idnits 2.17.1 draft-ietf-mmusic-sdp-capability-negotiation-06.txt: -(2018): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 17. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 3452. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 3423. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 3430. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 3436. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 2 instances of lines with non-ascii characters in the document. == The page length should not exceed 58 lines per page, but there was 77 longer pages, the longest (page 1) being 59 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 1243 instances of too long lines in the document, the longest one being 5 characters in excess of 72. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 8, 2007) is 6136 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'S' is mentioned on line 2699, but not defined == Missing Reference: 'F' is mentioned on line 2699, but not defined == Unused Reference: 'RFC3605' is defined on line 3288, but no explicit reference was found in the text == Unused Reference: 'RFC2046' is defined on line 3304, but no explicit reference was found in the text == Unused Reference: 'RFC2327' is defined on line 3308, but no explicit reference was found in the text == Unused Reference: 'RFC3851' is defined on line 3327, but no explicit reference was found in the text == Unused Reference: 'RFC4091' is defined on line 3331, but no explicit reference was found in the text == Unused Reference: 'I-D.jennings-sipping-multipart' is defined on line 3339, but no explicit reference was found in the text == Unused Reference: 'SDPCapNegRqts' is defined on line 3364, but no explicit reference was found in the text == Unused Reference: 'MIKEY' is defined on line 3371, but no explicit reference was found in the text ** Obsolete normative reference: RFC 4234 (Obsoleted by RFC 5234) ** Obsolete normative reference: RFC 4566 (Obsoleted by RFC 8866) ** Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226) -- Obsolete informational reference (is this intentional?): RFC 2327 (Obsoleted by RFC 4566) -- Obsolete informational reference (is this intentional?): RFC 3388 (Obsoleted by RFC 5888) -- Obsolete informational reference (is this intentional?): RFC 3851 (Obsoleted by RFC 5751) -- Obsolete informational reference (is this intentional?): RFC 4091 (Obsoleted by RFC 5245) -- Duplicate reference: RFC3851, mentioned in 'SMIME', was also mentioned in 'RFC3851'. -- Obsolete informational reference (is this intentional?): RFC 3851 (ref. 'SMIME') (Obsoleted by RFC 5751) -- Obsolete informational reference (is this intentional?): RFC 4474 (Obsoleted by RFC 8224) -- Obsolete informational reference (is this intentional?): RFC 4756 (Obsoleted by RFC 5956) Summary: 5 errors (**), 0 flaws (~~), 14 warnings (==), 16 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MMUSIC Working Group F. Andreasen 3 Internet-Draft Cisco Systems 4 Intended Status: Proposed Standard July 8, 2007 5 Obsolotes: 3407 6 Expires: January 2008 8 SDP Capability Negotiation 9 draft-ietf-mmusic-sdp-capability-negotiation-06.txt 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that 14 any applicable patent or other IPR claims of which he or she is 15 aware have been or will be disclosed, and any of which he or she 16 becomes aware will be disclosed, in accordance with Section 6 of 17 BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html 35 This Internet-Draft will expire on January 8, 2008. 37 Copyright Notice 39 Copyright (C) The IETF Trust (2007). 41 Abstract 43 The Session Description Protocol (SDP) was intended for describing 44 multimedia sessions for the purposes of session announcement, session 45 invitation, and other forms of multimedia session initiation. SDP was 46 not intended to provide capability indication or capability 47 negotiation, however over the years, SDP has seen widespread adoption 48 and as a result it has been gradually extended to provide limited 49 support for these, notably in the form of the offer/answer model 50 defined in RFC 3264. SDP and its current extensions however do not 51 define how to negotiate one or more alternative transport protocols 52 (e.g. RTP profiles) or attributes. This makes it difficult to deploy 53 new RTP profiles such as secure RTP or RTP with RTCP-based feedback, 54 negotiate use of different keying mechanisms, etc. It also presents 55 problems for some forms of media negotiation. 57 The purpose of this document is to address these shortcomings by 58 extending SDP with capability negotiation parameters and associated 59 offer/answer procedures to use those parameters in a backwards 60 compatible manner. 62 The solution provided in this document provides a general SDP 63 Capability Negotiation framework. It also defines specifically how to 64 provide attributes and transport protocols as capabilities and 65 negotiate them using the framework. Extensions for other types of 66 capabilities (e.g. media types and media formats) may be provided in 67 other documents. 69 Table of Contents 71 1. Introduction...................................................3 72 2. Conventions used in this document..............................7 73 3. SDP Capability Negotiation Solution............................7 74 3.1. SDP Capability Negotiation Model..........................7 75 3.2. Solution Overview........................................10 76 3.3. Relationship to RFC 3407.................................13 77 3.4. Version and Extension Indication Attributes..............13 78 3.4.1. Supported Capability Negotiation Extensions Attribute13 79 3.4.2. Required Capability Negotiation Extension Attribute.15 80 3.5. Capability Attributes....................................16 81 3.5.1. Attribute Capability Attribute......................16 82 3.5.2. Transport Protocol Capability Attribute.............18 83 3.5.3. Extension Capability Attributes.....................19 84 3.6. Configuration Attributes.................................20 85 3.6.1. Potential Configuration Attribute...................20 86 3.6.2. Actual Configuration Attribute......................27 87 3.7. Offer/Answer Model Extensions............................29 88 3.7.1. Generating the Initial Offer........................29 89 3.7.2. Generating the Answer...............................32 90 3.7.2.1. Example Views of Potential Configurations......37 91 3.7.3. Offerer Processing of the Answer....................39 92 3.7.4. Modifying the Session...............................41 93 3.8. Interactions with ICE....................................41 94 3.9. Interactions with SIP Option Tags........................42 95 3.10. Processing Media before Answer..........................43 96 3.11. Dealing with Large Number of Potential Configurations...44 97 3.12. SDP Capability Negotiation and Intermediaries...........45 98 3.13. Considerations for Specific Attribute Capabilities......46 99 3.13.1. The rtpmap and fmtp Attributes.....................46 100 3.13.2. Direction Attributes...............................47 101 4. Examples......................................................48 102 4.1. Best-Effort Secure RTP...................................48 103 4.2. Multiple Transport Protocols.............................51 104 4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level 105 Security Descriptions.........................................54 106 4.4. SRTP with Session-Level MIKEY and Media Level Security 107 Descriptions as Alternatives..................................59 108 5. Security Considerations.......................................62 109 6. IANA Considerations...........................................64 110 6.1. New SDP Attributes.......................................64 111 6.2. New SDP Capability Negotiation Option Tag Registry.......66 112 6.3. New SDP Capability Negotiation Potential Configuration 113 Parameter Registry............................................66 114 7. Acknowledgments...............................................66 115 8. Change Log....................................................67 116 8.1. draft-ietf-mmusic-sdp-capability-negotiation-06..........67 117 8.2. draft-ietf-mmusic-sdp-capability-negotiation-05..........68 118 8.3. draft-ietf-mmusic-sdp-capability-negotiation-04..........69 119 8.4. draft-ietf-mmusic-sdp-capability-negotiation-03..........70 120 8.5. draft-ietf-mmusic-sdp-capability-negotiation-02..........70 121 8.6. draft-ietf-mmusic-sdp-capability-negotiation-01..........71 122 8.7. draft-ietf-mmusic-sdp-capability-negotiation-00..........71 123 9. References....................................................73 124 9.1. Normative References.....................................73 125 9.2. Informative References...................................73 126 Author's Addresses...............................................76 127 Intellectual Property Statement..................................76 128 Full Copyright Statement.........................................76 129 Acknowledgment...................................................77 131 1. Introduction 133 The Session Description Protocol (SDP) was intended for describing 134 multimedia sessions for the purposes of session announcement, session 135 invitation, and other forms of multimedia session initiation. The SDP 136 contains one or more media stream descriptions with information such 137 as IP-address and port, type of media stream (e.g. audio or video), 138 transport protocol (possibly including profile information, e.g. 139 RTP/AVP or RTP/SAVP), media formats (e.g. codecs), and various other 140 session and media stream parameters that define the session. 142 Simply providing media stream descriptions is sufficient for session 143 announcements for a broadcast application, where the media stream 144 parameters are fixed for all participants. When a participant wants 145 to join the session, he obtains the session announcement and uses the 146 media descriptions provided, e.g., joins a multicast group and 147 receives media packets in the encoding format specified. If the 148 media stream description is not supported by the participant, he is 149 unable to receive the media. 151 Such restrictions are not generally acceptable to multimedia session 152 invitations, where two or more entities attempt to establish a media 153 session that uses a set of media stream parameters acceptable to all 154 participants. First of all, each entity must inform the other of its 155 receive address, and secondly, the entities need to agree on the 156 media stream parameters to use for the session, e.g. transport 157 protocols and codecs. To solve this, RFC 3264 [RFC3264] defined the 158 offer/answer model, whereby an offerer constructs an offer SDP that 159 lists the media streams, codecs, and other SDP parameters that the 160 offerer is willing to use. This offer SDP is sent to the answerer, 161 which chooses from among the media streams, codecs and other SDP 162 parameters provided, and generates an answer SDP with his parameters, 163 based on that choice. The answer SDP is sent back to the offerer 164 thereby completing the session negotiation and enabling the 165 establishment of the negotiated media streams. 167 Taking a step back, we can make a distinction between the 168 capabilities supported by each participant, the way in which those 169 capabilities can be supported and the parameters that can actually be 170 used for the session. More generally, we can say that we have the 171 following: 173 o A set of capabilities for the session and its associated media 174 stream components, supported by each side. The capability 175 indication by itself does not imply a commitment to use the 176 capability in the session. 178 A capability can for example be that the "RTP/SAVP" profile is 179 supported, that the "PCMU" codec is supported, or that the 180 "crypto" attribute is supported with a particular value. 182 o A set of potential configurations indicating which combinations of 183 those capabilities can be used for the session and its associated 184 media stream components. Potential configurations are not ready 185 for use. Instead, they provide an alternative that may be used, 186 subject to further negotiation. 188 A potential configuration can for example indicate that the "PCMU" 189 codec and the "RTP/SAVP" transport protocol are not only supported 190 (i.e. listed as capabilities), but they are offered for potential 191 use in the session. 193 o An actual configuration for the session and its associated media 194 stream components, which specifies which combinations of session 195 parameters and media stream components can be used currently and 196 with what parameters. Use of an actual configuration does not 197 require any further negotiation. 199 A actual configuration can for example be that the "PCMU" codec 200 and the "RTP/SAVP" transport protocol are offered for use 201 currently. 203 o A negotiation process that takes the set of actual and potential 204 configurations (combinations of capabilities) as input and 205 provides the negotiated actual configurations as output. 207 SDP by itself was designed to provide only one of these, namely 208 listing of the actual configurations, however over the years, use of 209 SDP has been extended beyond its original scope. Of particular 210 importance are the session negotiation semantics that were defined by 211 the offer/answer model in RFC 3264. In this model, both the offer and 212 the answer contain actual configurations; separate capabilities and 213 potential configurations are not supported. 215 Other relevant extensions have been defined as well. RFC 3407 216 [RFC3407] defined simple capability declarations, which extends SDP 217 with a simple and limited set of capability descriptions. Grouping 218 of media lines, which defines how media lines in SDP can have other 219 semantics than the traditional "simultaneous media streams" 220 semantics, was defined in RFC 3388 [RFC3388], etc. 222 Each of these extensions was designed to solve a specific limitation 223 of SDP. Since SDP had already been stretched beyond its original 224 intent, a more comprehensive capability declaration and negotiation 225 process was intentionally not defined. Instead, work on a "next 226 generation" of a protocol to provide session description and 227 capability negotiation was initiated [SDPng]. SDPng defined a 228 comprehensive capability negotiation framework and protocol that was 229 not bound by existing SDP constraints. SDPng was not designed to be 230 backwards compatible with existing SDP and hence required both sides 231 to support it, with a graceful fallback to legacy operation when 232 needed. This combined with lack of ubiquitous multipart MIME support 233 in the protocols that would carry SDP or SDPng made it challenging to 234 migrate towards SDPng. In practice, SDPng has not gained traction but 235 rather remained as work in progress for an extended period of time. 236 Existing real-time multimedia communication protocols such as SIP, 237 RTSP, Megaco, and MGCP continue to use SDP. SDP and its current 238 extensions however do not address an increasingly important problem: 239 the ability to negotiate one or more alternative transport protocols 240 (e.g., RTP profiles) and associated parameters (e.g. SDP attributes). 241 This makes it difficult to deploy new RTP profiles such as secure RTP 242 (SRTP) [SRTP], RTP with RTCP-Based Feedback [AVPF], etc. This 243 particular problem is exacerbated by the fact that RTP profiles are 244 defined independently. When a new profile is defined and N other 245 profiles already exist, there is a potential need for defining N 246 additional profiles, since profiles cannot be combined automatically. 247 For example, in order to support the plain and secure RTP version of 248 RTP with and without RTCP-based feedback, four separate profiles (and 249 hence profile definitions) are needed: RTP/AVP [RFC3551], RTP/SAVP 250 [SRTP], RTP/AVPF [AVPF], and RTP/SAVPF [SAVPF]. In addition to the 251 pressing profile negotiation problem, other important real-life 252 limitations have been found as well. Keying material and other 253 parameters for example need to be negotiated with some of the 254 transport protocols, but not others. Similarly, some media formats 255 and types of media streams need to negotiate a variety of different 256 parameters. 258 The purpose of this document is to define a mechanism that enables 259 SDP to provide limited support for indicating capabilities and their 260 associated potential configurations, and negotiate the use of those 261 potential configurations as actual configurations. It is not the 262 intent to provide a full-fledged capability indication and 263 negotiation mechanism along the lines of SDPng or ITU-T H.245. 264 Instead, the focus is on addressing a set of well-known real-life 265 limitations. More specifically, the solution provided in this 266 document provides a general SDP Capability Negotiation framework that 267 is backwards compatible with existing SDP. It also defines 268 specifically how to provide attributes and transport protocols as 269 capabilities and negotiate them using the framework. Extensions for 270 other types of capabilities (e.g. media types and formats) may be 271 provided in other documents. 273 As mentioned above, SDP is used by several protocols, and hence the 274 mechanism should be usable by all of these. One particularly 275 important protocol for this problem is the Session Initiation 276 Protocol (SIP) [RFC3261]. SIP uses the offer/answer model [RFC3264] 277 (which is not specific to SIP) to negotiate sessions and hence the 278 mechanism defined here defines the offer/answer procedures to use for 279 the capability negotiation framework. 281 The rest of the document is structured as follows. In Section 3. we 282 present the SDP Capability Negotiation solution, which consists of 283 new SDP attributes and associated offer/answer procedures. In Section 284 4. we provide examples illustrating its use and in Section 5. we 285 provide the security considerations. 287 2. Conventions used in this document 289 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 290 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 291 document are to be interpreted as described in [RFC2119]. 293 3. SDP Capability Negotiation Solution 295 In this section we first present the conceptual model behind the SDP 296 capability negotiation framework, followed by an overview of the SDP 297 Capability Negotiation solution. This is followed by definitions of 298 new SDP attributes for the solution and its associated updated 299 offer/answer procedures. 301 3.1. SDP Capability Negotiation Model 303 Our model uses the concepts of 305 o Capabilities 307 o Potential Configurations 309 o Actual Configurations 311 o Negotiation Process 313 as defined in Section 1. Conceptually, we want to offer not just the 314 actual configuration SDP, as is done with the current offer/answer 315 model, but the actual configuration SDP as well as one or more 316 alternative SDPs, i.e. potential configurations. The answerer must 317 choose either the actual configuration, or one of the potential 318 configurations, and generate an answer SDP based on that. Since the 319 offerer may need to perform processing on the answer, which depends 320 on the offer that was chosen (actual or potential configuration), the 321 answerer informs the offerer of which configuration he chose. The 322 process can be viewed *conceptually* as follows: 324 Offerer Answerer 325 ======= ======== 327 1) Generate offer with actual 328 configuration and alternative 329 potential configurations 330 2) Send offer with all configurations 332 +------------+ 333 | SDP o1 | 334 | (actual | 335 | config | 336 | |-+ Offer 337 +------------+ | -----> 3) Process offered configurations 338 | SDP o2 | in order of preference indicated 339 | (potential | 4) Generate answer based on chosen 340 | config 1) |-+ configuration (e.g. o2), and inform 341 +------------+ | offerer which one was chosen 342 | SDP o3 | 343 | (potential | 344 | config 2) |-+ 345 +------------+ | 346 | SDP ... | 347 : : 349 +------------+ 350 | SDP a1 | 351 Answer | (actual | 352 <----- | config,o2)| 353 | | 354 5) Process answer based on +------------+ 355 the configuration that was 356 chosen (o2), as indicated in 357 the answer 359 The above illustrates the conceptual model, however the actual 360 solution uses only a single SDP, which contains the actual 361 configuration (as with current SDP and the current offer/answer 362 model) enhanced with several new attributes and associated 363 procedures, that encode the capabilities and potential configurations 364 and negotiate which ones to use. A more accurate depiction of the 365 actual offer SDP is therefore as follows: 367 +--------------------+ 368 | SDP o1 | 369 | (actual | 370 | config | 371 | | 372 | +-------------+ | 373 | | capability 1| | 374 | | capability 2| | 375 | | ... | | 376 | +-------------+ | Offer 377 | | -----> 378 | +-------------+ | 379 | | potential | | 380 | | config 1 | | 381 | | potential | | 382 | | config 2 | | 383 | | ... | | 384 | +-------------+ | 385 | | 386 +--------------------+ 388 The above structure is used for two reasons: 390 o Backwards compatibility: As noted above, support for multipart 391 MIME is not ubiquitous. By encoding both capabilities and 392 potential configurations in SDP attributes, we can represent 393 everything in a single SDP thereby avoiding any multipart MIME 394 support issues. Furthermore, since unknown SDP attributes are 395 ignored by the SDP recipient, we ensure that entities that do not 396 support the framework simply perform the regular RFC 3264 397 offer/answer procedures. This provides us with seamless backwards 398 compatibility. 