draft-ietf-mmusic-sdp-capability-negotiation-13.txt   rfc5939.txt 
MMUSIC Working Group F. Andreasen
Internet-Draft Cisco Systems
Intended Status: Proposed Standard March 24, 2010
Expires: September 2010
SDP Capability Negotiation Internet Engineering Task Force (IETF) F. Andreasen
draft-ietf-mmusic-sdp-capability-negotiation-13.txt Request for Comments: 5939 Cisco Systems
Category: Standards Track September 2010
ISSN: 2070-1721
Status of this Memo Session Description Protocol (SDP) Capability Negotiation
This Internet-Draft is submitted in full conformance with the Abstract
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering The Session Description Protocol (SDP) was intended to describe
Task Force (IETF), its areas, and its working groups. Note that multimedia sessions for the purposes of session announcement, session
other groups may also distribute working documents as Internet- invitation, and other forms of multimedia session initiation. SDP
Drafts. was not intended to provide capability indication or capability
negotiation; however, over the years, SDP has seen widespread
adoption and as a result it has been gradually extended to provide
limited support for these, notably in the form of the offer/answer
model defined in RFC 3264. SDP does not define how to negotiate one
or more alternative transport protocols (e.g., RTP profiles) or
attributes. This makes it difficult to deploy new RTP profiles such
as Secure RTP or RTP with RTCP-based feedback, negotiate use of
different security keying mechanisms, etc. It also presents problems
for some forms of media negotiation.
Internet-Drafts are draft documents valid for a maximum of six The purpose of this document is to address these shortcomings by
months and may be updated, replaced, or obsoleted by other documents extending SDP with capability negotiation parameters and associated
at any time. It is inappropriate to use Internet-Drafts as offer/answer procedures to use those parameters in a backwards
reference material or to cite them other than as "work in progress." compatible manner.
The list of current Internet-Drafts can be accessed at The document defines a general SDP Capability Negotiation framework.
http://www.ietf.org/ietf/1id-abstracts.txt It also specifies how to provide attributes and transport protocols
as capabilities and negotiate them using the framework. Extensions
for other types of capabilities (e.g., media types and media formats)
may be provided in other documents.
The list of Internet-Draft Shadow Directories can be accessed at Status of This Memo
http://www.ietf.org/shadow.html
This Internet-Draft will expire on September 24, 2010. This is an Internet Standards Track document.
Copyright and License Notice This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc5939.
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with respect
respect to this document. Code Components extracted from this to this document. Code Components extracted from this document must
document must include Simplified BSD License text as described in include Simplified BSD License text as described in Section 4.e of
Section 4.e of the Trust Legal Provisions and are provided without the Trust Legal Provisions and are provided without warranty as
warranty as described in the Simplified BSD License. described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this 10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process. modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other it for publication as an RFC or to translate it into languages other
than English. than English.
Abstract
The Session Description Protocol (SDP) was intended for describing
multimedia sessions for the purposes of session announcement,
session invitation, and other forms of multimedia session
initiation. SDP was not intended to provide capability indication or
capability negotiation, however over the years, SDP has seen
widespread adoption and as a result it has been gradually extended
to provide limited support for these, notably in the form of the
offer/answer model defined in RFC 3264. SDP does not define how to
negotiate one or more alternative transport protocols (e.g. RTP
profiles) or attributes. This makes it difficult to deploy new RTP
profiles such as secure RTP or RTP with RTCP-based feedback,
negotiate use of different security keying mechanisms, etc. It also
presents problems for some forms of media negotiation.
The purpose of this document is to address these shortcomings by
extending SDP with capability negotiation parameters and associated
offer/answer procedures to use those parameters in a backwards
compatible manner.
The document defines a general SDP Capability Negotiation framework.
It also specifies how to provide attributes and transport protocols
as capabilities and negotiate them using the framework. Extensions
for other types of capabilities (e.g. media types and media formats)
may be provided in other documents.
Table of Contents Table of Contents
1. Introduction...................................................4 1. Introduction ....................................................4
2. Conventions used in this document..............................7 2. Conventions Used in This Document ...............................7
3. SDP Capability Negotiation Solution............................7 3. SDP Capability Negotiation Solution .............................7
3.1. SDP Capability Negotiation Model..........................7 3.1. SDP Capability Negotiation Model ...........................7
3.2. Solution Overview........................................11 3.2. Solution Overview .........................................10
3.3. Version and Extension Indication Attributes..............15 3.3. Version and Extension Indication Attributes ...............14
3.3.1. Supported Capability Negotiation Extensions Attribute15 3.4. Capability Attributes .....................................17
3.3.2. Required Capability Negotiation Extensions Attribute17 3.5. Configuration Attributes ..................................22
3.6. Offer/Answer Model Extensions .............................32
3.4. Capability Attributes....................................19 3.7. Interactions with ICE .....................................45
3.4.1. Attribute Capability Attribute......................19 3.8. Interactions with SIP Option Tags .........................47
3.4.2. Transport Protocol Capability Attribute.............21 3.9. Processing Media before Answer ............................48
3.4.3. Extension Capability Attributes.....................23 3.10. Indicating Bandwidth Usage ...............................49
3.5. Configuration Attributes.................................24 3.11. Dealing with Large Number of Potential Configurations ....50
3.5.1. Potential Configuration Attribute...................24 3.12. SDP Capability Negotiation and Intermediaries ............51
3.5.2. Actual Configuration Attribute......................31 3.13. Considerations for Specific Attribute Capabilities .......52
3.6. Offer/Answer Model Extensions............................33 3.14. Relationship to RFC 3407 .................................54
3.6.1. Generating the Initial Offer........................34 4. Examples .......................................................54
3.6.2. Generating the Answer...............................37 4.1. Multiple Transport Protocols ..............................54
3.6.2.1. Example Views of Potential Configurations......44 4.2. DTLS-SRTP or SRTP with Media-Level Security Descriptions...58
3.6.3. Offerer Processing of the Answer....................46 4.3. Best-Effort SRTP with Session-Level MIKEY and Media-Level
3.6.4. Modifying the Session...............................47 Security Descriptions .....................................61
3.7. Interactions with ICE....................................48 4.4. SRTP with Session-Level MIKEY and Media-Level Security
3.8. Interactions with SIP Option Tags........................49 Descriptions as Alternatives ..............................66
3.9. Processing Media before Answer...........................50 5. Security Considerations ........................................69
3.10. Indicating Bandwidth Usage..............................51 6. IANA Considerations ............................................72
3.11. Dealing with Large Number of Potential Configurations...52 6.1. New SDP Attributes ........................................72
3.12. SDP Capability Negotiation and Intermediaries...........53 6.2. New SDP Capability Negotiation Option Tag Registry ........73
3.13. Considerations for Specific Attribute Capabilities......55 6.3. New SDP Capability Negotiation Potential
3.13.1. The rtpmap and fmtp Attributes.....................55 Configuration Parameter Registry ..........................74
3.13.2. Direction Attributes...............................56 7. Acknowledgments ................................................74
3.14. Relationship to RFC 3407................................56 8. References .....................................................75
4. Examples......................................................57 8.1. Normative References ......................................75
4.1. Multiple Transport Protocols.............................57 8.2. Informative References ....................................75
4.2. DTLS-SRTP or SRTP with Media Level Security Descriptions.60
4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level
Security Descriptions.........................................64
4.4. SRTP with Session-Level MIKEY and Media Level Security
Descriptions as Alternatives..................................68
5. Security Considerations.......................................71
6. IANA Considerations...........................................74
6.1. New SDP Attributes.......................................74
6.2. New SDP Capability Negotiation Option Tag Registry.......76
6.3. New SDP Capability Negotiation Potential Configuration
Parameter Registry............................................76
7. Acknowledgments...............................................77
8. Change Log....................................................77
8.1. draft-ietf-mmusic-sdp-capability-negotiation-13..........77
8.2. draft-ietf-mmusic-sdp-capability-negotiation-12..........77
8.3. draft-ietf-mmusic-sdp-capability-negotiation-11..........78
8.4. draft-ietf-mmusic-sdp-capability-negotiation-10..........79
8.5. draft-ietf-mmusic-sdp-capability-negotiation-09..........79
8.6. draft-ietf-mmusic-sdp-capability-negotiation-08..........79
8.7. draft-ietf-mmusic-sdp-capability-negotiation-07..........80
8.8. draft-ietf-mmusic-sdp-capability-negotiation-06..........80
8.9. draft-ietf-mmusic-sdp-capability-negotiation-05..........82
8.10. draft-ietf-mmusic-sdp-capability-negotiation-04.........83
8.11. draft-ietf-mmusic-sdp-capability-negotiation-03.........83
8.12. draft-ietf-mmusic-sdp-capability-negotiation-02.........84
8.13. draft-ietf-mmusic-sdp-capability-negotiation-01.........84
8.14. draft-ietf-mmusic-sdp-capability-negotiation-00.........85
9. References....................................................86
9.1. Normative References.....................................86
9.2. Informative References...................................86
Author's Address.................................................89
1. Introduction 1. Introduction
The Session Description Protocol (SDP) was intended for describing The Session Description Protocol (SDP) was intended to describe
multimedia sessions for the purposes of session announcement, multimedia sessions for the purposes of session announcement, session
session invitation, and other forms of multimedia session invitation, and other forms of multimedia session initiation. An SDP
initiation. A SDP session description contains one or more media session description contains one or more media stream descriptions
stream descriptions with information such as IP-address and port, with information such as IP address and port, type of media stream
type of media stream (e.g. audio or video), transport protocol (e.g., audio or video), transport protocol (possibly including
(possibly including profile information, e.g. RTP/AVP or RTP/SAVP), profile information, e.g., RTP/AVP or RTP/SAVP), media formats (e.g.,
media formats (e.g. codecs), and various other session and media codecs), and various other session and media stream parameters that
stream parameters that define the session. define the session.
Simply providing media stream descriptions is sufficient for session Simply providing media stream descriptions is sufficient for session
announcements for a broadcast application, where the media stream announcements for a broadcast application, where the media stream
parameters are fixed for all participants. When a participant wants parameters are fixed for all participants. When a participant wants
to join the session, he obtains the session announcement and uses to join the session, he obtains the session announcement and uses the
the media descriptions provided, e.g., joins a multicast group and media descriptions provided, e.g., joins a multicast group and
receives media packets in the encoding format specified. If the receives media packets in the encoding format specified. If the
media stream description is not supported by the participant, he is media stream description is not supported by the participant, he is
unable to receive the media. unable to receive the media.
Such restrictions are not generally acceptable to multimedia session Such restrictions are not generally acceptable to multimedia session
invitations, where two or more entities attempt to establish a media invitations, where two or more entities attempt to establish a media
session, that uses a set of media stream parameters acceptable to session, that uses a set of media stream parameters acceptable to all
all participants. First of all, each entity must inform the other of participants. First of all, each entity must inform the other of its
its receive address, and secondly, the entities need to agree on the receive address, and secondly, the entities need to agree on the
media stream parameters to use for the session, e.g. transport media stream parameters to use for the session, e.g., transport
protocols and codecs. To solve this, RFC 3264 [RFC3264] defined the protocols and codecs. To solve this, RFC 3264 [RFC3264] defined the
offer/answer model, whereby an offerer constructs an offer SDP offer/answer model, whereby an offerer constructs an offer SDP
session description that lists the media streams, codecs, and other session description that lists the media streams, codecs, and other
SDP parameters that the offerer is willing to use. This offer SDP parameters that the offerer is willing to use. This offer
session description is sent to the answerer, which chooses from session description is sent to the answerer, which chooses from among
among the media streams, codecs and other session description the media streams, codecs and other session description parameters
parameters provided, and generates an answer session description provided, and generates an answer session description with his
with his parameters, based on that choice. The answer session parameters, based on that choice. The answer session description is
description is sent back to the offerer thereby completing the sent back to the offerer thereby completing the session negotiation
session negotiation and enabling the establishment of the negotiated and enabling the establishment of the negotiated media streams.
media streams.
Taking a step back, we can make a distinction between the Taking a step back, we can make a distinction between the
capabilities supported by each participant, the way in which those capabilities supported by each participant, the way in which those
capabilities can be supported, and the parameters that can actually capabilities can be supported, and the parameters that can actually
be used for the session. More generally, we can say that we have the be used for the session. More generally, we can say that we have the
following: following:
o A set of capabilities for the session and its associated media o A set of capabilities for the session and its associated media
stream components, supported by each side. The capability stream components, supported by each side. The capability
indications by themselves do not imply a commitment to use the indications by themselves do not imply a commitment to use the
capabilities in the session. capabilities in the session.
Capabilities can for example be that the "RTP/SAVP" profile is Capabilities can, for example, be that the "RTP/SAVP" profile is
supported, that the "PCMU" codec is supported, or that the supported, that the "PCMU" (Pulse Code Modulation mu-law) codec is
"crypto" attribute is supported with a particular value. supported, or that the "crypto" attribute is supported with a
particular value.
o A set of potential configurations indicating which combinations o A set of potential configurations indicating which combinations of
of those capabilities can be used for the session and its those capabilities can be used for the session and its associated
associated media stream components. Potential configurations are media stream components. Potential configurations are not ready
not ready for use. Instead, they provide an alternative that may for use. Instead, they provide an alternative that may be used,
be used, subject to further negotiation. subject to further negotiation.
A potential configuration can for example indicate that the A potential configuration can, for example, indicate that the
"PCMU" codec and the "RTP/SAVP" transport protocol are not only "PCMU" codec and the "RTP/SAVP" transport protocol are not only
supported (i.e. listed as capabilities), but they are offered for supported (i.e., listed as capabilities), but they are offered for
potential use in the session. potential use in the session.
o An actual configuration for the session and its associated media o An actual configuration for the session and its associated media
stream components, that specifies which combinations of session stream components, that specifies which combinations of session
parameters and media stream components can be used currently and parameters and media stream components can be used currently and
with what parameters. Use of an actual configuration does not with what parameters. Use of an actual configuration does not
require any further negotiation. require any further negotiation.
An actual configuration can for example be that the "PCMU" codec An actual configuration can, for example, be that the "PCMU" codec
and the "RTP/SAVP" transport protocol are offered for use and the "RTP/SAVP" transport protocol are offered for use
currently. currently.
o A negotiation process that takes the set of actual and potential o A negotiation process that takes the set of actual and potential
configurations (combinations of capabilities) as input and configurations (combinations of capabilities) as input and
provides the negotiated actual configurations as output. provides the negotiated actual configurations as output.
