idnits 2.17.1 draft-ietf-rtcweb-use-cases-and-requirements-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 6 instances of too long lines in the document, the longest one being 3 characters in excess of 72. == There are 6 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 4, 2012) is 4336 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 RTCWEB Working Group C. Holmberg 3 Internet-Draft S. Hakansson 4 Intended status: Informational G. Eriksson 5 Expires: December 6, 2012 Ericsson 6 June 4, 2012 8 Web Real-Time Communication Use-cases and Requirements 9 draft-ietf-rtcweb-use-cases-and-requirements-08.txt 11 Abstract 13 This document describes web based real-time communication use-cases. 14 Based on the use-cases, the document also derives requirements 15 related to the browser, and the API used by web applications to 16 request and control media stream and data exchange services provided 17 by the browser. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on December 6, 2012. 36 Copyright Notice 38 Copyright (c) 2012 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 54 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 56 4. Use-cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 4 58 4.2. Browser-to-browser use-cases . . . . . . . . . . . . . . . 5 59 4.2.1. Simple Video Communication Service . . . . . . . . . . 5 60 4.2.2. Simple Video Communication Service, NAT/FW that 61 blocks UDP . . . . . . . . . . . . . . . . . . . . . . 6 62 4.2.3. Simple Video Communication Service, global service 63 provider . . . . . . . . . . . . . . . . . . . . . . . 6 64 4.2.4. Simple Video Communication Service, enterprise 65 aspects . . . . . . . . . . . . . . . . . . . . . . . 7 66 4.2.5. Simple Video Communication Service, access change . . 7 67 4.2.6. Simple Video Communication Service, QoS . . . . . . . 8 68 4.2.7. Simple Video Communication Service with sharing . . . 8 69 4.2.8. Simple Video Communication Service with file 70 exchange . . . . . . . . . . . . . . . . . . . . . . . 9 71 4.2.9. Simple video communication service with 72 inter-operator calling . . . . . . . . . . . . . . . . 9 73 4.2.10. Hockey Game Viewer . . . . . . . . . . . . . . . . . . 10 74 4.2.11. Multiparty video communication . . . . . . . . . . . . 10 75 4.2.12. Multiparty on-line game with voice communication . . . 11 76 4.2.13. Distributed Music Band . . . . . . . . . . . . . . . . 12 77 4.3. Browser - GW/Server use cases . . . . . . . . . . . . . . 12 78 4.3.1. Telephony terminal . . . . . . . . . . . . . . . . . . 12 79 4.3.2. Fedex Call . . . . . . . . . . . . . . . . . . . . . . 13 80 4.3.3. Video conferencing system with central server . . . . 13 81 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 15 82 5.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 15 83 5.2. Browser requirements . . . . . . . . . . . . . . . . . . . 15 84 5.3. API requirements . . . . . . . . . . . . . . . . . . . . . 18 85 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 86 7. Security Considerations . . . . . . . . . . . . . . . . . . . 20 87 7.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 21 88 7.2. Browser Considerations . . . . . . . . . . . . . . . . . . 21 89 7.3. Web Application Considerations . . . . . . . . . . . . . . 22 90 8. Additional use-cases . . . . . . . . . . . . . . . . . . . . . 22 91 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 92 10. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 23 93 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 94 11.1. Normative References . . . . . . . . . . . . . . . . . . . 26 95 11.2. Informative References . . . . . . . . . . . . . . . . . . 26 97 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 99 1. Introduction 101 This document presents a few use-cases of web applications that are 102 executed in a browser and use real-time communication capabilities. 103 Based on the use-cases, the document derives requirements related to 104 the browser and the API used by web applications in the browser. 106 The requirements related to the browser are named "Fn" and are 107 described in Section 5.2 109 The requirements related to the API are named "An" and are described 110 in Section 5.3 112 The document focuses on requirements related to real-time media 113 streams and data exchange. Requirements related to privacy, 114 signalling between the browser and web server etc. are currently not 115 considered. 117 2. Conventions 119 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 120 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 121 document are to be interpreted as described in BCP 14, RFC 2119 122 [RFC2119]. 124 3. Definitions 126 TBD 128 4. Use-cases 130 4.1. Introduction 132 This section describes web based real-time communication use-cases, 133 from which requirements are derived. 135 The following considerations are applicable to all use cases: 136 o Clients can be on IPv4-only 137 o Clients can be on IPv6-only 138 o Clients can be on dual-stack 139 o Clients can be on wideband (10s of Mbits/sec) 140 o Clients can be on narrowband (10s to 100s of Kbits/sec) 141 o Clients can be on variable-media-quality networks (wireless) 142 o Clients can be on congested networks 143 o Clients can be on firewalled networks with no UDP allowed 144 o Clients can be on networks with any type (as described in RFC4787) 145 of NAT. 147 4.2. Browser-to-browser use-cases 149 4.2.1. Simple Video Communication Service 151 4.2.1.1. Description 153 Two or more users have loaded a video communication web application 154 into their browsers, provided by the same service provider, and 155 logged into the service it provides. The web service publishes 156 information about user login status by pushing updates to the web 157 application in the browsers. When one online user selects a peer 158 online user, a 1-1 video communication session between the browsers 159 of the two peers is initiated. The invited user might accept or 160 reject the session. 