400 o Message size efficiency: When we have multiple media streams, 401 each of which may potentially use two or more different transport 402 protocols with a variety of different associated parameters, the 403 number of potential configurations can be large. If each possible 404 alternative is represented as a complete SDP in an offer, we can 405 easily end up with large messages. By providing a more compact 406 encoding, we get more efficient message sizes. 408 In the next section, we describe the exact structure and specific SDP 409 parameters used to represent this. 411 3.2. Solution Overview 413 The solution consists of the following: 415 o Two new attributes to support extensions to the framework itself 416 as follows: 418 o A new attribute ("a=csup") that lists the supported base 419 (optionally) and any supported extension options to the 420 framework. 422 o A new attribute ("a=creq") that lists the extensions to the 423 framework that are required to be supported by the entity 424 receiving the SDP in order to do capability negotiation. 426 o Two new attributes used to express capabilities as follows 427 (additional attributes can be defined as extensions): 429 o A new attribute ("a=acap") that defines how to list an 430 attribute name, either with or without an associated value, as 431 a capability. 433 o A new attribute ("a=tcap") that defines how to list transport 434 protocols (e.g. "RTP/AVP") as capabilities. 436 o Two new attributes to negotiate configurations as follows: 438 o A new attribute ("a=pcfg") that lists the potential 439 configurations supported. This is done by reference to the 440 capabilities from the SDP in question. Alternative potential 441 configurations have an explicit ordering associated with them. 442 Extension capabilities can be defined and referenced in the 443 potential configurations. 445 o A new attribute ("a=acfg") to be used in an answer SDP. The 446 attribute identifies a potential configuration from an offer 447 SDP which was used as an actual configuration to form the 448 answer SDP. Extension capabilities can be included as well. 450 o Extensions to the offer/answer model that allow for capabilities 451 and potential configurations to be included in an offer. 452 Capabilities can be provided at the session level and the media 453 level. Potential configurations can be included at the media level 454 only, where they constitute alternative offers that may be 455 accepted by the answerer instead of the actual configuration(s) 456 included in the "m=" line(s). The answerer indicates which (if 457 any) of the potential configurations it used to form the answer by 458 including the actual configuration attribute ("a=acfg") in the 459 answer. Capabilities may be included in answers as well, where 460 they can aid in guiding a subsequent new offer. 462 The mechanism is illustrated by the offer/answer exchange below, 463 where Alice sends an offer to Bob: 465 Alice Bob 467 | (1) Offer (SRTP and RTP) | 468 |--------------------------------->| 469 | | 470 | (2) Answer (SRTP) | 471 |<---------------------------------| 472 | | 474 Alice's offer includes RTP and SRTP as alternatives. RTP is the 475 default (actual configuration), but SRTP is the preferred one 476 (potential configuration): 478 v=0 479 o=- 25678 753849 IN IP4 192.0.2.1 480 s= 481 c=IN IP4 192.0.2.1 482 t=0 0 483 m=audio 53456 RTP/AVP 0 18 485 a=tcap:1 RTP/SAVP 486 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_32 487 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 488 a=pcfg:1 t=1 a=1 490 The "m=" line indicates that Alice is offering to use plain RTP with 491 PCMU or G.729. The capabilities are provided by the "a=tcap" and 492 "a=acap" attributes. The transport capabilities ("a=tcap") indicate 493 that secure RTP under the AVP profile ("RTP/SAVP") is supported with 494 an associated transport capability handle of 1. The "acap" attribute 495 provides an attribute capability with a handle of 1. The attribute 496 capability is a "crypto" attribute, which provides the keying 497 material for SRTP using SDP security descriptions [SDES]. The 498 "a=pcfg" attribute provides the potential configuration included in 499 the offer by reference to the capability parameters. One alternative 500 is provided; it has a configuration number of 1 and it consists of 501 transport protocol capability 1 (i.e. the RTP/SAVP profile - secure 502 RTP), and the attribute capability 1, i.e. the crypto attribute 503 provided. Potential configurations are always preferred over the 504 actual configuration included in the offer SDP, and hence Alice is 505 expressing a preference for using secure RTP. 507 Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP 508 Capability Negotiation framework, and hence he accepts the 509 (preferred) potential configuration for Secure RTP provided by Alice 510 and generates the following answer SDP: 512 v=0 513 o=- 24351 621814 IN IP4 192.0.2.2 514 s= 515 c=IN IP4 192.0.2.2 516 t=0 0 517 m=audio 54568 RTP/SAVP 0 18 518 a=crypto:1 AES_CM_128_HMAC_SHA1_80 519 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 520 a=acfg:1 t=1 a=1 522 Bob includes the "a=acfg" attribute in the answer to inform Alice 523 that he based his answer on an offer containing the potential 524 configuration with transport protocol capability 1 and attribute 525 capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the 526 keying material provided). Bob also includes his keying material in 527 a "crypto" attribute. If Bob supported one or more extensions to the 528 capability negotiation framework, he would have included option tags 529 for those in the answer as well (in an "a=csup" attribute). 531 Note that in this particular example, the answerer supported the 532 capability negotiation extensions defined here, however had he not, 533 the answerer would simply have ignored the new attributes and 534 accepted the (actual configuration) offer to use normal RTP. In that 535 case, the following answer would have been generated instead: 537 v=0 538 o=- 24351 621814 IN IP4 192.0.2.2 539 s= 540 c=IN IP4 192.0.2.2 541 t=0 0 542 m=audio 54568 RTP/AVP 0 18 544 3.3. Relationship to RFC 3407 546 RFC 3407 defines capability descriptions with limited abilities to 547 describe attributes, bandwidth parameters, transport protocols and 548 media formats. RFC 3407 does not define any negotiation procedures 549 for actually using those capability descriptions. 551 This document obsoletes RFC 3407 by defining new attributes for 552 describing attribute capabilities and transport capabilities. It also 553 defines procedures for actually using those capabilities as part of 554 an offer/answer exchange. Extensions to this document may be defined 555 in order to fully cover all the capabilities provided by RFC 3407 556 (for example more general media capabilities). 558 It is RECOMMENDED that implementations use the attributes and 559 procedures defined in this document instead of those defined in 560 [RFC3407]. 562 If capability description interoperability with legacy RFC 3407 563 implementations is desired, implementations MAY include both RFC 3407 564 capability descriptions and capabilities defined by this document. 565 The offer/answer negotiation procedures however will not be able to 566 use the RFC 3407 capability descriptions. 568 3.4. Version and Extension Indication Attributes 570 In this section, we present the new attributes associated with 571 indicating the SDP Capability Negotiation extensions supported and 572 required. 574 3.4.1. Supported Capability Negotiation Extensions Attribute 576 The SDP Capability Negotiation solution allows for capability 577 negotiation extensions to be defined. Associated with each such 578 extension is an option tag that identifies the extension in question. 579 Option-tags MUST be registered with IANA per the procedures defined 580 in Section 6. 582 The Supported Capability Negotiation Extensions attribute ("a=csup") 583 contains a comma-separated list of option tags identifying the SDP 584 Capability Negotiation extensions supported by the entity that 585 generated the SDP. The attribute is defined as follows: 587 a=csup: 589 RFC 4566, Section 9, provides the ABNF for SDP attributes. The "csup" 590 attribute adheres to the RFC 4566 "attribute" production, with an 591 att-value defined as follows: 593 att-value = option-tag-list 594 option-tag-list = option-tag *("," option-tag) 595 option-tag = token ; defined in [RFC4566] 597 A special base option tag with a value of "cap-v0" is defined for the 598 basic SDP Capability Negotiation framework defined in this document. 599 Entities can use this option tag with the "a=csup" attribute to 600 indicate support for the SDP Capability Negotiation framework 601 specified in this document. 603 The following examples illustrates the use of the "a=csup" attribute 604 with the "cap-v0" option tags and two hypothetical option tags, "foo" 605 and "bar" (note the lack of white space): 607 a=csup:cap-v0 609 a=csup:foo 611 a=csup:bar 613 a=csup:cap-v0,foo,bar 615 The "a=csup" attribute can be provided at the session and the media- 616 level. When provided at the session-level, it applies to the entire 617 SDP. When provided at the media-level, it applies to the media 618 description in question only (option-tags provided at the session 619 level apply as well). There can be at most one "a=csup" attribute at 620 the session-level and at most one at the media-level (one per media 621 description in the latter case). 623 Whenever an entity that supports one or more extensions to the SDP 624 Capability Negotiation framework generates an SDP, it SHOULD include 625 the "a=csup" attribute with the option tags for the extensions it 626 supports at the session and/or media-level, unless those option tags 627 are already provided in one or more "a=creq" attribute (see Section 628 3.4.2. ) at the relevant levels. Inclusion of the base option tag is 629 OPTIONAL; support for the base framework can be inferred from 630 presence of the "a=pcfg" attribute defined in Section 3.6.1. 632 Use of the base option tag may still be useful in some scenarios, 633 e.g. when using SIP OPTIONS [RFC3261] or generating an answer to an 634 offer that did not use the SDP Capability Negotiation framework. 636 3.4.2. Required Capability Negotiation Extension Attribute 638 The Required Capability Negotiation Extensions attribute ("a=creq") 639 contains a comma-separated list of option tags (see Section 3.4.1. ) 640 specifying the SDP Capability Negotiation extensions that MUST be 641 supported by the entity receiving the SDP, in order for that entity 642 to properly process the SDP Capability Negotiation attributes and 643 associated procedures. Support for the basic negotiation framework is 644 implied by the presence of an "a=pcfg" attribute (see Section 3.6.1. 645 ) and hence there is no need to include the "a=creq" attribute with 646 the base option-tag ("cap-v0"). Still, it is allowed to do so. 648 The attribute is defined as follows: 650 a=creq: 652 The "creq" attribute adheres to the RFC 4566 "attribute" production, 653 with an att-value defined as follows: 655 att-value = option-tag-list 657 The following examples illustrate the use of the "a=creq" attribute 658 with the "cap-v0" base option tag and two hypothetical option tags, 659 "foo" and "bar" (note the lack of white space): 661 a=creq:cap-v0 663 a=creq:foo 665 a=creq:bar 667 a=creq:cap-v0,foo,bar 669 The "a=creq" attribute can be provided at the session and the media- 670 level. When provided at the session-level, it applies to the entire 671 SDP. When provided at the media-level, it applies to the media 672 description in question only (required option tags provided at the 673 session level apply as well). There can be at most one "a=creq" 674 attribute at the session-level and at most one "a=creq" attribute at 675 the media-level (one per media description in the latter case). 677 When an entity generates an SDP and it requires the recipient of that 678 SDP to support one or more SDP Capability Negotiation extensions 679 (except for the base), in order to properly process the SDP 680 Capability Negotiation, the "a=creq" attribute MUST be included with 681 option-tags that identify the required extensions at the session 682 and/or media level. Support for the basic negotiation framework is 683 implied by the presence of an "a=pcfg" attribute (see Section 3.6.1. 684 ) and hence it is not required to include the "a=creq" attribute with 685 the base option-tag ("cap-v0"). 687 A recipient that receives an SDP and does not support one or more of 688 the required extensions listed in a "creq" attribute, MUST NOT 689 perform the SDP Capability Negotiation defined in this document. For 690 non-supported extensions provided at the session-level, this implies 691 that SDP Capability Negotiation MUST NOT be performed at all. For 692 non-supported extensions at the media-level, this implies that SDP 693 Capability Negotiation MUST NOT be performed for the media stream in 694 question. 696 An entity that does not support the SDP Capability Negotiation 697 framework at all, will ignore these attributes (as well as the 698 other SDP Capability Negotiation attributes) and not perform any 699 SDP Capability Negotiation in the first place. 701 When an entity does not support one or more required SDP Capability 702 Negotiation extensions, the entity SHOULD proceed as if the SDP 703 Capability Negotiation attributes were not included in the first 704 place, i.e. all the capability negotiation attributes should be 705 ignored. In that case, the entity SHOULD include a "csup" attribute 706 listing the SDP Capability Negotiation extensions it actually 707 supports. 709 This ensures that introduction of the SDP Capability Negotiation 710 mechanism by itself does not lead to session failures. 712 3.5. Capability Attributes 714 In this section, we present the new attributes associated with 715 indicating the capabilities for use by the SDP Capability 716 Negotiation. 718 3.5.1. Attribute Capability Attribute 720 Attributes and their associated values can be expressed as 721 capabilities by use of a new attribute capability attribute 722 ("a=acap"), which is defined as follows: 724 a=acap: 726 where is an integer between 1 and 2^31-1 (both 727 included) used to number the attribute capability and is an 728 attribute ("a=") in its full '=' form (see [RFC4566]). 729 Support for a specific attribute (name) (without any particular 730 values) can be indicated by providing only the '' (i.e. the 731 attribute name). 733 The "acap" attribute adheres to the RFC 4566 "attribute" production, 734 with an att-value defined as follows: 736 att-value = att-cap-num 1*WSP att-par 737 att-cap-num = 1*DIGIT ;defined in [RFC4234] 738 att-par = attribute ;defined in RFC 4566 740 Note that white-space is not permitted before the att-cap-num. 742 The "acap" attribute can be provided at the session level only for 743 session-level attributes contained in the attribute capability, 744 whereas media level attributes can be provide in attribute 745 capabilities at either the media level or session-level. The base SDP 746 Capability Negotiation framework however only defines procedures for 747 use of media-level attribute capabilities at the media level 748 (extensions may define use at the session level). 750 Each occurrence of the "acap" attribute in the entire session 751 description MUST use a different value of . 753 There is a need to be able to reference both session-level and 754 media-level attributes in potential configurations at the media 755 level, and this provides for a simple solution to avoiding overlap 756 between the references (handles) to each attribute capability. 758 The values provided are independent of similar values provided for other types of capabilities, i.e., they form 760 a separate name-space for attribute capabilities. 762 The following examples illustrate use of the "acap" attribute: 764 a=acap:1 a=ptime:20 766 a=acap:2 a=ptime:30 768 a=acap:3 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyONQ6gAA 769 AAAGEEoo2pee4hp2UaDX8ZE22YwKAAAPZG9uYWxkQGR1Y2suY29tAQAAAAAAAQAk0 770 JKpgaVkDaawi9whVBtBt0KZ14ymNuu62+Nv3ozPLygwK/GbAV9iemnGUIZ19fWQUO 771 SrzKTAv9zV 773 a=acap:4 a=crypto:1 AES_CM_128_HMAC_SHA1_32 774 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 776 a=acap:5 a=crypto 777 a=acap:6 a=key-mgmt 779 The first two attribute capabilities provide attribute values for the 780 ptime attribute. The third provides SRTP parameters by using MIKEY 781 with the key-mgmt attribute [KMGMT]. The fourth provides SRTP 782 parameters by use of security descriptions with the crypto attribute 783 [SDES]. Note that the line-wrapping and new-lines in example three 784 and four are provided for formatting reasons only - they are not 785 permitted in actual SDP. The 5th attribute capability merely 786 indicates support for the "crypto" attribute (without any further 787 information about particular values to use with it), and the 6th 788 attribute capability merely indicates support for the "key-mgmt" 789 attribute. 791 Readers familiar with RFC 3407 may notice the similarity between 792 the RFC 3407 "cpar" attribute and the above. There are however a 793 couple of important differences, notably that the "acap" attribute 794 contains a handle that enables referencing it and it furthermore 795 supports attributes only (the "cpar" attribute defined in RFC 3407 796 supports bandwidth information as well). The "acap" attribute also 797 is not automatically associated with any particular capabilities. 799 3.5.2. Transport Protocol Capability Attribute 801 Transport Protocols can be expressed as capabilities by use of a new 802 Transport Protocol Capability attribute ("a=tcap") defined as 803 follows: 805 a=tcap: 807 where is an integer between 1 and 2^31-1 (both 808 included) used to number the transport address capability for later 809 reference, and is one or more , separated by 810 white space, as defined in the SDP "m=" line. 812 The "tcap" attribute adheres to the RFC 4566 "attribute" production, 813 with an att-value defined as follows: 815 att-value = trpr-cap-num 1*WSP proto-list 816 trpr-cap-num = 1*DIGIT ;defined in [RFC4234] 817 proto-list = proto *(1*WSP proto) ; defined in RFC 4566 819 Note that white-space is not permitted before the trpr-cap-num. 821 The "tcap" attribute can be provided at the session-level and the 822 media-level. There can be at most one "a=tcap" attribute at the 823 session-level and at most one at the media-level (one per media 824 description in the latter case). Each occurrence of the "tcap" 825 attribute in the entire session description MUST use a different 826 value of . When multiple values are provided, 827 the first one is associated with the value , the second 828 one with the value one higher, etc. The values 829 provided are independent of similar values provided for 830 other capability attributes, i.e., they form a separate name-space 831 for transport protocol capabilities. 833 Below, we provide examples of the "a=tcap" attribute: 835 a=tcap:1 RTP/AVP 837 a=tcap:2 RTP/AVPF 839 a=tcap:3 RTP/SAVP RTP/SAVPF 841 The first one provides a capability for the "RTP/AVP" profile defined 842 in [RFC3551] and the second one provides a capability for the RTP 843 with RTCP-Based Feedback profile defined in [AVPF]. The third one 844 provides capabilities for the "RTP/SAVP" (transport capability number 845 3) and "RTP/SAVPF" profiles (transport protocol capability number 4). 