idnits 2.17.1 draft-ietf-rtcweb-transports-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 28, 2016) is 3012 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-26) exists of draft-ietf-mmusic-sctp-sdp-12 == Outdated reference: A later version (-04) exists of draft-ietf-rtcweb-alpn-00 == Outdated reference: A later version (-26) exists of draft-ietf-rtcweb-rtp-usage-22 == Outdated reference: A later version (-12) exists of draft-ietf-rtcweb-security-07 == Outdated reference: A later version (-20) exists of draft-ietf-rtcweb-security-arch-10 == Outdated reference: A later version (-18) exists of draft-ietf-tsvwg-rtcweb-qos-03 == Outdated reference: A later version (-13) exists of draft-ietf-tsvwg-sctp-ndata-02 ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 4941 (Obsoleted by RFC 8981) ** Obsolete normative reference: RFC 5245 (Obsoleted by RFC 8445, RFC 8839) ** Obsolete normative reference: RFC 5389 (Obsoleted by RFC 8489) ** Obsolete normative reference: RFC 5766 (Obsoleted by RFC 8656) ** Obsolete normative reference: RFC 6156 (Obsoleted by RFC 8656) ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 7235 (Obsoleted by RFC 9110) == Outdated reference: A later version (-19) exists of draft-ietf-rtcweb-overview-13 -- Obsolete informational reference (is this intentional?): RFC 3484 (Obsoleted by RFC 6724) Summary: 8 errors (**), 0 flaws (~~), 9 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group H. Alvestrand 3 Internet-Draft Google 4 Intended status: Standards Track January 28, 2016 5 Expires: July 31, 2016 7 Transports for WebRTC 8 draft-ietf-rtcweb-transports-11 10 Abstract 12 This document describes the data transport protocols used by WebRTC, 13 including the protocols used for interaction with intermediate boxes 14 such as firewalls, relays and NAT boxes. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on July 31, 2016. 33 Copyright Notice 35 Copyright (c) 2016 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 51 2. Requirements language . . . . . . . . . . . . . . . . . . . . 3 52 3. Transport and Middlebox specification . . . . . . . . . . . . 3 53 3.1. System-provided interfaces . . . . . . . . . . . . . . . 3 54 3.2. Ability to use IPv4 and IPv6 . . . . . . . . . . . . . . 4 55 3.3. Usage of temporary IPv6 addresses . . . . . . . . . . . . 4 56 3.4. Middle box related functions . . . . . . . . . . . . . . 4 57 3.5. Transport protocols implemented . . . . . . . . . . . . . 6 58 4. Media Prioritization . . . . . . . . . . . . . . . . . . . . 6 59 4.1. Local prioritization . . . . . . . . . . . . . . . . . . 7 60 4.2. Usage of Quality of Service - DSCP and Multiplexing . . . 8 61 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 62 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 63 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 64 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 65 8.1. Normative References . . . . . . . . . . . . . . . . . . 10 66 8.2. Informative References . . . . . . . . . . . . . . . . . 12 67 Appendix A. Change log . . . . . . . . . . . . . . . . . . . . . 13 68 A.1. Changes from -00 to -01 . . . . . . . . . . . . . . . . . 13 69 A.2. Changes from -01 to -02 . . . . . . . . . . . . . . . . . 13 70 A.3. Changes from -02 to -03 . . . . . . . . . . . . . . . . . 14 71 A.4. Changes from -03 to -04 . . . . . . . . . . . . . . . . . 14 72 A.5. Changes from -04 to -05 . . . . . . . . . . . . . . . . . 14 73 A.6. Changes from -05 to -06 . . . . . . . . . . . . . . . . . 15 74 A.7. Changes from -06 to -07 . . . . . . . . . . . . . . . . . 15 75 A.8. Changes from -07 to -08 . . . . . . . . . . . . . . . . . 15 76 A.9. Changes from -08 to -09 . . . . . . . . . . . . . . . . . 15 77 A.10. Changes from -09 to -10 . . . . . . . . . . . . . . . . . 16 78 A.11. Changes from -10 to -11 . . . . . . . . . . . . . . . . . 16 79 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 16 81 1. Introduction 83 WebRTC is a protocol suite aimed at real time multimedia exchange 84 between browsers, and between browsers and other entities. 86 WebRTC is described in the WebRTC overview document, 87 [I-D.ietf-rtcweb-overview], which also defines terminology used in 88 this document, including the terms "WebRTC device" and "WebRTC 89 browser". 