RFC 3265 bis: SIP Events Redux draft-roach-sipcore-3265bis-00 draft-ietf-sipcore-3265bis-00

Why? 2009 2001

Why? We’ve seen a lot of implementation over the past 8 years, and have a lot of experience around what has worked; what hasn’t; and what is ambiguous. These have been filed as bugs at bugs.sipit.net, and are identified by their bug numbers in this deck The original document made a number of unpleasant compromises to accommodate some shortcomings of the SIP protocol that have subsequently been addressed.

OPEN ISSUES

Bug 711: Allow-Events can't express template support RFC3265 is silent on how to express template support; for example, it is unclear whether a notifier that supports presence and winfo should advertise “Allow-Events: presence, winfo” or “Allow-Events: presence, presence.winfo”. The second syntax may become untenable once we define a second template package. (e.g. “Allow-Events: presence, reg, presence.winfo, reg.winfo, presence.winfo.foo, presence.foo, presence.foo.winfo, reg.winfo.foo, reg.foo.winfo, …”) What have people implemented?

Open Issue: Bug 711: Allow-Events can't express template support Option 1: List supported template packages, mixed in with regular event packages. Notifier policy would dictate which combination of packages and templates is allowed, but client can only discover policy by trying to subscribe Option 2: List combinatorial explosion of supported packages, as allowed by policy Option 3: Like option 1, but invent some clever means of communicating policy. (Any ideas how?)

Open Issue: 202: Is it useful? Because of HERFP, subscribers cannot rely on 202 meaning anything Notifiers are highly inconsistent in what they actually send Introduces unnecessary confusion for first-time implementors Should we just go ahead and remove it (i.e., always send a 200 response)?

Bug 696: Subscription State Machine Needs Clarification RFC3265 never formally defined a state machine for subscription lifetimes In particular, there was no guidance regarding how long a subscriber should wait for a NOTIFY message before it considers the subscription to have failed 3265bis proposes new state machine, with new Timer L (64 * T1) to supervise NOTIFY wait

Bug 696 Proposed Solution: Subscriber FSM

Bug 696 Proposed Solution: Notifier FSM

Open Issue: Timer L and Resubscribes Timer L is intended to supervise the establishment of the initial dialog, which is critical. However, without extensions, Notifier is still required to send “immediate” NOTIFY when a subscription refresh is received. If not NOTIFY is received, presumably something has gone wrong. However, things will clean up after subscription expiration even if we don’t set a timer for the NOTIFY But we’re seeing event packages that have subscription durations of days and/or weeks. Does it make sense to timer supervise this NOTIFY?

OTHER PROPOSED CHANGES

Bug 666: “Subscription-State: terminated” and “;expires=…” 3265 didn’t define semantics for expires parameter on “Subscription-State” header field for “terminated.” Probably because it’s a bit nonsensical. Added text: The "expires" parameter has no semantics for "terminated" -- notifiers SHOULD NOT include an "expires" parameter on a "Subscription-State" header field with a value of "terminated," and subscribers MUST ignore any such parameter, if present.

Bug 667: Reason code for poll not explicit RFC 3265 presumed that implementors could figure out that SUBSCRIBE with “Expires: 0” would imply a termination reason of “timeout.” Apparently, this assumed too much Added text to description of “timeout” reason: This reason code is also associated with polling of resource state, as detailed in Section 4.4.3

Bug 669: Not clear that notifier can shorten subscription to 0 seconds Added non-normative text to 4.2.2: The period of time for a subscription can be shortened to zero by the notifier. In other words, it is perfectly valid for a SUBSCRIBE with a non-zero expires to be answered with a NOTIFY that contains "Subscription-Status: terminated;reason=expired". This merely means that the notifier has shortened the subscription timeout to zero, and the subscription has expired instantaneously. The body may contain valid state, or it may contain a neutral state (see Section 5.4.7). Added normative text to 3.1.1: The notifier is explicitly allowed to shorten the duration to zero.

Bug 670: Handling of multiple subscriptions in a dialog Overall behavior for sharing state in dialogs was bolted on to both 3265 and 3261 at the 11th hour, and has some extreme ambiguities RFC 5057 informationally clarifies the issues raised by Bug 670, at least for error codes defined in 2007. 3265bis proposes to deprecate dialog sharing in favor of GRUU, eliminating Bug 670 issues.

Bug 671: Ambiguous use of term “Timeout” 3265 simply said to remove transactions “due to a timeout condition,” without clearly indicating transaction timeout. 3265bis clarifies the text: “If the NOTIFY request fails due to expiration of SIP Timer F (transaction timeout), the notifier SHOULD remove the subscription.”

Bug 672: “expires=” not mandatory in NOTIFY messages In RFC3265, there was no requirement to include “expires” parameter on the Event header field (the subscriber would presumably extract it from the SUBSCRIBE response) This means that actual subscription duration can be lost due to HERFP problem. 3265bis normatively requires an “expires” parameter: If the value of the "Subscription-State" header field is "active" or "pending", the notifier MUST also include in the "Subscription-State” header field an "expires" parameter which indicates the time remaining on the subscription.

Bug 673: 481 response to INVITE; impact on subscription? As before, deprecation of dialog sharing fixes this bug. For legacy interaction, RFC 5057 addresses proper behavior.

Bug 677: Matching of SUBSCRIBE to NOTIFY RFC 3265 matching algorithm (in 7.2.1) is actually wrong (should not apply to responses) Now clarifies that response handling is performed per 3261 rules

Bug 695: NOTIFY response at end of subscription not clear Implementors have often chosen to return spurious error code to final NOTIFY message 3265bis clarifies: A subscription is destroyed after a notifier sends a NOTIFY request with a "Subscription-State" of "terminated." The subscriber will generally answer such final requests with a "200 OK" response (unless a condition warranting an alternate response has arisen).

