Network Working Group                                       G. Camarillo
Request for Comments: 3968                                      Ericsson
Updates: 3427                                              December 2004
BCP: 98
Category: Best Current Practice


             The Internet Assigned Number Authority (IANA)
                  Header Field Parameter Registry for
                 the Session Initiation Protocol (SIP)

Status of This Memo

   This document specifies an Internet Best Current Practices for the
   Internet Community, and requests discussion and suggestions for
   improvements.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document creates an Internet Assigned Number Authority (IANA)
   registry for the Session Initiation Protocol (SIP) header field
   parameters and parameter values.  It also lists the already existing
   parameters and parameter values to be used as the initial entries for
   this registry.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  2
   3.  Use of the Registry  . . . . . . . . . . . . . . . . . . . . .  2
   4.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  3
       4.1.  Header Field Parameters Sub-Registry . . . . . . . . . .  3
       4.2.  Registration Policy for SIP Header Field Parameters. . .  6
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   6.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  7
   7.  Normative References . . . . . . . . . . . . . . . . . . . . .  7
       Author's Address . . . . . . . . . . . . . . . . . . . . . . .  7
       Full Copyright Statement . . . . . . . . . . . . . . . . . . .  8









Camarillo                Best Current Practice                  [Page 1]

RFC 3968                 SIP Parameter Registry            December 2004


1.  Introduction

   RFC 3261 [3] allows new header field parameters and new parameter
   values to be defined.  However, RFC 3261 omitted an IANA registry for
   them.  This document creates such a registry.

   RFC 3427 [4] documents the process to extend SIP.  This document
   updates RFC 3427 by specifying how to define and register new SIP
   header field parameters and parameter values.

2.  Terminology

   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
   "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
   RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
   described in BCP 14, RFC 2119 [1] and indicate requirement levels for
   compliant implementations.

3.  Use of the Registry

   SIP header field parameters and parameter values MUST be documented
   in an RFC in order to be registered by IANA.  This documentation MUST
   fully explain the syntax, intended usage, and semantics of the
   parameter or parameter value.  The intent of this requirement is to
   assure interoperability between independent implementations, and to
   prevent accidental namespace collisions between implementations of
   dissimilar features.

      Note that this registry, unlike other protocol registries, only
      deals with parameters and parameter values defined in RFCs (i.e.,
      it lacks a vendor-extension tree).  RFC 3427 [4] documents
      concerns with regards to new SIP extensions which may damage
      security, greatly increase the complexity of the protocol, or
      both.  New parameters and parameter values need to be documented
      in RFCs as a result of these concerns.

   RFCs defining SIP header field parameters or parameter values MUST
   register them with IANA as described below.

   Registered SIP header field parameters and parameter values are to be
   considered "reserved words".  In order to preserve interoperability,
   registered parameters and parameter values MUST be used in a manner
   consistent with that described in their defining RFC.
   Implementations MUST NOT utilize "private" or "locally defined" SIP
   header field parameters or parameter values that conflict with
   registered parameters.





Camarillo                Best Current Practice                  [Page 2]

RFC 3968                 SIP Parameter Registry            December 2004


      Note that although unregistered SIP header field parameters and
      parameter values may be used in implementations, developers are
      cautioned that usage of such parameters is risky.  New SIP header
      field parameters and parameter values may be registered at any
      time, and there is no assurance that these new registered
      parameters or parameter values will not conflict with unregistered
      parameters currently in use.

   Some SIP header field parameters only accept a set of predefined
   parameter values.  For example, a parameter indicating the transport
   protocol in use may only accept the predefined tokens TCP, UDP, and
   SCTP as valid values.  Registering all parameter values for all SIP
   header field parameters of this type would require a large number of
   subregistries.  Instead, we have chosen to register parameter values
   by reference.  That is, the entry in the parameter registry for a
   given header field parameter contains references to the RFCs defining
   new values of the parameter.  References to RFCs defining parameter
   values appear in double brackets in the registry.

   So, the header field parameter registry contains a column that
   indicates whether or not each parameter only accepts a set of
   predefined values.  Implementers of parameters with a "yes" in that
   column need to find all the valid parameter values in the RFCs
   provided as references.

4.  IANA Considerations

   Section 27 of RFC 3261 [3] creates an IANA registry for method names,
   header field names, warning codes, status codes, and option tags.
   This specification creates a new sub-registry for header field
   parameters under the SIP Parameters registry.

4.1.  Header Field Parameters Sub-Registry

   The majority of the SIP header fields can be extended by defining new
   parameters.  New SIP header field parameters are registered by the
   IANA.  When registering a new parameter for a header field or a new
   value for a parameter, the following information MUST be provided.

   o  Header field in which the parameter can appear.

   o  Name of the header field parameter being registered.

   o  Whether the parameter only accepts a set of predefined values.







Camarillo                Best Current Practice                  [Page 3]

RFC 3968                 SIP Parameter Registry            December 2004


   o  A reference to the RFC where the parameter is defined and to any
      RFC that defines new values for the parameter.  References to RFCs
      defining parameter values appear in double brackets in the
      registry.

