draft-ietf-sipping-app-interaction-framework-01.txt   draft-ietf-sipping-app-interaction-framework-02.txt 
SIPPING J. Rosenberg SIPPING J. Rosenberg
Internet-Draft dynamicsoft Internet-Draft dynamicsoft
Expires: August 16, 2004 February 16, 2004 Expires: January 17, 2005 July 19, 2004
A Framework for Application Interaction in the Session Initiation A Framework for Application Interaction in the Session Initiation
Protocol (SIP) Protocol (SIP)
draft-ietf-sipping-app-interaction-framework-01 draft-ietf-sipping-app-interaction-framework-02
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with By submitting this Internet-Draft, I certify that any applicable
all provisions of Section 10 of RFC2026. patent or other IPR claims of which I am aware have been disclosed,
and any of which I become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other Task Force (IETF), its areas, and its working groups. Note that
groups may also distribute working documents as Internet-Drafts. other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http:// The list of current Internet-Drafts can be accessed at
www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 16, 2004. This Internet-Draft will expire on January 17, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract Abstract
This document describes a framework for the interaction between users This document describes a framework for the interaction between users
and Session Initiation Protocol (SIP) based applications. By and Session Initiation Protocol (SIP) based applications. By
interacting with applications, users can guide the way in which they interacting with applications, users can guide the way in which they
operate. The focus of this framework is stimulus signaling, which operate. The focus of this framework is stimulus signaling, which
allows a user agent to interact with an application without knowledge allows a user agent to interact with an application without knowledge
of the semantics of that application. Stimulus signaling can occur to of the semantics of that application. Stimulus signaling can occur
a user interface running locally with the client, or to a remote user to a user interface running locally with the client, or to a remote
interface, through media streams. Stimulus signaling encompasses a user interface, through media streams. Stimulus signaling
wide range of mechanisms, ranging from clicking on hyperlinks, to encompasses a wide range of mechanisms, ranging from clicking on
pressing buttons, to traditional Dual Tone Multi Frequency (DTMF) hyperlinks, to pressing buttons, to traditional Dual Tone Multi
input. In all cases, stimulus signaling is supported through the use Frequency (DTMF) input. In all cases, stimulus signaling is
of markup languages, which play a key role in this framework. supported through the use of markup languages, which play a key role
in this framework.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. A Model for Application Interaction . . . . . . . . . . . . 7 3. A Model for Application Interaction . . . . . . . . . . . . . 8
3.1 Functional vs. Stimulus . . . . . . . . . . . . . . . . . . 8 3.1 Functional vs. Stimulus . . . . . . . . . . . . . . . . . 9
3.2 Real-Time vs. Non-Real Time . . . . . . . . . . . . . . . . 9 3.2 Real-Time vs. Non-Real Time . . . . . . . . . . . . . . . 10
3.3 Client-Local vs. Client-Remote . . . . . . . . . . . . . . . 9 3.3 Client-Local vs. Client-Remote . . . . . . . . . . . . . . 10
3.4 Presentation Capable vs. Presentation Free . . . . . . . . . 10 3.4 Presentation Capable vs. Presentation Free . . . . . . . . 11
3.5 Interaction Scenarios on Telephones . . . . . . . . . . . . 11 4. Interaction Scenarios on Telephones . . . . . . . . . . . . . 13
3.5.1 Client Remote . . . . . . . . . . . . . . . . . . . . . . . 11 4.1 Client Remote . . . . . . . . . . . . . . . . . . . . . . 13
3.5.2 Client Local . . . . . . . . . . . . . . . . . . . . . . . . 11 4.2 Client Local . . . . . . . . . . . . . . . . . . . . . . . 13
3.5.3 Flip-Flop . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.3 Flip-Flop . . . . . . . . . . . . . . . . . . . . . . . . 14
4. Framework Overview . . . . . . . . . . . . . . . . . . . . . 13 5. Framework Overview . . . . . . . . . . . . . . . . . . . . . . 16
5. Application Behavior . . . . . . . . . . . . . . . . . . . . 16 6. Deployment Topologies . . . . . . . . . . . . . . . . . . . . 19
5.1 Client Local Interfaces . . . . . . . . . . . . . . . . . . 16 6.1 Third Party Application . . . . . . . . . . . . . . . . . 19
5.1.1 Discovering Capabilities . . . . . . . . . . . . . . . . . . 16 6.2 Co-Resident Application . . . . . . . . . . . . . . . . . 19
5.1.2 Pushing an Initial Interface Component . . . . . . . . . . . 16 6.3 Third Party Application and User Device Proxy . . . . . . 20
5.1.3 Updating an Interface Component . . . . . . . . . . . . . . 18 6.4 Proxy Application . . . . . . . . . . . . . . . . . . . . 22
5.1.4 Terminating an Interface Component . . . . . . . . . . . . . 18 7. Application Behavior . . . . . . . . . . . . . . . . . . . . . 23
5.2 Client Remote Interfaces . . . . . . . . . . . . . . . . . . 19 7.1 Client Local Interfaces . . . . . . . . . . . . . . . . . 23
5.2.1 Originating and Terminating Applications . . . . . . . . . . 19 7.1.1 Discovering Capabilities . . . . . . . . . . . . . . . 23
5.2.2 Intermediary Applications . . . . . . . . . . . . . . . . . 19 7.1.2 Pushing an Initial Interface Component . . . . . . . . 23
6. User Agent Behavior . . . . . . . . . . . . . . . . . . . . 21 7.1.3 Updating an Interface Component . . . . . . . . . . . 25
6.1 Advertising Capabilities . . . . . . . . . . . . . . . . . . 21 7.1.4 Terminating an Interface Component . . . . . . . . . . 26
6.2 Receiving User Interface Components . . . . . . . . . . . . 21 7.2 Client Remote Interfaces . . . . . . . . . . . . . . . . . 26
6.3 Mapping User Input to User Interface Components . . . . . . 23 7.2.1 Originating and Terminating Applications . . . . . . . 27
6.4 Receiving Updates to User Interface Components . . . . . . . 23 7.2.2 Intermediary Applications . . . . . . . . . . . . . . 27
6.5 Terminating a User Interface Component . . . . . . . . . . . 23 8. User Agent Behavior . . . . . . . . . . . . . . . . . . . . . 28
7. Inter-Application Feature Interaction . . . . . . . . . . . 25 8.1 Advertising Capabilities . . . . . . . . . . . . . . . . . 28
7.1 Client Local UI . . . . . . . . . . . . . . . . . . . . . . 25 8.2 Receiving User Interface Components . . . . . . . . . . . 28
7.2 Client-Remote UI . . . . . . . . . . . . . . . . . . . . . . 26 8.3 Mapping User Input to User Interface Components . . . . . 30
8. Intra Application Feature Interaction . . . . . . . . . . . 27 8.4 Receiving Updates to User Interface Components . . . . . . 30
9. Example Call Flow . . . . . . . . . . . . . . . . . . . . . 28 8.5 Terminating a User Interface Component . . . . . . . . . . 31
10. Security Considerations . . . . . . . . . . . . . . . . . . 33 9. Inter-Application Feature Interaction . . . . . . . . . . . . 32
11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 34 9.1 Client Local UI . . . . . . . . . . . . . . . . . . . . . 32
Normative References . . . . . . . . . . . . . . . . . . . . 35 9.2 Client-Remote UI . . . . . . . . . . . . . . . . . . . . . 33
Informative References . . . . . . . . . . . . . . . . . . . 36 10. Intra Application Feature Interaction . . . . . . . . . . . 34
Author's Address . . . . . . . . . . . . . . . . . . . . . . 36 11. Example Call Flow . . . . . . . . . . . . . . . . . . . . . 35
Intellectual Property and Copyright Statements . . . . . . . 37 12. Security Considerations . . . . . . . . . . . . . . . . . . 40
13. IANA Considerations . . . . . . . . . . . . . . . . . . . . 41
13.1 SIP Option Tag . . . . . . . . . . . . . . . . . . . . . . 41
13.2 Header Field Parameter . . . . . . . . . . . . . . . . . . 41
14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 42
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 43
15.1 Normative References . . . . . . . . . . . . . . . . . . . . 43
15.2 Informative References . . . . . . . . . . . . . . . . . . . 43
Author's Address . . . . . . . . . . . . . . . . . . . . . . . 44
Intellectual Property and Copyright Statements . . . . . . . . 45
1. Introduction 1. Introduction
The Session Initiation Protocol (SIP) [1] provides the ability for The Session Initiation Protocol (SIP) [1] provides the ability for
users to initiate, manage, and terminate communications sessions. users to initiate, manage, and terminate communications sessions.
Frequently, these sessions will involve a SIP application. A SIP Frequently, these sessions will involve a SIP application. A SIP
application is defined as a program running on a SIP-based element application is defined as a program running on a SIP-based element
(such as a proxy or user agent) that provides some value-added (such as a proxy or user agent) that provides some value-added
function to a user or system administrator. Examples of SIP function to a user or system administrator. Examples of SIP
applications include pre-paid calling card calls, conferencing, and applications include pre-paid calling card calls, conferencing, and
presence-based [10] call routing. presence-based [11] call routing.
In order for most applications to properly function, they need input In order for most applications to properly function, they need input
from the user to guide their operation. As an example, a pre-paid from the user to guide their operation. As an example, a pre-paid
calling card application requires the user to input their calling calling card application requires the user to input their calling
card number, their PIN code, and the destination number they wish to card number, their PIN code, and the destination number they wish to
reach. The process by which a user provides input to an application reach. The process by which a user provides input to an application
is called "application interaction". is called "application interaction".
Application interaction can be either functional or stimulus. Application interaction can be either functional or stimulus.
Functional interaction requires the user agent to understand the Functional interaction requires the user device to understand the
semantics of the application, whereas stimulus interaction does not. semantics of the application, whereas stimulus interaction does not.
Stimulus signaling allows for applications to be built without Stimulus signaling allows for applications to be built without
requiring modifications to the client. Stimulus interaction is the requiring modifications to the user device. Stimulus interaction is
subject of this framework. The framework provides a model for how the subject of this framework. The framework provides a model for
users interact with applications through user interfaces, and how how users interact with applications through user interfaces, and how
user interfaces and applications can be distributed throughout a user interfaces and applications can be distributed throughout a
network. This model is then used to describe how applications can network. This model is then used to describe how applications can
instantiate and manage user interfaces. instantiate and manage user interfaces.
2. Definitions 2. Definitions
SIP Application: A SIP application is defined as a program running on SIP Application: A SIP application is defined as a program running on
a SIP-based element (such as a proxy or user agent) that provides a SIP-based element (such as a proxy or user agent) that provides
some value-added function to a user or system administrator. some value-added function to a user or system administrator.
Examples of SIP applications include pre-paid calling card calls, Examples of SIP applications include pre-paid calling card calls,
conferencing, and presence-based [10] call routing. conferencing, and presence-based [11] call routing.
Application Interaction: The process by which a user provides input Application Interaction: The process by which a user provides input
to an application. to an application.
Real-Time Application Interaction: Application interaction that takes Real-Time Application Interaction: Application interaction that takes
place while an application instance is executing. For example, place while an application instance is executing. For example,
when a user enters their PIN number into a pre-paid calling card when a user enters their PIN number into a pre-paid calling card
application, this is real-time application interaction. application, this is real-time application interaction.
Non-Real Time Application Interaction: Application interaction that Non-Real Time Application Interaction: Application interaction that
takes place asynchronously with the execution of the application. takes place asynchronously with the execution of the application.
Generally, non-real time application interaction is accomplished Generally, non-real time application interaction is accomplished
through provisioning. through provisioning.
Functional Application Interaction: Application interaction is Functional Application Interaction: Application interaction is
functional when the user device has an understanding of the functional when the user device has an understanding of the
semantics of the interaction with the application. semantics of the interaction with the application.
Stimulus Application Interaction: Application interaction is Stimulus Application Interaction: Application interaction is
considered to be stimulus when the user device has no considered to be stimulus when the user device has no
understanding of the semantics of the interaction with the understanding of the semantics of the interaction with the
application. application.
User Interface (UI): The user interface provides the user with User Interface (UI): The user interface provides the user with
context in order to make decisions about what they want. The user context in order to make decisions about what they want. The user
enters information into the user interface. The user interface enters information into the user interface. The user interface
interprets the information, and passes it to the application. interprets the information, and passes it to the application.
User Interface Component: A piece of user interface which operates User Interface Component: A piece of user interface which operates
independently of other pieces of the user interface. For example, independently of other pieces of the user interface. For example,
a user might have two separate web interfaces to a pre-paid a user might have two separate web interfaces to a pre-paid
calling card application - one for hanging up and making another calling card application - one for hanging up and making another
call, and another for entering the username and PIN. call, and another for entering the username and PIN.
User Device: The software or hardware system that the user directly User Device: The software or hardware system that the user directly
interacts with in order to communicate with the application. An interacts with in order to communicate with the application. An
example of a user device is a telephone. Another example is a PC example of a user device is a telephone. Another example is a PC
with a web browser. with a web browser.
User Device Proxy: A software or hardware system that a user
indirectly interacts through in order to communicate with the
application. This indirection can be through a network. An
example is a gateway from IP to the Public Switched Telephone
Network (PSTN). It acts a user device proxy, acting on behalf of
the user on the circuit network.
User Input: The "raw" information passed from a user to a user User Input: The "raw" information passed from a user to a user
interface. Examples of user input include a spoken word or a click interface. Examples of user input include a spoken word or a
on a hyperlink. click on a hyperlink.
Client-Local User Interface: A user interface which is co-resident Client-Local User Interface: A user interface which is co-resident
with the user device. with the user device.
