tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search     info

RFC 7866

 
 
 

Session Recording Protocol

Part 2 of 2, p. 20 to 45
Prev RFC Part

 


prevText      Top      ToC       Page 20 
8.  RTP Handling

   This section provides recommendations and guidelines for RTP and the
   Real-time Transport Control Protocol (RTCP) in the context of SIPREC
   [RFC6341].  In order to communicate most effectively, the SRC, the
   SRS, and any recording-aware UAs should utilize the mechanisms
   provided by RTP in a well-defined and predictable manner.  It is the
   goal of this document to make the reader aware of these mechanisms
   and to provide recommendations and guidelines.

8.1.  RTP Mechanisms

   This section briefly describes important RTP/RTCP constructs and
   mechanisms that are particularly useful within the context of SIPREC.

8.1.1.  RTCP

   The RTP data transport is augmented by a control protocol (RTCP) to
   allow monitoring of the data delivery.  RTCP, as defined in
   [RFC3550], is based on the periodic transmission of control packets
   to all participants in the RTP session, using the same distribution
   mechanism as the data packets.  Support for RTCP is REQUIRED, per
   [RFC3550], and it provides, among other things, the following
   important functionality in relation to SIPREC:

   1) Feedback on the quality of the data distribution

      This feedback from the receivers may be used to diagnose faults in
      the distribution.  As such, RTCP is a well-defined and efficient
      mechanism for the SRS to inform the SRC, and for the SRC to inform
      recording-aware UAs, of issues that arise with respect to the
      reception of media that is to be recorded.

   2) Including a persistent transport-level identifier -- the CNAME, or
      canonical name -- for an RTP source

      The synchronization source (SSRC) [RFC3550] identifier may change
      if a conflict is discovered or a program is restarted, in which
      case receivers can use the CNAME to keep track of each
      participant.  Receivers may also use the CNAME to associate

Top      Up      ToC       Page 21 
      multiple data streams from a given participant in a set of related
      RTP sessions -- for example, to synchronize audio and video.
      Synchronization of media streams is also facilitated by the NTP
      and RTP timestamps included in RTCP packets by data senders.

8.1.2.  RTP Profile

   The RECOMMENDED RTP profiles for the SRC, SRS, and recording-aware
   UAs are "Extended Secure RTP Profile for Real-time Transport Control
   Protocol (RTCP)-Based Feedback (RTP/SAVPF)" [RFC5124] when using
   encrypted RTP streams, and "Extended RTP Profile for Real-time
   Transport Control Protocol (RTCP)-Based Feedback (RTP/AVPF)"
   [RFC4585] when using non-encrypted media streams.  However, as these
   are not requirements, some implementations may use "The Secure
   Real-time Transport Protocol (SRTP)" [RFC3711] and "RTP Profile for
   Audio and Video Conferences with Minimal Control" [RFC3551].
   Therefore, it is RECOMMENDED that the SRC, SRS, and recording-aware
   UAs not rely entirely on RTP/SAVPF or RTP/AVPF for core functionality
   that may be at least partially achievable using RTP/SAVP and RTP/AVP.

   AVPF and SAVPF provide an improved RTCP timer model that allows more
   flexible transmission of RTCP packets in response to events, rather
   than strictly according to bandwidth.  AVPF-based codec control
   messages provide efficient mechanisms for an SRC, an SRS, and
   recording-aware UAs to handle events such as scene changes, error
   recovery, and dynamic bandwidth adjustments.  These messages are
   discussed in more detail later in this document.

   SAVP and SAVPF provide media encryption, integrity protection, replay
   protection, and a limited form of source authentication.  They do not
   contain or require a specific keying mechanism.

8.1.3.  SSRC

   The SSRC, as defined in [RFC3550], is carried in the RTP header and
   in various fields of RTCP packets.  It is a random 32-bit number that
   is required to be globally unique within an RTP session.  It is
   crucial that the number be chosen with care, in order that
   participants on the same network or starting at the same time are not
   likely to choose the same number.  Guidelines regarding SSRC value
   selection and conflict resolution are provided in [RFC3550].

   The SSRC may also be used to separate different sources of media
   within a single RTP session.  For this reason, as well as for
   conflict resolution, it is important that the SRC, SRS, and
   recording-aware UAs handle changes in SSRC values and properly
   identify the reason for the change.  The CNAME values carried in RTCP
   facilitate this identification.

Top      Up      ToC       Page 22 
8.1.4.  CSRC

   The contributing source (CSRC), as defined in [RFC3550], identifies
   the source of a stream of RTP packets that has contributed to the
   combined stream produced by an RTP mixer.  The mixer inserts a list
   of the SSRC identifiers of the sources that contributed to the
   generation of a particular packet into the RTP header of that packet.
   This list is called the CSRC list.  It is RECOMMENDED that an SRC or
   recording-aware UA, when acting as a mixer, set the CSRC list
   accordingly, and that the SRC and SRS interpret the CSRC list per
   [RFC3550] when received.

8.1.5.  SDES

   The Source Description (SDES), as defined in [RFC3550], contains an
   SSRC/CSRC identifier followed by a list of zero or more items that
   carry information about the SSRC/CSRC.  End systems send one SDES
   packet containing their own source identifier (the same as the SSRC
   in the fixed RTP header).  A mixer sends one SDES packet containing a
   chunk for each CSRC from which it is receiving SDES information, or
   multiple complete SDES packets if there are more than 31 such
   sources.

   The ability to identify individual CSRCs is important in the context
   of SIPREC.  Metadata [RFC7865] provides a mechanism to achieve this
   at the signaling level.  SDES provides a mechanism at the RTP level.

8.1.5.1.  CNAME

   The Canonical End-Point Identifier (CNAME), as defined in [RFC3550],
   provides the binding from the SSRC identifier to an identifier for
   the source (sender or receiver) that remains constant.  It is
   important that the SRC and recording-aware UAs generate CNAMEs
   appropriately and that the SRC and SRS interpret and use them for
   this purpose.  Guidelines for generating CNAME values are provided in
   "Guidelines for Choosing RTP Control Protocol (RTCP) Canonical Names
   (CNAMEs)" [RFC7022].

