Skip to main content

Session Timers in the Session Initiation Protocol (SIP)
draft-ietf-sip-session-timer-15

Revision differences

Document history

Date Rev. By Action
2012-08-22
15 (System) post-migration administrative database adjustment to the No Objection position for Ted Hardie
2004-08-25
15 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2004-08-17
15 Amy Vezza IESG state changed to Approved-announcement sent
2004-08-17
15 Amy Vezza IESG has approved the document
2004-08-17
15 Amy Vezza Closed "Approve" ballot
2004-08-16
15 Allison Mankin State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Allison Mankin
2004-08-11
15 Ted Hardie [Ballot Position Update] Position for Ted Hardie has been changed to No Objection from Discuss by Ted Hardie
2004-08-11
15 (System) New version available: draft-ietf-sip-session-timer-15.txt
2004-05-19
14 (System) New version available: draft-ietf-sip-session-timer-14.txt
2004-01-23
15 (System) Removed from agenda for telechat - 2004-01-22
2004-01-22
15 Amy Vezza State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza
2004-01-22
15 Bill Fenner [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner
2004-01-22
15 Thomas Narten [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten
2004-01-22
15 Ned Freed [Ballot Position Update] New position, No Objection, has been recorded for Ned Freed by Ned Freed
2004-01-22
15 Alex Zinin [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin
2004-01-21
15 Margaret Cullen [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman
2004-01-21
15 Jon Peterson [Ballot Position Update] New position, Yes, has been recorded for Jon Peterson by Jon Peterson
2004-01-21
15 Ted Hardie
[Ballot discuss]
In general, having a sip session timer seems like a good idea, and the draft has done a reasonable
job at describing the …
[Ballot discuss]
In general, having a sip session timer seems like a good idea, and the draft has done a reasonable
job at describing the proposed mechanism.  I'm concerned, though, that it is built around an
assumption that may not be correct.  According to section 4:

  The default value of the Session-Expires header field, when not
  present, is infinity. This means that absence of the Session-Expires
  header field implies no expiration.

This seems to be based on the idea that since proxies have no deterministic way of establishing
session end today, they are implicitly supporting "infinity" for all sessions now.
Based on this assumption (everyone's signed up for infinity), the design choices to ensure
that minima are correct look sufficient. 

I'm concerned, however, that this assumption may not hold for all applications which might
be using SIP sessions (either now or in the future), and that some networks may be counting on
configured or heuristic limits to avoid proxy overload (since maintaining state "forever"
is obviously a significant load).  This mechanism has no way to establish or signal maxima.
There are obvious cases where a proxy knows it cannot maintain state for the full length of
time which a session might set for expiry (e.g. a planned maintenance window ) and others
where conditions may impose limits.  Describing what the proxy should do in those cases
seems like it would help this specification.

I'd also like to suggest changing the spec so that the absence of Session-Expires
does not mean "infinity", as I think that overloads a lack in an unfortunate way.
Having that mean "undefined expiry" makes sense (especially since you could infer
from that that heuristics might be applied at a proxy to close a session).  When
an element needs to signal an "infinite" expiration time, it can do so explicitly
by setting the expiration very far in the future.  If that is not possible, I think the
document needs a very strong recommendation in the text that implementations
supporting this should not leave this blank (so that this ambiguity in interpretation is limited
to legacy systems).

As a smaller matter, I think section 7.2 needs some justification for why the refresh
should be sent at the half interval.  There seem to be cases for long session expirations
where something more like Section 10's method for sending the BYE (which gives both
an absolute and a fraction, and has the implementation send the minimum) would make
sense.  A justification would be useful to describe the logic there.
2004-01-21
15 Ted Hardie
[Ballot discuss]
In general, having a sip session timer seems like a good idea, and the draft has done a reasonable
job at describing the …
[Ballot discuss]
In general, having a sip session timer seems like a good idea, and the draft has done a reasonable
job at describing the proposed mechanism.  I'm concerned, though, that it is built around an
assumption that may not be correct.  According to section 4:

  The default value of the Session-Expires header field, when not
  present, is infinity. This means that absence of the Session-Expires
  header field implies no expiration.

