idnits 2.17.1 draft-ietf-rtcweb-use-cases-and-requirements-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 6 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 665 has weird spacing: '...resence of NA...' == Line 794 has weird spacing: '...of that strea...' -- The document date (December 19, 2012) is 4146 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 RTCWEB Working Group C. Holmberg 3 Internet-Draft S. Hakansson 4 Intended status: Informational G. Eriksson 5 Expires: June 22, 2013 Ericsson 6 December 19, 2012 8 Web Real-Time Communication Use-cases and Requirements 9 draft-ietf-rtcweb-use-cases-and-requirements-10.txt 11 Abstract 13 This document describes web based real-time communication use-cases. 14 Based on the use-cases, the document also derives requirements 15 related to the browser, and the API used by web applications to 16 request and control media stream and data exchange services provided 17 by the browser. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on June 22, 2013. 36 Copyright Notice 38 Copyright (c) 2012 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 54 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 56 4. Use-cases . . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 4 58 4.2. Browser-to-browser use-cases . . . . . . . . . . . . . . . 5 59 4.2.1. Simple Video Communication Service . . . . . . . . . . 5 60 4.2.2. Simple Video Communication Service, NAT/FW that 61 blocks UDP . . . . . . . . . . . . . . . . . . . . . . 6 62 4.2.3. Simple Video Communication Service, FW that only 63 allows http . . . . . . . . . . . . . . . . . . . . . 6 64 4.2.4. Simple Video Communication Service, global service 65 provider . . . . . . . . . . . . . . . . . . . . . . . 6 66 4.2.5. Simple Video Communication Service, enterprise 67 aspects . . . . . . . . . . . . . . . . . . . . . . . 7 68 4.2.6. Simple Video Communication Service, access change . . 8 69 4.2.7. Simple Video Communication Service, QoS . . . . . . . 8 70 4.2.8. Simple Video Communication Service with sharing . . . 9 71 4.2.9. Simple Video Communication Service with file 72 exchange . . . . . . . . . . . . . . . . . . . . . . . 9 73 4.2.10. Simple video communication service with 74 inter-operator calling . . . . . . . . . . . . . . . . 9 75 4.2.11. Hockey Game Viewer . . . . . . . . . . . . . . . . . . 10 76 4.2.12. Multiparty video communication . . . . . . . . . . . . 11 77 4.2.13. Multiparty on-line game with voice communication . . . 12 78 4.2.14. Distributed Music Band . . . . . . . . . . . . . . . . 12 79 4.3. Browser - GW/Server use cases . . . . . . . . . . . . . . 13 80 4.3.1. Telephony terminal . . . . . . . . . . . . . . . . . . 13 81 4.3.2. Fedex Call . . . . . . . . . . . . . . . . . . . . . . 14 82 4.3.3. Video conferencing system with central server . . . . 14 83 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 15 84 5.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 15 85 5.2. Browser requirements . . . . . . . . . . . . . . . . . . . 15 86 5.3. API requirements . . . . . . . . . . . . . . . . . . . . . 19 87 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 88 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 89 7.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 21 90 7.2. Browser Considerations . . . . . . . . . . . . . . . . . . 22 91 7.3. Web Application Considerations . . . . . . . . . . . . . . 22 92 8. Additional use-cases . . . . . . . . . . . . . . . . . . . . . 22 93 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 94 10. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 24 95 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 27 96 11.1. Normative References . . . . . . . . . . . . . . . . . . . 27 97 11.2. Informative References . . . . . . . . . . . . . . . . . . 27 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 100 1. Introduction 102 This document presents a few use-cases of web applications that are 103 executed in a browser and use real-time communication capabilities. 104 Based on the use-cases, the document derives requirements related to 105 the browser and the API used by web applications in the browser. 107 The requirements related to the browser are named "Fn" and are 108 described in Section 5.2 110 The requirements related to the API are named "An" and are described 111 in Section 5.3 113 The document focuses on requirements related to real-time media 114 streams and data exchange. Requirements related to privacy, 115 signalling between the browser and web server etc. are currently not 116 considered. 118 2. Conventions 120 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 121 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 122 document are to be interpreted as described in BCP 14, RFC 2119 123 [RFC2119]. 125 3. Definitions 127 TBD 129 4. Use-cases 131 4.1. Introduction 133 This section describes web based real-time communication use-cases, 134 from which requirements are derived. 136 The following considerations are applicable to all use cases: 137 o Clients can be on IPv4-only 138 o Clients can be on IPv6-only 139 o Clients can be on dual-stack 140 o Clients can be on wideband (10s of Mbits/sec) 141 o Clients can be on narrowband (10s to 100s of Kbits/sec) 142 o Clients can be on variable-media-quality networks (wireless) 143 o Clients can be on congested networks 144 o Clients can be on firewalled networks with no UDP allowed 145 o Clients can be on networks with any type (as described in RFC4787) 146 of NAT. 148 4.2. Browser-to-browser use-cases 150 4.2.1. Simple Video Communication Service 152 4.2.1.1. Description 154 Two or more users have loaded a video communication web application 155 into their browsers, provided by the same service provider, and 156 logged into the service it provides. The web service publishes 157 information about user login status by pushing updates to the web 158 application in the browsers. When one online user selects a peer 159 online user, a 1-1 audiovisual communication session between the 160 browsers of the two peers is initiated. The invited user might 161 accept or reject the session. 163 During session establishment a self-view is displayed, and once the 164 session has been established the video sent from the remote peer is 165 displayed in addition to the self-view. During the session, each 166 user can select to remove and re-insert the self-view as often as 167 desired. Each user can also change the sizes of his/her two video 168 displays during the session. Each user can also pause sending of 169 media (audio, video, or both) and mute incoming media 171 It is essential that the communication cannot be wiretapped 172 [RFC2804]. 