Collaboration in the Enterprise1 SIP and Beyond Henning Schulzrinne Department of Computer Science Columbia University Collaboration in the Enterprise February 10, 2005 (Leesburg, VA)

Collaboration in the Enterprise2 Overview SIP as the glue for collaboration Context-aware communications The need for standards in collaboration Interoperability & extensibility The future of standards-based collaboration: session mobility central-server conferences application sharing

Collaboration in the Enterprise3 (Early) Adulthood “fully developed and mature” Not quite yet, but no longer a teenager probably need another 6 years to be grown up… Responsibilities: Dealing with elderly relatives  POTS Financial issues  payments, RADIUS Family emergencies  911

Collaboration in the Enterprise4 Evolution of VoIP “amazing – the phone rings” “does it do call transfer?” “how can I make it stop ringing?” catching up with the digital PBX long-distance calling, ca going beyond the black phone

Collaboration in the Enterprise5 Collaboration in transition intra-organization; small number of systems (meeting rooms) inter-organization multiple technology generations diverse end points proprietary (single- vendor) systems standards-based solutions

Collaboration in the Enterprise6 What is SIP? Session Initiation Protocol  protocol that establishes, manages (multimedia) sessions also used for IM, presence & event notification uses SDP to describe multimedia sessions Developed at Columbia U. (with others) started approximately 1996, first standard 1999 Standardized by IETF (RFC et al), ca GPP (for 3G wireless) PacketCable (DCS) About 100 companies produce SIP products Microsoft’s Windows Messenger (≥4.7) includes SIP

Collaboration in the Enterprise7 Origins and evolution of SIP multicast multimedia voice (PSTN replacement) 3G (mobile voice) centralized conferencing IM & presence cable VoIP

Collaboration in the Enterprise8 Filling in the protocol gap Service/deliverysynchronousasynchronous pushSIP RTSP, RTP SMTP pullHTTP ftp SunRPC, Corba, SOAP (not yet standardized)

Collaboration in the Enterprise9 SIP as service enabler Rendezvous protocol lets users find each other by only knowing a permanent identifier Mobility enabler: personal mobility one person, multiple terminals terminal mobility one terminal, multiple IP addresses session mobility one user, multiple terminals in sequence or in parallel service mobility services move with user

Collaboration in the Enterprise10 Philosophy Session establishment & event notification Any session type, from audio to circuit emulation Provides application-layer anycast service Provides terminal and session mobility Based on HTTP in syntax, but different in protocol operation Peer-to-peer system, with optional support by proxies even stateful proxies only keep transaction state, not call (session, dialogue) state transaction: single request + retransmissions proxies can be completely stateless

Collaboration in the Enterprise11 Basic SIP message flow

Collaboration in the Enterprise12 SIP trapezoid outbound proxy registrar 1 st request 2 nd, 3 rd, … request voice traffic RTP destination proxy (identified by SIP URI domain)

Collaboration in the Enterprise13 SIP message format SDP INVITE SIP/2.0 Via: SIP/2.0/UDP here.com:5060 From: Alice To: Bob Call-ID: CSeq: 1 INVITE Subject: just testing Contact: Content-Type: application/sdp Content-Length: 147 v=0 o=alice IN IP4 here.com s=Session SDP c=IN IP t=0 0 m=audio RTP/AVP 0 a=rtpmap:0 PCMU/8000 SIP/ OK Via: SIP/2.0/UDP here.com:5060 From: Alice To: Bob Call-ID: CSeq: 1 INVITE Subject: just testing Contact: Content-Type: application/sdp Content-Length: 134 v=0 o=bob IN IP4 there.com s=Session SDP c=IN IP t=0 0 m=audio 3456 RTP/AVP 0 a=rtpmap:0 PCMU/8000 message body header fields request line request response

Collaboration in the Enterprise14 A constellation of SIP RFCs Resource mgt. (3312) Reliable prov. (3262) INFO (2976) UPDATE (3311) Reason (3326) SIP (3261) DNS for SIP (3263) Events (3265) REFER (3515) DHCP (3361) DHCPv6 (3319) Digest AKA (3310) Privacy (3323) P-Asserted (3325) Agreement (3329) Media auth. (3313) AES (3853) Non-adjacent (3327) Symmetric resp. (3581) Service route (3608) User agent caps (3840) Caller prefs (3841) ISUP (3204) sipfrag (3240) Security & privacy Configuration Core Mostly PSTN Content types Request routing