Client-Remote User Interface: A user interface which executes
Client Remote User Interface: A user interface which executes
remotely from the user device. In this case, a standardized remotely from the user device. In this case, a standardized
interface is needed between the user device and the user interface is needed between the user device and the user
interface. Typically, this is done through media sessions - audio, interface. Typically, this is done through media sessions -
video, or application sharing. audio, video, or application sharing.
Media Interaction: A means of separating a user and a user interface Media Interaction: A means of separating a user and a user interface
by connecting them with media streams. by connecting them with media streams.
Interactive Voice Response (IVR): An IVR is a type of user interface Interactive Voice Response (IVR): An IVR is a type of user interface
that allows users to speak commands to the application, and hear that allows users to speak commands to the application, and hear
responses to those commands prompting for more information. responses to those commands prompting for more information.
Prompt-and-Collect: The basic primitive of an IVR user interface.
Prompt-and-Collect: The basic primitive of an IVR user interface. The The user is presented with a voice option, and the user speaks
user is presented with a voice option, and the user speaks their their choice.
choice.
Barge-In: In an IVR user interface, a user is prompted to enter some Barge-In: In an IVR user interface, a user is prompted to enter some
information. With some prompts, the user may enter the requested information. With some prompts, the user may enter the requested
information before the prompt completes. In that case, the prompt information before the prompt completes. In that case, the prompt
ceases. The act of entering the information before completion of ceases. The act of entering the information before completion of
the prompt is referred to as barge-in. the prompt is referred to as barge-in.
Focus: A user interface component has focus when user input is Focus: A user interface component has focus when user input is
provided fed to it, as opposed to any other user interface provided fed to it, as opposed to any other user interface
components. This is not to be confused with the term focus within components. This is not to be confused with the term focus within
the SIP conferencing framework, which refers to the center user the SIP conferencing framework, which refers to the center user
agent in a conference [12]. agent in a conference [13].
Focus Determination: The process by which the user device determines Focus Determination: The process by which the user device determines
which user interface component will receive the user input. which user interface component will receive the user input.
Focusless User Interface: A user interface which has no ability to Focusless User Interface: A user interface which has no ability to
perform focus determination. An example of a focusless user perform focus determination. An example of a focusless user
interface is a keypad on a telephone. interface is a keypad on a telephone.
Presentation Capable UI: A user interface which can prompt the user Presentation Capable UI: A user interface which can prompt the user
with input, collect results, and then prompt the user with new with input, collect results, and then prompt the user with new
information based on those results. information based on those results.
Presentation Free UI: A user interface which cannot prompt the user Presentation Free UI: A user interface which cannot prompt the user
with information. with information.
Feature Interaction: A class of problems which result when multiple Feature Interaction: A class of problems which result when multiple
applications or application components are trying to provide applications or application components are trying to provide
services to a user at the same time. services to a user at the same time.
Inter-Application Feature Interaction: Feature interactions that Inter-Application Feature Interaction: Feature interactions that
occur between applications. occur between applications.
DTMF: Dual-Tone Multi-Frequency. DTMF refer to a class of tones DTMF: Dual-Tone Multi-Frequency. DTMF refer to a class of tones
generated by circuit switched telephony devices when the user generated by circuit switched telephony devices when the user
presses a key on the keypad. As a result, DTMF and keypad input presses a key on the keypad. As a result, DTMF and keypad input
are often used synonymously, when in fact one of them (DTMF) is are often used synonymously, when in fact one of them (DTMF) is
merely a means of conveying the other (the keypad input) to a merely a means of conveying the other (the keypad input) to a
client-remote user interface (the switch, for example). client-remote user interface (the switch, for example).
Application Instance: A single execution path of a SIP application. Application Instance: A single execution path of a SIP application.
Originating Application: A SIP application which acts as a UAC, Originating Application: A SIP application which acts as a UAC,
calling the user. making a call on behalf of the user.
Terminating Application: A SIP application which acts as a UAS, Terminating Application: A SIP application which acts as a UAS,
answering a call generated by a user. IVR applications are answering a call generated by a user. IVR applications are
terminating applications. terminating applications.
Intermediary Application: A SIP application which is neither the Intermediary Application: A SIP application which is neither the
caller or callee, but rather, a third party involved in a call. caller or callee, but rather, a third party involved in a call.
3. A Model for Application Interaction 3. A Model for Application Interaction
+---+ +---+ +---+ +---+ +---+ +---+ +---+ +---+
| | | | | | | | | | | | | | | |
| | | U | | U | | A | | | | U | | U | | A |
| | Input | s | Input | s | Results | p | | | Input | s | Input | s | Results | p |
| | ---------> | e | ---------> | e | ----------> | p | | | ---------> | e | ---------> | e | ----------> | p |
skipping to change at page 7, line 26 skipping to change at page 8, line 26
| | <--------- | v | <--------- | a | <.......... | t | | | <--------- | v | <--------- | a | <.......... | t |
| | | i | | c | | i | | | | i | | c | | i |
| | | c | | e | | o | | | | c | | e | | o |
| | | e | | | | n | | | | e | | | | n |
| | | | | | | | | | | | | | | |
+---+ +---+ +---+ +---+ +---+ +---+ +---+ +---+
Figure 1: Model for Real-Time Interactions Figure 1: Model for Real-Time Interactions
Figure 1 presents a general model for how users interact with Figure 1 presents a general model for how users interact with
applications. Generally, users interact with a user interface through applications. Generally, users interact with a user interface
a user device. A user device can be a telephone, or it can be a PC through a user device. A user device can be a telephone, or it can
with a web browser. Its role is to pass the user input from the user, be a PC with a web browser. Its role is to pass the user input from
to the user interface. The user interface provides the user with the user, to the user interface. The user interface provides the
context in order to make decisions about what they want. The user user with context in order to make decisions about what they want.
enters information into the user interface. The user interface The user enters information into the user interface. The user
interprets the information, and passes it to the application. The interface interprets the information, and passes it as a user
application may be able to modify the user interface based on this interface event to the application. The application may be able to
information. Whether or not this is possible depends on the type of modify the user interface based on this event. Whether or not this
user interface. is possible depends on the type of user interface.
User interfaces are fundamentally about rendering and interpretation. User interfaces are fundamentally about rendering and interpretation.
Rendering refers to the way in which the user is provided context. Rendering refers to the way in which the user is provided context.
This can be through hyperlinks, images, sounds, videos, text, and so This can be through hyperlinks, images, sounds, videos, text, and so
on. Interpretation refers to the way in which the user interface on. Interpretation refers to the way in which the user interface
takes the "raw" data provided by the user, and returns the result to takes the "raw" data provided by the user, and returns the result to
the application in a meaningful format, abstracted from the the application as a meaningful event, abstracted from the
particulars of the user interface. As an example, consider a pre-paid particulars of the user interface. As an example, consider a
calling card application. The user interface worries about details pre-paid calling card application. The user interface worries about
such as what prompt the user is provided, whether the voice is male details such as what prompt the user is provided, whether the voice
or female, and so on. It is concerned with recognizing the speech is male or female, and so on. It is concerned with recognizing the
that the user provides, in order to obtain the desired information. speech that the user provides, in order to obtain the desired
In this case, the desired information is the calling card number, the information. In this case, the desired information is the calling
PIN code, and the destination number. The application needs that card number, the PIN code, and the destination number. The
data, and it doesn't matter to the application whether it was application needs that data, and it doesn't matter to the application
collected using a male prompt or a female one. whether it was collected using a male prompt or a female one.
User interfaces generally have real-time requirements towards the User interfaces generally have real-time requirements towards the
user. That is, when a user interacts with the user interface, the user. That is, when a user interacts with the user interface, the
user interface needs to react quickly, and that change needs to be user interface needs to react quickly, and that change needs to be
propagated to the user right away. However, the interface between the propagated to the user right away. However, the interface between
user interface and the application need not be that fast. Faster is the user interface and the application need not be that fast. Faster
better, but the user interface itself can frequently compensate for is better, but the user interface itself can frequently compensate
long latencies there. In the case of a pre-paid calling card for long latencies there. In the case of a pre-paid calling card
application, when the user is prompted to enter their PIN, the prompt application, when the user is prompted to enter their PIN, the prompt
should generally stop immediately once the first digit of the PIN is should generally stop immediately once the first digit of the PIN is
entered. This is referred to as barge-in. After the user-interface entered. This is referred to as barge-in. After the user-interface
collects the rest of the PIN, it can tell the user to "please wait collects the rest of the PIN, it can tell the user to "please wait
while processing". The PIN can then be gradually transmitted to the while processing". The PIN can then be gradually transmitted to the
application. In this example, the user interface has compensated for application. In this example, the user interface has compensated for
a slow UI to application interface by asking the user to wait. a slow UI to application interface by asking the user to wait.
The separation between user interface and application is absolutely The separation between user interface and application is absolutely
fundamental to the entire framework provided in this document. Its fundamental to the entire framework provided in this document. Its
skipping to change at page 8, line 38 skipping to change at page 9, line 38
The first way to taxonomize the system is to consider the interface The first way to taxonomize the system is to consider the interface
between the UI and the application. There are two fundamentally between the UI and the application. There are two fundamentally
different models for this interface. In a functional interface, the different models for this interface. In a functional interface, the
user interface has detailed knowledge about the application, and is, user interface has detailed knowledge about the application, and is,
in fact, specific to the application. The interface between the two in fact, specific to the application. The interface between the two
components is through a functional protocol, capable of representing components is through a functional protocol, capable of representing
the semantics which can be exposed through the user interface. the semantics which can be exposed through the user interface.
Because the user interface has knowledge of the application, it can Because the user interface has knowledge of the application, it can
be optimally designed for that application. As a result, functional be optimally designed for that application. As a result, functional
user interfaces are almost always the most user friendly, the user interfaces are almost always the most user friendly, the fastest
fastest, the and the most responsive. However, in order to allow and the most responsive. However, in order to allow interoperability
interoperability between user devices and applications, the details between user devices and applications, the details of the functional
of the functional protocols need to be specified in standards. This protocols need to be specified in standards. This slows down
slows down innovation and limits the scope of applications that can innovation and limits the scope of applications that can be built.
be built.
An alternative is a stimulus interface. In a stimulus interface, the An alternative is a stimulus interface. In a stimulus interface, the
user interface is generic, totally ignorant of the details of the user interface is generic; totally ignorant of the details of the
application. Indeed, the application may pass instructions to the application. Indeed, the application may pass instructions to the
user interface describing how it should operate. The user interface user interface describing how it should operate. The user interface
translates user input into "stimulus" - which are data understood translates user input into "stimulus" - which are data understood
only by the application, and not by the user interface. Because they only by the application, and not by the user interface. Because they
are generic, and because they require communications with the are generic, and because they require communications with the
application in order to change the way in which they render application in order to change the way in which they render
information to the user, stimulus user interfaces are usually slower, information to the user, stimulus user interfaces are usually slower,
less user friendly, and less responsive than a functional less user friendly, and less responsive than a functional
counterpart. However, they allow for substantial innovation in counterpart. However, they allow for substantial innovation in
applications, since no standardization activity is needed to build a applications, since no standardization activity is needed to build a
new application, as long as it can interact with the user within the new application, as long as it can interact with the user within the
confines of the user interface mechanism. The web is an example of a confines of the user interface mechanism. The web is an example of a
stimulus user interface to applications. stimulus user interface to applications.
In SIP systems, functional interfaces are provided by extending the In SIP systems, functional interfaces are provided by extending the
SIP protocol to provide the needed functionality. For example, the SIP protocol to provide the needed functionality. For example, the
SIP caller preferences specification [13] provides a functional SIP caller preferences specification [14] provides a functional
interface that allows a user to request applications to route the interface that allows a user to request applications to route the
call to specific types of user agents. Functional interfaces are call to specific types of user agents. Functional interfaces are
important, but are not the subject of this framework. The primary important, but are not the subject of this framework. The primary
goal of this framework is to address the role of stimulus interfaces goal of this framework is to address the role of stimulus interfaces
to SIP applications. to SIP applications.
3.2 Real-Time vs. Non-Real Time 3.2 Real-Time vs. Non-Real Time
Application interaction systems can also be real-time or Application interaction systems can also be real-time or
non-real-time. Non-real interaction allows the user to enter non-real-time. Non-real interaction allows the user to enter
information about application operation in asynchronously with its information about application operation asynchronously with its
invocation. Frequently, this is done through provisioning systems. As invocation. Frequently, this is done through provisioning systems.
an example, a user can set up the forwarding number for a As an example, a user can set up the forwarding number for a
call-forward on no-answer application using a web page. Real-time call-forward on no-answer application using a web page. Real-time
interaction requires the user to interact with the application at the interaction requires the user to interact with the application at the
time of its invocation. time of its invocation.
3.3 Client-Local vs. Client-Remote 3.3 Client-Local vs. Client-Remote
Another axis in the taxonomization is whether the user interface is Another axis in the taxonomization is whether the user interface is
co-resident with the user device (which we refer to as a client-local co-resident with the user device (which we refer to as a client-local
user interface), or the user interface runs in a host separated from user interface), or the user interface runs in a host separated from
the client (which we refer to as a client-remote user interface). In the client (which we refer to as a client-remote user interface). In
a client-remote user interface, there exists some kind of protocol a client-remote user interface, there exists some kind of protocol
between the client device and the UI that allows the client to between the client device and the UI that allows the client to
interact with the user interface over a network. interact with the user interface over a network.