8.1.6.  Keepalive

   It is anticipated that media streams in SIPREC may exist in an
   inactive state for extended periods of time for any of a number of
   valid reasons.  In order for the bindings and any pinholes in
   NATs/firewalls to remain active during such intervals, it is
   RECOMMENDED that the SRC, SRS, and recording-aware UAs follow the
   keepalive procedure recommended in "Application Mechanism for Keeping
   Alive the NAT Mappings Associated with RTP / RTP Control Protocol
   (RTCP) Flows" [RFC6263] for all RTP media streams.

Top      Up      ToC       Page 23 
8.1.7.  RTCP Feedback Messages

   "Codec Control Messages in the RTP Audio-Visual Profile with Feedback
   (AVPF)" [RFC5104] specifies extensions to the messages defined in
   AVPF [RFC4585].  Support for and proper usage of these messages are
   important to SRC, SRS, and recording-aware UA implementations.  Note
   that these messages are applicable only when using the AVPF or SAVPF
   RTP profiles.

8.1.7.1.  Full Intra Request

   A Full Intra Request (FIR) command, when received by the designated
   media sender, requires that the media sender send a decoder refresh
   point at the earliest opportunity.  Using a decoder refresh point
   implies refraining from using any picture sent prior to that point as
   a reference for the encoding process of any subsequent picture sent
   in the stream.

   Decoder refresh points, especially Intra or Instantaneous Decoding
   Refresh (IDR) pictures for H.264 video codecs, are in general several
   times larger in size than predicted pictures.  Thus, in scenarios in
   which the available bit rate is small, the use of a decoder refresh
   point implies a delay that is significantly longer than the typical
   picture duration.

8.1.7.1.1.  Deprecated Usage of SIP INFO Instead of FIR

   "XML Schema for Media Control" [RFC5168] defines an Extensible Markup
   Language (XML) Schema for video fast update.  Implementations are
   discouraged from using the method described in [RFC5168], except for
   purposes of backward compatibility.  Implementations SHOULD use FIR
   messages instead.

   To make sure that a common mechanism exists between the SRC and SRS,
   the SRS MUST support both mechanisms (FIR and SIP INFO), using FIR
   messages when negotiated successfully with the SRC and using SIP INFO
   otherwise.

8.1.7.2.  Picture Loss Indication

   Picture Loss Indication (PLI), as defined in [RFC4585], informs the
   encoder of the loss of an undefined amount of coded video data
   belonging to one or more pictures.  [RFC4585] recommends using PLI
   instead of FIR messages to recover from errors.  FIR is appropriate
   only in situations where not sending a decoder refresh point would
   render the video unusable for the users.  Examples where sending FIR
   messages is appropriate include a multipoint conference when a new

Top      Up      ToC       Page 24 
   user joins the conference and no regular decoder refresh point
   interval is established, and a video-switching Multipoint Control
   Unit (MCU) that changes streams.

   Appropriate use of PLI and FIR is important to ensure, with minimum
   overhead, that the recorded video is usable (e.g., the necessary
   reference frames exist for a player to render the recorded video).

8.1.7.3.  Temporary Maximum Media Stream Bit Rate Request

   A receiver, translator, or mixer uses the Temporary Maximum Media
   Stream Bit Rate Request (TMMBR) [RFC5104] to request a sender to
   limit the maximum bit rate for a media stream to the provided value.
   Appropriate use of TMMBR facilitates rapid adaptation to changes in
   available bandwidth.

8.1.7.3.1.  Renegotiation of SDP Bandwidth Attribute

   If it is likely that the new value indicated by TMMBR will be valid
   for the remainder of the session, the TMMBR sender is expected to
   perform a renegotiation of the session upper limit using the session
   signaling protocol.  Therefore, for SIPREC, implementations are
   RECOMMENDED to use TMMBR for temporary changes and renegotiation of
   bandwidth via SDP offer/answer for more permanent changes.

8.1.8.  Symmetric RTP/RTCP for Sending and Receiving

   Within an SDP offer/answer exchange, RTP entities choose the RTP and
   RTCP transport addresses (i.e., IP addresses and port numbers) on
   which to receive packets.  When sending packets, the RTP entities may
   use the same source port or a different source port than those
   signaled for receiving packets.  When the transport address used to
   send and receive RTP is the same, it is termed "symmetric RTP"
   [RFC4961].  Likewise, when the transport address used to send and
   receive RTCP is the same, it is termed "symmetric RTCP" [RFC4961].

   When sending RTP, the use of symmetric RTP is REQUIRED.  When sending
   RTCP, the use of symmetric RTCP is REQUIRED.  Although an SRS will
   not normally send RTP, it will send RTCP as well as receive RTP and
   RTCP.  Likewise, although an SRC will not normally receive RTP from
   the SRS, it will receive RTCP as well as send RTP and RTCP.

      Note: Symmetric RTP and symmetric RTCP are different from RTP/RTCP
      multiplexing [RFC5761].

Top      Up      ToC       Page 25 
8.2.  Roles

   An SRC has the task of gathering media from the various UAs in one or
   more CSs and forwarding the information to the SRS within the context
   of a corresponding RS.  There are numerous ways in which an SRC may
   do this, including, but not limited to, appearing as a UA within a
   CS, or as a B2BUA between UAs within a CS.

                    (Recording Session)   +---------+
                  +------------SIP------->|         |
                  |  +------RTP/RTCP----->|   SRS   |
                  |  |    +-- Metadata -->|         |
                  |  |    |               +---------+
                  v  v    |
                 +---------+
                 |   SRC   |
                 |---------| (Communication Session) +---------+
                 |         |<----------SIP---------->|         |
                 |  UA-A   |                         |  UA-B   |
                 |         |<-------RTP/RTCP-------->|         |
                 +---------+                         +---------+

                            Figure 8: UA as SRC


                                   (Recording Session)   +---------+
                                 +------------SIP------->|         |
                                 |  +------RTP/RTCP----->|   SRS   |
                                 |  |    +-- Metadata -->|         |
                                 |  |    |               +---------+
                                 v  v    |
                                +---------+
                                |   SRC   |
       +---------+              |---------|              +---------+
       |         |<----SIP----->|         |<----SIP----->|         |
       |  UA-A   |              |  B2BUA  |              |  UA-B   |
       |         |<--RTP/RTCP-->|         |<--RTP/RTCP-->|         |
       +---------+              +---------+              +---------+
             |_______________________________________________|
                          (Communication Session)

                          Figure 9: B2BUA as SRC

   The following subsections define a set of roles an SRC may choose to
   play, based on its position with respect to a UA within a CS, and an
   SRS within an RS.  A CS and a corresponding RS are independent
   sessions; therefore, an SRC may play a different role within a CS
   than it does within the corresponding RS.