162 During session establishment a self-view is displayed, and once the 163 session has been established the video sent from the remote peer is 164 displayed in addition to the self-view. During the session, each 165 user can select to remove and re-insert the self-view as often as 166 desired. Each user can also change the sizes of his/her two video 167 displays during the session. Each user can also pause sending of 168 media (audio, video, or both) and mute incoming media 170 It is essential that the communication cannot be eavesdropped. 172 The users are provided wiht means that allow them to (through a 173 separate, trusted communication channel) verify that the media 174 origins from the other user and has not been manipulated. 176 The user's browsers will reject all incoming media that has been 177 created, injected or in any way modified by any entity not trusted by 178 the service provider. 180 The application gives the users the opportunity to stop it from 181 exposing the IP address to the application of the other user. 183 Any session participant can end the session at any time. 185 The two users may be using communication devices of different makes, 186 with different operating systems and browsers from different vendors. 188 One user has an unreliable Internet connection. It sometimes loses 189 packets, and sometimes goes down completely. 191 One user is located behind a Network Address Translator (NAT). 193 4.2.1.2. Derived Requirements 195 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F35, F36 197 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A25 199 4.2.2. Simple Video Communication Service, NAT/FW that blocks UDP 201 4.2.2.1. Description 203 This use-case is almost identical to the Simple Video Communication 204 Service use-case (Section 4.2.1). The difference is that one of the 205 users is behind a NAT that blocks UDP traffic. 207 4.2.2.2. Derived Requirements 209 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F29 211 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 213 4.2.3. Simple Video Communication Service, global service provider 215 4.2.3.1. Description 217 This use-case is almost identical to the Simple Video Communication 218 Service use-case (Section 4.2.1). 220 What is added is that the service provider is operating over large 221 geographical areas (or even globally). 223 Assuming that ICE will be used, this means that the service provider 224 would like to be able to provide several STUN and TURN servers (via 225 the app) to the browser; selection of which one(s) to use is part of 226 the ICE processing. Other reasons for wanting to provide several 227 STUN and TURN servers include support for IPv4 and IPv6, load 228 balancing and redundancy. 230 4.2.3.2. Derived Requirements 232 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F31 234 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A22 236 4.2.4. Simple Video Communication Service, enterprise aspects 238 4.2.4.1. Description 240 This use-case is similar to the Simple Video Communication Service 241 use-case (Section 4.2.1). 243 What is added is aspects when using the service in enterprises. ICE 244 is assumed in the further description of this use-case. 246 An enterprise that uses a RTCWEB based web application for 247 communication desires to audit all RTCWEB based application session 248 used from inside the company towards any external peer. To be able 249 to do this they deploy a TURN server that straddle the boundary 250 between the internal network and the external. 252 The firewall will block all attempts to use STUN with an external 253 destination unless they go to the enterprise auditing TURN server. 254 In cases where employees are using RTCWEB applications provided by an 255 external service provider they still want to have the traffic to stay 256 inside their internal network and in addition not load the straddling 257 TURN server, thus they deploy a STUN server allowing the RTCWEB 258 client to determine its server reflexive address on the internal 259 side. Thus enabling cases where peers are both on the internal side 260 to connect without the traffic leaving the internal network. It must 261 be possibele to configure the browsers used in the enterprise with 262 network specific STUN and TURN servers. This should be possible to 263 achieve by autoconfiguration methods. The RTCWEB functionality will 264 need to utilize both network specific STUN and TURN resources and 265 STUN and TURN servers provisioned by the web application. 267 4.2.4.2. Derived Requirements 269 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F32 271 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 273 4.2.5. Simple Video Communication Service, access change 275 4.2.5.1. Description 277 This use-case is almost identical to the Simple Video Communication 278 Service use-case (Section 4.2.1).The difference is that the user 279 changes network access during the session: 281 The communication device used by one of the users have several 282 network adapters (Ethernet, WiFi, Cellular). The communication 283 device is accessing the Internet using Ethernet, but the user has to 284 start a trip during the session. The communication device 285 automatically changes to use WiFi when the Ethernet cable is removed 286 and then moves to cellular access to the Internet when moving out of 287 WiFi coverage. The session continues even though the access method 288 changes. 290 4.2.5.2. Derived Requirements 292 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F26, F28 294 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 296 4.2.6. Simple Video Communication Service, QoS 298 4.2.6.1. Description 300 This use-case is almost identical to the Simple Video Communication 301 Service, access change use-case (Section 4.2.5). The use of Quality 302 of Service (QoS) capabilities is added: 304 The user in the previous use case that starts a trip is behind a 305 common residential router that supports prioritization of traffic. 306 In addition, the user's provider of cellular access has QoS support 307 enabled. The user is able to take advantage of the QoS support both 308 when accessing via the residential router and when using cellular. 310 4.2.6.2. Derived Requirements 312 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F24, F25, F26, F28 314 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 316 4.2.7. Simple Video Communication Service with sharing 318 4.2.7.1. Description 320 This use-case has the audio and video communication of the Simple 321 Video Communication Service use-case (Section 4.2.1). 