draft-ietf-sipping-consent-reqs-00.txt   draft-ietf-sipping-consent-reqs-01.txt 
SIP J. Rosenberg SIPPING J. Rosenberg
Internet-Draft dynamicsoft Internet-Draft Cisco Systems
Expires: April 15, 2005 G. Camarillo Expires: January 19, 2006 G. Camarillo, Ed.
Ericsson Ericsson
D. Willis D. Willis
dynamicsoft Cisco Systems
October 15, 2004 July 18, 2005
Requirements for Consent-Based Communications in the Session Requirements for Consent-Based Communications in the Session Initiation
Initiation Protocol (SIP) Protocol (SIP)
draft-ietf-sipping-consent-reqs-00.txt draft-ietf-sipping-consent-reqs-01.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions By submitting this Internet-Draft, each author represents that any
of section 3 of RFC 3667. By submitting this Internet-Draft, each applicable patent or other IPR claims of which he or she is aware
author represents that any applicable patent or other IPR claims of have been or will be disclosed, and any of which he or she becomes
which he or she is aware have been or will be disclosed, and any of aware will be disclosed, in accordance with Section 6 of BCP 79.
which he or she become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as Internet-
Internet-Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 15, 2005. This Internet-Draft will expire on January 19, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). Copyright (C) The Internet Society (2005).
Abstract Abstract
The Session Initiation Protocol (SIP) supports communications across The Session Initiation Protocol (SIP) supports communications across
many media types, including real-time audio, video, text, instant many media types, including real-time audio, video, text, instant
messaging, and presence. In its current form, it allows session messaging, and presence. In its current form, it allows session
invitations, instant messages, and other requests to be delivered invitations, instant messages, and other requests to be delivered
from one party to another without requiring explicit consent of the from one party to another without requiring explicit consent of the
recipient. Without such consent, it is possible for SIP to be used recipient. Without such consent, it is possible for SIP to be used
for malicious purposes, including spam and denial-of-service attacks. for malicious purposes, including spam and denial-of-service attacks.
This document identifies a set of requirements for extensions to SIP This document identifies a set of requirements for extensions to SIP
that add consent-based communications. that add consent-based communications.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3
3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Security Considerations . . . . . . . . . . . . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . 6
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.1 Normative References . . . . . . . . . . . . . . . . . . . . 6 5.1 Normative References . . . . . . . . . . . . . . . . . . . 7
5.2 Informational References . . . . . . . . . . . . . . . . . . 7 5.2 Informational References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 7
Intellectual Property and Copyright Statements . . . . . . . . 9 Intellectual Property and Copyright Statements . . . . . . . . 9
1. Introduction 1. Introduction
The Session Initiation Protocol (SIP) [1] supports communications The Session Initiation Protocol (SIP) [1] supports communications
across many media types, including real-time audio, video, text, across many media types, including real-time audio, video, text,
instant messaging, and presence. This communication is established instant messaging, and presence. This communication is established
by the transmission of various SIP requests (such as INVITE and by the transmission of various SIP requests (such as INVITE and
MESSAGE [4]) from an initiator to the recipient, with whom MESSAGE [4]) from an initiator to the recipient, with whom
skipping to change at page 6, line 14 skipping to change at page 6, line 14
REQ 10: The solution shall work for all current and future SIP REQ 10: The solution shall work for all current and future SIP
methods. methods.
REQ 11: The solution shall be applicable to forking proxies. REQ 11: The solution shall be applicable to forking proxies.
REQ 12: The solution shall be applicable to URI-list services, such REQ 12: The solution shall be applicable to URI-list services, such
as resource list servers, MESSAGE URI-list services, and as resource list servers, MESSAGE URI-list services, and
conference servers performing dial-out functions. conference servers performing dial-out functions.
REQ 13: The solution shall be applicable to both stored and REQ 13: The solution shall be applicable to both stored and request-
request-contained URI-list services. contained URI-list services.
REQ 14: The solution shall allow anonymous communications, as long as REQ 14: The solution shall allow anonymous communications, as long as
the recipient is willing to accept anonymous communications. the recipient is willing to accept anonymous communications.
REQ 15: If the recipient of requests wishes to be anonymous, it shall REQ 15: If the recipient of requests wishes to be anonymous, it shall
be possible for them to grant permissions without a sender knowing be possible for them to grant permissions without a sender knowing
their identity. their identity.
REQ 16: The solution shall prevent against attacks that seek to REQ 16: The solution shall prevent against attacks that seek to
undermine the underlying goal of consent. That is, it should not undermine the underlying goal of consent. That is, it should not
skipping to change at page 6, line 52 skipping to change at page 7, line 8
4. Security Considerations 4. Security Considerations
Security has been discussed throughout this specification. Security has been discussed throughout this specification.
5. References 5. References
5.1 Normative References 5.1 Normative References
[1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002. Session Initiation Protocol", RFC 3261, June 2002.
[2] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol [2] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol
(SIP): Locating SIP Servers", RFC 3263, June 2002. (SIP): Locating SIP Servers", RFC 3263, June 2002.
5.2 Informational References 5.2 Informational References
[3] Roach, A., "Session Initiation Protocol (SIP)-Specific Event [3] Roach, A., "Session Initiation Protocol (SIP)-Specific Event
Notification", RFC 3265, June 2002. Notification", RFC 3265, June 2002.
[4] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C. and D. [4] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., and
Gurle, "Session Initiation Protocol (SIP) Extension for Instant D. Gurle, "Session Initiation Protocol (SIP) Extension for
Messaging", RFC 3428, December 2002. Instant Messaging", RFC 3428, December 2002.
[5] Camarillo, G., "Requirements and Framework for Session [5] Camarillo, G. and A. Roach, "Requirements and Framework for
Initiation Protocol (SIP)Uniform Resource Identifier (URI)-List Session Initiation Protocol (SIP)Uniform Resource Identifier
Services", draft-ietf-sipping-uri-services-00 (work in (URI)-List Services", draft-ietf-sipping-uri-services-03 (work
progress), July 2004. in progress), April 2005.
[6] Rosenberg, J. and C. Jennings, "The Session Initiation Protocol [6] Rosenberg, J. and C. Jennings, "The Session Initiation Protocol
(SIP) and Spam", draft-rosenberg-sipping-spam-00 (work in (SIP) and Spam", draft-rosenberg-sipping-spam-01 (work in
progress), July 2004. progress), October 2004.
Authors' Addresses Authors' Addresses
Jonathan Rosenberg Jonathan Rosenberg
dynamicsoft Cisco Systems
600 Lanidex Plaza 600 Lanidex Plaza
Parsippany, NJ 07054 Parsippany, NJ 07054
US US
Phone: +1 973 952-5000 Phone: +1 973 952-5000
EMail: jdrosen@dynamicsoft.com Email: jdrosen@cisco.com
URI: http://www.jdrosen.net URI: http://www.jdrosen.net
Gonzalo Camarillo (editor)
Gonzalo Camarillo
Ericsson Ericsson
Hirsalantie 11 Hirsalantie 11
Jorvas 02420 Jorvas 02420
Finland Finland
EMail: Gonzalo.Camarillo@ericsson.com Email: Gonzalo.Camarillo@ericsson.com
Dean Willis Dean Willis
dynamicsoft Cisco Systems
5100 Tennyson Parkway 2200 E. Pres. George Bush Turnpike
Suite 1200 Richardson, TX 75082
Plano, TX 75028
USA USA
EMail: dean.willis@softarmor.com Email: dean.willis@softarmor.com
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
skipping to change at page 9, line 41 skipping to change at page 9, line 41
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2004). This document is subject Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/