Internet Engineering Task Force Steven R. Donovan INTERNET DRAFT MCI Worldcom February 25, 1999 Expires August 25, 1999 SIP Session Timer Status of this document This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To view the entire list of current Internet-Drafts, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). Abstract This document proposes an extension to the SIP specification. This extension adds a new message header that is used to specify the duration of a requested session. The session timer can be used to control the duration of a session if, for instance, one of the participants in the session wants to limit the cost of the session. It can also be used by stateful SIP Proxy Servers to track the status of sessions for which session state exists on the servers. Currently a stateful SIP Proxy Server that is not handling the media stream(s) for the session has no mechanism to definitively determine the state of all sessions for which it has state. While the SIP Specification does provide the BYE method for terminating the session, there is no mechanism for a SIP Proxy Server to detect the end of a session when the BYE message is not sent or is lost due to network problems. Donovan [Page 1] Internet draft The SIP Session Timer February 25, 1999 1.0 Introduction The need for the addition of a session timer was initially motivated by the realization that stateful proxy servers currently have no method of determining the end of a session in certain anomalous situations. For instance, when a user agent fails to send a BYE message at the end of a session or the BYE message gets lost due to network problems. In this situation, the stateful proxy will retain state for the session and has no deterministic method for determining when the state no longer applies. With the addition of a session timer to the SIP protocol, the stateful proxy server will have the option of tearing down the session upon the expiration of the session timer. A session timer can also be used for other purposes. For instance, it could be used in the implementation of a prepaid service. In this case all session related signaling would be routed through a SIP server that would control the session time based on a subscriber's prepaid account. The SIP server could use the session timer to force tear down of the session within a specific time. The session timer could also be used by the user agent as a trigger to indicate to the subscriber that the prepaid account requires more funds to extend the call. This document proposes the addition of the Session-Expires header to various SIP messages. In addition, two new Request Failure messages are proposed. The first to allow a SIP Proxy Server (SPS) server or a User Agent Server (UAS) to indicate the need for the Session-Expires header in INVITE messages. The second to allow a SPS or UAS to reject a User Agent Client's (UAC) session timer request. This can be the UAC's initial INVITE or the UAC's request to extent an existing session. 2.0 Session-Expires Header Field Definition The Session-Expires header shall be used by a user agents or proxy servers to indicate the maximum duration of the session. The format of the contents of the Session-Expires header shall be equivalent to the format of the Expires header (see section 6.20 in [1]). As such, the end of the session can be specified as either an absolute or delta time. The Session-Expires header shall be valid in INVITE and ACK requests. In addition it shall be valid in certain response messages. This includes the 200 OK response and the new Request Failure responses defined in this document. The called UA or any SPS in the path of the session signaling shall have the option of rejecting an INVITE that does not contain the Session-Expires header if the service context in which the session request is made requires the use of the session timer. Donovan [Page 2] Internet draft The SIP Session Timer February 25, 1999 The called UA and SPS shall also have the option of adding the Session-Expires header to and INVITE message. In addition, the called UA and SPS shall have the option of modifying the value in the Session-Expires header. This modification to the requested Session-Expires timer by an SPS or called UA shall only be to decrease the requested duration of the session. The begin time of the session shall start upon receipt of the ACK message by the SPS and called UA indicating successful setup of the session. If the called UA or the SPS requires a session timer for a requested session and the calling UA does not include the Session-Expires header in the INVITE message, then the called UA or the SPS should reject the request with a 487 message. If the use of a session timer is desirable but optional for the session then and the calling UA does not include the Session-Expires header in the INVITE then the called UA or SPS should add a Session-Expires header to the next session setup message. The calling UA shall have the ability to request an extension to the duration of the session by sending a re-INVITE message for the session with a new Session-Expires header. See section 1.4.6, Changing an Existing Session, in [1]. The calling UA or any SPS in the path of the session signaling shall have the ability to reject the change in the session duration. Upon expiration of the session timer, the called UA shall have the option of terminating the session using the normal BYE method. In addition, a SPS shall have the option of tearing down an expired session by sending a BYE to both the called UA and the calling UA. It is recommended that the SPS delay tearing down the session long enough for a retry of a lost re-INVITE to be received by the SPS. This will also reduce the possibility of both the UAS and SPS attempting to tear down the call simultaneously. 