   Parameters that can appear in different header fields MAY have the
   same name.  However, parameters that can appear in the same header
   field MUST have different names.

   The following are the initial values for this sub-registry.

   Header Field                  Parameter Name   Predefined  Reference
                                                    Values
   _____________________________________________________________________
   Accept                        q                    No     [RFC 3261]
   Accept-Encoding               q                    No     [RFC 3261]
   Accept-Language               q                    No     [RFC 3261]
   Authorization                 algorithm           Yes     [RFC 3261]
                                                            [[RFC 3310]]
   Authorization                 auts                 No     [RFC 3310]
   Authorization                 cnonce               No     [RFC 3261]
   Authorization                 nc                   No     [RFC 3261]
   Authorization                 nonce                No     [RFC 3261]
   Authorization                 opaque               No     [RFC 3261]
   Authorization                 qop                 Yes     [RFC 3261]
   Authorization                 realm                No     [RFC 3261]
   Authorization                 response             No     [RFC 3261]
   Authorization                 uri                  No     [RFC 3261]
   Authorization                 username             No     [RFC 3261]
   Authentication-Info           cnonce               No     [RFC 3261]
   Authentication-Info           nc                   No     [RFC 3261]
   Authentication-Info           nextnonce            No     [RFC 3261]
   Authentication-Info           qop                 Yes     [RFC 3261]
   Authentication-Info           rspauth              No     [RFC 3261]
   Call-Info                     purpose             Yes     [RFC 3261]
   Contact                       expires              No     [RFC 3261]
   Contact                       q                    No     [RFC 3261]
   Content-Disposition           handling            Yes     [RFC 3261]
   Event                         id                   No     [RFC 3265]
   From                          tag                  No     [RFC 3261]
   P-Access-Network-Info         cgi-3gpp             No     [RFC 3455]
   P-Access-Network-Info         utran-cell-id-3gpp   No     [RFC 3455]
   P-Charging-Function-Addresses ccf                  No     [RFC 3455]
   P-Charging-Function-Addresses ecf                  No     [RFC 3455]
   P-Charging-Vector             icid-value           No     [RFC 3455]
   P-Charging-Vector             icid-generated-at    No     [RFC 3455]
   P-Charging-Vector             orig-ioi             No     [RFC 3455]
   P-Charging-Vector             term-ioi             No     [RFC 3455]



Camarillo                Best Current Practice                  [Page 4]

RFC 3968                 SIP Parameter Registry            December 2004


   P-DCS-Billing-Info            called               No     [RFC 3603]
   P-DCS-Billing-Info            calling              No     [RFC 3603]
   P-DCS-Billing-Info            charge               No     [RFC 3603]
   P-DCS-Billing-Info            locroute             No     [RFC 3603]
   P-DCS-Billing-Info            rksgroup             No     [RFC 3603]
   P-DCS-Billing-Info            routing              No     [RFC 3603]
   P-DCS-LAES                    content              No     [RFC 3603]
   P-DCS-LAES                    key                  No     [RFC 3603]
   P-DCS-Redirect                count                No     [RFC 3603]
   P-DCS-Redirect                redirector-uri       No     [RFC 3603]
   Proxy-Authenticate            algorithm           Yes     [RFC 3261]
                                                            [[RFC 3310]]
   Proxy-Authenticate            domain               No     [RFC 3261]
   Proxy-Authenticate            nonce                No     [RFC 3261]
   Proxy-Authenticate            opaque               No     [RFC 3261]
   Proxy-Authenticate            qop                 Yes     [RFC 3261]
   Proxy-Authenticate            realm                No     [RFC 3261]
   Proxy-Authenticate            stale               Yes     [RFC 3261]
   Proxy-Authorization           algorithm           Yes     [RFC 3261]
                                                            [[RFC 3310]]
   Proxy-Authorization           auts                 No     [RFC 3310]
   Proxy-Authorization           cnonce               No     [RFC 3261]
   Proxy-Authorization           nc                   No     [RFC 3261]
   Proxy-Authorization           nonce                No     [RFC 3261]
   Proxy-Authorization           opaque               No     [RFC 3261]
   Proxy-Authorization           qop                 Yes     [RFC 3261]
   Proxy-Authorization           realm                No     [RFC 3261]
   Proxy-Authorization           response             No     [RFC 3261]
   Proxy-Authorization           uri                  No     [RFC 3261]
   Proxy-Authorization           username             No     [RFC 3261]
   Reason                        cause               Yes     [RFC 3326]
   Reason                        text                 No     [RFC 3326]
   Retry-After                   duration             No     [RFC 3261]
   Security-Client               alg                 Yes     [RFC 3329]
   Security-Client               ealg                Yes     [RFC 3329]
   Security-Client               d-alg               Yes     [RFC 3329]
   Security-Client               d-qop               Yes     [RFC 3329]
   Security-Client               d-ver                No     [RFC 3329]
   Security-Client               mod                 Yes     [RFC 3329]
   Security-Client               port1                No     [RFC 3329]
   Security-Client               port2                No     [RFC 3329]
   Security-Client               prot                Yes     [RFC 3329]
   Security-Client               q                    No     [RFC 3329]
   Security-Client               spi                  No     [RFC 3329]
   Security-Server               alg                 Yes     [RFC 3329]
   Security-Server               ealg                Yes     [RFC 3329]
   Security-Server               d-alg               Yes     [RFC 3329]
   Security-Server               d-qop               Yes     [RFC 3329]



