idnits 2.17.1 draft-ietf-avt-rtp-cnames-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC3550, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. (Using the creation date from RFC3550, updated by this document, for RFC5378 checks: 1998-04-07) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 22, 2010) is 4845 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 4941 (Obsoleted by RFC 8981) ** Obsolete normative reference: RFC 4634 (Obsoleted by RFC 6234) Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 AVT A. Begen 3 Internet-Draft Cisco 4 Updates: 3550 (if approved) C. Perkins 5 Intended status: Standards Track University of Glasgow 6 Expires: June 25, 2011 D. Wing 7 Cisco 8 December 22, 2010 10 Guidelines for Choosing RTP Control Protocol (RTCP) Canonical Names 11 (CNAMEs) 12 draft-ietf-avt-rtp-cnames-03 14 Abstract 16 The RTP Control Protocol (RTCP) Canonical Name (CNAME) is a 17 persistent transport-level identifier for an RTP endpoint. While the 18 Synchronization Source (SSRC) identifier of an RTP endpoint may 19 change if a collision is detected, or when the RTP application is 20 restarted, its RTCP CNAME is meant to stay unchanged, so that RTP 21 endpoints can be uniquely identified and associated with their RTP 22 media streams. For proper functionality, RTCP CNAMEs should be 23 unique within the participants of an RTP session. However, the 24 existing guidelines for choosing the RTCP CNAME provided in the RTP 25 standard are insufficient to achieve this uniqueness. This memo 26 updates these guidelines to allow endpoints to choose unique RTCP 27 CNAMEs. 29 Status of this Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on June 25, 2011. 46 Copyright Notice 48 Copyright (c) 2010 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . . 3 65 3. Deficiencies with Earlier Guidelines for Choosing an RTCP 66 CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 67 4. Choosing an RTCP CNAME . . . . . . . . . . . . . . . . . . . . 4 68 4.1. Persistent RTCP CNAMEs vs. Per-Session RTCP CNAMEs . . . . 4 69 4.2. Requirements . . . . . . . . . . . . . . . . . . . . . . . 5 70 5. Procedure to Generate a Unique Identifier . . . . . . . . . . . 6 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 7 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 75 9.1. Normative References . . . . . . . . . . . . . . . . . . . 7 76 9.2. Informative References . . . . . . . . . . . . . . . . . . 8 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 79 1. Introduction 81 In Section 6.5.1 of the RTP specification, [RFC3550], there are a 82 number of recommendations for choosing a unique RTCP CNAME for an RTP 83 endpoint. However, in practice, some of these methods are not 84 guaranteed to produce a unique RTCP CNAME. This memo updates 85 guidelines for choosing RTCP CNAMEs, superceding those presented in 86 Section 6.5.1 of [RFC3550]. 88 2. Requirements Notation 90 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 91 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 92 document are to be interpreted as described in [RFC2119]. 94 3. Deficiencies with Earlier Guidelines for Choosing an RTCP CNAME 96 The recommendation in [RFC3550] is to generate an RTCP CNAME of the 97 form "user@host" for multiuser systems, or "host" if the username is 98 not available. The "host" part is specified to be the fully 99 qualified domain name (FQDN) of the host from which the real-time 100 data originates. While this guidance was appropriate at the time 101 [RFC3550] was written, FQDNs are no longer necessarily unique, and 102 can sometimes be common across several endpoints in large service 103 provider networks. This document replaces the use of FQDN as an RTCP 104 CNAME by alternative mechanisms. 106 IPv4 addresses are also suggested for use in RTCP CNAMEs in 107 [RFC3550], where the "host" part of the RTCP CNAME is the numeric 108 representation of the IPv4 address of the interface from which the 109 RTP data originates. As noted in [RFC3550], the use of private 110 network address space [RFC1918] can result in hosts having network 111 addresses that are not globally unique. Additionally, this shared 112 use of the same IPv4 address can also occur with public IPv4 113 addresses if multiple hosts are assigned the same public IPv4 address 114 and connected to a Network Address Translation (NAT) device 115 [RFC3022]. When multiple hosts share the same IPv4 address, whether 116 private or public, using the IPv4 address as the RTCP CNAME leads to 117 RTCP CNAMEs that are not necessarily unique. 