174 The users are provided wiht means that allow them to (through a 175 separate, trusted communication channel) verify that the media 176 origins from the other user and has not been manipulated. 178 The user's browsers will reject all incoming media that has been 179 created, injected or in any way modified by any entity not trusted by 180 the service provider. 182 The application gives the users the opportunity to stop it from 183 exposing the IP address to the application of the other user. 185 Any session participant can end the session at any time. 187 The two users may be using communication devices of different makes, 188 with different operating systems and browsers from different vendors. 190 One user has an unreliable Internet connection. It sometimes loses 191 packets, and sometimes goes down completely. 193 One user is located behind a Network Address Translator (NAT). 195 The web service monitors the quality of the service (focus on quality 196 of audio and video) the end-users experience. 198 4.2.1.2. Derived Requirements 200 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F35, F36, F38 202 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A25, A26 204 4.2.2. Simple Video Communication Service, NAT/FW that blocks UDP 206 4.2.2.1. Description 208 This use-case is almost identical to the Simple Video Communication 209 Service use-case (Section 4.2.1). The difference is that one of the 210 users is behind a NAT that blocks UDP traffic. 212 4.2.2.2. Derived Requirements 214 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F29 216 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 218 4.2.3. Simple Video Communication Service, FW that only allows http 220 4.2.3.1. Description 222 This use-case is almost identical to the Simple Video Communication 223 Service use-case (Section 4.2.1). The difference is that one of the 224 users is behind a FW that only allows http traffic. 226 Note: What about WS? Could it be a viable back-off mechanism? 228 4.2.3.2. Derived Requirements 230 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F37 232 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 234 4.2.4. Simple Video Communication Service, global service provider 235 4.2.4.1. Description 237 This use-case is almost identical to the Simple Video Communication 238 Service use-case (Section 4.2.1). 240 What is added is that the service provider is operating over large 241 geographical areas (or even globally). 243 Assuming that ICE will be used, this means that the service provider 244 would like to be able to provide several STUN and TURN servers (via 245 the app) to the browser; selection of which one(s) to use is part of 246 the ICE processing. Other reasons for wanting to provide several 247 STUN and TURN servers include support for IPv4 and IPv6, load 248 balancing and redundancy. 250 4.2.4.2. Derived Requirements 252 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F31 254 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A22 256 4.2.5. Simple Video Communication Service, enterprise aspects 258 4.2.5.1. Description 260 This use-case is similar to the Simple Video Communication Service 261 use-case (Section 4.2.1). 263 What is added is aspects when using the service in enterprises. ICE 264 is assumed in the further description of this use-case. 266 An enterprise that uses a RTCWEB based web application for 267 communication desires to audit all RTCWEB based application session 268 used from inside the company towards any external peer. To be able 269 to do this they deploy a TURN server that straddle the boundary 270 between the internal network and the external. 272 The firewall will block all attempts to use STUN with an external 273 destination unless they go to the enterprise auditing TURN server. 274 In cases where employees are using RTCWEB applications provided by an 275 external service provider they still want to have the traffic to stay 276 inside their internal network and in addition not load the straddling 277 TURN server, thus they deploy a STUN server allowing the RTCWEB 278 client to determine its server reflexive address on the internal 279 side. Thus enabling cases where peers are both on the internal side 280 to connect without the traffic leaving the internal network. It must 281 be possibele to configure the browsers used in the enterprise with 282 network specific STUN and TURN servers. This should be possible to 283 achieve by autoconfiguration methods. The RTCWEB functionality will 284 need to utilize both network specific STUN and TURN resources and 285 STUN and TURN servers provisioned by the web application. 287 4.2.5.2. Derived Requirements 289 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F32 291 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 293 4.2.6. Simple Video Communication Service, access change 295 4.2.6.1. Description 297 This use-case is almost identical to the Simple Video Communication 298 Service use-case (Section 4.2.1).The difference is that the user 299 changes network access during the session: 301 The communication device used by one of the users have several 302 network adapters (Ethernet, WiFi, Cellular). The communication 303 device is accessing the Internet using Ethernet, but the user has to 304 start a trip during the session. The communication device 305 automatically changes to use WiFi when the Ethernet cable is removed 306 and then moves to cellular access to the Internet when moving out of 307 WiFi coverage. The session continues even though the access method 308 changes. 310 4.2.6.2. Derived Requirements 312 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F26, F28 314 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 316 4.2.7. Simple Video Communication Service, QoS 318 4.2.7.1. Description 320 This use-case is almost identical to the Simple Video Communication 321 Service, access change use-case (Section 4.2.6). The use of Quality 322 of Service (QoS) capabilities is added: 324 The user in the previous use case that starts a trip is behind a 325 common residential router that supports prioritization of traffic. 326 In addition, the user's provider of cellular access has QoS support 327 enabled. The user is able to take advantage of the QoS support both 328 when accessing via the residential router and when using cellular. 