Cisco Systems, Inc.

170 West Tasman Dr. MS: SJC-21/2 San Jose CA 95134 USA +1 408 902 3341 fluffy@cisco.com

Transport SIPPING WG I-D Internet-Draft SIP Device Instance Identifier Communication systems often have situations in which the party at the far end of the call changes, making it necessary to have a way to notify the near end of the new identity at the far end. This draft discusses ways to update this "connected party" information in SIP.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119.

SIP initiates sessions but it also provides information on the identities of the parties at both ends of a session. This is necessary as users find it very desirable for knowing how to deal with the communications that SIP is initiating. As a call proceeds, these identities may change. This can happen for many reasons: calls are forwarded, calls are parked and picked up, calls are transferred, calls are queued to be picked up by a pool of agents, and so on. The use cases here are split into two categories: where the identity change happens in an early dialog or a connected call, or where the callee's or the caller's identity changes.

These cases do not involve early dialogs. Since the call has been established, the use cases are symmetrical. Either the UAS or UAC could need to be updated in any of these cases. The classic case is a call that is transferred. The UAS has originally answered the call with the identity Help Desk but wishes to change it, mid-call, to Alice.

In a typical example, phone A rings but user B remotely picks up the ringing phone from a different one. Call queuing in an ACD is another example. The call may initially by queued for the "Help Desk" but later moved to ring Bob's phone. It should be noted that the history requirements cover this case.

First, Alan dials Charlie on behalf of another user, Bob in this case. While Charlie's phone is ringing, Alan steps out of the call and lets Bob talk to Charlie.

All of these use cases seem to come up because there is a B2BUA involved. This B2BUA may be acting as a call control system or it may be a PSTN inter-working GW which is effectively a B2BUA with the PSTN connecting the two UAs that form the B2BUA. It's fine to have a B2BUA connected to a P2P system; however, the whole design of the B2BUA concept in SIP is to make B2BUA just look like a valid peer to the P2P system.

These solutions are derived by looking at what would happen doing approximately the same functionality in a P2P system and looking at the signalling the point of view of the UA that is receiving the updated identity.

When A is in a connected call with B and B wishes to update the identity that A sees to C, this is the same from A's point of view as B transferring the call to C. In this case the identity can be updated by sending a new INVITE to A with the From set to C and including a replaces header to indicate it replaces the original call.

This can be handled in the same way as the Connected UAC. A new invite with a replaces is sent.

Here the UAC wishes to change its identity and update it on all the UASs that it has forked to while it had an outstanding INVITE. The transfer issues draft clearly points out that the UAS is a moving target due to forking with the "Consultative Turned Blind" issues. Changing the identity of UAC complicates this even further because the routing of the invite may have been dependent on identity of the UAS. For example, calls from Private may go straight to voice mail while calls from Boss get forked to office phone and cell phone. It is highly likely that whatever solution is chosen to deal with the "Consultative Turned Blind" problem in can also be used to update identity in this scenario. The recommendation here is to hold off on defining something special for identity updates until the solution for the trasfer issues problem is resolved. In many cases, sending a new INVITE with replaces, waiting a little while, and then sending a CANCEL to the original INVITE can work and will cause the correct behavior.

User agents could send UPDATE requests that do not contain SDP, do change the To and From headers, but do not change the tags in the to or from header. Any UPDATES received by a RFC 2543 system would fail to match the transaction due to the changed to or from. This would not result in the call failing but would only result in the identity failing to be displayed correctly. As an alternative to changing the To and From headers, a new Name header could be created that represents the identity of the sender of the message. The biggest problem with these approaches is that they make it very hard to apply new policy to the call if the user's identity changes. Consider the example above. The identity of the caller determines where the call is forked; with this approach, the system would not change where the call was being forked if the identity of the caller changed.

PAI, described in RFC 3325, was designed to work in very limited trust domains. It is primarily useful when a UAC wishes its identity to be anonymous to the UAS but the intermediate trust domain needs to know the UAC's identity for legal call trace reasons. There are no legal call trace requirements of this type from the UAS to the UAC. If the UAS wishes to change its identity to Anonymous, there is no need to carry the real identity along. It is important to understand this: the requirement solved by PAI is asymmetrical and does not apply in the backwards direction. The requirements driving the work in this document are about informing the party at the far end of the call of a changed identity. PAI will never work for this. The fundamental requirement for PAI is that as the PAI crosses from one trust domain A to the next trust domain B, the next trust domain B must discard it unless unless it can independently verify it. This is so because if B passes it to any other element even inside its trust domain, those elements will assume the PAI is true although B does not know that this is true. The end user device that is capable of displaying the PAI information is never in the same trust domain as the network elements, so it must discard this information as it comes in. RFC 3325 specifically says "However, if a User Agent Server receives a message from a previous element that it does not trust, it MUST NOT use the P-Asserted-Identity header field in any way." A UAS that sits in the user's hand is not going to be trusted by the "network" trust domain. Trust domains are symmetrical - you cannot have a trust domain in which the phone trusts the network but the network does not trust the phone. To summarize, given two trust domains A and B, even if you passed the PAI around in responses in A, as soon as it got passed to B, it would be discarded or unusable. If it got passed in a response to a proxy in B, 3325 says that "the proxy MUST authenticate the originator of the message" which of course the proxy cannot do for a response, so it would have to drop the PAI. There is no use case in which the UA producing the PAI and the UA that could display a PAI to an end user are in the same trust domain. A new header, like Name, could be defined as described in but PAI is not useful for this.

Harvard University

1350 Mass. Ave. Cambridge MA 02138 - +1 617 495 3864 sob@harvard.edu

General keyword In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document: The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. Note that the force of these words is modified by the requirement level of the document in which they are used. AT&T Center for Internet Research at ISCI (ACIRI)

1947 Center St. Suite 600 Berkeley CA 94704-119 US mjh@aciri.org

Dept. of Computer Science, Columbia University

1214 Amsterdam Avenue New York NY 10027 US schulzrinne@cs.columbia.edu

California Institute of Technology

Computer Science Department 256-80 Pasadena CA 91125 US schooler@cs.caltech.edu

Lucent Technologies, Bell Laboratories

101 Crawfords Corner Road Rm. 4C-526 Holmdel NJ 07733 US jdrosen@bell-labs.com

The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants. These sessions include Internet multimedia conferences, Internet telephone calls and multimedia distribution. Members in a session can communicate via multicast or via a mesh of unicast relations, or a combination of these. SIP invitations used to create sessions carry session descriptions which allow participants to agree on a set of compatible media types. SIP supports user mobility by proxying and redirecting requests to the user's current location. Users can register their current location. SIP is not tied to any particular conference control protocol. SIP is designed to be independent of the lower-layer transport protocol and can be extended with additional capabilities.