idnits 2.17.1 draft-ietf-ice-trickle-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 3 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 2, 2018) is 2247 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-18) exists of draft-ietf-mmusic-trickle-ice-sip-12 -- Obsolete informational reference (is this intentional?): RFC 4566 (Obsoleted by RFC 8866) -- Obsolete informational reference (is this intentional?): RFC 5389 (Obsoleted by RFC 8489) -- Obsolete informational reference (is this intentional?): RFC 5766 (Obsoleted by RFC 8656) -- Obsolete informational reference (is this intentional?): RFC 6336 (Obsoleted by RFC 8839) Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group E. Ivov 3 Internet-Draft Atlassian 4 Intended status: Standards Track E. Rescorla 5 Expires: August 6, 2018 RTFM, Inc. 6 J. Uberti 7 Google 8 P. Saint-Andre 9 Mozilla 10 February 2, 2018 12 Trickle ICE: Incremental Provisioning of Candidates for the Interactive 13 Connectivity Establishment (ICE) Protocol 14 draft-ietf-ice-trickle-16 16 Abstract 18 This document describes "Trickle ICE", an extension to the 19 Interactive Connectivity Establishment (ICE) protocol that enables 20 ICE agents to send and receive candidates incrementally rather than 21 exchanging complete lists. With such incremental provisioning, ICE 22 agents can begin connectivity checks while they are still gathering 23 candidates and considerably shorten the time necessary for ICE 24 processing to complete. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on August 6, 2018. 43 Copyright Notice 45 Copyright (c) 2018 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 3. Determining Support for Trickle ICE . . . . . . . . . . . . . 5 63 4. Conveying the Initial ICE Description . . . . . . . . . . . . 6 64 5. Responder Procedures . . . . . . . . . . . . . . . . . . . . 7 65 5.1. Conveying the Initial Response . . . . . . . . . . . . . 7 66 5.2. Forming Check Lists and Beginning Connectivity 67 Checks . . . . . . . . . . . . . . . . . . . . . . . . . 8 68 6. Initiator Procedures . . . . . . . . . . . . . . . . . . . . 8 69 7. Performing Connectivity Checks . . . . . . . . . . . . . . . 8 70 7.1. Scheduling Checks . . . . . . . . . . . . . . . . . . . . 9 71 7.2. Check List and Timer State Updates . . . . . . . . . . . 9 72 8. Discovering and Conveying Additional Local Candidates . . . . 10 73 8.1. Pairing Newly Learned Candidates and Updating 74 Check Lists . . . . . . . . . . . . . . . . . . . . . . . 11 75 8.1.1. Inserting a New Pair in a Check List . . . . . . . . 12 76 8.2. Announcing End of Candidates . . . . . . . . . . . . . . 15 77 9. Receiving Additional Remote Candidates . . . . . . . . . . . 17 78 10. Receiving an End-Of-Candidates Indication . . . . . . . . . . 17 79 11. Trickle ICE and Peer Reflexive Candidates . . . . . . . . . . 17 80 12. Concluding ICE Processing . . . . . . . . . . . . . . . . . . 18 81 13. Subsequent Exchanges . . . . . . . . . . . . . . . . . . . . 18 82 14. Unilateral Use of Trickle ICE (Half Trickle) . . . . . . . . 18 83 15. Requirements for Signaling Protocols . . . . . . . . . . . . 19 84 16. Preserving Candidate Order while Trickling . . . . . . . . . 20 85 17. Example Flow . . . . . . . . . . . . . . . . . . . . . . . . 21 86 18. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 87 19. Security Considerations . . . . . . . . . . . . . . . . . . . 22 88 20. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 89 21. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 90 21.1. Normative References . . . . . . . . . . . . . . . . . . 22 91 21.2. Informative References . . . . . . . . . . . . . . . . . 22 92 Appendix A. Interaction with Regular ICE . . . . . . . . . . . . 24 93 Appendix B. Interaction with ICE Lite . . . . . . . . . . . . . 25 94 Appendix C. Changes from Earlier Versions . . . . . . . . . . . 26 95 C.1. Changes from draft-ietf-ice-trickle-14 . . . . . . . . . 26 96 C.2. Changes from draft-ietf-ice-trickle-13 . . . . . . . . . 26 97 C.3. Changes from draft-ietf-ice-trickle-12 . . . . . . . . . 27 98 C.4. Changes from draft-ietf-ice-trickle-11 . . . . . . . . . 27 99 C.5. Changes from draft-ietf-ice-trickle-10 . . . . . . . . . 27 100 C.6. Changes from draft-ietf-ice-trickle-09 . . . . . . . . . 27 101 C.7. Changes from draft-ietf-ice-trickle-08 . . . . . . . . . 27 102 C.8. Changes from draft-ietf-ice-trickle-07 . . . . . . . . . 27 103 C.9. Changes from draft-ietf-ice-trickle-06 . . . . . . . . . 27 104 C.10. Changes from draft-ietf-ice-trickle-05 . . . . . . . . . 28 105 C.11. Changes from draft-ietf-ice-trickle-04 . . . . . . . . . 28 106 C.12. Changes from draft-ietf-ice-trickle-03 . . . . . . . . . 28 107 C.13. Changes from draft-ietf-ice-trickle-02 . . . . . . . . . 28 108 C.14. Changes from draft-ietf-ice-trickle-01 . . . . . . . . . 28 109 C.15. Changes from draft-ietf-ice-trickle-00 . . . . . . . . . 28 110 C.16. Changes from draft-mmusic-trickle-ice-02 . . . . . . . . 29 111 C.17. Changes from draft-ivov-01 and draft-mmusic-00 . . . . . 29 112 C.18. Changes from draft-ivov-00 . . . . . . . . . . . . . . . 29 113 C.19. Changes from draft-rescorla-01 . . . . . . . . . . . . . 30 114 C.20. Changes from draft-rescorla-00 . . . . . . . . . . . . . 31 115 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31 117 1. Introduction 119 The Interactive Connectivity Establishment (ICE) protocol 120 [rfc5245bis] describes mechanisms for gathering candidates, 121 prioritizing them, choosing default ones, exchanging them with a 122 remote party, pairing them, and ordering the candidate pairs into 123 check lists. Once all of these actions have been completed (and only 124 then), the parties can begin a phase of connectivity checks and 125 eventually select the pair of candidates that will be used in a media 126 session or for a given media stream. 128 Although the sequence described above has the advantage of being 129 relatively straightforward to implement and debug once deployed, it 130 can also be rather lengthy. Candidate gathering often involves 131 things like querying STUN [RFC5389] servers and allocating relayed 132 candidates at TURN [RFC5766] servers. All of these actions can be 133 delayed for a noticeable amount of time; although they can be run in 134 parallel, they still need to respect the pacing requirements from 135 [rfc5245bis], which is likely to delay them even further. Some or 136 all of these actions also need be completed by the responder. Both 137 agents would next perform connectivity checks and only then would 138 they be ready to begin streaming media. 140 These factors can lead to relatively lengthy session establishment 141 times and thus to a degraded user experience. 143 This document defines a supplementary mode of operation for ICE 144 implementations, known as "Trickle ICE", in which candidates can be 145 exchanged incrementally. This enables ICE agents to exchange 146 candidates as soon as an ICE session has been initiated and a 147 candidate has become available. Connectivity checks for a media 148 stream can also start as soon as the first candidates for that stream 149 become available. 151 Trickle ICE can reduce session establishment times in cases where 152 connectivity is confirmed for the first exchanged candidates (e.g., 153 where candidates for one of the agents are directly reachable from 154 the second agent, such as candidates at a media relay). Even when 155 this is not the case, performing candidate gathering for both agents 156 and connectivity checks in parallel can considerably shorten ICE 157 processing times. 159 It is worth noting that there is quite a bit of operational 160 experience with the Trickle ICE technique, going back as far as 2005 161 (when the XMPP Jingle extension defined a "dribble mode" as specified 162 in [XEP-0176]); this document incorporates feedback from those who 163 have implemented and deployed the technique. 165 In addition to the basics of Trickle ICE, this document also 166 describes how to discover support for Trickle ICE, how regular ICE 167 processing needs to be modified when forming and updating check 168 lists, and how Trickle ICE implementations interoperate with agents 169 that only implement regular ICE processing as defined in 170 [rfc5245bis]. 