SIMPLE Working Group                                         B. Campbell
Internet-Draft                                              J. Rosenberg
Expires: April 25, 2003                                      dynamicsoft
                                                        October 25, 2002

                   Instant Message Sessions in SIMPLE

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://

   The list of Internet-Draft Shadow Directories can be accessed at

   This Internet-Draft will expire on April 25, 2003.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.


   The SIP MESSAGE method is used to send instant messages, where each
   message is independent of any other message.  This is often called
   pager-mode messaging, due to the fact that this model is similar to
   that of most two-way pager devices.  Another model is called session-
   mode.  In session-mode, the instant messages are part of a media
   session that provides ordering, a security context, and other
   functions.  This media session is established using a SIP INVITE,
   just as an audio or video session would be established.

   This document describes a method of initiating and managing message
   sessions using SIP.

Campbell & Rosenberg     Expires April 25, 2003                 [Page 1]

Internet-Draft             SIMPLE IM Sessions               October 2002

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Motivation for Session-mode Messaging  . . . . . . . . . . . .  3
   3.  Message Session Mechanisms . . . . . . . . . . . . . . . . . .  4
   4.  SDP Offer-Answer Exchanges for Message Sessions. . . . . . . .  5
   4.1 Use of the SDP M-line  . . . . . . . . . . . . . . . . . . . .  5
   4.2 SDP Extensions for Connection Oriented Media . . . . . . . . .  6
   4.3 Session Parameters . . . . . . . . . . . . . . . . . . . . . .  6
   5.  Example SDP Exchange . . . . . . . . . . . . . . . . . . . . .  6
   6.  Baseline Implementation Requirements . . . . . . . . . . . . .  7
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  7
   9.  Open Issues  . . . . . . . . . . . . . . . . . . . . . . . . .  8
   10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . .  8
       Normative References . . . . . . . . . . . . . . . . . . . . .  8
       Informational References . . . . . . . . . . . . . . . . . . .  9
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . .  9
       Full Copyright Statement . . . . . . . . . . . . . . . . . . . 11

Campbell & Rosenberg     Expires April 25, 2003                 [Page 2]

Internet-Draft             SIMPLE IM Sessions               October 2002

1. Introduction

   The MESSAGE [7] extension to SIP [3]  allows SIP to be used to
   transmit instant messages.  Instant messages sent using the MESSAGE
   method are normally independent of each other.  This approach is
   often called pager-mode messaging, since it follows a model similar
   to that used by many two-way pager devices.  Pager-mode messaging
   makes sense for instant message exchanges where a small number of
   messages occur.

   There are also applications in which it is useful for instant
   messages to be associated together in some way.  For example, a user
   may wish to join a text conference, participate in the conference for
   some period of time, then leave the conference.  This usage is
   analogous to regular media sessions that are typically initiated,
   managed, and terminated using SIP.  We commonly refer to this model
   as session-mode messaging.

   One of the primary purposes of SIP is the management of media
   sessions.  Session-mode messaging can be thought of as a media
   session like any other.  This document describes a method to use SIP
   to manage message sessions.  This document does not propose an actual
   message session mechanism; there may any number of mechanisms that
   are appropriate for different applications and environments.

2. Motivation for Session-mode Messaging

   Message sessions offer several advantages over pager-mode messages.
   For message exchanges that include more than a small number of
   message transactions, message sessions offer a way to remove
   messaging load from intervening SIP proxies.  For example, a minimal
   session setup and teardown requires one INVITE/ACK transaction, and
   one BYE transaction, for a total of 5 SIP messages.  Normal SIP
   request routing allows for all but the initial INVITE transaction to
   bypass any intervening proxies that do not specifically request to be
   in the path for future requests.  In the default usage, instant
   messages themselves are sent end-to-end, without touching intervening
   SIP proxies.

   Each pager mode message involves a complete SIP transaction, that is,
   a request and a response.  Any pager-mode message exchange that
   involves more than 2 or 3 MESSAGE requests will generate more SIP
   requests than a minimal session initiation sequence.  Since MESSAGE
   is typically used outside of a SIP dialog, these requests will
   typically traverse the entire proxy network between the endpoints.

