XCON Working Group C. Boulton Internet-Draft Ubiquity Software Corporation Expires: January 2, 2006 M. Barnes Nortel July 1, 2005 Centralized Conferencing (XCON) Using the Message Session Relay Protocol (MSRP) draft-boulton-xcon-msrp-conferencing-01 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 2, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract A Centralized Conference as defined by the XCON working group is both signaling and protocol agnostic. The primary focus of the XCON work has been centered on the Session Initiation Protocol for signaling and Audio/Video for the media types. This document defines the mechanisms, in the context of the XCON framework, required when using the Message Session Relay Protocol (MSRP) in a Centralized Conference Boulton & Barnes Expires January 2, 2006 [Page 1] Internet-Draft MSRP Conferencing July 2005 (XCON). Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3 3. Protocol and Framework Overview . . . . . . . . . . . . . . . 3 3.1 Overview of Operation . . . . . . . . . . . . . . . . . . 5 4. Text Sidebar . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Private Message . . . . . . . . . . . . . . . . . . . . . . . 8 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 8.1 Normative References . . . . . . . . . . . . . . . . . . . 10 8.2 Informative References . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 11 Intellectual Property and Copyright Statements . . . . . . . . 12 Boulton & Barnes Expires January 2, 2006 [Page 2] Internet-Draft MSRP Conferencing July 2005 1. Introduction A Centralized Conference as defined by the XCON working group is both signaling and protocol agnostic. The primary focus of the XCON work has been centered on the Session Initiation Protocol for signaling and Audio/Video for the media types. The requirements to support conferences of session-based instant messages, private messaging, and sidebars are introduced in [6]. This document defines the mechanisms and associated framework elements involved when using the Message Session Relay Protocol(MSRP) in a Centralized Conference(XCON) in support of those requirements. [Editors Note: This document is still in early stages of development and is intended to invoke discussion. It is not intended to provide exact solutions at his stage, but rather explores a potential approach to a solution.] This document has been constructed in full compliance with both the XCON Framework[2] document and the SIPPING Conference Framework [3] document. The XCON Framework provides the data model and interfaces to be used while the SIPPING Framework provides details of the SIP signaling protocol operations. For the purpose of this document, MSRP will be discussed in the context of SIP being the carrying protocol, as defined in the core MSRP [4] specification. 2. Conventions and Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 [1] and indicate requirement levels for compliant implementations. 3. Protocol and Framework Overview MSRP is defined as a peer-to-peer protocol that enables a direct connection between two compliant endpoints, unless an MSRP relay is inserted in the MSRP signaling path. The MSRP Relay specification [5] details the associated functionality with a relay in the signaling path. Centralized conferencing using MSRP can be achieved by the Conference Server appearing as an MSRP endpoint for Conference Participants, with the Conference server distributing the messages by relaying them to each of the conference participants. Figure 1 provides an illustration of MSRP clients having a direct, 1:1 connection to the Conference server. The MSRP Conference Server can be roughly categorized as a hybrid MSRP entity that combines both MSRP client and MSRP relay functionality. An MSRP SEND sent to the Boulton & Barnes Expires January 2, 2006 [Page 3] Internet-Draft MSRP Conferencing July 2005 conference will arrive at the conference server and then be replicated to all appropriate MSRP sessions. +--------+ | MSRP | | Client | | | +--------+ | | | | | | v +-----------+ +--------+ | | +--------+ | MSRP | | MSRP | | MSRP | | Client |-------------->|Conference |<--------------| Client | | | | Server | | | +--------+ | | +--------+ +-----------+ ^ | | | | | | +--------+ | XCON | | Client | | | +--------+ Figure 1: Client Connection The approach in this document is to minimize the impact no the MSRP protocol, while taking full advantage of the functionality provided by the XCON and SIPPING Conferencing frameworks. The solution proposal in this document, as described in Section 3.1, meets many of the requirements identified in the requirements document for Multiparty MSRP [6]. Some of the requirements introduce additional concepts that are not yet fully addressed within the context of the XCON framework or associated protocol documents, however, they are Boulton & Barnes Expires January 2, 2006 [Page 4] Internet-Draft MSRP Conferencing July 2005 general enough that they should be addressed. For example, the notion of privacy and anonymity of participants is introduced in the framework in the context of security, but no discussion of mechanism is provided. [Editor's Note: Further elaboration of how this solution proposal meets those requirements is likely required, although a simple checklist in the appendix, or inline references to those requirements (e.g. ...solution text...(REQ-GEN-10) might suffice. ] An alternative approach, also meeting the Multiparty MSRP requirements, is documented in [7]. The solution proposed in that document requires extensions to the base MSRP protocol. It uses the concept of an "MSRP switch" as the centralized component, whose role is very similar to the MSRP Conferencing Server in this document. While that solution doesn't explicitly take advantage of the XCON FW data model, as it primarily intends to make use of the basic SIP conferencing framework, it could certainly do so without a large impact on the basic solution proposal (extending MSRP). One of the advantages of doing so would be a reuse of the XCON FW model for sidebars and private conferences and manipulation of the conference data. [Editor's Note: Ideally, discussion of this document can be used to further the model for sidebars and private conferences within the XCON FW document, which is currently very sketchy]. 