847 Transport capabilities are inherently included in the "m=" line, 848 however they still need to be specified explicitly in a "tcap" 849 attribute, if they are to be used as a capability. 851 This may seem redundant (and indeed it is from the offerer's point 852 of view), however it is done to protect against intermediaries 853 (e.g. middle-boxes) that may modify "m=" lines while passing 854 unknown attributes through. If an implicit transport capability 855 were used instead (e.g. a reserved transport capability number 856 could be used to refer to the transport protocol in the "m=" line), 857 and an intermediary were to modify the transport protocol in the 858 "m=" line (e.g. to translate between plain RTP and secure RTP), 859 then the potential configuration referencing that implicit 860 transport capability may no longer be correct. With explicit 861 capabilities, we avoid this pitfall, although the potential 862 configuration preference (see Section 3.6.1. ) may not reflect that 863 of the intermediary (which some may view as a feature). 865 3.5.3. Extension Capability Attributes 867 The SDP Capability Negotiation framework allows for new capabilities 868 to be defined as extensions and used with the general capability 869 negotiation framework. The syntax and semantics of such new 870 capability attributes are not defined here, however in order to be 871 used with potential configurations, they SHOULD allow for a numeric 872 handle to be associated with each capability. This handle can be used 873 as a reference within the potential and actual configuration 874 attributes (see Section 3.6.1. and 3.6.2. ). The definition of such 875 extension capability attributes MUST also state whether they can be 876 applied at the session-level, media-level, or both. 878 3.6. Configuration Attributes 880 3.6.1. Potential Configuration Attribute 882 Potential Configurations can be expressed by use of a new Potential 883 Configuration Attribute ("a=pcfg") defined as follows: 885 a=pcfg: [] 887 where is an integer between 1 and 2^31-1 (both 888 included). 890 The "pcfg" attribute adheres to the RFC 4566 "attribute" production, 891 with an att-value defined as follows: 893 att-value = config-number [1*WSP pot-cfg-list] 894 config-number = 1*DIGIT ;defined in [RFC4234] 895 pot-cfg-list = pot-config *(1*WSP pot-config) 896 pot-config = pot-attribute-config-list / 897 pot-transport-protocol-config-list / 898 pot-extension-config-list 900 The missing productions are defined below. Note that white-space is 901 not permitted before the config-number. 903 The potential configuration attribute can be provided at the media- 904 level only and there can be multiple instances of it within a given 905 media description. The attribute includes a configuration number, 906 which is an integer between 1 and 2^31-1 (both included). The 907 configuration number MUST be unique within the media description 908 (i.e. it has media level scope only). The configuration number also 909 indicates the relative preference of potential configurations; lower 910 numbers are preferred over higher numbers. 912 After the configuration number, zero, one or more potential 913 configuration lists is provided. When the potential configuration 914 list is omitted, the potential configuration equals the actual 915 configuration. The potential configuration lists generally reference 916 one or more capabilities, and those capabilities are (conceptually) 917 used to construct a new internal version of the SDP by use of purely 918 syntactic add and (possibly) delete operations on the original SDP 919 (actual configuration), thereby generating an alternative potential 920 configuration SDP that can be used by conventional SDP and 921 offer/answer procedures if actually selected. 923 This document defines potential attribute configuration lists and 924 potential transport protocol configuration lists. Each of these MUST 925 NOT be present more than once in a particular potential configuration 926 attribute. Potential extension configuration lists can be included as 927 well; unknown potential extension configuration lists MUST be ignored 928 (if support is required, then the "a=creq" attribute with suitable 929 option tags MUST be used). There can be more than one potential 930 extension configuration list, however each particular potential 931 extension configuration list MUST NOT be present more than once in a 932 given potential configuration attribute. Together, these potential 933 configuration lists define a potential configuration. 935 There can be multiple potential configurations provided within a 936 media description. Each of these indicates not only a willingness, 937 but in fact a desire to use the potential configuration. 939 The example SDP below contains two potential configurations: 941 v=0 942 o=- 25678 753849 IN IP4 192.0.2.1 943 s= 944 c=IN IP4 192.0.2.1 945 t=0 0 946 m=audio 53456 RTP/AVP 0 18 947 a=tcap:1 RTP/SAVP RTP/SAVPF 948 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_32 949 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 950 a=pcfg:1 t=1 a=1 951 a=pcfg:2 t=2 a=1 953 Potential configuration 1 contains a potential transport protocol 954 configuration list that references transport capability 1 955 ("RTP/SAVP") and a potential attribute configuration list that 956 references attribute capability 1 ("a=crypto:..."). Potential 957 configuration 2 contains a potential transport protocol configuration 958 list that references transport capability 2 ("RTP/SAVPF") and a 959 potential attribute configuration list that references attribute 960 capability 1 ("a=crypto:..."). 962 Attribute capabilities are used in a potential configuration by use 963 of the pot-attribute-config-list parameter, which is defined by the 964 following ABNF: 966 pot-attribute-config-list 967 = "a=" [delete-attributes ":"] 968 mo-att-cap-list *(BAR mo-att-cap-list) 970 delete-attributes = DELETE ( "m" ; media attributes 971 / "s" ; session attributes 972 / "ms" ) ; media and session attributes 974 mo-att-cap-list = mandatory-optional-att-cap-list | 975 mandatory-att-cap-list | 976 optional-att-cap-list 978 mandatory-optional-att-cap-list = mandatory-att-cap-list 979 "," optional-att-cap-list 980 mandatory-att-cap-list = att-cap-list 981 optional-att-cap-list = "[" att-cap-list "]" 983 att-cap-list = att-cap-num *("," att-cap-num) 984 att-cap-num = 1*DIGIT ;defined in [RFC4234] 985 BAR = "|" 986 DELETE = "-" 988 Note that white space is not permitted within this production. 990 Each potential attribute configuration list can optionally begin with 991 instructions for how to handle attributes that are part of the actual 992 configuration (i.e. the "a=" lines present in the original SDP). By 993 default, such attributes will remain as part of the configuration in 994 question. However, if delete-attributes indicates "-m", then all 995 attribute lines within the media description in question will be 996 deleted (i.e. all "a=" lines under the "m=" line in question). If 997 delete-attributes indicates "-s", then all attribute lines at the 998 session-level will be deleted (i.e. all "a=" lines before the first 999 "m=" line). If delete-attributes indicates "-ms", then all attribute 1000 lines within this media description ("m=" line) and all attribute 1001 lines at the session-level will be deleted. 1003 The attribute capability list comes next. It contains one or more 1004 alternative lists of attribute capabilities. The alternative 1005 attribute capability lists are separated by a vertical bar ("|"), and 1006 each list contains one or more attribute capabilities separated by 1007 commas (","). The attribute capabilities are either mandatory or 1008 optional. Mandatory attribute capabilities MUST be supported in order 1009 to use the potential configuration, whereas optional attribute 1010 capabilities MAY be supported in order to use the potential 1011 configuration. 1013 Within each attribute capability list, all the mandatory attribute 1014 capabilities (if any) are listed first, and all the optional 1015 attribute capabilities (if any) are listed last. The optional 1016 attribute capabilities are contained within a pair of angle brackets 1017 ("[" and "]"). Each attribute capability is merely an attribute 1018 capability number (att-cap-num) that identifies a particular 1019 attribute capability by referring to attribute capability numbers 1020 defined above and hence MUST be between 1 and 2^31-1 (both included). 1021 The following example illustrates the above: 1023 a=pcfg:1 a=-m:1,2,[3,4]|1,7,[5] 1025 where 1027 o "a=-m:1,2,[3,4]|1,7,[5]" is the potential attribute configuration 1028 list 1030 o "-m" is the delete-attributes 1032 o "1,2,[3,4]" and "1,7,[5]" are both attribute capability lists. The 1033 two lists are alternatives, since they are separated by a vertical 1034 bar above 1036 o "1", "2" and "7" are mandatory attribute capabilities 1038 o "3", "4" and "5" are optional attribute capabilities 1040 Note that in the example above, we have a single handle ("1") for the 1041 potential configuration(s), but there are actually two different 1042 potential configurations (separated by a vertical bar). This is done 1043 for message size efficiency reasons, which is especially important 1044 when we add other types of capabilities to the potential 1045 configuration. If there is a need to provide a unique handle for 1046 each, separate "a=pcfg" attributes with different handles must be 1047 used instead. 1049 Each referenced attribute capability in the potential configuration 1050 will result in the corresponding attribute name and its associated 1051 value (contained inside the attribute capability) being added to the 1052 resulting potential configuration SDP. 1054 Alternative attribute capability lists are separated by a vertical 1055 bar ("|"), the scope of which extends to the next alternative (i.e. 1056 "," has higher precedence than "|"). The alternatives are ordered by 1057 preference with the most preferred listed first. In order for a 1058 recipient of the SDP (e.g. an answerer receiving this in an offer) to 1059 use this potential configuration, exactly one of the alternative 1060 lists must be selected in its entirety. This requires that all 1061 mandatory attribute capabilities referenced by the potential 1062 configuration are supported with the attribute values provided. 1064 Potential transport protocol configuration lists are included in a 1065 potential configuration by use of the pot-transport-protocol-config- 1066 list parameter, which is defined by the following ABNF: 1068 pot-transport-protocol-config-list = 1069 "t=" trpr-cap-num *(BAR trpr-cap-num) 1070 trpr-cap-num = 1*DIGIT ; defined in [RFC4234] 1072 Note that white-space is not permitted within this production. 1074 The trpr-cap-num refers to transport protocol capability numbers 1075 defined above and hence MUST be between 1 and 2^31-1 (both included). 1076 Alternative potential transport protocol capabilities are separated 1077 by a vertical bar ("|"). The alternatives are ordered by preference 1078 with the most preferred listed first. When there are no transport 1079 protocol capabilities included in a potential configuration at the 1080 media level, the transport protocol information from the associated 1081 "m=" line MUST be used. In order for a recipient of the SDP (e.g. an 1082 answerer receiving this in an offer) to use this potential 1083 configuration, exactly one of the alternatives MUST be selected. This 1084 requires that the transport protocol in question is supported. 1086 In the presence of intermediaries (the existence of which may not 1087 be known), care should be taken with assuming that the transport 1088 protocol in the "m=" line will not be modified by an intermediary. 1089 Use of an explicit transport protocol capability will guard against 1090 any capability negotiation implications of that. 1092 Extension capabilities can be included in a potential configuration 1093 as well by use of potential extension configuration lists. Such 1094 potential configuration extension lists MUST adhere to the following 1095 ABNF: 1097 pot-extension-config-list = ext-cap-name "=" 1098 ext-cap-list 1099 ext-cap-name = token ; defined in [RFC4566] 1100 ext-cap-list = 1*VCHAR ; defined in [RFC4234] 1102 Note that white-space is not permitted within this production. 1104 The ext-cap-name refers to the type of extension capability and the 1105 ext-cap-list is here merely defined as a sequence of visible 1106 characters. The actual extension supported MUST refine both of these 1107 further. For extension capabilities that merely need to be referenced 1108 by a capability number, it is RECOMMENDED to follow a structure 1109 similar to what has been specified above. Unsupported or unknown 1110 potential extension configuration lists in a potential configuration 1111 attribute MUST be ignored. 1113 The "creq" attribute and its associated rules can be used to ensure 1114 that required extensions are supported in the first place. 1116 Potential configuration attributes can be provided at the media level 1117 only, however it is possible to reference capabilities provided at 1118 either the session or media level. There are certain semantic rules 1119 and restrictions associated with this: 1121 A (media level) potential configuration attribute in a given media 1122 description MUST NOT reference a media-level capability provided in a 1123 different media description; doing so invalidates that potential 1124 configuration (note that a potential configuration attribute can 1125 contain more than one potential configuration by use of 1126 alternatives). A potential configuration attribute can however 1127 reference a session-level capability. The semantics of doing so 1128 depends on the type of capability. In the case of transport protocol 1129 capabilities it has no particular implication. In the case of 1130 attribute capabilities however, it does. More specifically, the 1131 attribute name and value (provided within that attribute capability) 1132 will be considered part of the resulting SDP for that particular 1133 configuration at the *session* level. In other words, it will be as- 1134 if that attribute was simply provided with that value at the session- 1135 level in the first place. As a result of that, the base SDP 1136 Capability Negotiation framework REQUIRES that potential 1137 configurations do not reference any session-level attribute 1138 capabilities that contain media-level attributes (since that would 1139 place a media-level attribute at the session level). Extensions may 1140 modify this behavior, as long as it is fully backwards compatible 1141 with the base specification. 1143 Individual media streams perform capability negotiation individually, 1144 and hence it is possible that one media stream (where the attribute 1145 was part of a potential configuration) chose a configuration without 1146 a session level attribute that was chosen by another media stream. 1147 The session-level attribute however remains "active" and hence 1148 applies to the entire resulting potential configuration SDP. In 1149 theory, this is problematic if one or more session-level attributes 1150 either conflicts with or potentially interacts with another session- 1151 level or media-level attribute in an undefined manner. In practice 1152 however, such examples seem to be rare (at least with the currently 1153 defined SDP attributes). 1155 A related set of problems can occur if we need coordination between 1156 session-level attributes from multiple media streams in order for a 1157 particular functionality to work. The grouping framework [RFC3388] 1158 is an example of this. If we use the SDP Capability Negotiation 1159 framework to select a session-level group attribute (provided as an 1160 attribute capability), and we require two media descriptions to do 1161 this consistently, we could have a problem. The FEC grouping 1162 semantics [RFC4756] is one example where this in theory could cause 1163 problems, however in practice, it is unclear that there is a 1164 significant problem here with the currently defined grouping 1165 semantics. 1167 Resolving the above issues in general requires inter-media stream 1168 constraints and synchronized potential configuration processing; this 1169 would add considerable complexity to the overall solution. In 1170 practice, with the currently defined SDP attributes, it does not seem 1171 to be a significant problem, and hence the core SDP Capability 1172 Negotiation solution does not provide a solution to this issue. 1173 Instead, it is RECOMMENDED that use of session-level attributes in a 1174 potential configuration is avoided when possible, and when not, that 1175 such use is examined closely for any potential interaction issues. If 1176 interaction is possible, the entity generating the SDP SHOULD NOT 1177 assume that well-defined operation will occur at the receiving 1178 entity. 1180 The session-level operation of extension capabilities is undefined: 1181 Consequently, each new session-level extension capability defined 1182 MUST specify the implication of making it part of a configuration at 1183 the media level. 1185 Below, we provide an example of the "a=pcfg" attribute in a complete 1186 media description in order to properly indicate the supporting 1187 attributes: 1189 v=0 1190 o=- 25678 753849 IN IP4 192.0.2.1 1191 s= 1192 c=IN IP4 192.0.2.1 1193 t=0 0 1194 m=audio 53456 RTP/AVPF 0 18 1195 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32 1196 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 1197 a=tcap:1 RTP/AVPF RTP/AVP 1198 a=tcap:3 RTP/SAVP RTP/SAVPF 1199 a=pcfg:1 t=4|3 a=1 1200 a=pcfg:8 t=1|2 1202 We have two potential configuration attributes listed here. The first 1203 one (and most preferred, since its configuration number is "1") 1204 indicates that either of the profiles RTP/SAVPF or RTP/SAVP 1205 (specified by the transport protocol capability numbers 4 and 3) can 1206 be supported with attribute capability 1 (the "crypto" attribute); 1207 RTP/SAVPF is preferred over RTP/SAVP since its capability number (4) 1208 is listed first in the preferred potential configuration. Note that 1209 while we have only a single potential attribute and associated 1210 handle, we have two potential configurations. 1212 The second potential configuration attribute indicates that the 1213 RTP/AVPF or RTP/AVP profile can be used, with RTP/AVPF being the 1214 preferred one. This non secure RTP alternative is the less preferred 1215 one since its configuration number is "8". Again, note that we have 1216 two potential configurations here and hence a total of four potential 1217 configurations in the SDP above. 1219 3.6.2. Actual Configuration Attribute 1221 The actual configuration attribute identifies which of the potential 1222 configurations from an offer SDP was selected and used as the actual 1223 configuration to generate an answer SDP. This is done by including 1224 the configuration number and the configuration lists (if any) from 1225 the offer that were selected and used by the answerer in his 1226 offer/answer procedure as follows: 1228 o A selected potential attribute configuration MUST include the 1229 delete-attributes and the selected alternative mo-att-cap-list 1230 (i.e. containing all mandatory and optional capability numbers 1231 from the potential configuration, irrespective of whether the 1232 optional ones were supported or not). If delete-attributes were 1233 not included in the potential configuration, they will of course 1234 not be present here either. 1236 o A selected potential transport protocol configuration MUST include 1237 the selected transport protocol capability number. 1239 o A selected potential extension configuration MUST include the 1240 selected extension configuration parameters as specified for that 1241 particular extension. 1243 Note that the selected configuration number and all selected 1244 capability numbers used in the actual configuration attribute refer 1245 to those from the offer; not the answer. 1247 The answer may for example include capabilities as well to inform 1248 the offerer of the answerers capabilities above and beyond the 1249 negotiated configuration. The actual configuration attribute does 1250 not refer to any of those answer capabilities though. 