172 This specification does not define the usage of Trickle ICE with any 173 specific signaling protocol (however, see 174 [I-D.ietf-mmusic-trickle-ice-sip] for usage with SIP [RFC3261] and 175 [XEP-0176] for usage with XMPP [RFC6120]). Similarly, it does not 176 define Trickle ICE in terms of the Session Description Protocol (SDP) 177 [RFC4566] or the offer/answer model [RFC3264] because the technique 178 can be and already is used in application protocols that are not tied 179 to SDP or to offer/answer semantics. However, because SDP and the 180 offer/answer model are familiar to most readers of this 181 specification, some examples in this document use those particulars 182 in order to explain the underlying concepts. 184 2. Terminology 186 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 187 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 188 document are to be interpreted as described in [RFC2119]. 190 This specification makes use of all terminology defined for 191 Interactive Connectivity Establishment in [rfc5245bis]. In addition, 192 it defines the following terms: 194 Full Trickle: The typical mode of operation for Trickle ICE agents, 195 in which the initial ICE description can include any number of 196 candidates (even zero candidates) and does not need to include a 197 full generation of candidates as in half trickle. 199 Generation: All of the candidates conveyed within an ICE session; 200 these are the candidates that are associated with a specific 201 local/remote ufrag pair (which will change on ICE restart, if any 202 occurs). 204 Half Trickle: A Trickle ICE mode of operation where the initiator 205 gathers a full generation of candidates strictly before creating 206 and conveying the initial ICE description. Once conveyed, this 207 candidate information can be processed by regular ICE agents, 208 which do not require support for this specification. It also 209 allows Trickle ICE capable responders to still gather candidates 210 and perform connectivity checks in a non-blocking way, thus 211 roughly providing "half" the advantages of Trickle ICE. The 212 mechanism is mostly meant for use in cases where the responder's 213 support for Trickle ICE cannot be confirmed prior to conveying the 214 initial ICE description. 216 ICE Description: Any session-related (as opposed to candidate- 217 related) attributes required to configure an ICE agent. These 218 include but are not limited to the username fragment, password, 219 and other attributes. 221 Trickled Candidates: Candidates that a Trickle ICE agent conveys 222 after conveying the initial ICE description or responding to the 223 initial ICE description, but within the same ICE session. 224 Trickled candidates can be conveyed in parallel with candidate 225 gathering and connectivity checks. 227 Trickling: The act of conveying trickled candidates. 229 3. Determining Support for Trickle ICE 231 To fully support Trickle ICE, applications SHOULD incorporate one of 232 the following mechanisms to enable implementations to determine 233 whether Trickle ICE is supported: 235 1. Provide a capabilities discovery method so that agents can verify 236 support of Trickle ICE prior to initiating a session (XMPP's 237 Service Discovery [XEP-0030] is one such mechanism). 239 2. Make support for Trickle ICE mandatory so that user agents can 240 assume support. 242 If an application protocol does not provide a method of determining 243 ahead of time whether Trickle ICE is supported, agents can make use 244 of the half trickle procedure described in Section 14. 246 Prior to conveying the initial ICE description, agents using 247 signaling protocols that support capabilities discovery can attempt 248 to verify whether or not the remote party supports Trickle ICE. If 249 an agent determines that the remote party does not support Trickle 250 ICE, it MUST fall back to using regular ICE or abandon the entire 251 session. 253 Even if a signaling protocol does not include a capabilities 254 discovery method, a user agent can provide an indication within the 255 ICE description that it supports Trickle ICE by communicating an ICE 256 option of 'trickle'. This token MUST be provided either at the 257 session level or, if at the media stream level, for every media 258 stream (an agent MUST NOT specify Trickle ICE support for some media 259 streams but not others). NOTE: The encoding of the 'trickle' ICE 260 option, and the message(s) used to carry it to the peer, are protocol 261 specific. The encoding for the Session Description Protocol (SDP) 262 [RFC4566] is defined in [I-D.ietf-mmusic-trickle-ice-sip]. 264 Dedicated discovery semantics and half trickle are needed only prior 265 to session initiation. After a session is established and Trickle 266 ICE support is confirmed for both parties, either agent can use full 267 trickle for subsequent exchanges. 269 4. Conveying the Initial ICE Description 271 An initiator can start gathering candidates as soon as it has an 272 indication that communication is imminent (e.g., a user interface cue 273 or an explicit request to initiate a session). Unlike in regular 274 ICE, in Trickle ICE implementations do not need to gather candidates 275 in a blocking manner. Therefore, unless half trickle is being used, 276 the user experience is improved if the initiator generates and 277 transmits their initial ICE description as early as possible (thus 278 enabling the remote party to start gathering and trickling 279 candidates). 281 An initiator MAY include any mix of candidates when conveying the 282 initial ICE description. This includes the possibility of conveying 283 all the candidates the initiator plans to use (as in half trickle 284 mode), conveying only a publicly-reachable IP address (e.g., a 285 candidate at a media relay that is known to not be behind a 286 firewall), or conveying no candidates at all (in which case the 287 initiator can obtain the responder's initial candidate list sooner 288 and the responder can begin candidate gathering more quickly). 290 Methods for calculating priorities and foundations, as well as 291 determining redundancy of candidates, work just as with regular ICE 292 (with the exception of pruning of duplicate peer reflexive candidates 293 as described under Section 5.2). 295 5. Responder Procedures 297 When a responder receives the initial ICE description, it will first 298 check if the ICE description or initiator indicates support for 299 Trickle ICE as explained in Section 3. If this is not the case, the 300 responder MUST process the initial ICE description according to 301 regular ICE procedures [rfc5245bis] (or, if no ICE support is 302 detected at all, according to relevant processing rules for the 303 underlying signaling protocol, such as offer/answer processing rules 304 [RFC3264]). 306 If support for Trickle ICE is confirmed, a responder will 307 automatically assume support for regular ICE as well. Specifically, 308 the rules from [rfc5245bis] would imply that ICE itself is not 309 supported if the initial ICE description includes no candidates; 310 however, such a conclusion is not warranted if the responder can 311 confirm that the initiator supports Trickle ICE; in this case, 312 fallback to non-ICE processing rules is not necessary. 314 If the initial ICE description indicates support for Trickle ICE, the 315 responder will determine its role and start gathering and 316 prioritizing candidates; while doing so, it will also respond by 317 conveying its own ICE description, so that both the initiator and the 318 responder can start forming check lists and begin connectivity 319 checks. 321 5.1. Conveying the Initial Response 323 A responder can respond to the initial ICE description at any point 324 while gathering candidates. Here again the ICE description MAY 325 contain any set of candidates, including all candidates or no 326 candidates. (The benefit of including no candidates is to convey the 327 ICE description as quickly as possible, so that both parties can 328 consider the overall session to be under active negotiation as soon 329 as possible.) 