draft-ietf-sipcore-status-unwanted-04.txt   draft-ietf-sipcore-status-unwanted-05.txt 
SIPCORE H. Schulzrinne SIPCORE H. Schulzrinne
Internet-Draft FCC Internet-Draft FCC
Intended status: Standards Track March 2, 2017 Intended status: Standards Track April 19, 2017
Expires: September 3, 2017 Expires: October 21, 2017
A SIP Response Code for Unwanted Calls A SIP Response Code for Unwanted Calls
draft-ietf-sipcore-status-unwanted-04 draft-ietf-sipcore-status-unwanted-05
Abstract Abstract
This document defines the 666 (Unwanted) SIP response code, allowing This document defines the 607 (Unwanted) SIP response code, allowing
called parties to indicate that the call or message was unwanted. called parties to indicate that the call or message was unwanted.
SIP entities may use this information to adjust how future calls from SIP entities may use this information to adjust how future calls from
this calling party are handled for the called party or more broadly. this calling party are handled for the called party or more broadly.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 3, 2017. This Internet-Draft will expire on October 21, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 19 skipping to change at page 2, line 19
3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Behavior of SIP Entities . . . . . . . . . . . . . . . . . . 3 4. Behavior of SIP Entities . . . . . . . . . . . . . . . . . . 3
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
5.1. SIP Response Code . . . . . . . . . . . . . . . . . . . . 5 5.1. SIP Response Code . . . . . . . . . . . . . . . . . . . . 5
5.2. SIP Global Feature-Capability Indicator . . . . . . . . . 5 5.2. SIP Global Feature-Capability Indicator . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
8.1. Normative References . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . 6
8.2. Informative References . . . . . . . . . . . . . . . . . 7 8.2. Informative References . . . . . . . . . . . . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
In many countries, an increasing number of calls are unwanted In many countries, an increasing number of calls are unwanted
[RFC5039]: they might be fraudulent, illegal telemarketing or the [RFC5039]: they might be fraudulent, illegal telemarketing or the
receiving party does not want to be disturbed by, say, surveys or receiving party does not want to be disturbed by, say, surveys or
solicitation by charities. Carriers and other service providers may solicitation by charities. Carriers and other service providers may
want to help their subscribers avoid receiving such calls, using a want to help their subscribers avoid receiving such calls, using a
variety of global or user-specific filtering algorithms. One input variety of global or user-specific filtering algorithms. One input
into such algorithms is user feedback. User feedback may be offered into such algorithms is user feedback. User feedback may be offered
through smartphone apps, APIs or within the context of a SIP- through smartphone apps, APIs or within the context of a SIP-
initiated call. This document addresses only the last mode, where initiated call. This document addresses feedback within the SIP
the called party either rejects the SIP [RFC3261] request, typically call. Here, the called party either rejects the SIP [RFC3261]
requests using the INVITE or MESSAGE methods, as unwanted or request as unwanted or terminates the session with a BYE request
terminates the session with a BYE request after answering the call. after answering the call. INVITE and MESSAGE requests are most
likely to trigger such a response.
To allow the called party to express that the call was unwanted, this To allow the called party to express that the call was unwanted, this
document defines the 666 (Unwanted) response code. The called user document defines the 607 (Unwanted) response code. The user agent of
agent (UAS), based on input from the called party or some UA-internal the called party, based on input from the called party or some UA-
logic, uses this to indicate that this call is unwanted and that internal logic, uses this to indicate that this call is unwanted and
future attempts are likely to be similarly rejected. While factors that future attempts are likely to be similarly rejected. While
such as identity spoofing and call forwarding may make authoritative factors such as identity spoofing and call forwarding may make
identification of the calling party difficult or impossible, the authoritative identification of the calling party difficult or
network can use such a rejection -- possibly combined with a pattern impossible, the network can use such a rejection -- possibly combined
of rejections by other callees and/or other information -- as input with a pattern of rejections by other callees and/or other
to a heuristic algorithm for determining future call treatment. The information -- as input to a heuristic algorithm for determining
heuristic processing and possible treatment of persistently unwanted future call treatment. The heuristic processing and possible
calls are outside the scope of this document. treatment of persistently unwanted calls are outside the scope of
this document.