91 Terminology for RTP sources is taken from[RFC7656] . 93 This document focuses on the data transport protocols that are used 94 by conforming implementations, including the protocols used for 95 interaction with intermediate boxes such as firewalls, relays and NAT 96 boxes. 98 This protocol suite intends to satisfy the security considerations 99 described in the WebRTC security documents, 100 [I-D.ietf-rtcweb-security] and [I-D.ietf-rtcweb-security-arch]. 102 This document describes requirements that apply to all WebRTC 103 devices. When there are requirements that apply only to WebRTC 104 browsers, this is called out explicitly. 106 2. Requirements language 108 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 109 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 110 document are to be interpreted as described in RFC 2119 [RFC2119]. 112 3. Transport and Middlebox specification 114 3.1. System-provided interfaces 116 The protocol specifications used here assume that the following 117 protocols are available to the implementations of the WebRTC 118 protocols: 120 o UDP [RFC0768]. This is the protocol assumed by most protocol 121 elements described. 123 o TCP [RFC0793]. This is used for HTTP/WebSockets, as well as for 124 TURN/SSL and ICE-TCP. 126 For both protocols, IPv4 and IPv6 support is assumed. 128 For UDP, this specification assumes the ability to set the DSCP code 129 point of the sockets opened on a per-packet basis, in order to 130 achieve the prioritizations described in [I-D.ietf-tsvwg-rtcweb-qos] 131 (see Section 4.2) when multiple media types are multiplexed. It does 132 not assume that the DSCP codepoints will be honored, and does assume 133 that they may be zeroed or changed, since this is a local 134 configuration issue. 136 Platforms that do not give access to these interfaces will not be 137 able to support a conforming WebRTC implementation. 139 This specification does not assume that the implementation will have 140 access to ICMP or raw IP. 142 3.2. Ability to use IPv4 and IPv6 144 Web applications running in a WebRTC browser MUST be able to utilize 145 both IPv4 and IPv6 where available - that is, when two peers have 146 only IPv4 connectivity to each other, or they have only IPv6 147 connectivity to each other, applications running in the WebRTC 148 browser MUST be able to communicate. 150 When TURN is used, and the TURN server has IPv4 or IPv6 connectivity 151 to the peer or its TURN server, candidates of the appropriate types 152 MUST be supported. The "Happy Eyeballs" specification for ICE 153 [I-D.martinsen-mmusic-ice-dualstack-fairness] SHOULD be supported. 155 3.3. Usage of temporary IPv6 addresses 157 The IPv6 default address selection specification [RFC6724] specifies 158 that temporary addresses [RFC4941] are to be preferred over permanent 159 addresses. This is a change from the rules specified by [RFC3484]. 160 For applications that select a single address, this is usually done 161 by the IPV6_PREFER_SRC_TMP preference flag specified in [RFC5014]. 162 However, this rule is not completely obvious in the ICE scope. This 163 is therefore clarified as follows: 165 When a client gathers all IPv6 addresses on a host, and both 166 temporary addresses and permanent addresses of the same scope are 167 present, the client SHOULD discard the permanent addresses before 168 exposing addresses to the application or using them in ICE. This is 169 consistent with the default policy described in [RFC6724]. 171 3.4. Middle box related functions 173 The primary mechanism to deal with middle boxes is ICE, which is an 174 appropriate way to deal with NAT boxes and firewalls that accept 175 traffic from the inside, but only from the outside if it is in 176 response to inside traffic (simple stateful firewalls). 178 ICE [RFC5245] MUST be supported. The implementation MUST be a full 179 ICE implementation, not ICE-Lite. A full ICE implementation allows 180 interworking with both ICE and ICE-Lite implementations when they are 181 deployed appropriately. 183 In order to deal with situations where both parties are behind NATs 184 of the type that perform endpoint-dependent mapping (as defined in 185 [RFC5128] section 2.4), TURN [RFC5766] MUST be supported. 