idnits 2.17.1 draft-ietf-straw-b2bua-rtcp-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 31, 2016) is 2727 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 4566 (Obsoleted by RFC 8866) ** Downref: Normative reference to an Informational RFC: RFC 7656 Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 STRAW Working Group L. Miniero 3 Internet-Draft Meetecho 4 Intended status: Standards Track S. Garcia Murillo 5 Expires: May 4, 2017 Medooze 6 V. Pascual 7 Oracle 8 October 31, 2016 10 Guidelines to support RTCP end-to-end in Back-to-Back User Agents 11 (B2BUAs) 12 draft-ietf-straw-b2bua-rtcp-15 14 Abstract 16 SIP Back-to-Back User Agents (B2BUAs) are often designed to also be 17 on the media path, rather than just intercepting signalling. This 18 means that B2BUAs often implement an RTP/RTCP stack as well, thus 19 leading to separate multimedia sessions that the B2BUA correlates and 20 bridges together. If not disciplined, though, this behaviour can 21 severely impact the communication experience, especially when 22 statistics and feedback information contained in RTCP messages get 23 lost because of mismatches in the reported data. 25 This document defines the proper behaviour B2BUAs should follow when 26 also acting on the signalling/media plane in order to preserve the 27 end-to-end functionality of RTCP. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on May 4, 2017. 46 Copyright Notice 48 Copyright (c) 2016 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 3. Signalling/Media Plane B2BUAs . . . . . . . . . . . . . . . . 4 66 3.1. Media Relay . . . . . . . . . . . . . . . . . . . . . . . 5 67 3.2. Media-aware Relay . . . . . . . . . . . . . . . . . . . . 6 68 3.3. Media Terminator . . . . . . . . . . . . . . . . . . . . 10 69 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 70 5. Security Considerations . . . . . . . . . . . . . . . . . . . 11 71 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 72 7. Change Summary . . . . . . . . . . . . . . . . . . . . . . . 12 73 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 75 9.1. Normative References . . . . . . . . . . . . . . . . . . 15 76 9.2. Informative References . . . . . . . . . . . . . . . . . 15 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 79 1. Introduction 81 Session Initiation Protocol [RFC3261] Back-to-Back User Agents 82 (B2BUAs) are SIP entities that can act as a logical combination of 83 both a User Agent Server (UAS) and a User Agent Client (UAC). As 84 such, their behaviour is not always completely adherent to the 85 standards, and can lead to unexpected situations. [RFC7092] presents 86 a taxonomy of the most commonly deployed B2BUA implementations, 87 describing how they differ in terms of the functionality and features 88 they provide. 90 Such components often do not only act on the signalling plane, that 91 is intercepting and possibly modifying SIP messages, but also on the 92 media plane. This means that, in order to receive and manage all RTP 93 and RTCP [RFC3550] packets in a session, these components also 94 manipulate the session descriptions [RFC4566] in the related offer/ 95 answer exchanges [RFC3264]. The reasons for such a behaviour can be 96 different. The B2BUA may want, for instance, to provide transcoding 97 functionality for participants with incompatible codecs, or it may 98 need the traffic to be directly handled for different reasons like 99 billing, lawful interception, session recording and so on. This can 100 lead to several different topologies for RTP-based communication, as 101 documented in [RFC7667]. 103 Whatever the reason, such a behaviour does not come without a cost. 104 In fact, whenever a media-aware component is placed on the path 105 between two or more participants that want to communicate by means of 106 RTP/RTCP, the end-to-end nature of such protocols is broken. While 107 this may not be a problem for RTP packets, which can be quite easily 108 relayed, it definitely can cause serious issue for RTCP messages, 109 which carry important information and feedback on the communication 110 quality the participants are experiencing. Consider, for instance, 111 the simple scenario only involving two participants and a single RTP 112 session depicted in Figure 1: 114 +--------+ +---------+ +---------+ 115 | |=== SSRC1 ===>| |=== SSRC3 ===>| | 116 | Alice | | B2BUA | | Bob | 117 | |<=== SSRC2 ===| |<=== SSRC4 ===| | 118 +--------+ +---------+ +---------+ 120 Figure 1: B2BUA modifying RTP headers 122 In this common scenario, a participant (Alice) is communicating with 123 another