idnits 2.17.1 draft-ietf-avtcore-rfc5764-mux-fixes-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([RFC5764]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. -- The draft header indicates that this document updates RFC5764, but the abstract doesn't seem to directly say this. It does mention RFC5764 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). (Using the creation date from RFC5764, updated by this document, for RFC5378 checks: 2007-07-03) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 2, 2016) is 2976 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 5245 (Obsoleted by RFC 8445, RFC 8839) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 5389 (Obsoleted by RFC 8489) ** Obsolete normative reference: RFC 5766 (Obsoleted by RFC 8656) ** Obsolete normative reference: RFC 6347 (Obsoleted by RFC 9147) -- Obsolete informational reference (is this intentional?): RFC 6982 (Obsoleted by RFC 7942) == Outdated reference: A later version (-54) exists of draft-ietf-mmusic-sdp-bundle-negotiation-23 Summary: 6 errors (**), 0 flaws (~~), 3 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 AVTCORE M. Petit-Huguenin 3 Internet-Draft Impedance Mismatch 4 Updates: 5764 (if approved) G. Salgueiro 5 Intended status: Standards Track Cisco Systems 6 Expires: September 3, 2016 March 2, 2016 8 Multiplexing Scheme Updates for Secure Real-time Transport Protocol 9 (SRTP) Extension for Datagram Transport Layer Security (DTLS) 10 draft-ietf-avtcore-rfc5764-mux-fixes-06 12 Abstract 14 This document defines how Datagram Transport Layer Security (DTLS), 15 Real-time Transport Protocol (RTP), RTP Control Protocol (RTCP), 16 Session Traversal Utilities for NAT (STUN), and Traversal Using 17 Relays around NAT (TURN) packets are multiplexed on a single 18 receiving socket. It overrides the guidance from SRTP Extension for 19 DTLS [RFC5764], which suffered from three issues described and fixed 20 in this document. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on September 3, 2016. 39 Copyright Notice 41 Copyright (c) 2016 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 3. Implicit Allocation of Codepoints for New STUN Methods . . . 4 59 4. Implicit Allocation of New Codepoints for TLS ContentTypes . 5 60 5. Multiplexing of TURN Channels . . . . . . . . . . . . . . . . 5 61 6. RFC 5764 Updates . . . . . . . . . . . . . . . . . . . . . . 6 62 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 8 63 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 64 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 65 9.1. STUN Methods . . . . . . . . . . . . . . . . . . . . . . 8 66 9.2. TLS ContentType . . . . . . . . . . . . . . . . . . . . . 9 67 9.3. TURN Channel Numbers . . . . . . . . . . . . . . . . . . 9 68 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 69 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 70 11.1. Normative References . . . . . . . . . . . . . . . . . . 10 71 11.2. Informative References . . . . . . . . . . . . . . . . . 11 72 Appendix A. Release notes . . . . . . . . . . . . . . . . . . . 11 73 A.1. Modifications between draft-ietf-avtcore-rfc5764-mux- 74 fixes-06 and draft-ietf-avtcore-rfc5764-mux-fixes-05 . . 12 75 A.2. Modifications between draft-ietf-avtcore-rfc5764-mux- 76 fixes-05 and draft-ietf-avtcore-rfc5764-mux-fixes-04 . . 12 77 A.3. Modifications between draft-ietf-avtcore-rfc5764-mux- 78 fixes-04 and draft-ietf-avtcore-rfc5764-mux-fixes-03 . . 12 79 A.4. Modifications between draft-ietf-avtcore-rfc5764-mux- 80 fixes-03 and draft-ietf-avtcore-rfc5764-mux-fixes-02 . . 12 81 A.5. Modifications between draft-ietf-avtcore-rfc5764-mux- 82 fixes-02 and draft-ietf-avtcore-rfc5764-mux-fixes-01 . . 12 83 A.6. Modifications between draft-ietf-avtcore-rfc5764-mux- 84 fixes-01 and draft-ietf-avtcore-rfc5764-mux-fixes-00 . . 12 85 A.7. Modifications between draft-ietf-avtcore-rfc5764-mux- 86 fixes-00 and draft-petithuguenin-avtcore-rfc5764-mux- 87 fixes-02 . . . . . . . . . . . . . . . . . . . . . . . . 13 88 A.8. Modifications between draft-petithuguenin-avtcore-rfc5764 89 -mux-fixes-00 and draft-petithuguenin-avtcore-rfc5764 90 -mux-fixes-01 . . . . . . . . . . . . . . . . . . . . . . 