As in [I-D.ietf-stir-rfc4474bis], we use the term "caller identity" As in [I-D.ietf-stir-rfc4474bis], we use the term "caller identity"
or "calling party identity" in this document to mean either a or "calling party identity" in this document to mean either a
canonical address-of-record (AoR) SIP URI employed to reach a user canonical address-of-record (AoR) SIP URI employed to reach a user
(such as 'sip:alice@atlanta.example.com'), or a telephone number, (such as 'sip:alice@atlanta.example.com'), or a telephone number,
which commonly appears in either a tel URI [RFC3966] or as the user which commonly appears in either a tel URI [RFC3966] or as the user
portion of a SIP URI. portion of a SIP URI.
2. Normative Language 2. Normative Language
skipping to change at page 3, line 24 skipping to change at page 3, line 26
3. Motivation 3. Motivation
None of the existing 4xx, 5xx or 6xx response codes signify that this None of the existing 4xx, 5xx or 6xx response codes signify that this
SIP request is unwanted by the called party. For example, 603 SIP request is unwanted by the called party. For example, 603
(Decline) might be used if the called party is currently at dinner or (Decline) might be used if the called party is currently at dinner or
in a meeting, but does not want to indicate any specific reason. As in a meeting, but does not want to indicate any specific reason. As
described in Section 21.6.2 [RFC3261], a 603 response may include a described in Section 21.6.2 [RFC3261], a 603 response may include a
Retry-After header field to indicate a better time to attempt the Retry-After header field to indicate a better time to attempt the
call. Thus, the call is rejected due to the called party's call. Thus, the call is rejected due to the called party's
(temporary) disposition. As described in Section 4, the called party (temporary) disposition. As described in Section 4, the called party
invokes the "unwanted call" user interface and 666 (Unwanted) invokes the "unwanted call" user interface and 607 (Unwanted)
response indicating that it is instead the caller's identity that is response indicating that it is instead the caller's identity that is
causing the call to be rejected. The particular response code number causing the call to be rejected. The particular response code number
was chosen to reflect the distaste felt by many upon receiving such was chosen to reflect the distaste felt by many upon receiving such
calls. calls.
4. Behavior of SIP Entities 4. Behavior of SIP Entities
The response code 666 MAY be used in a failure response for an The response code 607 MAY be used in a failure response for an
INVITE, MESSAGE, SUBSCRIBE or other out-of-dialog SIP request to INVITE, MESSAGE, SUBSCRIBE or other out-of-dialog SIP request to
indicate that the offered communication is unwanted. The response indicate that the offered communication is unwanted. The response
code MAY also be used as the value of the "cause" parameter of a SIP code MAY also be used as the value of the "cause" parameter of a SIP
reason-value in a Reason header field [RFC3326], typically when the reason-value in a Reason header field [RFC3326], typically when the
UAS issues a BYE request terminating an incoming call or the UAC called party user agent issues a BYE request terminating an incoming
issues a CANCEL request when forking a call. (Including a Reason call or a forking proxy issues a CANCEL request after receiving a 607
header field with the 666 status code allows the UAS that receives a response from one of the branches. (Including a Reason header field
CANCEL request to make an informed choice whether and how to include with the 607 status code allows the called party user agent that
such calls in their missed-call list.) receives a CANCEL request to make an informed choice whether and how
to include such calls in their missed-call list or whether to show an
appropriate indication to the user.)
The SIP entities receiving this response code are not obligated to The SIP entities receiving this response code are not obligated to
take any particular action beyond those appropriate for 6xx take any particular action beyond those appropriate for 6xx
responses. Following the default handling for 6xx responses in responses. Following the default handling for 6xx responses in
[RFC5057], the 666 response destroys the transaction. The service [RFC5057], the 607 response destroys the transaction. The service
provider delivering calls or messages to the user issuing the provider delivering calls or messages to the user issuing the
response, for example, MAY add the calling party to a personal response MAY take a range of actions, for example, add the calling
blacklist specific to the called party, MAY use the information as party to a personal blacklist specific to the called party, use the
input when computing the likelihood that the calling party is placing information as input when computing the likelihood that the calling
unwanted calls ("crowd sourcing"), MAY initiate a traceback request, party is placing unwanted calls ("crowd sourcing"), initiate a
and MAY report the calling party identity to government authorities. traceback request, or report the calling party identity to consumer
complaint databases operated by government authorities.
