[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 07 08 09 10 RFC 3856

Internet Engineering Task Force                                SIMPLE WG
Internet Draft                                          Rosenberg et al.
draft-ietf-simple-presence-01.txt                         Various Places
July 20, 2001
Expires: February 2002


                      SIP Extensions for Presence

STATUS OF THIS MEMO

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress".

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   To view the list Internet-Draft Shadow Directories, see
   http://www.ietf.org/shadow.html.


Abstract

   This document proposes an extension to SIP for subscriptions and
   notifications of user presence. User presence is defined as the
   willingness and ability of a user to communicate with other users on
   the network. Historically, presence has been limited to "on-line" and
   "off-line" indicators; the notion of presence here is broader.
   Subscriptions and notifications of user presence are supported by
   defining an event package within the general SIP event notification
   framework. This protocol is also compliant with the Common Presence
   and Instant Messaging (CPIM) framework.


1 Introduction

   Presence is (indirectly) defined in RFC2778 [1] as subscription to
   and notification of changes in the communications state of a user.



Rosenberg et al.                                              [Page 1]

Internet Draft                  presence                   July 20, 2001


   This communications state consists of the set of communications
   means, communications address, and status of that user. A presence
   protocol is a protocol for providing such a service over the Internet
   or any IP network.

   This document proposes an extension to the Session Initiation
   Protocol (SIP) [2] for presence. This extension is a concrete
   instantiation of the general event notification framework defined for
   SIP [3], and as such, makes use of the SUBSCRIBE and NOTIFY methods
   defined there. User presence is particularly well suited for SIP. SIP
   registrars and location services already hold user presence
   information; it is uploaded to these devices through REGISTER
   messages, and used to route calls to those users. Furthermore, SIP
   networks already route INVITE messages from any user on the network
   to the proxy that holds the registration state for a user. As this
   state is user presence, those SIP networks can also allow SUBSCRIBE
   requests to be routed to the same proxy. This means that SIP networks
   can be reused to establish global connectivity for presence
   subscriptions and notifications.

   This extension is based on the concept of a presence agent, which is
   a new logical entity that is capable of accepting subscriptions,
   storing subscription state, and generating notifications when there
   are changes in user presence. The entity is defined as a logical one,
   since it is generally co-resident with another entity, and can even
   move around during the lifetime of a subscription.

   This extension is also compliant with the Common Presence and Instant
   Messaging (CPIM) framework that has been defined in [4]. This allows
   SIP for presence to easily interwork with other presence systems
   compliant to CPIM.

2 Definitions

   This document uses the terms as defined in [1]. Additionally, the
   following terms are defined and/or additionally clarified:

        Presence User Agent (PUA): A Presence User Agent manipulates
             presence information for a presentity. In SIP terms, this
             means that a PUA generates REGISTER requests, conveying
             some kind of information about the presentity. Other means,
             both SIP and non-SIP, can be used for a PUA to manipulate
             presence information. We explicitly allow multiple PUAs per
             presentity. This means that a user can have many devices
             (such as a cell phone and PDA), each of which is
             independently generating a component of the overall
             presence information for a presentity. PUAs push data into
             the presence system, but are outside of it, in that they do



Rosenberg et al.                                              [Page 2]

Internet Draft                  presence                   July 20, 2001


             not receive SUBSCRIBE messages, or send NOTIFY.

        Presence Agent (PA): A presence agent is a SIP user agent which
             is capable of receiving SUBSCRIBE requests, responding to
             them, and generating notifications of changes in presence
             state. A presence agent must have complete knowledge of the
             presence state of a presentity. Typically, this is
             accomplished by co-locating the PA with the
             proxy/registrar, or the presence user agent of the
             presentity. A PA is always addressable with a SIP URL.

        Presence Server: A presence server is a physical entity that can
             act as either a presence agent or as a proxy server for
             SUBSCRIBE requests. When acting as a PA, it is aware of the
             presence information of the presentity through some
             protocol means. This protocol means can be SIP REGISTER
             requests, but other mechanisms are allowed. When acting as
             a proxy, the SUBSCRIBE requests are proxied to another
             entity that may act as a PA.

        Presence Client: A presence client is a presence agent that is
             colocated with a PUA. It is aware of the presence
             information of the presentity because it is co-located with
             the entity that manipulates this presence information.

3 Overview of Operation

   In this section, we present an overview of the operation of this
   extension.

   When an entity, the subscriber, wishes to learn about presence
   information from some user, it creates a SUBSCRIBE request. This
   request identifies the desired presentity in the request URI, using
   either a presence URL or a SIP URL. The subscription is carried along
   SIP proxies as any other INVITE would be. It eventually arrives at a
   presence server, which can either terminate the subscription (in
   which case it acts as the presence agent for the presentity), or
   proxy it on to a presence client. If the presence client handles the
   subscription, it is effectively acting as the presence agent for the
   presentity. The decision about whether to proxy or terminate the
   SUBSCRIBE is a local matter; however, we describe one way to effect
   such a configuration, using REGISTER.

   The presence agent (whether in the presence server or presence
   client) first authenticates the subscription, then authorizes it. The
   means for authorization are outside the scope of this protocol, and
   we expect that many mechanisms will be used. Once authorized, the
   presence agent sends a 202 Accepted response. It also sends an



Rosenberg et al.                                              [Page 3]

Internet Draft                  presence                   July 20, 2001


   immediate NOTIFY message containing the state of the presentity. As
   the state of the presentity changes, the PA generates NOTIFYs for all
   subscribers.

   The SUBSCRIBE message effectively establishes a session with the
   presence agent. As a result, the SUBSCRIBE can be record-routed, and
   rules for tag handling and Contact processing mirror those for
   INVITE. Similarly, the NOTIFY message is handled in much the same way
   a re-INVITE within a call leg is handled.

4 Naming

   A presentity is identified in the most general way through a presence
   URI [4], which is of the form pres:user@domain. These URIs are
   protocol independent. Through a variety of means, these URIs can be
   resolved to determine a specific protocol that can be used to access
   the presentity.


        OPEN ISSUE: Need to add IMPP DNS procedures once stable.

   Once such a resolution has taken place, the presentity can be
   addressed with a sip URL of nearly identical form:  sip:user@domain.
   The protocol independent form (the pres: URL) can be thought of as an
   abstract name, akin to a URN, which is used to identify elements in a
   presence system. These are resolved to concrete URLs that can be used
   to directly locate those entities on the network.

   When subscribing to a presentity, the subscription can be addressed
   using the protocol independent form or the sip URL form. In the SIP
   context, "addressed" refers to the request URI. It is RECOMMENDED
   that if the entity sending a SUBSCRIBE is capable of resolving the
   protocol independent form to the SIP form, this resolution is done
   before sending the request. However, if the entity is incapable of
   doing this translation, the protocol independent form is used in the
   request URI. Performing the translation as early as possible means
   that these requests can be routed by SIP proxies that are not aware
   of the presence namespace.

   The result of this naming scheme is that a SUBSCRIBE request is
   addressed to a user the exact same way an INVITE request would be
   addressed. This means that the SIP network will route these messages
   along the same path an INVITE would travel. One of these entities
   along the path may act as a PA for the subscription. Typically, this
   will either be the presence server (which is the proxy/registrar
   where that user is registered), or the presence client (which is one
   of the user agents associated with that presentity).




Rosenberg et al.                                              [Page 4]

Internet Draft                  presence                   July 20, 2001


   SUBSCRIBE messages also contain logical identifiers that define the
   originator and recipient of the subscription (the To and From header
   fields). Since these identifiers are logical ones, it is RECOMMENDED
   that these use the protocol independent format whenever possible.
   This also makes it easier to interwork with other systems which
   recognize these forms.

   The Contact, Record-Route and Route fields do not identify logical
   entities, but rather concrete ones used for SIP messaging. As such,
   they MUST use the SIP URL forms in both SUBSCRIBE and NOTIFY.

5 Presence Event Package

   The SIP event framework [3] defines an abstract SIP extension for
   subscribing to, and receiving notifications of, events. It leaves the
   definition of many additional aspects of these events to concrete
   extensions, also known as event packages. This extension qualifies as
   an event package. This section fills in the information required by
   [3].