Collaboration in the Enterprise15 An eco system, not just a protocol SIP XCAP (config) RTSP SIMPLE policy RPID …. SDP XCON (conferencing) STUN TURN RTP configures initiatescarries controls provide addresses

Collaboration in the Enterprise16 Presence as communication facilitator

Collaboration in the Enterprise17 The role of presence Guess-and-ring high probability of failure: “telephone tag” inappropriate time (call during meeting) inappropriate media (audio in public place) current solutions: voice mail  tedious, doesn’t scale, hard to search and catalogue, no indication of when call might be returned automated call back  rarely used, too inflexible  most successful calls are now scheduled by Presence-based facilitates unscheduled communications provide recipient-specific information only contact in real-time if destination is willing and able appropriately use synchronous vs. asynchronous communication guide media use (text vs. audio) predict availability in the near future (timed presence) Prediction: almost all (professional) communication will be presence-initiated or pre-scheduled

Collaboration in the Enterprise18 Basic presence Role of presence initially: “can I send an instant message and expect a response?” now: “should I use voice or IM? is my call going to interrupt a meeting?” Yahoo, MSN, Skype presence services: on-line & off-line useful in modem days – but many people are (technically) on-line 24x7 thus, need to provide more context + simple status (“not at my desk”) entered manually  rarely correct does not provide enough context for directing interactive communications

Collaboration in the Enterprise19 Context-aware communication context = “the interrelated conditions in which something exists or occurs” anything known about the participants in the (potential) communication relationship both at caller and callee timeCPL capabilitiescaller preferences locationlocation-based call routing location events activity/availabilitypresence sensor data (mood, bio)privacy issues similar to location data

Collaboration in the Enterprise20 Presence and event notification Presence = special case of event notification “user Alice is available for communication” Human users: multiple contacts per presentity device (cell, PDA, phone, …) service (“audio”) activities, current and planned surroundings (noise, privacy, vehicle, …) contact information composing (typing, recording audio/video IM, …) Events in multimedia systems: REFER (call transfer) message waiting indication conference floor control conference membership push-to-talk system configuration General events: emergency alert (“reverse 911”) industrial sensors (“boiler pressure too high”) business events (“more than 20 people waiting for service”)

Collaboration in the Enterprise21 IETF efforts SIP, SIPPING and SIMPLE working groups but also XCON (conferencing) Define SIP methods PUBLISH, SUBSCRIBE, NOTIFY GEOPRIV: geospatial privacy location determination via DHCP information delivery via SIP, HTTP, … privacy policies SIMPLE: architecture for events and rich presence configuration (XCAP) session-oriented IM ( ↔ page mode) filtering, rate limiting and authorization

Collaboration in the Enterprise22 Presence data model “calendar”“cell”“manual” audio, video, text video person (presentity) (views) services devices

Collaboration in the Enterprise23 Presence data architecture raw presence document create view (compose) privacy filtering draft-ietf-simple-presence-data-model composition policy privacy policy presence sources XCAP (not defined yet) depends on watcher select best source resolve contradictions PUBLISH

Collaboration in the Enterprise24 Presence data architecture candidate presence document watcher filter raw presence document post-processing composition (merging) final presence document difference to previous notification SUBSCRIBE NOTIFY remove data not of interest watcher

Collaboration in the Enterprise25 Composition union of tuples rule-based: most recent; source quality program: complex conditions and transformations complexity capability

Collaboration in the Enterprise26 Future work: sources Composition may need to resolve conflicts calendar says meeting, but user is driving Composition relies on source information: information gathering: sensor, manual, calendar relative trustworthiness (sensor vs. manual) how recently updated? does place and time make activity likely? Will likely add source information to presence data already started for geo data

Collaboration in the Enterprise27 GEOPRIV and SIMPLE architectures target location server location recipient rule maker presentity caller presence agent watcher callee GEOPRIV SIP presence SIP call PUBLISH NOTIFY SUBSCRIBE INVITE publication interface notification interface XCAP (rules) INVITE DHCP