The most important way to separate the UI and the client device is The most important way to separate the UI and the client device is
through media interaction. In media interaction, the interface through media interaction. In media interaction, the interface
between the user and the user interface is through media - audio, between the user and the user interface is through media - audio,
video, messaging, and so on. This is the classic mode of operation video, messaging, and so on. This is the classic mode of operation
for VoiceXML [3], where the user interface (also referred to as the for VoiceXML [4], where the user interface (also referred to as the
voice browser) runs on a platform in the network. Users communicate voice browser) runs on a platform in the network. Users communicate
with the voice browser through the telephone network (or using a SIP with the voice browser through the telephone network (or using a SIP
session). The voice browser interacts with the application using HTTP session). The voice browser interacts with the application using
to convey the information collected from the user. HTTP to convey the information collected from the user.
In the case of a client-local user interface, the user interface runs In the case of a client-local user interface, the user interface runs
co-located with the user device. The interface between them is co-located with the user device. The interface between them is
through the software that interprets the users input and passes them through the software that interprets the users input and passes them
to the user interface. The classic example of this is the web. In the to the user interface. The classic example of this is the web. In
web, the user interface is a web browser, and the interface is the web, the user interface is a web browser, and the interface is
defined by the HTML document that it's rendering. The user interacts defined by the HTML document that it's rendering. The user interacts
directly with the user interface running in the browser. The results directly with the user interface running in the browser. The results
of that user interface are sent to the application (running on the of that user interface are sent to the application (running on the
web server) using HTTP. web server) using HTTP.
It is important to note that whether or not the user interface is It is important to note that whether or not the user interface is
local, or remote (in the case of media interaction), is not a local or remote (in the case of media interaction) is not a property
property of the modality of the interface, but rather a property of of the modality of the interface, but rather a property of the
the system. As an example, it is possible for a web-based user system. As an example, it is possible for a web-based user interface
interface to be provided with a client-remote user interface. In such to be provided with a client-remote user interface. In such a
a scenario, video and application sharing media sessions can be used scenario, video and application sharing media sessions can be used
between the user and the user interface. The user interface, still between the user and the user interface. The user interface, still
guided by HTML, now runs "in the network", remote from the client. guided by HTML, now runs "in the network", remote from the client.
Similarly, a VoiceXML document can be interpreted locally by a client Similarly, a VoiceXML document can be interpreted locally by a client
device, with no media streams at all. Indeed, the VoiceXML document device, with no media streams at all. Indeed, the VoiceXML document
can be rendered using text, rather than media, with no impact on the can be rendered using text, rather than media, with no impact on the
interface between the user interface and the application. interface between the user interface and the application.
It is also important to note that systems can be hybrid. In a hybrid It is also important to note that systems can be hybrid. In a hybrid
user interface, some aspects of it (usually those associated with a user interface, some aspects of it (usually those associated with a
particular modality) run locally, and others run remotely. particular modality) run locally, and others run remotely.
3.4 Presentation Capable vs. Presentation Free 3.4 Presentation Capable vs. Presentation Free
A user interface can be capable of presenting information to the user A user interface can be capable of presenting information to the user
(a presentation capable UI), or it can be capable only of collecting (a presentation capable UI), or it can be capable only of collecting
user input (a presentation free UI). These are very different types user input (a presentation free UI). These are very different types
of user interfaces. A presentation capable UI can provide the user of user interfaces. A presentation capable UI can provide the user
with feedback after every input, providing the context for collecting with feedback after every input, providing the context for collecting
the next input. As a result, presentation capable user interfaces the next input. As a result, presentation capable user interfaces
require an update to the information provided to the user after each require an update to the information provided to the user after each
input. The web is a classic example of this. After every input (i.e., input. The web is a classic example of this. After every input
a click), the browser provides the input to the application and (i.e., a click), the browser provides the input to the application
fetches the next page to render. In a presentation free user and fetches the next page to render. In a presentation free user
interface, this is not the case. Since the user is not provided with interface, this is not the case. Since the user is not provided with
feedback, these user interfaces tend to merely collect information as feedback, these user interfaces tend to merely collect information as
its entered, and pass it to the application. its entered, and pass it to the application.
Another difference is that a presentation-free user interface cannot Another difference is that a presentation-free user interface cannot
support the concept of a focus. As a result, if multiple applications support the concept of a focus. As a result, if multiple
wish to gather input from the user, there is no way for the user to applications wish to gather input from the user, there is no way for
select which application the input is destined for. The input the user to select which application the input is destined for. The
provided to applications through presentation-free user interfaces is input provided to applications through presentation-free user
more of a broadcast or notification operation, as a result. interfaces is more of a broadcast or notification operation, as a
result.
3.5 Interaction Scenarios on Telephones 4. Interaction Scenarios on Telephones
This same model can apply to a telephone. In a traditional telephone, In this section, we applied the model of Section 3 to telephones.
the user interface consists of a 12-key keypad, a speaker, and a
microphone. Indeed, from here forward, the term "telephone" is used In a traditional telephone, the user interface consists of a 12-key
to represent any device that meets, at a minimum, the characteristics keypad, a speaker, and a microphone. Indeed, from here forward, the
described in the previous sentence. Circuit-switched telephony term "telephone" is used to represent any device that meets, at a
applications are almost universally client-remote user interfaces. In minimum, the characteristics described in the previous sentence.
the Public Switched Telephone Network (PSTN), there is usually a Circuit-switched telephony applications are almost universally
circuit interface between the user and the user interface. The user client-remote user interfaces. In the Public Switched Telephone
input from the keypad is conveyed used Dual-Tone Multi-Frequency Network (PSTN), there is usually a circuit interface between the user
(DTMF), and the microphone input as Pulse Code Modulated (PCM) and the user interface. The user input from the keypad is conveyed
encoded voice. used Dual-Tone Multi-Frequency (DTMF), and the microphone input as
Pulse Code Modulated (PCM) encoded voice.
In an IP-based system, there is more variability in how the system In an IP-based system, there is more variability in how the system
can be instantiated. Both client-remote and client-local user can be instantiated. Both client-remote and client-local user
interfaces to a telephone can be provided. interfaces to a telephone can be provided.
In this framework, a PSTN gateway can be considered a "user proxy". In this framework, a PSTN gateway can be considered a User Device
It is a proxy for the user because it can provide, to a user Proxy. It is a proxy for the user because it can provide, to a user
interface on an IP network, input taken from a user on a circuit interface on an IP network, input taken from a user on a circuit
switched telephone. The gateway may be able to run a client-local switched telephone. The gateway may be able to run a client-local
user interface, just as an IP telephone might. user interface, just as an IP telephone might.
3.5.1 Client Remote 4.1 Client Remote
The most obvious instantiation is the "classic" circuit-switched The most obvious instantiation is the "classic" circuit-switched
telephony model. In that model, the user interface runs remotely from telephony model. In that model, the user interface runs remotely
the client. The interface between the user and the user interface is from the client. The interface between the user and the user
through media, set up by SIP and carried over the Real Time Transport interface is through media, set up by SIP and carried over the Real
Protocol (RTP) [14]. The microphone input can be carried using any Time Transport Protocol (RTP) [16]. The microphone input can be
suitable voice encoding algorithm. The keypad input can be conveyed carried using any suitable voice encoding algorithm. The keypad
in one of two ways. The first is to convert the keypad input to DTMF, input can be conveyed in one of two ways. The first is to convert
and then convey that DTMF using a suitance encoding algorithm for it the keypad input to DTMF, and then convey that DTMF using a suitance
(such as PCMU). An alternative, and generally the preferred approach, encoding algorithm for it (such as PCMU). An alternative, and
is to transmit the keypad input using RFC 2833 [15], which provides generally the preferred approach, is to transmit the keypad input
an encoding mechanism for carrying keypad input within RTP. using RFC 2833 [17], which provides an encoding mechanism for
carrying keypad input within RTP.
In this classic model, the user interface would run on a server in In this classic model, the user interface would run on a server in
the IP network. It would perform speech recognition and DTMF the IP network. It would perform speech recognition and DTMF
recognition to derive the user intent, feed them through the user recognition to derive the user intent, feed them through the user
interface, and provide the result to an application. interface, and provide the result to an application.
3.5.2 Client Local 4.2 Client Local
An alternative model is for the entire user interface to reside on An alternative model is for the entire user interface to reside on
the telephone. The user interface can be a VoiceXML browser, running the telephone. The user interface can be a VoiceXML browser, running
speech recognition on the microphone input, and feeding the keypad speech recognition on the microphone input, and feeding the keypad
input directly into the script. As discussed above, the VoiceXML input directly into the script. As discussed above, the VoiceXML
script could be rendered using text instead of voice, if the script could be rendered using text instead of voice, if the
telephone had a textual display. telephone had a textual display.
3.5.3 Flip-Flop For simpler phones without a display, the user interface can be
described by a Keypad Markup Language request document [7]. As the
user enters digits in the keypad, they are passed to the user
interface, which generates user interface events that can be
transported to the application.
4.3 Flip-Flop
A middle-ground approach is to flip back and forth between a A middle-ground approach is to flip back and forth between a
client-local and client-remote user interface. Many voice client-local and client-remote user interface. Many voice
applications are of the type which listen to the media stream and applications are of the type which listen to the media stream and
wait for some specific trigger that kicks off a more complex user wait for some specific trigger that kicks off a more complex user
interaction. The long pound in a pre-paid calling card application is interaction. The long pound in a pre-paid calling card application
one example. Another example is a conference recording application, is one example. Another example is a conference recording
where the user can press a key at some point in the call to begin application, where the user can press a key at some point in the call
recording. When the key is pressed, the user hears a whisper to to begin recording. When the key is pressed, the user hears a
inform them that recording has started. whisper to inform them that recording has started.
The ideal way to support such an application is to install a The ideal way to support such an application is to install a
client-local user interface component that waits for the trigger to client-local user interface component that waits for the trigger to
kick off the real interaction. Once the trigger is received, the kick off the real interaction. Once the trigger is received, the
application connects the user to a client-remote user interface that application connects the user to a client-remote user interface that
can play announements, collect more information, and so on. can play announements, collect more information, and so on.
The benefit of flip-flopping between a client-local and client-remote The benefit of flip-flopping between a client-local and client-remote
user interface is cost. The client-local user interface will user interface is cost. The client-local user interface will
eliminate the need to send media streams into the network just to eliminate the need to send media streams into the network just to
wait for the user to press the pound key on the keypad. wait for the user to press the pound key on the keypad.
The Keypad Markup Language (KPML) was designed to support exactly The Keypad Markup Language (KPML) was designed to support exactly
this kind of need [6]. It models the keypad on a phone, and allows an this kind of need [7]. It models the keypad on a phone, and allows
application to be informed when any sequence of keys have been an application to be informed when any sequence of keys have been
pressed. However, KPML has no presentation component. Since user pressed. However, KPML has no presentation component. Since user
interfaces generally require a response to user input, the interfaces generally require a response to user input, the
presentation will need to be done using a client-remote user presentation will need to be done using a client-remote user
interface that gets instantiated as a result of the trigger. interface that gets instantiated as a result of the trigger.
It is tempting to use a hybrid model, where a prompt-and-collect It is tempting to use a hybrid model, where a prompt-and-collect
application is implemented by using a client-remote user interface application is implemented by using a client-remote user interface
that plays the prompts, and a client-local user interface, described that plays the prompts, and a client-local user interface, described
by KPML, that collects digits. However, this only complicates the by KPML, that collects digits. However, this only complicates the
application. Firstly, the keypad input will be sent to both the media application. Firstly, the keypad input will be sent to both the
stream and the KPML user interface. This requires the application to media stream and the KPML user interface. This requires the
sort out which user inputs are duplicates, a process that is very application to sort out which user inputs are duplicates, a process
complicated. Secondly, the primary benefit of KPML is to avoid having that is very complicated. Secondly, the primary benefit of KPML is
a media stream towards a user interface. However, there is already a to avoid having a media stream towards a user interface. However,
media stream for the prompting, so there is no real savings. there is already a media stream for the prompting, so there is no
real savings.
4. Framework Overview 5. Framework Overview
In this framework, we use the term "SIP application" to refer to a In this framework, we use the term "SIP application" to refer to a
broad set of functionality. A SIP application is a program running on broad set of functionality. A SIP application is a program running
a SIP-based element (such as a proxy or user agent) that provides on a SIP-based element (such as a proxy or user agent) that provides
some value-added function to a user or system administrator. SIP some value-added function to a user or system administrator. SIP
applications can execute on behalf of a caller, a called party, or a applications can execute on behalf of a caller, a called party, or a
multitude of users at once. multitude of users at once.
Each application has a number of instances that are executing at any Each application has a number of instances that are executing at any
given time. An instance represents a single execution path for an given time. An instance represents a single execution path for an
application. Each instance has a well defined lifecycle. It is application. Each instance has a well defined lifecycle. It is
established as a result of some event. That event can be a SIP event, established as a result of some event. That event can be a SIP
such as the reception of a SIP INVITE request, or it can be a non-SIP event, such as the reception of a SIP INVITE request, or it can be a
event, such as a web form post or even a timer. Application instances non-SIP event, such as a web form post or even a timer. Application
also have a specific end time. Some instances have a lifetime that is instances also have a specific end time. Some instances have a
coupled with a SIP transaction or dialog. For example, a proxy lifetime that is coupled with a SIP transaction or dialog. For
application might begin when an INVITE arrives, and terminate when example, a proxy application might begin when an INVITE arrives, and
the call is answered. Other applications have a lifetime that spans terminate when the call is answered. Other applications have a
multiple dialogs or transactions. For example, a conferencing lifetime that spans multiple dialogs or transactions. For example, a
application instance may exist so long as there are any dialogs conferencing application instance may exist so long as there are any
connected to it. When the last dialog terminates, the application dialogs connected to it. When the last dialog terminates, the
instance terminates. Other applications have a liftime that is application instance terminates. Other applications have a liftime
completely decoupled from SIP events. that is completely decoupled from SIP events.
