SPEERMINT Working Group J-F. Mule Internet-Draft CableLabs Expires:
December 21, 2006 June 19,April 26, 2007 October 23, 2006 SPEERMINT Requirements for SIP-based VoIP Interconnection draft-ietf-speermint-requirements-00.txtdraft-ietf-speermint-requirements-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on December 21, 2006.April 26, 2007. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This document describes high-level guidelines and general requirements for Session PEERing for Multimedia INTerconnect andINTerconnect. It also defines thea minimum set of requirements applicable to SIPsession peering for VoIPVoice over IP interconnects. In its current form, the documentIt is a first draftintended to become best current practices based on the SPEERMINT mailing list's discussions on requirements. The main objectives are to generate consensus on what categories of requirements should be covered, and to start more discussions onuse cases discussed in the technical protocol requirements that apply to VoIP interconnects.speermint working group. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. General Requirements . .Terminology . . . . . . . . . . . . . . . . . . . 3 2.1. Unified solution for session peering policies . . . . . . . 3 2.2. Domain Based . . . . . . . . . . . . . . . . .. . . . . . 4 2.3. No blocked calls . . . . . . . . . .3. General Requirements . . . . . . . . . . . 4 2.4. Scaling. . . . . . . . . . 5 4. Requirements for SIP-based VoIP Interconnection . . . . . . . 8 4.1. DNS, Call Addressing Data (CAD) and ENUM . . . . . . . . . 4 2.5. Independence8 4.2. Minimum set of lower layers . . . . . . . . . . . . . . . 4 2.6. Administrative and technical policiesSIP-SDP-related requirements . . . . . . . 8 4.3. Media-related Requirements . . . . 4 2.7. Minimal additional cost on call initiation. . . . . . . . 5 2.8. Look beyond SIP. . . . 9 4.4. Security Requirements . . . . . . . . . . . . . . . . . . 5 3. Requirements for SIP-based9 4.4.1. Security in today's VoIP Interconnectionnetworks . . . . . . . . 5 3.1. DNS, Call Routing Data (CRD) and ENUM .. . 9 4.4.2. TLS Considerations for session peering . . . . . . . . 5 3.2. Minimum set10 5. Annex A - List of SIP-SDP-related requirements . . . . . . . . 6 3.3. Media-related requirements . . . . . . . .Policy Parameters for VoIP Interconnections . . . . . . . . 6 3.4. Security requirements. . . . . . . . . . . . . . . 12 5.1. Categories of parameters and Justifications . . . . 7 4. Open Questions. . . 12 5.2. Summary of Parameters for Consideration in Session Peering Policies . . . . . . . . . . . . . . . . . . . . . 7 5.14 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 7 6.16 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 7.17 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7.1.18 8.1. Normative References . . . . . . . . . . . . . . . . . . . 8 7.2.18 8.2. Informative References . . . . . . . . . . . . . . . . . . 918 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 921 Intellectual Property and Copyright Statements . . . . . . . . . . 922 1. Introduction The Session PEERing for Multimedia INTerconnect (SPEERMINT) Working Group is chartered to focus on architectures to identify, signal, and route delay-sensitive communication sessions. These sessions use the SIP signalingSession Initiation Protocol (SIP) protocol to enable peering between two or more administrative domains over IP networks. This document describes high-level guidelines and general SPEERMINTrequirements for session peering and defines the minimum set ofpeering; these requirements are applicable to any type of multimedia session peering such as Voice over IP (VoIP), video telephony, and instant messaging. The document also defines a minimum set of requirements for SIP-based VoIP interconnection. A numbera sub-set of Editor's Notes have been inserted inthe text to seek specific comments on draft requirements.session peering use cases: VoIP interconnects. The reader should be familiarintent of this version of this document is to describe what mechanisms are used for establishing SIP session peering with the definitionsa special look at VoIP interconnects, and terms definedin doing so, it defines some of requirements associated with the SPEERMINT terminology draft [SPEERMINT-TERM]. 2. General Requirementssecure establishment of VoIP interconnects between a large number of peers. The following section defines generalprimary focus is on the requirements applicable to the "solution space". Editor's Notes: o this section will capture the general requirements per wg consensus. o Some requirements SHOULD make useboundaries of key words per RFC 2119 [RFC2119]. o Mostlayer-5 SIP networks: SIP UA or end-device requirements are considered out of scope. It is also not the requirements contained ingoal of this versiondocument to mandate any particular use of the draft are derived from draft-ietf-speermint-reqs-and-terminology-01.txt. o Some requirements applyany IETF protocols to entities performingestablish session peering while others apply to end-systems. Some statements seem to be "design goals" for the working group to considerby users or service providers. However, when discussing solutions. 