draft-ietf-avtcore-6222bis-05.txt   draft-ietf-avtcore-6222bis-06.txt 
Network Working Group A. Begen Network Working Group A. Begen
Internet-Draft Cisco Internet-Draft Cisco
Obsoletes: 6222 (if approved) C. Perkins Obsoletes: 6222 (if approved) C. Perkins
Updates: 3550 (if approved) University of Glasgow Updates: 3550 (if approved) University of Glasgow
Intended status: Standards Track D. Wing Intended status: Standards Track D. Wing
Expires: January 09, 2014 Cisco Expires: January 15, 2014 Cisco
E. Rescorla E. Rescorla
RTFM, Inc. RTFM, Inc.
July 08, 2013 July 14, 2013
Guidelines for Choosing RTP Control Protocol (RTCP) Guidelines for Choosing RTP Control Protocol (RTCP)
Canonical Names (CNAMEs) Canonical Names (CNAMEs)
draft-ietf-avtcore-6222bis-05 draft-ietf-avtcore-6222bis-06
Abstract Abstract
The RTP Control Protocol (RTCP) Canonical Name (CNAME) is a The RTP Control Protocol (RTCP) Canonical Name (CNAME) is a
persistent transport-level identifier for an RTP endpoint. While the persistent transport-level identifier for an RTP endpoint. While the
Synchronization Source (SSRC) identifier of an RTP endpoint may Synchronization Source (SSRC) identifier of an RTP endpoint may
change if a collision is detected or when the RTP application is change if a collision is detected or when the RTP application is
restarted, its RTCP CNAME is meant to stay unchanged, so that RTP restarted, its RTCP CNAME is meant to stay unchanged, so that RTP
endpoints can be uniquely identified and associated with their RTP endpoints can be uniquely identified and associated with their RTP
media streams. media streams.
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 09, 2014. This Internet-Draft will expire on January 15, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 31 skipping to change at page 2, line 31
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3
3. Deficiencies with Earlier Guidelines for Choosing an RTCP 3. Deficiencies with Earlier Guidelines for Choosing an RTCP
CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Choosing an RTCP CNAME . . . . . . . . . . . . . . . . . . . 4 4. Choosing an RTCP CNAME . . . . . . . . . . . . . . . . . . . 4
4.1. Persistent RTCP CNAMEs versus Per-Session RTCP CNAMEs . . 4 4.1. Persistent RTCP CNAMEs versus Per-Session RTCP CNAMEs . . 4
4.2. Requirements . . . . . . . . . . . . . . . . . . . . . . 5 4.2. Requirements . . . . . . . . . . . . . . . . . . . . . . 5
5. Procedure to Generate a Unique Identifier . . . . . . . . . . 6 5. Procedure to Generate a Unique Identifier . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7
6.1. Considerations on Uniqueness of RTCP CNAMEs . . . . . . . 7 6.1. Considerations on Uniqueness of RTCP CNAMEs . . . . . . . 7
6.2. Session Correlation Based on RTCP CNAMEs . . . . . . . . 7 6.2. Session Correlation Based on RTCP CNAMEs . . . . . . . . 7
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
9.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . 8
9.2. Informative References . . . . . . . . . . . . . . . . . 8 9.2. Informative References . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
In Section 6.5.1 of [RFC3550], there are a number of recommendations In Section 6.5.1 of [RFC3550], there are a number of recommendations
for choosing a unique RTCP CNAME for an RTP endpoint. However, in for choosing a unique RTCP CNAME for an RTP endpoint. However, in
practice, some of these methods are not guaranteed to produce a practice, some of these methods are not guaranteed to produce a
unique RTCP CNAME. [RFC6222] updated the guidelines for choosing unique RTCP CNAME. [RFC6222] updated the guidelines for choosing
skipping to change at page 5, line 44 skipping to change at page 5, line 44
"urn:uuid:" stripped, resulting in a 36-octet printable string "urn:uuid:" stripped, resulting in a 36-octet printable string
representation. representation.
o To produce a short-term persistent RTCP CNAME, an RTP endpoint o To produce a short-term persistent RTCP CNAME, an RTP endpoint
MUST generate and use an identifier by following the procedure MUST generate and use an identifier by following the procedure
described in Section 5. That procedure is performed at least once described in Section 5. That procedure is performed at least once
per initialization of the software. After obtaining an per initialization of the software. After obtaining an
identifier, minimally the least significant 96 bits SHOULD be identifier, minimally the least significant 96 bits SHOULD be
converted to ASCII using Base64 encoding [RFC4648] (to compromise converted to ASCII using Base64 encoding [RFC4648] (to compromise
between packet size and uniqueness - refer to Section 6.1). If 96 between packet size and uniqueness - refer to Section 6.1). If 96
bits are used, the resulting string will be 16 octets. bits are used, the resulting string will be 16 octets. Note the
Base64 encoded value cannot exceed the maximum RTCP CNAME length
of 255 octets [RFC3550].
In the two cases above, the "user@" part of the RTCP CNAME MAY be In the two cases above, the "user@" part of the RTCP CNAME MAY be
omitted on single-user systems and MAY be replaced by an opaque token omitted on single-user systems and MAY be replaced by an opaque token
on multi-user systems, to preserve privacy. on multi-user systems, to preserve privacy.
An RTP endpoint that wishes to generate a per-session RTCP CNAME MUST An RTP endpoint that wishes to generate a per-session RTCP CNAME MUST
use the following method: use the following method:
o For every new RTP session, a new RTCP CNAME is generated following o For every new RTP session, a new RTCP CNAME is generated following
the procedure described in Section 5. After performing that the procedure described in Section 5. After performing that
skipping to change at page 6, line 35 skipping to change at page 6, line 38
deployment. deployment.
The mechanisms described in this document are to be used to generate The mechanisms described in this document are to be used to generate
RTCP CNAMEs, and they are not to be used for generating general- RTCP CNAMEs, and they are not to be used for generating general-
purpose unique identifiers. purpose unique identifiers.
5. Procedure to Generate a Unique Identifier 5. Procedure to Generate a Unique Identifier
To locally produce a unique identifier, one simply generates a To locally produce a unique identifier, one simply generates a
cryptographically pseudorandom value as described in [RFC4086]. This cryptographically pseudorandom value as described in [RFC4086]. This
value MUST be at least 96 bits and MAY be up to 512 bits. value MUST be at least 96 bits.
The biggest bottleneck to implementation of this algorithm is the The biggest bottleneck to implementation of this algorithm is the
availability of an appropriate cryptographically secure pseudorandom availability of an appropriate cryptographically secure pseudorandom
number generator (CSPRNG). In any setting which already has a secure number generator (CSPRNG). In any setting which already has a secure
PRNG, this algorithm described is far simpler than the algorithm PRNG, this algorithm described is far simpler than the algorithm
described in Section 5 of [RFC6222]. SIP stacks [RFC3261] are described in Section 5 of [RFC6222]. SIP stacks [RFC3261] are
required to use cryptographically random numbers to generate To and required to use cryptographically random numbers to generate To and
From tags (Section 19.3). RTCWEB implementations From tags (Section 19.3). RTCWEB implementations
[I-D.ietf-rtcweb-security-arch] will need to have secure PRNGs to [I-D.ietf-rtcweb-security-arch] will need to have secure PRNGs to
implement ICE [RFC5245] and DTLS-SRTP [RFC5764]. And, of course, implement ICE [RFC5245] and DTLS-SRTP [RFC5764]. And, of course,
 End of changes. 8 change blocks. 
8 lines changed or deleted 10 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/