331 As noted in Section 3, in application protocols that use SDP the 332 responder's ICE description can indicate support for Trickle ICE by 333 including a token of "trickle" in the ice-options attribute. 335 5.2. Forming Check Lists and Beginning Connectivity Checks 337 As soon as the agents have obtained local and remote candidates, both 338 agents begin forming candidate pairs, computing candidate pair 339 priorities, ordering candidate pairs, pruning duplicate pairs, and 340 creating check lists according to regular ICE procedures 341 [rfc5245bis]. 343 According to those procedures, in order for candidate pairing to be 344 possible and for duplicate candidates to be pruned, the candidates 345 would need to be provided in the relevant ICE descriptions. By 346 contrast, under Trickle ICE check lists can be empty until candidates 347 are conveyed or received. Therefore Trickle ICE agents handle check 348 lists and candidate pairing in a slightly different way than regular 349 ICE agents: the agents still form the check lists, but they populate 350 the check lists only after they actually have the candidate pairs. 351 Every check list is initially placed in the Running state, even if 352 there are not yet any candidate pairs in the check list. 354 A Trickle ICE agent initially considers all candidate pairs in all 355 check lists to be frozen. It then inspects the first check list and 356 attempts to unfreeze all candidate pairs it has received so far that 357 belong to the first component on the first media stream (i.e., the 358 first media stream that was reported to the ICE implementation from 359 the using application). If that first component of the first media 360 stream does not contain candidates for one or more of the currently 361 known pair foundations, and if candidate pairs already exist for that 362 foundation in one of the following components or media streams, then 363 the agent unfreezes the first of those candidate pairs. 365 With regard to pruning of duplicate candidate pairs, a Trickle ICE 366 agent SHOULD follow a policy of keeping the higher priority candidate 367 unless it is peer reflexive. 369 6. Initiator Procedures 371 When processing the initial ICE description from a responder, the 372 initiator follows regular ICE procedures to determine its role, after 373 which it forms check lists (as described in Section 5.2) and begins 374 connectivity checks. 376 7. Performing Connectivity Checks 378 For the most part, Trickle ICE agents perform connectivity checks 379 following regular ICE procedures. However, the fact that gathering 380 and communicating candidates is asynchronous in Trickle ICE imposes a 381 number of changes as described in the following sections. 383 7.1. Scheduling Checks 385 The ICE specification [rfc5245bis], Section 6.1.4.2, specifies that 386 an agent will terminate the timer for a triggered check in relation 387 to a check list once the agent has exhausted all frozen pairs in the 388 check list. This will not work with Trickle ICE, because more pairs 389 will be added to the check list incrementally. 391 Therefore, a Trickle ICE agent SHOULD NOT terminate the timer until 392 the state of the check list is Completed or Failed as specified 393 herein (see Section 8.2). 395 7.2. Check List and Timer State Updates 397 The ICE specification [rfc5245bis], Section 7.2.5.3.3, requires that 398 agents update check lists and timer states upon completing a 399 connectivity check transaction. During such an update, regular ICE 400 agents would set the state of a check list to Failed if both of the 401 following two conditions are satisfied: 403 o all of the pairs in the check list are either in the Failed state 404 or Succeeded state; and 406 o there is not a pair in the valid list for each component of the 407 media stream. 409 With Trickle ICE, the above situation would often occur when 410 candidate gathering and trickling are still in progress, even though 411 it is quite possible that future checks will succeed. For this 412 reason, Trickle ICE agents add the following conditions to the above 413 list: 415 o all candidate gathering has completed and the agent is not 416 expecting to discover any new local candidates; 418 o the remote agent has conveyed an end-of-candidates indication for 419 that check list as described in Section 8.2. 421 When a check list is set to Failed as described above, regular ICE 422 requires the agent to update all other check lists, placing one pair 423 from each check list into the Waiting state and thereby effectively 424 placing all remaining check lists into the Running state. However, 425 under Trickle ICE other check lists might still be empty at this 426 point (because candidates have not yet been received), and following 427 only the rules from regular ICE would prevent the agent from forming 428 those check lists (because the state of a check list depends on the 429 state of the candidate pairs in that check list, but there might not 430 yet by any candidate pairs in a given check list). In accordance 431 with the ICE specification [rfc5245bis], Section 6.1.2.1, a Trickle 432 ICE agent considers an empty check list to be in the Running state; 433 in accordance with Section 8.1.1, when inserting a new candidate pair 434 into an empty check list, the agent sets the pair to a state of 435 Waiting. 437 8. Discovering and Conveying Additional Local Candidates 439 After candidate information has been conveyed, agents will most 440 likely continue discovering new local candidates as STUN, TURN, and 441 other non-host candidate gathering mechanisms begin to yield results. 442 Whenever an agent discovers such a new candidate it will compute its 443 priority, type, foundation and component ID according to regular ICE 444 procedures. 446 The new candidate is then checked for redundancy against the existing 447 list of local candidates. If its transport address and base match 448 those of an existing candidate, it will be considered redundant and 449 will be ignored. This would often happen for server reflexive 450 candidates that match the host addresses they were obtained from 451 (e.g., when the latter are public IPv4 addresses). Contrary to 452 regular ICE, Trickle ICE agents will consider the new candidate 453 redundant regardless of its priority. 455 Next the agent "trickles" the newly discovered candidate(s) to the 456 remote agent. The actual delivery of the new candidates is handled 457 by a signaling protocol such as SIP or XMPP. Trickle ICE imposes no 458 restrictions on the way this is done (e.g., some applications may 459 choose not to trickle updates for server reflexive candidates and 460 instead rely on the discovery of peer reflexive ones). 462 When candidates are trickled, the signaling protocol MUST deliver 463 each candidate to the receiving Trickle ICE implementation not more 464 than once and in the same order it was conveyed. If the signaling 465 protocol provides any candidate retransmissions, they need to be 466 hidden from the ICE implementation. 468 Also, candidate trickling needs to be correlated to a specific ICE 469 session, so that if there is an ICE restart, any delayed updates for 470 a previous session can be recognized as such and ignored by the 471 receiving party. For example, applications that choose to signal 472 candidates via SDP may include a ufrag value in the corresponding 473 a=candidate line such as: 475 a=candidate:1 1 UDP 2130706431 2001:db8::1 5000 typ host ufrag 8hhY 477 Or as another example, WebRTC implementations may include a ufrag in 478 the JavaScript objects that represent candidates. 480 Note: The signaling protocol needs to provide a mechanism for both 481 parties to indicate and agree on the ICE session in force (as 482 identified by the ufrag) so that they have a consistent view of which 483 candidates are to be paired. This is especially important in the 484 case of ICE restarts (see Section 13). 