Collaboration in the Enterprise28 RPID = rich presence Provide watchers with better information about the what, where, how of presentities facilitate appropriate communications: “wait until end of meeting” “use text messaging instead of phone call” “make quick call before flight takes off” designed to be derivable from calendar information or provided by sensors in the environment allow filtering by “sphere” – the parts of our life don’t show recreation details to colleagues

Collaboration in the Enterprise29 The role of presence for call routing Two modes: watcher uses presence information to select suitable contacts advisory – caller may not adhere to suggestions and still call when you’re in a meeting user call routing policy informed by presence likely less flexible – machine intelligence “if activities indicate meeting, route to tuple indicating assistant” “try most-recently-active contact first” (seq. forking) LESS translate RPID CPL PA PUBLISH NOTIFY INVITE

Collaboration in the Enterprise30 RPID: rich presence

Collaboration in the Enterprise31 Rich presence – describing presentity class: label elements for grouping and selection i-belong-to: AOR contact in tuple belongs to proposed element status-icon icon URL with hint for watcher user interface

Collaboration in the Enterprise32 Rich presence – describing service relationship a communication service offered by a family member associate (colleague) assistant supervisor service-class: type of service offered electronic delivery (courier) postal in-person

Collaboration in the Enterprise33 Rich presence – describing state mood of presentity afraid, amazed, angry, annoyed, anxious, ashamed, bored, brave, calm, cold, confused, contented, cranky, curious, depressed, disappointed, disgusted, distracted, embarrassed, excited, flirtatious, frustrated, grumpy, guilty, happy, hot, humbled, humiliated, hungry, hurt, impressed, in_awe, in_love, indignant, interested, invincible, jealous, lonely, mean, moody, nervous, neutral, offended, playful, proud, relieved, remorseful, restless, sad, sarcastic, serious, shocked, shy, sick, sleepy, stressed, surprised, thirsty, worried likely derived from game state manual input lie detector + fMRI (later)

Collaboration in the Enterprise34 Rich presence – describing activities sphere current state and role free text e.g., “work”, “home”, “soccer club”, “PTA” activities: what is the person doing away, appointment, busy, holiday, in-transit, meal, meeting, on-the-phone, performance, permanent- absence, sleeping, steering, travel, vacation

Collaboration in the Enterprise35 Rich presence – describing place and surroundings place-type: type of surroundings aircraft, airport, bus, car, home, hotel, industrial, library, mall, office, outdoors, public, public- transport, restaurant, school, ship, station, street, theater, train, truck place-is: communication properties video: bright, dark audio: noisy, quiet privacy: communication that is private audio, video, text time-offset: minutes from UTC for avoiding middle-of-the-night calls

Collaboration in the Enterprise36 Rich presence – describing user— device interactions How long has the user not provided input to the device? e.g., microphone input, keyboard, mouse idleactive idle-threshold activity

Collaboration in the Enterprise37 CIPID: Contact Information More long-term identification of contacts Elements: card – contact Information home page icon – to represent user map – pointer to map for user sound – presentity is available

Collaboration in the Enterprise38 Rich presence: time information Presence is currently about here and now but often only have (recent) past – e.g., calendar or future “will be traveling in two hours” “will be back shortly” allows watcher to plan communication timed-status time RPID fromuntil now

Collaboration in the Enterprise39 Privacy All presence data, particularly location, is highly sensitive Basic location object (PIDF-LO) describes distribution (binary) retention duration Policy rules for more detailed access control who can subscribe to my presence who can see what when <gml:Point gml:id="point1“ srsName="epsg:4326"> 37:46:30N 122:25:10W no T04:57:29Z T20:57:29Z

Collaboration in the Enterprise40 Privacy policy relationships geopriv-specificpresence-specific common policy RPIDCIPID future

Collaboration in the Enterprise41 Privacy rules Conditions identity, sphere time of day current location identity as or + Actions watcher confirmation Transformations include information reduced accuracy User gets maximum of permissions across all matching rules privacy-safe composition: removal of a rule can only reduce privileges Extendable to new presence data rich presence biological sensors mood sensors

Collaboration in the Enterprise42 Example rules document allow sip mailto true bare

Collaboration in the Enterprise43 Creating and manipulating rules Uploaded in whole or part via XCAP XML not user-visible Web or application UI, similar to mail filtering Can also be location-dependent “if at home, colleagues don’t get presence information” Possibly implementation-defined “privacy levels”

