draft-ietf-sipping-uri-list-message-04.txt   draft-ietf-sipping-uri-list-message-05.txt 
SIPPING Working Group M. Garcia-Martin SIPPING Working Group M. Garcia-Martin
Internet-Draft Nokia Internet-Draft Nokia
Expires: April 24, 2006 G. Camarillo Expires: July 21, 2006 G. Camarillo
Ericsson Ericsson
October 21, 2005 January 17, 2006
Multiple-Recipient MESSAGE Requests in the Session Initiation Protocol Multiple-Recipient MESSAGE Requests in the Session Initiation Protocol
(SIP) (SIP)
draft-ietf-sipping-uri-list-message-04.txt draft-ietf-sipping-uri-list-message-05.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 24, 2006. This Internet-Draft will expire on July 21, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2006).
Abstract Abstract
This document specifies how to request a SIP URI-list service to send This document specifies how to request a SIP URI-list service to send
a copy of a MESSAGE to a set of destinations. The client sends a SIP a copy of a MESSAGE to a set of destinations. The client sends a SIP
MESSAGE request with a URI-list to the MESSAGE URI-list service, MESSAGE request with a URI-list to the MESSAGE URI-list service,
which sends a similar MESSAGE request to each of the URIs included in which sends a similar MESSAGE request to each of the URIs included in
the list. the list.
Table of Contents Table of Contents
skipping to change at page 2, line 18 skipping to change at page 2, line 18
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. URI-List document . . . . . . . . . . . . . . . . . . . . . . 5 4. URI-List document . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Extension to the resource lists data format . . . . . . . 6 4.1. Extension to the resource lists data format . . . . . . . 6
4.2. URI-list example . . . . . . . . . . . . . . . . . . . . . 7 4.2. URI-list example . . . . . . . . . . . . . . . . . . . . . 7
5. Option-tag . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Option-tag . . . . . . . . . . . . . . . . . . . . . . . . . . 8
6. Procedures at the User Agent Client . . . . . . . . . . . . . 8 6. Procedures at the User Agent Client . . . . . . . . . . . . . 8
7. Procedures at the MESSAGE URI-List Service . . . . . . . . . . 9 7. Procedures at the MESSAGE URI-List Service . . . . . . . . . . 9
7.1. Determining the intended recipient . . . . . . . . . . . . 9 7.1. Determining the intended recipient . . . . . . . . . . . . 9
7.2. Creating an outgoing MESSAGE request . . . . . . . . . . . 9 7.2. Creating an outgoing MESSAGE request . . . . . . . . . . . 9
7.3. Composing bodies in the outgoing MESSAGE request . . . . . 10 7.3. Composing bodies in the outgoing MESSAGE request . . . . . 11
8. Procedures at the UAS . . . . . . . . . . . . . . . . . . . . 12 8. Procedures at the UAS . . . . . . . . . . . . . . . . . . . . 12
9. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 9. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
10. Security Considerations . . . . . . . . . . . . . . . . . . . 15 10. Security Considerations . . . . . . . . . . . . . . . . . . . 15
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
11.1. Disposition Type Registration . . . . . . . . . . . . . . 16 11.1. Disposition Type Registration . . . . . . . . . . . . . . 16
11.2. Option-Tag Registration . . . . . . . . . . . . . . . . . 16 11.2. Option-Tag Registration . . . . . . . . . . . . . . . . . 16
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16
13. Change control . . . . . . . . . . . . . . . . . . . . . . . . 16 13. Change control . . . . . . . . . . . . . . . . . . . . . . . . 16
13.1. Changes from draft-ietf-sipping-uri-list-message-02.txt . 17 13.1. Changes from draft-ietf-sipping-uri-list-message-02.txt . 17
13.2. Changes from draft-ietf-sipping-uri-list-message-01.txt . 17 13.2. Changes from draft-ietf-sipping-uri-list-message-01.txt . 17
13.3. Changes from draft-ietf-sipping-uri-list-message-00.txt . 17 13.3. Changes from draft-ietf-sipping-uri-list-message-00.txt . 17
13.4. Changes from 13.4. Changes from
draft-ietf-sipping-message-exploder-00.txt to draft-ietf-sipping-message-exploder-00.txt to
draft-ietf-sipping-uri-list-message-00.txt . . . . . . . . 17 draft-ietf-sipping-uri-list-message-00.txt . . . . . . . . 17
13.5. Changes from 13.5. Changes from
draft-garcia-simple-message-exploder-00.txt to draft-garcia-simple-message-exploder-00.txt to
draft-garcia-sipping-message-exploder-00.txt . . . . . . . 18 draft-garcia-sipping-message-exploder-00.txt . . . . . . . 18
14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18 14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
14.1. Normative References . . . . . . . . . . . . . . . . . . . 18 14.1. Normative References . . . . . . . . . . . . . . . . . . . 18
14.2. Informational References . . . . . . . . . . . . . . . . . 19 14.2. Informational References . . . . . . . . . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19
Intellectual Property and Copyright Statements . . . . . . . . . . 21 Intellectual Property and Copyright Statements . . . . . . . . . . 20
1. Introduction 1. Introduction
SIP [6] can carry instant messages in MESSAGE [9] requests. The SIP [5] can carry instant messages in MESSAGE [8] requests. The
Advanced Instant Messaging Requirements for SIP [13] mentions the Advanced Instant Messaging Requirements for SIP [12] mentions the
need for sending a MESSAGE request to multiple recipients: need for sending a MESSAGE request to multiple recipients:
"REQ-GROUP-3: It MUST be possible for a user to send to an ad-hoc "REQ-GROUP-3: It MUST be possible for a user to send to an ad-hoc
group, where the identities of the recipients are carried in the group, where the identities of the recipients are carried in the
message itself." message itself."