Top      Up      ToC       Page 26 
8.2.1.  SRC Acting as an RTP Translator

   The SRC may act as a translator, as defined in [RFC3550].  A defining
   characteristic of a translator is that it forwards RTP packets with
   their SSRC identifier intact.  There are two types of translators:
   one that simply forwards, and another that performs transcoding
   (e.g., from one codec to another) in addition to forwarding.

8.2.1.1.  Forwarding Translator

   When acting as a forwarding translator, RTP received as separate
   streams from different sources (e.g., from different UAs with
   different SSRCs) cannot be mixed by the SRC and MUST be sent
   separately to the SRS.  All RTCP reports MUST be passed by the SRC
   between the UAs and the SRS, such that the UAs and SRS are able to
   detect any SSRC collisions.

   RTCP Sender Reports generated by a UA sending a stream MUST be
   forwarded to the SRS.  RTCP Receiver Reports generated by the SRS
   MUST be forwarded to the relevant UA.

   UAs may receive multiple sets of RTCP Receiver Reports -- one or more
   from other UAs participating in the CS, and one from the SRS
   participating in the RS.  A UA SHOULD process the RTCP Receiver
   Reports from the SRS if it is recording aware.

   If SRTP is used on both the CS and the RS, decryption and/or
   re-encryption may occur.  For example, if different keys are used, it
   will occur.  If the same keys are used, it need not occur.
   Section 12 provides additional information on SRTP and keying
   mechanisms.

   If packet loss occurs, either from the UA to the SRC or from the SRC
   to the SRS, the SRS SHOULD detect and attempt to recover from the
   loss.  The SRC does not play a role in this, other than forwarding
   the associated RTP and RTCP packets.

8.2.1.2.  Transcoding Translator

   When acting as a transcoding translator, an SRC MAY perform
   transcoding (e.g., from one codec to another), and this may result in
   a different rate of packets between what the SRC receives on the CS
   and what the SRC sends on the RS.  As when acting as a forwarding
   translator, RTP received as separate streams from different sources
   (e.g., from different UAs with different SSRCs) cannot be mixed by
   the SRC and MUST be sent separately to the SRS.  All RTCP reports
   MUST be passed by the SRC between the UAs and the SRS, such that the
   UAs and SRS are able to detect any SSRC collisions.

Top      Up      ToC       Page 27 
   RTCP Sender Reports generated by a UA sending a stream MUST be
   forwarded to the SRS.  RTCP Receiver Reports generated by the SRS
   MUST be forwarded to the relevant UA.  The SRC may need to manipulate
   the RTCP Receiver Reports to take into account any transcoding that
   has taken place.

   UAs may receive multiple sets of RTCP Receiver Reports -- one or more
   from other UAs participating in the CS, and one from the SRS
   participating in the RS.  A recording-aware UA SHOULD be prepared to
   process the RTCP Receiver Reports from the SRS, whereas a recording-
   unaware UA may discard such RTCP packets as irrelevant.

   If SRTP is used on both the CS and the RS, decryption and/or
   re-encryption may occur.  For example, if different keys are used, it
   will occur.  If the same keys are used, it need not occur.
   Section 12 provides additional information on SRTP and keying
   mechanisms.

   If packet loss occurs, either from the UA to the SRC or from the SRC
   to the SRS, the SRS SHOULD detect and attempt to recover from the
   loss.  The SRC does not play a role in this, other than forwarding
   the associated RTP and RTCP packets.

8.2.2.  SRC Acting as an RTP Mixer

   In the case of the SRC acting as an RTP mixer, as defined in
   [RFC3550], the SRC combines RTP streams from different UAs and sends
   them towards the SRS using its own SSRC.  The SSRCs from the
   contributing UA SHOULD be conveyed as CSRC identifiers within this
   stream.  The SRC may make timing adjustments among the received
   streams and generate its own timing on the stream sent to the SRS.
   Optionally, an SRC acting as a mixer can perform transcoding and can
   even cope with different codings received from different UAs.  RTCP
   Sender Reports and Receiver Reports are not forwarded by an SRC
   acting as a mixer, but there are requirements for forwarding RTCP
   Source Description (SDES) packets.  The SRC generates its own RTCP
   Sender Reports and Receiver Reports toward the associated UAs
   and SRS.

   The use of SRTP between the SRC and the SRS for the RS is independent
   of the use of SRTP between the UAs and the SRC for the CS.
   Section 12 provides additional information on SRTP and keying
   mechanisms.

   If packet loss occurs from the UA to the SRC, the SRC SHOULD detect
   and attempt to recover from the loss.  If packet loss occurs from
   the SRC to the SRS, the SRS SHOULD detect and attempt to recover from
   the loss.

Top      Up      ToC       Page 28 
8.2.3.  SRC Acting as an RTP Endpoint

   The case of the SRC acting as an RTP endpoint, as defined in
   [RFC3550], is similar to the mixer case, except that the RTP session
   between the SRC and the SRS is considered completely independent from
   the RTP session that is part of the CS.  The SRC can, but need not,
   mix RTP streams from different participants prior to sending to the
   SRS.  RTCP between the SRC and the SRS is completely independent of
   RTCP on the CS.

   The use of SRTP between the SRC and the SRS for the RS is independent
   of the use of SRTP between the UAs and SRC for the CS.  Section 12
   provides additional information on SRTP and keying mechanisms.

   If packet loss occurs from the UA to the SRC, the SRC SHOULD detect
   and attempt to recover from the loss.  If packet loss occurs from
   the SRC to the SRS, the SRS SHOULD detect and attempt to recover from
   the loss.

8.3.  RTP Session Usage by SRC

   There are multiple ways that an SRC may choose to deliver recorded
   media to an SRS.  In some cases, it may use a single RTP session for
   all media within the RS, whereas in others it may use multiple RTP
   sessions.  The following subsections provide examples of basic RTP
   session usage by the SRC, including a discussion of how the RTP
   constructs and mechanisms covered previously are used.  An SRC may
   choose to use one or more of the RTP session usages within a single
   RS.  For the purpose of base interoperability between SRC and SRS, an
   SRC MUST support separate m-lines in SDP, one per CS media direction.
   The set of RTP session usages described is not meant to be
   exhaustive.