323 But in addition to this, one of the users can share what is being 324 displayed on her/his screen with a peer. The user can choose to 325 share the entire screen, part of the screen (part selected by the 326 user) or what a selected applicaton displays with the peer. 328 4.2.7.2. Derived Requirements 330 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F30 331 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A21 333 4.2.8. Simple Video Communication Service with file exchange 335 4.2.8.1. Description 337 This use-case has the audio and video communication of the Simple 338 Video Communication Service use-case (Section 4.2.1). 340 But in addition to this, the users can send and receive files stored 341 in the file system of the device used. 343 4.2.8.2. Derived Requirements 345 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F30, F33 347 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A21, A24 349 4.2.9. Simple video communication service with inter-operator calling 351 4.2.9.1. Description 353 Two users have logged into two different web applications, provided 354 by different service providers. 356 The service providers are interconnected by some means, but exchange 357 no more information about the users than what can be carried using 358 SIP. 360 NOTE: More profiling of what this means may be needed. 362 For each user Alice who has authorized another user Bob to receive 363 login status information, Alice's service publishes Alice's login 364 status information to Bob. How this authorization is defined and 365 established is out of scope. 367 The same functionality as in the the Simple Video Communication 368 Service use-case (Section 4.2.1) is available. 370 The same issues with connectivity apply. 372 4.2.9.2. Derived requirements 374 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F27, F28 376 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A20 378 4.2.10. Hockey Game Viewer 380 4.2.10.1. Description 382 An ice-hockey club uses an application that enables talent scouts to, 383 in real-time, show and discuss games and players with the club 384 manager. The talent scouts use a mobile phone with two cameras, one 385 front facing and one rear facing. 387 The club manager uses a desktop, equipped with one camera, for 388 viewing the game and discussing with the talent scout. 390 Before the game starts, and during game breaks, the talent scout and 391 the manager have a 1-1 video communication. Only the rear facing 392 camera of the mobile phone is used. On the display of the mobile 393 phone, the video of the club manager is shown with a picture-in- 394 picture thumbnail of the rear facing camera (self-view). On the 395 display of the desktop, the video of the talent scout is shown with a 396 picture-in-picture thumbnail of the desktop camera (self-view). 398 When the game is on-going, the talent scout activates the use of the 399 front facing camera, and that stream is sent to the desktop (the 400 stream from the rear facing camera continues to be sent all the 401 time). The video stream captured by the front facing camera (that is 402 capturing the game) of the mobile phone is shown in a big window on 403 the desktop screen, with picture-in-picture thumbnails of the rear 404 facing camera and the desktop camera (self-view). On the display of 405 the mobile phone the game is shown (front facing camera) with 406 picture-in-picture thumbnails of the rear facing camera (self-view) 407 and the desktop camera. As the most important stream in this phase 408 is the video showing the game, the application used in the talent 409 scout's mobile sets higher priority for that stream. 411 It is essential that the communication cannot be eavesdropped. 413 4.2.10.2. Derived Requirements 415 F1, F2, F3, F4, F5, F6, F8, F9, F10, F17, F20, F34 417 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A17, A23 419 4.2.11. Multiparty video communication 421 4.2.11.1. Description 423 In this use-case is the Simple Video Communication Service use-case 424 (Section 4.2.1) is extended by allowing multiparty sessions. No 425 central server is involved - the browser of each participant sends 426 and receives streams to and from all other session participants. The 427 web application in the browser of each user is responsible for 428 setting up streams to all receivers. 430 In order to enhance intelligibility, the web application pans the 431 audio from different participants differently when rendering the 432 audio. This is done automatically, but users can change how the 433 different participants are placed in the (virtual) room. In addition 434 the levels in the audio signals are adjusted before mixing. 436 Another feature intended to enhance the use experience is that the 437 video window that displays the video of the currently speaking peer 438 is highlighted. 440 Each video stream received is by default displayed in a thumbnail 441 frame within the browser, but users can change the display size. 443 It is essential that the communication cannot be eavesdropped. 445 Note: What this use-case adds in terms of requirements is 446 capabilities to send streams to and receive streams from several 447 peers concurrently, as well as the capabilities to render the video 448 from all recevied streams and be able to spatialize, level adjust and 449 mix the audio from all received streams locally in the browser. It 450 also adds the capability to measure the audio level/activity. 452 4.2.11.2. Derived Requirements 454 F1, F2, F3, F4, F5, F6, F8, F9, F10, F11, F12, F13, F14, F15, F16, 455 F17, F20, F25 457 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13, A14, A15, 458 A16, A17 460 4.2.12. Multiparty on-line game with voice communication 462 4.2.12.1. Description 464 This use case is based on the previous one. In this use-case, the 465 voice part of the multiparty video communication use case is used in 466 the context of an on-line game. The received voice audio media is 467 rendered together with game sound objects. For example, the sound of 468 a tank moving from left to right over the screen must be rendered and 469 played to the user together with the voice media. 