www.javvin.com/wirelessmap. htmlThis document describes Session Initiation Protocol (SIP), an application-layer control (signaling) protocol Network Protocols Hand-for creating, modifying, and terminating sessions with one or more participants. These sessions include bookInternet telephone calls, multimedia distribution, and multimedia conferences. http://www.javvin.com/model.htmlSIP invitations used to create sessions carry session descriptions that allow participants to agree on a set of TCP/IP Quick Guidecompatible media types. SIP makes use of elements called proxy servers to help route requests to the users http://www.javvin.com/tcpipguide.htmlcurrent location, authenticate and authorize users for services, implement provider call-routing policies,and provide features to users. SIP also provides a registration function that allows users to upload their cur-rent locations for use by proxy servers. SIP runs on top of several different transport protocols. Ethernet Quick Guide http://www.javvin.com/ethernetguide. html Packet Analyzer http://www.javvin.com/packet.html DiskShare http://www.javvin.com/diskshare.html DiskAccess http://www.javvin.com/diskaccess.html LANsurveyor http://www.javvin.com/LANsurveyor. html CyberGauge http://www.javvin.com/CyberGauge. html Easy Network Service Monitor http://www.javvin.com/easy.html Business Card Scanner http://www.javvin.com/businesscard- scanner.html Color Cards and Picture Scanner http://www.javvin.com/colorcardscan- ner.html Portable Document Scan- ner http://www.javvin.com/portablescan- ner.html www.javvin.com www.networkdictionary. com [ Page 2 ]
  3. 3. SIP: Session Initiation Protocol June 2002Table of Contents Network Dictionary http://www.javvin.com/networkdiction- ary.html Introduction ..................................................................................................0 Network Protocols Map http://www.javvin.com/map.html2 Overview of SIP Functionality ....................................................................0 Network Security Map3 Terminology ................................................................................................. http://www.javvin.com/securitymap. html4 Overview of Operation ................................................................................ Wireless Communications Technology Map5 Structure of the Protocol ..............................................................................5 http://www.javvin.com/wirelessmap. html6 Definitions ....................................................................................................6 Network Protocols Hand- book http://www.javvin.com/model.html7 SIP Messages ...............................................................................................9 7. Requests ...............................................................................................20 TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html 7.2 Responses .............................................................................................20 7.3 Header Fields .......................................................................................2 7.3. Header Field Format .........................................................................2 Ethernet Quick Guide http://www.javvin.com/ethernetguide. 7.3.2 Header Field Classification ...............................................................23 html 7.3.3 Compact Form ...................................................................................23 7.4 Bodies ...................................................................................................23 Packet Analyzer http://www.javvin.com/packet.html 7.4. Message Body Type ..........................................................................23 7.4.2 Message Body Length .......................................................................23 DiskShare 7.5 Framing SIP Messages .........................................................................23 http://www.javvin.com/diskshare.html8 General User Agent Behavior ......................................................................24 DiskAccess http://www.javvin.com/diskaccess.html 8. UAC Behavior ......................................................................................24 8.. Generating the Request .....................................................................24 LANsurveyor 8... Request-URI ...................................................................................24 http://www.javvin.com/LANsurveyor. 8...2 To ....................................................................................................24 html 8...3 From ...............................................................................................25 CyberGauge 8...4 Call-ID ............................................................................................25 http://www.javvin.com/CyberGauge. 8...5 CSeq ...............................................................................................26 html 8...6 Max-Forwards ................................................................................26 Easy Network Service 8...7 Via ..................................................................................................26 Monitor 8...8 Contact ...........................................................................................27 http://www.javvin.com/easy.html 8...9 Supported and Require ...................................................................27 Business Card Scanner 8...0 Additional Message Components .................................................27 http://www.javvin.com/businesscard- 8..2 Sending the Request ..........................................................................27 scanner.html 8..3 Processing Responses ........................................................................28 Color Cards and Picture 8..3. Transaction Layer Errors ................................................................28 Scanner http://www.javvin.com/colorcardscan- 8..3.2 Unrecognized Responses ...............................................................28 ner.html 8..3.3 Vias .................................................................................................28 Portable Document Scan- 8..3.4 Processing 3xx Responses ..............................................................28 ner 8..3.5 Processing 4xx Responses ..............................................................29 http://www.javvin.com/portablescan- 8.2 UAS Behavior ......................................................................................30 ner.html 8.2. Method Inspection .............................................................................30 www.javvin.com 8.2.2 Header Inspection ..............................................................................30 8.2.2. To and Request-URI .......................................................................30 www.networkdictionary. com [ Page 3 ]
