idnits 2.17.1 draft-ietf-mmusic-sdp-capability-negotiation-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 15. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 2142. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 2113. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 2120. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 2126. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 26 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 19, 2007) is 6275 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'Section 8' is mentioned on line 1318, but not defined == Unused Reference: 'RFC2234' is defined on line 1974, but no explicit reference was found in the text == Unused Reference: 'RFC3407' is defined on line 1982, but no explicit reference was found in the text == Unused Reference: 'RFC3605' is defined on line 1985, but no explicit reference was found in the text == Unused Reference: 'RFC2046' is defined on line 2001, but no explicit reference was found in the text == Unused Reference: 'RFC2327' is defined on line 2005, but no explicit reference was found in the text == Unused Reference: 'RFC3388' is defined on line 2012, but no explicit reference was found in the text == Unused Reference: 'RFC3851' is defined on line 2024, but no explicit reference was found in the text == Unused Reference: 'RFC4091' is defined on line 2028, but no explicit reference was found in the text == Unused Reference: 'I-D.jennings-sipping-multipart' is defined on line 2036, but no explicit reference was found in the text == Unused Reference: 'SDPCapNegRqts' is defined on line 2061, but no explicit reference was found in the text == Unused Reference: 'MIKEY' is defined on line 2068, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2234 (Obsoleted by RFC 4234) ** Obsolete normative reference: RFC 4234 (Obsoleted by RFC 5234) ** Obsolete normative reference: RFC 4566 (ref. 'SDP') (Obsoleted by RFC 8866) ** Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226) -- Obsolete informational reference (is this intentional?): RFC 2327 (Obsoleted by RFC 4566) -- Obsolete informational reference (is this intentional?): RFC 3388 (Obsoleted by RFC 5888) -- Obsolete informational reference (is this intentional?): RFC 3851 (Obsoleted by RFC 5751) -- Obsolete informational reference (is this intentional?): RFC 4091 (Obsoleted by RFC 5245) -- Duplicate reference: RFC3851, mentioned in 'SMIME', was also mentioned in 'RFC3851'. -- Obsolete informational reference (is this intentional?): RFC 3851 (ref. 'SMIME') (Obsoleted by RFC 5751) -- Obsolete informational reference (is this intentional?): RFC 4474 (Obsoleted by RFC 8224) Summary: 5 errors (**), 0 flaws (~~), 14 warnings (==), 14 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 MMUSIC Working Group F. Andreasen 2 Internet-Draft Cisco Systems 3 Intended Status: Proposed Standard February 19, 2007 4 Expires: August 2007 6 SDP Capability Negotiation 7 draft-ietf-mmusic-sdp-capability-negotiation-03.txt 9 Status of this Memo 11 By submitting this Internet-Draft, each author represents that 12 any applicable patent or other IPR claims of which he or she is 13 aware have been or will be disclosed, and any of which he or she 14 becomes aware will be disclosed, in accordance with Section 6 of 15 BCP 79. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html 33 This Internet-Draft will expire on August 19, 2007. 35 Copyright Notice 37 Copyright (C) The IETF Trust (2007). 39 Abstract 41 The Session Description Protocol (SDP) was intended for describing 42 multimedia sessions for the purposes of session announcement, session 43 invitation, and other forms of multimedia session initiation. SDP was 44 not intended to provide capability indication or capability 45 negotiation, however over the years, SDP has seen widespread adoption 46 and as a result it has been gradually extended to provide limited 47 support for these. SDP and its current extensions however do not have 48 the ability to negotiate one or more alternative transport protocols 49 (e.g. RTP profiles) which makes it particularly difficult to deploy 50 new RTP profiles such as secure RTP or RTP with RTCP-based feedback. 51 The purpose of this document is to address that and other real-life 52 limitations by extending SDP with capability negotiation parameters 53 and associated offer/answer procedures to use those parameters in a 54 backwards compatible manner. 56 The solution provided in this document provides a general SDP 57 capability negotiation framework. It also defines specifically how to 58 provide attributes and transport protocols as capabilities and 59 negotiate them using the framework. Extensions for other types of 60 capabilities (e.g. media types and formats) may be provided in other 61 documents. 63 Table of Contents 65 1. Introduction...................................................3 66 2. Conventions used in this document..............................6 67 3. SDP Capability Negotiation Solution............................6 68 3.1. Solution Overview.........................................6 69 3.2. Version and Extension Indication Attributes...............9 70 3.2.1. Supported Capability Negotiation Extensions Attribute9 71 3.2.2. Required Capability Negotiation Extension Attribute.10 72 3.3. Capability Attributes....................................12 73 3.3.1. Attribute Capability Attribute......................12 74 3.3.2. Transport Protocol Capability Attribute.............14 75 3.3.3. Extension Capability Attributes.....................15 76 3.4. Configuration Attributes.................................15 77 3.4.1. Potential Configuration Attribute...................15 78 3.4.2. Actual Configuration Attribute......................19 79 3.5. Offer/Answer Model Extensions............................20 80 3.5.1. Generating the Initial Offer........................20 81 3.5.2. Generating the Answer...............................23 82 3.5.2.1. Example Views of Potential Configurations......26 83 3.5.3. Offerer Processing of the Answer....................28 84 3.5.4. Modifying the Session...............................29 85 3.6. Interactions with ICE....................................29 86 3.7. Processing Media before Answer...........................31 87 4. Examples......................................................31 88 4.1. Best-Effort Secure RTP...................................31 89 4.2. Multiple Transport Protocols.............................34 90 4.3. Session-Level MIKEY and Media Level Security Descriptions37 91 4.4. Capability Negotiation with Interactive Connectivity 92 Establishment.................................................37 93 5. Security Considerations.......................................37 94 6. IANA Considerations...........................................39 95 6.1. New SDP Attributes.......................................39 96 6.2. New SDP Capability Negotiation Option Tag Registry.......40 97 6.3. New SDP Capability Negotiation Potential Configuration 98 Parameter Registry............................................40 99 7. To Do and Open Issues.........................................41 100 8. Acknowledgments...............................................41 101 Change Log......................................................41 102 9................................................................41 103 9.1. draft-ietf-mmusic-sdp-capability-negotiation-03..........41 104 9.2. draft-ietf-mmusic-sdp-capability-negotiation-02..........41 105 9.3. draft-ietf-mmusic-sdp-capability-negotiation-01..........42 106 9.4. draft-ietf-mmusic-sdp-capability-negotiation-00..........43 107 10. References...................................................44 108 10.1. Normative References....................................44 109 10.2. Informative References..................................44 110 Author's Addresses...............................................47 111 Intellectual Property Statement..................................47 112 Full Copyright Statement.........................................47 113 Acknowledgment...................................................48 115 1. Introduction 117 The Session Description Protocol (SDP) was intended for describing 118 multimedia sessions for the purposes of session announcement, session 119 invitation, and other forms of multimedia session initiation. The SDP 120 contains one or more media stream descriptions with information such 121 as IP-address and port, type of media stream (e.g. audio or video), 122 transport protocol (possibly including profile information, e.g. 123 RTP/AVP or RTP/SAVP), media formats (e.g. codecs), and various other 124 session and media stream parameters that define the session. 126 Simply providing media stream descriptions is sufficient for session 127 announcements for a broadcast application, where the media stream 128 parameters are fixed for all participants. When a participant wants 129 to join the session, he obtains the session announcement and uses the 130 media descriptions provided, e.g., joins a multicast group and 131 receives media packets in the encoding format specified. If the 132 media stream description is not supported by the participant, he is 133 unable to receive the media. 135 Such restrictions are not generally acceptable to multimedia session 136 invitations, where two or more entities attempt to establish a media 137 session that uses a set of media stream parameters acceptable to all 138 participants. First of all, each entity must inform the other of its 139 receive address, and secondly, the entities need to agree on the 140 media stream parameters to use for the session, e.g. transport 141 protocols and codecs. We here make a distinction between the 142 capabilities supported by each participant, the way in which those 143 capabilities can be supported and the parameters that can actually be 144 used for the session. More generally, we can say that we have the 145 following: 147 o A set of capabilities for the session and its associated media 148 stream components, supported by each side. 150 o A set of potential configurations indicating which of those 151 capabilities can be used for the session and its associated media 152 stream components. 154 o A set of actual configurations for the session and its associated 155 media stream components, which specifies which combinations of 156 session parameters and media stream components to use and with 157 what parameters. 159 o A negotiation process that takes the set of potential 160 configurations (combinations of capabilities) as input and 161 provides the actual configurations as output. 163 SDP by itself was designed to provide only one of these, namely the 164 actual configurations, however over the years, use of SDP has been 165 extended beyond its original scope. Session negotiation semantics 166 were defined by the offer/answer model in RFC 3264. It defines how 167 two entities, an offerer and an answerer, exchange session 168 descriptions to negotiate a session. The offerer can include one or 169 more media formats (codecs) per media stream, and the answerer then 170 selects one or more of those offered and returns them in an answer. 171 Both the offer and the answer contain actual configurations; 172 capabilities and potential configurations are not supported. The 173 answer however may reduce the set of actual configurations from the 174 offer as well as extend the set of actual configurations that can be 175 used to receive media by the answerer. 177 Other relevant extensions have been defined. Simple capability 178 declarations, which define how to provide a simple and limited set of 179 capability descriptions in SDP was defined in RFC 3407. Grouping of 180 media lines, which defines how media lines in SDP can have other 181 semantics than the traditional "simultaneous media streams" 182 semantics, was defined in RFC 3388, etc. 184 Each of these extensions was designed to solve a specific limitation 185 of SDP. Since SDP had already been stretched beyond its original 186 intent, a more comprehensive capability declaration and negotiation 187 process was intentionally not defined. Instead, work on a "next 188 generation" of a protocol to provide session description and 189 capability negotiation was initiated [SDPng]. SDPng however has not 190 gained traction and has remained as work in progress for an extended 191 period of time. Existing real-time multimedia communication 192 protocols such as SIP, RTSP, Megaco, and MGCP continue to use SDP. 193 SDP and its current extensions however do not address an increasingly 194 important problem: the ability to negotiate one or more alternative 195 transport protocols (e.g., RTP profiles). This makes it difficult to 196 deploy new RTP profiles such as secure RTP (SRTP) [SRTP], RTP with 197 RTCP-Based Feedback [AVPF], etc. This particular problem is 198 exacerbated by the fact that RTP profiles are defined independently. 