187 WebRTC browsers MUST support configuration of STUN and TURN servers, 188 both from browser configuration and from an application. 190 In order to deal with firewalls that block all UDP traffic, the mode 191 of TURN that uses TCP between the client and the server MUST be 192 supported, and the mode of TURN that uses TLS over TCP between the 193 client and the server MUST be supported. See [RFC5766] section 2.1 194 for details. 196 In order to deal with situations where one party is on an IPv4 197 network and the other party is on an IPv6 network, TURN extensions 198 for IPv6 [RFC6156] MUST be supported. 200 TURN TCP candidates, where the connection from the client's TURN 201 server to the peer is a TCP connection, [RFC6062] MAY be supported. 203 However, such candidates are not seen as providing any significant 204 benefit, for the following reasons. 206 First, use of TURN TCP candidates would only be relevant in cases 207 which both peers are required to use TCP to establish a 208 PeerConnection. 210 Second, that use case is supported in a different way by both sides 211 establishing UDP relay candidates using TURN over TCP to connect to 212 their respective relay servers. 214 Third, using TCP only between the endpoint and its relay may result 215 in less issues with TCP in regards to real-time constraints, e.g. due 216 to head of line blocking. 218 ICE-TCP candidates [RFC6544] MUST be supported; this may allow 219 applications to communicate to peers with public IP addresses across 220 UDP-blocking firewalls without using a TURN server. 222 If TCP connections are used, RTP framing according to [RFC4571] MUST 223 be used, both for the RTP packets and for the DTLS packets used to 224 carry data channels. 226 The ALTERNATE-SERVER mechanism specified in [RFC5389] (STUN) section 227 11 (300 Try Alternate) MUST be supported. 229 The WebRTC implementation MAY support accessing the Internet through 230 an HTTP proxy. If it does so, it MUST support the "ALPN" header as 231 specified in [RFC7639], and proxy authentication as described in 232 Section 4.3.6 of [RFC7231] and [RFC7235] MUST also be supported. 234 3.5. Transport protocols implemented 236 For transport of media, secure RTP is used. The details of the 237 profile of RTP used are described in "RTP Usage" 238 [I-D.ietf-rtcweb-rtp-usage]. Key exchange MUST be done using DTLS- 239 SRTP, as described in [I-D.ietf-rtcweb-security-arch]. 241 For data transport over the WebRTC data channel 242 [I-D.ietf-rtcweb-data-channel], WebRTC implementations MUST support 243 SCTP over DTLS over ICE. This encapsulation is specified in 244 [I-D.ietf-tsvwg-sctp-dtls-encaps]. Negotiation of this transport in 245 SDP is defined in [I-D.ietf-mmusic-sctp-sdp]. The SCTP extension for 246 NDATA, [I-D.ietf-tsvwg-sctp-ndata], MUST be supported. 248 The setup protocol for WebRTC data channels described in 249 [I-D.ietf-rtcweb-data-protocol] MUST be supported. 251 Note: DTLS-SRTP as defined in [RFC5764] section 6.7.1 defines the 252 interaction between DTLS and ICE ( [RFC5245]). The effect of this 253 specification is that all ICE candidate pairs associated with a 254 single component are part of the same DTLS association. Thus, there 255 will only be one DTLS handshake even if there are multiple valid 256 candidate pairs. 258 WebRTC implementations MUST support multiplexing of DTLS and RTP over 259 the same port pair, as described in the DTLS-SRTP specification 260 [RFC5764], section 5.1.2. All application layer protocol payloads 261 over this DTLS connection are SCTP packets. 263 Protocol identification MUST be supplied as part of the DTLS 264 handshake, as specified in [I-D.ietf-rtcweb-alpn]. 266 4. Media Prioritization 268 The WebRTC prioritization model is that the application tells the 269 WebRTC implementation about the priority of media and data that is 270 controlled from the API. 272 In this context, a "flow" is used for the units that are given a 273 specific priority through the WebRTC API. 275 For media, a "media flow", which can be an "audio flow" or a "video 276 flow", is what [RFC7656] calls a "media source", which results in a 277 "source RTP stream" and one or more "redundancy RTP streams". This 278 specification does not describe prioritization between the RTP 279 streams that come from a single "media source". 