SDP by itself was designed to provide only one of these, namely SDP by itself was designed to provide only one of these, namely
listing of the actual configurations, however over the years, use of listing of the actual configurations; however, over the years, use of
SDP has been extended beyond its original scope. Of particular SDP has been extended beyond its original scope. Of particular
importance are the session negotiation semantics that were defined importance are the session negotiation semantics that were defined by
by the offer/answer model in RFC 3264. In this model, both the offer the offer/answer model in RFC 3264. In this model, both the offer
and the answer contain actual configurations; separate capabilities and the answer contain actual configurations; separate capabilities
and potential configurations are not supported. and potential configurations are not supported.
Other relevant extensions have been defined as well. RFC 3407 Other relevant extensions have been defined as well. RFC 3407
[RFC3407] defined simple capability declarations, which extends SDP [RFC3407] defined simple capability declarations, which extends SDP
with a simple and limited set of capability descriptions. Grouping with a simple and limited set of capability descriptions. Grouping
of media lines, which defines how media lines in SDP can have other of media lines, which defines how media lines in SDP can have other
semantics than the traditional "simultaneous media streams" semantics than the traditional "simultaneous media streams"
semantics, was defined in RFC 3388 [RFC3388], etc. semantics, was defined in RFC 5888 [RFC5888], etc.
Each of these extensions was designed to solve a specific limitation Each of these extensions was designed to solve a specific limitation
of SDP. Since SDP had already been stretched beyond its original of SDP. Since SDP had already been stretched beyond its original
intent, a more comprehensive capability declaration and negotiation intent, a more comprehensive capability declaration and negotiation
process was intentionally not defined. Instead, work on a "next process was intentionally not defined. Instead, work on a "next
generation" of a protocol to provide session description and generation" of a protocol to provide session description and
capability negotiation was initiated [SDPng]. SDPng defined a capability negotiation was initiated [SDPng]. SDPng defined a
comprehensive capability negotiation framework and protocol that was comprehensive capability negotiation framework and protocol that was
not bound by existing SDP constraints. SDPng was not designed to be not bound by existing SDP constraints. SDPng was not designed to be
backwards compatible with existing SDP and hence required both sides backwards compatible with existing SDP and hence required both sides
to support it, with a graceful fallback to legacy operation when to support it, with a graceful fallback to legacy operation when
needed. This, combined with lack of ubiquitous multipart MIME needed. This, combined with lack of ubiquitous multipart MIME
support in the protocols that would carry SDP or SDPng, made it support in the protocols that would carry SDP or SDPng, made it
challenging to migrate towards SDPng. In practice, SDPng has not challenging to migrate towards SDPng. In practice, SDPng has not
gained traction and as of the time of publication of this document, gained traction and, as of the time of publication of this document,
work on SDPng has stopped. Existing real-time multimedia work on SDPng has stopped. Existing real-time multimedia
communication protocols such as SIP, RTSP, Megaco, and MGCP continue communication protocols such as SIP, Real Time Streaming Protocol
to use SDP. However, SDP does not address an increasingly important (RTSP), Megaco, and Media Gateway Control Protocol (MGCP) continue to
use SDP. However, SDP does not address an increasingly important
problem: the ability to negotiate one or more alternative transport problem: the ability to negotiate one or more alternative transport
protocols (e.g., RTP profiles) and associated parameters (e.g. SDP protocols (e.g., RTP profiles) and associated parameters (e.g., SDP
attributes). This makes it difficult to deploy new RTP profiles attributes). This makes it difficult to deploy new RTP profiles such
such as secure RTP (SRTP) [RFC3711], RTP with RTCP-Based Feedback as Secure RTP (SRTP) [RFC3711], RTP with RTCP-based feedback
[RFC4585], etc. The problem is exacerbated by the fact that RTP [RFC4585], etc. The problem is exacerbated by the fact that RTP
profiles are defined independently. When a new profile is defined profiles are defined independently. When a new profile is defined
and N other profiles already exist, there is a potential need for and N other profiles already exist, there is a potential need for
defining N additional profiles, since profiles cannot be combined defining N additional profiles, since profiles cannot be combined
automatically. For example, in order to support the plain and automatically. For example, in order to support the plain and Secure
secure RTP version of RTP with and without RTCP-based feedback, four RTP version of RTP with and without RTCP-based feedback, four
separate profiles (and hence profile definitions) are needed: separate profiles (and hence profile definitions) are needed: RTP/AVP
RTP/AVP [RFC3551], RTP/SAVP [RFC3711], RTP/AVPF [RFC4585], and [RFC3551], RTP/SAVP [RFC3711], RTP/AVPF [RFC4585], and RTP/SAVPF
RTP/SAVPF [RFC5124]. In addition to the pressing profile [RFC5124]. In addition to the pressing profile negotiation problem,
negotiation problem, other important real-life limitations have been other important real-life limitations have been found as well.
found as well. Keying material and other parameters for example need Keying material and other parameters, for example, need to be
to be negotiated with some of the transport protocols, but not negotiated with some of the transport protocols, but not others.
others. Similarly, some media formats and types of media streams Similarly, some media formats and types of media streams need to
need to negotiate a variety of different parameters. negotiate a variety of different parameters.
The purpose of this document is to define a mechanism that enables The purpose of this document is to define a mechanism that enables
SDP to provide limited support for indicating capabilities and their SDP to provide limited support for indicating capabilities and their
associated potential configurations, and negotiate the use of those associated potential configurations, and negotiate the use of those
potential configurations as actual configurations. It is not the potential configurations as actual configurations. It is not the
intent to provide a full-fledged capability indication and intent to provide a full-fledged capability indication and
negotiation mechanism along the lines of SDPng or ITU-T H.245. negotiation mechanism along the lines of SDPng or ITU-T H.245.
Instead, the focus is on addressing a set of well-known real-life Instead, the focus is on addressing a set of well-known real-life
limitations. More specifically, the solution provided in this limitations. More specifically, the solution provided in this
document provides a general SDP Capability Negotiation framework document provides a general SDP Capability Negotiation framework that
that is backwards compatible with existing SDP. It also defines is backwards compatible with existing SDP. It also defines
specifically how to provide attributes and transport protocols as specifically how to provide attributes and transport protocols as
capabilities and negotiate them using the framework. Extensions for capabilities and negotiate them using the framework. Extensions for
other types of capabilities (e.g. media types and formats) may be other types of capabilities (e.g., media types and formats) may be
provided in other documents. provided in other documents.
As mentioned above, SDP is used by several protocols, and hence the As mentioned above, SDP is used by several protocols, and hence the
mechanism should be usable by all of these. One particularly mechanism should be usable by all of these. One particularly
important protocol for this problem is the Session Initiation important protocol for this problem is the Session Initiation
Protocol (SIP) [RFC3261]. SIP uses the offer/answer model [RFC3264] Protocol (SIP) [RFC3261]. SIP uses the offer/answer model [RFC3264]
(which is not specific to SIP) to negotiate sessions and hence the (which is not specific to SIP) to negotiate sessions and hence the
mechanism defined here provides the offer/answer procedures to use mechanism defined here provides the offer/answer procedures to use
for the capability negotiation framework. for the capability negotiation framework.
The rest of the document is structured as follows. In Section 3. we The rest of the document is structured as follows. In Section 3, we
present the SDP Capability Negotiation solution, which consists of present the SDP Capability Negotiation solution, which consists of
new SDP attributes and associated offer/answer procedures. In new SDP attributes and associated offer/answer procedures. In
Section 4. we provide examples illustrating its use and in Section Section 4, we provide examples illustrating its use. In Section 5,
5. we provide the security considerations. we provide the security considerations.
2. Conventions used in this document 2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. SDP Capability Negotiation Solution 3. SDP Capability Negotiation Solution
In this section we first present the conceptual model behind the SDP In this section, we first present the conceptual model behind the SDP
capability negotiation framework followed by an overview of the SDP Capability Negotiation framework followed by an overview of the SDP
Capability Negotiation solution. We then define new SDP attributes Capability Negotiation solution. We then define new SDP attributes
for the solution and provide its associated updated offer/answer for the solution and provide its associated updated offer/answer
procedures. procedures.
3.1. SDP Capability Negotiation Model 3.1. SDP Capability Negotiation Model
Our model uses the concepts of Our model uses the concepts of
o Capabilities o Capabilities
o Potential Configurations o Potential Configurations
o Actual Configurations o Actual Configurations
o Negotiation Process o Negotiation Process
as defined in Section 1. Conceptually, we want to offer not just the as defined in Section 1. Conceptually, we want to offer not just the
actual configuration SDP session description (which is done with the actual configuration SDP session description (which is done with the
offer/answer model defined in [RFC3264]), but the actual offer/answer model defined in [RFC3264]), but the actual
configuration SDP session description as well as one or more configuration SDP session description as well as one or more
alternative SDP session descriptions, i.e. potential configurations. alternative SDP session descriptions, i.e., potential configurations.
The answerer must choose either the actual configuration, or one of The answerer must choose either the actual configuration or one of
the potential configurations, and generate an answer SDP session the potential configurations, and generate an answer SDP session
description based on that. The offerer may need to perform description based on that. The offerer may need to perform
processing on the answer, which depends on the offer that was chosen processing on the answer, which depends on the offer that was chosen
(actual or potential configuration). The answerer therefore informs (actual or potential configuration). The answerer therefore informs
the offerer which configuration the answerer chose. The process can the offerer which configuration the answerer chose. The process can
be viewed *conceptually* as follows: be viewed *conceptually* as follows:
Offerer Answerer Offerer Answerer
======= ======== ======= ========
1) Generate offer with actual 1) Generate offer with actual
configuration and alternative configuration and alternative
potential configurations potential configurations
2) Send offer with all configurations 2) Send offer with all configurations
+------------+ +------------+
| SDP o1 | | SDP o1 |
| (actual | | (actual |
| config | | config |
| |-+ Offer | |-+ Offer
+------------+ | -----> 3) Process offered configurations +------------+ | -----> 3) Process offered configurations
| SDP o2 | in order of preference indicated | SDP o2 | in order of preference indicated
| (potential | 4) Generate answer based on chosen | (potential | 4) Generate answer based on chosen
| config 1) |-+ configuration (e.g. o2), and | config 1) |-+ configuration (e.g., o2), and
+------------+ | inform offerer which one was +------------+ | inform offerer which one was
| SDP o3 | chosen | SDP o3 | chosen
| (potential | | (potential |
| config 2) |-+ | config 2) |-+
+------------+ | +------------+ |
| SDP ... | | SDP ... |
: : : :
+------------+ +------------+
| SDP a1 | | SDP a1 |
Answer | (actual | Answer | (actual |
<----- | config,o2)| <----- | config,o2)|
| | | |
5) Process answer based on +------------+ 5) Process answer based on +------------+
the configuration that was the configuration that was
chosen (o2), as indicated in chosen (o2), as indicated in
the answer the answer
The above illustrates the conceptual model: The actual solution uses The above illustrates the conceptual model: the actual solution uses
a single SDP session description, which contains the actual a single SDP session description, which contains the actual
configuration (as with existing SDP session descriptions and the configuration (as with existing SDP session descriptions and the
offer/answer model defined in [RFC3264]) and several new attributes offer/answer model defined in [RFC3264]) and several new attributes
and associated procedures, that encode the capabilities and and associated procedures, that encode the capabilities and potential
potential configurations. A more accurate depiction of the actual configurations. A more accurate depiction of the actual offer SDP
offer SDP session description is therefore as follows: session description is therefore as follows:
+--------------------+ +--------------------+
| SDP o1 | | SDP o1 |
| (actual | | (actual |
| config | | config |
| | | |
| +-------------+ | | +-------------+ |
| | capability 1| | | | capability 1| |
| | capability 2| | | | capability 2| |
| | ... | | | | ... | |
skipping to change at page 10, line 29 skipping to change at page 9, line 29
| | potential | | | | potential | |
| | config 2 | | | | config 2 | |
| | ... | | | | ... | |
| +-------------+ | | +-------------+ |
| | | |
+--------------------+ +--------------------+
The above structure is used for two reasons: The above structure is used for two reasons:
o Backwards compatibility: As noted above, support for multipart o Backwards compatibility: As noted above, support for multipart
MIME is not ubiquitous. By encoding both capabilities and MIME is not ubiquitous. By encoding both capabilities and
potential configurations in SDP attributes, we can represent potential configurations in SDP attributes, we can represent
everything in a single SDP session description thereby avoiding everything in a single SDP session description thereby avoiding
any multipart MIME support issues. Furthermore, since unknown SDP any multipart MIME support issues. Furthermore, since unknown SDP
attributes are ignored by the SDP recipient, we ensure that attributes are ignored by the SDP recipient, we ensure that
entities that do not support the framework simply perform the entities that do not support the framework simply perform the
regular RFC 3264 offer/answer procedures. This provides us with regular RFC 3264 offer/answer procedures. This provides us with
seamless backwards compatibility. seamless backwards compatibility.
o Message size efficiency: When we have multiple media streams, o Message size efficiency: When we have multiple media streams,
each of which may potentially use two or more different transport each of which may potentially use two or more different transport
protocols with a variety of different associated parameters, the protocols with a variety of different associated parameters, the
number of potential configurations can be large. If each possible number of potential configurations can be large. If each possible
alternative is represented as a complete SDP session description alternative is represented as a complete SDP session description
in an offer, we can easily end up with large messages. By in an offer, we can easily end up with large messages. By
providing a more compact encoding, we get more efficient message providing a more compact encoding, we get more efficient message
sizes. sizes.
In the next section, we describe the exact structure and specific In the next section, we describe the exact structure and specific SDP
SDP parameters used to represent this. parameters used to represent this.