1252 The Actual Configuration Attribute ("a=acfg") is defined as follows: 1254 a=acfg: [] 1256 where is an integer between 1 and 2^31-1 (both 1257 included). 1259 The "acfg" attribute adheres to the RFC 4566 "attribute" production, 1260 with an att-value defined as follows: 1262 att-value = config-number [1*WSP sel-cfg-list] 1263 ;config-number defined in Section 3.6.1. 1264 sel-cfg-list = sel-cfg *(1*WSP sel-cfg) 1265 sel-cfg = sel-attribute-config / 1266 sel-transport-protocol-config / 1267 sel-extension-config 1269 sel-attribute-config = 1270 "a=" [delete-attributes ":"] mo-att-cap-list 1271 ; defined in Section 3.6.1. 1273 sel-transport-protocol-config = 1274 "t=" trpr-cap-num ; defined in Section 3.6.1. 1276 sel-extension-config = 1277 ext-cap-name "=" 1*VCHAR ; defined in Section 3.6.1. 1279 Note that white-space is not permitted before the config-number. 1281 The actual configuration ("a=acfg") attribute can be provided at the 1282 media-level only. There MUST NOT be more than one occurrence of an 1283 actual configuration attribute within a given media description. 1285 Below, we provide an example of the "a=acfg" attribute (building on 1286 the previous example with the potential configuration attribute): 1288 v=0 1289 o=- 24351 621814 IN IP4 192.0.2.2 1290 s= 1291 c=IN IP4 192.0.2.2 1292 t=0 0 1293 m=audio 54568 RTP/SAVPF 0 1294 a=crypto:1 AES_CM_128_HMAC_SHA1_32 1295 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 1296 a=acfg:1 t=4 a=1 1298 It indicates that the answerer used an offer consisting of potential 1299 configuration number 1 with transport protocol capability 4 from the 1300 offer (RTP/SAVPF) and attribute capability 1 (the "crypto" 1301 attribute). The answerer includes his own "crypto" attribute as well. 1303 3.7. Offer/Answer Model Extensions 1305 In this section, we define extensions to the offer/answer model 1306 defined in [RFC3264] to allow for potential configurations to be 1307 included in an offer, where they constitute offers that may be 1308 accepted by the answerer instead of the actual configuration(s) 1309 included in the "m=" line(s). 1311 The procedures defined in the following subsections apply to both 1312 unicast and multicast streams. 1314 3.7.1. Generating the Initial Offer 1316 An offerer that wants to use the SDP Capability Negotiation defined 1317 in this document MUST include the following in the offer: 1319 o An attribute capability attribute ("a=acap") as defined in Section 1320 3.5.1. for each attribute name and associated value (if any) that 1321 needs to be indicated as a capability in the offer. 1323 Session-level attributes and associated values MUST be provided in 1324 attribute capabilities at the session-level only, whereas media- 1325 level attributes and associated values can be provided in 1326 attribute capabilities at either the media-level or session-level. 1327 Attributes that can be provided at either the session- or media- 1328 level can be represented as attribute capabilities at either the 1329 session- or media-level. Attribute capabilities for 1330 '=' attributes MAY include an attribute name only, 1331 thereby merely indicating support for the attribute type; such 1332 attribute capabilities MUST NOT be referenced by a potential 1333 configuration. If there is not a need to indicate any attributes 1334 as attribute capabilities, then there will not be any "a=acap" 1335 attributes either. 1337 o One or more a transport protocol capability attributes ("a=tcap") 1338 as defined in Section 3.5.2. with values for each transport 1339 protocol that needs to be indicated as a capability in the offer. 1340 Transport protocol capabilities that apply to multiple media 1341 descriptions SHOULD be provided at the session-level whereas 1342 transport protocol capabilities that apply to a specific media 1343 description ("m=" line) only, SHOULD be provided within that 1344 particular media description. In either case, there MUST NOT be 1345 more than a single "a=tcap" attribute at the session-level and a 1346 single "a=tcap" attribute in each media description. If there is 1347 not a need to indicate any transport protocols as transport 1348 protocol capabilities, then there will not be any "a=tcap" 1349 attributes either. 1351 o One or more extension capability attributes (as outlined in 1352 Section 3.5.3. ) for each extension capability that is referenced 1353 by a potential configuration. 1355 o One or more potential configuration attributes ("a=pcfg") as 1356 defined in Section 3.6.1. within each media description where 1357 alternative potential configurations are to be negotiated. Each 1358 potential configuration attribute MUST adhere to the rules 1359 provided in Section 3.6.1. and the additional rules provided 1360 below. 1362 If the offerer requires support for more or extensions (besides the 1363 base protocol defined here), then the offerer MUST include one or 1364 more "a=creq" attribute as follows: 1366 o If one or more capability negotiation extensions are required to 1367 be supported for the entire session description, then option tags 1368 for those extensions MUST be included in a single session-level 1369 "creq" attribute. 1371 o For each media description that requires one or more capability 1372 negotiation extensions not listed at the session-level, a single 1373 "creq" attribute containing all the required extensions for that 1374 media description MUST be included within the media description 1375 (in accordance with Section 3.4.2. ). 1377 The offerer SHOULD furthermore include the following: 1379 o A supported capability negotiation extension attribute ("a=csup") 1380 at the session-level and/or media-level as defined in Section 1381 3.4.2. for each capability negotiation extension supported by the 1382 offerer and not included in a corresponding "a=creq" attribute 1383 (i.e. at the session-level or in the same media description). 1384 Option tags provided in a "a=csup" attribute at the session-level 1385 indicate extensions supported for the entire session description 1386 whereas option tags provided in a "a=csup" attribute in a media 1387 description indicate extensions supported for that particular 1388 media description only. 1390 Capabilities provided in an offer merely indicate what the offerer is 1391 capable of doing. They do not constitute a commitment or even an 1392 indication to use them. In contrast, each potential configuration 1393 constitutes an alternative offer that the offerer would like to use. 1394 The potential configurations MUST be used by the answerer to 1395 negotiate and establish the session. 1397 The offerer MUST include one or more potential configuration 1398 attributes ("a=pcfg") within each media description where the offerer 1399 wants to provide alternative offers (in the form of potential 1400 configurations). Each potential configuration attribute in a given 1401 media description MUST contain a unique configuration number and one 1402 or more potential configuration lists, as described in Section 3.6.1. 1403 Each potential configuration list MUST refer to capabilities that are 1404 provided either at the session-level or within that particular media 1405 description; otherwise, the potential configuration is considered 1406 invalid. The base SDP Capability Negotiation framework REQUIRES that 1407 potential configurations do not reference any session-level attribute 1408 capabilities that contain media-level attributes, however extensions 1409 may modify this behavior, as long as it is fully backwards compatible 1410 with the base specification. Furthermore, it is RECOMMENDED that 1411 potential configurations avoid use of session-level capabilities 1412 whenever possible; refer to Section 3.6.1. 1414 The current actual configuration is included in the "m=" line (as 1415 defined by [RFC3264]) and the various attribute ("a=") lines. Note 1416 that the actual configuration is by definition the least-preferred 1417 configuration, and hence the answerer will seek to negotiate use of 1418 one of the potential configurations instead. If the offerer wishes a 1419 different preference for the actual configuration, the offerer MUST 1420 include a corresponding potential configuration with the relevant 1421 configuration number (which indicates the relative preference between 1422 potential configurations); this corresponding potential configuration 1423 should simply duplicate the actual configuration. 1425 This can either be done implicitly (by not referencing any 1426 capabilities), or explicitly (by providing and using capabilities 1427 for the transport protocol and all the attributes that are part of 1428 the actual configuration). The latter may help detect 1429 intermediaries that modify the actual configuration but are not SDP 1430 Capability Negotiation aware. 1432 Per [RFC3264], once the offerer generates the offer, he must be 1433 prepared to receive incoming media in accordance with that offer. 1434 That rule applies here as well, but for the actual configurations 1435 provided in the offer only: Media received by the offerer according 1436 to one of the potential configurations MAY be discarded, until the 1437 offerer receives an answer indicating what the actual selected 1438 configuration is. Once that answer is received, incoming media MUST 1439 be processed in accordance with the actual selected configuration 1440 indicated and the answer received (provided the offer/answer exchange 1441 completed successfully). 1443 The above rule assumes that the offerer can determine whether 1444 incoming media adheres to the actual configuration offered or one of 1445 the potential configurations instead; this may not always be the 1446 case. If the offerer wants to ensure he does not play out any 1447 garbage, the offerer SHOULD discard all media received before the 1448 answer SDP is received. Conversely, if the offerer wants to avoid 1449 clipping, he should attempt to play any incoming media as soon as it 1450 is received (at the risk of playing out garbage). For further 1451 details, please refer to Section 3.10. 1453 3.7.2. Generating the Answer 1455 When receiving an offer, the answerer MUST check for the presence of 1456 a required capability negotiation extension attribute ("a=creq") 1457 provided at the session level. If one is found, then capability 1458 negotiation MUST be performed. If none is found, then the answerer 1459 MUST check each offered media description for the presence of a 1460 required capability negotiation extension attribute ("a=creq") and 1461 one or more potential configuration attributes ("a=pcfg"). Capability 1462 negotiation MUST be performed for each media description where either 1463 of those is present in accordance with the procedures described 1464 below. 1466 The answerer MUST first ensure that it supports any required 1467 capability negotiation extensions: 1469 o If a session-level "creq" attribute is provided, and it contains 1470 an option-tag that the answerer does not support, then the 1471 answerer MUST NOT use any of the potential configuration 1472 attributes provided for any of the media descriptions. Instead, 1473 the normal offer/answer procedures MUST continue as per [RFC3264]. 1474 Furthermore, the answerer MUST include a session-level supported 1475 capability negotiation extensions attribute ("a=csup") with option 1476 tags for the capability negotiation extensions supported by the 1477 answerer. 1479 o If a media-level "creq" attribute is provided, and it contains an 1480 option tag that the answerer does not support, then the answerer 1481 MUST NOT use any of the potential configuration attributes 1482 provided for that particular media description. Instead, the 1483 offer/answer procedures for that media description MUST continue 1484 as per [RFC3264] (SDP Capability Negotiation is still performed 1485 for other media descriptions in the SDP). Furthermore, the 1486 answerer MUST include a supported capability negotiation 1487 extensions attribute ("a=csup") in that media description with 1488 option tags for the capability negotiation extensions supported by 1489 the answerer for that media description. 1491 Assuming all required capability negotiation extensions are 1492 supported, the answerer now proceeds as follows. 1494 For each media description where capability negotiation is to be 1495 performed (i.e. all required capability negotiation extensions are 1496 supported and at least one valid potential configuration attribute is 1497 present), the answerer MUST attempt to perform capability negotiation 1498 by using the most preferred potential configuration that is valid. A 1499 potential configuration is valid if: 1501 1. It is in accordance with the syntax and semantics provided in 1502 Section 3.6.1. 1504 2. It contains a configuration number that is unique within that 1505 media description. 1507 3. All attribute capabilities referenced by the potential 1508 configuration are valid themselves (as defined in Section 3.5.1. ) 1509 and each of them is provided either at the session-level or within 1510 this particular media description. For session-level attribute 1511 capabilities referenced, the attributes contained inside them MUST 1512 NOT be media-level only attributes. 1514 4. All transport protocol capabilities referenced by the potential 1515 configuration are valid themselves (as defined in Section 3.5.2. ) 1516 and each of them is furthermore provided either at the session- 1517 level or within this particular media description. 1519 5. All extension capabilities referenced by the potential 1520 configuration and supported by the answerer are valid themselves 1521 (as defined by that particular extension) and each of them are 1522 furthermore provided either at the session-level or within this 1523 particular media description. Unknown or unsupported extension 1524 capabilities MUST be ignored. 1526 The most preferred valid potential configuration in a media 1527 description is the valid potential configuration with the lowest 1528 configuration number. The answerer MUST now process the offer for 1529 that media stream based on the most preferred valid potential 1530 configuration. Conceptually, this entails the answerer constructing 1531 an (internal) offer that consists of the actual configuration offer 1532 SDP, with the following changes for each media stream offered: 1534 o If a transport protocol capability is included in the potential 1535 configuration, then it replaces the transport protocol provided in 1536 the "m=" line for that media description. 1538 o If attribute capabilities are present with a delete-attributes 1539 session indication ("-s"), then all session-level attributes from 1540 the actual configuration SDP MUST be deleted in accordance with 1541 the procedures in Section 3.6.1. If attribute capabilities are 1542 present with a delete-attributes media indication ("-m"), then all 1543 attributes from the actual configuration SDP inside this media 1544 description MUST be deleted. 1546 o If a session-level attribute capability is included, the attribute 1547 (and its associated value, if any) contained in it MUST be added 1548 to the resulting SDP. All such added session-level attributes MUST 1549 be listed before the session-level attributes that were initially 1550 present in the SDP. Furthermore, the added session-level 1551 attributes MUST be added in the order they were provided in the 1552 potential configuration (see also Section 3.6.1. ). 1554 This allows for attributes with implicit preference ordering to 1555 be added in the desired order; the "crypto" attribute [SDES] is 1556 one such example. 1558 o If a media-level attribute capability is included, then the 1559 attribute (and its associated value, if any) MUST be added to the 1560 resulting SDP within the media description in question. All such 1561 added media-level attributes MUST be listed before the media-level 1562 attributes that were initially present in the SDP in the media 1563 description in question. Furthermore, the added media-level 1564 attributes MUST be added in the order they were provided in the 1565 potential configuration (see also Section 3.6.1. ). 1567 o If a supported extension capability is included, then it MUST be 1568 processed in accordance with the rules provided for that 1569 particular extension capability. 1571 Note that whereas a transport protocol from the potential 1572 configuration replaces the transport protocol in the actual 1573 configuration, an attribute capability from the potential 1574 configuration is simply added to the actual configuration. In some 1575 cases, this can result in having one or more meaningless attributes 1576 in the resulting potential configuration SDP, or worse, ambiguous or 1577 potentially even illegal attributes. The delete-attributes for the 1578 session and/or media level attributes MUST be used to avoid such 1579 scenarios. Nevertheless, it is RECOMMENDED that implementations 1580 ignore meaningless attributes that may result from potential 1581 configurations. 1583 For example, if the actual configuration was using Secure RTP and 1584 included an "a=crypto" attribute for the SRTP keying material, then 1585 use of a potential configuration that uses plain RTP would make the 1586 "crypto" attribute meaningless. The answerer may or may not ignore 1587 such a meaningless attribute. The offerer can here ensure correct 1588 operation by using the delete-attributes to actually delete the 1589 crypto attribute (but will then need to provide attribute 1590 capabilities to reconstruct the SDP with the necessary attributes 1591 deleted, e.g. rtpmaps). 1593 Please refer to Section 3.7.2.1. for examples of how the answerer may 1594 conceptually "see" the resulting offered alternative potential 1595 configurations. 1597 The answerer MUST check that he supports all mandatory attribute 1598 capabilities from the potential configuration (if any) and the 1599 transport protocol capability (if any) from the potential 1600 configuration. If he does not, the answerer MUST proceed to the 1601 second-most preferred valid potential configuration for the media 1602 description, etc. 1604 If the answerer has exhausted all potential configurations for the 1605 media description, without finding a valid one that is also 1606 supported, then the answerer MUST process the offered media stream 1607 based on the actual configuration plus any session-level attributes 1608 added by a valid and supported potential configuration for another 1609 media description in the offered SDP. 1611 The above process describes potential configuration selection as a 1612 per media stream process. Inter-media stream coordination of selected 1613 potential configurations however is required in some cases. First of 1614 all, session-level attributes added by a potential configuration for 1615 one media description MUST NOT cause any problems for potential 1616 configurations selected by other media descriptions in the offer SDP. 1617 If the session-level attributes are mandatory, then those session- 1618 level attributes MUST furthermore be supported by the session as a 1619 whole (i.e. all the media descriptions if relevant). As mentioned 1620 earlier, this adds additional complexity to the overall processing 1621 and hence it is RECOMMENDED not to use session-level attribute 1622 capabilities in potential configurations, unless absolutely 1623 necessary. 1625 Once the answerer has selected a valid and supported offered 1626 configuration for all of the media streams (or has fallen back to the 1627 actual configuration plus any added session attributes), the answerer 1628 MUST generate a valid answer SDP based on the selected potential 1629 configuration SDP, as "seen" by the answerer (see Section 3.7.2.1. 1630 for examples). Furthermore, if the answerer selected one of the 1631 potential configurations in a media description, the answerer MUST 1632 include an actual configuration attribute ("a=acfg") within that 1633 media description that identifies the configuration number for the 1634 selected potential configuration as well as the actual parameters 1635 that were used from that potential configuration (if the potential 1636 configuration included alternatives, only the selected alternatives 1637 must be included). Only the known and supported parameters will be 1638 included. Unknown or unsupported parameters MUST NOT be included in 1639 the actual configuration attribute. 1641 This is not to be confused with mandatory and optional attribute 1642 capabilities, where some of the optional attribute capabilities may 1643 refer to unknown or unsupported attributes. The entire list of 1644 attribute capabilities still need to be included thereby enabling 1645 the offerer to determine which alternative potential configuration 1646 was chosen by the answerer. 