draft-ietf-speermint-requirements-00.txt   draft-ietf-speermint-requirements-01.txt 
SPEERMINT Working Group J-F. Mule SPEERMINT Working Group J-F. Mule
Internet-Draft CableLabs Internet-Draft CableLabs
Expires: December 21, 2006 June 19, 2006 Expires: April 26, 2007 October 23, 2006
SPEERMINT Requirements for SIP-based VoIP Interconnection SPEERMINT Requirements for SIP-based VoIP Interconnection
draft-ietf-speermint-requirements-00.txt draft-ietf-speermint-requirements-01.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 33 skipping to change at page 1, line 33
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 21, 2006. This Internet-Draft will expire on April 26, 2007.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
Abstract Abstract
This document describes general requirements for Session PEERing for This document describes high-level guidelines and general
Multimedia INTerconnect and defines the minimum set of requirements requirements for Session PEERing for Multimedia INTerconnect. It
applicable to SIP session peering for VoIP interconnects. also defines a minimum set of requirements applicable to session
peering for Voice over IP interconnects. It is intended to become
In its current form, the document is a first draft based on the best current practices based on the use cases discussed in the
SPEERMINT mailing list's discussions on requirements. The main speermint working group.
objectives are to generate consensus on what categories of
requirements should be covered, and to start more discussions on the
technical protocol requirements that apply to VoIP interconnects.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. General Requirements . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. Unified solution for session peering policies . . . . . . . 3 3. General Requirements . . . . . . . . . . . . . . . . . . . . . 5
2.2. Domain Based . . . . . . . . . . . . . . . . . . . . . . . 4 4. Requirements for SIP-based VoIP Interconnection . . . . . . . 8
2.3. No blocked calls . . . . . . . . . . . . . . . . . . . . . 4 4.1. DNS, Call Addressing Data (CAD) and ENUM . . . . . . . . . 8
2.4. Scaling . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4.2. Minimum set of SIP-SDP-related requirements . . . . . . . 8
2.5. Independence of lower layers . . . . . . . . . . . . . . . 4 4.3. Media-related Requirements . . . . . . . . . . . . . . . . 9
2.6. Administrative and technical policies . . . . . . . . . . . 4 4.4. Security Requirements . . . . . . . . . . . . . . . . . . 9
2.7. Minimal additional cost on call initiation . . . . . . . . 5 4.4.1. Security in today's VoIP networks . . . . . . . . . . 9
2.8. Look beyond SIP . . . . . . . . . . . . . . . . . . . . . . 5 4.4.2. TLS Considerations for session peering . . . . . . . . 10
3. Requirements for SIP-based VoIP Interconnection . . . . . . . . 5 5. Annex A - List of Policy Parameters for VoIP
3.1. DNS, Call Routing Data (CRD) and ENUM . . . . . . . . . . . 5 Interconnections . . . . . . . . . . . . . . . . . . . . . . . 12
3.2. Minimum set of SIP-SDP-related requirements . . . . . . . . 6 5.1. Categories of parameters and Justifications . . . . . . . 12
3.3. Media-related requirements . . . . . . . . . . . . . . . . 6 5.2. Summary of Parameters for Consideration in Session
3.4. Security requirements . . . . . . . . . . . . . . . . . . . 7 Peering Policies . . . . . . . . . . . . . . . . . . . . . 14
4. Open Questions . . . . . . . . . . . . . . . . . . . . . . . . 7 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16
5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 7 7. Security Considerations . . . . . . . . . . . . . . . . . . . 17
6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 8.1. Normative References . . . . . . . . . . . . . . . . . . . 18
7.1. Normative References . . . . . . . . . . . . . . . . . . . 8 8.2. Informative References . . . . . . . . . . . . . . . . . . 18
7.2. Informative References . . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 21
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 9 Intellectual Property and Copyright Statements . . . . . . . . . . 22
Intellectual Property and Copyright Statements . . . . . . . . . . 9
1. Introduction 1. Introduction
The Session PEERing for Multimedia INTerconnect (SPEERMINT) Working The Session PEERing for Multimedia INTerconnect (SPEERMINT) Working
Group is chartered to focus on architectures to identify, signal, and Group is chartered to focus on architectures to identify, signal, and
route delay-sensitive communication sessions. These sessions use the route delay-sensitive communication sessions. These sessions use the
SIP signaling protocol to enable peering between two or more Session Initiation Protocol (SIP) protocol to enable peering between
administrative domains over IP networks. two or more administrative domains over IP networks.
This document describes general SPEERMINT requirements for session
peering and defines the minimum set of requirements for SIP-based
VoIP interconnection. A number of Editor's Notes have been inserted
in the text to seek specific comments on draft requirements.
The reader should be familiar with the definitions and terms defined
in the SPEERMINT terminology draft [SPEERMINT-TERM].
