27 IANA Considerations
All method names, header field names, status codes, and option tags
used in SIP applications are registered with IANA through
instructions in an IANA Considerations section in an RFC.
The specification instructs the IANA to create four new sub-
registries under http://www.iana.org/assignments/sip-parameters:
Option Tags, Warning Codes (warn-codes), Methods and Response Codes,
added to the sub-registry of Header Fields that is already present
27.1 Option Tags
This specification establishes the Option Tags sub-registry under
Option tags are used in header fields such as Require, Supported,
Proxy-Require, and Unsupported in support of SIP compatibility
mechanisms for extensions (Section 19.2). The option tag itself is a
string that is associated with a particular SIP option (that is, an
extension). It identifies the option to SIP endpoints.
Option tags are registered by the IANA when they are published in
standards track RFCs. The IANA Considerations section of the RFC
must include the following information, which appears in the IANA
registry along with the RFC number of the publication.
o Name of the option tag. The name MAY be of any length, but
SHOULD be no more than twenty characters long. The name MUST
consist of alphanum (Section 25) characters only.
o Descriptive text that describes the extension.
This specification establishes the Warn-codes sub-registry under
http://www.iana.org/assignments/sip-parameters and initiates its
population with the warn-codes listed in Section 20.43. Additional
warn-codes are registered by RFC publication.
The descriptive text for the table of warn-codes is:
Warning codes provide information supplemental to the status code in
SIP response messages when the failure of the transaction resultsfrom a Session Description Protocol (SDP) (RFC 2327 ) problem.
The "warn-code" consists of three digits. A first digit of "3"
indicates warnings specific to SIP. Until a future specification
describes uses of warn-codes other than 3xx, only 3xx warn-codes may
Warnings 300 through 329 are reserved for indicating problems with
keywords in the session description, 330 through 339 are warnings
related to basic network services requested in the session
description, 370 through 379 are warnings related to quantitative QoS
parameters requested in the session description, and 390380 through 399
are miscellaneous SIP-related warnings that do not fall into one of the above
27.3 Header Field Names
This obsoletes the IANA instructions about the header sub-registry
The following information needs to be provided in an RFC publication
in order to register a new header field name:
o The RFC number in which the header is registered;
o the name of the header field being registered;
o a compact form version for that header field, if one is
Some common and widely used header fields MAY be assigned one-letter
compact forms (Section 7.3.3). Compact forms can only be assigned
after SIP working group review, followed by RFC publication.
27.4 Method and Response Codes
This specification establishes the Method and Response-Code sub-
registries under http://www.iana.org/assignments/sip-parameters and
initiates their population as follows. The initial Methods table is:
The response code table is initially populated from Section 21, the
portions labeled Informational, Success, Redirection, Client-Error,
Server-Error, and Global-Failure. The table has the following
Type (e.g., Informational)
Number Default Reason Phrase [RFC3261]
The following information needs to be provided in an RFC publication
in order to register a new response code or method:
o The RFC number in which the method or response code is
o the number of the response code or name of the method being
o the default reason phrase for that response code, if
27.5 The "message/sip" MIME type.
This document registers the "message/sip" MIME media type in order to
allow SIP messages to be tunneled as bodies within SIP, primarily for
end-to-end security purposes. This media type is defined by the
Media type name: message
Media subtype name: sip
Required parameters: none
Optional parameters: version
version: The SIP-Version number of the enclosed message (e.g.,
"2.0"). If not present, the version defaults to "2.0".
Encoding scheme: SIP messages consist of an 8-bit header
optionally followed by a binary MIME data object. As such, SIP
messages must be treated as binary. Under normal circumstances
SIP messages are transported over binary-capable transports, no
special encodings are needed.
Security considerations: see below
Motivation and examples of this usage as a security mechanism
in concert with S/MIME are given in 23.4.
27.6 New Content-Disposition Parameter Registrations
This document also registers four new Content-Disposition header
"disposition-types": alert, icon, session and render. The authors
request that these values be recorded in the IANA registry for
Descriptions of these "disposition-types", including motivation and
examples, are given in Section 20.11.
