idnits 2.17.1 draft-ietf-straw-b2bua-rtcp-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 31, 2016) is 2880 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 4566 (Obsoleted by RFC 8866) ** Downref: Normative reference to an Informational RFC: RFC 7656 Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 STRAW Working Group L. Miniero 3 Internet-Draft Meetecho 4 Intended status: Standards Track S. Garcia Murillo 5 Expires: December 2, 2016 Medooze 6 V. Pascual 7 Quobis 8 May 31, 2016 10 Guidelines to support RTCP end-to-end in Back-to-Back User Agents 11 (B2BUAs) 12 draft-ietf-straw-b2bua-rtcp-11 14 Abstract 16 SIP Back-to-Back User Agents (B2BUAs) are often envisaged to also be 17 on the media path, rather than just intercepting signalling. This 18 means that B2BUAs often implement an RTP/RTCP stack as well, thus 19 leading to separate multimedia sessions that the B2BUA correlates and 20 bridges together. If not disciplined, though, this behaviour can 21 severely impact the communication experience, especially when 22 statistics and feedback information contained in RTCP messages get 23 lost because of mismatches in the reported data. 25 This document defines the proper behaviour B2BUAs should follow when 26 also acting on the signalling/media plane in order to preserve the 27 end-to-end functionality of RTCP. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on December 2, 2016. 46 Copyright Notice 48 Copyright (c) 2016 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 3. Signalling/Media Plane B2BUAs . . . . . . . . . . . . . . . . 4 66 3.1. Media Relay . . . . . . . . . . . . . . . . . . . . . . . 5 67 3.2. Media-aware Relay . . . . . . . . . . . . . . . . . . . . 6 68 3.3. Media Terminator . . . . . . . . . . . . . . . . . . . . 10 69 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 70 5. Security Considerations . . . . . . . . . . . . . . . . . . . 11 71 6. Change Summary . . . . . . . . . . . . . . . . . . . . . . . 12 72 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 73 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 74 8.1. Normative References . . . . . . . . . . . . . . . . . . 14 75 8.2. Informative References . . . . . . . . . . . . . . . . . 15 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 78 1. Introduction 80 Session Initiation Protocol [RFC3261] Back-to-Back User Agents 81 (B2BUAs) are SIP entities that can act as a logical combination of 82 both a User Agent Server (UAS) and a User Agent Client (UAC). As 83 such, their behaviour is not always completely adherent to the 84 standards, and can lead to unexpected situations. [RFC7092] presents 85 a taxonomy of the most commonly deployed B2BUA implementations, 86 describing how they differ in terms of the functionality and features 87 they provide. 89 Such components often do not only act on the signalling plane, that 90 is intercepting and possibly modifying SIP messages, but also on the 91 media plane. This means that, in order to receive and manage all RTP 92 and RTCP [RFC3550] packets in a session, these components also 93 manipulate the session descriptions [RFC4566] in the related offer/ 94 answer exchanges [RFC3264]. The reasons for such a behaviour can be 95 different. The B2BUA may want, for instance, to provide transcoding 96 functionality for participants with incompatible codecs, or it may 97 need the traffic to be directly handled for different reasons like 98 billing, lawful interception, session recording and so on. This can 99 lead to several different topologies for RTP-based communication, as 100 documented in [RFC7667]. 102 Whatever the reason, such a behaviour does not come without a cost. 103 In fact, whenever a media-aware component is placed on the path 104 between two or more participants that want to communicate by means of 105 RTP/RTCP, the end-to-end nature of such protocols is broken. While 106 this may not be a problem for RTP packets, which can be quite easily 107 relayed, it definitely can cause serious issue for RTCP messages, 108 which carry important information and feedback on the communication 109 quality the participants are experiencing. Consider, for instance, 110 the simple scenario only involving two participants and a single RTP 111 session depicted in Figure 1: 113 +--------+ +---------+ +---------+ 114 | |=== SSRC1 ===>| |=== SSRC3 ===>| | 115 | Alice | | B2BUA | | Bob | 116 | |<=== SSRC2 ===| |<=== SSRC4 ===| | 117 +--------+ +---------+ +---------+ 119 Figure 1: B2BUA modifying RTP