  4. 4. SIP: Session Initiation Protocol June 2002 8.2.2.2 Merged Requests ............................................................................3 Network Dictionary 8.2.2.3 Require ...........................................................................................3 http://www.javvin.com/networkdiction- ary.html 8.2.3 Content Processing ............................................................................3 8.2.4 Applying Extensions .........................................................................32 Network Protocols Map 8.2.5 Processing the Request ......................................................................32 http://www.javvin.com/map.html 8.2.6 Generating the Response ...................................................................32 Network Security Map 8.2.6. Sending a Provisional Response ....................................................32 http://www.javvin.com/securitymap. 8.2.6.2 Headers and Tags ...........................................................................32 html 8.2.7 Stateless UAS Behavior ....................................................................32 Wireless Communications 8.3 Redirect Servers ...................................................................................33 Technology Map http://www.javvin.com/wirelessmap. html9 Canceling a Request .....................................................................................34 9. Client Behavior ....................................................................................34 Network Protocols Hand- 9.2 Server Behavior ....................................................................................35 book http://www.javvin.com/model.html0 Registrations ..............................................................................................35 TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html 0. Overview ............................................................................................35 0.2 Constructing the REGISTER Request ...............................................36 0.2. Adding Bindings ..............................................................................37 Ethernet Quick Guide http://www.javvin.com/ethernetguide. 0.2.. Setting the Expiration Interval of Contact Addresses ..................38 html 0.2..2 Preferences among Contact Addresses .........................................38 0.2.2 Removing Bindings .........................................................................38 Packet Analyzer http://www.javvin.com/packet.html 0.2.3 Fetching Bindings ...........................................................................38 0.2.4 Refreshing Bindings ........................................................................38 DiskShare 0.2.5 Setting the Internal Clock ................................................................39 http://www.javvin.com/diskshare.html 0.2.6 Discovering a Registrar ...................................................................39 0.2.7 Transmitting a Request ....................................................................39 DiskAccess http://www.javvin.com/diskaccess.html 0.2.8 Error Responses ..............................................................................39 0.3 Processing REGISTER Requests .......................................................39 LANsurveyor http://www.javvin.com/LANsurveyor. Querying for Capabilities ...........................................................................4 html . Construction of OPTIONS Request ...................................................4 CyberGauge .2 Processing of OPTIONS Request ......................................................42 http://www.javvin.com/CyberGauge. html2 Dialogs .......................................................................................................42 Easy Network Service 2. Creation of a Dialog ...........................................................................43 Monitor 2.. UAS behavior ..................................................................................43 http://www.javvin.com/easy.html 2..2 UAC Behavior .................................................................................44 Business Card Scanner 2.2 Requests within a Dialog ...................................................................44 http://www.javvin.com/businesscard- 2.2. UAC Behavior .................................................................................44 scanner.html 2.2.. Generating the Request ................................................................44 Color Cards and Picture 2.2..2 Processing the Responses .............................................................46 Scanner http://www.javvin.com/colorcardscan- 2.2.2 UAS Behavior .................................................................................46 ner.html 2.3 Termination of a Dialog .....................................................................47 Portable Document Scan- ner3 Initiating a Session .....................................................................................47 http://www.javvin.com/portablescan- 3. Overview ............................................................................................47 ner.html 3.2 UAC Processing .................................................................................47 www.javvin.com 3.2. Creating the Initial INVITE ............................................................47 3.2.2 Processing INVITE Responses .......................................................49 www.networkdictionary. com [ Page 4 ]
  5. 5. SIP: Session Initiation Protocol June 2002 3.2.2. xx Responses ..............................................................................49 Network Dictionary 3.2.2.2 3xx Responses ..............................................................................49 http://www.javvin.com/networkdiction- ary.html 13.2.2.3 4xx, 5xx and 6xx Responses ........................................................49 3.2.2.4 2xx Responses ..............................................................................49 Network Protocols Map 3.3 UAS Processing .................................................................................50 http://www.javvin.com/map.html 3.3. Processing of the INVITE ...............................................................50 Network Security Map 3.3.. Progress ........................................................................................50 http://www.javvin.com/securitymap. 