13 91 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 93 1. Introduction 95 Section 5.1.2 of Secure Real-time Transport Protocol (SRTP) Extension 96 for DTLS [RFC5764] defines a scheme for a Real-time Transport 97 Protocol (RTP) [RFC3550] receiver to demultiplex Datagram Transport 98 Layer Security (DTLS) [RFC6347], Session Traversal Utilities for NAT 99 (STUN) [RFC5389] and Secure Real-time Transport Protocol 100 (SRTP)/Secure RTP Control Protocol (SRTCP) [RFC3711] packets that are 101 arriving on the RTP port. Unfortunately, this demultiplexing scheme 102 has created problematic issues: 104 1. It implicitly allocated codepoints for new STUN methods without 105 an IANA registry reflecting these new allocations. 107 2. It implicitly allocated codepoints for new Transport Layer 108 Security (TLS) ContentTypes without an IANA registry reflecting 109 these new allocations. 111 3. It did not take into account the fact that the Traversal Using 112 Relays around NAT (TURN) usage of STUN can create TURN channels 113 that also need to be demultiplexed with the other packet types 114 explicitly mentioned in Section 5.1.2 of RFC 5764. 116 Having overlapping ranges between different IANA registries becomes 117 an issue when a new codepoint is allocated in one of these registries 118 without carefully anyalyzing the impact it could have on the other 119 registries when that codepoint is demultiplexed. Even if a codepoint 120 is not initially thought to be useful in an RFC 5764 implementation, 121 the respective IANA registry expert should at least raise a flag when 122 the allocated codepoint irrevocably prevents multiplexing. 124 The first goal of this document is to make sure that future 125 allocations in any of the affected protocols are done with the full 126 knowledge of their impact on multiplexing. This is achieved by 127 modifying the IANA registries with instructions for coordination 128 between the protocols at risk. 130 A second goal is to permit the addition of new protocols to the list 131 of existing multiplexed protocols in a manner that does not break 132 existing implementations. 134 The flaws in the demultiplexing scheme were unavoidably inherited by 135 other documents, such as [RFC7345] and 136 [I-D.ietf-mmusic-sdp-bundle-negotiation]. So in addition, these and 137 any other affected documents will need to be corrected with the 138 updates this document provides. 140 2. Terminology 142 The key words "MUST", "MUST NOT", "REQUIRED", "MAY", and "OPTIONAL" 143 in this document are to be interpreted as described in [RFC2119] when 144 they appear in ALL CAPS. When these words are not in ALL CAPS (such 145 as "must" or "Must"), they have their usual English meanings, and are 146 not to be interpreted as RFC 2119 key words. 148 3. Implicit Allocation of Codepoints for New STUN Methods 150 The demultiplexing scheme in [RFC5764] states that the receiver can 151 identify the packet type by looking at the first byte. If the value 152 of this first byte is 0 or 1, the packet is identified to be STUN. 153 The problem that arises as a result of this implicit allocation is 154 that this restricts the codepoints for STUN methods (as described in 155 Section 18.1 of [RFC5389]) to values between 0x000 and 0x07F, which 156 in turn reduces the number of possible STUN method codepoints 157 assigned by IETF Review (i.e., the range from (0x000 - 0x7FF) from 158 2048 to only 128 and eliminating the possibility of having STUN 159 method codepoints assigned by Designated Expert (i.e., the range 160 0x800 - 0xFFF). 162 To preserve the Designated Expert range, this document allocates the 163 value 2 and 3 to also identify STUN methods. 165 The IANA Registry for STUN methods is modified to mark the codepoints 166 from 0x100 to 0xFFF as Reserved. These codepoints can still be 167 allocated, but require IETF Review with a document that will properly 168 evaluate the risk of an assignment overlapping with other registries. 170 In addition, this document also updates the IANA registry such that 171 the STUN method codepoints assigned in the 0x080-0x0FF range are also 172 assigned via Designated Expert. The proposed changes to the STUN 173 Method Registry are: 175 OLD: 177 0x000-0x7FF IETF Review 178 0x800-0xFFF Designated Expert 180 NEW: 182 0x000-0x07F IETF Review 183 0x080-0x0FF Designated Expert 184 0x100-0xFFF Reserved 186 4. Implicit Allocation of New Codepoints for TLS ContentTypes 188 The demultiplexing scheme in [RFC5764] dictates that if the value of 189 the first byte is between 20 and 63 (inclusive), then the packet is 190 identified to be DTLS. The problem that arises is that this 191 restricts the TLS ContentType codepoints (as defined in Section 12 of 192 [RFC5246]) to this range, and by extension implicitly allocates 193 ContentType codepoints 0 to 19 and 64 to 255. With respect to TLS 194 