Internet DRAFT - draft-roach-sip-herfp-avoidance
draft-roach-sip-herfp-avoidance
SIP WG A. B. Roach
Internet-Draft R. Sparks
Expires: April 19, 2006 B. Campbell
Estacado Systems
October 16, 2005
An Extension to Avoid the Occurance of HERFP
draft-roach-sip-herfp-avoidance-00
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 19, 2006.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
The processing of SIP reqeusts by certain types of proxies can lead
to situations in which multiple non-sucessful responses are
generated, only one of which is ultimately reported to the originator
of the response. In many cases, these non-successful responses
indicate conditions that can be addressed by the requestor, and then
retried; therefore, the elision of them by proxies can lead to a
decrease in the rechability of certain network entites.
Roach, et al. Expires April 19, 2006 [Page 1]
�
Internet-Draft MSRP Relays October 2005
This document defines a mechanism that can be employed to avoid the
dropping of such requests with minimal implementation complexity.
Table of Contents
1. Conventions and Definitions . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.1. User Agent Client Behavior . . . . . . . . . . . . . . . . 3
3.2. User Agent Server Behavior . . . . . . . . . . . . . . . . 4
3.3. Proxy Behavior . . . . . . . . . . . . . . . . . . . . . . 4
4. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5
6.1. Normative References . . . . . . . . . . . . . . . . . . . 5
6.2. Informative References . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6
Intellectual Property and Copyright Statements . . . . . . . . . . 7
Roach, et al. Expires April 19, 2006 [Page 2]
�
Internet-Draft MSRP Relays October 2005
1. Conventions and Definitions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
2. Introduction
RFC 3261 defines a behavior by which a proxy is allowed, upon receipt
of a request, to retarget it to multiple destinations (serially, in
parallel, or a combination of the two). This behavior is referred to
as "forking." If a proxy forks a request, it generally waits until
one of the multiple requests succeeds (with a 200-class response), or
until they all fail. Upon failure, only one error response -- the
one deemed "best" by the proxy -- is returned towards the UAC that
initiated the request. As a consequence, such forking can result in
a significant loss of information about the User Agent Servers that
were contacted. This behavior leads to a whole class of problems,
historically referred to as Heterogeneous Error Response Forking
Problems (HERFPs). These problems include the inablity to perform
HTTP-style authentication through forking proxies, difficulty in
negotiating many extensions, and forcing proxies to recurse on 300-
class responses (thus taking control of such retargeting out of the
hands of the users).
Several key architects of the SIP protocol have been working on this
problem for nearly five years. Even the most promising of such
solutions (draft-mahy-sipping-herfp-fix-00) result in a significant
increase in implementation complexity at proxies, and require
gyrations at the UAC to deal with relatively intimate knowledge of
"failed" branches of forked requests.
As a consequence of the stubborness of this class of problem and the
resultant complexity of any proposed solutions, the authors of this
document have concluded that HERFPs may be incurable, and should
instead be avoided. This document describes prophylactic measures by
which networks can prevent HERFPs altogether, instead of trying to
solve the symptoms that arise after such problems have already
occured.
3. Mechanism
3.1. User Agent Client Behavior
User Agent Clients that wish to require that the behavior exhibited
in this document can indicate such a requirement by including a
Roach, et al. Expires April 19, 2006 [Page 3]
�
Internet-Draft MSRP Relays October 2005
"Proxy-Require" header field containing a token of "rmt". ("rmt" is
an abbreviation for "Redirect Multiple Targets").
In general, however, proxies implementing the mechanism described in
this document are expected to apply it in all cases; the inclusion of
such a "Proxy-Require" header field is useful only if the UAC wishes
for requests through non-compliant proxies to actually fail.
User Agent Clients are generally required to handle 300-class
responses with multiple "Contact" header fields in an intelligent
manner, typically taking q-values into consideration. The mechanism
described in this document does nothing to change this fact; however,
it does emphasize the importance of such handling.
As with proxies, one common ordering mechanism for clients is to use
the qvalue parameter of targets obtained from Contact header fields.
Targets are processed from highest qvalue to lowest. Targets with
equal qvalues may be processed in parallel. Additionally, the
ordering mechanism may interact with the user to determine a
preferred behavior, providing finer-grained control over calls than
is possible with proxy recursion.
Note that this specification places no normative requirements on User
Agent Clients.
3.2. User Agent Server Behavior
No modification to the behavior of User Agent Servers is necessary
for this mechanism.
3.3. Proxy Behavior
Proxies compliant to this specification have two simple requirements
placed upon them:
o Proxies MUST NOT recurse on 300-class responses.
o Proxies MUST NOT fork requests of any kind.
The first requirement can be met by trivially proxying all 300-class
responses back towards the UAC instead of acting upon them.
One trivial way to meet the second requirement is as follows: proxies
form the target set as they normally do. If the target set contains
more than one target, the proxy responds to the request with a 300
response instead of proxying it. This response contains a Contact
header-field containing every target in the target set. Handling in
the case of target sets with zero or one targets remains unchanged.
Roach, et al. Expires April 19, 2006 [Page 4]
�
Internet-Draft MSRP Relays October 2005
The only additional normative behavior described for proxies
compliant to this specification is that such proxies are not required
to return a 420 response as a consequence of encountering a "Proxy-
Require" header field containing a token of "rmt".
4. Security Considerations
One salient difference between a proxy forking a request and
returning a 300-class response to the requestor is that responding
with a 300-class response provides the requestor with a full list of
targets, whereas forking the request reveals only the contact
information for the successful respondant. While providing this full
list of contacts is not likely to reveal private information (since
some subset of them will be revealed when the request completes), it
is possible that some parties may imagine a requirement for hiding
the full set of targets. If such is the case, this requirement can
be satisfied without requiring any additional protocol modification:
instead of returning the target set to the requestor, the server
instead creates a set of unique tokens -- one for each target -- and
uses them to create new URIs. The host portion of these URIs will
resolve to the server itself. When a request arrives for any of
these tokens, the server rewrites the URI to be the appropriate
target and proxies the request normally. This technique can be
performed either statefully (the token is simply a correlator), or
statelessly (the token is an encrypted form of the target URI,
possibly with an embedded timestamp to limit validity).
5. IANA Considerations
[TODO: Add "rmt" Proxy-Require tag]
6. References
6.1. Normative References
6.2. Informative References
Roach, et al. Expires April 19, 2006 [Page 5]
�
Internet-Draft MSRP Relays October 2005
Authors' Addresses
Adam Roach
Estacado Systems
17210 Campbell Rd.
Suite 250
Dallas, TX 75252
US
Phone: sip:adam@estacado.net
Email: adam@estacado.net
Robert Sparks
Estacado Systems
17210 Campbell Rd.
Suite 250
Dallas, TX 75252
US
Phone: sip:RjS@estacado.net
Email: RjS@estacado.net
Ben Campbell
Estacado Systems
17210 Campbell Rd.
Suite 250
Dallas, TX 75252
US
Phone: sip:ben@estacado.net
Email: ben@estacado.net
Roach, et al. Expires April 19, 2006 [Page 6]
�
Internet-Draft MSRP Relays October 2005
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Roach, et al. Expires April 19, 2006 [Page 7]
�
