idnits 2.17.1 draft-ietf-rtcweb-transports-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 22, 2014) is 3740 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-07) exists of draft-dhesikan-tsvwg-rtcweb-qos-03 == Outdated reference: A later version (-26) exists of draft-ietf-mmusic-sctp-sdp-05 == Outdated reference: A later version (-13) exists of draft-ietf-rtcweb-data-channel-06 == Outdated reference: A later version (-26) exists of draft-ietf-rtcweb-rtp-usage-11 == Outdated reference: A later version (-12) exists of draft-ietf-rtcweb-security-05 == Outdated reference: A later version (-20) exists of draft-ietf-rtcweb-security-arch-07 == Outdated reference: A later version (-09) exists of draft-ietf-tsvwg-sctp-dtls-encaps-02 ** Obsolete normative reference: RFC 5245 (Obsoleted by RFC 8445, RFC 8839) ** Obsolete normative reference: RFC 5389 (Obsoleted by RFC 8489) ** Obsolete normative reference: RFC 5766 (Obsoleted by RFC 8656) ** Obsolete normative reference: RFC 6156 (Obsoleted by RFC 8656) == Outdated reference: A later version (-03) exists of draft-hutton-rtcweb-nat-firewall-considerations-02 == Outdated reference: A later version (-54) exists of draft-ietf-mmusic-sdp-bundle-negotiation-05 == Outdated reference: A later version (-19) exists of draft-ietf-rtcweb-overview-08 Summary: 4 errors (**), 0 flaws (~~), 11 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group H. Alvestrand 3 Internet-Draft Google 4 Intended status: Standards Track January 22, 2014 5 Expires: July 26, 2014 7 Transports for RTCWEB 8 draft-ietf-rtcweb-transports-02 10 Abstract 12 This document describes the data transport protocols used by RTCWEB, 13 including the protocols used for interaction with intermediate boxes 14 such as firewalls, relays and NAT boxes. 16 Status of this Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on July 26, 2014. 33 Copyright Notice 35 Copyright (c) 2014 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 51 2. Requirements language . . . . . . . . . . . . . . . . . . . . . 3 52 3. Transport and Middlebox specification . . . . . . . . . . . . . 3 53 3.1. System-provided interfaces . . . . . . . . . . . . . . . . 3 54 3.2. Usage of Quality of Service functions . . . . . . . . . . . 4 55 3.3. Support for multiplexing . . . . . . . . . . . . . . . . . 4 56 3.4. Middle box related functions . . . . . . . . . . . . . . . 4 57 3.5. Transport protocols implemented . . . . . . . . . . . . . . 5 58 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 60 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 61 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 62 7.1. Normative References . . . . . . . . . . . . . . . . . . . 6 63 7.2. Informative References . . . . . . . . . . . . . . . . . . 8 64 Appendix A. Change log . . . . . . . . . . . . . . . . . . . . . . 8 65 A.1. Changes from -00 to -01 . . . . . . . . . . . . . . . . . . 8 66 A.2. Changes from -01 to -02 . . . . . . . . . . . . . . . . . . 9 67 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 9 69 1. Introduction 71 The IETF RTCWEB effort, part of the WebRTC effort carried out in 72 cooperation between the IETF and the W3C, is aimed at specifying a 73 protocol suite that is useful for real time multimedia exchange 74 between browsers. 76 The overall effort is described in the RTCWEB overview document, 77 [I-D.ietf-rtcweb-overview]. This document focuses on the data 78 transport protocos that are used by conforming implementations. 80 This protocol suite is designed for WebRTC, and intends to satisfy 81 the security considerations described in the WebRTC security 82 documents, [I-D.ietf-rtcweb-security] and 83 [I-D.ietf-rtcweb-security-arch]. 