participant (Bob) as a result of a signalling session managed 124 by a B2BUA: this B2BUA is also on the media path between the two, and 125 is acting as a media relay. This means that two separate RTP 126 sessions are involved (one per side), each carrying two RTP streams 127 (one per media direction). As part of this process, though, the 128 B2BUA is also rewriting some of the RTP header information on the 129 way. In this example, just the SSRC of the incoming RTP streams is 130 changed, but more information may be modified as well (e.g., sequence 131 numbers, timestamps, etc.). In particular, whenever Alice sends an 132 RTP packet, she sets her SSRC (SSRC1) in the RTP header of her RTP 133 source stream. The B2BUA rewrites the SSRC (SSRC3) before relaying 134 the packet to Bob. At the same time, RTP packets sent by Bob (SSRC4) 135 get their SSRC rewritten as well (SSRC2) before being relayed to 136 Alice. 138 Assuming now that Alice needs to inform Bob she has lost several 139 packets in the last few seconds, she will place the related received 140 RTP stream SSRC she is aware of (SSRC2), together with her own 141 (SSRC1), in RTCP Reports and/or NACKs. Since the B2BUA is making use 142 of different SSRCs for the RTP streams in the RTP session it 143 established with each participant, blindly relaying Alice's incoming 144 RTCP messages to Bob would cause issues. These RTCP messages would 145 reference SSRCs Bob doesn't know about, which would result in 146 precious feedback being dropped. In fact, Bob is only aware of SSRCs 147 SSRC4 (the one his source RTP stream uses) and SSRC3 (the one he's 148 receiving from the B2BUA in the received RTP stream), and knows 149 nothing about SSRCs SSRC1 and SSRC2 in the messages he received 150 instead. Considering the feedback being dropped because of this may 151 contain precious information, e.g., related to packet loss, 152 congestion, and other network issues or considerations, the inability 153 to take them into account may lead to severe issues. For instance, 154 Bob may flood Alice with more media packets she can handle, and/or 155 not retransmit Alice the packets she missed and asked for. This may 156 easily lead to a very bad communication experience, if not eventually 157 to an unwanted termination of the communication itself. 159 This is just a trivial example that, together with additional 160 scenarios, will be addressed in the following sections. 161 Nevertheless, it is a valid example of how such a simple mishandling 162 of precious information may lead to serious consequences. This is 163 especially true if we picture more complex scenarios involving 164 several participants at the same time, multiple RTP sessions (e.g., a 165 video stream along audio) rather than a single one, redundancy RTP 166 streams, SSRC multiplexing and so on. Considering how common B2BUA 167 deployments are, it is very important for them to properly address 168 RTCP messages, in order to be sure that their activities on the media 169 plane do not break or interfere with anything relevant to the 170 session. 172 2. Terminology 174 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 175 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 176 document are to be interpreted as described in [RFC2119]. 178 Besides, this document addresses, where relevant, the RTP-related 179 terminology as disciplined in [RFC7656]. 181 3. Signalling/Media Plane B2BUAs 183 As described in the introductory section, it's very common for B2BUA 184 deployments to also act on the media plane, rather than just 185 signalling alone. In particular, [RFC7092] describes three different 186 categories of such B2BUAs: a B2BUA, in fact, may act as a simple 187 media relay (1), effectively unaware of anything that is transported; 188 it may be a media-aware relay (2), also inspecting and/or modifying 189 RTP and RTCP messages as they flow by; or it may be a full-fledged 190 media termination entity (3), terminating and generating RTP and RTCP 191 messages as needed. 193 [RFC3550] and [RFC7667] already mandate some specific behaviours in 194 the presence of certain topologies. Anyway, due to their mixed 195 nature B2BUAs sometimes can't or won't implement all relevant 196 specifications. This means that it's not rare to encounter issues 197 that may be avoided with a more disciplined behaviour in that regard, 198 that is if the B2BUAs followed at least a set of guidelines to ensure 199 no known problems occur. For this reason, the following subsections 200 will describe the proper behaviour B2BUAs, whatever above category 201 they fall in, should follow in order not to impact any end-to-end 202 RTCP effectiveness. 