1648 If the answerer supports one or more capability negotiation 1649 extensions that were not included in a required capability 1650 negotiation extensions attribute in the offer, then the answerer 1651 SHOULD furthermore include a supported capability negotiation 1652 attribute ("a=csup") at the session-level with option tags for the 1653 extensions supported across media streams. Also, if the answerer 1654 supports one or more capability negotiation extensions for particular 1655 media descriptions only, then a supported capability negotiation 1656 attribute with those option-tags SHOULD be included within each 1657 relevant media description. 1659 The offerer's originally provided actual configuration is contained 1660 in the media description's "m=" line (and associated parameters). The 1661 answerer MAY send media to the offerer in accordance with that actual 1662 configuration as soon as it receives the offer, however it MUST NOT 1663 send media based on that actual configuration if it selects an 1664 alternative potential configuration. If the answerer selects one of 1665 the potential configurations, then the answerer MAY immediately start 1666 to send media to the offerer in accordance with the selected 1667 potential configuration, however the offerer MAY discard such media 1668 or play out garbage until the offerer receives the answer. Please 1669 refer to section 3.10. for additional considerations and possible 1670 alternative solutions outside the base SDP Capability Negotiation 1671 framework. 1673 If the offerer selected a potential configuration instead of the 1674 actual configuration, then it is RECOMMENDED that the answerer sends 1675 back an answer SDP as soon as possible. This minimizes the risk of 1676 having media discarded or played out as garbage by the offerer. In 1677 the case of SIP [RFC3261] without any extensions, this implies that 1678 if the offer was received in an INVITE message, then the answer SDP 1679 should be provided in the first non-100 provisional response sent 1680 back (per RFC3261, the answer would need to be repeated in the 200 1681 response as well, unless a relevant extension such as [RFC3262] is 1682 being used). 1684 3.7.2.1. Example Views of Potential Configurations 1686 The following examples illustrate how the answerer may conceptually 1687 "see" a potential configuration. Consider the following offered SDP: 1689 v=0 1690 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1691 s= 1692 t=0 0 1693 c=IN IP4 lost.example.com 1694 a=tool:foo 1695 a=acap:1 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1696 a=tcap:1 RTP/SAVP RTP/AVP 1697 m=audio 59000 RTP/AVP 98 1698 a=rtpmap:98 AMR/8000 1699 a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32 1700 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 1701 a=pcfg:1 t=1 a=1|2 1702 m=video 52000 RTP/AVP 31 1703 a=rtpmap:31 H261/90000 1704 a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1705 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1706 a=pcfg:1 t=1 a=1|3 1708 This particular SDP offers an audio stream and a video stream, each 1709 of which can either use plain RTP (actual configuration) or secure 1710 RTP (potential configuration). Furthermore, two different keying 1711 mechanisms are offered, namely session-level Key Management 1712 Extensions using MIKEY (attribute capability 1) and media-level SDP 1713 Security Descriptions (attribute capabilities 2 and 3). There are 1714 several potential configurations here, however, below we show the one 1715 the answerer "sees" when using potential configuration 1 for both 1716 audio and video, and furthermore using attribute capability 1 (MIKEY) 1717 for both (we have removed all the capability negotiation attributes 1718 for clarity): 1720 v=0 1721 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1722 s= 1723 t=0 0 1724 c=IN IP4 lost.example.com 1725 a=tool:foo 1726 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1727 m=audio 59000 RTP/SAVP 98 1728 a=rtpmap:98 AMR/8000 1729 m=video 52000 RTP/SAVP 31 1730 a=rtpmap:31 H261/90000 1732 Note that the transport protocol in the media descriptions indicate 1733 use of secure RTP. 1735 Below, we show the offer the answerer "sees" when using potential 1736 configuration 1 for both audio and video and furthermore using 1737 attribute capability 2 and 3 respectively (SDP security descriptions) 1738 for the audio and video stream - note the order in which the 1739 resulting attributes are provided: 1741 v=0 1742 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1743 s= 1744 t=0 0 1745 c=IN IP4 lost.example.com 1746 a=tool:foo 1747 m=audio 59000 RTP/SAVP 98 1748 a=crypto:1 AES_CM_128_HMAC_SHA1_32 1749 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 1750 a=rtpmap:98 AMR/8000 1751 m=video 52000 RTP/SAVP 31 1752 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1753 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1754 a=rtpmap:31 H261/90000 1756 Again, note that the transport protocol in the media descriptions 1757 indicate use of secure RTP. 1759 And finally, we show the offer the answerer "sees" when using 1760 potential configuration 1 with attribute capability 1 (MIKEY) for the 1761 audio stream, and potential configuration 1 with attribute capability 1762 3 (SDP security descriptions) for the video stream: 1764 v=0 1765 o=alice 2891092738 2891092738 IN IP4 lost.example.com 1766 s= 1767 t=0 0 1768 c=IN IP4 lost.example.com 1769 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 1770 a=tool:foo 1771 m=audio 59000 RTP/SAVP 98 1772 a=rtpmap:98 AMR/8000 1773 m=video 52000 RTP/SAVP 31 1774 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1775 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 1776 a=rtpmap:31 H261/90000 1778 3.7.3. Offerer Processing of the Answer 1780 When the offerer attempted to use SDP Capability Negotiation in the 1781 offer, the offerer MUST examine the answer for actual use of SDP 1782 Capability Negotiation. 1784 For each media description where the offerer included a potential 1785 configuration attribute ("a=pcfg"), the offerer MUST first examine 1786 the media description for the presence of an actual configuration 1787 attribute ("a=acfg"). If an actual configuration attribute is not 1788 present in a media description, then the offerer MUST process the 1789 answer SDP for that media stream per the normal offer/answer rules 1790 defined in [RFC3264]. However, if one is found, the offerer MUST 1791 instead process the answer as follows: 1793 o The actual configuration attribute specifies which of the 1794 potential configurations was used by the answerer to generate the 1795 answer for this media stream. This includes all the capabilities 1796 referenced by the potential configuration selected, i.e. the 1797 attribute capabilities and any associated delete-attributes, 1798 transport protocol capabilities, and any extension capability 1799 parameters included. 1801 o The offerer MUST now process the answer in accordance with the 1802 rules in [RFC3264], except that it must be done as if the offer 1803 consisted of the selected potential configuration instead of the 1804 actual configuration, including any transport protocol changes in 1805 the media ("m=") line(s), attributes added and deleted by the 1806 potential configuration at the media and session level, and any 1807 extensions used. 1809 If the offer/answer exchange was successful, and if the answerer 1810 selected one of the potential configurations from the offer as the 1811 actual configuration, then the offerer MAY perform another 1812 offer/answer exchange: This new offer SHOULD contain the selected 1813 potential configuration as the actual configuration, i.e. with the 1814 actual configuration used in the "m=" line and any other relevant 1815 attributes and extensions. This second offer/answer exchange will not 1816 modify the session in any way, however it will help intermediaries 1817 (e.g. middleboxes) that look at the SDP, but do not understand or 1818 support the capability negotiation extensions, to understand the 1819 details of the media stream(s) that were actually negotiated. If it 1820 is known or suspected that one or more such intermediaries exist, 1821 then this second offer/answer SHOULD be performed (this is already 1822 done when using Interactive Connectivity Establishment [ICE], and in 1823 those cases, there will not be a need for a third offer/answer 1824 exchange). Note that, per normal offer/answer rules, the second 1825 offer/answer exchange still needs to update the version number in the 1826 "o=" line (( in [RFC4566]). Attribute lines carrying 1827 keying material SHOULD repeat the keys from the previous offer, 1828 unless re-keying is necessary, e.g. due to a previously forked SIP 1829 INVITE request. Please refer to Section 3.12. for additional 1830 considerations related to intermediaries. 1832 3.7.4. Modifying the Session 1834 Capabilities and potential configurations may be included in 1835 subsequent offers as defined in [RFC3264], Section 8. The procedure 1836 for doing so is similar to that described above with the answer 1837 including an indication of the actual selected configuration used by 1838 the answerer. 1840 If the answer indicates use of a potential configuration from the 1841 offer, then the guidelines provided in Section 3.7.3. for doing a 1842 second offer/answer exchange using that potential configuration as 1843 the actual configuration apply. 1845 3.8. Interactions with ICE 1847 Interactive Connectivity Establishment (ICE) [ICE] provides a 1848 mechanism for verifying connectivity between two endpoints by sending 1849 STUN messages directly between the media endpoints. The basic ICE 1850 specification [ICE] is defined to support UDP-based connectivity 1851 only, however it allows for extensions to support other transport 1852 protocols, such as TCP, which is being specified in [ICETCP]. ICE 1853 defines a new "a=candidate" attribute, which, among other things, 1854 indicates the possible transport protocol(s) to use and then 1855 associates a priority with each of them. The most preferred transport 1856 protocol that *successfully* verifies connectivity will end up being 1857 used. 1859 When using ICE, it is thus possible that the transport protocol that 1860 will be used differs from what is specified in the "m=" line. 1861 Furthermore, since both ICE and SDP Capability Negotiation may now 1862 specify alternative transport protocols, there is a potentially 1863 unintended interaction when using these together. 1865 We provide the following guidelines for addressing that. 1867 There are two basic scenarios to consider here: 1869 1) A particular media stream can run over different transport 1870 protocols (e.g. UDP, TCP, or TCP/TLS), and the intent is simply to 1871 use the one that works (in the preference order specified). 1873 2) A particular media stream can run over different transport 1874 protocols (e.g. UDP, TCP, or TCP/TLS) and the intent is to have the 1875 negotiation process decide which one to use (e.g. T.38 over TCP or 1876 UDP). 1878 In scenario 1, there should be ICE "a=candidate" attributes for UDP, 1879 TCP, etc. but otherwise nothing special in the potential 1880 configuration attributes to indicate the desire to use different 1881 transport protocols (e.g. UDP, or TCP). The ICE procedures 1882 essentially cover the capability negotiation required (by having the 1883 answerer select something it supports and then use of trial and 1884 error). 1886 Scenario 2 does not require a need to support or use ICE. Instead, we 1887 simply use transport protocol capabilities and potential 1888 configuration attributes to indicate the desired outcome. 1890 The scenarios may be combined, e.g. by offering potential 1891 configuration alternatives where some of them can support one 1892 transport protocol only (e.g. UDP), whereas others can support 1893 multiple transport protocols (e.g. UDP or TCP). In that case, there 1894 is a need for tight control over the ICE candidates that will 1895 actually be used for a particular configuration, yet the actual 1896 configuration may want to use all of them. In that case, the ICE 1897 candidate attributes can be defined as attribute capabilities and the 1898 relevant ones should then be included in the proper potential 1899 configurations (for example candidate attributes for UDP only for 1900 potential configurations that are restricted to UDP, whereas there 1901 could be candidate attributes for UDP, TCP, and TCP/TLS for potential 1902 configurations that can use all three). Furthermore, use of the 1903 delete-attributes in a potential configuration can be used to ensure 1904 that ICE will not end up using a transport protocol that is not 1905 desired. 1907 3.9. Interactions with SIP Option Tags 1909 SIP [RFC3261] allows for SIP extensions to define a SIP option tag 1910 that identifies the SIP extension. Support for one or more such 1911 extensions can be indicated by use of the SIP Supported header, and 1912 required support for one or more such extensions can be indicated by 1913 use of the SIP Require header. The "a=csup" and "a=creq" attributes 1914 defined by the SDP Capability Negotiation framework are similar, 1915 except that support for these two attributes by themselves cannot be 1916 guaranteed (since they are specified as extensions to the SDP 1917 specification [RFC4566] itself). 1919 SIP extensions with associated option tags can introduce enhancements 1920 to not only SIP, but also SDP. This is for example the case for SIP 1921 preconditions defined in [RFC3312]. When using SDP Capability 1922 Negotiation, some potential configurations may include certain SDP 1923 extensions, whereas others may not. Since the purpose of the SDP 1924 Capability Negotiation is to negotiate a session based on the 1925 features supported by both sides, use of the SIP Require header for 1926 such extensions may not produce the desired result. For example, if 1927 one potential configuration requires SIP precondition support, 1928 another does not, and the answerer does not support preconditions, 1929 then use of the SIP Require header for preconditions would result in 1930 a session failure, in spite of the fact that a valid and supported 1931 potential configuration was included in the offer. 1933 In general, this can be alleviated by use of mandatory and optional 1934 attribute capabilities in a potential configuration. There are 1935 however cases where permissible SDP values are tied to the use of the 1936 SIP Require header. SIP preconditions [RFC3312] is one such example, 1937 where preconditions with a "mandatory" strength-tag can only be used 1938 when a SIP Require header with the SIP option tag "precondition" is 1939 included. Future SIP extensions that may want to use the SDP 1940 Capability Negotiation framework should avoid such coupling. 1942 3.10. Processing Media before Answer 1944 The offer/answer model requires an offerer to be able to receive 1945 media in accordance with the offer prior to receiving the answer. 1946 This property is retained with the SDP Capability Negotiation 1947 extensions defined here, but only when the actual configuration is 1948 selected by the answerer. If a potential configuration is chosen, it 1949 is permissible for the offerer to not process any media received 1950 before the answer is received. This however may lead to clipping. 1951 Consequently, the SDP Capability Negotiation framework recommends 1952 sending back an answer SDP as soon as possible. 1954 The issue can be resolved by introducing a three-way handshake. In 1955 the case of SIP, this can for example be done by defining a 1956 precondition [RFC3312] for capability negotiation (or use an existing 1957 precondition that is known to generate a second offer/answer exchange 1958 before proceeding with the session), however preconditions are often 1959 viewed as complicated to implement and they may add to overall 1960 session establishment delay by requiring an extra offer/answer 1961 exchange. 1963 An alternative three-way handshake can be performed by use of ICE 1964 [ICE]. When ICE is being used, and the answerer receives a STUN 1965 Binding Request for any one of the accepted media streams from the 1966 offerer, the answerer knows the offer has received his answer. At 1967 that point, the answerer knows that the offerer will be able to 1968 process incoming media according to the negotiated configuration and 1969 hence he can start sending media without the risk of the offerer 1970 either discarding it or playing garbage. 1972 In some use cases (notably, when the offerer does not need 1973 information from the answer, such as keying material in the SDP, in 1974 order to process incoming media), a three-way handshake is not 1975 needed. The SDP Capability Negotiation framework does not define any 1976 such solutions, however extensions may do so. For example, one 1977 technique proposed for best-effort SRTP in [BESRTP] is to provide 1978 different RTP payload type mappings for different transport protocols 1979 used, outside of the actual configuration, while still allowing them 1980 to be used by the answerer (exchange of keying material is still 1981 needed, e.g. inband). The basic SDP Capability Negotiation framework 1982 defined here does not include the ability to do so, however 1983 extensions that enable that may be defined. 1985 3.11. Dealing with Large Number of Potential Configurations 1987 When using the SDP Capability Negotiation, it is easy to generate 1988 offers that contain a large number of potential configurations. For 1989 example, in the offer: 1991 v=0 1992 o=- 25678 753849 IN IP4 192.0.2.1 1993 s= 1994 c=IN IP4 192.0.2.1 1995 t=0 0 1996 m=audio 53456 RTP/AVP 0 18 1997 a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF 1998 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80 1999 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 2000 FEC_ORDER=FEC_SRTP 2001 a=acap:2 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 2002 a=acap:3 a=rtcp-fb:0 nack 2003 a=pcfg:1 t=1 a=1,3|2,3 2004 a=pcfg:2 t=2 a=1|2 2005 a=pcfg:3 t=3 a=3 2007 we have 5 potential configurations on top of the actual configuration 2008 for a single media stream. Adding an extension capability with just 2009 two alternatives for each would double that number (to 10), and doing 2010 the equivalent with two media streams would again double that number 2011 (to 20). While it is easy (and inexpensive) for the offerer to 2012 generate such offers, processing them at the answering side may not 2013 be. Consequently, it is RECOMMENDED that offerers do not create 2014 offers with unnecessarily large number of potential configurations in 2015 them. 2017 On the answering side, implementers MUST take care to avoid excessive 2018 memory and CPU consumption. For example, a na�ve implementation that 2019 first generates all the valid potential configuration SDPs 2020 internally, could find itself being memory exhausted, especially if 2021 it supports a large number of endpoints. Similarly, a na�ve 2022 implementation that simply performs iterative trial-and-error 2023 processing on each possible potential configuration SDP (in the 2024 preference order specified) could find itself being CPU constrained. 2025 An alternative strategy is to prune the search space first by 2026 discarding the set of offered potential configurations where the 2027 transport protocol indicated (if any) is not supported, and/or one or 2028 more mandatory attribute capabilities (if any) are either not 2029 supported or not valid. 2031 3.12. SDP Capability Negotiation and Intermediaries 2033 An intermediary is here defined as an entity between a SIP user agent 2034 A and a SIP user agent B, that need to perform some kind of 2035 processing on the SDP exchanged between A and B in order for the 2036 session establishment to operate as intended. Examples of such 2037 intermediaries include Session Border Controllers (SBCs) that may 2038 perform media relaying, Proxy Call Session Control Functions (P-CSCF) 2039 that may authorize use of a certain amount of network resources 2040 (bandwidth), etc. The presence and design of such intermediaries may 2041 not follow the "Internet" model or the SIP requirements for proxies 2042 (which are not supposed to look in message bodies such as SDP), 2043 however they are a fact of life in some deployment scenarios 2044 currently and hence deserves consideration. 