330 4.2.7.2. Derived Requirements 332 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F24, F25, F26, F28 334 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12 336 4.2.8. Simple Video Communication Service with sharing 338 4.2.8.1. Description 340 This use-case has the audio and video communication of the Simple 341 Video Communication Service use-case (Section 4.2.1). 343 But in addition to this, one of the users can share what is being 344 displayed on her/his screen with a peer. The user can choose to 345 share the entire screen, part of the screen (part selected by the 346 user) or what a selected applicaton displays with the peer. 348 4.2.8.2. Derived Requirements 350 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F30 352 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A21 354 4.2.9. Simple Video Communication Service with file exchange 356 4.2.9.1. Description 358 This use-case has the audio and video communication of the Simple 359 Video Communication Service use-case (Section 4.2.1). 361 But in addition to this, the users can send and receive files stored 362 in the file system of the device used. 364 4.2.9.2. Derived Requirements 366 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F28, F30, F33 368 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A21, A24 370 4.2.10. Simple video communication service with inter-operator calling 372 4.2.10.1. Description 374 Two users have logged into two different web applications, provided 375 by different service providers. 377 The service providers are interconnected by some means, but exchange 378 no more information about the users than what can be carried using 379 SIP. 381 NOTE: More profiling of what this means may be needed. 383 For each user Alice who has authorized another user Bob to receive 384 login status information, Alice's service publishes Alice's login 385 status information to Bob. How this authorization is defined and 386 established is out of scope. 388 The same functionality as in the the Simple Video Communication 389 Service use-case (Section 4.2.1) is available. 391 The same issues with connectivity apply. 393 4.2.10.2. Derived requirements 395 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F25, F27, F28 397 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A20 399 4.2.11. Hockey Game Viewer 401 4.2.11.1. Description 403 An ice-hockey club uses an application that enables talent scouts to, 404 in real-time, show and discuss games and players with the club 405 manager. The talent scouts use a mobile phone with two cameras, one 406 front facing and one rear facing. 408 The club manager uses a desktop, equipped with one camera, for 409 viewing the game and discussing with the talent scout. 411 Before the game starts, and during game breaks, the talent scout and 412 the manager have a 1-1 audiovisual communication session. Only the 413 rear facing camera of the mobile phone is used. On the display of 414 the mobile phone, the video of the club manager is shown with a 415 picture-in-picture thumbnail of the rear facing camera (self-view). 416 On the display of the desktop, the video of the talent scout is shown 417 with a picture-in-picture thumbnail of the desktop camera (self- 418 view). 420 When the game is on-going, the talent scout activates the use of the 421 front facing camera, and that stream is sent to the desktop (the 422 stream from the rear facing camera continues to be sent all the 423 time). The video stream captured by the front facing camera (that is 424 capturing the game) of the mobile phone is shown in a big window on 425 the desktop screen, with picture-in-picture thumbnails of the rear 426 facing camera and the desktop camera (self-view). On the display of 427 the mobile phone the game is shown (front facing camera) with 428 picture-in-picture thumbnails of the rear facing camera (self-view) 429 and the desktop camera. As the most important stream in this phase 430 is the video showing the game, the application used in the talent 431 scout's mobile sets higher priority for that stream. 433 It is essential that the communication cannot be wiretapped 434 [RFC2804]. 436 4.2.11.2. Derived Requirements 438 F1, F2, F3, F4, F5, F6, F8, F9, F10, F17, F20, F34 440 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A17, A23 442 4.2.12. Multiparty video communication 444 4.2.12.1. Description 446 In this use-case is the Simple Video Communication Service use-case 447 (Section 4.2.1) is extended by allowing multiparty sessions. No 448 central server is involved - the browser of each participant sends 449 and receives streams to and from all other session participants. The 450 web application in the browser of each user is responsible for 451 setting up streams to all receivers. 453 In order to enhance intelligibility, the web application pans the 454 audio from different participants differently when rendering the 455 audio. This is done automatically, but users can change how the 456 different participants are placed in the (virtual) room. In addition 457 the levels in the audio signals are adjusted before mixing. 459 Another feature intended to enhance the use experience is that the 460 video window that displays the video of the currently speaking peer 461 is highlighted. 463 Each video stream received is by default displayed in a thumbnail 464 frame within the browser, but users can change the display size. 466 It is essential that the communication cannot be wiretapped 467 [RFC2804]. 469 Note: What this use-case adds in terms of requirements is 470 capabilities to send streams to and receive streams from several 471 peers concurrently, as well as the capabilities to render the video 472 from all recevied streams and be able to spatialize, level adjust and 473 mix the audio from all received streams locally in the browser. It 474 also adds the capability to measure the audio level/activity. 476 4.2.12.2. Derived Requirements 478 F1, F2, F3, F4, F5, F6, F8, F9, F10, F11, F12, F13, F14, F15, F16, 479 F17, F20, F25 481 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13, A14, A15, 482 A16, A17 484 4.2.13. Multiparty on-line game with voice communication 486 4.2.13.1. Description 488 This use case is based on the previous one. In this use-case, the 489 voice part of the multiparty video communication use case is used in 490 the context of an on-line game. The received voice audio media is 491 rendered together with game sound objects. For example, the sound of 492 a tank moving from left to right over the screen must be rendered and 493 played to the user together with the voice media. 