119 It is also noted in [RFC3550] that if hosts with private addresses 120 and no direct IP connectivity to the public Internet have their RTP 121 packets forwarded to the public Internet through an RTP-level 122 translator, they may end up having non-unique RTCP CNAMEs. The 123 suggestion in [RFC3550] is that such applications provide a 124 configuration option to allow the user to choose a unique RTCP CNAME, 125 and puts the burden on the translator to translate RTCP CNAMEs from 126 private addresses to public addresses if necessary to keep private 127 addresses from being exposed. Experience has shown that this does 128 not work well in practice. 130 4. Choosing an RTCP CNAME 132 It is difficult, and in some cases impossible, for a host to 133 determine if there is a NAT between itself and its RTP peer. 134 Furthermore, even some public IPv4 addresses can be shared by 135 multiple hosts in the Internet. Using the numeric representation of 136 the IPv4 address as the "host" part of the RTCP CNAME is NOT 137 RECOMMENDED. 139 4.1. Persistent RTCP CNAMEs vs. Per-Session RTCP CNAMEs 141 The RTCP CNAME can either be persistent across different RTP sessions 142 for an RTP endpoint, or it can be unique per session, meaning that an 143 RTP endpoint chooses a different RTCP CNAME for each RTP session. 145 An RTP endpoint that is emitting multiple related RTP streams that 146 require synchronization at the other endpoint(s) MUST use the same 147 RTCP CNAME for all streams that are to be synchronized. This 148 requires a short-term persistent RTCP CNAME that is common across 149 several RTP flows, and potentially across several related RTP 150 sessions. A common example of such use occurs when lip-syncing audio 151 and video streams in a multimedia session, where a single participant 152 has to use the same RTCP CNAME for its audio RTP session and for its 153 video RTP session. Another example might be to synchronize the 154 layers of a layered audio codec, where the same RTCP CNAME has to be 155 used for each layer. 157 A longer-term persistent RTCP CNAME is sometimes useful to facilitate 158 third-party monitoring. One such use might be to allow network 159 management tools to correlate the ongoing quality of service for a 160 participant across multiple RTP sessions for fault diagnosis, and to 161 understand long-term network performance statistics. Other, less 162 benign, uses can also be envisaged. An implementation that wishes to 163 discourage this type of third-party monitoring can generate a unique 164 RTCP CNAME for each RTP session, or group of related RTP sessions, 165 that it joins. Such a per-session RTCP CNAME cannot be used for 166 traffic analysis, and so provides some limited form of privacy (note 167 that there are non-RTP means that can be used by a third-party to 168 correlate RTP sessions, so the use of per-session RTCP CNAMEs will 169 not prevent a determined traffic analyst). 171 This memo defines several different ways by which an implementation 172 can choose an RTCP CNAME. It is possible, and legitimate, for 173 independent implementations to make different choices of RTCP CNAME 174 when running on the same host. This can hinder third-party 175 monitoring, unless some external means is provided to configure a 176 persistent choice of RTCP CNAME for those implementations. 178 Note that there is no backwards compatibility issue (with [RFC3550]- 179 compatible implementations) introduced in this memo, since the RTCP 180 CNAMEs are opaque strings to remote peers. 182 4.2. Requirements 184 RTP endpoints will choose to generate RTCP CNAMEs that are persistent 185 or per-session. An RTP endpoint that wishes to generate a persistent 186 RTCP CNAME MUST use one of the following two methods: 188 o To produce a long-term persistent RTCP CNAME, an RTP endpoint MUST 189 generate and store a Universally Unique IDentifier (UUID) 190 [RFC4122] for use as the "host" part of its RTCP CNAME. The UUID 191 MUST be version 1, 2 or 4 described in [RFC4122], with the 192 "urn:uuid:" stripped, resulting in a 36-octet printable string 193 representation. 195 o To produce a short-term persistent RTCP CNAME, an RTP endpoint 196 MUST use either (a) the numeric representation of the layer-2 197 (MAC) address of the interface that is used to initiate the RTP 198 session as the "host" part of its RTCP CNAME or (b) generate an 199 identifier by following the procedure described in Section 5. In 200 either case, the procedure is performed once per initialization of 201 the software. After obtaining a identifier by doing (a) or (b), 202 the least significant 48 bits are converted to the standard colon- 203 separated hexadecimal format, e.g., "00:23:32:af:9b:aa", resulting 204 in a 17-octet printable string representation. 206 In the two cases above, the "user@" part of the RTCP CNAME MAY be 207 omitted on single-user systems, and MAY be replaced by an opaque 208 token on multi-user systems, to preserve privacy. 