3.2. Solution Overview 3.2. Solution Overview
The solution consists of the following: The solution consists of the following:
o Two new SDP attributes to support extensions to the framework o Two new SDP attributes to support extensions to the framework
itself as follows: itself as follows:
o A new attribute ("a=csup") that lists the supported base o A new attribute ("a=csup") that lists the supported base
(optionally) and any supported extension options to the (optionally) and any supported extension options to the
framework. framework.
o A new attribute ("a=creq") that lists the extensions to the o A new attribute ("a=creq") that lists the extensions to the
framework that are required to be supported by the entity framework that are required to be supported by the entity
receiving the SDP session description in order to do receiving the SDP session description in order to do capability
capability negotiation. negotiation.
o Two new SDP attributes used to express capabilities as follows o Two new SDP attributes used to express capabilities as follows
(additional attributes can be defined as extensions): (additional attributes can be defined as extensions):
o A new attribute ("a=acap") that defines how to list an o A new attribute ("a=acap") that defines how to list an
attribute name and its associated value (if any) as a attribute name and its associated value (if any) as a
capability. capability.
o A new attribute ("a=tcap") that defines how to list transport o A new attribute ("a=tcap") that defines how to list transport
protocols (e.g. "RTP/AVP") as capabilities. protocols (e.g., "RTP/AVP") as capabilities.
o Two new SDP attributes to negotiate configurations as follows: o Two new SDP attributes to negotiate configurations as follows:
o A new attribute ("a=pcfg") that lists potential o A new attribute ("a=pcfg") that lists potential configurations
configurations supported. This is done by reference to the supported. This is done by reference to the capabilities from
capabilities from the SDP session description in question. the SDP session description in question. Extension
Extension capabilities can be defined and referenced in the capabilities can be defined and referenced in the potential
potential configurations. Alternative potential configurations. Alternative potential configurations have an
configurations have an explicit ordering associated with explicit ordering associated with them. Also, potential
them. Also, potential configurations are by default preferred configurations are by default preferred over the actual
over the actual configuration included in the "m=" line and configuration included in the "m=" line and its associated
its associated parameters. parameters.
This preference order was chosen to provide maximum This preference order was chosen to provide maximum backwards
backwards compatibility for the capability negotiation compatibility for the capability negotiation framework and the
framework and the possible values offered for a session. possible values offered for a session. For example, an entity
For example, an entity that wants to establish a secure that wants to establish a Secure RTP media stream but is
RTP media stream but is willing to accept a plain RTP willing to accept a plain RTP media stream (assumed to be the
media stream (assumed to be the least common denominator least common denominator for most endpoints), can offer plain
for most endpoints), can offer plain RTP in the actual RTP in the actual configuration and use the capability
configuration and use the capability negotiation negotiation extensions to indicate the preference for Secure
extensions to indicate the preference for secure RTP. RTP. Entities that do not support the capability negotiation
Entities that do not support the capability negotiation extensions or Secure RTP will then default to plain RTP.
extensions or secure RTP will then default to plain RTP.
o A new attribute ("a=acfg") to be used in an answer SDP o A new attribute ("a=acfg") to be used in an answer SDP session
session description. The attribute identifies a potential description. The attribute identifies a potential
configuration from an offer SDP session description which was configuration from an offer SDP session description that was
used as an actual configuration to form the answer SDP used as an actual configuration to form the answer SDP session
session description. Extension capabilities can be included description. Extension capabilities can be included as well.
as well.
o Extensions to the offer/answer model that allow for capabilities o Extensions to the offer/answer model that allow for capabilities
and potential configurations to be included in an offer. and potential configurations to be included in an offer.
Capabilities can be provided at the session level and the media Capabilities can be provided at the session level and the media
level. Potential configurations can be included only at the media level. Potential configurations can be included only at the media
level, where they constitute alternative offers that may be level, where they constitute alternative offers that may be
accepted by the answerer instead of the actual configuration(s) accepted by the answerer instead of the actual configuration(s)
included in the "m=" line(s) and associated parameters. The included in the "m=" line(s) and associated parameters. The
mechanisms defined in this document enable potential mechanisms defined in this document enable potential
configurations to change the transport protocol, add new configurations to change the transport protocol, add new
attributes as well as remove all existing attributes from the attributes, as well as remove all existing attributes from the
actual configuration. The answerer indicates which (if any) of actual configuration. The answerer indicates which (if any) of
the potential configurations it used to form the answer by the potential configurations it used to form the answer by
including the actual configuration attribute ("a=acfg") in the including the actual configuration attribute ("a=acfg") in the
answer. Capabilities may be included in answers as well, where answer. Capabilities may be included in answers as well, where
they can aid in guiding a subsequent new offer. they can aid in guiding a subsequent new offer.
The mechanism is illustrated by the offer/answer exchange below, The mechanism is illustrated by the offer/answer exchange below,
where Alice sends an offer to Bob: where Alice sends an offer to Bob:
Alice Bob Alice Bob
skipping to change at page 13, line 20 skipping to change at page 12, line 5
| (2) Answer (SRTP) | | (2) Answer (SRTP) |
|<---------------------------------| |<---------------------------------|
| | | |
| (3) Offer (SRTP) | | (3) Offer (SRTP) |
|--------------------------------->| |--------------------------------->|
| | | |
| (4) Answer (SRTP) | | (4) Answer (SRTP) |
|<---------------------------------| |<---------------------------------|
| | | |
Alice's offer includes RTP and SRTP as alternatives, where RTP is Alice's offer includes RTP and SRTP as alternatives, where RTP is the
the default (actual configuration), but SRTP is the preferred one default (actual configuration), but SRTP is the preferred one
(potential configuration): (potential configuration):
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVP 0 18 m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVP a=tcap:1 RTP/SAVP
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
a=pcfg:1 t=1 a=1 a=pcfg:1 t=1 a=1
The "m=" line indicates that Alice is offering to use plain RTP with The "m=" line indicates that Alice is offering to use plain RTP with
PCMU or G.729. The capabilities are provided by the "a=tcap" and PCMU or G.729. The capabilities are provided by the "a=tcap" and
"a=acap" attributes. The transport capability attribute ("a=tcap") "a=acap" attributes. The transport capability attribute ("a=tcap")
indicates that secure RTP under the AVP profile ("RTP/SAVP") is indicates that Secure RTP under the AVP profile ("RTP/SAVP") is
supported with an associated transport capability handle of 1. The supported with an associated transport capability handle of 1. The
"acap" attribute provides an attribute capability with a handle of "acap" attribute provides an attribute capability with a handle of 1.
1. The attribute capability is a "crypto" attribute, which provides The attribute capability is a "crypto" attribute, which provides the
the keying material for SRTP using SDP security descriptions keying material for SRTP using SDP security descriptions [RFC4568].
[RFC4568]. The "a=pcfg" attribute provides the potential The "a=pcfg" attribute provides the potential configuration included
configuration included in the offer by reference to the capability in the offer by reference to the capability parameters. One
parameters. One alternative is provided; it has a configuration alternative is provided; it has a configuration number of 1 and it
number of 1 and it consists of transport protocol capability 1 consists of transport protocol capability 1 (i.e., the RTP/SAVP
(i.e., the RTP/SAVP profile - secure RTP), and the attribute profile -- Secure RTP), and the attribute capability 1 (i.e., the
capability 1 (i.e., the crypto attribute provided). Potential "crypto" attribute provided). Potential configurations are preferred
configurations are preferred over the actual configuration included over the actual configuration included in the offer SDP session
in the offer SDP session description, and hence Alice is expressing description, and hence Alice is expressing a preference for using
a preference for using secure RTP. Secure RTP.
Bob receives the SDP session description offer from Alice. Bob Bob receives the SDP session description offer from Alice. Bob
supports SRTP and the SDP Capability Negotiation framework, and supports SRTP and the SDP Capability Negotiation framework, and hence
hence he accepts the (preferred) potential configuration for Secure he accepts the (preferred) potential configuration for Secure RTP
RTP provided by Alice and generates the following answer SDP session provided by Alice and generates the following answer SDP session
description: description:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/SAVP 0 18 m=audio 54568 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4
a=acfg:1 t=1 a=1 a=acfg:1 t=1 a=1
Bob includes the "a=acfg" attribute in the answer to inform Alice Bob includes the "a=acfg" attribute in the answer to inform Alice
that he based his answer on an offer using potential configuration 1 that he based his answer on an offer using potential configuration 1
with transport protocol capability 1 and attribute capability 1 from with transport protocol capability 1 and attribute capability 1 from
the offer SDP session description (i.e., the RTP/SAVP profile using the offer SDP session description (i.e., the RTP/SAVP profile using
the keying material provided). Bob also includes his keying the keying material provided). Bob also includes his keying material
material in a "crypto" attribute. If Bob supported one or more in a "crypto" attribute. If Bob supported one or more extensions to
extensions to the capability negotiation framework, he would have the Capability Negotiation framework, he would have included option
included option tags for those in the answer as well (in an "a=csup" tags for those in the answer as well (in an "a=csup" attribute).
attribute).
When Alice receives Bob's answer, session negotiation has completed, When Alice receives Bob's answer, session negotiation has completed;
however Alice nevertheless generates a new offer using the however, Alice nevertheless generates a new offer using the
negotiated configuration as the actual configuration. This is done negotiated configuration as the actual configuration. This is done
purely to assist any intermediaries that may reside between Alice purely to assist any intermediaries that may reside between Alice and
and Bob but do not support the SDP Capability Negotiation framework, Bob but do not support the SDP Capability Negotiation framework, and
and hence may not understand the negotiation that just took place. hence may not understand the negotiation that just took place.
Alice's updated offer includes only SRTP, and it is not using the Alice's updated offer includes only SRTP, and it is not using the SDP
SDP Capability Negotiation framework (Alice could have included the Capability Negotiation framework (Alice could have included the
capabilities as well if she wanted to): capabilities as well if she wanted):
v=0 v=0
o=- 25678 753850 IN IP4 192.0.2.1 o=- 25678 753850 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/SAVP 0 18 m=audio 53456 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
The "m=" line now indicates that Alice is offering to use secure RTP The "m=" line now indicates that Alice is offering to use Secure RTP
with PCMU or G.729. The "crypto" attribute, which provides the SRTP with PCMU or G.729. The "crypto" attribute, which provides the SRTP
keying material, is included with the same value again. keying material, is included with the same value again.
Bob receives the SDP session description offer from Alice, which he Bob receives the SDP session description offer from Alice, which he
accepts, and then generates an answer to Alice: accepts, and then generates an answer to Alice:
v=0 v=0
o=- 24351 621815 IN IP4 192.0.2.2 o=- 24351 621815 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/SAVP 0 18 m=audio 54568 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4 inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4
Bob includes the same crypto attribute as before, and the session Bob includes the same "crypto" attribute as before, and the session
proceeds without change. Although Bob did not include any proceeds without change. Although Bob did not include any
capabilities in his answer, he could have done so if he wanted to. capabilities in his answer, he could have done so if he wanted.
Note that in this particular example, the answerer supported the Note that in this particular example, the answerer supported the
capability negotiation extensions defined here. Had he not, he would capability negotiation extensions defined here. Had he not, he would
simply have ignored the new attributes and accepted the (actual simply have ignored the new attributes and accepted the (actual
configuration) offer to use normal RTP. In that case, the following configuration) offer to use normal RTP. In that case, the following
answer would have been generated instead: answer would have been generated instead:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/AVP 0 18 m=audio 54568 RTP/AVP 0 18
3.3. Version and Extension Indication Attributes 3.3. Version and Extension Indication Attributes
In this section, we present the new attributes associated with In this section, we present the new attributes associated with
indicating the SDP Capability Negotiation extensions supported and indicating the SDP Capability Negotiation extensions supported and
required. required.
3.3.1. Supported Capability Negotiation Extensions Attribute 3.3.1. Supported Capability Negotiation Extensions Attribute
The SDP Capability Negotiation solution allows for capability The SDP Capability Negotiation solution allows for capability
negotiation extensions to be defined. Associated with each such negotiation extensions to be defined. Associated with each such
extension is an option tag that identifies the extension in extension is an option tag that identifies the extension in question.
question. Option-tags MUST be registered with IANA per the Option tags MUST be registered with IANA per the procedures defined
procedures defined in Section 6.2. in Section 6.2.
The Supported Capability Negotiation Extensions attribute ("a=csup") The Supported Capability Negotiation Extensions attribute ("a=csup")
contains a comma-separated list of option tags identifying the SDP contains a comma-separated list of option tags identifying the SDP
Capability Negotiation extensions supported by the entity that Capability Negotiation extensions supported by the entity that
generated the SDP session description. The attribute can be provided generated the SDP session description. The attribute can be provided
at the session-level and the media-level, and it is defined as at the session level and the media level, and it is defined as
follows: follows:
a=csup: <option-tag-list> a=csup: <option-tag-list>
RFC 4566, Section 9, provides the ABNF [RFC5234] for SDP attributes. RFC 4566, Section 9, provides the ABNF [RFC5234] for SDP attributes.
The "csup" attribute adheres to the RFC 4566 "attribute" production, The "csup" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = option-tag-list att-value = option-tag-list
option-tag-list = option-tag *("," option-tag) option-tag-list = option-tag *("," option-tag)
option-tag = token ; defined in [RFC4566] option-tag = token ; defined in [RFC4566]
A special base option tag with a value of "cap-v0" is defined for A special base option tag with a value of "cap-v0" is defined for the
the basic SDP Capability Negotiation framework defined in this basic SDP Capability Negotiation framework defined in this document.
document. Entities can use this option tag with the "a=csup" Entities can use this option tag with the "a=csup" attribute to
attribute to indicate support for the SDP Capability Negotiation indicate support for the SDP Capability Negotiation framework
framework specified in this document. Please note that white space specified in this document. Please note that white space is not
is not allowed in this rule. allowed in this rule.
The following examples illustrate use of the "a=csup" attribute with The following examples illustrate use of the "a=csup" attribute with
the "cap-v0" option tag and two hypothetical option tags, "foo" and the "cap-v0" option tag and two hypothetical option tags, "foo" and
"bar" (note the lack of white space): "bar" (note the lack of white space):
a=csup:cap-v0 a=csup:cap-v0
a=csup:foo a=csup:foo
a=csup:bar a=csup:bar
a=csup:cap-v0,foo,bar a=csup:cap-v0,foo,bar
The "a=csup" attribute can be provided at the session and the media- The "a=csup" attribute can be provided at the session and the media
level. When provided at the session-level, it applies to the entire level. When provided at the session level, it applies to the entire
SDP session description. When provided at the media-level, it SDP session description. When provided at the media level, it
applies only to the media description in question (option-tags applies only to the media description in question (option tags
provided at the session level apply as well). There MUST NOT be more provided at the session level apply as well). There MUST NOT be more
than one "a=csup" attribute at the session-level and one at the than one "a=csup" attribute at the session level and one at the media
media-level (one per media description in the latter case). level (one per media description in the latter case).