5.1 Package Name

   The name of this package is "presence". This name MUST appear within
   the Event header in SUBSCRIBE request and NOTIFY request. This
   section also serves as the IANA registration for the event package
   "presence".


        TODO: Define IANA template in sub-notify and fill it in
        here.

   Example:



   Event: presence



5.2 SUBSCRIBE bodies

   The body of a SUBSCRIBE request MAY contain a body. The purpose of
   the body depends on its type. In general, subscriptions will normally
   not contain bodies. The request URI, which identifies the presentity,
   combined with the event package name, are sufficient for user
   presence.

   We anticipate that document formats could be defined to act as



Rosenberg et al.                                              [Page 5]

Internet Draft                  presence                   July 20, 2001


   filters for subscriptions. These filters would indicate certain user
   presence events that would generate notifies, or restrict the set of
   data returned in NOTIFY requests. For example, a presence filter
   might specify that the notifications should only be generated when
   the status of the users instant message inbox changes. It might also
   say that the content of these notifications should only contain the
   IM related information.

   When no body is present, this specifies to the presence agent that
   the default filter is to be used. The default filter meets the
   following definition:

        o All known presence tuples for the presentity are reported in
          each NOTIFY.

        o Each presence tuple contains the latest status and
          communications address.

        o Additional markup for each presence tuple that is small (less
          than 50 bytes) is included. Larger markup is only sent when
          explicitly requested by the subscriber through non-default
          filters.

5.3 Expiration

   User presence changes as a result of events that include:

        o Turning on and off of a cell phone

        o Modifying the registration from a softphone

        o Changing the status on an instant messaging tool

   These events are usually triggered by human intervention, and occur
   with a frequency on the order of minutes or hours. As such, it is
   subscriptions should have an expiration in the middle of this range,
   which is roughly one hour. Therefore, the default expiration time for
   subscriptions within this package is 3600 seconds. As per [3], the
   subscriber MAY include an alternate expiration time.

5.4 NOTIFY Bodies

   The body of the notification contains a presence document. This
   document describes the user presence of the presentity that was
   subscribed to. All subscribers MUST support the presence data format
   described in [fill in with IMPP document TBD], and MUST list its MIME
   type, [fill in with MIME type] in an Accept header present in the
   SUBSCRIBE request.



Rosenberg et al.                                              [Page 6]

Internet Draft                  presence                   July 20, 2001


   Other presence data formats might be defined in the future. In that
   case, the subscriptions MAY indicate support for other presence
   formats. However, they MUST always support and list [fill in with
   MIME type of IMPP presence document] as an allowed format.

   Of course, the notifications generated by the presence agent MUST be
   in one of the formats specified in the Accept header in the SUBSCRIBE
   request.

5.5 Processing Requirements at the PA

   User presence is highly sensitive information. Because the
   implications of divulging presence information can be severe, strong
   requirements are imposed on the PA regarding subscription processing,
   especially related to authentication and authorization.

   A presence agent MUST authenticate all subscription requests. This
   authentication can be done using any of the mechanisms defined for
   SIP, except that the SIP basic authentication mechanism MUST NOT be
   used. It is anticipated that authentication will often be established
   through transitive trust. Specifically, when user A generates a
   SUBSCRIBE for B@bar.com, his domain (say, foo.com) will use SIP proxy
   authentication mechanisms to identify him. The SUBSCRIBE is forwarded
   to the target domain over a secure connection, such as TLS. The
   nature of the trust relationship between bar.com and foo.com is that
   bar.com trusts that foo.com has authenticated all subscribes it
   receives over that secure connection. As such, the bar.com server
   need only verify that the SUBSCRIBE came over the secure connection.


        OPEN ISSUE: This approach is really about network
        authenticated identities. Sounds like the SIP privacy
        extensions might be useful here, especially if we want to
        support anonymous subscriptions. Should we explicitly
        mention that?

   It is RECOMMENDED that any subscriptions that are not authenticated
   do not cause state to be established in the PA. This can be
   accomplished by generating a 401 in response to the SUBSCRIBE, and
   then discarding all state for that transaction. Retransmissions of
   the SUBSCRIBE generate the same response, guaranteeing reliability
   even over UDP.

   Furthermore, a PA MUST NOT accept a subscription unless authorization
   has been provided by the presentity. The means by which authorization
   are provided are outside the scope of this document. Authorization
   may have been provided ahead of time through access lists, perhaps
   specified in a web page. Authorization may have been provided by



Rosenberg et al.                                              [Page 7]

Internet Draft                  presence                   July 20, 2001


   means of uploading of some kind of standardized access control list
   document. Back end authorization servers, such as a DIAMETER [5],
   RADIUS [6], or COPS [7], can also be used. It is also useful to be
   able to query the user for authorization following the receipt of a
   subscription request for which no authorization information was
   present. The "watcherinfo" event sub-package for SIP [8] defines a
   means by which a PUA can become aware that a user has attempted to
   subscribe to it, and no authorization exists.

   The result of the authorization decision by the server will be
   reject, accept, or pending. Pending occurs when the server cannot
   obtain authorization at this time, and may be able to do so at a
   later time, when the presentity becomes available.

   Unfortunately, if the server informs the subscriber that the
   subscription is pending, this will divulge information about the
   presentity - namely, that they have not granted authorization and are
   not available to give it at this time. Therefore, for any given
   presentity, a presence agent can either act in confirming or non-
   confirming mode. In confirming mode, a subscriber is notified about
   the status of their subscription. In non-confirming mode, the
   subscriber is not made aware of the status of their subscription. A
   PA MAY use different modes for different subscriptions. However,
   since a subscriber can distinguish confirming from non-confirming
   modes, care must be taken in choosing the mode, since it reveals
   information to the subscriber as well.

   In confirming mode, an authorized subscription generates a 200 OK, an
   unauthorized subscription generates a 603 Declined response, and a
   pending subscription generates a 202 Accepted response. In non-
   confirming mode, a 202 Accepted response is always returned in all
   cases.

5.6 Generation of Notifications

   In confirming mode, if the subscription was accepted, the PA SHOULD
   generate an immediate NOTIFY with the current presence state of the
   presentity. No NOTIFY is sent for pending or rejected subscriptions.

   In non-confirming mode, a NOTIFY MUST be sent. If a subscription is
   received, and is marked as pending or was rejected, this NOTIFY
   should contain a valid state for the presentity, yet be one which
   provides no useful information about the presentity. An example of
   this is to provide an IM URL that is the same form as the presence
   URL, and mark that IM address as "not available". The reason for this
   process of "lying" is that without it, a subscriber could tell the
   difference between a pending subscription and an accepted
   subscription based on the existence and content of an immediate



Rosenberg et al.                                              [Page 8]

Internet Draft                  presence                   July 20, 2001


   NOTIFY. The approach defined here ensures that the presence delivered
   in a NOTIFY generated by a pending or rejected subscription is also a
   valid one that could have been delivered in a NOTIFY generated by an
   accepted subscription.

   For an accepted subscription in non-confirming mode, an immediate
   NOTIFY is sent which contains the current state of the presentity.

   For an accepted subscription, the PA SHOULD generate a NOTIFY for the
   subscription when it determines that the presence state of the
   presentity has changed. Section 6 describes how the PA makes this
   determination.

   For pending and rejected subscriptions, the PA MAY generate
   occassional NOTIFYs that update the presence state to another "fake"
   value. The algorithm for "lying" is at the discretion of the
   implementor. However, the mechanism SHOULD, whenever possible, make
   it hard to distinguish the fake information from the real.


        OPEN ISSUE: Do we need to define what information gets
        sent? Do we really want the non-confirming mode?

   For reasons of privacy, it will frequently be necessary to encrypt
   the contents of the notifications. This can be accomplished using the
   standard SIP encryption mechanisms. The encryption should be
   performed using the key of the subscriber as identified in the From
   field of the SUBSCRIBE. Similarly, integrity of the notifications is
   important to subscribers. As such, the contents of the notifications
   SHOULD be authenticated using one of the standardized SIP mechanisms.
   Since the NOTIFY are generated by the presence server, which may not
   have access to the key of the user represented by the presentity, it
   will frequently be the case that the NOTIFY are signed by a third
   party. It is RECOMMENDED that the signature be by an authority over
   domain of the presentity. In other words, for a user
   pres:user@example.com, the signator of the NOTIFY SHOULD be the
   authority for example.com.