8.3.1.  SRC Using Multiple m-lines

   When using multiple m-lines, an SRC includes each m-line in an SDP
   offer to the SRS.  The SDP answer from the SRS MUST include all
   m-lines, with any rejected m-lines indicated with a zero port, per
   [RFC3264].  Having received the answer, the SRC starts sending media
   to the SRS as indicated in the answer.  Alternatively, if the SRC
   deems the level of support indicated in the answer to be
   unacceptable, it may initiate another SDP offer/answer exchange in
   which an alternative RTP session usage is negotiated.

Top      Up      ToC       Page 29 
   In order to preserve the mapping of media to participant within the
   CSs in the RS, the SRC SHOULD map each unique CNAME within the CSs to
   a unique CNAME within the RS.  Additionally, the SRC SHOULD map each
   unique combination of CNAME/SSRC within the CSs to a unique
   CNAME/SSRC within the RS.  In doing so, the SRC may act as an
   RTP translator or as an RTP endpoint.

   Figure 10 illustrates a case in which each UA represents a
   participant contributing two RTP sessions (e.g., one for audio and
   one for video), each with a single SSRC.  The SRC acts as an RTP
   translator and delivers the media to the SRS using four RTP sessions,
   each with a single SSRC.  The CNAME and SSRC values used by the UAs
   within their media streams are preserved in the media streams from
   the SRC to the SRS.

                                                        +---------+
                                +------------SSRC Aa--->|         |
                                |  + --------SSRC Av--->|         |
                                |  |  +------SSRC Ba--->|   SRS   |
                                |  |  |  +---SSRC Bv--->|         |
                                |  |  |  |              +---------+
                                |  |  |  |
                                |  |  |  |
       +---------+             +----------+             +---------+
       |         |---SSRC Aa-->|   SRC    |<--SSRC Ba---|         |
       |  UA-A   |             |(CNAME-A, |             |  UA-B   |
       |(CNAME-A)|---SSRC Av-->| CNAME-B) |<--SSRC Bv---|(CNAME-B)|
       +---------+             +----------+             +---------+

                   Figure 10: SRC Using Multiple m-lines

8.3.2.  SRC Using Mixing

   When using mixing, the SRC combines RTP streams from different
   participants and sends them towards the SRS using its own SSRC.  The
   SSRCs from the contributing participants SHOULD be conveyed as CSRC
   identifiers.  The SRC includes one m-line for each RTP session in an
   SDP offer to the SRS.  The SDP answer from the SRS MUST include all
   m-lines, with any rejected m-lines indicated with a zero port, per
   [RFC3264].  Having received the answer, the SRC starts sending media
   to the SRS as indicated in the answer.

   In order to preserve the mapping of media to participant within the
   CSs in the RS, the SRC SHOULD map each unique CNAME within the CSs to
   a unique CNAME within the RS.  Additionally, the SRC SHOULD map each
   unique combination of CNAME/SSRC within the CSs to a unique

Top      Up      ToC       Page 30 
   CNAME/SSRC within the RS.  The SRC MUST avoid SSRC collisions,
   rewriting SSRCs if necessary when used as CSRCs in the RS.  In
   doing so, the SRC acts as an RTP mixer.

   In the event that the SRS does not support this usage of CSRC values,
   it relies entirely on the SIPREC metadata to determine the
   participants included within each mixed stream.

   Figure 11 illustrates a case in which each UA represents a
   participant contributing two RTP sessions (e.g., one for audio and
   one for video), each with a single SSRC.  The SRC acts as an RTP
   mixer and delivers the media to the SRS using two RTP sessions,
   mixing media from each participant into a single RTP session
   containing a single SSRC and two CSRCs.

                                          SSRC Sa       +---------+
                                  +-------CSRC Aa,Ba--->|         |
                                  |                     |         |
                                  |       SSRC Sv       |   SRS   |
                                  |   +---CSRC Av,Bv--->|         |
                                  |   |                 +---------+
                                  |   |
                               +----------+
       +---------+             |   SRC    |             +---------+
       |         |---SSRC Aa-->|(CNAME-S, |<--SSRC Ba---|         |
       |  UA-A   |             | CNAME-A, |             |  UA-B   |
       |(CNAME-A)|---SSRC Av-->| CNAME-B) |<--SSRC Bv---|(CNAME-B)|
       +---------+             +----------+             +---------+

                        Figure 11: SRC Using Mixing

8.4.  RTP Session Usage by SRS

   An SRS that supports recording an audio CS MUST support SRC usage of
   separate audio m-lines in SDP, one per CS media direction.  An SRS
   that supports recording a video CS MUST support SRC usage of separate
   video m-lines in SDP, one per CS media direction.  Therefore, for an
   SRS supporting a typical audio call, the SRS has to support receiving
   at least two audio m-lines.  For an SRS supporting a typical audio
   and video call, the SRS has to support receiving at least four total
   m-lines in the SDP -- two audio m-lines and two video m-lines.

   These requirements allow an SRS to be implemented that supports video
   only, without requiring support for audio recording.  They also allow
   an SRS to be implemented that supports recording only one direction
   of one stream in a CS -- for example, an SRS designed to record
   security monitoring cameras that only send (not receive) video
   without any audio.  These requirements were not written to prevent

Top      Up      ToC       Page 31 
   other modes from being implemented and used, such as using a single
   m-line and mixing the separate audio streams together.  Rather, the
   requirements were written to provide a common base mode to implement
   for the sake of interoperability.  It is important to note that an
   SRS implementation supporting the common base mode may not record all
   media streams in a CS if a participant supports more than one m-line
   in a video call, such as one for camera and one for presentation.
   SRS implementations may support other modes as well, but they have to
   at least support the modes discussed above, such that they
   interoperate in the common base mode for basic interoperability.

9.  Metadata

   Some metadata attributes are contained in SDP, and others are
   contained in a new content type called "application/rs-metadata".
   The format of the metadata is described as part of the mechanism in
   [RFC7865].  A new "disposition-type" of Content-Disposition is
   defined for the purpose of carrying metadata.  The value is
   "recording-session", which indicates that the
   "application/rs-metadata" content contains metadata to be handled by
   the SRS.

9.1.  Procedures at the SRC

   The SRC MUST send metadata to the SRS in an RS.  The SRC SHOULD send
   metadata as soon as it becomes available and whenever it changes.
   Cases in which an SRC may be justified in waiting temporarily before
   sending metadata include:

   o  waiting for a previous metadata exchange to complete (i.e., the
      SRC cannot send another SDP offer until the previous offer/answer
      completes and may also prefer not to send an UPDATE during this
      time).

   o  constraining the signaling rate on the RS.

   o  sending metadata when key events occur, rather than for every
      event that has any impact on metadata.