199 When a new profile is defined and N other profiles already exist, 200 there is a potential need for defining N additional profiles, since 201 profiles cannot be combined automatically. For example, in order to 202 support the plain and secure RTP version of RTP with and without 203 RTCP-based feedback, four separate profiles (and hence profile 204 definitions) are needed: RTP/AVP [RFC3551], RTP/SAVP [SRTP], RTP/AVPF 205 [AVPF], and RTP/SAVPF [SAVPF]. In addition to the pressing profile 206 negotiation problem, other important real-life limitations have been 207 found as well. 209 The purpose of this document is to define a mechanism that enables 210 SDP to provide limited support for indicating capabilities and their 211 associated potential configurations, and negotiate the use of those 212 potential configurations as actual configurations. It is not the 213 intent to provide a full-fledged capability indication and 214 negotiation mechanism along the lines of SDPng or ITU-T H.245. 215 Instead, the focus is on addressing a set of well-known real-life 216 limitations. More specifically, the solution provided in this 217 document provides a general SDP capability negotiation framework. It 218 also defines specifically how to provide attributes and transport 219 protocols as capabilities and negotiate them using the framework. 220 Extensions for other types of capabilities (e.g. media types and 221 formats) may be provided in other documents. 223 As mentioned above, SDP is used by several protocols, and hence the 224 mechanism should be usable by all of these. One particularly 225 important protocol for this problem is the Session Initiation 226 Protocol (SIP) [RFC3261]. SIP uses the offer/answer model (which is 227 not specific to SIP) to negotiate sessions and hence the mechanism 228 defined here defines the offer/answer procedures to use for the 229 capability negotiation framework. 231 The rest of the document is structured as follows. In Section 3. we 232 present our SDP capability negotiation solution, which consists of 233 new SDP attributes and associated offer/answer procedures. In Section 234 4. we provide examples illustrating its use and in Section 5. we 235 provide the security considerations. 237 2. Conventions used in this document 239 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 240 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 241 document are to be interpreted as described in [RFC2119]. 243 3. SDP Capability Negotiation Solution 245 In this section we first provide an overview of the SDP Capability 246 negotiation solution. This is followed by definitions of new SDP 247 attributes for the solution and its associated updated offer/answer 248 procedures. 250 3.1. Solution Overview 252 The solution consists of the following: 254 o Two new attributes to support versioning and extensions to the 255 framework itself as follows: 257 o A new attribute ("a=csup") that lists the supported base and 258 extension options to the framework. 260 o A new attribute ("a=creq") that lists the base and or 261 extensions to the framework that are required to be supported 262 by the entity receiving the SDP in order to do capability 263 negotiation. 265 o Two new attributes used to express capabilities as follows 266 (additional attributes can be defined as extensions): 268 o A new attribute ("a=acap") that defines how to list attribute 269 parameter values ("a=" values) as capabilities. 271 o A new attribute ("a=tcap") that defines how to list transport 272 protocols (e.g. "RTP/AVP") as capabilities. 274 o Two new attributes to negotiate configurations as follows: 276 o A new attribute ("a=pcfg") that lists the potential 277 configurations supported. This is done by reference to the 278 capabilities from the SDP in question. Multiple potential 279 configurations have an explicitly indicated ordering 280 associated with them. Extension capabilities can be defined 281 and referenced in the potential configurations. 283 o A new attribute ("a=acfg") to be used in an answer SDP. The 284 attribute identifies which of the potential configurations 285 from an offer SDP were used as actual configurations to form 286 the answer SDP. Extension capabilities can be included as 287 well. 289 o Extensions to the offer/answer model that allow for capabilities 290 and potential configurations to be included in an offer. 291 Capabilities can be provided at the session level or the media 292 level. Potential configurations can be included at the media level 293 only, where they constitute alternative offers that may be 294 accepted by the answerer instead of the actual configuration(s) 295 included in the "m=" line(s). The answerer indicates which (if 296 any) of the potential configurations it used to form the answer by 297 including the actual configuration attribute ("a=acfg") in the 298 answer. Capabilities may be included in answers as well, where 299 they can aid in guiding a subsequent new offer. 301 The mechanism is illustrated by the offer/answer exchange below, 302 where Alice sends an offer to Bob: 304 Alice Bob 306 | (1) Offer (SRTP and RTP) | 307 |--------------------------------->| 308 | | 309 | (2) Answer (SRTP) | 310 |<---------------------------------| 311 | | 313 Alice's offer includes RTP and SRTP as alternatives. RTP is the 314 default (actual configuration), but SRTP is the preferred one 315 (potential configuration): 317 v=0 318 o=- 25678 753849 IN IP4 128.96.41.1 319 s= 320 c=IN IP4 128.96.41.1 321 t=0 0 322 m=audio 3456 RTP/AVP 0 18 323 a=creq: cap-v0 324 a=tcap:1 RTP/SAVP 325 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_32 326 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 327 a=pcfg:1 t=1 a=1 329 The "m=" line indicates that Alice is offering to use plain RTP with 330 PCMU or G.729. The required base and extensions are provided by the 331 "a=creq" attribute, which includes the option tag "cap-v0" to 332 indicate that the base framework defined here must be supported. The 333 capabilities are provided by the "a=tcap" and "a=acap" attributes. 334 The transport capabilities ("a=tcap") indicate that secure RTP under 335 the AVP profile ("RTP/SAVP") is supported with an associated 336 transport capability handle of 1. The "acap" attribute provides an 337 attribute capability with a handle of 1. The attribute capability is 338 a "crypto" attribute, which provides the keying material for SRTP 339 using SDP security descriptions [SDES]. The "a=pcfg" attribute 340 provides the potential configuration included in the offer by 341 reference to the capability parameters. One alternative is provided; 342 it has a configuration number of 1 and it consists of transport 343 protocol capability 1 (i.e. the RTP/SAVP profile - secure RTP), and 344 the attribute capability 1, i.e. the crypto attribute provided. 345 Potential configurations are always preferred over actual 346 configurations, and hence Alice is expressing a preference for using 347 secure RTP. 349 Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP 350 Capability Negotiation framework, and hence he accepts the 351 (preferred) potential configuration for Secure RTP provided by Alice: 353 v=0 354 o=- 24351 621814 IN IP4 128.96.41.2 355 s= 356 c=IN IP4 128.96.41.2 357 t=0 0 358 m=audio 4567 RTP/SAVP 0 18 359 a=crypto:1 AES_CM_128_HMAC_SHA1_80 360 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 361 a=acfg:1 t=1 a=1 363 Bob includes the "a=acfg" attribute in the answer to inform Alice 364 that he based his answer on an offer containing the potential 365 configuration with transport protocol capability 1 and attribute 366 capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the 367 keying material provided). Bob also includes his keying material in 368 a crypto attribute. If Bob supported one or more extensions to the 369 capability negotiation framework, he would have included those in the 370 answer as well (in an "a=csup" attribute). 372 Note that in this particular example, the answerer supported the 373 capability negotiation extensions defined here, however had he not, 374 the answerer would simply have ignored the new attributes and 375 accepted the (actual configuration) offer to use normal RTP. In that 376 case, the following answer would have been generated instead: 378 v=0 379 o=- 24351 621814 IN IP4 128.96.41.2 380 s= 381 c=IN IP4 128.96.41.2 382 t=0 0 383 m=audio 4567 RTP/AVP 0 18 385 3.2. Version and Extension Indication Attributes 387 In this section, we present the new attributes associated with 388 indicating the SDP capability negotiation extensions supported and 389 required. 391 3.2.1. Supported Capability Negotiation Extensions Attribute 393 The SDP Capability negotiation solution allows for capability 394 negotiation extensions to be defined. Associated with each such 395 extension is an option tag that identifies the extension in question. 396 Option-tags MUST be registered with IANA per the procedures defined 397 in Section 6. 399 The Supported Capability Negotiation Extensions attribute ("a=csup") 400 contains a comma-separated list of option tags identifying the SDP 401 Capability negotiation extensions supported by the entity that 402 generated the SDP. The attribute is defined as follows: 404 a=csup: 406 RFC 4566, Section 9, provides the ABNF for SDP attributes. The "csup" 407 attribute adheres to the RFC 4566 "attribute" production, with an 408 att-value defined as follows: 410 att-value = *WSP option-tag-list 411 option-tag-list = option-tag *(COMMA option-tag) 412 option-tag = token ; defined in [SDP] 413 COMMA = *WSP "," *WSP ; defined in [RFC4234] 415 Note that white-space is permitted before the option-tag-list. Also, 416 implementers familiar with SIP should note that the above definition 417 of COMMA differs from the one in [RFC3261]. 419 A special base option tag with a value of "cap-v0" is defined for the 420 basic SDP capability negotiation framework. Entities use this option 421 tag with the "a=csup" attribute to indicate support for the SDP 422 capability negotiation framework specified in this document. 424 The following examples illustrates the use of the "a=csup" attribute 425 with the "cap-v0" option tags and two hypothetical option tags, "foo" 426 and "bar": 428 a=csup: cap-v0 429 a=csup: foo 430 a=csup: bar 431 a=csup: cap-v0, foo, bar 433 The "a=csup" attribute can be provided at the session and the media- 434 level. When provided at the session-level, it applies to the entire 435 SDP. When provided at the media-level, it applies to the media 436 description in question only (option-tags provided at the session 437 level apply as well). There can be one or more "a=csup" attributes at 438 both the session and media-level (one or more per media description 439 in the latter case). 441 Whenever an entity that supports one or more extensions to the SDP 442 Capability Negotiation framework generates an SDP, it SHOULD include 443 the "a=csup" attribute with the option tags for the extensions it 444 supports at the session and/or media-level, unless those option tags 445 are already provided in one or more "a=creq" attribute (see Section 446 3.2.2. ) at the relevant levels. The base option tag MAY be included. 448 3.2.2. Required Capability Negotiation Extension Attribute 450 The SDP Capability negotiation solution allows for capability 451 negotiation extensions to be defined. Associated with each such 452 extension is an option tag that identifies the extension in question. 453 Option-tags MUST be registered with IANA per the procedures defined 454 in Section 6. 456 The Required Capability Negotiation Extensions attribute ("a=creq") 457 contains a comma-separated list of option tags identifying the SDP 458 Capability negotiation extensions that MUST be supported by the 459 entity receiving the SDP in order for that entity to properly process 460 the SDP Capability negotiation. The attribute is defined as follows: 462 a=creq: 464 The "creq" attribute adheres to the RFC 4566 "attribute" production, 465 with an att-value defined as follows: 467 att-value = *WSP option-tag-list 469 where "option-tag-list" is defined in Section 3.2.1. Note that 470 white-space is permitted before the option-tag-list. 472 The following examples illustrate the use of the "a=creq" attribute 473 with the "cap-v0" base option tag and two hypothetical option tags, 474 "foo" and "bar": 476 a=creq: cap-v0 477 a=creq: foo 478 a=creq: bar 479 a=creq: cap-v0, foo, bar 481 The "a=creq" attribute can be provided at the session and the media- 482 level. When provided at the session-level, it applies to the entire 483 SDP. When provided at the media-level, it applies to the media-stream 484 in question only (required option tags provided at the session level 485 apply as well). There can be one or more "a=creq" attributes at both 486 the session and media-level (one or more per media stream in the 487 latter case). 