idnits 2.17.1 draft-ietf-mmusic-sctp-sdp-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (October 22, 2012) is 4197 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'NOTE' is mentioned on line 210, but not defined ** Obsolete normative reference: RFC 4288 (Obsoleted by RFC 6838) ** Obsolete normative reference: RFC 4347 (Obsoleted by RFC 6347) ** Obsolete normative reference: RFC 4566 (Obsoleted by RFC 8866) ** Obsolete normative reference: RFC 4572 (Obsoleted by RFC 8122) ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) == Outdated reference: A later version (-09) exists of draft-ietf-behave-sctpnat-04 == Outdated reference: A later version (-07) exists of draft-tuexen-sctp-udp-encaps-06 Summary: 6 errors (**), 0 flaws (~~), 5 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MMUSIC S. Loreto 3 Internet-Draft G. Camarillo 4 Intended status: Standards Track Ericsson 5 Expires: April 25, 2013 October 22, 2012 7 Stream Control Transmission Protocol (SCTP)-Based Media Transport in the 8 Session Description Protocol (SDP) 9 draft-ietf-mmusic-sctp-sdp-02 11 Abstract 13 SCTP (Stream Control Transmission Protocol) is a transport protocol 14 used to establish associations between two endpoints. This document 15 describes how to express media transport over SCTP in SDP (Session 16 Description Protocol). This document defines the 'SCTP', 'SCTP/DTLS' 17 and 'DTLS/SCTP' protocol identifiers for SDP. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on April 25, 2013. 36 Copyright Notice 38 Copyright (c) 2012 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 3. Protocol Identifier . . . . . . . . . . . . . . . . . . . . . 4 56 4. Media Formats . . . . . . . . . . . . . . . . . . . . . . . . 4 57 4.1. data channels and m-line . . . . . . . . . . . . . . . . . 5 58 5. Streams Attribute . . . . . . . . . . . . . . . . . . . . . . 6 59 6. Datachannel Attribute . . . . . . . . . . . . . . . . . . . . 6 60 7. The Setup and Connection Attributes and Association 61 Management . . . . . . . . . . . . . . . . . . . . . . . . . . 7 62 8. Multihoming . . . . . . . . . . . . . . . . . . . . . . . . . 7 63 9. Network Address Translation (NAT) Considerations . . . . . . . 8 64 10. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 65 10.1. Actpass/Passive . . . . . . . . . . . . . . . . . . . . . 8 66 10.2. Existing Connection Reuse . . . . . . . . . . . . . . . . 9 67 10.3. SDP description for DTLS Connection . . . . . . . . . . . 10 68 11. Security Considerations . . . . . . . . . . . . . . . . . . . 10 69 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 70 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 71 13.1. Normative References . . . . . . . . . . . . . . . . . . . 11 72 13.2. Informative References . . . . . . . . . . . . . . . . . . 12 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 75 1. Introduction 77 SDP (Session Description Protocol) [RFC4566] provides a general- 78 purpose format for describing multimedia sessions in announcements or 79 invitations. RFC4145 [RFC4145] specifies a general mechanism for 80 describing and establishing TCP (Transmission Control Protocol) 81 streams. RFC 4572 [RFC4572] extends RFC4145 [RFC4145] for describing 82 TCP-based media streams that are protected using TLS (Transport Layer 83 Security) [RFC5246]. 85 This document defines a new protocol identifier, 'SCTP', to describe 86 SCTP-based [RFC4960] media streams. Additionally, this document 87 specifies the use of the 'setup' and 'connection' SDP attributes to 88 establish SCTP associations. These attributes were defined in 89 RFC4145 [RFC4145] for TCP. This document discusses their use with 90 SCTP. 92 Additionally this document defines two new protocol identifiers: 94 SCTP/DTLS : to allow the usage of the Datagram Transport Layer 95 Security (DTLS) [RFC4347] protocol over SCTP, as specified in 96 [RFC6083], using SDP. DTLS over SCTP provides communications 97 privacy for applications that use SCTP as their transport 98 protocol. 100 DTLS/SCTP : to allow the usage of SCTP on top of the Datagram 101 Transport Layer Security (DTLS) protocol, as defined in 102 [I-D.tuexen-tsvwg-sctp-dtls-encaps], using SDP. SCTP over DTLS is 103 used by the RTCWeb protocol suite for transporting non- media data 104 between browsers. 