| draft-ietf-sipcore-status-unwanted-05.txt | draft-ietf-sipcore-status-unwanted-06.txt | |||
|---|---|---|---|---|
| SIPCORE H. Schulzrinne | SIPCORE H. Schulzrinne | |||
| Internet-Draft FCC | Internet-Draft FCC | |||
| Intended status: Standards Track April 19, 2017 | Intended status: Standards Track May 8, 2017 | |||
| Expires: October 21, 2017 | Expires: November 9, 2017 | |||
| A SIP Response Code for Unwanted Calls | A SIP Response Code for Unwanted Calls | |||
| draft-ietf-sipcore-status-unwanted-05 | draft-ietf-sipcore-status-unwanted-06 | |||
| Abstract | Abstract | |||
| This document defines the 607 (Unwanted) SIP response code, allowing | This document defines the 607 (Unwanted) SIP response code, allowing | |||
| called parties to indicate that the call or message was unwanted. | called parties to indicate that the call or message was unwanted. | |||
| SIP entities may use this information to adjust how future calls from | SIP entities may use this information to adjust how future calls from | |||
| this calling party are handled for the called party or more broadly. | this calling party are handled for the called party or more broadly. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 21, 2017. | This Internet-Draft will expire on November 9, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 16 ¶ | skipping to change at page 2, line 16 ¶ | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Normative Language . . . . . . . . . . . . . . . . . . . . . 3 | 2. Normative Language . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. Behavior of SIP Entities . . . . . . . . . . . . . . . . . . 3 | 4. Behavior of SIP Entities . . . . . . . . . . . . . . . . . . 3 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 5.1. SIP Response Code . . . . . . . . . . . . . . . . . . . . 5 | 5.1. SIP Response Code . . . . . . . . . . . . . . . . . . . . 5 | |||
| 5.2. SIP Global Feature-Capability Indicator . . . . . . . . . 5 | 5.2. SIP Global Feature-Capability Indicator . . . . . . . . . 5 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | |||
| 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 | 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 7 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 7 | 8.2. Informative References . . . . . . . . . . . . . . . . . 7 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 8 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 1. Introduction | 1. Introduction | |||
| In many countries, an increasing number of calls are unwanted | In many countries, an increasing number of calls are unwanted | |||
| [RFC5039]: they might be fraudulent, illegal telemarketing or the | [RFC5039]: they might be fraudulent, illegal telemarketing or the | |||
| receiving party does not want to be disturbed by, say, surveys or | receiving party does not want to be disturbed by, say, surveys or | |||
| solicitation by charities. Carriers and other service providers may | solicitation by charities. Carriers and other service providers may | |||
| want to help their subscribers avoid receiving such calls, using a | want to help their subscribers avoid receiving such calls, using a | |||
| skipping to change at page 3, line 25 ¶ | skipping to change at page 3, line 25 ¶ | |||
| 3. Motivation | 3. Motivation | |||
| None of the existing 4xx, 5xx or 6xx response codes signify that this | None of the existing 4xx, 5xx or 6xx response codes signify that this | |||
| SIP request is unwanted by the called party. For example, 603 | SIP request is unwanted by the called party. For example, 603 | |||
| (Decline) might be used if the called party is currently at dinner or | (Decline) might be used if the called party is currently at dinner or | |||
| in a meeting, but does not want to indicate any specific reason. As | in a meeting, but does not want to indicate any specific reason. As | |||
| described in Section 21.6.2 [RFC3261], a 603 response may include a | described in Section 21.6.2 [RFC3261], a 603 response may include a | |||
| Retry-After header field to indicate a better time to attempt the | Retry-After header field to indicate a better time to attempt the | |||
| call. Thus, the call is rejected due to the called party's | call. Thus, the call is rejected due to the called party's | |||
| (temporary) disposition. As described in Section 4, the called party | (temporary) status. As described in Section 4, the called party | |||
| invokes the "unwanted call" user interface and 607 (Unwanted) | invokes the "unwanted call" user interface and 607 (Unwanted) | |||