471 Quick updates of the game state is required, and have higher priority 472 than the voice. 474 It is essential that the communication cannot be eavesdropped. 476 Note: the difference regarding local audio processing compared to the 477 "Multiparty video communication" use-case is that other sound objects 478 than the streams must be possible to be included in the 479 spatialization and mixing. "Other sound objects" could for example 480 be a file with the sound of the tank; that file could be stored 481 locally or remotely. 483 4.2.12.2. Derived Requirements 485 F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F14, F15, F16, F18, 486 F20, F23, F34 488 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16, 489 A17, A18, A23 491 4.2.13. Distributed Music Band 493 4.2.13.1. Description 495 In this use-case, a music band is playing music while the members are 496 at different physical locations. No central server is used, instead 497 all streams are set up in a mesh fashion. 499 Discussion: This use-case was briefly discussed at the Quebec webrtc 500 meeting and it got support. So far the only concrete requirement 501 (A17) derived is that the application must be able to ask the browser 502 to treat the audio signal as audio (in contrast to speech). However, 503 the use case should be further analysed to determine other 504 requirements (could be e.g. on delay mic->speaker, level control of 505 audio signals, etc.). 507 4.2.13.2. Derived Requirements 509 F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F14, F15, F16 511 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16, 512 A19 514 4.3. Browser - GW/Server use cases 516 4.3.1. Telephony terminal 518 4.3.1.1. Description 520 A mobile telephony operator allows its customers to use a web browser 521 to access their services. After a simple log in the user can place 522 and receive calls in the same way as when using a normal mobile 523 phone. When a call is received or placed, the identity is shown in 524 the same manner as when a mobile phone is used. 526 It is essential that the communication cannot be eavesdropped. 528 Note: With "place and receive calls in the same way as when using a 529 normal mobile phone" it is meant that you can dial a number, and that 530 your mobile telephony operator has made available your phone contacts 531 on line, so they are available and can be clicked to call, and be 532 used to present the identity of an incoming call. If the callee is 533 not in your phone contacts the number is displayed. Furthermore, 534 your call logs are available, and updated with the calls made/ 535 received from the browser. And for people receiving calls made from 536 the web browser the usual identity (i.e. the phone number of the 537 mobile phone) will be presented. 539 4.3.1.2. Derived Requirements 541 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F21 543 A1, A2, A3, A4, A7, A8, A9, A10, A11, A12 545 4.3.2. Fedex Call 547 4.3.2.1. Description 549 Alice uses her web browser with a service something like Skype to be 550 able to phone PSTN numbers. Alice calls 1-800-gofedex. Alice should 551 be able to hear the initial prompts from the fedex IVR and when the 552 IVR says press 1, there should be a way for Alice to navigate the 553 IVR. 555 4.3.2.2. Derived Requirements 557 F1, F2, F3, F4, F5, F6, F8, F9, F10, F21, F22 559 A1, A2, A3, A4, A7, A8, A9, A10, A11, A12 561 4.3.3. Video conferencing system with central server 563 4.3.3.1. Description 565 An organization uses a video communication system that supports the 566 establishment of multiparty video sessions using a central conference 567 server. 569 The browser of each participant send an audio stream (type in terms 570 of mono, stereo, 5.1, ... depending on the equipment of the 571 participant) to the central server. The central server mixes the 572 audio streams (and can in the mixing process naturally add effects 573 such as spatialization) and sends towards each participant a mixed 574 audio stream which is played to the user. 576 The browser of each participant sends video towards the server. For 577 each participant one high resolution video is displayed in a large 578 window, while a number of low resolution videos are displayed in 579 smaller windows. The server selects what video streams to be 580 forwarded as main- and thumbnail videos respectively, based on speech 581 activity. As the video streams to display can change quite 582 frequently (as the conversation flows) it is important that the delay 583 from when a video stream is selected for display until the video can 584 be displayed is short. 586 The organization has an internal network set up with an aggressive 587 firewall handling access to the Internet. If users cannot physically 588 access the internal network, they can establish a Virtual Private 589 Network (VPN). 591 It is essential that the communication cannot be eavesdropped. 593 All participants are authenticated by the central server, and 594 authorized to connect to the central server. The participants are 595 identified to each other by the central server, and the participants 596 do not have access to each others' credentials such as e-mail 597 addresses or login IDs. 599 Note: This use-case adds requirements on support for fast stream 600 switches F7, on encryption of media and on ability to traverse very 601 restrictive FWs. There exist several solutions that enable the 602 server to forward one high resolution and several low resolution 603 video streams: a) each browser could send a high resolution, but 604 scalable stream, and the server could send just the base layer for 605 the low resolution streams, b) each browser could in a simulcast 606 fashion send one high resolution and one low resolution stream, and 607 the server just selects or c) each browser sends just a high 608 resolution stream, the server transcodes into low resolution streams 609 as required. 611 4.3.3.2. Derived Requirements 613 F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F17, F19, F20 615 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A17 617 5. Requirements 619 5.1. General 621 This section contains the requirements derived from the use-cases in 622 section 4. 