This seems to be based on the idea that since proxies have no deterministic way of establishing
session end today, they are implicitly supporting "infinity" for all sessions now.
Based on this assumption (everyone's signed up for infinity), the design choices to ensure
that minima are correct and look sufficient. 

I'm concerned, however, that this assumption may not hold for all applications which might
be using SIP sessions (either now or in the future), and that some networks may be counting on
configured or heuristic limits to avoid proxy overload (since maintaining state "forever"
is obviously a significant load).  This mechanism has no way to establish or signal maxima.
There are obvious cases where a proxy knows it cannot maintain state for the full length of
time which a session might set for expiry (e.g. a planned maintenance window ) and others
where conditions may impose limits.  Describing what the proxy should do in those cases
seems like it would help this specification.

I'd also like to suggest changing the spec so that the absence of Session-Expires
does not mean "infinity", as I think that overloads a lack in an unfortunate way.
Having that mean "undefined expiry" makes sense (especially since you could infer
from that that heuristics might be applied at a proxy to close a session).  When
an element needs to signal an "infinite" expiration time, it can do so explicitly
by setting the expiration very far in the future.  If that is not possible, I think the
document needs a very strong recommendation in the text that implementations
supporting this should not leave this blank (so that this ambiguity in interpretation is limited
to legacy systems).

As a smaller matter, I think section 7.2 needs some justification for why the refresh
should be sent at the half interval.  There seem to be cases for long session expirations
where something more like Section 10's method for sending the BYE (which gives both
an absolute and a fraction, and has the implementation send the minimum) would make
sense.  A justification would be useful to describe the logic there.
2004-01-21
15 Ted Hardie [Ballot Position Update] New position, Discuss, has been recorded for Ted Hardie by Ted Hardie
2004-01-21
15 Bert Wijnen [Ballot Position Update] New position, No Objection, has been recorded for Bert Wijnen by Bert Wijnen
2004-01-20
15 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded for Russ Housley by Russ Housley
2004-01-20
15 Allison Mankin [Note]: 'The version for agenda is -13.  Till it appears use http://www.jdrosen.net/papers/draft-ietf-sip-session-timer-13.txt  (clarified Sec Cons)' has been cleared by Allison Mankin
2004-01-19
15 Steven Bellovin [Ballot Position Update] New position, No Objection, has been recorded for Steve Bellovin by Steve Bellovin
2004-01-15
15 Allison Mankin Placed on agenda for telechat - 2004-01-22 by Allison Mankin
2004-01-15
15 Allison Mankin [Note]: 'The version for agenda is -13.  Till it appears use http://www.jdrosen.net/papers/draft-ietf-sip-session-timer-13.txt  (clarified Sec Cons)' added by Allison Mankin
2004-01-15
15 Allison Mankin [Note]: 'The version for agenda is -13.  Till it appears use http://www.jdrosen.net/papers/draft-ietf-sip-session-timer-13.txt  (clarified Sec Cons)' added by Allison Mankin
2004-01-15
15 Allison Mankin [Ballot Position Update] New position, Yes, has been recorded for Allison Mankin
2004-01-15
15 Allison Mankin Ballot has been issued by Allison Mankin
2004-01-15
15 Allison Mankin Created "Approve" ballot
2004-01-15
15 Allison Mankin State Changes to IESG Evaluation from Waiting for Writeup::Revised ID Needed by Allison Mankin
2004-01-15
15 Allison Mankin [Note]: 'AD Review comments given.  Document expected for 22 Jan agenda.' has been cleared by Allison Mankin
2004-01-15
13 (System) New version available: draft-ietf-sip-session-timer-13.txt
2004-01-08
15 Allison Mankin State Changes to Waiting for Writeup::Revised ID Needed from Waiting for Writeup by Allison Mankin
2004-01-08
15 Allison Mankin [Note]: 'AD Review comments given.  Document expected for 22 Jan agenda.' added by Allison Mankin
2004-01-06
15 Allison Mankin
Two AD review comments, the second one needing the document to be rev'd:

1.
Section 8

Session timers are mostly of interest to call stateful …
Two AD review comments, the second one needing the document to be rev'd:

1.
Section 8

Session timers are mostly of interest to call stateful proxy  servers. However, a stateful proxy server MAY also follow the rules described here.

