Internet Engineering Task Force SIP WG Internet Draft Rosenberg/Peterson/Schulzrinne/Camarillo draft-rosenberg-sip-3pcc-02.txt dynamicsoft,Level3,Columbia U.,Ericsson March 2, 2001 Expires: September 2001 Third Party Call Control in SIP STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as work in progress. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document discusses the usage of the Session Initiation Protocol (SIP) for third party call control. Third party call control refers to the ability of one entity to create a call in which communications is actually between other parties. We present a SIP mechanism for accomplishing third party call control that does not require any extensions or changes to SIP. 1 Introduction In the traditional telephony context, third party call control allows one entity (which we call the controller) to set up and manage a communications relationship between two or more other parties. Third party call control is often used for operator services (where an operator creates a call that connects two participants together), and Rosenberg/Peterson/Schulzrinne/Camarillo [Page 1] Internet Draft 3pcc March 2, 2001 conferencing. On the Internet, a wider range of services are enabled through a third party session control mechanism. This is because other IP applications, such as web, email, presence, instant messaging, and chat can now be brought into the picture. An excellent example is click-to-dial. This service allows a user to click on a web page when they wish to speak to a customer service representative. The web server then creates a call between the user and a customer service representative. The call can be between two phones, a phone and an IP host, or two IP hosts. In order to support third party call control applications, a mechanism is needed that allows a controller to create, modify, and terminate calls with other entities. In this document, we present a mechanism using the Session Initiation Protocol (SIP) [1] which allows a controller to execute third party services. The mechanism is not an extension to SIP. It is merely an application of the tools enabled through RFC 2543. A controller can create calls between any entity that contains a normal SIP user agent. After desribing the mechanism, we present three third party services which take advtantage of this mechanism. One is click-to-dial, the second is a feature that enables a mid-call announcement for credit card authorization , and the third is a timed conference bridge initiation. 2 Third Party Control The basic idea behind the third party mechanism is simple. A controller first calls one of the participants, A, and presents the INVITE without any media. When this call is complete, the controller has the SDP needed to communicate with A. The controller then uses SDP A to initiate a call to participant B. When this call is completed, the controller has the SDP needed to communicate with B. This information is then passed to A. The result is that there is a call leg between the controller and A, a call leg between the controller and B, but media between A and B. To demonstrate the recommended call flow for achieving this result, we step through an evolution of the call flows and explain the benefits and drawbacks of each, eventually arriving at the recommended flow. 2.1 First Attempt The controller first sends an INVITE to the first user, A, whose phone is to ring. This is a standard INVITE, but it contains no SDP. When A answers, the controller does not yet send an ACK. It generates Rosenberg/Peterson/Schulzrinne/Camarillo [Page 2] Internet Draft 3pcc March 2, 2001 a second INVITE. This INVITE is addressed to the second user, B, to be connected in the call. This INVITE contains the SDP as received from the 200 OK from A. When the 200 OK to this second INVITE arrives, the controller ACK s it, takes the SDP, and includes that in the ACK for the first call. A flow diagram for this mechanism is given in 1. This flow is simple, requires no manipulation of the SDP by the controller, and works for any media types supported by both endpoints. However, it has a serious timeout problem. User B may not answer the call immediately. The result is that the controller cannot send the ACK to A. This causes A to retransmit the 200 OK response periodically. In fact, if B does not answer within 32 seconds, the call with A times out. 2.2 Second Attempt To fix this problem, consider the call flow in Figure 2. The controller first sends an INVITE to the first user whose phone is to ring, user A. This is a standard