One possibility to fulfill the above requirement is to establish a One possibility to fulfill the above requirement is to establish a
session of instant messages with an instant messaging conference session of instant messages with an instant messaging conference
server. While this option seems to be reasonable in many cases, in server. While this option seems to be reasonable in many cases, in
other situations the sending user just want to send a small page-mode other situations the sending user just want to send a small page-mode
instant message to an ad-hoc group, without entering the burden of instant message to an ad-hoc group, without entering the burden of
setting up a session. This document focuses on sending a page-mode setting up a session. This document focuses on sending a page-mode
instant message to a number of intended recipients. instant message to a number of intended recipients.
To meet the requirement with a page-mode instant message, we allow To meet the requirement with a page-mode instant message, we allow
SIP MESSAGE requests carry URI-lists in body parts whose Content- SIP MESSAGE requests carry URI-lists in body parts whose Content-
Disposition [2] is 'recipient-list', as specified in the Framework Disposition [2] is 'recipient-list', as specified in the Framework
and Security Considerations for SIP URI-List Services [12]. A SIP and Security Considerations for SIP URI-List Services [11]. A SIP
MESSAGE URI-list service, which is a specialized application service, MESSAGE URI-list service, which is a specialized application service,
receives the request and sends a similar MESSAGE request to each of receives the request and sends a similar MESSAGE request to each of
the URIs in the list. Each of these MESSAGE requests contains a copy the URIs in the list. Each of these MESSAGE requests contains a copy
of the body included in the original MESSAGE request. of the body included in the original MESSAGE request.
The Advanced Instant Messaging Requirements for SIP [13] also The Advanced Instant Messaging Requirements for SIP [12] also
includes a requirement that allows to provide a "Reply-to-All" includes a requirement that allows to provide a "Reply-to-All"
functionality: functionality:
"REQ-GROUP-4: It MUST be possible for the recipient of a group IM "REQ-GROUP-4: It MUST be possible for the recipient of a group IM
to send a message to all other participants that received the same to send a message to all other participants that received the same
group IM (i.e., Reply-To-All)." group IM (i.e., Reply-To-All)."
To meet this requirement, we provide a mechanism whereby the MESSAGE To meet this requirement, we provide a mechanism whereby the MESSAGE
URI-list service can include the received URI-list along the instant URI-list service can include the received URI-list along the instant
message payload in each of the instant messages sent to the message payload in each of the instant messages sent to the
skipping to change at page 4, line 33 skipping to change at page 4, line 33
Incoming MESSAGE request: A SIP MESSAGE request that a UAC creates Incoming MESSAGE request: A SIP MESSAGE request that a UAC creates
and addresses to a MESSAGE URI-list service. Besides the regular and addresses to a MESSAGE URI-list service. Besides the regular
instant message payload, an incoming MESSAGE request contains a instant message payload, an incoming MESSAGE request contains a
URI-list. URI-list.
Outgoing MESSAGE request: A SIP MESSAGE request that a MESSAGE URI- Outgoing MESSAGE request: A SIP MESSAGE request that a MESSAGE URI-
list service creates and addresses to a UAS (User Agent Server). list service creates and addresses to a UAS (User Agent Server).
It contains the regular instant message payload. It contains the regular instant message payload.
Intended recipient: The intended final recipient of the request to be Intended recipient: The intended final recipient of the request to
generated by MESSAGE URI-list service. be generated by MESSAGE URI-list service.
3. Overview 3. Overview
A UAC creates a MESSAGE request that contains a multipart body A UAC creates a MESSAGE request that contains a multipart body
including a list of URIs (intended recipients) and an instant including a list of URIs (intended recipients) and an instant
message. The UAC sends this MESSAGE request to the MESSAGE URI-List message. The UAC sends this MESSAGE request to the MESSAGE URI-List
service. On reception of this incoming MESSAGE request, the MESSAGE service. On reception of this incoming MESSAGE request, the MESSAGE
URI-list service creates a MESSAGE request per intended recipient URI-list service creates a MESSAGE request per intended recipient
(listed in the URI-list) and copies the instant message payload to (listed in the URI-list) and copies the instant message payload to
each of those MESSAGES. Then the MESSAGE URI-list service sends each each of those MESSAGES. Then the MESSAGE URI-list service sends each
of the created outgoing MESSAGE request to the respective receiver. of the created outgoing MESSAGE request to the respective receiver.
