XCON Working Group M. Barnes Internet-Draft Nortel Intended status: Standards Track C. Boulton Expires: June 27, 2010 NS-Technologies S P. Romano University of Napoli H. Schulzrinne Columbia University December 24, 2009 Centralized Conferencing Manipulation Protocol draft-ietf-xcon-ccmp-05 Abstract The Centralized Conferencing Manipulation Protocol (CCMP) can create, retrieve, change and delete objects describing a centralized conference, such as state and capabilities of the conference, participants, and their roles. The conference information is contained in XML documents and fragments conforming to the centralized conferencing data model schema. Even though the goal of the CCMP is to appropriately manage conference state, the mechanisms upon which the protocol itself is built are based on a state-less request/response paradigm. Conferencing clients send requests to conference servers, which respond to the client with the conference information. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Barnes, et al. Expires June 27, 2010 [Page 1] Internet-Draft CCMP December 2009 This Internet-Draft will expire on June 27, 2010. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Barnes, et al. Expires June 27, 2010 [Page 2] Internet-Draft CCMP December 2009 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. XCON Conference Control System Architecture . . . . . . . . . 7 4.1. Conference Objects . . . . . . . . . . . . . . . . . . . 8 4.2. Conference Users . . . . . . . . . . . . . . . . . . . . 8 5. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 10 5.1. Protocol Operations . . . . . . . . . . . . . . . . . . . 10 5.2. Implementation Approach . . . . . . . . . . . . . . . . . 12 6. CCMP messages . . . . . . . . . . . . . . . . . . . . . . . . 13 6.1. CCMP Request Message Type . . . . . . . . . . . . . . . . 13 6.2. CCMP Response Message Type . . . . . . . . . . . . . . . 14 6.3. Detailed messages . . . . . . . . . . . . . . . . . . . . 16 6.3.1. blueprintsRequest and blueprintsResponse . . . . . . 19 6.3.2. confsRequest and confsResponse . . . . . . . . . . . 22 6.3.3. blueprintRequest and blueprintResponse . . . . . . . 24 6.3.4. confRequest and confResponse . . . . . . . . . . . . 26 6.3.5. usersRequest and usersResponse . . . . . . . . . . . 29 6.3.6. userRequest and userResponse . . . . . . . . . . . . 32 6.3.7. sidebarsByValRequest and sidebarsByValResponse . . . 37 6.3.8. sidebarByValRequest and sidebarByValResponse . . . . 39 6.3.9. sidebarsByRefRequest and sidebarsByRefResponse . . . 42 6.3.10. sidebarByRefRequest and sidebarByRefResponse . . . . 44 6.4. CCMP Response Codes . . . . . . . . . . . . . . . . . . . 47 7. A complete example of the CCMP in action . . . . . . . . . . 51 7.1. Alice retrieves the available blueprints . . . . . . . . 51 7.2. Alice gets detailed information about a specific blueprint . . . . . . . . . . . . . . . . . . . . . . . . 54 7.3. Alice creates a new conference through a cloning operation . . . . . . . . . . . . . . . . . . . . . . . . 56 7.4. Alice updates conference information . . . . . . . . . . 58 7.5. Alice inserts a list of users in the conference object . 60 7.6. Alice joins the conference . . . . . . . . . . . . . . . 62 7.7. Alice adds a new user to the conference . . . . . . . . . 64 8. Locating a Conference Control Server . . . . . . . . . . . . 67 9. Managing Notifications . . . . . . . . . . . . . . . . . . . 69 10. HTTP Transport . . . . . . . . . . . . . . . . . . . . . . . 70 11. Security Considerations . . . . . . . . . . . . . . . . . . . 72 11.1. Assuring that the Proper Conferencing Server has been contacted . . . . . . . . . . . . . . . . . . . . . . . . 73 11.2. User Authentication and Authorization . . . . . . . . . . 73 11.3. Security and Privacy of Identity . . . . . . . . . . . . 74 12. XML Schema . . . . . . . . . . . . . . . . . . . . . . . . . 75 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 87 13.1. URN Sub-Namespace Registration . . . . . . . . . . . . . 87 13.2. XML Schema Registration . . . . . . . . . . . . . . . . . 87 Barnes, et al. Expires June 27, 2010 [Page 3] Internet-Draft CCMP December 2009 13.3. MIME Media Type Registration for 'application/ccmp+xml' . 88 13.4. DNS Registrations . . . . . . . . . . . . . . . . . . . . 89 13.4.1. Registration of a Conference Control Server Application Service Tag . . . . . . . . . . . . . . . 89 13.4.2. Registration of a Conference Control Server Application Protocol Tag for CCMP . . . . . . . . . . 89 13.5. CCMP Protocol Registry . . . . . . . . . . . . . . . . . 90 13.5.1. CCMP Message Types . . . . . . . . . . . . . . . . . 90 13.5.2. CCMP Response Codes . . . . . . . . . . . . . . . . . 91 14. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 94 15. Changes since last Version . . . . . . . . . . . . . . . . . 95 16. References . . . . . . . . . . . . . . . . . . . . . . . . . 97 16.1. Normative References . . . . . . . . . . . . . . . . . . 97 16.2. Informative References . . . . . . . . . . . . . . . . . 97 Appendix A. Appendix A: Other protocol models and transports considered for CCMP . . . . . . . . . . . . . . . . 99 A.1. Using SOAP for the CCMP . . . . . . . . . . . . . . . . . 99 A.2. A RESTful approach for the CCMP . . . . . . . . . . . . . 100 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 101 Barnes, et al. Expires June 27, 2010 [Page 4] Internet-Draft CCMP December 2009 1. Introduction The Framework for Centralized Conferencing [RFC5239] (XCON Framework) defines a signaling-agnostic framework, naming conventions and logical entities required for building advanced conferencing systems. The XCON Framework introduces the conference object as a logical representation of a conference instance, representing the current state and capabilities of a conference. The Centralized Conferencing Manipulation Protocol (CCMP) defined in this document allows authenticated and authorized users to create, manipulate and delete conference objects. Operations on conferences include adding and removing participants, changing their roles, as well as adding and removing media streams and associated end points. The CCMP implements the client-server model within the XCON Framework, with the conferencing client and conference control server acting as client and server, respectively. The CCMP uses HTTP [RFC2616] as the protocol to transfer the CCMP requests and responses, which contain the domain-specific XML-encoded data objects defined in the Conference Information Data Model for Centralized Conferencing (XCON Data Model) [I-D.ietf-xcon-common-data-model]. Section 4 provides an overview of the Conference Control functionality of the XCON framework, together with a description of the main targets CCMP deals with, namely conference objects and conference users. A general description of the operations associated with protocol messages is given in Section 5 together with implementation details. A complete example of the operation of the CCMP, describing a typical call flow associated with conference creation and manipulation, is provided in Section 7. Section 12 provides the XML schema. Barnes, et al. Expires June 27, 2010 [Page 5] Internet-Draft CCMP December 2009 2. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Barnes, et al. Expires June 27, 2010 [Page 6] Internet-Draft CCMP December 2009 3. Terminology In additon to the terms defined in the Framework for Centralized Conferencing [RFC5239], this document uses the following terms and acronyms: XCON aware client: An XCON conferencing system client which is able to use all of the protocols of the XCON framework suite. CRUD: CRUD stands for Create/Read/Update/Delete and indicates a design pattern supporting creating, retrieving, updating and destroying objects. REST: REpresentational State Transfer (REST) is an architectural style, i.e., a coordinated set of architectural constraints. REST is based on the consideration that a software architecture can often be specified as an appropriate configuration of components, data and connectors, all coordinated through constraining their mutual relationships. Coordination and constraints help achieve a desired set of architectural properties. [REST] SOAP: Simple Object Access Protocol defined in [W3C.REC-soap12-part1-20030624] and [W3C.REC-soap12-part2-20030624]. Barnes, et al. Expires June 27, 2010 [Page 7] Internet-Draft CCMP December 2009 4. XCON Conference Control System Architecture CCMP supports the XCON framework. Figure 1 depicts a subset of the "Conferencing System Logical Decomposition" architecture from the XCON framework document. It illustrates the role that CCMP assumes within the overall centralized architecture. ........................................................ . Conferencing System . . . . +---------------------------------------+ . . | C O N F E R E N C E O B J E C T | . . +-+-------------------------------------+ | . . | C O N F E R E N C E O B J E C T | | . . +-+-------------------------------------+ | | . . | C O N F E R E N C E O B J E C T | | | . . | | |-+ . . | |-+ . . +---------------------------------------+ . . ^ . . | . . v . . +-------------------+ . . | Conference Control| . . | Server | . . +-------------------+ . . ^ . .........................|.............................. | |Conference |Control |Manipulation |Protocol | .........................|.............................. . V . . +----------------+ . . | Conference | . . | Control | . . | Client | . . +----------------+ . . . . Conferencing Client . ........................................................ Figure 1: Conference Client Interaction Barnes, et al. Expires June 27, 2010 [Page 8] Internet-Draft CCMP December 2009 CCMP serves as the Conference Control Protocol, allowing the conference control client to interface with the conference object maintained by the conferencing system, as represented in Figure 1. Conference Control is one part of functionality for advanced conferencing supported by a conferencing client. Other functions are discussed in the XCON framework and related documents. Conference object and conference users do represent key elements involved in Conference Control operations. Their identifiers are widely used for creating the CCMP requests and responses. Such identifiers, used in CCMP for the conference object (XCON-URI) and conference user (XCON-USERID), are introduced in the XCON framework and defined in the XCON data model [I-D.ietf-xcon-common-data-model]. The main conference objects and users features are briefly described in the following subsections. 4.1. Conference Objects Conference objects feature a simple dynamic inheritance-and-override mechanism. Conference objects are linked into a tree known as "cloning tree" (see Section 7.1 of [RFC5239]). Each cloning tree node inherits attributes from its parent node. The roots of these inheritance trees are also known as "blueprints". Nodes in the inheritance tree can be active conferences or simply descriptions that do not currently have any resources associated with them. An object can mark certain of its properties as unalterable, so that they cannot be overridden. The schema for the conference object is defined in the XCON data model. Conference objects are uniquely identified by the XCON-URI. A client MAY specify a parent object (a conference or blueprint) from which to inherit values. 4.2. Conference Users Each conference can have zero or more users. All conference participants are users, but some users may have only administrative functions and do not contribute or receive media. Users are added one user at a time to simplify error reporting. When a conference is cloned from a parent object, users are inherited as well, so that it is easy to set up a conference that has the same set of participants or a common administrator. The Conference Control Server creates individual users, assigning them a unique Conference User Identifier (XCON-USERID). A variety of elements defined in the common element as specified in the XCON data model are used to determine how a specific user expects and is allowed to join a conference as a Barnes, et al. Expires June 27, 2010 [Page 9] Internet-Draft CCMP December 2009 participant or as a user with specific privileges (e.g., observer). For example, each element representing a user in the conference shows a "method" attribute which defines how the user is expected to join the conference, i.e. "dial-in" for users that are allowed to dial, "dial-out" for users that the conference focus will be trying to reach. "dial-in" is the default. If the conference is currently active, dial-out users are contacted immediately; otherwise, they are contacted at the start of the conference. The conference control protocol provides a mean to manipulate these and other kinds of user-related features. The conference control server assigns a unique Conference User Identifier (XCON-USERID) to each conferencing system user. The conference control server uses the XCON-USERID to change or delete elements. Depending upon policies and privileges, specific conference control clients MAY also manipulate elements. Barnes, et al. Expires June 27, 2010 [Page 10] Internet-Draft CCMP December 2009 5. Protocol Overview CCMP is a client-server, XML-based, state-less protocol, which has been specifically conceived to provide users with the necessary means for the creation, retrieval, modification and deletion of conference objects. Section 5.1 specifies the basic operations that can create, retrieve, modify and delete conference-related information in a centralized conference. The core set of objects manipulated in the CCMP protocol includes conference blueprints, the conference object, users, and sidebars. Conference-related information is encapsulated into CCMP messages in the form of documents or document fragments compliant with the XCON data model representation. Implementation details are presented in Section 5.2 5.1. Protocol Operations The main operations provided by CCMP belong in four general categories: create: for the creation of a conference, a conference user, a sidebar, or a blueprint. retrieve: to get information about the current state of either a conference object (be it an actual conference or a blueprint, or a sidebar) or a conference user. A retrieve operation can also be used to obtain the XCON-URIs of the active conferences and/or blueprints available at the server. update: to modify the current features of a specified conference or conference user. delete: to remove from the system a conference object or a conference user. Thus, the main targets of CCMP