2. General Requirements This document describes high-level guidelines and general
requirements for session peering; these requirements are applicable
to any type of multimedia session peering such as Voice over IP
(VoIP), video telephony, and instant messaging. The document also
defines a minimum set of requirements for a sub-set of the session
peering use cases: VoIP interconnects.
The following section defines general requirements applicable to the The intent of this version of this document is to describe what
"solution space". mechanisms are used for establishing SIP session peering with a
special look at VoIP interconnects, and in doing so, it defines some
of requirements associated with the secure establishment of VoIP
interconnects between a large number of peers.
The primary focus is on the requirements applicable to the boundaries
of layer-5 SIP networks: SIP UA or end-device requirements are
considered out of scope.
It is also not the goal of this document to mandate any particular
use of any IETF protocols to establish session peering by users or
service providers. However, when protocol mechanisms are used, the
document aims at providing guidelines or best current practices on
how they should be implemented, or configured and enabled in order to
facilitate session peering.
Editor's Notes: Finally, a list of parameters for the definition of a session peering
policy is provided in an informative annex. It should be considered
as an example of the information a Voice Service Provider, or
Application Service Provider may require in order to connect to
another using SIP.
o this section will capture the general requirements per wg 2. Terminology
consensus.
o Some requirements SHOULD make use of key words per RFC 2119 In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are to be interpreted as described in RFC 2119
[RFC2119]. [RFC2119].
o Most of the requirements contained in this version of the draft This specification makes use of terms defined in
are derived from draft-ietf-speermint-reqs-and-terminology-01.txt. [I-D.ietf-speermint-terminology], the Session Description Protocol
(SDP) [RFC4566] and the Session Initiation Protocol (SIP) [RFC3261].
o Some requirements apply to entities performing session peering We also use the terms Voice Service Provider (VSP) and Application
while others apply to end-systems. Some statements seem to be Service Provider (ASP) as defined in [I-D.ietf-ecrit-requirements].
"design goals" for the working group to consider when discussing
solutions.
2.1. Unified solution for session peering policies
Policies developed in the context of the SPEERMINT working group
SHOULD be extensible and flexible enough to cover existing and future
peering policies. These start by a closed system which accepts only
incoming calls from selected peers (i.e. a set of bilateral peerings)
and include the model of membership in a number of peering fabrics or
carrier clubs. The case of an open SIP proxy should be covered as a
special case as well.
2.2. Domain Based
Although the initial call routing may be based on E.164 numbers, a 3. General Requirements
generic peering methodology should not rely on such numbers. Rather,
call routing should rely on URIs. We assume that all SIP URIs with
the same domain-part share the same set of peering policies, thus the
domain of the SIP URI may be used as the primary key to any
information regarding the reachability of that SIP URI.
2.3. No blocked calls The following section defines general guidelines and requirements
applicable to session peering for multimedia sessions.
An originating service provider must be able to determine whether a o Session peering should be independent of lower layers. The
SIP URI is open for direct interconnection without actually sending a mechanisms used to establish session peering SHOULD accommodate
SIP INVITE. This is important as unsuccessful call attempts are diverse supporting lower layers.
highly undesirable since they can introduce high delays due to
timeouts and can act as an unintended denial of service attack.
(e.g., by repeated TLS handshakes).
2.4. Scaling Motivations:
Session peering is about layer 5 mechanisms. It should not matter
whether lower layers rely on the public Internet or are
implemented by private L3 connectivity, using firewalls or L2/L3
Virtual Private Networks (VPNs), IPSec tunnels or Transport Layer
Security (TLS) connections [RFC3546]...
The maintenance of the system needs to scale beyond simple lists of o Session Peering Policies and Extensibility:
peering partners. In particular, it must incorporate aggregation Policies developed for session peering SHOULD be flexible and
mechanisms which avoid O(n^2) scaling (where n is the number of extensible to cover existing and future session peering models.
participating service providers). Per-service provider opt-in It is also RECOMMENDED that policies be published via local
without consultation of a centralized 'peering registry', but rather configuration choices in a distributed system like DNS rather than
by publishing local configuration choices only is highly desirable. in a centralized system like a 'peering registry'.
The distributed management of the DNS is a good example for the In the context of session peering, a policy is defined as the set
scalability of this approach. of parameters and other information needed by one VSP/ASP to
connect to another. Some of the session policy parameters may be
statically exchanged and set throughout the lifetime of the
peering relationship. Others parameters may be discovered and
updated dynamically using by some explicit protocol mechanisms.
These dynamic parameters may also relate to a VSP/ASP's session-
dependent or session independent policies as defined in
[I-D.ietf-sipping-session-policy-framework].
2.5. Independence of lower layers Motivations:
It is critical that the solutions be flexible and extensible given
the various emerging models: layer 5 peering may involve open
federations of SIP proxies, or closed environments with systems
that only accept incoming calls from selected peers based on a set
of bilateral trust relationships. Federations may also be based
on memberships in peering fabrics or voice service provider clubs,
etc. Session peering may be direct or indirect.