489 When an entity generates an SDP and it requires the recipient of that 490 SDP to support one or more SDP capability negotiation extensions in 491 order to properly process the SDP Capability negotiation, the 492 "a=creq" attribute MUST be included with option-tags that identify 493 the required extensions at the session and/or media level, unless it 494 is already known that the receiving entity supports those option-tags 495 at the relevant levels (in which case their inclusion is OPTIONAL). 497 An example of this is when generating an answer to an offer. If the 498 answerer supports the required option-tags from the offer, and the 499 answerer does not require any additional option-tags beyond what 500 was listed in either the required ("a=creq") or supported 501 ("a=csup") attributes from the offer, then the answerer is not 502 required to include a required ("a=creq") attribute with any 503 option-tags that may need to be supported (such as the base option 504 tag - "cap-v0"). 506 A recipient that receives an SDP and does not support one or more of 507 the required extensions listed in a "creq" attribute, MUST NOT 508 perform the SDP capability negotiation defined in this document. For 509 non-supported extensions provided at the session-level, this implies 510 that SDP capability negotiation MUST NOT be performed at all. For 511 non-supported extensions at the media-level, this implies that SDP 512 capability negotiation MUST NOT be performed for the media stream in 513 question. 515 When an entity does not support one or more required SDP capability 516 negotiation extensions, the entity SHOULD proceed as if the SDP 517 capability negotiation attributes were not included in the first 518 place, i.e. all the capability negotiation attributes should be 519 ignored. In that case, the entity SHOULD include a "csup" attribute 520 listing the SDP capability negotiation extensions it actually 521 supports. 523 This ensures that introduction of the SDP capability negotiation 524 mechanism does not introduce any new failure scenarios. 526 The above rules apply to the base option tag as well. Thus, entities 527 compliant to this specification MUST include a "creq" attribute (at 528 least in an offer) that includes the option tag "cap-v0" as 529 illustrated below: 531 a=creq: cap-v0 533 3.3. Capability Attributes 535 In this section, we present the new attributes associated with 536 indicating the capabilities for use by the SDP Capability 537 negotiation. 539 3.3.1. Attribute Capability Attribute 541 Attributes and their associated values can be expressed as 542 capabilities by use of a new attribute capability attribute 543 ("a=acap"), which is defined as follows: 545 a=acap: 547 where is an integer between 1 and 2^31-1 (both 548 included) used to number the attribute capability and is an 549 attribute ("a=") in its full '=' form (see [SDP]). 551 The "acap" attribute adheres to the RFC 4566 "attribute" production, 552 with an att-value defined as follows: 554 att-value = *WSP att-cap-num 1*WSP att-par 555 att-cap-num = 1*DIGIT ;defined in [RFC4234] 556 att-par = attribute ;defined in RFC 4566 558 Note that white-space is permitted before the att-cap-num. The "acap" 559 attribute can be provided at the session level for session-level 560 attributes and the media level for media-level attributes. The "acap" 561 attribute MUST NOT be used to provide a media-level attribute at the 562 session-level or vice versa. 564 Each occurrence of the "acap" attribute in the entire session 565 description MUST use a different value of . 567 There is a need to be able to reference both session-level and 568 media-level attributes in potential configurations at the media 569 level, and this provides for a simple solution to avoiding overlap 570 between the references (handles) to each attribute capability. 572 The values provided are independent of similar values provided for other capability attributes, i.e., they form 574 a separate name-space for attribute capabilities. 576 The following examples illustrate use of the "acap" attribute: 578 a=acap: 1 a=ptime:20 580 a=acap: 2 a=ptime:30 582 a=acap: 3 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyONQ6gAA 583 AAAGEEoo2pee4hp2UaDX8ZE22YwKAAAPZG9uYWxkQGR1Y2suY29tAQAAAAAAAQAk0 584 JKpgaVkDaawi9whVBtBt0KZ14ymNuu62+Nv3ozPLygwK/GbAV9iemnGUIZ19fWQUO 585 SrzKTAv9zV 587 a=acap: 4 a=crypto:1 AES_CM_128_HMAC_SHA1_32 588 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 590 The first two provide attribute values for the ptime attribute. The 591 third provides SRTP parameters by using MIKEY with the key-mgmt 592 attribute [KMGMT]. The fourth provides SRTP parameters by use of 593 security descriptions with the crypto attribute [SDES]. Note that the 594 line-wrapping and new-lines in example three and four are provided 595 for formatting reasons only - they are not permitted in actual SDP. 597 Readers familiar with RFC 3407 may notice the similarity between 598 the RFC 3407 "cpar" attribute and the above. There are however a 599 couple of important differences, most notably that the "acap" 600 attribute contains a handle that enables referencing it and it 601 furthermore supports attributes only (the "cpar" attribute defined 602 in RFC 3407 supports bandwidth information as well). The "acap" 603 attribute also is not automatically associated with any particular 604 capabilities. 606 3.3.2. Transport Protocol Capability Attribute 608 Transport Protocols can be expressed as capabilities by use of a new 609 Transport Protocol Capability attribute ("a=tcap") defined as 610 follows: 612 a=tcap: 614 where is an integer between 1 and 2^31-1 (both 615 included) used to number the transport address capability for later 616 reference, and is one or more , separated by 617 white space, as defined in the SDP "m=" line. 619 The "tcap" attribute adheres to the RFC 4566 "attribute" production, 620 with an att-value defined as follows: 622 att-value = *WSP trpr-cap-num 1*WSP proto-list 623 trpr-cap-num = 1*DIGIT ;defined in [RFC4234] 624 proto-list = proto *(1*WSP proto) ; defined in RFC 4566 626 Note that white-space is permitted before the trpr-cap-num. The 627 "tcap" attribute can be provided at the session- and media-level. 628 Each occurrence of the "tcap" attribute in the entire session 629 description MUST use a different value of . When 630 multiple values are provided, the first one is associated 631 with the value , the second one with the value one 632 higher, etc. The values provided are independent of 633 similar values provided for other capability attributes, 634 i.e., they form a separate name-space for transport protocol 635 capabilities. 637 Below, we provide examples of the "a=tcap" attribute: 639 a=tcap: 1 RTP/AVP 640 a=tcap: 2 RTP/AVPF 641 a=tcap: 3 RTP/SAVP RTP/SAVPF 643 The first one provides a capability for the "RTP/AVP" profile defined 644 in [RFC3551] and the second one provides a capability for the RTP 645 with RTCP-Based Feedback profile defined in [AVPF]. The third one 646 provides capabilities for the "RTP/SAVP" and "RTP/SAVPF" profiles. 648 Transport capabilities are inherently included in the "m=" line, 649 however they still need to be specified explicitly in a "tcap" 650 attribute, if they are to be used as a capability. This may seem 651 redundant (and indeed it is from the offerer's point of view), 652 however it is done to protect against middle-boxes that may modify 653 "m=" lines while passing unknown attributes through. If an implicit 654 capability were used instead (e.g. a reserved transport capability 655 number could be used to refer to the transport protocol in the "m=" 656 line), and a middle-box were to modify the transport protocol in the 657 "m=" line (e.g. to translate between plain RTP and secure RTP), then 658 the potential configuration referencing that implicit transport 659 capability may no longer be correct. With explicit capabilities, we 660 avoid this pitfall, although the potential configuration preference 661 (see Section 3.4.1. ) may not reflect that of the middle-box (which 662 some may view as a feature). 664 3.3.3. Extension Capability Attributes 666 The SDP Capability Negotiation framework allows for new capabilities 667 to be defined as extensions and used with the general capability 668 negotiation framework. The syntax and semantics of such new 669 capability attributes are not defined here, however in order to be 670 used with potential configurations, they MUST allow for a numeric 671 handle to be associated with each capability. This handle will be 672 used as a reference within the potential and actual configuration 673 attributes (see Section 3.4.1. and 3.4.2. ). The definition of such 674 extension capability attributes MUST also state whether they can be 675 applied at the session-level, media-level, or both. 677 3.4. Configuration Attributes 679 3.4.1. Potential Configuration Attribute 681 Potential Configurations can be expressed by use of a new Potential 682 Configuration Attribute ("a=pcfg") defined as follows: 684 a=pcfg: 686 where is an integer between 1 and 2^31-1 (both 687 included). 689 The "pcfg" attribute adheres to the RFC 4566 "attribute" production, 690 with an att-value defined as follows: 692 att-value = *WSP config-number 1*WSP pot-cfg-list 693 config-number = 1*DIGIT ;defined in [RFC4234] 694 pot-cfg-list = pot-config *(1*WSP pot-config) 695 pot-config = pot-attribute-parameter-config / 696 pot-transport-protocol-config / 697 pot-extension-config 699 The missing productions are defined below. Note that white-space is 700 permitted before the config-number. 702 The potential configuration attribute can be provided at the media- 703 level only. The attribute includes a configuration number, which is 704 an integer between 1 and 2^31-1 (both included). The configuration 705 number MUST be unique within the media stream. The configuration 706 number also indicates the relative preference of potential 707 configurations; lower numbers are preferred over higher numbers. 709 After the configuration number, one or more potential configuration 710 parameters MUST be provided. This document defines potential 711 attribute parameter configurations and potential transport protocol 712 configurations. Each of these MUST NOT be present more than once in 713 a particular potential configuration attribute. Potential extension 714 configurations can be included as well; unknown potential extension 715 configurations MUST be ignored (if support is required, then the 716 "a=creq" with a suitable option tag should be used). There can be 717 more than one potential extension configuration, however each 718 particular potential extension configuration MUST NOT be present more 719 than once in a given potential configuration attribute. Together, 720 these values define a potential configuration. 722 There can be multiple potential configurations provided within a 723 media description. Each of these indicates not only a willingness, 724 but in fact a desire to use the potential configuration. 726 Attribute capabilities are included in a potential configuration by 727 use of the pot-attribute-parameter-config parameter, which is defined 728 by the following ABNF: 730 pot-attribute-parameter-config 731 = "a=" acap-cap-list *(BAR acap-cap-list) 732 acap-cap-list = att-cap-num *(COMMA att-cap-num) 733 att-cap-num = 1*DIGIT ;defined in [RFC4234] 734 BAR = *WSP "|" *WSP ; defined in [RFC4234] 736 Each potential attribute parameter configuration list is a comma- 737 separated list of attribute capability numbers where att-cap-num 738 refers to attribute capability numbers defined above and hence MUST 739 be between 1 and 2^31-1 (both included). Alternative potential 740 attribute parameter configurations are separated by a vertical bar 741 ("|"), the scope of which extends to the next alternative (i.e. "," 742 has higher precedence than "|"). The alternatives are ordered by 743 preference with the most preferred listed first. 745 Transport protocol capabilities are included in a potential 746 configuration by use of the pot-transport-protocol-config parameter, 747 which is defined by the following ABNF: 749 pot-transport-protocol-config = 750 "t=" trpr-cap-num *(BAR trpr-cap-num) 751 trpr-cap-num = 1*DIGIT ; defined in [RFC4234] 753 The trpr-cap-num refers to transport protocol capability numbers 754 defined above and hence MUST be between 1 and 2^31-1 (both included). 