2.1. Unified solution for session peering policies Policies developed in the context ofprotocol mechanisms are used, the SPEERMINT working group SHOULDdocument aims at providing guidelines or best current practices on how they should be extensibleimplemented, or configured and flexible enoughenabled in order to cover existing and future peering policies. These start by a closed system which accepts only incoming calls from selected peers (i.e.facilitate session peering. Finally, a setlist of bilateral peerings) and includeparameters for the modeldefinition of membership ina number ofsession peering fabrics or carrier clubs. The case ofpolicy is provided in an open SIP proxyinformative annex. It should be covered as a special caseconsidered as well. 2.2. Domain Based Althoughan example of the initial call routing may be based on E.164 numbers,information a generic peering methodologyVoice Service Provider, or Application Service Provider may require in order to connect to another using SIP. 2. Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in RFC 2119 [RFC2119]. This specification makes use of terms defined in [I-D.ietf-speermint-terminology], the Session Description Protocol (SDP) [RFC4566] and the Session Initiation Protocol (SIP) [RFC3261]. We also use the terms Voice Service Provider (VSP) and Application Service Provider (ASP) as defined in [I-D.ietf-ecrit-requirements]. 3. General Requirements The following section defines general guidelines and requirements applicable to session peering for multimedia sessions. o Session peering should not rely on such numbers. Rather, call routingbe independent of lower layers. The mechanisms used to establish session peering SHOULD accommodate diverse supporting lower layers. Motivations: Session peering is about layer 5 mechanisms. It should not matter whether lower layers rely on URIs. We assumethe public Internet or are implemented by private L3 connectivity, using firewalls or L2/L3 Virtual Private Networks (VPNs), IPSec tunnels or Transport Layer Security (TLS) connections [RFC3546]... o Session Peering Policies and Extensibility: Policies developed for session peering SHOULD be flexible and extensible to cover existing and future session peering models. It is also RECOMMENDED that all SIP URIs withpolicies be published via local configuration choices in a distributed system like DNS rather than in a centralized system like a 'peering registry'. In the same domain-part sharecontext of session peering, a policy is defined as the sameset of parameters and other information needed by one VSP/ASP to connect to another. Some of the session policy parameters may be statically exchanged and set throughout the lifetime of the peering policies, thusrelationship. Others parameters may be discovered and updated dynamically using by some explicit protocol mechanisms. These dynamic parameters may also relate to a VSP/ASP's session- dependent or session independent policies as defined in [I-D.ietf-sipping-session-policy-framework]. Motivations: It is critical that the domainsolutions be flexible and extensible given the various emerging models: layer 5 peering may involve open federations of SIP proxies, or closed environments with systems that only accept incoming calls from selected peers based on a set of bilateral trust relationships. Federations may also be based on memberships in peering fabrics or voice service provider clubs, etc. Session peering may be direct or indirect. The maintenance of the "system" should scale beyond simple lists of peering partners. In particular, it must incorporate aggregation mechanisms which avoid O(n^2) scaling (where n is the number of participating peers). The distributed management of the DNS is a good example for the scalability of this approach. o Administrative and Technical Policies: Various types of policy information may need to be discovered or exchanged in order to establish session peering. At a minimum, a policy SHOULD specify information related to call addressing data in order to avoid session establishment failures. A policy MAY also include information related to QoS, billing and accounting, layer-3 related interconnect requirements which are out of the scope of this document. Motivations: The reasons for declining or accepting incoming calls from a prospective peering partner can be both administrative (contractual, legal, commercial, or business decisions) and technical (certain