281 A "data flow" is the outgoing data on a single WebRTC data channel. 283 The priority associated with a media flow or data flow is classified 284 as "very-low", "low", "medium or "high". There are only four 285 priority levels at the API. 287 The priority settings affect two pieces of behavior: Packet send 288 sequence decisions and packet markings. Each is described in its own 289 section below. 291 4.1. Local prioritization 293 Local prioritization is applied at the local node, before the packet 294 is sent. This means that the prioritization has full access to the 295 data about the individual packets, and can choose differing treatment 296 based on the stream a packet belongs to. 298 When an WebRTC implementation has packets to send on multiple streams 299 that are congestion-controlled under the same congestion controller, 300 the WebRTC implementation SHOULD cause data to be emitted in such a 301 way that each stream at each level of priority is being given 302 approximately twice the transmission capacity (measured in payload 303 bytes) of the level below. 305 Thus, when congestion occurs, a "high" priority flow will have the 306 ability to send 8 times as much data as a "very-low" priority flow if 307 both have data to send. This prioritization is independent of the 308 media type. The details of which packet to send first are 309 implementation defined. 311 For example: If there is a high priority audio flow sending 100 byte 312 packets, and a low priority video flow sending 1000 byte packets, and 313 outgoing capacity exists for sending >5000 payload bytes, it would be 314 appropriate to send 4000 bytes (40 packets) of audio and 1000 bytes 315 (one packet) of video as the result of a single pass of sending 316 decisions. 318 Conversely, if the audio flow is marked low priority and the video 319 flow is marked high priority, the scheduler may decide to send 2 320 video packets (2000 bytes) and 5 audio packets (500 bytes) when 321 outgoing capacity exists for sending > 2500 payload bytes. 323 If there are two high priority audio flows, each will be able to send 324 4000 bytes in the same period where a low priority video flow is able 325 to send 1000 bytes. 327 Two example implementation strategies are: 329 o When the available bandwidth is known from the congestion control 330 algorithm, configure each codec and each data channel with a 331 target send rate that is appropriate to its share of the available 332 bandwidth. 334 o When congestion control indicates that a specified number of 335 packets can be sent, send packets that are available to send using 336 a weighted round robin scheme across the connections. 338 Any combination of these, or other schemes that have the same effect, 339 is valid, as long as the distribution of transmission capacity is 340 approximately correct. 342 For media, it is usually inappropriate to use deep queues for 343 sending; it is more useful to, for instance, skip intermediate frames 344 that have no dependencies on them in order to achieve a lower 345 bitrate. For reliable data, queues are useful. 347 4.2. Usage of Quality of Service - DSCP and Multiplexing 349 When the packet is sent, the network will make decisions about 350 queueing and/or discarding the packet that can affect the quality of 351 the communication. The sender can attempt to set the DSCP field of 352 the packet to influence these decisions. 354 Implementations SHOULD attempt to set QoS on the packets sent, 355 according to the guidelines in [I-D.ietf-tsvwg-rtcweb-qos]. It is 356 appropriate to depart from this recommendation when running on 357 platforms where QoS marking is not implemented. 359 The implementation MAY turn off use of DSCP markings if it detects 360 symptoms of unexpected behaviour like priority inversion or blocking 361 of packets with certain DSCP markings. The detection of these 362 conditions is implementation dependent. 