755 Alternative potential transport protocol configurations are separated 756 by a vertical bar ("|"). The alternatives are ordered by preference 757 with the most preferred listed first. When transport protocol 758 capabilities are not included in a potential configuration at the 759 media level, the transport protocol information from the associated 760 "m=" line will be used. 762 In the presence of middle-boxes (the existence of which may not be 763 known), care should be taken with assuming that the transport 764 protocol in the "m=" line will not be modified by a middle-box. Use 765 of an explicit capability will guard against the capability 766 indications of that. 768 Extension capabilities can be included in a potential configuration 769 as well. Such extensions MUST adhere to the following ABNF: 771 pot-extension-config = ext-cap-name "=" 772 ext-cap-list *(BAR ext-cap-list) 773 ext-cap-name = token ; defined in [SDP] 774 ext-cap-list = ext-cap-num *(COMMA ext-cap-num) 775 ext-cap-num = 1*DIGIT ; defined in [RFC4234] 777 The ext-cap-name refers to the type of extension capability and the 778 ext-cap-num refers to a capability number associated with that 779 particular type of extension capability. The number MUST be between 780 1 and 2^31-1 (both included). Alternative potential extension 781 configurations for a particular extension are separated by a vertical 782 bar ("|"),the scope of which extends to the next alternative (i.e. 783 "," has higher precedence than "|"). Unsupported or unknown 784 potential extension configs MUST be ignored. 786 The "creq" attribute and its associated rules can be used to ensure 787 that required extensions are supported in the first place. 789 Potential configurations can be provided at the media level only, 790 however it is possible to reference capabilities provided at either 791 the session or media level. There are certain semantic rules and 792 restrictions associated with this: 794 A (media level) potential configuration in a given media description 795 MUST NOT reference a media-level capability provided in a different 796 media description; doing so invalidates that potential configuration. 797 A potential configuration can however reference a session-level 798 capability. The semantics of doing so (should that potential 799 configuration be chosen), depends on the type of capability. In the 800 case of transport capabilities, this has no particular implication. 801 In the case of attribute capabilities however, it does. More 802 specifically, the corresponding attribute value (provided within that 803 attribute capability) will be considered part of the active 804 configuration at the *session* level. In other words, it will be as- 805 if that attribute was simply provided with that value at the session- 806 level in the first place. Note that individual media streams perform 807 capability negotiation individually, and hence it is possible that 808 another media stream (where the attribute was part of a potential 809 configuration) chose a configuration without that session level 810 attribute. The session-level attribute however remains "active" and 811 hence applies to the entire session. It is up to the entity that 812 generates the SDP to ensure that in such cases, the resulting active 813 configuration SDP is still meaningful. 815 The session-level operation of extension capabilities is undefined: 816 Consequently, if session-level extension capabilities are defined, 817 they MUST specify the implication of making them part of an active 818 configuration at the media level. 820 Below, we provide an example of the "a=pcfg" attribute in a complete 821 media description in order to properly indicate the supporting 822 attributes: 824 v=0 825 o=- 25678 753849 IN IP4 128.96.41.1 826 s= 827 c=IN IP4 128.96.41.1 828 t=0 0 829 m=audio 3456 RTP/AVPF 0 18 830 a=creq: cap-v0 831 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32 832 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 833 a=tcap: 1 RTP/AVPF RTP/AVP 834 a=tcap: 3 RTP/SAVP RTP/SAVPF 835 a=pcfg:1 t=4|3 a=1 836 a=pcfg:8 t=1|2 838 We have two potential configurations listed here. The first one (and 839 most preferred, since its configuration number is "1") indicates that 840 either of the profiles RTP/SAVPF or RTP/SAVP (specified by the 841 transport protocol capability numbers 4 and 3) can be supported with 842 attribute capability 1 (the "crypto" attribute); RTP/SAVPF is 843 preferred over RTP/SAVP since its capability number (4) is listed 844 first in the preferred potential configuration. The second potential 845 configuration indicates that the RTP/AVPF of RTP/AVP profile can be 846 used, with RTP/AVPF being the preferred one. This non secure RTP 847 alternative is the less preferred one since its configuration number 848 is "8". 850 3.4.2. Actual Configuration Attribute 852 The actual configuration attribute identifies which of the potential 853 configurations from an offer SDP were used as actual configurations 854 in an answer SDP. This is done by reference to the configuration 855 number and the attribute capabilities and transport protocol 856 capabilities from the offer that were actually used by the answerer 857 in his offer/answer procedure. If extension capabilities were used, 858 those will be included by reference as well. Note that the 859 configuration number and all capability numbers used are those from 860 the offer; not the answer. 862 The Actual Configuration Attribute ("a=acfg") is defined as follows: 864 a=acfg: 866 The "acfg" attribute adheres to the RFC 4566 "attribute" production, 867 with an att-value defined as follows: 869 att-value = *WSP config-number 1*WSP act-cfg-list 870 ;config-number defined in Section 3.4.1. 871 act-cfg-list = capability *(1*WSP capability) 872 capability = act-attribute-parameter-config / 873 act-transport-protocol-config / 874 act-extension-config 876 act-attribute-parameter-config = 877 "a=" acap-cap-list ; defined in Section 3.4.1. 879 act-transport-protocol-config = 880 "t=" trpr-cap-num ; defined in Section 3.4.1. 882 act-extension-config = 883 ext-cap-name "=" ext-cap-list ; defined in Section 3.4.1. 885 Note that white-space is permitted before the config-number. The 886 actual configuration ("a=acfg") attribute can be provided at the 887 media-level only. There MUST NOT be more than one occurrence of an 888 actual configuration attribute within a given media description. 890 Below, we provide an example of the "a=acfg" attribute (building on 891 the previous example with the potential configuration attribute): 893 v=0 894 o=- 24351 621814 IN IP4 128.96.41.2 895 s= 896 c=IN IP4 128.96.41.2 897 t=0 0 898 m=audio 4567 RTP/SAVPF 0 899 a=creq: 0 900 a=acfg:1 t=4 a=1 902 It indicates that the answerer used an offer consisting of potential 903 configuration number 1 with transport protocol capability 4 from the 904 offer (RTP/SAVPF) and attribute capability 1 (the "crypto" 905 attribute). 907 3.5. Offer/Answer Model Extensions 909 In this section, we define extensions to the offer/answer model 910 defined in [RFC3264] to allow for potential configurations to be 911 included in an offer, where they constitute offers that may be 912 accepted by the answerer instead of the actual configuration(s) 913 included in the "m=" line(s). 915 The procedures defined in the following subsections apply to both 916 unicast and multicast streams. 918 3.5.1. Generating the Initial Offer 920 An offerer that wants to use the SDP capability negotiation 921 extensions defined in this document MUST include the following in the 922 offer: 924 o An SDP capability negotiation required extensions attribute 925 ("a=creq") as defined in Section 3.2.2. that contains the option 926 tag "cap-v0". 928 This attribute SHOULD be provided at the session-level (if there 929 is only a single media stream, then it may make sense to include 930 it at the media-level). If one or more additional option tags are 931 required to be supported for the entire session description, then 932 option tags for those extensions MUST be included in the session- 933 level "creq" attribute. For each media description that requires 934 one or more capability negotiation extensions not listed at the 935 session-level, a "creq" attribute containing the required 936 extensions for that media description MUST be included within the 937 media description as well (in accordance with Section 3.2.2. ). 939 o An attribute capability attribute ("a=acap") as defined in Section 940 3.3.1. for each attribute name and associated value that needs to 941 be indicated as a capability in the offer. 943 Session-level attributes and associated values MUST be provided in 944 attribute capabilities at the session-level only, whereas media- 945 level attributes and associated values MUST be provided in 946 attribute capabilities at the media-level only. Attributes that 947 can be provided at either the session- or media-level can be 948 represented as attribute capabilities at either the session- or 949 media-level. If there is not a need to indicate any attributes as 950 attribute capabilities, then there will not be any "a=acap" 951 attributes either. 953 o One or more a transport protocol capability attributes ("a=tcap") 954 as defined in Section 3.3.2. with values for each transport 955 protocol that needs to be indicated as a capability in the offer. 956 Transport protocol capabilities that apply to multiple media 957 descriptions SHOULD be provided at the session-level whereas 958 transport protocol capabilities that apply to a specific media 959 description ("m=" line) only, SHOULD be provided within that 960 particular media description. If there is not a need to indicate 961 any transport protocols as transport protocol capabilities, then 962 there will not be any "a=tcap" attributes either. 964 o One or more extension capability attributes (as outlined in 965 Section 3.3.3. ) for each extension capability that is referenced 966 by a potential configuration. 968 o One or more potential configuration attributes ("a=pcfg") as 969 defined in Section 3.4.1. within each media description where 970 alternative potential configurations are to be negotiated. Each 971 potential configuration attribute MUST adhere to the rules 972 provided in Section 3.4.1. and the additional rules provided 973 below. 975 The offerer SHOULD furthermore include the following: 977 o One or more supported capability negotiation extension attributes 978 ("a=csup") as defined in Section 3.2.2. if the offerer supports 979 one or more capability negotiation extensions not included in a 980 corresponding "a=creq" attribute (i.e. at the session-level or om 981 the same media description). Option tags provided in "a=csup" 982 attributes at the session-level indicate extensions supported for 983 the entire session description whereas option tags provided in 984 "a=csup" attributes in a media description indicate extensions 985 supported for that particular media description only. 987 Capabilities provided in an offer merely indicate what the offerer is 988 capable of doing. They do not constitute a commitment or even an 989 indication to actually use them. Each potential configuration however 990 constitutes an alternative offer that the offerer would like to use. 991 The potential configurations may be used by the answerer to negotiate 992 and establish the session. 994 The offerer MUST include one or more potential configuration 995 attributes ("a=pcfg") within each media description where the offerer 996 wants to provide alternative offers (in the form of potential 997 configurations). Each potential configuration attribute in a given 998 media description MUST contain a unique configuration number and one 999 or more potential configuration parameters, as described in Section 1000 3.4.1. Each potential configuration parameter MUST refer to a 1001 capability that is provided either at the session-level or within 1002 that particular media description; otherwise, the potential 1003 configuration is considered invalid. 1005 The current actual configuration is included in the "m=" line (as 1006 defined by [RFC3264]). Note that the actual configuration is by 1007 definition the least-preferred configuration, and hence the answerer 1008 will seek to negotiate use of one of the potential configurations 1009 instead. If the offerer wishes a different preference for the actual 1010 configuration, the offerer MUST include a corresponding potential 1011 configuration with the relevant configuration number (which indicates 1012 the relative preference between potential configurations); this 1013 corresponding potential configuration should simply duplicate the 1014 actual configuration. 