85 2. Requirements language 87 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 88 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 89 document are to be interpreted as described in RFC 2119 [RFC2119]. 91 3. Transport and Middlebox specification 93 3.1. System-provided interfaces 95 The protocol specifications used here assume that the following 96 protocols are available to the implementations of the RTCWEB 97 protocols: 99 o UDP. This is the protocol assumed by most protocol elements 100 described. 102 o TCP. This is used for HTTP/WebSockets, as well as for TURN/SSL 103 and ICE-TCP. 105 For both protocols, IPv4 and IPv6 support is assumed; applications 106 MUST be able to utilize both IPv4 and IPv6 where available. 108 For UDP, this specification assumes the ability to set the DSCP code 109 point of the sockets opened on a per-packet basis, in order to 110 achieve the prioritizations described in 111 [I-D.dhesikan-tsvwg-rtcweb-qos] when multiple media types are 112 multiplexed. It does not assume that the DSCP codepoints will be 113 honored, and does assume that they may be zeroed or changed, since 114 this is a local configuration issue. 116 This specification does not assume that the implementation will have 117 access to ICMP or raw IP. 119 3.2. Usage of Quality of Service functions 121 WebRTC implementations SHOULD attempt to set QoS on the packets sent, 122 according to the guidelines in [I-D.dhesikan-tsvwg-rtcweb-qos]. It 123 is appropriate to depart from this recommendation when running on 124 platforms where QoS marking is not implemented. 126 3.3. Support for multiplexing 128 RTCWEB implementations MUST support the ability to send and receive 129 multiple SSRCs on the same transport, and MUST support the ability to 130 send and receive multiple SSRCs on multiple simultaneous transports, 131 including the ability to send and receive audio and video on the same 132 transport. The choice of configuration is done at higher layers 133 (above transport), using mechanisms like BUNDLE 134 [I-D.ietf-mmusic-sdp-bundle-negotiation]. Further information on RTP 135 usage is found in [I-D.ietf-rtcweb-rtp-usage]. 137 When different content types according to 138 [I-D.dhesikan-tsvwg-rtcweb-qos] are used on the same transport, 139 appropriate per-packet DSCP marking SHOULD be used. 141 DISCUSSION: Minimizing the number of transports has advantages in 142 traversing NATs and firewalls, due to the reduced chance of 143 negotiation failure. However, some network prioritization mechanisms 144 (in particular active queue management techniques and flow- 145 recognizing deep packet inspection boxes) will perform better when 146 flows with different characteristics are separated on different 147 5-tuples. Since the optimum for this tradeoff is unknown, and may be 148 variable, it is inappropriate to embed this choice in the protocol 149 layer, and this is therefore left to the control of the application. 151 3.4. Middle box related functions 153 The primary mechanism to deal with middle boxes is ICE, which is an 154 appropriate way to deal with NAT boxes and firewalls that accept 155 traffic from the inside, but only from the outside if it's in 156 response to inside traffic (simple stateful firewalls). 158 ICE [RFC5245] MUST be supported. The implementation MUST be a full 159 ICE implementation, not ICE-Lite. 161 In order to deal with situations where both parties are behind NATs 162 which perform endpoint-dependent mapping (as defined in [RFC5128] 163 section 2.4), TURN [RFC5766] MUST be supported. 165 In order to deal with firewalls that block all UDP traffic, TURN 166 using TCP between the client and the server MUST be supported, and 167 TURN using TLS between the client and the server MUST be supported. 168 See [RFC5766] section 2.1 for details. 