210 An RTP endpoint that wishes to generate a per-session RTCP CNAME MUST 211 use the following method: 213 o For every new RTP session, a new CNAME is generated following the 214 procedure described in Section 5. After performing that 215 procedure, the significant 96 bits are used to generate an 216 identifier (to compromise between packet size and security) which 217 is converted ASCII using Base64 encoding [RFC4648]. This results 218 in a 16-octet string representation. The RTCP CNAME cannot change 219 over the life of an RTP session [RFC3550], hence, only the initial 220 SSRC value chosen by the endpoint is used. The "user@" part of 221 the RTCP CNAME is omitted when generating per-session RTCP CNAMEs. 223 It is believed that obtaining uniqueness is an important property 224 that requires careful evaluation of the method. This document 225 provides a number of methods, at least one of which would be suitable 226 for all deployment scenarios. This document therefore does not 227 provide for the implementor to define and select an alternative 228 method. 230 A future specification might define an alternative method for 231 generating RTCP CNAMEs as long as the proposed method has appropriate 232 uniqueness, and there is consistency between the methods used for 233 multiple RTP sessions that are to be correlated. However, such a 234 specification needs to be reviewed and approved before deployment. 236 5. Procedure to Generate a Unique Identifier 238 The algorithm described below is intended to be used for locally- 239 generated unique identifier. 241 1. Obtain the current time of day in 64-bit NTP format [RFC5905]. 243 2. Obtain an EUI-64 identifier from the system running this 244 algorithm. If an EUI-64 does not exist, one can be created from 245 a 48-bit MAC address as specified in [RFC4291]. If an EUI-64 246 cannot be obtained or created, a suitably unique identifier, 247 local to the node, should be used (e.g., system serial number). 249 3. Concatenate the time of day with the system-specific identifier 250 in order to create a key. 252 4. If generating a per-session CNAME, also concatenate RTP 253 endpoint's initial SSRC, the source and destination IP addresses, 254 and ports to the key. 256 5. Compute an SHA-1 digest on the key as specified in [RFC4634], 257 which outputs 160 bits. 259 6. Security Considerations 261 The security considerations of [RFC3550] apply to this memo. 263 In some environments, notably telephony, a fixed RTCP CNAME value 264 allows separate RTP sessions to be correlated and eliminates the 265 obfuscation provided by IPv6 privacy addresses [RFC4941] or IPv4 NAPT 267 [RFC3022]. Secure RTP (SRTP) [RFC3711] can help prevent such 268 correlation by encrypting Secure RTCP (SRTCP) but it should be noted 269 that SRTP only mandates SRTCP integrity protection (not encryption). 270 Thus, RTP applications used in such environments should consider 271 encrypting their SRTCP or generate a per-session RTCP CNAME as 272 discussed in Section 4.1. 274 7. IANA Considerations 276 No IANA actions are required. 278 8. Acknowledgments 280 Thanks to Marc Petit-Huguenin who suggested to use UUIDs in 281 generating RTCP CNAMEs. 283 9. References 285 9.1. Normative References 287 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. 288 Jacobson, "RTP: A Transport Protocol for Real-Time 289 Applications", STD 64, RFC 3550, July 2003. 291 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 292 Requirement Levels", BCP 14, RFC 2119, March 1997. 294 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 295 Extensions for Stateless Address Autoconfiguration in 296 IPv6", RFC 4941, September 2007. 298 [RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally 299 Unique IDentifier (UUID) URN Namespace", RFC 4122, 300 July 2005. 302 [RFC4634] Eastlake, D. and T. Hansen, "US Secure Hash Algorithms 303 (SHA and HMAC-SHA)", RFC 4634, July 2006. 305 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 306 Encodings", RFC 4648, October 2006. 308 [RFC5905] Mills, D., Martin, J., Burbank, J., and W. Kasch, "Network 309 Time Protocol Version 4: Protocol and Algorithms 310 Specification", RFC 5905, June 2010. 312 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 313 Architecture", RFC 4291, February 2006. 315 9.2. Informative References 317 [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and 318 E. Lear, "Address Allocation for Private Internets", 319 BCP 5, RFC 1918, February 1996. 321 [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network 322 Address Translator (Traditional NAT)", RFC 3022, 323 January 2001. 325 [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 326 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 327 RFC 3711, March 2004. 329 Authors' Addresses 331 Ali Begen 332 Cisco 333 181 Bay Street 334 Toronto, ON M5J 2T3 335 CANADA 337 Email: abegen@cisco.com 339 Colin Perkins 340 University of Glasgow 341 School of Computing Science 342 Glasgow, G12 8QQ 343 UK 345 Email: csp@csperkins.org 347 Dan Wing 348 Cisco Systems, Inc. 349 170 West Tasman Dr. 350 San Jose, CA 95134 351 USA 353 Email: dwing@cisco.com