364 All packets carrying data from the SCTP association supporting the 365 data channels MUST use a single DSCP code point. The code point used 366 SHOULD be that recommended by [I-D.ietf-tsvwg-rtcweb-qos] for the 367 highest priority data channel carried. Note that this means that all 368 data packets, no matter what their relative priority is, will be 369 treated the same by the network. 371 All packets on one TCP connection, no matter what it carries, MUST 372 use a single DSCP code point. 374 More advice on the use of DSCP code points with RTP is given in 375 [I-D.ietf-dart-dscp-rtp]. 377 There exist a number of schemes for achieving quality of service that 378 do not depend solely on DSCP code points. Some of these schemes 379 depend on classifying the traffic into flows based on 5-tuple (source 380 address, source port, protocol, destination address, destination 381 port) or 6-tuple (5-tuple + DSCP code point). Under differing 382 conditions, it may therefore make sense for a sending application to 383 choose any of the configurations: 385 o Each media stream carried on its own 5-tuple 387 o Media streams grouped by media type into 5-tuples (such as 388 carrying all audio on one 5-tuple) 390 o All media sent over a single 5-tuple, with or without 391 differentiation into 6-tuples based on DSCP code points 393 In each of the configurations mentioned, data channels may be carried 394 in its own 5-tuple, or multiplexed together with one of the media 395 flows. 397 More complex configurations, such as sending a high priority video 398 stream on one 5-tuple and sending all other video streams multiplexed 399 together over another 5-tuple, can also be envisioned. More 400 information on mapping media flows to 5-tuples can be found in 401 [I-D.ietf-rtcweb-rtp-usage]. 403 A sending implementation MUST be able to support the following 404 configurations: 406 o multiplex all media and data on a single 5-tuple (fully bundled) 408 o send each media stream on its own 5-tuple and data on its own 409 5-tuple (fully unbundled) 411 It MAY choose to support other configurations, such as bundling each 412 media type (audio, video or data) into its own 5-tuple (bundling by 413 media type). 415 Sending data over multiple 5-tuples is not supported. 417 A receiving implementation MUST be able to receive media and data in 418 all these configurations. 420 5. IANA Considerations 422 This document makes no request of IANA. 424 Note to RFC Editor: this section may be removed on publication as an 425 RFC. 427 6. Security Considerations 429 Security considerations are enumerated in [I-D.ietf-rtcweb-security]. 431 7. Acknowledgements 433 This document is based on earlier versions embedded in 434 [I-D.ietf-rtcweb-overview], which were the results of contributions 435 from many RTCWEB WG members. 437 Special thanks for reviews of earlier versions of this draft go to 438 Eduardo Gueiros, Magnus Westerlund, Markus Isomaki and Dan Wing; the 439 contributions from Andrew Hutton also deserve special mention. 441 8. References 443 8.1. Normative References 445 [I-D.ietf-mmusic-sctp-sdp] 446 Holmberg, C., Loreto, S., and G. Camarillo, "Stream 447 Control Transmission Protocol (SCTP)-Based Media Transport 448 in the Session Description Protocol (SDP)", draft-ietf- 449 mmusic-sctp-sdp-12 (work in progress), January 2015. 451 [I-D.ietf-rtcweb-alpn] 452 Thomson, M., "Application Layer Protocol Negotiation for 453 Web Real-Time Communications (WebRTC)", draft-ietf-rtcweb- 454 alpn-00 (work in progress), July 2014. 456 [I-D.ietf-rtcweb-data-channel] 457 Jesup, R., Loreto, S., and M. Tuexen, "WebRTC Data 458 Channels", draft-ietf-rtcweb-data-channel-13 (work in 459 progress), January 2015. 461 [I-D.ietf-rtcweb-data-protocol] 462 Jesup, R., Loreto, S., and M. Tuexen, "WebRTC Data Channel 463 Establishment Protocol", draft-ietf-rtcweb-data- 464 protocol-09 (work in progress), January 2015. 466 [I-D.ietf-rtcweb-rtp-usage] 467 Perkins, C., Westerlund, M., and J. Ott, "Web Real-Time 468 Communication (WebRTC): Media Transport and Use of RTP", 469 draft-ietf-rtcweb-rtp-usage-22 (work in progress), 470 February 2015. 472 [I-D.ietf-rtcweb-security] 473 Rescorla, E., "Security Considerations for WebRTC", draft- 474 ietf-rtcweb-security-07 (work in progress), July 2014. 476 [I-D.ietf-rtcweb-security-arch] 477 Rescorla, E., "WebRTC Security Architecture", draft-ietf- 478 rtcweb-security-arch-10 (work in progress), July 2014. 