486 Once the candidate has been conveyed to the remote party, the agent 487 checks if any remote candidates are currently known for this same 488 stream and component. If not, the new candidate will simply be added 489 to the list of local candidates. 491 Otherwise, if the agent has already learned of one or more remote 492 candidates for this stream and component, it will begin pairing the 493 new local candidates with them and adding the pairs to the existing 494 check lists according to their priority. 496 Note: A Trickle ICE agent MUST NOT pair a local candidate until it 497 has been trickled to the remote agent. 499 8.1. Pairing Newly Learned Candidates and Updating Check Lists 501 Forming candidate pairs works as described in the ICE specification 502 [rfc5245bis]. However, actually adding the new pair to a check list 503 happens according to the rules described below. 505 If the check list where the pair is to be added already contains the 506 maximum number of candidate pairs (100 by default as per 507 [rfc5245bis]), the new pair is discarded. 509 If the new pair's local candidate is server reflexive, the server 510 reflexive candidate MUST be replaced by its base before adding the 511 pair to the list. 513 Once this is done, the agent examines the check list looking for 514 another pair that would be redundant with the new one. If such a 515 pair exists and the type of its remote candidate is not peer 516 reflexive, the pair with the higher priority is kept and the one with 517 the lower priority is discarded. If, on the other hand, the type of 518 the remote candidate in the pre-existing pair is peer reflexive, the 519 agent MUST replace it with the newly formed pair (regardless of their 520 respective priorities); this is done by setting the priority of the 521 new candidate to the priority of the pre-existing candidate and then 522 re-sorting the check list. 524 For all other pairs, including those with a server reflexive local 525 candidate that were not found to be redundant, the rules specified in 526 the following section apply. 528 8.1.1. Inserting a New Pair in a Check List 530 Consider the following tabular representation of all check lists in 531 an agent (note that initially for one of the foundations, i.e., f5, 532 there are no candidate pairs): 534 +-----------------+------+------+------+------+------+ 535 | | f1 | f2 | f3 | f4 | f5 | 536 +-----------------+------+------+------+------+------+ 537 | m1 (Audio.RTP) | F | F | F | | | 538 +-----------------+------+------+------+------+------+ 539 | m2 (Audio.RTCP) | F | F | F | F | | 540 +-----------------+------+------+------+------+------+ 541 | m3 (Video.RTP) | F | | | | | 542 +-----------------+------+------+------+------+------+ 543 | m4 (Video.RTCP) | F | | | | | 544 +-----------------+------+------+------+------+------+ 546 Figure 1: Example of Check List State 548 Each row in the table represents a component for a given media stream 549 (e.g., m1 and m2 might be the RTP and RTCP components for audio). 550 Each column represents one foundation. Each cell represents one 551 candidate pair. In the foregoing table, "F" stands for "frozen"; in 552 the tables below, "W" stands for "waiting" and "S" stands for 553 "succeeded". 555 When an agent commences ICE processing, in accordance with 556 Section 6.1.2.6 of [rfc5245bis] it will unfreeze (i.e., place in the 557 Waiting state) the topmost candidate pair in every column (i.e., the 558 pair with the lowest component ID). This state is shown in the 559 following table, with candidate pairs in the Waiting state marked by 560 "W". 562 +-----------------+------+------+------+------+------+ 563 | | f1 | f2 | f3 | f4 | f5 | 564 +-----------------+------+------+------+------+------+ 565 | m1 (Audio.RTP) | W | W | W | | | 566 +-----------------+------+------+------+------+------+ 567 | m2 (Audio.RTCP) | F | F | F | W | | 568 +-----------------+------+------+------+------+------+ 569 | m3 (Video.RTP) | F | | | | | 570 +-----------------+------+------+------+------+------+ 571 | m4 (Video.RTCP) | F | | | | | 572 +-----------------+------+------+------+------+------+ 574 Figure 2: Initial Check List State 576 Then, as the checks proceed (see Section 7.2.5.4 of [rfc5245bis]), 577 for each pair that enters the Succeeded state (denoted here by "S"), 578 the agent will unfreeze all pairs for all media streams with the same 579 foundation (e.g., if the pair in column 1, row 1 succeeds then the 580 agent will unfreeze the pair in column 1, rows 2, 3, and 4). 582 +-----------------+------+------+------+------+------+ 583 | | f1 | f2 | f3 | f4 | f5 | 584 +-----------------+------+------+------+------+------+ 585 | m1 (Audio.RTP) | S | W | W | | | 586 +-----------------+------+------+------+------+------+ 587 | m2 (Audio.RTCP) | W | F | F | W | | 588 +-----------------+------+------+------+------+------+ 589 | m3 (Video.RTP) | W | | | | W | 590 +-----------------+------+------+------+------+------+ 591 | m4 (Video.RTCP) | W | | | | F | 592 +-----------------+------+------+------+------+------+ 594 Figure 3: Check List State with Unfrozen Media Stream 596 Trickle ICE preserves all of these rules as they apply to what we 597 might call "static" check list sets. This implies that if, for some 598 reason, a Trickle agent were to begin connectivity checks with all of 599 its pairs already present, the way that pair states change is 600 indistinguishable from that of a regular ICE agent. 602 Of course, the major difference with Trickle ICE is that check list 603 sets can be dynamically updated because candidates can arrive after 604 connectivity checks have started. When this happens, an agent sets 605 the state of the newly formed pair as described below. 607 Case 1: If the newly formed pair is the topmost pair in its column 608 (i.e. the topmost pair among all the check lists for this 609 foundation), set the state to Waiting (e.g., this would be the case 610 if the newly formed pair were placed in column 5, row 1). 612 +-----------------+------+------+------+------+------+ 613 | | f1 | f2 | f3 | f4 | f5 | 614 +-----------------+------+------+------+------+------+ 615 | m1 (Audio.RTP) | S | W | W | | W | 616 +-----------------+------+------+------+------+------+ 617 | m2 (Audio.RTCP) | W | F | F | W | | 618 +-----------------+------+------+------+------+------+ 619 | m3 (Video.RTP) | W | | | | | 620 +-----------------+------+------+------+------+------+ 621 | m4 (Video.RTCP) | W | | | | | 622 +-----------------+------+------+------+------+------+ 624 Figure 4: Check List State with Newly Formed Pair, Case 1 626 Case 2: If the pair immediately above the newly formed pair in its 627 column is in the Succeeded state, set the state to Waiting (e.g., 628 this would be the case if the pair in column 5, row 1 succeeded and 629 the newly formed pair were placed in column 5, row 2); 631 +-----------------+------+------+------+------+------+ 632 | | f1 | f2 | f3 | f4 | f5 | 633 +-----------------+------+------+------+------+------+ 634 | m1 (Audio.RTP) | S | W | W | | S | 635 +-----------------+------+------+------+------+------+ 636 | m2 (Audio.RTCP) | W | F | F | W | W | 637 +-----------------+------+------+------+------+------+ 638 | m3 (Video.RTP) | W | | | | | 639 +-----------------+------+------+------+------+------+ 640 | m4 (Video.RTCP) | W | | | | | 641 +-----------------+------+------+------+------+------+ 643 Figure 5: Check List State with Newly Formed Pair, Case 2 645 Case 3: If there is at least one Succeeded pair in its column above 646 the row of the newly formed pair, set the state to Waiting (e.g., 647 this would be the case if the pair in column 5, row 1 succeeded and 648 two newly formed pairs were placed in column 5, rows 3 and 4). 650 +-----------------+------+------+------+------+------+ 651 | | f1 | f2 | f3 | f4 | f5 | 652 +-----------------+------+------+------+------+------+ 653 | m1 (Audio.RTP) | S | W | W | | S | 654 +-----------------+------+------+------+------+------+ 655 | m2 (Audio.RTCP) | W | F | F | W | W | 656 +-----------------+------+------+------+------+------+ 657 | m3 (Video.RTP) | W | | | | W | 658 +-----------------+------+------+------+------+------+ 659 | m4 (Video.RTCP) | W | | | | W | 660 +-----------------+------+------+------+------+------+ 662 Figure 6: Check List State with Newly Formed Pair, Case 3 664 Case 4: In all other cases, set the state to Frozen. 