The mechanism reuses the XML format for representing resource lists The mechanism reuses the XML format for representing resource lists
[10] to include the list of intended recipients. We define an [9] to include the list of intended recipients. We define an
extension to that list to indicate the capacity of each resource, extension to that list to indicate the capacity of each resource,
which can be To, Cc or Bcc (in an analogy to e-mail). The MESSAGE which can be To, Cc or Bcc (in an analogy to e-mail). The MESSAGE
URI-list service can include a resource list in the outgoing MESSAGE URI-list service can include a resource list in the outgoing MESSAGE
request that contain those resources tagged with a To or Cc request that contain those resources tagged with a To or Cc
capacities (and not Bcc capacities). This allows the creator of the capacities (and not Bcc capacities). This allows the creator of the
incoming MESSAGE request to identify if a resource should be incoming MESSAGE request to identify if a resource should be
receiving a copy of the MESSAGE request as a capacity of recipient receiving a copy of the MESSAGE request as a capacity of recipient
(to), carbon copy (cc) or blind carbon copy (bcc). It also allows (to), carbon copy (cc) or blind carbon copy (bcc). It also allows
some the intended recipients to reply to the initial sender and all some the intended recipients to reply to the initial sender and all
the visible recipients of the MESSAGE request. the visible recipients of the MESSAGE request.
4. URI-List document 4. URI-List document
As described in the Framework and Security Considerations for SIP As described in the Framework and Security Considerations for SIP
URI-List Services [12], specifications of individual URI-list URI-List Services [11], specifications of individual URI-list
services, like the MESSAGE URI-list service described here, need to services, like the MESSAGE URI-list service described here, need to
specify a default format for 'recipient-list' bodies used within the specify a default format for 'recipient-list' bodies used within the
particular service. particular service.
The default format for recipient-list bodies for MESSAGE URI-list The default format for recipient-list bodies for MESSAGE URI-list
services is the resource list document format [10] . UAs (User services is the resource list document format [9] . UAs (User
Agents) and servers handling recipient-list bodies MUST support this Agents) and servers handling recipient-list bodies MUST support this
format and MAY support other formats. format and MAY support other formats.
Nevertheless, the Extensible Markup Language (XML) Configuration Nevertheless, the Extensible Markup Language (XML) Configuration
Access Protocol (XCAP) resource list document provides features, such Access Protocol (XCAP) resource list document provides features, such
as hierarchical lists and the ability to include entries by reference as hierarchical lists and the ability to include entries by reference
relative to the XCAP root URI, that are not needed by the MESSAGE relative to the XCAP root URI, that are not needed by the MESSAGE
URI-list service defined in this document, which only needs to URI-list service defined in this document, which only needs to
transfer a flat list of URIs between a UA and the server. Therefore, transfer a flat list of URIs between a UA and the server. Therefore,
when using the default resource list document, UAs SHOULD use flat when using the default resource list document, UAs SHOULD use flat
lists (i.e., no hierarchical lists) and SHOULD NOT use <entry-ref> lists (i.e., no hierarchical lists) and SHOULD NOT use <entry-ref>
elements. elements.
Section 4.1 defines an extension to the XML format for representing Section 4.1 defines an extension to the XML format for representing
resource lists [10]. This extension allows us to characterize a resource lists [9]. This extension allows us to characterize a
resource with a 'capacity' attribute. UACs (User Agent Clients) and resource with a 'capacity' attribute. UACs (User Agent Clients) and
MESSAGE URI-list services handling 'recipient-list' bodies MUST MESSAGE URI-list services handling 'recipient-list' bodies MUST
support 'capacity' extension. support 'capacity' extension.
A MESSAGE URI-list service receiving a URI-list with more information A MESSAGE URI-list service receiving a URI-list with more information
than what has just been described MAY discard all the extra than what has just been described MAY discard all the extra
information. information.
Additionally, this document defines a new mail disposition type value Additionally, this document defines a new mail disposition type value
to be included in a Content-Disposition [2] header field of a SIP to be included in a Content-Disposition [2] header field of a SIP
MESSAGE request. The value of this new disposition type is MESSAGE request. The value of this new disposition type is
'recipient-list-history' and its purpose is to indicate a list of 'recipient-list-history' and its purpose is to indicate a list of
recipients that a MESSAGE was sent to. A body whose Content- recipients that a MESSAGE was sent to. A body whose Content-
Disposition type is 'recipient-list-history' contains a URI-list with Disposition type is 'recipient-list-history' contains a URI-list with
the visible recipients of the MESSAGE. The <entry> element in the the visible recipients of the MESSAGE. The <entry> element in the
URI-list MAY also include a 'capacity' attribute, as specified in URI-list MAY also include a 'capacity' attribute, as specified in
Section 4.1. MESSAGE URI-list services MUST implement support for Section 4.1. MESSAGE URI-list services MUST implement support for
this Content-Disposition type. User Agent Servers (UAS) MAY this Content-Disposition type. User Agent Servers (UAS) MAY
implement support for the resource-list document format [10] and the implement support for the resource-list document format [9] and the
'recipient-list-history' Content-Disposition type. 'recipient-list-history' Content-Disposition type.
4.1. Extension to the resource lists data format 4.1. Extension to the resource lists data format
This document defines an extension to indicate the capacity of a This document defines an extension to indicate the capacity of a
resource. We define a new 'capacity' attribute to the <entry> resource. We define a new 'capacity' attribute to the <entry>
element. The 'capacity' attribute has similar semantics to the type element. The 'capacity' attribute has similar semantics to the type
of destination address in e-mail systems. It can take the values of destination address in e-mail systems. It can take the values
"to", "cc" and "bcc". A "to" value of the 'capacity' attribute "to", "cc" and "bcc". A "to" value of the 'capacity' attribute
indicates that the resource is considered the recipient of the indicates that the resource is considered the recipient of the
skipping to change at page 8, line 20 skipping to change at page 8, line 20
User agent clients generating a MESSAGE with a recipient-list body, User agent clients generating a MESSAGE with a recipient-list body,
as described in previous sections, MUST include this option-tag in a as described in previous sections, MUST include this option-tag in a
Require header field. User agents that are able to receive and Require header field. User agents that are able to receive and
process MESSAGEs with a recipient-list body, as described in previous process MESSAGEs with a recipient-list body, as described in previous
sections, SHOULD include this option-tag in a Supported header field sections, SHOULD include this option-tag in a Supported header field
when responding to OPTIONS requests. when responding to OPTIONS requests.