The maintenance of the "system" should scale beyond simple lists
of peering partners. In particular, it must incorporate
aggregation mechanisms which avoid O(n^2) scaling (where n is the
number of participating peers). The distributed management of the
DNS is a good example for the scalability of this approach.
The system needs to be independent of details on what technologies o Administrative and Technical Policies:
are used route the call and which are used to ensure that only Various types of policy information may need to be discovered or
approved peering partner actually connect to the destination SIP exchanged in order to establish session peering. At a minimum, a
proxy. It should not matter whether restrictions are implemented by policy SHOULD specify information related to call addressing data
private L3 connectivity ("walled gardens"), firewalls, TLS policies in order to avoid session establishment failures. A policy MAY
or SIP proxy configuration. also include information related to QoS, billing and accounting,
layer-3 related interconnect requirements which are out of the
scope of this document.
2.6. Administrative and technical policies Motivations:
The reasons for declining or accepting incoming calls from a
prospective peering partner can be both administrative
(contractual, legal, commercial, or business decisions) and
technical (certain QoS parameters, TLS keys, domain keys, ...).
The objectives are to provide a baseline framework to define,
publish and optionally retrieve policy information so that a
session establishment does not need to be attempted to know that
imcompatible policy parameters will cause the session to fail
(this was originally referred to as "no blocked calls").
The reasons for declining vs. accepting incoming calls from a o URIs and Domain-Based Peering Context:
prospective peering partner can be both administrative (contractual, Call Addressing Data SHOULD rely on URIs (Uniform Resource
legal, commercial, or business decisions) and technical (certain QoS Identifiers, RFC 3986 [RFC3986]) for call routing and SIP URIs
parameters, TLS keys, domain keys, ...). Methodologies developed by SHOULD be preferred over tel URIs (RFC 3966 [RFC3966]). Although
the SPEERMINT working group should accommodate all policies. the initial call addressing data may be based on E.164 numbers for
voice interconnects, a generic peering methodology SHOULD NOT rely
on such E.164 numbers.
2.7. Minimal additional cost on call initiation Motivations:
Telephone numbers commonly appear in the username portion of a SIP
URI. When telephone numbers are in tel URIs, SIP requests cannot
be routed in accordance with the traditional DNS resolution
procedures standardized for SIP as indicated in RFC 3824
[RFC3824]. Furthermore, we assume that all SIP URIs with the same
domain-part share the same set of peering policies, thus the
domain of the SIP URI may be used as the primary key to any
information regarding the reachability of that SIP URI.
Since each call setup implies execution of any proposed algorithm, it o URI Reachability and Minimal additional cost on call initiation:
should incur minimal overhead and delay, and employ caching wherever Based on a well-known URI (for e.g. sip, pres, or im URIs), it
possible to avoid extra protocol round trips. MUST be possible to determine whether the domain servicing the URI
(VSP/ASP) allows for session peering, and if it does, it SHOULD be
possible to locate and retrieve the domain's policy and signaling
functions. For example, an originating service provider must be
able to determine whether a SIP URI is open for direct
interconnection without requiring to initiate a SIP request.
Furthermore, since each call setup implies the execution of any
proposed algorithm, the establishment of a SIP session via peering
SHOULD incur minimal overhead and delay, and employ caching
wherever possible to avoid extra protocol round trips.
2.8. Look beyond SIP Motivations:
This requirement is important as unsuccessful call attempts are
highly undesirable since they can introduce high delays due to
timeouts and can act as an unintended denial of service attack
(e.g., by repeated TLS handshakes). There should be a high
probability of successful call completion for policy-conforming
peers.
The problem of selective peering is not limited to SIP-based o Variability of the Call Address Data:
communication. Other protocols may benefit from a generic framework A terminating VSP/ASP or user SHOULD be able to indicate its
as well, such as SMTP mail. Any solutions proposed by the SPEERMINT domain ingress points (Signaling Path Border Element(s)) based on
working group must be generic enough to encompass other protocols as the identity of the originating VSP/ASP or user.
well. The mechanisms recommended for the use and resolution of the call
addressing data SHOULD allow for variability or customization of
the response(s) depending on various elements, such as the
identity of the originating or terminating user or user domain.
3. Requirements for SIP-based VoIP Interconnection 4. Requirements for SIP-based VoIP Interconnection
This section defines some requirements for SIP-based VoIP This section defines some requirements for SIP-based VoIP
Interconnection. It should be considered as the minimal set of Interconnection. It should be considered as the minimal set of
recommendations or requirements to be met to perform SIP VoIP requirements to be implemented to perform SIP VoIP interconnects.
interconnects.