INVITE, but its SDP contains a single audio media line, with one codec, a random port number (but not zero), and a connection address of 0.0.0.0. This creates an initial media stream "on hold". When A answers, the controller sends an ACK. It then generates a second INVITE. This INVITE is addressed to the second user, B, to be connected in the call. This INVITE contains the SDP as received from the 200 OK from A. When the 200 OK to this second INVITE arrives, the controller ACK s it, takes the SDP, and then re-INVITEs the first user with this updated SDP. This flow has the advtange that all final responses are immediately ACKed. If therefore does not suffer from the timeout and message inefficiency problems of flow 1. However, it too has troubles. First off, it requires that the controller know the media types to be used for the call (since it must generate an "on hold" SDP, which requires media lines). Secondly, the first INVITE to A contains media on hold. The controller expects that the response contains valid SDP for the call. However, experience has shown that many UAs respond to media- on-hold with media-on-hold, which won't work. Lastly, the flow assumes that after the re-INVITE, user A returns the same SDP, SDP A, as was returned to the original INVITE. This may not be the case. If it is not, the controller needs to re-INVITE B, which may result in getting a different SDP, SDP C, in the 200 OK. Then, the controller needs to re-INVITE A again, and so on. The result is an infinite loop of re-INVITEs. It is possible to break this cycle by having very Rosenberg/Peterson/Schulzrinne/Camarillo [Page 3] Internet Draft 3pcc March 2, 2001 A Controller B | INV no SDP | | |<------------------| | | | | | 200 SDP A | | |-----------------> | INV SDP A | | |----------------->| | | | | | 200 SDP B | | |<-----------------| | | | | | ACK | | ACK SDP B |----------------->| |<------------------| | | | | | | RTP | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | | | | | | | | | | | | | | | | | | | | | | | | Figure 1: 3pcc Flow Attempt 1 smart UAs which can return the same SDP whenever possible, or really smart controllers that can analyze the SDP to determine if a re- INVITE is really needed. However, we wish to keep this mechanism simple, and avoid SDP awareness in the controller. As a result, this Rosenberg/Peterson/Schulzrinne/Camarillo [Page 4] Internet Draft 3pcc March 2, 2001 A Controller B | INV held SDP | | |<------------------| | | | | | 200 SDP A | | |-----------------> | INV SDP A | | ACK |----------------->| |<----------------- | | | | 200 SDP B | | |<-----------------| | | | | | ACK | | INV SDP B |----------------->| |<------------------| | | 200 OK SDP A | | |------------------>| | | ACK | | |<------------------| | | | RTP | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | | | | | | | | | | | | | | | | | | | | | | | | Figure 2: 3pcc Flow Attempt 2 flow is not really workable. We show it here for completeness. 2.3 Third Flow The general purpose recommended flow is shown in Figure 3. First, the controller sends an INVITE to the first user, A, without any SDP (which is good, since it means that the controller doesn't need to assume anything about the media of the devices). User A responds with its SDP, A1, in a 200 OK, which is immediately ACKed with an on-hold SDP generated by the controller. Rosenberg/Peterson/Schulzrinne/Camarillo [Page 5] Internet Draft 3pcc March 2, 2001 A Controller B | INV no SDP | | time t = 0 |<------------------| | | | | | 200 SDP A1 | | |-----------------> | | | | | | ACK SDP held | | |<------------------| | | | | | | INV no SDP | | |----------------->| | | | | | 200 SDP B | | |<-----------------| | INV SDP B' | | |<------------------| | | | | | 200 SDP A2 | | |-----------------> | | | | | | | ACK SDP A2' | | ACK |----------------->| |<------------------| | | | | | | RTP | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | | | | | | Figure 3: 3pcc Recommended Flow Next, the controller sends an INVITE to the second user, B, also without SDP. The SDP in the 200 OK, SDP B, is used to create a re- INVITE to the first user. That re-INVITE is based on SDP B, but may need to be reorganized to match up media lines. We therefore call that SDP B'. Since this is a re-INVITE, it should complete quickly in the general case. Thats good, since user B is retransmitting their 200 OK, waiting for an ACK. The SDP in the 200 OK from A, SDP A2 (which may be different than A1), is then passed to user B in the ACK. It may also need reorganization to match up m lines. This flow has