6. Procedures at the User Agent Client 6. Procedures at the User Agent Client
A UAC that wants to create a multiple-recipient MESSAGE request MUST A UAC that wants to create a multiple-recipient MESSAGE request MUST
create a MESSAGE request according to RFC 3428 [9] Section 4. The create a MESSAGE request according to RFC 3428 [8] Section 4. The
UAC SHOULD populate the Request-URI with the SIP or SIPS URI of the UAC SHOULD populate the Request-URI with the SIP or SIPS URI of the
MESSAGE URI-list service. In addition to the regular instant message MESSAGE URI-list service. In addition to the regular instant message
body, the UAC SHOULD add a URI-list body whose Content-Disposition body, the UAC SHOULD add a URI-list body whose Content-Disposition
type is 'recipient-list', specifed in the Framework and Security type is 'recipient-list', specifed in the Framework and Security
Considerations for SIP URI-list Services [12]. This body contains a Considerations for SIP URI-list Services [11]. This body contains a
URI-list with the recipients of the MESSAGE. The URI-list body MAY URI-list with the recipients of the MESSAGE. The URI-list body MAY
also include the 'capacity' extension to the URI-list specified in also include the 'capacity' extension to the URI-list specified in
Section 4.1. The UAC MUST also include the 'recipient-list-message' Section 4.1. The UAC MUST also include the 'recipient-list-message'
option-tag, defined in Section 5, in a Require header field. option-tag, defined in Section 5, in a Require header field.
Multiple-recipient MESSAGE requests contain a multipart body that Multiple-recipient MESSAGE requests contain a multipart body that
contains the body carrying the list and the actual instant message contains the body carrying the list and the actual instant message
payload. In some cases, the MESSAGE request may contain bodies other payload. In some cases, the MESSAGE request may contain bodies other
than the text and the list bodies (e.g., when the request is than the text and the list bodies (e.g., when the request is
protected with S/MIME [11]). protected with S/MIME [10]).
Typically, the MESSAGE URI-list service will copy all the significant Typically, the MESSAGE URI-list service will copy all the significant
header fields in the outgoing MESSAGE request. However, there might header fields in the outgoing MESSAGE request. However, there might
be cases where the SIP UA wants the MESSAGE URI-list service to add a be cases where the SIP UA wants the MESSAGE URI-list service to add a
particular header field with a particular value, even if the header particular header field with a particular value, even if the header
field wasn't present in the MESSAGE request sent by the UAC. In this field wasn't present in the MESSAGE request sent by the UAC. In this
case, the UAC MAY use the "?" mechanism described in Section 19.1.1 case, the UAC MAY use the "?" mechanism described in Section 19.1.1
of RFC 3261 [6] to encode extra information in any URI in the list. of RFC 3261 [5] to encode extra information in any URI in the list.
However, the UAC MUST NOT use the special "body" hname (see Section However, the UAC MUST NOT use the special "body" hname (see Section
19.1.1 of RFC 3261 [6]) to encode a body, since the body is present 19.1.1 of RFC 3261 [5]) to encode a body, since the body is present
in the MESSAGE request itself. in the MESSAGE request itself.
The following is an example of a URI that uses the "?" mechanism: The following is an example of a URI that uses the "?" mechanism:
sip:bob@example.com?Accept-Contact=*%3bmobility%3d%22mobile%22 sip:bob@example.com?Accept-Contact=*%3bmobility%3d%22mobile%22
The previous URI requests the MESSAGE URI-list service to add the The previous URI requests the MESSAGE URI-list service to add the
following header field to a MESSAGE request to be sent to following header field to a MESSAGE request to be sent to
bob@example.com: bob@example.com:
Accept-Contact: *;mobility="mobile" Accept-Contact: *;mobility="mobile"
skipping to change at page 9, line 28 skipping to change at page 9, line 28
received the MESSAGE and that it will try to send a similar MESSAGE received the MESSAGE and that it will try to send a similar MESSAGE
to the URIs in the list. Designing a mechanism to inform a client to the URIs in the list. Designing a mechanism to inform a client
about the delivery status of an instant message is outside the scope about the delivery status of an instant message is outside the scope
of this document. of this document.
7.1. Determining the intended recipient 7.1. Determining the intended recipient
On reception of a MESSAGE request with a URI-list, a MESSAGE URI-list On reception of a MESSAGE request with a URI-list, a MESSAGE URI-list
service SHOULD determine the list of intended recipients, by service SHOULD determine the list of intended recipients, by
inspecting the URI-list contained in the body. In case two of those inspecting the URI-list contained in the body. In case two of those
URIs are equivalent (section 19.1.4 of RFC 3261 [6] defines URIs are equivalent (section 19.1.4 of RFC 3261 [5] defines
equivalent URIs), the MESSAGE URI-list SHOULD consider a single equivalent URIs), the MESSAGE URI-list SHOULD consider a single
intended recipient. intended recipient.
