| Network Working Group | H. T. Alvestrand |
| Internet-Draft | |
| Intended status: Standards Track | January 22, 2014 |
| Expires: July 26, 2014 |
Transports for RTCWEB
draft-ietf-rtcweb-transports-02
This document describes the data transport protocols used by RTCWEB, including the protocols used for interaction with intermediate boxes such as firewalls, relays and NAT boxes.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 26, 2014.
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
The IETF RTCWEB effort, part of the WebRTC effort carried out in cooperation between the IETF and the W3C, is aimed at specifying a protocol suite that is useful for real time multimedia exchange between browsers.
The overall effort is described in the RTCWEB overview document, [I-D.ietf-rtcweb-overview]. This document focuses on the data transport protocos that are used by conforming implementations.
This protocol suite is designed for WebRTC, and intends to satisfy the security considerations described in the WebRTC security documents, [I-D.ietf-rtcweb-security] and [I-D.ietf-rtcweb-security-arch].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
The protocol specifications used here assume that the following protocols are available to the implementations of the RTCWEB protocols:
For both protocols, IPv4 and IPv6 support is assumed; applications MUST be able to utilize both IPv4 and IPv6 where available.
For UDP, this specification assumes the ability to set the DSCP code point of the sockets opened on a per-packet basis, in order to achieve the prioritizations described in [I-D.dhesikan-tsvwg-rtcweb-qos] when multiple media types are multiplexed. It does not assume that the DSCP codepoints will be honored, and does assume that they may be zeroed or changed, since this is a local configuration issue.
This specification does not assume that the implementation will have access to ICMP or raw IP.
WebRTC implementations SHOULD attempt to set QoS on the packets sent, according to the guidelines in [I-D.dhesikan-tsvwg-rtcweb-qos]. It is appropriate to depart from this recommendation when running on platforms where QoS marking is not implemented.
RTCWEB implementations MUST support the ability to send and receive multiple SSRCs on the same transport, and MUST support the ability to send and receive multiple SSRCs on multiple simultaneous transports, including the ability to send and receive audio and video on the same transport. The choice of configuration is done at higher layers (above transport), using mechanisms like BUNDLE [I-D.ietf-mmusic-sdp-bundle-negotiation]. Further information on RTP usage is found in [I-D.ietf-rtcweb-rtp-usage].
When different content types according to [I-D.dhesikan-tsvwg-rtcweb-qos] are used on the same transport, appropriate per-packet DSCP marking SHOULD be used.
DISCUSSION: Minimizing the number of transports has advantages in traversing NATs and firewalls, due to the reduced chance of negotiation failure. However, some network prioritization mechanisms (in particular active queue management techniques and flow-recognizing deep packet inspection boxes) will perform better when flows with different characteristics are separated on different 5-tuples. Since the optimum for this tradeoff is unknown, and may be variable, it is inappropriate to embed this choice in the protocol layer, and this is therefore left to the control of the application.
The primary mechanism to deal with middle boxes is ICE, which is an appropriate way to deal with NAT boxes and firewalls that accept traffic from the inside, but only from the outside if it's in response to inside traffic (simple stateful firewalls).
ICE [RFC5245] MUST be supported. The implementation MUST be a full ICE implementation, not ICE-Lite.
In order to deal with situations where both parties are behind NATs which perform endpoint-dependent mapping (as defined in [RFC5128] section 2.4), TURN [RFC5766] MUST be supported.
In order to deal with firewalls that block all UDP traffic, TURN using TCP between the client and the server MUST be supported, and TURN using TLS between the client and the server MUST be supported. See [RFC5766] section 2.1 for details.
In order to deal with situations where one party is on an IPv4 network and the other party is on an IPv6 network, TURN extensions for IPv6 [RFC6156] MUST be supported.
TURN TCP candidates [RFC6062] SHOULD be supported; this allows applications to achieve peer-to-peer communication when both parties are behind UDP-blocking firewalls using a single TURN server. (In this case, one can also achieve communication using two TURN servers that use TCP between the server and the client, and UDP between the TURN servers.)
ICE-TCP candidates [RFC6544] MAY be supported; this may allow applications to communicate to peers with public IP addresses across UDP-blocking firewalls without using a TURN server.
The ALTERNATE-SERVER mechanism specified in [RFC5389] (STUN) section 11 (300 Try Alternate) MUST be supported.
Further discussion of the interaction of RTCWEB with firewalls is contained in [I-D.hutton-rtcweb-nat-firewall-considerations]. This document makes no requirements on interacting with HTTP proxies or HTTP proxy configuration methods.
For transport of media, secure RTP is used. The details of the profile of RTP used are described in "RTP Usage" [I-D.ietf-rtcweb-rtp-usage].
For data transport over the RTCWEB data channel [I-D.ietf-rtcweb-data-channel], RTCWEB implementations MUST support SCTP over DTLS over ICE. This encapsulation is specified in [I-D.ietf-tsvwg-sctp-dtls-encaps]. Negotiation of this transport in SDP is defined in [I-D.ietf-mmusic-sctp-sdp].
The setup protocol for RTCWEB data channels is described in [I-D.jesup-rtcweb-data-protocol].
RTCWEB implementations MUST support multiplexing of DTLS and RTP over the same port pair, as described in the DTLS_SRTP specification [RFC5764], section 5.1.2. All application layer protocol payloads over this DTLS connection are SCTP packets.
This document makes no request of IANA.
Note to RFC Editor: this section may be removed on publication as an RFC.
Security considerations are enumerated in [I-D.ietf-rtcweb-security].
This document is based on earlier versions embedded in [I-D.ietf-rtcweb-overview], which were the results of contributions from many RTCWEB WG members.
Special thanks for reviews of earlier versions of this draft go to Magnus Westerlund, Markus Isomaki and Dan Wing; the contributions from Andrew Hutton also deserve special mention.
| [RFC5128] | Srisuresh, P., Ford, B. and D. Kegel, "State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs)", RFC 5128, March 2008. |
| [I-D.ietf-rtcweb-overview] | Alvestrand, H., "Overview: Real Time Protocols for Brower-based Applications", Internet-Draft draft-ietf-rtcweb-overview-08, September 2013. |
| [I-D.ietf-mmusic-sdp-bundle-negotiation] | Holmberg, C., Alvestrand, H. and C. Jennings, "Multiplexing Negotiation Using Session Description Protocol (SDP) Port Numbers", Internet-Draft draft-ietf-mmusic-sdp-bundle-negotiation-05, October 2013. |
| [I-D.jesup-rtcweb-data-protocol] | Jesup, R., Loreto, S. and M. Tuexen, "WebRTC Data Channel Protocol", Internet-Draft draft-jesup-rtcweb-data-protocol-04, February 2013. |
| [I-D.hutton-rtcweb-nat-firewall-considerations] | Stach, T., Hutton, A. and J. Uberti, "RTCWEB Considerations for NATs, Firewalls and HTTP proxies", Internet-Draft draft-hutton-rtcweb-nat-firewall-considerations-02, September 2013. |
.