106 The authentication certificates are interpreted and validated as 107 defined in RFC4572 [RFC4572]. Self-signed certificates can be used 108 securely, provided that the integrity of the SDP description is 109 assured as defined in RFC4572 [RFC4572]. 111 TLS is designed to run on top of a byte-stream oriented transport 112 protocol providing a realible, in-sequence delivery like TCP. Since 113 no-one so far has implemented SCTP over TLS, due to some serious 114 limitations described in [RFC6083], this document does not make use 115 of TLS over SCTP as described in RFC3436 [RFC3436]. 117 2. Terminology 119 In this document, the key words "MUST", "MUST NOT", "REQUIRED", 120 "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT 121 RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as 122 described in BCP 14, RFC 2119 [RFC2119] and indicate requirement 123 levels for compliant implementations. 125 3. Protocol Identifier 127 The following is the format for an 'm' line, as specified in RFC4566 128 [RFC4566]: 130 m= ... 132 This document defines three new values for the 'proto' field: 'SCTP', 133 'SCTP/DTLS' and 'DTLS/SCTP'. 135 The 'SCTP', 'SCTP/DTLS' and 'DTLS/SCTP' protocol identifiers are 136 similar to both the 'UDP' and 'TCP' protocol identifiers in that they 137 only describe the transport protocol and not the upper-layer 138 protocol. 140 Media described using an 'm' line containing the 'SCTP' protocol 141 identifier are carried using SCTP [RFC4960]. 143 The 'SCTP/DTLS' protocol identifier indicates that the media 144 described will use the Datagram Transport Layer Security (DTLS) 145 [RFC4347] over SCTP as specified in [RFC6083]. 147 The 'DTLS/SCTP' protocol identifier indicates that the media 148 described will use SCTP on top of the Datagram Transport Layer 149 Security (DTLS) protocol as specified in 150 [I-D.tuexen-tsvwg-sctp-dtls-encaps]. 152 An 'm' line that specifies 'SCTP' or 'SCTP/DTLS' or 'DTLS/SCTP' MUST 153 further qualify the application-layer protocol using an fmt 154 identifier. 156 An 'm' line that specifies 'SCTP/DTLS' or 'DTLS/SCTP' MUST further 157 provide a certificate fingerprint. An SDP attribute (an 'a' line) is 158 used to transport and exchange end point certificate. The 159 authentication certificates are interpreted and validated as defined 160 in [RFC4572]. 162 4. Media Formats 164 The SDP specification, [RFC4566], states that specifications defining 165 new proto values, like the SCTP, SCTP/DTLS and DTLS/SCTP proto values 166 defined in this RFC, must define the rules by which their media 167 format (fmt) namespace is managed. Use of an existing MIME subtype 168 for the format is encouraged. If no MIME subtype exists, it is 169 RECOMMENDED that a suitable one is registered through the IETF 170 process [RFC4288] [RFC4289] by production of, or reference to, a 171 standards-track RFC that defines the transport protocol for the 172 format. 174 4.1. data channels and m-line 176 SCTP defines a stream as an unidirectional logical channel existing 177 within an SCTP association one to another SCTP endpoint. The streams 178 are used to provide the notion of in-sequence delivery. Each user 179 message is sent on a particular stream, either order or unordered. 180 Ordering is preserved only for all ordered messages sent on the same 181 stream. 183 A datachannel may be: 185 unidirectional: formed by one single incoming or outgoing SCTP 186 stream 188 bidirectional: a pair of one incoming stream and one outgoing SCTP 189 stream 191 Using the format part of the m line for negotiating datachannel 192 allows the intermediaries nodes to become aware of the kind of 193 traffic actually exchanged on each datachannel, as well as of the 194 number of datachannels established within the association. 196 If the sub-field is 'SCTP' or 'SCTP/DTLS' or 'DTLS/SCTP' the 197 sub-fields contain datachannel number identifiers. When a list 198 of datachannel number identifiers is given, this implies that all of 199 these datachannel MUST be used in the association. For the payload 200 type assignments the "a=datachannel:" attribute (see Section 6) 201 SHOULD be used to map from a datachannel number to a media encoding 202 name that identifies the payload format transported by the 203 datachannel. 