   The SRC may also be configured to suppress certain metadata out of
   concern for privacy or perceived lack of need for it to be included
   in the recording.

   Metadata sent by the SRC is categorized as either a full metadata
   snapshot or a partial update.  A full metadata snapshot describes all
   metadata associated with the RS.  The SRC MAY send a full metadata
   snapshot at any time.  The SRC MAY send a partial update only if a
   full metadata snapshot has been sent previously.

Top      Up      ToC       Page 32 
   The SRC MAY send metadata (either a full metadata snapshot or a
   partial update) in an INVITE request, an UPDATE request [RFC3311], or
   a 200 response to an offerless INVITE from the SRS.  If the metadata
   contains a reference to any SDP labels, the request containing the
   metadata MUST also contain an SDP offer that defines those labels.

   When a SIP message contains both an SDP offer and metadata, the
   request body MUST have content type "multipart/mixed", with one
   subordinate body part containing the SDP offer and another containing
   the metadata.  When a SIP message contains only an SDP offer or
   metadata, the "multipart/mixed" container is optional.

   The SRC SHOULD include a full metadata snapshot in the initial INVITE
   request establishing the RS.  If metadata is not yet available (e.g.,
   an RS established in the absence of a CS), the SRC SHOULD send a full
   metadata snapshot as soon as metadata becomes available.

   If the SRC receives a snapshot request from the SRS, it MUST
   immediately send a full metadata snapshot.

Top      Up      ToC       Page 33 
   Figure 12 illustrates an example of a full metadata snapshot sent by
   the SRC in the initial INVITE request:

       INVITE sip:recorder@example.com SIP/2.0
       Via: SIP/2.0/TCP src.example.com;branch=z9hG4bKdf6b622b648d9
       From: <sip:2000@example.com>;tag=35e195d2-947d-4585-946f-09839247
       To: <sip:recorder@example.com>
       Call-ID: d253c800-b0d1ea39-4a7dd-3f0e20a
       CSeq: 101 INVITE
       Max-Forwards: 70
       Require: siprec
       Accept: application/sdp, application/rs-metadata
       Contact: <sip:2000@src.example.com>;+sip.src
       Content-Type: multipart/mixed;boundary=foobar
       Content-Length: [length]

       --foobar
       Content-Type: application/sdp

       v=0
       o=SRS 2890844526 2890844526 IN IP4 198.51.100.1
       s=-
       c=IN IP4 198.51.100.1
       t=0 0
       m=audio 12240 RTP/AVP 0 4 8
       a=sendonly
       a=label:1

       --foobar
       Content-Type: application/rs-metadata
       Content-Disposition: recording-session

       [metadata content]

        Figure 12: Sample INVITE Request for the Recording Session

9.2.  Procedures at the SRS

   The SRS receives metadata updates from the SRC in INVITE and UPDATE
   requests.  Since the SRC can send partial updates based on the
   previous update, the SRS needs to keep track of the sequence of
   updates from the SRC.

   In the case of an internal failure at the SRS, the SRS may fail to
   recognize a partial update from the SRC.  The SRS may be able to
   recover from the internal failure by requesting a full metadata
   snapshot from the SRC.  Certain errors, such as syntax errors or
   semantic errors in the metadata information, are likely caused by an

Top      Up      ToC       Page 34 
   error on the SRC side, and it is likely that the same error will
   occur again even when a full metadata snapshot is requested.  In
   order to avoid repeating the same error, the SRS can simply terminate
   the RS when a syntax error or semantic error is detected in the
   metadata.

   The SRS MAY explicitly request a full metadata snapshot by sending an
   UPDATE request.  This request MUST contain a body with
   Content-Disposition type "recording-session" and MUST NOT contain an
   SDP body.  The SRS MUST NOT request a full metadata snapshot in an
   UPDATE response or in any other SIP transaction.  The format of the
   content is "application/rs-metadata", and the body is an XML
   document, the format of which is defined in [RFC7865].  Figure 13
   shows an example:

     UPDATE sip:2000@src.example.com SIP/2.0
     Via: SIP/2.0/UDP srs.example.com;branch=z9hG4bKdf6b622b648d9
     To: <sip:2000@example.com>;tag=35e195d2-947d-4585-946f-098392474
     From: <sip:recorder@example.com>;tag=1234567890
     Call-ID: d253c800-b0d1ea39-4a7dd-3f0e20a
     CSeq: 1 UPDATE
     Max-Forwards: 70
     Require: siprec
     Contact: <sip:recorder@srs.example.com>;+sip.srs
     Accept: application/sdp, application/rs-metadata
     Content-Disposition: recording-session
     Content-Type: application/rs-metadata
     Content-Length: [length]

     <?xml version="1.0" encoding="UTF-8"?>
       <requestsnapshot xmlns='urn:ietf:params:xml:ns:recording:1'>
         <requestreason xml:lang="it">SRS internal error</requestreason>
       </requestsnapshot>

                        Figure 13: Metadata Request

   Note that UPDATE was chosen for the SRS to request a metadata
   snapshot, because it can be sent regardless of the state of the
   dialog.  This was seen as better than requiring support for both
   UPDATE and re-INVITE messages for this operation.

   When the SRC receives a request for a metadata snapshot, it MUST
   immediately provide a full metadata snapshot in a separate INVITE or
   UPDATE transaction.  Any subsequent partial updates will not be
   dependent on any metadata sent prior to this full metadata snapshot.

Top      Up      ToC       Page 35 
   The metadata received by the SRS can contain ID elements used to
   cross-reference one element to another.  An element containing the
   definition of an ID and an element containing a reference to that ID
   will often be received from the same SRC.  It is also valid for those
   elements to be received from different SRCs -- for example, when each
   endpoint in the same CS acts as an SRC to record the call and a
   common ID refers to the same CS.  The SRS MUST NOT consider this an
   error.

10.  Persistent Recording

   Persistent recording is a specific use case addressing REQ-005 in
   [RFC6341], where an RS can be established in the absence of a CS.
   The SRC continuously records media in an RS to the SRS even in the
   absence of a CS for all UAs that are part of persistent recording.
   By allocating recorded streams and continuously sending recorded
   media to the SRS, the SRC does not have to prepare new recorded
   streams with a new SDP offer when a new CS is created and also does
   not impact the timing of the CS.  The SRC only needs to update the
   metadata when new CSs are created.