1016 Per [RFC3264], once the offerer generates the offer, he must be 1017 prepared to receive incoming media in accordance with that offer. 1018 That rule applies here as well, but for the actual configurations 1019 provided in the offer only: Media received by the offerer according 1020 to one of the potential configurations MAY be discarded, until the 1021 offerer receives an answer indicating what the actual configuration 1022 is. Once that answer is received, incoming media MUST be processed in 1023 accordance with the actual configuration indicated and the answer 1024 received (provided the offer/answer exchange completed succesfully). 1026 3.5.2. Generating the Answer 1028 When receiving an offer, the answerer MUST check for the presence of 1029 a required capability negotiation extension attribute ("a=creq") 1030 provided at the session level and containing the option tag "cap-v0". 1031 If one is found, then capability negotiation MUST be performed for 1032 each media description that contains a potential configuration 1033 attribute ("a=pcfg"). If none is found, then the answerer MUST check 1034 each offered media description for a required capability negotiation 1035 extension attribute ("a=creq") containing the option tag "cap-v0" and 1036 one or more potential configuration attributes. Capability 1037 negotiation MUST be performed for each such media description in 1038 accordance with the procedures described below. 1040 The answerer MUST first ensure that it supports any additional 1041 required capability negotiation extensions: 1043 o If a session-level "creq" attribute is provided, and it contains 1044 an option-tag that the answerer does not support, then the 1045 answerer MUST NOT use any of the potential configuration 1046 attributes provided for any of the media descriptions. Instead, 1047 the normal offer/answer procedures MUST continue as per [RFC3264]. 1048 Furthermore, the answerer MUST include a session-level supported 1049 capability negotiation extensions attribute ("a=csup") with option 1050 tags for the capability negotiation extensions supported by the 1051 answerer. 1053 o If a media-level "creq" attribute is provided, and it contains an 1054 option tag that the answerer does not support, then the answerer 1055 MUST NOT use any of the potential configuration attributes 1056 provided for that particular media description. Instead, the 1057 offer/answer procedures MUST continue as per [RFC3264]. 1058 Furthermore, the answerer MUST include a supported capability 1059 negotiation extensions attribute ("a=csup") in that media 1060 description with option tags for the capability negotiation 1061 extensions supported by the answerer for that media description. 1063 Assuming all required capability negotiation extensions are 1064 supported, the answerer now proceeds as follows. 1066 For each media description where capability negotiation is to be 1067 performed (i.e. all required capability negotiation extensions are 1068 supported and at least one valid potential configuration attribute is 1069 present), the answerer MUST attempt to perform capability negotiation 1070 by using the most preferred potential configuration that is valid. A 1071 potential configuration is valid if: 1073 1. It is in accordance with the syntax and semantics provided in 1074 Section 3.4.1. 1076 2. It contains a configuration number that is unique within that 1077 media description. 1079 3. All attribute capabilities referenced by the potential 1080 configuration are valid themselves (as defined in Section 3.3.1. ) 1081 and each of them are furthermore provided either at the session- 1082 level or within this particular media description. 1084 4. All transport protocol capabilities referenced by the potential 1085 configuration are valid themselves (as defined in Section 3.3.2. ) 1086 and each of them are furthermore provided either at the session- 1087 level or within this particular media description. 1089 5. All extension capabilities referenced by the potential 1090 configuration and supported by the answerer are valid themselves 1091 (as defined by that particular extension) and each of them are 1092 furthermore provided either at the session-level or within this 1093 particular media description. Unknown or unsupported extension 1094 capabilities MUST be ignored. 1096 The most preferred valid potential configuration in a media 1097 description is the valid potential configuration with the lowest 1098 configuration number. The answerer MUST now process the offer for 1099 that media stream based on the most preferred valid potential 1100 configuration. Conceptually, this entails the answerer constructing 1101 an (internal) offer that consists of the offer SDP, with the 1102 following changes: 1104 o If a transport protocol capability is included in the potential 1105 configuration, then it replaces the transport protocol provided in 1106 the "m=" line for that media description. 1108 o If a session-level attribute capability is included, then it is 1109 added to the list of session-level attributes for the session 1110 description. 1112 o If a media-level attribute capability is included, then it is 1113 added to the list of media-level attributes for that particular 1114 media description. 1116 o If a supported extension capability is included, then it is 1117 processed in accordance with the rules provided for that 1118 particular extension capability. 1120 Note that whereas a transport protocol from the potential 1121 configuration replaces the transport protocol in the actual 1122 configuration, an attribute capability from the potential 1123 configuration is instead added to the actual configuration. In some 1124 cases, this may result in having one or more meaningless attributes 1125 from the actual configuration; such meaningless attributes SHOULD 1126 simply be ignored. 1128 For example, if the actual configuration was using Secure RTP and 1129 included an "a=crypto" attribute for the SRTP keying material, 1130 then use of a potential configuration that uses plain RTP would 1131 make the "crypto" attribute meaningless. Rather than requiring 1132 the actual configuration attributes to be present as attribute 1133 capabilities as well (which would increase the message size) and 1134 then have the potential configuration completely replace the 1135 actual configuration, we instead make the use of attribute 1136 capabilities additive to the session description. 1138 Please refer to Section 3.5.2.1. for examples of how the answerer may 1139 conceptuall "see" the resulting offered alternative potential 1140 configurations. 1142 If the answerer is not able to support the most preferred valid 1143 potential configuration for the media description, the answerer MUST 1144 proceed to the second-most preferred valid potential configuration 1145 for the media description, etc. If the answerer is not able to 1146 support any of the valid potential configurations, the answerer MUST 1147 process the offer per normal offer/answer rules, i.e. the actual 1148 configuration provided will be used as the least preferred 1149 alternative. 1151 Once the answerer has selected an offered configuration for the media 1152 stream, the answerer MUST generate a valid answer SDP based on the 1153 selected configuration as "seen" by the answerer. Furthermore, if the 1154 answerer selected one of the potential configurations in a media 1155 description, the answerer MUST include an actual configuration 1156 attribute within that media description that identifies the 1157 configuration number for that potential configuration as well as the 1158 actual parameters that were used from that potential configuration 1159 (if the potential configuration included alternatives, only the 1160 selected alternatives must be included). Only the known and supported 1161 parameters will be included. Unknown or unsupported parameters MUST 1162 NOT be included in the actual configuration attribute. 1164 If the answerer supports one or more capability negotiation 1165 extensions that were not included in a required capability 1166 negotiation extensions attribute in the offer, then the answerer 1167 SHOULD furthermore include a supported capability negotiation 1168 attribute ("a=csup") at the session-level with option tags for the 1169 extensions supported across media streams. Also, if the answerer 1170 supports one or more capability negotiation extensions for particular 1171 media descriptions only, then a supported capability negotiation 1172 attribute with those option-tags SHOULD be included within each 1173 relevant media description. 1175 The actual configuration is contained in the media description's "m=" 1176 line. The answerer can send media to the offerer in accordance with 1177 the actual configuration as soon as it receives the offer, however it 1178 MUST NOT do so if it chooses an alternative potential configuration. 1179 If the answerer chooses one of the potential configurations, then the 1180 answerer MAY start to send media to the offerer in accordance with 1181 the selected potential configuration, however the offerer MAY discard 1182 such media until the offerer receives the answer. 1184 3.5.2.1. Example Views of Potential Configurations 1186 The following examples illustrate how the answerer may conceptually 1187 "see" a potential configuration. Consider the following offered SDP: 1189 v=0 1190 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1191 s=Secret discussion 1192 t=0 0 1193 c=IN IP4 lost.example.com 1194 a=creq: cap-v0 1195 a=acap:1 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1196 a=tcap:1 RTP/SAVP RTP/AVP 1197 m=audio 39000 RTP/AVP 98 1198 a=rtpmap:98 AMR/8000 1199 a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32 1200 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 1201 a=pcfg:1 t=1 a=1|2 1202 m=video 42000 RTP/AVP 31 1203 a=rtpmap:31 H261/90000 1204 a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1205 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1206 a=pcfg:1 t=1 a=1|3 1208 This particular SDP offers an audio stream and a video stream, each 1209 of which can either use plain RTP (actual configuration) or secure 1210 RTP (potential configuration). Furthermore, two different keying 1211 mechanisms are offered, namely session-level Key Management 1212 Extensions using MIKEY (attribute capability 1) and media-level SDP 1213 Security Descriptions (attribute capabilities 2 and 3). There are 1214 several alternative configurations here, however, below we show the 1215 one the answerer "sees" when using potential configuration 1 for both 1216 audio and video, and furthermore using attribute capability 1 (MIKEY) 1217 for both (we have removed all the capability negotiation attributes 1218 for clarity): 1220 v=0 1221 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1222 s=Secret discussion 1223 t=0 0 1224 c=IN IP4 lost.example.com 1225 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1226 m=audio 39000 RTP/SAVP 98 1227 a=rtpmap:98 AMR/8000 1228 m=video 42000 RTP/SAVP 31 1229 a=rtpmap:31 H261/90000 1231 Note that the transport protocol in the media descriptions indicate 1232 use of secure RTP. 1234 Below, we show the offer the answerer "sees" when using potential 1235 configuration 1 for both audio and video and furthermore using 1236 attribute capability 2 and 3 respectively (SDP security descriptions) 1237 for the audio and media stream: 1239 v=0 1240 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1241 s=Secret discussion 1242 t=0 0 1243 c=IN IP4 lost.example.com 1244 m=audio 39000 RTP/SAVP 98 1245 a=rtpmap:98 AMR/8000 1246 a=crypto:1 AES_CM_128_HMAC_SHA1_32 1247 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 1249 m=video 42000 RTP/SAVP 31 1250 a=rtpmap:31 H261/90000 1251 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1252 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1254 Again, note that the transport protocol in the media descriptions 1255 indicate use of secure RTP. 1257 And finally, we show the offer the answerer "sees" when using 1258 potential configuration 1 with attribute capability 1 (MIKEY) for the 1259 audio stream, and potential configuration 1 with attribute capability 1260 3 (SDP security descriptions) for the video stream: 1262 v=0 1263 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1264 s=Secret discussion 1265 t=0 0 1266 c=IN IP4 lost.example.com 1267 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1268 m=audio 39000 RTP/SAVP 98 1269 a=rtpmap:98 AMR/8000 1270 m=video 42000 RTP/SAVP 31 1271 a=rtpmap:31 H261/90000 1272 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1273 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1275 3.5.3. Offerer Processing of the Answer 1277 When the offerer attempted to use SDP Capability Negotiation in the 1278 offer, the offerer MUST examine the answer for actual use of 1279 capability negotiation. 