205 [NOTE] The datachannel number identifier does not necessarily map 206 directly with the number of the stream used to form the channel. 208 [OPEN ISSUE 1]do we need a stream attribute for it? 210 [NOTE] The exact definition of datachannel depends from the actual 211 media type in use it can be a unidirectional channel formed by a 212 unidirectional stream of an SCTP association or a bidirectional 213 channel consisting of two SCTP streams one for each side of the 214 association. 216 [OPEN ISSUE 2] do we need to register the "RTCWeb" media type in 217 accordance with the requirements of RFC 4288 here or in the 218 Datachannel draft?. 220 [OPEN ISSUE 3] do we need also an attribute to specify the SCTP port 221 number for the SCTP over DTLS scenario? that can be useful in the 222 case where multiple association are running on top of the same DTLS 223 session. 225 An example of a datachannel payload type assignment is RTCWeb used 226 only in certain defined datachannel of the SCTP association. 228 m=application 54111 DTLS/SCTP 0 1 2 229 a=streams=3 230 a=datachannel:0 RTCWeb label=xxxx;options="dictionary string" 231 a=datachannel:1 RTCWeb label=xxxx;options="dictionary string" 232 a=datachannel:2 RTCWeb label=xxxx;options="dictionary string" 234 5. Streams Attribute 236 The 'streams' attribute indicates the number of streams to be 237 supported by the association. If this attribute is not present, the 238 implementation should provide a default, with a suggested value of 239 16. 241 streams-attr = "a=streams=" streamsnumbers 242 streamsnumbers = 1*DIGIT 244 6. Datachannel Attribute 246 This attribute maps from a datachannel number (as used in an "m=" 247 line) to an encoding name denoting the payload format to be used. 249 datachannel-attr = "a=datachannel:" datachannel-number 250 datachannel-number = 1*DIGIT 252 7. The Setup and Connection Attributes and Association Management 254 The use of the 'setup' and 'connection' attributes in the context of 255 an SCTP association is identical to the use of these attributes in 256 the context of a TCP connection. That is, SCTP endpoints MUST follow 257 the rules in Sections 4 and 5 of RFC 4145 [RFC4145] when it comes to 258 the use of the 'setup' and 'connection' attributes in offer/answer 259 [RFC3264] exchanges. 261 The management of an SCTP association is identical to the management 262 of a TCP connection. That is, SCTP endpoints MUST follow the rules 263 in Section 6 of RFC 4145 [RFC4145] to manage SCTP associations. 264 Whether to use the SCTP ordered or unordered delivery service is up 265 to the applications using the SCTP association. 267 8. Multihoming 269 An SCTP endpoint, unlike a TCP endpoint, can be multihomed. An SCTP 270 endpoint is considered to be multihomed if it has more than one IP 271 address. A multihomed SCTP endpoint informs a remote SCTP endpoint 272 about all its IP addresses using the address parameters of the INIT 273 or the INIT-ACK chunk (depending on whether the multihomed endpoint 274 is the one initiating the establishment of the association). 275 Therefore, once the address provided in the 'c' line has been used to 276 establish the SCTP association (i.e., to send the INIT chunk), 277 address management is performed using SCTP. This means that two SCTP 278 endpoints can use addresses that were not listed in the 'c' line but 279 that were negotiated using SCTP mechanisms. 281 During the lifetime of an SCTP association, the endpoints can add and 282 remove new addresses from the association at any point [RFC5061]. If 283 an endpoint removes the IP address listed in its 'c' line from the 284 SCTP association, the endpoint MUST update the 'c' line (e.g., by 285 sending a re-INVITE with a new offer) so that it contains an IP 286 address that is valid within the SCTP association. 288 In some environments, intermediaries performing firewall control use 289 the addresses in offer/answer exchanges to perform media 290 authorization. That is, policy-enforcement network elements do not 291 let media through unless it is sent to the address in the 'c' line. 293 In such network environments, the SCTP endpoints can only exchange 294 media using the IP addresses listed in their 'c' lines. In these 295 environments, an endpoint wishing to use a different address needs to 296 update its 'c' line (e.g., by sending a re-INVITE with a new offer) 297 so that it contains the new IP address. 