Whenever an entity that supports one or more extensions to the SDP Whenever an entity that supports one or more extensions to the SDP
Capability Negotiation framework generates an SDP session Capability Negotiation framework generates an SDP session
description, it SHOULD include the "a=csup" attribute with the description, it SHOULD include the "a=csup" attribute with the option
option tags for the extensions it supports at the session and/or tags for the extensions it supports at the session and/or media
media-level, unless those option tags are already provided in one or level, unless those option tags are already provided in one or more
more "a=creq" attribute (see Section 3.3.2. ) at the relevant "a=creq" attribute (see Section 3.3.2) at the relevant levels.
levels. Inclusion of the base option tag is OPTIONAL; support for Inclusion of the base option tag is OPTIONAL; support for the base
the base framework can be inferred from presence of the "a=pcfg" framework can be inferred from presence of the "a=pcfg" attribute
attribute defined in Section 3.5.1. defined in Section 3.5.1.
Use of the base option tag may still be useful in some scenarios, Use of the base option tag may still be useful in some scenarios,
e.g. when using SIP OPTIONS [RFC3261] or generating an answer to e.g., when using SIP OPTIONS [RFC3261] or generating an answer to an
an offer that did not use the SDP Capability Negotiation offer that did not use the SDP Capability Negotiation framework.
framework.
3.3.2. Required Capability Negotiation Extensions Attribute 3.3.2. Required Capability Negotiation Extensions Attribute
The Required Capability Negotiation Extensions attribute ("a=creq") The Required Capability Negotiation Extensions attribute ("a=creq")
contains a comma-separated list of option tags (see Section 3.3.1. ) contains a comma-separated list of option tags (see Section 3.3.1)
specifying the SDP Capability Negotiation extensions that MUST be specifying the SDP Capability Negotiation extensions that MUST be
supported by the entity receiving the SDP session description, in supported by the entity receiving the SDP session description, in
order for that entity to properly process the SDP Capability order for that entity to properly process the SDP Capability
Negotiation attributes and associated procedures. There is no need Negotiation attributes and associated procedures. There is no need
to include the base option-tag ("cap-v0") with the "creq" attribute, to include the base option tag ("cap-v0") with the "creq" attribute,
since any entity that supports the "creq" attribute in the first since any entity that supports the "creq" attribute in the first
place also supports the base option-tag. Still, it is permissible to place also supports the base option tag. Still, it is permissible to
do so. do so.
Such functionality may be important if a future version of the Such functionality may be important if a future version of the
capability negotiation framework were not backwards compatible. Capability Negotiation framework were not backwards compatible.
The attribute can be provided at the session-level and the media- The attribute can be provided at the session level and the media
level, and it is defined as follows: level, and it is defined as follows:
a=creq: <option-tag-list> a=creq: <option-tag-list>
The "creq" attribute adheres to the RFC 4566 "attribute" production, The "creq" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = option-tag-list att-value = option-tag-list
The following examples illustrate use of the "a=creq" attribute with The following examples illustrate use of the "a=creq" attribute with
the "cap-v0" base option tag and two hypothetical option tags, "foo" the "cap-v0" base option tag and two hypothetical option tags, "foo"
and "bar" (note the lack of white space): and "bar" (note the lack of white space):
a=creq:cap-v0 a=creq:cap-v0
a=creq:foo a=creq:foo
a=creq:bar a=creq:bar
a=creq:cap-v0,foo,bar a=creq:cap-v0,foo,bar
The "a=creq" attribute can be provided at the session and the media- The "a=creq" attribute can be provided at the session and the media
level. When provided at the session-level, it applies to the entire level. When provided at the session level, it applies to the entire
SDP session description. When provided at the media-level, it SDP session description. When provided at the media level, it
applies only to the media description in question (required option applies only to the media description in question (required option
tags provided at the session level apply as well). There MUST NOT be tags provided at the session level apply as well). There MUST NOT be
more than one "a=creq" attribute at the session-level and one more than one "a=creq" attribute at the session level and one
"a=creq" attribute at the media-level (one per media description in "a=creq" attribute at the media level (one per media description in
the latter case). the latter case).
When an entity generates an SDP session description and it requires When an entity generates an SDP session description and it requires
the recipient of that SDP session description to support one or more the recipient of that SDP session description to support one or more
SDP Capability Negotiation extensions (except for the base) at the SDP Capability Negotiation extensions (except for the base) at the
session or media level in order to properly process the SDP session or media level in order to properly process the SDP
Capability Negotiation, the "a=creq" attribute MUST be included with Capability Negotiation, the "a=creq" attribute MUST be included with
option-tags that identify the required extensions at the session option tags that identify the required extensions at the session
and/or media level. If support for an extension is needed only in and/or media level. If support for an extension is needed only in
one or more specific potential configurations, the potential one or more specific potential configurations, the potential
configuration provides a way to indicate that instead (see Section configuration provides a way to indicate that instead (see Section
3.5.1. ). Support for the basic negotiation framework is implied by 3.5.1). Support for the basic negotiation framework is implied by
the presence of an "a=pcfg" attribute (see Section 3.5.1. ) and the presence of an "a=pcfg" attribute (see Section 3.5.1) and hence
hence it is not required to include the "a=creq" attribute with the it is not required to include the "a=creq" attribute with the base
base option-tag ("cap-v0"). option tag ("cap-v0").
A recipient that receives an SDP session description and does not A recipient that receives an SDP session description and does not
support one or more of the required extensions listed in a "creq" support one or more of the required extensions listed in a "creq"
attribute MUST NOT perform the SDP Capability Negotiation defined in attribute MUST NOT perform the SDP Capability Negotiation defined in
this document; instead the recipient MUST proceed as if the SDP this document; instead the recipient MUST proceed as if the SDP
Capability Negotiation attributes were not included in the first Capability Negotiation attributes were not included in the first
place, i.e. the capability negotiation attributes are ignored. In place, i.e., the capability negotiation attributes are ignored. In
that case, if the SDP session description recipient is an SDP that case, if the SDP session description recipient is an SDP
answerer [RFC3264], the recipient SHOULD include a "csup" attribute answerer [RFC3264], the recipient SHOULD include a "csup" attribute
in the resulting SDP session description answer listing the SDP in the resulting SDP session description answer listing the SDP
Capability Negotiation extensions it actually supports. Capability Negotiation extensions it actually supports.
This ensures that introduction of the SDP Capability Negotiation This ensures that introduction of the SDP Capability Negotiation
mechanism by itself does not lead to session failures mechanism by itself does not lead to session failures
For non-supported extensions provided at the session-level, this For non-supported extensions provided at the session level, this
implies that SDP Capability Negotiation MUST NOT be performed at implies that SDP Capability Negotiation MUST NOT be performed at all.
all. For non-supported extensions at the media-level, this implies For non-supported extensions at the media level, this implies that
that SDP Capability Negotiation MUST NOT be performed for the media SDP Capability Negotiation MUST NOT be performed for the media stream
stream in question. in question.
An entity that does not support the SDP Capability Negotiation An entity that does not support the SDP Capability Negotiation
framework at all, will ignore these attributes (as well as the framework at all, will ignore these attributes (as well as the
other SDP Capability Negotiation attributes) and not perform any other SDP Capability Negotiation attributes) and not perform any
SDP Capability Negotiation in the first place. SDP Capability Negotiation in the first place.
3.4. Capability Attributes 3.4. Capability Attributes
In this section, we present the new attributes associated with In this section, we present the new attributes associated with
indicating the capabilities for use by the SDP Capability indicating the capabilities for use by the SDP Capability
Negotiation. Negotiation.
3.4.1. Attribute Capability Attribute 3.4.1. Attribute Capability Attribute
Attributes and their associated values can be expressed as Attributes and their associated values can be expressed as
capabilities by use of a new attribute capability attribute capabilities by use of a new attribute capability attribute
("a=acap"), which is defined as follows: ("a=acap"), which is defined as follows:
a=acap: <att-cap-num> <att-par> a=acap: <att-cap-num> <att-par>
where <att-cap-num> is an integer between 1 and 2^31-1 (both where <att-cap-num> is an integer between 1 and 2^31-1 (both
included) used to number the attribute capability and <att-par> is included) used to number the attribute capability and <att-par> is an
an attribute ("a=") in its "<attribute>" or <attribute>:<value>" attribute ("a=") in its "<attribute>" or "<attribute>:<value>" form,
form, i.e., excluding the "a=" part (see [RFC4566]). The attribute i.e., excluding the "a=" part (see [RFC4566]). The attribute can be
can be provided at the session-level and the media-level. provided at the session level and the media level.
The "acap" attribute adheres to the RFC 4566 "attribute" production, The "acap" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = att-cap-num 1*WSP att-par att-value = att-cap-num 1*WSP att-par
att-cap-num = 1*10(DIGIT) ;defined in [RFC5234] att-cap-num = 1*10(DIGIT) ;defined in [RFC5234]
att-par = attribute ;defined in [RFC4566] att-par = attribute ;defined in [RFC4566]
Note that white space is not permitted before the att-cap-num. Note that white space is not permitted before the att-cap-num.
When the attribute capability contains a session-level attribute, When the attribute capability contains a session-level attribute,
that "acap" attribute can only be provided at the session level. that "acap" attribute can only be provided at the session level.
Conversely, media level attributes can be provided in attribute Conversely, media-level attributes can be provided in attribute
capabilities at either the media level or session-level. The base capabilities at either the media level or session level. The base
SDP Capability Negotiation framework however only defines procedures SDP Capability Negotiation framework however only defines procedures
for use of media-level attribute capabilities at the media level. for use of media-level attribute capabilities at the media level.
Implementations that conform only to the base framework MUST NOT Implementations that conform only to the base framework MUST NOT
generate media-level attribute capabilities at the session-level, generate media-level attribute capabilities at the session level;
however extensions may change this (see, e.g., [SDPMedCap] for one however, extensions may change this (see, e.g., [SDPMedCap] for one
such extension) and hence all implementations MUST still be prepared such extension) and hence all implementations MUST still be prepared
to receive such capabilities (see Section 3.6.2. for processing to receive such capabilities (see Section 3.6.2 for processing
rules). rules).
Each occurrence of the "acap" attribute in the entire session Each occurrence of the "acap" attribute in the entire session
description MUST use a different value of <att-cap-num>. description MUST use a different value of <att-cap-num>. Consecutive
Consecutive numbering of the <att-cap-num> values is not required. numbering of the <att-cap-num> values is not required.
There is a need to be able to reference both session-level and There is a need to be able to reference both session-level and
media-level attributes in potential configurations at the media media-level attributes in potential configurations at the media
level, and this provides for a simple solution to avoiding overlap level, and this provides for a simple solution to avoiding overlap
between the references (handles) to each attribute capability. between the references (handles) to each attribute capability.
The <att-cap-num> values provided are independent of similar <cap- The <att-cap-num> values provided are independent of similar
num> values provided for other types of capabilities, i.e., they <cap-num> values provided for other types of capabilities, i.e., they
form a separate name-space for attribute capabilities. form a separate name-space for attribute capabilities.
The following examples illustrate use of the "acap" attribute: The following examples illustrate use of the "acap" attribute:
a=acap:1 ptime:20 a=acap:1 ptime:20
a=acap:2 ptime:30 a=acap:2 ptime:30
a=acap:3 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyONQ6gAA a=acap:3 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyONQ6gAA
AAAGEEoo2pee4hp2UaDX8ZE22YwKAAAPZG9uYWxkQGR1Y2suY29tAQAAAAAAAQAk0 AAAGEEoo2pee4hp2UaDX8ZE22YwKAAAPZG9uYWxkQGR1Y2suY29tAQAAAAAAAQAk0
JKpgaVkDaawi9whVBtBt0KZ14ymNuu62+Nv3ozPLygwK/GbAV9iemnGUIZ19fWQUO JKpgaVkDaawi9whVBtBt0KZ14ymNuu62+Nv3ozPLygwK/GbAV9iemnGUIZ19fWQUO
SrzKTAv9zV SrzKTAv9zV
a=acap:4 crypto:1 AES_CM_128_HMAC_SHA1_32 a=acap:4 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
The first two attribute capabilities provide attribute values for The first two attribute capabilities provide attribute values for the
the ptime attribute. The third provides SRTP parameters by using ptime attribute. The third provides SRTP parameters by using
MIKEY [RFC3830] with the key-mgmt attribute [RFC4567]. The fourth Multimedia Internet KEYing (MIKEY) [RFC3830] with the "key-mgmt"
provides SRTP parameters by use of security descriptions with the attribute [RFC4567]. The fourth provides SRTP parameters by use of
crypto attribute [RFC4568]. Note that the line-wrapping and new- security descriptions with the "crypto" attribute [RFC4568]. Note
lines in example three and four are provided for formatting reasons that the line-wrapping and new-lines in example three and four are
only - they are not permitted in actual SDP session descriptions. provided for formatting reasons only -- they are not permitted in
actual SDP session descriptions.
Readers familiar with RFC 3407 may notice the similarity between Readers familiar with RFC 3407 may notice the similarity between
the RFC 3407 "cpar" attribute and the above. There are however a the RFC 3407 "cpar" attribute and the above. There are however a
couple of important differences, notably that the "acap" attribute couple of important differences, notably that the "acap" attribute
contains a handle that enables referencing it and it furthermore contains a handle that enables referencing it and it furthermore
supports only attributes (the "cpar" attribute defined in RFC 3407 supports only attributes (the "cpar" attribute defined in RFC 3407
supports bandwidth information as well). The "acap" attribute also supports bandwidth information as well). The "acap" attribute
is not automatically associated with any particular capabilities. also is not automatically associated with any particular
See Section 3.14. for the relationship to RFC 3407. capabilities. See Section 3.14 for the relationship to RFC 3407.
Attribute capabilities MUST NOT embed any capability negotiation Attribute capabilities MUST NOT embed any capability negotiation
parameters. This restriction applies to all the capability parameters. This restriction applies to all the capability
negotiation parameters defined in this document ("csup", "creq", negotiation parameters defined in this document ("csup", "creq",
"acap", "tcap", "pcfg", and "acfg") as well as any capability "acap", "tcap", "pcfg", and "acfg") as well as any capability
negotiation extensions defined. The following examples are thus negotiation extensions defined. The following examples are thus
invalid attribute capabilities and MUST NOT be used: invalid attribute capabilities and MUST NOT be used:
a=acap:1 acap:2 foo:a ;Not allowed to embed "acap" a=acap:1 acap:2 foo:a ;Not allowed to embed "acap"
a=acap:2 a=pcfg:1 t=1 a=1 ;Not allowed to embed "pcfg" a=acap:2 a=pcfg:1 t=1 a=1 ;Not allowed to embed "pcfg"
The reason for this restriction is to avoid overly complex The reason for this restriction is to avoid overly complex processing
processing rules resulting from the expansion of such capabilities rules resulting from the expansion of such capabilities into
into potential configurations (see Section 3.6.2. for further potential configurations (see Section 3.6.2 for further details).
details).