Collaboration in the Enterprise44 Program location-based services

Collaboration in the Enterprise45 SIP extensions and interoperability

Collaboration in the Enterprise46 SIP: designed for managed extensions Engineered for managed long-term extensibility: cannot assume that all implementations implement everything describe what to do with unknown protocol elements registry of header fields indication and discovery of features New SIP header fields: ignored if unknown provide more information, don’t change behavior avoid silly x- headers private, limited-users headers (branded with “P-”) most common extension today New SIP methods rarely done outside standards discovery via OPTIONS request SIP behavior changes via Require, Proxy-Require, Supported, Unsupported header fields names behaviors, not fields

Collaboration in the Enterprise47 How to ensure protocol interoperability Classical Internet approach: pairwise lab testing Interoperability tests (“plug fests”) multiple implementation, in various stages of maturity results (and embarrassment) remain private Certification by neutral third parties can never be complete Lab tests by consulting and publishing companies  SIP is using all of these

Collaboration in the Enterprise48 Interoperability efforts IETF SIPPING working group call flow examples for basic (RFC 3665), telephony (RFC 3666) and services (draft) basic user agent capabilities (draft- sinnreich-sipdev-req) SIPit and SIMPLEt held every 6 months 15 th instance of SIPit (and 3 rd of SIMPLEt) just completed 200 people from ~75 organizations tested around 100 implementations ETSI TTCN specs SIP Forum Certification Working Group

Collaboration in the Enterprise49 SIPit 15 (Aug. 2004) 128 attendees from 55 organizations US, Canada, Israel, Japan, Taiwan, France, Germany, Belgium, UK, Turkey, India, Sweden, Finland, Norway “The biggest strides between this event and the last were around correct support for TLS. The biggest weakness continues to be proper construction of offers and answers.”

Collaboration in the Enterprise50 Protocol interoperability problems Three core interoperability problems: syntactic robustness “You mean you could have a space there?” often occurs when testing only against common reference implementations need “stress test” (also for buffer overflows) implementation by protocol example limiting assumptions (e.g., user name format) see “SIP Robustness Testing for Large-Scale Use”, First International Workshop on Software Quality (SOQA) semantic assumptions “I didn’t expect this error” mutually incompatible extensions expect extension to make something work

Collaboration in the Enterprise51 Why SIP extensions? Good interoperability in basic call setup Extensions are sometimes indications where work is needed or “I didn’t know this existed” unfortunately, no good SIP Roadmap document some “wrong protocol, buddy” some “I don’t have the resources to participate in standardization” currently, 68 SIP/SIPPING/SIMPLE I-Ds 26 SIP RFCs (+ 13 SIPPING RFCs)

Collaboration in the Enterprise52 SIP proprietary extensions Examples based on informal survey Shared line support to emulate key systems: not dialogs, but state of AORs see SIMPLE TCAP over SIP for LNP general: pick up information along the way Auto-answer support (intercom) Caller-indicated ringing preferences visual ringing Billing and dialing plan Tone for charged vs. free calls Caller name identification added by proxies P-Asserted-Identity extension Call routing diagnostics

Collaboration in the Enterprise53 SIP proprietary extensions, cont’d “upgrade your endpoint!” Caller time zone NAT support STUN servers not widely available – no incentive some use simple HTTP query (just needs cgi-bin) probably biggest advantage that Skype has  many, make SIP work well in old world on phone look-alikes reason given: local interest only takes too long to standardize

Collaboration in the Enterprise54 SIP – a bi-cultural protocol overlap dialing DTMF carriage key systems notion of lines per-minute billing early media ISUP & BICC interoperation trusted service providers multimedia IM and presence location-based service user-created services decentralized operation everyone equally suspect

Collaboration in the Enterprise55 The SIP complexity fallacy IAX (for example) is simpler than SIP but you could build the IAX functionality in SIP at just about the same complexity: no proxies no codec negotiation no distributed services Difficulty: extracting those simple pieces from 269 pages of specification SIP still more complex due to signaling-data separation Signaling & Media Signaling Media IAX model SIP, H.323, MCGP model

Collaboration in the Enterprise56 On-going IETF work on collaboration Session and service mobility Centralized conferencing Application sharing