headers 121 In this common scenario, a participant (Alice) is communicating with 122 another participant (Bob) as a result of a signalling session managed 123 by a B2BUA: this B2BUA is also on the media path between the two, and 124 is acting as a media relay. This means that two separate RTP 125 sessions are involved (one per side), each carrying two RTP streams 126 (one per media direction). As part of this process, though, the 127 B2BUA is also rewriting some of the RTP header information on the 128 way. In this example, just the SSRC of the incoming RTP streams is 129 changed, but more information may be modified as well (e.g., sequence 130 numbers, timestamps, etc.). In particular, whenever Alice sends an 131 RTP packet, she sets her SSRC (SSRC1) in the RTP header of her RTP 132 source stream. The B2BUA rewrites the SSRC (SSRC3) before relaying 133 the packet to Bob. At the same time, RTP packets sent by Bob (SSRC4) 134 get their SSRC rewritten as well (SSRC2) before being relayed to 135 Alice. 137 Assuming now that Alice needs to inform Bob she has lost several 138 packets in the last few seconds, she will place the related received 139 RTP stream SSRC she is aware of (SSRC2), together with her own 140 (SSRC1), in RTCP Reports and/or NACKs. Since the B2BUA is making use 141 of different SSRCs for the RTP streams in the RTP session it 142 established with each participant, blindly relaying Alice's incoming 143 RTCP messages to Bob would cause issues. These RTCP messages would 144 reference SSRCs Bob doesn't know about, which would result in 145 precious feedback being dropped. In fact, Bob is only aware of SSRCs 146 SSRC4 (the one his source RTP stream uses) and SSRC3 (the one he's 147 receiving from the B2BUA in the received RTP stream), and knows 148 nothing about SSRCs SSRC1 and SSRC2 in the messages he received 149 instead. Considering the feedback being dropped because of this may 150 contain precious information, e.g., related to packet loss, 151 congestion, and other network issues or considerations, the inability 152 to take them into account may lead to severe issues. For instance, 153 Bob may flood Alice with more media packets she can handle, and/or 154 not retransmit Alice the packets she missed and asked for. This may 155 easily lead to a very bad communication experience, if not eventually 156 to an unwanted termination of the communication itself. 158 This is just a trivial example that, together with additional 159 scenarios, will be addressed in the following sections. 160 Nevertheless, it is a valid example of how such a simple mishandling 161 of precious information may lead to serious consequences. This is 162 especially true if we picture more complex scenarios involving 163 several participants at the same time, multiple RTP sessions (e.g., a 164 video stream along audio) rather than a single one, redundancy RTP 165 streams, SSRC multiplexing and so on. Considering how common B2BUA 166 deployments are, it is very important for them to properly address 167 RTCP messages, in order to be sure that their activities on the media 168 plane do not break or interfere with anything relevant to the 169 session. 171 2. Terminology 173 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 174 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 175 document are to be interpreted as described in [RFC2119]. 177 Besides, this document addresses, where relevant, the RTP-related 178 terminology as disciplined in [RFC7656]. 180 3. Signalling/Media Plane B2BUAs 182 As described in the introductory section, it's very common for B2BUA 183 deployments to also act on the media plane, rather than just 184 signalling alone. In particular, [RFC7092] describes three different 185 categories of such B2BUAs: a B2BUA, in fact, may act as a simple 186 media relay (1), effectively unaware of anything that is transported; 187 it may be a media-aware relay (2), also inspecting and/or modifying 188 RTP and RTCP messages as they flow by; or it may be a full-fledged 189 media termination entity (3), terminating and generating RTP and RTCP 190 messages as needed. 192 While [RFC3550] and [RFC7667] already mandate some specific 193 behaviours in the presence of certain topologies, not all deployments 194 strictly adhere to the specifications. This means that it's not rare 195 to encounter issues that may be avoided with a more disciplined 196 behaviour in that regard. For this reason, the following subsections 197 will describe the proper behaviour B2BUAs, whatever above category 198 they fall in, should follow in order not to impact any end-to-end 199 RTCP effectiveness. 