packet identification, this document simply explicitly reserves the 195 codepoints from 0 to 19 and from 64 to 255. These codepoints can 196 still be allocated, but require Standards Action with a document that 197 will properly evaluate the risk of an assignment overlapping with 198 other registries. The proposed changes to the TLS ContentTypes 199 Registry are: 201 OLD: 203 0-19 Unassigned 204 20 change_cipher_spec 205 21 alert 206 22 handshake 207 23 application_data 208 24 heartbeat 209 25-255 Unassigned 211 NEW: 213 0-19 Reserved (Requires coordination, see RFCXXXX) 214 20 change_cipher_spec 215 21 alert 216 22 handshake 217 23 application_data 218 24 heartbeat 219 25-63 Unassigned 220 64-255 Reserved (Requires coordination, see RFCXXXX) 222 5. Multiplexing of TURN Channels 224 When used with ICE [RFC5245], an RFC 5764 implementation can receive 225 packets on the same socket from three different paths, as shown in 226 Figure 1: 228 1. Directly from the source 230 2. Through a NAT 232 3. Relayed by a TURN server 233 +------+ 234 | TURN |<------------------------+ 235 +------+ | 236 | | 237 | +-------------------------+ | 238 | | | | 239 v v | | 240 NAT ----------- | | 241 | | +---------------------+ | | 242 | | | | | | 243 v v v | | | 244 +----------+ +----------+ 245 | RFC 5764 | | RFC 5764 | 246 +----------+ +----------+ 248 Figure 1: Packet Reception by an RFC 5764 Implementation 250 Even if the ICE algorithm succeeded in selecting a non-relayed path, 251 it is still possible to receive data from the TURN server. For 252 instance, when ICE is used with aggressive nomination the media path 253 can quickly change until it stabilizes. Also, freeing ICE candidates 254 is optional, so the TURN server can restart forwarding STUN 255 connectivity checks during an ICE restart. 257 TURN channels are an optimization where data packets are exchanged 258 with a 4-byte prefix, instead of the standard 36-byte STUN overhead 259 (see Section 2.5 of [RFC5766]). The problem is that the RFC 5764 260 demultiplexing scheme does not define what to do with packets 261 received over a TURN channel since these packets will start with a 262 first byte whose value will be between 64 and 127 (inclusive). If 263 the TURN server was instructed to send data over a TURN channel, then 264 the current RFC 5764 demultiplexing scheme will reject these packets. 265 Current implementations violate RFC 5764 for values 64 to 127 266 (inclusive) and they instead parse packets with such values as TURN. 268 In order to prevent future documents from assigning values from the 269 unused range to a new protocol, this document modifies the RFC 5764 270 demultiplexing algorithm to properly account for TURN channels by 271 allocating the values from 64 to 79 for this purpose. 273 6. RFC 5764 Updates 275 This document updates the text in Section 5.1.2 of [RFC5764] as 276 follows: 278 OLD TEXT 279 The process for demultiplexing a packet is as follows. The receiver 280 looks at the first byte of the packet. If the value of this byte is 281 0 or 1, then the packet is STUN. If the value is in between 128 and 282 191 (inclusive), then the packet is RTP (or RTCP, if both RTCP and 283 RTP are being multiplexed over the same destination port). If the 284 value is between 20 and 63 (inclusive), the packet is DTLS. This 285 process is summarized in Figure 3. 287 +----------------+ 288 | 127 < B < 192 -+--> forward to RTP 289 | | 290 packet --> | 19 < B < 64 -+--> forward to DTLS 291 | | 292 | B < 2 -+--> forward to STUN 293 +----------------+ 295 Figure 3: The DTLS-SRTP receiver's packet demultiplexing algorithm. 296 Here the field B denotes the leading byte of the packet. 298 END OLD TEXT 300 NEW TEXT 302 The process for demultiplexing a packet is as follows. The receiver 303 looks at the first byte of the packet. If the value of this byte is 304 in between 0 and 3 (inclusive), then the packet is STUN. If the 305 value is between 20 and 63 (inclusive), then the packet is DTLS. If 306 the value is between 64 and 79 (inclusive), then the packet is TURN 307 Channel. If the value is in between 128 and 191 (inclusive), then 308 the packet is RTP (or RTCP, if both RTCP and RTP are being 309 multiplexed over the same destination port). If the value does not 310 match any known range then the packet MUST be dropped and an alert 311 MAY be logged. This process is summarized in Figure 3. 