480 [I-D.ietf-tsvwg-rtcweb-qos] 481 Dhesikan, S., Jennings, C., Druta, D., Jones, P., and J. 482 Polk, "DSCP and other packet markings for RTCWeb QoS", 483 draft-ietf-tsvwg-rtcweb-qos-03 (work in progress), 484 November 2014. 486 [I-D.ietf-tsvwg-sctp-dtls-encaps] 487 Tuexen, M., Stewart, R., Jesup, R., and S. Loreto, "DTLS 488 Encapsulation of SCTP Packets", draft-ietf-tsvwg-sctp- 489 dtls-encaps-09 (work in progress), January 2015. 491 [I-D.ietf-tsvwg-sctp-ndata] 492 Stewart, R., Tuexen, M., Loreto, S., and R. Seggelmann, 493 "Stream Schedulers and a New Data Chunk for the Stream 494 Control Transmission Protocol", draft-ietf-tsvwg-sctp- 495 ndata-02 (work in progress), January 2015. 497 [I-D.martinsen-mmusic-ice-dualstack-fairness] 498 Martinsen, P., Reddy, T., and P. Patil, "ICE IPv4/IPv6 499 Dual Stack Fairness", draft-martinsen-mmusic-ice- 500 dualstack-fairness-02 (work in progress), February 2015. 502 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 503 August 1980. 505 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC 506 793, September 1981. 508 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 509 Requirement Levels", BCP 14, RFC 2119, March 1997. 511 [RFC4571] Lazzaro, J., "Framing Real-time Transport Protocol (RTP) 512 and RTP Control Protocol (RTCP) Packets over Connection- 513 Oriented Transport", RFC 4571, July 2006. 515 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 516 Extensions for Stateless Address Autoconfiguration in 517 IPv6", RFC 4941, September 2007. 519 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 520 (ICE): A Protocol for Network Address Translator (NAT) 521 Traversal for Offer/Answer Protocols", RFC 5245, April 522 2010. 524 [RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 525 "Session Traversal Utilities for NAT (STUN)", RFC 5389, 526 October 2008. 528 [RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer 529 Security (DTLS) Extension to Establish Keys for the Secure 530 Real-time Transport Protocol (SRTP)", RFC 5764, May 2010. 532 [RFC5766] Mahy, R., Matthews, P., and J. Rosenberg, "Traversal Using 533 Relays around NAT (TURN): Relay Extensions to Session 534 Traversal Utilities for NAT (STUN)", RFC 5766, April 2010. 536 [RFC6062] Perreault, S. and J. Rosenberg, "Traversal Using Relays 537 around NAT (TURN) Extensions for TCP Allocations", RFC 538 6062, November 2010. 540 [RFC6156] Camarillo, G., Novo, O., and S. Perreault, "Traversal 541 Using Relays around NAT (TURN) Extension for IPv6", RFC 542 6156, April 2011. 544 [RFC6544] Rosenberg, J., Keranen, A., Lowekamp, B., and A. Roach, 545 "TCP Candidates with Interactive Connectivity 546 Establishment (ICE)", RFC 6544, March 2012. 548 [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, 549 "Default Address Selection for Internet Protocol Version 6 550 (IPv6)", RFC 6724, September 2012. 552 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 553 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, DOI 554 10.17487/RFC7231, June 2014, 555 . 557 [RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 558 Protocol (HTTP/1.1): Authentication", RFC 7235, DOI 559 10.17487/RFC7235, June 2014, 560 . 562 [RFC7639] Hutton, A., Uberti, J., and M. Thomson, "The ALPN HTTP 563 Header Field", RFC 7639, DOI 10.17487/RFC7639, August 564 2015, . 566 8.2. Informative References 568 [I-D.ietf-dart-dscp-rtp] 569 Black, D. and P. Jones, "Differentiated Services 570 (DiffServ) and Real-time Communication", draft-ietf-dart- 571 dscp-rtp-10 (work in progress), November 2014. 573 [I-D.ietf-rtcweb-overview] 574 Alvestrand, H., "Overview: Real Time Protocols for 575 Browser-based Applications", draft-ietf-rtcweb-overview-13 576 (work in progress), November 2014. 578 [RFC3484] Draves, R., "Default Address Selection for Internet 579 Protocol version 6 (IPv6)", RFC 3484, February 2003. 581 [RFC5014] Nordmark, E., Chakrabarti, S., and J. Laganier, "IPv6 582 Socket API for Source Address Selection", RFC 5014, 583 September 2007. 585 [RFC5128] Srisuresh, P., Ford, B., and D. Kegel, "State of Peer-to- 586 Peer (P2P) Communication across Network Address 587 Translators (NATs)", RFC 5128, March 2008. 