The IESG has approved the following document: - 'A Session Initiation Protocol (SIP) Event Package for Key Press Stimulus (KPML) ' <draft-ietf-sipping-kpml-07.txt> as a Proposed Standard This document is the product of the Session Initiation Proposal Investigation Working Group. The IESG contact persons are Allison Mankin and Jon Peterson. Technical Summary This document specifies the Key Press Markup Language (KPML). KPML is used by a Session Initiation Protocol (SIP) User Agent to monitor Dual-Tone Multi-Frequency (DTMF) signals in environments when the interested User Agent is not a party to the corresponding audio media (tones) associated with those signals. SIP is an Internet application-layer control (signalling) protocol for creating, modifying, and terminating sessions with one or more participants. SIP sessions are separate from the media flows they establish. These sessions include, in particular, telephone calls. DTMF tones are a common form of conveying user input in telephone networks, including calls made using IP telephones or gateway devices which interwork between IP networks and traditional telephone networks. KPML markup is designed for use with devices such as telephones or telephone gateways which do not render a presentation of their markup to an end-user. KPML uses a regular expression language to request specific patterns of digits from a telephone or gateway. Using a SIP event package, interested User Agents subscribe using a KPML regular expression as a filter, and receive notifications which report on the status of pattern matches contained in the corresponding subscriptions. KPML takes particular care to prevent unauthorized disclosure of DTMF events which could reveal sensitive information such as account numbers, credit card numbers, and numeric passwords. Working Group Summary The document is a product of the SIPPING working group and was developed over the course of about two years. The SIP community (including participants of the MMUSIC, SIP, and SIPPING working groups) has attempted to address the general problem of DTMF monitoring over SIP on and off for at least five years, which has resulted in the implementation of a number of non-interoperable ad-hoc approaches. The working group was finally able to address this problem in a general way which is consistent with SIP's overall relationship with other markup languages. The working group demonstrated very strong consensus to deliver a standard solution to this problem, and rough-consensus and no strong objections to the specific approach. Protocol Quality This document was reviewed under the PROTO process by Rohan Mahy, co-chair of the SIP and SIPPING working groups. The regular expression language was reviewed by Bill Fenner. RFC Editor Notes: Please spell out the first occurrence of the following acronyms: XML -> Extensible Markup Language (XML) DTMF -> Dual Tone Multi-Frequency (DTMF) RTP -> Real-time Transport Protocol (RTP) MGCP -> Media Gateway Control Protocol (MGCP) Section 4.7 OLD: Upon authenticating the requesting party, the User Interface determines if the requesting party has authorization to monitor the user's key presses. Determining authorization policies and procedures is beyond the scope of this specification. NEW: Upon authenticating the requesting party, the User Interface determines if the requesting party has authorization to monitor the user's key presses. The default authorization policy is to allow a KPML subscriber who can authenticate with a specific identity to monitor key presses from SIP sessions in which the same or equivalent authenticated identity is a participant. In addition, KPML will often be used, for example, between "application servers" (subscribers) and PSTN gateways (notifiers) operated by the same domain or federation of domains. In this situation a notifier MAY be configured with a list of subscribers which are specifically trusted and authorized to subscribe to key press information related to all sessions in a particular context. Section 5.1 Please delete the character marked with ^ below: OLD DRegexCharacter = DIGIT / "A" / "B" / "C" / "D" / "*" / "#" / / "a" / "b" / "c" / "d" ^ NEW DRegexCharacter = DIGIT / "A" / "B" / "C" / "D" / "*" / "#" / "a" / "b" / "c" / "d" In Sections 7.4, 7.5, 7.6, and 7.7, please replace the Registrant Contact as follows: OLD Registrant Contact: IETF, SIPPING Work Group <sipping@ietf.org>, Eric Burger <e.burger@ieee.org>. NEW Registrant Contact: The IESG <iesg@ietf.org> Section 8 As an XML markup, all of the security considerations of RFC3023 [3] and RFC3406 [6] must be met. s/must/MUST/ _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce