RFC 4028 Session Timer in the Session Initiation

RFC 4028 Session Timer in the Session Initiation Protocol Speaker：Ying Shun Lin Adviser ：Quincy Wu 1

Outline n n n Introduction Session-Expires Header field Definition Min-SE Header field Definition 422 -Response Code Definition UAC / Proxy / UAS Behavior Security Considerations Example call Flow 2

Introduction (1/3) n SIP does not define a keepalive mechanism for the sessions it establishes INVITE 100 Trying UAC BYE call stateful proxy will retain state for the call 3

Introduction (2/3) n n This extension defines a keepalive mechanism for SIP sessions. UAs send periodic (re-INVITE or UPDATE) requests (referred to as session refresh requests) to keep the session alive. If a session refresh request is not received before the interval passes， the session is considered terminated. Both UAs are supposed to send a BYE，and call stateful proxies can remove any state for the call. 4

Introduction (3/3) n Two new header fields (Session-Expires and Min-SE) and a new response code (422) are defined - Session-Expires：conveys the duration of the session - Min-SE ：conveys the minimum allowed value for the session expiration. - 422 response ：indicates that the session timer duration was too small. 5

Define some terms n n n Session Interval Session Expiration Session Refresh Request Initial Session Refresh Request Subsequent Session Refresh Request Refresh 6

Session-Expires Header Field Definition n placed only in requests (INVITE or UPDATE), as well as in any 2 xx response to request. MUST be prepared to handle Session-Expires header field values of any duration greater than 90 ； 1800 seconds (30 minutes) is RECOMMENDED. insert the Session-Expires header field SHOULD NOT choose values of less than 30 minutes. Session-Expires: 1800; refresher=uac 7

Min-SE Header Field Definition n n used in an request (INVITE or UPDATE) ， it indicates the smallest value of the session interval that can be used for that session. MUST NOT be less than 90 seconds - When the header field is not present, its default value for is 90 seconds. n MUST NOT be used in responses except for those with a 422 response code. Min-SE: 90 8

422 Response Code Definition n n Session Interval Too Small - generated by a UAS or proxy when a request contains a Session-Expires header field with a duration below the minimum timer for the server. MUST contain a Min-SE header field with the minimum timer for that server. 9

Session-Expire & Min-SE Header Fields 10

UAC Behavior n n Generating an Initial Session Refresh Request Processing a 2 xx Response Processing a 422 Response Generating Subsequent Session Refresh Requests 11

UAC /Proxy Behavior INVITE Supported : timer Session Expires: XX ; refresher =‘uac` Min-SE: XX Require: timer 200 Supported: timer UAC Session-Expires : ; refresher= proxy 422 Min-SE : Session Interval Too Small 12

UAC Behavior 422 UAC Min-SE : xx proxy Supported : timer Session Expires: XX ; refresher =‘ uac/uas’ INVITE Min-SE: XX • If a UAC knows that its peer supports the UPDATE method RECOMMENDED that UPDATE be used instead of a re-INVITE 13

Proxy Behavior n The proxy processing rules require the proxy to remember information between the request and response, ruling out stateless proxies. - Processing of Requests - Processing of Responses - Session Expiration 14

Proxy Behavior (Request) Supported : timer Proxy 2 Session Expires: (small) call failure Session Expires: XX INVITE Min-SE: XX INVITE Session Expires: XX Min-SE: XX Proxy 1 15

Proxy Behavior (Response) (proxy remembers UAC did not support ) There is no session expiration for this session Session-Expires (from the forwarded request ) refresher : `uac` UAS did not support the session timer Session Expires UAS (proxy remembers that the UAC did support the session timer ) 16

UAS Behavior Supported : timer INVITE 422 Session Expires: Min-SE: UAS proxy 200 ok Session Expires: 17

UAS Behavior UAC supports? Refresher parameter refresher parameter in request in response N none uas N uac NA N uas NA Y none uas or uac Y uas 18

Security Considerations(1/3) n Inside Attacks Case 1: a rogue UAC that wishes to force a UAS to generate refreshes at a rapid rate - The UAS or any proxy that objects to this low timer will reject the request with a 422, thereby preventing the attack. 19

Security Considerations(2/3) Case 2: rogue UAS that wishes to force a UAC to generate refreshes at a rapid rate. - UAC copy the current session interval into the Session-Expires header field in the request. The proxies will reject this request and provide a Min-SE with a higher minimum, which the UAC will then use. 20