624 NOTE: It is assumed that the user applications are executed on a 625 browser. Whether the capabilities to implement specific browser 626 requirements are implemented by the browser application, or are 627 provided to the browser application by the underlying operating 628 system, is outside the scope of this document. 630 5.2. Browser requirements 632 REQ-ID DESCRIPTION 633 --------------------------------------------------------------- 634 F1 The browser MUST be able to use microphones and 635 cameras as input devices to generate streams. 636 ---------------------------------------------------------------- 637 F2 The browser MUST be able to send streams 638 to a peer in the presence of NATs. 639 ---------------------------------------------------------------- 640 F3 Transmitted streams MUST be rate controlled. 641 ---------------------------------------------------------------- 642 F4 The browser MUST be able to receive, process and 643 render streams from peers. 644 ---------------------------------------------------------------- 645 F5 The browser MUST be able to render good quality 646 audio and video even in the presence of reasonable 647 levels of jitter and packet losses. 649 TBD: What is a reasonable level? 650 ---------------------------------------------------------------- 651 F6 The browser MUST be able to handle high loss and 652 jitter levels in a graceful way. 653 ---------------------------------------------------------------- 654 F7 The browser MUST support fast stream switches. 655 ---------------------------------------------------------------- 656 F8 The browser MUST detect when a stream from a 657 peer is not received anymore 658 ---------------------------------------------------------------- 659 F9 When there are both incoming and outgoing audio 660 streams, echo cancellation MUST be made available to 661 avoid disturbing echo during conversation. 663 QUESTION: How much control should be left to the 664 web application? 665 ---------------------------------------------------------------- 666 F10 The browser MUST support synchronization of 667 audio and video. 669 QUESTION: How much control should be left to the 670 web application? 671 ---------------------------------------------------------------- 672 F11 The browser MUST be able to transmit streams to 673 several peers concurrently. 674 ---------------------------------------------------------------- 675 F12 The browser MUST be able to receive streams from 676 multiple peers concurrently. 677 ---------------------------------------------------------------- 678 F13 The browser MUST be able to apply spatialization 679 effects to audio streams. 680 ---------------------------------------------------------------- 681 F14 The browser MUST be able to measure the level 682 in audio streams. 683 ---------------------------------------------------------------- 684 F15 The browser MUST be able to change the level 685 in audio streams. 686 ---------------------------------------------------------------- 687 F16 The browser MUST be able to render several 688 concurrent video streams 689 ---------------------------------------------------------------- 690 F17 The browser MUST be able to mix several 691 audio streams. 692 ---------------------------------------------------------------- 693 F18 The browser MUST be able to process and mix 694 sound objects (media that is retrieved from another 695 source than the established media stream(s) with the 696 peer(s) with audio streams. 697 ---------------------------------------------------------------- 698 F19 Streams MUST be able to pass through restrictive 699 firewalls. 700 ---------------------------------------------------------------- 701 F20 It MUST be possible to protect streams 702 from eavesdropping. 703 ---------------------------------------------------------------- 704 F21 The browser MUST support an audio media format 705 (codec) that is commonly supported by existing 706 telephony services. 708 QUESTION: G.711? 709 ---------------------------------------------------------------- 710 F22 There should be a way to navigate 711 a DTMF based IVR 712 ---------------------------------------------------------------- 713 F23 The browser must be able to send short 714 latency unreliable datagram traffic to a 715 peer browser. 716 Requirements F2, F3, F4 (except the render 717 part), F11, F12, F19, F20 apply to datagram 718 traffic (exchange "stream" for "datagram") 719 ---------------------------------------------------------------- 720 F24 The browser MUST be able to take advantage of 721 capabilities (supplied by network nodes) to 722 prioritize voice, video and data appropriately. 723 ---------------------------------------------------------------- 724 F25 The browser SHOULD use encoding of streams 725 suitable for the current rendering (e.g. 726 video display size) and SHOULD change parameters 727 if the rendering changes during the session 728 ---------------------------------------------------------------- 729 F26 It MUST be possible to move from one network 730 interface to another one 731 ---------------------------------------------------------------- 732 F27 The browser MUST be able to initiate and accept a 733 media session where the data needed for establishment 734 can be carried in SIP. 735 ---------------------------------------------------------------- 736 F28 The browser MUST support a baseline audio and 737 video codec 738 ---------------------------------------------------------------- 739 F29 The browser MUST be able to send streams to a 740 peer in the presence of NATs that block UDP traffic. 741 ---------------------------------------------------------------- 742 F30 The browser MUST be able to use the screen (or 743 a specific area of the screen) or what a certain 744 application displays on the screen to generate 745 streams. 746 ---------------------------------------------------------------- 747 F31 The browser MUST be able to use several STUN 748 and TURN servers 749 ---------------------------------------------------------------- 750 F32 There browser MUST support that STUN and TURN 751 servers to use are supplied by other entities than 752 the service provided (i.e. the network provider) 753 ---------------------------------------------------------------- 754 F33 The browser must be able to send reliable 755 data traffic to a peer browser. 