204 3.1. Media Relay 206 A media relay, as identified in [RFC7092], simply forwards all RTP 207 and RTCP messages it receives, without either inspecting or modifying 208 them. Using the RTP Topologies terminology, this can be seen as a 209 RTP Transport Translator. As such, B2BUA acting as media relays are 210 not aware of what traffic they're handling. This means that both 211 packet payloads and packet headers are opaque to them. Many Session 212 Border Controllers (SBC) implement this kind of behaviour, e.g., when 213 acting as a bridge between an inner and outer network. 215 Considering all headers and identifiers in both RTP and RTCP are left 216 untouched, issues like the SSRC mismatch described in the previous 217 section would not occur. Similar problems could still happen, 218 though, for different reasons, as for instance if the session 219 description prepared by the B2BUA, whether it has been modified or 220 not, ends up providing incorrect information. This may happen, for 221 example, if the SDP on either side contains 'ssrc' [RFC5576] 222 attributes that don't match the actual SSRC being advertized on the 223 media plane, or when the B2BUA advertized support for NACK because it 224 implements it, while the original INVITE didn't. Such issues might 225 occur, for instance, when the B2BUA acting as a media relay is 226 generating a new session description when bridging an incoming call, 227 rather than using the original session description. This may cause 228 participants to find a mismatch between the SSRCs advertized in the 229 SDP and the ones actually observed in RTP and RTCP messages, or to 230 have them either ignore or generate RTCP feedback packets that were 231 not explicitly advertized as supported. 233 In order to prevent such an issue, a media-relay B2BUA SHOULD forward 234 all the SSRC- and RTCP-related SDP attributes when handling a 235 multimedia session setup between participants: this includes 236 attributes like 'ssrc' [RFC3261], 'rtcp-fb' [RFC4585], 'rtcp-xr- 237 attrib' [RFC3611] and others. However, certain SDP attributes may 238 lead to call failures when forwarded by a media relay. Such 239 attributes SHOULD NOT be forwarded. One notable example is the 240 'rtcp' [RFC3605] attribute, that UAC may make use of to explicitly 241 state the port they're willing to use for RTCP. Considering the 242 B2BUA would relay RTCP messages, the port as seen by the other UAC 243 involved in the communication would differ from the one negotiated 244 originally, and it MUST be rewritten accordingly. Apart from the 245 mentioned attributes, B2BUAs SHOULD forward all other SDP attributes 246 they don't have a reason not to forward, in order to avoid breaking 247 additional functionality endpoints may be relying on. 249 It is worth mentioning that, leaving RTCP messages untouched, a media 250 relay may also leak information that, according to policies, may need 251 to be hidden or masqueraded, e.g., domain names in CNAME items. 252 Besides, these CNAME items may actually contain IP addresses: this 253 means that, should a NAT be involved in the communication, this may 254 actually result in CNAME collisions, which could indeed break the 255 end-to-end RTCP behaviour. While [RFC7022] can prevent this from 256 happening, there may be implementations that don't make use of it. 257 As such, a B2BUA MAY rewrite CNAME items if any potential collision 258 is detected, even in the Media Relay case. If a B2BUA does indeed 259 decide to rewrite CNAME items, though, then it MUST generate new 260 CNAMEs following [RFC7022]. 262 3.2. Media-aware Relay 264 A Media-aware relay, unlike the the Media Relay addressed in the 265 previous section, is aware of the media traffic it is handling. This 266 means it inspects RTP and RTCP messages flowing by, and may even 267 modify their headers. Using the RFC3550 terminology, this can be 268 seen as a RTP Translator. A B2BUA implementing this role, though, 269 typically does not inspect the RTP payloads, which would be opaque to 270 them: this means that the actual media would not be manipulated (e.g, 271 transcoded). 