Network Working Group J. Rosenberg
Request for Comments: 3261 dynamicsoft
Obsoletes: 2543 H. Schulzrinne
Category: Standards Track Columbia U.
G. Camarillo
Ericsson
A. Johnston
WorldCom
J. Peterson
Neustar
R. Sparks
dynamicsoft
M. Handley
ICIR
E. Schooler
AT&T
June 2002 SIP: Session Initiation Protocol
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract
This document describes Session Initiation Protocol (SIP), an
application-layer control (signaling) protocol for creating,
modifying, and terminating sessions with one or more participants.
These sessions include Internet telephone calls, multimedia
distribution, and multimedia conferences.
SIP invitations used to create sessions carry session descriptions
that allow participants to agree on a set of compatible media types.
SIP makes use of elements called proxy servers to help route requests
to the user's current location, authenticate and authorize users for
services, implement provider call-routing policies, and provide
features to users. SIP also provides a registration function that
allows users to upload their current locations for use by proxy
servers. SIP runs on top of several different transport protocols.
26.1.5 Denial of Service and Amplification ................. 23626.2 Security Mechanisms ................................. 23726.2.1 Transport and Network Layer Security ................ 23826.2.2 SIPS URI Scheme ..................................... 23926.2.3 HTTP Authentication ................................. 24026.2.4 S/MIME .............................................. 24026.3 Implementing Security Mechanisms .................... 24126.3.1 Requirements for Implementers of SIP ................ 24126.3.2 Security Solutions .................................. 24226.3.2.1 Registration ........................................ 24226.3.2.2 Interdomain Requests ................................ 24326.3.2.3 Peer-to-Peer Requests ............................... 24526.3.2.4 DoS Protection ...................................... 24626.4 Limitations ......................................... 24726.4.1 HTTP Digest ......................................... 24726.4.2 S/MIME .............................................. 24826.4.3 TLS ................................................. 24926.4.4 SIPS URIs ........................................... 24926.5 Privacy ............................................. 25127 IANA Considerations ................................. 25227.1 Option Tags ......................................... 25227.2 Warn-Codes .......................................... 25227.3 Header Field Names .................................. 25327.4 Method and Response Codes ........................... 25327.5 The "message/sip" MIME type. ....................... 25427.6 New Content-Disposition Parameter Registrations ..... 25528 Changes From RFC 2543 ............................... 25528.1 Major Functional Changes ............................ 25528.2 Minor Functional Changes ............................ 26029 Normative References ................................ 26130 Informative References .............................. 262A. Table of Timer Values ............................... 265
Acknowledgments ................................................ 266
Authors' Addresses ............................................. 267
Full Copyright Statement ....................................... 2691 Introduction
There are many applications of the Internet that require the creation
and management of a session, where a session is considered an
exchange of data between an association of participants. The
implementation of these applications is complicated by the practices
of participants: users may move between endpoints, they may be
addressable by multiple names, and they may communicate in several
different media - sometimes simultaneously. Numerous protocols have
been authored that carry various forms of real-time multimedia
session data such as voice, video, or text messages. The Session
Initiation Protocol (SIP) works in concert with these protocols by
enabling Internet endpoints (called user agents) to discover one
another and to agree on a characterization of a session they would
like to share. For locating prospective session participants, and
for other functions, SIP enables the creation of an infrastructure of
network hosts (called proxy servers) to which user agents can send
registrations, invitations to sessions, and other requests. SIP is
an agile, general-purpose tool for creating, modifying, and
terminating sessions that works independently of underlying transport
protocols and without dependency on the type of session that is being
established.
2 Overview of SIP Functionality
SIP is an application-layer control protocol that can establish,
modify, and terminate multimedia sessions (conferences) such as
Internet telephony calls. SIP can also invite participants to
already existing sessions, such as multicast conferences. Media can
be added to (and removed from) an existing session. SIP
transparently supports name mapping and redirection services, which
supports personal mobility [27] - users can maintain a single
externally visible identifier regardless of their network location.
SIP supports five facets of establishing and terminating multimedia
communications:
User location: determination of the end system to be used for
communication;
User availability: determination of the willingness of the called
party to engage in communications;
User capabilities: determination of the media and media parameters
to be used;
Session setup: "ringing", establishment of session parameters at
both called and calling party;
Session management: including transfer and termination of
sessions, modifying session parameters, and invoking
services.
SIP is not a vertically integrated communications system. SIP is
rather a component that can be used with other IETF protocols to
build a complete multimedia architecture. Typically, these
architectures will include protocols such as the Real-time Transport
Protocol (RTP) (RFC 1889 [28]) for transporting real-time data and
providing QoS feedback, the Real-Time streaming protocol (RTSP) (RFC
2326 [29]) for controlling delivery of streaming media, the Media
Gateway Control Protocol (MEGACO) (RFC 3015 [30]) for controlling
gateways to the Public Switched Telephone Network (PSTN), and the
Session Description Protocol (SDP) (RFC 2327 [1]) for describing
multimedia sessions. Therefore, SIP should be used in conjunction
with other protocols in order to provide complete services to the
users. However, the basic functionality and operation of SIP does
not depend on any of these protocols.
SIP does not provide services. Rather, SIP provides primitives that
can be used to implement different services. For example, SIP can
locate a user and deliver an opaque object to his current location.
If this primitive is used to deliver a session description written in
SDP, for instance, the endpoints can agree on the parameters of a
session. If the same primitive is used to deliver a photo of the
caller as well as the session description, a "caller ID" service can
be easily implemented. As this example shows, a single primitive is
typically used to provide several different services.
SIP does not offer conference control services such as floor control
or voting and does not prescribe how a conference is to be managed.
SIP can be used to initiate a session that uses some other conference
control protocol. Since SIP messages and the sessions they establish
can pass through entirely different networks, SIP cannot, and does
not, provide any kind of network resource reservation capabilities.
The nature of the services provided make security particularly
important. To that end, SIP provides a suite of security services,
which include denial-of-service prevention, authentication (both user
to user and proxy to user), integrity protection, and encryption and
privacy services.
SIP works with both IPv4 and IPv6.
3 Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
described in BCP 14, RFC 2119 [2] and indicate requirement levels for
compliant SIP implementations.