313 +----------------+ 314 | [0..3] -+--> forward to STUN 315 | | 316 packet --> | [20..63] -+--> forward to DTLS 317 | | 318 | [64..79] -+--> forward to TURN Channel 319 | | 320 | [128..191] -+--> forward to RTP/RTCP 321 +----------------+ 323 Figure 3: The DTLS-SRTP receiver's packet demultiplexing algorithm. 325 END NEW TEXT 327 7. Implementation Status 329 [[Note to RFC Editor: Please remove this section and the reference to 330 [RFC6982] before publication.]] 332 This section records the status of known implementations of the 333 protocol defined by this specification at the time of posting of this 334 Internet-Draft, and is based on a proposal described in [RFC6982]. 335 The description of implementations in this section is intended to 336 assist the IETF in its decision processes in progressing drafts to 337 RFCs. Please note that the listing of any individual implementation 338 here does not imply endorsement by the IETF. Furthermore, no effort 339 has been spent to verify the information presented here that was 340 supplied by IETF contributors. This is not intended as, and must not 341 be construed to be, a catalog of available implementations or their 342 features. Readers are advised to note that other implementations may 343 exist. 345 According to [RFC6982], "this will allow reviewers and working groups 346 to assign due consideration to documents that have the benefit of 347 running code, which may serve as evidence of valuable experimentation 348 and feedback that have made the implemented protocols more mature. 349 It is up to the individual working groups to use this information as 350 they see fit". 352 Note that there is currently no implementation declared in this 353 section, but the intent is to add RFC 6982 templates here from 354 implementers that support the modifications in this document. 356 8. Security Considerations 358 This document updates existing IANA registries, adds a new range for 359 TURN channels in the demuxing algorithm, and madates an ascending 360 order for testing the ranges in the demuxing algorithm. 362 These modifications do not introduce any specific security 363 considerations beyond those detailed in [RFC5764]. 365 9. IANA Considerations 367 9.1. STUN Methods 369 This specification contains the registration information for reserved 370 STUN Methods codepoints, as explained in Section 3 and in accordance 371 with the procedures defined in Section 18.1 of [RFC5389]. 373 Value: 0x100-0xFFF 374 Name: Reserved (MUST be allocated with IETF Review. For DTLS-SRTP 375 multiplexing collision avoidance see RFC XXXX) 377 Reference: RFC5764, RFCXXXX 379 This specification also reassigns the ranges in the STUN Methods 380 Registry as follow: 382 Range: 0x000-0x07F 384 Registration Procedures: IETF Review 386 Range: 0x080-0x0FF 388 Registration Procedures: Designated Expert 390 9.2. TLS ContentType 392 This specification contains the registration information for reserved 393 TLS ContentType codepoints, as explained in Section 4 and in 394 accordance with the procedures defined in Section 12 of [RFC5246]. 396 Value: 0-19 398 Description: Reserved (MUST be allocated with Standards Action. 399 For DTLS-SRTP multiplexing collision avoidance see RFC XXXX) 401 DTLS-OK: N/A 403 Reference: RFC5764, RFCXXXX 405 Value: 64-255 407 Description: Reserved (MUST be allocated with Standards Action. 408 For DTLS-SRTP multiplexing collision avoidance see RFC XXXX) 410 DTLS-OK: N/A 412 Reference: RFC5764, RFCXXXX 414 9.3. TURN Channel Numbers 416 This specification contains the registration information for reserved 417 TURN Channel Numbers codepoints, as explained in Section 5 and in 418 accordance with the procedures defined in Section 18 of [RFC5766]. 420 Value: 0x5000-0xFFFF 421 Name: Reserved (For DTLS-SRTP multiplexing collision avoidance see 422 RFC XXXX) 424 Reference: RFCXXXX 426 [RFC EDITOR NOTE: Please replace RFCXXXX with the RFC number of this 427 document.] 429 10. Acknowledgements 431 The implicit STUN Method codepoint allocations problem was first 432 reported by Martin Thomson in the RTCWEB mailing-list and discussed 433 further with Magnus Westerlund. 435 Thanks to Simon Perreault, Colton Shields, Cullen Jennings, Colin 436 Perkins, Magnus Westerlund, Paul Jones, Jonathan Lennox, Varun Singh, 437 Justin Uberti and Paul Kyzivat for the comments, suggestions, and 438 questions that helped improve this document. 440 11. References 442 11.1. Normative References 444 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 445 Requirement Levels", BCP 14, RFC 2119, 446 DOI 10.17487/RFC2119, March 1997, 447 . 449 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. 