495 Quick updates of the game state is required, and have higher priority 496 than the voice. 498 It is essential that the communication cannot be wiretapped 499 [RFC2804]. 501 Note: the difference regarding local audio processing compared to the 502 "Multiparty video communication" use-case is that other sound objects 503 than the streams must be possible to be included in the 504 spatialization and mixing. "Other sound objects" could for example 505 be a file with the sound of the tank; that file could be stored 506 locally or remotely. 508 4.2.13.2. Derived Requirements 510 F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F14, F15, F16, F18, 511 F20, F23, F34 513 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16, 514 A17, A18, A23 516 4.2.14. Distributed Music Band 518 4.2.14.1. Description 520 In this use-case, a music band is playing music while the members are 521 at different physical locations. No central server is used, instead 522 all streams are set up in a mesh fashion. 524 Discussion: This use-case was briefly discussed at the Quebec webrtc 525 meeting and it got support. So far the only concrete requirement 526 (A17) derived is that the application must be able to ask the browser 527 to treat the audio signal as audio (in contrast to speech). However, 528 the use case should be further analysed to determine other 529 requirements (could be e.g. on delay mic->speaker, level control of 530 audio signals, etc.). 532 4.2.14.2. Derived Requirements 534 F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F14, F15, F16 536 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16, 537 A19 539 4.3. Browser - GW/Server use cases 541 4.3.1. Telephony terminal 543 4.3.1.1. Description 545 A mobile telephony operator allows its customers to use a web browser 546 to access their services. After a simple log in the user can place 547 and receive calls in the same way as when using a normal mobile 548 phone. When a call is received or placed, the identity is shown in 549 the same manner as when a mobile phone is used. 551 It is essential that the communication cannot be wiretapped 552 [RFC2804]. 554 Note: With "place and receive calls in the same way as when using a 555 normal mobile phone" it is meant that you can dial a number, and that 556 your mobile telephony operator has made available your phone contacts 557 on line, so they are available and can be clicked to call, and be 558 used to present the identity of an incoming call. If the callee is 559 not in your phone contacts the number is displayed. Furthermore, 560 your call logs are available, and updated with the calls made/ 561 received from the browser. And for people receiving calls made from 562 the web browser the usual identity (i.e. the phone number of the 563 mobile phone) will be presented. 565 4.3.1.2. Derived Requirements 567 F1, F2, F3, F4, F5, F6, F8, F9, F10, F20, F21 569 A1, A2, A3, A4, A7, A8, A9, A10, A11, A12 571 4.3.2. Fedex Call 573 4.3.2.1. Description 575 Alice uses her web browser with a service something like Skype to be 576 able to phone PSTN numbers. Alice calls 1-800-gofedex. Alice should 577 be able to hear the initial prompts from the fedex IVR and when the 578 IVR says press 1, there should be a way for Alice to navigate the 579 IVR. 581 4.3.2.2. Derived Requirements 583 F1, F2, F3, F4, F5, F6, F8, F9, F10, F21, F22 585 A1, A2, A3, A4, A7, A8, A9, A10, A11, A12 587 4.3.3. Video conferencing system with central server 589 4.3.3.1. Description 591 An organization uses a video communication system that supports the 592 establishment of multiparty video sessions using a central conference 593 server. 595 The browser of each participant send an audio stream (type in terms 596 of mono, stereo, 5.1, ... depending on the equipment of the 597 participant) to the central server. The central server mixes the 598 audio streams (and can in the mixing process naturally add effects 599 such as spatialization) and sends towards each participant a mixed 600 audio stream which is played to the user. 602 The browser of each participant sends video towards the server. For 603 each participant one high resolution video is displayed in a large 604 window, while a number of low resolution videos are displayed in 605 smaller windows. The server selects what video streams to be 606 forwarded as main- and thumbnail videos respectively, based on speech 607 activity. As the video streams to display can change quite 608 frequently (as the conversation flows) it is important that the delay 609 from when a video stream is selected for display until the video can 610 be displayed is short. 612 The organization has an internal network set up with an aggressive 613 firewall handling access to the Internet. If users cannot physically 614 access the internal network, they can establish a Virtual Private 615 Network (VPN). 617 It is essential that the communication cannot be wiretapped 618 [RFC2804]. 620 All participants are authenticated by the central server, and 621 authorized to connect to the central server. The participants are 622 identified to each other by the central server, and the participants 623 do not have access to each others' credentials such as e-mail 624 addresses or login IDs. 626 Note: This use-case adds requirements on support for fast stream 627 switches F7, on encryption of media and on ability to traverse very 628 restrictive FWs. There exist several solutions that enable the 629 server to forward one high resolution and several low resolution 630 video streams: a) each browser could send a high resolution, but 631 scalable stream, and the server could send just the base layer for 632 the low resolution streams, b) each browser could in a simulcast 633 fashion send one high resolution and one low resolution stream, and 634 the server just selects or c) each browser sends just a high 635 resolution stream, the server transcodes into low resolution streams 636 as required. 638 4.3.3.2. Derived Requirements 640 F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F17, F19, F20 642 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A17 644 5. Requirements 646 5.1. General 648 This section contains the requirements derived from the use-cases in 649 section 4. 651 NOTE: It is assumed that the user applications are executed on a 652 browser. Whether the capabilities to implement specific browser 653 requirements are implemented by the browser application, or are 654 provided to the browser application by the underlying operating 655 system, is outside the scope of this document. 