It is fundamental to the framework described here that multiple It is fundamental to the framework described here that multiple
application instances may interact with a user during a single SIP application instances may interact with a user during a single SIP
transaction or dialog. Each instance may be for the same application, transaction or dialog. Each instance may be for the same
or different applications. Each of the applications may be completely application, or different applications. Each of the applications may
independent, in that they may be owned by different providers, and be completely independent, in that they may be owned by different
may not be aware of each others existence. Similarly, there may be providers, and may not be aware of each others existence. Similarly,
application instances interacting with the caller, and instances there may be application instances interacting with the caller, and
interacting with the callee, both within the same transaction or instances interacting with the callee, both within the same
dialog. transaction or dialog.
The first step in the interaction with the user is to instantiate one The first step in the interaction with the user is to instantiate one
of more user interface components for the application instance. A or more user interface components for the application instance. A
user interface component is a single piece of the user interface that user interface component is a single piece of the user interface that
is defined by a logical flow that is not synchronously coupled with is defined by a logical flow that is not synchronously coupled with
any other component. In other words, each component runs more or less any other component. In other words, each component runs more or
independently. less independently.
A user interface component can be instantiated in one of the user A user interface component can be instantiated in one of the user
agents in a dialog (for a client-local user interface), or within a agents in a dialog (for a client-local user interface), or within a
network element (for a client-remote user interface). If a network element (for a client-remote user interface). If a
client-local user interface is to be used, the application needs to client-local user interface is to be used, the application needs to
determine whether or not the user agent is capable of supporting a determine whether or not the user agent is capable of supporting a
client-local user interface, and in what format. In this framework, client-local user interface, and in what format. In this framework,
all client-local user interface components are described by a markup all client-local user interface components are described by a markup
language. A markup language describes a logical flow of presentation language. A markup language describes a logical flow of presentation
of information to the user, collection of information from the user, of information to the user, collection of information from the user,
and transmission of that information to an application. Examples of and transmission of that information to an application. Examples of
markup languages include HTML, WML, VoiceXML, and the Keypad Markup markup languages include HTML, WML, VoiceXML, and the Keypad Markup
Language (KPML) [6]. Language (KPML) [7].
Unlike an application instance, which has very flexible lifetimes, a Unlike an application instance, which has very flexible lifetimes, a
user interface component has a very fixed lifetime. A user interface user interface component has a very fixed lifetime. A user interface
component is always associated with a dialog. The user interface component is always associated with a dialog. The user interface
component can be created at any point after the dialog (or early component can be created at any point after the dialog (or early
dialog) is created. However, the user interface component terminates dialog) is created. However, the user interface component terminates
when the dialog terminates. The user interface component can be when the dialog terminates. The user interface component can be
terminated earlier by the user agent, and possibly by the terminated earlier by the user agent, and possibly by the
application, but its lifetime never exceeds that of its associated application, but its lifetime never exceeds that of its associated
dialog. dialog.
There are two ways to create a client local interface component. For There are two ways to create a client local interface component. For
interface components that are presentation capable, the application interface components that are presentation capable, the application
sends a REFER [5] request to the user agent. The Refer-To header sends a REFER [6] request to the user agent. The Refer-To header
field contains an HTTP URI that points to the markup for the user field contains an HTTP URI that points to the markup for the user
interface. For interface components that are presentation free (such interface. For interface components that are presentation free (such
as those defined by KPML), the application sends a SUBSCRIBE request as those defined by KPML), the application sends a SUBSCRIBE request
to the user agent. The body of the SUBSCRIBE request contains a to the user agent. The body of the SUBSCRIBE request contains a
filter, which, in this case, is the markup that defines when filter, which, in this case, is the markup that defines when
information is to be sent to the application in a NOTIFY. information is to be sent to the application in a NOTIFY.
If a user interface component is to be instantiated in the network, If a user interface component is to be instantiated in the network,
there is no need to determine the capabilities of the device on which there is no need to determine the capabilities of the device on which
the user interface is instantiated. Presumably, it is on a device on the user interface is instantiated. Presumably, it is on a device on
skipping to change at page 14, line 45 skipping to change at page 17, line 45
application does need to connect the user device to the user application does need to connect the user device to the user
interface. This will require manipulation of media streams in order interface. This will require manipulation of media streams in order
to establish that connection. to establish that connection.
The interface between the user interface component and the The interface between the user interface component and the
application depends on the type of user interface. For presentation application depends on the type of user interface. For presentation
capable user interfaces, such as those described by HTML and capable user interfaces, such as those described by HTML and
VoiceXML, HTTP form POST operations are used. For presentation free VoiceXML, HTTP form POST operations are used. For presentation free
user interfaces, a SIP NOTIFY is used. The differing needs and user interfaces, a SIP NOTIFY is used. The differing needs and
capabilities of these two user interfaces, as described in Section capabilities of these two user interfaces, as described in Section
3.4, is what drives the different choices for the interactions. Since 3.4, is what drives the different choices for the interactions.
presentation capable user interfaces require an update to the Since presentation capable user interfaces require an update to the
presentation every time user data is entered, they are a good match presentation every time user data is entered, they are a good match
for HTTP. Since presentation free user interfaces merely transmit for HTTP. Since presentation free user interfaces merely transmit
user input to the application, a NOTIFY is more appropriate. user input to the application, a NOTIFY is more appropriate.
Indeed, for presentation free user interfaces, there are two Indeed, for presentation free user interfaces, there are two
different modalities of operation. The first is called "one shot". In different modalities of operation. The first is called "one shot".
the one-shot role, the markup waits for a user to enter some In the one-shot role, the markup waits for a user to enter some
information, and when they do, reports this event to the application. information, and when they do, reports this event to the application.
The application then does something, and the markup is no longer The application then does something, and the markup is no longer
used. In the other modality, called "monitor", the markup stays used. In the other modality, called "monitor", the markup stays
permanently resident, and reports information back to an application permanently resident, and reports information back to an application
until termination of the associated dialog. until termination of the associated dialog.
5. Application Behavior 6. Deployment Topologies
This section presents some of the network topologies in which this
framework can be instantiated.
6.1 Third Party Application
+-------------+
/---| Application |
/ +-------------+
/
SUB/ / REFER/
NOT / HTTP
/
+--------+ SIP (INVITE) +-----+
| UI A--------------------X |
|........| | SIP |
| User | RTP | UA |
| Device B--------------------Y |
+--------+ +-----+
Figure 2: Third Party Topology
In this topology, the application that is interested in interacting
with the users exists outside of the SIP dialog between the user
agents. In that case, the application learns about the initiation
and termination of the dialog, along with the dialog identifiers,
through some out of band means. One such possibility is the dialog
event package [15]. Dialog information is only revealed to trusted
parties, so the application would need to be trusted by one of the
users in order to obtain this information.
At any point during the dialog, the application can instantiate user
interface components on the user device of the caller or callee. It
can do this either using SUBSCRIBE or REFER, depending on the type of
user interface (presentation capable or presentation free).
6.2 Co-Resident Application
+--------+ SIP (INVITE) +-----+
| User A--------------------X SIP |
| Device | RTP | UA |
|........B--------------------Y |
| | SUB/NOT | App)|
| UI A'-------------------X' |
+--------+ REFER/HTTP +-----+
Figure 3: Co-Resident Topology
In this deployment topology, the application is co-resident with one
of the user agents (the one on the right in the picture above). This
application can install client-local user interface components on the
other user agent, which is acting as the user device. These
components can be installed using either SUBSCRIBE, for presentation
free user interfaces, or REFER, for presentation capable ones.
If the application resides in the called party, it is called a
terminating application. If it resides in the calling party, it is
called an originating application.
This kind of topology is common in protocol converter and gateway
applications.
6.3 Third Party Application and User Device Proxy
+-------------+
/---| Application |
/ +-------------+
/
SUB/ / REFER/
NOT / HTTP
/
+-----+ SIP +---M----+ SIP +-----+
| V--------------------C A--------------------X |
| SIP | | UI | | SIP |
| UAa | RTP | | RTP | UAb |
| W--------------------D B--------------------Y |
+-----+ +--------+ +-----+
User User
Device Device
Proxy
Figure 4: User Device Proxy Topology
In this deployment topology, there is a third party application as in
Section 6.1. However, instead of installing a user interface
component on the end user device, the component is installed in an
intermediate device, known as a User Device Proxy. From the
perspective of the actual user device (on the left), the User Device
Proxy is a client remote user interface. As such, media, typically
transported using RTP (including RFC 2833 for carrying user input),
is sent from the user device to the client remote user interface on
the User Device Proxy. As far as the application is concerned, it is
installing what it thinks is a client local user interface on the
user device, but it happens to be on a user device proxy which looks
like the user device to the application.
The user device proxy will need to terminate and re-originate both
signaling (SIP) and media traffic towards the actual peer in the
conversation. The User Device Proxy is a media relay in the
terminology of RFC 3550 [16]. The User Device Proxy will need to
monitor the media streams associated with each dialog, in order to
convert user input received in the media stream to events reported to
the user interface. This can pose a challenge in multi-media
systems, where it may be unclear on which media stream the user input
is being sent. As discussed in RFC 3264 [18], if a user agent has a
single media source and is supporting multiple streams, it is
supposed to send that source to all streams. In cases where there
are multiple sources, the mapping is a matter of local policy. In
the absence of a way to explicitly identify or request which sources
map to which streams, the user device proxy will need to do the best
job it can. This specification RECOMMENDS that the User Device Proxy
monitor the first stream (defined in terms of ordering of media
sessions within a session description). As such, user agents SHOULD
send their user input on the first stream, absent a policy to direct
it otherwise.
6.4 Proxy Application
+----------+
SUB/NOT | App | SUB/NOT
+--------------->| |<-----------------+
| REFER/HTTP |..........| REFER/HTTP |
| | SIP | |
| | Proxy | |
| +----------+ |
V ^ | V
+----------+ | | +----------+
| UI | INVITE | | INVITE | UI |
| |------------+ +------------>| |
|......... | |..........|
| SIP |...................................| SIP |
| UA | | UA |
+----------+ RTP +----------+
User Device User Device
Figure 5: Proxy Application Topology
In this topology, the application is co-resident with a transaction
stateful, record-routing proxy server on the call path between two
user devices. The application uses SUBSCRIBE or REFER to install
user interface components on one or both user devices.
This topology is common in routing applications, such as a
web-assisted call routing application.
7. Application Behavior
The behavior of an application within this framework depends on The behavior of an application within this framework depends on
whether it seeks to use a client-local or client-remote user whether it seeks to use a client-local or client-remote user
interface. interface.
5.1 Client Local Interfaces 7.1 Client Local Interfaces
One key component of this framework is support for client local user One key component of this framework is support for client local user
interfaces. interfaces.
5.1.1 Discovering Capabilities 7.1.1 Discovering Capabilities
A client local user interface can only be instantiated on a user A client local user interface can only be instantiated on a user
agent if the user agent supports that type of user interface agent if the user agent supports that type of user interface
component. Support for client local user interface components is component. Support for client local user interface components is
declared by both the UAC and a UAS in its Accept, Allow, Contact and declared by both the UAC and a UAS in its Accept, Allow, Contact and
Allow-Event header fields of dialog-initiating requests and Allow-Event header fields of dialog-initiating requests and
responses. If the Allow header field indicates support for the SIP responses. If the Allow header field indicates support for the SIP
SUBSCRIBE method, and the Allow-Event header field indicates support SUBSCRIBE method, and the Allow-Event header field indicates support
for the kpml package [6], and the Contact header field indicates that for the kpml package [7], and the Supported header field indicates
its URI is a GRUU [9] it means that the UA can instantiate that its Contact URI is a GRUU [8], it means that the UA can
presentation free user interface components. In this case, the instantiate presentation free user interface components. In this
application MAY push presentation free user interface components case, the application MAY push presentation free user interface
according to the rules of Section 5.1.2. The specific markup components according to the rules of Section 7.1.2. The specific
languages that can be supported are indicated in the Accept header markup languages that can be supported are indicated in the Accept
field. header field.
If the Allow header field indicates support for the SIP REFER method, If the Allow header field indicates support for the SIP REFER method,
and the Contact header field contains UA capabilities [4] that the Supported header field indicates support for the "refer-context"
indicate support for the HTTP URI scheme, it means that the UA extension described below, and the Contact header field contains UA
supports presentation capable user interface components. In this capabilities [5] that indicate support for the HTTP URI scheme, it
case, the application MAY push presentation capable user interface means that the UA supports presentation capable user interface
components to the client according to the rules of Section 5.1.2. The components. In this case, the application MAY push presentation
specific markups that are supported are indicated in the Accept capable user interface components to the client according to the
header field. rules of Section 7.1.2. The specific markups that are supported are
indicated in the Accept header field.
5.1.2 Pushing an Initial Interface Component A third party application that is not present on the call path will
not be privy to these headers in the dialog requests that pass by.
As such, it will need to obtain this capability information in other
ways. One way is through the registration event package [19], which
can contain user agent capability information provided in REGISTER
requests [5].
7.1.2 Pushing an Initial Interface Component
Generally, we anticipate that interface components will need to be Generally, we anticipate that interface components will need to be
created at various different points in a SIP session. Clearly, they created at various different points in a SIP session. Clearly, they
will need to be pushed during session setup, or after the session is will need to be pushed during session setup, or after the session is
established. A user interface component is always associated with a established. A user interface component is always associated with a
specific dialog, however. specific dialog, however.