273 This makes them quite different from the Media Relay previously 274 discussed, especially in terms of the potential issues that may occur 275 at the RTCP level. In fact, being able to modify the RTP and RTCP 276 headers, such B2BUAs may end up modifying RTP related information 277 like SSRC/CSRC, sequence numbers, timestamps and others in an RTP 278 stream, before forwarding the modified packets to the other 279 interested participants. This means that, if not properly 280 disciplined, such a behaviour may easily lead to issues like the one 281 described in the introductory section. For this reason, it is very 282 important for a B2BUA modifying RTP-related information across two 283 related RTP streams to also modify, in a coherent way, the same 284 information in RTCP messages. 286 It is worthwile to point out that such a B2BUA may not necessarily 287 forward all the packets it receives, though. Selective Forwarding 288 Units (SFU) [RFC7667], for instance, may aggregate or drop incoming 289 RTCP messages, while at the same time originating new ones on their 290 own. For the messages that are forwarded and/or aggregated, though, 291 it's important to make sure the information is coherent. 293 Besides the behaviour already mandated for RTCP translators in 294 Section 7.2 of [RFC3550], a media-aware B2BUA MUST handle incoming 295 RTCP messages to forward following this guideline: 297 SR: [RFC3550] 298 If the B2BUA has changed the SSRC of the sender RTP stream a 299 Sender Report refers to, it MUST update the SSRC in the SR packet 300 header as well. If the B2BUA has changed the SSRCs of other RTP 301 streams too, and any of these streams are addressed in any of the 302 SR report blocks, it MUST update the related values in the SR 303 report blocks as well. If the B2BUA has also changed the base RTP 304 sequence number when forwarding RTP packets, then this change 305 needs to be properly addressed in the 'extended highest sequence 306 number received' field in the Report Blocks. 308 RR: [RFC3550] 309 The same guidelines given for SR apply for RR as well. 311 SDES: [RFC3550] 312 If the B2BUA has changed the SSRC of any RTP stream addressed in 313 any of the chunks of an incoming SDES message, it MUST update the 314 related SSRCs in all the chunks. The same considerations made 315 with respect to CNAME collisions at the end of Section 3.1 apply 316 here as well. 318 BYE: [RFC3550] 319 If the B2BUA has changed the SSRC of any RTP stream addressed in 320 the SSRC/CSRC identifiers included in a BYE packet, it MUST update 321 them in the message. 323 APP: [RFC3550] 324 If the B2BUA has changed the SSRC of any RTP stream addressed in 325 the header of an APP packet, it MUST update the identifier in the 326 message. Should the B2BUA be aware of any specific APP message 327 format that contains additional information related to SSRCs, it 328 SHOULD update them as well accordingly. 330 Extended Reports (XR): [RFC3611] 331 If the B2BUA has changed the SSRC of the RTP stream associated 332 with the originator of an XR packet, it MUST update the SSRC in 333 the XR message header. The same guidelines given for SR/RR, with 334 respect to SSRC identifiers in report blocks, apply for all the 335 Report Block types in the XR message as well. If the B2BUA has 336 also changed the base RTP sequence number when forwarding RTP 337 packets, then this change needs to be properly addressed in the 338 'begin_seq' and 'end_seq' fields that are available in most of the 339 Report Block types that are part of the XR specification. 341 Receiver Summary Information (RSI): [RFC5760] 342 If the B2BUA has changed any SSRC of RTP streams addressed in a 343 RSI packet, it MUST update the SSRC identifiers in the message. 344 This includes the distribution source SSRC, which MUST be 345 rewritten with the one the B2BUA uses to send RTP packets to each 346 sender participant, the summarized SSRC and, when a Collision Sub- 347 Report Block is available, the SSRCs in the related list. 349 Port Mapping (TOKEN): [RFC6284] 350 If the B2BUA has changed any SSRC of RTP streams addressed in a 351 TOKEN packet, it MUST update the SSRC identifiers in the message. 352 This includes the Packet Sender SSRC, which MUST be rewritten with 353 the one the B2BUA uses to send RTP packets to each sender 354 participant, and the Requesting Client SSRC when the message is a 355 response, which MUST be rewritten using the related sender 356 participant(s) SSRC. 358 Feedback messages: [RFC4585] 359 All Feedback messages have a common packet format, which includes 360 the SSRC identifier of the packet sender and the SSRC identifier 361 of the media source the feedack is related to. Just as described 362 for the previous messages, these SSRC identifiers MUST be updated 363 in the message if the B2BUA has changed the SSRC of the RTP 364 streams addressed there. It MUST NOT, though, change a media 365 source SSRC that was originally set to zero, unless zero is 366 actually the SSRC that was chosen by one of the involved 367 endpoints, in which case the above mentioned rules as to SSRC 368 rewriting apply. Considering that many feedback messages also 369 include additional data as part of their specific Feedback Control 370 Information (FCI), a media-aware B2BUA MUST take care of them 371 accordingly, if it can parse and regenerate them, according to the 372 following guidelines: 374 NACK: [RFC4585] 375 A media-aware B2BUA MUST properly rewrite the Packet ID (PID) 376 of all addressed lost packets in the NACK FCI if it changed the 377 RTP sequence numbers. 