7.2. Creating an outgoing MESSAGE request 7.2. Creating an outgoing MESSAGE request
Since the MESSAGE URI-list behaves as a UAC for outgoing MESSAGE Since the MESSAGE URI-list behaves as a UAC for outgoing MESSAGE
requests, for each of the intended recipients, the MESSAGE URI-list requests, for each of the intended recipients, the MESSAGE URI-list
service creates a new MESSAGE request according to the procedures service creates a new MESSAGE request according to the procedures
described in Section 4 of RFC 3428 [9] and the following procedures: described in Section 4 of RFC 3428 [8] and the following procedures:
o A MESSAGE URI-list service MUST include a From header field whose o A MESSAGE URI-list service MUST include a From header field whose
value is the same as the From header field included in the value is the same as the From header field included in the
incoming MESSAGE request, subject to the privacy requirements (see incoming MESSAGE request, subject to the privacy requirements (see
RFC 3323 [7] and RFC 3325 [8]) expressed in the incoming MESSAGE RFC 3323 [6] and RFC 3325 [7]) expressed in the incoming MESSAGE
request. Note that this does not apply to the "tag" parameter. request. Note that this does not apply to the "tag" parameter.
o A MESSAGE URI-list service SHOULD generate a new To header field o A MESSAGE URI-list service SHOULD generate a new To header field
value set to the intended recipient URI. According to the value set to the intended recipient URI. According to the
procedures of RFC 3261 Section 8.1.1.1, this value should also be procedures of RFC 3261 Section 8.1.1.1, this value should also be
equal to the Request-URI of the outgoing MESSAGE request. equal to the Request-URI of the outgoing MESSAGE request.
o A MESSAGE URI-list service SHOULD create a new Call-ID header o A MESSAGE URI-list service SHOULD create a new Call-ID header
field value. field value.
o If a P-Asserted-Identity header field was present in the incoming o If a P-Asserted-Identity header field was present in the incoming
MESSAGE request and the request was received from a trusted MESSAGE request and the request was received from a trusted
source, as specified in RFC 3325 [8], and the first hop of the source, as specified in RFC 3325 [7], and the first hop of the
outgoing MESSAGE request is also trusted, a MESSAGE URI-list outgoing MESSAGE request is also trusted, a MESSAGE URI-list
service MUST include a P-Asserted-Identity header field in the service MUST include a P-Asserted-Identity header field in the
outgoing MESSAGE request with the same received value. However, outgoing MESSAGE request with the same received value. However,
if the first hop of the outgoing MESSAGE request is not trusted if the first hop of the outgoing MESSAGE request is not trusted
and the incoming MESSAGE request included a Privacy header field and the incoming MESSAGE request included a Privacy header field
with a value different than 'none', the MESSAGE URI-list service with a value different than 'none', the MESSAGE URI-list service
MUST NOT include a P-Asserted-Identity header field in the MUST NOT include a P-Asserted-Identity header field in the
outgoing MESSAGE request. outgoing MESSAGE request.
o If a MESSAGE URI-list service is able to assert the identity of a o If a MESSAGE URI-list service is able to assert the identity of a
user (e.g., using HTTP Digest authentication scheme [4], S/MIME user (e.g., using HTTP Digest authentication scheme [3], S/MIME
[11], etc.) and the service implements a mechanism where it can [10], etc.) and the service implements a mechanism where it can
map that authentication scheme to a user's SIP or SIPS URI, and map that authentication scheme to a user's SIP or SIPS URI, and
subject to the privacy requirements expressed in the incoming subject to the privacy requirements expressed in the incoming
MESSAGE request (see RFC 3323 [7], the MESSAGE URI-list MAY insert MESSAGE request (see RFC 3323 [6], the MESSAGE URI-list MAY insert
a P-Asserted-Identity header with the value of the user's asserted a P-Asserted-Identity header with the value of the user's asserted
URI. URI.
o If the incoming MESSAGE request contains an Authorization or o If the incoming MESSAGE request contains an Authorization or
Proxy-Authorization header fields whose realm is set to the Proxy-Authorization header fields whose realm is set to the
MESSAGE URI-list server's realm, then the MESSAGE URI-list service MESSAGE URI-list server's realm, then the MESSAGE URI-list service
SHOULD NOT copy it to the outgoing MESSAGE request; otherwise SHOULD NOT copy it to the outgoing MESSAGE request; otherwise
(i.e., if the Authorization or Proxy-Authorization header field of (i.e., if the Authorization or Proxy-Authorization header field of
incoming MESSAGE request contains a different realm), the MESSAGE incoming MESSAGE request contains a different realm), the MESSAGE
URI-list service MUST copy the value to the respective header URI-list service MUST copy the value to the respective header
field of the outgoing MESSAGE request. field of the outgoing MESSAGE request.
o A MESSAGE URI-list service SHOULD create a separate count for the o A MESSAGE URI-list service SHOULD create a separate count for the
CSeq header field of the outgoing MESSAGE request. CSeq header field of the outgoing MESSAGE request.