3.3..2 The INVITE is Redirected ...........................................................5 html 3.3..3 The INVITE is Rejected ...............................................................5 Wireless Communications 3.3..4 The INVITE is Accepted ..............................................................5 Technology Map http://www.javvin.com/wirelessmap. html4 Modifying an Existing Session ..................................................................5 4. UAC Behavior ....................................................................................52 Network Protocols Hand- 4.2 UAS Behavior ....................................................................................53 book http://www.javvin.com/model.html5 Terminating a Session ................................................................................53 TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html 5. Terminating a Session with a BYE Request .......................................54 5.. UAC Behavior .................................................................................54 5..2 UAS Behavior .................................................................................54 Ethernet Quick Guide http://www.javvin.com/ethernetguide. html6 Proxy Behavior ..........................................................................................54 6. Overview ............................................................................................54 Packet Analyzer http://www.javvin.com/packet.html 6.2 Stateful Proxy .....................................................................................55 6.3 Request Validation .............................................................................56 DiskShare 6.4 Route Information Preprocessing .......................................................57 http://www.javvin.com/diskshare.html 6.5 Determining Request Targets .............................................................58 6.6 Request Forwarding ...........................................................................59 DiskAccess http://www.javvin.com/diskaccess.html 6.7 Response Processing ..........................................................................63 6.8 Processing Timer C ............................................................................67 LANsurveyor 6.9 Handling Transport Errors ..................................................................67 http://www.javvin.com/LANsurveyor. 6.0 CANCEL Processing ........................................................................67 html 6. Stateless Proxy .................................................................................67 CyberGauge 6.2 Summary of Proxy Route Processing ..............................................68 http://www.javvin.com/CyberGauge. 6.2. Examples .......................................................................................69 html 6.2.. Basic SIP Trapezoid ...................................................................69 Easy Network Service 6.2..2 Traversing a Strict-Routing Proxy ..............................................70 Monitor 6.2..3 Rewriting Record-Route Header Field Values ............................7 http://www.javvin.com/easy.html Business Card Scanner7 Transactions ...............................................................................................7 http://www.javvin.com/businesscard- 7. Client Transaction ..............................................................................72 scanner.html 7.. INVITE Client Transaction .............................................................72 Color Cards and Picture 7... Overview of INVITE Transaction ................................................73 Scanner http://www.javvin.com/colorcardscan- 7...2 Formal Description .......................................................................73 ner.html 7...3 Construction of the ACK Request ................................................74 Portable Document Scan- 7..2 Non-INVITE Client Transaction .....................................................75 ner 7..2. Overview of the non-INVITE Transaction ..................................75 http://www.javvin.com/portablescan- 7..2.2 Formal Description .......................................................................75 ner.html 7..3 Matching Responses to Client Transactions ...................................76 www.javvin.com 7..4 Handling Transport Errors................................................................76 7.2 Server Transaction ..............................................................................77 www.networkdictionary. com [ Page 5 ]
  6. 6. SIP: Session Initiation Protocol June 2002 7.2. INVITE Server Transaction ............................................................77 Network Dictionary 7.2.2 Non-INVITE Server Transaction ....................................................79 http://www.javvin.com/networkdiction- ary.html 7.2.3 Matching Requests to Server Transactions .....................................80 7.2.4 Handling Transport Errors ...............................................................8 Network Protocols Map http://www.javvin.com/map.html8 Transport ....................................................................................................8 8. Clients ................................................................................................82 Network Security Map http://www.javvin.com/securitymap. 8.. Sending Requests ............................................................................82 html 8..2 Receiving Responses .......................................................................83 Wireless Communications 8.2 Servers ................................................................................................83 Technology Map 8.2. Receiving Requests .........................................................................83 http://www.javvin.com/wirelessmap. html 8.2.2 Sending Responses ..........................................................................84 8.3 Framing ..............................................................................................84 Network Protocols Hand- 8.4 Error Handling ...................................................................................84 book http://www.javvin.com/model.html9 Common Message Components ................................................................85 TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html 9. SIP and SIPS Uniform Resource Indicators .......................................85 9.. SIP and SIPS URI Components ......................................................85 9..2 Character Escaping Requirements ..................................................87 Ethernet Quick Guide http://www.javvin.com/ethernetguide. 