756 Requirements F2, F3, F4 (except the render 757 part), F11, F12, F19, F20 apply to data 758 traffic (exchange "stream" for "data") 760 ---------------------------------------------------------------- 761 F34 The browser MUST support priortization of 762 streams and data. 763 ---------------------------------------------------------------- 764 F35 The browser MUST enable verification, given the right 765 circumstances and by use of other trusted communication, 766 of that streams and data recevived have not been 767 manipulated by any party 768 ---------------------------------------------------------------- 769 F36 The browser MUST reject incoming media and data, either 770 modified, created or injected, by any entity not trusted 771 by the site. 772 ---------------------------------------------------------------- 774 5.3. API requirements 776 REQ-ID DESCRIPTION 777 ---------------------------------------------------------------- 778 A1 The Web API MUST provide means for the 779 application to ask the browser for permission 780 to use cameras and microphones as input devices. 781 ---------------------------------------------------------------- 782 A2 The Web API MUST provide means for the web 783 application to control how streams generated 784 by input devices are used. 785 ---------------------------------------------------------------- 786 A3 The Web API MUST provide means for the web 787 application to control the local rendering of 788 streams (locally generated streams and streams 789 received from a peer). 790 ---------------------------------------------------------------- 791 A4 The Web API MUST provide means for the web 792 application to initiate sending of 793 stream/stream components to a peer. 794 ---------------------------------------------------------------- 795 A5 The Web API MUST provide means for the web 796 application to control the media format (codec) 797 to be used for the streams sent to a peer. 799 NOTE: The level of control depends on whether 800 the codec negotiation is handled by the browser 801 or the web application. 802 ---------------------------------------------------------------- 803 A6 The Web API MUST provide means for the web 804 application to modify the media format for 805 streams sent to a peer after a media stream 806 has been established. 808 ---------------------------------------------------------------- 809 A7 The Web API MUST provide means for 810 informing the web application of whether the 811 establishment of a stream with a peer was 812 successful or not. 813 ---------------------------------------------------------------- 814 A8 The Web API MUST provide means for the web 815 application to mute/unmute a stream or stream 816 component(s). When a stream is sent to a peer 817 mute status must be preserved in the stream 818 received by the peer. 819 ---------------------------------------------------------------- 820 A9 The Web API MUST provide means for the web 821 application to cease the sending of a stream 822 to a peer. 823 ---------------------------------------------------------------- 824 A10 The Web API MUST provide means for the web 825 application to cease processing and rendering 826 of a stream received from a peer. 827 ---------------------------------------------------------------- 828 A11 The Web API MUST provide means for 829 informing the web application when a 830 stream from a peer is no longer received. 831 ---------------------------------------------------------------- 832 A12 The Web API MUST provide means for 833 informing the web application when high 834 loss rates occur. 835 ---------------------------------------------------------------- 836 A13 The Web API MUST provide means for the web 837 application to apply spatialization effects to 838 audio streams. 839 ---------------------------------------------------------------- 840 A14 The Web API MUST provide means for the web 841 application to detect the level in audio 842 streams. 843 ---------------------------------------------------------------- 844 A15 The Web API MUST provide means for the web 845 application to adjust the level in audio 846 streams. 847 ---------------------------------------------------------------- 848 A16 The Web API MUST provide means for the web 849 application to mix audio streams. 850 ---------------------------------------------------------------- 851 A17 For each stream generated, the Web API MUST provide 852 an identifier that is accessible by the application. 853 The identifier MUST be accessible also for a peer 854 receiving that stream and MUST be unique relative 855 to all other stream identifiers in use by either party. 857 ---------------------------------------------------------------- 858 A18 The Web API MUST provide a mechanism for sending 859 and receiving isolated discrete chunks of data. 860 ---------------------------------------------------------------- 861 A19 The Web API MUST provide means for the web 862 application indicate the type of audio signal 863 (speech, audio)for audio stream(s)/stream component(s). 864 ---------------------------------------------------------------- 865 A20 It must be possible for an initiator or a 866 responder Web application to indicate the types 867 of media he's willing to accept incoming streams 868 for when setting up a connection (audio, video, 869 other). The types of media he's willing to accept 870 can be a subset of the types of media the browser 871 is able to accept. 872 ---------------------------------------------------------------- 873 A21 The Web API MUST provide means for the 874 application to ask the browser for permission 875 to the screen, a certain area on the screen 876 or what a certain application displays on the 877 screen as input to streams. 