201 3.1. Media Relay 203 A media relay, as identified in [RFC7092], simply forwards all RTP 204 and RTCP messages it receives, without either inspecting or modifying 205 them. Using the RTP Topologies terminology, this can be seen as a 206 RTP Transport Translator. As such, B2BUA acting as media relays are 207 not aware of what traffic they're handling. This means that both 208 packet payloads and packet headers are opaque to them. Many Session 209 Border Controllers (SBC) implement this kind of behaviour, e.g., when 210 acting as a bridge between an inner and outer network. 212 Considering all headers and identifiers in both RTP and RTCP are left 213 untouched, issues like the SSRC mismatch described in the previous 214 section would not occur. Similar problems could still happen, 215 though, for different reasons, as for instance if the session 216 description prepared by the B2BUA, whether it has been modified or 217 not, ends up providing incorrect information. This may happen, for 218 example, if the SDP on either side contains 'ssrc' [RFC5576] 219 attributes that don't match the actual SSRC being advertized on the 220 media plane, or when the B2BUA advertized support for NACK because it 221 implements it, while the original INVITE didn't. Such issues might 222 occur, for instance, when the B2BUA acting as a media relay is 223 generating a new session description when bridging an incoming call, 224 rather than using the original session description. This may cause 225 participants to find a mismatch between the SSRCs advertized in the 226 SDP and the ones actually observed in RTP and RTCP messages, or to 227 have them either ignore or generate RTCP feedback packets that were 228 not explicitly advertized as supported. 230 In order to prevent such an issue, a media-relay B2BUA SHOULD forward 231 all the SSRC- and RTCP-related SDP attributes when handling a 232 multimedia session setup between participants: this includes 233 attributes like 'ssrc' [RFC3261], 'rtcp-fb' [RFC4585], 'rtcp-xr- 234 attrib' [RFC3611] and others. It SHOULD NOT, though, blindly forward 235 all SDP attributes, as some of them (e.g., candidates, fingerprints, 236 crypto, etc.) may lead to call failures for different reasons out of 237 scope to this document. One notable example is the 'rtcp' [RFC3605] 238 attribute, that UAC may make use of to explicitly state the port 239 they're willing to use for RTCP. Considering the B2BUA would relay 240 RTCP messages, the port as seen by the other UAC involved in the 241 communication would differ from the one negotiated originally, and it 242 MUST be rewritten accordingly. 244 It is worth mentioning that, leaving RTCP messages untouched, a media 245 relay may also leak information that, according to policies, may need 246 to be hidden or masqueraded, e.g., domain names in CNAME items. 247 Besides, these CNAME items may actually contain IP addresses: this 248 means that, should a NAT be involved in the communication, this may 249 actually result in CNAME collisions, which could indeed break the 250 end-to-end RTCP behaviour. While [RFC7022] can prevent this from 251 happening, there may be implementations that don't make use of it. 252 As such, a B2BUA MAY rewrite CNAME items if any potential collision 253 is detected, even in the Media Relay case. If a B2BUA does indeed 254 decide to rewrite CNAME items, though, then it MUST generate new 255 CNAMEs following [RFC7022]. 257 3.2. Media-aware Relay 259 A Media-aware relay, unlike the the Media Relay addressed in the 260 previous section, is aware of the media traffic it is handling. This 261 means it inspects RTP and RTCP messages flowing by, and may even 262 modify their headers. Using the RFC3550 terminology, this can be 263 seen as a RTP Translator. A B2BUA implementing this role, though, 264 typically does not inspect the RTP payloads, which would be opaque to 265 them: this means that the actual media would not be manipulated (e.g, 266 transcoded). 