many benefits. First, it will usually operate without Rosenberg/Peterson/Schulzrinne/Camarillo [Page 6] Internet Draft 3pcc March 2, 2001 any spurious retransmissions or timeouts (although this may still happen if a re-INVITE is not responded to quickly). Secondly, it does not require the controller to guess the media that will be used by the participants. Thirdly, it does not assume that a device responds properly to an INVITE with SDP on hold. There are some drawbacks. The controller does need to perform SDP manipulations. Specifically, it must take some SDP, and generate another SDP which has the same media composition, but is on hold. Secondly, it may need to reorder an SDP X, so that its media lines match up with those in some other SDP, Y. Finally, the flow is far more complicated than the simple and elegant flow in Figure 1. As a result of these drawbacks, it is our recommendation that flow 1, shown in Figure 1 be used if, and only if, the controller knows that user B is actually an automata that will answer the call immediately. This is the case for devices such as media servers, conferencing servers, and messaging servers, as described in [2]. Since we expect a great deal of third party call control to be to automata, special caseing this scenario is reasonable. For calls to unknown entities, or to entities known to represent people, it is recommended that the flow in Figure 3 be used for third party call control. It is most likely to be interoperable and most likely to work in the largest number of cases. 2.4 Continued Processing Once the calls are established, both participants believe they are in a single point-to-point call with some control system (assuming the controller identified itself as such in the From field of the INVITE). However, they are exchanging media directly with each other, rather than with the controller. The result is that the controller has set up a call between both participants. Since the controller is still a central point for signaling, it now has complete control over the call. If it receives a BYE from one of the participants, it can create a new BYE and hang up with the other participant. This is shown in 4. As an alternative, when the controller receives a BYE from A, it can generate a new INVITE to a third party, C, and connect B to that participant instead. A call flow for this is shown in 5, assuming the case where C represents an end user, not an automata. Note that it is simply the bottom 2/3 of the primitive 3pcc flow of Figure 3. Rosenberg/Peterson/Schulzrinne/Camarillo [Page 7] Internet Draft 3pcc March 2, 2001 A Controller B | | | | | | | BYE From A | | |-----------------> | BYE From Cont. | | 200 OK |----------------> | |<----------------- | 200 OK | | |<---------------- | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Figure 4: Hanging Up with 3PCC From here, new parties can be added, removed, transferred, and so on, as the controller sees fit. The general idea behind the mechanism is that there is a point to point SIP relationship between each participant and the controller. However, by passing the SDP it receives from one participant to another, it can causes users to actually communicate with each other rather than the controller. 3 Back to Back User Agents The call flow in Section 2.3 assumes that the controller is the entity that initiates the call. It is possible for the controller to take ownership of a call setup by a different party by acting as a Back to Back User Agent (B2BUA). The call flow in this case is shown in Figure 6. In this call flow, the controller looks deceptively like a proxy, but it is not. The controller acts as a UAS for the INVITE received by A, and then as a UAC when it initiates a call to B. It is this fact which allows the controller to generate its own ringing messages, or Rosenberg/Peterson/Schulzrinne/Camarillo [Page 8] Internet Draft 3pcc March 2, 2001 A Controller B C | | | | | | | | | BYE From A | | | |-----------------> | INV no SDP | | | 200 OK |------------------------------------>| |<----------------- | | 200 SDP C | | |<------------------------------------| | | | | | | | | | | INV SDP C' | | | |----------------->| | | | 200 SDP B2 | | | |<-----------------| | | | ACK | | | |----------------->| | | | | | | | | ACK SDP B2' | | |------------------------------------>| | | | | | | | | | | | RTP | | | | xxxxxxxxxxxxxxxx | | | | xxxxxxxxxxxxxxxx | Figure 5: Alternative to Hangup to generate an ACK for a 200 OK, both of which are done in this call flow. Once set up, the controller is exactly in the same