657 5.2. Browser requirements 659 REQ-ID DESCRIPTION 660 --------------------------------------------------------------- 661 F1 The browser MUST be able to use microphones and 662 cameras as input devices to generate streams. 663 ---------------------------------------------------------------- 664 F2 The browser MUST be able to send streams and 665 data to a peer in the presence of NATs. 667 ---------------------------------------------------------------- 668 F3 Transmitted streams and data MUST be rate 669 controlled. 670 ---------------------------------------------------------------- 671 F4 The browser MUST be able to receive, process and 672 render streams and data ("render" does not 673 apply for data) from peers. 674 ---------------------------------------------------------------- 675 F5 The browser MUST be able to render good quality 676 audio and video even in the presence of 677 reasonable levels of jitter and packet losses. 679 TBD: What is a reasonable level? 680 ---------------------------------------------------------------- 681 F6 The browser MUST be able to handle high loss and 682 jitter levels in a graceful way. 683 ---------------------------------------------------------------- 684 F7 The browser MUST support fast stream switches. 685 ---------------------------------------------------------------- 686 F8 The browser MUST detect when a stream from a 687 peer is not received anymore 688 ---------------------------------------------------------------- 689 F9 When there are both incoming and outgoing audio 690 streams, echo cancellation MUST be made 691 available to avoid disturbing echo during 692 conversation. 694 QUESTION: How much control should be left to the 695 web application? 696 ---------------------------------------------------------------- 697 F10 The browser MUST support synchronization of 698 audio and video. 700 QUESTION: How much control should be left to the 701 web application? 702 ---------------------------------------------------------------- 703 F11 The browser MUST be able to transmit streams and 704 data to several peers concurrently. 705 ---------------------------------------------------------------- 706 F12 The browser MUST be able to receive streams and 707 data from multiple peers concurrently. 708 ---------------------------------------------------------------- 709 F13 The browser MUST be able to apply spatialization 710 effects to audio streams. 711 ---------------------------------------------------------------- 712 F14 The browser MUST be able to measure the level 713 in audio streams. 715 ---------------------------------------------------------------- 716 F15 The browser MUST be able to change the level 717 in audio streams. 718 ---------------------------------------------------------------- 719 F16 The browser MUST be able to render several 720 concurrent video streams 721 ---------------------------------------------------------------- 722 F17 The browser MUST be able to mix several 723 audio streams. 724 ---------------------------------------------------------------- 725 F18 The browser MUST be able to process and mix 726 sound objects (media that is retrieved from 727 another source than the established media 728 stream(s) with the peer(s) with audio streams. 729 ---------------------------------------------------------------- 730 F19 Streams and data MUST be able to pass through 731 restrictive firewalls. 732 ---------------------------------------------------------------- 733 F20 It MUST be possible to protect streams and data 734 from wiretapping. 735 ---------------------------------------------------------------- 736 F21 The browser MUST support an audio media format 737 (codec) that is commonly supported by existing 738 telephony services. 740 QUESTION: G.711? 741 ---------------------------------------------------------------- 742 F22 There should be a way to navigate 743 a DTMF based IVR 744 ---------------------------------------------------------------- 745 F23 The browser must be able to send short 746 latency unreliable datagram traffic to a 747 peer browser. 748 ---------------------------------------------------------------- 749 F24 The browser SHOULD be able to take advantage 750 of available capabilities (supplied by network 751 nodes) to prioritize voice, video and data 752 appropriately. 753 ---------------------------------------------------------------- 754 F25 The browser SHOULD use encoding of streams 755 suitable for the current rendering (e.g. 756 video display size) and SHOULD change parameters 757 if the rendering changes during the session 758 ---------------------------------------------------------------- 759 F26 It MUST be possible to move from one network 760 interface to another one 761 ---------------------------------------------------------------- 762 F27 The browser MUST be able to initiate and 763 accept a media session where the data needed 764 for establishment can be carried in SIP. 765 ---------------------------------------------------------------- 766 F28 The browser MUST support a baseline audio and 767 video codec 768 ---------------------------------------------------------------- 769 F29 The browser MUST be able to send streams and 770 data to a peer in the presence of NATs that 771 block UDP traffic. 772 ---------------------------------------------------------------- 773 F30 The browser MUST be able to use the screen (or 774 a specific area of the screen) or what a certain 775 application displays on the screen to generate 776 streams. 777 ---------------------------------------------------------------- 778 F31 The browser MUST be able to use several STUN 779 and TURN servers 780 ---------------------------------------------------------------- 781 F32 There browser MUST support that STUN and TURN 782 servers to use are supplied by other entities 783 than the service provided (i.e. the network 784 provider). 785 ---------------------------------------------------------------- 786 F33 The browser must be able to send reliable 787 data traffic to a peer browser. 788 ---------------------------------------------------------------- 789 F34 The browser MUST support priortization of 790 streams and data. 791 ---------------------------------------------------------------- 792 F35 The browser MUST enable verification, given 793 the right circumstances and by use of other 794 trusted communication, of that streams and 795 data received have not been manipulated by 796 any party. 