268 This makes them quite different from the Media Relay previously 269 discussed, especially in terms of the potential issues that may occur 270 at the RTCP level. In fact, being able to modify the RTP and RTCP 271 headers, such B2BUAs may end up modifying RTP related information 272 like SSRC/CSRC, sequence numbers, timestamps and others in an RTP 273 stream, before forwarding the modified packets to the other 274 interested participants. This means that, if not properly 275 disciplined, such a behaviour may easily lead to issues like the one 276 described in the introductory section. For this reason, it is very 277 important for a B2BUA modifying RTP-related information across two 278 related RTP streams to also modify, in a coherent way, the same 279 information in RTCP messages. 281 It is worthwile to point out that such a B2BUA may not necessarily 282 forward all the packets it receives, though. Selective Forwarding 283 Units (SFU) [RFC7667], for instance, may aggregate or drop incoming 284 RTCP messages, while at the same time originating new ones on their 285 own. For the messages that are forwarded and/or aggregated, though, 286 it's important to make sure the information is coherent. 288 Besides the behaviour already mandated for RTCP translators in 289 Section 7.2 of [RFC3550], a media-aware B2BUA MUST handle incoming 290 RTCP messages to forward following this guideline: 292 SR: [RFC3550] 293 If the B2BUA has changed the SSRC of the sender RTP stream a 294 Sender Report refers to, it MUST update the SSRC in the SR packet 295 header as well. If the B2BUA has changed the SSRCs of other RTP 296 streams too, and any of these streams are addressed in any of the 297 SR report blocks, it MUST update the related values in the SR 298 report blocks as well. If the B2BUA has also changed the base RTP 299 sequence number when forwarding RTP packets, then this change 300 needs to be properly addressed in the 'extended highest sequence 301 number received' field in the Report Blocks. 303 RR: [RFC3550] 304 The same guidelines given for SR apply for RR as well. 306 SDES: [RFC3550] 307 If the B2BUA has changed the SSRC of any RTP stream addressed in 308 any of the chunks of an incoming SDES message, it MUST update the 309 related SSRCs in all the chunks. The same considerations made 310 with respect to CNAME collisions at the end of Section 3.1 apply 311 here as well. 313 BYE: [RFC3550] 314 If the B2BUA has changed the SSRC of any RTP stream addressed in 315 the SSRC/CSRC identifiers included in a BYE packet, it MUST update 316 them in the message. 318 APP: [RFC3550] 319 If the B2BUA has changed the SSRC of any RTP stream addressed in 320 the header of an APP packet, it MUST update the identifier in the 321 message. Should the B2BUA be aware of any specific APP message 322 format that contains additional information related to SSRCs, it 323 SHOULD update them as well accordingly. 325 Extended Reports (XR): [RFC3611] 326 If the B2BUA has changed the SSRC of the RTP stream associated 327 with the originator of an XR packet, it MUST update the SSRC in 328 the XR message header. The same guidelines given for SR/RR, with 329 respect to SSRC identifiers in report blocks, apply for all the 330 Report Block types in the XR message as well. If the B2BUA has 331 also changed the base RTP sequence number when forwarding RTP 332 packets, then this change needs to be properly addressed in the 333 'begin_seq' and 'end_seq' fields that are available in most of the 334 Report Block types that are part of the XR specification. 336 Receiver Summary Information (RSI): [RFC5760] 337 If the B2BUA has changed any SSRC of RTP streams addressed in a 338 RSI packet, it MUST update the SSRC identifiers in the message. 339 This includes the distribution source SSRC, which MUST be 340 rewritten with the one the B2BUA uses to send RTP packets to each 341 sender participant, the summarized SSRC and, when a Collision Sub- 342 Report Block is available, the SSRCs in the related list. 344 Port Mapping (TOKEN): [RFC6284] 345 If the B2BUA has changed any SSRC of RTP streams addressed in a 346 TOKEN packet, it MUST update the SSRC identifiers in the message. 347 This includes the Packet Sender SSRC, which MUST be rewritten with 348 the one the B2BUA uses to send RTP packets to each sender 349 participant, and the Requesting Client SSRC when the message is a 350 response, which MUST be rewritten using the related sender 351 participant(s) SSRC. 353 Feedback messages: [RFC4585] 354 All Feedback messages have a common packet format, which includes 355 the SSRC identifier of the packet sender and the SSRC identifier 356 of the media source the feedack is related to. Just as described 357 for the previous messages, these SSRC identifiers MUST be updated 358 in the message if the B2BUA has changed the SSRC of the RTP 359 streams addressed there. It MUST