"a stateless proxy server MAY also follow" ?  This seems to be the intention from the writing.  But on the other hand, does the revised sentence make any sense?  It conflicts with the indented sentence at the end of the section.

2.
Security Considerations

We don't have standards for IPSec for SIP - s/IPSec or TLS/
and  /TLS or IPSec/  /TLS (RFC 3261)./

Example flows in Section 13 must reflect RECOMMENDED strength of the security considerations and show TLS and sips (they currently have sip: and UDP).
2004-01-06
15 Allison Mankin [Note]: 'AD Review comments given.  Document expected for 22 Jan agenda.' added by Allison Mankin
2003-12-08
15 (System) State has been changed to Waiting for Writeup from In Last Call by system
2003-11-24
15 Amy Vezza Last call sent
2003-11-24
15 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2003-11-23
15 Allison Mankin [Note]: 'Updated for 3261 - waiting for WG review' has been cleared by Allison Mankin
2003-11-23
15 Allison Mankin Last Call was requested by Allison Mankin
2003-11-23
15 Allison Mankin State Changes to Last Call Requested from Publication Requested by Allison Mankin
2003-11-23
15 (System) Ballot writeup text was added
2003-11-23
15 (System) Last call text was added
2003-11-23
15 (System) Ballot approval text was added
2003-10-22
15 Dinara Suleymanova State Changes to Publication Requested from AD is watching by Dinara Suleymanova
2003-10-22
15 Dinara Suleymanova [Note]: 'Updated for 3261 - waiting for WG review' added by Dinara Suleymanova
2003-10-14
12 (System) New version available: draft-ietf-sip-session-timer-12.txt
2003-07-02
11 (System) New version available: draft-ietf-sip-session-timer-11.txt
2002-11-30
15 Allison Mankin State Changes to AD is watching from AD is watching  :: Revised ID Needed by Mankin, Allison
2002-11-08
10 (System) New version available: draft-ietf-sip-session-timer-10.txt
2002-10-22
15 Allison Mankin State Changes to WG/Author  -- New ID Needed from WG/Author  -- External Party by mankin
2002-10-08
15 Allison Mankin
Responsible: Author
Waiting for update to reflect RFC 3261.
Not high priority SIP task.  Will now need new review
and Last Call after all …
Responsible: Author
Waiting for update to reflect RFC 3261.
Not high priority SIP task.  Will now need new review
and Last Call after all this time.
2002-10-08
15 Allison Mankin by mankin
2002-10-08
15 Allison Mankin State Changes to WG/Author from AD Evaluation by mankin
2002-07-05
09 (System) New version available: draft-ietf-sip-session-timer-09.txt
2002-04-23
15 Allison Mankin It seems likely it won't need a new IETF Last Call
2002-03-17
15 Allison Mankin It was held up because of expectation of need
to sync with sip-bis
2002-03-17
15 Allison Mankin
State Changes to New Version Needed (WG/Author)                    from Wait for Writeup            …
State Changes to New Version Needed (WG/Author)                    from Wait for Writeup                                  by Allison Mankin
2001-10-08
08 (System) New version available: draft-ietf-sip-session-timer-08.txt
2001-10-02
07 (System) New version available: draft-ietf-sip-session-timer-07.txt
2001-08-30
06 (System) New version available: draft-ietf-sip-session-timer-06.txt
2001-07-24
05 (System) New version available: draft-ietf-sip-session-timer-05.txt
2000-11-28
04 (System) New version available: draft-ietf-sip-session-timer-04.txt
2000-10-30
03 (System) New version available: draft-ietf-sip-session-timer-03.txt
2000-07-18
02 (System) New version available: draft-ietf-sip-session-timer-02.txt
2000-03-09
01 (System) New version available: draft-ietf-sip-session-timer-01.txt
1999-10-20
00 (System) New version available: draft-ietf-sip-session-timer-00.txt