o A MESSAGE URI-list service SHOULD initialize the value of the Max- o A MESSAGE URI-list service SHOULD initialize the value of the Max-
Forward header field of the outgoing MESSAGE request. Forward header field of the outgoing MESSAGE request.
o A MESSAGE URI-list service MUST include its own value in the Via o A MESSAGE URI-list service MUST include its own value in the Via
header field. header field.
o A MESSAGE URI-list service SHOULD include any other header field o A MESSAGE URI-list service SHOULD include any other header field
expressed with the "?" mechanism described in Section 19.1.1 of expressed with the "?" mechanism described in Section 19.1.1 of
RFC 3261 [6] and encoded in the intended recipient URI of the URI- RFC 3261 [5] and encoded in the intended recipient URI of the URI-
list. list.
o A MESSAGE URI-list service SHOULD preserve to the outgoing MESSAGE o A MESSAGE URI-list service SHOULD preserve to the outgoing MESSAGE
request any other header field not explicitly indicated in the request any other header field not explicitly indicated in the
above paragraphs. above paragraphs.
o If the URI-list of the incoming MESSAGE request include resources
tagged with the 'capacity' attribute set with a value of "to" or
"cc", the URI-list service SHOULD include a URI-list in each of
the outgoing MESSAGE requests.
7.3. Composing bodies in the outgoing MESSAGE request 7.3. Composing bodies in the outgoing MESSAGE request
When creating the body of each of the outgoing MESSAGE requests, the When creating the body of each of the outgoing MESSAGE requests, the
MESSAGE URI-list service tries to keep the relevant bodies of the MESSAGE URI-list service tries to keep the relevant bodies of the
incoming MESSAGE request and copies them to the outgoing MESSAGE incoming MESSAGE request and copies them to the outgoing MESSAGE
request. The following guidelines are provided: request. The following guidelines are provided:
o A MESSAGE request received at a MESSAGE URI-list service can o A MESSAGE request received at a MESSAGE URI-list service can
contain one or more security bodies (e.g., S/MIME [11]) encrypted contain one or more security bodies (e.g., S/MIME [10]) encrypted
with the public key of the MESSAGE URI-list service. These bodies with the public key of the MESSAGE URI-list service. These bodies
are deemed to be read by the URI-list service rather than the are deemed to be read by the URI-list service rather than the
recipient of the outgoing MESSAGE request (which will not be able recipient of the outgoing MESSAGE request (which will not be able
to decrypt them). Therefore, a MESSAGE URI-list service MUST NOT to decrypt them). Therefore, a MESSAGE URI-list service MUST NOT
copy any security body (such as an S/MIME [11] encrypted body) copy any security body (such as an S/MIME [10] encrypted body)
addressed to the MESSAGE URI-list service to the outgoing MESSAGE addressed to the MESSAGE URI-list service to the outgoing MESSAGE
request. This includes bodies encrypted with the public key of request. This includes bodies encrypted with the public key of
the URI-list service. the URI-list service.
o If the URI-list of the incoming MESSAGE request include resources o The incoming MESSAGE request typically contains a URI-list body or
tagged with the 'capacity' attribute set with a value of "to" or reference [11] with the actual list of recipients. Section 7.2
"cc", the URI-list service SHOULD include a URI-list in each of contains procedures that determine when the MESSAGE URI-list
the outgoing MESSAGE requests. The format of such list SHOULD BE service should include a URI-list body in the outgoing MESSAGE
according to the XML format for representing resource lists [10] request.
and the capacity extension specified in Section 4.1. This o If the MESSAGE URI-list service includes a URI-list in an outgoing
resource list MUST contain those elements categorized with the MESSAGE request, then the list SHOULD be formatted according to
"to" or "cc" capacity attribute and MUST NOT contain those the XML format for representing resource lists [9] and the
resources categorized with the "bcc" or lacking the capacity capacity extension specified in Section 4.1. This resource list
attribute. MUST contain those elements categorized with the "to" or "cc"
capacity attribute and MUST NOT contain those resources
categorized with the "bcc" or lacking the capacity attribute (the
default value for the capacity of resources without a capacity
attribute is "bcc").
o If the MESSAGE URI-list service includes a URI-list in an outgoing o If the MESSAGE URI-list service includes a URI-list in an outgoing
MESSAGE request, it MUST include a Content-Disposition header MESSAGE request, it MUST include a Content-Disposition header
field [2] with the value set to 'recipient-list-history' and a field [2] with the value set to 'recipient-list-history' and a
'handling' parameter [5] set to "optional". 'handling' parameter [4] set to "optional".
o If a MESSAGE URI-list service includes a URI-list in an outgoing o If a MESSAGE URI-list service includes a URI-list in an outgoing
MESSAGE request, it SHOULD use S/MIME [11] to encrypt the URI-list MESSAGE request, it SHOULD use S/MIME [10] to encrypt the URI-list
with the public key of the receiver. with the public key of the receiver.
o The incoming MESSAGE request typically contains a URI-list body or
reference [12] with the actual list of recipients. Section 7.2
contains procedures that determine when the MESSAGE URI-list
service should include a URI-list body in the outgoing MESSAGE
request.
o The MESSAGE URI-list service SHOULD copy all the rest of the o The MESSAGE URI-list service SHOULD copy all the rest of the
message bodies (e.g., text messages, images, etc.) to the outgoing message bodies (e.g., text messages, images, etc.) to the outgoing
MESSAGE request. MESSAGE request.
o If there is only one body left, the MESSAGE URI-list service MUST o If there is only one body left, the MESSAGE URI-list service MUST
remove the multipart/mixed wrapper in the outgoing MESSAGE remove the multipart/mixed wrapper in the outgoing MESSAGE
request. request.