NOT, though, change a media 360 source SSRC that was originally set to zero, unless zero is 361 actually the SSRC that was chosen by one of the involved 362 endpoints, in which case the above mentioned rules as to SSRC 363 rewriting apply. Considering that many feedback messages also 364 include additional data as part of their specific Feedback Control 365 Information (FCI), a media-aware B2BUA MUST take care of them 366 accordingly, if it can parse and regenerate them, according to the 367 following guidelines: 369 NACK: [RFC4585] 370 A media-aware B2BUA MUST properly rewrite the Packet ID (PID) 371 of all addressed lost packets in the NACK FCI if it changed the 372 RTP sequence numbers. 374 TMMBR/TMMBN/FIR/TSTR/TSTN/VBCM: [RFC5104] 375 A media-aware B2BUA MUST properly rewrite the additional SSRC 376 identifier in the specific FCI, if it changed the related RTP 377 SSRC of the media sender. 379 REMB: [I-D.alvestrand-rmcat-remb] 380 A media-aware B2BUA MUST properly rewrite the additional SSRC 381 identifier(s) in REMB packets, if it changed the related RTP 382 SSRC of the media sender. 384 Explicit Congestion Notification (ECN): [RFC6679] 385 The same guidelines given for SR/RR management apply, 386 considering the presence of sequence numbers in the ECN 387 Feedback Report format. For what concerns the management of 388 RTCP XR ECN Summary Report messages, the same guidelines given 389 for generic XR messages apply. 391 Apart from the generic guidelines related to Feedback messages, no 392 additional modifications are needed for PLI, SLI and RPSI feedback 393 messages. 395 Of course, the same considerations about the need for SDP and RTP/ 396 RTCP information to be coherent applies to media-aware B2BUAs. This 397 means that, if a B2BUA changes any SSRC, it MUST update the related 398 'ssrc' attributes, if present, before sending it to the recipient. 399 Besides, it MUST rewrite the 'rtcp' attribute if provided. At the 400 same time, while a media-aware B2BUA is typically able to inspect/ 401 modify RTCP messages, it may not support all RTCP messages. This 402 means that a B2BUA may choose to drop RTCP messages it can't parse. 403 In that case, a media-aware B2BUA MUST advertize its RTCP level of 404 support in the SDP in a coherent way, in order to prevent, for 405 instance, a UAC to from sending NACK messages that would never reach 406 the intended recipients. It's important to point out that, in case a 407 compound RTCP packet was received and any RTCP message in it needs to 408 be dropped, then the B2BUA SHOULD NOT drop the whole compound RTCP 409 packet, but only the selected messages. 411 A different set of considerations is worthwhile for what concerns 412 RTP/RTCP multiplexing [RFC5761] and Reduced-Size RTCP [RFC5506]. 413 While the former allows for a better management of network resources 414 by multiplexing RTP packets and RTCP messages over the same 415 transport, the latter allows for a compression of RTCP messages, thus 416 leading to less network traffic. For what concerns RTP/RTCP 417 multiplexing, a B2BUA acting as a Media Relay may use it on either 418 RTP session independently. This means that, for instance, a Media 419 Relay B2BUA may use RTP/RTCP multiplexing on one side of the 420 communication, and not use it on the other side, if the endpoint does 421 not support it. This allows for a better management of network 422 resources on the side that does support it. In case any of the 423 parties in the communications supports it and the B2BUA does too, the 424 related 'rtcp-mux' SDP attribute MUST be forwarded on the other 425 side(s). If the B2BUA detects that any of the parties in the 426 communication do not support the feature, it may decide to either 427 disable it entirely or still advertize it for the RTP sessions with 428 parties that do support it. In case the B2BUA decides to involve 429 RTP/RTCP multiplexing, it MUST ensure that there are no conflicting 430 RTP payload type numbers on either side. When there are, it MUST 431 rewrite RTP payload type numbers to prevent conflicts in the session 432 where the RTP/RTCP multiplexing is applied. Should RTP payload types 433 be rewritten, the related information in the SDP MUST be updated 434 accordingly. 436 For what concerns Reduced-Size RTCP, instead, the considerations are 437 a bit different. In fact, while a Media Relay B2BUA may choose to 438 use it on the side that supports it and not on the side that doesn't, 439 there are other aspects to take into account before doing so. While 440 Reduced-Size allows indeed for less network traffic related to RTCP 441 messaging in general, this gain may lead a Reduced-Size RTCP 442 implementation to also issue a higher rate of RTCP feedback messages. 