Bug 697: Unsubscription Behavior Insufficiently Specified 3265 not completely clear about state present in final NOTIFY message 4.1.2.4: Clients can cause a subscription to be terminated immediately by sending a SUBSCRIBE with an "Expires" header field set to '0'. Notifiers largely treat this the same way as any other subscription expiration: they send a NOTIFY message containing a "Subscription-State" of "terminated", with a reason code of "timeout." For consistency with state polling (see Section 4.4.3) and subscription refreshes, the notifier may choose to include resource state in this final NOTIFY. However, in some cases, including such state makes no sense. Under such circumstances, the notifier may choose to omit state information from the terminal NOTIFY message. 4.1.2.3: The final NOTIFY may or may not contain information about the state of the resource; subscribers need to be prepared to receive final NOTIFY messages both with and without state.

Bug 699: SUBSCRIBE and NOTIFY are target refresh refresh requests RFC 3265 does not mention whether SUBSCRIBE and NOTIFY are target refresh requests. The intention is that they are (and most implementations treat them as such). 3.1 and 3.2 now clearly state that both methods are target refresh requests.

Bug 722: Inconsistent reason phrase for 423 error code Changed to “Interval Too Brief” everywhere, to match RFC 3261.

Bug 741: Not clear when to include Allow-Events Argument was made on-list that it is superfluous to advertise the one-and-only event package supported by a notifier inside of a SUBSCRIBE dialog (because other party knows you support it already). Added non-normative text: “On the other hand, it doesn't necessarily make much sense to indicate supported events inside a NOTIFY-established dialog if the only event package supported is the one associated with that subscription.”

Bug 744: 500-class responses to NOTIFY should not kill subscription RFC 3265 says to kill the subscription if a NOTIFY receives a 500-class response. This is the wrong thing to do in a network-overload condition (and many other 500-class responses, too) RFC 5057 got this right. Instead of talking in generalities, 3265bis calls out specific response codes: “If the NOTIFY transaction fails due to the receipt of a 404, 405, 410, 416, 480-485, 489, 501, or 604 response to the NOTIFY, the notifier MUST remove the corresponding subscription. See [RFC5057] for further details and notes about the effect of error codes on dialogs and usages within dialog (such as subscriptions).”

Bug 752: Incorrect criteria for detection of forked requests Removed “CSeq” from list of criteria in section 5.4.9.

Bug 773: Reason code needs IANA registry Added new section 7.2, with initial reason codes: deactivated [RFC xxxx] probation [RFC xxxx] rejected [RFC xxxx] timeout [RFC xxxx] giveup [RFC xxxx] noresource [RFC xxxx] invariant [RFC xxxx] badfilter [RFC 4660]

Bug 774: Need new code for ending subscriptions to invariant resources Added new “invariant” reason code: invariant: The subscription has been terminated because the resource state is guaranteed not to change for the foreseeable future. This may be the case, for example, when subscribing to the location information of a fixed-location land-line telephone. When using this reason code, notifiers are advised to include a "retry-after" parameter with a large value (for example, 31536000 -- or one year) to prevent older, RFC 3265-compliant clients from periodically resubscribing. Clients SHOULD NOT attempt to resubscribe after receiving a reason code of "invariant," regardless of the presence of or value of a "retry-after" parameter.

Record-Route Handling Changed proxy handling of Record-Route; previously, “MUST Record-Route” applied to initial SUBSCRIBE, and initial NOTIFY. Now applies to initial SUBSCRIBE and all NOTIFY messages. This fixes certain corner-cases, and simplifies the behavior at proxies (never need to track dialog state just to determine whether to Record-Route).

Eliminate Implicit Subscriptions We thought this was a good idea at the time. The only IETF document that talks about implicit subscriptions is REFER, and we have regretted it ever since (cf. RFC4488). Widely misinterpreted by implementation community to mean “NOTIFY without SUBSCRIBE is always okay.” Removal simplifies specification overall, clarifies responsibilities of event packages.

Deprecate Dialog Re-Use See also solution to Bug 670 Moved dialog-re-use procedures into backwards-compatibility section Now, requires notifiers to implement GRUU so subscriptions can target specific devices Almost never a deployment burden, as notifiers in current networks tend to have publically addresses suitable for use as a “Self-Made GRUU”

Simplified Dialog Creation Previously, dialog was established by 200 response to SUBSCRIBE or by initial NOTIFY Source of constant confusion, occasional mismatch in view of dialog In 3265bis, only the NOTIFY establishes a dialog – never the SUBSCRIBE 200 response.

General Document Reorganization RFC 3265 was organized along method lines RFC 3265bis is organized along role lines (subscriber, notifier, proxy) New structure intended to be easier for implementors – relevant text for any one role is gathered together in one section instead of spread out.

Clarification of Event Package Sections Authors of event packages have occasionally been confused regarding what they specifically needed to define. Section 5 now clarifies: “Event package definitions contain sections addressing each of these issues, ideally in the same order and with the same titles as the following sections.”

Fixing CANCEL Handling RFC 3265 was ambivalent with regards to CANCEL handling. RFC 3265bis clarifies: Neither SUBSCRIBE nor NOTIFY messages can be canceled. If a UAS receives a CANCEL request that matches a known SUBSCRIBE or NOTIFY transaction, it MUST respond to the CANCEL request, but otherwise ignore it. In particular, the CANCEL request MUST NOT affect processing of the SUBSCRIBE or NOTIFY request in any way. UACs SHOULD NOT send CANCEL requests for SUBSCRIBE or NOTIFY transactions.

Removing State Agents No one understood the “State Agent” terminology. Many people got it quite precisely backwards. It’s not useful. It’s gone.