Security Considerations(3/3) n Outside Attacks - An element that can observe and modify a request or response in transit can force rapid session refreshes. - proxies that record-route and request session timer SHOULD record-route with a SIPS URI. A UA that inserts a Session-Expires header into a request or response SHOULD include a Contact URI that is a SIPS URI. 21

(1) INVITE sips: bob@biloxi. example. com SIP/2. 0 Via: SIP/2. 0/TLS pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 8 Supported: timer Session-Expires: 90 Max-Forwards: 70 To: Bob <sips: bob@biloxi. example. com> Proxy P 2 Proxy P 1 From: Alice <sips: alice@atlanta. example. com>; tag=1928301774 Alice Bob Call-ID: a 84 b 4 c 76 e 66710 (1)INVITE CSeq: 314159 INVITE SE: 90 Contact: <sips: alice@pc 33. atlanta. example. com> (4) (2) Content-Type: application/sdp (2)422 INVITE sips: bob@biloxi. example. com SIP/2. 0 422 Session Content-Length: 142 Interval Too Small. SIP/2. 0 MSE: 3600 Via: SIP/2. 0/TLS pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 9 Supported: timer pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 8 (3)ACK Session-Expires: 3600 ; received=192. 0. 2. 1 Min-SE: 3600 Max-Forwards: 70 (4)INVITE To: Bob <sips: bob@biloxi. example. com>; tag=9 a 8 kz To: Bob. Alice <sips: bob@biloxi. example. com> SE: 3600 From: <sips: alice@atlanta. example. com>; tag=1928301774 From: Alice <sips: alice@atlanta. example. com>; tag=1928301774 MSE: 3600 Call-ID: a 84 b 4 c 76 e 66710 CSeq: 314159 INVITE CSeq: 314160 INVITE Contact: <sips: alice@pc 33. atlanta. example. com> Content-Type: application/sdp 22 Content-Length: 142 Example Call Flow

Example Call Flow (10) INVITE sips: bob@biloxi. example. com SIP/2. 0 Proxy P 2 Proxy P 1 Via: SIP/2. 0/TLS pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 10 Alice Bob (5)INVITE Supported: timer Session-Expires: 4000 SE: 3600 Min-SE: 4000 Max-Forwards: 70 (6)422 To: Bob <sips: bob@biloxi. example. com> MSE: 4000 From: Alice <sips: alice@atlanta. example. com>; tag=1928301774 Call-ID: a 84 b 4 c 76 e 66710(7)ACK (8)422 CSeq: 314161 INVITE MSE: 4000 Contact: <sips: alice@pc 33. atlanta. example. com> Content-Type: application/sdp (9)ACK Content-Length: 142 (10)INVITE SE: 4000 MSE: 4000 23

(15) SIP/2. 0 200 OK Via: SIP/2. 0/TLS pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 10 ; received=192. 0. 2. 1 Require: timer Supported: timer Record-Route: sips: p 1. atlanta. example. com Proxy P 2 Proxy P 1 Session-Expires: 4000; refresher=uac (11)INVITE Alice Bob To: Bob <sips: bob@biloxi. example. com>; tag=9 as 888 nd SE: 4000 (12)INVITE From: Alice <sips: alice@atlanta. example. com>; tag=1928301774 MSE: 4000 Call-ID: a 84 b 4 c 76 e 66710 MSE: 4000 CSeq: 314161 INVITE Contact: <sips: bob@192. 0. 2. 4> (13)200 OK Content-Type: application/sdp SE: 4000 (14)200 OK Content-Length: 142 SE: 4000 (15)200 OK SE: 4000 Example Call Flow (16)ACK (17)ACK 24

Example Call Flow Proxy P 1 Proxy P 2 Alice Bob (18)UPDATE SE: 4000 (19)UPDATE SE: 4000 (18) (20)200 OK UPDATE sips: bob@192. 0. 2. 4 SIP/2. 0 SE: 4000 Via: SIP/2. 0/TLS pc 33. atlanta. example. com; branch=z 9 h. G 4 b. Knashds 12 (21)200 OK Route: sips: p 1. atlanta. example. com SE: 4000 Supported: timer Session-Expires: 4000; refresher=uac (22)BYE Max-Forwards: 70 To: Bob <sips: bob@biloxi. example. com>; tag=9 as 888 nd (23)BYE From: Alice <sips: alice@atlanta. example. com>; tag=1928301774 (24)408 (Request Timeout) Call-ID: a 84 b 4 c 76 e 66710 CSeq: 314162 UPDATE Contact: <sips: alice@pc 33. atlanta. example. com> 25