878 ---------------------------------------------------------------- 879 A22 The Web API MUST provide means for the 880 application to specify several STUN and/or 881 TURN servers to use. 882 ---------------------------------------------------------------- 883 A23 The Web API MUST provide means for the 884 application to specify the priority to 885 apply for outgoing streams and data. 886 ---------------------------------------------------------------- 887 A24 The Web API MUST provide a mechanism for sending 888 and receiving files. 889 ---------------------------------------------------------------- 890 A25 It must be possible for the application to refrain from 891 exposing the IP address 892 ---------------------------------------------------------------- 894 6. IANA Considerations 896 TBD 898 7. Security Considerations 899 7.1. Introduction 901 A malicious web application might use the browser to perform Denial 902 Of Service (DOS) attacks on NAT infrastructure, or on peer devices. 903 Also, a malicious web application might silently establish outgoing, 904 and accept incoming, streams on an already established connection. 906 Based on the identified security risks, this section will describe 907 security considerations for the browser and web application. 909 7.2. Browser Considerations 911 The browser is expected to provide mechanisms for getting user 912 consent to use device resources such as camera and microphone. 914 The browser is expected to provide mechanisms for informing the user 915 that device resources such as camera and microphone are in use 916 ("hot"). 918 The browser is expected to provide mechanisms for users to revise and 919 even completely revoke consent to use device resources such as camera 920 and microphone. 922 The browser is expected to provide mechanisms for getting user 923 consent to use the screen (or a certain part of it) or what a certain 924 application displays on the screen as source for streams. 926 The browser is expected to provide mechanisms for informing the user 927 that the screen, part thereof or an application is serving as a 928 stream source ("hot"). 930 The browser is expected to provide mechanisms for users to revise and 931 even completely revoke consent to use the screen, part thereof or an 932 application is serving as a stream source. 934 The browser is expected to provide mechanisms in order to assure that 935 streams are the ones the recipient intended to receive. 937 The browser is expected to provide mechanisms that allows the users 938 to verify that the streams received have not be manipulated (F35). 940 The browser needs to ensure that media is not sent, and that received 941 media is not rendered, until the associated stream establishment and 942 handshake procedures with the remote peer have been successfully 943 finished. 945 The browser needs to ensure that the stream negotiation procedures 946 are not seen as Denial Of Service (DOS) by other entities. 948 7.3. Web Application Considerations 950 The web application is expected to ensure user consent in sending and 951 receiving media streams. 953 8. Additional use-cases 955 Several additional use-cases have been discussed. At this point 956 these use-cases are not included as requirement deriving use-cases 957 for different reasons (lack of documentation, overlap with existing 958 use-cases, lack of consensus). For completeness these additional 959 use-cases are listed below: 960 1. Use-cases regarding different situations when being invited to a 961 "session", e.g. browser open, browser open but another tab 962 active, browser open but active in session, browser closed, .... 963 (Matthew Kaufman); discussed at webrtc meeting 964 2. E911 (Paul Beaumont) http://www.ietf.org/mail-archive/web/ 965 rtcweb/current/msg00525.html, followed up by Stephan Wenger 966 3. Local Recording and Remote recording (John): Discussed a _lot_ 967 on the mail lists (rtcweb as well as public-webrtc) lAugust and 968 September 2011. Concrete proposal: http://www.ietf.org/ 969 mail-archive/web/rtcweb/current/msg01006.html (remote) and http: 970 //www.ietf.org/mail-archive/web/rtcweb/current/msg00734.html 971 (local) 972 4. Emergency access for disabled (Bernard Aboba) http:// 973 www.ietf.org/mail-archive/web/rtcweb/current/msg00478.html 974 5. Clue use-cases (Roni Even) http://tools.ietf.org/html/ 975 draft-ietf-clue-telepresence-use-cases-01 976 6. Rohan red cross (Cullen Jennings); http://www.ietf.org/ 977 mail-archive/web/rtcweb/current/msg00323.html 978 7. Security camera/baby monitor usage http://www.ietf.org/ 979 mail-archive/web/rtcweb/current/msg00543.html 980 8. Large multiparty session http://www.ietf.org/mail-archive/web/ 981 rtcweb/current/msg00530.html 982 9. Call center http://www.ietf.org/mail-archive/web/rtcweb/current/ 983 msg04203.html 984 10. Enterprise policies http://www.ietf.org/mail-archive/web/rtcweb/ 985 current/msg04271.html 986 11. Low-complex multiparty central node http://www.ietf.org/ 987 mail-archive/web/rtcweb/current/msg04430.html 988 12. Multiparty central node that is not allowed to decipher http:// 989 www.ietf.org/mail-archive/web/rtcweb/current/msg04457.html 990 13. Enable company coop without being able to decipher http:// 991 www.ietf.org/mail-archive/web/rtcweb/current/msg04464.html 993 9. Acknowledgements 995 Dan Burnett has reviewed and proposed a lot of things that enhances 996 the document. Most of this has been incorporated in rev -05. 998 Stephan Wenger has provided a lot of useful input and feedback, as 999 well as editorial comments. 1001 Harald Alvestrand and Ted Hardie have provided comments and feedback 1002 on the draft. 1004 Harald Alvestrand and Cullen Jennings have provided additional use- 1005 cases. 1007 Thank You to everyone in the RTCWEB community that have provided 1008 comments, feedback and improvement proposals on the draft content. 1010 10. Change Log 1012 [RFC EDITOR NOTE: Please remove this section when publishing] 1014 Changes from draft-ietf-rtcweb-use-cases-and-requirements-07 1016 o Added "and data exchange" to 1. Introduction. 1017 o Removed cone and symmetric NAT from 4.1 Introduction, refers to 1018 RFC4787 instead. 