5.7 Rate Limitations on NOTIFY

   For reasons of congestion control, it is important that the rate of
   notifications not become excessive. As a result, it is RECOMMENDED
   that the PA not generate notifications for a single presentity at a
   rate faster than once every 5 seconds.

5.8 Refresh Behavior

   The 481 response to a SUBSCRIBE refresh informs the subscriber that



Rosenberg et al.                                              [Page 9]

Internet Draft                  presence                   July 20, 2001


   their subscription failed because it was a subscription refresh
   against an unknown subscription. In this case, the subscriber SHOULD
   generate a brand new SUBSCRIBE on a new call leg, and discard the old
   subscription state.

   Since SUBSCRIBE is routed by proxies as any other method, it is
   possible that a subscription might fork. The result is that it might
   arrive at multiple devices which are configured to act as a PA for
   the same presentity. Each of these will respond with a 202 response
   to the SUBSCRIBE. Based on the forking rules in SIP, only one of
   these responses is passed to the subscriber. However, the subscriber
   will receive notifications from each of those PA which accepted the
   subscriptions. The SIP event framework allows each package to define
   the handling for this case.

   The processing in this case is identical to the way INVITE would be
   handled. The 202 Accepted to the SUBSCRIBE will result in the
   installation of subscription state in the subscriber. The
   subscription is associated with the To and From (both with tags) and
   Call-ID from the 202. When notifications arrive, those from the PA's
   whose 202's were discarded in the forking proxy will not match the
   subscription ID stored at the subscriber (the From tags will differ).
   These SHOULD be responded to with a 481. This will disable the
   subscriptions from those PA. Furthermore, when refreshing the
   subscription, the refresh SHOULD make use of the tags from the 202
   and make use of any Contact or Record-Route headers in order to
   deliver the SUBSCRIBE back to the same PA that sent the 202.

   The result of this is that a presentity can have multiple PAs active,
   but these should be homogeneous, so that each can generate the same
   set of notifications for the presentity. Supporting heterogeneous
   PAs, each of which generated notifications for a subset of the
   presence data, is complex and difficult to manage. If such a feature
   is needed, it can be accomplished with a B2BUA rather than through a
   forking proxy.

6 Publication

   The user presence for a presentity can be obtained from any number of
   different ways. None of these mechanisms are mandated by this
   specification. However, if used, it should be done according to the
   recommendations described below.

6.1 Co-location

   When the PA function is co-located with the PUA, user presence is
   known directly by the PA.




Rosenberg et al.                                             [Page 10]

Internet Draft                  presence                   July 20, 2001


6.2 REGISTER

   Baseline SIP defines a method that is used by all SIP clients - the
   REGISTER method. This method allows a UA to inform a SIP network of
   its current communications addresses (ie., Contact addresses) .
   Furthermore, multiple UA can independently register Contact addresses
   for the same SIP URL. These Contact addresses can be SIP URLs, or
   they can be any other valid URL.

   Using the register information for presence is straightforward. The
   address of record in the REGISTER (the To field) identifies the
   presentity. The Contact headers define communications addresses that
   describe the state of the presentity. The use of the SIP caller
   preferences extension [9] is RECOMMENDED for use with UAs that are
   interested in presence. It provides additional information about the
   Contact addresses that can be used to construct a richer presence
   document. The "description" attribute of the Contact header is
   explicitly defined here to be used as a free-form field that allows a
   user to define the status of the presentity at that communications
   address.

   To indicate presence for instant messaging, the UA MAY either
   register contact addresses that are SIP URLs with the "methods"
   Contact parameter (as defined by the caller preferences extension [9]
   set to indicate the method MESSAGE, or it MAY register an IM URL.

   Usage of REGISTER information to construct presence is only possible
   if the PA is co-located with, or shares information with, the SIP
   registrar.

   The application of registered contacts to presence increases the
   requirements for authenticity. Therefore, REGISTER requests used by
   presence user agents SHOULD be authenticated using either SIP
   authentication mechanisms, or a hop-by-hop mechanism.

6.3 Uploading Presence Documents

   Presence documents MAY be uploaded to the PA in REGISTER message,
   using the procedures defined in [10]. In this case, the PA SHOULD
   distribute the presence document as provided without modification. As
   described in [10], only one presence document can be uploaded at a
   time. Subsequent uploads replace the current active presence
   document.

   Note that we do not provide for locking mechanisms, which would allow
   a client to lock presence state, fetch it, and update it atomically.
   We believe that this is not neeeded for the majority of use cases,
   and introduces substantial complexity. Most presence operations do



Rosenberg et al.                                             [Page 11]

Internet Draft                  presence                   July 20, 2001


   not require get-before-set, since the SIP register mechanism works in
   such a way that data can be updated without a get.


        OPEN ISSUE: Are we sure we are using REGISTER for this?

6.4 Call State Subscriptions

   Another mechanism that a PA can use to determine the state of the
   presentity is to SUBSCRIBE to the call state event package for that
   presentity [11]. This will allow the PA to know when the user is in a
   call, not in a call, etc., which can be used to provide richer
   presence server content.


        TODO: This section needs work. Need to define a concrete
        example of mapping a register to a presence document, once
        IMPP generates the document format.

6.5 Migrating the PA Function

   It is important to realize that the PA function can be colocated with
   several elements:

        o It can be co-located with the SIP registrar handling
          registrations for the presentity. In this way, the PA knows
          the presence of the user through registrations.

        o It can be co-located with a PUA for that presentity. In the
          case of a single PUA per presentity, the PUA knows the state
          of the presentity by sheer nature of its co-location.

        o It can be co-located in any server along the call setup path.
          That proxy can learn the presence state of the presentity by
          generating its own SUBSCRIBE in order to determine it. In this
          case, the PA is effectively a B2BUA.

   On occassion, it makes sense for the PA function to migrate from one
   of these places to another. For example, for reasons of scale, the PA
   function may reside in the registrar when the PUA is not running, but
   when the PUA connects to the network, the PA decides to migrate
   subscriptions to it in order to reduce state in the network.

   There are three phases to this migration:

        o Determine that another element is capable of handling the
          subscription.




Rosenberg et al.                                             [Page 12]

Internet Draft                  presence                   July 20, 2001


        o Destroy subscription state, and inform those subscribers that
          it needs to be re-established with a new SUBSCRIBE.

        o When the subscribers re-SUBSCRIBE, proxy the requests to the
          new element handling the PA function.

   The first of these phases can occur through configuration, or through
   dynamic means. The presence server dynamically determines that a PUA
   is capable of supporting a PA function through the REGISTER message.
   Specifically, if a PUA wishes to indicate support for the PA
   function, it SHOULD include a contact address in its registration
   with a caller preferences "methods" parameter listing SUBSCRIBE.

   For the second phase, the PA destroys the subscriptions and then
   sends a NOTIFY to each subscriber, with an Expires header with value
   0. This informs the subscribers that their subscription was
   destroyed, and should be re-established with a new SUBSCRIBE (with a
   new Call-ID).


        This is an overload of the meaning of Expires. Another
        approach is to use the watcherinfo event package, so that
        the subscribers get notified that their subscriptions have
        expired.

   The subscribers then create brand new subscriptions, with a new
   Call-ID, no route set and no To tag, and this is sent to refresh the
   subscription. When this arrives at the "old" PA, the PA proxies the
   SUBSCRIBE towards the element which will now be acting as PA.

7 Mapping to CPIM

   This section defines how a SIP for presence messages are converted to
   CPIM, and how a CPIM messages are converted to SIP for presence. SIP
   to CPIM conversion occurs when a SIP system sends a SUBSCRIBE request
   that contains a pres URL or SIP URL that corresponds to a user in a
   domain that runs a different presence protocol. CPIM to SIP involves
   the case where a user in a different protocol domain generates a
   subscription that is destined for a user in a SIP domain.

