draft-ietf-mmusic-dtls-sdp-26.txt   draft-ietf-mmusic-dtls-sdp-27.txt 
Network Working Group C. Holmberg Network Working Group C. Holmberg
Internet-Draft Ericsson Internet-Draft Ericsson
Updates: 5763,7345 (if approved) R. Shpount Updates: 5763,7345 (if approved) R. Shpount
Intended status: Standards Track TurboBridge Intended status: Standards Track TurboBridge
Expires: December 24, 2017 June 22, 2017 Expires: January 25, 2018 July 24, 2017
Using the SDP Offer/Answer Mechanism for DTLS Using the SDP Offer/Answer Mechanism for DTLS
draft-ietf-mmusic-dtls-sdp-26.txt draft-ietf-mmusic-dtls-sdp-27.txt
Abstract Abstract
This document defines the SDP offer/answer procedures for negotiating This document defines the SDP offer/answer procedures for negotiating
and establishing a DTLS association. The document also defines the and establishing a DTLS association. The document also defines the
criteria for when a new DTLS association must be established. The criteria for when a new DTLS association must be established. The
document updates RFC 5763 and RFC 7345, by replacing common SDP document updates RFC 5763 and RFC 7345, by replacing common SDP
offer/answer procedures with a reference to this specification. offer/answer procedures with a reference to this specification.
This document defines a new SDP media-level attribute, 'tls-id'. This document defines a new SDP media-level attribute, 'tls-id'.
skipping to change at page 1, line 41 skipping to change at page 1, line 41
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 24, 2017. This Internet-Draft will expire on January 25, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 10, line 10 skipping to change at page 10, line 10
If the answerer receives an offer that does not contain an SDP 'tls- If the answerer receives an offer that does not contain an SDP 'tls-
id' attribute, the answerer MUST NOT insert a 'tls-id' attribute in id' attribute, the answerer MUST NOT insert a 'tls-id' attribute in
the answer. the answer.
If a new DTLS association is to be established, and if the answerer If a new DTLS association is to be established, and if the answerer
inserts an SDP 'setup' attribute with an 'active' attribute value in inserts an SDP 'setup' attribute with an 'active' attribute value in
the answer, the answerer MUST initiate a DTLS handshake by sending a the answer, the answerer MUST initiate a DTLS handshake by sending a
DTLS ClientHello message towards the offerer. DTLS ClientHello message towards the offerer.
Eventhough an offerer is required to insert an 'SDP' setup attribute Even though an offerer is required to insert an 'SDP' setup attribute
with an 'actpass' attribute value in initial offers (Section 5.2) and with an 'actpass' attribute value in initial offers (Section 5.2) and
subsequent offers (Section 5.5), the answerer MUST be able to receive subsequent offers (Section 5.5), the answerer MUST be able to receive
initial and subsequent offers with other attribute values, in order initial and subsequent offers with other attribute values, in order
to be backward compatible with older implementations that might to be backward compatible with older implementations that might
insert other attribute values in initial and subsequent offers. insert other attribute values in initial and subsequent offers.
5.4. Offerer Processing of the SDP Answer 5.4. Offerer Processing of the SDP Answer
When an offerer receives an answer that establishes a new DTLS When an offerer receives an answer that establishes a new DTLS
association based on criteria defined in Section 3.1, and if the association based on criteria defined in Section 3.1, and if the
skipping to change at page 12, line 10 skipping to change at page 12, line 10
If DTLS is transported on top of a connection-oriented transport If DTLS is transported on top of a connection-oriented transport
protocol (e.g., TCP or SCTP), where all IP packets are acknowledged, protocol (e.g., TCP or SCTP), where all IP packets are acknowledged,
all DTLS packets associated with a previous DTLS association MUST be all DTLS packets associated with a previous DTLS association MUST be
acknowledged (or timed out) before a new DTLS association can be acknowledged (or timed out) before a new DTLS association can be
established on the same instance of that transport (5-tuple). established on the same instance of that transport (5-tuple).
8. TLS Considerations 8. TLS Considerations
The procedures in this document can also be used for negotiating and The procedures in this document can also be used for negotiating and
establishing aTLS connection, with the restriction described below. establishing a TLS connection, with the restriction described below.
As specified in [RFC4145], the SDP 'connection' attribute is used to As specified in [RFC4145], the SDP 'connection' attribute is used to
indicate whether to establish a new TLS connection. An offerer and indicate whether to establish a new TLS connection. An offerer and
answerer MUST ensure that the 'connection' attribute value and the answerer MUST ensure that the 'connection' attribute value and the
'tls-id' attribute value does not cause a conflict regarding whether 'tls-id' attribute value does not cause a conflict regarding whether
a new TLS connection is to be established or not. a new TLS connection is to be established or not.
