MMUSIC Working Group G. Camarillo Internet-Draft Ericsson Expires: July 14, 2005 January 13, 2005 Session Description Protocol (SDP) Format for Binary Floor Control Protocol (BFCP) Streams draft-ietf-mmusic-sdp-bfcp-00.txt Status of this Memo This document is an Internet-Draft and is subject to all provisions of section 3 of RFC 3667. By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she become aware will be disclosed, in accordance with RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on July 14, 2005. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This document specifies how to describe BFCP streams in SDP session descriptions. User agents using the offer/answer model to establish BFCP streams use this format in their offers and their answers. Camarillo Expires July 14, 2005 [Page 1] Internet-Draft BFCP January 2005 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Fields in the m Line . . . . . . . . . . . . . . . . . . . . 3 4. The confid and userid SDP Attributes . . . . . . . . . . . . 4 5. The k line . . . . . . . . . . . . . . . . . . . . . . . . . 4 6. The nonce Attribute . . . . . . . . . . . . . . . . . . . . 4 7. Association between Streams and Floors . . . . . . . . . . . 5 8. Certificate Choice and Presentation . . . . . . . . . . . . 5 9. TCP Connection Management . . . . . . . . . . . . . . . . . 6 10. Example . . . . . . . . . . . . . . . . . . . . . . . . . . 6 11. Security Considerations . . . . . . . . . . . . . . . . . . 7 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . 7 12.1 Registration of the confid Attribute . . . . . . . . . . 8 12.2 Registration of the userid Attribute . . . . . . . . . . 8 12.3 Registration of the floorid Attribute . . . . . . . . . 8 12.4 Registration of the nonce Attribute . . . . . . . . . . 9 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 9 14. Normative References . . . . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . 10 Intellectual Property and Copyright Statements . . . . . . . 11 Camarillo Expires July 14, 2005 [Page 2] Internet-Draft BFCP January 2005 1. Introduction As discussed in the BFCP specification [7], a given BFCP client needs a set of data in order to establish a BFCP connection to a floor control server. These data include the transport address of the server, the conference identifier, and the user identifier. One way for clients to obtain this information consists of using an offer/answer [5] exchange. This document specifies how to encode this information in the SDP session descriptions which are part of an offer/answer exchange. User agents typically use the offer/answer model to establish a number of media streams of different types. Following this model, a BFCP connection is described as any other media stream by using an SDP 'm' line, possibly followed by a number of attributes encoded in 'a' lines. 2. Terminology In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 [1] and indicate requirement levels for compliant implementations. 3. Fields in the m Line According to RFC 2327 [3], the 'm'line format is the following: m= The media field MUST have a value of "application". The port field is set following the rules in [6]. Depending on the value of the 'setup' attribute (disccused in Section 9), the port field contains the port the remote endpoint will initiate its TCP connection to, or is irrelevant (i.e., the endpoint will initiate the connection towards the remote endpoint) and should be set to a value of 9, which is the discard port. Since BFCP only runs on top of TCP, the port is always a TCP port. A port field value of zero has the standard SDP meaning (i.e., rejection of the media stream). We define two new values for the transport field: TCP/BFCP and TCP/ TLS/BFCP. The former is used when BFCP runs directly on top of TCP and the latter is used when BFCP runs on top of TLS, which in turn runs on top of TCP. Camarillo Expires July 14, 2005 [Page 3] Internet-Draft BFCP January 2005 The fmt (format) list is ignored for BFCP. The fmt list of BFCP m lines SHOULD contain a single "*" character. The following is an example of an m line for a BFCP connection: m=application 20000 TCP/TLS/BFCP * 4. The confid and userid SDP Attributes We define the 'confid' and the 'userid' SDP media-level attributes. Their Augmented BNF syntax [2] is: confid-attribute = "a=confid: " conference-id conference-id = token userid-attribute = "a=userid: " user-id user-id = token The confid and the userid attributes carry the integer representation of a conference ID and a user ID respectively. Endpoints which use the offer/answer model to establish BFCP connections MUST support the confid and the userid attributes. A floor control server acting as an offerer or as an answerers SHOULD include these attributes in its session descriptions. 