This specification does not mandate any particular action by SIP The user experience is envisioned to be somewhat similar to email
entities and leaves those to implementations. Call handling for spam buttons where the detailed actions of the email provider remain
unwanted calls is likely to involve a combination of heuristics, opaque to the user.
analytics, machine learning, based on user feedback, call
characteristics such as call duration and call volumes, as well
changes in such metrics. Implementations will have to make
appropriate trade-offs between falsely labeling a caller as unwanted
and delivering unwanted calls. The user experience is envisioned to
be somewhat similar to email spam buttons where the detailed actions
of the email provider remain opaque to the user.
Systems receiving 666 responses could decide to treat pre-call and Call handling for unwanted calls is likely to involve a combination
of heuristics, analytics, and machine learning. These may use call
characteristics such as call duration and call volumes for a
particular caller, as well changes in those metrics over time, as
well as user feedback. Implementations will have to make appropriate
trade-offs between falsely labeling a caller as unwanted and
delivering unwanted calls.
Systems receiving 607 responses could decide to treat pre-call and
mid-call responses differently, given that the called party has had mid-call responses differently, given that the called party has had
access to call content for mid-call rejections. In other words, access to call content for mid-call rejections.
depending on the implementation, the response code does not
Depending on the implementation, the response code does not
necessarily automatically block all calls from that caller identity. necessarily automatically block all calls from that caller identity.
The same user interface action might also trigger addition of the The same user interface action might also trigger addition of the
caller identity to a local, on-device blacklist or graylist, e.g., caller identity to a local, on-device blacklist or graylist, e.g.,
causing such calls to be flagged or alerted with a different ring causing such calls to be flagged or alerted with a different ring
tone. tone.
The actions described here do not depend on the nature of the SIP The actions described here do not depend on the nature of the SIP
URI, e.g., whether it describes a telephone number or not; however, URI, e.g., whether it describes a telephone number or not; however,
the same anonymous SIP URI [RFC3323] may be used by multiple callers the same anonymous SIP URI [RFC3323] may be used by multiple callers
and thus such URIs are unlikely to be appropriate for URI-specific and thus such URIs are unlikely to be appropriate for URI-specific
call treatment. SIP entities tallying responses for particular call treatment. SIP entities tallying responses for particular
callers may need to consider canonicalzing SIP URIs, including callers may need to consider canonicalzing SIP URIs, including
telephone numbers, as described in [I-D.ietf-stir-rfc4474bis]. The telephone numbers, as described in [I-D.ietf-stir-rfc4474bis]. The
calling party may be identified in different locations in the SIP calling party may be identified in different locations in the SIP
header, e.g., the From header field, P-Asserted-Identity or History- header, e.g., the From header field, P-Asserted-Identity or History-
Info, and may also be affected by diverting services. Info, and may also be affected by diverting services.
This document defines a SIP feature-capability [RFC6809], sip.666, This document defines a SIP feature-capability [RFC6809], sip.607,
that allows the registrar to indicate that the corresponding proxy that allows the registrar to indicate that the corresponding proxy
supports this particular response code. This allows the UA, for supports this particular response code. This allows the UA, for
example, to provide a suitable user interface element, such as a example, to provide a suitable user interface element, such as a
"spam" button, only if its service provider actually supports the "spam" button, only if its service provider actually supports the
feature. The presence of the feature capability does not imply that feature. The presence of the feature capability does not imply that
the provider will take any particular action, such as blocking future the provider will take any particular action, such as blocking future
calls. A UA may still decide to render a "spam" button even without calls. A UA may still decide to render a "spam" button even without
such a capability if, for example, it maintains a device-local such a capability if, for example, it maintains a device-local
blacklist or reports unwanted calls to a third party. blacklist or reports unwanted calls to a third party.