Short descriptions suitable for the IANA registry are:
alert the body is a custom ring tone to alert the user
icon the body is displayed as an icon to the user
render the body should be displayed to the user
session the body describes a communications session, for
example, as RFC 2327 SDP body
28 Changes From RFC 2543
This RFC revises RFC 2543. It is mostly backwards compatible with
RFC 2543. The changes described here fix many errors discovered in
RFC 2543 and provide information on scenarios not detailed in RFC
2543. The protocol has been presented in a more cleanly layered
We break the differences into functional behavior that is a
substantial change from RFC 2543, which has impact on
interoperability or correct operation in some cases, and functional
behavior that is different from RFC 2543 but not a potential source
of interoperability problems. There have been countless
clarifications as well, which are not documented here.
28.1 Major Functional Changes
o When a UAC wishes to terminate a call before it has been answered,
it sends CANCEL. If the original INVITE still returns a 2xx, the
UAC then sends BYE. BYE can only be sent on an existing call leg
(now called a dialog in this RFC), whereas it could be sent at any
time in RFC 2543.
o The SIP BNF was converted to be RFC 2234 compliant.
o SIP URL BNF was made more general, allowing a greater set of
characters in the user part. Furthermore, comparison rules were
simplified to be primarily case-insensitive, and detailed handling
of comparison in the presence of parameters was described. The
most substantial change is that a URI with a parameter with the
default value does not match a URI without that parameter.
o Removed Via hiding. It had serious trust issues, since it relied
on the next hop to perform the obfuscation process. Instead, Via
hiding can be done as a local implementation choice in stateful
proxies, and thus is no longer documented.
o In RFC 2543, CANCEL and INVITE transactions were intermingled.
They are separated now. When a user sends an INVITE and then a
CANCEL, the INVITE transaction still terminates normally. A UAS
needs to respond to the original INVITE request with a 487
o Similarly, CANCEL and BYE transactions were intermingled; RFC 2543
allowed the UAS not to send a response to INVITE when a BYE was
received. That is disallowed here. The original INVITE needs a
o In RFC 2543, UAs needed to support only UDP. In this RFC, UAs
need to support both UDP and TCP.
o In RFC 2543, a forking proxy only passed up one challenge from
downstream elements in the event of multiple challenges. In this
RFC, proxies are supposed to collect all challenges and place them
into the forwarded response.
o In Digest credentials, the URI needs to be quoted; this is unclear
from RFC 2617 and RFC 2069 which are both inconsistent on it.
o SDP processing has been split off into a separate specification
, and more fully specified as a formal offer/answer exchange
process that is effectively tunneled through SIP. SDP is allowed
in INVITE/200 or 200/ACK for baseline SIP implementations; RFC
2543 alluded to the ability to use it in INVITE, 200, and ACK in a
single transaction, but this was not well specified. More complex
SDP usages are allowed in extensions.
o Added full support for IPv6 in URIs and in the Via header field.
Support for IPv6 in Via has required that its header field
parameters allow the square bracket and colon characters. These
characters were previously not permitted. In theory, this could
cause interop problems with older implementations. However, we
have observed that most implementations accept any non-control
ASCII character in these parameters.
o DNS SRV procedure is now documented in a separate specification
. This procedure uses both SRV and NAPTR resource records and
no longer combines data from across SRV records as described in
o Loop detection has been made optional, supplanted by a mandatory
usage of Max-Forwards. The loop detection procedure in RFC 2543
had a serious bug which would report "spirals" as an error
condition when it was not. The optional loop detection procedure
is more fully and correctly specified here.
o Usage of tags is now mandatory (they were optional in RFC 2543),
as they are now the fundamental building blocks of dialog
o Added the Supported header field, allowing for clients to indicate
what extensions are supported to a server, which can apply those
extensions to the response, and indicate their usage with a
Require in the response.
o Extension parameters were missing from the BNF for several header
fields, and they have been added.
o Handling of Route and Record-Route construction was very
underspecified in RFC 2543, and also not the right approach. It
has been substantially reworked in this specification (and made
vastly simpler), and this is arguably the largest change.
Backwards compatibility is still provided for deployments that do
not use "pre-loaded routes", where the initial request has a set
of Route header field values obtained in some way outside of
Record-Route. In those situations, the new mechanism is not
o In RFC 2543, lines in a message could be terminated with CR, LF,
or CRLF. This specification only allows CRLF.
o Usage of Route in CANCEL and ACK was not well defined in RFC 2543.