QoS parameters, TLS keys, domain keys, ...). The objectives are to provide a baseline framework to define, publish and optionally retrieve policy information so that a session establishment does not need to be attempted to know that imcompatible policy parameters will cause the session to fail (this was originally referred to as "no blocked calls"). o URIs and Domain-Based Peering Context: Call Addressing Data SHOULD rely on URIs (Uniform Resource Identifiers, RFC 3986 [RFC3986]) for call routing and SIP URIs SHOULD be preferred over tel URIs (RFC 3966 [RFC3966]). Although the initial call addressing data may be based on E.164 numbers for voice interconnects, a generic peering methodology SHOULD NOT rely on such E.164 numbers. Motivations: Telephone numbers commonly appear in the username portion of a SIP URI. When telephone numbers are in tel URIs, SIP requests cannot be routed in accordance with the traditional DNS resolution procedures standardized for SIP as indicated in RFC 3824 [RFC3824]. Furthermore, we assume that all SIP URIs with the same domain-part share the same set of peering policies, thus the domain of the SIP URI may be used as the primary key to any information regarding the reachability of that SIP URI. o URI Reachability and Minimal additional cost on call initiation: Based on a well-known URI (for e.g. sip, pres, or im URIs), it MUST be possible to determine whether the domain servicing the URI (VSP/ASP) allows for session peering, and if it does, it SHOULD be possible to locate and retrieve the domain's policy and signaling functions. For example, an originating service provider must be able to determine whether a SIP URI is open for direct interconnection without requiring to initiate a SIP request. Furthermore, since each call setup implies the execution of any proposed algorithm, the establishment of a SIP session via peering SHOULD incur minimal overhead and delay, and employ caching wherever possible to avoid extra protocol round trips. Motivations: This requirement is important as unsuccessful call attempts are highly undesirable since they can introduce high delays due to timeouts and can act as an unintended denial of service attack (e.g., by repeated TLS handshakes). There should be a high probability of successful call completion for policy-conforming peers. o Variability of the Call Address Data: A terminating VSP/ASP or user SHOULD be able to indicate its domain ingress points (Signaling Path Border Element(s)) based on the identity of the originating VSP/ASP or user. The mechanisms recommended for the use and resolution of the call addressing data SHOULD allow for variability or customization of the response(s) depending on various elements, such as the identity of the originating or terminating user or user domain. 4. Requirements for SIP-based VoIP Interconnection This section defines some requirements for SIP-based VoIP Interconnection. It should be considered as the minimal set of requirements to be implemented to perform SIP VoIP interconnects. 4.1. DNS, Call Addressing Data (CAD) and ENUM Call Addressing Data can be derived from various mechanisms available to the user, such as ENUM when the input is a telephone number, or other DNS queries using SRV and NAPTR resource records when the entry is a SIP URI for example. The SPEERMINT Working Group is focused on the use of CAD. The following requirements are best current practices for VoIP session peering: o SIP URIs SHOULD be preferred over tel URIs when establishing a SIP session for voice interconnects. o The recommendations defined in [RFC3824] SHOULD be followed by implementers when using E.164 numbers with SIP, and by authors of NAPTR records for ENUM for records with an 'E2U+sip' service field. Other ENUM implementation issues and experiences are described in [I-D.ietf-enum-experiences] that may be relevant for VoIP interconnects using ENUM. o The use of DNS domain names and hostnames is RECOMMENDED in SIP URIs and they MUST be resolvable on the public Internet. o The DNS procedures specified in [RFC3263] SHOULD be followed to resolve a SIP URI into a reachable host (IP address and port), and transport protocol. Note that RFC 3263 relies on DNS SRV [RFC2782] and NAPTR Resource Records [RFC2915]. 