   Note that the process defined below requires that the gateway store
   subscription state. This unfortunate result is due to the need to
   remember the Call-ID, CSeq, and Route headers for subscriptions from
   the SIP side, so that they can be inserted into the SIP NOTIFY
   generated when a CPIM notification arrives.

7.1 SIP to CPIM




Rosenberg et al.                                             [Page 13]

Internet Draft                  presence                   July 20, 2001


   SIP for presnce is converted to CPIM through a SIP to CPIM abstract
   gateway service, depicted in Figure 1.










                         +-------------+
                         |             |
                         |  SIP to CPIM|
                         |  Conversion |
                         |             |
         SIP             |             |    CPIM
        ---------------> |             | ---------------->
                         |             |
                         |             |
                         |             |
                         |             |
                         |             |
                         |             |
                         +-------------+





   Figure 1: SIP to CPIM Conversion



   The first step is that a SUBSCRIBE request is received at a gateway.
   The gateway generates a CPIM subscription request, with its
   parameters filled in as follows:

        o The watcher identity in the CPIM message is copied from the
          From field of the SUBSCRIBE. If the From field contains a SIP
          URL, it is converted to an equivalent pres URL by dropping all
          SIP URL parameters, and changing the scheme to pres.


             This conversion may not work - what if the SIP URL has
             no user name. Plus, converting from a URL back to a
             URN in this fashion may not do it correctly.



Rosenberg et al.                                             [Page 14]

Internet Draft                  presence                   July 20, 2001


        o The target identity in the CPIM message is copied from the
          Request-URI field of the SUBSCRIBE. This may need to be
          converted to a pres URL as well.

        o The duration parameter in the CPIM message is copied from the
          Expires header in the SUBSCRIBE. If the Expires header
          specifies an absolute time, it is converted to a delta-time by
          the gateway. If no Expires header is present, one hour is
          assumed.

        o The transID parameter in the CPIM message is constructed by
          appending the Call-ID, the URI in the To field, the URI in the
          From field, the CSeq and the tag in the From field, and the
          request URI, and computing a hash of the resulting string.
          This hash is used as the transID. Note that the request URI is
          included in the hash. This is to differentiate forked requests
          within the SIP network that may arrive at the same gateway.

   The CPIM service then responds with either a success or failure. In
   the case of success, the SIP to CPIM gateway service generates a 202
   response to the SUBSCRIBE. It adds a tag to the To field in the
   response, which is the same as the transID field in the success
   response. The 202 response also contains a Contact header, which is
   the value of the target from the SUBSCRIBE request. It is important
   that the Contact header be set to the target, since that makes sure
   that subscription refreshes have the same value in the request URI as
   the original subscription. The duration value from the CPIM success
   response is placed into the Expires header of the 202. The gateway
   stores the Call-ID and Route header set for this subscription.

   If the CPIM service responds with a failure, the SIP to CPIM gateway
   generates a 603 response. It adds a tag to the To field in the
   response, which is the same as the transID field in the failure
   response.

   When the CPIM system generates a notification request, the SIP to
   CPIM gateway creates a SIP NOTIFY request. The request is constructed
   using the standard RFC2543 [2] procedures for constructing a request
   within a call leg. This will result in the To field containing the
   watcher field from CPIM, and the From field containing the target
   field from the CPIM notification. The tag in the From field will
   contain the transID. The presence information is copied into the body
   of the notification. The Call-ID and Route headers are constructed
   from the subscription state stored in the gateway. If no notification
   has yet been generated for this subscription, an initial CSeq value
   is selected and stored.

   SUBSCRIBE refreshes are handled identically to initial subscriptions



Rosenberg et al.                                             [Page 15]

Internet Draft                  presence                   July 20, 2001


   as above.

   If a subscription is received with an Expires of zero, the SIP to
   CPIM gateway generates an unsubscribe message into the the CPIM
   system. The watcher parameter is copied from the From field of the
   SUBSCRIBE. The target parameter is copied from the Request URI field
   of the SUBSCRIBE. The transID is copied from the tag in the To field
   of the SUBSCRIBE request.

   The response to an unsubscribe is either success or failure. In the
   case of success, a 202 response is constructed in the same fashion as
   above for a success response to a CPIM subscriber. All subscription
   state is removed. In the case of failure, a 603 response is
   constructed in the same fashion as above, and then subscription state
   is removed, if present.

7.2 CPIM to SIP

   CPIM to SIP conversion occurs when a CPIM subscription request
   arrives on the CPIM side of the gateway. This scenario is shown in
   Figure 2.


   The CPIM subscription request is converted into a SIP SUBSCRIBE
   request. To do that, the first step is to determine if the subscribe
   is for an existing subscription. That is done by taking the target in
   the CPIM subscription request, and matching it against targets for
   existing subscriptions. If there are none, it is a new subscription,
   otherwise, its a refresh.

   If its a new subscription, the gateway generates a SIP SUBSCRIBE
   request in the following manner:

        o The From field in the request is set to the watcher field in
          the CPIM subscription request

        o The To field in the request is set to the target field in the
          CPIM subscription request

        o The Expires header in the SUBSCRIBE request is set to the
          duration field in the CPIM subscription request

        o The tag in the From field is set to the transID in the CPIM
          subscription request.

   This SUBSCRIBE message is then sent.

   If the subscription is a refresh, a SUBSCRIBE request is generated in



Rosenberg et al.                                             [Page 16]

Internet Draft                  presence                   July 20, 2001











                         +-------------+
                         |             |
                         | CPIM to SIP |
                         |  Conversion |
                         |             |
         SIP SUBSCRIBE   |             |    CPIM subscription request
        <--------------> |             | <--------------->
                         |             |
                         |             |
                         |             |
                         |             |
                         |             |
                         |             |
                         +-------------+





   Figure 2: CPIM to SIP Conversion


   the same way. However, there will also be a tag in the To field,
   copied from the subscription state in the gateway, and a Route
   header, obtained from the subscription state in the gateway.

   When a response to the SUBSCRIBE is received, a response is sent to
   the CPIM system. The duration parameter in this response is copied
   from the Expires header in the SUBSCRIBE response (a conversion from
   an absolute time to delta time may be needed). The transID in the
   response is copied from the tag in the From field of the response. If
   the response was 202, the status is set to indeterminate. If the
   response was any other 200 class response, the status is set to
   sucess. For any other final response, the status is set to failure.

   If the response was a 200 class response, subscription state is
   established. This state contains the tag from the To field in the
   SUBSCRIBE response, and the Route header set computed from the
   Record-Routes and Contact headers in the 200 class response. The



Rosenberg et al.                                             [Page 17]

Internet Draft                  presence                   July 20, 2001


   subscription is indexed by the presentity identification (the To
   field of the SUBSCRIBE that was generated).

   If an unsubscribe request is received from the CPIM side, the gateway
   checks if the subscription exists. If it does, a SUBSCRIBE is
   generated as described above. However, the Expires header is set to
   zero. If the subscription does not exist, the gateway generates a
   failure response and sends it to the CPIM system. When the response
   to the SUBSCRIBE request arrives, it is converted to a CPIM response
   as described above for the initial SUBSCRIBE response. In all cases,
   any subscription state in the gateway is destroyed.

   When a NOTIFY is received from the SIP system, a CPIM notification
   request is sent. This notification is constructed as follows:

        o The CPIM watcher is set to the URI in the To field of the
          NOTIFY.

        o The CPIM target is set to the URI in the From field of the
          NOTIFY.

        o The transID is computed using the same mechanism as for the
          SUBSCRIBE in Section 7.1

        o The presence component of the notification is extracted from
          the body of the SIP NOTIFY request.

   The gateway generates a 200 response to the SIP NOTIFY and sends it
   as well.

   TODO: some call flow diagrams with the parameters

8 Firewall and NAT Traversal

   It is anticipated that presence services will be used by clients and
   presentities that are connected to proxy servers on the other side of
   firewalls and NATs. Fortunately, since the SIP presence messages do
   not establish independent media streams, as INVITE does, firewall and
   NAT traversal is much simpler than described in [12] and [13].