It is now well specified; if a request had a Route header field,
its CANCEL or ACK for a non-2xx response to the request need to
carry the same Route header field values. ACKs for 2xx responses
use the Route values learned from the Record-Route of the 2xx
o RFC 2543 allowed multiple requests in a single UDP packet. This
usage has been removed.
o Usage of absolute time in the Expires header field and parameter
has been removed. It caused interoperability problems in elements
that were not time synchronized, a common occurrence. Relative
times are used instead.
o The branch parameter of the Via header field value is now
mandatory for all elements to use. It now plays the role of a
unique transaction identifier. This avoids the complex and bug-
laden transaction identification rules from RFC 2543. A magic
cookie is used in the parameter value to determine if the previous
hop has made the parameter globally unique, and comparison falls
back to the old rules when it is not present. Thus,
interoperability is assured.
o In RFC 2543, closure of a TCP connection was made equivalent to a
CANCEL. This was nearly impossible to implement (and wrong) for
TCP connections between proxies. This has been eliminated, so
that there is no coupling between TCP connection state and SIP
o RFC 2543 was silent on whether a UA could initiate a new
transaction to a peer while another was in progress. That is now
specified here. It is allowed for non-INVITE requests, disallowed
o PGP was removed. It was not sufficiently specified, and not
compatible with the more complete PGP MIME. It was replaced with
o Added the "sips" URI scheme for end-to-end TLS. This scheme is
not backwards compatible with RFC 2543. Existing elements that
receive a request with a SIPS URI scheme in the Request-URI will
likely reject the request. This is actually a feature; it ensures
that a call to a SIPS URI is only delivered if all path hops can
o Additional security features were added with TLS, and these are
described in a much larger and complete security considerations
o In RFC 2543, a proxy was not required to forward provisional
responses from 101 to 199 upstream. This was changed to MUST.
This is important, since many subsequent features depend on
delivery of all provisional responses from 101 to 199.
o Little was said about the 503 response code in RFC 2543. It has
since found substantial use in indicating failure or overload
conditions in proxies. This requires somewhat special treatment.
Specifically, receipt of a 503 should trigger an attempt to
contact the next element in the result of a DNS SRV lookup. Also,
503 response is only forwarded upstream by a proxy under certain
o RFC 2543 defined, but did no sufficiently specify, a mechanism for
UA authentication of a server. That has been removed. Instead,
the mutual authentication procedures of RFC 2617 are allowed.
o A UA cannot send a BYE for a call until it has received an ACK for
the initial INVITE. This was allowed in RFC 2543 but leads to a
potential race condition.
o A UA or proxy cannot send CANCEL for a transaction until it gets a
provisional response for the request. This was allowed in RFC
2543 but leads to potential race conditions.
o The action parameter in registrations has been deprecated. It was
insufficient for any useful services, and caused conflicts when
application processing was applied in proxies.
o RFC 2543 had a number of special cases for multicast. For
example, certain responses were suppressed, timers were adjusted,
and so on. Multicast now plays a more limited role, and the
protocol operation is unaffected by usage of multicast as opposed
to unicast. The limitations as a result of that are documented.
o Basic authentication has been removed entirely and its usage
o Proxies no longer forward a 6xx immediately on receiving it.
Instead, they CANCEL pending branches immediately. This avoids a
potential race condition that would result in a UAC getting a 6xx
followed by a 2xx. In all cases except this race condition, the
result will be the same - the 6xx is forwarded upstream.
o RFC 2543 did not address the problem of request merging. This
occurs when a request forks at a proxy and later rejoins at an
element. Handling of merging is done only at a UA, and procedures
are defined for rejecting all but the first request.
28.2 Minor Functional Changes
o Added the Alert-Info, Error-Info, and Call-Info header fields for
optional content presentation to users.
o Added the Content-Language, Content-Disposition and MIME-Version
o Added a "glare handling" mechanism to deal with the case where
both parties send each other a re-INVITE simultaneously. It uses
the new 491 (Request Pending) error code.
o Added the In-Reply-To and Reply-To header fields for supporting
the return of missed calls or messages at a later time.
o Added TLS and SCTP as valid SIP transports.
o There were a variety of mechanisms described for handling failures
at any time during a call; those are now generally unified. BYE
is sent to terminate.
o RFC 2543 mandated retransmission of INVITE responses over TCP, but
noted it was really only needed for 2xx. That was an artifact of
insufficient protocol layering. With a more coherent transaction
layer defined here, that is no longer needed. Only 2xx responses
to INVITEs are retransmitted over TCP.
o Client and server transaction machines are now driven based on
timeouts rather than retransmit counts. This allows the state
machines to be properly specified for TCP and UDP.
o The Date header field is used in REGISTER responses to provide a
simple means for auto-configuration of dates in user agents.
o Allowed a registrar to reject registrations with expirations that
are too short in duration. Defined the 423 response code and the
Min-Expires for this purpose.