379 TMMBR/TMMBN/FIR/TSTR/TSTN/VBCM: [RFC5104] 380 A media-aware B2BUA MUST properly rewrite the additional SSRC 381 identifier in the specific FCI, if it changed the related RTP 382 SSRC of the media sender. 384 REMB: [I-D.alvestrand-rmcat-remb] 385 A media-aware B2BUA MUST properly rewrite the additional SSRC 386 identifier(s) in REMB packets, if it changed the related RTP 387 SSRC of the media sender. 389 Explicit Congestion Notification (ECN): [RFC6679] 390 The same guidelines given for SR/RR management apply, 391 considering the presence of sequence numbers in the ECN 392 Feedback Report format. For what concerns the management of 393 RTCP XR ECN Summary Report messages, the same guidelines given 394 for generic XR messages apply. 396 Apart from the generic guidelines related to Feedback messages, no 397 additional modifications are needed for PLI, SLI and RPSI feedback 398 messages. 400 Of course, the same considerations about the need for SDP and RTP/ 401 RTCP information to be coherent applies to media-aware B2BUAs. This 402 means that, if a B2BUA changes any SSRC, it MUST update the related 403 'ssrc' attributes, if present, before sending it to the recipient. 404 Besides, it MUST rewrite the 'rtcp' attribute if provided. At the 405 same time, while a media-aware B2BUA is typically able to inspect/ 406 modify RTCP messages, it may not support all RTCP messages. This 407 means that a B2BUA may choose to drop RTCP messages it can't parse. 408 In that case, a media-aware B2BUA MUST advertize its RTCP level of 409 support in the SDP in a coherent way, in order to prevent, for 410 instance, a UAC to from sending NACK messages that would never reach 411 the intended recipients. It's important to point out that, in case a 412 compound RTCP packet was received and any RTCP message in it needs to 413 be dropped, then the B2BUA SHOULD NOT drop the whole compound RTCP 414 packet, but only the selected messages. 416 A different set of considerations is worthwhile for what concerns 417 RTP/RTCP multiplexing [RFC5761] and Reduced-Size RTCP [RFC5506]. 418 While the former allows for a better management of network resources 419 by multiplexing RTP packets and RTCP messages over the same 420 transport, the latter allows for a compression of RTCP messages, thus 421 leading to less network traffic. For what concerns RTP/RTCP 422 multiplexing, a B2BUA acting as a Media Relay may use it on either 423 RTP session independently. This means that, for instance, a Media 424 Relay B2BUA may use RTP/RTCP multiplexing on one side of the 425 communication, and not use it on the other side, if the endpoint does 426 not support it. This allows for a better management of network 427 resources on the side that does support it. In case any of the 428 parties in the communications supports it and the B2BUA does too, the 429 related 'rtcp-mux' SDP attribute MUST be forwarded on the other 430 side(s). If the B2BUA detects that any of the parties in the 431 communication do not support the feature, it may decide to either 432 disable it entirely or still advertize it for the RTP sessions with 433 parties that do support it. In case the B2BUA decides to involve 434 RTP/RTCP multiplexing, it MUST ensure that there are no conflicting 435 RTP payload type numbers on either side. When there are, it MUST 436 rewrite RTP payload type numbers to prevent conflicts in the session 437 where the RTP/RTCP multiplexing is applied. Should RTP payload types 438 be rewritten, the related information in the SDP MUST be updated 439 accordingly. 441 For what concerns Reduced-Size RTCP, instead, the considerations are 442 a bit different. In fact, while a Media Relay B2BUA may choose to 443 use it on the side that supports it and not on the side that doesn't, 444 there are other aspects to take into account before doing so. While 445 Reduced-Size allows indeed for less network traffic related to RTCP 446 messaging in general, this gain may lead a Reduced-Size RTCP 447 implementation to also issue a higher rate of RTCP feedback messages. 