4.2. Minimum set of SIP-SDP-related requirements The main objective of VoIP interconnects being the establishment of successful SIP calls between peer VSPs/ASPs, this section provides a minimum set of SIP-related requirements. o The Core SIP Specifications as defined in [RFC3261] and [I-D.ietf-sip-hitchhikers-guide] MUST be supported by Signaling Path Border Elements and any other SIP implementations involved in session peering. Justifications: The specifications contained in the Core SIP group provide the fundamental and basic mechanisms required to enable VoIP interconnects. This includes: the SIP protocol for session establishment and its updates such as RFC 3853 and RFC 4320, SDP [RFC4566] and its Offer/Answer model [RFC3264] for VoIP media session descriptions and codec negotiations, SIP Asserted Identity for caller ID services, and various other extensions to support NAT traversal, etc. o The following RFCs SHOULD be supported: Reliability of Provisional Responses in SIP - PRACK [RFC3262], the SIP UPDATE method (for e.g. for codec changes during a session) [RFC3311], the Reason header field [RFC3326]. In the context of session peering where peers desire to maximize the chances of successful call establishment, the recommendations contained in RFC 3261 regarding the use of the Supported and Require headers MUST be followed. Signaling Path Border Elements SHOULD include the supported SIP extensions in the Supported header and the use of the Require header must be configurable on a per target domain basis in order to match a network peer policy and to maximize interoperability. 4.3. Media-related Requirements VSPs engaged in session peering SHOULD support of compatible codecs and include media-related parameters in their domain's policy. Transcoding SHOULD be avoided by proposing commonly agreed codecs. Motivations: The media capabilities of a VSP's network are either a property of the SIP end-devices, or, a combination of the property of end-devices and Data Path Border Elements that may provide media transcoding. The choice of one or more common codecs for VoIP sessions between VSPs is therefore outside the scope of speermint. Indeed, as stated in introduction, requirements applicable to end- devices of a VSP are considered out of scope. A list of media- related policy parameters are provided in the informative Section 5. 4.4. Security Requirements 4.4.1. Security in today's VoIP networks In today's VoIP deployments, various approaches exist to secure exchanges between VSPs/ASPs. Signaling and media security are the two primary topics for consideration in most deployments. A number of transport-layer and network-layer mechanisms are widely used by some categories of VSPs: TLS in the enterprise networks for applications such as VoIP and secure Instant Messaging, IPSec and L2/L3 VPNs in some VSP networks where there is a desire to secure all signaling and media traffic at or below the IP layer. Media level security is not widely deployed for RTP, even though it is in use in few deployments where the privacy of voice communications is critical. A detailed security threat analysis of the SIP URI maysession peering exchanges should provide more guidance on what scalable and efficient methods should be used as the primary keyto any information regardinghelp mitigate the reachability of that SIP URI. 2.3. No blocked calls An originating service provider must be ablethe main security risks in large- scale session peering. A recent IETF BoF at IETF 66 (rtpsec) was organized to determine whether aanalyze SIP URI is openrequirements for direct interconnection without actually sendingSRTP keying; a SIP INVITE. This is important as unsuccessful call attempts are highly undesirablenumber of security requirements for VoIP were discussed. A few Internet-Drafts have since they can introduce high delays due to timeoutsbeen released and can act as an unintended denialfocus on media security requirements for SIP sessions ([I-D.ietf-wing-media-security-requirements]). Some of service attack. (e.g.,these scenarios may be applicable to interdomain VSP/ASP session peering or they may be augmented in the future by repeatedinterdomain scenarios. 4.4.2. TLS handshakes). 2.4. ScalingConsiderations for session peering The maintenanceremaining of the system needsSection 4 covers some details on how TLS could be deployed and used between 2 VSPs/ASPs to scale beyond simple lists ofsecure SIP exchanges. The intent is to capture what two VSPs/ASPs should discuss and agree on in order to establish TLS connections for SIP session peering. 1. Peers SHOULD agree on one or more Certificate Authorities (CAs) to trust for securing session peering partners. In particular, it must incorporate aggregation mechanismsexchanges. Motivations: A VSP/ASP should have control over which avoid O(n^2) scaling (where n is the number of participating service providers). Per-service provider opt-in without consultation ofroot CA it trusts for SIP communications. This may imply creating a centralized 'peering registry', but rather by publishing local configuration choices only is highly desirable. The distributed management ofcertificate trust list and including the DNS is a good examplepeer's CA for each authorized domain. This requirement allows for the scalability of this approach. 