idnits 2.17.1 

draft-jennings-sip-dtls-04.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3978, Section 5.1 on line 17.

  -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
     line 185.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 196.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 203.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 209.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust Copyright Line does not match the
     current year

  == The document doesn't use any RFC 2119 keywords, yet seems to have RFC
     2119 boilerplate text.

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (June 2, 2007) is 6166 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  -- Looks like a reference, but probably isn't: 'RFCXXXX' on line 111

  ** Obsolete normative reference: RFC 2246 (ref. '1') (Obsoleted by RFC 4346)

  ** Obsolete normative reference: RFC 4347 (ref. '2') (Obsoleted by RFC 6347)

  ** Obsolete normative reference: RFC 4234 (ref. '3') (Obsoleted by RFC 5234)


     Summary: 4 errors (**), 0 flaws (~~), 2 warnings (==), 8 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                        C. Jennings
3	Internet-Draft                                             Cisco Systems
4	Intended status: Standards Track                             N. Modadugu
5	Expires: December 4, 2007                            Stanford University
6	                                                            June 2, 2007

8	Session Initiation Protocol (SIP) over Datagram Transport Layer Security
9	                                 (DTLS)
10	                       draft-jennings-sip-dtls-04

12	Status of this Memo

14	   By submitting this Internet-Draft, each author represents that any
15	   applicable patent or other IPR claims of which he or she is aware
16	   have been or will be disclosed, and any of which he or she becomes
17	   aware will be disclosed, in accordance with Section 6 of BCP 79.

19	   Internet-Drafts are working documents of the Internet Engineering
20	   Task Force (IETF), its areas, and its working groups.  Note that
21	   other groups may also distribute working documents as Internet-
22	   Drafts.

24	   Internet-Drafts are draft documents valid for a maximum of six months
25	   and may be updated, replaced, or obsoleted by other documents at any
26	   time.  It is inappropriate to use Internet-Drafts as reference
27	   material or to cite them other than as "work in progress."

29	   The list of current Internet-Drafts can be accessed at
30	   http://www.ietf.org/ietf/1id-abstracts.txt.

32	   The list of Internet-Draft Shadow Directories can be accessed at
33	   http://www.ietf.org/shadow.html.

35	   This Internet-Draft will expire on December 4, 2007.

37	Copyright Notice

39	   Copyright (C) The IETF Trust (2007).

41	Abstract

43	   This specification defines how to use Datagram Transport Layer
44	   Security (DTLS) as a transport for Session Initiation Protocol (SIP).
45	   DTLS is a protocol for providing Transport Layer Security (TLS)
46	   security over a datagram protocol.  This specification also specifies
47	   the IANA registrations for using SIP with Datagram Congestion Control
48	   Protocol (DCCP).

50	1.  Introduction

52	   Datagram Transport Layer Security (DTLS) [2] provides communication
53	   privacy similar to TLS [1] for datagram packets.  SIP can run over
54	   both stream and datagram transports, including UDP and TCP.  SIP [4]
55	   already defines how to use TLS with stream oriented transports.  This
56	   specification extends SIP to use DTLS with datagram oriented
57	   transports.

59	2.  Terminology

61	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
62	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
63	   document are to be interpreted as described in RFC 2119 [5].

65	3.  Transport Parameters

67	   Via header fields in SIP carry a transport protocol identifier.  This
68	   specification extends RFC 3261 to define the value "DTLS-UDP" for
69	   DTLS over UDP and "DTLS-DCCP" for DTLS over DCCP.  The update to the
70	   ABNF[3] in RFC 3261 for this parameter is the following:
71	   transport         =/ "DTLS-DCCP" / "DTLS-UDP"

73	   The following is an example Via header field:
74	   Via: SIP/2.0/DTLS-UDP atlanta.example.com:5060

76	4.  DTLS Usage

78	   The normal rules for sending a request over UDP in RFC 3261 apply to
79	   sending over DTLS.  Note that the congestion safety rules for UDP do
80	   not apply to DCCP.  In addition, the normal rules for validating a
81	   TLS connection in RFC 3261 apply to DTLS connections.  Requests with
82	   a SIPS URI can be sent over DTLS as well as TLS.

84	5.  Locating DTLS SIP Servers

86	   The normal rules from RFC 3263 [6] apply when locating a SIP server
87	   that supports DTLS.  The following new NAPTR[7] service values are
88	   defined: "SIPS+D2U" for UDP, and "SIPS+D2D" for DCCP[8].  In
89	   addition, the service value "SIP+D2D" should be used for SIP without
90	   DTLS over DCCP.