170 In order to deal with situations where one party is on an IPv4 171 network and the other party is on an IPv6 network, TURN extensions 172 for IPv6 [RFC6156] MUST be supported. 174 TURN TCP candidates [RFC6062] SHOULD be supported; this allows 175 applications to achieve peer-to-peer communication when both parties 176 are behind UDP-blocking firewalls using a single TURN server. (In 177 this case, one can also achieve communication using two TURN servers 178 that use TCP between the server and the client, and UDP between the 179 TURN servers.) 181 ICE-TCP candidates [RFC6544] MAY be supported; this may allow 182 applications to communicate to peers with public IP addresses across 183 UDP-blocking firewalls without using a TURN server. 185 The ALTERNATE-SERVER mechanism specified in [RFC5389] (STUN) section 186 11 (300 Try Alternate) MUST be supported. 188 Further discussion of the interaction of RTCWEB with firewalls is 189 contained in [I-D.hutton-rtcweb-nat-firewall-considerations]. This 190 document makes no requirements on interacting with HTTP proxies or 191 HTTP proxy configuration methods. 193 3.5. Transport protocols implemented 195 For transport of media, secure RTP is used. The details of the 196 profile of RTP used are described in "RTP Usage" 197 [I-D.ietf-rtcweb-rtp-usage]. 199 For data transport over the RTCWEB data channel 200 [I-D.ietf-rtcweb-data-channel], RTCWEB implementations MUST support 201 SCTP over DTLS over ICE. This encapsulation is specified in 202 [I-D.ietf-tsvwg-sctp-dtls-encaps]. Negotiation of this transport in 203 SDP is defined in [I-D.ietf-mmusic-sctp-sdp]. 205 The setup protocol for RTCWEB data channels is described in 206 [I-D.jesup-rtcweb-data-protocol]. 208 RTCWEB implementations MUST support multiplexing of DTLS and RTP over 209 the same port pair, as described in the DTLS_SRTP specification 210 [RFC5764], section 5.1.2. All application layer protocol payloads 211 over this DTLS connection are SCTP packets. 213 4. IANA Considerations 215 This document makes no request of IANA. 217 Note to RFC Editor: this section may be removed on publication as an 218 RFC. 220 5. Security Considerations 222 Security considerations are enumerated in [I-D.ietf-rtcweb-security]. 224 6. Acknowledgements 226 This document is based on earlier versions embedded in 227 [I-D.ietf-rtcweb-overview], which were the results of contributions 228 from many RTCWEB WG members. 230 Special thanks for reviews of earlier versions of this draft go to 231 Magnus Westerlund, Markus Isomaki and Dan Wing; the contributions 232 from Andrew Hutton also deserve special mention. 234 7. References 236 7.1. Normative References 238 [I-D.dhesikan-tsvwg-rtcweb-qos] 239 Dhesikan, S., Druta, D., Jones, P., and J. Polk, "DSCP and 240 other packet markings for RTCWeb QoS", 241 draft-dhesikan-tsvwg-rtcweb-qos-03 (work in progress), 242 December 2013. 244 [I-D.ietf-mmusic-sctp-sdp] 245 Loreto, S. and G. Camarillo, "Stream Control Transmission 246 Protocol (SCTP)-Based Media Transport in the Session 247 Description Protocol (SDP)", draft-ietf-mmusic-sctp-sdp-05 248 (work in progress), October 2013. 250 [I-D.ietf-rtcweb-data-channel] 251 Jesup, R., Loreto, S., and M. Tuexen, "RTCWeb Data 252 Channels", draft-ietf-rtcweb-data-channel-06 (work in 253 progress), October 2013. 255 [I-D.ietf-rtcweb-rtp-usage] 256 Perkins, C., Westerlund, M., and J. Ott, "Web Real-Time 257 Communication (WebRTC): Media Transport and Use of RTP", 258 draft-ietf-rtcweb-rtp-usage-11 (work in progress), 259 December 2013. 261 [I-D.ietf-rtcweb-security] 262 Rescorla, E., "Security Considerations for WebRTC", 263 draft-ietf-rtcweb-security-05 (work in progress), 264 July 2013. 266 [I-D.ietf-rtcweb-security-arch] 267 Rescorla, E., "WebRTC Security Architecture", 268 draft-ietf-rtcweb-security-arch-07 (work in progress), 269 July 2013. 