3.1. DNS, Call Routing Data (CRD) and ENUM 4.1. DNS, Call Addressing Data (CAD) and ENUM
Call Routing Data can be derived from ENUM or other mechanism Call Addressing Data can be derived from various mechanisms available
available to the user. While the SPEERMINT Working Group is focused to the user, such as ENUM when the input is a telephone number, or
on the use of CRD, a number of recommendations are captured here. other DNS queries using SRV and NAPTR resource records when the entry
is a SIP URI for example. The SPEERMINT Working Group is focused on
the use of CAD.
Editor's Note: The following requirements are best current practices for VoIP
After reviewing the mailing list threads, it seems that some folks session peering:
suggest some pointers to ENUM. Do any requirements belong here
because they would 'facilitate' the VoIP interconnects?
o SIP URIs SHOULD be preferred when establishing a SIP session. o SIP URIs SHOULD be preferred over tel URIs when establishing a SIP
session for voice interconnects.
o The recommendations defined in [RFC3824] SHOULD be followed for o The recommendations defined in [RFC3824] SHOULD be followed by
using E.164 numbers with SIP. implementers when using E.164 numbers with SIP, and by authors of
NAPTR records for ENUM for records with an 'E2U+sip' service
field. Other ENUM implementation issues and experiences are
described in [I-D.ietf-enum-experiences] that may be relevant for
VoIP interconnects using ENUM.
o The use of DNS domain names and hostnames is RECOMMENDED in SIP o The use of DNS domain names and hostnames is RECOMMENDED in SIP
URIs and they MUST be resolvable on the public Internet. URIs and they MUST be resolvable on the public Internet.
o The DNS procedures specified in [RFC3263] SHOULD be followed to o The DNS procedures specified in [RFC3263] SHOULD be followed to
resolve a SIP URI into a reachable host (IP address and port), and resolve a SIP URI into a reachable host (IP address and port), and
transport protocol. Note that RFC 3263 relies on DNS SRV transport protocol. Note that RFC 3263 relies on DNS SRV
[RFC2782] and NAPTR Resource Records [RFC2915]. [RFC2782] and NAPTR Resource Records [RFC2915].
o Editor's Note: 4.2. Minimum set of SIP-SDP-related requirements
For BCP and for the sake of discussions, some service providers or
enterprises skip the dynamic determination of the transport
protocol in 3263 (this is very often statically configured and it
is viewed as costly to do on a per URI basis) and they only use
SRV RRs for finding the target.
The implications of RFC3263 are NAPTR and SRV RRs must be
supported on the DNS clients of the systems facing the session
peering interconnect points: should we make these types of
requirements more visible in this document as attempted above?
o Editor's Note:
While the use of User or Carrier ENUM to resolve an E.164 address
into a set of URIs is generally considered out of scope of
SPEERMINT and this document, should this section contain a few
recommendations like the use of RFC 3824 per the aboce, or the
Enumservice types that SHOULD be supported and requested when
doing lookups for SIP-based VoIP interconnect as a few email
exchanges have shown? for e.g. E2U+sip per RFC 3764? what about
recommendations w.r.t. RFC 4415 and the handling or use of "E2U+
voice:tel" or does the above suffice?
3.2. Minimum set of SIP-SDP-related requirements
The following are session-related requirements for establishing SIP The main objective of VoIP interconnects being the establishment of
sessions for VoIP interconnections: successful SIP calls between peer VSPs/ASPs, this section provides a
minimum set of SIP-related requirements.
o The Core SIP Specifications as defined in [RFC3261] and o The Core SIP Specifications as defined in [RFC3261] and
[SIP-GUIDE] MUST be supported by any SIP implementations involved [I-D.ietf-sip-hitchhikers-guide] MUST be supported by Signaling
in SPEERMINT session peering. Path Border Elements and any other SIP implementations involved in
session peering.
o In addition, the following RFCs MUST be supported: the Session Justifications:
Description Protocol (SDP) [RFC2327], and the Offer/Answer The specifications contained in the Core SIP group provide the
mechanism with SDP [RFC3264]. fundamental and basic mechanisms required to enable VoIP
interconnects. This includes: the SIP protocol for session
establishment and its updates such as RFC 3853 and RFC 4320, SDP
[RFC4566] and its Offer/Answer model [RFC3264] for VoIP media
session descriptions and codec negotiations, SIP Asserted Identity
for caller ID services, and various other extensions to support
NAT traversal, etc.
o The following RFCs SHOULD be supported: Reliability of Provisional o The following RFCs SHOULD be supported: Reliability of Provisional
Responses in SIP - PRACK [RFC3262], the SIP UPDATE method (for Responses in SIP - PRACK [RFC3262], the SIP UPDATE method (for
e.g. for codec changes during a session) [RFC3311], the Reason e.g. for codec changes during a session) [RFC3311], the Reason
header field [RFC3326]. header field [RFC3326].