operations are: o conference objects associated with either active or registered conferences, o conference objects associated with blueprints, o conference objects associated with sidebars, both embedded in the main conference (i.e. elements in ) and external to it (i.e. whose xcon-uris are included in the Barnes, et al. Expires June 27, 2010 [Page 11] Internet-Draft CCMP December 2009 elements of )], o elements associated with conference users, o the list of XCON-URIs related to conferences and blueprints available at the server, for which only retrieval operations are allowed. Each operation in the protocol model is atomic and either succeeds or fails as a whole. The conference server MUST ensure that the operations are atomic in that the operation invoked by a specific conference client completes prior to another client's operation on the same conference object. The details for this data locking functionality are out of scope for the CCMP protocol specification and are implementation specific for a conference server. Thus, the conference server first checks all the parameters, before making any changes to the internal representation of the conference object. For example, it would be undesirable to change the of the conference, but then detect an invalid URI in one of the and abort the remaining updates. Also, since multiple clients can modify the same conference objects, conference clients SHOULD first obtain the current object from the conference server and then update the relevant data elements in the conference object prior to invoking a specific operation on the conference server. In order to effectively manage modifications to conference data, a versioning approach is implemented in the CCMP. More precisely, each conference object is associated with a version number indicating the most up to date view of the conference at the server's side. This version number is reported to the clients in response to their requests. A client sends an "update" message to the server to make modifications to a conference object. If the modifications are all successfully applied, the server sends a "success" response to the client. This response contains information about the current server- side version of the modified object. With this approach, a client working on version "X" of a conference object that finds a version number which is "X+1" inside a "success" response can be certain that the version being used is the most up to date. On the other hand, if the "success" response contains a version which is at least "X+2", the client can detect that the object that has been modified at the server's side was more up to date than the one it was working upon. This is clearly due to the effect of concurrent modification requests issued by independent clients. Hence, to ensure that the client has the latest version of the modified object, the client can send an additional "retrieve" request to the conference server. If a copy of the conference object is not returned to the client as part of the "update" response message, the client can obtain a copy through an ad-hoc "retrieve" message. Barnes, et al. Expires June 27, 2010 [Page 12] Internet-Draft CCMP December 2009 Based on the above considerations, all CCMP response messages except those associated with the retrieval of either the list of blueprints or the list of conferences MUST contain a mandatory "version" parameter. The "version" parameter is not included in request messages, since it represents information the server does not need: as long as the required modifications can be applied to the target conference object with no conflicts, the server does not care whether the client had an up to date view of the information. Thus, a client which has subscribed at the server, through the XCON event package [I-D.ietf-xcon-event-package], to notifications about conference object modifications, always has the most up to date version of the conference object. 5.2. Implementation Approach There have been a number of different proposals as to the most suitable implementation solution for the CCMP. A non-exhaustive summary of the most interesting ones is provided in Appendix A. The solution for the CCMP defined in this document is viewed as a good compromise amongst the most notable past candidates and is referred to as "HTTP transport plus CCMP body". With this approach, CCMP is able to take advantage of existing HTTP functionality. As with SOAP, the CCMP uses a "single HTTP verb" for transport (i.e. a single transaction type for each request/response pair); this allows decoupling CCMP messages from HTTP messages. Similarly, as with any RESTful approach, CCMP messages are inserted directly in the body of HTTP messages, thus avoiding any unnecessary processing and communication burden associated with further intermediaries. With this approach, no modification to the CCMP messages/operations is required to use a different transport protocol. The remainder of this document focuses on the selected approach. The CCMP protocol inserts XML-based CCMP requests into the body of HTTP POST operations and retrieves responses from the body of HTTP "200 OK" messages. CCMP messages have a MIME-type of "application/ ccmp+xml", which appears inside the "Content-Type" and "Accept" fields of HTTP requests and responses. Section 10 provides the complete requirements for an HTTP implementation to support the CCMP. Barnes, et al. Expires June 27, 2010 [Page 13] Internet-Draft CCMP December 2009 6. CCMP messages CCMP messages are either requests or responses. The general CCMP request message is defined in Section 6.1. The general CCMP response message is defined in Section 6.2. The details of the specific message type which is carried in the CCMP request and response messages are described in Section 6.3. CCMP response codes are listed in Section 6.4 6.1. CCMP Request Message Type A CCMP request message is comprised of the following parameters: confUserID: An optional parameter containing the XCON-USERID of the client. The "confUserID" parameter is used to determine if the conference control client has the authority to perform the operation, as well as other Authorization, Authentication and Accounting (AAA) procedures. The attribute is REQUIRED in the CCMP request and response messages with the exception of the case of a user who has no XCON-USERID and who wants to enter, via CCMP, a conference whose identifier is known. In such case, a side- effect of the request is that the user is provided with an appropriate XCON-USERID. An example of the above mentioned case will be provided in Section 6.3.6. confObjID: An optional parameter containing the XCON-URI of the target conference object. operation: An optional parameter refining the type of specialized request message. The "operation" parameter is REQUIRED in all requests except for the "blueprintsRequest" and "confsRequest" specialized messages. password: An optional parameter that MUST be inserted in all requests whose target conference object is password-protected (as per the element in [I-D.ietf-xcon-common-data-model]). specialized request message: This is specialization of the generic request message (e.g., blueprintsRequest), containing parameters that are dependent on the specific request sent to the server. A specialized request message MUST be included in the CCMP request message. The details for the specialized messages and associated parameters are provided in Section 6.3. Barnes, et al. Expires June 27, 2010 [Page 14] Internet-Draft CCMP December 2009 Figure 2: Structure of CCMP Request messages 6.2. CCMP Response Message Type A CCMP response message is comprised of the following parameters: confUserID: A mandatory parameter in CCMP response messages containing the XCON-USERID of the conferencing client who issued the CCMP request message. confObjID: An optional parameter containing the XCON-URI of the target conference object. operation: An optional parameter for CCMP response messages. This parameter is REQUIRED in all responses except for the "blueprintsResponse" and "confsResponse" specialized messages. Barnes, et al. Expires June 27, 2010 [Page 15] Internet-Draft CCMP December 2009 response-code: A mandatory parameter containing the response code associated with the request. The response code MUST be chosen from the codes listed in Section 6.4. response-string: An optional reason string associated with the response. In case of an error, the string can be used to provide the client with detailed information about the error. version: An optional parameter reflecting the current version number of the conference object referenced by the confObjID. The version number is contained in the "version" attribute of the element related to that conference. specialized response message: This is a specialization of the generic response message, containing parameters that are dependent on the specific request sent to the server (e.g., blueprintsResponse). A specialized response message SHOULD be included in the CCMP response message, except in an error situation where the CCMP request message did not contain a valid specialized message. In this case, the conference server MUST return a "response-code" of "badRequest". The details for the specialized messages and associated parameters are provided in Section 6.3. Barnes, et al. Expires June 27, 2010 [Page 16] Internet-Draft CCMP December 2009 Figure 3: Structure of CCMP Response message 6.3. Detailed messages Based on the request and response message structures described in Section 6.1 and Section 6.2, the following summarizes the specialized CCMP request/response types described in this document: 1. blueprintsRequest/blueprintsResponse 2. confsRequest/confsResponse 3. blueprintRequest/blueprintResponse 4. confRequest/confResponse Barnes, et al. Expires June 27, 2010 [Page 17] Internet-Draft CCMP December 2009 5. usersRequest/usersResponse 6. userRequest/userResponse 7. sidebarsByValRequest/sidebarsByValResponse 8. sidebarsByRefRequest/sidebarsByRefResponse 9. sidebarByValRequest/sidebarByValResponse 10. sidebarByRefRequest/sidebarByRefResponse These CCMP request/response pairs use the fundamental CCMP operations as defined in Section 5.1 to manipulate the conference data. Table 1 summarizes the CCMP operations and corresponding actions that are valid for a specific CCMP request type, noting that neither the blueprintsRequest/blueprintsResponse nor confsRequest/confsResponse require an "operation" parameter. The corresponding response MUST contain the same operation. Note that some entries are labeled "N/A" indicating the operation is invalid for that request type. In the case of an "N/A*", the operation MAY be allowed for specific privileged users or system administrators, but is not part of the functionality included in this document. Barnes, et al. Expires June 27, 2010 [Page 18] Internet-Draft CCMP December 2009 +---------------+------------+------------+------------+------------+ | Operation | Retrieve | Create | Update | Delete | | ------------- | | | | | | -Request Type | | | | | +---------------+------------+------------+------------+------------+ | blueprintsReq | Get list | N/A | N/A | N/A | | uest | of | | | | | | blueprints | | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | blueprintRequ | Get | N/A* | N/A* | N/A* | | est | blueprint | | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | confsRequest | Get list | N/A | N/A | N/A | | | of confs | | | | | | (active, | | | | | | etc.) | | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | confRequest | Gets | Creates | Changes | Deletes | | | conference | conference | conference | conference | | | object or | object | object | Object as | | | blueprint | | | a whole | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | usersRequest | Gets | N/A | Changes | N/A | | | specific | | specified | | | | users | | users | | | | element | | element | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | userRequest | Gets | Adds a | Changes | Deletes | | | specific | user to a | specified | user | | | user | conf (**) | user | element as | | | element | | element | a whole | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | sidebarsByVal | Gets | N/A | N/A | N/A | | Request | sidebars-b | | | | | | y -val | | | | | | element | | | | Barnes, et al. Expires June 27, 2010 [Page 19] Internet-Draft CCMP December 2009 | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | sidebarsByRef | Gets | N/A | N/A | N/A | | Request | sidebars-b | | | | | | y -ref | | | | | | element | | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | sidebarByValR | Gets a | Creates a | Adds or | Removes/ | | equest | sidebar | sidebar by | modifies a | deletes | | | element | cloning | sidebar | entire | | | | existing | | sidebar | | | | conf | | | | | | object | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | sidebarByRefR | Gets a | Creates | Adds or | Removes/ | | equest | sidebar | sidebar by | modifies | deletes | | | element | cloning | sidebar | entire | | | | existing | | sidebar | | | | conf | | | | | | object | | | +---------------+------------+------------+------------+------------+ Table 1: Request Type Operation Specific Processing (**): This operation can involve the creation of an XCON-UserID, if the sender does not add it in the "confUserID" parameter, or if the "entity" field of the userInfo parameter is void. Additional parameters included in the specialized CCMP request/ response messages are detailed in the subsequent sections. 