draft-ietf-avtcore-6222bis-00.txt   draft-ietf-avtcore-6222bis-01.txt 
Network Working Group E. Rescorla Network Working Group A. Begen
Internet-Draft RTFM, Inc. Internet-Draft Cisco
Obsoletes: 6222 (if approved) A. Begen Obsoletes: 6222 (if approved) C. Perkins
Intended status: Standards Track Cisco Intended status: Standards Track University of Glasgow
Expires: June 21, 2013 December 18, 2012 Expires: September 12, 2013 D. Wing
Cisco
E. Rescorla
RTFM, Inc.
March 11, 2013
Guidelines for Choosing RTP Control Protocol (RTCP) Guidelines for Choosing RTP Control Protocol (RTCP)
Canonical Names (CNAMEs) Canonical Names (CNAMEs)
draft-ietf-avtcore-6222bis-00 draft-ietf-avtcore-6222bis-01
Abstract Abstract
The RTP Control Protocol (RTCP) Canonical Name (CNAME) is a The RTP Control Protocol (RTCP) Canonical Name (CNAME) is a
persistent transport-level identifier for an RTP endpoint. While the persistent transport-level identifier for an RTP endpoint. While the
Synchronization Source (SSRC) identifier of an RTP endpoint may Synchronization Source (SSRC) identifier of an RTP endpoint may
change if a collision is detected or when the RTP application is change if a collision is detected or when the RTP application is
restarted, its RTCP CNAME is meant to stay unchanged, so that RTP restarted, its RTCP CNAME is meant to stay unchanged, so that RTP
endpoints can be uniquely identified and associated with their RTP endpoints can be uniquely identified and associated with their RTP
media streams. media streams.
skipping to change at page 1, line 46 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 12, 2013.
This Internet-Draft will expire on June 21, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 30 skipping to change at page 2, line 34
2. Requirements Notation . . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . . 3
3. Deficiencies with Earlier Guidelines for Choosing an RTCP 3. Deficiencies with Earlier Guidelines for Choosing an RTCP
CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Choosing an RTCP CNAME . . . . . . . . . . . . . . . . . . . . 4 4. Choosing an RTCP CNAME . . . . . . . . . . . . . . . . . . . . 4
4.1. Persistent RTCP CNAMEs versus Per-Session RTCP CNAMEs . . . 4 4.1. Persistent RTCP CNAMEs versus Per-Session RTCP CNAMEs . . . 4
4.2. Requirements . . . . . . . . . . . . . . . . . . . . . . . 5 4.2. Requirements . . . . . . . . . . . . . . . . . . . . . . . 5
5. Procedure to Generate a Unique Identifier . . . . . . . . . . . 6 5. Procedure to Generate a Unique Identifier . . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
6.1. Considerations on Uniqueness of RTCP CNAMEs . . . . . . . . 7 6.1. Considerations on Uniqueness of RTCP CNAMEs . . . . . . . . 7
6.2. Session Correlation Based on RTCP CNAMEs . . . . . . . . . 7 6.2. Session Correlation Based on RTCP CNAMEs . . . . . . . . . 7
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 8
8.1. Normative References . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
8.2. Informative References . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . . 8
9.2. Informative References . . . . . . . . . . . . . . . . . . 9
1. Introduction 1. Introduction
In Section 6.5.1 of the RTP specification, [RFC3550], there are a In Section 6.5.1 of the RTP specification, [RFC3550], there are a
number of recommendations for choosing a unique RTCP CNAME for an RTP number of recommendations for choosing a unique RTCP CNAME for an RTP
endpoint. However, in practice, some of these methods are not endpoint. However, in practice, some of these methods are not
guaranteed to produce a unique RTCP CNAME. [RFC6222] updated the guaranteed to produce a unique RTCP CNAME. [RFC6222] updated the
guidelines for choosing RTCP CNAMEs, superseding those presented in guidelines for choosing RTCP CNAMEs, superseding those presented in
Section 6.5.1 of [RFC3550]. Unfortunately, some parts of the new Section 6.5.1 of [RFC3550]. Unfortunately, some parts of the new
algorithms are rather complicated and also produce RTCP CNAMEs which algorithms are rather complicated and also produce RTCP CNAMEs which
skipping to change at page 5, line 41 skipping to change at page 5, line 41
"urn:uuid:" stripped, resulting in a 36-octet printable string "urn:uuid:" stripped, resulting in a 36-octet printable string
representation. representation.