2.5. Independence of lower layers The system needsinitiating side to be independent of details on what technologies are used routeverify that the call andserver certificate chains up to a trusted root CA. This also means that SIP servers SHOULD allow the configuration of a certificate trust list in order to allow a VSP/ASP to control which peer's CAs are used to ensuretrusted for TLS connections. Note that only approved peering partner actually connectthese considerations seem to be around two themes: one is trusting a root, the destination SIP proxy. It should not matterother is trusting intermediate CAs. 2. Peers SHOULD indicate whether restrictions are implemented by private L3 connectivity ("walled gardens"), firewalls, TLStheir domain policies or SIPrequire proxy configuration. 2.6. Administrativeservers to inspect and technical policies The reasons for declining vs. accepting incoming calls fromverify the identity provided in SIP requests as defined in [RFC4474]. 3. SIP servers involved in the secure session establishment over TLS MUST have valid X.509 certificates and MUST be able to receive a prospective peering partner canTLS connection on a well-known port. 4. The following TLS/SIP Protocol parameters SHOULD be both administrative (contractual, legal, commercial, or business decisions) and technical (certain QoS parameters,agreed upon as part of session peering policies: the version of TLS keys, domain keys, ...). Methodologies developedsupported by Signaling Border Elements (TLSv1, TLSv1.1), the SPEERMINT working group should accommodate all policies. 2.7. Minimal additional cost on call initiation Since each call setup implies executionSIP TLS port (default 5061), the server-side session timeout (default 300 seconds), the list of any proposed algorithm, it should incur minimal overheadsupported or recommended ciphersuites, and delay,the list of trusted root CAs. 5. SIP servers involved in the session establishment over TLS MUST verify and employ caching wherever possiblevalidate the client certificates: the client certificate MUST contain a DNS or URI choice type in the subjectAltName which corresponds to avoid extra protocol round trips. 2.8. Look beyond SIP The problemthe domain asserted in the host portion of selective peeringthe URI contained in the From header. It is not limited to SIP-based communication. Other protocols may benefit fromalso recommended that VSPs/ASPs convey the domain identity in the certificates using both a generic framework as well, suchcanonical name of the SIP server(s) and the SIP URI for the domain as SMTP mail. Any solutions proposed bydescribed in section 4 of [I-D.gurbani-sip-domain-certs]. On the SPEERMINT working group must be generic enoughclient side, it is also critical for the TLS client to encompass other protocolsauthenticate the server as well. 3. Requirements for SIP-based VoIP Interconnection Thisdefined in [RFC3261] and in section defines some requirements9 of draft-ietf-sip-certs-01.txt. 6. A session peering policy SHOULD include details on SIP session establishment over TLS if TLS is supported. 5. Annex A - List of Policy Parameters for SIP-basedVoIP Interconnection. ItInterconnections This informative annex lists the various types of parameters that should be considered aswhen discussing the minimal settechnical aspects of recommendations or requirements to be met to perform SIPa VoIP interconnects. 3.1. DNS, Call Routing Data (CRD)Peering policy . 5.1. Categories of parameters and ENUM Call Routing Data can be derived from ENUM or other mechanism available to the user. While the SPEERMINT Working GroupJustifications It is focused on the use of CRD, a number of recommendations are captured here. Editor's Note: After reviewing the mailingintended as an initial list threads, it seemsof topics that some folks suggest some pointers to ENUM. Do any requirements belong here because they would 'facilitate' the VoIP interconnects? o SIP URIs SHOULDshould be preferredaddressed by peers when establishing a SIP session.VoIP peering relationship. o The recommendations defined in [RFC3824] SHOULD be followedIP Network Connectivity: It is assumed that IP network connectivity exists between peers. While this is out of scope of session peering, VSPs must agree upon a common mechanism for using E.164 numbers with SIP. o The useIP transport of DNS domain names and hostnames is RECOMMENDED in SIP URIsLayer 5 session signaling and they MUSTmedia. This may be resolvable on theaccomplish via private (e.g. IPVPN, IPSEC, etc.) or public Internet.IP networks. o The DNS procedures specified in [RFC3263] SHOULD be followed to resolve a SIP URI into a reachable host (IP address and port), andMedia-related Parameters: * Media Codecs: list of supported media codecs for audio, real- time fax (version of T.38, if applicable), real-time text (RFC 4103), DTMF transport, voice band data communications (as applicable) along