1281 For each media description where the offerer included a potential 1282 configuration attribute, the offerer MUST first examine the media 1283 description for the presence of an actual configuration attribute 1284 ("a=acfg"). If an actual configuration attribute is not present in a 1285 media description, then the offerer MUST process the answer SDP for 1286 that media stream per the normal offer/answer rules defined in 1287 [RFC3264]. However, if one is found, then the offerer MUST instead 1288 process the answer as follows: 1290 o The actual configuration attribute specifies which of the 1291 potential configurations were used by the answerer to generate the 1292 answer. This includes all the capabilities from the potential 1293 configuration offered, i.e. the attribute capabilities ("a=acap"), 1294 transport protocol capabilities ("a=tcap"), and any extension 1295 capability parameters included. 1297 o The offerer MUST now process the answer in accordance with the 1298 rules in [RFC3264], except that it must be done as if the offer 1299 had contained the potential configuration as the actual 1300 configuration in the media description ("m=" line) and relevant 1301 attributes in the offer. 1303 If the offer/answer exchange was succesful, and if the answerer 1304 selected one of the potential configurations from the offer as the 1305 actual configuration, then the offerer SHOULD perform another 1306 offer/answer exchange: The new offer should contain the selected 1307 potential configuration as the actual configuration, i.e. with the 1308 actual configuration used in the "m=" line and any other relevant 1309 attributes. This second offer/answer exchange will not modify the 1310 session in any way, however it will help intermediaries that look at 1311 the SDP, but do not understand or support the capability negotiation 1312 extensions, to understand the details of the media stream(s) that 1313 were actually negotiated. 1315 3.5.4. Modifying the Session 1317 Capabilities and potential configurations may be included in 1318 subsequent offers as defined in [RFC3264, Section 8]. The procedure 1319 for doing so is similar to that described above with the answer 1320 including an indication of the actual configuration used by the 1321 answerer. 1323 If the answer indicates use of a potential configuration from the 1324 offer, then a second offer/answer exchange using that potential 1325 configuration as the actual configuration SHOULD be performed. 1327 3.6. Interactions with ICE 1329 Interactive Connectivity Establishment (ICE) [ICE] provides a 1330 mechanism for verifying connectivity between two endpoints by sending 1331 STUN messages directly between the media endpoints. The basic ICE 1332 specification [ICE] is defined to support UDP-based connectivity 1333 only, however it allows for extensions to support other transport 1334 protocols, such as TCP, which is being specified in [ICETCP]. ICE 1335 defines a new "a=candidate" attribute, which, among other things, 1336 indicates the possible transport protocol(s) to use and then 1337 associates a priority with each of them. The most preferred transport 1338 protocol that *successfully* verifies connectivity will end up being 1339 used. 1341 When using ICE, it is thus possible that the transport protocol that 1342 will be used differs from what is specified in the "m=" line. 1343 Furthermore, since both ICE and SDP Capability Negotiation may now 1344 specify alternative transport protocols, there is a potentially 1345 unintended interaction when using these together. 1347 We provide the following guidelines for addressing that. 1349 [EDITOR'S NOTE: This requires more work] 1351 There are two basic scenarios to consider here: 1353 1) A particular media stream can run over different transport 1354 protocols (e.g. UDP, TCP, or TCP/TLS), and the intent is simply to 1355 use the one that works (in the preference order specified). 1357 2) A particular media stream can run over different transport 1358 protocols (e.g. UDP, TCP, or TCP/TLS) and the intent is to have the 1359 negotiation process decide which one to use (e.g. T.38 over TCP or 1360 UDP). 1362 In scenario 1, there should be ICE "a=candidate" attributes for UDP, 1363 TCP, etc. but otherwise nothing special in the potential 1364 configuration attributes to indicate the desire to use different 1365 transport protocols (e.g. UDP, or TCP). The ICE procedures 1366 essentially cover the capability negotiation required (by having the 1367 answerer select something it supports and then use of trial and 1368 error). 1370 Scenario 2 does not require a need to support or use ICE. Instead, we 1371 simply use transport protocol capabilities and potential 1372 configuration attributes to indicate the desired outcome. 1374 The scenarios may be combined, e.g. by offering potential 1375 configuration alternatives where some of them can support one 1376 transport protocol only (e.g. UDP), whereas others can support 1377 multiple transport protocols (e.g. UDP or TCP). In that case, the ICE 1378 candidate attributes should be defined as attribute capabilities and 1379 the relevant ones should then be included in the proper potential 1380 configurations (for example candidate attributes for UDP only for 1381 potential configurations that are restricted to UDP, whereas there 1382 could be candidate attributes for UDP, TCP, and TCP/TLS for potential 1383 configurations that can use all three). 1385 3.7. Processing Media before Answer 1387 The offer/answer model requires an offerer to be able to receive 1388 media in accordance with the offer prior to receiving the answer. 1389 This property is retained with the SDP capability negotiation 1390 extensions defined here, but only when the actual configuration is 1391 selected by the answerer. If a potential configuration is chosen, it 1392 is permissible for the offerer to not process any media received 1393 before the answer is received. This however may lead to clipping. 1395 In the case of SIP, this issue could be solved easily by defining a 1396 precondition [RFC3312] for capability negotiation, however 1397 preconditions are viewed as complicated to implement and they add to 1398 overall session establishment delay by requiring an extra 1399 offer/answer exchange. An alternative is therefore desirable. 1401 The SDP capability negotiation framework does not define such an 1402 alternative, however extensions may do so. For example, one technique 1403 proposed for best-effort SRTP in [BESRTP] is to provide different RTP 1404 payload type mappings for different transport protocols used. The 1405 basic SDP capability negotiation framework defined here does not 1406 include the ability to do so, however extensions that enable that may 1407 be defined. 1409 4. Examples 1411 In this section, we provide examples showing how to use the SDP 1412 Capability Negotiation. 1414 4.1. Best-Effort Secure RTP 1416 The following example illustrates how to use the SDP Capability 1417 negotiation extensions to support so-called Best-Effort Secure RTP. 1418 In that scenario, the offerer supports both RTP and Secure RTP. If 1419 the answerer does not support secure RTP (or the SDP capability 1420 negotiation extensions), an RTP session will be established. However, 1421 if the answerer supports Secure RTP and the SDP Capability 1422 Negotiation extensions, a Secure RTP session will be established. 1424 The best-effort Secure RTP negotiation is illustrated by the 1425 offer/answer exchange below, where Alice sends an offer to Bob: 1427 Alice Bob 1429 | (1) Offer (SRTP and RTP) | 1430 |--------------------------------->| 1431 | | 1432 | (2) Answer (SRTP) | 1433 |<---------------------------------| 1434 | | 1435 | (3) Offer (SRTP) | 1436 |--------------------------------->| 1437 | | 1438 | (4) Answer (SRTP) | 1439 |<---------------------------------| 1440 | | 1442 Alice's offer includes RTP and SRTP as alternatives. RTP is the 1443 default, but SRTP is the preferred one: 1445 v=0 1446 o=- 25678 753849 IN IP4 128.96.41.1 1447 s= 1448 c=IN IP4 128.96.41.1 1449 t=0 0 1450 m=audio 3456 RTP/AVP 0 18 1451 a=creq: cap-v0 1452 a=tcap:1 RTP/SAVP RTP/AVP 1453 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1454 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 1455 FEC_ORDER=FEC_SRTP 1456 a=pcfg:1 t=1 a=1 1458 The "m=" line indicates that Alice is offering to use plain RTP with 1459 PCMU or G.729. Alice indicates that support for the base protocol 1460 defined here is required by including the "a=creq" attribute 1461 containing the value "cap-v0". The capabilities are provided by the 1462 "a=tcap" and "a=acap" attributes. The "tcap" capability indicates 1463 that both Secure RTP and normal RTP are supported. The "acap" 1464 attribute provides a capability parameter with a handle of 1. The 1465 capability parameter is a "crypto" attribute, which provides the 1466 keying material for SRTP using SDP security descriptions [SDES]. The 1467 "a=pcfg" attribute provides the potential configurations included in 1468 the offer by reference to the capabilities. A single potential 1469 configuration with a configuration number of "1" is provided. It 1470 includes is transport protocol capability 1 (RTP/SAVP, i.e. secure 1471 RTP) together with the attribute capability 1, i.e. the crypto 1472 attribute provided. 1474 Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP 1475 Capability Negotiation extensions, and hence he accepts the potential 1476 configuration for Secure RTP provided by Alice: 1478 v=0 1479 o=- 24351 621814 IN IP4 128.96.41.2 1480 s= 1481 c=IN IP4 128.96.41.2 1482 t=0 0 1483 m=audio 4567 RTP/SAVP 0 18 1484 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1485 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 1486 a=acfg:1 t=1 a=1 1488 Bob includes the "a=acfg" attribute in the answer to inform Alice 1489 that he based his answer on an offer containing the potential 1490 configuration with transport protocol capability 1 and attribute 1491 capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the 1492 keying material provided). Bob also includes his keying material in 1493 a crypto attribute. 1495 When Alice receives Bob's answer, session negotiation has completed, 1496 however Alice nevertheless generates a new offer using the actual 1497 configuration. This is done purely to assist any middle-boxes that 1498 may reside between Alice and Bob but do not support the capability 1499 negotiation extensions (and hence may not understand the negotiation 1500 that just took place): 1502 Alice's updated offer includes only SRTP, and it is not using the SDP 1503 capability negotiation extensions (Alice could have included the 1504 capabilities as well is she wanted to): 1506 v=0 1507 o=- 25678 753850 IN IP4 128.96.41.1 1508 s= 1509 c=IN IP4 128.96.41.1 1510 t=0 0 1511 m=audio 3456 RTP/SAVP 0 18 1512 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1513 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 1514 FEC_ORDER=FEC_SRTP 1516 The "m=" line now indicates that Alice is offering to use secure RTP 1517 with PCMU or G.729. The "crypto" attribute, which provides the SRTP 1518 keying material, is included with the same value again. 1520 Bob receives the SDP offer from Alice, which he accepts, and then 1521 generates an answer to Alice: 1523 v=0 1524 o=- 24351 621815 IN IP4 128.96.41.2 1525 s= 1526 c=IN IP4 128.96.41.2 1527 t=0 0 1528 m=audio 4567 RTP/SAVP 0 18 1529 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1530 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 1532 Bob includes the same crypto attribute as before, and the session 1533 proceeds without change. Although Bob did not include any 1534 capabilities in his answer, he could of course have done so if he 1535 wanted to. 1537 Note that in this particular example, the answerer supported the 1538 capability extensions defined here, however had he not, the answerer 1539 would simply have ignored the new attributes received in step 1 and 1540 accepted the offer to use normal RTP. In that case, the following 1541 answer would have been generated in step 2 instead: 1543 v=0 1544 o=- 24351 621814 IN IP4 128.96.41.2 1545 s= 1546 c=IN IP4 128.96.41.2 1547 t=0 0 1548 m=audio 4567 RTP/AVP 0 18 1550 4.2. Multiple Transport Protocols 1552 [EDITOR'S NOTE: Example to be updated - old copy below] 1554 The following example illustrates how to use the SDP Capability 1555 negotiation extensions to support so-called Best-Effort Secure RTP. 1556 In that scenario, the offerer supports both RTP and Secure RTP. If 1557 the answerer does not support secure RTP (or the SDP capability 1558 negotiation extensions), an RTP session will be established. However, 1559 if the answerer supports Secure RTP and the SDP Capability 1560 Negotiation extensions, a Secure RTP session will be established. 