6.3.1. blueprintsRequest and blueprintsResponse A "blueprintsRequest" (Figure 4) message is sent to request the list of XCON-URIs associated with the available blueprints from the conference server. Such URIs can be subsequently used by the client to access detailed information about a specified blueprint with a specific "blueprintRequest" message per Section 6.3.3. A "blueprintsRequest" message REQUIRES no additional parameters beyond those specified for the basic CCMP request message. The "confObjID" and "operation" parameters MUST NOT be included in the request or response for this transaction. A "blueprintsRequest" message MAY contain an optional "xpathFilter" parameter, which can be used to instruct the server on how to filter-out unwanted information from Barnes, et al. Expires June 27, 2010 [Page 20] Internet-Draft CCMP December 2009 the response. This parameter is of type "xs:string" for generality. The "xpathFilter" parameter MUST represent a syntactically correct XPath [W3C.REC-xpath-19991116] string used by the server to properly query the conference document database it manages. The associated "blueprintsResponse" message SHOULD contain, as shown in Figure 4, a "blueprintsInfo" parameter containing the above mentioned XCON-URI list. If the "blueprintsInfo" parameter is empty, the conference control client MAY attempt to use a local default blueprint to create conferences. However, the handling in this situation is specific to the conference control client implementation. Barnes, et al. Expires June 27, 2010 [Page 21] Internet-Draft CCMP December 2009 Figure 4: Structure of the blueprintsRequest and blueprintsResponse messages Barnes, et al. Expires June 27, 2010 [Page 22] Internet-Draft CCMP December 2009 6.3.2. confsRequest and confsResponse A "confsRequest" message is used to retrieve, from the server, the list of XCON-URIs associated with active and registered conferences. A "confsRequest" message REQUIRES no additional parameters beyond those specified for the basic CCMP request message. The "confObjID" parameter MUST NOT be included in the confsRequest message. The "confsRequest" message is of a "retrieve-only" type, since the sole purpose is to collect information available at the conference server. Thus, an "operation" parameter MUST NOT be included in a "confsRequest" message. The associated "confsResponse" message SHOULD contain the list of XCON-URIs in the "confsInfo" parameter. A user, upon receipt of the response message, can interact with the available conference objects through further CCMP messages. A "confsRequest" message MAY contain an optional "xpathFilter" parameter, which can be used to instruct the server on how to filter- out unwanted information from the response. This parameter is of type "xs:string" for generality. The "xpathFilter" parameter MUST represent a syntactically correct XPath [W3C.REC-xpath-19991116] string used by the server to properly query the conference document database it manages. As an example, to retrieve just registered conferences, a CCMP client can configure the mentioned "xpathFilter" parameter as follows: xpathFilter="/ info:conference-info[info:conference-state/info:active='false']"; Barnes, et al. Expires June 27, 2010 [Page 23] Internet-Draft CCMP December 2009 Figure 5: Structure of the confsRequest and confsResponse messages Barnes, et al. Expires June 27, 2010 [Page 24] Internet-Draft CCMP December 2009 6.3.3. blueprintRequest and blueprintResponse Through a "blueprintRequest", a client can manipulate the conference object associated with a specified blueprint. The request MUST include an "operation" parameter and a "confObjID" parameter. The "confObjID" parameter MUST contain the XCON-URI of the blueprint, which might have been previously retrieved through a "blueprintsRequest" message. The blueprintRequest message SHOULD NOT contain an "operation" parameter other than "retrieve". The "create", "update" and "delete" operations SHOULD NOT be included in a "blueprintRequest" message except in the case of privileged users (e.g. the conference server administration staff). In the case of "response-code" of "success" for a "retrieve" operation, the "blueprintInfo" parameter MUST be included in the "blueprintResponse" message. The "blueprintInfo" parameter contains the conference document associated with the blueprint as identified by the "confObjID" parameter specified in the blueprintRequest. If a response code of "objectNotFound" is received in a "blueprintResponse" message, a conference control client may attempt to retrieve another conference blueprint if more than one had been received in the "blueprintsResponse" message. If there was only one blueprint in the "blueprintsResponse" initially, then the client should send another "blueprintsRequest" message to determine if there may be new or additional blueprints for the specific conferencing system. If this "blueprintsResponse" message contains no blueprints, the handling is specific to the conference control client. Barnes, et al. Expires June 27, 2010 [Page 25] Internet-Draft CCMP December 2009 Figure 6: Structure of the blueprintRequest and blueprintResponse messages Barnes, et al. Expires June 27, 2010 [Page 26] Internet-Draft CCMP December 2009 6.3.4. confRequest and confResponse With a "confRequest" message, CCMP clients can manipulate conference objects associated with either active or registered conferences (blueprints or reservations). The request MUST include an "operation" parameter. Depending upon the type of "operation" a "confObjID" parameter MAY be included. The "confObjID" parameter contains the XCON-URI of the specific active or registered conference. The requirements for inclusion of "confInfo" parameter depends upon the specific "operation" in the confRequest/confResponse and are detailed below. The detailed information included in the "confInfo" parameter MUST follow the rules as specified in the XCON Data Model document [I-D.ietf-xcon-common-data-model]. To create a new conference through a "confRequest" message, two approaches can be considered: 1. Creation through explicit cloning: the "confObjID" parameter MUST contain the XCON-URI of either the blueprint, or of the conference, to be cloned, while the "confInfo" parameter MUST NOT be included in the confRequest; 2. Creation through implicit cloning (also known as "direct creation"): the "confObjID" parameter MUST NOT be included in the request and the CCMP client can describe the desired conference to be created through the "confInfo" parameter. If no "confInfo" parameter is provided in the request, the new conference will be created as a clone of the system's default blueprint. In both cases, the confResponse, for a successful completion of a "create" operation, contains a "response-code" of "success" and MUST contain the XCON-URI of the created conference in the "confObjID" parameter. In addition, the "confInfo" parameter transporting the created conference document MAY be included. Obviously, the newly created object can be manipulated by the client through a subsequent "update" operation. For example, after the creation and addition of the participants, the creator may want to lock the conference object. This can be accomplished with a confRequest with an operation of "update" by setting the "locked" element in the confInfo included in the confRequest message described below. In the case of a confRequest with a "retrieve" operation, the "confObjID" representing the XCON-URI of the target conference the conference control client MUST be included and the "confInfo" parameter SHOULD NOT be included in the request. The conferencing server MUST ignore any "confInfo" parameter that is received in a "confRequest" and this "confInfo" parameter MUST NOT be included in the confResponse. If the confResponse for the "retrieve" operation Barnes, et al. Expires June 27, 2010 [Page 27] Internet-Draft CCMP December 2009 contains a "response-code" of "success", the "confInfo" parameter MUST be included in the response. The "confInfo" parameter MUST contain the entire conference document describing the target conference object in its current state. In case of a confRequest with an "update" operation, the "confInfo" and "confObjID" MUST be included in the request. The "confInfo" represents an object of type "conference-type" containing all the changes to be applied to the conference whose identifier is "confObjID". In the case of a confResponse with a "response-code" of "success", no additional information is required in the "confResponse" message. A "response-code" of "success" indicates that the referenced conference document has been changed by the conference server. A "response-code" of "changeFailedProtected" indicates that the conferencing client is not allowed to make the changes reflected in the "confInfo" in the initial request. This might be due to policies, roles, specific privileges, etc.), with the reason specific to a conferencing system and its configuration. In the case of a confRequest with a "delete" operation, the "confObjID" representing the XCON-URI of the target conference MUST be included and the "confInfo" SHOULD NOT be included in the request. The conferencing server MUST ignore any "confInfo" parameter that is received. The confResponse MUST contain the same "confObjID" that was included in the confRequest. The confResponse MUST contain a "response-code" of "success" if the targeted conference is successfully deleted. If the confResponse for the "delete" operation contains a "response-code" of "success", the confResponse MUST NOT contain the "confInfo" parameter. If the conferencing server cannot delete the conference referenced by the "confObjID" received in the confRequest because it is the parent of another conference object that is in use, the conferencing server MUST return a "response-code" of "deleteParentFailed". The schema for the confRequest/confResponse pair is shown in Figure 7. Barnes, et al. Expires June 27, 2010 [Page 28] Internet-Draft CCMP December 2009 Figure 7: Structure of the confRequest and confResponse messages The following provides an example of the "confInfo" parameter Barnes, et al. Expires June 27, 2010 [Page 29] Internet-Draft CCMP December 2009 required to change the title of a conference: New conference title Figure 8: Updating a conference object: modifying the title of a conference Similarly, to remove the title of an existing conference, an "update" operation carrying the following "confInfo" parameter would do the job. Figure 9: Updating a conference object: removing the title of a conference 6.3.5. usersRequest and usersResponse Through a usersRequest message the CCMP client manipulates the element of the conference document associated with the conference identified by the "confObjID" parameter. Inside the element, along with the list of conference users, there is information that the client may be interested in controlling, such as the lists of users to which access to the conference is allowed/ denied, conference participation policies, etc.; for this reason, a customized message has been designed to allow for the manipulation of this specific part of a conference document. A "usersInfo" parameter MAY be included in a usersRequest message depending upon the operation. If the "usersInfo" parameter is included in the usersRequest message, the parameter MUST be compliant with the field of the XCON data model. Barnes, et al. Expires June 27, 2010 [Page 30] Internet-Draft CCMP December 2009 Two operations are allowed for a "usersRequest" message: 1. "retrieve": In this case the request MUST NOT include a "usersInfo" parameter, while a successful response MUST contain the desired element in the "usersInfo" parameter. The conference server MUST be ignore a "usersInfo" parameter if it is received in a request with a "retrieve" operation. 2. update: In this case, the "usersInfo" parameter MUST contain the modifications to be applied to the referred element. If the "response-code" is "success", then the "usersInfo" parameter SHOULD NOT be returned. Any "usersInfo" parameter that is returned SHOULD be ignored. A "response-code" of "changeFailedProtected" indicates that the conferencing client is not allowed to make the changes reflected in the "usersInfo" in usersRequest message. This could be due to policies, roles, specific privileges, etc.), with the reason specific to a conferencing system and its configuration. Thus, it is RECOMMENDED that the client continue using the previous version of the "usersInfo". Operations of "create" and "delete" are not applicable to a usersRequest message and MUST NOT be considered by the server, which means that a "response-code" of "forbidden" MUST be included in the usersResponse message. Barnes, et al. Expires June 27, 2010 [Page 31] Internet-Draft CCMP December 2009 Figure 10: Structure of the usersRequest and usersResponse messages Barnes, et al. Expires June 27, 2010 [Page 32] Internet-Draft CCMP December 2009 6.3.6. userRequest and userResponse A "userRequest" message is used to manipulate elements inside a conference document associated with a conference identified by the "confObjID" parameter. Besides retrieving information about a specific conference user, the message is used to request that the conference server either create, modify, or delete information about a user. A "userRequest" message MUST include the "confObjID", the "operation" parameter, and MAY include a "userInfo" parameter containing the detailed user's information depending upon the operation and whether the "userInfo" has already been populated for a specific user. Note that a user may not necessarily be a conferencing control client (i.e., some participants in a conference are not "XCON aware"). An XCON-USERID SHOULD be assigned to each and every user subscribed to the system. In such a way, a user who is not a conference participant can make requests (provided she has successfully passed AAA checks), like creating a conference, retrieving conference information, etc.. Conference users can be created in a number of different ways. In each of these cases the operation MUST be set to "create" in the userRequest message. Each of the userResponse messages for these cases MUST include the "confObjID", "confUserID", "operation" and "response-code" parameters. In the case of a response code of "success", the userResponse message MAY include the "userInfo" parameter depending upon the manner in which the user was created: o Conferencing client with an XCON-USERID adds itself to the conference: In this case, the "userInfo" parameter MAY be included in the userRequest. The "userInfo" parameter MUST contain a element (compliant with the XCON data model) and the "entity" attribute MUST be set to a value which represents the XCON-USERID of the user initiating the request. No additional parameters beyond those previously described are required in the userResponse message, in the case of a "response-code" of "success". o Conferencing client acts on behalf of a third user whose XCON- USERID is known: in this case, the "userInfo" parameter MUST be included in the userRequest. The "userInfo" parameter MUST contain a element and the "entity" attribute value MUST be set to the XCON-USERID of the third user in question. No additional parameters beyond those previously described are required in the userResponse message, in the case of a "response- code" of "success". Barnes, et al. Expires June 27, 2010 [Page 33] Internet-Draft CCMP December 2009 o A conferencing client who has no XCON-USERID and who wants to enter, via CCMP, a conference whose identifier is known. In such case, a side-effect of the request