797 ---------------------------------------------------------------- 798 F36 The browser MUST reject incoming media and 799 data, either modified, created or injected, 800 by any entity not trusted by the site. 801 ---------------------------------------------------------------- 802 F37 The browser MUST be able to send streams and 803 data to a peer in the presence of FWs that only 804 allows http(s) traffic. 805 ---------------------------------------------------------------- 806 F38 The browser MUST be able to collect statistics, 807 related to the transport of audio and video 808 between peers, needed to estimate quality of 809 service. 810 ---------------------------------------------------------------- 812 5.3. API requirements 814 REQ-ID DESCRIPTION 815 ---------------------------------------------------------------- 816 A1 The Web API MUST provide means for the 817 application to ask the browser for permission 818 to use cameras and microphones as input devices. 819 ---------------------------------------------------------------- 820 A2 The Web API MUST provide means for the web 821 application to control how streams generated 822 by input devices are used. 823 ---------------------------------------------------------------- 824 A3 The Web API MUST provide means for the web 825 application to control the local rendering of 826 streams (locally generated streams and streams 827 received from a peer). 828 ---------------------------------------------------------------- 829 A4 The Web API MUST provide means for the web 830 application to initiate sending of 831 stream/stream components to a peer. 832 ---------------------------------------------------------------- 833 A5 The Web API MUST provide means for the web 834 application to control the media format (codec) 835 to be used for the streams sent to a peer. 837 NOTE: The level of control depends on whether 838 the codec negotiation is handled by the browser 839 or the web application. 840 ---------------------------------------------------------------- 841 A6 The Web API MUST provide means for the web 842 application to modify the media format for 843 streams sent to a peer after a media stream 844 has been established. 845 ---------------------------------------------------------------- 846 A7 The Web API MUST provide means for 847 informing the web application of whether the 848 establishment of a stream with a peer was 849 successful or not. 850 ---------------------------------------------------------------- 851 A8 The Web API MUST provide means for the web 852 application to mute/unmute a stream or stream 853 component(s). When a stream is sent to a peer 854 mute status must be preserved in the stream 855 received by the peer. 856 ---------------------------------------------------------------- 857 A9 The Web API MUST provide means for the web 858 application to cease the sending of a stream 859 to a peer. 860 ---------------------------------------------------------------- 861 A10 The Web API MUST provide means for the web 862 application to cease processing and rendering 863 of a stream received from a peer. 864 ---------------------------------------------------------------- 865 A11 The Web API MUST provide means for 866 informing the web application when a 867 stream from a peer is no longer received. 868 ---------------------------------------------------------------- 869 A12 The Web API MUST provide means for 870 informing the web application when high 871 loss rates occur. 872 ---------------------------------------------------------------- 873 A13 The Web API MUST provide means for the web 874 application to apply spatialization effects to 875 audio streams. 876 ---------------------------------------------------------------- 877 A14 The Web API MUST provide means for the web 878 application to detect the level in audio 879 streams. 880 ---------------------------------------------------------------- 881 A15 The Web API MUST provide means for the web 882 application to adjust the level in audio 883 streams. 884 ---------------------------------------------------------------- 885 A16 The Web API MUST provide means for the web 886 application to mix audio streams. 887 ---------------------------------------------------------------- 888 A17 For each stream generated, the Web API MUST 889 provide an identifier that is accessible by the 890 application. The identifier MUST be accessible 891 also for a peer receiving that stream and MUST 892 be unique relative to all other stream 893 identifiers in use by either party. 894 ---------------------------------------------------------------- 895 A18 The Web API MUST provide a mechanism for sending 896 and receiving isolated discrete chunks of data. 897 ---------------------------------------------------------------- 898 A19 The Web API MUST provide means for the web 899 application indicate the type of audio signal 900 (speech, audio)for audio stream(s)/stream 901 component(s). 902 ---------------------------------------------------------------- 903 A20 It must be possible for an initiator or a 904 responder Web application to indicate the types 905 of media he's willing to accept incoming 906 streams for when setting up a connection (audio, 907 video, other). The types of media he's willing 908 to accept can be a subset of the types of media 909 the browser is able to accept. 910 ---------------------------------------------------------------- 911 A21 The Web API MUST provide means for the 912 application to ask the browser for permission 913 to the screen, a certain area on the screen 914 or what a certain application displays on the 915 screen as input to streams. 916 ---------------------------------------------------------------- 917 A22 The Web API MUST provide means for the 918 application to specify several STUN and/or 919 TURN servers to use. 920 ---------------------------------------------------------------- 921 A23 The Web API MUST provide means for the 922 application to specify the priority to 923 apply for outgoing streams and data. 924 ---------------------------------------------------------------- 925 A24 The Web API MUST provide a mechanism for sending 926 and receiving files. 