state as if it had initiated the call as described in Section 2.3. The controller can hang up to one side, hang up to both sides, reconenct the users to media servers, and so on. 4 Third party call control and SDP preconditions In unicast sessions there is a number of media streams flowing between two entities. In order to perform resource reservation it is necessary to know the session descriptions from both parties. When third party call control is performed the information needed to establish the QoS required is not available from the beginning. The Rosenberg/Peterson/Schulzrinne/Camarillo [Page 9] Internet Draft 3pcc March 2, 2001 A Controller B | INV SDP A1 | | time t = 0 |------------------>| | | 180 Ringing | | |<------------------| INV SDP A1 | | |----------------->| | | | | | | | | | | | | | | | | | | | | | | | 200 SDP B | | |<-----------------| | | ACK | | 200 SDP B |----------------->| |<------------------| | | ACK | | |-----------------> | | | | | | | | | | RTP | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | | | | | | Figure 6: Back to Back User Agent call flow shown in Figure 7 shows how the exchange of SDPs between both parties can be performed. The controller INVITEs A in (1). At this point of time there is no information available about codecs to be used port numbers or IP addresses. The SDP of this INVITE just contains SDP preconditions and the media stream types (audio, video, etc...). As specified in [3], the called UAS returns a 183 immediately containing SDP information needed for QoS signaling (2). Rosenberg/Peterson/Schulzrinne/Camarillo [Page 10] Internet Draft 3pcc March 2, 2001 INVITE (3) contains the SDP received from A. This INVITE is sent to B. When B responses with (4) 183 it is ready to perform resource reservation. However, B will not start resource reservation until the PRACK (7) is received. This allows B's SDP to be sent to A in (5). This way both parties have all the information needed to perform resource reservation. Note that, since reliable provisional responses are used [4], the 183 (2) is retransmitted until the PRACK (5) arrives from the controller. This PRACK is transmitted only when the 183 arrives from B (4). Fortunately, this 183 is generated automatically, so that the first 183 (2) should not be retransmitted that much, if at all. The PRACK matching (2) is sent at (5). This PRACK is not sent before because it is used to send B's SDP to A. The controller does not get this information until (4). When the preconditions from B to the controller and from A to the controller are met two COMETs are received (9) and (11). At this point of time is up to the controller to let the session establishment go on sending a COMET to A (13). When A accepts joining the session (15), a COMET (16) is sent to B so B is alerted. This is really complex; and it also works such that the controller decides whether preconditions are used. Is there a simpler solution? 5 Click to Dial The first application of this capability we discuss is click to dial. In this service, a user is browsing the web page of an e-commerce site, and would like to speak to a customer service representative. They click on a link, and a call is placed to a customer service representative. When the representative picks up, the phone on the user's desk rings. When they pick up, the customer service representative is there, ready to talk to the user. We assume for purposes of this discussion that the web server is actually an applications server that contains an http interface. In this case, when the user clicks on the URL, the application server knows, through cookies or some other state mechanism, the addresses of the participants to be connected. The call flow for this service is given in 8. Note that it is identical to that of Figure 3, with the exception that the service is triggered through an http GET request when the user clicks on the link. Rosenberg/Peterson/Schulzrinne/Camarillo [Page 11] Internet Draft 3pcc March 2, 2001 Controller A B | (1) INVITE | | |------------------>| | | (2) 183 SDP A | | |<------------------| | | (3) INVITE SDP A | | |------------------------------------->| | (4) 183 SDP B | | |<-------------------------------------| | (5) PRACK SDP B | | |------------------>| | | (6) 200 OK (PRACK)| | |<------------------| | | (7) PRACK | | |------------------------------------->| | (8) 200 OK (PRACK)| | |<-------------------------------------| | (9) COMET | | |<-------------------------------------| |(10) 200 OK (COMET)| | |------------------------------------->| | (11) COMET | | |<------------------| | |(12) 200 OK (COMET)| | |------------------>| | | (13) COMET | | |------------------>| | |(14) 200 OK (COMET)| | |<------------------| | |(15) 200 OK (INVITE) | |<------------------| | | (16) COMET | | |------------------------------------->| |(17) 200 OK (COMET)| | |<-------------------------------------| |(18) 200 OK (INVITE) | |<-------------------------------------| | (19) ACK | | |------------------>| | | (20) ACK | | |------------------------------------->| | | | Controller A B Figure 7: Call Flow for Preconditions Rosenberg/Peterson/Schulzrinne/Camarillo [Page 12] Internet Draft 3pcc March 2, 2001 We note that this service can be provided through other mechanisms, namely PINT [5]. However, there are numerous differences between the way in which the service is provided by pint, and the way in which it is provided here: o The pint solution enables calls only between two PSTN endpoints. The solution described here allows calls between PSTN phones (through SIP enabled gateways) and native IP phones. o When used for calls between two PSTN phones, the solution here may result in a portion of the call being routed over the Internet. In pint, the call is always routed only over the PSTN. This may result in better quality calls with the pint solution, depending on the codec in use and QoS capabilities of the network routing the Internet portion of the call. o The PINT solution requires extensions to SIP (PINT is an extension to SIP), whereas the solution described here is done with baseline SIP. o The PINT solution allows the controller (acting as a PINT client) to "step out" once the call is established. The solution described here requires the controller to maintain call state for the entire duration of the call. 6 Mid-Call Announcement Capability The third party call control mechanism described here can also be used to enable mid-call announcements. Consider a service for pre- paid calling cards. Once the pre-paid call is established, the system needs to set a timer to fire when they run out of minutes. When this timer fires, we would like the user to hear an announcement which tells them to enter a credit card to continue. Once they enter the credit card info, more money is added to the pre-paid card, and the user is reconnected to the destination party. We consider here the usage of third party call control just for playing the mid-call dialog to collect the credit card information. We assume the call is set up, perhaps as described in Section 3, so that the controller is in the call. When the timer fires, we wish to connect the caller to a dialog server. The flow for this is shown in Figure 9. When the timer expires, the controller places the called party on Rosenberg/Peterson/Schulzrinne/Camarillo [Page 13] Internet Draft 3pcc March 2, 2001 hold. It then sends an INVITE without SDP to the the pre-paid caller. The SDP returned from the caller (which should be the same as the SDP it returned previously), is used in an INVITE to the media server which will be collecting digits. The media server offers its SDP in the response. The controller then sends an ACK to the pre-paid user using the SDP returned from the media server. The result is that now, the media server and the pre-paid caller have their media streams connected. The media server plays an announcement, and prompts the user to enter a credit card number. After collecting the number, the card number is validated. The controller can then hang up the call to the media server. How the controller can know when to hang up the call is outside the scope of this document, but is described in complete detail in [2], which discusses the interface between controllers and media servers. After hanging up with the media server, the controller reconnects the user to the original called party. 7 Timed Conference Intitation In this service, a conference bridge is booked for some number of participants. In order to make sure the conference begins on time, the conference bridge will call each participant at the time of the call. If a participant doesn't answer, the bridge tries to contact them again (unless they call in) five minutes later. The controller makes use of a conference server for this service. The conference server is of the type described in [2], which means that it will mix together all calls for the same request URI. The controller will use third party call control to get each participant to send media to the conference server. Note that since the conference server is an automata, we use the 3pcc flow of Figure 1. The call flow for this service is shown in Figure 10. The controller calls each participant, then calls the conference server (using the same request URI for all calls to the conference server). The result is that each participant sends media to the conference server, and the conference server sends media back. The third user, user C, does not answer right away, and is re-tried a few minutes later. 