271 [I-D.ietf-tsvwg-sctp-dtls-encaps] 272 Tuexen, M., Stewart, R., Jesup, R., and S. Loreto, "DTLS 273 Encapsulation of SCTP Packets", 274 draft-ietf-tsvwg-sctp-dtls-encaps-02 (work in progress), 275 October 2013. 277 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 278 Requirement Levels", BCP 14, RFC 2119, March 1997. 280 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 281 (ICE): A Protocol for Network Address Translator (NAT) 282 Traversal for Offer/Answer Protocols", RFC 5245, 283 April 2010. 285 [RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 286 "Session Traversal Utilities for NAT (STUN)", RFC 5389, 287 October 2008. 289 [RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer 290 Security (DTLS) Extension to Establish Keys for the Secure 291 Real-time Transport Protocol (SRTP)", RFC 5764, May 2010. 293 [RFC5766] Mahy, R., Matthews, P., and J. Rosenberg, "Traversal Using 294 Relays around NAT (TURN): Relay Extensions to Session 295 Traversal Utilities for NAT (STUN)", RFC 5766, April 2010. 297 [RFC6062] Perreault, S. and J. Rosenberg, "Traversal Using Relays 298 around NAT (TURN) Extensions for TCP Allocations", 299 RFC 6062, November 2010. 301 [RFC6156] Camarillo, G., Novo, O., and S. Perreault, "Traversal 302 Using Relays around NAT (TURN) Extension for IPv6", 303 RFC 6156, April 2011. 305 [RFC6544] Rosenberg, J., Keranen, A., Lowekamp, B., and A. Roach, 306 "TCP Candidates with Interactive Connectivity 307 Establishment (ICE)", RFC 6544, March 2012. 309 7.2. Informative References 311 [I-D.hutton-rtcweb-nat-firewall-considerations] 312 Stach, T., Hutton, A., and J. Uberti, "RTCWEB 313 Considerations for NATs, Firewalls and HTTP proxies", 314 draft-hutton-rtcweb-nat-firewall-considerations-02 (work 315 in progress), September 2013. 317 [I-D.ietf-mmusic-sdp-bundle-negotiation] 318 Holmberg, C., Alvestrand, H., and C. Jennings, 319 "Multiplexing Negotiation Using Session Description 320 Protocol (SDP) Port Numbers", 321 draft-ietf-mmusic-sdp-bundle-negotiation-05 (work in 322 progress), October 2013. 324 [I-D.ietf-rtcweb-overview] 325 Alvestrand, H., "Overview: Real Time Protocols for Brower- 326 based Applications", draft-ietf-rtcweb-overview-08 (work 327 in progress), September 2013. 329 [I-D.jesup-rtcweb-data-protocol] 330 Jesup, R., Loreto, S., and M. Tuexen, "WebRTC Data Channel 331 Protocol", draft-jesup-rtcweb-data-protocol-04 (work in 332 progress), February 2013. 334 [RFC5128] Srisuresh, P., Ford, B., and D. Kegel, "State of Peer-to- 335 Peer (P2P) Communication across Network Address 336 Translators (NATs)", RFC 5128, March 2008. 338 Appendix A. Change log 340 A.1. Changes from -00 to -01 342 o Clarified DSCP requirements, with reference to -qos- 344 o Clarified "symmetric NAT" -> "NATs which perform endpoint- 345 dependent mapping" 347 o Made support of TURN over TCP mandatory 349 o Made support of TURN over TLS a MAY, and added open question 351 o Added an informative reference to -firewalls- 352 o Called out that we don't make requirements on HTTP proxy 353 interaction (yet 355 A.2. Changes from -01 to -02 357 o Required support for 300 Alternate Server from STUN. 359 o Separated the ICE-TCP candidate requirement from the TURN-TCP 360 requirement. 362 o Added new sections on using QoS functions, and on multiplexing 363 considerations. 365 o Removed all mention of RTP profiles. Those are the business of 366 the RTP usage draft, not this one. 368 o Required support for TURN IPv6 extensions. 370 o Removed reference to the TURN URI scheme, as it was unnecessary. 372 o Made an explicit statement that multiplexing (or not) is an 373 application matter. 375 . 377 Author's Address 379 Harald Alvestrand 380 Google 382 Email: harald@alvestrand.no