589 [RFC7656] Lennox, J., Gross, K., Nandakumar, S., Salgueiro, G., and 590 B. Burman, Ed., "A Taxonomy of Semantics and Mechanisms 591 for Real-Time Transport Protocol (RTP) Sources", RFC 7656, 592 DOI 10.17487/RFC7656, November 2015, 593 . 595 Appendix A. Change log 597 This section should be removed before publication as an RFC. 599 A.1. Changes from -00 to -01 601 o Clarified DSCP requirements, with reference to -qos- 603 o Clarified "symmetric NAT" -> "NATs which perform endpoint- 604 dependent mapping" 606 o Made support of TURN over TCP mandatory 608 o Made support of TURN over TLS a MAY, and added open question 610 o Added an informative reference to -firewalls- 612 o Called out that we don't make requirements on HTTP proxy 613 interaction (yet 615 A.2. Changes from -01 to -02 617 o Required support for 300 Alternate Server from STUN. 619 o Separated the ICE-TCP candidate requirement from the TURN-TCP 620 requirement. 622 o Added new sections on using QoS functions, and on multiplexing 623 considerations. 625 o Removed all mention of RTP profiles. Those are the business of 626 the RTP usage draft, not this one. 628 o Required support for TURN IPv6 extensions. 630 o Removed reference to the TURN URI scheme, as it was unnecessary. 632 o Made an explicit statement that multiplexing (or not) is an 633 application matter. 635 . 637 A.3. Changes from -02 to -03 639 o Added required support for draft-ietf-tsvwg-sctp-ndata 641 o Removed discussion of multiplexing, since this is present in rtp- 642 usage. 644 o Added RFC 4571 reference for framing RTP packets over TCP. 646 o Downgraded TURN TCP candidates from SHOULD to MAY, and added more 647 language discussing TCP usage. 649 o Added language on IPv6 temporary addresses. 651 o Added language describing multiplexing choices. 653 o Added a separate section detailing what it means when we say that 654 an WebRTC implementation MUST support both IPv4 and IPv6. 656 A.4. Changes from -03 to -04 658 o Added a section on prioritization, moved the DSCP section into it, 659 and added a section on local prioritization, giving a specific 660 algorithm for interpreting "priority" in local prioritization. 662 o ICE-TCP candidates was changed from MAY to MUST, in recognition of 663 the sense of the room at the London IETF. 665 A.5. Changes from -04 to -05 667 o Reworded introduction 668 o Removed all references to "WebRTC". It now uses only the term 669 RTCWEB. 671 o Addressed a number of clarity / language comments 673 o Rewrote the prioritization to cover data channels and to describe 674 multiple ways of prioritizing flows 676 o Made explicit reference to "MUST do DTLS-SRTP", and referred to 677 security-arch for details 679 A.6. Changes from -05 to -06 681 o Changed all references to "RTCWEB" to "WebRTC", except one 682 reference to the working group 684 o Added reference to the httpbis "connect" protocol (being adopted 685 by HTTPBIS) 687 o Added reference to the ALPN header (being adopted by RTCWEB) 689 o Added reference to the DART RTP document 691 o Said explicitly that SCTP for data channels has a single DSCP 692 codepoint 694 A.7. Changes from -06 to -07 696 o Updated references 698 o Removed reference to draft-hutton-rtcweb-nat-firewall- 699 considerations 701 A.8. Changes from -07 to -08 703 o Updated references 705 o Deleted "bundle each media type (audio, video or data) into its 706 own 5-tuple (bundling by media type)" from MUST support 707 configuration, since JSEP does not have a means to negotiate this 708 configuration 710 A.9. Changes from -08 to -09 712 o Added a clarifying note about DTLS-SRTP and ICE interaction. 714 A.10. Changes from -09 to -10 716 o Re-added references to proxy authentication lost in 07-08 717 transition (Bug #5) 719 o Rearranged and rephrased text in section 4 about prioritization to 720 reflect discussions in TSVWG. 722 o Changed the "Connect" header to "ALPN", and updated reference. 723 (Bug #6) 725 A.11. Changes from -10 to -11 727 o Added a definition of the term "flow" used in the prioritization 728 chapter 730 o Changed the names of the four priority levels to conform to other 731 specs. 733 Author's Address 735 Harald Alvestrand 736 Google 738 Email: harald@alvestrand.no