is that the user is provided with an appropriate XCON-USERID. The involved messages (userRequest and userResponse) in such case should look like the following: Request fields: confUserID=null; confObjID=confXYZ; operation=create; userInfo= ... Response fields (in case of success): confUserID=user345; confObjID=confXYZ; operation=create; response-code=success; userInfo=null; //or the entire userInfo object Figure 11: userRequest and userResponse in the absence of an xcon- userid o Conferencing client is unaware of the XCON-USERID of a third user: In this case, the "entity" attribute MUST NOT be included in the request. The XCON-USERID generated by the conference server for such a user MUST also be returned to the client as the value of the "entity" attribute in the "userInfo" parameter of the response if the "response-code" is "success". This scenario is mainly intended to support the case whereby a non-registered user is added to a conference by a third party, e.g. the chairperson of the conference. o Conferencing client obtains a new user profile in the context of a conference: this case is handled in the same manner as the Barnes, et al. Expires June 27, 2010 [Page 34] Internet-Draft CCMP December 2009 previous case associated with the creation of a user on behalf of a third party when the XCON-USERID is unknown, thus indicating to the conference server that the client wants a new XCON-USERID and associated "userInfo" parameter to be allocated and populated respectively. In the case of a userRequest with a "retrieve" operation, the "confObjID" representing the XCON-URI of the target conference MUST be included. The "confUserID", containing the xcon-userid of the CCMP client, MUST also be included in the userRequest message. If the client wants to retrieve information about her profile in the specified conference, no "userInfo" parameter is needed in the retrieve request. On the other hand, if the client wants to obtain someone else's information within the given conference, she MUST include in the userRequest/retrieve a "userInfo" parameter whose "entity" attribute conveys the desired user's xcon-userid. If the userResponse for the "retrieve" operation contains a "response-code" of "success", the "userInfo" parameter MUST be included in the response. In case of a userRequest with an "update" operation, the "confObjID", "confUserID" and "userInfo" MUST be included in the request. The "userInfo" is of type "user-type" and contains all the changes to be applied to a specific element in the conference object identified by the "confObjID" in the userRequest message. The user to be modified is identified through the "entity" attribute of the "userInfo" parameter included in the request. In the case of a userResponse with a "response-code" of "success", no additional information is required in the "userResponse" message. A "response- code" of "success" indicates that the referenced user element has been updated by the conference server. A "response-code" of "changeFailedProtected" indicates that the conferencing client is not allowed to make the changes reflected in the "userInfo" in the initial request. This could be due to policies, roles, specific privileges, etc., with the reason specific to a conferencing system and its configuration. Thus, it is RECOMMENDED that the client continue using the previous version of the "userInfo". In the case of a userRequest with a "delete" operation, the "confObjID" representing the XCON-URI of the target conference MUST be included. The "confUserID", containing the CCMP client's xcon- userid, MUST also be included in the userRequest message. If the client wants to exit the specified conference, no "userInfo" parameter is needed in the delete request. On the other hand, if the client wants to remove another participant from the given conference, she MUST include in the userRequest/delete a "userInfo" parameter whose "entity" attribute conveys the xcon-userid of that participant. The userResponse MUST contain the same "confObjID" that was included Barnes, et al. Expires June 27, 2010 [Page 35] Internet-Draft CCMP December 2009 in the userRequest. The userResponse MUST contain a "response-code" of "success" if the target element has been successfully deleted. If the userResponse for the "delete" operation contains a "response-code" of "success", the userResponse MUST NOT contain the "userInfo" parameter. Barnes, et al. Expires June 27, 2010 [Page 36] Internet-Draft CCMP December 2009 Figure 12: Structure of the userRequest and userResponse messages Barnes, et al. Expires June 27, 2010 [Page 37] Internet-Draft CCMP December 2009 6.3.7. sidebarsByValRequest and sidebarsByValResponse A "sidebarsByValRequest" is used to execute a retrieve-only operation on the field of the conference object represented by the "confObjID". The "sidebarsByValRequest" message is of a "retrieve-only" type, so an "operation" parameter MUST NOT be included in a "sidebarsByValRequest" message. A "sidebarsByValResponse" with a "response-code" of "success" MUST contain a "sidebarsByValInfo" parameter containing the desired element. The "version" parameter contained in the response is related to the current version of the main conference referenced by the "confObjId" parameter of the request. The "sidebarsByValInfo" parameter contains the list of the conference objects associated with the sidebars by value derived from the main conference. The retrieved sidebars can then be updated or deleted using the "sidebarByValRequest" message, which is described in Section 6.3.8. Barnes, et al. Expires June 27, 2010 [Page 38] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 39] Internet-Draft CCMP December 2009 Figure 13: Structure of the sidebarsByValRequest and sidebarsByValResponse messages 6.3.8. sidebarByValRequest and sidebarByValResponse A sidebarByValRequest message MUST contain the "operation" parameter which discriminates among retrieval, creation, modification and deletion of a specific sidebar. The other required parameters depend upon the type of operation. In the case of a "create" operation, the "confObjID" parameter MUST be included in the sidebyValRequest message. In this case, the "confObjID" parameter contains the XCON-URI of the main conference in which the sidebar is to be created. The "sidebarByValInfo" parameter SHOULD NOT be included in the request, since, as envisaged in the XCON framework ([RFC5239]), sidebars are always created by cloning the main conference. Any "sidebarByValInfo" included in the request MUST be ignored. The conference server sets the "active" element to "false" of the cloned conference to reflect that it is a "reserved" conference. The conference server MUST update the conference object reflected by the "confObjID" parameter, in the sidebarbyVal request message, from which the sidebar was created to reflect the newly created sidebar. The newly created conference object MAY be included in the response in the "sidebarByValInfo" parameter, if the "response-code" is "success". The URI of the conference object associated with the newly created sidebar object MUST appear in the "confObjID" parameter of the response. The conference server can notify any conferencing clients that have subscribed to the conference event package, and are authorized to receive the notifications, of the addition of the sidebar to the conference. In the case of a "sidebarByVal" request with an operation of "retrieve", the URI for the conference object created for the sidebar (received in the response to a "create" operation or in a sidebarsByValResponse message) MUST be included in the "confObjID" parameter in the request. This "retrieve" operation is handled by the conference server in the same manner as a "retrieve" operation included in a confRequest message as detailed in Section 6.3.4. In the case of a "sidebarByVal" request with an operation of "update", the "sidebarByValInfo" MUST also be included in the request. The "confObjID" parameter contained in the request message identifies the specific sidebar instance to be updated. An "update" operation on the "sidebarByValInfo" is handled by the conference server in the same manner as an "update" operation on the confInfo included in a confRequest message, as detailed in Section 6.3.4. The "version" parameter contained in the response is related to the current version of the conference object associated with the sidebar Barnes, et al. Expires June 27, 2010 [Page 40] Internet-Draft CCMP December 2009 referenced by the "confObjId" parameter of the request. If an "operation" of "delete" is included in the sidebarByVal request, the "sidebarByValInfo" parameter MUST NOT be included in the request. Any "sidebarByValInfo" included in the request MUST be ignored by the conference server. The URI for the conference object associated with the sidebar MUST be included in the "confObjID" parameter in the request. If the specific conferencing user as reflected by the "confUserID" in the request is authorized to delete the conference, the conference server deletes the conference object reflected by the "confObjID" parameter and updates the data in the conference object from which the sidebar was cloned. The conference server can notify any conferencing clients that have subscribed to the conference event package, and are authorized to receive the notifications, of the deletion of the sidebar to the conference. Barnes, et al. Expires June 27, 2010 [Page 41] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 42] Internet-Draft CCMP December 2009 Figure 14: Structure of the sidebarByValRequest and sidebarByValResponse messages 6.3.9. sidebarsByRefRequest and sidebarsByRefResponse Similar to the sidebarsByValRequest, a sidebarsByRefRequest can be invoked to retrieve the element of the conference object identified by the "confObjID" parameter. The "sidebarsByRefRequest" message is of a "retrieve-only" type, so an "operation" parameter MUST NOT be included in a "sidebarsByRefRequest" message. In the case of a "response-code" of "success", the "sidebarsByRefInfo" parameter, containing the element of the conference object, MUST be included in the response. The element represents the set of URIs of the sidebars associated with the main conference, whose description (in the form of a standard XCON conference document) is external to the main conference itself. Through the retrieved URIs, it is then possible to access single sidebars using the "sidebarByRef" request message, described in Section 6.3.10. The "version" parameter contained in the response is related to the current version of the main conference referenced by the "confObjId" parameter of the request. Barnes, et al. Expires June 27, 2010 [Page 43] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 44] Internet-Draft CCMP December 2009 Figure 15: Structure of the sidebarsByRefRequest and sidebarsByRefResponse messages 6.3.10. sidebarByRefRequest and sidebarByRefResponse A sidebarByRefRequest message MUST contain the "operation" parameter which discriminates among retrieval, creation, modification and deletion of a specific sidebar. The other required parameters depend upon the type of operation. In the case of an "operation of "create", the "confObjID" parameter representing the XCON-URI of the conference from which the sidebar is to be created (cloned) MUST be included in all sidebarByRefRequest messages. The "sidebarByRefInfo" parameter SHOULD NOT be included in the request, since, as envisaged in the XCON framework ([RFC5239]), sidebars are always created by cloning the main conference. Any "sidebarByRefInfo" included in the request MUST be ignored. If the creation of the sidebar is successful, the conference server MUST update the "sidebars-by-ref" element in the conference object from which the sidebar was created (i.e., as identified by the "confObjID" in the original sidebarByRef request), with the URI for the newly created sidebar. The newly created conference object MAY be included in the response in the "sidebarByRefInfo" parameter with a "response- code" "success". The URI for the conference object associated with the newly created sidebar object MUST appear in the "confObjID" parameter of the response. The conference server can notify any conferencing clients that have subscribed to the conference event package, and are authorized to receive the notifications, of the addition of the sidebar to the conference. In the case of a "sidebarByRef" request with an operation of "retrieve", the URI for the conference object created for the sidebar MUST be included in the "confObjID" parameter in the request. A "retrieve" operation on the "sidebarByRefInfo" is handled by the conference server in the same manner as a "retrieve" operation on the confInfo included in a confRequest message as detailed in Section 6.3.4. In the case of a "sidebarByRef" request with an operation of "update", the URI for the conference object created for the sidebar MUST be included in the "confObjID" parameter in the request. The "sidebarByRefInfo" MUST also be included in the request in the case of an "operation" of "update". An "update" operation on the "sidebarByRefInfo" is handled by the conference server in the same manner as an "update" operation on the confInfo included in a confRequest message as detailed in Section 6.3.4. The "version" parameter contained in the response is related to the current version of the conference object associated with the sidebar referenced by Barnes, et al. Expires June 27, 2010 [Page 45] Internet-Draft CCMP December 2009 the "confObjId" parameter of the request. If an "operation" of "delete" is included in the sidebarByRef request, the "sidebarByRefInfo" parameter MUST NOT be included in the request. Any "sidebarByRefInfo" included in the request MUST be ignored by the conference server. The URI for the conference object for the sidebar MUST be included in the "confObjID" parameter in the request. If the specific conferencing user as reflected by the "confUserID" in the request is authorized to delete the conference, the conference server SHOULD delete the conference object reflected by the "confObjID" parameter and SHOULD update the "sidebars-by-ref" element in the conference object from which the sidebar was originally cloned. The conference server can notify any conferencing clients that have subscribed to the conference event package, and are authorized to receive the notifications, of the deletion of the sidebar. Barnes, et al. Expires June 27, 2010 [Page 46] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 47] Internet-Draft CCMP December 