   Generally, data traverses NATs and firewalls when it is sent over TCP
   or TLS connections established by devices inside the firewall/NAT to
   devices outside of it. As a result, it is RECOMMENDED that SIP for
   presence entities maintain persistent TCP or TLS connections to their
   next hop peers. This includes connections opened to send a SUBSCRIBE,
   NOTIFY, and most importantly, REGISTER. By keeping the latter
   connection open, it can be used by the SIP proxy to send messages
   from outside the firewall/NAT back to the client. It is also



Rosenberg et al.                                             [Page 18]

Internet Draft                  presence                   July 20, 2001


   recommended that the client include a Contact cookie as described in
   [13] in their registration, so that the proxy can map the presentity
   URI to that connection.

   Furthermore, entities on either side of a firewall or NAT should
   record-route in order to ensure that the initial connection
   established for the subscription is used for the notifications as
   well.

9 Security considerations

   There are numerous security considerations for presence. Many are
   outlined above; this section considers them issue by issue.

9.1 Privacy

   Privacy encompasses many aspects of a presence system:

        o Subscribers may not want to reveal the fact that they have
          subscribed to certain users

        o Users may not want to reveal that they have accepted
          subscriptions from certain users

        o Notifications (and fetch results) may contain sensitive data
          which should not be revealed to anyone but the subscriber

   Privacy is provided through a combination of hop by hop encryption
   and end to end encryption. The hop by hop mechanisms provide scalable
   privacy services, disable attacks involving traffic analysis, and
   hide all aspects of presence messages. However, they operate based on
   transitivity of trust, and they cause message content to be revealed
   to proxies. The end-to-end mechanisms do not require transitivity of
   trust, and reveal information only to the desired recipient. However,
   end-to-end encryption cannot hide all information, and is susceptible
   to traffic analysis. Strong end to end authentication and encryption
   also requires that both participants have public keys, which is not
   generally the case. Thus, both mechanisms combined are needed for
   complete privacy services.

   SIP allows any hop by hop encryption scheme. It is RECOMMENDED that
   TLS [14] be used between elements to provide this function.  The
   presence server can determine whether TLS is supported by the
   receiving client based on the transport parameter in the Contact
   header of its registration. If there is a registered Contact with a
   URL that contains a transport parameter with value "tls", it implies
   that the PUA supports TLS.




Rosenberg et al.                                             [Page 19]

Internet Draft                  presence                   July 20, 2001


   SIP encryption MAY be used end to end for the transmission of both
   SUBSCRIBE and NOTIFY requests.

9.2 Message integrity and authenticity

   It is important for the message recipient to ensure that the message
   contents are actually what was sent by the originator, and that the
   recipient of the message be able to determine who the originator
   really is. This applies to both requests and responses of SUBSCRIBE
   and NOTIFY. This is supported in SIP through end to end
   authentication and message integrity. SIP provides PGP based
   authentication and integrity (both challenge-response and public key
   signatures), and http basic and digest authentication. HTTP Basic is
   NOT RECOMMENDED.

9.3 Outbound authentication

   When local proxies are used for transmission of outbound messages,
   proxy authentication is RECOMMENDED. This is useful to verify the
   identity of the originator, and prevent spoofing and spamming at the
   originating network.

9.4 Replay prevention

   To prevent the replay of old subscriptions and notifications, all
   signed SUBSCRIBE and NOTIFY requests and responses MUST contain a
   Date header covered by the message signature. Any message with a date
   older than several minutes in the past, or more than several minutes
   into the future, SHOULD be discarded.

   Furthermore, all signed SUBSCRIBE and NOTIFY requests MUST contain a
   Call-ID and CSeq header covered by the message signature. A user
   agent or presence server MAY store a list of Call-ID values, and for
   each, the higest CSeq seen within that Call-ID. Any message that
   arrives for a Call-ID that exists, whose CSeq is lower than the
   highest seen so far, is discarded.

   Finally, challenge-response authentication (http digest or PGP) MAY
   be used to prevent replay attacks.

9.5 Denial of service attacks

   Denial of service attacks are a critical problem for an open, inter-
   domain, presence protocol. Here, we discuss several possible attacks,
   and the steps we have taken to prevent them.

9.5.1 Smurf attacks through false contacts




Rosenberg et al.                                             [Page 20]

Internet Draft                  presence                   July 20, 2001


   Unfortunately, presence is a good candidate for smurfing attacks
   because of its amplification properties. A single SUBSCRIBE message
   could generate a nearly unending stream of notifications, so long as
   a suitably dynamic source of presence data can be found. Thus, a
   simple way to launch an attack is to send subscriptions to a large
   number of users, and in the Contact header (which is where
   notifications are sent), place the address of the target.

   The only reliable way to prevent these attacks is through
   authentication and authorization. End users will hopefully not accept
   subscriptions from random unrecognized users. Also, the presence
   client software could be programmed to warn the user when the Contact
   header in a SUBSCRIBE is from a domain which does not match that of
   the From field (which identifies the subscriber).

   Also, note that as described in [3], if a NOTIFY is not acknowledged
   or was not wanted, the subscription that generated it is removed.
   This eliminates the amplification properties of providing false
   Contact addresses.

10 Example message flows

   The following subsections exhibit example message flows, to further
   clarify behavior of the protocol.

10.1 Client to Client Subscription with Presentity State Changes

   This call flow illustrates subscriptions and notifications that do
   not involve a presence server.

   The watcher subscribes to the presentity, and the subscription is
   accepted, resulting in a 202 Accepted response. The presentity
   subsequently changes state (is on the phone), resulting in a new
   notification. The flow finishes with the watcher canceling the
   subscription.




               Watcher                       Presentity
               -------                       -----------
                  |      F1 SUBSCRIBE             |
                  | ----------------------------->|
                  |      F2 202 Accepted          |
                  |<------------------------------|
                  |      F3 NOTIFY                |
                  |<------------------------------|
                  |      F4 200 OK                |



Rosenberg et al.                                             [Page 21]

Internet Draft                  presence                   July 20, 2001


                  |------------------------------>|
                  |      F5 NOTIFY                |
                  |<------------------------------|
                  |      F6 200 OK                |
                  |------------------------------>|
                  |      F7 SUBSCRIBE (unsub)     |
                  |------------------------------>|
                  |      F8 202 Accepted          |
                  |<------------------------------|


   Message Details



     F1 SUBSCRIBE watcher -> presentity

        SUBSCRIBE sip:presentity@pres.example.com SIP/2.0
        Via: SIP/2.0/UDP  watcherhost.example.com:5060
        From: User <pres:user@example.com>
        To: Resource <pres:presentity@example.com>
        Call-ID: 3248543@watcherhost.example.com
        CSeq : 1 SUBSCRIBE
        Expires: 600
        Accept: application/xpidf+xml
        Event: presence
        Contact: sip:user@watcherhost.example.com





     F2 202 Accepted presentity->watcher

        SIP/2.0 202 Accepted
        Via: SIP/2.0/UDP watcherhost.example.com:5060
        From: User <pres:user@example.com>
        To: Resource <pres:presentity@example.com>;tag=88a7s
        Call-ID: 3248543@watcherhost.example.com
        Cseq: 1 SUBSCRIBE
        Event: presence
        Expires: 600
        Contact: sip:presentity@pres.example.com








Rosenberg et al.                                             [Page 22]

Internet Draft                  presence                   July 20, 2001


     F3 NOTIFY Presentity->watcher

        NOTIFY sip:user@watcherhost.example.com SIP/2.0
        Via: SIP/2.0/UDP pres.example.com:5060
        From: Resource <pres:presentity@example.com>;tag=88a7s
        To: User <pres:user@example.com>
        Call-ID: 3248543@watcherhost.example.com
        CSeq: 1 NOTIFY
        Event: presence
        Content-Type: application/xpidf+xml
        Content-Length: 120

        <?xml version="1.0"?>
        <presence entityInfo="pres:presentity@example.com">
          <tuple destination="sip:presentity@example.com" status="open"/>
        </presence>