Collaboration in the Enterprise57 Service and session mobility Multimedia sessions no longer bound to either desktop or mobile device complementary strengths: mobility vs. large display Service mobility: move service (capabilities, reachability, configuration) temporarily to local device Session mobility: allow active session to move across devices e.g., cell phone call moves to local set of devices and back again

Collaboration in the Enterprise58 Ubiquitous computing SA DA Resource Control (3pcc) Service Location Query SA send audio to SIP UA2 Network Appliance Control SIP UA1 turn on projector SIP UA2call Resource Discovery (SLP UA) audio and video streams Script engine

Collaboration in the Enterprise59 Service scenario Bluetooth Home domain SIP and AAA server Visitor Media streams Call Resource Info Location Resources Use Authenticate Register Info

Collaboration in the Enterprise60 Example: user-adaptive device configuration “all devices that are in the building” RFC 3082? PA device controller SUBSCRIBE to each room SUBSCRIBE to configuration for users currently in rooms 1.discover room URI 2.REGISTER as contact for room URI tftp HTTP SLP signal strength  location REGISTER To: 815cepsr Contact: SIP room 815

Collaboration in the Enterprise61 XCON: centralized conferencing SIP itself can provide basic conference functionality equivalent to audio/video bridge dial-in, dial-out control and configuration via web page, DTMF or speech interface But need for “scriptable” remote control for creation and management of conferences policy, rights, media

Collaboration in the Enterprise62 XCON System Logical XCON Server Floor Control Client TEMPLATE Of the SYSTEM: Pre-configured Initial/Default values Conf Event Notification Server Focus CPCP Client CCCP Client CPCP Server CCCP Server Call Signaling Client TEMPLATE Policy: Of TYPE RULES RESERVATION Policy: Of TYPE RULES CURRENT Policy: Of TYPE RULES RESERVATION Of the INSTANCE: Of TYPE CONFERENCE-INFO STATE Of the CURRENT INSTANCE: Of TYPE CONFERENCE-INFO Notification Client Floor Control Server SIP/ PSTN/ H.323 T.120/ Etc. CCCP CPCP SIP NOTIFY/ Etc. BFCP Logical XCON Client

Collaboration in the Enterprise63 Application sharing Currently, no good standard for sharing generic applications pixel-based sharing, not shared text editing or other applications designed to be shared T.128 is outdated has limited, special-purpose security integrates poorly with audio/video session setup works poorly across platforms (e.g., fonts) vnc (we use it in our client) only whole screen Working on new sharing model unifies conference sharing and remote access allows large groups (multicast) and centralized conferences supports hybrid video + applications (e.g., embedded movies) leverages existing protocols: RTP for pixel transport SIP for signaling and negotiation PNG for compression

Collaboration in the Enterprise64 Other (implementation) gaps IP phones limited to narrowband audio maybe Skype will provide incentive… echo cancellation still generally iffy configuration harder than necessary NAT traversal no audio/video lip sync poor integration of whiteboards

Collaboration in the Enterprise65 Does it have to be that complicated? highly technical parameters, with differing names inconsistent conventions for user and realm made worse by limited end systems (configure by multi-tap) usually fails with some cryptic error message and no indication which parameter out-of-box experience not good

Collaboration in the Enterprise66 Solving the configuration mess Initial development assumed enterprise deployment pre-configured via tftp or (rarely) DHCP not suitable for residential use, except if box is shipped pathetic security – password accessible to anybody who knows MAC address of phone Short term adopt simple default conventions should only need SIP URI (AoR), display name and password realm = URI outbound proxy = domain provide and expose error feedback not “authentication failure” but “realm not recognized – change to format” use DNS NAPTR and SRV for STUN server

Collaboration in the Enterprise67 Solving the configuration mess – longer term IETF efforts on configuration management retrieve via HTTP (+ TLS) change notification via SIP event notification problem of configuring initial secret remains probably need embedded public keys Still need better diagnostics one-way voice issues authentication failures

Collaboration in the Enterprise68 Conclusion SIP core component of standards-based multimedia collaboration Dial-and-hope model likely to fade for all but teenager communication (and they are using IM…) maybe even for calling your airline… transition to (rich) presence to find interaction times Most protocol pieces in place, but gaps in centralized conference control & application sharing Implementations still catching up to standards