448 This would result in an increased RTCP traffic on the side that does 449 not support Reduced-Size, and could as a consequence be actually 450 counterproductive if the available bandwidth is different on the two 451 sides. That said, the B2BUA can choose whether or not to advertize 452 support for Reduced-Size RTCP on either side by means of the 'rtcp- 453 rsize' SDP attribute. Negotiating a session with both sides would 454 allow the B2BUA to discover which one supports Reduced-Size and which 455 doesn't, and in case decide whether to allow the sides to 456 independently use Reduced-Size or not. Should the B2BUA decide to 457 disable the feature on all sides, it MUST NOT advertize support for 458 the Reduced-Size RTCP functionality on either side, by removing the 459 'rtcp-rsize' attribute from the SDP. 461 3.3. Media Terminator 463 A Media Terminator B2BUA, unlike simple relays and media-aware ones, 464 is also able to terminate media itself. As such, it can inspect and/ 465 or modify RTP payloads as well. This means that such components, for 466 instance, can act as media transcoders and/or originate specific RTP 467 media. Using the RTP Topologies terminology, this can be seen as a 468 RTP Media Translator. Such a topology can also be seen as a Back-to- 469 back RTP sessions through a Middlebox, as described in Section 3.2.2 470 of [RFC7667]. Such a capability makes them quite different from the 471 previously introduced B2BUA typologies. Since such a B2BUA would 472 terminate RTP itself, it can take care of the related statistics and 473 feedback functionality directly, with no need to simply relay any 474 message between the participants in the multimedia session. 476 For this reason, no specific guideline is needed to ensure a proper 477 end-to-end RTCP behaviour in such scenarios, mostly because most of 478 the times there would be no end-to-end RTCP interaction among the 479 involved participants in the first place. Nevertheless, should any 480 RTCP message actually need to be forwarded to another participant in 481 the multimedia session, the same guidelines provided for the media- 482 aware B2BUA case apply. 484 For what concerns RTP/RTCP multiplexing support, the same 485 considerations already given for the Media Relay management also 486 apply for a Media Terminator. Some different considerations might be 487 given as to the Reduced-Size RTCP functionality, instead. In fact, 488 in the Media Terminator case it is safe to use the feature 489 independently on each side, as the B2BUA would terminate RTCP. In 490 that case, the B2BUA SHOULD advertize and negotiate support for 491 Reduced-Size if available, and MUST NOT otherwise. 493 4. IANA Considerations 495 This document makes no request of IANA. 497 5. Security Considerations 499 The discussion made in the previous sections on the management of 500 RTCP messages by a B2BUA worked under the assumption that the B2BUA 501 has actually access to the RTP/RTCP information itself. This is 502 indeed true if we assume that plain RTP and RTCP is being handled, 503 but may not be once any security is enforced on RTP packets and RTCP 504 messages by means of SRTP [RFC3711]. 506 While typically not an issue in the Media Relay case, where RTP and 507 RTCP packets are forwarded without any modification no matter whether 508 security is involved or not, this could definitely have an impact on 509 Media-aware Relays and Media Terminator B2BUAs. To make a simple 510 example, if we envisage a SRTP/SRTCP session across a B2BUA, where 511 the B2BUA itself has no access to the keys used to secure the 512 session, there would be no way to manipulate SRTP headers without 513 violating the hashing on the packet. At the same time, there would 514 be no way to rewrite the RTCP information accordingly either. 516 For this reason, it is important to point out that the operations 517 described in the previous sections are only possible if the B2BUA has 518 a way to effectively manipulate the packets and messages flowing by. 519 This means that, when media security is involved, only the Media- 520 unaware Relay scenario can be properly addressed. Attempting to 521 cover Media-aware Relay and Media Termination scenarios when 522 involving secure sessions will inevitably lead to the B2BUA acting as 523 a man-in-the-middle, and consequently its behaviour is unspecified 524 and discouraged. More considerations on this are provided in 525 [RFC7879]. 