The rest of the MESSAGE request corresponding to a given URI in the The rest of the MESSAGE request corresponding to a given URI in the
URI-list MUST be created following the rules in Section 19.1.5 URI-list MUST be created following the rules in Section 19.1.5
"Forming Requests from a URI" of RFC 3261 [6]. In particular, "Forming Requests from a URI" of RFC 3261 [5]. In particular,
Section 19.1.5 of RFC 3261 [6] states: Section 19.1.5 of RFC 3261 [5] states:
"An implementation SHOULD treat the presence of any headers or body "An implementation SHOULD treat the presence of any headers or body
parts in the URI as a desire to include them in the message, and parts in the URI as a desire to include them in the message, and
choose to honor the request on a per-component basis." choose to honor the request on a per-component basis."
SIP allows to append a "method" parameter to a URI. Therefore, it is SIP allows to append a "method" parameter to a URI. Therefore, it is
legitimate that an the 'uri' attribute of the <entry> element in the legitimate that an the 'uri' attribute of the <entry> element in the
XCAP resource list contains a 'method' parameter. MESSAGE URI-list XCAP resource list contains a 'method' parameter. MESSAGE URI-list
services MUST generate only MESSAGE requests, regardless of the services MUST generate only MESSAGE requests, regardless of the
'method' parameter that the URIs in the list indicate. Effectively, 'method' parameter that the URIs in the list indicate. Effectively,
MESSAGE URI-list services MUST ignore the 'method' parameter in each MESSAGE URI-list services MUST ignore the 'method' parameter in each
of the URIs present in the URI-list. of the URIs present in the URI-list.
8. Procedures at the UAS 8. Procedures at the UAS
skipping to change at page 12, line 16 skipping to change at page 12, line 22
XCAP resource list contains a 'method' parameter. MESSAGE URI-list XCAP resource list contains a 'method' parameter. MESSAGE URI-list
services MUST generate only MESSAGE requests, regardless of the services MUST generate only MESSAGE requests, regardless of the
'method' parameter that the URIs in the list indicate. Effectively, 'method' parameter that the URIs in the list indicate. Effectively,
MESSAGE URI-list services MUST ignore the 'method' parameter in each MESSAGE URI-list services MUST ignore the 'method' parameter in each
of the URIs present in the URI-list. of the URIs present in the URI-list.
8. Procedures at the UAS 8. Procedures at the UAS
A UAS (in this specification, also known as intended recipient UAS) A UAS (in this specification, also known as intended recipient UAS)
that receives a MESSAGE request from the URI-list service behaves as that receives a MESSAGE request from the URI-list service behaves as
specified in RFC 3428 [9] Section 7. specified in RFC 3428 [8] Section 7.
If the UAS supports this specification and the MESSAGE request If the UAS supports this specification and the MESSAGE request
contains a body with a Content-Disposition header field [2] set to contains a body with a Content-Disposition header field [2] set to
'recipient-list-history', then the UAS will be able to determine who 'recipient-list-history', then the UAS will be able to determine who
are the other intended visible recipients of the MESSAGE request. are the other intended visible recipients of the MESSAGE request.
This allows the user to create a reply request (e.g., MESSAGE, This allows the user to create a reply request (e.g., MESSAGE,
INVITE) to the sender and the rest of the visible recipients. INVITE) to the sender and the rest of the visible recipients.
9. Examples 9. Examples
skipping to change at page 15, line 39 skipping to change at page 15, line 39
<list> <list>
<entry uri="sip:bill@example.com" cp:capacity="to" /> <entry uri="sip:bill@example.com" cp:capacity="to" />
<entry uri="sip:joe@example.org" cp:capacity="cc" /> <entry uri="sip:joe@example.org" cp:capacity="cc" />
</list> </list>
</resource-lists> </resource-lists>
--boundary1-- --boundary1--
10. Security Considerations 10. Security Considerations
The Framework and Security Considerations for SIP URI-List Services The Framework and Security Considerations for SIP URI-List Services
[12] discusses issues related to SIP URI-list services. [11] discusses issues related to SIP URI-list services.
Implementations of MESSAGE URI-list services MUST follow the Implementations of MESSAGE URI-list services MUST follow the
security-related rules in the Framework and Security Considerations security-related rules in the Framework and Security Considerations
for SIP URI-List Services [12]. These rules include mandatory for SIP URI-List Services [11]. These rules include mandatory
authentication and authorization of clients, and opt-in lists. authentication and authorization of clients, and opt-in lists.
If the contents of the instant message needs to be kept private, the If the contents of the instant message needs to be kept private, the
user agent client SHOULD use S/MIME [11] to prevent a third party user agent client SHOULD use S/MIME [10] to prevent a third party
from viewing this information. In this case, the user agent client from viewing this information. In this case, the user agent client
SHOULD encrypt the instant message body with a content encryption SHOULD encrypt the instant message body with a content encryption
key. Then, for each receiver in the list, the UAC SHOULD encrypt the key. Then, for each receiver in the list, the UAC SHOULD encrypt the
content encryption key with the public key of the receiver, and content encryption key with the public key of the receiver, and
attach it to the MESSAGE request. attach it to the MESSAGE request.