666 8.2. Announcing End of Candidates 668 Once all candidate gathering is completed or expires for an ICE 669 session associated with a specific media stream, the agent will 670 generate an "end-of-candidates" indication for that session and 671 convey it to the remote agent via the signaling channel. Although 672 the exact form of the indication depends on the application protocol, 673 the indication MUST specify the generation (ufrag/pwd combination) so 674 that an agent can correlate the end-of-candidates indication with a 675 particular ICE session. The indication can be conveyed in the 676 following ways: 678 o As part of an initiation request (which would typically be the 679 case with the initial ICE description for half trickle) 681 o Along with the last candidate an agent can send for a stream 683 o As a standalone notification (e.g., after STUN Binding requests or 684 TURN Allocate requests to a server time out and the agent has is 685 not actively gathering candidates) 687 Conveying an end-of-candidates indication in a timely manner is 688 important in order to avoid ambiguities and speed up the conclusion 689 of ICE processing. In particular: 691 o A controlled Trickle ICE agent SHOULD convey an end-of-candidates 692 indication after it has completed gathering for a media stream, 693 unless ICE processing terminates before the agent has had a chance 694 to complete gathering. 696 o A controlling agent MAY conclude ICE processing prior to conveying 697 end-of-candidates indications for all streams. However, it is 698 RECOMMENDED for a controlling agent to convey end-of-candidates 699 indications whenever possible for the sake of consistency and to 700 keep middleboxes and controlled agents up-to-date on the state of 701 ICE processing. 703 When conveying an end-of-candidates indication during trickling 704 (rather than as a part of the initial ICE description or a response 705 thereto), it is the responsibility of the using protocol to define 706 methods for relating the indication to one or more specific media 707 streams. 709 Receiving an end-of-candidates indication enables an agent to update 710 check list states and, in case valid pairs do not exist for every 711 component in every media stream, determine that ICE processing has 712 failed. It also enables an agent to speed up the conclusion of ICE 713 processing when a candidate pair has been validated but it involves 714 the use of lower-preference transports such as TURN. In such 715 situations, an implementation MAY choose to wait and see if higher- 716 priority candidates are received; in this case the end-of-candidates 717 indication provides a notification that such candidates are not 718 forthcoming. 720 An agent MAY also choose to generate an end-of-candidates indication 721 before candidate gathering has actually completed, if the agent 722 determines that gathering has continued for more than an acceptable 723 period of time. However, an agent MUST NOT convey any more 724 candidates after it has conveyed an end-of-candidates indication. 726 When performing half trickle, an agent SHOULD convey an end-of- 727 candidates indication together with its initial ICE description 728 unless it is planning to potentially trickle additional candidates 729 (e.g., in case the remote party turns out to support Trickle ICE). 731 After an agent conveys the end-of-candidates indication, it will 732 update the state of the corresponding check list as explained in 733 Section 7.2. Past that point, an agent MUST NOT trickle any new 734 candidates within this ICE session. After an agent has received an 735 end-of-candidates indication, it MUST also ignore any newly received 736 candidates for that media stream or media session. Therefore, adding 737 new candidates to the negotiation is possible only through an ICE 738 restart (see Section 13). 740 This specification does not override regular ICE semantics for 741 concluding ICE processing. Therefore, even if end-of-candidates 742 indications are conveyed, an agent will still need to go through pair 743 nomination. Also, if pairs have been nominated for components and 744 media streams, ICE processing MAY still conclude even if end-of- 745 candidates indications have not been received for all streams. 747 9. Receiving Additional Remote Candidates 749 At any time during ICE processing, a Trickle ICE agent might receive 750 new candidates from the remote agent. When this happens and no local 751 candidates are currently known for this same stream, the new remote 752 candidates are added to the list of remote candidates. 754 Otherwise, the new candidates are used for forming candidate pairs 755 with the pool of local candidates and they are added to the local 756 check lists as described in Section 8.1. 758 Once the remote agent has completed candidate gathering, it will 759 convey an end-of-candidates indication. Upon receiving such an 760 indication, the local agent MUST update check list states as per 761 Section 7.2. This might lead to some check lists being marked as 762 Failed. 764 10. Receiving an End-Of-Candidates Indication 766 When an agent receives an end-of-candidates indication for a specific 767 media stream, it will update the state of the relevant check list as 768 per Section 7.2. If the check list is still in the Active state 769 after the update, the agent will persist the fact that an end-of- 770 candidates indication has been received and take it into account in 771 future updates to the check list. 773 11. Trickle ICE and Peer Reflexive Candidates 775 Even though Trickle ICE does not explicitly modify the procedures for 776 handling peer-reflexive candidates, use of Trickle ICE can have an 777 impact on how they are processed. With Trickle ICE, it is possible 778 that server reflexive candidates can be discovered as peer reflexive 779 in cases where incoming connectivity checks are received from these 780 candidates before the trickle updates that carry them. 782 While this would certainly increase the number of cases where ICE 783 processing nominates and selects candidates discovered as peer- 784 reflexive, it does not require any change in processing. 786 It is also likely that some applications would prefer not to trickle 787 server reflexive candidates to entities that are known to be publicly 788 accessible and where sending a direct STUN binding request is likely 789 to reach the destination faster than the trickle update that travels 790 through the signaling path. 792 12. Concluding ICE Processing 794 This specification does not directly modify the procedures for ending 795 ICE processing described in Section 8 of [rfc5245bis], and Trickle 796 ICE implementations follow the same rules. 798 13. Subsequent Exchanges 800 Before conveying an end-of-candidates indication, either agent MAY 801 convey subsequent candidate information at any time allowed by the 802 signaling protocol in use. When this happens, agents will use 803 [rfc5245bis] semantics to determine whether or not the new candidate 804 information require an ICE restart. If an ICE restart occurs, the 805 agents can assume that Trickle ICE is still supported if support was 806 determined previously, and thus can engage in Trickle ICE behavior as 807 they would in an initial exchange of ICE descriptions where support 808 was determined through a capabilities discovery method. 810 14. Unilateral Use of Trickle ICE (Half Trickle) 812 In half trickle mode, the initiator conveys the initial ICE 813 description with a full generation of candidates. This ensures that 814 the ICE description can be processed by a regular ICE responder and 815 is mostly meant for use in cases where support for Trickle ICE cannot 816 be confirmed prior to conveying the initial ICE description. The 817 initial ICE description indicate support for Trickle ICE, which means 818 the responder can respond with something less than a full generation 819 of candidates and then trickle the rest. The initial ICE description 820 for half trickle would typically contain an end-of-candidates 821 indication, although this is not mandatory because if trickle support 822 is confirmed then the initiator can choose to trickle additional 823 candidates before it conveys an end-of-candidates indication. 