527 It is also worth pointing out that there are scenarios where an 528 improper management of RTCP messaging across a B2BUA may lead, 529 willingly or not, to situations not unlike an attack. To make a 530 simple example, an improper management of a REMB feedback message 531 containing, e.g., information on the limited bandwidth availability 532 for a user, may lead to missing or misleading information to its 533 peer. This may cause the peer to increase the encoder bitrate, maybe 534 up to a point where a user with poor connectivity will inevitably be 535 choked by an amount of data it cannot process. This scenario may 536 thus result in what looks like a Denial of Service (DOS) attack 537 towards the user. 539 6. IANA Considerations 541 This document has no IANA actions. 543 7. Change Summary 545 Note to RFC Editor: Please remove this whole section. 547 The following are the major changes between the 13 and the 14 548 versions of the draft: 550 o Removed first paragraph of Security Considerations which was 551 unclear. 553 o Added an IANA Considerations section to clarify there are no 554 actions. 556 The following are the major changes between the 12 and the 13 557 versions of the draft: 559 o Updated authors' affiliations and mail addresses. 561 The following are the major changes between the 11 and the 12 562 versions of the draft: 564 o Addressed remaining points in Ben's second review. 566 o Updated reference of STRAW's DTLS-SRTP draft to new [RFC7879]. 568 The following are the major changes between the 10 and the 11 569 versions of the draft: 571 o Addressed Ben's second review. 573 The following are the major changes between the 09 and the 10 574 versions of the draft: 576 o Replaced references to obsoleted RFC 5117 with [RFC7667]. 578 o Made reference to [RFC7656] normative. 580 o Clarified text across the whole document to address Ben's review. 582 The following are the major changes between the 08 and the 09 583 versions of the draft: 585 o Updated references to documents which have become RFC in the 586 meanwhile, [RFC7667] and [RFC7656]. 588 The following are the major changes between the 06 and the 07 589 versions of the draft: 591 o Clarified the suggested changed by Colin Perkins on the management 592 of CNAME items in SDES, and added reference to [RFC7022]. 594 o Addressed comment by Simon Perreault on CNAME collisions 595 management. 597 The following are the major changes between the 05 and the 06 598 versions of the draft: 600 o Addressed comment by Colin Perkins on the management of CNAME 601 items in SDES. 603 The following are the major changes between the 04 and the 05 604 versions of the draft: 606 o Clarified behaviour when SSRC is zero. 608 o Fixed a couple of nits found by the Idnits tool. 610 The following are the major changes between the 03 and the 04 611 versions of the draft: 613 o Addressed review by Magnus Westerlund. 615 o Added guidelines for ECN RTCP messages. 617 o Clarified that if an RTCP message is dropped because unsupported, 618 only the unsupported packet is dropped and not the compound packet 619 that contains it. 621 o Added reference to Section 3.2.2 of [RFC7667] to Section 3.3. 623 o Added considerations on RTP/RTCP multiplexing and Reduced-Size 624 RTCP. 626 The following are the major changes between the 02 and the 03 627 versions of the draft: 629 o Rephrased the Media Path Security section to take into account the 630 MITM-related discussion in Honolulu. 632 o Added some Security Considerations. 634 The following are the major changes between the 01 and the 02 635 versions of the draft: 637 o Updated terminology to better adhere to [RFC7656]. 639 o Rephrased the Media Path Security section to take into account the 640 MITM-related discussion in Toronto. 642 o Clarified that NACK management might be trickier when SRTP is 643 involved. 645 The following are the major changes between the 00 and the 01 646 versions of the draft: 648 o Updated references and mapping per taxonomy RFC (7092). 650 o Added a reference to RTP topologies, and tried a mapping as per- 651 discussion in London. 653 o Added more RTCP message types to the Media-Aware section. 655 o Clarified that fixing the 'rtcp' SDP attribute is important. 657 o Added a new section on the impact of media security. 659 8. Acknowledgements 661 The authors would like to thank Flavio Battimo and Pierluigi Palma 662 for their invaluable feedback in the early stages of the document. 