   Due to network congestion concerns, the MESSAGE method has
   significant limitations in message size, a prohibition against

Campbell & Rosenberg     Expires April 25, 2003                 [Page 3]

Internet-Draft             SIMPLE IM Sessions               October 2002

   overlapping requests, etc.  Much of this has been required because of
   perceived limitations in the congestion-avoidance features of SIP
   itself.  Work is in progress to mitigate these concerns.

   However, session-mode messages are always sent over a reliable,
   congestion-safe transport.  Therefore, there are no restrictions on
   message sizes.  There is no requirement to wait for acknowledgement,
   so that messages can be overlapped.

   Message sessions allow greater efficiency for secure message
   exchanges.  The SIP MESSAGE request inherits the S/MIME features of
   SIP, allowing a message to be signed and/or encrypted.  However, this
   approach requires public key operations for each message.  With
   session-mode messaging, a session key can be established at the time
   of session initiation.  This key can be used to protect each message
   that is part of the session.  This requires only symmetric key
   operations, and no additional certificate exchanges are required
   after the initial exchange.  The establishment of the session key is
   done using standard techniques that apply to voice and video, in
   addition to instant messaging.

   Finally, SIP devices can treat message sessions like any other media
   sessions.  Any SIP feature that can be applied to other sorts of
   media sessions can equally apply to message sessions.  For example,
   conferencing [9], third party call control [10], call transfer [11],
   QoS integration [12], and privacy [13] can all be applied to message

   Messaging sessions can also reduce the overhead in each individual
   message.  In pager-mode, each message needs to include all of the SIP
   headers that are mandated by RFC 3261.  [3] However, many of these
   headers are not needed once a context is established for exchanging
   messages.  As a result, messaging session mechanisms can be designed
   with significantly less overhead.

3. Message Session Mechanisms

   This document does not define a specific message session mechanism.
   However, all message session mechanisms will need to address a common
   set of issues, resulting in several requirements which are discussed

   The first issue is congestion safety.  Instant messages can vary
   significantly in size, ranging from a few bytes to many megabytes.
   As a result, all message session mechanisms need to be congestion
   safe.  This issue is discussed at length in the MESSAGE method
   specification [7], and is the reason for the restrictions on the
   transport protocols used for the MESSAGE method.  These

Campbell & Rosenberg     Expires April 25, 2003                 [Page 4]

Internet-Draft             SIMPLE IM Sessions               October 2002

   considerations apply to message session mechanisms as well.  Any
   message session mechanism MUST be congestion-safe.

   Most media session types are currently based on the Real Time
   Transport Protocol [8].  While message sessions are managed much like
   any other media session, there are some significant differences in
   the underlying transport mechanisms.  RTP is designed for media types
   that take the form of time sequenced data, where the temporal
   relationship between packets is critical for proper playback.  In
   many cases, small amounts of packet loss are acceptable, as long as
   the temporal relationships can be maintained.

   Message sessions are different, in that while message ordering is
   important, the time between messages typically is not.  Reliable
   delivery of a message is much more important.  Of course, there are
   exceptions; one can imagine a media session type that transferred
   text as it was typed, with typing patterns preserved at the receiving
   end.  While this may be an interesting application, it falls outside
   of the class of message-oriented media session that are the subject
   of this document.

   Due to the different nature of message-oriented media sessions, and
   due to the network congestion concerns when sending instant message
   content over non-congestion controlled transports, message session
   mechanisms MUST use a reliable, congestion-safe network transport,
   such as TCP or SCTP.  Additionally, if multiple sessions exist
   between the same pair of devices, those devices SHOULD share the same
   connection across all of the sessions.

4. SDP Offer-Answer Exchanges for Message Sessions.

   This specification describes the usage of SDP for the establishment
   of instant messaging sessions.  This approach is used by all message
   sessions mechanisms.