NOTE: Even though the SDP 'connection' attribute can be used to NOTE: Even though the SDP 'connection' attribute can be used to
indicate whether a new TLS connection is to be established, the indicate whether a new TLS connection is to be established, the
unique combination of SDP 'tls-id' attribute values can be used to unique combination of SDP 'tls-id' attribute values can be used to
skipping to change at page 12, line 51 skipping to change at page 12, line 51
An endpoint must not make assumptions regarding the support of the An endpoint must not make assumptions regarding the support of the
SDP 'tls-id' attribute by the peer. Therefore, to avoid ambiguity, SDP 'tls-id' attribute by the peer. Therefore, to avoid ambiguity,
both offerers and answerers MUST always use the 'connection' both offerers and answerers MUST always use the 'connection'
attribute in conjunction with the 'tls-id' attribute. attribute in conjunction with the 'tls-id' attribute.
NOTE: As defined in [RFC4145], if the SDP 'connection' attribute is NOTE: As defined in [RFC4145], if the SDP 'connection' attribute is
not explicitly present, the implicit default value is 'new'. not explicitly present, the implicit default value is 'new'.
The SDP example below is based on the example in section 3.4 of The SDP example below is based on the example in section 3.4 of
[RFC3261], with the addition of the SDP 'tls-id' attribute. [RFC4572], with the addition of the SDP 'tls-id' attribute.
m=image 54111 TCP/TLS t38 m=image 54111 TCP/TLS t38
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
a=tls-id:abc3de65cddef001be82 a=tls-id:abc3de65cddef001be82
a=setup:passive a=setup:passive
a=connection:new a=connection:new
a=fingerprint:SHA-256 \ a=fingerprint:SHA-256 \
12:DF:3E:5D:49:6B:19:E5:7C:AB:4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF: \ 12:DF:3E:5D:49:6B:19:E5:7C:AB:4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF: \
3E:5D:49:6B:19:E5:7C:AB:4A:AD 3E:5D:49:6B:19:E5:7C:AB:4A:AD
a=fingerprint:SHA-1 \ a=fingerprint:SHA-1 \
skipping to change at page 17, line 11 skipping to change at page 17, line 11
The text in section 5.2.1 (ICE Usage) is replaced with the new text The text in section 5.2.1 (ICE Usage) is replaced with the new text
below: below:
NEW TEXT: NEW TEXT:
The Interactive Connectivity Establishment (ICE) The Interactive Connectivity Establishment (ICE)
[I-D.ietf-ice-rfc5245bis] considerations for DTLS-protected media [I-D.ietf-ice-rfc5245bis] considerations for DTLS-protected media
are described in [RFCXXXX]. are described in [RFCXXXX].
[RFC EDITOR NOTE: Througout the document, please replace RFCXXXX [RFC EDITOR NOTE: Throughout the document, please replace RFCXXXX
with the RFC number of this document.] with the RFC number of this document.]
11. Security Considerations 11. Security Considerations
This specification does not modify the security considerations This specification does not modify the security considerations
associated with DTLS, or the SDP offer/answer mechanism. In addition associated with DTLS, or the SDP offer/answer mechanism. In addition
to the introduction of the SDP 'tls-id' attribute, the specification to the introduction of the SDP 'tls-id' attribute, the specification
simply clarifies the procedures for negotiating and establishing a simply clarifies the procedures for negotiating and establishing a
DTLS association. DTLS association.
skipping to change at page 17, line 43 skipping to change at page 17, line 43
is to be established/re-established. is to be established/re-established.
Appropriate Values: see Section 4 Appropriate Values: see Section 4
Contact name: Christer Holmberg Contact name: Christer Holmberg
Mux Category: IDENTICAL Mux Category: IDENTICAL
13. Acknowledgements 13. Acknowledgements
Thanks to Justin Uberti, Martin Thomson, Paul Kyzivat, Jens Guballa, Thanks to Justin Uberti, Martin Thomson, Paul Kyzivat, Jens Guballa,
Charles Eckel, Gonzalo Salgueiro and Paul Jones for providing Charles Eckel, Gonzalo Salgueiro and Paul Jones for providing
comments and suggestions on the document. Ben Campbell performed an comments and suggestions on the document. Ben Campbell performed an
AD review. AD review. Paul Kyzivat performed a gen-art review.
14. Change Log 14. Change Log
[RFC EDITOR NOTE: Please remove this section when publishing] [RFC EDITOR NOTE: Please remove this section when publishing]
Changes from draft-ietf-mmusic-sdp-dtls-26
o Editorial fixes based on Gen-ART review by Paul Kyzivat.
Changes from draft-ietf-mmusic-sdp-dtls-25 Changes from draft-ietf-mmusic-sdp-dtls-25
o Minor editorial nits. o Minor editorial nits.
Changes from draft-ietf-mmusic-sdp-dtls-24 Changes from draft-ietf-mmusic-sdp-dtls-24
o Changes based on 2nd WGLC comments from Roman S and Martin T: o Changes based on 2nd WGLC comments from Roman S and Martin T:
o - RFC update structure shortened (old text removed). o - RFC update structure shortened (old text removed).
o - Guidance regarding receiving ClientHello before SDP answer o - Guidance regarding receiving ClientHello before SDP answer
added. added.
 End of changes. 10 change blocks. 
8 lines changed or deleted 12 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/