5. IANA Considerations 5. IANA Considerations
5.1. SIP Response Code 5.1. SIP Response Code
This document registers a new SIP response code. This response code This document registers a new SIP response code. This response code
is defined by the following information, which is to be added to the is defined by the following information, which is to be added to the
"Response Codes" sub-registry under http://www.iana.org/assignments/ "Response Codes" sub-registry under http://www.iana.org/assignments/
sip-parameters. sip-parameters.
Response Code Number 666 Response Code Number 607
Default Reason Phrase Unwanted Default Reason Phrase Unwanted
Reference [this RFC] Reference [this RFC]
5.2. SIP Global Feature-Capability Indicator 5.2. SIP Global Feature-Capability Indicator
This document defines the feature capability sip.666 in the "SIP This document defines the feature capability sip.607 in the "SIP
Feature-Capability Indicator Registration Tree" registry defined in Feature-Capability Indicator Registration Tree" registry defined in
[RFC6809]. [RFC6809].
Name sip.666 Name sip.607
Description This feature-capability indicator when used in a Description This feature-capability indicator, when included in a
REGISTER response indicates that the server will process the 666 Feature-Caps header field of a REGISTER response, indicates that
response code. This does not imply any specific action. the server supports, and will process, the 607 (Unwanted) response
code.
Reference [this RFC] Reference [this RFC]
6. Security Considerations 6. Security Considerations
If the calling party address is spoofed, users may report the caller If the calling party address is spoofed, users may report the caller
identity as placing unwanted calls, possibly leading to the blocking identity as placing unwanted calls, possibly leading to the blocking
of calls from the legitimate user of the caller identity in addition of calls from the legitimate user of the caller identity in addition
to the unwanted caller, i.e., creating a form of denial-of-service to the unwanted caller, i.e., creating a form of denial-of-service
attack. Thus, the response code SHOULD NOT be used for creating attack. Thus, the response code SHOULD NOT be used for creating
global call filters unless the calling party identity has been global call filters unless the calling party identity has been
authenticated using [I-D.ietf-stir-rfc4474bis] as being assigned to authenticated using [I-D.ietf-stir-rfc4474bis] as being assigned to
the caller placing the unwanted call. (The creation of call filters the caller placing the unwanted call. (The creation of call filters
local to a user agent is beyond the scope of this document.) local to a user agent is beyond the scope of this document.)
Even if the identity is not spoofed, a call or message recipient Even if the identity is not spoofed, a call or message recipient
might flag legitimate caller identities, e.g., to extract vengeance might flag legitimate caller identities, e.g., to exact vengeance on
on a person or business, or simply by mistake. To correct errors, a person or business, or simply by mistake. To correct errors, any
any additions to a personal list of blocked caller identities should additions to a personal list of blocked caller identities should be
be observable and reversible by the party being protected by the observable and reversible by the party being protected by the
blacklist. For example, the list may be shown on a web page or the blacklist. For example, the list may be shown on a web page or the
subscriber may be notified by periodic email reminders. Any subscriber may be notified by periodic email reminders. Any
additions to a global or carrier-wide list of unwanted callers needs additions to a global or carrier-wide list of unwanted callers needs
to consider that any user-initiated mechanism will suffer from an to consider that any user-initiated mechanism will suffer from an
unavoidable rate of false positives and tailor their algorithms unavoidable rate of false positives and tailor their algorithms
accordingly, e.g., by comparing the fraction of delivered calls for a accordingly, e.g., by comparing the fraction of delivered calls for a
particular caller that are flagged as unwanted rather than just the particular caller that are flagged as unwanted rather than just the
absolute number, and considering time-weighted filters that give more absolute number, and considering time-weighted filters that give more
credence to recent feedback. credence to recent feedback.