     F4 200 OK watcher->presentity

        SIP/2.0 200 OK
        Via: SIP/2.0/UDP pres.example.com:5060
        From: Resource <pres:presentity@example.com>
        To: User <pres:user@example.com>
        Call-ID: 3248543@watcherhost.example.com
        CSeq: 1 NOTIFY





     F5 NOTIFY Presentity->watcher

        NOTIFY sip:user@watcherhost.example.com SIP/2.0
        Via: SIP/2.0/UDP pres.example.com:5060
        From: Resource <pres:presentity@example.com>
        To: User <pres:user@example.com>
        Call-ID: 3248543@watcherhost.example.com
        CSeq: 2 NOTIFY
        Event: presence
        Content-Type: application/xpidf+xml
        Content-Length: 120

        <?xml version="1.0"?>
        <presence entityInfo="pres:presentity@example.com">



Rosenberg et al.                                             [Page 23]

Internet Draft                  presence                   July 20, 2001


          <tuple destination="sip:presentity@example.com" status="closed"/>
        </presence>






     F6 200 OK watcher->presentity

        SIP/2.0 200 OK
        Via: SIP/2.0/UDP pres.example.com:5060
        From: Resource <pres:presentity@example.com>
        To: User <pres:user@example.com>
        Call-ID: 3248543@watcherhost.example.com
        CSeq: 2 NOTIFY





     F7 SUBSCRIBE watcher -> presentity

        SUBSCRIBE sip:presentity@pres.example.com SIP/2.0
        Via: SIP/2.0/UDP  watcherhost.example.com:5060
        From: User <pres:user@example.com>
        To: Resource <pres:presentity@example.com>
        Call-ID: 3248543@watcherhost.example.com
        Event: presence
        CSeq : 2 SUBSCRIBE
        Expires: 0
        Accept: application/xpidf+xml
        Contact: sip:user@watcherhost.example.com





     F8 202 Accepted presentity->watcher

        SIP/2.0 202 Accepted
        Via: SIP/2.0/UDP watcherhost.example.com:5060
        From: User <pres:user@example.com>
        To: Resource <pres:presentity@example.com>
        Call-ID: 3248543@watcherhost.example.com
        Event: presence
        Cseq: 2 SUBSCRIBE
        Expires:0



Rosenberg et al.                                             [Page 24]

Internet Draft                  presence                   July 20, 2001


10.2 Presence Server with Client Notifications

   This call flow shows the involvement of a presence server in the
   handling of subscriptions. In this scenario, the client has indicated
   that it will handle subscriptions and thus notifications. The message
   flow shows a change of presence state by the client and a
   cancellation of the subscription by the watcher.





                              Presence
       Watcher                 Server                  PUA
          |                      |  F1 REGISTER         |
          |                      |<---------------------|
          |                      |  F2 200 OK           |
          |                      |--------------------->|
          |  F3 SUBSCRIBE        |                      |
          |--------------------->|                      |
          |                      |  F4 SUBSCRIBE        |
          |                      |--------------------->|
          |                      |  F5 202              |
          |                      |<---------------------|
          |  F6 202              |                      |
          |<---------------------|                      |
          |  F7 NOTIFY           |                      |
          |<--------------------------------------------+
          |  F8  200 OK          |                      |
          |-------------------------------------------->|
          |                      |  F9 REGISTER         |
          |                      |<---------------------|
          |                      |  F10 200 OK          |
          |                      |--------------------->|
          |  F11 NOTIFY          |                      |
          |<--------------------------------------------+
          |  F12 200 OK          |                      |
          |-------------------------------------------->|



   Message Details



     F1  REGISTER  PUA->server

       REGISTER sip:example.com SIP/2.0



Rosenberg et al.                                             [Page 25]

Internet Draft                  presence                   July 20, 2001


       Via: SIP/2.0/UDP pua.example.com:5060
       To: <sip:resource@example.com>
       From: <sip:resource@example.com>
       Call-ID: 2818@pua.example.com
       CSeq: 1 REGISTER
       Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                 ;description="open"
       Contact: <sip:id@pua.example.com>;methods="SUBSCRIBE"
       Expires: 600






     F2  200 OK    server->PUA

       SIP/2.0 200 OK
       Via: SIP/2.0/UDP pua.example.com:5060
       To: <sip:resource@example.com>
       From: <sip:resource@example.com>
       Call-ID: 2818@pua.example.com
       CSeq: 1 REGISTER
       Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                 ;description="open"
       Contact: <sip:id@pua.example.com>;methods="SUBSCRIBE"
       Expires: 600







     F3  SUBSCRIBE watcher->server

       SUBSCRIBE sip:resource@example.com SIP/2.0
       Via: SIP/2.0/UDP  watcherhost.example.com:5060
       From: User <pres:user@example.com>
       To: Resource <pres:resource@example.com>
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 SUBSCRIBE
       Expires: 600
       Event: presence
       Accept: application/xpidf+xml
       Contact: sip:user@watcherhost.example.com





Rosenberg et al.                                             [Page 26]

Internet Draft                  presence                   July 20, 2001


     F4  SUBSCRIBE server->PUA

       SUBSCRIBE sip:id@pua.example.com SIP/2.0
       Via: SIP/2.0/UDP server.example.com:5060
       Via: SIP/2.0/UDP watcherhost.example.com:5060
       From: User <pres:user@example.com>
       To: Resource <pres:resource@example.com>
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 SUBSCRIBE
       Event: presence
       Expires: 600
       Accept: application/xpidf+xml
       Contact: sip:user@watcherhost.example.com






     F5  202 Accepted    PUA->server

       SIP/2.0 202 Accepted
       Via: SIP/2.0/UDP server.example.com:5060
       Via: SIP/2.0/UDP watcherhost.example.com:5060
       From: User <pres:user@example.com>
       To: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 SUBSCRIBE
       Event: presence
       Expires: 600






     F6  200 OK    server->watcher

       SIP/2.0 202 Accepted
       Via: SIP/2.0/UDP watcherhost.example.com:5060
       From: User <pres:user@example.com>
       To: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 SUBSCRIBE
       Event: presence
       Expires: 600





Rosenberg et al.                                             [Page 27]

Internet Draft                  presence                   July 20, 2001


     F7  NOTIFY    PUA->watcher

       NOTIFY sip:user@watcherhost.example.com SIP/2.0
       Via: SIP/2.0/UDP pua.example.com:5060
       To: User <pres:user@example.com>
       From: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 NOTIFY
       Event: presence
       Content-Type: application/xpidf+xml
       Content-Length: 120

       <?xml version="1.0"?>
       <presence entityInfo="pres:resource@example.com">
         <tuple destination="im:resource@example.com" status="open"/>
       </presence>






     F8 200 OK    watcher->PUA

       SIP/2.0 200 OK
       Via: SIP/2.0/UDP pua.example.com:5060
       To: User <pres:user@example.com>
       From: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 1 NOTIFY






     F9  REGISTER  PUA->server

       REGISTER sip:example.com SIP/2.0
       Via: SIP/2.0/UDP pua.example.com:5060
       To: <sip:resource@example.com>
       From: <sip:resource@example.com>
       Call-ID: 2818@pua.example.com
       CSeq: 2 REGISTER
       Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                 ;description="busy"
       Contact: <sip:id@pua.example.com>;methods="SUBSCRIBE"
       Expires: 600



Rosenberg et al.                                             [Page 28]

Internet Draft                  presence                   July 20, 2001


     F10  200 OK    server->PUA

       SIP/2.0 200 OK
       Via: SIP/2.0/UDP pua.example.com:5060
       To: <sip:resource@example.com>
       From: <sip:resource@example.com>
       Call-ID: 2818@pua.example.com
       CSeq: 2 REGISTER
       Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                 ;description="busy"
       Contact: <sip:id@pua.example.com>;methods="SUBSCRIBE"
       Expires: 600






     F11  NOTIFY    PUA->watcher

       NOTIFY sip:user@watcherhost.example.com SIP/2.0
       Via: SIP/2.0/UDP pua.example.com:5060
       To: User <pres:user@example.com>
       From: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 2 NOTIFY
       Event: presence
       Content-Type: application/xpidf+xml
       Content-Length: 120

       <?xml version="1.0"?>
       <presence entityInfo="pres:resource@example.com">
         <tuple destination="im:resource@example.com" status="busy"/>
       </presence>






     F12 200 OK    watcher->PUA

       SIP/2.0 200 OK
       Via: SIP/2.0/UDP pua.example.com:5060
       To: User <pres:user@example.com>
       From: Resource <pres:resource@example.com>;tag=ffd2
       Call-ID: 32485@watcherhost.example.com
       CSeq : 2 NOTIFY



Rosenberg et al.                                             [Page 29]

Internet Draft                  presence                   July 20, 2001


10.3 Presence Server Notifications

   This message flow illustrates how the presence server can be the
   responsible for sending notifications for a presentity. The presence
   server will do this if the presentity has not sent a registration
   indicating an interest in handling subscriptions. This flow assumes
   that the watcher has previously been authorized to subscribe to this
   resource at the server.