1562 The best-effort Secure RTP negotiation is illustrated by the 1563 offer/answer exchange below, where Alice sends an offer to Bob: 1565 Alice Bob 1567 | (1) Offer (SRTP and RTP) | 1568 |--------------------------------->| 1569 | | 1570 | (2) Answer (SRTP) | 1571 |<---------------------------------| 1572 | | 1573 | (3) Offer (SRTP) | 1574 |--------------------------------->| 1575 | | 1576 | (4) Answer (SRTP) | 1577 |<---------------------------------| 1578 Alice's offer includes RTP and SRTP as alternatives. RTP is the 1579 default, but SRTP is the preferred one: 1581 v=0 1582 o=- 25678 753849 IN IP4 128.96.41.1 1583 s= 1584 c=IN IP4 128.96.41.1 1585 t=0 0 1586 m=audio 3456 RTP/AVP 0 18 1587 a=creq: cap-v0 1588 a=tcap:1 RTP/SAVP RTP/AVP 1589 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1590 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 1591 FEC_ORDER=FEC_SRTP 1592 a=pcfg:5 t=1 a=1 1593 a=pcfg:10 t=2 1595 The "m=" line indicates that Alice is offering to use plain RTP with 1596 PCMU or G.729. Alice indicates that support for the base protocol 1597 defined here is required by including the "a=creq" attribute 1598 containing the value "cap-v0". The capabilities are provided by the 1599 "a=tcap" and "a=acap" attributes. The capabilities indicate that 1600 both Secure RTP and normal RTP are supported. The "acap" attribute 1601 provides a capability parameter with a handle of 1. The capability 1602 parameter is a "crypto" attribute in the capability set, which 1603 provides the keying material for SRTP using SDP security descriptions 1604 [SDES]. The "a=pcfg" attribute provides the potential configurations 1605 included in the offer by reference to the capabilities. Two 1606 alternatives are provided; the first one with preference "5" (and 1607 hence the preferred one since the preference on the second one is 1608 "10") is transport protocol capability 1 (RTP/SAVP, i.e. secure RTP) 1609 together with the attribute capability 1, i.e. the crypto attribute 1610 provided. The second one is using transport protocol capability 2. 1611 Note that we could have omitted the second potential configuration 1612 since it equals the actual configuration (which is always the least 1613 preferred configuration). 1615 Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP 1616 Capability Negotiation extensions, and hence he accepts the potential 1617 configuration for Secure RTP provided by Alice: 1619 v=0 1620 o=- 24351 621814 IN IP4 128.96.41.2 1621 s= 1622 c=IN IP4 128.96.41.2 1623 t=0 0 1624 m=audio 4567 RTP/SAVP 0 18 1625 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1626 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 1627 a=csup: foo 1628 a=acfg:1 t=1 a=1 1630 Bob includes the "a=acfg" attribute in the answer to inform Alice 1631 that he based his answer on an offer containing the potential 1632 configuration with transport protocol capability 1 and attribute 1633 capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the 1634 keying material provided). Bob also includes his keying material in 1635 a crypto attribute. Finally, Bob supports an SDP capability 1636 negotiation extension with the option tag "foo" and hence he includes 1637 the "a=csup" parameter containing value "foo" in the answer. 1639 Note that in this particular example, the answerer supported the 1640 capability extensions defined here, however had he not, the answerer 1641 would simply have ignored the new attributes and accepted the offer 1642 to use normal RTP. In that case, the following answer would have been 1643 generated instead: 1645 v=0 1646 o=- 24351 621814 IN IP4 128.96.41.2 1647 s= 1648 c=IN IP4 128.96.41.2 1649 t=0 0 1650 m=audio 4567 RTP/AVP 0 18 1652 4.3. Session-Level MIKEY and Media Level Security Descriptions 1654 [EDITOR'S NOTE: Example to be added] 1656 4.4. Capability Negotiation with Interactive Connectivity Establishment 1658 [EDITOR'S NOTE: Example to be added] 1660 5. Security Considerations 1662 The SDP Capability Negotiation Framework is defined to be used within 1663 the context of the offer/answer model, and hence all the offer/answer 1664 security considerations apply here as well. Similarly, the Session 1665 Initiation Protocol (SIP) uses SDP and the offer/answer model, and 1666 hence, when used in that context, the SIP security considerations 1667 apply as well. 1669 However, SDP Capability Negotiations introduces additional security 1670 issues. Its use as a mechanism to enable alternative transport 1671 protocol negotiation (secure and non-secure) as well as its ability 1672 to negotiate use of more or less secure keying methods and material 1673 warrant further security considerations. Also, the (continued) 1674 support for receiving media before answer combined with negotiation 1675 of alternative transport protocols (secure and non-secure) warrant 1676 further security considerations. We discuss these issues below. 1678 The SDP capability negotiation framework allows for an offered media 1679 stream to both indicate and support various levels of security for 1680 that media stream. Different levels of security can for example be 1681 negotiated by use of alternative attribute capabilities each 1682 indicating more or less secure keying methods as well as more or less 1683 strong ciphers. Since the offerer indicates support for each of these 1684 alternatives, he will presumably accept the answerer seemingly 1685 selecting any of the offered alternatives. If an attacker can modify 1686 the SDP offer, he can thereby force the negotiation of the weakest 1687 security mechanism that the offerer is willing to accept. This may in 1688 turn enable the attacker to compromise the security of the negotiated 1689 media stream. Similarly, if the offerer wishes to negotiate use of a 1690 secure media stream (e.g. secure RTP), but includes a non-secure 1691 media stream (e.g. plain RTP) as a valid (but less preferred) 1692 alternative, then an attacker that can modify the offered SDP will be 1693 able to force the establishment of an insecure media stream. The 1694 solution to both of these problems involves the use of integrity 1695 protection over the SDP. Ideally, this integrity protection provides 1696 end-to-end integrity protection in order to protect from any man-in- 1697 the-middle attack; secure multiparts such as S/MIME [SMIME] provide 1698 one such solution, however S/MIME requires use and availability of a 1699 Public Key Infrastructure (PKI). A slightly less secure alternative 1700 when using SIP, but generally much easier to deploy in practice 1701 (since it does not require a PKI), is to use SIP Identity [RFC4474]; 1702 this requires the existence of an authentication service (see 1703 [RFC4474]). Yet another, and considerably less secure, alternative is 1704 to use hop-by-hop security only, e.g. TLS or IPSec thereby ensuring 1705 the integrity of the offered SDP on a hop-by-hop basis. Note however 1706 that SIP proxies or other intermediaries processing the SIP request 1707 at each hop are able to perform a man-in-the-middle attack by 1708 modifying the offered SDP. 1710 Per the normal offer/answer procedures, as soon as the offerer has 1711 generated an offer, the offerer must be prepared to receive media in 1712 accordance with that offer. The SDP Capability Negotiation preserves 1713 that behavior for the actual configuration in the offer, however the 1714 offerer has no way of knowing which configuration (actual or 1715 potential) configuration was actually selected by the offerer, until 1716 an answer indication is received. This opens up a new security issue 1717 where an attacker may be able to interject media towards the offerer 1718 until the answer is received. For example, the offerer may use plain 1719 RTP as the actual configuration and secure RTP as an alternative 1720 potential configuration. Even though the answerer selects secure RTP, 1721 the offerer will not know that until he receives the answer, and 1722 hence an attacker will be able to send media to the offerer 1723 meanwhile. The easiest protection against such an attack is to not 1724 offer use of the non-secure media stream in the actual configuration, 1725 however that may in itself have undesirable side-effects: If the 1726 answerer does not support the non-secure media stream and also does 1727 not support the capability negotiation framework, then negotiation of 1728 the media stream will fail. Alternatively, SDP security preconditions 1729 [sprecon] can be used. This will ensure that media is not flowing 1730 until session negotiation has completed and hence the selected 1731 configuration is known. Use of preconditions however requires both 1732 side to support them. If they don't, and use of them is required, the 1733 session will fail. As a (limited) work around to this, it is 1734 RECOMMENDED that SIP entities generate an answer SDP and send it to 1735 the offerer as soon as possible, for example in a 183 Session 1736 Progress message. This will limit the time during which an attacker 1737 can send media to the offerer. 1739 Additional security considerations apply to the answer SDP as well. 1740 The actual configuration attribute tells the offerer which potential 1741 configuration the answer was actually based on, and hence an attacker 1742 that can either modify or remove the actual configuration attribute 1743 in the answer can cause session failure as well as extend the time 1744 window during which the offerer will accept incoming media that does 1745 not conform to the actual answer. The solutions to this SDP answer 1746 integrity problem are the same as for the offer, i.e. use of end-to- 1747 end integrity protection, SIP identity, or hop-by-hop protection. The 1748 mechanism to use depends on the mechanisms supported by the offerer 1749 as well as the acceptable security trade-offs. 1751 6. IANA Considerations 1753 6.1. New SDP Attributes 1755 The IANA is hereby requested to register the following new SDP 1756 attributes as follows: 1758 Attribute name: csup 1759 Long form name: Supported capability negotiation extensions 1760 Type of attribute: Session-level and media-level 1761 Subject to charset: No 1762 Purpose: Option tags for supported SDP capability 1763 negotiation extensions 1764 Appropriate values: See Section 3.2.1. 1766 Attribute name: creq 1767 Long form name: Required capability negotiation extensions 1768 Type of attribute: Session-level and media-level 1769 Subject to charset: No 1770 Purpose: Option tags for required SDP capability 1771 negotiation extensions 1772 Appropriate values: See Section 3.2.2. 1774 Attribute name: acap 1775 Long form name: Attribute capability 1776 Type of attribute: Session-level and media-level 1777 Subject to charset: No 1778 Purpose: Attribute capability containing an attribute 1779 name and associated value 1780 Appropriate values: See Section 3.3.1. 1782 Attribute name: tcap 1783 Long form name: Transport Protocol Capability 1784 Type of attribute: Session-level and media-level 1785 Subject to charset: No 1786 Purpose: Transport protocol capability listing one or 1787 more transport protocols 1788 Appropriate values: See Section 3.3.2. 1790 Attribute name: pcfg 1791 Long form name: Potential Configuration 1792 Type of attribute: Media-level 1793 Subject to charset: No 1794 Purpose: Potential configuration for SDP capability 1795 negotiation 1796 Appropriate values: See Section 3.4.1. 1798 Attribute name: acfg 1799 Long form name: Actual configuration 1800 Type of attribute: Media-level 1801 Subject to charset: No 1802 Purpose: Actual configuration for SDP capability 1803 negotiation 1804 Appropriate values: See Section 3.4.2. 1806 6.2. New SDP Capability Negotiation Option Tag Registry 1808 The IANA is hereby requested to create a new SDP Capability 1809 Negotiation Option Tag registry. An IANA SDP capability negotiation 1810 option tag registration MUST be documented in an RFC in accordance 1811 with the [RFC2434] Specification Required policy. The RFC MUST 1812 provide the name of the option tag, a syntax and a semantic 1813 specification of any new SDP attributes and any extensions to the 1814 potential and actual configuration attributes provided in this 1815 document. New SDP attributes that are intended to be capabilities for 1816 use by the capability negotiation framework MUST adhere to the 1817 guidelines provided in Section 3.3.3. Extensions to the potential and 1818 actual configuration attributes MUST adhere to the syntax provided in 1819 Section 3.4.1. and 3.4.2. 