9..3 Example SIP and SIPS URIs ...........................................................88 html 9..4 URI Comparison .............................................................................88 9..5 Forming Requests from a URI ........................................................89 Packet Analyzer http://www.javvin.com/packet.html 9..6 Relating SIP URIs and tel URLs .....................................................90 9.2 Option Tags ........................................................................................9 DiskShare 9.3 Tags ....................................................................................................9 http://www.javvin.com/diskshare.html20 Header Fields .............................................................................................92 DiskAccess http://www.javvin.com/diskaccess.html 20. Accept .................................................................................................93 20.2 Accept-Encoding ................................................................................94 LANsurveyor 20.3 Accept-Language ................................................................................94 http://www.javvin.com/LANsurveyor. 20.4 Alert-Info ............................................................................................94 html 20.5 Allow ..................................................................................................95 CyberGauge 20.6 Authentication-Info ............................................................................95 http://www.javvin.com/CyberGauge. 20.7 Authorization ......................................................................................95 html 20.8 Call-ID ................................................................................................95 Easy Network Service 20.9 Call-Info .............................................................................................96 Monitor 20.0 Contact .............................................................................................96 http://www.javvin.com/easy.html 20. Content-Disposition .........................................................................97 Business Card Scanner 20.2 Content-Encoding ............................................................................97 http://www.javvin.com/businesscard- 20.3 Content-Language ............................................................................97 scanner.html 20.4 Content-Length ................................................................................98 Color Cards and Picture 20.5 Content-Type ....................................................................................98 Scanner http://www.javvin.com/colorcardscan- 20.6 CSeq .................................................................................................98 ner.html 20.7 Date ..................................................................................................98 Portable Document Scan- 20.8 Error-Info .........................................................................................98 ner 20.9 Expires ..............................................................................................99 http://www.javvin.com/portablescan- 20.20 From .................................................................................................99 ner.html 20.2 In-Reply-To ......................................................................................99 www.javvin.com 20.22 Max-Forwards ................................................................................00 www.networkdictionary. 20.23 Min-Expires ....................................................................................00 com [ Page 6 ]
  7. 7. SIP: Session Initiation Protocol June 2002 20.24 MIME-Version ...............................................................................00 Network Dictionary 20.25 Organization ...................................................................................00 http://www.javvin.com/networkdiction- ary.html 20.26 Priority ............................................................................................00 20.27 Proxy-Authenticate ........................................................................0 Network Protocols Map 20.28 Proxy-Authorization .......................................................................0 http://www.javvin.com/map.html 20.29 Proxy-Require ................................................................................0 Network Security Map 20.30 Record-Route .................................................................................0 http://www.javvin.com/securitymap. 20.3 Reply-To .........................................................................................0 html 20.32 Require ...........................................................................................02 Wireless Communications 20.33 Retry-After .....................................................................................02 Technology Map 20.34 Route ..............................................................................................02 http://www.javvin.com/wirelessmap. html 20.35 Server .............................................................................................02 Network Protocols Hand- 20.36 Subject ............................................................................................03 book 20.37 Supported .......................................................................................03 http://www.javvin.com/model.html 20.38 Timestamp ......................................................................................03 TCP/IP Quick Guide 20.39 To ....................................................................................................03 http://www.javvin.com/tcpipguide.html 20.40 Unsupported ...................................................................................03 20.4 User-Agent .....................................................................................04 Ethernet Quick Guide 20.42 Via ..................................................................................................04 http://www.javvin.com/ethernetguide. 20.43 Warning ..........................................................................................04 html 20.44 WWW-Authenticate .......................................................................05 Packet Analyzer http://www.javvin.com/packet.html2 Response Codes .......................................................................................06 2. Provisional xx .................................................................................06 DiskShare 2.. 00 Trying .....................................................................................06 http://www.javvin.com/diskshare.html 2..2 80 Ringing ...................................................................................06 2..3 8 Call Is Being Forwarded ........................................................06 DiskAccess http://www.javvin.com/diskaccess.html 2..4 82 Queued ...................................................................................06 2..5 83 Session Progress .....................................................................06 LANsurveyor 2.2 Successful 2xx ..................................................................................06 http://www.javvin.com/LANsurveyor. html 2.2. 