4.1 Use of the SDP M-line

   The SDP m-line takes the following form:

      m=<media> <port> <protocol> <format list>

   For non-RTP media sessions, The media field specifies the top level
   MIME media type for the session.  For message sessions, the media
   field MUST have the value of "message".  The proto field MUST
   designate the message session mechanism and transport protocol,
   separated by a "/" character.  For example, "cpim/tcp".  The meaning
   of any entries in the format list MUST be described in the
   specification for the message session mechanism.  If said mechanism

Campbell & Rosenberg     Expires April 25, 2003                 [Page 5]

Internet-Draft             SIMPLE IM Sessions               October 2002

   supports multiple payload types, acceptable types SHOULD be described
   in the format list.

   The following example illustrates an m-line for a CPIM message
   session, where the endpoint is willing to accept payloads of plain
   text or HTML

      m=message 49232 cpim/tcp text/plain text/html

4.2 SDP Extensions for Connection Oriented Media

   SDP is typically used with UDP based media protocols.  In particular,
   base SDP does not provide support for negotiation of a two-way media
   session where a single connection is used in both directions, which
   is expected to be the normal model for message sessions.

   Therefore, endpoints wishing to establish message sessions MUST
   follow the COMEDIA [2] extensions to SDP, both for the negotiation of
   connection parameters, and for the establishment and management of
   the connections themselves.

4.3 Session Parameters

   Any additional session parameters that are to be negotiated in the
   SDP exchange MUST be communicated in the form of attribute lines.
   Such parameters specific to a particular message session mechanism
   MUST be defined in the specification of the mechanism

5. Example SDP Exchange

   Endpoint A wishes to invite Endpoint B to a message session using the
   CPIM session mechanism.  [4] A offers the following session
   description containing the following lines:

           c=IN IP4
           m=message 7394 cpim/tcp text/plain

   Endpoint B chooses to participate, but prefers to initiate the
   connection.  B answers with a media description including the
   following lines:

           c=IN IP4
           m=message 8493 cpim/tcp text/plain text/html

Campbell & Rosenberg     Expires April 25, 2003                 [Page 6]

Internet-Draft             SIMPLE IM Sessions               October 2002

   B then opens a TCP connection to  A and B can
   begin to exchange instant messages on this connection using the CPIM
   message session mechanism.

6. Baseline Implementation Requirements

   To help ensure some degree of interoperability between endpoints
   supporting message sessions, any endpoint that supports message
   session as described in this document MUST support the  cpim message
   session mechanism [4] over TCP.  The CPIM session mechanism is a
   minimalist approach that is fairly inexpensive to support.  Such
   endpoints MAY support any number of other message session mechanisms.

7. Security Considerations

   Instant messages can contain very sensitive information.  As a
   result, as specified in RFC 2779 [5], instant messaging protocols
   need to provide for encryption, integrity and authentication of
   instant messages.  Any IM session mechanism MUST satisfy those

   Any protocol that is used as a messaging session transport protocol
   MUST  provide a means for encryption, authentication, and message
   integrity of the message.  This mechanism MUST operate even in the
   face of intermediaries in the transport protocol.  That is, it MUST
   provide a means of end-to-end security functions.  It is RECOMMENDED
   that any such mechanism make use of session keys that can be
   established through SIP, such as those created by MIKEY [6].

   Encryption, authentication and message integrity for messaging
   sessions can also be provided through the use of secure transport
   protocols, such as TLS.  It is RECOMMENDED that message session
   mechanisms make use of TLS, and that implementations SHOULD support

   The usage of SIP to establish an instant messaging session introduces
   additional security considerations.  Because SIP can be used to
   establish a session key for the messaging sessions, the SIP exchange
   itself needs to provide proper authentication in order for the
   instant messages themselves to be authenticated.  Authentication of
   SIP users is provided with S/MIME, and therefore, implementations
   MUST support S/MIME.

8. IANA Considerations

   This document does not require IANA registrations.