1821 The option tag "cap-v0" is defined in this document and the IANA is 1822 hereby requested to register this option tag. 1824 6.3. New SDP Capability Negotiation Potential Configuration Parameter 1825 Registry 1827 The IANA is hereby requested to create a new SDP Capability 1828 Negotiation Potential Configuration Parameter registry. An IANA SDP 1829 Capability Negotiation potential configuration registration MUST be 1830 document in an RFC in accordance with the [RFC2434] Specification 1831 Required policy. The RFC MUST define the syntax and semantics of each 1832 new potential configuration parameter. The syntax MUST adhere to the 1833 syntax provided for extensions in Section 3.4.1. and the semantics 1834 MUST adhere to the semantics provided for extensions in Section 1835 3.4.1. and 3.4.2. Associated with each registration MUST be the 1836 encoding name for the parameter as well as a short descriptive name 1837 for it. 1839 The potential configuration parameters "a" for "attribute" and "t" 1840 for "transport protocol" are defined in this document and the IANA is 1841 hereby requested to register these. 1843 7. To Do and Open Issues 1845 o Look for "EDITOR'S NOTE" throughout the document. 1847 8. Acknowledgments 1849 This document is heavily influenced by the discussions and work done 1850 by the SDP Capability Negotiation Design team. The following people 1851 in particular provided useful comments and suggestions to either the 1852 document itself or the overall direction of the solution defined in 1853 here: Roni Even, Robert Gilman, Cullen Jennings, Matt Lepinski, Joerg 1854 Ott, Colin Perkins, and Thomas Stach. 1856 Francois Audet and Dan Wing provided useful comments on earlier 1857 versions of this document. 1859 9. Change Log 1861 9.1. draft-ietf-mmusic-sdp-capability-negotiation-03 1863 The following are the major changes compared to version -02: 1865 o Base option tag name changed from "v0" to "cap-v0". 1867 o Added new section on extension capability attributes 1869 o Firmed up offer/answer procedures. 1871 o Added security considerations 1873 o Added IANA considerations 1875 9.2. draft-ietf-mmusic-sdp-capability-negotiation-02 1877 The following are the major changes compared to version -01: 1879 o Potential configurations are no longer allowed at the session 1880 level 1882 o Renamed capability attributes ("capar" to "acap" and "ctrpr" to 1883 "tcap") 1885 o Changed name and semantics of the initial number (now called 1886 configuration number) in potential configuration attributes; must 1887 now be unique and can be used as a handle 1889 o Actual configuration attribute now includes configuration number 1890 from the selected potential configuration attribute 1892 o Added ABNF throughout 1894 o Specified that answerer should include "a=csup" in case of 1895 unsupported required extensions in offer. 1897 o Specified use of second offer/answer exchange when answerer 1898 selected a potential configuration 1900 o Updated rules (and added restrictions) for referencing media- and 1901 session-level capabilities in potential configurations (at the 1902 media level) 1904 o Added initial section on ICE interactions 1906 o Added initial section on receiving media before answer 1908 9.3. draft-ietf-mmusic-sdp-capability-negotiation-01 1910 The following are the major changes compared to version -00: 1912 o Media capabilities are no longer considered a core capability and 1913 hence have been removed. This leaves transport protocols and 1914 attributes as the only capabilities defined by the core. 1916 o Version attribute has been removed and an option tag to indicate 1917 the actual version has been defined instead. 1919 o Clarified rules for session-level and media level attributes 1920 provided at either level as well how they can be used in potential 1921 configurations. 1923 o Potential configuration parameters no longer have implicit 1924 ordering; an explicit preference indicator is now included. 1926 o The parameter name for transport protocols in the potential and 1927 actual configuration attributes have been changed "p" to "t". 1929 o Clarified operator precedence within potential and actual 1930 configuration attributes. 1932 o Potential configurations at the session level now limited to 1933 indicate latent capability configurations. Consequently, an actual 1934 configuration attribute can no longer be provided at the session 1935 level. 1937 o Cleaned up capability and potential configuration terminology - 1938 they are now two clearly different things. 1940 9.4. draft-ietf-mmusic-sdp-capability-negotiation-00 1942 Version 00 is the initial version. The solution provided in this 1943 initial version is based on an earlier (individual submission) 1944 version of [SDPCapNeg]. The following are the major changes compared 1945 to that document: 1947 o Solution no longer based on RFC 3407, but defines a set of similar 1948 attributes (with some differences). 1950 o Various minor changes to the previously defined attributes. 1952 o Multiple transport capabilities can be included in a single "tcap" 1953 attribute 1955 o A version attribute is now included. 1957 o Extensions to the framework are formally supported. 1959 o Option tags and the ability to list supported and required 1960 extensions are supported. 1962 o A best-effort SRTP example use case has been added. 1964 o Some terminology change throughout to more clearly indicate what 1965 constitutes capabilities and what constitutes configurations. 1967 10. References 1969 10.1. Normative References 1971 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1972 Requirement Levels", BCP 14, RFC 2119, March 1997. 1974 [RFC2234] Crocker, D. and Overell, P.(Editors), "Augmented BNF for 1975 Syntax Specifications: ABNF", RFC 2234, Internet Mail 1976 Consortium and Demon Internet Ltd., November 1997. 1978 [RFC3264] Rosenberg, J., and H. Schulzrinne, "An Offer/Answer Model 1979 with Session Description Protocol (SDP)", RFC 3264, June 1980 2002. 1982 [RFC3407] F. Andreasen, "Session Description Protocol (SDP) Simple 1983 Capability Declaration", RFC 3407, October 2002. 1985 [RFC3605] C. Huitema, "Real Time Control Protocol (RTCP) attribute in 1986 Session Description Protocol (SDP)", RFC 3605, October 1987 2003. 1989 [RFC4234] Crocker, D., and P. Overell, "Augmented BNF for Syntax 1990 Specifications: ABNF", RFC 4234, October 2005. 1992 [SDP] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 1993 Description Protocol", RFC 4566, July 2006. 1995 [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an 1996 IANA Considerations Section in RFCs", BCP 26, RFC 2434, 1997 October 1998. 1999 10.2. Informative References 2001 [RFC2046] Freed, N., and N. Borensteain, "Multipurpose Internet Mail 2002 Extensions (MIME) Part Two: Media Types", RFC 2046, 2003 November 1996. 2005 [RFC2327] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 2006 Description Protocol", RFC 2327, April 1998. 2008 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 2009 A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, 2010 "SIP: Session Initiation Protocol", RFC 3261, June 2002. 2012 [RFC3388] Camarillo, G., Eriksson, G., Holler, J., and H. 2013 Schulzrinne, "Grouping of Media Lines in the Session 2014 Description Protocol (SDP)", RFC 3388, December 2002. 2016 [RFC3551] Schulzrinne, H., and S. Casner, "RTP Profile for Audio and 2017 Video Conferences with Minimal Control", RFC 3551, July 2018 2003. 2020 [SRTP] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 2021 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 2022 RFC 3711, March 2004. 2024 [RFC3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions 2025 (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2026 2004. 2028 [RFC4091] Camarillo, G., and J. Rosenberg, The Alternative Network 2029 Address Types (ANAT) Semantics for the Session Description 2030 Protocol (SDP) Grouping Framework, RFC 4091, June 2005. 2032 [AVPF] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, 2033 "Extended RTP Profile for RTCP-Based Feedback (RTP/AVPF)", 2034 Work in Progress, August 2004. 2036 [I-D.jennings-sipping-multipart] Wing, D., and C. Jennings, "Session 2037 Initiation Protocol (SIP) Offer/Answer with Multipart 2038 Alternative", Work in Progress, March 2006. 2040 [SAVPF] Ott, J., and E Carrara, "Extended Secure RTP Profile for 2041 RTCP-based Feedback (RTP/SAVPF)", Work in Progress, 2042 December 2005. 2044 [SDES] Andreasen, F., Baugher, M., and D. Wing, "Session 2045 Description Protocol Security Descriptions for Media 2046 Streams", RFC 4568, July 2006. 2048 [SDPng] Kutscher, D., Ott, J., and C. Bormann, "Session Description 2049 and Capability Negotiation", Work in Progress, February 2050 2005. 2052 [BESRTP] Kaplan, H., and F. Audet, "Session Description Protocol 2053 (SDP) Offer/Answer Negotiation for Best-Effort Secure Real- 2054 Time Transport Protocol, Work in progress, August 2006. 2056 [KMGMT] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E. 2057 Carrara, "Key Management Extensions for Session Description 2058 Protocol (SDP) and Real Time Streaming Protocol (RTSP)", 2059 RFC 4567, July 2006. 2061 [SDPCapNegRqts] Andreasen, F. "SDP Capability Negotiation: 2062 Requirementes and Review of Existing Work", work in 2063 progress, December 2006. 2065 [SDPCapNeg] Andreasen, F. "SDP Capability Negotiation", work in 2066 progress, December 2006. 2068 [MIKEY] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K. 2069 Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830, 2070 August 2004. 2072 [ICE] J. Rosenberg, "Interactive Connectivity Establishment 2073 (ICE): A Methodology for Network Address Translator (NAT) 2074 Traversal for Offer/Answer Protocols", work in progress, 2075 January 2007. 2077 [ICETCP] J. Rosenberg, "TCP Candidates with Interactive Connectivity 2078 Establishment (ICE)", work in progress, October 2006. 2080 [RFC3312] G. Camarillo, W. Marshall, and J. Rosenberg, "Integration 2081 of Resource Management and Session Initiatio Protocol 2082 (SIP)", RFC 3312, October 2002. 2084 [SMIME] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions 2085 (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2086 2004. 2088 [RFC4474] J. Peterson, and C. Jennings, "Enhancements for 2089 Authenticated Identity Management in the Session Initiation 2090 Protocol (SIP)", RFC 4474, August 2006. 2092 [sprecon] Andreasen, F. and D. Wing, "Security Preconditions for 2093 Session Description Protocol Media Streams", Work in 2094 Progress, October 2006. 2096 Author's Addresses 2098 Flemming Andreasen 2099 Cisco Systems 2100 Edison, NJ 2102 Email: fandreas@cisco.com 2104 Intellectual Property Statement 2106 The IETF takes no position regarding the validity or scope of any 2107 Intellectual Property Rights or other rights that might be claimed to 2108 pertain to the implementation or use of the technology described in 2109 this document or the extent to which any license under such rights 2110 might or might not be available; nor does it represent that it has 2111 made any independent effort to identify any such rights. Information 2112 on the procedures with respect to rights in RFC documents can be 2113 found in BCP 78 and BCP 79. 2115 Copies of IPR disclosures made to the IETF Secretariat and any 2116 assurances of licenses to be made available, or the result of an 2117 attempt made to obtain a general license or permission for the use of 2118 such proprietary rights by implementers or users of this 2119 specification can be obtained from the IETF on-line IPR repository at 2120 http://www.ietf.org/ipr. 2122 The IETF invites any interested party to bring to its attention any 2123 copyrights, patents or patent applications, or other proprietary 2124 rights that may cover technology that may be required to implement 2125 this standard. Please address the information to the IETF at 2126 ietf-ipr@ietf.org. 2128 Full Copyright Statement 2130 Copyright (C) The IETF Trust (2007). 2132 This document is subject to the rights, licenses and restrictions 2133 contained in BCP 78, and except as set forth therein, the authors 2134 retain all their rights. 2136 This document and the information contained herein are provided on an 2137 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 2138 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 2139 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 2140 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 2141 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 2142 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 2144 Acknowledgment 2146 Funding for the RFC Editor function is currently provided by the 2147 Internet Society.