5. The k line The floor control server MAY use an SDP 'k' line to provide clients with a shared secret to be used to calculate the value of the DIGEST TLVs. The following is an example of a 'k' line: k=base64:c2hhcmVkLXNlY3JldA== Endpoints MAY use other mechanisms (including out-of-band mechanisms) to come up with a share secret. However, if the 'k' line is used in the way just described, the session description containing the 'k' line with the shared secret MUST be encrypted. 6. The nonce Attribute We define the 'nonce' attribute. Its Augmented BNF syntax [2] is: Camarillo Expires July 14, 2005 [Page 4] Internet-Draft BFCP January 2005 nonce-attribute = "a=nonce: " nonce-value nonce-value = token The 'nonce' attribute carries the integer representation of the nonce to be used by the client in its next BFCP message (typically the first message from the client) towards the floor control server. This is an optimization so that the client does not need to generate an initial BFCP message only to have it rejected by the floor control server with an Error response containing a nonce. Endpoints which use the offer/answer model to establish BFCP connections SHOULD support the 'nonce' attribute. A floor control server acting as an offerer or as an answerers MAY include this attribute in its session descriptions. 7. Association between Streams and Floors We define the floorid SDP media-level attribute. Its Augmented BNF syntax [2] is: floor-id-attribute = "a=floorid:" token [" mstrm:" token *(SP token)] The floorid attribute is used in BFCP 'm' lines. It defined a floor identifier and, possibly, associates it with one or more media streams. The token representing the floor ID is the integer representation of the Floor ID to be used in BFCP. The token representing the media stream is a pointer to the media stream, which is identified by an SDP label attribute [8] Endpoints which use the offer/answer model to establish BFCP connections MUST support the 'floorid' and the 'label' attributes. A floor control server acting as an offerer or as an answerer SHOULD include these attributes in its session descriptions. 8. Certificate Choice and Presentation Floor control servers follow the rules in [9] regarding certificate choice and presentation. This implies that unless the floor control server includes a 'fingerprint' attribute in its session description, the certificate provided by the floor control server must be signed by a certificate authority known to the client. Endpoints which use the offer/answer model to establish BFCP connections MUST support the 'fingerprint' attribute. Floor control Camarillo Expires July 14, 2005 [Page 5] Internet-Draft BFCP January 2005 servers SHOULD include this attribute in their session descriptions (no matter whether they are offers or answers). When TLS is used, once the underlaying TCP connection is established, the floor control server acts as the TLS server regardless of its role (passive or active) in the TCP establishment procedure. 9. TCP Connection Management The management of the TCP connection used to transport BFCP is performed using the 'setup' and 'connection' attributes as defined in [6]. The setup attribute indicates which of the endpoints (client or floor control server) initiates the TCP connection. The 'connection' attribute handles TCP connection reestablishment. The BFCP specification [7] describes a number of situations when the TCP connection between a client and the floor control server needs to be reestablished. However, that specification does not describe the reestablishment process because this process depends on how the connection was established in the first place. BFCP entities using the offer/answer model follow the following rules. When the existing TCP connection is reseted following the rules in [7], the client SHOULD generate an offer towards the floor control server in order to reestablish the connection. If a TCP connection cannot deliver a BFCP message and times out, the entity that attempted to send the message (i.e., the one that detected the TCP timeout) SHOULD generate an offer in order to reestablish the TCP connection. Endpoints which use the offer/answer model to establish BFCP connections MUST support the 'setup' and the 'connection' attributes. 