An application MUST NOT attempt to push a user interface component to An application MUST NOT attempt to push a user interface component to
a user agent until it has determined that the user agent has the a user agent until it has determined that the user agent has the
neccesary capabilities and a dialog has been created. In the case of neccesary capabilities and a dialog has been created. In the case of
a UAC, this means that an application MUST NOT push a user interface a UAC, this means that an application MUST NOT push a user interface
component for an INVITE initiated dialog until the application has component for an INVITE initiated dialog until the application has
seen a 200 OK followed by an ACK. For SUBSCRIBE initiated dialogs, it seen a request confirming the receipt of a dialog-creating response.
MUST NOT push a user interface component until the application has This could be an ACK for a 200 OK, or a PRACK for a provisional
seen a 200 OK to the NOTIFY request. For a user interface component response [2]. For SUBSCRIBE initiated dialogs, it MUST NOT push a
on a UAS, the application MUST NOT push a user interface component user interface component until the application has seen a 200 OK to
for an INVITE initiated dialog until it has seen a 200 OK from the the NOTIFY request. For a user interface component on a UAS, the
UAS. For a SUBSCRIBE initiated dialog, it MUST NOT push a user application MUST NOT push a user interface component for an INVITE
initiated dialog until it has seen a dialog-creating response from
the UAS. For a SUBSCRIBE initiated dialog, it MUST NOT push a user
interface component until it has seen a NOTIFY request from the interface component until it has seen a NOTIFY request from the
notifier. notifier.
To create a presentation capable UI component on the UA, the To create a presentation capable UI component on the UA, the
application sends a REFER request to the UA. This REFER MUST be sent application sends a REFER request to the UA. This REFER MUST be sent
to the Globally Routable UA URI (GRUU) [9] advertised by that UA in to the Globally Routable UA URI (GRUU) [8] advertised by that UA in
the Contact header field of the dialog initiating request or response the Contact header field of the dialog initiating request or response
sent by that UA. Note that this REFER request creates a separate sent by that UA. Note that this REFER request creates a separate
dialog between the application and the UA. The Refer-To header field dialog between the application and the UA. The Refer-To header field
of the REFER request MUST contain an HTTP URI that references the of the REFER request MUST contain an HTTP URI that references the
markup document to be fetched. markup document to be fetched.
OPEN ISSUE: The refer needs to provide a context to the UA, and in Furthermore, it is essential for the REFER request to be correlated
particular, identify the specific dialog that this component is with the dialog to which the user interface component will be
associated with. There is no obvious candidate for this when REFER associated. This is necessary for authorization and for terminating
is used. The former proposal, of using a grid, cannot work because the user interface components when the dialog terminates. To provide
of forking. this context, this specification defines the "context" header field
parameter as an extension to the Refer-To heder field. The grammar
for this header field parameter is:
refer-to-ctxt = "context" EQUAL DQUOTE local-tag "," remote-tag
"," callid DQUOTE ; callid defined in RFC 3261
;; NOTE: any DQUOTEs inside callid MUST be escaped
;; using quoted pair
local-tag = token
remote-tag = token
Refer-To = ("Refer-To" / "r") HCOLON ( name-addr / addr-spec ) *
(SEMI (generic-param / refer-to-ctxt))
The application MUST include the context header field parameter in
the REFER request. The remote-tag MUST be set to the remote tag of
the dialog as seen by the user device. The local-tag MUST be set to
the local tag of the dialog as seen by the user device. The callid
MUST be set to the Call-ID of the dialog as seen by the device.
Since the callid grammar allows it to contain double quotes, any such
double quotes MUST be represented with a quoted pair.
Since the "context" parameter in the Refer-To header field must be
understood by the UA to process the request, this specification
defines a new SIP option tag, "refer-context". A REFER request
generated by an application MUST include a Require header field with
this option tag value. Fortunately, the application will know ahead
of time whether this extension is supported, as discussed in Section
7.1.1.
To create a presentation free user interface component, the To create a presentation free user interface component, the
application sends a SUBSCRIBE request to the UA. The SUBSCRIBE MUST application sends a SUBSCRIBE request to the UA. The SUBSCRIBE MUST
be sent to the GRUU advertised by the UA. This SUBSCRIBE request be sent to the GRUU advertised by the UA. This SUBSCRIBE request
creates a separate dialog. The SUBSCRIBE request MUST use the KPML creates a separate dialog. The SUBSCRIBE request MUST use the KPML
[6] event package. The Event header field MUST contain parameters [7] event package. The Event header field MUST contain parameters
which identify the particular dialog that the interface component is which identify the particular dialog that the interface component is
being instantiated against. The body of the SUBSCRIBE request being instantiated against. The body of the SUBSCRIBE request
contains the markup document that defines the conditions under which contains the markup document that defines the conditions under which
the application wishes to be notified of user input. the application wishes to be notified of user input.
In both cases, the REFER or SUBSCRIBE request SHOULD include a In both cases, the REFER or SUBSCRIBE request SHOULD include a
display name in the From header field which identifies the name of display name in the From header field which identifies the name of
the application. For example, a prepaid calling card might include a the application. For example, a prepaid calling card might include a
From header field which looks like: From header field which looks like:
From: "Prepaid Calling Card" <sip:prepaid@example.com> From: "Prepaid Calling Card" <sip:prepaid@example.com>
To authenticate themselves, it is RECOMMENDED that applications use Any of the SIP identity assertion mechanisms that have been defined,
the SIP identity mechanism [7] in the REFER or SUBSCRIBE requests such as [10] and [12] are applicable to these requests as well.
they generate. This mechanism has the benefit that the signature is
over an authenticated identity body [8], which includes the From
header field. As such, the client can obtain cryptographic assurances
about the service provider (the domain in the From header field)
along with the name of the application.
5.1.3 Updating an Interface Component 7.1.3 Updating an Interface Component
Once a user interface component has been created on a client, it can Once a user interface component has been created on a client, it can
be updated. The means for updating it depends on the type of UI be updated. The means for updating it depends on the type of UI
component. component.
Presentation capable UI components are updated using techniques Presentation capable UI components are updated using techniques
already in place for those markups. In particular, user input will already in place for those markups. In particular, user input will
cause an HTTP POST operation to push the user input to the cause an HTTP POST operation to push the user input to the
application. The result of the POST operation is a new markup that application. The result of the POST operation is a new markup that
the UI is supposed to use. This allows the UI to updated in response the UI is supposed to use. This allows the UI to updated in response
to user action. Some markups, such as HTML, provide the ability to to user action. Some markups, such as HTML, provide the ability to
force a refresh after a certain period of time, so that the UI can be force a refresh after a certain period of time, so that the UI can be
updated without user input. Those mechanisms can be used here as updated without user input. Those mechanisms can be used here as
well. However, there is no support for an asynchronous push of an well. However, there is no support for an asynchronous push of an
updated UI component from the appliciation to the user agent. A new updated UI component from the appliciation to the user agent. A new
REFER request to the same GRUU would create a new UI component rather REFER request to the same GRUU would create a new UI component rather
than updating any components already in place. than updating any components already in place.
For presentation free UI, the story is different. The application MAY For presentation free UI, the story is different. The application
update the filter at any time by generating a SUBSCRIBE refresh with MAY update the filter at any time by generating a SUBSCRIBE refresh
the new filter. The UA will immediately begin using this new filter. with the new filter. The UA will immediately begin using this new
filter.
5.1.4 Terminating an Interface Component 7.1.4 Terminating an Interface Component
User interface components have a well defined lifetime. They are User interface components have a well defined lifetime. They are
created when the component is first pushed to the client. User created when the component is first pushed to the client. User
interface components are always associated with the SIP dialog on interface components are always associated with the SIP dialog on
which they were pushed. As such, their lifetime is bound by the which they were pushed. As such, their lifetime is bound by the
lifetime of the dialog. When the dialog ends, so does the interface lifetime of the dialog. When the dialog ends, so does the interface
component. component.
However, there are some cases where the application would like to However, there are some cases where the application would like to
terminate the user interface component before its natural termination terminate the user interface component before its natural termination
point. For presentation capable user interfaces, this is not point. For presentation capable user interfaces, this is not
possible. For presentation free user interfaces, the application MAY possible. For presentation free user interfaces, the application MAY
terminate the component by sending a SUBSCRIBE with Expires equal to terminate the component by sending a SUBSCRIBE with Expires equal to
zero. This terminates the subscription, which removes the UI zero. This terminates the subscription, which removes the UI
component. component.
A client can remove a UI component at any time. For presentation A client can remove a UI component at any time. For presentation
aware UI, this is analagous to the user dismissing the web form capable UI, this is analagous to the user dismissing the web form
window. There is no mechanism provided for reporting this kind of window. There is no mechanism provided for reporting this kind of
event to the application. The applicatio MUST be prepared to time event to the application. The application MUST be prepared to time
out, and never receive input from a user. For presentation free user out, and never receive input from a user. For presentation free user
interfaces, the UA can explicitly terminate the subscription. This interfaces, the UA can explicitly terminate the subscription. This
will result in the generation of a NOTIFY with a Subscription-State will result in the generation of a NOTIFY with a Subscription-State
header field equal to "terminated". header field equal to "terminated".
5.2 Client Remote Interfaces 7.2 Client Remote Interfaces
As an alternative to, or in conjunction with client local user As an alternative to, or in conjunction with client local user
interfaces, an application can make use of client remote user interfaces, an application can make use of client remote user
interfaces. These user interfaces can execute co-resident with the interfaces. These user interfaces can execute co-resident with the
application itself (in which case no standardized interfaces between application itself (in which case no standardized interfaces between
the UI and the application need to be used), or it can run the UI and the application need to be used), or it can run
separately. This framework assumes that the user interface runs on a separately. This framework assumes that the user interface runs on a
host that has a sufficient trust relationship with the application. host that has a sufficient trust relationship with the application.
As such, the means for instantiating the user interface is not As such, the means for instantiating the user interface is not
considered here. considered here.
The primary issue is to connect the user device to the remote user The primary issue is to connect the user device to the remote user
interface. Doing so requires the manipulation of media streams interface. Doing so requires the manipulation of media streams
between the client and the user interface. Such manipulation can only between the client and the user interface. Such manipulation can
be done by user agents. There are two types of user agent only be done by user agents. There are two types of user agent
applications within this framework - originating/terminating applications within this framework - originating/terminating
applications, and intermediary applications. applications, and intermediary applications.
5.2.1 Originating and Terminating Applications 7.2.1 Originating and Terminating Applications
Originating and terminating applications are applications which are Originating and terminating applications are applications which are
themselves the originator or the final recipient of a SIP invitation. themselves the originator or the final recipient of a SIP invitation.
They are "pure" user agent applications - not back-to-back user They are "pure" user agent applications - not back-to-back user
agents. The classic example of such an application is an interactive agents. The classic example of such an application is an interactive
voice response (IVR) application, which is typically a terminating voice response (IVR) application, which is typically a terminating
application. Its a terminating application because the user application. It is a terminating application because the user
explicitly calls it; i.e., it is the actual called party. An example explicitly calls it; i.e., it is the actual called party. An example
of an originating application is a wakeup call application, which of an originating application is a wakeup call application, which
calls a user at a specified time in order to wake them up. calls a user at a specified time in order to wake them up.
Because originating and terminating applications are a natural Because originating and terminating applications are a natural
termination point of the dialog, manipulation of the media session by termination point of the dialog, manipulation of the media session by
the application is trivial. Traditional SIP techniques for adding and the application is trivial. Traditional SIP techniques for adding
removing media streams, modifying codecs, and changing the address of and removing media streams, modifying codecs, and changing the
the recipient of the media streams, can be applied. Similarly, the address of the recipient of the media streams, can be applied.
application can directly authenticate itself to the user through S/ Similarly, the application can directly authenticate itself to the
MIME, since it is the peer UA in the dialog. user through S/MIME, since it is the peer UA in the dialog.
5.2.2 Intermediary Applications 7.2.2 Intermediary Applications
Intermediary applications are, at the same time, more common than Intermediary applications are, at the same time, more common than
originating/terminating applications, and more complex. Intermediary originating/terminating applications, and more complex. Intermediary
applications are applications that are neither the actual caller or applications are applications that are neither the actual caller or
called party. Rather, they represent a "third party" that wishes to called party. Rather, they represent a "third party" that wishes to
interact with the user. The classic example is the ubiquitous interact with the user. The classic example is the ubiquitous
pre-paid calling card application. pre-paid calling card application.
In order for the intermediary application to add a client remote user In order for the intermediary application to add a client remote user
interface, it needs to manipulate the media streams of the user agent interface, it needs to manipulate the media streams of the user agent
to terminate on that user interface. This also introduces a to terminate on that user interface. This also introduces a
fundamental feature interaction issue. Since the intermediary fundamental feature interaction issue. Since the intermediary
application is not an actual participant in the call, how does the application is not an actual participant in the call, how does the
user interact with the intermediary application, and its actual peer user interact with the intermediary application, and its actual peer
in the dialog, at the same time? This is discussed in more detail in in the dialog, at the same time? This is discussed in more detail in
Section 7. Section 9.
6. User Agent Behavior 8. User Agent Behavior
6.1 Advertising Capabilities 8.1 Advertising Capabilities
In order to participate in applications that make use of stimulus In order to participate in applications that make use of stimulus
interfaces, a user agent needs to advertise its interaction interfaces, a user agent needs to advertise its interaction
capabilities. capabilities.
If a user agent supports presentation capable user interfaces, it If a user agent supports presentation capable user interfaces, it
MUST support the REFER method. It MUST include, in all dialog MUST support the REFER method, along with the "context" extension
initiating requests and responses, an Allow header field that defined here. It MUST include, in all dialog initiating requests and
includes the REFER method. Furthermore, the UA MUST support the SIP responses, an Allow header field that includes the REFER method and
user agent capabilities specification [4]. The UA MUST be capable of and the Supported header field that includes the value
being REFER'd to an HTTP URI. It MUST include, in the Contact header "refer-context". Furthermore, the UA MUST support the SIP user agent
field of its dialog initiating requests and responses, a "schemes" capabilities specification [5]. The UA MUST be capable of being
Contact header field parameter include the http URI scheme. The UA REFER'd to an HTTP URI. It MUST include, in the Contact header field
MUST include, in all dialog initiating requests and responses, an of its dialog initiating requests and responses, a "schemes" Contact
Accept header field listing all of those markups supported by the UA. header field parameter include the http URI scheme. The UA MUST
It is RECOMMENDED that all user agents that support presentation include, in all dialog initiating requests and responses, an Accept
capable user interfaces support HTML. header field listing all of those markups supported by the UA. It is
RECOMMENDED that all user agents that support presentation capable
user interfaces support HTML.
If a user agent supports presentation free user interfaces, it MUST If a user agent supports presentation free user interfaces, it MUST
support the SUBSCRIBE [2] method. It MUST support the KPML [6] event support the SUBSCRIBE [3] method. It MUST support the KPML [7] event
package. It MUST include, in all dialog initiating requests and package. It MUST include, in all dialog initiating requests and
responses, an Allow header field that includes the SUBSCRIBE method. responses, an Allow header field that includes the SUBSCRIBE method.
It MUST include, in all dialog initiating requests and responses, an It MUST include, in all dialog initiating requests and responses, an
Allow-Events header field that lists the KPML event package. The UA Allow-Events header field that lists the KPML event package. The UA
MUST include, in all dialog initiating requests and responses, an MUST include, in all dialog initiating requests and responses, an
Accept header field listing those event filters it supports. At a Accept header field listing those event filters it supports. At a
minimum, a UA MUST support the "application/kpml+xml" MIME type. minimum, a UA MUST support the "application/kpml-request+xml" MIME
type.
For either presentation free or presentation capable user interfaces, For either presentation free or presentation capable user interfaces,
the user agent MUST support the GRUU [9] specification. The Contact the user agent MUST support the GRUU [8] specification. The Contact
header field in all dialog initiating requests and responses MUST header field in all dialog initiating requests and responses MUST
contain a GRUU. The UA MUST include a Supported header field which contain a GRUU. The UA MUST include a Supported header field which
contains the gruu option tag. contains the "gruu" option tag.
Because these headers are examined by proxies which may be executing Because these headers are examined by proxies which may be executing
applications, a UA that wishes to support client local user applications, a UA that wishes to support client local user
interfaces should not encrypt them. interfaces should not encrypt them.
6.2 Receiving User Interface Components 8.2 Receiving User Interface Components
Once the UA has created a dialog (in either the early or confirmed Once the UA has created a dialog (in either the early or confirmed
states), it MUST be prepared to receive a SUBSCRIBE or REFER request states), it MUST be prepared to receive a SUBSCRIBE or REFER request
against its GRUU. If the UA receives such a request prior to the against its GRUU. If the UA receives such a request prior to the
establishment of a dialog, the UA MUST reject the request. establishment of a dialog, the UA MUST reject the request.
A user agent SHOULD attempt to authenticate the sender of the A user agent SHOULD attempt to authenticate the sender of the
request. The sender will generally be an application, and therefore request. The sender will generally be an application, and therefore
the user agent is unlikely to ever have a shared secret with it, the user agent is unlikely to ever have a shared secret with it,
making digest authentication useless. However, the REFER or SUBSCRIBE making digest authentication useless. However, authenticated
request should have a SIP authenticated identity body [8] that identities can be obtained through other means, such as [10].
conveys the identity of the application [7]. If such a body is not
present, and no alternative means of identification (such as
P-Asserted-ID [11]) is present, the user agent MAY reject the request
with a 403 response.
Next, the user agent authorizes the application. An application is A user agent MAY have pre-defined authorization policies which permit
authorized to instantiate a user interface component if the applications which have authenticated themselves with a particular
application was resident within an element on the path of the dialog identity, to push user interface components. If such a set of
initiating request. An application proves to the user agent that it policies are present, it is checked first. If the application is
was on the path by presenting it with the dialog identifiers in the authorized, processing proceeds.
SUBSCRIBE or REFER request. In the case of SUBSCRIBE, those
identifiers are present in the Event header field [6]. [[EDITORS If the application has authenticated itself, but it is not explicitly
NOTE: Fill in here once we know how this is done for REFER.]] authorized or blocked, this specification RECOMMENDS that the
application be automatically authorized if it can prove that it was
either on the call path, or is trusted by one of the elements on the
call path. An application proves this to the user agent by
presenting it with the dialog identifiers in the SUBSCRIBE or REFER
request. In the case of SUBSCRIBE, those identifiers are present in
the Event header field [7]. In the case of REFER, those identifiers
are present in the "context" parameter of the Refer-To header field.
Because of the dialog identifiers serve as a tool for authorization, Because of the dialog identifiers serve as a tool for authorization,
a user agent compliant to this framework MUST use dialog identifiers a user agent compliant to this framework SHOULD use dialog
that are cryptographically random, with at least 128 bits of identifiers that are cryptographically random, with at least 128 bits
randomness. It is recommended that this randomness be split between of randomness. It is recommended that this randomness be split
the Call-ID and From header field tag in the case of a UAC. between the Call-ID and From header field tag in the case of a UAC.
Furthermore, to ensure that only applications resident in on-path Furthermore, to ensure that only applications resident in or trusted
elements can instantiate a user interface component, a user agent by on-path elements can instantiate a user interface component, a
compliant to this specification SHOULD use the sips URI scheme for user agent compliant to this specification SHOULD use the sips URI
all dialogs it initiates. This will guarantee secure links between scheme for all dialogs it initiates. This will guarantee secure
all of the elements on the signaling path. links between all of the elements on the signaling path.
If the dialog was not established with a sips URI, or the user agent
did not choose cryptographically random dialog identifiers, then the
application MUST NOT automatically be authorized, even if it
presented valid dialog identifiers. A user agent MAY apply any other
policies in addition to (but not instead of) the ones specified here
in order to authorize the creation of the user interface component.
One such mechanism would be to prompt the user, informing them of the
identity of the application and the dialog it is associated with. If
an authorization policy requires user interaction, the user agent
SHOULD respond to the SUBSCRIBE or REFER request with a 202. In the
case of SUBSCRIBE, if authorization is not granted, the user agent
SHOULD generate a NOTIFY to terminate the subscription. In the case
of REFER, the user agent MUST NOT act upon the URI in the Refer-To
header field until user authorization was obtained.
If an application does not present a valid dialog identifier in its If an application does not present a valid dialog identifier in its
REFER or SUBSCRIBE request, the user agent MUST reject the request REFER or SUBSCRIBE request, the user agent MUST reject the request
with a 403 response. A user agent MAY apply any other policies in with a 403 response.
addition to (but not instead of) the ones specified here in order to
authorize the creation of the user interface component. One such
mechanism would be to prompt the user, informing them of the identity
of the application. If an authorization policy requires user
interaction, the user agent SHOULD respond to the SUBSCRIBE or REFER
request with a 202. In the case of SUBSCRIBE, if authorization is not
granted, the user agent SHOULD generate a NOTIFY to terminate the
subscription. In the case of REFER, the user agent MUST NOT act upon
the URI in the Refer-To header field until user authorization was
obtained.
If a REFER request to an HTTP URI was authorized, the UA executes the If a REFER request to an HTTP URI was authorized, the UA executes the
URI and fetches the content to be rendered to the user. This URI and fetches the content to be rendered to the user. This
instantiates a presentation capable user interface component. If a instantiates a presentation capable user interface component. If a
SUBSCRIBE was authorized, a presentation free user interface SUBSCRIBE was authorized, a presentation free user interface
component was instantiated. component was instantiated.
6.3 Mapping User Input to User Interface Components 8.3 Mapping User Input to User Interface Components
Once the user interface components are instantiated, the user agent Once the user interface components are instantiated, the user agent
must direct user input to the appropriate component. In the case of must direct user input to the appropriate component. In the case of
presentation capable user interfaces, this process is known as focus presentation capable user interfaces, this process is known as focus
selection. It is done by means that are specific to the user selection. It is done by means that are specific to the user
interface on the device. In the case of a PC, for example, the window interface on the device. In the case of a PC, for example, the
manager would allow the user to select the appropriate user interface window manager would allow the user to select the appropriate user
component that their input is directed to. interface component that their input is directed to.
For presentation free user interfaces, the situation is more For presentation free user interfaces, the situation is more
complicated. In some cases, the device may support a mechanism that complicated. In some cases, the device may support a mechanism that
allows the user to select a "line", and thus the associated dialog. allows the user to select a "line", and thus the associated dialog.
Any user input on the keypad while this line is selected are fed to Any user input on the keypad while this line is selected are fed to
the user interface components associated with that dialog. the user interface components associated with that dialog.
TODO: Need to consider the case where the user interface is Otherwise, for client local user interfaces, the user input is
co-resident with the UAC, but the user device is separated from assumed to be associated with all user interface components. For
the UAC, and occurs through some other protocol, and the user client remote user interfaces, the user device converts the user
interface and application are semi-trusted. Classic case is when input to media, typically conveyed using RFC 2833, and sends this to
the UAC is a PSTN gateway. the client remote user interface. This user interface then needs to
map user input from potentially many media streams into user
interface events. The process for doing this is described in Section
6.3.
6.4 Receiving Updates to User Interface Components 8.4 Receiving Updates to User Interface Components
For presentation capable user interfaces, updates to the user For presentation capable user interfaces, updates to the user
interface occur in ways specific to that user interface component. In interface occur in ways specific to that user interface component.
the case of HTML, for example, the document can tell the client to In the case of HTML, for example, the document can tell the client to
fetch a new document periodically. However, this framework does not fetch a new document periodically. However, this framework does not
provide any additional machinery to asynchronously push a new user provide any additional machinery to asynchronously push a new user
interface component to the client. interface component to the client.
For presentation free user interfaces, an application can push an For presentation free user interfaces, an application can push an
update to a component by sending a SUBSCRIBE refresh with a new update to a component by sending a SUBSCRIBE refresh with a new
filter. The user agent will process these according to the rules of filter. The user agent will process these according to the rules of
the event package. the event package.
6.5 Terminating a User Interface Component 8.5 Terminating a User Interface Component
Termination of a presentation capable user interface component is a Termination of a presentation capable user interface component is a
trivial procedure. The user agent merely dismisses the window (or trivial procedure. The user agent merely dismisses the window (or
equivalent). The fact that the component is dismissed is not equivalent). The fact that the component is dismissed is not
communicated to the application. As such, it is purely a local communicated to the application. As such, it is purely a local
matter. matter.
In the case of a presentation free user interface, if the user wishes In the case of a presentation free user interface, if the user wishes
to cease interacting with the application, it SHOULD generate a to cease interacting with the application, it SHOULD generate a
NOTIFY request with a Subscription-State equal to "terminated" and a NOTIFY request with a Subscription-State equal to "terminated" and a
reason of "rejected". This tells the application that the component reason of "rejected". This tells the application that the component
has been removed, and that it should not attempt to re-subscribe. has been removed, and that it should not attempt to re-subscribe.
7. Inter-Application Feature Interaction 9. Inter-Application Feature Interaction
The inter-application feature interaction problem is inherent to The inter-application feature interaction problem is inherent to
stimulus signaling. Whenever there are multiple applications, there stimulus signaling. Whenever there are multiple applications, there
are multiple user interfaces. When the user provides an input, to are multiple user interfaces. When the user provides an input, to
which user interface is the input destined? That question is the which user interface is the input destined? That question is the
essence of the inter-application feature interaction problem. essence of the inter-application feature interaction problem.
Inter-application feature interaction is not an easy problem to Inter-application feature interaction is not an easy problem to
resolve. For now, we consider separately the issues for client-local resolve. For now, we consider separately the issues for client-local
and client-remote user interface components. and client-remote user interface components.
7.1 Client Local UI 9.1 Client Local UI
When the user interface itself resides locally on the client device, When the user interface itself resides locally on the client device,
the feature interaction problem is actually much simpler. The end the feature interaction problem is actually much simpler. The end
device knows explicitly about each application, and therefore can device knows explicitly about each application, and therefore can
present the user with each one separately. When the user provides present the user with each one separately. When the user provides
input, the client device can determine to which user interface the input, the client device can determine to which user interface the
input is destined. The user interface to which input is destined is input is destined. The user interface to which input is destined is
referred to as the application in focus, and the means by which the referred to as the application in focus, and the means by which the
focused application is selected is called focus determination. focused application is selected is called focus determination.
Generally speaking, focus determination is purely a local operation. Generally speaking, focus determination is purely a local operation.
In the PC universe, focus determination is provided by window In the PC universe, focus determination is provided by window
managers. Each application does not know about focus, it merely managers. Each application does not know about focus, it merely
receives the user input that has been targeted to it when its in receives the user input that has been targeted to it when its in
focus. This basic concept applies to SIP-based applications as well. focus. This basic concept applies to SIP-based applications as well.