The recommendations contained in RFC 3261 regarding the use of the In the context of session peering where peers desire to maximize the
Supported and Require headers MUST be followed: any SIP entity chances of successful call establishment, the recommendations
involved in session peering SHOULD include the supported SIP contained in RFC 3261 regarding the use of the Supported and Require
extensions in the Supported header and the use of the Require header headers MUST be followed. Signaling Path Border Elements SHOULD
must be flexbile to maximize interoperability. include the supported SIP extensions in the Supported header and the
use of the Require header must be configurable on a per target domain
basis in order to match a network peer policy and to maximize
interoperability.
3.3. Media-related requirements 4.3. Media-related Requirements
The minimum requirements to allow a successful VoIP interconnection VSPs engaged in session peering SHOULD support of compatible codecs
include: and include media-related parameters in their domain's policy.
Transcoding SHOULD be avoided by proposing commonly agreed codecs.
o the mandatory support of RTP *and* RTCP as defined in [RFC3550], Motivations: The media capabilities of a VSP's network are either a
property of the SIP end-devices, or, a combination of the property of
end-devices and Data Path Border Elements that may provide media
transcoding. The choice of one or more common codecs for VoIP
sessions between VSPs is therefore outside the scope of speermint.
Indeed, as stated in introduction, requirements applicable to end-
devices of a VSP are considered out of scope. A list of media-
related policy parameters are provided in the informative Section 5.
o the support of compatible codecs between communication peers, the 4.4. Security Requirements
G.711 MUST be supported, the IETF iLBC [RFC3951] codec and its RTP
payload format [RFC3952] SHOULD be supported.
o the support of the VoIP metric block as defined in RTP Control 4.4.1. Security in today's VoIP networks
Protocol Extended Reports [RFC3611] MAY be supported.
Editor's Notes: In today's VoIP deployments, various approaches exist to secure
exchanges between VSPs/ASPs. Signaling and media security are the
two primary topics for consideration in most deployments. A number
of transport-layer and network-layer mechanisms are widely used by
some categories of VSPs: TLS in the enterprise networks for
applications such as VoIP and secure Instant Messaging, IPSec and
L2/L3 VPNs in some VSP networks where there is a desire to secure all
signaling and media traffic at or below the IP layer. Media level
security is not widely deployed for RTP, even though it is in use in
few deployments where the privacy of voice communications is
critical.
A detailed security threat analysis of session peering exchanges
should provide more guidance on what scalable and efficient methods
should be used to help mitigate the the main security risks in large-
scale session peering.
o Should the minimum set of requirements for VoIP interconnect A recent IETF BoF at IETF 66 (rtpsec) was organized to analyze SIP
include any media-related requirements at all? requirements for SRTP keying; a number of security requirements for
VoIP were discussed. A few Internet-Drafts have since been released
and focus on media security requirements for SIP sessions
([I-D.ietf-wing-media-security-requirements]). Some of these
scenarios may be applicable to interdomain VSP/ASP session peering or
they may be augmented in the future by interdomain scenarios.
o The speerming charter defines "VoIP" as in voice calls. Does 4.4.2. TLS Considerations for session peering
voice communication mean audio only or more? audio, DTMF tones,
real-time fax, voiceband data?
3.4. Security requirements The remaining of Section 4 covers some details on how TLS could be
deployed and used between 2 VSPs/ASPs to secure SIP exchanges. The
intent is to capture what two VSPs/ASPs should discuss and agree on
in order to establish TLS connections for SIP session peering.
All SIP messages MUST be sent over TLS [RFC3546] to provide 1. Peers SHOULD agree on one or more Certificate Authorities
transport-layer security as defined in RFC 3261, at a minimum to (CAs) to trust for securing session peering exchanges.
provide message authentication and based on the mechanisms defined in Motivations:
SIP Identity [SIP-IDENTITY]to identify the peer originating SIP A VSP/ASP should have control over which root CA it trusts for SIP
messages. communications. This may imply creating a certificate trust list
and including the peer's CA for each authorized domain. This
requirement allows for the initiating side to verify that the
server certificate chains up to a trusted root CA. This also
means that SIP servers SHOULD allow the configuration of a
certificate trust list in order to allow a VSP/ASP to control
which peer's CAs are trusted for TLS connections. Note that these
considerations seem to be around two themes: one is trusting a
root, the other is trusting intermediate CAs.
Editor's Note: 2. Peers SHOULD indicate whether their domain policies require
RTP media sessions SHOULD also make use of secure RTP - For Futher proxy servers to inspect and verify the identity provided in SIP
Study. requests as defined in [RFC4474].
4. Open Questions 3. SIP servers involved in the secure session establishment over
TLS MUST have valid X.509 certificates and MUST be able to receive
a TLS connection on a well-known port.