8 Implementation Notes Most of the work involved in supporting third party call control is within the controller. A standard SIP UA should be controllable in the mechanism described here. However, the mechanism relies on a few features that might not be implemented. As such, we strongly recommend implementors of user agent servers to support the Rosenberg/Peterson/Schulzrinne/Camarillo [Page 14] Internet Draft 3pcc March 2, 2001 Customer Controller Gateway Users PC Service to Representative Customer | | HTTP GET | | | |<-------------------------------------| | | 200 OK | | | |------------------------------------->| | | | | | | | | | INV no SDP | | | |<------------------| | | | 200 SDP A1 | | | |------------------>| | | | ACK SDP held | | | |<------------------| INV no SDP | | | |----------------->| | | | 200 SDP B1 | | | |<-----------------| | | INV SDP B1' | | | |<------------------| | | | 200 SDP A2 | | | |------------------>| | | | | ACK SDP A2' | | | |----------------->| | | ACK | | | |<------------------| | | | | | | | | RTP | | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Figure 8: Click to Dial Call Flow Rosenberg/Peterson/Schulzrinne/Camarillo [Page 15] Internet Draft 3pcc March 2, 2001 Pre-paid Controller Called Media Caller Party Server "A" "B" "C" | RTP | | | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| | | | INV SDP 0 (hold) | | | |----------------->| | | | 200 OK SDP B2 | | | |<-----------------| | | | ACK | | | |----------------->| | | INV no SDP | | | |<------------------| | | | 200 SDP A | | | |------------------>| INV SDP A | | | |------------------------------------->| | | | 200 SDP C | | ACK SDP C |<-------------------------------------| |<------------------| ACK | | | |------------------------------------->| | | | | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| | | BYE | | | |------------------------------------->| | | 200 OK | | | |<-------------------------------------| | | INV no SDP | | | |----------------->| | | | 200 SDP B2 | | | INV SDP B2' |<-----------------| | |<------------------| | | | 200 SDP A3 | | | |------------------>| ACK A3' | | | ACK |----------------->| | |<------------------| | | | | | | | RTP | | | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| | |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx| | | | | Internet Draft 3pcc March 2, 2001 Figure 9: Mid-Call Announcement o Re-invites that change the port to which media should be sent o Re-invites that change the connection address o Re-invites that add a media stream o Re-invites that remove a media stream (setting its port to zero) o Re-invites that add a codec amongst the set in a media stream o Hold (connection address of zero) o Initial invites on hold o Initial invites with no SDP o Re-invites with no SDP (in which case the UAS returns the same SDP it returned previously) 9 Security Considerations The mechanism described here introduces several security considerations. The first issue is the calling party identities delivered to the participants which the controller invites. The controller could indicate that the call is from itself (From: sip:controller@company.com), but in many cases, the service is more usable if it "spoofs" the identity of the participant that is actually calling. However, to differentiate legitimate use of 3pcc from real attacks, user agents SHOULD authenticate the requests. The controller MUST sign the request as itself, not as A or B (it cannot sign as A or B in any case). This will allow both parties to know that the call is actually being established through a controller, but on behalf of another user. User agents SHOULD be configured to authorize requests from entities known to be controllers. Note that this will result in SIP messages whose From field does not match the identity of the signator (as indicated in the signed-by field of the request). The third party mechanism can also have an impact on encryption of the media that is part of the session. If negotiation of session keys is done through some kind of key exchange within SIP, the controller will, in all likelihood, not be able to set it up so that participants in the call arrive at