| response indicating that it is instead the caller's identity that is | response indicating that it is instead the caller's identity that is | |||
| causing the call to be rejected. The particular response code number | causing the call to be rejected. | |||
| was chosen to reflect the distaste felt by many upon receiving such | ||||
| calls. | ||||
| 4. Behavior of SIP Entities | 4. Behavior of SIP Entities | |||
| The response code 607 MAY be used in a failure response for an | The response code 607 MAY be used in a failure response for an | |||
| INVITE, MESSAGE, SUBSCRIBE or other out-of-dialog SIP request to | INVITE, MESSAGE, SUBSCRIBE or other out-of-dialog SIP request to | |||
| indicate that the offered communication is unwanted. The response | indicate that the offered communication is unwanted. The response | |||
| code MAY also be used as the value of the "cause" parameter of a SIP | code MAY also be used as the value of the "cause" parameter of a SIP | |||
| reason-value in a Reason header field [RFC3326], typically when the | reason-value in a Reason header field [RFC3326], typically when the | |||
| called party user agent issues a BYE request terminating an incoming | called party user agent issues a BYE request terminating an incoming | |||
| call or a forking proxy issues a CANCEL request after receiving a 607 | call or a forking proxy issues a CANCEL request after receiving a 607 | |||
| skipping to change at page 4, line 9 ¶ | skipping to change at page 4, line 7 ¶ | |||
| The SIP entities receiving this response code are not obligated to | The SIP entities receiving this response code are not obligated to | |||
| take any particular action beyond those appropriate for 6xx | take any particular action beyond those appropriate for 6xx | |||
| responses. Following the default handling for 6xx responses in | responses. Following the default handling for 6xx responses in | |||
| [RFC5057], the 607 response destroys the transaction. The service | [RFC5057], the 607 response destroys the transaction. The service | |||
| provider delivering calls or messages to the user issuing the | provider delivering calls or messages to the user issuing the | |||
| response MAY take a range of actions, for example, add the calling | response MAY take a range of actions, for example, add the calling | |||
| party to a personal blacklist specific to the called party, use the | party to a personal blacklist specific to the called party, use the | |||
| information as input when computing the likelihood that the calling | information as input when computing the likelihood that the calling | |||
| party is placing unwanted calls ("crowd sourcing"), initiate a | party is placing unwanted calls ("crowd sourcing"), initiate a | |||
| traceback request, or report the calling party identity to consumer | traceback request, or report the calling party identity to consumer | |||
| complaint databases operated by government authorities. | complaint databases. As discussed in Section Section 6, reversing | |||
| the 'unwanted' labeling is beyond the scope of this mechanism, as it | ||||
| will likely require a mechanism other than call signaling. | ||||
| The user experience is envisioned to be somewhat similar to email | The user experience is envisioned to be somewhat similar to email | |||
| spam buttons where the detailed actions of the email provider remain | spam buttons where the detailed actions of the email provider remain | |||
| opaque to the user. | opaque to the user. | |||
| Call handling for unwanted calls is likely to involve a combination | The mechanism described here is only one of many inputs likely to be | |||
| of heuristics, analytics, and machine learning. These may use call | used by call filtering algorithms operated by service providers, | |||
| characteristics such as call duration and call volumes for a | using data on calls from a particular identifier such as a telephone | |||
| particular caller, as well changes in those metrics over time, as | number to establish handling for future calls from the same | |||
| well as user feedback. Implementations will have to make appropriate | identifier. Call handling for unwanted calls is likely to involve a | |||
| trade-offs between falsely labeling a caller as unwanted and | combination of heuristics, analytics, and machine learning. These | |||
| delivering unwanted calls. | may use call characteristics such as call duration and call volumes | |||
| for a particular caller, including changes in those metrics over | ||||
| time, as well as user feedback via non-SIP approaches and the | ||||