This section documents some of the open questions not resolved yet on 4. The following TLS/SIP Protocol parameters SHOULD be agreed
the wg mailing list. upon as part of session peering policies: the version of TLS
supported by Signaling Border Elements (TLSv1, TLSv1.1), the SIP
TLS port (default 5061), the server-side session timeout (default
300 seconds), the list of supported or recommended ciphersuites,
and the list of trusted root CAs.
5. Acknowledgments 5. SIP servers involved in the session establishment over TLS
MUST verify and validate the client certificates: the client
certificate MUST contain a DNS or URI choice type in the
subjectAltName which corresponds to the domain asserted in the
host portion of the URI contained in the From header. It is also
recommended that VSPs/ASPs convey the domain identity in the
certificates using both a canonical name of the SIP server(s) and
the SIP URI for the domain as described in section 4 of
[I-D.gurbani-sip-domain-certs]. On the client side, it is also
critical for the TLS client to authenticate the server as defined
in [RFC3261] and in section 9 of draft-ietf-sip-certs-01.txt.
This document is based on the input and contributions made by a large 6. A session peering policy SHOULD include details on SIP session
number of people in SPEERMINT , including: Scott Brim, Mike Hammer, establishment over TLS if TLS is supported.
Richard Shocky, Henry Sinnreich, Richard Stastny, Patrik Faltstrom,
Otmar Lendl, Dave Meyer, Jason Livingood, Bob Natale and Brian Rosen.
6. Security Considerations 5. Annex A - List of Policy Parameters for VoIP Interconnections
This requirement document itself introduces no new protocol This informative annex lists the various types of parameters that
mechanisms, and as such, no new security considerations. A number of should be considered when discussing the technical aspects of a VoIP
security requirements are described in a separate section. Peering policy .
7. References 5.1. Categories of parameters and Justifications
7.1. Normative References It is intended as an initial list of topics that should be addressed
by peers when establishing a VoIP peering relationship.
o IP Network Connectivity:
It is assumed that IP network connectivity exists between peers.
While this is out of scope of session peering, VSPs must agree
upon a common mechanism for IP transport of Layer 5 session
signaling and media. This may be accomplish via private (e.g.
IPVPN, IPSEC, etc.) or public IP networks.
o Media-related Parameters:
* Media Codecs: list of supported media codecs for audio, real-
time fax (version of T.38, if applicable), real-time text (RFC
4103), DTMF transport, voice band data communications (as
applicable) along with the supported or recommended codec
packetization rates, level of RTP paylod redundancy, audio
volume levels, etc.
* Media Transport: level of support for RTP-RTCP [RFC3550], RTP
Redundancy (RTP Payload for Redundant Audio Data - [RFC2198]) ,
T.38 transport over RTP, etc.
* Other: support of the VoIP metric block as defined in RTP
Control Protocol Extended Reports [RFC3611] , etc.
o SIP:
* A session peering policy SHOULD include the list of supported
and required SIP RFCs, supported and required SIP methods
(including p headers if applicable), error response codes,
supported or recommended format of some header field values ,
etc.
* It should also be possible to describe the list of supported
SIP RFCs by various functional groupings. A group of SIP RFCs
may represent how a call feature is implemented (call hold,
transfer, conferencing, etc.), or it may indicate a functional
grouping as in [I-D.ietf-sip-hitchhikers-guide].
o Accounting:
Call accounting may be required for tracking session usage on a
peer's network. It is critical for peers to determine whether the
support of any SIP extensions for accounting is a pre-requisite
for SIP interoperability. In some cases, call accounting may feed
data for billing purposes but not always: some operators may
decide to use accounting as a 'bill and keep' model to track
session usage and monitor usage against service level agreements.
[RFC3702] defines the terminology and basic requirements for
accounting of SIP sessions. A few private SIP extensions have
also been defined and used over the years to enable call
accounting between VSP domains such as the P-Charging* headers in
[RFC3455], the P-DCS-Billing-Info header in [RFC3603], etc.
o Performance Metrics:
Layer-5 performance metrics should be defined and shared between
peers. The performance metrics apply directly to signaling or
media; they may be used pro-actively to help avoid congestion,
call quality issues or call signaling failures, and as part of
monitoring techniques, they can be used to evaluate the
performance of peering exchanges.
Examples of SIP performance metrics include the maximum number of
SIP transactions per second on per domain basis, Session
Completion Rate (SCR), Session Establishment Rate (SER), etc.
Some SIP end-to-end performance metrics are defined in
[I-D.Malas-sip-performance]; a subset of these may be applicable
to session peering and interconnects.
Some media-related metrics for monitoring VoIP calls have been
defined in the VoIP Metrics Report Block, in Section 4.7 of
[RFC3611].
o Security:
A VSP/ASP SHOULD describe the security requirements that other
peers must meet in order to terminate calls to its network. While
such a list of security-related policy parameters often depends on
the security models pre-agreed to by peers, it is expected that
these parameters will be discoverable or signaled in the future to
allow session peering outside VSP clubs. The list of security
parameters may be long and composed of high-level requirements
(e.g. authentication, privacy, secure transport) and low level
protocol configuration elements like TLS parameters.