3.1 Overview of Operation As mentioned in the overview, an MSRP client connecting to a Conference server has a 1:1 relationship with the MSRP signaling entity, each having a unique MSRP session ID (session ID's are contained in MSRP URLs). When referring to MSRP session ID's the document is making reference to the locally (at Conference Server) generated Session ID that is inserted into the local Path SDP attribute and used for MSRP session signaling identification. An important concept in this proposal is the creation and management of MSRP sessions. It is important that each MSRP session created, as identified by the unique session ID, is explicitly tied to an associated Conference, represented by the Conference Identifier. This provides the relevant association between MSRP and a Conference. An example is illustrated in Figure 2. Boulton & Barnes Expires January 2, 2006 [Page 5] Internet-Draft MSRP Conferencing July 2005 ------------------------------------------- | XCON Conference Identifier | ------------------------------------------- | MSRP Session ID=8asjdhk | | MSRP Session ID=38iuhds | | MSRP Session ID=djiowid | | MSRP Session ID=389hewu | ------------------------------------------- Figure 2: Session Association On issuing an MSRP request to any of the MSRP sessions that are members of a Conference, the message will be replicated to all other MSRP Sessions that are participants of the Conference. An MSRP capable client wishing to join a conference uses standardized XCON mechanisms for creating and joining a Conference. SIP signaling mechanisms for creating and joining a conference are defined in SIPPING Conference Framework [3] and non signaling specific mechanisms are defined in the XCON Framework [2]. Each conference created in accordance with the XCON data model (as defined in the XCON framework) has a unique internal representation in the form of a Conference Data object. This representation provides a unique external key for use in various conference operations (e.g. Identify a specific conference for use by the Data Manipulation Protocol [ref]). This document will use the unique Conference Object identifier, in association with a unique user identifier, as a means to identify an MSRP session in association with a conference represented by the Conference Identifier. [Editors Note: The following is based on current discussion in the XCON framework and would align appropriately] This can be achieved as follows: o Various mechanisms are used to create a conference within an XCON compliant Conference server. These include using the Data Manipulation Protocol and SIP signaling to generate a unique conference identifier from the Conference Factory. The XCON Conference Identifier might look something like:- xcon:conf=1234. o It is proposed that the Conference system and MSRP signaling interface use the Conference Identifier when creating MSRP sessions for conference participants. As part of the SIP offer/ answer exchange between the Focus and an MSRP client when adding an MSRP clients to a conference, the focus must create appropriate SDP that complies with section 8.1 of [4]. Boulton & Barnes Expires January 2, 2006 [Page 6] Internet-Draft MSRP Conferencing July 2005 o As part of the SDP construction for the offer/answer the Conference Focus has to provide an 'msrp:' URL, as defined in section 6 of [4]. It is proposed that the contents of this URL is the primary identifier for the associated conference instance. The unique identifier for an MSRP session is currently located within the SDP 'a=path' attribute, as shown by the string '2s93i9' in Figure 3. This session Identifier is created by an MSRP client for identification purposes and so adding semantics only impacts the creating entity. a=path:msrp://alice.example.com:7394/2s93i9;tcp Figure 3: Example MSRP URL o A conference server will use the semantics defined for the session identifier in an 'msrp' URL to identify both a specific conference and a participating user. The Focus MUST ensure that the uniqueness of the whole MSRP URL is maintained for compliance to the core MSRP specification . An example of how this could be achieved is defined in Figure 4. a=path:msrp://alice.example.com:7394/Conf=123456~userID=654321~;tcp Figure 4: Example MSRP URL with Conference Identifier o In this example the session identifier contains the following string 'Conf=123456~userID=654321~'. This string can be broken down to several into pieces of conference specific information. The first part of the string contains the Conference Identifier for which this message is intended. An MSRP conference entity receiving an MSRP SEND request would search for the string 'Conf=' and extract the identifier from the '=' sign to the '~' character. The MSRP conference entity can then compare with existing conference instances to see if there is a match. Using semantics in the session identifier allows the reuse of connections to the conference system. o After extracting the conference identifier from the MSRP URL, the MSRP entity can then extract the unique user identifier. After the first '~' sign, a unique user identifier can be found of the form userID=654321~ from Figure 4. This allows the controlling MSRP entity to internally identify the user issuing the SEND request and then send the request to all other participants in the conference instance. o Using this mechanism does not make any additional requirements on MSRP clients. The information contained in the MSRP URL is just viewed as a random session identifier. Boulton & Barnes Expires January 2, 2006 [Page 7] Internet-Draft MSRP Conferencing July 2005 4. Text Sidebar The Session Based Messaging Conferencing requirements document [6] identifies the requirement (REQ-GEN-12) to set up a sidebar conference with one or more participants of the conference. The concept of a 'sidebar' in an XCON compliant conference system is fully described in section 7.3 of the XCON Framework document [2]. The creation, manipulation and deletion of sidebars for MSRP