| mechanism described here. Implementations will have to make | ||||
| appropriate trade-offs between falsely labeling a caller as unwanted | ||||
| and delivering unwanted calls. | ||||
| Systems receiving 607 responses could decide to treat pre-call and | Systems receiving 607 responses could decide to treat pre-call and | |||
| mid-call responses differently, given that the called party has had | mid-call responses differently, given that the called party has had | |||
| access to call content for mid-call rejections. | access to call content for mid-call rejections. | |||
| Depending on the implementation, the response code does not | Depending on the implementation, the response code does not | |||
| necessarily automatically block all calls from that caller identity. | necessarily automatically block all calls from that caller identity. | |||
| The same user interface action might also trigger addition of the | The same user interface action might also trigger addition of the | |||
| caller identity to a local, on-device blacklist or graylist, e.g., | caller identity to a local, on-device blacklist or graylist, e.g., | |||
| causing such calls to be flagged or alerted with a different ring | causing such calls to be flagged or alerted with a different ring | |||
| skipping to change at page 6, line 17 ¶ | skipping to change at page 6, line 22 ¶ | |||
| blacklist. For example, the list may be shown on a web page or the | blacklist. For example, the list may be shown on a web page or the | |||
| subscriber may be notified by periodic email reminders. Any | subscriber may be notified by periodic email reminders. Any | |||
| additions to a global or carrier-wide list of unwanted callers needs | additions to a global or carrier-wide list of unwanted callers needs | |||
| to consider that any user-initiated mechanism will suffer from an | to consider that any user-initiated mechanism will suffer from an | |||
| unavoidable rate of false positives and tailor their algorithms | unavoidable rate of false positives and tailor their algorithms | |||
| accordingly, e.g., by comparing the fraction of delivered calls for a | accordingly, e.g., by comparing the fraction of delivered calls for a | |||
| particular caller that are flagged as unwanted rather than just the | particular caller that are flagged as unwanted rather than just the | |||
| absolute number, and considering time-weighted filters that give more | absolute number, and considering time-weighted filters that give more | |||
| credence to recent feedback. | credence to recent feedback. | |||
| If an attacker on an unsecured network can spoof SIP responses for a | ||||
| significant number of call recipients, it may be able to convince the | ||||
| call filtering algorithm to block legitimate calls. Use of TLS to | ||||
| protect signaling mitigates against this risk. | ||||
| Since caller identities are routinely re-assigned to new subscribers, | Since caller identities are routinely re-assigned to new subscribers, | |||
| algorithms are advised to consider whether the caller identity has | algorithms are advised to consider whether the caller identity has | |||
| been re-assigned to a new subscriber and possibly reset any related | been re-assigned to a new subscriber and possibly reset any related | |||
| rating. (In some countries, there are services that track which | rating. (In some countries, there are services that track which | |||
| telephone numbers have been disconnected before they are re-assigned | telephone numbers have been disconnected before they are re-assigned | |||
| to a new subscriber.) | to a new subscriber.) | |||
| Some call services such as 3PCC [RFC3725] and call transfer [RFC3665] | Some call services such as 3PCC [RFC3725] and call transfer [RFC5359] | |||
| increase the complexity of identifying who (if anyone) should be | increase the complexity of identifying who (if anyone) should be | |||
| impacted by the receipt of 607 within BYE. Such services might cause | impacted by the receipt of 607 within BYE. Such services might cause | |||
| the wrong party to be flagged or prevent flagging the desired party. | the wrong party to be flagged or prevent flagging the desired party. | |||
| For both individually-authenticated and unauthenticated calls, | For both individually-authenticated and unauthenticated calls, | |||
| recipients of response code 607 may want to distinguish responses | recipients of response code 607 may want to distinguish responses | |||
| sent before and after the call has been answered, ascertaining | sent before and after the call has been answered, ascertaining | |||