92	   The default port for DTLS over UDP or DCCP is 5061.

94	6.  Security Considerations

96	   The security issues with SIP using DTLS are equivalent to the issues
97	   of using SIP with TLS.  All the security considerations in RFC 3261
98	   relevant to TLS apply to DTLS.

100	7.  IANA Considerations

102	   This document defines new NAPTR service field values for DTLS over
103	   DCCP and UDP as well as over DCCP with no DTLS.  IANA is requested to
104	   register these values under the "Registry for the SIP SRV Resource
105	   Record Services Field".  The resulting entries should be:

107	    Services Field        Protocol  Reference
108	    --------------------  --------  ---------
109	    SIPS+D2U              UDP       [RFCXXXX]
110	    SIPS+D2D              DCCP      [RFCXXXX]
111	    SIP+D2D               DCCP      [RFCXXXX]

113	   [Note to RFC Editor: Please replace XXXX with the RFC number of this
114	   specification.]

116	8.  Acknowledgments

118	   Much of text and outline for this specification came from RFC 4168
119	   authored by Jonathan Rosenberg, Henning Schulzrinne, and Gonzalo
120	   Camarillo.  Jakob Schlyter caught several typos.  Eric Rescorla
121	   provided helpful comments and text.

123	9.  Normative References

125	   [1]  Dierks, T. and C. Allen, "The TLS Protocol Version 1.0",
126	        RFC 2246, January 1999.

128	   [2]  Rescorla, E. and N. Modadugu, "Datagram Transport Layer
129	        Security", RFC 4347, April 2006.

131	   [3]  Crocker, D. and P. Overell, "Augmented BNF for Syntax
132	        Specifications: ABNF", RFC 4234, October 2005.

134	   [4]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
135	        Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
136	        Session Initiation Protocol", RFC 3261, June 2002.

138	   [5]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
139	        Levels", BCP 14, RFC 2119, March 1997.

141	   [6]  Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol
142	        (SIP): Locating SIP Servers", RFC 3263, June 2002.

144	   [7]  Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part
145	        Three: The Domain Name System (DNS) Database", RFC 3403,
146	        October 2002.

148	   [8]  Kohler, E., Handley, M., and S. Floyd, "Datagram Congestion
149	        Control Protocol (DCCP)", RFC 4340, March 2006.

151	Authors' Addresses

153	   Cullen Jennings
154	   Cisco Systems
155	   170 West Tasman Drive
156	   MS: SJC-21/2
157	   San Jose, CA  95134
158	   USA

160	   Phone: +1 408 902-3341
161	   Email: fluffy@cisco.com

163	   Nagendra Modadugu
164	   Stanford University
165	   353 Serra Mall
166	   Stanford, CA  94305
167	   USA

169	   Email: Nagendra@cs.stanford.edu

171	Full Copyright Statement

173	   Copyright (C) The IETF Trust (2007).

175	   This document is subject to the rights, licenses and restrictions
176	   contained in BCP 78, and except as set forth therein, the authors
177	   retain all their rights.

179	   This document and the information contained herein are provided on an
180	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
181	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
182	   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
183	   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
184	   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
185	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

187	Intellectual Property

189	   The IETF takes no position regarding the validity or scope of any
190	   Intellectual Property Rights or other rights that might be claimed to
191	   pertain to the implementation or use of the technology described in
192	   this document or the extent to which any license under such rights
193	   might or might not be available; nor does it represent that it has
194	   made any independent effort to identify any such rights.  Information
195	   on the procedures with respect to rights in RFC documents can be
196	   found in BCP 78 and BCP 79.

198	   Copies of IPR disclosures made to the IETF Secretariat and any
199	   assurances of licenses to be made available, or the result of an
200	   attempt made to obtain a general license or permission for the use of
201	   such proprietary rights by implementers or users of this
202	   specification can be obtained from the IETF on-line IPR repository at
203	   http://www.ietf.org/ipr.

205	   The IETF invites any interested party to bring to its attention any
206	   copyrights, patents or patent applications, or other proprietary
207	   rights that may cover technology that may be required to implement
208	   this standard.  Please address the information to the IETF at
209	   ietf-ipr@ietf.org.

211	Acknowledgment

213	   Funding for the RFC Editor function is provided by the IETF
214	   Administrative Support Activity (IASA).