450 Jacobson, "RTP: A Transport Protocol for Real-Time 451 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550, 452 July 2003, . 454 [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 455 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 456 RFC 3711, DOI 10.17487/RFC3711, March 2004, 457 . 459 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 460 (ICE): A Protocol for Network Address Translator (NAT) 461 Traversal for Offer/Answer Protocols", RFC 5245, 462 DOI 10.17487/RFC5245, April 2010, 463 . 465 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 466 (TLS) Protocol Version 1.2", RFC 5246, 467 DOI 10.17487/RFC5246, August 2008, 468 . 470 [RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 471 "Session Traversal Utilities for NAT (STUN)", RFC 5389, 472 DOI 10.17487/RFC5389, October 2008, 473 . 475 [RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer 476 Security (DTLS) Extension to Establish Keys for the Secure 477 Real-time Transport Protocol (SRTP)", RFC 5764, 478 DOI 10.17487/RFC5764, May 2010, 479 . 481 [RFC5766] Mahy, R., Matthews, P., and J. Rosenberg, "Traversal Using 482 Relays around NAT (TURN): Relay Extensions to Session 483 Traversal Utilities for NAT (STUN)", RFC 5766, 484 DOI 10.17487/RFC5766, April 2010, 485 . 487 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 488 Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, 489 January 2012, . 491 11.2. Informative References 493 [RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 494 Code: The Implementation Status Section", RFC 6982, 495 DOI 10.17487/RFC6982, July 2013, 496 . 498 [RFC7345] Holmberg, C., Sedlacek, I., and G. Salgueiro, "UDP 499 Transport Layer (UDPTL) over Datagram Transport Layer 500 Security (DTLS)", RFC 7345, DOI 10.17487/RFC7345, August 501 2014, . 503 [I-D.ietf-mmusic-sdp-bundle-negotiation] 504 Holmberg, C., Alvestrand, H., and C. Jennings, 505 "Negotiating Media Multiplexing Using the Session 506 Description Protocol (SDP)", draft-ietf-mmusic-sdp-bundle- 507 negotiation-23 (work in progress), July 2015. 509 Appendix A. Release notes 511 This section must be removed before publication as an RFC. 513 A.1. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-06 and 514 draft-ietf-avtcore-rfc5764-mux-fixes-05 516 o Addresses Colin's WGLC review comments 518 A.2. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-05 and 519 draft-ietf-avtcore-rfc5764-mux-fixes-04 521 o Removed some remnants of the ordering from Section 6 523 o Moved Terminology from Section 5 to Section 2 525 A.3. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-04 and 526 draft-ietf-avtcore-rfc5764-mux-fixes-03 528 o Removed Section on "Demultiplexing Algorithm Test Order" 530 o Split the Introduction into separate sections 532 A.4. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-03 and 533 draft-ietf-avtcore-rfc5764-mux-fixes-02 535 o Revert to the RFC 5389, as the stunbis reference was needed only 536 for STUN over SCTP. 538 A.5. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-02 and 539 draft-ietf-avtcore-rfc5764-mux-fixes-01 541 o Remove any discussion about SCTP until a consensus emerges in 542 TRAM. 544 A.6. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-01 and 545 draft-ietf-avtcore-rfc5764-mux-fixes-00 547 o Instead of allocating the values that are common on each registry, 548 the specification now only reserves them, giving the possibility 549 to allocate them in case muxing is irrelevant. 551 o STUN range is now 0-3m with 2-3 being Designated Expert. 553 o TLS ContentType 0-19 and 64-255 are now reserved. 555 o Add SCTP over UDP value. 557 o If an implementation uses the source IP address/port to separate 558 TURN channels packets then the whole channel numbers are 559 available. 561 o If not the prefix is between 64 and 79. 563 o First byte test order is now by incremental values, so failure is 564 deterministic. 566 o Redraw the demuxing diagram. 568 A.7. Modifications between draft-ietf-avtcore-rfc5764-mux-fixes-00 and 569 draft-petithuguenin-avtcore-rfc5764-mux-fixes-02 571 o Adoption by WG. 573 o Add reference to STUNbis. 575 A.8. Modifications between draft-petithuguenin-avtcore-rfc5764-mux- 576 fixes-00 and draft-petithuguenin-avtcore-rfc5764-mux-fixes-01 578 o Change affiliation. 580 Authors' Addresses 582 Marc Petit-Huguenin 583 Impedance Mismatch 585 Email: marc@petit-huguenin.org 587 Gonzalo Salgueiro 588 Cisco Systems 589 7200-12 Kit Creek Road 590 Research Triangle Park, NC 27709 591 US 593 Email: gsalguei@cisco.com