   Watcher             Server                 PUA
      | F1 SUBSCRIBE      |                    |
      |------------------>|                    |
      | F2 202 Accepted   |                    |
      |<------------------|                    |
      | F3 NOTIFY         |                    |
      |<------------------|                    |
      | F4 200 OK         |                    |
      |------------------>|                    |
      |                   |  F5 REGISTER       |
      |                   |<-------------------|
      |                   |  F6 200 OK         |
      |                   |------------------->|
      | F7 NOTIFY         |                    |
      |<------------------|                    |
      | F8 200 OK         |                    |
      |------------------>|                    |



   Message Details



   F1 SUBSCRIBE   watcher->server

      SUBSCRIBE sip:resource@example.com SIP/2.0
      Via: SIP/2.0/UDP watcherhost.example.com:5060
      To: <pres:resource@example.com>
      From: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      CSeq: 1 SUBSCRIBE
      Event: presence
      Accept: application/xpidf+xml
      Contact: <sip:user@watcherhost.example.com>
      Expires: 600



Rosenberg et al.                                             [Page 30]

Internet Draft                  presence                   July 20, 2001


   F2 202 OK   server->watcher

      SIP/2.0 202 Accepted
      Via: SIP/2.0/UDP watcherhost.example.com:5060
      To: <pres:resource@example.com>;tag=ffd2
      From: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      CSeq: 1 SUBSCRIBE
      Event: presence
      Expires: 600
      Contact: sip:example.com





   F3 NOTIFY  server-> watcher

      NOTIFY sip:user@watcherhost.example.com SIP/2.0
      Via: SIP/2.0/UDP server.example.com:5060
      From: <pres:resource@example.com>;tag=ffd2
      To: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      Event: presence
      CSeq: 1 NOTIFY
      Content-Type: application/xpidf+xml
      Content-Length: 120

      <?xml version="1.0"?>
      <presence entityInfo="pres:resource@example.com">
        <tuple destination="im:resource@example.com" status="open"/>
      </presence>






   F4 200 OK

      SIP/2.0 200 OK
      Via: SIP/2.0/UDP server.example.com:5060
      From: <pres:resource@example.com>;tag=ffd2
      To: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      CSeq: 1 NOTIFY





Rosenberg et al.                                             [Page 31]

Internet Draft                  presence                   July 20, 2001



   F5 REGISTER

      REGISTER sip:example.com SIP/2.0
      Via: SIP/2.0/UDP pua.example.com:5060
      To: <sip:resource@example.com>
      From: <sip:resource@example.com>
      Call-ID: 110@pua.example.com
      CSeq: 2 REGISTER
      Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                ;description="Away from keyboard"
      Expires: 600






   F6 200 OK

      Via: SIP/2.0/UDP pua.example.com:5060
      To: <sip:resource@example.com>
      From: <sip:resource@example.com>
      Call-ID: 110@pua.example.com
      CSeq: 2 REGISTER
      Contact: <sip:id@pua.example.com>;methods="MESSAGE"
                ; description="Away from keyboard"
                ; expires=600






   F7 NOTIFY

      NOTIFY sip:user@watcherhost.example.com SIP/2.0
      Via: SIP/2.0/UDP server.example.com:5060
      From: <pres:resource@example.com>;tag=ffd2
      To: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      CSeq: 2 NOTIFY
      Event: presence
      Content-Type: application/xpidf+xml
      Content-Length: 120

      <?xml version="1.0"?>
      <presence entityInfo="pres:resource@example.com">



Rosenberg et al.                                             [Page 32]

Internet Draft                  presence                   July 20, 2001


        <tuple destination="im:resource@example.com" status="Away from keyboard"/>
      </presence>






   F8 200 OK

      SIP/2.0 200 OK
      Via: SIP/2.0/UDP server.example.com:5060
      From: <sip:resource@example.com>;tag=ffd2
      To: <pres:user@example.com>
      Call-ID: 2010@watcherhost.example.com
      CSeq: 2 NOTIFY




11 Open Issues

   The following is the list of known open issues:

        o This draft recommends that the To and From field are populated
          with presence URLs rather than sip URLs. Is that reasonable?
          Will this lead to incompatibilities in proxies? Is there any
          issues with CPIM if the SIP URL format is used? This depends
          on what components of a message are signed in CPIM.

        o Rate limitations on NOTIFY: do we want that? How do we pick a
          value? 5 seconds is arbitrary.

        o Merging of presence data from multiple PA has been removed. Is
          that OK?

        o Placing IM URLs in the Contact header of a REGISTER: is that
          OK?  What does it mean?

        o The SIP to CPIM and CPIM to SIP gateways are not stateless,
          because of the need to maintain Route, Call-ID, CSeq, and
          other parameters. Perhaps we can ask CPIM to define a token
          value which is sent in a CPIM request and returned in a CPIM
          response. Would that help?

        o Need to specify how to take Contacts from REGISTER and build a
          presence document. One obvious thing is that the contact
          addresses don't go in there directly; you probably want to put



Rosenberg et al.                                             [Page 33]

Internet Draft                  presence                   July 20, 2001


          the address of record, otherwise calls might not go through
          the proxy.

        o Need to add IMPP DNS procedures once stable.

        o Transitive authentication is really about network
          authenticated identities. Sounds like the SIP privacy
          extensions might be useful here, especially if we want to
          support anonymous subscriptions. Should we explicitly mention
          that?

        o Do we need to define what information gets sent in the NOTIFY
          of a non-confirming subscription when its pending or rejected?
          Do we really want the non-confirming mode?

        o Are we sure we are using REGISTER for upload of presence
          documents?

12 Changes from draft-ietf-simple-presence-00

        o Clarified that user presence can be obtained in many ways, not
          just SIP.

        o Defined the default notification content when a filter is not
          provided in the body of a SUBSCRIBE.

        o Removed text about the inability of a PA to increase a
          subscription expiration time (this needs to be reconciled with
          draft-ietf-sip-events.

        o Removed requirement that authentication be end-to-end only,
          and not transitive. This is not practical at all, and
          transitive trust is likely to be the only deployable mechanism
          initially.

        o Removed the Appendix on the watcher info mechanism for
          triggering authorization decisions; draft-ietf-simple-winfo-
          package is now referenced.

        o Defined confirming and non-confirming modes for revealing
          authorization information.

        o Strengthened the section about how a PA obtains information
          about the presentity.

        o Updated section on migrating PA function.

        o Added requirement that a subscriber generate a new



Rosenberg et al.                                             [Page 34]

Internet Draft                  presence                   July 20, 2001


          subscription when a refresh fails with a 481.

        o Removed transport mode ESP as the reccommended inter-server
          transport. TLS is now consistently recommended.

        o Removed insertion of tls transport parameter into Contact
          header in 200 OK response to SUBSCRIBE. This is because this
          parameter needs to be UDP for interoperability.

13 Changes from draft-rosenberg-impp-presence-01

   Renamed to draft-ietf-simple-presence-00.