2009 Figure 16: Structure of the sidebarByRefRequest and sidebarByRefResponse messages 6.4. CCMP Response Codes All CCMP response messages MUST include a "response-code". The following summarizes the CCMP response codes: success: Successful completion of the requested operation. badRequest: Syntactically malformed request. objectNotFound: Target conference object missing at the server (it refers to the "confObjID" parameter in the generic request message) userNotFound: Target user missing at the server (it is related to the XCON-USERID in the "entity" attribute of the "userInfo" parameter when it is included in userRequests) invalidConfUserID: User missing at the server (this code is returned in the case of requests in which the "confUserID" of the sender is invalid). invalidPassword: Target conference object's password contained in the request is wrong. passwordRequired: Conference password missing in a request to access a password-protected conference object. unauthorized: User not allowed to perform the required operation. forbidden: Operation not allowed (e.g., cancellation of a blueprint). forbiddenDeleteParent: Cancel operation failed since the target object is a parent of child objects which depend on it, or because it effects, based on the "parent-enforceable" mechanism, the corresponding element in a child object. forbiddenChangeProtected: Update refused by the server because the target element cannot be modified due to its implicit dependence on the value of a parent object ("parent-enforceable" mechanism). requestTimeout: The time required to serve the request has exceeded the envisaged service threshold. Barnes, et al. Expires June 27, 2010 [Page 48] Internet-Draft CCMP December 2009 serverInternalError: The server cannot complete the required service due to a system internal error. notImplemented: Operation envisaged in the protocol, but not implemented in the contacted server. updateFailed: A generic error in the case that a requested "update" cannot be successfully completed by the server. An example is when the modification of an object cannot be applied due to conflicts arising at the server's side (e.g. because the client version of the object is an obsolete one and the requested modifications collide with the up-to-date state of the object stored at the server). The handling of a "response-code" of "objectNotFound", "userNotFound", "deleteParentFailed" and "changeFailedProtected" are only applicable to specific operations for specialized message responses and the details are provided in Section 6.3. The following table summarizes these response codes and the specialized message and operation to which they are applicable: +---------------+------------+------------+------------+------------+ | Response code | Create | Retrieve | Update | Delete | +---------------+------------+------------+------------+------------+ | updateFailed | N/A | N/A | All update | N/A | | | | | requests | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | objectNotFoun | userReques | All | All update | All delete | | d | t, | retrieve | requests | requests | | | sidebarBy | requests, | | | | | ValRequest | EXCEPT: | | | | | sidebars | blueprints | | | | | ByRefReque | Request, | | | | | st | confsRequ | | | | | | est | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | userNotFound | userReques | userReques | userReques | userReques | | | t(3rd part | t | t | t | | | yinvite | | | | | | with thir | | | | | | duser | | | | | | entity) | | | | | | (*) | | | | | | | | | | Barnes, et al. Expires June 27, 2010 [Page 49] Internet-Draft CCMP December 2009 | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | invalidConfUs | All create | All | All update | All delete | | erID | requests, | retrieve | requests | requests | | | EXCEPT: | requests | | | | | userReques | | | | | | twith no | | | | | | confUserI | | | | | | D(**) | | | | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | forbiddenDele | N/A | N/A | N/A | All delete | | teParent | | | | request | | | | | | | | ------------- | ---------- | ---------- | ---------- | ---------- | | | | | | | | forbiddenChan | N/A | N/A | All update | N/A | | geProtected | | | requests | | +---------------+------------+------------+------------+------------+ Table 2: Response codes and associated operations (*) "userNotFound" in answer to a "userRequest/create" operation: in the case of a third-party invite, this code can be returned if the "confUserID" (contained in the "entity" attribute of the "userInfo" parameter) of the user to be added is unknown. In the case above, if instead it is the "confUserID" of the sender of the request that is invalid, an "invalidConfUserID" error code is returned to the client. (**) "invalidConfUserID" is not sent in answers to "userRequest/ create" messages having a "null" confUserID, since this case is associated with a user who is unaware of his own XCON-USERID, but wants to enter a known conference. In the case of a response code of "requestTimeout", a conferencing client MAY re-attempt the request within a period of time that would be specific to a conference control client or conference control server. A response code of "badRequest" indicates that the conference control client sent a malformed request, which is indicative of an error in the conference control client or in the conference control server. The handling is specific to the conference control client implementation (e.g., generate a log, display an error message, etc.). It is NOT RECOMMENDED that the client re-attempt the request in this case. Barnes, et al. Expires June 27, 2010 [Page 50] Internet-Draft CCMP December 2009 Response codes such as "unauthorized" and "forbidden" indicate the client does not have the appropriate permissions, or there is an error in the permissions: re-attempting the request would likely not succeed and thus it is NOT RECOMMENDED. Any unexpected or unknown "response-code" SHOULD be treated by the client in the same manner as a "serverInternalError" "response-code", the handling of which is specific to the conference control client implementation. Barnes, et al. Expires June 27, 2010 [Page 51] Internet-Draft CCMP December 2009 7. A complete example of the CCMP in action In this section a typical scenario in which the CCMP comes into play is described, by showing the actual composition of the various CCMP messages. In the call flows of the example, the Conference Control Client is a CCMP-enabled client, whereas the Conference Control Server is a CCMP-enabled server. The "confUserID" of the client, Alice, is "xcon-userid:Alice@example.com" and appears in all requests. The sequence of operations is as follows: 1. Alice retrieves from the server the list of available blueprints (Section 7.1); 2. Alice asks for detailed information about a specific blueprint (Section 7.2); 3. Alice decides to create a new conference by cloning the retrieved blueprint (Section 7.3); 4. Alice modifies information (e.g. XCON-URI, name, description) associated with the newly created blueprint (Section 7.4); 5. Alice specifies a list of users to be contacted when the conference is activated (Section 7.5); 6. Alice joins the conference (Section 7.6); 7. Alice lets a new user, Ciccio, (whose "confUserID" is "xcon-userid:Ciccio@example.com") join the conference (Section 7.7). Note, the examples do not include any details beyond the basic operation. In the following sections we deal with each of the above mentioned actions separately. 7.1. Alice retrieves the available blueprints This section illustrates the transaction associated with retrieval of the blueprints, together with a dump of the two messages exchanged ("blueprintsRequest" and "blueprintsResponse"). As it comes out from the figure, the "blueprintsResponse" message contains, in the "blueprintsInfo" parameter, information about the available blueprints, in the form of the standard XCON-URI of the blueprint, plus additional (and optional) information, like its display-text and purpose. Barnes, et al. Expires June 27, 2010 [Page 52] Internet-Draft CCMP December 2009 Alice retrieves from the server the list of available blueprints: CCMP Client CCMP Server | | | CCMP blueprintsRequest message | | - confUserID: Alice | | - confObjID: (null) | |------------------------------------------------------>| | | | CMP blueprintsResponse message | | - confUserID: Alice | | - confObjID: (null) | | - response-code: success | | - blueprintsInfo: bp123,bp124,.. | |<------------------------------------------------------| | | . . . . 1. blueprintsRequest message: xcon-userid:Alice@example.com 2. blueprintsResponse message form the server: xcon-userid:Alice@example.com success Barnes, et al. Expires June 27, 2010 [Page 53] Internet-Draft CCMP December 2009 xcon:AudioRoom@example.com AudioRoom Simple Room: conference room with public access, where only audio is available, more users can talk at the same time and the requests for the AudioFloor are automatically accepted. xcon:VideoRoom@example.com VideoRoom Video Room: conference room with public access, where both audio and video are available, 8 users can talk and be seen at the same time, and the floor requests are automatically accepted. xcon:AudioConference1@example.com AudioConference1 Public Audio Conference: conference with public access, where only audio is available, only one user can talk at the same time, and the requests for the AudioFloor MUST be accepted by a Chair. xcon:VideoConference1@example.com VideoConference1 Public Video Conference: conference where both audio and video are available, only one user can talk xcon:AudioConference2@example.com AudioConference2 Basic Audio Conference: conference with private access, where only audio is available, only one user can talk at the same time, and the requests for the AudioFloor MUST Barnes, et al. Expires June 27, 2010 [Page 54] Internet-Draft CCMP December 2009 be accepted by a Chair. Figure 17: Getting blueprints from the server 7.2. Alice gets detailed information about a specific blueprint This section illustrates the second transaction in the overall flow. In this case, Alice, who now knows the XCON-URIs of the blueprints available at the server, makes a drill-down query, in the form of a CCMP "blueprintRequest" message, to get detailed information about one of them (the one called with XCON-URI "xcon:AudioRoom@example.com"). The picture shows such transaction. Notice that the response contains, in the "blueprintInfo" parameter, a document compliant with the standard XCON data model. Alice retrieves detailed information about a specified blueprint: CCMP Client CCMP Server | | | CCMP blueprintRequest message | | - confUserID: Alice | | - confObjID: bp123 | | - operation: retrieve | | - blueprintInfo: (null) | |------------------------------------------------------>| | | | CCMP blueprintResponse message | | - confUserID: Alice | | - confObjID: bp123 | | - operation: retrieve | | - response-code: success | | - blueprintInfo: bp123Info | |<------------------------------------------------------| | | . . . . Barnes, et al. Expires June 27, 2010 [Page 55] Internet-Draft CCMP December 2009 1. blueprintRequest message: xcon-userid:Alice@example.com xcon:AudioRoom@example.com retrieve 2. blueprintResponse message form the server: xcon-userid:Alice@example.com xcon:AudioRoom@example.com retrieve success AudioRoom 2 audio allow confirm Barnes, et al. Expires June 27, 2010 [Page 56] Internet-Draft CCMP December 2009 Figure 18: Getting info about a specific blueprint 7.3. Alice creates a new conference through a cloning operation This section illustrates the third transaction in the overall flow. Alice decides to create a new conference by cloning the blueprint having XCON-URI "xcon:AudioRoom@example.com", for which she just retrieved detailed information through the "blueprintRequest" message. This is achieved by sending a "confRequest/create" message having the blueprint's URI in the "confObjID" parameter. The picture shows such transaction. Notice that the response contains, in the "confInfo" parameter, the document associated with the newly created conference, which is compliant with the standard XCON data model. The "confObjID" in the response is set to the XCON-URI of the new conference (in this case, "xcon:8977794@example.com"). We also notice that this value is equal to the value of the "entity" attribute of the element of the document representing the newly created conference object. Alice creates a new conference by cloning the "xcon:AudioRoom@example.com" blueprint: CCMP Client CCMP Server | | | CCMP confRequest message | | - confUserID: Alice | | - confObjID: AudioRoom | | - operation: create | | - confInfo: (null) | |------------------------------------------------------>| | | | CCMP confResponse message | | - confUserID: Alice | | - confObjID: newConfId | | - operation: create | | - response-code: success | Barnes, et al. Expires June 27, 2010 [Page 57] Internet-Draft CCMP December 2009 | - version: 1 | | - confInfo: newConfInfo | |<------------------------------------------------------| | | . . . . 1. confRequest message: xcon-userid:Alice@example.com xcon:AudioRoom@example.com create 2. confResponse message from the server: xcon-userid:Alice@example.com xcon:8977794@example.com create success 1 New conference by Alice cloned from AudioRoom Barnes, et al. Expires June 27, 2010 [Page 58] Internet-Draft CCMP December 2009 xcon:8977794@example.com conference xcon-uri 8601 10 audio allow confirm Figure 19: Creating a new conference by cloning a blueprint 7.4. Alice updates conference information This section illustrates the fourth transaction in the overall flow. Alice decides to modify some of the details associated with the conference she just created. More precisely, she changes the element under the element of the document representing the conference. This is achieved through a "confRequest/update" message carrying the fragment of the conference document to which the required changes have to be applied. As shown in the picture, the response contains a code of "success", which Barnes, et al. Expires June 27, 2010 [Page 59] Internet-Draft CCMP December 2009 acknowledges the modifications requested by the client, at the same time updating the conference version number from 1 to 2, as reflected in the "version" parameter. Alice updates information about the conference she just created: CCMP Client CCMP Server | | | CCMP confRequest message | | - confUserID: Alice | | - confObjID: 8977794 | | - operation: update | | - confInfo: confUpdates | |------------------------------------------------------>| | | | CCMP confResponse message | | - confUserID: Alice | | - confObjID: 8977794 | | - operation: update | | - response-code: success | | - version: 2 | | - confInfo: (null) | |<------------------------------------------------------| | | . . . . 