Campbell & Rosenberg     Expires April 25, 2003                 [Page 7]

Internet-Draft             SIMPLE IM Sessions               October 2002

9. Open Issues

   There is still ongoing discussion about the m-line format.  An
   alternative proposal is for the protocol field to only designate the
   network transport protocol, and the first entry in the format list
   designate the session mechanism to be used on that protocol.  This
   approach may make software layering easier, where a connection
   management layer need not be aware of the message session mechanism

   There is still controversy over the security considerations.  In
   particular, whether this draft should strongly the use of session
   keys negotiated in the SDP exchange, or leave that decision to the
   designers of any particular message session mechansim.

   The final version of this document needs more examples, and may
   require further formal definitions.

10. Contributors

   The following people contributed substantially to this document:

                                Rohan Mahy
                                Allison Mankin
                                Jon Peterson
                                Brian Rosen
                                Jonathan Rosenberg
                                Robert Sparks
                                Dean Willis

Normative References

   [1]  Handley, M. and V. Jacobson, "SDP: Session Description
        Protocol", RFC 2327, April 1998.

   [2]  Yon, D., "Connection-Oriented Media Transport in SDP", draft-
        ietf-mmusic-sdp-comedia-04.txt (work in progress), July 2002.

   [3]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
        Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP:
        Session Initiation Protocol", RFC 3261, June 2002.

   [4]  Campbell, B., "Instant Message Sessions using the CPIM Message
        Format.", draft-campbell-simple-cpimmsg-sessions-00.txt (work in
        progress), October 2002.

   [5]  Day, M., Aggarwal, S. and J. Vincent, "Instant Messaging /
        Presence Protocol Requirements", RFC 2779, February 2000.

Campbell & Rosenberg     Expires April 25, 2003                 [Page 8]

Internet-Draft             SIMPLE IM Sessions               October 2002

   [6]  Arkko, J., "MIKEY: Multimedia Internet KEYing", draft-ietf-msec-
        mikey-04 (work in progress), August 2002.

Informational References

   [7]   Campbell, B. and J. Rosenberg, "Session Initiation Protocol
         Extension for Instant Messaging", draft-ietf-sip-message-07
         (work in progress), September 2002.

   [8]   Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson,
         "RTP: A Transport Protocol for Real-Time Applications", RFC
         1889, January 1996.

   [9]   Rosenberg, J. and H. Schulzrinne, "Models for Multi Party
         Conferencing in SIP", draft-ietf-sipping-conferencing-models-01
         (work in progress), July 2002.

   [10]  Rosenberg, J., Peterson, J., Schulzrinne, H. and G. Camarillo,
         "Best Current Practices for Third Party Call Control in the
         Session Initiation Protocol", draft-ietf-sipping-3pcc-02 (work
         in progress), June 2002.

   [11]  Sparks, R., "SIP Call Control - Transfer", draft-ietf-sip-cc-
         transfer-05 (work in progress), July 2001.

   [12]  Camarillo, G., Marshall, W. and J. Rosenberg, "Integration of
         Resource Management and Session Initiation Protocol (SIP)", RFC
         3312, October 2002.

   [13]  Peterson, J., "A Privacy Mechanism for the Session Initiation
         Protocol (SIP)", draft-peterson-sip-privacy-longterm-00 (work
         in progress), March 2002.

Authors' Addresses

   Ben Campbell
   5100 Tennyson Parkway
   Suite 1200
   Plano, TX  75024


Campbell & Rosenberg     Expires April 25, 2003                 [Page 9]

Internet-Draft             SIMPLE IM Sessions               October 2002

   Jonathan Rosenberg
   72 Eagle Rock Avenue
   First Floor
   East Hanover, NJ  07936


Campbell & Rosenberg     Expires April 25, 2003                [Page 10]

Internet-Draft             SIMPLE IM Sessions               October 2002

Full Copyright Statement

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an


   Funding for the RFC Editor function is currently provided by the
   Internet Society.

Campbell & Rosenberg     Expires April 25, 2003                [Page 11]