3.4.2. Transport Protocol Capability Attribute 3.4.2. Transport Protocol Capability Attribute
Transport Protocols can be expressed as capabilities by use of a new Transport protocols can be expressed as capabilities by use of a new
Transport Protocol Capability attribute ("a=tcap") defined as Transport Protocol Capability attribute ("a=tcap") defined as
follows: follows:
a=tcap: <trpr-cap-num> <proto-list> a=tcap: <trpr-cap-num> <proto-list>
where <trpr-cap-num> is an integer between 1 and 2^31-1 (both where <trpr-cap-num> is an integer between 1 and 2^31-1 (both
included) used to number the transport address capability for later included) used to number the transport address capability for later
reference, and <proto-list> is one or more <proto>, separated by reference, and <proto-list> is one or more <proto>, separated by
white space, as defined in the SDP "m=" line. The attribute can be white space, as defined in the SDP "m=" line. The attribute can be
provided at the session-level and the media-level. provided at the session level and the media level.
The "tcap" attribute adheres to the RFC 4566 "attribute" production, The "tcap" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = trpr-cap-num 1*WSP proto-list att-value = trpr-cap-num 1*WSP proto-list
trpr-cap-num = 1*10(DIGIT) ;defined in [RFC5234] trpr-cap-num = 1*10(DIGIT) ;defined in [RFC5234]
proto-list = proto *(1*WSP proto) ;defined in [RFC4566] proto-list = proto *(1*WSP proto) ;defined in [RFC4566]
Note that white space is not permitted before the trpr-cap-num. Note that white space is not permitted before the trpr-cap-num.
The "tcap" attribute can be provided at the session-level and the The "tcap" attribute can be provided at the session level and the
media-level. There MUST NOT be more than one "a=tcap" attribute at media level. There MUST NOT be more than one "a=tcap" attribute at
the session-level and one at the media-level (one per media the session level and one at the media level (one per media
description in the latter case). Each occurrence of the "tcap" description in the latter case). Each occurrence of the "tcap"
attribute in the entire session description MUST use a different attribute in the entire session description MUST use a different
value of <trpr-cap-num>. When multiple <proto> values are provided, value of <trpr-cap-num>. When multiple <proto> values are provided,
the first one is associated with the value <trpr-cap-num>, the the first one is associated with the value <trpr-cap-num>, the second
second one with the value one higher, etc. There MUST NOT be any one with the value one higher, etc. There MUST NOT be any capability
capability number overlap between different "tcap" attributes in the number overlap between different "tcap" attributes in the entire SDP
entire SDP session description. The <trpr-cap-num> values provided session description. The <trpr-cap-num> values provided are
are independent of similar <cap-num> values provided for other independent of similar <cap-num> values provided for other capability
capability attributes, i.e., they form a separate name-space for attributes, i.e., they form a separate name-space for transport
transport protocol capabilities. Consecutive numbering of the <trpr- protocol capabilities. Consecutive numbering of the <trpr-cap-num>
cap-num> values in different "tcap" attributes is not required. values in different "tcap" attributes is not required.
Below, we provide examples of the "a=tcap" attribute: Below, we provide examples of the "a=tcap" attribute:
a=tcap:1 RTP/AVP a=tcap:1 RTP/AVP
a=tcap:2 RTP/AVPF a=tcap:2 RTP/AVPF
a=tcap:3 RTP/SAVP RTP/SAVPF a=tcap:3 RTP/SAVP RTP/SAVPF
a=tcap:5 UDP/TLS/RTP/SAVP a=tcap:5 UDP/TLS/RTP/SAVP
The first one provides a capability for the "RTP/AVP" profile The first one provides a capability for the "RTP/AVP" profile defined
defined in [RFC3551] and the second one provides a capability for in [RFC3551] and the second one provides a capability for the RTP
the RTP with RTCP-Based Feedback profile defined in [RFC4585]. The with RTCP-based feedback profile defined in [RFC4585]. The third one
third one provides capabilities for the "RTP/SAVP" (transport provides capabilities for the "RTP/SAVP" (transport capability number
capability number 3) and "RTP/SAVPF" profiles (transport protocol 3) and "RTP/SAVPF" profiles (transport protocol capability number 4).
capability number 4). The last one provides capabilities for The last one provides capabilities for "UDP/TLS/RTP/SAVP", i.e.,
"UDP/TLS/RTP/SAVP", i.e. DTLS-SRTP [DTLS-SRTP](transport capability DTLS-SRTP [RFC5764] (transport capability number 5).
number 5).
The "tcap" attribute by itself can only specify transport protocols The "tcap" attribute by itself can only specify transport protocols
as defined by <proto> in [RFC4566], however full specification of a as defined by <proto> in [RFC4566]; however, full specification of a
media stream requires further qualification of the transport media stream requires further qualification of the transport protocol
protocol by one or more media format descriptions, which themselves by one or more media format descriptions, which themselves often
often depend on the transport protocol. As an example, [RFC3551] depend on the transport protocol. As an example, [RFC3551] defines
defines the "RTP/AVP" transport for use with audio and video codecs the "RTP/AVP" transport for use with audio and video codecs (media
(media formats), whereas [RFC4145] defines the "TCP" transport which formats), whereas [RFC4145] defines the "TCP" transport, which, for
for example may be used to negotiate T.38 fax ("image/t38"), etc. In example, may be used to negotiate T.38 fax ("image/t38"), etc. In a
a non-SDP context, some media formats could be viewed as transports non-SDP context, some media formats could be viewed as transports
themselves (e.g. T.38) however in the context of SDP and SDP themselves (e.g., T.38); however, in the context of SDP and SDP
Capability Negotiation, they are not. If capability negotiation is Capability Negotiation, they are not. If capability negotiation is
required for such media formats, they MUST all either be valid under required for such media formats, they MUST all either be valid under
the transport protocol indicated in the "m=" line included for the the transport protocol indicated in the "m=" line included for the
media stream description, or a suitable extension must be used, e.g. media stream description, or a suitable extension must be used, e.g.,
SDP Media Capabilities [SDPMedCap]. SDP Media Capabilities [SDPMedCap].
The ability to use a particular transport protocol is inherently The ability to use a particular transport protocol is inherently
implied by including it in the "m=" line, regardless of whether it implied by including it in the "m=" line, regardless of whether or
is provided in a "tcap" attribute or not. However, if a potential not it is provided in a "tcap" attribute. However, if a potential
configuration needs to reference that transport protocol as a configuration needs to reference that transport protocol as a
capability, the transport protocol MUST be included explicitly in a capability, the transport protocol MUST be included explicitly in a
"tcap" attribute. "tcap" attribute.
This may seem redundant (and indeed it is from the offerer's point This may seem redundant (and indeed it is from the offerer's point
of view), however it is done to protect against intermediaries of view), however it is done to protect against intermediaries
(e.g. middle-boxes) that may modify "m=" lines while passing (e.g., middleboxes) that may modify "m=" lines while passing
unknown attributes through. If an implicit transport capability unknown attributes through. If an implicit transport capability
were used instead (e.g. a reserved transport capability number were used instead (e.g., a reserved transport capability number
could be used to refer to the transport protocol in the "m=" could be used to refer to the transport protocol in the "m="
line), and an intermediary were to modify the transport protocol line), and an intermediary were to modify the transport protocol
in the "m=" line (e.g. to translate between plain RTP and secure in the "m=" line (e.g., to translate between plain RTP and Secure
RTP), then the potential configuration referencing that implicit RTP), then the potential configuration referencing that implicit
transport capability may no longer be correct. With explicit transport capability may no longer be correct. With explicit
capabilities, we avoid this pitfall; however, the potential capabilities, we avoid this pitfall; however, the potential
configuration preference (see Section 3.5.1. ) may not reflect configuration preference (see Section 3.5.1) may not reflect that
that of the intermediary (which some may view as a feature). of the intermediary (which some may view as a feature).
Note that a transport protocol capability may be provided, Note that a transport protocol capability may be provided,
irrespective of whether it is referenced in a potential irrespective of whether or not it is referenced in a potential
configuration or not (just like any other capability). configuration (just like any other capability).
3.4.3. Extension Capability Attributes 3.4.3. Extension Capability Attributes
The SDP Capability Negotiation framework allows for new types of The SDP Capability Negotiation framework allows for new types of
capabilities to be defined as extensions and used with the general capabilities to be defined as extensions and used with the general
capability negotiation framework. The syntax and semantics of such capability negotiation framework. The syntax and semantics of such
new capability attributes are not defined here, however in order to new capability attributes are not defined here; however, in order to
be used with potential configurations, they SHOULD allow for a be used with potential configurations, they SHOULD allow for a
numeric handle to be associated with each capability. This handle numeric handle to be associated with each capability. This handle
can be used as a reference within the potential and actual can be used as a reference within the potential and actual
configuration attributes (see Section 3.5.1. and 3.5.2. ). The configuration attributes (see Sections 3.5.1 and 3.5.2). The
definition of such extension capability attributes MUST also state definition of such extension capability attributes MUST also state
whether they can be applied at the session-level, media-level, or whether they can be applied at the session level, media level, or
both. Note that extensions can have option tags defined for them, both. Note that extensions can have option tags defined for them,
and option tags MUST be registered with the IANA in accordance with and option tags MUST be registered with the IANA in accordance with
the procedures specified in Section 6.2. the procedures specified in Section 6.2.
Extension capabilities SHOULD NOT embed any capability negotiation Extension capabilities SHOULD NOT embed any capability negotiation
parameters. This applies to all the capability negotiation parameters. This applies to all the capability negotiation
parameters defined in this document as well as any extensions parameters defined in this document as well as any extensions
defined. The reason for this restriction is to avoid overly complex defined. The reason for this restriction is to avoid overly complex
processing rules resulting from the expansion of such capabilities processing rules resulting from the expansion of such capabilities
into potential configurations (see Section 3.6.2. for further into potential configurations (see Section 3.6.2 for further
details). If an extension does not follow the above "SHOULD NOT" details). If an extension does not follow the above "SHOULD NOT"
recommendation, the extension MUST provide a careful analysis of why recommendation, the extension MUST provide a careful analysis of why
such behavior is both necessary and safe. such behavior is both necessary and safe.
3.5. Configuration Attributes 3.5. Configuration Attributes
3.5.1. Potential Configuration Attribute 3.5.1. Potential Configuration Attribute
Potential Configurations can be expressed by use of a new Potential Potential configurations can be expressed by use of a new Potential
Configuration Attribute ("a=pcfg") defined as follows: Configuration Attribute ("a=pcfg") defined as follows:
a=pcfg: <config-number> [<pot-cfg-list>] a=pcfg: <config-number> [<pot-cfg-list>]
where <config-number> is an integer between 1 and 2^31-1 (both where <config-number> is an integer between 1 and 2^31-1 (both
included). The attribute can be provided only at the media-level. included). The attribute can be provided only at the media level.
The "pcfg" attribute adheres to the RFC 4566 "attribute" production, The "pcfg" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = config-number [1*WSP pot-cfg-list] att-value = config-number [1*WSP pot-cfg-list]
config-number = 1*10(DIGIT) ;defined in [RFC5234] config-number = 1*10(DIGIT) ;defined in [RFC5234]
pot-cfg-list = pot-config *(1*WSP pot-config) pot-cfg-list = pot-config *(1*WSP pot-config)
pot-config = attribute-config-list / pot-config = attribute-config-list /
transport-protocol-config-list / transport-protocol-config-list /
extension-config-list extension-config-list
The missing productions are defined below. Note that white space is The missing productions are defined below. Note that white space is
not permitted before the config-number. not permitted before the config-number.
The potential configuration attribute can be provided only at the The potential configuration attribute can be provided only at the
media-level and there can be multiple instances of it within a given media level and there can be multiple instances of it within a given
media description. The attribute includes a configuration number, media description. The attribute includes a configuration number,
which is an integer between 1 and 2^31-1 (both included). The which is an integer between 1 and 2^31-1 (both included). The
configuration number MUST be unique within the media description configuration number MUST be unique within the media description
(i.e., it has only media level scope). The configuration number also (i.e., it has only media-level scope). The configuration number also
indicates the relative preference of potential configurations; lower indicates the relative preference of potential configurations; lower
numbers are preferred over higher numbers. Consecutive numbering of numbers are preferred over higher numbers. Consecutive numbering of
the configuration numbers in different "pcfg" attributes in a media the configuration numbers in different "pcfg" attributes in a media
description is not required. description is not required.
A potential configuration list is normally provided after the A potential configuration list is normally provided after the
configuration number. When the potential configuration list is configuration number. When the potential configuration list is
omitted, the potential configuration equals the actual omitted, the potential configuration equals the actual configuration.
configuration. The potential configuration list contains one or more The potential configuration list contains one or more of attribute,
of attribute, transport and extension configuration lists. A transport, and extension configuration lists. A potential
potential configuration may for example include attribute configuration may for example include attribute capabilities and
capabilities and transport capabilities, transport capabilities transport capabilities, transport capabilities only, or some other
only, or some other combination of capabilities. If transport combination of capabilities. If transport capabilities are not
capabilities are not included in a potential configuration, the included in a potential configuration, the default transport for that
default transport for that media stream is used. media stream is used.
The potential configuration lists generally reference one or more The potential configuration lists generally reference one or more
capabilities (extension configuration lists MAY use a different capabilities (extension configuration lists MAY use a different
format). Those capabilities are (conceptually) used to construct a format). Those capabilities are (conceptually) used to construct a
new internal version of the SDP session description by use of purely new internal version of the SDP session description by use of purely
syntactic add and (possibly) delete operations on the original SDP syntactic add and (possibly) delete operations on the original SDP
session description (actual configuration). This provides an session description (actual configuration). This provides an
alternative potential configuration SDP session description that can alternative potential configuration SDP session description that can
be used by conventional SDP and offer/answer procedures if selected. be used by conventional SDP and offer/answer procedures if selected.