The following list is not intended to be complete, it provides a
preliminary list in the form of examples:
* Call admission requirements: for some providers, sessions can
only be admitted if certain criteria are met. For example, for
some providers' networks, only incoming SIP sessions signaled
over established IPSec tunnels or presented to the well-known
TLS ports are admitted. Other call admission requirements may
be related to some performance metrics as descrived above.
Finally, it is possible that some requiremetns be imposed on
lower layers, but these are considered out of scope of session
peering.
* Call authorization requirements and validation: the presence of
a caller or user identity MAY be required by a VSP/ASP.
Indeed, some VSPs/ASPs may further authorize an incoming
session request by validating the caller's identity against
white/black lists maintained by the service provider or users
(traditional caller ID screening applications or IM white
list).
* Privacy requirements: a VSP/ASP MAY demand that its SIP
messages be securely transported by its peers for privacy
reasons so that the calling/called party information be
protected. Media sessions may also require privacy and some
ASP/VSP policies may include requirements on the use of secure
media transport protocols such as sRTP, along with some
contraints on the minimum authentication/encryption options for
use in sRTP.
* Network-layer security parameters: this covers how IPSec
security associated may be established, the IPSec key exchange
mechanisms to be used and any keying materials, the lifetime of
timed Security Associated if applicable, etc.
* Transport-layer security parameters: this covers how TLS
connections should be established as described in Section 4.4.2
5.2. Summary of Parameters for Consideration in Session Peering
Policies
The following is a summary of the parameters mentioned in the
previous section. They may be part of a session peering policy and
appear with a level of requirement (mandatory, recommended,
supported, ...).
o IP Network Connectivity (assumed, requirements out of scope of
this document)
o Media session parameters:
* Codecs for audio, video, real time text, instant messaging
media sessions
* Modes of communications for audio (voice, fax, DTMF), IM (page
mode, MSRP)
* Media transport and means to establish secure media sessions
o SIP
* SIP RFCs, methods and error responses
* headers and header values
* possibly, list of SIP RFCs supported by groups (e.g. by call
feature)
o Accounting
o Performance Metrics: SIP signaling performance metrics; media-
level VoIP metrics.
o Security: Call admission control, call authorization, network and
transport layer security parameters, media security parameters
6. Acknowledgments
This document is a work-in-progress and it is based on the input and
contributions made by a large number of people in the SPEERMINT
working group, including: Scott Brim, Mike Hammer, Richard Shocky,
Henry Sinnreich, Richard Stastny, Patrik Faltstrom, Otmar Lendl,
Daryl Malas, Dave Meyer, Jason Livingood, Bob Natale, Brian Rosen,
Eric Rosenfeld and Adam Uzelac.
7. Security Considerations
Securing session peering communications involves numerous protocol
exchanges, first and foremost, the securing of SIP signaling and
media sessions. The security considerations contained in RF 3261,
RFC 4474 are applicable to the SIP protocol exchanges. A number of
security considerations are also described in Section 4.4 for VoIP
Interconnects.
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2327] Handley, M. and V. Jacobson, "SDP: Session Description 8.2. Informative References
Protocol", RFC 2327, April 1998.
[I-D.Malas-sip-performance]
Malas, D., "SIP End-to-End Performance Metrics",
September 2006.
[I-D.gurbani-sip-domain-certs]
Gurbani, V., Jeffrey, A., and S. Lawrence, "Domain
Certificates in the Session Initiation Protocol (SIP)",
draft-gurbani-sip-domain-certs-03 (work in progress),
August 2006.
[I-D.ietf-ecrit-requirements]
Schulzrinne, H. and R. Marshall, "Requirements for
Emergency Context Resolution with Internet Technologies",
August 2006.
[I-D.ietf-enum-experiences]
Conroy, L. and K. Fujiwara, "ENUM Implementation Issues
and Experiences", June 2006.
[I-D.ietf-sip-hitchhikers-guide]
Rosenberg, J., "A Hitchhikers Guide to the Session
Initiation Protocol (SIP)", October 2006.
[I-D.ietf-sipping-session-policy-framework]
Hilt, V., "A Framework for Session Initiation Protocol
(SIP) Session Policies",
draft-ietf-sipping-session-policy-framework-01 (work in
progress), June 2006.
[I-D.ietf-speermint-terminology]
Meyer, R., "SPEERMINT Terminology", September 2006.
[I-D.ietf-wing-media-security-requirements]
Wing, D., Fries, S., and H. Tschofenig, "A Framework for
Session Initiation Protocol (SIP) Session Policies",
draft-wing-media-security-requirements-00 (work in
progress), October 2006.