1. confRequest message: xcon-userid:Alice@example.com xcon:8977794@example.com update Barnes, et al. Expires June 27, 2010 [Page 60] Internet-Draft CCMP December 2009 Alice's conference 2. confResponse message form the server: xcon-userid:Alice@example.com xcon:8977794@example.com update success 2 Figure 20: Updating conference information 7.5. Alice inserts a list of users in the conference object This section illustrates the fifth transaction in the overall flow. Alice modifies the under the element in the document associated with the conference she created. To the purpose, she exploits the "usersRequest" message provided by the CCMP. The picture below shows the transaction. Alice updates information about the list of users to whom access to the conference is permitted: CCMP Client CCMP Server | | | CCMP usersRequest message | | - confUserID: Alice | Barnes, et al. Expires June 27, 2010 [Page 61] Internet-Draft CCMP December 2009 | - confObjID: 8977794 | | - operation: update | | - usersInfo: usersUpdates | |------------------------------------------------------>| | | | CCMP usersResponse message | | - confUserID: Alice | | - confObjID: 8977794 | | - operation: update | | - response-code: success | | - version: 3 | | - usersInfo: (null) | |<------------------------------------------------------| | | . . . . 1. usersRequest message: xcon-userid:Alice@example.com xcon:8977794@example.com update 2. usersResponse message form the server: Barnes, et al. Expires June 27, 2010 [Page 62] Internet-Draft CCMP December 2009 xcon-userid:Alice@example.com xcon:8977794@example.com update success 3 Figure 21: Updating the list of allowed users for the conference 'xcon:8977794@example.com' 7.6. Alice joins the conference This section illustrates the sixth transaction in the overall flow. Alice uses the CCMP to add herself to the newly created conference. This is achieved through a "userRequest/create" message containing, in the "userInfo" parameter, a element compliant with the XCON data model representation. Notice that such element includes information about the user's Address of Records, as well as her current end-point. The picture below shows the transaction. Notice how the "confUserID" parameter is equal to the "entity" attribute of the element, which indicates that the request issued by the client is a first-party one. Alice joins the conference by issuing a "userRequest/create" message with her own id to the server: CCMP Client CCMP Server | | | CCMP userRequest message | | - confUserID: Alice | | - confObjID: 8977794 | | - operation: create | | - userInfo: AliceUserInfo | |------------------------------------------------------>| | | | CCMP userResponse message | Barnes, et al. Expires June 27, 2010 [Page 63] Internet-Draft CCMP December 2009 | - confUserID: Alice | | - confObjID: 8977794 | | - operation: create | | - response-code: success | | - version: 4 | | - userInfo: (null) | |<------------------------------------------------------| | | . . . . 1. userRequest message: xcon-userid:Alice@example.com xcon:8977794@example.com create mailto:Alice83@example.com email 2. userResponse message form the server: xcon-userid:Alice@example.com xcon:8977794@example.com create success 4 Figure 22: Alice joins the conference through the CCMP 7.7. Alice adds a new user to the conference This section illustrates the seventh and last transaction in the overall flow. Alice uses the CCMP to add a new user to the conference. This is achieved through a "userRequest/create" message containing, in the "userInfo" parameter, a element compliant with the XCON data model representation. Notice that such element includes information about the user's Address of Records, as well as his current end-point. The picture below shows the transaction. Notice how the "confUserID" parameter in the request is Alice's id, whereas the element has no "entity" attribute and contains information about a different user, thus indicating that the request issued by the client is a third-party one. This is also reflected in the response coming from the server, which this time contains a "confUserID" parameter representing the conference user id of the user just added to the conference with Alice's third-party request. This section illustrates the seventh and last transaction in the overall flow. Alice uses the CCMP to add a new user, Ciccio, to the conference. This "third-party" request is realized through a "userRequest/create" message containing, in the "userInfo" parameter, a element compliant with the XCON data model representation. Notice that such element includes information about Ciccio's Address of Records, as well as his current end-point, but has no "entity" attribute, since such information is unknown to Alice, in this example. Thus, the server is in charge of: (i) generating a new xcon-userid for the user indicated by Alice; (ii) returning it in the "entity" attribute of the "userInfo" parameter carried in the response; (iii) adding the user to the conference. The picture below shows the transaction. Alice adds user "Ciccio" to the conference by issuing a third-party "userRequest/create" message to the server: Barnes, et al. Expires June 27, 2010 [Page 65] Internet-Draft CCMP December 2009 CCMP Client CCMP Server | | | CCMP userRequest message | | - confUserID: Alice | | - confObjID: 8977794 | | - operation: create | | - userInfo: CiccioUserInfo(without "entity") | |------------------------------------------------------>| | | | CCMP userResponse message | | - confUserID: Ciccio | | - confObjID: 8977794 | | - operation: create | | - response-code: success | | - version: 5 | | - userInfo: CiccioUserInfo | | (with "entity") | |<------------------------------------------------------| | | . . . . 1. "third party" userRequest message from Alice: xcon-userid:Alice@example.com xcon:8977794@example.com create mailto:Ciccio@example.com email Barnes, et al. Expires June 27, 2010 [Page 66] Internet-Draft CCMP December 2009 2. "third party" userResponse message form the server: xcon-userid:Alice@example.com xcon:8977794@example.com create success 5 Figure 23: Alice adds a new user to the conference through the CCMP Barnes, et al. Expires June 27, 2010 [Page 67] Internet-Draft CCMP December 2009 8. Locating a Conference Control Server If a conference control client is not pre-configured to use a specific conference control server for the requests, the client MUST first discover the conference control server before it can send any requests. The result of the discovery process, is the address of the server supporting conferencing. In this document, the result is an http: or https: URI, which identifies a conference server. This document proposes the use of DNS to locate the conferencing server. U-NAPTR resolution for conferencing takes a domain name as input and produces a URI that identifies the conferencing server. This process also requires an Application Service tag and an Application Protocol tag, which differentiate conferencing-related NAPTR records from other records for that domain. Section 13.4.1 defines an Application Service tag of "XCON", which is used to identify the centralized conferencing (XCON) server for a particular domain. The Application Protocol tag "CCMP", defined in Section 13.4.2, is used to identify an XCON server that understands the CCMP protocol. The NAPTR records in the following example Figure 24 demonstrate the use of the Application Service and Protocol tags. Iterative NAPTR resolution is used to delegate responsibility for the conferencing service from "zonea.example.com." and "zoneb.example.com." to "outsource.example.com.". zonea.example.com. ;; order pref flags IN NAPTR 100 10 "" "XCON:CCMP" ( ; service "" ; regex outsource.example.com. ; replacement ) zoneb.example.com. ;; order pref flags IN NAPTR 100 10 "" "XCON:CCMP" ( ; service "" ; regex outsource.example.com. ; replacement ) outsource.example.com. ;; order pref flags IN NAPTR 100 10 "u" "XCON:CCMP" ( ; service "!*.!https://confs.example.com/!" ; regex . ; replacement ) Barnes, et al. Expires June 27, 2010 [Page 68] Internet-Draft CCMP December 2009 Figure 24: Sample XCON:CCMP Service NAPTR Records Details for the "XCON" Application Service tag and the "CCMP" Application Protocol tag are included in Section 13.4. Barnes, et al. Expires June 27, 2010 [Page 69] Internet-Draft CCMP December 2009 9. Managing Notifications In cases where the conference control client uses SIP [RFC3261] as the signaling protocol to participate in the conference, SIP event notification can be used. This would REQUIRE the conference control client to implement the Conference event package for XCON [I-D.ietf-xcon-event-package]. This is the default mechanism for conferencing clients as is SIP for signaling per the XCON Framework [RFC5239]. In the case where the interface to the conference server is entirely web based, there is a common mechanism for web-based systems that could be used - a "call back". With this mechanism, the conference client provides the conference server with an HTTP URL which is invoked when a change occurs. This is a common implementation mechanism for e-commerce. This works well in the scenarios whereby the conferencing client is a web server that provides the graphical HTML user interface and uses CCMP as the backend interface to the conference server. And, this model can co-exist with the SIP event notification model. PC-based clients behind NATs could provide a SIP event URI, whereas web servers would probably find the HTTP model much easier to program. The details of this approach are out of scope for the CCMP per se, thus the expectation is that a future specification will document this solution. Barnes, et al. Expires June 27, 2010 [Page 70] Internet-Draft CCMP December 2009 10. HTTP Transport This section describes the use of HTTP [RFC2616] and HTTP Over TLS [RFC2818] as transport mechanisms for the CCMP protocol, which a conforming conference Server and Conferencing client MUST support. Although CCMP uses HTTP as a transport, it uses a strict subset of HTTP features, and due to the restrictions of some features, a conferencing server may not a fully compliant HTTP server. It is intended that a conference server can easily be built using an HTTP server with extensibility mechanisms, and that a conferencing client can trivially use existing HTTP libraries. This subset of requirements helps implementors avoid ambiguity with the many options the full HTTP protocol offers. A conferencing client that conforms to this specification is not required to support HTTP authentication [RFC2617] or cookies [RFC2965]. These mechanism are unnecessary because CCMP requests carry their own authentication information (in the "confUserID" and "password" fields; see Section 6.1). A CCMP request is carried in the body of an HTTP POST request. The conferencing client MUST include a Host header in the request. The MIME type of CCMP request and response bodies is "application/ ccmp+xml". The conference server and conferencing client MUST provide this value in the HTTP Content-Type and Accept header fields. If the conference server does not receive the appropriate Content- Type and Accept header fields, the conference server SHOULD fail the request, returning a 406 (not acceptable) response. CCMP responses SHOULD include a Content-Length header. Conferencing clients MUST NOT use the "Expect" header or the "Range" header in CCMP requests. The conference server MAY return 501 (not implemented) errors if either of these HTTP features are used. In the case that the conference server receives a request from the conferencing client containing a If-* (conditional) header, the conference server SHOULD return a 412 (precondition failed) response. The POST method is the only method REQUIRED for CCMP. If a conference server chooses to support GET or HEAD, it SHOULD consider the kind of application doing the GET. Since a conferencing client only uses a POST method, the GET or HEAD MUST be either an escaped URL (e.g., somebody found a URL in protocol traces or log files and fed it into their browser) or somebody doing testing/ debugging. The conference server could provide information in the CCMP response indicating that the URL corresponds to a conference server and only responds to CCMP POST requests or the conference server could instead Barnes, et al. Expires June 27, 2010 [Page 71] Internet-Draft CCMP December 2009 try to avoid any leak of information by returning a very generic HTTP error message such as 405 (method not allowed). The conference server populates the HTTP headers of responses so that they are consistent with the contents of the message. In particular, the "CacheControl" header SHOULD be set to disable caching of any conference information by HTTP intermediaries. Otherwise, there is the risk of stale information and/or the unauthorized disclosure of the information. The HTTP status code MUST indicate a 2xx series response for all CCMP Response and Error messages. The conference server MAY redirect a CCMP request. A conferencing client MUST handle redirects, by using the Location header provided by the server in a 3xx response. When redirecting, the conferencing client MUST observe the delay indicated by the Retry-After header. The conferencing client MUST authenticate the server that returns the redirect response before following the redirect. A conferencing client SHOULD authenticate the conference server indicated in a redirect. The conference server SHOULD support persistent connections and request pipelining. If pipelining is not supported, the conference server MUST NOT allow persistent connections. The conference server MUST support termination of a response by the closing of a connection. Implementations of CCMP that implement HTTP transport MUST implement transport over TLS [RFC2818]. TLS provides message integrity and confidentiality between the conference control client and the conference control server. The conferencing client MUST implement the server authentication method described in HTTPS [RFC2818]. The device uses the URI obtained during conference server discovery to authenticate the server. The details of this authentication method are provided in section 3.1 of HTTPS [RFC2818]. When TLS is used, the conferencing client SHOULD fail a request if server authentication fails. Barnes, et al. Expires June 27, 2010 [Page 72] Internet-Draft CCMP December 2009 11. Security Considerations As identified in the XCON framework [RFC5239], there are a wide variety of potential attacks related to conferencing, due to the natural involvement of multiple endpoints and the capability to manipulate the data on the conference server using CCMP. Examples of attacks include the following: an endpoint attempting to listen to conferences in which it is not authorized to participate, an endpoint attempting to disconnect or mute other users, and theft of service by an endpoint in attempting to create conferences it is not allowed to create. The following summarizes the security considerations for CCMP: 1. The client MUST determine the proper conference server. The conference server discovery is described in Section 8. 