the same key. This means that the Rosenberg/Peterson/Schulzrinne/Camarillo [Page 17] Internet Draft 3pcc March 2, 2001 User 1 Controller User 3 Conference User 2 "A" "X" "C" Server "B" | INV no SDP | | | | |<---------------| | | | | 200 SDP A1 | | | | |--------------->| INV SDP A1 | | | | |------------------------------>| | | | 200 SDP CS1 | | | | |<------------------------------| | | | ACK | | | | ACK SDP CS1 |------------------------------>| | |<---------------| INV no SDP | | | | |---------------------------------------------->| | | 200 SDP B1 | | | | |<----------------------------------------------| | | INV SDP B1 | | | | |------------------------------>| | | | 200 SDP CS2 | | | | |<------------------------------| | | | ACK SDP CS2 | | | | |---------------------------------------------->| | | ACK | | | | |------------------------------>| | | | INV no SDP | | | | |-------------->| | | | | 408 Timeout | | | | |<--------------| | | | | ACK | | | | |-------------->| | | | | | | | | | | | | | | | | | | | INV no SDP | | | | |-------------->| | | | | 200 SDP C1 | | | | |<--------------| | | | | INV SDP C1 | | | | |------------------------------>| | | | 200 SDP CS3 | | | | |<--------------+---------------| | | | ACK SDP CS3 | | | | |-------------->| | | | | ACK | | | | |-------------------------------| | Figure 10: Timed Conference Initiation Call Flow Rosenberg/Peterson/Schulzrinne/Camarillo [Page 18] Internet Draft 3pcc March 2, 2001 controller may need to act as an RTP translator, decrypting with one key and re-encrypting with another. Third party call control has unfortunate interactions with NATs and firewalls. The problems arise when the controller is on one side of a firewall/NAT that is being controlled by a proxy [6] [7] that receives the controller's requests, and the controlled users are on the other side. Pinholes in the firewall may be opened when, in fact, the media does not pass through the firewall. One way to avoid this is for the firewall controlling proxy to recognize that the address of the media is not within its private network, and so not perform NAT or firewall control in those cases. 10 Conclusions We have presented a basic third party call control mechanism that uses SIP. This mechanism does not require any extensions to SIP and is completely backwards compatible. 11 Changes since -01 o Included all the flows which have been discussed, weighing pros and cons. o Made a recommendation for which flows to use in which scenarios. o Updated the flows to be consistent with [2]. o Added open issue with preconditions. o Added B2BUA discussion. 12 Authors Addresses Jonathan Rosenberg dynamicsoft 72 Eagle Rock Avenue First Floor East Hanover, NJ 07936 email: jdrosen@dynamicsoft.com Jon Peterson Level 3 Communications 1025 Eldorado Blvd Broomfield, CO 80021 Rosenberg/Peterson/Schulzrinne/Camarillo [Page 19] Internet Draft 3pcc March 2, 2001 email: Jon.Peterson@level3.com Henning Schulzrinne Columbia University M/S 0401 1214 Amsterdam Ave. New York, NY 10027-7003 email: schulzrinne@cs.columbia.edu Gonzalo Camarillo Ericsson Advanced Signalling Research Lab. FIN-02420 Jorvas Finland Phone: +358 9 299 3371 Fax: +358 9 299 3052 Email: Gonzalo.Camarillo@ericsson.com 13 Bibliography [1] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP: session initiation protocol," Request for Comments 2543, Internet Engineering Task Force, Mar. 1999. [2] J. Rosenberg, P. Mataga, and H. Schulzrinne, "An application server component architecture for sip," Internet Draft, Internet Engineering Task Force, Nov. 2000. Work in progress. [3] B. Marshall et al. , "Integration of resource management and SIP," Internet Draft, Internet Engineering Task Force, Nov. 2000. Work in progress. [4] J. Rosenberg and H. Schulzrinne, "Reliability of provisional responses in SIP," Internet Draft, Internet Engineering Task Force, July 2000. Work in progress. [5] S. Petrack and L. Conroy, "The PINT service protocol: Extensions to SIP and SDP for IP access to telephone call services," Request for Comments 2848, Internet Engineering Task Force, June 2000. [6] P. Srisuresh, J. Kuthan, and J. Rosenberg, "Middlebox communication architecture and framework," Internet Draft, Internet Engineering Task Force, Feb. 2001. Work in progress. [7] J. Rosenberg, D. Drew, and H. Schulzrinne, "Getting SIP through Rosenberg/Peterson/Schulzrinne/Camarillo [Page 20] Internet Draft 3pcc March 2, 2001 firewalls and NATs," Internet Draft, Internet Engineering Task Force, Feb. 2000. Work in progress. Rosenberg/Peterson/Schulzrinne/Camarillo [Page 21]