200 OK ..........................................................................................06 2.3 Redirection 3xx ................................................................................06 CyberGauge 2.3. 300 Multiple Choices ....................................................................06 http://www.javvin.com/CyberGauge. html 2.3.2 30 Moved Permanently ...............................................................07 2.3.3 302 Moved Temporarily ................................................................07 Easy Network Service 2.3.4 305 Use Proxy ...............................................................................07 Monitor 2.3.5 380 Alternative Service .................................................................07 http://www.javvin.com/easy.html 2.4 Request Failure 4xx ..........................................................................07 Business Card Scanner 2.4. 400 Bad Request ...........................................................................07 http://www.javvin.com/businesscard- scanner.html 2.4.2 40 Unauthorized ..........................................................................08 2.4.3 402 Payment Required ..................................................................08 Color Cards and Picture 2.4.4 403 Forbidden ...............................................................................08 Scanner http://www.javvin.com/colorcardscan- 2.4.5 404 Not Found ...............................................................................08 ner.html 2.4.6 405 Method Not Allowed ..............................................................08 Portable Document Scan- 2.4.7 406 Not Acceptable .......................................................................08 ner 2.4.8 407 Proxy Authentication Required ..............................................08 http://www.javvin.com/portablescan- ner.html 2.4.9 408 Request Timeout .....................................................................08 2.4.0 40 Gone .....................................................................................08 www.javvin.com 2.4. 43 Request Entity Too Large .....................................................08 www.networkdictionary. 2.4.2 44 Request-URI Too Long ........................................................09 com [ Page 7 ]
  8. 8. SIP: Session Initiation Protocol June 2002 2.4.3 45 Unsupported Media Type .....................................................09 Network Dictionary 2.4.4 46 Unsupported URI Scheme ....................................................09 http://www.javvin.com/networkdiction- ary.html 2.4.5 420 Bad Extension ......................................................................09 2.4.6 42 Extension Required ..............................................................09 Network Protocols Map 2.4.7 423 Interval Too Brief .................................................................09 http://www.javvin.com/map.html 2.4.8 480 Temporarily Unavailable ......................................................09 Network Security Map 2.4.9 48 Call/Transaction Does Not Exist ..........................................09 http://www.javvin.com/securitymap. 2.4.20 482 Loop Detected ......................................................................09 html 2.4.2 483 Too Many Hops ....................................................................0 Wireless Communications 2.4.22 484 Address Incomplete ..............................................................0 Technology Map 2.4.23 485 Ambiguous ...........................................................................0 http://www.javvin.com/wirelessmap. html 2.4.24 486 Busy Here .............................................................................0 Network Protocols Hand- 2.4.25 487 Request Terminated ..............................................................0 book 2.4.26 488 Not Acceptable Here ............................................................0 http://www.javvin.com/model.html 2.4.27 49 Request Pending ...................................................................0 TCP/IP Quick Guide 2.4.28 493 Undecipherable .................................................................... http://www.javvin.com/tcpipguide.html 2.5 Server Failure 5xx ............................................................................ 2.5. 500 Server Internal Error .............................................................. Ethernet Quick Guide 2.5.2 50 Not Implemented .................................................................... http://www.javvin.com/ethernetguide. 2.5.3 502 Bad Gateway .......................................................................... html 2.5.4 503 Service Unavailable ............................................................... Packet Analyzer 2.5.5 504 Server Time-out ...................................................................... http://www.javvin.com/packet.html 2.5.6 505 Version Not Supported ........................................................... 2.5.7 53 Message Too Large ................................................................ DiskShare 2.6 Global Failures 6xx ..........................................................................2 http://www.javvin.com/diskshare.html 2.6. 600 Busy Everywhere ...................................................................2 DiskAccess 2.6.2 603 Decline ...................................................................................2 http://www.javvin.com/diskaccess.html 2.6.3 604 Does Not Exist Anywhere ......................................................2 2.6.4 606 Not Acceptable .......................................................................2 LANsurveyor http://www.javvin.com/LANsurveyor. html22 Usage of HTTP Authentication ................................................................2 22. Framework .......................................................................................2 CyberGauge 22.2 User-to-User Authentication ............................................................4 http://www.javvin.com/CyberGauge. html 22.3 Proxy-to-User Authentication ..........................................................4 22.4 The Digest Authentication Scheme ..................................................6 Easy Network Service Monitor23 S/MIME ...................................................................................................7 http://www.javvin.com/easy.html 23.1 S/MIME Certificates ........................................................................7 Business Card Scanner 23.2 S/MIME Key Exchange ...................................................................8 http://www.javvin.com/businesscard- 23.3 Securing MIME bodies ....................................................................9 scanner.html 23.4 SIP Header Privacy and Integrity using S/MIME: Tunneling SIP ...20 Color Cards and Picture 23.4.1 Integrity and Confidentiality Properties of SIP Headers ...............2 Scanner http://www.javvin.com/colorcardscan- 23.4.. Integrity ......................................................................................2 ner.html 23.4.1.2 Confidentiality ............................................................................2 Portable Document Scan- 23.4.2 Tunneling Integrity and Authentication ........................................2 ner 23.4.3 Tunneling Encryption ....................................................................23 http://www.javvin.com/portablescan- ner.html24 Examples ..................................................................................................24 www.javvin.com 24. Registration ......................................................................................24 www.networkdictionary. 