o To produce a short-term persistent RTCP CNAME, an RTP endpoint o To produce a short-term persistent RTCP CNAME, an RTP endpoint
MUST either (a) use the numeric representation of the layer-2 MUST either (a) use the numeric representation of the layer-2
(Media Access Control (MAC)) address of the interface that is used (Media Access Control (MAC)) address of the interface that is used
to initiate the RTP session as the "host" part of its RTCP CNAME to initiate the RTP session as the "host" part of its RTCP CNAME
or (b) generate and use an identifier by following the procedure or (b) generate and use an identifier by following the procedure
described in Section 5. In either case, the procedure is described in Section 5. In either case, the procedure is
performed once per initialization of the software. After performed once per initialization of the software. After
obtaining an identifier by doing (a) or (b), the least significant obtaining an identifier in case of (a), the 48 bits are converted
48 bits are converted to the standard colon-separated hexadecimal to the standard colon-separated hexadecimal format [RFC5342],
format [RFC5342], e.g., "00:23:32:af:9b:aa", resulting in a e.g., "00:23:32:af:9b:aa", resulting in a 17-octet printable
17-octet printable string representation. string representation. In case of (b), minimally the least
significant 96 bits SHOULD be converted to ASCII using Base64
encoding [RFC4648] (to compromise between packet size and
uniqueness - refer to Section 6.1). If 96 bits are used, the
resulting string will be 16 octets.
In the two cases above, the "user@" part of the RTCP CNAME MAY be In the two cases above, the "user@" part of the RTCP CNAME MAY be
omitted on single-user systems and MAY be replaced by an opaque token omitted on single-user systems and MAY be replaced by an opaque token
on multi-user systems, to preserve privacy. on multi-user systems, to preserve privacy.
An RTP endpoint that wishes to generate a per-session RTCP CNAME MUST An RTP endpoint that wishes to generate a per-session RTCP CNAME MUST
use the following method: use the following method:
o For every new RTP session, a new CNAME is generated following the o For every new RTP session, a new CNAME is generated following the
procedure described in Section 5. After performing that procedure described in Section 5. After performing that
procedure, the least significant 96 bits are used to generate an procedure, minimally the least significant 96 bits SHOULD be
identifier (to compromise between packet size and uniqueness - converted to ASCII using Base64 encoding [RFC4648]. The RTCP
refer to Section 6.1), which is converted to ASCII using Base64 CNAME cannot change over the life of an RTP session [RFC3550].
encoding [RFC4648]. This results in a 16-octet string The "user@" part of the RTCP CNAME is omitted when generating
representation. The RTCP CNAME cannot change over the life of an per-session RTCP CNAMEs.
RTP session [RFC3550]. The "user@" part of the RTCP CNAME is
omitted when generating per-session RTCP CNAMEs.
It is believed that obtaining uniqueness (with a high probability) is It is believed that obtaining uniqueness (with a high probability) is
an important property that requires careful evaluation of the method. an important property that requires careful evaluation of the method.
This document provides a number of methods, at least one of which This document provides a number of methods, at least one of which
would be suitable for all deployment scenarios. This document would be suitable for all deployment scenarios. This document
therefore does not provide for the implementor to define and select therefore does not provide for the implementor to define and select
an alternative method. an alternative method.
A future specification might define an alternative method for A future specification might define an alternative method for
generating RTCP CNAMEs, as long as the proposed method has generating RTCP CNAMEs, as long as the proposed method has
skipping to change at page 8, line 5 skipping to change at page 8, line 5
In some environments, notably telephony, a fixed RTCP CNAME value In some environments, notably telephony, a fixed RTCP CNAME value
allows separate RTP sessions to be correlated and eliminates the allows separate RTP sessions to be correlated and eliminates the
obfuscation provided by IPv6 privacy addresses [RFC4941] or IPv4 obfuscation provided by IPv6 privacy addresses [RFC4941] or IPv4
Network Address Port Translation (NAPT) [RFC3022]. SRTP [RFC3711] Network Address Port Translation (NAPT) [RFC3022]. SRTP [RFC3711]
can help prevent such correlation by encrypting Secure RTCP (SRTCP), can help prevent such correlation by encrypting Secure RTCP (SRTCP),
but it should be noted that SRTP only mandates SRTCP integrity but it should be noted that SRTP only mandates SRTCP integrity
protection (not encryption). Thus, RTP applications used in such protection (not encryption). Thus, RTP applications used in such
environments should consider encrypting their SRTCP or generate a environments should consider encrypting their SRTCP or generate a
per-session RTCP CNAME as discussed in Section 4.1. per-session RTCP CNAME as discussed in Section 4.1.
7. Acknowledgments 7. IANA Considerations
No IANA actions are required.