927 ---------------------------------------------------------------- 928 A25 It must be possible for the application to 929 refrain from exposing the IP address 930 ---------------------------------------------------------------- 931 A26 The Web API MUST provide means for the 932 application to obtain the statistics (related 933 to transport, and collected by the browser) 934 needed to estimate quality of service. 935 ---------------------------------------------------------------- 937 6. IANA Considerations 939 TBD 941 7. Security Considerations 943 7.1. Introduction 945 A malicious web application might use the browser to perform Denial 946 Of Service (DOS) attacks on NAT infrastructure, or on peer devices. 947 Also, a malicious web application might silently establish outgoing, 948 and accept incoming, streams on an already established connection. 950 Based on the identified security risks, this section will describe 951 security considerations for the browser and web application. 953 7.2. Browser Considerations 955 The browser is expected to provide mechanisms for getting user 956 consent to use device resources such as camera and microphone. 958 The browser is expected to provide mechanisms for informing the user 959 that device resources such as camera and microphone are in use 960 ("hot"). 962 The browser is expected to provide mechanisms for users to revise and 963 even completely revoke consent to use device resources such as camera 964 and microphone. 966 The browser is expected to provide mechanisms for getting user 967 consent to use the screen (or a certain part of it) or what a certain 968 application displays on the screen as source for streams. 970 The browser is expected to provide mechanisms for informing the user 971 that the screen, part thereof or an application is serving as a 972 stream source ("hot"). 974 The browser is expected to provide mechanisms for users to revise and 975 even completely revoke consent to use the screen, part thereof or an 976 application is serving as a stream source. 978 The browser is expected to provide mechanisms in order to assure that 979 streams are the ones the recipient intended to receive. 981 The browser is expected to provide mechanisms that allows the users 982 to verify that the streams received have not be manipulated (F35). 984 The browser needs to ensure that media is not sent, and that received 985 media is not rendered, until the associated stream establishment and 986 handshake procedures with the remote peer have been successfully 987 finished. 989 The browser needs to ensure that the stream negotiation procedures 990 are not seen as Denial Of Service (DOS) by other entities. 992 7.3. Web Application Considerations 994 The web application is expected to ensure user consent in sending and 995 receiving media streams. 997 8. Additional use-cases 999 Several additional use-cases have been discussed. At this point 1000 these use-cases are not included as requirement deriving use-cases 1001 for different reasons (lack of documentation, overlap with existing 1002 use-cases, lack of consensus). For completeness these additional 1003 use-cases are listed below: 1004 1. Use-cases regarding different situations when being invited to a 1005 "session", e.g. browser open, browser open but another tab 1006 active, browser open but active in session, browser closed, .... 1007 (Matthew Kaufman); discussed at webrtc meeting 1008 2. E911 (Paul Beaumont) http://www.ietf.org/mail-archive/web/ 1009 rtcweb/current/msg00525.html, followed up by Stephan Wenger 1010 3. Local Recording and Remote recording (John): Discussed a _lot_ 1011 on the mail lists (rtcweb as well as public-webrtc) lAugust and 1012 September 2011. Concrete proposal: http://www.ietf.org/ 1013 mail-archive/web/rtcweb/current/msg01006.html (remote) and http: 1014 //www.ietf.org/mail-archive/web/rtcweb/current/msg00734.html 1015 (local) 1016 4. Emergency access for disabled (Bernard Aboba) http:// 1017 www.ietf.org/mail-archive/web/rtcweb/current/msg00478.html 1018 5. Clue use-cases (Roni Even) http://tools.ietf.org/html/ 1019 draft-ietf-clue-telepresence-use-cases-01 1020 6. Rohan red cross (Cullen Jennings); http://www.ietf.org/ 1021 mail-archive/web/rtcweb/current/msg00323.html 1022 7. Security camera/baby monitor usage http://www.ietf.org/ 1023 mail-archive/web/rtcweb/current/msg00543.html 1024 8. Large multiparty session http://www.ietf.org/mail-archive/web/ 1025 rtcweb/current/msg00530.html 1026 9. Call center http://www.ietf.org/mail-archive/web/rtcweb/current/ 1027 msg04203.html 1028 10. Enterprise policies http://www.ietf.org/mail-archive/web/rtcweb/ 1029 current/msg04271.html 1030 11. Low-complex multiparty central node http://www.ietf.org/ 1031 mail-archive/web/rtcweb/current/msg04430.html 1032 12. Multiparty central node that is not allowed to decipher http:// 1033 www.ietf.org/mail-archive/web/rtcweb/current/msg04457.html 1034 13. Enable company coop without being able to decipher http:// 1035 www.ietf.org/mail-archive/web/rtcweb/current/msg04461.html 1037 9. Acknowledgements 1039 Dan Burnett has reviewed and proposed a lot of things that enhances 1040 the document. Most of this has been incorporated in rev -05. 1042 Stephan Wenger has provided a lot of useful input and feedback, as 1043 well as editorial comments. 1045 Harald Alvestrand and Ted Hardie have provided comments and feedback 1046 on the draft. 1048 Harald Alvestrand and Cullen Jennings have provided additional use- 1049 cases. 1051 Thank You to everyone in the RTCWEB community that have provided 1052 comments, feedback and improvement proposals on the draft content. 1054 10. Change Log 1056 [RFC EDITOR NOTE: Please remove this section when publishing] 1058 Changes from draft-ietf-rtcweb-use-cases-and-requirements-09 1060 o Changed "video communication session" to "audiovisual 1061 communication session. 1063 Changes from draft-ietf-rtcweb-use-cases-and-requirements-08 1065 o Changed "eavesdropping" to "wiretapping" and referenced RFC2804. 1066 o Removed informal ref webrtc_req; that document has been abandoned 1067 by the W3C webrtc WG. 1068 o Added use-case where one user is behind a FW that only allows 1069 http; derived req. F37. 1070 o Changed F24 slightly; MUST-> SHOULD, inserted "available". 1071 o Added a clause to "Simple video communication service" saying that 1072 the service provider monitors the quality of service, and derived 1073 reqs F38 and A26. 1075 Changes from draft-ietf-rtcweb-use-cases-and-requirements-07 1077 o Added "and data exchange" to 1. Introduction. 1078 o Removed cone and symmetric NAT from 4.1 Introduction, refers to 1079 RFC4787 instead. 