24.2 Session Setup ...................................................................................25 com [ Page 8 ]
  9. 9. SIP: Session Initiation Protocol June 200225 Augmented BNF for the SIP Protocol ......................................................28 Network Dictionary 25. Basic Rules .......................................................................................28 http://www.javvin.com/networkdiction- ary.html26 Security Considerations: Threat Model and Security Usage Recommenda- Network Protocols Map http://www.javvin.com/map.htmltions ...............................................................................................................37 26. Attacks and Threat Models ...............................................................37 Network Security Map http://www.javvin.com/securitymap. 26.. Registration Hijacking ..................................................................38 html 26..2 Impersonating a Server .................................................................38 Wireless Communications 26..3 Tampering with Message Bodies ..................................................38 Technology Map 26..4 Tearing Down Sessions .................................................................39 http://www.javvin.com/wirelessmap. 26.1.5 Denial of Service and Amplification .............................................39 html 26.2 Security Mechanisms .......................................................................39 Network Protocols Hand- 26.2. Transport and Network Layer Security .........................................40 book http://www.javvin.com/model.html 26.2.2 SIPS URI Scheme .........................................................................4 26.2.3 HTTP Authentication ....................................................................4 TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html 26.2.4 S/MIME .........................................................................................4 26.3 Implementing Security Mechanisms ................................................4 26.3. Requirements for Implementers of SIP .........................................4 Ethernet Quick Guide http://www.javvin.com/ethernetguide. 26.3.2 Security Solutions .........................................................................42 html 26.3.2. Registration ................................................................................42 26.3.2.2 Interdomain Requests .................................................................43 Packet Analyzer http://www.javvin.com/packet.html 26.3.2.3 Peer-to-Peer Requests ................................................................44 26.3.2.4 DoS Protection ...........................................................................44 DiskShare 26.4 Limitations .......................................................................................45 http://www.javvin.com/diskshare.html 26.4. HTTP Digest .................................................................................45 26.4.2 S/MIME .........................................................................................45 DiskAccess http://www.javvin.com/diskaccess.html 26.4.3 TLS ................................................................................................46 26.4.4 SIPS URIs .....................................................................................46 LANsurveyor 26.5 Privacy ..............................................................................................47 http://www.javvin.com/LANsurveyor. html27 IANA Considerations ...............................................................................47 CyberGauge 27. Option Tags ......................................................................................47 http://www.javvin.com/CyberGauge. 27.2 Warn-Codes ......................................................................................48 html 27.3 Header Field Names .........................................................................48 Easy Network Service 27.4 Method and Response Codes ...........................................................48 Monitor 27.5 The message/sip MIME type. .......................................................49 http://www.javvin.com/easy.html 27.6 New Content-Disposition Parameter Registrations .........................49 Business Card Scanner http://www.javvin.com/businesscard-28 Changes From RFC 2543 .........................................................................49 scanner.html 28. Major Functional Changes ...............................................................49 Color Cards and Picture 28.2 Minor Functional Changes ...............................................................5 Scanner http://www.javvin.com/colorcardscan- ner.html29 Normative References ..............................................................................52 Portable Document Scan- ner30 Informative References ............................................................................53 http://www.javvin.com/portablescan- ner.htmlA Table of Timer Values.................................................................................54 www.javvin.comAcknowledgments .........................................................................................54 www.networkdictionary. com [ Page 9 ]