663 The authors would also like to thank Colin Perkins, Bernard Aboba, 664 Albrecht Schwarz, Hadriel Kaplan, Keith Drage, Jonathan Lennox, 665 Stephen Farrell, Magnus Westerlund, Simon Perreault and Ben Campbell 666 for their constructive comments, suggestions, and reviews that were 667 critical to the formulation and refinement of this document. 669 9. References 671 9.1. Normative References 673 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 674 Requirement Levels", BCP 14, RFC 2119, 675 DOI 10.17487/RFC2119, March 1997, 676 . 678 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 679 A., Peterson, J., Sparks, R., Handley, M., and E. 680 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 681 DOI 10.17487/RFC3261, June 2002, 682 . 684 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 685 Description Protocol", RFC 4566, DOI 10.17487/RFC4566, 686 July 2006, . 688 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 689 with Session Description Protocol (SDP)", RFC 3264, 690 DOI 10.17487/RFC3264, June 2002, 691 . 693 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V. 694 Jacobson, "RTP: A Transport Protocol for Real-Time 695 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550, 696 July 2003, . 698 [RFC7656] Lennox, J., Gross, K., Nandakumar, S., Salgueiro, G., and 699 B. Burman, Ed., "A Taxonomy of Semantics and Mechanisms 700 for Real-Time Transport Protocol (RTP) Sources", RFC 7656, 701 DOI 10.17487/RFC7656, November 2015, 702 . 704 9.2. Informative References 706 [RFC7092] Kaplan, H. and V. Pascual, "A Taxonomy of Session 707 Initiation Protocol (SIP) Back-to-Back User Agents", 708 RFC 7092, DOI 10.17487/RFC7092, December 2013, 709 . 711 [RFC7667] Westerlund, M. and S. Wenger, "RTP Topologies", RFC 7667, 712 DOI 10.17487/RFC7667, November 2015, 713 . 715 [I-D.alvestrand-rmcat-remb] 716 Alvestrand, H., "RTCP message for Receiver Estimated 717 Maximum Bitrate", draft-alvestrand-rmcat-remb-03 (work in 718 progress), October 2013. 720 [RFC4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, 721 "Extended RTP Profile for Real-time Transport Control 722 Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585, 723 DOI 10.17487/RFC4585, July 2006, 724 . 726 [RFC5104] Wenger, S., Chandra, U., Westerlund, M., and B. Burman, 727 "Codec Control Messages in the RTP Audio-Visual Profile 728 with Feedback (AVPF)", RFC 5104, DOI 10.17487/RFC5104, 729 February 2008, . 731 [RFC5576] Lennox, J., Ott, J., and T. Schierl, "Source-Specific 732 Media Attributes in the Session Description Protocol 733 (SDP)", RFC 5576, DOI 10.17487/RFC5576, June 2009, 734 . 736 [RFC3605] Huitema, C., "Real Time Control Protocol (RTCP) attribute 737 in Session Description Protocol (SDP)", RFC 3605, 738 DOI 10.17487/RFC3605, October 2003, 739 . 741 [RFC3611] Friedman, T., Ed., Caceres, R., Ed., and A. Clark, Ed., 742 "RTP Control Protocol Extended Reports (RTCP XR)", 743 RFC 3611, DOI 10.17487/RFC3611, November 2003, 744 . 746 [RFC5760] Ott, J., Chesterfield, J., and E. Schooler, "RTP Control 747 Protocol (RTCP) Extensions for Single-Source Multicast 748 Sessions with Unicast Feedback", RFC 5760, 749 DOI 10.17487/RFC5760, February 2010, 750 . 752 [RFC6284] Begen, A., Wing, D., and T. Van Caenegem, "Port Mapping 753 between Unicast and Multicast RTP Sessions", RFC 6284, 754 DOI 10.17487/RFC6284, June 2011, 755 . 757 [RFC6679] Westerlund, M., Johansson, I., Perkins, C., O'Hanlon, P., 758 and K. Carlberg, "Explicit Congestion Notification (ECN) 759 for RTP over UDP", RFC 6679, DOI 10.17487/RFC6679, August 760 2012, . 762 [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. 763 Norrman, "The Secure Real-time Transport Protocol (SRTP)", 764 RFC 3711, DOI 10.17487/RFC3711, March 2004, 765 . 767 [RFC5761] Perkins, C. and M. Westerlund, "Multiplexing RTP Data and 768 Control Packets on a Single Port", RFC 5761, 769 DOI 10.17487/RFC5761, April 2010, 770 . 772 [RFC5506] Johansson, I. and M. Westerlund, "Support for Reduced-Size 773 Real-Time Transport Control Protocol (RTCP): Opportunities 774 and Consequences", RFC 5506, DOI 10.17487/RFC5506, April 775 2009, . 777 [RFC7022] Begen, A., Perkins, C., Wing, D., and E. Rescorla, 778 "Guidelines for Choosing RTP Control Protocol (RTCP) 779 Canonical Names (CNAMEs)", RFC 7022, DOI 10.17487/RFC7022, 780 September 2013, . 782 [RFC7879] Ravindranath, R., Reddy, T., Salgueiro, G., Pascual, V., 783 and P. Ravindran, "DTLS-SRTP Handling in SIP Back-to-Back 784 User Agents", RFC 7879, DOI 10.17487/RFC7879, May 2016, 785 . 787 Authors' Addresses 789 Lorenzo Miniero 790 Meetecho 792 Email: lorenzo@meetecho.com 794 Sergio Garcia Murillo 795 Medooze 797 Email: sergio.garcia.murillo@gmail.com 799 Victor Pascual 800 Oracle 802 Email: victor.pascual.avila@oracle.com