idnits 2.17.1 draft-ietf-avtext-rid-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 18, 2016) is 2839 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-54) exists of draft-ietf-mmusic-sdp-bundle-negotiation-31 ** Obsolete normative reference: RFC 5285 (Obsoleted by RFC 8285) ** Downref: Normative reference to an Informational RFC: RFC 7656 == Outdated reference: A later version (-17) exists of draft-ietf-mmusic-msid-15 Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Roach 3 Internet-Draft Mozilla 4 Intended status: Standards Track S. Nandakumar 5 Expires: January 19, 2017 Cisco Systems 6 P. Thatcher 7 Google 8 July 18, 2016 10 RTP Stream Identifier Source Description (SDES) 11 draft-ietf-avtext-rid-06 13 Abstract 15 This document defines and registers two new RTCP SDES items. One, 16 named RtpStreamId, is used for unique identification of RTP streams. 17 The other, RepairedRtpStreamId, can be used to identify which stream 18 a redundancy RTP stream is to be used to repair. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on January 19, 2017. 37 Copyright Notice 39 Copyright (c) 2016 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Usage of RtpStreamId and RepairedRtpStreamId in RTP and RTCP 3 57 3.1. RTCP 'RtpStreamId' SDES Extension . . . . . . . . . . . . 4 58 3.2. RTCP 'RepairedRtpStreamId' SDES Extension . . . . . . . . 4 59 3.3. RTP 'RtpStreamId' and 'RepairedRtpStreamId' Header 60 Extensions . . . . . . . . . . . . . . . . . . . . . . . 5 61 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 62 4.1. New RtpStreamId SDES item . . . . . . . . . . . . . . . . 5 63 4.2. New RepairRtpStreamId SDES item . . . . . . . . . . . . . 6 64 4.3. New RtpStreamId Header Extension URI . . . . . . . . . . 6 65 4.4. New RepairRtpStreamId Header Extension URI . . . . . . . 6 66 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 67 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 68 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 69 7.1. Normative References . . . . . . . . . . . . . . . . . . 8 70 7.2. Informative References . . . . . . . . . . . . . . . . . 8 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 73 1. Introduction 75 RTP sessions frequently consist of multiple streams, each of which is 76 identified at any given time by its SSRC; however, the SSRC 77 associated with a stream is not guaranteed to be stable over its 78 lifetime. Within a session, these streams can be tagged with a 79 number of identifiers, including CNAMEs and MSIDs 80 [I-D.ietf-mmusic-msid]. Unfortunately, none of these have the proper 81 ordinality to refer to an individual stream; all such identifiers can 82 appear in more than one stream at a time. While approaches that use 83 unique Payload Types (PTs) per stream have been used in some 84 applications, this is a semantic overloading of that field, and one 85 for which its size is inadequate: in moderately complex systems that 86 use PT to uniquely identify every potential combination of codec 87 configuration and unique stream, it is possible to simply run out of 88 values. 90 To address this situation, we define a new RTCP SDES identifier, 91 RtpStreamId, that uniquely identifies a single RTP stream. A key 92 motivator for defining this identifier is the ability to 93 differentiate among different encodings of a single Source Stream 94 that are sent simultaneously (i.e., simulcast). This need for unique 95 identification extends to dependent streams (e.g., where layers used 96 by a layered codec are transmitted on separate streams). 98 At the same time, when redundancy RTP streams are in use, we also 99 need an identifier that connects such streams to the RTP stream for 100 which they are providing redundancy. For this purpose, we define an 101 additional SDES identifier, RepairedRtpStreamId. This identifier can 102 appear only in packets associated with a redundancy RTP stream. They 103 carry the same value as the RtpStreamId of the RTP stream that the 104 redundant RTP stream is correcting. 106 2. Terminology 108 In this document, the terms "source stream", "encoded stream," "RTP 109 stream", "source RTP stream", "dependent stream", "received RTP 110 stream", and "redundancy RTP stream" are used as defined in 111 [RFC7656]. 113 3. Usage of RtpStreamId and RepairedRtpStreamId in RTP and RTCP 115 The RTP fixed header includes the payload type number and the SSRC 116 values of the RTP stream. RTP defines how you de-multiplex streams 117 within an RTP session; however, in some use cases, applications need 118 further identifiers in order to effectively map the individual RTP 119 Streams to their equivalent payload configurations in the SDP. 121 This specification defines two new RTCP SDES items [RFC3550]. The 122 first item is 'RtpStreamId', which is used to carry RTP stream 123 identifiers within RTCP SDES packets. This makes it possible for a 124 receiver to associate received RTP packets (identifying the RTP 125 stream) with a media description having the format constraint 126 specified. The second is 'RepairedRtpStreamId', which can be used in 127 redundancy RTP streams to indicate the RTP stream repaired by a 128 redundancy RTP stream. 