825 The half trickle mechanism can be used in cases where there is no way 826 for an agent to verify in advance whether a remote party supports 827 Trickle ICE. Because the initial ICE description contain a full 828 generation of candidates, it can thus be handled by a regular ICE 829 agent, while still allowing a Trickle ICE agent to use the 830 optimization defined in this specification. This prevents 831 negotiation from failing in the former case while still giving 832 roughly half the Trickle ICE benefits in the latter (hence the name 833 of the mechanism). 835 Use of half trickle is only necessary during an initial exchange of 836 ICE descriptions. After both parties have received an ICE 837 description from their peer, they can each reliably determine Trickle 838 ICE support and use it for all subsequent exchanges. 840 In some instances, using half trickle might bring more than just half 841 the improvement in terms of user experience. This can happen when an 842 agent starts gathering candidates upon user interface cues that the 843 user will soon be initiating an interaction, such as activity on a 844 keypad or the phone going off hook. This would mean that some or all 845 of the candidate gathering could be completed before the agent 846 actually needs to convey the candidate information. Because the 847 responder will be able to trickle candidates, both agents will be 848 able to start connectivity checks and complete ICE processing earlier 849 than with regular ICE and potentially even as early as with full 850 trickle. 852 However, such anticipation is not always possible. For example, a 853 multipurpose user agent or a WebRTC web page where communication is a 854 non-central feature (e.g., calling a support line in case of a 855 problem with the main features) would not necessarily have a way of 856 distinguishing between call intentions and other user activity. In 857 such cases, using full trickle is most likely to result in an ideal 858 user experience. Even so, using half trickle would be an improvement 859 over regular ICE because it would result in a better experience for 860 responders. 862 15. Requirements for Signaling Protocols 864 In order to fully enable the use of Trickle ICE, this specification 865 defines the following requirements for signaling protocols. 867 o A signaling protocol SHOULD provide a way for parties to advertise 868 and discover support for Trickle ICE before an ICE session begins 869 (see Section 3). 871 o A signaling protocol MUST provide methods for incrementally 872 conveying (i.e., "trickling") additional candidates after 873 conveying the initial ICE description (see Section 8). 875 o A signaling protocol MUST deliver each trickled candidate not more 876 than once and in the same order it was conveyed (see Section 8). 878 o A signaling protocol MUST provide a mechanism for both parties to 879 indicate and agree on the ICE session in force (see Section 8). 881 o A signaling protocol MUST provide a way for parties to communicate 882 the end-of-candidates indication, which MUST specify the 883 particular ICE session to which the indication applies (see 884 Section 8.2). 886 16. Preserving Candidate Order while Trickling 888 One important aspect of regular ICE is that connectivity checks for a 889 specific foundation and component are attempted simultaneously by 890 both agents, so that any firewalls or NATs fronting the agents would 891 whitelist both endpoints and allow all except for the first 892 ("suicide") packets to go through. This is also important to 893 unfreezing candidates at the right time. While not crucial, 894 preserving this behavior in Trickle ICE is likely to improve ICE 895 performance. 897 To achieve this, when trickling candidates, agents MUST respect the 898 order in which the components and streams appear (implicitly or 899 explicitly) as they have been negotiated by means of the relevant 900 candidate information. Therefore candidates for a given component 901 MUST NOT be conveyed prior to candidates for a component with a lower 902 ID number within the same foundation. In addition, candidates MUST 903 be paired, following the procedures in Section 8.1.1, in the same 904 order they are conveyed. 906 For example, the following SDP description contains two components 907 (RTP and RTCP) and two foundations (host and server reflexive): 909 v=0 910 o=jdoe 2890844526 2890842807 IN IP6 2001:db8:a0b:12f0::1 911 s= 912 c=IN IP6 2001:db8:a0b:12f0::1 913 t=0 0 914 a=ice-pwd:asd88fgpdd777uzjYhagZg 915 a=ice-ufrag:8hhY 916 m=audio 5000 RTP/AVP 0 917 a=rtpmap:0 PCMU/8000 918 a=candidate:1 1 UDP 2130706431 2001:db8:a0b:12f0::1 5000 typ host 919 a=candidate:1 2 UDP 2130706431 2001:db8:a0b:12f0::1 5001 typ host 920 a=candidate:2 1 UDP 1694498815 2001:db8:a0b:12f0::3 5000 typ srflx 921 raddr 2001:db8:a0b:12f0::1 rport 8998 922 a=candidate:2 2 UDP 1694498815 2001:db8:a0b:12f0::3 5001 typ srflx 923 raddr 2001:db8:a0b:12f0::1 rport 8998 925 For this candidate information the RTCP host candidate would not be 926 conveyed prior to the RTP host candidate. Similarly the RTP server 927 reflexive candidate would be conveyed together with or prior to the 928 RTCP server reflexive candidate. 930 Similar considerations apply at the level of media streams in 931 addition to foundations; this is covered by the requirement to always 932 start unfreezing candidates starting from the first media stream as 933 described under Section 5.2. 935 17. Example Flow 937 As an example, a typical successful Trickle ICE exchange with a 938 signaling protocol that follows the offer/answer model would look 939 this way: 941 Alice Bob 942 | Offer | 943 |---------------------------------------------->| 944 | Additional Candidates | 945 |---------------------------------------------->| 946 | | 947 | Answer | 948 |<----------------------------------------------| 949 | Additional Candidates | 950 |<----------------------------------------------| 951 | | 952 | Additional Candidates and Connectivity Checks | 953 |<--------------------------------------------->| 954 | | 955 |<=============== MEDIA FLOWS =================>| 957 Figure 7: Example 959 18. IANA Considerations 961 IANA is requested to register the following ICE option in the "ICE 962 Options" sub-registry of the "Interactive Connectivity Establishment 963 (ICE) registry", following the procedures defined in [RFC6336]. 965 ICE Option: trickle 967 Contact: IESG, iesg@ietf.org 969 Change control: IESG 971 Description: An ICE option of "trickle" indicates support for 972 incremental communication of ICE candidates. 974 Reference: RFC XXXX 976 19. Security Considerations 978 This specification inherits most of its semantics from [rfc5245bis] 979 and as a result all security considerations described there apply to 980 Trickle ICE. 982 If the privacy implications of revealing host addresses on an 983 endpoint device are a concern, agents can generate ICE descriptions 984 that contain no candidates and then only trickle candidates that do 985 not reveal host addresses (e.g., relayed candidates). 987 20. Acknowledgements 989 The authors would like to thank Bernard Aboba, Flemming Andreasen, 990 Rajmohan Banavi, Taylor Brandstetter, Philipp Hancke, Christer 991 Holmberg, Ari Keranen, Paul Kyzivat, Jonathan Lennox, Enrico Marocco, 992 Pal Martinsen, Nils Ohlmeier, Thomas Stach, Peter Thatcher, Martin 993 Thomson, Dale R. Worley, and Brandon Williams for their reviews and 994 suggestions on improving this document. Thanks also to Ari Keranen 995 and Peter Thatcher in their role as chairs, and Ben Campbell in his 996 role as responsible Area Director. 