| whether either response timing suffers from a lower false-positive | whether either response timing suffers from a lower false-positive | |||
| rate. | rate. | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| Tolga Asveren, Ben Campbell, Peter Dawes, Martin Dolly, Keith Drage, | Tolga Asveren, Ben Campbell, Peter Dawes, Spencer Dawkins, Martin | |||
| Vijay Gurbani, Christer Holmberg, Olle Johansson, Paul Kyzivat, Jean | Dolly, Keith Drage, Vijay Gurbani, Christer Holmberg, Olle Johansson, | |||
| Mahoney, Marianne Mohali, Adam Montville, Al Morton, Denis Ovsienko, | Paul Kyzivat, Jean Mahoney, Marianne Mohali, Adam Montville, Al | |||
| Brian Rosen, Brett Tate, Chris Wendt, Dale Worley and Peter Yee (Gen- | Morton, Denis Ovsienko, Brian Rosen, Brett Tate, Chris Wendt, Dale | |||
| ART reviewer) provided helpful comments. | Worley and Peter Yee (Gen-ART reviewer) provided helpful comments. | |||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| skipping to change at page 7, line 35 ¶ | skipping to change at page 7, line 44 ¶ | |||
| Peterson, J., Jennings, C., Rescorla, E., and C. Wendt, | Peterson, J., Jennings, C., Rescorla, E., and C. Wendt, | |||
| "Authenticated Identity Management in the Session | "Authenticated Identity Management in the Session | |||
| Initiation Protocol (SIP)", draft-ietf-stir-rfc4474bis-16 | Initiation Protocol (SIP)", draft-ietf-stir-rfc4474bis-16 | |||
| (work in progress), February 2017. | (work in progress), February 2017. | |||
| [RFC3323] Peterson, J., "A Privacy Mechanism for the Session | [RFC3323] Peterson, J., "A Privacy Mechanism for the Session | |||
| Initiation Protocol (SIP)", RFC 3323, | Initiation Protocol (SIP)", RFC 3323, | |||
| DOI 10.17487/RFC3323, November 2002, | DOI 10.17487/RFC3323, November 2002, | |||
| <http://www.rfc-editor.org/info/rfc3323>. | <http://www.rfc-editor.org/info/rfc3323>. | |||
| [RFC3665] Johnston, A., Donovan, S., Sparks, R., Cunningham, C., and | ||||
| K. Summers, "Session Initiation Protocol (SIP) Basic Call | ||||
| Flow Examples", BCP 75, RFC 3665, DOI 10.17487/RFC3665, | ||||
| December 2003, <http://www.rfc-editor.org/info/rfc3665>. | ||||
| [RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. | [RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. | |||
| Camarillo, "Best Current Practices for Third Party Call | Camarillo, "Best Current Practices for Third Party Call | |||
| Control (3pcc) in the Session Initiation Protocol (SIP)", | Control (3pcc) in the Session Initiation Protocol (SIP)", | |||
| BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004, | BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004, | |||
| <http://www.rfc-editor.org/info/rfc3725>. | <http://www.rfc-editor.org/info/rfc3725>. | |||
| [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", | [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", | |||
| RFC 3966, DOI 10.17487/RFC3966, December 2004, | RFC 3966, DOI 10.17487/RFC3966, December 2004, | |||
| <http://www.rfc-editor.org/info/rfc3966>. | <http://www.rfc-editor.org/info/rfc3966>. | |||
| [RFC5039] Rosenberg, J. and C. Jennings, "The Session Initiation | [RFC5039] Rosenberg, J. and C. Jennings, "The Session Initiation | |||
| Protocol (SIP) and Spam", RFC 5039, DOI 10.17487/RFC5039, | Protocol (SIP) and Spam", RFC 5039, DOI 10.17487/RFC5039, | |||
| January 2008, <http://www.rfc-editor.org/info/rfc5039>. | January 2008, <http://www.rfc-editor.org/info/rfc5039>. | |||
| [RFC5057] Sparks, R., "Multiple Dialog Usages in the Session | [RFC5057] Sparks, R., "Multiple Dialog Usages in the Session | |||
| Initiation Protocol", RFC 5057, DOI 10.17487/RFC5057, | Initiation Protocol", RFC 5057, DOI 10.17487/RFC5057, | |||
| November 2007, <http://www.rfc-editor.org/info/rfc5057>. | November 2007, <http://www.rfc-editor.org/info/rfc5057>. | |||
| [RFC5359] Johnston, A., Ed., Sparks, R., Cunningham, C., Donovan, | ||||
| S., and K. Summers, "Session Initiation Protocol Service | ||||
| Examples", BCP 144, RFC 5359, DOI 10.17487/RFC5359, | ||||
| October 2008, <http://www.rfc-editor.org/info/rfc5359>. | ||||
| Author's Address | Author's Address | |||
| Henning Schulzrinne | Henning Schulzrinne | |||
| FCC | FCC | |||
| 445 12th Street SW | 445 12th Street SW | |||
| Washington, DC 20554 | Washington, DC 20554 | |||
| US | US | |||
| Email: henning.schulzrinne@fcc.gov | Email: henning.schulzrinne@fcc.gov | |||
| End of changes. 13 change blocks. | ||||
| 29 lines changed or deleted | 39 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||