Focus determination will frequently be trivial, depending on the user Focus determination will frequently be trivial, depending on the user
interface type. Consider a user that makes a call from a PC. The call interface type. Consider a user that makes a call from a PC. The
passes through a pre-paid calling card application, and a call call passes through a pre-paid calling card application, and a call
recording application. Both of these wish to interact with the user. recording application. Both of these wish to interact with the user.
Both push an HTML-based user interface to the user. On the PC, each Both push an HTML-based user interface to the user. On the PC, each
user interface would appear as a separate window. The user interacts user interface would appear as a separate window. The user interacts
with the call recording application by selecting its window, and with with the call recording application by selecting its window, and with
the pre-paid calling card application by selecting its window. Focus the pre-paid calling card application by selecting its window. Focus
determination is literally provided by the PC window manager. It is determination is literally provided by the PC window manager. It is
clear to which application the user input is targeted. clear to which application the user input is targeted.
As another example, consider the same two applications, but on a As another example, consider the same two applications, but on a
"smart phone" that has a set of buttons, and next to each button, an "smart phone" that has a set of buttons, and next to each button, an
skipping to change at page 26, line 18 skipping to change at page 33, line 18
Unfortunately, not all devices will have these advanced displays. A Unfortunately, not all devices will have these advanced displays. A
PSTN gateway, or a basic IP telephone, may only have a 12-key keypad. PSTN gateway, or a basic IP telephone, may only have a 12-key keypad.
The user interfaces for these devices are provided through the Keypad The user interfaces for these devices are provided through the Keypad
Markup Language (KPML). Considering once again the feature Markup Language (KPML). Considering once again the feature
interaction case above, the pre-paid calling card application and the interaction case above, the pre-paid calling card application and the
call recording application would both pass a KPML document to the call recording application would both pass a KPML document to the
device. When the user presses a button on the keypad, to which device. When the user presses a button on the keypad, to which
document does the input apply? The user interface does not allow the document does the input apply? The user interface does not allow the
user to select. A user interface where the user cannot provide focus user to select. A user interface where the user cannot provide focus
is called a focusless user interface. This is quite a hard problem to is called a focusless user interface. This is quite a hard problem
solve. This framework does not make any explicit normative to solve. This framework does not make any explicit normative
recommendation, but concludes that the best option is to send the recommendation, but concludes that the best option is to send the
input to both user interfaces unless the markup in one interface has input to both user interfaces unless the markup in one interface has
indicated that it should be suppressed from others. This is a indicated that it should be suppressed from others. This is a
sensible choice by analogy - its exactly what the existing circuit sensible choice by analogy - its exactly what the existing circuit
switched telephone network will do. It is an explicit non-goal to switched telephone network will do. It is an explicit non-goal to
provide a better mechanism for feature interaction resolution than provide a better mechanism for feature interaction resolution than
the PSTN on devices which have the same user interface as they do on the PSTN on devices which have the same user interface as they do on
the PSTN. Devices with better displays, such as PCs or screen phones, the PSTN. Devices with better displays, such as PCs or screen
can benefit from the capabilities of this framework, allowing the phones, can benefit from the capabilities of this framework, allowing
user to determine which application they are interacting with. the user to determine which application they are interacting with.
Indeed, when a user provides input on a focusless device, the input Indeed, when a user provides input on a focusless device, the input
must be passed to all client local user interfaces, AND all client must be passed to all client local user interfaces, AND all client
remote user interfaces, unless the markup tells the UI to suppress remote user interfaces, unless the markup tells the UI to suppress
the media. In the case of KPML, key events are passed to remote user the media. In the case of KPML, key events are passed to remote user
interfaces by encoding them in RFC 2833 [15]. Of course, since a interfaces by encoding them in RFC 2833 [17]. Of course, since a
client cannot determine if a media stream terminates in a remote user client cannot determine if a media stream terminates in a remote user
interface or not, these key events are passed in all audio media interface or not, these key events are passed in all audio media
streams unless the "Q" digit is used to suppress. streams unless the KPML request document is used to suppress.
7.2 Client-Remote UI 9.2 Client-Remote UI
When the user interfaces run remotely, the determination of focus can When the user interfaces run remotely, the determination of focus can
be much, much harder. There are many architectures that can be be much, much harder. There are many architectures that can be
deployed to handle the interaction. None are ideal. However, all are deployed to handle the interaction. None are ideal. However, all
beyond the scope of this specification. are beyond the scope of this specification.
8. Intra Application Feature Interaction 10. Intra Application Feature Interaction
An application can instantiate a multiplicity of user interface An application can instantiate a multiplicity of user interface
components. For example, a single application can instantiate two components. For example, a single application can instantiate two
separate HTML components and one WML component. Furthermore, an separate HTML components and one WML component. Furthermore, an
application can instantiate both client local and client remote user application can instantiate both client local and client remote user
interfaces. interfaces.
The feature interaction issues between these components within the The feature interaction issues between these components within the
same application are less severe. If an application has multiple same application are less severe. If an application has multiple
client user interface components, their interaction is resolved client user interface components, their interaction is resolved
identically to the inter-application case - through focus identically to the inter-application case - through focus
determination. However, the problems in focusless user interfaces determination. However, the problems in focusless user interfaces
(such as a keypad) generally won't exist, since the application can (such as a keypad) generally won't exist, since the application can
generate user interfaces which do not overlap in their usage of an generate user interfaces which do not overlap in their usage of an
input. input.
The real issue is that the optimal user experience frequently The real issue is that the optimal user experience frequently
requires some kind of coupling between the differing user interface requires some kind of coupling between the differing user interface
components. This is a classic problem in multi-modal user interfaces, components. This is a classic problem in multi-modal user
such as those described by Speech Application Language Tags (SALT). interfaces, such as those described by Speech Application Language
As an example, consider a user interface where a user can either Tags (SALT). As an example, consider a user interface where a user
press a labeled button to make a selection, or listen to a prompt, can either press a labeled button to make a selection, or listen to a
and speak the desired selection. Ideally, when the user presses the prompt, and speak the desired selection. Ideally, when the user
button, the prompt should cease immediately, since both of them were presses the button, the prompt should cease immediately, since both
targeted at collecting the same information in parallel. Such of them were targeted at collecting the same information in parallel.
interactions are best handled by markups which natively support such Such interactions are best handled by markups which natively support
interactions, such as SALT, and thus require no explicit support from such interactions, such as SALT, and thus require no explicit support
this framework. from this framework.
9. Example Call Flow 11. Example Call Flow
This section shows the operation of a call recording application. This section shows the operation of a call recording application.
This application allows a user to record the media in their call by This application allows a user to record the media in their call by
clicking on a button in a web form. The application uses a clicking on a button in a web form. The application uses a
presentation capable user interface component that is pushed to the presentation capable user interface component that is pushed to the
caller. caller.
A Recording App B A Recording App B
|(1) INVITE | | |(1) INVITE | |
|----------------------->| | |----------------------->| |
skipping to change at page 28, line 38 skipping to change at page 35, line 38
|(8) 200 OK | | |(8) 200 OK | |
|----------------------->| | |----------------------->| |
|(9) NOTIFY | | |(9) NOTIFY | |
|----------------------->| | |----------------------->| |
|(10) 200 OK | | |(10) 200 OK | |
|<-----------------------| | |<-----------------------| |
|(11) HTTP GET | | |(11) HTTP GET | |
|----------------------->| | |----------------------->| |
|(12) 200 OK | | |(12) 200 OK | |
|<-----------------------| | |<-----------------------| |
|(13) HTTP POST | | |(13) NOTIFY | |
|----------------------->| | |----------------------->| |
|(14) 200 OK | | |(14) 200 OK | |
|<-----------------------| | |<-----------------------| |
|(15) HTTP POST | |
|----------------------->| |
|(16) 200 OK | |
|<-----------------------| |
Figure 3 Figure 8
First, the caller, A, sends an INVITE to setup a call (message 1). First, the caller, A, sends an INVITE to setup a call (message 1).
Since the caller supports the framework, and can handle presentation Since the caller supports the framework, and can handle presentation
capable user interface components, it includes the Supported header capable user interface components, it includes the Supported header
field indicating the GRUU is understood, Allow indicating that REFER field indicating that the GRUU extension and the REFER context
is understood, and a Contact header field that includes the "schemes" extension are understood, Allow indicating that REFER is understood,
header field parameter. and a Contact header field that includes the "schemes" header field
parameter.
INVITE sip:B@example.com SIP/2.0 INVITE sips:B@example.com SIP/2.0
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz8 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com> To: Callee <sip:B@example.com>
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 INVITE CSeq: 1 INVITE
Supported: gruu Max-Forwards: 70
Supported: gruu, refer-context
Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER
Contact: <sip:bad998asd8asd0000a@example.com>;schemes="http,sip" Contact: <sips:bad998asd8asd0000a@example.com>;schemes="http,sip,sips"
Content-Length: ... Content-Length: ...
Content-Type: application/sdp Content-Type: application/sdp
--SDP not shown-- --SDP not shown--
The proxy acts as a recording server, and forwards the INVITE to the The proxy acts as a recording server, and forwards the INVITE to the
called party (message 2): called party (message 2):
INVITE sip:B@pc.example.com SIP/2.0 INVITE sips:B@pc.example.com SIP/2.0
Record-Route: <sip:app.example.com;lr> Record-Route: <sips:app.example.com;lr>
Via: SIP/2.0/UDP app.example.com;branch=z9hG4bK97sh Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK97sh
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz8 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com> To: Callee <sip:B@example.com>
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 INVITE CSeq: 1 INVITE
Supported: gruu Max-Forwards: 69
Supported: gruu, refer-context
Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER
Contact: <sip:bad998asd8asd0000a@example.com>;schemes="http,sip" Contact: <sips:bad998asd8asd0000a@example.com>;schemes="http,sip,sips"
Content-Length: ... Content-Length: ...
Content-Type: application/sdp Content-Type: application/sdp
--SDP not shown-- --SDP not shown--
B accepts the call with a 200 OK (message 3). It does not support the B accepts the call with a 200 OK (message 3). It does not support
framework, and so the various header fields are not present. the framework, and so the various header fields are not present.
SIP/2.0 200 OK SIP/2.0 200 OK
Record-Route: <sip:app.example.com;lr> Record-Route: <ssip:app.example.com;lr>
Via: SIP/2.0/UDP app.example.com;branch=z9hG4bK97sh Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK97sh
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz8 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com>;tag=7777 To: Callee <sip:B@example.com>;tag=7777
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 INVITE CSeq: 1 INVITE
Contact: <sip:B@pc.example.com> Contact: <sips:B@pc.example.com>
Content-Length: ... Content-Length: ...
Content-Type: application/sdp Content-Type: application/sdp
--SDP not shown-- --SDP not shown--
This 200 OK is passed back to the caller (message 4): This 200 OK is passed back to the caller (message 4):
SIP/2.0 200 OK SIP/2.0 200 OK
Record-Route: <sip:app.example.com;lr> Record-Route: <sips:app.example.com;lr>
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz8 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz8
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com>;tag=7777 To: Callee <sip:B@example.com>;tag=7777
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 INVITE CSeq: 1 INVITE
Contact: <sip:B@pc.example.com> Contact: <sips:B@pc.example.com>
Content-Length: ... Content-Length: ...
Content-Type: application/sdp Content-Type: application/sdp
--SDP not shown-- --SDP not shown--
The caller generates an ACK (message 5). The caller generates an ACK (message 5).
ACK sip:B@pc.example.com ACK sips:B@pc.example.com
Route: <sip:app.example.com;lr> Route: <sips:app.example.com;lr>
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz9 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz9
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com>;tag=7777 To: Callee <sip:B@example.com>;tag=7777
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 ACK CSeq: 1 ACK
The ACK is forwarded to the called party (message 6). The ACK is forwarded to the called party (message 6).
ACK sip:B@pc.example.com ACK sips:B@pc.example.com
Via: SIP/2.0/UDP app.example.com;branch=z9hG4bKh7s Via: SIP/2.0/TLS app.example.com;branch=z9hG4bKh7s
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9zz9 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9zz9
From: Caller <sip:A@example.com>;tag=kkaz- From: Caller <sip:A@example.com>;tag=kkaz-
To: Callee <sip:B@example.com>;tag=7777 To: Callee <sip:B@example.com>;tag=7777
Call-ID: faif9a@host.example.com Call-ID: faif9ahhs9dd8==-sd98ajzz@host.example.com
CSeq: 1 ACK CSeq: 1 ACK
Now, the application decides to push a user interface component to Now, the application decides to push a user interface component to
user A. So, it sends it a REFER request (message 7): user A. So, it sends it a REFER request (message 7):
REFER sip:bad998asd8asd0000a@example.com SIP/2.0 REFER sips:bad998asd8asd0000a@example.com SIP/2.0
Refer-To: http://app.example.com/script.pl Refer-To: https://app.example.com/script.pl
Via: SIP/2.0/UDP app.example.com;branch=z9hG4bK9zh6 ;context="kkaz-,7777,faif9ahhs9dd8==-sd98ajzz@host.example.com"
Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK9zh6
Max-Forwards: 70
From: Recorder Application <sip:app.example.com>;tag=jhgf From: Recorder Application <sip:app.example.com>;tag=jhgf
To: Caller <sip:A@example.com> To: Caller <sip:A@example.com>
Call-ID: 66676776767@app.example.com Call-ID: 66676776767@app.example.com
CSeq: 1 REFER CSeq: 1 REFER
Event: refer Event: refer
Contact: <sip:sip:app.example.com> Contact: <sips:app.example.com>
The REFER is answered by a 200 OK (message 8). The REFER is answered by a 200 OK (message 8).