   When there is no CS running on the devices with persistent recording,
   there is no recorded media to stream from the SRC to the SRS.  In
   certain environments where a Network Address Translator (NAT) is
   used, a minimum amount of flow activity is typically required to
   maintain the NAT binding for each port opened.  Agents that support
   Interactive Connectivity Establishment (ICE) solve this problem.  For
   non-ICE agents, in order not to lose the NAT bindings for the
   RTP/RTCP ports opened for the recorded streams, the SRC and SRS
   SHOULD follow the recommendations provided in [RFC6263] to maintain
   the NAT bindings.

Top      Up      ToC       Page 36 
11.  IANA Considerations

11.1.  Registration of Option Tags

   This specification registers two option tags.  The required
   information for this registration, as specified in [RFC3261], is as
   follows.

11.1.1.  "siprec" Option Tag

   Name:  siprec

   Description:  This option tag is for identifying that the SIP session
      is for the purpose of an RS.  This is typically not used in a
      Supported header.  When present in a Require header in a request,
      it indicates that the UA is either an SRC or SRS capable of
      handling an RS.

11.1.2.  "record-aware" Option Tag

   Name:  record-aware

   Description:  This option tag is to indicate the ability of the UA to
      receive recording indicators in media-level or session-level SDP.
      When present in a Supported header, it indicates that the UA can
      receive recording indicators in media-level or session-level SDP.

11.2.  Registration of Media Feature Tags

   This document registers two new media feature tags in the SIP tree
   per the process defined in [RFC2506] and [RFC3840].

11.2.1.  Feature Tag for the SRC

   Media feature tag name:  sip.src

   ASN.1 Identifier:  1.3.6.1.8.4.27

   Summary of the media feature indicated by this tag:  This feature tag
      indicates that the UA is a Session Recording Client for the
      purpose of an RS.

   Values appropriate for use with this feature tag:  boolean

   The feature tag is intended primarily for use in the following
      applications, protocols, services, or negotiation mechanisms:
      This feature tag is only useful for an RS.

Top      Up      ToC       Page 37 
   Examples of typical use:  Routing the request to a Session Recording
      Server.

   Security Considerations:  Security considerations for this media
      feature tag are discussed in Section 11.1 of RFC 3840.

11.2.2.  Feature Tag for the SRS

   Media feature tag name:  sip.srs

   ASN.1 Identifier:  1.3.6.1.8.4.28

   Summary of the media feature indicated by this tag:  This feature tag
      indicates that the UA is a Session Recording Server for the
      purpose of an RS.

   Values appropriate for use with this feature tag:  boolean

   The feature tag is intended primarily for use in the following
      applications, protocols, services, or negotiation mechanisms:
      This feature tag is only useful for an RS.

   Examples of typical use:  Routing the request to a Session Recording
      Client.

   Security Considerations:  Security considerations for this media
      feature tag are discussed in Section 11.1 of RFC 3840.

11.3.  New Content-Disposition Parameter Registrations

   This document registers a new "disposition-type" value in the
   Content-Disposition header: recording-session.

   recording-session:  The body describes either

      *  metadata about the RS

         or

      *  the reason for the metadata snapshot request

      as determined by the MIME value indicated in the Content-Type.

Top      Up      ToC       Page 38 
11.4.  SDP Attributes

   This document registers the following new SDP attributes.

11.4.1.  "record" SDP Attribute

   Contact names:
      Leon Portman, leon.portman@nice.com;
      Henry Lum, henry.lum@genesyslab.com

   Attribute name: record

   Long-form attribute name: Recording Indication

   Type of attribute: session level or media level

   Subject to charset: no

   This attribute provides the recording indication for the session or
   media stream.

   Allowed attribute values: on, off, paused

11.4.2.  "recordpref" SDP Attribute

   Contact names:
      Leon Portman, leon.portman@nice.com;
      Henry Lum, henry.lum@genesyslab.com

   Attribute name: recordpref

   Long-form attribute name: Recording Preference

   Type of attribute: session level or media level

   Subject to charset: no

   This attribute provides the recording preference for the session or
   media stream.

   Allowed attribute values: on, off, pause, nopreference

Top      Up      ToC       Page 39 
12.  Security Considerations

   The RS is fundamentally a standard SIP dialog [RFC3261]; therefore,
   the RS can reuse any of the existing SIP security mechanisms
   available for securing the session signaling, the recorded media, and
   the metadata.  The use cases and requirements document [RFC6341]
   outlines the general security considerations, and this document
   describes specific security recommendations.

   The SRC and SRS MUST support SIP with Transport Layer Security (TLS)
   version 1.2, SHOULD follow the best practices when using TLS as per
   [RFC7525], and MAY use Session Initiation Protocol Secure (SIPS) with
   TLS as per [RFC5630].  The RS MUST be at least as secure as the CS;
   this means using at least the same strength of cipher suite as the CS
   if the CS is secured.  For example, if the CS uses SIPS for signaling
   and RTP/SAVP for media, then the RS may not use SIP or plain RTP
   unless other equivalent security measures are in effect, since doing
   so would mean an effective security downgrade.  Examples of other
   potentially equivalent security mechanisms include mutually
   authenticated TLS for the RS signaling channel or an appropriately
   protected network path for the RS media component.

12.1.  Authentication and Authorization

   At the transport level, the RS uses TLS authentication to validate
   the authenticity of the SRC and SRS.  The SRC and SRS MUST implement
   TLS mutual authentication for establishing the RS.  Whether the
   SRC/SRS chooses to use TLS mutual authentication is a deployment
   decision.  In deployments where a UA acts as its own SRC, this
   requires that the UA have its own certificate as needed for TLS
   mutual authentication.  In deployments where the SRC and the SRS are
   in the same administrative domain and have some other means of
   assuring authenticity, the SRC and SRS may choose not to authenticate
   each other or to have the SRC authenticate the SRS only.  In
   deployments where the SRS can be hosted on a different administrative
   domain, it is important to perform mutual authentication to ensure
   the authenticity of both the SRC and the SRS before transmitting any
   recorded media.  The risk of not authenticating the SRS is that the
   recording may be sent to an entity other than the intended SRS,
   allowing a sensitive call recording to be received by an attacker.
   On the other hand, the risk of not authenticating the SRC is that an
   SRS will accept calls from an unknown SRC and allow potential forgery
   of call recordings.