130 To be clear: the value carried in a RepairedRtpStreamId will always 131 match the RtpStreamId value from another RTP stream in the same 132 session. For example, if a source RTP stream is identified by 133 RtpStreamId "A", then any redundancy RTP stream that repairs that 134 source RTP stream will contain a RepairedRtpStreamId of "A" (if this 135 mechanism is being used to perform such correlation). These 136 redundant RTP streams may also contain their own unique RtpStreamId. 138 This specification also uses the RTP header extension for RTCP SDES 139 items [I-D.ietf-avtext-sdes-hdr-ext] to allow carrying RtpStreamId 140 and RepairedRtpStreamId values in RTP packets. This allows 141 correlation at stream startup, or after stream changes where the use 142 of RTCP may not be sufficiently responsive. This speed of response 143 is necessary since, in many cases, the stream cannot be properly 144 processed until it can be identified. 146 RtpStreamId and RepairedRtpStreamId values are scoped by source 147 identifier (e.g., CNAME) and by media session. When the media is 148 multiplexed using the BUNDLE extension 149 [I-D.ietf-mmusic-sdp-bundle-negotiation], these values are further 150 scoped by their associated MID values. For example: an RtpStreamId 151 of "1" may be present in the stream identified with a CNAME of 152 "1234@example.com", and may also be present in a stream with a CNAME 153 of "5678@example.org", and these would refer to different streams. 154 Similarly, an RtpStreamId of "1" may be present with an MID of "A", 155 and again with a MID of "B", and also refer to two different streams. 157 For those schemes in which a redundancy stream contains information 158 used to repair more than one stream, multiple RepairedRtpStreamId 159 SDES items may appear in a single compound packet. Due to the 160 foregoing scoping rules, the RepairedRtpStreamId cannot be used to 161 indicate streams in multiple sessions or with varying MIDs. 163 As with all SDES items, RtpStreamId and RepairedRtpStreamId are 164 limited to a total of 255 octets in length. Since the values of 165 these items are encoded with UTF-8, the use of multi-octet characters 166 will result in limitations smaller than 255 characters. It is in 167 implementations' interests to keep these values as small as possible 168 in any case, so this limitation is not expected to have any 169 significant impact. 171 3.1. RTCP 'RtpStreamId' SDES Extension 173 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 175 |RtpStreamId=TBD| length | RtpStreamId ... 176 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 178 The RtpStreamId payload is UTF-8 encoded and is not null-terminated. 180 RFC EDITOR NOTE: Please replace TBD with the assigned SDES 181 identifier value. 183 3.2. RTCP 'RepairedRtpStreamId' SDES Extension 185 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 186 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 187 |Repaired...=TBD| length | RepairRtpStreamId ... 188 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 190 The RepairedRtpStreamId payload is UTF-8 encoded and is not null- 191 terminated. 193 RFC EDITOR NOTE: Please replace TBD with the assigned SDES 194 identifier value. 196 3.3. RTP 'RtpStreamId' and 'RepairedRtpStreamId' Header Extensions 198 Because recipients of RTP packets will typically need to know which 199 streams they correspond to immediately upon receipt, this 200 specification also defines a means of carrying RtpStreamId and 201 RepairedRtpStreamId identifiers in RTP extension headers, using the 202 technique described in [I-D.ietf-avtext-sdes-hdr-ext]. 204 As described in that document, the header extension element can be 205 encoded using either the one-byte or two-byte header, and the 206 identification-tag payload is UTF-8 encoded, as in SDP. 208 As the identifier is included in an RTP header extension, there 209 should be some consideration given to the packet expansion caused by 210 the identifier. To avoid Maximum Transmission Unit (MTU) issues for 211 the RTP packets, the header extension's size needs to be taken into 212 account when the encoding media. Note that set of header extensions 213 included in the packet needs to be padded to the next 32-bit boundary 214 [RFC5285]. 216 In many cases, a one-byte identifier will be sufficient to 217 distinguish streams in a session; implementations are strongly 218 encouraged to use the shortest identifier that fits their purposes. 219 Implementors are warned, in particular, not to include any 220 information in the identifier that is derived from potentially user- 221 identifying information, such as user ID or IP address. To avoid 222 identification of specific implementations based on their pattern of 223 tag generation, implementations are encouraged to use a simple scheme 224 that starts with the ASCII digit "1", and increments by one for each 225 subsequent identifier. 227 4. IANA Considerations 229 4.1. New RtpStreamId SDES item 231 RFC EDITOR NOTE: Please replace RFCXXXX with the RFC number of 232 this document. 234 RFC EDITOR NOTE: Please replace TBD with the assigned SDES 235 identifier value. 237 This document adds the RtpStreamId SDES item to the IANA "RTCP SDES 238 item types" registry as follows: 240 Value: TBD 241 Abbrev.: RtpStreamId 242 Name: RTP Stream Identifier 243 Reference: RFCXXXX 245 4.2. New RepairRtpStreamId SDES item 247 RFC EDITOR NOTE: Please replace RFCXXXX with the RFC number of 248 this document. 