3.0 Behavior of SIP User Agents 3.1 Behavior of User Agent Clients A User Agent Client (UAC) shall have the ability to include the Session- Expires header in an INVITE message. The UAC may need to keep a session timer in order to determine the need for extending the session. Donovan [Page 3] Internet draft The SIP Session Timer February 25, 1999 The UAC shall have the ability to request an extension of the session timer by sending an INVITE message for an existing session with a Session-Expires header. This should be done enough in advance of the session timeout to prevent the called UA or the SPS from timing out the session prior to receipt of the new INVITE. When requesting an extension of the session, the UAC shall use a value in the Session-Expires header that is less-than or equal to the value of the Session-Expires header received in the 200 OK from the original setup of the session. The UAC shall have the ability to receive a Session-Expires header in a 200 OK message. This is independent of whether or not a Session- Expires was included in the original INVITE message. The UAC shall have the ability to accept the session time indicated in the 200 OK Session-Expires header by including the header unchanged in the ACK to the 200 OK. The UAC shall have the ability to reject the session time indicated in the 200 OK message by not including a Session-Expires header in the ACK to the 200 OK message. In general, if the UAC is able to support session timers then it should accept the session time included in the 200 OK, event if it changed between the INVITE and the 200 OK. 3.2 Behavior of User Agent Servers The User Agent Server shall have the ability to reject an INVITE message that does not contain a Session-Expires header if the INVITE is received in a service context that requires a session timer. The UAS shall reject the INVITE using the following response: 487 Session-Expires Header Problem Session-Expires: n The UAS shall have the ability to reject an INVITE request based on the Session-Expires header. For instance, the UAS may choose to reject the INVITE if the requested session time is longer than the UAS desires to participate in the session. The UAS shall use the following message to reject the request: 487 Session-Expires Header Problem Session-Expires: n In both cases, the UAS shall include in the 487 response an acceptable delta time for the session. Donovan [Page 4] Internet draft The SIP Session Timer February 25, 1999 If the Session-Expires header contains a delta time then the UAS shall calculate the end of the session based on receipt of the ACK message that completes a successful session initiation: End of session time = Receipt of ACK time + Session-Expires time The UAS shall have the ability to reject a request to extend the length of the session. The UAS shall do so by sending the following response: 487 Session Time Request Problem Session-Expires: 0 A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. If the Session-Expires header in the re-INVITE contains a delta time then the UAS shall calculate the new end of the session from the previous end of session time: New end of session time = Previous end of session time + delta time If a request to extend the session time is rejected by the UAS then the end of session time that existed prior to the extension request shall be used. The UAS shall have the ability to add a Session-Expires header to a 200 OK response for an INVITE request that did not contain a Session- Expires header. If the UAS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the UAS has the following options: 1 - The UAS can choose to participate in the session without a session timer. 2 - The UAS can choose to not participate in the session. In this case, the UAS shall send a BYE message to tear down the session. The UAS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. If the UAS is sending a 200 OK to an that INVITE contained a Session- Expires header then the UAS shall include a Session-Expires header in the 200 OK. The content of the Session-Expires header shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or the decreased value of the session timer desired by the UAS. Upon expiration of the session timer, the UAS shall explicitly terminate the session by sending a BYE message. Donovan [Page 5] Internet draft The SIP Session Timer February 25, 1999 4.0 Behavior of SIP Proxy Servers A SIP Proxy Server has the option of tracking the duration of sessions for which it is a proxy. If the SPS receives an INVITE without a Session-Expires header, it has the option of sending the following message indicating that the Session-Expires header is required: 487 Session-Expires Header Problem Session-Expires: n A SPS has the option of rejecting an INVITE with a Session-Expires header based on the time specified in the header. For instance, if the time specified is too long. The proxy server shall do so by sending the following response: 487 Session-Expires Header Problem Session-Expires: n In both cases, the SPS shall include in the 487 response an acceptable delta time for the session. If the Session-Expires header contains a delta time then the SPS shall use the method of calculating the session time specified in section 3.2. A SPS has the option of rejecting a request for an extension of the session timer for an existing session by sending the following message: 487 Session-Expires Header Problem Session-Expires: 0 A value of zero (0) in the Session-Expires header shall indicate that the extension request is rejected. If the SPS accepts the request to extend the session timer then it shall use the method of calculating the new end of session time specified in section 3.2. The SPS shall have the ability to add a Session-Expires header to an INVITE request that does not contain a Session-Expires header. The SPS shall have the ability to decrease the requested session time in the INVITE Session-Expires header. The content of the Session-Expires header included in the INVITE sent by the SPS shall be either the content of the Session-Expires header contained in the INVITE request, if the UAS accepts the requested duration, or the decreased value of the session timer desired by the SPS. Donovan [Page 6] Internet draft The SIP Session Timer February 25, 1999 If the SPS adds a Session-Expires header to the 200 OK response and the resulting ACK does not contain a Session-Expires header then the SPS has the following options: 1 - The SPS can choose to allow the session without a session timer. 