998 21. References 1000 21.1. Normative References 1002 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1003 Requirement Levels", BCP 14, RFC 2119, 1004 DOI 10.17487/RFC2119, March 1997, . 1007 [rfc5245bis] 1008 Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive 1009 Connectivity Establishment (ICE): A Protocol for Network 1010 Address Translator (NAT) Traversal", draft-ietf-ice- 1011 rfc5245bis-17 (work in progress), February 2018. 1013 21.2. Informative References 1015 [I-D.ietf-mmusic-trickle-ice-sip] 1016 Ivov, E., Thomas, T., Marocco, E., and C. Holmberg, "A 1017 Session Initiation Protocol (SIP) usage for Trickle ICE", 1018 draft-ietf-mmusic-trickle-ice-sip-12 (work in progress), 1019 December 2017. 1021 [RFC1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G., 1022 and E. Lear, "Address Allocation for Private Internets", 1023 BCP 5, RFC 1918, DOI 10.17487/RFC1918, February 1996, 1024 . 1026 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 1027 A., Peterson, J., Sparks, R., Handley, M., and E. 1028 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 1029 DOI 10.17487/RFC3261, June 2002, . 1032 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 1033 with Session Description Protocol (SDP)", RFC 3264, 1034 DOI 10.17487/RFC3264, June 2002, . 1037 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 1038 Description Protocol", RFC 4566, DOI 10.17487/RFC4566, 1039 July 2006, . 1041 [RFC4787] Audet, F., Ed. and C. Jennings, "Network Address 1042 Translation (NAT) Behavioral Requirements for Unicast 1043 UDP", BCP 127, RFC 4787, DOI 10.17487/RFC4787, January 1044 2007, . 1046 [RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 1047 "Session Traversal Utilities for NAT (STUN)", RFC 5389, 1048 DOI 10.17487/RFC5389, October 2008, . 1051 [RFC5766] Mahy, R., Matthews, P., and J. Rosenberg, "Traversal Using 1052 Relays around NAT (TURN): Relay Extensions to Session 1053 Traversal Utilities for NAT (STUN)", RFC 5766, 1054 DOI 10.17487/RFC5766, April 2010, . 1057 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 1058 Protocol (XMPP): Core", RFC 6120, DOI 10.17487/RFC6120, 1059 March 2011, . 1061 [RFC6336] Westerlund, M. and C. Perkins, "IANA Registry for 1062 Interactive Connectivity Establishment (ICE) Options", 1063 RFC 6336, DOI 10.17487/RFC6336, July 2011, 1064 . 1066 [XEP-0030] 1067 Hildebrand, J., Millard, P., Eatmon, R., and P. Saint- 1068 Andre, "XEP-0030: Service Discovery", XEP XEP-0030, June 1069 2008. 1071 [XEP-0176] 1072 Beda, J., Ludwig, S., Saint-Andre, P., Hildebrand, J., 1073 Egan, S., and R. McQueen, "XEP-0176: Jingle ICE-UDP 1074 Transport Method", XEP XEP-0176, June 2009. 1076 Appendix A. Interaction with Regular ICE 1078 The ICE protocol was designed to be flexible enough to work in and 1079 adapt to as many network environments as possible. Despite that 1080 flexibility, ICE as specified in [rfc5245bis] does not by itself 1081 support trickle ICE. This section describes how trickling of 1082 candidates interacts with ICE. 1084 [rfc5245bis] describes the conditions required to update check lists 1085 and timer states while an ICE agent is in the Running state. These 1086 conditions are verified upon transaction completion and one of them 1087 stipulates that: 1089 If there is not a pair in the valid list for each component of the 1090 media stream, the state of the check list is set to Failed. 1092 This could be a problem and cause ICE processing to fail prematurely 1093 in a number of scenarios. Consider the following case: 1095 1. Alice and Bob are both located in different networks with Network 1096 Address Translation (NAT). Alice and Bob themselves have 1097 different address but both networks use the same private internet 1098 block (e.g., the "20-bit block" 172.16/12 specified in 1099 [RFC1918]). 1101 2. Alice conveys to Bob the candidate 172.16.0.1 which also happens 1102 to correspond to an existing host on Bob's network. 1104 3. Bob creates a check list consisting solely of 172.16.0.1 and 1105 starts checks. 1107 4. These checks reach the host at 172.16.0.1 in Bob's network, which 1108 responds with an ICMP "port unreachable" error; per [rfc5245bis] 1109 Bob marks the transaction as Failed. 1111 At this point the check list only contains Failed candidates and the 1112 valid list is empty. This causes the media stream and potentially 1113 all ICE processing to fail, even though if trickle agents could 1114 subsequently convey candidates that would cause previously empty 1115 check lists to become non-empty. 1117 A similar race condition would occur if the initial ICE description 1118 from Alice contain only candidates that can be determined as 1119 unreachable from any of the candidates that Bob has gathered (e.g., 1120 this would be the case if Bob's candidates only contain IPv4 1121 addresses and the first candidate that he receives from Alice is an 1122 IPv6 one). 1124 Another potential problem could arise when a non-trickle ICE 1125 implementation initiates an interaction with a Trickle ICE 1126 implementation. Consider the following case: 1128 1. Alice's client has a non-Trickle ICE implementation. 1130 2. Bob's client has support for Trickle ICE. 1132 3. Alice and Bob are behind NATs with address-dependent filtering 1133 [RFC4787]. 1135 4. Bob has two STUN servers but one of them is currently 1136 unreachable. 1138 After Bob's agent receives Alice's initial ICE description it would 1139 immediately start connectivity checks. It would also start gathering 1140 candidates, which would take a long time because of the unreachable 1141 STUN server. By the time Bob's answer is ready and conveyed to 1142 Alice, Bob's connectivity checks may well have failed: until Alice 1143 gets Bob's answer, she won't be able to start connectivity checks and 1144 punch holes in her NAT. The NAT would hence be filtering Bob's 1145 checks as originating from an unknown endpoint. 1147 Appendix B. Interaction with ICE Lite 1149 The behavior of ICE lite agents that are capable of Trickle ICE does 1150 not require any particular rules other than those already defined in 1151 this specification and [rfc5245bis]. This section is hence provided 1152 only for informational purposes. 1154 An ICE lite agent would generate candidate information as per 1155 [rfc5245bis] and would indicate support for Trickle ICE. Given that 1156 the candidate information will contain a full generation of 1157 candidates, it would also be accompanied by an end-of-candidates 1158 indication. 1160 When performing full trickle, a full ICE implementation could 1161 conveying the initial ICE description or response thereto with no 1162 candidates. After receiving a response that identifies the remote 1163 agent as an ICE lite implementation, the initiator can choose to not 1164 trickle any additional candidates. The same is also true in the case 1165 when the ICE lite agent initiates the interaction and the full ICE 1166 agent is the responder. In these cases the connectivity checks would 1167 be enough for the ICE lite implementation to discover all potentially 1168 useful candidates as peer reflexive. The following example 1169 illustrates one such ICE session using SDP syntax: 1171 ICE Lite Bob 1172 Agent 1173 | Offer (a=ice-lite a=ice-options:trickle) | 1174 |---------------------------------------------->| 1175 | |no cand 1176 | Answer (a=ice-options:trickle) |trickling 1177 |<----------------------------------------------| 1178 | Connectivity Checks | 1179 |<--------------------------------------------->| 1180 peer rflx| | 1181 cand disco| | 1182 | | 1183 |<=============== MEDIA FLOWS =================>| 1185 Figure 8: Example 1187 In addition to reducing signaling traffic this approach also removes 1188 the need to discover STUN bindings or make TURN allocations, which 1189 may considerably lighten ICE processing. 1191 Appendix C. Changes from Earlier Versions 1193 Note to the RFC-Editor: please remove this section prior to 1194 publication as an RFC. 1196 C.1. Changes from draft-ietf-ice-trickle-14 1198 o Minor modifications to track changes to ICE core. 1200 C.2. Changes from draft-ietf-ice-trickle-13 1202 o Removed independent monitoring of check list "states" of frozen or 1203 active, since this is handled by placing a check list in the 1204 Running state defined in ICE core. 1206 C.3. Changes from draft-ietf-ice-trickle-12 1208 o Specified that the end-of-candidates indication must include the 1209 generation (ufrag/pwd) to enable association with a particular ICE 1210 session. 