443 This would result in an increased RTCP traffic on the side that does 444 not support Reduced-Size, and could as a consequence be actually 445 counterproductive if the available bandwidth is different on the two 446 sides. That said, the B2BUA can choose whether or not to advertize 447 support for Reduced-Size RTCP on either side by means of the 'rtcp- 448 rsize' SDP attribute. Negotiating a session with both sides would 449 allow the B2BUA to discover which one supports Reduced-Size and which 450 doesn't, and in case decide whether to allow the sides to 451 independently use Reduced-Size or not. Should the B2BUA decide to 452 disable the feature on all sides, it MUST NOT advertize support for 453 the Reduced-Size RTCP functionality on either side, by removing the 454 'rtcp-rsize' attribute from the SDP. 456 3.3. Media Terminator 458 A Media Terminator B2BUA, unlike simple relays and media-aware ones, 459 is also able to terminate media itself. As such, it can inspect and/ 460 or modify RTP payloads as well. This means that such components, for 461 instance, can act as media transcoders and/or originate specific RTP 462 media. Using the RTP Topologies terminology, this can be seen as a 463 RTP Media Translator. Such a topology can also be seen as a Back-to- 464 back RTP sessions through a Middlebox, as described in Section 3.2.2 465 of [RFC7667]. Such a capability makes them quite different from the 466 previously introduced B2BUA typologies. Since such a B2BUA would 467 terminate RTP itself, it can take care of the related statistics and 468 feedback functionality directly, with no need to simply relay any 469 message between the participants in the multimedia session. 471 For this reason, no specific guideline is needed to ensure a proper 472 end-to-end RTCP behaviour in such scenarios, mostly because most of 473 the times there would be no end-to-end RTCP interaction among the 474 involved participants in the first place. Nevertheless, should any 475 RTCP message actually need to be forwarded to another participant in 476 the multimedia session, the same guidelines provided for the media- 477 aware B2BUA case apply. 479 For what concerns RTP/RTCP multiplexing support, the same 480 considerations already given for the Media Relay management also 481 apply for a Media Terminator. Some different considerations might be 482 given as to the Reduced-Size RTCP functionality, instead. In fact, 483 in the Media Terminator case it is safe to use the feature 484 independently on each side, as the B2BUA would terminate RTCP. In 485 that case, the B2BUA SHOULD advertize and negotiate support for 486 Reduced-Size if available, and MUST NOT otherwise. 488 4. IANA Considerations 490 This document makes no request of IANA. 492 5. Security Considerations 494 This document, does not introduce any additional consideration to 495 those described by the aforementioned standard documents. There are 496 some aspects related to security that should be highlighted, though. 498 The discussion made in the previous sections on the management of 499 RTCP messages by a B2BUA worked under the assumption that the B2BUA 500 has actually access to the RTP/RTCP information itself. This is 501 indeed true if we assume that plain RTP and RTCP is being handled, 502 but may not be once any security is enforced on RTP packets and RTCP 503 messages by means of SRTP [RFC3711]. 505 While typically not an issue in the Media Relay case, where RTP and 506 RTCP packets are forwarded without any modification no matter whether 507 security is involved or not, this could definitely have an impact on 508 Media-aware Relays and Media Terminator B2BUAs. To make a simple 509 example, if we envisage a SRTP/SRTCP session across a B2BUA, where 510 the B2BUA itself has no access to the keys used to secure the 511 session, there would be no way to manipulate SRTP headers without 512 violating the hashing on the packet. At the same time, there would 513 be no way to rewrite the RTCP information accordingly either. 