299 It is worth to underline that when using SCTP on top of DTLS, only 300 single homed SCTP associations can be used, since DTLS does not 301 expose any address management to its upper layer. 303 9. Network Address Translation (NAT) Considerations 305 SCTP specific features (not present in UDP/TCP), such as the checksum 306 (CRC32c) value calculated on the whole packet (not just the header) 307 or its multihoming capabilities, present new challenges for NAT 308 traversal. [I-D.ietf-behave-sctpnat] describes an SCTP specific 309 variant of NAT, which provides similar features of Network Address 310 and Port Translation (NAPT). 312 Current NATs do not typically support SCTP. As an alternative to 313 design SCTP specific NATs, Encapsulating SCTP into UDP 314 [I-D.tuexen-sctp-udp-encaps] makes it possible to use SCTP in 315 networks with legacy NAT and firewalls not supporting SCTP. 317 At the time of writing, the work on NAT traversal for SCTP is still 318 work in progress. Additionally, no extension has been defined to 319 integrate ICE (Interactive Connectivity Establishment) [RFC5768] with 320 SCTP and its multihoming capabilities either. Therefore, this 321 specification does not define how to describe SCTP-over-UDP streams 322 in SDP or how to establish and maintain SCTP associations using ICE. 323 Should these features be specified for SCTP in the future, there will 324 be a need to specify how to use them in an SDP environment as well. 326 10. Examples 328 The following examples show the use of the 'setup' and 'connection' 329 SDP attributes. As discussed in Section 7, the use of these 330 attributes with an SCTP association is identical to their use with a 331 TCP connection. For the purpose of brevity, the main portion of the 332 session description is omitted in the examples, which only show 'm' 333 lines and their attributes (including 'c' lines). 335 10.1. Actpass/Passive 337 An offerer at 192.0.2.2 signals its availability for an SCTP 338 association at SCTP port 54111. Additionally, this offerer is also 339 willing to initiate the SCTP association: 341 m=application 54111 SCTP 0 1 2 342 c=IN IP4 192.0.2.2 343 a=setup:actpass 344 a=connection:new 345 a=streams=3 346 a=datachannel:0 RTCWeb label=xxxx;options="dictionary string" 347 a=datachannel:1 RTCWeb label=xxxx;options="dictionary string" 348 a=datachannel:2 RTCWeb label=xxxx;options="dictionary string" 350 Figure 1 352 The endpoint at 192.0.2.1 responds with the following description: 354 m=image 54321 SCTP 0 1 2 355 c=IN IP4 192.0.2.1 356 a=setup:passive 357 a=connection:new 358 a=streams=3 359 a=datachannel:0 RTCWeb label=xxxx;options="dictionary string" 360 a=datachannel:1 RTCWeb label=xxxx;options="dictionary string" 361 a=datachannel:2 RTCWeb label=xxxx;options="dictionary string" 363 Figure 2 365 This will cause the offerer (at 192.0.2.2) to initiate an SCTP 366 association to port 54321 at 192.0.2.1. 368 10.2. Existing Connection Reuse 370 Subsequent to the exchange in Section 10.1, another offer/answer 371 exchange is initiated in the opposite direction. The endpoint at 372 192.0.2.1, which now acts as the offerer, wishes to continue using 373 the existing association: 375 m=application 54321 SCTP * 376 c=IN IP4 192.0.2.1 377 a=setup:passive 378 a=connection:existing 380 Figure 3 382 The endpoint at 192.0.2.2 also wishes to use the existing SCTP 383 association and responds with the following description: 385 m=application 9 SCTP * 386 c=IN IP4 192.0.2.2 387 a=setup:active 388 a=connection:existing 390 Figure 4 392 The existing SCTP association between 192.0.2.2 and 192.0.2.1 will be 393 reused. 