This document defines attribute configuration lists and transport This document defines attribute configuration lists and transport
protocol configuration lists. Each of these MUST NOT be present protocol configuration lists. Each of these MUST NOT be present more
more than once in a particular potential configuration attribute. than once in a particular potential configuration attribute.
Attribute capabilities referenced by the attribute configuration Attribute capabilities referenced by the attribute configuration list
list (if included) are added to the actual configuration, whereas a (if included) are added to the actual configuration, whereas a
transport capability referenced by the transport protocol transport capability referenced by the transport protocol
configuration list (if included) replaces the default transport configuration list (if included) replaces the default transport
protocol from the actual configuration. Extension configuration protocol from the actual configuration. Extension configuration
lists can be included as well. There can be more than one extension lists can be included as well. There can be more than one extension
configuration list, however each particular extension MUST NOT be configuration list; however, each particular extension MUST NOT be
present more than once in a given "a=pcfg" attribute. Together, the present more than once in a given "a=pcfg" attribute. Together, the
various configuration lists define a potential configuration. various configuration lists define a potential configuration.
There can be multiple potential configurations in a media There can be multiple potential configurations in a media
description. Each of these indicates not only a willingness, but in description. Each of these indicates not only a willingness, but in
fact a desire to use the potential configuration. fact a desire to use the potential configuration.
The example SDP session description below contains two potential The example SDP session description below contains two potential
configurations: configurations:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVP 0 18 m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVP RTP/SAVPF a=tcap:1 RTP/SAVP RTP/SAVPF
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=1 a=1 a=pcfg:1 t=1 a=1
a=pcfg:2 t=2 a=1 a=pcfg:2 t=2 a=1
Potential configuration 1 contains a transport protocol Potential configuration 1 contains a transport protocol configuration
configuration list that references transport capability 1 list that references transport capability 1 ("RTP/SAVP") and an
("RTP/SAVP") and an attribute configuration list that references attribute configuration list that references attribute capability 1
attribute capability 1 ("a=crypto:..."). Potential configuration 2 ("a=crypto:..."). Potential configuration 2 contains a transport
contains a transport protocol configuration list that references protocol configuration list that references transport capability 2
transport capability 2 ("RTP/SAVPF") and an attribute configuration ("RTP/SAVPF") and an attribute configuration list that references
list that references attribute capability 1 ("a=crypto:..."). attribute capability 1 ("a=crypto:...").
Attribute capabilities are used in a potential configuration by use Attribute capabilities are used in a potential configuration by use
of the attribute-config-list parameter, which is defined by the of the attribute-config-list parameter, which is defined by the
following ABNF: following ABNF:
attribute-config-list = "a=" delete-attributes attribute-config-list = "a=" delete-attributes
attribute-config-list =/ "a=" [delete-attributes ":"] attribute-config-list =/ "a=" [delete-attributes ":"]
mo-att-cap-list *(BAR mo-att-cap-list) mo-att-cap-list *(BAR mo-att-cap-list)
delete-attributes = DELETE ( "m" ; media attributes delete-attributes = DELETE ( "m" ; media attributes
skipping to change at page 26, line 37 skipping to change at page 25, line 9
att-cap-list = att-cap-num *("," att-cap-num) att-cap-list = att-cap-num *("," att-cap-num)
att-cap-num = 1*10(DIGIT) ;defined in [RFC5234] att-cap-num = 1*10(DIGIT) ;defined in [RFC5234]
BAR = "|" BAR = "|"
DELETE = "-" DELETE = "-"
Note that white space is not permitted within the attribute-config- Note that white space is not permitted within the attribute-config-
list rule. list rule.
Each attribute configuration list can optionally begin with Each attribute configuration list can optionally begin with
instructions for how to handle attributes that are part of the instructions for how to handle attributes that are part of the actual
actual configuration SDP session description (i.e., the "a=" lines configuration SDP session description (i.e., the "a=" lines present
present in the original SDP session description). By default, such in the original SDP session description). By default, such
attributes will remain as part of the potential configuration in attributes will remain as part of the potential configuration in
question. However, if delete-attributes indicates "-m", then all question. However, if delete-attributes indicates "-m", then all
attribute lines within the media description in question will be attribute lines within the media description in question will be
deleted in the resulting potential configuration SDP session deleted in the resulting potential configuration SDP session
description (i.e., all "a=" lines under the "m=" line in question). description (i.e., all "a=" lines under the "m=" line in question).
If delete-attributes indicates "-s", then all attribute lines at the If delete-attributes indicates "-s", then all attribute lines at the
session-level will be deleted (i.e., all "a=" lines before the first session level will be deleted (i.e., all "a=" lines before the first
"m=" line). If delete-attributes indicates "-ms", then all attribute "m=" line). If delete-attributes indicates "-ms", then all attribute
lines within this media description ("m=" line) and all attribute lines within this media description ("m=" line) and all attribute
lines at the session-level will be deleted. lines at the session level will be deleted.
The attribute capability list comes next (if included). It contains The attribute capability list comes next (if included). It contains
one or more alternative lists of attribute capabilities. The one or more alternative lists of attribute capabilities. The
alternative attribute capability lists are separated by a vertical alternative attribute capability lists are separated by a vertical
bar ("|"), and each list contains one or more attribute capabilities bar ("|"), and each list contains one or more attribute capabilities
separated by commas (","). The attribute capabilities are either separated by commas (","). The attribute capabilities are either
mandatory or optional. Mandatory attribute capabilities MUST be mandatory or optional. Mandatory attribute capabilities MUST be
supported in order to use the potential configuration, whereas supported in order to use the potential configuration, whereas
optional attribute capabilities MAY be supported in order to use the optional attribute capabilities MAY be supported in order to use the
potential configuration. potential configuration.
Within each attribute capability list, all the mandatory attribute Within each attribute capability list, all the mandatory attribute
capabilities (if any) are listed first, and all the optional capabilities (if any) are listed first, and all the optional
attribute capabilities (if any) are listed last. The optional attribute capabilities (if any) are listed last. The optional
attribute capabilities are contained within a pair of square attribute capabilities are contained within a pair of square brackets
brackets ("[" and "]"). Each attribute capability is merely an ("[" and "]"). Each attribute capability is merely an attribute
attribute capability number (att-cap-num) that identifies a capability number (att-cap-num) that identifies a particular
particular attribute capability by referring to attribute capability attribute capability by referring to attribute capability numbers
numbers defined above and hence MUST be between 1 and 2^31-1 (both defined above and hence MUST be between 1 and 2^31-1 (both included).
included). The following example illustrates the above: The following example illustrates the above:
a=pcfg:1 a=-m:1,2,[3,4]|1,7,[5] a=pcfg:1 a=-m:1,2,[3,4]|1,7,[5]
where where
o "a=-m:1,2,[3,4]|1,7,[5]" is the attribute configuration list o "a=-m:1,2,[3,4]|1,7,[5]" is the attribute configuration list
o "-m" indicates to delete all attributes from the media o "-m" indicates to delete all attributes from the media description
description of the actual configuration of the actual configuration
o "1,2,[3,4]" and "1,7,[5]" are both attribute capability lists. o "1,2,[3,4]" and "1,7,[5]" are both attribute capability lists.
The two lists are alternatives, since they are separated by a The two lists are alternatives, since they are separated by a
vertical bar above vertical bar above
o "1", "2" and "7" are mandatory attribute capabilities o "1", "2", and "7" are mandatory attribute capabilities
o "3", "4" and "5" are optional attribute capabilities o "3", "4", and "5" are optional attribute capabilities
Note that in the example above, we have a single handle ("1") for Note that in the example above, we have a single handle ("1") for the
the potential configuration(s), but there are actually two different potential configuration(s), but there are actually two different
potential configurations (separated by a vertical bar). This is done potential configurations (separated by a vertical bar). This is done
for message size efficiency reasons, which is especially important for message size efficiency reasons, which is especially important
when we add other types of capabilities to the potential when we add other types of capabilities to the potential
configuration. If there is a need to provide a unique handle for configuration. If there is a need to provide a unique handle for
each, then separate "a=pcfg" attributes with different handles MUST each, then separate "a=pcfg" attributes with different handles MUST
be used instead. be used instead.
Each referenced attribute capability in the potential configuration Each referenced attribute capability in the potential configuration
will result in the corresponding attribute name and its associated will result in the corresponding attribute name and its associated
value (contained inside the attribute capability) being added to the value (contained inside the attribute capability) being added to the
resulting potential configuration SDP session description. resulting potential configuration SDP session description.
Alternative attribute capability lists are separated by a vertical Alternative attribute capability lists are separated by a vertical
bar ("|"), the scope of which extends to the next alternative (i.e., bar ("|"), the scope of which extends to the next alternative (i.e.,
"," has higher precedence than "|"). The alternatives are ordered by "," has higher precedence than "|"). The alternatives are ordered by
preference with the most preferred listed first. In order for a preference with the most preferred listed first. In order for a
recipient of the SDP session description (e.g., an answerer recipient of the SDP session description (e.g., an answerer receiving
receiving this in an offer) to use this potential configuration, this in an offer) to use this potential configuration, exactly one of
exactly one of the alternative lists MUST be selected in its the alternative lists MUST be selected in its entirety. This
entirety. This requires that all mandatory attribute capabilities requires that all mandatory attribute capabilities referenced by the
referenced by the potential configuration are supported with the potential configuration are supported with the attribute values
attribute values provided. provided.
Transport protocol configuration lists are included in a potential Transport protocol configuration lists are included in a potential
configuration by use of the transport-protocol-config-list configuration by use of the transport-protocol-config-list parameter,
parameter, which is defined by the following ABNF: which is defined by the following ABNF:
transport-protocol-config-list = transport-protocol-config-list =
"t=" trpr-cap-num *(BAR trpr-cap-num) "t=" trpr-cap-num *(BAR trpr-cap-num)
trpr-cap-num = 1*10(DIGIT) ; defined in [RFC5234] trpr-cap-num = 1*10(DIGIT) ; defined in [RFC5234]
Note that white space is not permitted within this rule. Note that white space is not permitted within this rule.
The trpr-cap-num refers to transport protocol capability numbers The trpr-cap-num refers to transport protocol capability numbers
defined above and hence MUST be between 1 and 2^31-1 (both defined above and hence MUST be between 1 and 2^31-1 (both included).
included). Alternative transport protocol capabilities are separated Alternative transport protocol capabilities are separated by a
by a vertical bar ("|"). The alternatives are ordered by preference vertical bar ("|"). The alternatives are ordered by preference with
with the most preferred listed first. If there are no transport the most preferred listed first. If there are no transport protocol
protocol capabilities included in a potential configuration at the capabilities included in a potential configuration at the media
media level, the transport protocol information from the associated level, the transport protocol information from the associated "m="
"m=" line MUST be used. In order for a recipient of the SDP session line MUST be used. In order for a recipient of the SDP session
description (e.g., an answerer receiving this in an offer) to use description (e.g., an answerer receiving this in an offer) to use
this potential configuration, exactly one of the alternatives MUST this potential configuration, exactly one of the alternatives MUST be
be selected. This requires that the transport protocol in question selected. This requires that the transport protocol in question is
is supported. supported.
In the presence of intermediaries (the existence of which may not In the presence of intermediaries (the existence of which may not
be known), care should be taken with assuming that the transport be known), care should be taken with assuming that the transport
protocol in the "m=" line will not be modified by an intermediary. protocol in the "m=" line will not be modified by an intermediary.
Use of an explicit transport protocol capability will guard Use of an explicit transport protocol capability will guard
against capability negotiation implications of that. against capability negotiation implications of that.
Extension capabilities can be included in a potential configuration Extension capabilities can be included in a potential configuration
as well by use of extension configuration lists. Extension as well by use of extension configuration lists. Extension
configuration lists MUST adhere to the following ABNF: configuration lists MUST adhere to the following ABNF:
extension-config-list = ["+"] ext-cap-name "=" ext-cap-list extension-config-list = ["+"] ext-cap-name "=" ext-cap-list
ext-cap-name = 1*(ALPHA / DIGIT) ext-cap-name = 1*(ALPHA / DIGIT)
ext-cap-list = 1*VCHAR ; defined in [RFC5234] ext-cap-list = 1*VCHAR ; defined in [RFC5234]
Note that white space is not permitted within this rule. Note that white space is not permitted within this rule.
The ext-cap-name refers to the name of the extension capability and The ext-cap-name refers to the name of the extension capability and
the ext-cap-list is here merely defined as a sequence of visible the ext-cap-list is here merely defined as a sequence of visible
characters. The actual extension supported MUST refine both of these characters. The actual extension supported MUST refine both of these
further. For extension capabilities that merely need to be further. For extension capabilities that merely need to be
referenced by a capability number, it is RECOMMENDED to follow a referenced by a capability number, it is RECOMMENDED to follow a
structure similar to what has been specified above. Unsupported or structure similar to what has been specified above. Unsupported or
unknown potential extension configuration lists in a potential unknown potential extension configuration lists in a potential
configuration attribute MUST be ignored, unless they are prefixed configuration attribute MUST be ignored, unless they are prefixed
with the plus ("+") sign, which indicates that the extension is with the plus ("+") sign, which indicates that the extension is
mandatory and MUST be supported in order to use that potential mandatory and MUST be supported in order to use that potential
configuration. configuration.
The "creq" attribute and its associated rules can be used to The "creq" attribute and its associated rules can be used to
ensure that required extensions are supported in the first place. ensure that required extensions are supported in the first place.
Extension configuration lists define new potential configuration Extension configuration lists define new potential configuration
parameters and hence they MUST be registered with IANA per the parameters and hence they MUST be registered with IANA per the
procedures defined in Section 6.3. procedures defined in Section 6.3.