8. Acknowledgments
Thanks to Marc Petit-Huguenin, who suggested using UUIDs in Thanks to Marc Petit-Huguenin, who suggested using UUIDs in
generating RTCP CNAMEs. Also, thanks to David McGrew for providing generating RTCP CNAMEs. Also, thanks to David McGrew for providing
text for the Security Considerations section. text for the Security Considerations section in RFC 6222.
8. References 9. References
8.1. Normative References 9.1. Normative References
[RFC3550] Schulzrinne, H., Casner, S., [RFC3550] Schulzrinne, H., Casner, S.,
Frederick, R., and V. Jacobson, Frederick, R., and V. Jacobson,
"RTP: A Transport Protocol for "RTP: A Transport Protocol for
Real-Time Applications", STD 64, Real-Time Applications", STD 64,
RFC 3550, July 2003. RFC 3550, July 2003.
[RFC2119] Bradner, S., "Key words for use [RFC2119] Bradner, S., "Key words for use
in RFCs to Indicate Requirement in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, Levels", BCP 14, RFC 2119,
skipping to change at page 8, line 47 skipping to change at page 9, line 5
Considerations and IETF Protocol Considerations and IETF Protocol
Usage for IEEE 802 Parameters", Usage for IEEE 802 Parameters",
BCP 141, RFC 5342, BCP 141, RFC 5342,
September 2008. September 2008.
[RFC4086] Eastlake, D., Schiller, J., and [RFC4086] Eastlake, D., Schiller, J., and
S. Crocker, "Randomness S. Crocker, "Randomness
Requirements for Security", Requirements for Security",
BCP 106, RFC 4086, June 2005. BCP 106, RFC 4086, June 2005.
8.2. Informative References 9.2. Informative References
[RFC6222] Begen, A., Perkins, C., and D. [RFC6222] Begen, A., Perkins, C., and D.
Wing, "Guidelines for Choosing Wing, "Guidelines for Choosing
RTP Control Protocol (RTCP) RTP Control Protocol (RTCP)
Canonical Names (CNAMEs)", Canonical Names (CNAMEs)",
RFC 6222, April 2011. RFC 6222, April 2011.
[RFC1918] Rekhter, Y., Moskowitz, R., [RFC1918] Rekhter, Y., Moskowitz, R.,
Karrenberg, D., Groot, G., and Karrenberg, D., Groot, G., and
E. Lear, "Address Allocation for E. Lear, "Address Allocation for
skipping to change at page 10, line 5 skipping to change at page 10, line 11
[RFC3261] Rosenberg, J., Schulzrinne, H., [RFC3261] Rosenberg, J., Schulzrinne, H.,
Camarillo, G., Johnston, A., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Peterson, J., Sparks, R.,
Handley, M., and E. Schooler, Handley, M., and E. Schooler,
"SIP: Session Initiation "SIP: Session Initiation
Protocol", RFC 3261, June 2002. Protocol", RFC 3261, June 2002.
[I-D.ietf-rtcweb-security-arch] Rescorla, E., "RTCWEB Security [I-D.ietf-rtcweb-security-arch] Rescorla, E., "RTCWEB Security
Architecture", draft-ietf- Architecture", draft-ietf-
rtcweb-security-arch-05 (work in rtcweb-security-arch-06 (work in
progress), October 2012. progress), January 2013.
[I-D.rescorla-avtcore-random-cname] Rescorla, E., "Random algorithm [I-D.rescorla-avtcore-random-cname] Rescorla, E., "Random algorithm
for RTP CNAME generation", draft for RTP CNAME generation", draft
-rescorla-avtcore-random-cname- -rescorla-avtcore-random-cname-
00 (work in progress), 00 (work in progress),
July 2012. July 2012.
Authors' Addresses Authors' Addresses
Ali Begen
Cisco
181 Bay Street
Toronto, ON M5J 2T3
CANADA
EMail: abegen@cisco.com
Colin Perkins
University of Glasgow
School of Computing Science
Glasgow G12 8QQ
UK
EMail: csp@csperkins.org
Dan Wing
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134
USA
EMail: dwing@cisco.com
Eric Rescorla Eric Rescorla
RTFM, Inc. RTFM, Inc.
2064 Edgewood Drive 2064 Edgewood Drive
Palo Alto, CA 94303 Palo Alto, CA 94303
USA USA
Phone: +1 650 678 2350 Phone: +1 650 678 2350
EMail: ekr@rtfm.com EMail: ekr@rtfm.com
Ali Begen
Cisco
181 Bay Street
Toronto, ON M5J 2T3
CANADA
EMail: abegen@cisco.com
 End of changes. 15 change blocks. 
31 lines changed or deleted 65 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/