395 10.3. SDP description for DTLS Connection 397 An offerer at 192.0.2.2 signals the availability of a T.38 fax 398 session over SCTP/DTLS. 400 m=image 54111 SCTP/DTLS 0 401 c=IN IP4 192.0.2.2 402 a=setup:actpass 403 a=connection:new 404 a=fingerprint:SHA-1 \ 405 4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB 406 a=fmtp:datachannel streams=1 407 a=datachannel:0 t38 label=xxxx;options="dictionary string" 409 Figure 5 411 11. Security Considerations 413 See RFC 4566 [RFC4566] for security considerations on the use of SDP 414 in general. See RFC 3264 [RFC3264], RFC 4145 [RFC4145] and RFC 4572 415 [RFC4572] for security considerations on establishing media streams 416 using offer/answer exchanges. See RFC 4960 [RFC4960] for security 417 considerations on SCTP in general and [RFC6083] for security 418 consideration using DTLS on top of SCTP. This specification does not 419 introduce any new security consideration in addition to the ones 420 discussed in those specifications. 422 12. IANA Considerations 424 This document defines three new proto values: 'SCTP', 'SCTP/DTLS' and 425 'DTLS/SCTP'. Their formats are defined in Section 3. These proto 426 values should be registered by the IANA under "Session Description 427 Protocol (SDP) Parameters" under "proto". 429 This document defines two SDP session and media-level attributes: 431 'streams'. Its format is defined in Section 5. This attribute 432 should be registered by IANA under "Session Description Protocol 433 (SDP) Parameters" under "att-field" (both session and media 434 level)". 436 'datachannel'. Its format is defined in Section 6. This 437 attribute should be registered by IANA under "Session Description 438 Protocol (SDP) Parameters" under "att-field" (both session and 439 media level)". 441 13. References 443 13.1. Normative References 445 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 446 Requirement Levels", BCP 14, RFC 2119, March 1997. 448 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 449 with Session Description Protocol (SDP)", RFC 3264, 450 June 2002. 452 [RFC4145] Yon, D. and G. Camarillo, "TCP-Based Media Transport in 453 the Session Description Protocol (SDP)", RFC 4145, 454 September 2005. 456 [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and 457 Registration Procedures", BCP 13, RFC 4288, December 2005. 459 [RFC4289] Freed, N. and J. Klensin, "Multipurpose Internet Mail 460 Extensions (MIME) Part Four: Registration Procedures", 461 BCP 13, RFC 4289, December 2005. 463 [RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 464 Security", RFC 4347, April 2006. 466 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 467 Description Protocol", RFC 4566, July 2006. 469 [RFC4572] Lennox, J., "Connection-Oriented Media Transport over the 470 Transport Layer Security (TLS) Protocol in the Session 471 Description Protocol (SDP)", RFC 4572, July 2006. 473 [RFC4960] Stewart, R., "Stream Control Transmission Protocol", 474 RFC 4960, September 2007. 476 [RFC5061] Stewart, R., Xie, Q., Tuexen, M., Maruyama, S., and M. 477 Kozuka, "Stream Control Transmission Protocol (SCTP) 478 Dynamic Address Reconfiguration", RFC 5061, 479 September 2007. 481 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 482 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 484 [I-D.tuexen-tsvwg-sctp-dtls-encaps] 485 Jesup, R., Loreto, S., Stewart, R., and M. Tuexen, "DTLS 486 Encapsulation of SCTP Packets for RTCWEB", 487 draft-tuexen-tsvwg-sctp-dtls-encaps-01 (work in progress), 488 July 2012. 490 13.2. Informative References 492 [RFC3436] Jungmaier, A., Rescorla, E., and M. Tuexen, "Transport 493 Layer Security over Stream Control Transmission Protocol", 494 RFC 3436, December 2002. 496 [RFC6083] Tuexen, M., Seggelmann, R., and E. Rescorla, "Datagram 497 Transport Layer Security (DTLS) for Stream Control 498 Transmission Protocol (SCTP)", RFC 6083, January 2011. 500 [RFC5768] Rosenberg, J., "Indicating Support for Interactive 501 Connectivity Establishment (ICE) in the Session Initiation 502 Protocol (SIP)", RFC 5768, April 2010. 504 [I-D.ietf-behave-sctpnat] 505 Stewart, R., Tuexen, M., and I. Ruengeler, "Stream Control 506 Transmission Protocol (SCTP) Network Address Translation", 507 draft-ietf-behave-sctpnat-04 (work in progress), 508 December 2010. 510 [I-D.tuexen-sctp-udp-encaps] 511 Tuexen, M. and R. Stewart, "UDP Encapsulation of SCTP 512 Packets", draft-tuexen-sctp-udp-encaps-06 (work in 513 progress), January 2011. 515 Authors' Addresses 517 Salvatore Loreto 518 Ericsson 519 Hirsalantie 11 520 Jorvas 02420 521 Finland 523 Email: Salvatore.Loreto@ericsson.com 524 Gonzalo Camarillo 525 Ericsson 526 Hirsalantie 11 527 Jorvas 02420 528 Finland 530 Email: Gonzalo.Camarillo@ericsson.com