Potential configuration attributes can be provided only at the media Potential configuration attributes can be provided only at the media
level, however it is possible to reference capabilities provided at level; however, it is possible to reference capabilities provided at
either the session or media level. There are certain semantic rules either the session or media level. There are certain semantic rules
and restrictions associated with this: and restrictions associated with this:
A (media level) potential configuration attribute in a given media A (media-level) potential configuration attribute in a given media
description MUST NOT reference a media-level capability provided in description MUST NOT reference a media-level capability provided in a
a different media description; doing so invalidates that potential different media description; doing so invalidates that potential
configuration (note that a potential configuration attribute can configuration (note that a potential configuration attribute can
contain more than one potential configuration by use of contain more than one potential configuration by use of
alternatives). A potential configuration attribute can however alternatives). A potential configuration attribute can however
reference a session-level capability. The semantics of doing so reference a session-level capability. The semantics of doing so
depends on the type of capability. In the case of transport protocol depends on the type of capability. In the case of transport protocol
capabilities it has no particular implication. In the case of capabilities, it has no particular implication. In the case of
attribute capabilities however, it does. More specifically, the attribute capabilities, however, it does. More specifically, the
attribute name and value (provided within that attribute capability) attribute name and value (provided within that attribute capability)
will be considered part of the resulting SDP for that particular will be considered part of the resulting SDP for that particular
configuration at the *session* level. In other words, it will be as- configuration at the *session* level. In other words, it will be
if that attribute was provided with that value at the session-level as-if that attribute was provided with that value at the session
in the first place. As a result, the base SDP Capability Negotiation level in the first place. As a result, the base SDP Capability
framework REQUIRES that potential configurations do not reference Negotiation framework REQUIRES that potential configurations do not
any session-level attribute capabilities that contain media-level reference any session-level attribute capabilities that contain
attributes (since that would place a media-level attribute at the media-level attributes (since that would place a media-level
session level). Extensions may modify this behavior, as long as it attribute at the session level). Extensions may modify this
is fully backwards compatible with the base specification. behavior, as long as it is fully backwards compatible with the base
specification.
Individual media streams perform capability negotiation Individual media streams perform capability negotiation individually,
individually, and hence it is possible that one media stream (where and hence it is possible that one media stream (where the attribute
the attribute was part of a potential configuration) chose a was part of a potential configuration) chose a configuration without
configuration without a session level attribute that was chosen by a session-level attribute that was chosen by another media stream.
another media stream. The session-level attribute however remains The session-level attribute however remains "active" and applies to
"active" and applies to the entire resulting potential configuration the entire resulting potential configuration SDP session description.
SDP session description. In theory, this is problematic if one or In theory, this is problematic if one or more session-level
more session-level attributes either conflicts with or potentially attributes either conflicts with or potentially interacts with
interacts with another session-level or media-level attribute in an another session-level or media-level attribute in an undefined
undefined manner. In practice, such examples seem to be rare (at manner. In practice, such examples seem to be rare (at least with
least with the SDP attributes that had been defined at time of the SDP attributes that had been defined at time of publication of
publication of this document). this document).
A related set of problems can occur if we need coordination A related set of problems can occur if we need coordination
between session-level attributes from multiple media streams in between session-level attributes from multiple media streams in
order for a particular functionality to work. The grouping order for a particular functionality to work. The grouping
framework [RFC3388] is an example of this. If we use the SDP framework [RFC5888] is an example of this. If we use the SDP
Capability Negotiation framework to select a session-level group Capability Negotiation framework to select a session-level group
attribute (provided as an attribute capability), and we require attribute (provided as an attribute capability), and we require
two media descriptions to do this consistently, we could have a two media descriptions to do this consistently, we could have a
problem. The FEC grouping semantics [RFC4756] is one example where problem. The Forward Error Correction (FEC) grouping semantics
this in theory could cause problems, however in practice, it is [RFC4756] is one example where this in theory could cause
unclear that there is a significant problem with the grouping problems, however in practice, it is unclear that there is a
semantics that had been defined at time of publication of this significant problem with the grouping semantics that had been
document. defined at time of publication of this document.
Resolving the above issues in general requires inter-media stream Resolving the above issues in general requires inter-media stream
constraints and synchronized potential configuration processing; constraints and synchronized potential configuration processing; this
this would add considerable complexity to the overall solution. In would add considerable complexity to the overall solution. In
practice, with the SDP attributes defined at time of publication of practice, with the SDP attributes defined at time of publication of
this document, it does not seem to be a significant problem, and this document, it does not seem to be a significant problem, and
hence the base SDP Capability Negotiation solution does not provide hence the base SDP Capability Negotiation solution does not provide a
a solution to this issue. Instead, it is RECOMMENDED that use of solution to this issue. Instead, it is RECOMMENDED that use of
session-level attributes in a potential configuration is avoided session-level attributes in a potential configuration is avoided when
when possible, and when not, that such use is examined closely for possible, and when not, that such use is examined closely for any
any potential interaction issues. If interaction is possible, the potential interaction issues. If interaction is possible, the entity
entity generating the SDP session description SHOULD NOT assume that generating the SDP session description SHOULD NOT assume that well-
well-defined operation will occur at the receiving entity. This defined operation will occur at the receiving entity. This implies
implies that mechanisms which might have such interactions cannot be that mechanisms that might have such interactions cannot be used in
used in security critical contexts. security critical contexts.
The session-level operation of extension capabilities is undefined: The session-level operation of extension capabilities is undefined.
Consequently, each new session-level extension capability defined Consequently, each new session-level extension capability defined
MUST specify the implication of making it part of a configuration at MUST specify the implication of making it part of a configuration at
the media level. the media level.
Below, we provide an example of the "a=pcfg" attribute in a complete Below, we provide an example of the "a=pcfg" attribute in a complete
media description in order to properly indicate the supporting media description in order to properly indicate the supporting
attributes: attributes:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVPF 0 18 m=audio 53456 RTP/AVPF 0 18
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=tcap:1 RTP/AVPF RTP/AVP RTP/SAVP RTP/SAVPF a=tcap:1 RTP/AVPF RTP/AVP RTP/SAVP RTP/SAVPF
a=pcfg:1 t=4|3 a=1 a=pcfg:1 t=4|3 a=1
a=pcfg:8 t=1|2 a=pcfg:8 t=1|2
We have two potential configuration attributes listed here. The We have two potential configuration attributes listed here. The
first one (and most preferred, since its configuration number is first one (and most preferred, since its configuration number is "1")
"1") indicates that either of the profiles RTP/SAVPF or RTP/SAVP indicates that either of the profiles RTP/SAVPF or RTP/SAVP
(specified by the transport protocol capability numbers 4 and 3) can (specified by the transport protocol capability numbers 4 and 3) can
be supported with attribute capability 1 (the "crypto" attribute); be supported with attribute capability 1 (the "crypto" attribute);
RTP/SAVPF is preferred over RTP/SAVP since its capability number (4) RTP/SAVPF is preferred over RTP/SAVP since its capability number (4)
is listed first in the preferred potential configuration. Note that is listed first in the preferred potential configuration. Note that
although we have a single potential configuration attribute and although we have a single potential configuration attribute and
associated handle, we have two potential configurations. associated handle, we have two potential configurations.
The second potential configuration attribute indicates that the The second potential configuration attribute indicates that the
RTP/AVPF or RTP/AVP profiles can be used, with RTP/AVPF being the RTP/AVPF or RTP/AVP profiles can be used, with RTP/AVPF being the
preferred one. This non secure RTP alternative is the less preferred preferred one. This non-secure RTP alternative is the less preferred
one since its configuration number is "8". Again, note that we have one since its configuration number is "8". Again, note that we have
two potential configurations here and hence a total of four two potential configurations here and hence a total of four potential
potential configurations in the SDP session description above. configurations in the SDP session description above.
3.5.2. Actual Configuration Attribute 3.5.2. Actual Configuration Attribute
The actual configuration attribute identifies which of the potential The actual configuration attribute identifies which of the potential
configurations from an offer SDP session description was selected configurations from an offer SDP session description was selected and
and used as the actual configuration to generate an answer SDP used as the actual configuration to generate an answer SDP session
session description. This is done by including the configuration description. This is done by including the configuration number and
number and the configuration lists (if any) from the offer that were the configuration lists (if any) from the offer that were selected
selected and used by the answerer in his offer/answer procedure as and used by the answerer in his offer/answer procedure as follows:
follows:
o A selected attribute configuration MUST include the delete- o A selected attribute configuration MUST include the delete-
attributes and the known and supported parameters from the attributes and the known and supported parameters from the
selected alternative mo-att-cap-list (i.e., containing all selected alternative mo-att-cap-list (i.e., containing all
mandatory and all known and supported optional capability numbers mandatory and all known and supported optional capability numbers
from the potential configuration). If delete-attributes were not from the potential configuration). If delete-attributes were not
included in the potential configuration, they will of course not included in the potential configuration, they will of course not
be present here either. be present here either.
o A selected transport protocol configuration MUST include the o A selected transport protocol configuration MUST include the
selected transport protocol capability number. selected transport protocol capability number.
o A selected potential extension configuration MUST include the o A selected potential extension configuration MUST include the
selected extension configuration parameters as specified for that selected extension configuration parameters as specified for that
particular extension. particular extension.
o When a configuration list contains alternatives (separated by o When a configuration list contains alternatives (separated by
"|"), the selected configuration only MUST be provided. "|"), the selected configuration only MUST be provided.
Note that the selected configuration number and all selected Note that the selected configuration number and all selected
capability numbers used in the actual configuration attribute refer capability numbers used in the actual configuration attribute refer
to those from the offer; not the answer. to those from the offer: not the answer.
The answer may for example include capabilities as well to inform The answer may for example include capabilities as well to inform
the offerer of the answerers capabilities above and beyond the the offerer of the answerers capabilities above and beyond the
negotiated configuration. The actual configuration attribute does negotiated configuration. The actual configuration attribute does
not refer to any of those answer capabilities though. not refer to any of those answer capabilities though.
The Actual Configuration Attribute ("a=acfg") is defined as follows: The Actual Configuration Attribute ("a=acfg") is defined as follows:
a=acfg: <config-number> [<sel-cfg-list>] a=acfg: <config-number> [<sel-cfg-list>]
where <config-number> is an integer between 1 and 2^31-1 (both where <config-number> is an integer between 1 and 2^31-1 (both
included) that refers to the selected potential configuration. The included) that refers to the selected potential configuration. The
attribute can be provided only at the media-level. attribute can be provided only at the media level.
The "acfg" attribute adheres to the RFC 4566 "attribute" production, The "acfg" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows: with an att-value defined as follows:
att-value = config-number [1*WSP sel-cfg-list] att-value = config-number [1*WSP sel-cfg-list]
;config-number defined in Section 3.5.1. ;config-number defined in Section 3.5.1.
sel-cfg-list = sel-cfg *(1*WSP sel-cfg) sel-cfg-list = sel-cfg *(1*WSP sel-cfg)
sel-cfg = sel-attribute-config / sel-cfg = sel-attribute-config /
sel-transport-protocol-config / sel-transport-protocol-config /
sel-extension-config sel-extension-config
skipping to change at page 33, line 18 skipping to change at page 31, line 31
; defined in Section 3.5.1. ; defined in Section 3.5.1.
sel-transport-protocol-config = sel-transport-protocol-config =
"t=" trpr-cap-num ; defined in Section 3.5.1. "t=" trpr-cap-num ; defined in Section 3.5.1.
sel-extension-config = sel-extension-config =
ext-cap-name "=" 1*VCHAR ; defined in Section 3.5.1. ext-cap-name "=" 1*VCHAR ; defined in Section 3.5.1.
Note that white space is not permitted before the config-number. Note that white space is not permitted before the config-number.
The actual configuration ("a=acfg") attribute can be provided only The actual configuration ("a=acfg") attribute can be provided only at
at the media-level. There MUST NOT be more than one occurrence of an the media level. There MUST NOT be more than one occurrence of an
actual configuration attribute within a given media description. actual configuration attribute within a given media description.
Below, we provide an example of the "a=acfg" attribute (building on Below, we provide an example of the "a=acfg" attribute (building on
the previous example with the potential configuration attribute): the previous example with the potential configuration attribute):
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/SAVPF 0 m=audio 54568 RTP/SAVPF 0
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:1 t=4 a=1 a=acfg:1 t=4 a=1
It indicates that the answerer used an offer consisting of potential It indicates that the answerer used an offer consisting of potential
configuration number 1 with transport protocol capability 4 from the configuration number 1 with transport protocol capability 4 from the
offer (RTP/SAVPF) and attribute capability 1 (the "crypto" offer (RTP/SAVPF) and attribute capability 1 (the "crypto"
attribute). The answerer includes his own "crypto" attribute as attribute). The answerer includes his own "crypto" attribute as
well. well.
3.6. Offer/Answer Model Extensions 3.6. Offer/Answer Model Extensions
In this section, we define extensions to the offer/answer model In this section, we define extensions to the offer/answer model
defined in [RFC3264] to allow for potential configurations to be defined in [RFC3264] to allow for potential configurations to be
included in an offer, where they constitute alternative offers that included in an offer, where they constitute alternative offers that
may be accepted by the answerer instead of the actual may be accepted by the answerer instead of the actual
configuration(s) included in the "m=" line(s). configuration(s) included in the "m=" line(s).
The procedures defined in the following subsections apply to both The procedures defined in the following subsections apply to both
unicast and multicast streams. unicast and multicast streams.
3.6.1. Generating the Initial Offer 3.6.1. Generating the Initial Offer
An offerer that wants to use the SDP Capability Negotiation defined An offerer that wants to use the SDP Capability Negotiation defined
in this document MUST include the following in the offer: in this document MUST include the following in the offer:
o Zero or more attribute capability attributes. There MUST be an o Zero or more attribute capability attributes. There MUST be an
attribute capability attribute ("a=acap") as defined in Section attribute capability attribute ("a=acap") as defined in Section
3.4.1. for each attribute name and associated value (if any) that 3.4.1 for each attribute name and associated value (if any) that
needs to be indicated as a capability in the offer. Attribute needs to be indicated as a capability in the offer. Attribute
capabilities may be included irrespective of whether they are capabilities may be included irrespective of whether or not they
referenced by a potential configuration or not. are referenced by a potential configuration.
Session-level attributes and associated values MUST be provided Session-level attributes and associated values MUST be provided in
in attribute capabilities only at the session-level, whereas attribute capabilities only at the session level, whereas media-
media-level attributes and associated values can be provided in level attributes and associated values can be provided in
attribute capabilities at either the media-level or session- attribute capabilities at either the media level or session level.
level. Attributes that are allowed at either the session- or Attributes that are allowed at either the session or media level
media-level can be provided in attribute capabilities at either can be provided in attribute capabilities at either level.
level.
o Zero or more transport protocol capability attributes. There MUST o Zero or more transport protocol capability attributes. There MUST
be transport protocol capabilities as defined in Section 3.4.2. be transport protocol capabilities as defined in Section 3.4.2
with values for each transport protocol that needs to be with values for each transport protocol that needs to be indicated
indicated as a capability in the offer. as a capability in the offer.