  10. 10. SIP: Session Initiation Protocol June 2002Authors Addresses .........................................................................................55 Network Dictionary http://www.javvin.com/networkdiction- ary.htmlFull Copyright Statement ..............................................................................56 Network Protocols MapAcknowledgement ........................................................................................56 http://www.javvin.com/map.html Network Security Map http://www.javvin.com/securitymap. html Wireless Communications Technology Map http://www.javvin.com/wirelessmap. html Network Protocols Hand- book http://www.javvin.com/model.html TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html Ethernet Quick Guide http://www.javvin.com/ethernetguide. html Packet Analyzer http://www.javvin.com/packet.html DiskShare http://www.javvin.com/diskshare.html DiskAccess http://www.javvin.com/diskaccess.html LANsurveyor http://www.javvin.com/LANsurveyor. html CyberGauge http://www.javvin.com/CyberGauge. html Easy Network Service Monitor http://www.javvin.com/easy.html Business Card Scanner http://www.javvin.com/businesscard- scanner.html Color Cards and Picture Scanner http://www.javvin.com/colorcardscan- ner.html Portable Document Scan- ner http://www.javvin.com/portablescan- ner.html www.javvin.com www.networkdictionary. com [ Page 0 ]
  11. 11. SIP: Session Initiation Protocol June 20021 Introduction Network Dictionary http://www.javvin.com/networkdiction-There are many applications of the Internet that require the creation and management of a session, where ary.htmla session is considered an exchange of data between an association of participants. The implementation ofthese applications is complicated by the practices of participants: users may move between endpoints, they Network Protocols Mapmay be addressable by multiple names, and they may communicate in several different media - sometimes http://www.javvin.com/map.htmlsimultaneously. Numerous protocols have been authored that carry various forms of real-time multimediasession data such as voice, video, or text messages. The Session Initiation Protocol (SIP) works in concert Network Security Mapwith these protocols by enabling Internet endpoints (called user agents) to discover one another and to http://www.javvin.com/securitymap.agree on a characterization of a session they would like to share. For locating prospective session partici- htmlpants, and for other functions, SIP enables the creation of an infrastructure of network hosts (called proxy Wireless Communicationsservers) to which user agents can send registrations, invitations to sessions, and other requests. SIP is anagile, general-purpose tool for creating, modifying, and terminating sessions that works independently of Technology Mapunderlying transport protocols and without dependency on the type of session that is being established. http://www.javvin.com/wirelessmap. html Network Protocols Hand-2 Overview of SIP Functionality book http://www.javvin.com/model.htmlSIP is an application-layer control protocol that can establish, modify, and terminate multimedia sessions(conferences) such as Internet telephony calls. SIP can also invite participants to already existing sessions, TCP/IP Quick Guidesuch as multicast conferences. Media can be added to (and removed from) an existing session. SIP transpar- http://www.javvin.com/tcpipguide.htmlently supports name mapping and redirection services, which supports personal mobility [27] - users canmaintain a single externally visible identifier regardless of their network location. Ethernet Quick GuideSIP supports five facets of establishing and terminating multimedia communications: http://www.javvin.com/ethernetguide. html User location: determination of the end system to be used for communication; Packet Analyzer User availability: determination of the willingness of the called party to engage in communications; http://www.javvin.com/packet.html User capabilities: determination of the media and media parameters to be used; DiskShare http://www.javvin.com/diskshare.html Session setup: ringing, establishment of session parameters at both called and calling party; Session management: including transfer and termination of sessions, modifying session parameters, DiskAccess and invoking services. http://www.javvin.com/diskaccess.htmlSIP is not a vertically integrated communications system. SIP is rather a component that can be used with LANsurveyorother IETF protocols to build a complete multimedia architecture. Typically, these architectures will in- http://www.javvin.com/LANsurveyor.clude protocols such as the Real-time Transport Protocol (RTP) (RFC 889 [28]) for transporting real-time htmldata and providing QoS feedback, the Real-Time streaming protocol (RTSP) (RFC 2326 [29]) for control-ling delivery of streaming media, the Media Gateway Control Protocol (MEGACO) (RFC 3015 [30]) for CyberGaugecontrolling gateways to the Public Switched Telephone Network (PSTN), and the Session Description http://www.javvin.com/CyberGauge.Protocol (SDP) (RFC 2327 [1]) for describing multimedia sessions. Therefore, SIP should be used in htmlconjunction with other protocols in order to provide complete services to the users. However, the basicfunctionality and operation of SIP does not depend on any of these protocols. Easy Network Service MonitorSIP does not provide services. Rather, SIP provides primitives that can be used to implement different http://www.javvin.com/easy.htmlservices. For example, SIP can locate a user and deliver an opaque object to his current location. If thisprimitive is used to deliver a session description written in SDP, for instance, the endpoints can agree on the Business Card Scannerparameters of a session. If the same primitive is used to deliver a photo of the caller as well as the session http://www.javvin.com/businesscard-description, a caller ID service can be easily implemented. As this example shows, a single primitive is scanner.htmltypically used to provide several different services. Color Cards and PictureSIP does not offer conference control services such as floor control or voting and does not prescribe how a Scannerconference is to be managed. SIP can be used to initiate a session that uses some other conference control http://www.javvin.com/colorcardscan-protocol. Since SIP messages and the sessions they establish can pass through entirely different networks, ner.htmlSIP cannot, and does not, provide any kind of network resource reservation capabilities. Portable Document Scan- nerThe nature of the services provided make security particularly important. To that end, SIP provides a http://www.javvin.com/portablescan-suite of security services, which include denial-of-service prevention, authentication (both user to user and ner.htmlproxy to user), integrity protection, and encryption and privacy services. www.javvin.comSIP works with both IPv4 and IPv6. www.networkdictionary. com [ Page ]