Camarillo                Best Current Practice                  [Page 5]

RFC 3968                 SIP Parameter Registry            December 2004


   Security-Server               d-ver                No     [RFC 3329]
   Security-Server               mod                 Yes     [RFC 3329]
   Security-Server               port1                No     [RFC 3329]
   Security-Server               port2                No     [RFC 3329]
   Security-Server               prot                Yes     [RFC 3329]
   Security-Server               q                    No     [RFC 3329]
   Security-Server               spi                  No     [RFC 3329]
   Security-Verify               alg                 Yes     [RFC 3329]
   Security-Verify               ealg                Yes     [RFC 3329]
   Security-Verify               d-alg               Yes     [RFC 3329]
   Security-Verify               d-qop               Yes     [RFC 3329]
   Security-Verify               d-ver                No     [RFC 3329]
   Security-Verify               mod                 Yes     [RFC 3329]
   Security-Verify               port1                No     [RFC 3329]
   Security-Verify               port2                No     [RFC 3329]
   Security-Verify               prot                Yes     [RFC 3329]
   Security-Verify               q                    No     [RFC 3329]
   Security-Verify               spi                  No     [RFC 3329]
   Subscription-State            expires              No     [RFC 3265]
   Subscription-State            reason              Yes     [RFC 3265]
   Subscription-State            retry-after          No     [RFC 3265]
   To                            tag                  No     [RFC 3261]
   Via                           branch               No     [RFC 3261]
   Via                           comp                Yes     [RFC 3486]
   Via                           maddr                No     [RFC 3261]
   Via                           received             No     [RFC 3261]
   Via                           rport                No     [RFC 3581]
   Via                           ttl                  No     [RFC 3261]
   WWW-Authenticate              algorithm           Yes     [RFC 3261]
                                                            [[RFC 3310]]
   WWW-Authenticate              domain              Yes     [RFC 3261]
   WWW-Authenticate              nonce                No     [RFC 3261]
   WWW-Authenticate              opaque               No     [RFC 3261]
   WWW-Authenticate              qop                 Yes     [RFC 3261]
   WWW-Authenticate              realm                No     [RFC 3261]
   WWW-Authenticate              stale               Yes     [RFC 3261]

4.2.  Registration Policy for SIP Header Field Parameters

   As per the terminology in RFC 2434 [2], the registration policy for
   SIP header field parameters and parameter values shall be "IETF
   Consensus."

   For the purposes of this registry, the parameter or the parameter
   value for which IANA registration is requested MUST be defined by an
   RFC.  There is no requirement that this RFC be standards-track.





Camarillo                Best Current Practice                  [Page 6]

RFC 3968                 SIP Parameter Registry            December 2004


5.  Security Considerations

   The registry in this document does not in itself have security
   considerations.  However, as mentioned in RFC 3427, an important
   reason for the IETF to manage the extensions of SIP is to ensure that
   all extensions and parameters are able to provide secure usage.  The
   supporting RFC publications for parameter registrations described
   this specification MUST provide detailed security considerations for
   them.

6.  Acknowledgements

   Jonathan Rosenberg, Henning Schulzrinne, Rohan Mahy, Dean Willis, Aki
   Niemi, Bill Marshall, Miguel A. Garcia-Martin, Jean Francois Mule,
   and Allison Mankin provided useful comments on this document.

7.  Normative References

   [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
       Levels", BCP 14, RFC 2119, March 1997.

   [2] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA
       Considerations Section in RFCs", BCP 26, RFC 2434, October 1998.

   [3] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
       Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
       Session Initiation Protocol", RFC 3261, June 2002.

   [4] Mankin, A., Bradner, S., Mahy, R., Willis, D., Ott, J., and B.
       Rosen, "Change Process for the Session Initiation Protocol
       (SIP)", BCP 67, RFC 3427, December 2002.

Author's Address

   Gonzalo Camarillo
   Ericsson
   Hirsalantie 11
   Jorvas  02420
   Finland

   EMail: Gonzalo.Camarillo@ericsson.com










Camarillo                Best Current Practice                  [Page 7]

RFC 3968                 SIP Parameter Registry            December 2004


Full Copyright Statement

   Copyright (C) The Internet Society (2004).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the IETF's procedures with respect to rights in IETF Documents can
   be found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at ietf-
   ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.







Camarillo                Best Current Practice                  [Page 8]