250 RFC EDITOR NOTE: Please replace TBD with the assigned SDES 251 identifier value. 253 This document adds the RepairedRtpStreamId SDES item to the IANA 254 "RTCP SDES item types" registry as follows: 256 Value: TBD 257 Abbrev.: RepairedRtpStreamId 258 Name: Repaired RTP Stream Identifier 259 Reference: RFCXXXX 261 4.3. New RtpStreamId Header Extension URI 263 RFC EDITOR NOTE: Please replace RFCXXXX with the RFC number of 264 this document. 266 This document defines a new extension URI in the RTP SDES Compact 267 Header Extensions sub-registry of the RTP Compact Header Extensions 268 registry sub-registry, as follows 270 Extension URI: urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id 271 Description: RTP Stream Identifier Contact: adam@nostrum.com 272 Reference: RFCXXXX 274 The SDES item does not reveal privacy information about the user or 275 the session contents. It serves only to bind the identity of a 276 stream to corresponding data in a session description. 278 4.4. New RepairRtpStreamId Header Extension URI 280 RFC EDITOR NOTE: Please replace RFCXXXX with the RFC number of 281 this document. 283 This document defines a new extension URI in the RTP SDES Compact 284 Header Extensions sub-registry of the RTP Compact Header Extensions 285 registry sub-registry, as follows 286 Extension URI: urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-sream-id 287 Description: RTP Repaired Stream Identifier Contact: adam@nostrum.com 288 Reference: RFCXXXX 290 The SDES item does not reveal privacy information about the user or 291 the session contents. It serves only to bind redundancy stream to 292 the streams they provide repair data for. 294 5. Security Considerations 296 SDES items have the potential to carry any UTF-8 string. As a 297 consequence, there exists a risk that it might carry privacy- 298 sensitive information. Implementations need to take care when 299 generating identifiers so that they do not contain information that 300 can identify the user or allow for long term tracking of the device. 301 Following the generation recommendations in Section 3.3 will result 302 in non-instance-specific labels, with only minor fingerprinting 303 possibilities in the total number of used RtpStreamIds and 304 RepairedRtpStreamIds. 306 Even if the SDES items are generated to convey as little information 307 as possible, impelementors are strongly encouraged to encrypt SDES 308 items - both in RTCP and RTP header extensions - so as to preserve 309 privacy against third parties. 311 As the SDES items are used for identification of the RTP streams for 312 different application purposes, it is important that the intended 313 values are received. An attacker, either a third party or malicious 314 RTP middlebox, that removes, or exchanges the values for these SDES 315 items, can severely impact the application. The impact can include 316 failure to decode or display the media content of the RTP stream. It 317 can also result in incorrectly attributing media content to 318 identifiers of the media source, such as incorrectly identifying the 319 speaker. To prevent this from occurring due to third party attacks, 320 integrity and source authentication is needed. 322 Options for Securing RTP Sessions [RFC7201] discusses options for how 323 encryption, integrity and source authentication can be accomplished. 325 6. Acknowledgements 327 Many thanks for review and input from Cullen Jennings, Magnus 328 Westerlund, Colin Perkins, Peter Thatcher, Jonathan Lennox, and Paul 329 Kyzivat. Magnus Westerlund provided substantially all of the 330 Security Considerations section. 332 7. References 334 7.1. Normative References 336 [I-D.ietf-avtext-sdes-hdr-ext] 337 Westerlund, M., Burman, B., Even, R., and M. Zanaty, "RTP 338 Header Extension for RTCP Source Description Items", 339 draft-ietf-avtext-sdes-hdr-ext-07 (work in progress), June 340 2016. 342 [I-D.ietf-mmusic-sdp-bundle-negotiation] 343 Holmberg, C., Alvestrand, H., and C. Jennings, 344 "Negotiating Media Multiplexing Using the Session 345 Description Protocol (SDP)", draft-ietf-mmusic-sdp-bundle- 346 negotiation-31 (work in progress), June 2016. 348 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. 349 Jacobson, "RTP: A Transport Protocol for Real-Time 350 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550, 351 July 2003, . 353 [RFC5285] Singer, D. and H. Desineni, "A General Mechanism for RTP 354 Header Extensions", RFC 5285, DOI 10.17487/RFC5285, July 355 2008, . 357 [RFC7656] Lennox, J., Gross, K., Nandakumar, S., Salgueiro, G., and 358 B. Burman, Ed., "A Taxonomy of Semantics and Mechanisms 359 for Real-Time Transport Protocol (RTP) Sources", RFC 7656, 360 DOI 10.17487/RFC7656, November 2015, 361 . 363 7.2. Informative References 365 [I-D.ietf-mmusic-msid] 366 Alvestrand, H., "WebRTC MediaStream Identification in the 367 Session Description Protocol", draft-ietf-mmusic-msid-15 368 (work in progress), July 2016. 370 [RFC7201] Westerlund, M. and C. Perkins, "Options for Securing RTP 371 Sessions", RFC 7201, DOI 10.17487/RFC7201, April 2014, 372 . 374 Authors' Addresses 376 Adam Roach 377 Mozilla 379 Email: adam@nostrum.com 380 Suhas Nandakumar 381 Cisco Systems 383 Email: snandaku@cisco.com 385 Peter Thatcher 386 Google 388 Email: pthatcher@google.com