with the supported or recommended codec packetization rates, level of RTP paylod redundancy, audio volume levels, etc. * Media Transport: level of support for RTP-RTCP [RFC3550], RTP Redundancy (RTP Payload for Redundant Audio Data - [RFC2198]) , T.38 transport protocol. Note that RFC 3263 relies on DNS SRV [RFC2782] and NAPTR Resource Records [RFC2915].over RTP, etc. * Other: support of the VoIP metric block as defined in RTP Control Protocol Extended Reports [RFC3611] , etc. o Editor's Note: For BCP and forSIP: * A session peering policy SHOULD include the sakelist of discussions, some service providerssupported and required SIP RFCs, supported and required SIP methods (including p headers if applicable), error response codes, supported or enterprises skip the dynamic determinationrecommended format of some header field values , etc. * It should also be possible to describe the transport protocol in 3263 (thislist of supported SIP RFCs by various functional groupings. A group of SIP RFCs may represent how a call feature is very often statically configured andimplemented (call hold, transfer, conferencing, etc.), or it is viewedmay indicate a functional grouping as costly to doin [I-D.ietf-sip-hitchhikers-guide]. o Accounting: Call accounting may be required for tracking session usage on a per URI basis) and they only use SRV RRspeer's network. It is critical for findingpeers to determine whether the target. The implicationssupport of RFC3263 are NAPTRany SIP extensions for accounting is a pre-requisite for SIP interoperability. In some cases, call accounting may feed data for billing purposes but not always: some operators may decide to use accounting as a 'bill and SRV RRs must be supported onkeep' model to track session usage and monitor usage against service level agreements. [RFC3702] defines the DNS clientsterminology and basic requirements for accounting of SIP sessions. A few private SIP extensions have also been defined and used over the systems facingyears to enable call accounting between VSP domains such as the session peering interconnect points: should we make these types of requirements more visibleP-Charging* headers in this document as attempted above? o Editor's Note: While[RFC3455], the use of User or Carrier ENUM to resolve an E.164 address into a set of URIs is generally considered out of scope of SPEERMINT and this document,P-DCS-Billing-Info header in [RFC3603], etc. o Performance Metrics: Layer-5 performance metrics should this section contain a few recommendations like the use of RFC 3824 per the aboce,be defined and shared between peers. The performance metrics apply directly to signaling or the Enumservice types that SHOULDmedia; they may be supportedused pro-actively to help avoid congestion, call quality issues or call signaling failures, and requested when doing lookups for SIP-based VoIP interconnectas a few email exchanges have shown? for e.g. E2U+sip per RFC 3764? what about recommendations w.r.t. RFC 4415 andpart of monitoring techniques, they can be used to evaluate the handling or useperformance of "E2U+ voice:tel" or doespeering exchanges. Examples of SIP performance metrics include the above suffice? 3.2. Minimum setmaximum number of SIP-SDP-related requirements The following are session-related requirements for establishingSIP sessions for VoIP interconnections: o The Coretransactions per second on per domain basis, Session Completion Rate (SCR), Session Establishment Rate (SER), etc. Some SIP Specifications asend-to-end performance metrics are defined in [RFC3261] and [SIP-GUIDE] MUST[I-D.Malas-sip-performance]; a subset of these may be supported by any SIP implementations involved in SPEERMINTapplicable to session peering. o In addition, the following RFCs MUST be supported: the Session Description Protocol (SDP) [RFC2327],peering and interconnects. Some media-related metrics for monitoring VoIP calls have been defined in the Offer/Answer mechanism with SDP [RFC3264].VoIP Metrics Report Block, in Section 4.7 of [RFC3611]. o The following RFCsSecurity: A VSP/ASP SHOULD be supported: Reliability of Provisional Responses in SIP - PRACK [RFC3262], the SIP UPDATE method (for e.g. for codec changes during a session) [RFC3311],describe the Reason header field [RFC3326]. The recommendations containedsecurity requirements that other peers must meet in RFC 3261 regarding the useorder to terminate calls to its network. While such a list of security-related policy parameters often depends on the Supported and Require headers MUSTsecurity models pre-agreed to by peers, it is expected that these parameters will be followed: any SIP entity involveddiscoverable or signaled in the future to allow session peering SHOULD include the supported SIP extensions in the Supported headeroutside VSP clubs. The list of security parameters may be long and the usecomposed of high-level requirements (e.g. authentication, privacy, secure transport) and low level protocol configuration elements like TLS parameters. The following list is not intended to be complete, it provides a preliminary list in the Require header mustform of examples: * Call admission requirements: for some providers, sessions can only be flexbileadmitted if certain criteria are met. For example, for some providers' networks, only incoming SIP sessions signaled over established IPSec tunnels or presented to maximize interoperability. 