11. IANA Considerations 11. IANA Considerations
The following sections instruct the IANA to register a new The following sections instruct the IANA to register a new
disposition type and a new SIP option-tag. disposition type and a new SIP option-tag.
skipping to change at page 18, line 36 skipping to change at page 18, line 36
14.1. Normative References 14.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
[2] Troost, R., Dorner, S., and K. Moore, "Communicating [2] Troost, R., Dorner, S., and K. Moore, "Communicating
Presentation Information in Internet Messages: The Content- Presentation Information in Internet Messages: The Content-
Disposition Header Field", RFC 2183, August 1997. Disposition Header Field", RFC 2183, August 1997.
[3] Levinson, E., "Content-ID and Message-ID Uniform Resource [3] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Locators", RFC 2392, August 1998.
[4] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A., and L. Stewart, "HTTP Authentication: Leach, P., Luotonen, A., and L. Stewart, "HTTP Authentication:
Basic and Digest Access Authentication", RFC 2617, June 1999. Basic and Digest Access Authentication", RFC 2617, June 1999.
[5] Zimmerer, E., Peterson, J., Vemuri, A., Ong, L., Audet, F., [4] Zimmerer, E., Peterson, J., Vemuri, A., Ong, L., Audet, F.,
Watson, M., and M. Zonoun, "MIME media types for ISUP and QSIG Watson, M., and M. Zonoun, "MIME media types for ISUP and QSIG
Objects", RFC 3204, December 2001. Objects", RFC 3204, December 2001.
[6] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., [5] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002. Session Initiation Protocol", RFC 3261, June 2002.
[7] Peterson, J., "A Privacy Mechanism for the Session Initiation [6] Peterson, J., "A Privacy Mechanism for the Session Initiation
Protocol (SIP)", RFC 3323, November 2002. Protocol (SIP)", RFC 3323, November 2002.
[8] Jennings, C., Peterson, J., and M. Watson, "Private Extensions [7] Jennings, C., Peterson, J., and M. Watson, "Private Extensions
to the Session Initiation Protocol (SIP) for Asserted Identity to the Session Initiation Protocol (SIP) for Asserted Identity
within Trusted Networks", RFC 3325, November 2002. within Trusted Networks", RFC 3325, November 2002.
[9] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., and [8] Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., and
D. Gurle, "Session Initiation Protocol (SIP) Extension for D. Gurle, "Session Initiation Protocol (SIP) Extension for
Instant Messaging", RFC 3428, December 2002. Instant Messaging", RFC 3428, December 2002.
[10] Rosenberg, J., "Extensible Markup Language (XML) Formats for [9] Rosenberg, J., "Extensible Markup Language (XML) Formats for
Representing Resource Lists", Representing Resource Lists",
draft-ietf-simple-xcap-list-usage-05 (work in progress), draft-ietf-simple-xcap-list-usage-05 (work in progress),
February 2005. February 2005.
[11] Ramsdell, B., "S/MIME Version 3.1 Message Specification", [10] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions
draft-ietf-smime-rfc2633bis-09 (work in progress), April 2004. (S/MIME) Version 3.1 Message Specification", RFC 3851,
July 2004.
[12] Camarillo, G. and A. Roach, "Requirements and Framework for [11] Camarillo, G. and A. Roach, "Framework and Security
Session Initiation Protocol (SIP)Uniform Resource Identifier Considerations for Session Initiation Protocol (SIP) Uniform
(URI)-List Services", draft-ietf-sipping-uri-services-03 (work Resource Identifier (URI)-List Services",
in progress), April 2005. draft-ietf-sipping-uri-services-04 (work in progress),
October 2005.
14.2. Informational References 14.2. Informational References
[13] Rosenberg, J., "Advanced Instant Messaging Requirements for the [12] Rosenberg, J., "Advanced Instant Messaging Requirements for the
Session Initiation Protocol (SIP)", Session Initiation Protocol (SIP)",
draft-rosenberg-simple-messaging-requirements-01 (work in draft-rosenberg-simple-messaging-requirements-01 (work in
progress), February 2004. progress), February 2004.
[14] Peterson, J., "Session Initiation Protocol (SIP) Authenticated
Identity Body (AIB) Format", RFC 3893, September 2004.
Authors' Addresses Authors' Addresses
Miguel A. Garcia-Martin Miguel A. Garcia-Martin
Nokia Nokia
P.O.Box 407 P.O.Box 407
NOKIA GROUP, FIN 00045 NOKIA GROUP, FIN 00045
Finland Finland
Email: miguel.an.garcia@nokia.com Email: miguel.an.garcia@nokia.com
Gonzalo Camarillo Gonzalo Camarillo
Ericsson Ericsson
Hirsalantie 11 Hirsalantie 11
Jorvas 02420 Jorvas 02420
Finland Finland
Email: Gonzalo.Camarillo@ericsson.com Email: Gonzalo.Camarillo@ericsson.com
Intellectual Property Statement Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
skipping to change at page 21, line 29 skipping to change at page 21, line 6
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 55 change blocks. 
95 lines changed or deleted 94 lines changed or added

This html diff was produced by rfcdiff 1.28, available from http://www.levkowetz.com/ietf/tools/rfcdiff/