[RFC2198] Perkins, C., Kouvelas, I., Hodson, O., Hardman, V.,
Handley, M., Bolot, J., Vega-Garcia, A., and S. Fosse-
Parisis, "RTP Payload for Redundant Audio Data", RFC 2198,
September 1997.
[RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
specifying the location of services (DNS SRV)", RFC 2782, specifying the location of services (DNS SRV)", RFC 2782,
February 2000. February 2000.
[RFC2915] Mealling, M. and R. Daniel, "The Naming Authority Pointer [RFC2915] Mealling, M. and R. Daniel, "The Naming Authority Pointer
(NAPTR) DNS Resource Record", RFC 2915, September 2000. (NAPTR) DNS Resource Record", RFC 2915, September 2000.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E. A., Peterson, J., Sparks, R., Handley, M., and E.
skipping to change at page 8, line 48 skipping to change at page 19, line 39
with Session Description Protocol (SDP)", RFC 3264, with Session Description Protocol (SDP)", RFC 3264,
June 2002. June 2002.
[RFC3311] Rosenberg, J., "The Session Initiation Protocol (SIP) [RFC3311] Rosenberg, J., "The Session Initiation Protocol (SIP)
UPDATE Method", RFC 3311, October 2002. UPDATE Method", RFC 3311, October 2002.
[RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, "The Reason [RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, "The Reason
Header Field for the Session Initiation Protocol (SIP)", Header Field for the Session Initiation Protocol (SIP)",
RFC 3326, December 2002. RFC 3326, December 2002.
[RFC3455] Garcia-Martin, M., Henrikson, E., and D. Mills, "Private
Header (P-Header) Extensions to the Session Initiation
Protocol (SIP) for the 3rd-Generation Partnership Project
(3GPP)", RFC 3455, January 2003.
[RFC3546] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., [RFC3546] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J.,
and T. Wright, "Transport Layer Security (TLS) and T. Wright, "Transport Layer Security (TLS)
Extensions", RFC 3546, June 2003. Extensions", RFC 3546, June 2003.
[RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, July 2003. Applications", STD 64, RFC 3550, July 2003.
[RFC3603] Marshall, W. and F. Andreasen, "Private Session Initiation
Protocol (SIP) Proxy-to-Proxy Extensions for Supporting
the PacketCable Distributed Call Signaling Architecture",
RFC 3603, October 2003.
[RFC3611] Friedman, T., Caceres, R., and A. Clark, "RTP Control [RFC3611] Friedman, T., Caceres, R., and A. Clark, "RTP Control
Protocol Extended Reports (RTCP XR)", RFC 3611, Protocol Extended Reports (RTCP XR)", RFC 3611,
November 2003. November 2003.
[RFC3702] Loughney, J. and G. Camarillo, "Authentication,
Authorization, and Accounting Requirements for the Session
Initiation Protocol (SIP)", RFC 3702, February 2004.
[RFC3824] Peterson, J., Liu, H., Yu, J., and B. Campbell, "Using [RFC3824] Peterson, J., Liu, H., Yu, J., and B. Campbell, "Using
E.164 numbers with the Session Initiation Protocol (SIP)", E.164 numbers with the Session Initiation Protocol (SIP)",
RFC 3824, June 2004. RFC 3824, June 2004.
[RFC3951] Andersen, S., Duric, A., Astrom, H., Hagen, R., Kleijn, [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
W., and J. Linden, "Internet Low Bit Rate Codec (iLBC)", RFC 3966, December 2004.
RFC 3951, December 2004.
[RFC3952] Duric, A. and S. Andersen, "Real-time Transport Protocol
(RTP) Payload Format for internet Low Bit Rate Codec
(iLBC) Speech", RFC 3952, December 2004.
7.2. Informative References
[SIP-GUIDE] [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Rosenberg, J., "A Hitchhikers Guide to the Session Resource Identifier (URI): Generic Syntax", STD 66,
Initiation Protocol (SIP)", February 2006. RFC 3986, January 2005.
[SIP-IDENTITY] [RFC4474] Peterson, J. and C. Jennings, "Enhancements for
Peterson, J. and C. Jennings, "A Hitchhikers Guide to the Authenticated Identity Management in the Session
Session Initiation Protocol (SIP)", October 2005. Initiation Protocol (SIP)", RFC 4474, August 2006.
[SPEERMINT-TERM] [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Meyer, R., "SPEERMINT Terminology", May 2006. Description Protocol", RFC 4566, July 2006.
Author's Address Author's Address
Jean-Francois Mule Jean-Francois Mule
CableLabs CableLabs
858 Coal Creek Circle 858 Coal Creek Circle
Louisville, CO 80027 Louisville, CO 80027
USA USA
Email: jfm@cablelabs.com Email: jf.mule@cablelabs.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
 End of changes. 64 change blocks. 
223 lines changed or deleted 539 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/