2. The client MUST connect to the proper conference server. The mechanisms for addressing this security consideration are described in Section 11.1. 3. The protocol MUST support a confidentiality and integrity mechanism. As described in Section 10, implementations of CCMP MUST implement the HTTP transport over TLS [RFC2818]. 4. There are security issues associated with the authorization to perform actions on the conferencing system to invoke specific capabilities. A conference server SHOULD ensure that only authorized entities can manipulate the conference data. The mechanisms for addressing this security consideration are described in Section 11.2. 5. The privacy and security of the identity of a user in the conference MUST be assured. The mechanisms to ensure the security and privacy of identity are discussed in Section 11.3. 6. A final issue is related to Denial of Service (DoS) attacks on the conferencing server itself. In order to minimize the potential for DoS attacks, it is RECOMMENDED that conferencing systems require user authentication and authorization for any client participating in a conference. This can be accomplished through the use of the mechanisms described in Section 11.2, as well as by using the security mechanisms associated with the specific signaling (e.g., SIPS) and media protocols (e.g., SRTP). Barnes, et al. Expires June 27, 2010 [Page 73] Internet-Draft CCMP December 2009 11.1. Assuring that the Proper Conferencing Server has been contacted When the CCMP transaction is conducted using TLS [RFC5246], the conference server can authenticate its identity, either as a domain name or as an IP address, to the conference client by presenting a certificate containing that identifier as a subjectAltName (i.e., as an iPAddress or dNSName, respectively). With the use of HTTP as a transport for CCMP, this is exactly the authentication described by TLS [RFC2818]. If the client has external information as to the expected identity or credentials of the proper conference server (e.g., a certificate fingerprint), these checks MAY be omitted. Any implementation of CCMP MUST be capable of being transacted over TLS so that the client can request the above authentication, and a conference server implementation MUST include this feature. Note that in order for the presented certificate to be valid at the client, the client must be able to validate the certificate. In particular, the validation path of the certificate must end in one of the client's trust anchors, even if that trust anchor is the conference server certificate itself. 11.2. User Authentication and Authorization Many policy authorization decisions are based on the identity of the user or the role that a user may have. The conferencing server MUST implement mechanisms for authentication of users to validate their identity. There are several ways that a user might authenticate its identity to the system. For users joining a conference using one of the call signaling protocols, the user authentication mechanisms for the specific protocol can be used. For the case of users joining the conference using the CCMP, TLS is RECOMMENDED. The XCON Framework [RFC5239] provides an overview of other authorization mechanisms. In the cases where a user is authorized via multiple mechanisms, it is RECOMMENDED that the conference server correlate the authorization of the CCMP interface with other authorization mechanisms - e.g., PSTN users that join with a PIN and control the conference using CCMP. When a conference server presents the identity of authorized users, it MAY provide information about the way the identity was proven or verified by the system. A conference server can also allow a completely unauthenticated user into the system - this information SHOULD also be communicated to interested parties. Once a user is authenticated and authorized through the various mechanisms available on the conference server, the conference server MUST allocate a conference user identifier (XCON-USERID) and SHOULD associate the XCON-USERID with any signaling specific user identifiers that were used for authentication and authorization. Barnes, et al. Expires June 27, 2010 [Page 74] Internet-Draft CCMP December 2009 This XCON-USERID can be provided to a specific user through the conference notification interface and MUST be provided to users that interact with the conferencing system using the CCMP (i.e., in the appropriate CCMP response messages). This conference user identifier is REQUIRED for any subsequent operations on the conference object. 11.3. Security and Privacy of Identity An overview of the required privacy and anonymity for users of a conferencing system are provided in the XCON Framework [RFC5239]. The security of the identity in the form of the XCON-USERID is provided in the CCMP protocol through the use of TLS. The conference server SHOULD provide mechanisms to ensure the privacy of the XCON-USERID. This is accomplished by the conference client manipulation of the "provide-anonymity" element defined in the XCON data model ([I-D.ietf-xcon-common-data-model]. The "provide- anonymity" element controls the degree to which a user reveals their identity. The conference client MUST set the "provide-anonymity" element to "hidden" if the user does not want other participants to even be aware that there is an additional participant in the conference. The conference client MUST set the "provide-anonymity" field to "private" if the user wants to be entirely "anonymous" (i.e., other participants are aware that there is another participant, but have no information as to their identity). The conference client MUST set the "provide-anonymity" field to "semi- private" if their identity is only to be revealed to other participants or users that have a higher level authorization (e.g., a conferencing system can be configured such that an administrator can see all users). To provide the required privacy, the conference client SHOULD include the "provide-anonymity" element in the "confInfo" parameter in a CCMP confRequest message with an "update" or "create" operation or in the "userInfo" parameter in a CCMP userRequest message with an "update" or "create" operation, to ensure the user is provided the appropriate level of privacy. If the "provide-anonymity" element is not included in the conference object, then other users can see the participant's identity. Barnes, et al. Expires June 27, 2010 [Page 75] Internet-Draft CCMP December 2009 12. XML Schema This section provides the XML schema definition of the "application/ ccmp+xml" format. Barnes, et al. Expires June 27, 2010 [Page 76] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 77] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 78] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 79] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 80] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 81] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 82] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 83] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 84] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 85] Internet-Draft CCMP December 2009 Barnes, et al. Expires June 27, 2010 [Page 86] Internet-Draft CCMP December 2009 Figure 25 Barnes, et al. Expires June 27, 2010 [Page 87] Internet-Draft CCMP December 2009 13. IANA Considerations This document registers a new XML namespace, a new XML schema, and the MIME type for the schema. This document also registers the "XCON" Application Service tag and the "CCMP" Application Protocol tag. This document also defines registries for the CCMP operation types and response codes. 13.1. URN Sub-Namespace Registration This section registers a new XML namespace, ""urn:ietf:params:xml:ns:xcon:ccmp"". URI: "urn:ietf:params:xml:ns:xcon:ccmp" Registrant Contact: IETF, XCON working group, (xcon@ietf.org), Mary Barnes (mary.barnes@nortel.com). XML: BEGIN CCMP Messages

Namespace for CCMP Messages

urn:ietf:params:xml:ns:xcon:ccmp

[[NOTE TO IANA/RFC-EDITOR: Please update RFC URL and replace XXXX with the RFC number for this specification.]]

See RFCXXXX.

END 13.2. XML Schema Registration This section registers an XML schema as per the guidelines in [RFC3688]. Barnes, et al. Expires June 27, 2010 [Page 88] Internet-Draft CCMP December 2009 URI: urn:ietf:params:xml:schema:xcon:ccmp Registrant Contact: IETF, XCON working group, (xcon@ietf.org), Mary Barnes (mary.barnes@nortel.com). Schema: The XML for this schema can be found as the entirety of Section 12 of this document. 13.3. MIME Media Type Registration for 'application/ccmp+xml' This section registers the "application/ccmp+xml" MIME type. To: ietf-types@iana.org Subject: Registration of MIME media type application/ccmp+xml MIME media type name: application MIME subtype name: ccmp+xml Required parameters: (none) Optional parameters: charset Indicates the character encoding of enclosed XML for which the default is UTF-8. Encoding considerations: Uses XML, which can employ 8-bit characters, depending on the character encoding used. See RFC 3023 [RFC3023], section 3.2. Security considerations: This content type is designed to carry protocol data related conference control. Some of the data could be considered private and thus should be protected. Interoperability considerations: None. Published specification: RFC XXXX [[NOTE TO IANA/RFC-EDITOR: Please replace XXXX with the RFC number for this specification.]] Applications which use this media type: Centralized Conferencing control clients and servers. Additional Information: Magic Number(s): (none) File extension(s): .xml Macintosh File Type Code(s): (none) Barnes, et al. Expires June 27, 2010 [Page 89] Internet-Draft CCMP December 2009 Person & email address to contact for further information: Mary Barnes Intended usage: LIMITED USE Author/Change controller: The IETF Other information: This media type is a specialization of application/xml [RFC3023], and many of the considerations described there also apply to application/ccmp+xml. 13.4. DNS Registrations Section 13.4.1 defines an Application Service tag of "XCON", which is used to identify the centralized conferencing (XCON) server for a particular domain. The Application Protocol tag "CCMP", defined in Section 13.4.2, is used to identify an XCON server that understands the CCMP protocol. 13.4.1. Registration of a Conference Control Server Application Service Tag This section registers a new S-NAPTR/U-NAPTR Application Service tag for XCON, as mandated by [RFC3958]. Application Service Tag: XCON Intended usage: Identifies a server that supports centralized conferencing. Defining publication: RFCXXXX Contact information: The authors of this document Author/Change controller: The IESG 13.4.2. Registration of a Conference Control Server Application Protocol Tag for CCMP This section registers a new S-NAPTR/U-NAPTR Application Protocol tag for the CCMP protocol, as mandated by [RFC3958]. Application Service Tag: CCMP Intended Usage: Identifies the Centralized Conferencing (XCON) Manipulation Protocol. Applicable Service Tag(s): XCON Barnes, et al. Expires June 27, 2010 [Page 90] Internet-Draft CCMP December 2009 Terminal NAPTR Record Type(s): U Defining Publication: RFCXXXX Contact Information: The authors of this document Author/Change Controller: The IESG 13.5. CCMP Protocol Registry This document requests that the IANA create a new registry for the CCMP protocol including an initial registry for operation types and response codes. 13.5.1. CCMP Message Types The CCMP messages are described in Section 5.1 and defined in the XML schema in Section 12. The following summarizes the requested registry: Related Registry: CCMP Message Types Registry Defining RFC: RFC XXXX [NOTE TO IANA/RFC-EDITOR: Please replace XXXX with the RFC number for this specification.] Registration/Assignment Procedures: New CCMP message types are allocated on a specification required basis. Registrant Contact: IETF, XCON working group, (xcon@ietf.org), Mary Barnes (mary.barnes@nortel.com). This section pre-registers the following initial CCMP message types: blueprintsRequest: Used by a conference control client to query a conferencing system for its capabilities, in terms of available conference blueprints. blueprintsResponse: The blueprintsResponse returns a list of blueprints supported by the specific conference server. confsRequest: Used by a conference control client to query a conferencing system for its scheduled/active conferences. confsResponse: The "confsResponse" returns the list of the currently activated/scheduled conferences at the server. Barnes, et al. Expires June 27, 2010 [Page 91] Internet-Draft CCMP December 2009 confRequest: The "confRequest" is used to create a conference object and/or to request an operation on the conference object as a whole. confResponse: The "confResponse" indicates the result of the operation on the conference object as a whole. userRequest: The "userRequest" is used to request an operation on the "user" element in the conference object. userResponse: The "userResponse" indicates the result of the requested operation on the "user" element in the conference object. usersRequest This "usersRequest" is used to manipulate the "users" element in the conference object, including parameters such as the "allowed-users-list", "join-handling", etc. usersResponse: This "usersResponse" indicates the result of the request to manipulate the "users" element in the conference object. sidebarRequest: This "sidebarRequest" is used to retrieve the information related to a sidebar or to create, change or delete a specific sidebar. sidebarResponse: This "sidebarResponse" indicates the result of the sidebarRequest. 13.5.2. CCMP Response Codes The following summarizes the requested registry for CCMP Response codes: Related Registry: CCMP Response Code Registry Defining RFC: RFC XXXX [NOTE TO IANA/RFC-EDITOR: Please replace XXXX with the RFC number for this specification.] Registration/Assignment Procedures: New response codes are allocated on a first-come/first-serve basis with specification required. Registrant Contact: IETF, XCON working group, (xcon@ietf.org), Mary Barnes (mary.barnes@nortel.com). This section pre-registers the following thirteen initial response codes as described above in Section 5.1: Barnes, et al. Expires June 27, 2010 [Page 92] Internet-Draft CCMP December 2009 success: This code indicates that the request was successfully processed. updateFailed: This code indicates that a requested "update" cannot be successfully completed by the server. An example is when the modification of an object cannot be applied due to conflicts arising at the server's side (e.g. because the client version of the object is an obsolete one and the requested modifications collide with the up-to-date state of the object stored at the server). badRequest: This code indicates that the request was badly formed in some fashion. unauthorized: This code indicates that the user was not authorized for the specific operation on the conference object. forbidden: This code indicates that the specific operation is not valid for the target conference object. objectNotFound: This code indicates that the specific conference object was not found. userNotFound: This code is returned in answer to a "userRequest/ create" operation, in the case of a third-party invite, when the "confUserID" (contained in the "entity" attribute of the "userInfo" parameter) of the user to be added is unknown. invalidConfUserID: This code is returned in the case of requests in which the "confUserID" of the sender is invalid. invalidPassword: This code is returned in response to all requests wishing to access/manipulate a password-protected conference object, when the "password" parameter contained in the request is wrong. passwordRequired: This code is returned in response to all requests wishing to access/manipulate a password-protected conference object, when the "password" parameter is missing in the request. forbiddenDeleteParent: This code indicates that the conferencing system cannot delete the specific conference object because it is a parent for another conference object. forbiddenChangeProtected: This code indicates that the target conference object cannot be changed (e.g., due to policies, roles, privileges, etc.). Barnes, et al. Expires June 27, 2010 [Page 93] Internet-Draft CCMP December 2009 requestTimeout: This code indicates that the request could not be processed within a reasonable time, with the time specific to a conferencing system implementation. serverInternalError: This code indicates that the conferencing system experienced some sort of internal error. notImplemented: This code indicates that the specific operation is not implemented on that conferencing system. Barnes, et al. Expires June 27, 2010 [Page 94] Internet-Draft CCMP December 2009 14. Acknowledgments The authors appreciate the feedback provided by Dave Morgan, Pierre Tane, Lorenzo Miniero, Tobia Castaldi, Theo Zourzouvillys, Sean Duddy, Oscar Novo, Richard Barnes, Simo Veikkolainen and Yu Guo. Special thanks go to Roberta Presta for her invaluable contribution to this document. Roberta has worked on the specification of the CCMP protocol at the University of Napoli for the preparation of her Master thesis. She has also implemented the CCMP prototype used for the trials and from which the dumps provided in Section 7 have been extracted. Barnes, et al. Expires June 27, 2010 [Page 95] Internet-Draft CCMP December 2009 15. Changes since last Version NOTE TO THE RFC-Editor: Please remove this section prior to publication as an RFC. The following summarizes the changes between the WG 04 and the 05: 1. Added versioning. 2. Added string to response codes. 3. Removed "modified" response code. 4. Added filtering for conference info in responses. 5. Editorial clarifications and nits. The following summarizes the changes between the WG 03 and the 04: 1. Re-organized document based on feedback from Richard Barnes. 2. Editorial clarifications and nits, including those identified by Richard and Simo Veikkolainen. The following summarizes the changes between the WG 02 and the 03: 1. Clarified that the confUserID is optional in the generic CCMP request message for a userRequest with a "create" operation. 2. Added response-code (error cases) handling - a general section for each of the operations (as part of CCMP Response Code section), so we don't need to re-iterate for each of the messages and message specific cases as appropriate (e.g., deleteParentFailed, modified) 3. Moved "operation" parameter to be part of general CCMP request and response messages since it is used for more than one message type. And, it's necessary to define before describing the operation specific response-code handling. 4. Revised normative statements for the various protocol messages and operations - e.g., messages MUST include parameter x versus SHOULD, adding text for handling of cases where the SHOULDs don't happen and the SHOULD NOTs do. Added descriptions for all the operation types, as appropriate. 5. Added lots more details in the security section. Barnes, et al. Expires June 27, 2010 [Page 96] Internet-Draft CCMP December 2009 6. Added section to describe requirements for an HTTP implementation to support CCMP. 7. Updated section on notifications - XCON SIP event package is default, with some discussion of an HTTP callback mechanism (ffs). 8. Misc editorial nits: qualifying message names in the text, etc., etc., etc. The following summarizes the changes between the WG 01 and the 02: 1. Changed the basic approach from REST to HTTP as a transport. This impacted most of the document - i.e., a major rewrite - 02 is closer to 00 than the 01. 2. Added full example based on prototype. The following summarizes the changes between the WG 00 and the 01: 1. Changed the basic approach from using SOAP to REST - the fundamentals are the same in terms of schema, basic operations. This impacted most sections, in particular introduction and motivation. 2. Added new request types - blueprintsRequest, blueprintRequest and confsRequest. The first replaces the optionsRequest and the latter allows the client to get a list of all active conferences. 3. Merged all requests into the basic operations table. Added summary of RESTful examples (referenced by the basic operations table. 4. Added examples showing RESTful approach - i.e., HTTP methods for message exchange. 5. Removed requestID from the schema (it should be handle by the transport - e.g., HTTP). Updated schema (based on current prototype - it still needs another revision. 6. Added placeholders for Notifications and Role Based Access Control. 7. Added some text for discovery using DNS (including IANA registrations) 8. Updated References: updated XCON FW RFC, SOAP/W3C moved to informational section. Barnes, et al. Expires June 27, 2010 [Page 97] Internet-Draft CCMP December 2009 16. References 16.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication", RFC 2617, June 1999. [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. [RFC2965] Kristol, D. and L. Montulli, "HTTP State Management Mechanism", RFC 2965, October 2000. [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, January 2004. [RFC5239] Barnes, M., Boulton, C., and O. Levin, "A Framework for Centralized Conferencing", RFC 5239, June 2008. [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, August 2008. [I-D.ietf-xcon-common-data-model] Novo, O., Camarillo, G., Morgan, D., and J. Urpalainen, "Conference Information Data Model for Centralized Conferencing (XCON)", draft-ietf-xcon-common-data-model-14 (work in progress), November 2009. 16.2. Informative References [REST] Fielding, "Architectural Styles and the Design of Network- based Software Architectures", 2000. [RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media Types", RFC 3023, January 2001. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. Barnes, et al. Expires June 27, 2010 [Page 98] Internet-Draft CCMP December 2009 [RFC3958] Daigle, L. and A. Newton, "Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS)", RFC 3958, January 2005. [I-D.ietf-xcon-event-package] Camarillo, G., Srinivasan, S., Even, R., and J. Urpalainen, "Conference Event Package Data Format Extension for Centralized Conferencing (XCON)", draft-ietf-xcon-event-package-01 (work in progress), September 2008. [W3C.REC-soap12-part1-20030624] Hadley, M., Gudgin, M., Nielsen, H., Moreau, J., and N. Mendelsohn, "SOAP Version 1.2 Part 1: Messaging Framework", World Wide Web Consortium FirstEdition REC- soap12-part1-20030624, June 2003, . [W3C.REC-soap12-part2-20030624] Mendelsohn, N., Nielsen, H., Moreau, J., Hadley, M., and M. Gudgin, "SOAP Version 1.2 Part 2: Adjuncts", World Wide Web Consortium FirstEdition REC-soap12-part2-20030624, June 2003, . [W3C.REC-xpath-19991116] DeRose, S. and J. Clark, "XML Path Language (XPath) Version 1.0", World Wide Web Consortium Recommendation REC-xpath-19991116, November 1999, . Barnes, et al. Expires June 27, 2010 [Page 99] Internet-Draft CCMP December 2009 Appendix A. Appendix A: Other protocol models and transports considered for CCMP The operations on the objects can be implemented in at least two different ways, namely as remote procedure calls - using SOAP as described in Appendix A.1 and by defining resources following a RESTful architecture Appendix A.2. In both approaches, servers will have to recreate their internal state representation of the object with each update request, checking parameters and triggering function invocations. In the SOAP approach, it would be possible to describe a separate operation for each atomic element, but that would greatly increase the complexity of the protocol. A coarser-grained approach to the CCMP does require that the server process XML elements in updates that have not changed and that there can be multiple changes in one update. For CCMP, the resource (REST) model might appear more attractive, since the conference operations fit the CRUD approach. Neither of these approaches were considered ideal as SOAP was not considered to be general purpose enough for use in a broad range of operational environments. It is quite awkward to apply a RESTful approach since the CCMP requires a more complex request/response protocol in order to maintain the data both in the server and at the client. This doesn't map very elegantly to the basic request/ response model, whereby a response typically indicates whether the request was successful or not, rather than providing additional data to maintain the synchronization between the client and server data. In addition, the CCMP clients may also receive the data in Notifications. While the notification method or protocol used by some conferencing clients can be independent of the CCMP, the same data in the server is used for both the CCMP and Notifications - this requires a server application above the transport layer (e.g., HTTP) for maintaining the data, which in the CCMP model is transparent to the transport protocol. A.1. Using SOAP for the CCMP A remote procedure call (RPC) mechanism for the CCMP could use SOAP (Simple Object Access Protocol[W3C.REC-soap12-part1-20030624][W3C.REC -soap12-part2-20030624]), where conferences and the other objects are modeled as services with associated operations. Conferences and other objects are selected by their own local identifiers, such as email-like names for users. This approach has the advantage that it can easily define atomic operations that have well-defined error conditions. Barnes, et al. Expires June 27, 2010 [Page 100] Internet-Draft CCMP December 2009 All SOAP operations would use a single HTTP verb. While the RESTful approach requires the use of a URI for each object, SOAP can use any token. A.2. A RESTful approach for the CCMP Conference objects can also be modeled as resources identified by URIs, with the basic CRUD operations mapped to the HTTP methods POST/ PUT for creating objects, GET for reading objects, PATCH/POST/PUT for changing objects and DELETE for deleting them. Many of the objects, such as conferences, already have natural URIs. CCMP can be mapped into the CRUD (Create, Read, Update, Delete) design pattern. The basic CRUD operations are used to manipulate conference objects, which are XML documents containing the information characterizing a specified conference instance, be it an active conference or a conference blueprint used by the conference server to create new conference instances through a simple clone operation. Following the CRUD approach, CCMP could use a general-purpose protocol such as HTTP [RFC2616] to transfer domain-specific XML- encoded data objects defined in the Conference Information Data Model for Centralized Conferencing [I-D.ietf-xcon-common-data-model]. Following on the CRUD approach, CCMP could follow the well-known REST (REpresentational State Transfer) architectural style [REST]. The CCMP could map onto the REST philosophy, by specifying resource URIs, resource formats, methods supported at each URI and status codes that have to be returned when a certain method is invoked on a specific URI. A REST-style approach must ensure sure that all operations can be mapped to HTTP operations. The following summarizes the specific HTTP method that could be used for each of the CCMP Requests: Retrieve: HTTP GET could be used on XCON-URIs, so that clients can obtain data about conference objects in the form of XML data model documents. Create: HTTP PUT could be used to create a new object as identified by the XCON-URI or XCON-USERID. Change: Either HTTP PATCH or HTTP POST could be used to change the conference object identified by the XCON-URI. Delete: HTTP DELETE could be used to delete conference objects and parameters within conference objects identified by the XCON-URI. Barnes, et al. Expires June 27, 2010 [Page 101] Internet-Draft CCMP December 2009 Authors' Addresses Mary Barnes Nortel Email: mary.barnes@nortel.com Chris Boulton NS-Technologies Email: chris@ns-technologies.com Simon Pietro Romano University of Napoli Via Claudio 21 Napoli 80125 Italy Email: spromano@unina.it Henning Schulzrinne Columbia University Department of Computer Science 450 Computer Science Building New York, NY 10027 Email: hgs+xcon@cs.columbia.edu Barnes, et al. Expires June 27, 2010 [Page 102]