Since caller identities are routinely re-assigned to new subscribers, Since caller identities are routinely re-assigned to new subscribers,
algorithms are advised to consider whether the caller identity has algorithms are advised to consider whether the caller identity has
been re-assigned to a new subscriber and possibly reset any related been re-assigned to a new subscriber and possibly reset any related
rating. rating. (In some countries, there are services that track which
telephone numbers have been disconnected before they are re-assigned
to a new subscriber.)
Some call services such as 3PCC [RFC3725] and call transfer increase Some call services such as 3PCC [RFC3725] and call transfer [RFC3665]
the complexity of identifying who (if anyone) should be impacted by increase the complexity of identifying who (if anyone) should be
the receipt of 666 within BYE. Such services might cause the wrong impacted by the receipt of 607 within BYE. Such services might cause
party to be flagged or prevent flagging the desired party. the wrong party to be flagged or prevent flagging the desired party.
For both individually-authenticated and unauthenticated calls, For both individually-authenticated and unauthenticated calls,
recipients of response code 666 may want to distinguish responses recipients of response code 607 may want to distinguish responses
sent before and after the call has been answered, ascertaining sent before and after the call has been answered, ascertaining
whether either response timing suffers from a lower false-positive whether either response timing suffers from a lower false-positive
rate. rate.
7. Acknowledgements 7. Acknowledgements
Tolga Asveren, Peter Dawes, Martin Dolly, Keith Drage, Vijay Gurbani, Tolga Asveren, Ben Campbell, Peter Dawes, Martin Dolly, Keith Drage,
Olle Johansson, Paul Kyzivat, Jean Mahoney, Marianne Mohali, Brian Vijay Gurbani, Christer Holmberg, Olle Johansson, Paul Kyzivat, Jean
Rosen, Brett Tate, Chris Wendt and Dale Worley provided helpful Mahoney, Marianne Mohali, Adam Montville, Al Morton, Denis Ovsienko,
comments. Brian Rosen, Brett Tate, Chris Wendt, Dale Worley and Peter Yee (Gen-
ART reviewer) provided helpful comments.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 7, line 29 skipping to change at page 7, line 35
Peterson, J., Jennings, C., Rescorla, E., and C. Wendt, Peterson, J., Jennings, C., Rescorla, E., and C. Wendt,
"Authenticated Identity Management in the Session "Authenticated Identity Management in the Session
Initiation Protocol (SIP)", draft-ietf-stir-rfc4474bis-16 Initiation Protocol (SIP)", draft-ietf-stir-rfc4474bis-16
(work in progress), February 2017. (work in progress), February 2017.
[RFC3323] Peterson, J., "A Privacy Mechanism for the Session [RFC3323] Peterson, J., "A Privacy Mechanism for the Session
Initiation Protocol (SIP)", RFC 3323, Initiation Protocol (SIP)", RFC 3323,
DOI 10.17487/RFC3323, November 2002, DOI 10.17487/RFC3323, November 2002,
<http://www.rfc-editor.org/info/rfc3323>. <http://www.rfc-editor.org/info/rfc3323>.
[RFC3665] Johnston, A., Donovan, S., Sparks, R., Cunningham, C., and
K. Summers, "Session Initiation Protocol (SIP) Basic Call
Flow Examples", BCP 75, RFC 3665, DOI 10.17487/RFC3665,
December 2003, <http://www.rfc-editor.org/info/rfc3665>.
[RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. [RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G.
Camarillo, "Best Current Practices for Third Party Call Camarillo, "Best Current Practices for Third Party Call
Control (3pcc) in the Session Initiation Protocol (SIP)", Control (3pcc) in the Session Initiation Protocol (SIP)",
BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004, BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004,
<http://www.rfc-editor.org/info/rfc3725>. <http://www.rfc-editor.org/info/rfc3725>.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
RFC 3966, DOI 10.17487/RFC3966, December 2004, RFC 3966, DOI 10.17487/RFC3966, December 2004,
<http://www.rfc-editor.org/info/rfc3966>. <http://www.rfc-editor.org/info/rfc3966>.
 End of changes. 26 change blocks. 
68 lines changed or deleted 85 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/