1019 o Added text on enabling verifyication of that the media has not 1020 been manipulated by anyone to use-case "Simple Video Communication 1021 Service", derived req. F35 1022 o Added text on that the browser should reject media (data) that has 1023 been created/injected/modified by non-trusted party, derived req. 1024 F36 1025 o Added text on enabling the app to refrain from revealing IP 1026 address to use-case "Simple Video Communication Service", derived 1027 req. A25 1028 o Added use-case "Simple Video Communication Service with file 1029 exchange", derived reqs F33 and A24 1030 o Added priority of video streams to "Hockey game viewer" use case, 1031 added priority of data to "on-line game use-case", derived reqs 1032 F34 and A23 1033 o In F22, "the IVR" -> "a DTMF based IVR". 1034 o Updated req F23 to clarify that requirements such as NAT 1035 traversal, prtoection from eavesdropping, rate control applies 1036 also to datagram. 1038 Changes from draft-ietf-rtcweb-use-cases-and-requirements-06 1039 o Renaming of requirements (FaI1 -> F31), (FaI2 -> F32) and (AaI1 -> 1040 A22) 1042 Changes from draft-ietf-rtcweb-use-cases-and-requirements-05 1044 o Added use-case "global service provider", derived reqs associated 1045 with several STUN/TURN servers 1046 o Added use-case "enterprise aspects", derived req associated with 1047 enabling the network provider to supply STUN and TURN servers 1048 o The requirements from the above are ICE specific and labeled 1049 accordingly 1050 o Separated the requirements phrased like "processing such as pan, 1051 mix and render" for audio to be specific reqs on spatialization, 1052 level measurement, level adjustment and mixing (discussed on the 1053 lists in 1054 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01648.html 1055 and http://lists.w3.org/Archives/Public/public-webrtc/2011Sep/ 1056 0102.html) 1057 o Added use-case on sharing as decided in 1058 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01700.html, 1059 derived reqs F30 and A21 1060 o Added the list of common considerations proposed in mail 1061 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01562.html 1062 to the Introduction of the use-case section 1064 Changes from draft-ietf-rtcweb-use-cases-and-requirements-04 1066 o Most changes based on the input from Dan Burnett 1067 http://www.ietf.org/mail-archive/web/rtcweb/current/msg00948.html 1068 o Many editorial changes 1069 o 4.2.1.1 Clarified 1070 o Some clarification added to 4.3.1.1 as a note 1071 o F-requirements updated (see reply to Dan's mail). 1072 o Almost all A-requirements updated to start "The Web API MUST 1073 provide ..." 1074 o A8 removed, A9 rephrased to cover A8 and old A9 1075 o A15 rephrased 1076 o For more details, and discussion, look att the response to Dan's 1077 mail 1078 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01177.html 1080 Changes from draft-ietf-rtcweb-use-cases-and-requirements-03 1082 o Editorials 1083 o Changed when the self-view is displayed in 4.2.1.1, and added 1084 words about allowing users to remove and re-insert it. 1086 o Clarified 4.2.6.1 1087 o Removed the "mono" stuff from 4.2.7.1 1088 o Added that communication should not be possible to eavesdrop to 1089 most use cases - and req. F17 1090 o Re-phrased 4.3.3.1 to not describe the technical solution so much, 1091 and removed "stereo" stuff. Solution possibilities are now in a 1092 note. 1093 o Re-inserted API requirements after discussion in the W3C webrtc 1094 WG. (Re-phrased A15 and added A18 compared to version -02). 1096 Changes from draft-ietf-rtcweb-use-cases-and-requirements-02 1098 o Removed desrciption/list of API requirements, instead 1099 o Reference to W3C webrtc_reqs document for API requirements 1101 Changes from draft-ietf-rtcweb-ucreqs-01 1103 o Changed Intended status to Information 1104 o Changed "Ipr" to "trust200902" 1105 o Added use case "Simple video communication service, NAT/FW that 1106 blocks UDP", and derived new req F26 1107 o Added use case "Distributed Music Band" and derived new req A17 1108 o Added F24 as requirement derived from use case "Simple video 1109 communication service with inter-operator calling" 1110 o Added section "Additional use cases" 1111 o Added text about ID handling to multiparty with central server use 1112 case 1113 o Re-phrased A1 slightly 1115 Changes from draft-ietf-rtcweb-ucreqs-00 1117 o - Reshuffled: Just two main groups of use cases (b2b and b2GW/ 1118 Server); removed some specific use cases and added them instead as 1119 flavors to the base use case (Simple video communciation) 1120 o - Changed the fromulation of F19 1121 o - Removed the requirement on an API for DTMF 1122 o - Removed "FX3: There SHOULD be a mapping of the minimum needed 1123 data for setting up connections into SIP, so that the restriction 1124 to SIP-carriable data can be verified. Not a rew on the browser 1125 but rather on a document" 1126 o - (see 1127 http://www.ietf.org/mail-archive/web/rtcweb/current/msg00227.html 1128 for more details) 1129 o -Added text on informing user of that mic/cam is being used and 1130 that it must be possible to revoce permission to use them in 1131 section 7. 1132 Changes from draft-holmberg-rtcweb-ucreqs-01 1133 o - Draft name changed to draft-ietf-rtcweb-ucreqs 1134 o - Use-case grouping introduced 1135 o - Additional use-cases added 1136 o - Additional reqs added (derived from use cases): F19-F25, A16-A17 1138 Changes from draft-holmberg-rtcweb-ucreqs-00 1139 o - Mapping between use-cases and requirements added (Harald 1140 Alvestrand, 090311) 1141 o - Additional security considerations text (Harald Alvestrand, 1142 090311) 1143 o - Clarification that user applications are assumed to be executed 1144 by a browser (Ted Hardie, 080311) 1145 o - Editorial corrections and clarifications 1147 11. References 1149 11.1. Normative References 1151 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1152 Requirement Levels", BCP 14, RFC 2119, March 1997. 1154 11.2. Informative References 1156 [webrtc_reqs] 1157 "Webrt requirements, 1158 http://dev.w3.org/2011/webrtc/editor/webrtc_reqs.html". 1160 Authors' Addresses 1162 Christer Holmberg 1163 Ericsson 1164 Hirsalantie 11 1165 Jorvas 02420 1166 Finland 1168 Email: christer.holmberg@ericsson.com 1170 Stefan Hakansson 1171 Ericsson 1172 Laboratoriegrand 11 1173 Lulea 97128 1174 Sweden 1176 Email: stefan.lk.hakansson@ericsson.com 1177 Goran AP Eriksson 1178 Ericsson 1179 Farogatan 6 1180 Stockholm 16480 1181 Sweden 1183 Email: goran.ap.eriksson@ericsson.com