1212 o Further editorial fixes to address WGLC feedback. 1214 C.4. Changes from draft-ietf-ice-trickle-11 1216 o Editorial and terminological fixes to address WGLC feedback. 1218 C.5. Changes from draft-ietf-ice-trickle-10 1220 o Minor editorial fixes. 1222 C.6. Changes from draft-ietf-ice-trickle-09 1224 o Removed immediate unfreeze upon Fail. 1226 o Specified MUST NOT regarding ice-options. 1228 o Changed terminology regarding initial ICE parameters to avoid 1229 implementer confusion. 1231 C.7. Changes from draft-ietf-ice-trickle-08 1233 o Reinstated text about in-order processing of messages as a 1234 requirement for signaling protocols. 1236 o Added IANA registration template for ICE option. 1238 o Corrected Case 3 rule in Section 8.1.1 to ensure consistency with 1239 regular ICE rules. 1241 o Added tabular representations to Section 8.1.1 in order to 1242 illustrate the new pair rules. 1244 C.8. Changes from draft-ietf-ice-trickle-07 1246 o Changed "ICE description" to "candidate information" for 1247 consistency with 5245bis. 1249 C.9. Changes from draft-ietf-ice-trickle-06 1251 o Addressed editorial feedback from chairs' review. 1253 o Clarified terminology regarding generations. 1255 C.10. Changes from draft-ietf-ice-trickle-05 1257 o Rewrote the text on inserting a new pair into a check list. 1259 C.11. Changes from draft-ietf-ice-trickle-04 1261 o Removed dependency on SDP and offer/answer model. 1263 o Removed mentions of aggressive nomination, since it is deprecated 1264 in 5245bis. 1266 o Added section on requirements for signaling protocols. 1268 o Clarified terminology. 1270 o Addressed various WG feedback. 1272 C.12. Changes from draft-ietf-ice-trickle-03 1274 o Provided more detailed description of unfreezing behavior, 1275 specifically how to replace pre-existing peer-reflexive candidates 1276 with higher-priority ones received via trickling. 1278 C.13. Changes from draft-ietf-ice-trickle-02 1280 o Adjusted unfreezing behavior when there are disparate foundations. 1282 C.14. Changes from draft-ietf-ice-trickle-01 1284 o Changed examples to use IPv6. 1286 C.15. Changes from draft-ietf-ice-trickle-00 1288 o Removed dependency on SDP (which is to be provided in a separate 1289 specification). 1291 o Clarified text about the fact that a check list can be empty if no 1292 candidates have been sent or received yet. 1294 o Clarified wording about check list states so as not to define new 1295 states for "Active" and "Frozen" because those states are not 1296 defined for check lists (only for candidate pairs) in ICE core. 1298 o Removed open issues list because it was out of date. 1300 o Completed a thorough copy edit. 1302 C.16. Changes from draft-mmusic-trickle-ice-02 1304 o Addressed feedback from Rajmohan Banavi and Brandon Williams. 1306 o Clarified text about determining support and about how to proceed 1307 if it can be determined that the answering agent does not support 1308 Trickle ICE. 1310 o Clarified text about check list and timer updates. 1312 o Clarified when it is appropriate to use half trickle or to send no 1313 candidates in an offer or answer. 1315 o Updated the list of open issues. 1317 C.17. Changes from draft-ivov-01 and draft-mmusic-00 1319 o Added a requirement to trickle candidates by order of components 1320 to avoid deadlocks in the unfreezing algorithm. 1322 o Added an informative note on peer-reflexive candidates explaining 1323 that nothing changes for them semantically but they do become a 1324 more likely occurrence for Trickle ICE. 1326 o Limit the number of pairs to 100 to comply with 5245. 1328 o Added clarifications on the non-importance of how newly discovered 1329 candidates are trickled/sent to the remote party or if this is 1330 done at all. 1332 o Added transport expectations for trickled candidates as per Dale 1333 Worley's recommendation. 1335 C.18. Changes from draft-ivov-00 1337 o Specified that end-of-candidates is a media level attribute which 1338 can of course appear as session level, which is equivalent to 1339 having it appear in all m-lines. Also made end-of-candidates 1340 optional for cases such as aggressive nomination for controlled 1341 agents. 1343 o Added an example for ICE lite and Trickle ICE to illustrate how, 1344 when talking to an ICE lite agent doesn't need to send or even 1345 discover any candidates. 1347 o Added an example for ICE lite and Trickle ICE to illustrate how, 1348 when talking to an ICE lite agent doesn't need to send or even 1349 discover any candidates. 1351 o Added wording that explicitly states ICE lite agents have to be 1352 prepared to receive no candidates over signaling and that they 1353 should not freak out if this happens. (Closed the corresponding 1354 open issue). 1356 o It is now mandatory to use MID when trickling candidates and using 1357 m-line indexes is no longer allowed. 1359 o Replaced use of 0.0.0.0 to IP6 :: in order to avoid potential 1360 issues with RFC2543 SDP libraries that interpret 0.0.0.0 as an on- 1361 hold operation. Also changed the port number here from 1 to 9 1362 since it already has a more appropriate meaning. (Port change 1363 suggested by Jonathan Lennox). 1365 o Closed the Open Issue about use about what to do with cands 1366 received after end-of-cands. Solution: ignore, do an ICE restart 1367 if you want to add something. 1369 o Added more terminology, including trickling, trickled candidates, 1370 half trickle, full trickle, 1372 o Added a reference to the SIP usage for Trickle ICE as requested at 1373 the Boston interim. 1375 C.19. Changes from draft-rescorla-01 1377 o Brought back explicit use of Offer/Answer. There are no more 1378 attempts to try to do this in an O/A independent way. Also 1379 removed the use of ICE Descriptions. 1381 o Added SDP specification for trickled candidates, the trickle 1382 option and 0.0.0.0 addresses in m-lines, and end-of-candidates. 1384 o Support and Discovery. Changed that section to be less abstract. 1385 As discussed in IETF85, the draft now says implementations and 1386 usages need to either determine support in advance and directly 1387 use trickle, or do half trickle. Removed suggestion about use of 1388 discovery in SIP or about letting implementing protocols do what 1389 they want. 1391 o Defined Half Trickle. Added a section that says how it works. 1392 Mentioned that it only needs to happen in the first o/a (not 1393 necessary in updates), and added Jonathan's comment about how it 1394 could, in some cases, offer more than half the improvement if you 1395 can pre-gather part or all of your candidates before the user 1396 actually presses the call button. 1398 o Added a short section about subsequent offer/answer exchanges. 1400 o Added a short section about interactions with ICE Lite 1401 implementations. 1403 o Added two new entries to the open issues section. 1405 C.20. Changes from draft-rescorla-00 1407 o Relaxed requirements about verifying support following a 1408 discussion on MMUSIC. 1410 o Introduced ICE descriptions in order to remove ambiguous use of 1411 3264 language and inappropriate references to offers and answers. 1413 o Removed inappropriate assumption of adoption by RTCWEB pointed out 1414 by Martin Thomson. 1416 Authors' Addresses 1418 Emil Ivov 1419 Atlassian 1420 303 Colorado Street, #1600 1421 Austin, TX 78701 1422 USA 1424 Phone: +1-512-640-3000 1425 Email: eivov@atlassian.com 1427 Eric Rescorla 1428 RTFM, Inc. 1429 2064 Edgewood Drive 1430 Palo Alto, CA 94303 1431 USA 1433 Phone: +1 650 678 2350 1434 Email: ekr@rtfm.com 1436 Justin Uberti 1437 Google 1438 747 6th St S 1439 Kirkland, WA 98033 1440 USA 1442 Phone: +1 857 288 8888 1443 Email: justin@uberti.name 1444 Peter Saint-Andre 1445 Mozilla 1447 Phone: +1 720 256 6756 1448 Email: stpeter@mozilla.com 1449 URI: https://www.mozilla.com/