based sessions has the same principles. [Editors note: see current sidebar proposal in the XCON FW relating to cloning a conference object with no associated time reference. This provides a current sub-conference.] Creating a sidebar representation for MSRP would have internal ramifications in a Conference System. It would involve the creation of a cloned conference object (see editor's note above) that associates the appropriate Conference users. This would then involve a new session being established to convey the Sidebar information. The session would be created in the same manner as described in Section 3.1 with a new 'conf=' parameter in the 'msrp' session ID but the consistent 'userID'. This would again create unique session identifiers that can be associated with the sidebar instance. The Conference system would also manage the mapping between the sidebar and the main conference. [Editors note: Lots more detail to insert.] 5. Private Message The Session Based Messaging Conferencing Requirements document [6] identifies a set of requirements to support the ability to send a private message to another participant in a conference. A private message would not be seen by any other conference participants. The mechanism for achieving this follows on from the semantics contained in the construction of the identifying 'a=path' attribute, as described in Section 3.1. This example used the 'conf=' and 'userID=' identifiers in the session identifier of the 'msrp' URL. It is proposed that if a user wishes to send a private message to another user in a conference it extends the use of such identifiers. This can be achieved using an optional 'priv=' identifier. If this identifier exists within a conference, then the SEND message is only distributed to the one location contained in the 'priv=' identifier. If the identifier does not exist within a Conference, the SEND message SHOULD NOT be distributed to the Conference members and should be rejected with an appropriate error response. Boulton & Barnes Expires January 2, 2006 [Page 8] Internet-Draft MSRP Conferencing July 2005 An example of an 'msrp' URL containing the 'priv=' identifier is contained in Figure 5 a=path:msrp://alice.example.com:7394/Conf=123456~userID=654321~priv=abcdef~;tcp Figure 5: Example MSRP Private Message URL [Editors note: Need to explain how a conference client obtains individual participant identifiers. The initial inclination is to propose the conference package rather than define a new Event package, but this is also a more general question relating to the XCON FW, as well (i.e. we need to complete and agree the work on identifiers there to better understand the general approach).] This section describes a mechanism to send a private message to one other participant in a conference. If there is a desire to involve more than one other participant in the private messaging, then a sidebar would be used. 6. Security Considerations As discussed in the XCON Framework, there are a wide variety of potential attacks related to conferencing, due to the natural involvement of multiple endpoints and the many, often user-invoked, capabilities provided by the conferencing system. Examples of attacks in the context of MSRP conferencing would include the following: an endpoint attempting to receive the messages for conferences in which it is not authorized to participate, an endpoint attempting to disconnect other users, and theft of service, by an endpoint, in attempting to create conferences it is not allowed to create. Since this solution makes use of existing protocols (e.g. MSRP, Conference Control Protocol, SIP), it also re-uses the security solutions for those protocols and the associated authorization mechanisms. There are security issues associated with the authorization to specifically perform the MSRP conferencing capability. Since, this solution makes use of the XCON framework, it makes use of the policy associated with the Conference Object to ensure that only authorized entities are able to manipulate the data to access the capabilities. This solution also makes use of the privacy and security of the identity of a user in the conference, as discussed in the XCON Framework. [Editor's Note: Are there any security issues unique to MSRP conferencing that aren't covered by based MSRP, MSRP relays or the conferencing framework? ] Boulton & Barnes Expires January 2, 2006 [Page 9] Internet-Draft MSRP Conferencing July 2005 7. Acknowledgements The authors would like to thank Miguel Garcia-Martin for his comments on this document and discussion of the solution options. 8. References 8.1 Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 8.2 Informative References [2] Barnes, M., "A Framework and Data Model for Centralized Conferencing", draft-ietf-xcon-framework-00 (work in progress), May 2005. [3] Rosenberg, J., "A Framework for Conferencing with the Session Initiation Protocol", draft-ietf-sipping-conferencing-framework-05 (work in progress), May 2005. [4] Campbell, B., "The Message Session Relay Protocol", draft-ietf-simple-message-sessions-10 (work in progress), February 2005. [5] Jennings, C. and R. Mahy, "Relay Extensions for the Message Sessions Relay Protocol (MSRP)", draft-ietf-simple-msrp-relays-04 (work in progress), June 2005. [6] Niemi, A. and M. Garcia-Martin, "Requirements for Private Messaging in Centralized Conference Environments", draft-garcia-xcon-private-messaging-reqs-01 (work in progress), June 2005. [7] Niemi, A. and M. Garcia-Martin, "Multi-party Message Sessions using the Message Session Relay Protocol (MSRP)", draft-niemi-simple-chat-02 (work in progress), February 2005. Boulton & Barnes Expires January 2, 2006 [Page 10] Internet-Draft MSRP Conferencing July 2005 Authors' Addresses Chris Boulton Ubiquity Software Corporation Building 3 Wern Fawr Lane St Mellons Cardiff, South Wales CF3 5EA Email: cboulton@ubiquitysoftware.com Mary Barnes Nortel 2201 Lakeside Blvd Richardson, TX Email: mary.barnes@nortel.com Boulton & Barnes Expires January 2, 2006 [Page 11] Internet-Draft MSRP Conferencing July 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Boulton & Barnes Expires January 2, 2006 [Page 12]