10. Example The following is an example of an offer sent by a conference server to a client. For the purpose of brevity, the main portion of the session description is omitted in the examples, which only show m= lines and their attributes. m=application 20000 TCP/TLS/BFCP * k=base64:c2hhcmVkLXNlY3JldA== a=setup:passive a=connection:new a=fingerprint:SHA-1 \ Camarillo Expires July 14, 2005 [Page 6] Internet-Draft BFCP January 2005 4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB a=nonce:5678 a=confid:4321 a=userid:1234 a=floorid:1 m-stream:10 a=floorid:2 m-stream:11 m=audio 20000 RTP/AVP 0 a=label:10 m=video 30000 RTP/AVP 31 a=label:11 Note that due to RFC formatting conventions, this document splits SDP across lines whose content would exceed 72 characters. A backslash character marks where this line folding has taken place. This backslash and its trailing CRLF and whitespace would not appear in actual SDP content. The following is the answer returned by the user. m=application 9 TCP/BFCP * a=setup:active a=connection:new m=audio 25000 RTP/AVP 0 m=video 35000 RTP/AVP 31 11. Security Considerations The BFCP [7], SDP [3], and the offer/answer [5] specifications discuss security issues related to BFCP, SDP, and the offer/answer respectively. In addition, [6] and [9] discuss security issues related to the establishment of TCP and TLS connections using an offer/answer model. An issue which is discussed in the previous specifications and is of particular importance for this specification relates to the usage of the 'k' line to provide shared secrets to clients. When the 'k' line is used in this way, the session description carrying it SHOULD be encrypted. Otherwise, an attacker could get access to the shared secret and impersonate the client. For session descriptions carried in SIP [4], S/MIME is the natural choice to provide such end-to-end encryption. Other applications MAY use different encryption mechanisms. 12. IANA Considerations This document instructs the IANA to register four new media-level SDP Camarillo Expires July 14, 2005 [Page 7] Internet-Draft BFCP January 2005 attributes: 'confid', 'userid', 'floorid', and 'nonce'. 12.1 Registration of the confid Attribute Contact name: Gonzalo.Camarillo@ericsson.com Attribute name: confid Type of attribute Media level Subject to charset: No Purpose of attribute: The 'confid' attribute carries the integer representation of a Conference ID. Allowed attribute values: A token 12.2 Registration of the userid Attribute Contact name: Gonzalo.Camarillo@ericsson.com Attribute name: userid Type of attribute Media level Subject to charset: No Purpose of attribute: The 'userid' attribute carries the integer representation of a User ID. Allowed attribute values: A token 12.3 Registration of the floorid Attribute Contact name: Gonzalo.Camarillo@ericsson.com Attribute name: floorid Type of attribute Media level Subject to charset: No Purpose of attribute: The 'floorid' attribute associates a floor with one or more media streams. Camarillo Expires July 14, 2005 [Page 8] Internet-Draft BFCP January 2005 Allowed attribute values: Tokens 12.4 Registration of the nonce Attribute Contact name: Gonzalo.Camarillo@ericsson.com Attribute name: nonce Type of attribute Media level Subject to charset: No Purpose of attribute: The 'nonce' attribute carried a nonce to be used in the media stream (e.g., in the BFCP connection). Allowed attribute values: A token 13. Acknowledgments Joerg Ott, Keith Drage, Alan Johnston, and Eric Rescorla provided useful ideas for this document. 14 Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, November 1997. [3] Handley, M. and V. Jacobson, "SDP: Session Description Protocol", RFC 2327, April 1998. [4] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [5] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with Session Description Protocol (SDP)", RFC 3264, June 2002. [6] Yon, D., "Connection-Oriented Media Transport in the Session Description Protocol (SDP)", draft-ietf-mmusic-sdp-comedia-09 (work in progress), September 2004. [7] Camarillo, G., "The Binary Floor Control Protocol (BFCP)", draft-ietf-xcon-bfcp-01 (work in progress), October 2004. [8] Levin, O. and G. Camarillo, "The SDP (Session Description Camarillo Expires July 14, 2005 [Page 9] Internet-Draft BFCP January 2005 Protocol) Label Attribute", draft-levin-mmmusic-sdp-media-label-00 (work in progress), July 2004. [9] Lennox, J., "Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)", draft-ietf-mmusic-comedia-tls-02 (work in progress), October 2004. Author's Address Gonzalo Camarillo Ericsson Hirsalantie 11 Jorvas 02420 Finland EMail: Gonzalo.Camarillo@ericsson.com Camarillo Expires July 14, 2005 [Page 10] Internet-Draft BFCP January 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Camarillo Expires July 14, 2005 [Page 11]