29 Normative References
 Handley, M. and V. Jacobson, "SDP: Session Description
Protocol", RFC 2327, April 1998.
 Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
 Resnick, P., "Internet Message Format", RFC 2822, April 2001.
 Rosenberg, J. and H. Schulzrinne, "SIP: Locating SIP Servers",
RFC 3263, June 2002.
 Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource
Identifiers (URI): Generic Syntax", RFC 2396, August 1998.
 Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for
Transport Layer Security (TLS)", RFC 3268, June 2002.
 Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC
2279, January 1998.
 Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol --
HTTP/1.1", RFC 2616, June 1999.
 Vaha-Sipila, A., "URLs for Telephone Calls", RFC 2806, April
 Crocker, D. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", RFC 2234, November 1997.
 Freed, F. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046, November
 Eastlake, D., Crocker, S. and J. Schiller, "Randomness
Recommendations for Security", RFC 1750, December 1994.
 Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with
SDP", RFC 3264, June 2002.
 Postel, J., "User Datagram Protocol", STD 6, RFC 768, August
 Postel, J., "DoD Standard Transmission Control Protocol", RFC
761, January 1980.
 Stewart, R., Xie, Q., Morneault, K., Sharp, C., Schwarzbauer,
H., Taylor, T., Rytina, I., Kalla, M., Zhang, L. and V. Paxson,
"Stream Control Transmission Protocol", RFC 2960, October 2000.
 Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Leach, P., Luotonen, A. and L. Stewart, "HTTP authentication:
Basic and Digest Access Authentication", RFC 2617, June 1999.
 Troost, R., Dorner, S. and K. Moore, "Communicating Presentation
Information in Internet Messages: The Content-Disposition Header
Field", RFC 2183, August 1997.
 Zimmerer, E., Peterson, J., Vemuri, A., Ong, L., Audet, F.,
Watson, M. and M. Zonoun, "MIME media types for ISUP and QSIG
Objects", RFC 3204, December 2001.
 Braden, R., "Requirements for Internet Hosts - Application and
Support", STD 3, RFC 1123, October 1989.
 Alvestrand, H., "IETF Policy on Character Sets and Languages",
BCP 18, RFC 2277, January 1998.
 Galvin, J., Murphy, S., Crocker, S. and N. Freed, "Security
Multiparts for MIME: Multipart/Signed and Multipart/Encrypted",
RFC 1847, October 1995.
 Housley, R., "Cryptographic Message Syntax", RFC 2630, June
 Ramsdell B., "S/MIME Version 3 Message Specification", RFC 2633,
 Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC
2246, January 1999.
 Kent, S. and R. Atkinson, "Security Architecture for the
Internet Protocol", RFC 2401, November 1998.
30 Informative References
 R. Pandya, "Emerging mobile and personal communication systems,"
IEEE Communications Magazine, Vol. 33, pp. 44--52, June 1995.
 Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson,
"RTP: A Transport Protocol for Real-Time Applications", RFC
1889, January 1996.
 Schulzrinne, H., Rao, R. and R. Lanphier, "Real Time Streaming
Protocol (RTSP)", RFC 2326, April 1998.
 Cuervo, F., Greene, N., Rayhan, A., Huitema, C., Rosen, B. and
J. Segers, "Megaco Protocol Version 1.0", RFC 3015, November
 Handley, M., Schulzrinne, H., Schooler, E. and J. Rosenberg,
"SIP: Session Initiation Protocol", RFC 2543, March 1999.
 Hoffman, P., Masinter, L. and J. Zawinski, "The mailto URL
scheme", RFC 2368, July 1998.
 E. M. Schooler, "A multicast user directory service for
synchronous rendezvous," Master's Thesis CS-TR-96-18, Department
of Computer Science, California Institute of Technology,
Pasadena, California, Aug. 1996.
 Donovan, S., "The SIP INFO Method", RFC 2976, October 2000.
 Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April
 Dawson, F. and T. Howes, "vCard MIME Directory Profile", RFC
2426, September 1998.