2046 If the intermediary needs to understand the characteristics of the 2047 media sessions being negotiated, e.g. the amount of bandwidth used or 2048 the transport protocol negotiated, then use of the SDP Capability 2049 Negotiation framework may impact them. For example, some 2050 intermediaries are known to (currently) disallow answers where the 2051 transport protocol differs from the one in the offer. Use of the SDP 2052 Capability Negotiation framework in the presence of such 2053 intermediaries could lead to session failures. Intermediaries that 2054 need to authorize use of network resources based on the negotiated 2055 media stream parameters are affected as well. If they inspect only 2056 the offer, then they may authorize parameters assuming a different 2057 transport protocol, codecs, etc. than what is actually being 2058 negotiated. For these, and other, reasons it is RECOMMENDED that 2059 implementers of intermediaries add support for the SDP Capability 2060 Negotiation framework. 2062 The SDP Capability Negotiation framework itself attempts to help out 2063 these intermediaries as well, by optionally performing a second 2064 offer/answer exchange when use of a potential configuration has been 2065 negotiated (see Section 3.7.3. ). However, there are several 2066 limitations with this approach. First of all, the second offer/answer 2067 exchange is not required and hence may not be performed. Secondly, 2068 the intermediary may refuse the initial answer, e.g. due to perceived 2069 transport protocol mismatch. Thirdly, the strategy is not foolproof, 2070 since the offer/answer procedures [RFC3264] leave the original 2071 offer/answer exchange in effect when a subsequent one fails; consider 2072 the following example: 2074 1. Offerer generates an SDP offer with the actual configuration 2075 specifying a low bandwidth configuration (e.g. plain RTP) and a 2076 potential configuration specifying a high(er) bandwidth 2077 configuration (e.g. secure RTP with integrity). 2079 2. An intermediary (e.g. an SBC or P-CSCF), that does not support SDP 2080 Capability Negotiation, authorizes the session based on the actual 2081 configuration it sees in the SDP. 2083 3. The answerer chooses the high(er) bandwidth potential 2084 configuration and generates an answer SDP based on that. 2086 4. The intermediary passes through the answer SDP. 2088 5. The offerer sees the accepted answer, and generates an updated 2089 offer that contains the selected potential configuration as the 2090 actual configuration. In other words, the high(er) bandwidth 2091 configuration (which has already been negotiated successfully) is 2092 now the actual configuration in the offer SDP. 2094 6. The intermediary sees the new offer, however it does not authorize 2095 the use of the high(er) bandwidth configuration, and consequently 2096 generates a rejection message to the offerer. 2098 7. The offerer receives the rejected offer. 2100 After step 7, per RFC 3264, the offer/answer exchange that completed 2101 in step 5 remains in effect, however the intermediary may not have 2102 authorized the necessary network resources and hence the media stream 2103 may experience quality issues. The solution to this problem is to 2104 upgrade the intermediary to support the SDP Capability Negotiation 2105 framework. 2107 3.13. Considerations for Specific Attribute Capabilities 2109 3.13.1. The rtpmap and fmtp Attributes 2111 The core SDP Capability Negotiation framework defines transport 2112 capabilities and attribute capabilities. Media capabilities, which 2113 can be used to describe media formats and their associated 2114 parameters, are not defined in this document, however the "rtpmap" 2115 and "fmtp" attributes can nevertheless be used as attribute 2116 capabilities. Using such attribute capabilities in a potential 2117 configuration requires a bit of care though. 2119 The rtpmap parameter binds an RTP payload type to a media format 2120 (e.g. codec). While it is possible to provide rtpmaps for payload 2121 types not found in the corresponding "m=" line, such rtpmaps provide 2122 no value in normal offer/answer exchanges, since only the payload 2123 types found in the "m=" line are part of the offer (or answer). This 2124 applies to the core SDP Capability Negotiation framework as well: 2125 Only the media formats (e.g. RTP payload types) provided in the "m=" 2126 line are actually offered; inclusion of rtpmap attributes with other 2127 RTP payload types in a potential configuration does not change this 2128 fact and hence they do not provide any useful information there. They 2129 may still be useful as pure capabilities though (outside a potential 2130 configuration) in order to inform a peer of additional codec 2131 supported. 2133 It is possible to provide an rtpmap attribute capability with a 2134 payload type mapping to a different codec than a corresponding actual 2135 configuration "rtpmap" attribute for the media description has. Such 2136 practice is permissible as a way of indicating a capability. If that 2137 capability is included in a potential configuration, then delete- 2138 attributes (see Section 3.6.1. ) MUST be used to ensure that there is 2139 not multiple rtpmap attributes for the same payload type in a given 2140 media description (which would not be allowed by SDP [RFC4566]). 2142 Similar considerations and rules apply to the "fmtp" attribute. An 2143 fmtp attribute capability for a media format not included in the "m=" 2144 line is useless in a potential configuration (but may be useful as a 2145 capability by itself). An fmtp attribute capability in a potential 2146 configuration for a media format that already has an fmtp attribute 2147 in the actual configuration may lead to multiple fmtp format 2148 parameters for that media format and that is not allowed by SDP 2149 [RFC4566]. The delete-attributes MUST be used to ensure that there is 2150 not multiple fmtp attributes for a given media format in a media 2151 description. 2153 Extensions to the core SDP Capability Negotiation framework may 2154 change the above behavior. 2156 3.13.2. Direction Attributes 2158 SDP defines the "inactive", "sendonly", "recvonly", and "sendrecv" 2159 direction attributes. The direction attributes can be applied at 2160 either the session-level or the media-level. In either case, it is 2161 possible to define attribute capabilities for these direction 2162 capabilities. Note that if used by a potential configuration, then 2163 the normal offer/answer procedures still apply. For example, if an 2164 offered potential configuration includes the "sendonly" direction 2165 attribute, and it is selected as the actual configuration, then the 2166 answer MUST include a corresponding "recvonly" (or "inactive") 2167 attribute. 2169 4. Examples 2171 In this section, we provide examples showing how to use the SDP 2172 Capability Negotiation. 2174 4.1. Best-Effort Secure RTP 2176 The following example illustrates how to use the SDP Capability 2177 Negotiation extensions to support so-called Best-Effort Secure RTP. 2178 In that scenario, the offerer supports both RTP and Secure RTP. If 2179 the answerer does not support secure RTP (or the SDP Capability 2180 Negotiation extensions), an RTP session will be established. However, 2181 if the answerer supports Secure RTP and the SDP Capability 2182 Negotiation extensions, a Secure RTP session will be established. 2184 The best-effort Secure RTP negotiation is illustrated by the 2185 offer/answer exchange below, where Alice sends an offer to Bob: 2187 Alice Bob 2189 | (1) Offer (SRTP and RTP) | 2190 |--------------------------------->| 2191 | | 2192 | (2) Answer (SRTP) | 2193 |<---------------------------------| 2194 | | 2195 | (3) Offer (SRTP) | 2196 |--------------------------------->| 2197 | | 2198 | (4) Answer (SRTP) | 2199 |<---------------------------------| 2200 | | 2202 Alice's offer includes RTP and SRTP as alternatives. RTP is the 2203 default, but SRTP is the preferred one: 2205 v=0 2206 o=- 25678 753849 IN IP4 192.0.2.1 2207 s= 2208 c=IN IP4 192.0.2.1 2209 t=0 0 2210 m=audio 53456 RTP/AVP 0 18 2211 a=tcap:1 RTP/SAVP RTP/AVP 2212 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2213 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 2214 FEC_ORDER=FEC_SRTP 2215 a=pcfg:1 t=1 a=1 2217 The "m=" line indicates that Alice is offering to use plain RTP with 2218 PCMU or G.729. The capabilities are provided by the "a=tcap" and 2219 "a=acap" attributes. The "tcap" capability indicates that both 2220 Secure RTP and normal RTP are supported. The "acap" attribute 2221 provides an attribute capability with a handle of 1. The capability 2222 is a "crypto" attribute, which provides the keying material for SRTP 2223 using SDP security descriptions [SDES]. The "a=pcfg" attribute 2224 provides the potential configurations included in the offer by 2225 reference to the capabilities. A single potential configuration with 2226 a configuration number of "1" is provided. It includes the transport 2227 protocol capability 1 (RTP/SAVP, i.e. secure RTP) together with the 2228 attribute capability 1, i.e. the crypto attribute provided. Note 2229 that attribute capability 1 is mandatory, and hence it must be 2230 supported in order for the potential configuration to be used. 2232 Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP 2233 Capability Negotiation framework, and hence he accepts the potential 2234 configuration for Secure RTP provided by Alice: 2236 v=0 2237 o=- 24351 621814 IN IP4 192.0.2.2 2238 s= 2239 c=IN IP4 192.0.2.2 2240 t=0 0 2241 m=audio 54568 RTP/SAVP 0 18 2242 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2243 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 2244 a=acfg:1 t=1 a=1 2246 Bob includes the "a=acfg" attribute in the answer to inform Alice 2247 that he based his answer on an offer containing the potential 2248 configuration with transport protocol capability 1 and attribute 2249 capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the 2250 keying material provided). Bob also includes his keying material in 2251 a crypto attribute. 2253 When Alice receives Bob's answer, session negotiation has completed, 2254 however Alice nevertheless chooses to generate a new offer using the 2255 actual configuration. This is done purely to assist any 2256 intermediaries that may reside between Alice and Bob but do not 2257 support the SDP Capability Negotiation framework (and hence may not 2258 understand the negotiation that just took place): 2260 Alice's updated offer includes only SRTP, and it is not using the SDP 2261 Capability Negotiation framework (Alice could have included the 2262 capabilities as well is she wanted to): 2264 v=0 2265 o=- 25678 753850 IN IP4 192.0.2.1 2266 s= 2267 c=IN IP4 192.0.2.1 2268 t=0 0 2269 m=audio 53456 RTP/SAVP 0 18 2270 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2271 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 2272 FEC_ORDER=FEC_SRTP 2274 The "m=" line now indicates that Alice is offering to use secure RTP 2275 with PCMU or G.729. The "crypto" attribute, which provides the SRTP 2276 keying material, is included with the same value again. 2278 Bob receives the SDP offer from Alice, which he accepts, and then 2279 generates an answer to Alice: 2281 v=0 2282 o=- 24351 621815 IN IP4 192.0.2.2 2283 s= 2284 c=IN IP4 192.0.2.2 2285 t=0 0 2286 m=audio 54568 RTP/SAVP 0 18 2287 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2288 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 2290 Bob includes the same crypto attribute as before, and the session 2291 proceeds without change. Although Bob did not include any 2292 capabilities in his answer, he could have done so if he wanted to. 2294 Note that in this particular example, the answerer supported the SDP 2295 Capability Negotiation framework, and hence the attributes and 2296 procedures defined here, however had he not, the answerer would 2297 simply have ignored the new attributes received in step 1 and 2298 accepted the offer to use normal RTP. In that case, the following 2299 answer would have been generated in step 2 instead: 2301 v=0 2302 o=- 24351 621814 IN IP4 192.0.2.2 2303 s= 2304 c=IN IP4 192.0.2.2 2305 t=0 0 2306 m=audio 54568 RTP/AVP 0 18 2308 4.2. Multiple Transport Protocols 2310 The following example illustrates how to use the SDP Capability 2311 Negotiation extensions to negotiate use of one out of several 2312 possible transport protocols. As in the previous example, the offerer 2313 uses the expected least-common-denominator (plain RTP) as the actual 2314 configuration, and the alternative transport protocols as the 2315 potential configurations. 2317 The example is illustrated by the offer/answer exchange below, where 2318 Alice sends an offer to Bob: 2320 Alice Bob 2322 | (1) Offer (RTP/[S]AVP[F]) | 2323 |--------------------------------->| 2324 | | 2325 | (2) Answer (RTP/AVPF) | 2326 |<---------------------------------| 2327 | | 2328 | (3) Offer (RTP/AVPF) | 2329 |--------------------------------->| 2330 | | 2331 | (4) Answer (RTP/AVPF) | 2332 |<---------------------------------| 2333 | | 2335 Alice's offer includes plain RTP (RTP/AVP), RTP with RTCP-based 2336 feedback (RTP/AVPF), Secure RTP (RTP/SAVP), and Secure RTP with RTCP- 2337 based feedback (RTP/SAVPF) and SRTP as alternatives. RTP is the 2338 default, with RTP/SAVPF, RTP/SAVP, and RTP/AVPF as the alternatives 2339 and preferred in the order listed: 2341 v=0 2342 o=- 25678 753849 IN IP4 192.0.2.1 2343 s= 2344 c=IN IP4 192.0.2.1 2345 t=0 0 2346 m=audio 53456 RTP/AVP 0 18 2347 a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF 2348 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2349 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 2350 FEC_ORDER=FEC_SRTP 2351 a=acap:2 a=rtcp-fb:0 nack 2352 a=pcfg:1 t=1 a=1,[2] 2353 a=pcfg:2 t=2 a=1 2354 a=pcfg:3 t=3 a=[2] 2356 The "m=" line indicates that Alice is offering to use plain RTP with 2357 PCMU or G.729. The capabilities are provided by the "a=tcap" and 2358 "a=acap" attributes. The "tcap" capability indicates that Secure RTP 2359 with RTCP-Based feedback (RTP/SAVPF), Secure RTP (RTP/SAVP), and RTP 2360 with RTCP-Based feedback are supported. The first "acap" attribute 2361 provides an attribute capability with a handle of 1. The capability 2362 is a "crypto" attribute, which provides the keying material for SRTP 2363 using SDP security descriptions [SDES]. The second "acap" attribute 2364 provides an attribute capability with a handle of 2. The capability 2365 is an "rtcp-fb" attribute, which is used by the RTCP-based feedback 2366 profiles to indicate that payload type 0 (PCMU) supports feedback 2367 type "nack". The "a=pcfg" attributes provide the potential 2368 configurations included in the offer by reference to the 2369 capabilities. There are three potential configurations: 2371 o Potential configuration 1, which is the most preferred potential 2372 configuration specifies use of transport protocol capability 1 2373 (RTP/SAVPF) and attribute capabilities 1 (the "crypto" attribute) 2374 and 2 (the "rtcp-fb" attribute). Support for the first one is 2375 mandatory whereas support for the second one is optional. 2377 o Potential configuration 2, which is the second most preferred 2378 potential configuration specifies use of transport protocol 2379 capability 2 (RTP/SAVP) and mandatory attribute capability 1 (the 2380 "crypto" attribute). 2382 o Potential configuration 3, which is the least preferred potential 2383 configuration (but the second least preferred configuration 2384 overall, since the actual configuration provided by the "m=" line 2385 is always the least preferred configuration), specifies use of 2386 transport protocol capability 3 (RTP/AVPF) and optional attribute 2387 capability 2 (the "rtcp-fb" attribute). 2389 Bob receives the SDP offer from Alice. Bob does not support any 2390 secure RTP profiles, however he supports plain RTP and RTP with RTCP- 2391 based feedback, as well as the SDP Capability Negotiation extensions, 2392 and hence he accepts the potential configuration for RTP with RTCP- 2393 based feedback provided by Alice: 2395 v=0 2396 o=- 24351 621814 IN IP4 192.0.2.2 2397 s= 2398 c=IN IP4 192.0.2.2 2399 t=0 0 2400 m=audio 54568 RTP/AVPF 0 18 2401 a=rtcp-fb:0 nack 2402 a=acfg:1 t=3 a=[2] 2404 Bob includes the "a=acfg" attribute in the answer to inform Alice 2405 that he based his answer on an offer containing the potential 2406 configuration with transport protocol capability 3 and optional 2407 attribute capability 2 from the offer SDP (i.e. the RTP/AVPF profile 2408 using the "rtcp-fb" value provided). Bob also includes an "rtcp-fb" 2409 attribute with the value "nack" value for RTP payload type 0. 2411 When Alice receives Bob's answer, session negotiation has completed, 2412 however Alice nevertheless chooses to generate a new offer using the 2413 actual configuration. This is done purely to assist any 2414 intermediaries that may reside between Alice and Bob but do not 2415 support the SDP Capability Negotiation framework (and hence may not 2416 understand the negotiation that just took place): 2418 Alice's updated offer includes only RTP/AVPF, and it is not using the 2419 SDP Capability Negotiation framework (Alice could have included the 2420 capabilities as well if she wanted to): 2422 v=0 2423 o=- 25678 753850 IN IP4 192.0.2.1 2424 s= 2425 c=IN IP4 192.0.2.1 2426 t=0 0 2427 m=audio 53456 RTP/AVPF 0 18 2428 a=rtcp-fb:0 nack 2430 The "m=" line now indicates that Alice is offering to use RTP with 2431 RTCP-based feedback and using PCMU or G.729. The "rtcp-fb" attribute 2432 provides the feedback type "nack" for payload type 0 again (but as 2433 part of the actual configuration). 2435 Bob receives the SDP offer from Alice, which he accepts, and then 2436 generates an answer to Alice: 2438 v=0 2439 o=- 24351 621815 IN IP4 192.0.2.2 2440 s= 2441 c=IN IP4 192.0.2.2 2442 t=0 0 2443 m=audio 54568 RTP/AVPF 0 18 2444 a=rtcp-fb:0 nack 2446 Bob includes the same "rtcp-fb" attribute as before, and the session 2447 proceeds without change. Although Bob did not include any 2448 capabilities in his answer, he could have done so if he wanted to. 2450 Note that in this particular example, the answerer supported the SDP 2451 Capability Negotiation framework and hence the attributes and 2452 procedures defined here, however had he not, the answerer would 2453 simply have ignored the new attributes received in step 1 and 2454 accepted the offer to use normal RTP. In that case, the following 2455 answer would have been generated in step 2 instead: 2457 v=0 2458 o=- 24351 621814 IN IP4 192.0.2.2 2459 s= 2460 c=IN IP4 192.0.2.2 2461 t=0 0 2462 m=audio 54568 RTP/AVP 0 18 2464 4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level Security 2465 Descriptions 2467 The following example illustrates how to use the SDP Capability 2468 Negotiation extensions to support so-called Best-Effort Secure RTP as 2469 well as alternative keying mechanisms, more specifically MIKEY and 2470 SDP Security Descriptions. The offerer (Alice) wants to establish an 2471 audio and video session. Alice prefers to use session-level MIKEY as 2472 the key management protocol, but supports SDP security descriptions 2473 as well. 2475 The example is illustrated by the offer/answer exchange below, where 2476 Alice sends an offer to Bob: 2478 Alice Bob 2480 | (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) | 2481 |--------------------------------------->| 2482 | | 2483 | (2) Answer (RTP/SAVP, SDES) | 2484 |<---------------------------------------| 2485 | | 2486 | (3) Offer (RTP/SAVP, SDES) | 2487 |--------------------------------------->| 2488 | | 2489 | (4) Answer (RTP/SAVP, SDES) | 2490 |<---------------------------------------| 2491 | | 2493 Alice's offer includes an audio and a video stream. The audio stream 2494 offers use of plain RTP and secure RTP as alternatives, whereas the 2495 video stream offers use of plain RTP, RTP with RTCP-based feedback, 2496 Secure RTP, and Secure RTP with RTCP-based feedback as alternatives: 2498 v=0 2499 o=- 25678 753849 IN IP4 192.0.2.1 2500 s= 2501 t=0 0 2502 c=IN IP4 192.0.2.1 2503 a=acap:1 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 2504 a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF 2505 m=audio 59000 RTP/AVP 98 2506 a=rtpmap:98 AMR/8000 2507 a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2508 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 2509 a=pcfg:1 t=2 a=1|2 2510 m=video 52000 RTP/AVP 31 2511 a=rtpmap:31 H261/90000 2512 a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2513 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 2514 a=acap:4 a=rtcp-fb:* nack 2515 a=pcfg:1 t=1 a=1,4|3,4 2516 a=pcfg:2 t=2 a=1|3 2517 a=pcfg:3 t=3 a=4 2519 The potential configuration for the audio stream specifies use of 2520 transport capability 2 (RTP/SAVP) and either attribute capability 1 2521 (session-level MIKEY as the keying mechanism) or 2 (SDP Security 2522 Descriptions as the keying mechanism). Support for either of these 2523 attribute capabilities is mandatory. There are three potential 2524 configurations for the video stream. 