515 For this reason, it is important to point out that the operations 516 described in the previous sections are only possible if the B2BUA has 517 a way to effectively manipulate the packets and messages flowing by. 518 This means that, when media security is involved, only the Media- 519 unaware Relay scenario can be properly addressed. Attempting to 520 cover Media-aware Relay and Media Termination scenarios when 521 involving secure sessions will inevitably lead to the B2BUA acting as 522 a man-in-the-middle, and consequently its behaviour is unspecified 523 and discouraged. More considerations on this are provided in 524 [I-D.ietf-straw-b2bua-dtls-srtp]. 526 It is also worth pointing out that there are scenarios where an 527 improper management of RTCP messaging across a B2BUA may lead, 528 willingly or not, to situations not unlike an attack. To make a 529 simple example, an improper management of a REMB feedback message 530 containing, e.g., information on the limited bandwidth availability 531 for a user, may lead to missing or misleading information to its 532 peer. This may cause the peer to increase the encoder bitrate, maybe 533 up to a point where a user with poor connectivity will inevitably be 534 choked by an amount of data it cannot process. This scenario may 535 thus result in what looks like a Denial of Service (DOS) attack 536 towards the user. 538 6. Change Summary 540 Note to RFC Editor: Please remove this whole section. 542 The following are the major changes between the 10 and the 11 543 versions of the draft: 545 o Addressed Ben's second review. 547 The following are the major changes between the 09 and the 10 548 versions of the draft: 550 o Replaced references to obsoleted RFC 5117 with [RFC7667]. 552 o Made reference to [RFC7656] normative. 554 o Clarified text across the whole document to address Ben's review. 556 The following are the major changes between the 08 and the 09 557 versions of the draft: 559 o Updated references to documents which have become RFC in the 560 meanwhile, [RFC7667] and [RFC7656]. 562 The following are the major changes between the 06 and the 07 563 versions of the draft: 565 o Clarified the suggested changed by Colin Perkins on the management 566 of CNAME items in SDES, and added reference to [RFC7022]. 568 o Addressed comment by Simon Perreault on CNAME collisions 569 management. 571 The following are the major changes between the 05 and the 06 572 versions of the draft: 574 o Addressed comment by Colin Perkins on the management of CNAME 575 items in SDES. 577 The following are the major changes between the 04 and the 05 578 versions of the draft: 580 o Clarified behaviour when SSRC is zero. 582 o Fixed a couple of nits found by the Idnits tool. 584 The following are the major changes between the 03 and the 04 585 versions of the draft: 587 o Addressed review by Magnus Westerlund. 589 o Added guidelines for ECN RTCP messages. 591 o Clarified that if an RTCP message is dropped because unsupported, 592 only the unsupported packet is dropped and not the compound packet 593 that contains it. 595 o Added reference to Section 3.2.2 of [RFC7667] to Section 3.3. 597 o Added considerations on RTP/RTCP multiplexing and Reduced-Size 598 RTCP. 600 The following are the major changes between the 02 and the 03 601 versions of the draft: 603 o Rephrased the Media Path Security section to take into account the 604 MITM-related discussion in Honolulu. 606 o Added some Security Considerations. 608 The following are the major changes between the 01 and the 02 609 versions of the draft: 611 o Updated terminology to better adhere to [RFC7656]. 613 o Rephrased the Media Path Security section to take into account the 614 MITM-related discussion in Toronto. 616 o Clarified that NACK management might be trickier when SRTP is 617 involved. 619 The following are the major changes between the 00 and the 01 620 versions of the draft: 622 o Updated references and mapping per taxonomy RFC (7092). 624 o Added a reference to RTP topologies, and tried a mapping as per- 625 discussion in London. 627 o Added more RTCP message types to the Media-Aware section. 629 o Clarified that fixing the 'rtcp' SDP attribute is important. 631 o Added a new section on the impact of media security. 633 7. Acknowledgements 635 The authors would like to thank Flavio Battimo and Pierluigi Palma 636 for their invaluable feedback in the early stages of the document. 637 The authors would also like to thank Colin Perkins, Bernard Aboba, 638 Albrecht Schwarz, Hadriel Kaplan, Keith Drage, Jonathan Lennox, 639 Stephen Farrell, Magnus Westerlund and Simon Perreault for their 640 constructive comments, suggestions, and reviews that were critical to 641 the formulation and refinement of this document. 