2 - The SPS can choose to not allow the session. In this case, SPS shall send a BYE message to the calling and called parties to tear down the session. A SPS shall have the option of tearing down sessions that have expired. Note that the SPS should wait for the called UA to terminate the call using normal mechanisms. If the called UA fails to send a BYE as a result of session expiration then the SPS can choose to end the call. The SPS shall terminate the call by sending BYE requests to the calling UA and the called UA. 5.0 Header Field Definitions The following is an extension of tables 4 and 5 in [1] for the Session- Expires header: where enc. e-e ACK BYE CAN INV OPT REG Session-Expires R e o - - o - - Session-Expires 200 e - - - o - - Session-Expires 487 e - - - o - - 6.0 Request Failure Messages 6.1 487 Session-Expires Header Problem The server received an INVITE request with one of the following problems: - The server requires a Session-Expires header. In this case the response should contain a Session-Expires header with an acceptable session time. - The server received an INVITE with a Session-Expires header with an expiration time longer than the server is willing to except. In this case the response should contain a Session-Expires header with an acceptable session time. - The server received an INVITE with a Session-Expires header for an existing session and the server does not wish to extend the session. In this case the response should contain a Session-Expires header with a value of zero (0). 7.0 Security Considerations There are no security considerations unique to the Session-Expires header. Donovan [Page 7] Internet draft The SIP Session Timer February 25, 1999 8.0 Examples The following examples are meant to illustrate the functionality associated with the Session-Expires header. As such, other headers are intentionally left out of the SIP messages. 8.1 Basic session-timer setup with UAS detected timeout Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA starts session timer Session-Expires: 120 Called UA Receipt of ACK Called UA starts session timer Calling UA determines need to extend session time Calling UA -> Called UA INVITE Session-Expires: 120 Calling UA <- Called UA 200 OK Session-Expires: 120 Calling UA -> Called UA ACK Calling UA resets session end time Session-Expires: 120 Called UA Receipt of ACK Called UA resets session timer Session timeout detected by Called UA Calling UA <- Called UA BYE Calling UA -> Called UA 200 OK Donovan [Page 8] Internet draft The SIP Session Timer February 25, 1999 8.2 Basic negotiation with SPS Detected timeout Calling UA -> SPS INVITE Session-Expires: 240 SPS -> Called UA INVITE SPS wants a shorter timer Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants a shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA starts session timer Session-Expires: 120 SPS Receipt of ACK SPS starts session timer SPS -> Called UA ACK Called UA starts session timer Session-Expires: 120 Session timeout detected by SPS Calling UA <- SPS BYE SPS -> Called UA BYE Calling UA -> SPS 200 OK SPS <- Called UA 200 OK Donovan [Page 9] Internet draft The SIP Session Timer February 25, 1999 8.3 No Session-Expires Header Rejection by SPS Calling UA -> SPS INVITE No Session-Expires header Calling UA <- SPS 4xx Session-Expires Header Required Session-Expires: 120 Suggested session time Calling UA -> SPS INVITE Session-Expires: 120 . . . Session setup continues 8.4 Invalid Session-Expires Header Rejection by SPS Calling UA -> SPS INVITE No Session-Expires header Session-Expires: 1000 Calling UA <- SPS 4xx Session Time Request Rejected Session-Expires: 120 Suggested session time Calling UA -> SPS INVITE Session-Expires: 120 . . . Session setup continues Donovan [Page 10] Internet draft The SIP Session Timer February 25, 1999 8.5 Session-Expires Header Added by SPS, Rejected by UAC Calling UA -> SPS INVITE SPS -> Called UA INVITE SPS adds S-E header Session-Expires: 180 SPS <- Called UA 200 OK Called UA wants shorter timer Session-Expires: 120 Calling UA <- SPS 200 OK Session-Expires: 120 Calling UA -> SPS ACK Calling UA does not include S-E header The SPS has the choice of allowing or not allowing the call as a result of the Calling UA not supporting the Session-Expires function. 7.0 Changes in this version The following is the list of the major changes to this version of the document: - Added the session time negotiation capability. This resulted in added support for the Session-Expires header in the 200 OK response and ACK request. - Consolidated the two 4xx responses into one. - Suggested the value of 487 for the new response message. - Added the ability to include a suggested session time in the 487 response. 8.0 Issues The following are the currently understood issues with the document: - It may be useful to allow the Called UA to initiate a request to extend the session. This would be in the case that the Calling UA does not support the Session Timer capability. Donovan [Page 11] Internet draft The SIP Session Timer February 25, 1999 9.0 References [1] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP: Session Initiation Protocol", Internet Draft, Internet Engineering Task Force, January 15, 1999. Work in progress. 10.0 Author's Address Steven R. Donovan MCI Worldcom 1493/678 901 International Parkway Richardson, Texas 75081 Email: steven.r.donovan@mci.com Donovan [Page 12]