3.3. Media-relatedthe well-known TLS ports are admitted. Other call admission requirements The minimummay be related to some performance metrics as descrived above. Finally, it is possible that some requiremetns be imposed on lower layers, but these are considered out of scope of session peering. * Call authorization requirements to allow a successful VoIP interconnection include: oand validation: the mandatory supportpresence of RTP *and* RTCP as defined in [RFC3550], oa caller or user identity MAY be required by a VSP/ASP. Indeed, some VSPs/ASPs may further authorize an incoming session request by validating the support of compatible codecs between communication peers,caller's identity against white/black lists maintained by the G.711 MUSTservice provider or users (traditional caller ID screening applications or IM white list). * Privacy requirements: a VSP/ASP MAY demand that its SIP messages be supported, the IETF iLBC [RFC3951] codec andsecurely transported by its RTP payload format [RFC3952] SHOULDpeers for privacy reasons so that the calling/called party information be supported. oprotected. Media sessions may also require privacy and some ASP/VSP policies may include requirements on the supportuse of the VoIP metric blocksecure media transport protocols such as defined in RTP Control Protocol Extended Reports [RFC3611] MAY be supported. Editor's Notes: o ShouldsRTP, along with some contraints on the minimum set of requirementsauthentication/encryption options for VoIP interconnect include any media-related requirements at all? o The speerming charter defines "VoIP" asuse in voice calls. Does voice communication mean audio only or more? audio, DTMF tones, real-time fax, voiceband data? 3.4. Security requirements All SIP messages MUSTsRTP. * Network-layer security parameters: this covers how IPSec security associated may be sent over TLS [RFC3546]established, the IPSec key exchange mechanisms to provide transport-layerbe used and any keying materials, the lifetime of timed Security Associated if applicable, etc. * Transport-layer security parameters: this covers how TLS connections should be established as defineddescribed in RFC 3261, atSection 4.4.2 5.2. Summary of Parameters for Consideration in Session Peering Policies The following is a minimum to provide message authentication and based onsummary of the mechanisms definedparameters mentioned in SIP Identity [SIP-IDENTITY]to identifythe peer originating SIP messages. Editor's Note: RTPprevious section. They may be part of a session peering policy and appear with a level of requirement (mandatory, recommended, supported, ...). o IP Network Connectivity (assumed, requirements out of scope of this document) o Media session parameters: * Codecs for audio, video, real time text, instant messaging media sessions SHOULD also make use* Modes of communications for audio (voice, fax, DTMF), IM (page mode, MSRP) * Media transport and means to establish secure RTP - For Futher Study. 4. Open Questions This section documents somemedia sessions o SIP * SIP RFCs, methods and error responses * headers and header values * possibly, list of the open questions not resolved yet on the wg mailing list. 5.SIP RFCs supported by groups (e.g. by call feature) o Accounting o Performance Metrics: SIP signaling performance metrics; media- level VoIP metrics. o Security: Call admission control, call authorization, network and transport layer security parameters, media security parameters 6. Acknowledgments This document is a work-in-progress and it is based on the input and contributions made by a large number of people in the SPEERMINT ,working group, including: Scott Brim, Mike Hammer, Richard Shocky, Henry Sinnreich, Richard Stastny, Patrik Faltstrom, Otmar Lendl, Daryl Malas, Dave Meyer, Jason Livingood, Bob Natale andNatale, Brian Rosen. 6.Rosen, Eric Rosenfeld and Adam Uzelac. 7. Security Considerations This requirement document itself introduces no newSecuring session peering communications involves numerous protocol mechanisms,exchanges, first and as such, no newforemost, the securing of SIP signaling and media sessions. The security considerations.considerations contained in RF 3261, RFC 4474 are applicable to the SIP protocol exchanges. A number of security requirementsconsiderations are also described in a separate section. 