14 Changes from draft-rosenberg-impp-presence-00

   The document has been completely rewritten, to reflect the change
   from a sales pitch and educational document, to a more formal
   protocol specification. It has also been changed to align with the
   SIP event architecture and with CPIM. The specific protocol changes
   resulting from this rewrite are:

        o The Event header must now be used in the SUBSCRIBE and NOTIFY
          requests.

        o The SUBSCRIBE message can only have a single Contact header.
          -00 allowed for more than one.

        o The From and To headers can contain presence URIs.

        o The Request-URI can contain a presence URI.

        o Subscriptions are responded to with a 202 if they are pending
          or accepted.

        o Presence documents are not returned in the body of the
          SUBSCRIBE response. Rather, they are sent in a separate
          NOTIFY. This more cleanly separates subscription and
          notification, and is mandated by alignment with CPIM.

        o Authentication is now mandatory at the PA. Authorization is
          now mandatory at the PA.

        o Fake NOTIFY is sent for pending or rejected subscriptions.

        o A rate limit on notifications was introduced.

        o Merging of presence data has been removed.




Rosenberg et al.                                             [Page 35]

Internet Draft                  presence                   July 20, 2001


        o The subscriber rejects notifications received with tags that
          don't match those in the 202 response to the SUBSCRIBE. This
          means that only one PA will hold subscription state for a
          particular subscriber for a particular presentity.

        o IM URLs allowed in Contacts in register

        o CPIM mappings defined.

        o Persistent connections recommended for firewall traversal.

15 Acknowledgements

   We would like to thank the following people for their support and
   comments on this draft:


   Rick Workman     Nortel
   Adam Roach       Ericsson
   Sean Olson       Ericsson
   Billy Biggs      University of Waterloo
   Stuart Barkley   UUNet
   Mauricio Arango  SUN
   Richard Shockey  Shockey Consulting LLC
   Jorgen Bjorkner  Hotsip
   Henry Sinnreich  MCI Worldcom
   Ronald Akers     Motorola


16 Authors Addresses



   Jonathan Rosenberg
   dynamicsoft
   72 Eagle Rock Avenue
   First Floor
   East Hanover, NJ 07936
   email: jdrosen@dynamicsoft.com

   Dean Willis
   dynamicsoft
   5100 Tennyson Parkway
   Suite 1200
   Plano, Texas 75024
   email: dwillis@dynamicsoft.com

   Robert Sparks



Rosenberg et al.                                             [Page 36]

Internet Draft                  presence                   July 20, 2001


   dynamicsoft
   5100 Tennyson Parkway
   Suite 1200
   Plano, Texas 75024
   email: rsparks@dynamicsoft.com

   Ben Campbell
   5100 Tennyson Parkway
   Suite 1200
   Plano, Texas 75024
   email: bcampbell@dynamicsoft.com

   Henning Schulzrinne
   Columbia University
   M/S 0401
   1214 Amsterdam Ave.
   New York, NY 10027-7003
   email: schulzrinne@cs.columbia.edu

   Jonathan Lennox
   Columbia University
   M/S 0401
   1214 Amsterdam Ave.
   New York, NY 10027-7003
   email: lennox@cs.columbia.edu

   Christian Huitema
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA 98052-6399
   email: huitema@microsoft.com

   Bernard Aboba
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA 98052-6399
   email: bernarda@microsoft.com

   David Gurle
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA 98052-6399
   email: dgurle@microsoft.com

   David Oran
   Cisco Systems
   170 West Tasman Dr.
   San Jose, CA 95134



Rosenberg et al.                                             [Page 37]

Internet Draft                  presence                   July 20, 2001


   email: oran@cisco.com




17 Bibliography

   [1] M. Day, J. Rosenberg, and H. Sugano, "A model for presence and
   instant messaging," Request for Comments 2778, Internet Engineering
   Task Force, Feb.  2000.

   [2] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP:
   session initiation protocol," Request for Comments 2543, Internet
   Engineering Task Force, Mar. 1999.

   [3] A. Roach, "Event notification in SIP," Internet Draft, Internet
   Engineering Task Force, Feb. 2001.  Work in progress.

   [4] D. Crocker et al.  , "A common profile for instant messaging
   (CPIM)," Internet Draft, Internet Engineering Task Force, Feb. 2001.
   Work in progress.

   [5] P. Calhoun, A. Rubens, H. Akhtar, and E. Guttman, "DIAMETER base
   protocol," Internet Draft, Internet Engineering Task Force, Feb.
   2001.  Work in progress.

   [6] C. Rigney, S. Willens, A. Rubens, and W. Simpson, "Remote
   authentication dial in user service (RADIUS)," Request for Comments
   2865, Internet Engineering Task Force, June 2000.

   [7] J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Rajan, and A.
   Sastry, "The COPS (common open policy service) protocol," Request for
   Comments 2748, Internet Engineering Task Force, Jan. 2000.

   [8] J. Rosenberg, "A SIP event sub-package for watcher information,"
   Internet Draft, Internet Engineering Task Force, July 2001.  Work in
   progress.

   [9] H. Schulzrinne and J. Rosenberg, "SIP caller preferences and
   callee capabilities," Internet Draft, Internet Engineering Task
   Force, Nov. 2000.  Work in progress.

   [10] J. Lennox and H. Schulzrinne, "Transporting user control
   information in SIP REGISTER payloads," Internet Draft, Internet
   Engineering Task Force, Oct. 2000.  Work in progress.

   [11] J. Rosenberg and H. Schulzrinne, "A SIP event package for call
   and conference state," Internet Draft, Internet Engineering Task



Rosenberg et al.                                             [Page 38]

Internet Draft                  presence                   July 20, 2001


   Force, July 2001.  Work in progress.

   [12] J. Rosenberg, D. Drew, and H. Schulzrinne, "Getting SIP through
   firewalls and NATs," Internet Draft, Internet Engineering Task Force,
   Feb. 2000.  Work in progress.

   [13] J. Rosenberg and H. Schulzrinne, "SIP traversal through
   residential and enterprise NATs and firewalls," Internet Draft,
   Internet Engineering Task Force, Mar. 2001.  Work in progress.

   [14] T. Dierks and C. Allen, "The TLS protocol version 1.0," Request
   for Comments 2246, Internet Engineering Task Force, Jan. 1999.





                           Table of Contents



   1          Introduction ........................................    1
   2          Definitions .........................................    2
   3          Overview of Operation ...............................    3
   4          Naming ..............................................    4
   5          Presence Event Package ..............................    5
   5.1        Package Name ........................................    5
   5.2        SUBSCRIBE bodies ....................................    5
   5.3        Expiration ..........................................    6
   5.4        NOTIFY Bodies .......................................    6
   5.5        Processing Requirements at the PA ...................    7
   5.6        Generation of Notifications .........................    8
   5.7        Rate Limitations on NOTIFY ..........................    9
   5.8        Refresh Behavior ....................................    9
   6          Publication .........................................   10
   6.1        Co-location .........................................   10
   6.2        REGISTER ............................................   11
   6.3        Uploading Presence Documents ........................   11
   6.4        Call State Subscriptions ............................   12
   6.5        Migrating the PA Function ...........................   12
   7          Mapping to CPIM .....................................   13
   7.1        SIP to CPIM .........................................   13
   7.2        CPIM to SIP .........................................   16
   8          Firewall and NAT Traversal ..........................   18
   9          Security considerations .............................   19
   9.1        Privacy .............................................   19
   9.2        Message integrity and authenticity ..................   20
   9.3        Outbound authentication .............................   20



Rosenberg et al.                                             [Page 39]

Internet Draft                  presence                   July 20, 2001


   9.4        Replay prevention ...................................   20
   9.5        Denial of service attacks ...........................   20
   9.5.1      Smurf attacks through false contacts ................   20
   10         Example message flows ...............................   21
   10.1       Client to Client Subscription with Presentity
   State Changes ..................................................   21
   10.2       Presence Server with Client Notifications ...........   25
   10.3       Presence Server Notifications .......................   30
   11         Open Issues .........................................   33
   12         Changes from draft-ietf-simple-presence-00 ..........   34
   13         Changes from draft-rosenberg-impp-presence-01 .......   35
   14         Changes from draft-rosenberg-impp-presence-00 .......   35
   15         Acknowledgements ....................................   36
   16         Authors Addresses ...................................   36
   17         Bibliography ........................................   38




































Rosenberg et al.                                             [Page 40]


Html markup produced by rfcmarkup 1.109, available from https://tools.ietf.org/tools/rfcmarkup/