  12. 12. SIP: Session Initiation Protocol June 20023 Terminology Network Dictionary http://www.javvin.com/networkdiction-In this document, the key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, ary.htmlSHOULD, SHOULD NOT, RECOMMENDED, NOT RECOMMENDED, MAY, and OP-TIONAL are to be interpreted as described in BCP 14, RFC 2119 [2] and indicate requirement levels for Network Protocols Mapcompliant SIP implementations. http://www.javvin.com/map.html Network Security Map4 Overview of Operation http://www.javvin.com/securitymap. htmlThis section introduces the basic operations of SIP using simple examples. This section is tutorial in nature Wireless Communicationsand does not contain any normative statements. Technology MapThe first example shows the basic functions of SIP: location of an end point, signal of a desire to com- http://www.javvin.com/wirelessmap.municate, negotiation of session parameters to establish the session, and teardown of the session once htmlestablished. Network Protocols Hand- bookFigure 1 shows a typical example of a SIP message exchange between two users, Alice and Bob. (Each http://www.javvin.com/model.htmlmessage is labeled with the letter F and a number for reference by the text.) In this example, Alice uses aSIP application on her PC (referred to as a softphone) to call Bob on his SIP phone over the Internet. Also TCP/IP Quick Guideshown are two SIP proxy servers that act on behalf of Alice and Bob to facilitate the session establishment. http://www.javvin.com/tcpipguide.htmlThis typical arrangement is often referred to as the SIP trapezoid as shown by the geometric shape of thedotted lines in Figure . Ethernet Quick GuideAlice calls Bob using his SIP identity, a type of Uniform Resource Identifier (URI) called a SIP URI. http://www.javvin.com/ethernetguide.SIP URIs are defined in Section 19.1. It has a similar form to an email address, typically containing a htmlusername and a host name. In this case, it is sip:bob@biloxi.com, where biloxi.com is the domain of BobsSIP service provider. Alice has a SIP URI of sip:alice@atlanta.com. Alice might have typed in Bobs URI Packet Analyzeror perhaps clicked on a hyperlink or an entry in an address book. SIP also provides a secure URI, called a http://www.javvin.com/packet.htmlSIPS URI. An example would be sips:bob@biloxi.com. A call made to a SIPS URI guarantees that secure,encrypted transport (namely TLS) is used to carry all SIP messages from the caller to the domain of the DiskSharecallee. From there, the request is sent securely to the callee, but with security mechanisms that depend on http://www.javvin.com/diskshare.htmlthe policy of the domain of the callee.SIP is based on an HTTP-like request/response transaction model. Each transaction consists of a request DiskAccessthat invokes a particular method, or function, on the server and at least one response. In this example, the http://www.javvin.com/diskaccess.htmltransaction begins with Alices softphone sending an INVITE request addressed to Bobs SIP URI. INVITEis an example of a SIP method that specifies the action that the requestor (Alice) wants the server (Bob) LANsurveyorto take. The INVITE request contains a number of header fields. Header fields are named attributes that http://www.javvin.com/LANsurveyor.provide additional information about a message. The ones present in an INVITE include a unique identifier htmlfor the call, the destination address, Alices address, and information about the type of session that Alicewishes to establish with Bob. The INVITE (message F in Figure ) might look like this: CyberGauge http://www.javvin.com/CyberGauge. html Easy Network Service Monitor http://www.javvin.com/easy.html Business Card Scanner http://www.javvin.com/businesscard- scanner.html Color Cards and Picture Scanner http://www.javvin.com/colorcardscan- ner.html Portable Document Scan- ner http://www.javvin.com/portablescan- ner.html www.javvin.com www.networkdictionary. com [ Page 2 ]
  13. 13. SIP: Session Initiation Protocol June 2002 Network Dictionary http://www.javvin.com/networkdiction- ary.html Network Protocols Map http://www.javvin.com/map.html Network Security Map http://www.javvin.com/securitymap. html Wireless Communications Technology Map http://www.javvin.com/wirelessmap. html Network Protocols Hand- book http://www.javvin.com/model.html TCP/IP Quick Guide http://www.javvin.com/tcpipguide.html Figure : SIP session setup example with SIP trapezoid Ethernet Quick Guide http://www.javvin.com/ethernetguide. INVITE sip:bob@biloxi.com SIP/2.0 html Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bK776asdhds Max-Forwards: 70 Packet Analyzer To: Bob sip:bob@biloxi.com http://www.javvin.com/packet.html From: Alice sip:alice@atlanta.com;tag=1928301774 Call-ID: a84b4c76e66710@pc33.atlanta.com DiskShare CSeq: 3459 INVITE http://www.javvin.com/diskshare.html Contact: sip:alice@pc33.atlanta.com Content-Type: application/sdp DiskAccess Content-Length: 42 http://www.javvin.com/diskaccess.html (Alices SDP not shown) LANsurveyorThe first line of the text-encoded message contains the method name (INVITE). The lines that follow are a http://www.javvin.com/LANsurveyor.list of header fields. This example contains a minimum required set. The header fields are briefly described htmlbelow: CyberGaugeVia contains the address (pc33.atlanta.com) at which Alice is expecting to receive responses to this request. http://www.javvin.com/CyberGauge.It also contains a branch parameter that identifies this transaction. htmlTo contains a display name (Bob) and a SIP or SIPS URI (sip:bob@biloxi.com) towards which the request Easy Network Servicewas originally directed. Display names are described in RFC 2822 [3]. Monitor http://www.javvin.com/easy.htmlFrom also contains a display name (Alice) and a SIP or SIPS URI (sip:alice@atlanta.com) that indicate theoriginator of the request. This header field also has a tag parameter containing a random string (1928301774) Business Card Scannerthat was added to the URI by the softphone. It is used for identification purposes. http://www.javvin.com/businesscard- scanner.htmlCall-ID contains a globally unique identifier for this call, generated by the combination of a random string Color Cards and Pictureand the softphones host name or IP address. The combination of the To tag, From tag, and Call-ID com- Scannerpletely defines a peer-to-peer SIP relationship between Alice and Bob and is referred to as a dialog. http://www.javvin.com/colorcardscan- ner.htmlCSeq or Command Sequence contains an integer and a method name. The CSeq number is incremented foreach new request within a dialog and is a traditional sequence number. Portable Document Scan- nerContact contains a SIP or SIPS URI that represents a direct route to contact Alice, usually composed of a http://www.javvin.com/portablescan-username at a fully qualified domain name (FQDN). While an FQDN is preferred, many end systems do ner.htmlnot have registered domain names, so IP addresses are permitted. While the Via header field tells other www.javvin.comelements where to send the response, the Contact header field tells other elements where to send futurerequests. www.networkdictionary.Max-Forwards serves to limit the number of hops a request can make on the way to its destination. It con- com [ Page 3 ]

×