643 8. References 645 8.1. Normative References 647 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 648 Requirement Levels", BCP 14, RFC 2119, 649 DOI 10.17487/RFC2119, March 1997, 650 . 652 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 653 A., Peterson, J., Sparks, R., Handley, M., and E. 654 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 655 DOI 10.17487/RFC3261, June 2002, 656 . 658 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 659 Description Protocol", RFC 4566, DOI 10.17487/RFC4566, 660 July 2006, . 662 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 663 with Session Description Protocol (SDP)", RFC 3264, 664 DOI 10.17487/RFC3264, June 2002, 665 . 667 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. 668 Jacobson, "RTP: A Transport Protocol for Real-Time 669 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550, 670 July 2003, . 672 [RFC7656] Lennox, J., Gross, K., Nandakumar, S., Salgueiro, G., and 673 B. Burman, Ed., "A Taxonomy of Semantics and Mechanisms 674 for Real-Time Transport Protocol (RTP) Sources", RFC 7656, 675 DOI 10.17487/RFC7656, November 2015, 676 . 678 8.2. Informative References 680 [RFC7092] Kaplan, H. and V. Pascual, "A Taxonomy of Session 681 Initiation Protocol (SIP) Back-to-Back User Agents", 682 RFC 7092, DOI 10.17487/RFC7092, December 2013, 683 . 685 [RFC7667] Westerlund, M. and S. Wenger, "RTP Topologies", RFC 7667, 686 DOI 10.17487/RFC7667, November 2015, 687 . 689 [I-D.alvestrand-rmcat-remb] 690 Alvestrand, H., "RTCP message for Receiver Estimated 691 Maximum Bitrate", draft-alvestrand-rmcat-remb-03 (work in 692 progress), October 2013. 694 [RFC4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, 695 "Extended RTP Profile for Real-time Transport Control 696 Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585, 697 DOI 10.17487/RFC4585, July 2006, 698 . 700 [RFC5104] Wenger, S., Chandra, U., Westerlund, M., and B. Burman, 701 "Codec Control Messages in the RTP Audio-Visual Profile 702 with Feedback (AVPF)", RFC 5104, DOI 10.17487/RFC5104, 703 February 2008, . 705 [RFC5576] Lennox, J., Ott, J., and T. Schierl, "Source-Specific 706 Media Attributes in the Session Description Protocol 707 (SDP)", RFC 5576, DOI 10.17487/RFC5576, June 2009, 708 . 710 [RFC3605] Huitema, C., "Real Time Control Protocol (RTCP) attribute 711 in Session Description Protocol (SDP)", RFC 3605, 712 DOI 10.17487/RFC3605, October 2003, 713 . 715 [RFC3611] Friedman, T., Ed., Caceres, R., Ed., and A. Clark, Ed., 716 "RTP Control Protocol Extended Reports (RTCP XR)", 717 RFC 3611, DOI 10.17487/RFC3611, November 2003, 718 . 720 [RFC5760] Ott, J., Chesterfield, J., and E. Schooler, "RTP Control 721 Protocol (RTCP) Extensions for Single-Source Multicast 722 Sessions with Unicast Feedback", RFC 5760, 723 DOI 10.17487/RFC5760, February 2010, 724 . 726 [RFC6284] Begen, A., Wing, D., and T. Van Caenegem, "Port Mapping 727 between Unicast and Multicast RTP Sessions", RFC 6284, 728 DOI 10.17487/RFC6284, June 2011, 729 . 731 [RFC6679] Westerlund, M., Johansson, I., Perkins, C., O'Hanlon, P., 732 and K. Carlberg, "Explicit Congestion Notification (ECN) 733 for RTP over UDP", RFC 6679, DOI 10.17487/RFC6679, August 734 2012, . 736 [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 737 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 738 RFC 3711, DOI 10.17487/RFC3711, March 2004, 739 . 741 [RFC5761] Perkins, C. and M. Westerlund, "Multiplexing RTP Data and 742 Control Packets on a Single Port", RFC 5761, 743 DOI 10.17487/RFC5761, April 2010, 744 . 746 [RFC5506] Johansson, I. and M. Westerlund, "Support for Reduced-Size 747 Real-Time Transport Control Protocol (RTCP): Opportunities 748 and Consequences", RFC 5506, DOI 10.17487/RFC5506, April 749 2009, . 751 [RFC7022] Begen, A., Perkins, C., Wing, D., and E. Rescorla, 752 "Guidelines for Choosing RTP Control Protocol (RTCP) 753 Canonical Names (CNAMEs)", RFC 7022, DOI 10.17487/RFC7022, 754 September 2013, . 756 [I-D.ietf-straw-b2bua-dtls-srtp] 757 R, R., Reddy, T., Salgueiro, G., Pascual, V., and P. 758 Ravindran, "DTLS-SRTP Handling in Session Initiation 759 Protocol (SIP) Back-to-Back User Agents (B2BUAs)", draft- 760 ietf-straw-b2bua-dtls-srtp-12 (work in progress), April 761 2016. 763 Authors' Addresses 765 Lorenzo Miniero 766 Meetecho 768 Email: lorenzo@meetecho.com 770 Sergio Garcia Murillo 771 Medooze 773 Email: sergio.garcia.murillo@gmail.com 775 Victor Pascual 776 Quobis 778 Email: victor.pascual@quobis.com