1080 o Added text on enabling verifyication of that the media has not 1081 been manipulated by anyone to use-case "Simple Video Communication 1082 Service", derived req. F35 1083 o Added text on that the browser should reject media (data) that has 1084 been created/injected/modified by non-trusted party, derived req. 1085 F36 1086 o Added text on enabling the app to refrain from revealing IP 1087 address to use-case "Simple Video Communication Service", derived 1088 req. A25 1089 o Added use-case "Simple Video Communication Service with file 1090 exchange", derived reqs F33 and A24 1091 o Added priority of video streams to "Hockey game viewer" use case, 1092 added priority of data to "on-line game use-case", derived reqs 1093 F34 and A23 1095 o In F22, "the IVR" -> "a DTMF based IVR". 1096 o Updated req F23 to clarify that requirements such as NAT 1097 traversal, prtoection from eavesdropping, rate control applies 1098 also to datagram. 1100 Changes from draft-ietf-rtcweb-use-cases-and-requirements-06 1102 o Renaming of requirements (FaI1 -> F31), (FaI2 -> F32) and (AaI1 -> 1103 A22) 1105 Changes from draft-ietf-rtcweb-use-cases-and-requirements-05 1107 o Added use-case "global service provider", derived reqs associated 1108 with several STUN/TURN servers 1109 o Added use-case "enterprise aspects", derived req associated with 1110 enabling the network provider to supply STUN and TURN servers 1111 o The requirements from the above are ICE specific and labeled 1112 accordingly 1113 o Separated the requirements phrased like "processing such as pan, 1114 mix and render" for audio to be specific reqs on spatialization, 1115 level measurement, level adjustment and mixing (discussed on the 1116 lists in 1117 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01648.html 1118 and http://lists.w3.org/Archives/Public/public-webrtc/2011Sep/ 1119 0102.html) 1120 o Added use-case on sharing as decided in 1121 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01700.html, 1122 derived reqs F30 and A21 1123 o Added the list of common considerations proposed in mail 1124 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01562.html 1125 to the Introduction of the use-case section 1127 Changes from draft-ietf-rtcweb-use-cases-and-requirements-04 1129 o Most changes based on the input from Dan Burnett 1130 http://www.ietf.org/mail-archive/web/rtcweb/current/msg00948.html 1131 o Many editorial changes 1132 o 4.2.1.1 Clarified 1133 o Some clarification added to 4.3.1.1 as a note 1134 o F-requirements updated (see reply to Dan's mail). 1135 o Almost all A-requirements updated to start "The Web API MUST 1136 provide ..." 1137 o A8 removed, A9 rephrased to cover A8 and old A9 1138 o A15 rephrased 1139 o For more details, and discussion, look att the response to Dan's 1140 mail 1141 http://www.ietf.org/mail-archive/web/rtcweb/current/msg01177.html 1143 Changes from draft-ietf-rtcweb-use-cases-and-requirements-03 1145 o Editorials 1146 o Changed when the self-view is displayed in 4.2.1.1, and added 1147 words about allowing users to remove and re-insert it. 1148 o Clarified 4.2.6.1 1149 o Removed the "mono" stuff from 4.2.7.1 1150 o Added that communication should not be possible to eavesdrop to 1151 most use cases - and req. F17 1152 o Re-phrased 4.3.3.1 to not describe the technical solution so much, 1153 and removed "stereo" stuff. Solution possibilities are now in a 1154 note. 1155 o Re-inserted API requirements after discussion in the W3C webrtc 1156 WG. (Re-phrased A15 and added A18 compared to version -02). 1158 Changes from draft-ietf-rtcweb-use-cases-and-requirements-02 1160 o Removed desrciption/list of API requirements, instead 1161 o Reference to W3C webrtc_reqs document for API requirements 1163 Changes from draft-ietf-rtcweb-ucreqs-01 1165 o Changed Intended status to Information 1166 o Changed "Ipr" to "trust200902" 1167 o Added use case "Simple video communication service, NAT/FW that 1168 blocks UDP", and derived new req F26 1169 o Added use case "Distributed Music Band" and derived new req A17 1170 o Added F24 as requirement derived from use case "Simple video 1171 communication service with inter-operator calling" 1172 o Added section "Additional use cases" 1173 o Added text about ID handling to multiparty with central server use 1174 case 1175 o Re-phrased A1 slightly 1177 Changes from draft-ietf-rtcweb-ucreqs-00 1179 o - Reshuffled: Just two main groups of use cases (b2b and b2GW/ 1180 Server); removed some specific use cases and added them instead as 1181 flavors to the base use case (Simple video communciation) 1182 o - Changed the fromulation of F19 1183 o - Removed the requirement on an API for DTMF 1184 o - Removed "FX3: There SHOULD be a mapping of the minimum needed 1185 data for setting up connections into SIP, so that the restriction 1186 to SIP-carriable data can be verified. Not a rew on the browser 1187 but rather on a document" 1188 o - (see 1189 http://www.ietf.org/mail-archive/web/rtcweb/current/msg00227.html 1190 for more details) 1192 o -Added text on informing user of that mic/cam is being used and 1193 that it must be possible to revoce permission to use them in 1194 section 7. 1195 Changes from draft-holmberg-rtcweb-ucreqs-01 1196 o - Draft name changed to draft-ietf-rtcweb-ucreqs 1197 o - Use-case grouping introduced 1198 o - Additional use-cases added 1199 o - Additional reqs added (derived from use cases): F19-F25, A16-A17 1201 Changes from draft-holmberg-rtcweb-ucreqs-00 1202 o - Mapping between use-cases and requirements added (Harald 1203 Alvestrand, 090311) 1204 o - Additional security considerations text (Harald Alvestrand, 1205 090311) 1206 o - Clarification that user applications are assumed to be executed 1207 by a browser (Ted Hardie, 080311) 1208 o - Editorial corrections and clarifications 1210 11. References 1212 11.1. Normative References 1214 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1215 Requirement Levels", BCP 14, RFC 2119, March 1997. 1217 [RFC2804] IAB and IESG, "IETF Policy on Wiretapping", RFC 2804, 1218 May 2000. 1220 11.2. Informative References 1222 Authors' Addresses 1224 Christer Holmberg 1225 Ericsson 1226 Hirsalantie 11 1227 Jorvas 02420 1228 Finland 1230 Email: christer.holmberg@ericsson.com 1231 Stefan Hakansson 1232 Ericsson 1233 Laboratoriegrand 11 1234 Lulea 97128 1235 Sweden 1237 Email: stefan.lk.hakansson@ericsson.com 1239 Goran AP Eriksson 1240 Ericsson 1241 Farogatan 6 1242 Stockholm 16480 1243 Sweden 1245 Email: goran.ap.eriksson@ericsson.com