SIP/2.0 200 OK SIP/2.0 200 OK
Refer-To: http://app.example.com/script.pl Via: SIP/2.0/TLS app.example.com;branch=z9hG4bK9zh6
Via: SIP/2.0/UDP app.example.com;branch=z9hG4bK9zh6
From: Recorder Application <sip:app.example.com>;tag=jhgf From: Recorder Application <sip:app.example.com>;tag=jhgf
To: Caller <sip:A@example.com>;tag=pqoew To: Caller <sip:A@example.com>;tag=pqoew
Call-ID: 66676776767@app.example.com Call-ID: 66676776767@app.example.com
Supported: gruu Supported: gruu, refer-context
Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, REFER
Contact: <sip:bad998asd8asd0000a@example.com>;schemes="http,sip" Contact: <sips:bad998asd8asd0000a@example.com>;schemes="http,sip,sips"
CSeq: 1 REFER CSeq: 1 REFER
User A sends a NOTIFY (message 9): User A sends a NOTIFY (message 9):
NOTIFY sip:app.example.com SIP/2.0 NOTIFY sips:app.example.com SIP/2.0
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9320394238995 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9320394238995
To: Recorder Application <sip:app.example.com>;tag=jhgf To: Recorder Application <sip:app.example.com>;tag=jhgf
From: Caller <sip:A@example.com>;tag=pqoew From: Caller <sip:A@example.com>;tag=pqoew
Call-ID: 66676776767@app.example.com Call-ID: 66676776767@app.example.com
CSeq: 1 NOTIFY CSeq: 1 NOTIFY
Max-Forwards: 70 Max-Forwards: 70
Event: refer;id=93809824 Event: refer;id=93809824
Subscription-State: active;expires=3600 Subscription-State: active;expires=3600
Contact: <sip:bad998asd8asd0000a@example.com>;schemes="http,sip" Contact: <sips:bad998asd8asd0000a@example.com>;schemes="http,sip,sips"
Content-Type: message/sipfrag;version=2.0 Content-Type: message/sipfrag;version=2.0
Content-Length: 20 Content-Length: 20
SIP/2.0 100 Trying SIP/2.0 100 Trying
And the recording server responds with a 200 OK (message 10) And the recording server responds with a 200 OK (message 10)
SIP/2.0 200 OK SIP/2.0 200 OK
Via: SIP/2.0/UDP host.example.com;branch=z9hG4bK9320394238995 Via: SIP/2.0/TLS host.example.com;branch=z9hG4bK9320394238995
To: Recorder Application <sip:app.example.com>;tag=jhgf To: Recorder Application <sip:app.example.com>;tag=jhgf
From: Caller <sip:A@example.com>;tag=pqoew From: Caller <sip:A@example.com>;tag=pqoew
Call-ID: 66676776767@app.example.com Call-ID: 66676776767@app.example.com
CSeq: 1 NOTIFY CSeq: 1 NOTIFY
The caller, A, authorizes the application. It then acts on the The REFER request contained a "context" Refer-To header field
Refer-To URI, fetching the script from app.example.com (message 11). parameter with a valid dialog identifier. Furthermore, all of the
The response, message 12, contains a web application that the user signaling was over TLS and the dialog identifiers contain sufficient
can click on to enable recording. When the user clicks on the link randomness. As such, the caller, A, automatically authorizes the
(message 13), the results are posted to the server, and an updated application. It then acts on the Refer-To URI, fetching the script
display is provided (message 14). from app.example.com (message 11). The response, message 12,
contains a web application that the user can click on to enable
recording. Because the client executed the URL in the Refer-To, it
generates another NOTIFY to the application, informing it of the
successful response (message 13). This is answered with a 200 OK
(message 14). When the user clicks on the link (message 15), the
results are posted to the server, and an updated display is provided
(message 16).
10. Security Considerations 12. Security Considerations
There are many security considerations associated with this There are many security considerations associated with this
framework. It allows applications in the network to instantiate user framework. It allows applications in the network to instantiate user
interface components on a client device. Such instantiations need to interface components on a client device. Such instantiations need to
be from authenticated applications, and also need to be authorized to be from authenticated applications, and also need to be authorized to
place a UI into the client. Indeed, the stronger requirement is place a UI into the client. Indeed, the stronger requirement is
authorization. It is not so important to know that name of the authorization. It is not so important to know that name of the
provider of the application, but rather, that the provider is provider of the application, but rather, that the provider is
authorized to instantiate components. authorized to instantiate components.
Generally, an application should be considered authorized if it was This specification defines specific authorization techniques and
an application that was legitimately part of the call setup path. requirements. Automatic authorization is granted if the application
With this definition, authorization can be enforced using the sips can prove that it is on the call path, or is trusted by an element on
URI scheme when the call is initiated. the call path. As documented above, this can be accompished by the
use of cryptographically random dialog identifiers and the usage of
sips for message confidentiality. It is RECOMMENDED that sips be
implemented by user agents compliant to this specification. This
does not represent a change from the requirements in RFC 3261.
11. Contributors 13. IANA Considerations
13.1 SIP Option Tag
This specification registers a new SIP option tag, as per the
guidelines in Section 27.1 of RFC 3261 [1].
Name: refer-context
Description: This option tag is used to identify the REFER extension
that defines the "context" parameter of the Refer-To header field.
13.2 Header Field Parameter
This specification defines a new header field parameter, as per the
registry created by [9]. The required information is as follows:
Header field in which the parameter can appear: Refer-To
Name of the Parameter context
RFC Reference RFC XXXX [[NOTE TO IANA: Please replace XXXX with the
RFC number of this specification.]]
14. Contributors
This document was produced as a result of discussions amongst the This document was produced as a result of discussions amongst the
application interaction design team. All members of this team application interaction design team. All members of this team
contributed significantly to the ideas embodied in this document. The contributed significantly to the ideas embodied in this document.
members of this team were: The members of this team were:
Eric Burger Eric Burger
Cullen Jennings Cullen Jennings
Robert Fairlie-Cuninghame Robert Fairlie-Cuninghame
Normative References 15. References
15.1 Normative References
[1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002. Session Initiation Protocol", RFC 3261, June 2002.
[2] Roach, A., "Session Initiation Protocol (SIP)-Specific Event [2] Rosenberg, J. and H. Schulzrinne, "Reliability of Provisional
Responses in Session Initiation Protocol (SIP)", RFC 3262, June
2002.
[3] Roach, A., "Session Initiation Protocol (SIP)-Specific Event
Notification", RFC 3265, June 2002. Notification", RFC 3265, June 2002.
[3] McGlashan, S., Lucas, B., Porter, B., Rehor, K., Burnett, D., [4] McGlashan, S., Lucas, B., Porter, B., Rehor, K., Burnett, D.,
Carter, J., Ferrans, J. and A. Hunt, "Voice Extensible Markup Carter, J., Ferrans, J. and A. Hunt, "Voice Extensible Markup
Language (VoiceXML) Version 2.0", W3C CR CR-voicexml20-20030220, Language (VoiceXML) Version 2.0", W3C CR CR-voicexml20-20030220,
February 2003. February 2003.
[4] Rosenberg, J., "Indicating User Agent Capabilities in the [5] Rosenberg, J., "Indicating User Agent Capabilities in the
Session Initiation Protocol (SIP)", Session Initiation Protocol (SIP)",
draft-ietf-sip-callee-caps-03 (work in progress), January 2004. draft-ietf-sip-callee-caps-03 (work in progress), January 2004.
[5] Sparks, R., "The Session Initiation Protocol (SIP) Refer [6] Sparks, R., "The Session Initiation Protocol (SIP) Refer
Method", RFC 3515, April 2003. Method", RFC 3515, April 2003.
[6] Burger, E., "Keypad Stimulus Protocol (KPML)", [7] Burger, E., "A Session Initiation Protocol (SIP) Event Package
draft-ietf-sipping-kpml-02 (work in progress), February 2004. for Key Press Stimulus (KPML)", draft-ietf-sipping-kpml-03
(work in progress), May 2004.
[7] Peterson, J., "Enhancements for Authenticated Identity [8] Rosenberg, J., "Obtaining and Using Globally Routable User Agent
Management in the Session Initiation Protocol (SIP)", (UA) URIs (GRUU) in the Session Initiation Protocol (SIP)",
draft-ietf-sip-identity-01 (work in progress), March 2003. draft-ietf-sip-gruu-01 (work in progress), February 2004.
[8] Peterson, J., "SIP Authenticated Identity Body (AIB) Format", [9] Camarillo, G., "The Internet Assigned Number Authority (IANA)
draft-ietf-sip-authid-body-02 (work in progress), July 2003. Header Field Parameter Registry for the Session Initiation
Protocol (SIP)", draft-ietf-sip-parameter-registry-02 (work in
progress), June 2004.
[9] Rosenberg, J., "Obtaining and Using Globally Routable User Agent 15.2 Informative References
(UA) URIs (GRUU) in the Session Initiation Protocol (SIP)",
draft-ietf-sip-gruu-00 (work in progress), January 2004.
Informative References [10] Peterson, J., "Enhancements for Authenticated Identity
Management in the Session Initiation Protocol (SIP)",
draft-ietf-sip-identity-02 (work in progress), May 2004.
[10] Day, M., Rosenberg, J. and H. Sugano, "A Model for Presence and [11] Day, M., Rosenberg, J. and H. Sugano, "A Model for Presence and
Instant Messaging", RFC 2778, February 2000. Instant Messaging", RFC 2778, February 2000.
[11] Jennings, C., Peterson, J. and M. Watson, "Private Extensions [12] Jennings, C., Peterson, J. and M. Watson, "Private Extensions
to the Session Initiation Protocol (SIP) for Asserted Identity to the Session Initiation Protocol (SIP) for Asserted Identity
within Trusted Networks", RFC 3325, November 2002. within Trusted Networks", RFC 3325, November 2002.
[12] Rosenberg, J., "A Framework for Conferencing with the Session [13] Rosenberg, J., "A Framework for Conferencing with the Session
Initiation Protocol", Initiation Protocol",
draft-ietf-sipping-conferencing-framework-01 (work in draft-ietf-sipping-conferencing-framework-01 (work in
progress), October 2003. progress), October 2003.
[13] Rosenberg, J., Schulzrinne, H. and P. Kyzivat, "Caller [14] Rosenberg, J., Schulzrinne, H. and P. Kyzivat, "Caller
Preferences for the Session Initiation Protocol (SIP)", Preferences for the Session Initiation Protocol (SIP)",
draft-ietf-sip-callerprefs-10 (work in progress), October 2003. draft-ietf-sip-callerprefs-10 (work in progress), October 2003.
[14] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson, [15] Rosenberg, J. and H. Schulzrinne, "An INVITE Inititiated Dialog
Event Package for the Session Initiation Protocol (SIP)",
draft-ietf-sipping-dialog-package-04 (work in progress),
February 2004.
[16] Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson,
"RTP: A Transport Protocol for Real-Time Applications", RFC "RTP: A Transport Protocol for Real-Time Applications", RFC
3550, July 2003. 3550, July 2003.
[15] Schulzrinne, H. and S. Petrack, "RTP Payload for DTMF Digits, [17] Schulzrinne, H. and S. Petrack, "RTP Payload for DTMF Digits,
Telephony Tones and Telephony Signals", RFC 2833, May 2000. Telephony Tones and Telephony Signals", RFC 2833, May 2000.
[18] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with
Session Description Protocol (SDP)", RFC 3264, June 2002.
[19] Rosenberg, J., "A Session Initiation Protocol (SIP) Event
Package for Registrations", RFC 3680, March 2004.
Author's Address Author's Address
Jonathan Rosenberg Jonathan Rosenberg
dynamicsoft dynamicsoft
600 Lanidex Plaza 600 Lanidex Plaza
Parsippany, NJ 07054 Parsippany, NJ 07054
US US
Phone: +1 973 952-5000 Phone: +1 973 952-5000
EMail: jdrosen@dynamicsoft.com EMail: jdrosen@dynamicsoft.com
URI: http://www.jdrosen.net URI: http://www.jdrosen.net
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it might or might not be available; nor does it represent that it has
has made any effort to identify any such rights. Information on the made any independent effort to identify any such rights. Information
IETF's procedures with respect to rights in standards-track and on the procedures with respect to rights in RFC documents can be
standards-related documentation can be found in BCP-11. Copies of found in BCP 78 and BCP 79.
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to Copies of IPR disclosures made to the IETF Secretariat and any
obtain a general license or permission for the use of such assurances of licenses to be made available, or the result of an
proprietary rights by implementors or users of this specification can attempt made to obtain a general license or permission for the use of
be obtained from the IETF Secretariat. such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF Executive this standard. Please address the information to the IETF at
Director. ietf-ipr@ietf.org.
Full Copyright Statement
Copyright (C) The Internet Society (2004). All Rights Reserved. Disclaimer of Validity
This document and translations of it may be copied and furnished to This document and the information contained herein are provided on an
others, and derivative works that comment on or otherwise explain it "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
or assist in its implementation may be prepared, copied, published OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
and distributed, in whole or in part, without restriction of any ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
kind, provided that the above copyright notice and this paragraph are INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
included on all such copies and derivative works. However, this INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
document itself may not be modified in any way, such as by removing WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be Copyright Statement
revoked by the Internet Society or its successors or assignees.
This document and the information contained herein is provided on an Copyright (C) The Internet Society (2004). This document is subject
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING to the rights, licenses and restrictions contained in BCP 78, and
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING except as set forth therein, the authors retain all their rights.
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/