   There may be scenarios in which the signaling between the SRC and SRS
   is not direct, e.g., a SIP proxy exists between the SRC and the SRS.
   In such scenarios, each hop is subject to the TLS mutual
   authentication constraint, and transitive trust at each hop is

Top      Up      ToC       Page 40 
   utilized.  Additionally, an SRC or SRS may use other existing SIP
   mechanisms available, including, but not limited to, Digest
   authentication [RFC3261], asserted identity [RFC3325], and connected
   identity [RFC4916].

   The SRS may have its own set of recording policies to authorize
   recording requests from the SRC.  The use of recording policies is
   outside the scope of the Session Recording Protocol.

12.2.  RTP Handling

   In many scenarios, it will be critical for the media transported
   between the SRC and the SRS to be protected.  Media encryption is an
   important element in the overall SIPREC solution; therefore, the SRC
   and the SRS MUST support RTP/SAVP [RFC3711] and RTP/SAVPF [RFC5124].
   RTP/SAVP and RTP/SAVPF provide media encryption, integrity
   protection, replay protection, and a limited form of source
   authentication.  They do not contain or require a specific keying
   mechanism.  At a minimum, the SRC and SRS MUST support the SDP
   security descriptions key negotiation mechanism [RFC4568].  For cases
   in which Datagram Transport Layer Security for Secure RTP (DTLS-SRTP)
   is used to encrypt a CS media stream, an SRC may use SRTP Encrypted
   Key Transport (EKT) [EKT-SRTP] in order to use SRTP-SDES in the RS
   without needing to re-encrypt the media.

      Note: When using EKT in this manner, it is possible for
      participants in the CS to send traffic that appears to be from
      other participants and have this forwarded by the SRC to the SRS
      within the RS.  If this is a concern (e.g., the RS is intended for
      audit or compliance purposes), EKT is not an appropriate choice.

   When RTP/SAVP or RTP/SAVPF is used, an SRC can choose to use the same
   keys or different keys in the RS than those used in the CS.  Some
   SRCs are designed to simply replicate RTP packets from a CS media
   stream to the SRS, in which case the SRC will use the same key in the
   RS as the key used in the CS.  In this case, the SRC MUST secure the
   SDP containing the keying material in the RS with at least the same
   level of security as in the CS.  The risk of lowering the level of
   security in the RS is that it will effectively become a downgrade
   attack on the CS, since the same key is used for both the CS and
   the RS.

   SRCs that decrypt an encrypted CS media stream and re-encrypt it when
   sending it to the SRS MUST use a different key than what is used for
   the CS media stream, to ensure that it is not possible for someone
   who has the key for the CS media stream to access recorded data they

Top      Up      ToC       Page 41 
   are not authorized to access.  In order to maintain a comparable
   level of security, the key used in the RS SHOULD be of equivalent
   strength to, or greater strength than, that used in the CS.

12.3.  Metadata

   Metadata contains sensitive information, such as the address of
   record of the participants and other extension data placed by the
   SRC.  It is essential to protect the content of the metadata in the
   RS.  Since metadata is a content type transmitted in SIP signaling,
   metadata SHOULD be protected at the transport level by SIPS/TLS.

12.4.  Storage and Playback

   While storage and playback of the call recording are beyond the scope
   of this document, it is worthwhile to mention here that it is also
   important for the recording storage and playback to provide a level
   of security that is comparable to the CS.  It would defeat the
   purpose of securing both the CS and the RS mentioned in the previous
   sections if the recording can be easily played back with a simple,
   unsecured HTTP interface without any form of authentication or
   authorization.

13.  References

13.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC2506]  Holtman, K., Mutz, A., and T. Hardie, "Media Feature Tag
              Registration Procedure", BCP 31, RFC 2506,
              DOI 10.17487/RFC2506, March 1999,
              <http://www.rfc-editor.org/info/rfc2506>.

   [RFC3261]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
              A., Peterson, J., Sparks, R., Handley, M., and E.
              Schooler, "SIP: Session Initiation Protocol", RFC 3261,
              DOI 10.17487/RFC3261, June 2002,
              <http://www.rfc-editor.org/info/rfc3261>.

   [RFC3264]  Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model
              with Session Description Protocol (SDP)", RFC 3264,
              DOI 10.17487/RFC3264, June 2002,
              <http://www.rfc-editor.org/info/rfc3264>.

Top      Up      ToC       Page 42 
   [RFC3550]  Schulzrinne, H., Casner, S., Frederick, R., and V.
              Jacobson, "RTP: A Transport Protocol for Real-Time
              Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550,
              July 2003, <http://www.rfc-editor.org/info/rfc3550>.

   [RFC3840]  Rosenberg, J., Schulzrinne, H., and P. Kyzivat,
              "Indicating User Agent Capabilities in the Session
              Initiation Protocol (SIP)", RFC 3840,
              DOI 10.17487/RFC3840, August 2004,
              <http://www.rfc-editor.org/info/rfc3840>.

   [RFC4574]  Levin, O. and G. Camarillo, "The Session Description
              Protocol (SDP) Label Attribute", RFC 4574,
              DOI 10.17487/RFC4574, August 2006,
              <http://www.rfc-editor.org/info/rfc4574>.

   [RFC5234]  Crocker, D., Ed., and P. Overell, "Augmented BNF for
              Syntax Specifications: ABNF", STD 68, RFC 5234,
              DOI 10.17487/RFC5234, January 2008,
              <http://www.rfc-editor.org/info/rfc5234>.

   [RFC7245]  Hutton, A., Ed., Portman, L., Ed., Jain, R., and K. Rehor,
              "An Architecture for Media Recording Using the Session
              Initiation Protocol", RFC 7245, DOI 10.17487/RFC7245,
              May 2014, <http://www.rfc-editor.org/info/rfc7245>.

   [RFC7865]  Ravindranath, R., Ravindran, P., and P. Kyzivat, "Session
              Initiation Protocol (SIP) Recording Metadata", RFC 7865,
              DOI 10.17487/RFC7865, May 2016,
              <http://www.rfc-editor.org/info/rfc7865>.

13.2.  Informative References

   [EKT-SRTP] Mattsson, J., Ed., McGrew, D., Wing, D., and F. Andreasen,
              "Encrypted Key Transport for Secure RTP", Work in
              Progress, draft-ietf-avtcore-srtp-ekt-03, October 2014.