2526 o The first configuration with configuration number 1 uses transport 2527 capability 1 (RTP/SAVPF) with either attribute capabilities 1 and 2528 4 (session-level MIKEY and the "rtcp-fb" attribute) or attribute 2529 capabilities 3 and 4 (SDP security descriptions and the "rtcp-fb" 2530 attribute). In this example, the offerer insists on not only the 2531 keying mechanism being supported, but also that the "rtcp-fb" 2532 attribute is supported with the value indicated. Consequently, all 2533 the attribute capabilities are marked as mandatory in this 2534 potential configuration. 2536 o The second configuration with configuration number 2 uses 2537 transport capability 2 (RTP/SAVP) and either attribute capability 2538 1 (session-level MIKEY) or attribute capability 3 (SDP security 2539 descriptions). Both attribute capabilities are mandatory in this 2540 configuration. 2542 o The third configuration with configuration number 3 uses transport 2543 capability 3 (RTP/AVPF) and mandatory attribute capability 4 (the 2544 "rtcp-fb" attribute). 2546 Bob receives the SDP offer from Alice. Bob supports Secure RTP, 2547 Secure RTP with RTCP-based feedback and the SDP Capability 2548 Negotiation extensions. Bob also supports SDP Security Descriptions, 2549 but not MIKEY, and hence he generates the following answer: 2551 v=0 2552 o=- 24351 621814 IN IP4 192.0.2.2 2553 s= 2554 t=0 0 2555 c=IN IP4 192.0.2.2 2556 m=audio 54568 RTP/SAVP 98 2557 a=rtpmap:98 AMR/8000 2558 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2559 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 2560 a=acfg:1 t=2 a=2 2561 m=video 55468 RTP/SAVPF 31 2562 a=rtpmap:31 H261/90000 2563 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2564 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 2565 a=rtcp-fb:* nack 2566 a=acfg:1 t=1 a=3,4 2568 For the audio stream, Bob accepted the use of secure RTP, and hence 2569 the profile in the "m=" line is "RTP/SAVP". Bob also includes a 2570 "crypto" attribute with his own keying material, and an "acfg" 2571 attribute identifying actual configuration 1 for the audio media 2572 stream from the offer, using transport capability 2 (RTP/SAVP) and 2573 attribute capability 2 (the crypto attribute from the offer). For the 2574 video stream, Bob accepted the use of secure RTP with RTCP-based 2575 feedback, and hence the profile in the "m=" line is "RTP/SAVPF". Bob 2576 also includes a "crypto" attribute with his own keying material, and 2577 an "acfg" attribute identifying actual configuration 1 for the video 2578 stream from the offer, using transport capability 1 (RTP/SAVPF) and 2579 attribute capabilities 3 (the crypto attribute from the offer) and 4 2580 (the "rtcp-fb" attribute from the offer). 2582 When Alice receives Bob's answer, session negotiation has completed, 2583 however Alice nevertheless chooses to generate a new offer using the 2584 actual configuration. This is done purely to assist any 2585 intermediaries that may reside between Alice and Bob but do not 2586 support the capability negotiation extensions (and hence may not 2587 understand the negotiation that just took place): 2589 Alice's updated offer includes only SRTP for the audio stream SRTP 2590 with RTCP-based feedback for the video stream, and it is not using 2591 the SDP Capability Negotiation framework (Alice could have included 2592 the capabilities as well is she wanted to): 2594 v=0 2595 o=- 25678 753849 IN IP4 192.0.2.1 2596 s= 2597 t=0 0 2598 c=IN IP4 192.0.2.1 2599 m=audio 59000 RTP/SAVP 98 2600 a=rtpmap:98 AMR/8000 2601 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2602 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 2603 m=video 52000 RTP/SAVPF 31 2604 a=rtpmap:31 H261/90000 2605 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2606 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 2607 a=rtcp-fb:* nack 2609 The "m=" line for the audio stream now indicates that Alice is 2610 offering to use secure RTP with PCMU or G.729, whereas the "m=" line 2611 for the video stream indicates that Alice is offering to use secure 2612 RTP with RTCP-based feedback and H.261. Each media stream includes a 2613 "crypto" attribute, which provides the SRTP keying material, with the 2614 same value again. 2616 Bob receives the SDP offer from Alice, which he accepts, and then 2617 generates an answer to Alice: 2619 v=0 2620 o=- 24351 621814 IN IP4 192.0.2.2 2621 s= 2622 t=0 0 2623 c=IN IP4 192.0.2.2 2624 m=audio 54568 RTP/SAVP 98 2625 a=rtpmap:98 AMR/8000 2626 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2627 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 2628 m=video 55468 RTP/SAVPF 31 2629 a=rtpmap:31 H261/90000 2630 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2631 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 2632 a=rtcp-fb:* nack 2634 Bob includes the same crypto attribute as before, and the session 2635 proceeds without change. Although Bob did not include any 2636 capabilities in his answer, he could have done so if he wanted to. 2638 Note that in this particular example, the answerer supported the 2639 capability extensions defined here, however had he not, the answerer 2640 would simply have ignored the new attributes received in step 1 and 2641 accepted the offer to use normal RTP. In that case, the following 2642 answer would have been generated in step 2 instead: 2644 v=0 2645 o=- 24351 621814 IN IP4 192.0.2.2 2646 s= 2647 t=0 0 2648 c=IN IP4 192.0.2.2 2649 m=audio 54568 RTP/AVP 98 2650 a=rtpmap:98 AMR/8000 2651 m=video 55468 RTP/AVP 31 2652 a=rtpmap:31 H261/90000 2653 a=rtcp-fb:* nack 2655 Finally, if Bob had chosen to use session-level MIKEY instead of SDP 2656 security descriptions instead, the following answer would have been 2657 generated: 2659 v=0 2660 o=- 25678 753849 IN IP4 192.0.2.1 2661 s= 2662 t=0 0 2663 c=IN IP4 192.0.2.1 2664 a=key-mgmt:mikey AQEFgM0XflABAAAAAAAAAAAAAAYAyO... 2665 m=audio 59000 RTP/AVP 98 2666 a=rtpmap:98 AMR/8000 2667 a=acfg:1 t=2 a=1 2668 m=video 52000 RTP/SAVPF 31 2669 a=rtpmap:31 H261/90000 2670 a=rtcp-fb:* nack 2671 a=acfg:1 t=1 a=1,4 2673 It should be noted, that although Bob could have chosen session-level 2674 MIKEY for one media stream, and SDP Security Descriptions for another 2675 media stream, there are no well-defined offerer processing rules of 2676 the resulting answer for this, and hence the offerer may incorrectly 2677 assume use of MIKEY for both streams. To avoid this, if the answerer 2678 chooses session-level MIKEY, then all secure RTP based media streams 2679 SHOULD use MIKEY (this applies irrespective of whether SDP Capability 2680 Negotiation is being used or not). Use of media-level MIKEY does not 2681 have a similar constraint. 2683 4.4. SRTP with Session-Level MIKEY and Media Level Security Descriptions 2684 as Alternatives 2686 The following example illustrates how to use the SDP Capability 2687 Negotiation framework to negotiate use of either MIKEY or SDP 2688 Security Descriptions, when one of them is included as part of the 2689 actual configuration, and the other one is being selected. The 2690 offerer (Alice) wants to establish an audio and video session. Alice 2691 prefers to use session-level MIKEY as the key management protocol, 2692 but supports SDP security descriptions as well. 2694 The example is illustrated by the offer/answer exchange below, where 2695 Alice sends an offer to Bob: 2697 Alice Bob 2699 | (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) | 2700 |--------------------------------------->| 2701 | | 2702 | (2) Answer (RTP/SAVP, SDES) | 2703 |<---------------------------------------| 2704 | | 2706 Alice's offer includes an audio and a video stream. Both the audio 2707 and the video stream offer use of secure RTP: 2709 v=0 2710 o=- 25678 753849 IN IP4 192.0.2.1 2711 s= 2712 t=0 0 2713 c=IN IP4 192.0.2.1 2714 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 2715 m=audio 59000 RTP/SAVP 98 2716 a=rtpmap:98 AMR/8000 2717 a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2718 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 2719 a=pcfg:1 a=-s:1 2720 m=video 52000 RTP/SAVP 31 2721 a=rtpmap:31 H261/90000 2722 a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2723 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 2724 a=pcfg:1 a=-s:2 2726 Alice does not know whether Bob supports MIKEY or SDP Security 2727 Descriptions. She could include attributes for both, however the 2728 resulting procedures and potential interactions are not well-defined. 2729 Instead, she places a session-level key-mgmt attribute for MIKEY in 2730 the actual configuration with SDP security descriptions as an 2731 alternative in the potential configuration. The potential 2732 configuration for the audio stream specifies that all session level 2733 attributes are to be deleted (i.e. the session-level "a=key-mgmt" 2734 attribute) and that mandatory attribute capability 2 is to be used 2735 (i.e. the crypto attribute). The potential configuration for the 2736 video stream is similar, except it uses it's own mandatory crypto 2737 attribute capability (2). Note how deletion of the session-level 2738 attributes does not affect the media-level attributes. 2740 Bob receives the SDP offer from Alice. Bob supports Secure RTP and 2741 the SDP Capability Negotiation framework. Bob also supports both SDP 2742 Security Descriptions and MIKEY. Since the potential configuration is 2743 more preferred than the actual configuration, Bob (conceptually) 2744 generates an internal potential configuration SDP that contains the 2745 crypto attributes for the audio and video stream, but not the key- 2746 mgmt attribute for MIKEY, thereby avoiding any ambiguity between the 2747 two keying mechanisms. As a result, he generates the following 2748 answer: 2750 v=0 2751 o=- 24351 621814 IN IP4 192.0.2.2 2752 s= 2753 t=0 0 2754 c=IN IP4 192.0.2.2 2755 m=audio 54568 RTP/SAVP 98 2756 a=rtpmap:98 AMR/8000 2757 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2758 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 2759 a=acfg:1 a=-s:1 2760 m=video 55468 RTP/SAVP 31 2761 a=rtpmap:31 H261/90000 2762 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2763 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 2764 a=acfg:1 a=-s:2 2766 For the audio stream, Bob accepted the use of secure RTP using SDP 2767 security descriptions. Bob therefore includes a "crypto" attribute 2768 with his own keying material, and an "acfg" attribute identifying 2769 actual configuration 1 for the audio media stream from the offer, 2770 with the delete-attributes ("-s") and attribute capability 1 (the 2771 crypto attribute from the offer). For the video stream, Bob also 2772 accepted the use of secure RTP using SDP security descriptions. Bob 2773 therefore includes a "crypto" attribute with his own keying material, 2774 and an "acfg" attribute identifying actual configuration 1 for the 2775 video stream from the offer, with the delete-attributes ("-s") and 2776 attribute capability 2. 2778 Below, we illustrate the offer SDP, when Bob instead offers the 2779 "crypto" attribute as the actual configuration keying mechanism and 2780 "key-mgmt" as the potential configuration: 2782 v=0 2783 o=- 25678 753849 IN IP4 192.0.2.1 2784 s= 2785 t=0 0 2786 c=IN IP4 192.0.2.1 2787 a=acap:1 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... 2788 m=audio 59000 RTP/SAVP 98 2789 a=rtpmap:98 AMR/8000 2790 a=crypto:1 AES_CM_128_HMAC_SHA1_32 2791 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 2792 a=acap:2 a=rtpmap:98 AMR/8000 2793 a=pcfg:1 a=-m:1,2 2794 m=video 52000 RTP/SAVP 31 2795 a=rtpmap:31 H261/90000 2796 a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80 2797 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 2798 a=acap:4 a=rtpmap:31 H261/90000 2799 a=pcfg:1 a=-m:1,4 2801 Note how we this time need to perform delete-attributes at the media- 2802 level instead of the session-level. When doing that, all attributes 2803 from the actual configuration SDP, including the rtpmaps provided, 2804 are removed. Consequently, we had to include these rtpmaps as 2805 capabilities as well, and then include them in the potential 2806 configuration, thereby effectively recreating the original rtpmap 2807 attributes in the resulting potential configuration SDP. 2809 5. Security Considerations 2811 The SDP Capability Negotiation Framework is defined to be used within 2812 the context of the offer/answer model, and hence all the offer/answer 2813 security considerations apply here as well. Similarly, the Session 2814 Initiation Protocol (SIP) uses SDP and the offer/answer model, and 2815 hence, when used in that context, the SIP security considerations 2816 apply as well. 2818 However, SDP Capability Negotiation introduces additional security 2819 issues. Its use as a mechanism to enable alternative transport 2820 protocol negotiation (secure and non-secure) as well as its ability 2821 to negotiate use of more or less secure keying methods and material 2822 warrant further security considerations. Also, the (continued) 2823 support for receiving media before answer combined with negotiation 2824 of alternative transport protocols (secure and non-secure) warrant 2825 further security considerations. We discuss these issues below. 2827 The SDP Capability Negotiation framework allows for an offered media 2828 stream to both indicate and support various levels of security for 2829 that media stream. Different levels of security can for example be 2830 negotiated by use of alternative attribute capabilities each 2831 indicating more or less secure keying methods as well as more or less 2832 strong ciphers. Since the offerer indicates support for each of these 2833 alternatives, he will presumably accept the answerer seemingly 2834 selecting any of the offered alternatives. If an attacker can modify 2835 the SDP offer, he can thereby force the negotiation of the weakest 2836 security mechanism that the offerer is willing to accept. This may in 2837 turn enable the attacker to compromise the security of the negotiated 2838 media stream. Similarly, if the offerer wishes to negotiate use of a 2839 secure media stream (e.g. secure RTP), but includes a non-secure 2840 media stream (e.g. plain RTP) as a valid (but less preferred) 2841 alternative, then an attacker that can modify the offered SDP will be 2842 able to force the establishment of an insecure media stream. The 2843 solution to both of these problems involves the use of integrity 2844 protection over the SDP. Ideally, this integrity protection provides 2845 end-to-end integrity protection in order to protect from any man-in- 2846 the-middle attack; secure multiparts such as S/MIME [SMIME] provide 2847 one such solution, however S/MIME requires use and availability of a 2848 Public Key Infrastructure (PKI). A slightly less secure alternative 2849 when using SIP, but generally much easier to deploy in practice 2850 (since it does not require a PKI), is to use SIP Identity [RFC4474]; 2851 this requires the existence of an authentication service (see 2852 [RFC4474]). Yet another, and considerably less secure, alternative is 2853 to use hop-by-hop security only, e.g. TLS or IPSec thereby ensuring 2854 the integrity of the offered SDP on a hop-by-hop basis. Note however 2855 that SIP proxies or other intermediaries processing the SIP request 2856 at each hop are able to perform a man-in-the-middle attack by 2857 modifying the offered SDP. 2859 Per the normal offer/answer procedures, as soon as the offerer has 2860 generated an offer, the offerer must be prepared to receive media in 2861 accordance with that offer. The SDP Capability Negotiation preserves 2862 that behavior for the actual configuration in the offer, however the 2863 offerer has no way of knowing which configuration (actual or 2864 potential) configuration was actually selected by the offerer, until 2865 an answer indication is received. This opens up a new security issue 2866 where an attacker may be able to interject media towards the offerer 2867 until the answer is received. For example, the offerer may use plain 2868 RTP as the actual configuration and secure RTP as an alternative 2869 potential configuration. Even though the answerer selects secure RTP, 2870 the offerer will not know that until he receives the answer, and 2871 hence an attacker will be able to send media to the offerer 2872 meanwhile. The easiest protection against such an attack is to not 2873 offer use of the non-secure media stream in the actual configuration, 2874 however that may in itself have undesirable side-effects: If the 2875 answerer does not support the secure media stream and also does not 2876 support the capability negotiation framework, then negotiation of the 2877 media stream will fail. Alternatively, SDP security preconditions 2878 [sprecon] can be used. This will ensure that media is not flowing 2879 until session negotiation has completed and hence the selected 2880 configuration is known. Use of preconditions however requires both 2881 side to support them. If they don't, and use of them is required, the 2882 session will fail. As a (limited) work around to this, it is 2883 RECOMMENDED that SIP entities generate an answer SDP and send it to 2884 the offerer as soon as possible, for example in a 183 Session 2885 Progress message. This will limit the time during which an attacker 2886 can send media to the offerer. Section 3.10. presents other 2887 alternatives as well. 2889 Additional security considerations apply to the answer SDP as well. 2890 The actual configuration attribute tells the offerer which potential 2891 configuration the answer was actually based on, and hence an attacker 2892 that can either modify or remove the actual configuration attribute 2893 in the answer can cause session failure as well as extend the time 2894 window during which the offerer will accept incoming media that does 2895 not conform to the actual answer. The solutions to this SDP answer 2896 integrity problem are the same as for the offer, i.e. use of end-to- 2897 end integrity protection, SIP identity, or hop-by-hop protection. The 2898 mechanism to use depends on the mechanisms supported by the offerer 2899 as well as the acceptable security trade-offs. 2901 As described in Section 3.1. , SDP Capability Negotiation 2902 conceptually allows an offerer to include many different offers in a 2903 single SDP. This can in turn cause the answerer to process a large 2904 number of alternative potential offers, which can consume significant 2905 memory and CPU resources. An attacker can use this amplification 2906 feature to launch a denial of service attack against the answerer. 2907 The answerer MUST protect itself from such attacks. As explained in 2908 Section 3.11. , the answerer can help reduce the effects of such an 2909 attack by first discarding all potential configurations that contain 2910 unsupported transport protocols and/or unsupported or invalid 2911 mandatory attribute capabilities. The answerer SHOULD also look out 2912 for potential configurations that are designed to pass the above 2913 test, but nevertheless produce a large number of potential 2914 configuration SDPs that cannot be supported. 2916 A possible way of achieving that is for an attacker to find a 2917 valid session-level attribute that causes conflicts or otherwise 2918 interferes with individual media description configurations. 2919 Currently, we do not know of such an SDP attribute, however this 2920 does not mean it doesn't exist, or that it will not exist in the 2921 future. If such attributes are found to exist, implementers should 2922 explicitly protect against them. 2924 A significant number of valid and supported potential configurations 2925 may remain. However, since all of those contain only valid and 2926 supported transport protocols and attributes, it is expected that 2927 only a few of them will need to be processed on average. Still, the 2928 answerer MUST ensure that it does not needlessly consume large 2929 amounts of memory and CPU resources when processing those as well as 2930 be prepared to handle the case where a large number of potential 2931 configurations still need to be processed. 