7.Section 4.4 for VoIP Interconnects. 8. References 184.108.40.206. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2327] Handley, M.8.2. Informative References [I-D.Malas-sip-performance] Malas, D., "SIP End-to-End Performance Metrics", September 2006. [I-D.gurbani-sip-domain-certs] Gurbani, V., Jeffrey, A., and V. Jacobson, "SDP:S. Lawrence, "Domain Certificates in the Session Description Protocol",Initiation Protocol (SIP)", draft-gurbani-sip-domain-certs-03 (work in progress), August 2006. [I-D.ietf-ecrit-requirements] Schulzrinne, H. and R. Marshall, "Requirements for Emergency Context Resolution with Internet Technologies", August 2006. [I-D.ietf-enum-experiences] Conroy, L. and K. Fujiwara, "ENUM Implementation Issues and Experiences", June 2006. [I-D.ietf-sip-hitchhikers-guide] Rosenberg, J., "A Hitchhikers Guide to the Session Initiation Protocol (SIP)", October 2006. [I-D.ietf-sipping-session-policy-framework] Hilt, V., "A Framework for Session Initiation Protocol (SIP) Session Policies", draft-ietf-sipping-session-policy-framework-01 (work in progress), June 2006. [I-D.ietf-speermint-terminology] Meyer, R., "SPEERMINT Terminology", September 2006. [I-D.ietf-wing-media-security-requirements] Wing, D., Fries, S., and H. Tschofenig, "A Framework for Session Initiation Protocol (SIP) Session Policies", draft-wing-media-security-requirements-00 (work in progress), October 2006. [RFC2198] Perkins, C., Kouvelas, I., Hodson, O., Hardman, V., Handley, M., Bolot, J., Vega-Garcia, A., and S. Fosse- Parisis, "RTP Payload for Redundant Audio Data", RFC 2327, April 1998.2198, September 1997. [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2782, February 2000. [RFC2915] Mealling, M. and R. Daniel, "The Naming Authority Pointer (NAPTR) DNS Resource Record", RFC 2915, September 2000. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [RFC3262] Rosenberg, J. and H. Schulzrinne, "Reliability of Provisional Responses in Session Initiation Protocol (SIP)", RFC 3262, June 2002. [RFC3263] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol (SIP): Locating SIP Servers", RFC 3263, June 2002. [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with Session Description Protocol (SDP)", RFC 3264, June 2002. [RFC3311] Rosenberg, J., "The Session Initiation Protocol (SIP) UPDATE Method", RFC 3311, October 2002. [RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, "The Reason Header Field for the Session Initiation Protocol (SIP)", RFC 3326, December 2002. [RFC3455] Garcia-Martin, M., Henrikson, E., and D. Mills, "Private Header (P-Header) Extensions to the Session Initiation Protocol (SIP) for the 3rd-Generation Partnership Project (3GPP)", RFC 3455, January 2003. [RFC3546] Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", RFC 3546, June 2003. [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications", STD 64, RFC 3550, July 2003. [RFC3603] Marshall, W. and F. Andreasen, "Private Session Initiation Protocol (SIP) Proxy-to-Proxy Extensions for Supporting the PacketCable Distributed Call Signaling Architecture", RFC 3603, October 2003. [RFC3611] Friedman, T., Caceres, R., and A. Clark, "RTP Control Protocol Extended Reports (RTCP XR)", RFC 3611, November 2003. [RFC3702] Loughney, J. and G. Camarillo, "Authentication, Authorization, and Accounting Requirements for the Session Initiation Protocol (SIP)", RFC 3702, February 2004. [RFC3824] Peterson, J., Liu, H., Yu, J., and B. Campbell, "Using E.164 numbers with the Session Initiation Protocol (SIP)", RFC 3824, June 2004. [RFC3951] Andersen, S., Duric, A., Astrom,[RFC3966] Schulzrinne, H., Hagen, R., Kleijn, W., and J. Linden, "Internet Low Bit Rate Codec (iLBC)","The tel URI for Telephone Numbers", RFC 3951,3966, December 2004. [RFC3952] Duric, A.[RFC3986] Berners-Lee, T., Fielding, R., and S. Andersen, "Real-time Transport Protocol (RTP) Payload Format for internet Low Bit Rate Codec (iLBC) Speech",L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3952, December 2004. 7.2. Informative References [SIP-GUIDE] Rosenberg, J., "A Hitchhikers Guide to the Session Initiation Protocol (SIP)", February 2006. [SIP-IDENTITY]3986, January 2005. [RFC4474] Peterson, J. and C. Jennings, "A Hitchhikers Guide to"Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)", October 2005. [SPEERMINT-TERM] Meyer, R., "SPEERMINT Terminology", MayRFC 4474, August 2006. [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session Description Protocol", RFC 4566, July 2006. Author's Address Jean-Francois Mule CableLabs 858 Coal Creek Circle Louisville, CO 80027 USA Email: firstname.lastname@example.org@cablelabs.com Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at email@example.com. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society.