   [RFC2804]  IAB and IESG, "IETF Policy on Wiretapping", RFC 2804,
              DOI 10.17487/RFC2804, May 2000,
              <http://www.rfc-editor.org/info/rfc2804>.

   [RFC3311]  Rosenberg, J., "The Session Initiation Protocol (SIP)
              UPDATE Method", RFC 3311, DOI 10.17487/RFC3311,
              October 2002, <http://www.rfc-editor.org/info/rfc3311>.

Top      Up      ToC       Page 43 
   [RFC3325]  Jennings, C., Peterson, J., and M. Watson, "Private
              Extensions to the Session Initiation Protocol (SIP) for
              Asserted Identity within Trusted Networks", RFC 3325,
              DOI 10.17487/RFC3325, November 2002,
              <http://www.rfc-editor.org/info/rfc3325>.

   [RFC3551]  Schulzrinne, H. and S. Casner, "RTP Profile for Audio and
              Video Conferences with Minimal Control", STD 65, RFC 3551,
              DOI 10.17487/RFC3551, July 2003,
              <http://www.rfc-editor.org/info/rfc3551>.

   [RFC3711]  Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
              Norrman, "The Secure Real-time Transport Protocol (SRTP)",
              RFC 3711, DOI 10.17487/RFC3711, March 2004,
              <http://www.rfc-editor.org/info/rfc3711>.

   [RFC4568]  Andreasen, F., Baugher, M., and D. Wing, "Session
              Description Protocol (SDP) Security Descriptions for Media
              Streams", RFC 4568, DOI 10.17487/RFC4568, July 2006,
              <http://www.rfc-editor.org/info/rfc4568>.

   [RFC4585]  Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey,
              "Extended RTP Profile for Real-time Transport Control
              Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585,
              DOI 10.17487/RFC4585, July 2006,
              <http://www.rfc-editor.org/info/rfc4585>.

   [RFC4916]  Elwell, J., "Connected Identity in the Session Initiation
              Protocol (SIP)", RFC 4916, DOI 10.17487/RFC4916,
              June 2007, <http://www.rfc-editor.org/info/rfc4916>.

   [RFC4961]  Wing, D., "Symmetric RTP / RTP Control Protocol (RTCP)",
              BCP 131, RFC 4961, DOI 10.17487/RFC4961, July 2007,
              <http://www.rfc-editor.org/info/rfc4961>.

   [RFC5104]  Wenger, S., Chandra, U., Westerlund, M., and B. Burman,
              "Codec Control Messages in the RTP Audio-Visual Profile
              with Feedback (AVPF)", RFC 5104, DOI 10.17487/RFC5104,
              February 2008, <http://www.rfc-editor.org/info/rfc5104>.

   [RFC5124]  Ott, J. and E. Carrara, "Extended Secure RTP Profile for
              Real-time Transport Control Protocol (RTCP)-Based Feedback
              (RTP/SAVPF)", RFC 5124, DOI 10.17487/RFC5124,
              February 2008, <http://www.rfc-editor.org/info/rfc5124>.

   [RFC5168]  Levin, O., Even, R., and P. Hagendorf, "XML Schema for
              Media Control", RFC 5168, DOI 10.17487/RFC5168,
              March 2008, <http://www.rfc-editor.org/info/rfc5168>.

Top      Up      ToC       Page 44 
   [RFC5630]  Audet, F., "The Use of the SIPS URI Scheme in the Session
              Initiation Protocol (SIP)", RFC 5630,
              DOI 10.17487/RFC5630, October 2009,
              <http://www.rfc-editor.org/info/rfc5630>.

   [RFC5761]  Perkins, C. and M. Westerlund, "Multiplexing RTP Data and
              Control Packets on a Single Port", RFC 5761,
              DOI 10.17487/RFC5761, April 2010,
              <http://www.rfc-editor.org/info/rfc5761>.

   [RFC6263]  Marjou, X. and A. Sollaud, "Application Mechanism for
              Keeping Alive the NAT Mappings Associated with RTP / RTP
              Control Protocol (RTCP) Flows", RFC 6263,
              DOI 10.17487/RFC6263, June 2011,
              <http://www.rfc-editor.org/info/rfc6263>.

   [RFC6341]  Rehor, K., Ed., Portman, L., Ed., Hutton, A., and R. Jain,
              "Use Cases and Requirements for SIP-Based Media Recording
              (SIPREC)", RFC 6341, DOI 10.17487/RFC6341, August 2011,
              <http://www.rfc-editor.org/info/rfc6341>.

   [RFC7022]  Begen, A., Perkins, C., Wing, D., and E. Rescorla,
              "Guidelines for Choosing RTP Control Protocol (RTCP)
              Canonical Names (CNAMEs)", RFC 7022, DOI 10.17487/RFC7022,
              September 2013, <http://www.rfc-editor.org/info/rfc7022>.

   [RFC7525]  Sheffer, Y., Holz, R., and P. Saint-Andre,
              "Recommendations for Secure Use of Transport Layer
              Security (TLS) and Datagram Transport Layer Security
              (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525,
              May 2015, <http://www.rfc-editor.org/info/rfc7525>.

Acknowledgements

   We want to thank John Elwell, Paul Kyzivat, Partharsarathi R, Ram
   Mohan R, Hadriel Kaplan, Adam Roach, Miguel Garcia, Thomas Stach,
   Muthu Perumal, Dan Wing, and Magnus Westerlund for their valuable
   comments and inputs to this document.

Top      Up      ToC       Page 45 
Authors' Addresses

   Leon Portman
   NICE Systems
   22 Zarhin Street
   P.O. Box 690
   Ra'anana  4310602
   Israel

   Email: leon.portman@gmail.com


   Henry Lum (editor)
   Genesys
   1380 Rodick Road, Suite 201
   Markham, Ontario  L3R4G5
   Canada

   Email: henry.lum@genesyslab.com


   Charles Eckel
   Cisco
   170 West Tasman Drive
   San Jose, CA  95134
   United States

   Email: eckelcu@cisco.com


   Alan Johnston
   Illinois Institute of Technology
   Bellevue, WA
   United States

   Email: alan.b.johnston@gmail.com


   Andrew Hutton
   Unify
   Brickhill Street
   Milton Keynes  MK15 0DJ
   United Kingdom

   Email: andrew.hutton@unify.com