2933 6. IANA Considerations 2935 6.1. New SDP Attributes 2937 The IANA is hereby requested to register the following new SDP 2938 attributes as follows: 2940 Attribute name: csup 2941 Long form name: Supported capability negotiation extensions 2942 Type of attribute: Session-level and media-level 2943 Subject to charset: No 2944 Purpose: Option tags for supported SDP capability 2945 negotiation extensions 2946 Appropriate values: See Section 3.4.1. 2948 Attribute name: creq 2949 Long form name: Required capability negotiation extensions 2950 Type of attribute: Session-level and media-level 2951 Subject to charset: No 2952 Purpose: Option tags for required SDP capability 2953 negotiation extensions 2954 Appropriate values: See Section 3.4.2. 2956 Attribute name: acap 2957 Long form name: Attribute capability 2958 Type of attribute: Session-level and media-level 2959 Subject to charset: No 2960 Purpose: Attribute capability containing an attribute 2961 name and associated value 2962 Appropriate values: See Section 3.5.1. 2964 Attribute name: tcap 2965 Long form name: Transport Protocol Capability 2966 Type of attribute: Session-level and media-level 2967 Subject to charset: No 2968 Purpose: Transport protocol capability listing one or 2969 more transport protocols 2970 Appropriate values: See Section 3.5.2. 2972 Attribute name: pcfg 2973 Long form name: Potential Configuration 2974 Type of attribute: Media-level 2975 Subject to charset: No 2976 Purpose: Potential configuration for SDP capability 2977 negotiation 2978 Appropriate values: See Section 3.6.1. 2980 Attribute name: acfg 2981 Long form name: Actual configuration 2982 Type of attribute: Media-level 2983 Subject to charset: No 2984 Purpose: Actual configuration for SDP capability 2985 negotiation 2986 Appropriate values: See Section 3.6.2. 2988 6.2. New SDP Capability Negotiation Option Tag Registry 2990 The IANA is hereby requested to create a new SDP Capability 2991 Negotiation Option Tag registry. An IANA SDP Capability Negotiation 2992 option tag registration MUST be documented in an RFC in accordance 2993 with the [RFC2434] Specification Required policy. The RFC MUST 2994 provide the name of the option tag, a syntax and a semantic 2995 specification of any new SDP attributes and any extensions to the 2996 potential and actual configuration attributes provided in this 2997 document. New SDP attributes that are intended to be capabilities for 2998 use by the capability negotiation framework MUST adhere to the 2999 guidelines provided in Section 3.5.3. Extensions to the potential and 3000 actual configuration attributes MUST adhere to the syntax provided in 3001 Section 3.6.1. and 3.6.2. 3003 The option tag "cap-v0" is defined in this document and the IANA is 3004 hereby requested to register this option tag. 3006 6.3. New SDP Capability Negotiation Potential Configuration Parameter 3007 Registry 3009 The IANA is hereby requested to create a new SDP Capability 3010 Negotiation Potential Configuration Parameter registry. An IANA SDP 3011 Capability Negotiation potential configuration registration MUST be 3012 documented in an RFC in accordance with the [RFC2434] Specification 3013 Required policy. The RFC MUST define the syntax and semantics of each 3014 new potential configuration parameter. The syntax MUST adhere to the 3015 syntax provided for extensions in Section 3.6.1. and the semantics 3016 MUST adhere to the semantics provided for extensions in Section 3017 3.6.1. and 3.6.2. Associated with each registration MUST be the 3018 encoding name for the parameter as well as a short descriptive name 3019 for it. 3021 The potential configuration parameters "a" for "attribute" and "t" 3022 for "transport protocol" are defined in this document and the IANA is 3023 hereby requested to register these. 3025 7. Acknowledgments 3027 This document is heavily influenced by the discussions and work done 3028 by the SDP Capability Negotiation Design team. The following people 3029 in particular provided useful comments and suggestions to either the 3030 document itself or the overall direction of the solution defined in 3031 here: Francois Audet, John Elwell, Roni Even, Robert Gilman, Cullen 3032 Jennings, Jonathan Lennox, Matt Lepinski, Joerg Ott, Colin Perkins, 3033 Jonathan Rosenberg, Thomas Stach, and Dan Wing. 3035 8. Change Log 3037 8.1. draft-ietf-mmusic-sdp-capability-negotiation-06 3039 o Added additional background text on terminology used, and a new 3040 section on the negotiation model. 3042 o Allowed for session-level attribute capabilities to contain media- 3043 level only attributes, albeit the base framework does not define 3044 (or allow) them to be used in a potential configuration 3045 (extensions may change that) 3047 o Disallowing multiple "a=tcap" attributes at the session-level 3048 and/or on a per media description basis; at most one at the 3049 session-level and per media description now. 3051 o Changed the "a=pcfg" attribute to make a potential configuration 3052 list optional in order to allow for the actual configuration to be 3053 referenced. 3055 o Removed the ability to delete and replace individual attributes 3056 from the actual configuration SDP. 3058 o Introduced the notion of mandatory and optional attribute 3059 capabilities in a potential configuration and updated the "a=pcfg" 3060 attribute and associated procedures accordingly. 3062 o Specified that mandatory attribute capabilities and the transport 3063 protocol (if any) from a potential configuration need to be 3064 supported in order to select that potential configuration. 3065 Offer/answer procedures updated accordingly as well. 3067 o Noted potential interaction and synchronization issues with use of 3068 session-level attributes and attribute capabilities and added 3069 recommendation to avoid use of session-level attributes when 3070 possible. 3072 o Fixed error in "a=acfg" grammar (missing config-number) and 3073 updated attribute definition in accordance with the "a=pcfg" 3074 attribute changes. 3076 o Updated text associated with processing media before answer to 3077 allow for playing out garbage or discard until answer received. 3078 Additional detail on alternative solutions provided as well. 3080 o Added recommendation to send back answer SDP as soon as possible, 3081 when a potential configuration different from the actual 3082 configuration has been chosen. 3084 o Added new section on interactions with SIP option tags. 3086 o Added new section on dealing with large number of potential 3087 configurations. 3089 o Added new section on SDP capability negotiation and 3090 intermediaries. 3092 o Updated examples in accordance with other changes and to 3093 illustrate use of mandatory and optional attribute capabilities in 3094 a potential configuration. 3096 o Updated security considerations to address potential denial of 3097 service attack caused by large number of potential configurations. 3099 o Various editorial updates throughout. 3101 8.2. draft-ietf-mmusic-sdp-capability-negotiation-05 3103 o Allowed for '=' attributes to be listed as attribute 3104 capabilities the attribute name only. 3106 o Changed IP-address to conform to RFC 3330 guidelines. 3108 o Added section on relationship to RFC 3407 and "Obsoletes: 3407" in 3109 the front. 3111 o Disallowed use of white space in a number of places for more 3112 consistency with existing SDP practice 3114 o Changed "csup" and "creq" attributes to not allow multiple 3115 instances at the session-level and multiple instances per media 3116 description (only one for each now) 3118 o Changed to not require use of "creq" with base option tag ("cap- 3119 v0"). 3121 o Relaxed restrictions on extension capabilities 3122 o Updated potential configuration attribute syntax and semantics. In 3123 particular, potential configuration attributes can now replace and 3124 delete various existing attributes in original SDP to better 3125 control potential attribute interactions with the actual 3126 configuration while preserving message size efficiency. 3128 o Updated actual configuration attribute to align with the updates 3129 to the potential configuration attributes. 3131 o Updated offer/answer procedures to align with other changes. 3133 o Changed recommendation for second offer/answer exchange to "MAY" 3134 strength, unless for the cases where it is known or suspected that 3135 it is needed. 3137 o Updated ICE interactions to explain how the new attribute 3138 delete/replace features can solve certain potential interactions. 3140 o Updated rtpmap and fmtp section to allow potential configurations 3141 to use remapped payload types in attribute capabilities for 3142 rtpmaps and fmtp parameters. 3144 o Added section on direction attributes. 3146 o Added another example showing SRTP with session-level MIKEY and 3147 SDP Security Descriptions using the attribute capability DELETE 3148 operator. 3150 8.3. draft-ietf-mmusic-sdp-capability-negotiation-04 3152 The following are the major changes compared to version -03: 3154 o Added explicit ordering rules for attributes added by potential 3155 configurations. 3157 o Noted that ICE interaction issues (ice-tcp specifically) may not 3158 be as clear as originally thought. 3160 o Added considerations on using rtpmap and fmtp attributes as 3161 attribute capabilities. 3163 o Added multiple transport protocol example. 3165 o Added session-level MIKEY and media level security descriptions 3166 example. 3168 8.4. draft-ietf-mmusic-sdp-capability-negotiation-03 3170 The following are the major changes compared to version -02: 3172 o Base option tag name changed from "v0" to "cap-v0". 3174 o Added new section on extension capability attributes 3176 o Firmed up offer/answer procedures. 3178 o Added security considerations 3180 o Added IANA considerations 3182 8.5. draft-ietf-mmusic-sdp-capability-negotiation-02 3184 The following are the major changes compared to version -01: 3186 o Potential configurations are no longer allowed at the session 3187 level 3189 o Renamed capability attributes ("capar" to "acap" and "ctrpr" to 3190 "tcap") 3192 o Changed name and semantics of the initial number (now called 3193 configuration number) in potential configuration attributes; must 3194 now be unique and can be used as a handle 3196 o Actual configuration attribute now includes configuration number 3197 from the selected potential configuration attribute 3199 o Added ABNF throughout 3201 o Specified that answerer should include "a=csup" in case of 3202 unsupported required extensions in offer. 3204 o Specified use of second offer/answer exchange when answerer 3205 selected a potential configuration 3207 o Updated rules (and added restrictions) for referencing media- and 3208 session-level capabilities in potential configurations (at the 3209 media level) 3211 o Added initial section on ICE interactions 3213 o Added initial section on receiving media before answer 3215 8.6. draft-ietf-mmusic-sdp-capability-negotiation-01 3217 The following are the major changes compared to version -00: 3219 o Media capabilities are no longer considered a core capability and 3220 hence have been removed. This leaves transport protocols and 3221 attributes as the only capabilities defined by the core. 3223 o Version attribute has been removed and an option tag to indicate 3224 the actual version has been defined instead. 3226 o Clarified rules for session-level and media level attributes 3227 provided at either level as well how they can be used in potential 3228 configurations. 3230 o Potential configuration parameters no longer have implicit 3231 ordering; an explicit preference indicator is now included. 3233 o The parameter name for transport protocols in the potential and 3234 actual configuration attributes have been changed "p" to "t". 3236 o Clarified operator precedence within potential and actual 3237 configuration attributes. 3239 o Potential configurations at the session level now limited to 3240 indicate latent capability configurations. Consequently, an actual 3241 configuration attribute can no longer be provided at the session 3242 level. 3244 o Cleaned up capability and potential configuration terminology - 3245 they are now two clearly different things. 3247 8.7. draft-ietf-mmusic-sdp-capability-negotiation-00 3249 Version 00 is the initial version. The solution provided in this 3250 initial version is based on an earlier (individual submission) 3251 version of [SDPCapNeg]. The following are the major changes compared 3252 to that document: 3254 o Solution no longer based on RFC 3407, but defines a set of similar 3255 attributes (with some differences). 3257 o Various minor changes to the previously defined attributes. 3259 o Multiple transport capabilities can be included in a single "tcap" 3260 attribute 3262 o A version attribute is now included. 3264 o Extensions to the framework are formally supported. 3266 o Option tags and the ability to list supported and required 3267 extensions are supported. 3269 o A best-effort SRTP example use case has been added. 3271 o Some terminology change throughout to more clearly indicate what 3272 constitutes capabilities and what constitutes configurations. 3274 9. References 3276 9.1. Normative References 3278 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3279 Requirement Levels", BCP 14, RFC 2119, March 1997. 3281 [RFC3264] Rosenberg, J., and H. Schulzrinne, "An Offer/Answer Model 3282 with Session Description Protocol (SDP)", RFC 3264, June 3283 2002. 3285 [RFC3407] F. Andreasen, "Session Description Protocol (SDP) Simple 3286 Capability Declaration", RFC 3407, October 2002. 3288 [RFC3605] C. Huitema, "Real Time Control Protocol (RTCP) attribute in 3289 Session Description Protocol (SDP)", RFC 3605, October 3290 2003. 3292 [RFC4234] Crocker, D., and P. Overell, "Augmented BNF for Syntax 3293 Specifications: ABNF", RFC 4234, October 2005. 3295 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 3296 Description Protocol", RFC 4566, July 2006. 3298 [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an 3299 IANA Considerations Section in RFCs", BCP 26, RFC 2434, 3300 October 1998. 3302 9.2. Informative References 3304 [RFC2046] Freed, N., and N. Borensteain, "Multipurpose Internet Mail 3305 Extensions (MIME) Part Two: Media Types", RFC 2046, 3306 November 1996. 3308 [RFC2327] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 3309 Description Protocol", RFC 2327, April 1998. 3311 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 3312 A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, 3313 "SIP: Session Initiation Protocol", RFC 3261, June 2002. 3315 [RFC3388] Camarillo, G., Eriksson, G., Holler, J., and H. 3316 Schulzrinne, "Grouping of Media Lines in the Session 3317 Description Protocol (SDP)", RFC 3388, December 2002. 3319 [RFC3551] Schulzrinne, H., and S. Casner, "RTP Profile for Audio and 3320 Video Conferences with Minimal Control", RFC 3551, July 3321 2003. 3323 [SRTP] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 3324 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 3325 RFC 3711, March 2004. 3327 [RFC3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions 3328 (S/MIME) Version 3.1 Message Specification", RFC 3851, July 3329 2004. 3331 [RFC4091] Camarillo, G., and J. Rosenberg, The Alternative Network 3332 Address Types (ANAT) Semantics for the Session Description 3333 Protocol (SDP) Grouping Framework, RFC 4091, June 2005. 3335 [AVPF] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, 3336 "Extended RTP Profile for RTCP-Based Feedback (RTP/AVPF)", 3337 Work in Progress, August 2004. 3339 [I-D.jennings-sipping-multipart] Wing, D., and C. Jennings, "Session 3340 Initiation Protocol (SIP) Offer/Answer with Multipart 3341 Alternative", Work in Progress, March 2006. 3343 [SAVPF] Ott, J., and E Carrara, "Extended Secure RTP Profile for 3344 RTCP-based Feedback (RTP/SAVPF)", Work in Progress, 3345 December 2005. 3347 [SDES] Andreasen, F., Baugher, M., and D. Wing, "Session 3348 Description Protocol Security Descriptions for Media 3349 Streams", RFC 4568, July 2006. 3351 [SDPng] Kutscher, D., Ott, J., and C. Bormann, "Session Description 3352 and Capability Negotiation", Work in Progress, February 3353 2005. 3355 [BESRTP] Kaplan, H., and F. Audet, "Session Description Protocol 3356 (SDP) Offer/Answer Negotiation for Best-Effort Secure Real- 3357 Time Transport Protocol, Work in progress, August 2006. 3359 [KMGMT] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E. 3360 Carrara, "Key Management Extensions for Session Description 3361 Protocol (SDP) and Real Time Streaming Protocol (RTSP)", 3362 RFC 4567, July 2006. 3364 [SDPCapNegRqts] Andreasen, F. "SDP Capability Negotiation: 3365 Requirementes and Review of Existing Work", work in 3366 progress, December 2006. 3368 [SDPCapNeg] Andreasen, F. "SDP Capability Negotiation", work in 3369 progress, December 2006. 3371 [MIKEY] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K. 3372 Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830, 3373 August 2004. 3375 [ICE] J. Rosenberg, "Interactive Connectivity Establishment 3376 (ICE): A Methodology for Network Address Translator (NAT) 3377 Traversal for Offer/Answer Protocols", work in progress, 3378 January 2007. 3380 [ICETCP] J. Rosenberg, "TCP Candidates with Interactive Connectivity 3381 Establishment (ICE)", work in progress, October 2006. 3383 [RFC3312] G. Camarillo, W. Marshall, and J. Rosenberg, "Integration 3384 of Resource Management and Session Initiatio Protocol 3385 (SIP)", RFC 3312, October 2002. 3387 [SMIME] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions 3388 (S/MIME) Version 3.1 Message Specification", RFC 3851, July 3389 2004. 3391 [RFC4474] J. Peterson, and C. Jennings, "Enhancements for 3392 Authenticated Identity Management in the Session Initiation 3393 Protocol (SIP)", RFC 4474, August 2006. 3395 [sprecon] Andreasen, F. and D. Wing, "Security Preconditions for 3396 Session Description Protocol Media Streams", Work in 3397 Progress, October 2006. 3399 [RFC4756] A. Li, "Forward Error Correction Grouping Semantics in 3400 Session Description Protocol", RFC 4756, November 2006. 3402 [RFC3262] J. Rosenberg, and H. Schulzrinne, "Reliability of 3403 Provisional Responses in Session Initiation Protocol 3404 (SIP)", RFC 3262, June 2002. 3406 Author's Addresses 3408 Flemming Andreasen 3409 Cisco Systems 3410 Edison, NJ 3412 Email: fandreas@cisco.com 3414 Intellectual Property Statement 3416 The IETF takes no position regarding the validity or scope of any 3417 Intellectual Property Rights or other rights that might be claimed to 3418 pertain to the implementation or use of the technology described in 3419 this document or the extent to which any license under such rights 3420 might or might not be available; nor does it represent that it has 3421 made any independent effort to identify any such rights. Information 3422 on the procedures with respect to rights in RFC documents can be 3423 found in BCP 78 and BCP 79. 3425 Copies of IPR disclosures made to the IETF Secretariat and any 3426 assurances of licenses to be made available, or the result of an 3427 attempt made to obtain a general license or permission for the use of 3428 such proprietary rights by implementers or users of this 3429 specification can be obtained from the IETF on-line IPR repository at 3430 http://www.ietf.org/ipr. 3432 The IETF invites any interested party to bring to its attention any 3433 copyrights, patents or patent applications, or other proprietary 3434 rights that may cover technology that may be required to implement 3435 this standard. Please address the information to the IETF at 3436 ietf-ipr@ietf.org. 3438 Full Copyright Statement 3440 Copyright (C) The IETF Trust (2007). 3442 This document is subject to the rights, licenses and restrictions 3443 contained in BCP 78, and except as set forth therein, the authors 3444 retain all their rights. 3446 This document and the information contained herein are provided on an 3447 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 3448 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 3449 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 3450 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 3451 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 3452 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 3454 Acknowledgment 3456 Funding for the RFC Editor function is currently provided by the 3457 Internet Society.