 Good, G., "The LDAP Data Interchange Format (LDIF) - Technical
Specification", RFC 2849, June 2000.
 Palme, J., "Common Internet Message Headers", RFC 2076,
 Franks, J., Hallam-Baker, P., Hostetler, J., Leach, P.,
Luotonen, A., Sink, E. and L. Stewart, "An Extension to HTTP:
Digest Access Authentication", RFC 2069, January 1997.
 Johnston, A., Donovan, S., Sparks, R., Cunningham, C., Willis,
D., Rosenberg, J., Summers, K. and H. Schulzrinne, "SIP Call
Flow Examples", Work in Progress.
 E. M. Schooler, "Case study: multimedia conference control in a
packet-switched teleconferencing system," Journal of
Internetworking: Research and Experience, Vol. 4, pp. 99--120,
June 1993. ISI reprint series ISI/RS-93-359.
 H. Schulzrinne, "Personal mobility for multimedia services in
the Internet," in European Workshop on Interactive Distributed
Multimedia Systems and Services (IDMS), (Berlin, Germany), Mar.
 Floyd, S., "Congestion Control Principles", RFC 2914, September
A. Table of Timer Values
Table 4 summarizes the meaning and defaults of the various timers
used by this specification.
Timer Value Section Meaning
T1 500ms default Section 22.214.171.124 RTT Estimate
T2 4s Section 126.96.36.199 The maximum retransmit
interval for non-INVITE
requests and INVITE
T4 5s Section 188.8.131.52 Maximum duration a
remain in the network
Timer A initially T1 Section 184.108.40.206 INVITE request retransmit
interval, for UDP only
Timer B 64*T1 Section 220.127.116.11 INVITE transaction
Timer C > 3min Section 16.6 proxy INVITE transaction
bullet 11 timeout
Timer D > 32s for UDP Section 18.104.22.168 Wait time for response
0s for TCP/SCTP retransmits
Timer E initially T1 Section 22.214.171.124 non-INVITE request
Timer F 64*T1 Section 126.96.36.199 non-INVITE transaction
Timer G initially T1 Section 17.2.1 INVITE response
Timer H 64*T1 Section 17.2.1 Wait time for
Timer I T4 for UDP Section 17.2.1 Wait time for
0s for TCP/SCTP ACK retransmits
Timer J 64*T1 for UDP Section 17.2.2 Wait time for
0s for TCP/SCTP non-INVITE request
Timer K T4 for UDP Section 188.8.131.52 Wait time for
0s for TCP/SCTP response retransmits
Timer L 64*T1 Section 17.2.1 Wait time for
Timer M 64*T1 Section 17.1.1 Wait time for
2xx to INVITE or
additional 2xx from
other branches of
a forked INVITE
We wish to thank the members of the IETF MMUSIC and SIP WGs for their
comments and suggestions. Detailed comments were provided by Ofir
Arkin, Brian Bidulock, Jim Buller, Neil Deason, Dave Devanathan,
Keith Drage, Bill Fenner, Cedric Fluckiger, Yaron Goland, John
Hearty, Bernie Hoeneisen, Jo Hornsby, Phil Hoffer, Christian Huitema,
Hisham Khartabil, Jean Jervis, Gadi Karmi, Peter Kjellerstedt, Anders
Kristensen, Jonathan Lennox, Gethin Liddell, Allison Mankin, William
Marshall, Rohan Mahy, Keith Moore, Vern Paxson, Bob Penfield, Moshe
J. Sambol, Chip Sharp, Igor Slepchin, Eric Tremblay, and Rick
Brian Rosen provided the compiled BNF.
Jean Mahoney provided technical writing assistance.
This work is based, inter alia, on [41,42].
Authors addresses are listed alphabetically for the editors, the
writers, and then the original authors of RFC 2543. All listed
authors actively contributed large amounts of text to this document.
72 Eagle Rock Ave
East Hanover, NJ 07936
Dept. of Computer Science
1214 Amsterdam Avenue
New York, NY 10027
Advanced Signalling Research Lab.
100 South 4th Street
St. Louis, MO 63102
1800 Sutter Street, Suite 570
Concord, CA 94520
5100 Tennyson Parkway
Plano, Texas 75024
International Computer Science Institute
1947 Center St, Suite 600
Berkeley, CA 94704
75 Willow Road
Menlo Park, CA 94025
Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Funding for the RFC Editor function is currently provided by the