Transport protocol capabilities may be included irrespective of Transport protocol capabilities may be included irrespective of
whether they are referenced by a potential configuration or not. whether or not they are referenced by a potential configuration.
Transport protocols that apply to multiple media descriptions Transport protocols that apply to multiple media descriptions
SHOULD be provided as transport protocol capabilities at the SHOULD be provided as transport protocol capabilities at the
session-level whereas transport protocols that apply only to a session level whereas transport protocols that apply only to a
specific media description ("m=" line), SHOULD be provided as specific media description ("m=" line), SHOULD be provided as
transport protocol capabilities within that particular media transport protocol capabilities within that particular media
description. In either case, there MUST NOT be more than a single description. In either case, there MUST NOT be more than a single
"a=tcap" attribute at the session-level and a single "a=tcap" "a=tcap" attribute at the session level and a single "a=tcap"
attribute in each media description. attribute in each media description.
o Zero or more extension capability attributes. There MUST be one o Zero or more extension capability attributes. There MUST be one
or more extension capability attributes (as outlined in Section or more extension capability attributes (as outlined in Section
3.4.3. ) for each extension capability that is referenced by a 3.4.3) for each extension capability that is referenced by a
potential configuration. Extension capability attributes that are potential configuration. Extension capability attributes that are
not referenced by a potential configuration can be provided as not referenced by a potential configuration can be provided as
well. well.
o Zero or more potential configuration attributes. There MUST be o Zero or more potential configuration attributes. There MUST be
one or more potential configuration attributes ("a=pcfg"), as one or more potential configuration attributes ("a=pcfg"), as
defined in Section 3.5.1. , in each media description where defined in Section 3.5.1, in each media description where
alternative potential configurations are to be negotiated. Each alternative potential configurations are to be negotiated. Each
potential configuration attribute MUST adhere to the rules potential configuration attribute MUST adhere to the rules
provided in Section 3.5.1. and the additional rules provided provided in Section 3.5.1 and the additional rules provided below.
below.
If the offerer requires support for one or more extensions (besides If the offerer requires support for one or more extensions (besides
the base protocol defined here), then the offerer MUST include one the base protocol defined here), then the offerer MUST include one or
or more "a=creq" attributes as follows: more "a=creq" attributes as follows:
o If support for one or more capability negotiation extensions is o If support for one or more capability negotiation extensions is
required for the entire session description, then option tags for required for the entire session description, then option tags for
those extensions MUST be included in a single session-level those extensions MUST be included in a single session-level "creq"
"creq" attribute. attribute.
o For each media description that requires support for one or more o For each media description that requires support for one or more
capability negotiation extensions not listed at the session- capability negotiation extensions not listed at the session level,
level, a single "creq" attribute containing all the required a single "creq" attribute containing all the required extensions
extensions for that media description MUST be included within the for that media description MUST be included within the media
media description (in accordance with Section 3.3.2. ). description (in accordance with Section 3.3.2).
Note that extensions that only need to be supported by a particular Note that extensions that only need to be supported by a particular
potential configuration can use the "mandatory" extension prefix potential configuration can use the "mandatory" extension prefix
("+") within the potential configuration (see Section 3.5.1. ). ("+") within the potential configuration (see Section 3.5.1).
The offerer SHOULD furthermore include the following: The offerer SHOULD furthermore include the following:
o A supported capability negotiation extension attribute ("a=csup") o A supported capability negotiation extension attribute ("a=csup")
at the session-level and/or media-level as defined in Section at the session level and/or media level as defined in Section
3.3.2. for each capability negotiation extension supported by the 3.3.2 for each capability negotiation extension supported by the
offerer and not included in a corresponding "a=creq" attribute offerer and not included in a corresponding "a=creq" attribute
(i.e., at the session-level or in the same media description). (i.e., at the session level or in the same media description).
Option tags provided in a "a=csup" attribute at the session-level Option tags provided in a "a=csup" attribute at the session level
indicate extensions supported for the entire session description, indicate extensions supported for the entire session description,
whereas option tags provided in a "a=csup" attribute in a media whereas option tags provided in a "a=csup" attribute in a media
description indicate extensions supported for only that description indicate extensions supported for only that particular
particular media description. media description.
Capabilities provided in an offer merely indicate what the offerer Capabilities provided in an offer merely indicate what the offerer is
is capable of doing. They do not constitute a commitment or even an capable of doing. They do not constitute a commitment or even an
indication to use them. In contrast, each potential configuration indication to use them. In contrast, each potential configuration
constitutes an alternative offer that the offerer would like to use. constitutes an alternative offer that the offerer would like to use.
The potential configurations MUST be used by the answerer to The potential configurations MUST be used by the answerer to
negotiate and establish the session. negotiate and establish the session.
The offerer MUST include one or more potential configuration The offerer MUST include one or more potential configuration
attributes ("a=pcfg") in each media description where the offerer attributes ("a=pcfg") in each media description where the offerer
wants to provide alternative offers (in the form of potential wants to provide alternative offers (in the form of potential
configurations). Each potential configuration attribute in a given configurations). Each potential configuration attribute in a given
media description MUST contain a unique configuration number and media description MUST contain a unique configuration number and
zero, one or more potential configuration lists, as described in zero, one or more potential configuration lists, as described in
Section 3.5.1. Each potential configuration list MUST refer to Section 3.5.1. Each potential configuration list MUST refer to
capabilities that are provided at the session-level or within that capabilities that are provided at the session level or within that
particular media description; otherwise, the potential configuration particular media description; otherwise, the potential configuration
is considered invalid. The base SDP Capability Negotiation framework is considered invalid. The base SDP Capability Negotiation framework
REQUIRES that potential configurations do not reference any session- REQUIRES that potential configurations not reference any session-
level attribute capabilities that contain media-level only level attribute capabilities that contain media-level-only
attributes, however extensions may modify this behavior, as long as attributes; however, extensions may modify this behavior, as long as
it is fully backwards compatible with the base specification. it is fully backwards compatible with the base specification.
Furthermore, it is RECOMMENDED that potential configurations avoid Furthermore, it is RECOMMENDED that potential configurations avoid
use of session-level capabilities whenever possible; refer to use of session-level capabilities whenever possible; refer to Section
Section 3.5.1. 3.5.1.
The current actual configuration is included in the "m=" line (as The current actual configuration is included in the "m=" line (as
defined by [RFC3264]) and any associated parameters for the media defined by [RFC3264]) and any associated parameters for the media
description (e.g., attribute ("a=") and bandwidth ("b=") lines). description (e.g., attribute ("a=") and bandwidth ("b=") lines).
Note that the actual configuration is by default the least-preferred Note that the actual configuration is by default the least-preferred
configuration, and hence the answerer will seek to negotiate use of configuration, and hence the answerer will seek to negotiate use of
one of the potential configurations instead. If the offerer wishes a one of the potential configurations instead. If the offerer wishes a
different preference for the actual configuration, the offerer MUST different preference for the actual configuration, the offerer MUST
include a corresponding potential configuration with the relevant include a corresponding potential configuration with the relevant
configuration number (which indicates the relative preference configuration number (which indicates the relative preference between
between potential configurations); this corresponding potential potential configurations); this corresponding potential configuration
configuration should simply duplicate the actual configuration. should simply duplicate the actual configuration.
This can either be done implicitly (by not referencing any This can either be done implicitly (by not referencing any
capabilities), or explicitly (by providing and using capabilities capabilities), or explicitly (by providing and using capabilities
for the transport protocol and all the attributes that are part of for the transport protocol and all the attributes that are part of
the actual configuration). The latter may help detect the actual configuration). The latter may help detect
intermediaries that modify the actual configuration but are not intermediaries that modify the actual configuration but are not
SDP Capability Negotiation aware. SDP Capability Negotiation aware.
Per [RFC3264], once the offerer generates the offer, he must be Per [RFC3264], once the offerer generates the offer, he must be
prepared to receive incoming media in accordance with that offer. prepared to receive incoming media in accordance with that offer.
That rule applies here as well, but only for the actual That rule applies here as well, but only for the actual
configurations provided in the offer: Media received by the offerer configurations provided in the offer: Media received by the offerer
according to one of the potential configurations MAY be discarded, according to one of the potential configurations MAY be discarded,
until the offerer receives an answer indicating what the actual until the offerer receives an answer indicating what the actual
selected configuration is. Once that answer is received, incoming selected configuration is. Once that answer is received, incoming
media MUST be processed in accordance with the actual selected media MUST be processed in accordance with the actual selected
configuration indicated and the answer received (provided the configuration indicated and the answer received (provided the
offer/answer exchange completed successfully). offer/answer exchange completed successfully).
The above rule assumes that the offerer can determine whether The above rule assumes that the offerer can determine whether
incoming media adheres to the actual configuration offered or one of incoming media adheres to the actual configuration offered or one of
the potential configurations instead; this may not always be the the potential configurations instead; this may not always be the
case. If the offerer wants to ensure he does not play out any case. If the offerer wants to ensure he does not play out any
garbage, the offerer SHOULD discard all media received before the garbage, the offerer SHOULD discard all media received before the
answer SDP session description is received. Conversely, if the answer SDP session description is received. Conversely, if the
offerer wants to avoid clipping, he SHOULD attempt to play any offerer wants to avoid clipping, he SHOULD attempt to play any
incoming media as soon as it is received (at the risk of playing out incoming media as soon as it is received (at the risk of playing out
garbage). In either case, please note that this document does not garbage). In either case, please note that this document does not
place any requirements on the offerer to process and play media place any requirements on the offerer to process and play media
before answer. For further details, please refer to Section 3.9. before answer. For further details, please refer to Section 3.9.
3.6.2. Generating the Answer 3.6.2. Generating the Answer
When receiving an offer, the answerer MUST check for the presence of When receiving an offer, the answerer MUST check for the presence of
a required capability negotiation extension attribute ("a=creq") a required capability negotiation extension attribute ("a=creq")
provided at the session level. If one is found, then capability provided at the session level. If one is found, then capability
negotiation MUST be performed. If none is found, then the answerer negotiation MUST be performed. If none is found, then the answerer
MUST check each offered media description for the presence of a MUST check each offered media description for the presence of a
required capability negotiation extension attribute ("a=creq") and required capability negotiation extension attribute ("a=creq") and
one or more potential configuration attributes ("a=pcfg"). one or more potential configuration attributes ("a=pcfg").
Capability negotiation MUST be performed for each media description Capability negotiation MUST be performed for each media description
where either of those is present in accordance with the procedures where either of those is present in accordance with the procedures
described below. described below.
The answerer MUST first ensure that it supports any required The answerer MUST first ensure that it supports any required
capability negotiation extensions: capability negotiation extensions:
o If a session-level "creq" attribute is provided, and it contains o If a session-level "creq" attribute is provided, and it contains
an option-tag that the answerer does not support, then the an option tag that the answerer does not support, then the
answerer MUST NOT use any of the potential configuration answerer MUST NOT use any of the potential configuration
attributes provided for any of the media descriptions. Instead, attributes provided for any of the media descriptions. Instead,
the normal offer/answer procedures MUST continue as per the normal offer/answer procedures MUST continue as per [RFC3264].
[RFC3264]. Furthermore, the answerer MUST include a session-level Furthermore, the answerer MUST include a session-level supported
supported capability negotiation extensions attribute ("a=csup") capability negotiation extensions attribute ("a=csup") with option
with option tags for the capability negotiation extensions tags for the capability negotiation extensions supported by the
supported by the answerer. answerer.
o If a media-level "creq" attribute is provided, and it contains an o If a media-level "creq" attribute is provided, and it contains an
option tag that the answerer does not support, then the answerer option tag that the answerer does not support, then the answerer
MUST NOT use any of the potential configuration attributes MUST NOT use any of the potential configuration attributes
provided for that particular media description. Instead, the provided for that particular media description. Instead, the
offer/answer procedures for that media description MUST continue offer/answer procedures for that media description MUST continue
as per [RFC3264] (SDP Capability Negotiation is still performed as per [RFC3264] (SDP Capability Negotiation is still performed
for other media descriptions in the SDP session description). for other media descriptions in the SDP session description).
Furthermore, the answerer MUST include a supported capability Furthermore, the answerer MUST include a supported capability
negotiation extensions attribute ("a=csup") in that media negotiation extensions attribute ("a=csup") in that media
description with option tags for the capability negotiation description with option tags for the capability negotiation
extensions supported by the answerer for that media description. extensions supported by the answerer for that media description.
Assuming all required capability negotiation extensions are Assuming all required capability negotiation extensions are
supported, the answerer now proceeds as follows. supported, the answerer now proceeds as follows.
For each media description where capability negotiation is to be For each media description where capability negotiation is to be
performed (i.e. all required capability negotiation extensions are performed (i.e., all required capability negotiation extensions are
supported and at least one valid potential configuration attribute supported and at least one valid potential configuration attribute is
is present), the answerer MUST perform capability negotiation by present), the answerer MUST perform capability negotiation by using
using the most preferred potential configuration that is valid to the most preferred potential configuration that is valid to the
the answerer, subject to any local policies. A potential answerer, subject to any local policies. A potential configuration
configuration is valid to the answerer if: is valid to the answerer if:
1. It is in accordance with the syntax and semantics provided in 1. It is in accordance with the syntax and semantics provided in
Section 3.5.1. Section 3.5.1.
2. It contains a configuration number that is unique within that 2. It contains a configuration number that is unique within that
media description. media description.
3. All attribute capabilities referenced by the potential 3. All attribute capabilities referenced by the potential
configuration are valid themselves (as defined in Section 3.4.1. configuration are valid themselves (as defined in Section 3.4.1)
) and each of them is provided either at the session-level or and each of them is provided either at the session level or within
within this particular media description. this particular media description.
For session-level attribute capabilities referenced, the For session-level attribute capabilities referenced, the
attributes contained inside them MUST NOT be media-level only attributes contained inside them MUST NOT be media-level-only
attributes. Note that the answerer can only determine this for attributes. Note that the answerer can only determine this for
attributes supported by the answerer. If an attribute is not attributes supported by the answerer. If an attribute is not
supported, it will simply be ignored by the answerer and hence supported, it will simply be ignored by the answerer and hence
will not trigger an "invalid" potential configuration. will not trigger an "invalid" potential configuration.
4. All transport protocol capabilities referenced by the potential 4. All transport protocol capabilities referenced by the potential
configuration are valid themselves (as defined in Section 3.4.2. configuration are valid themselves (as defined in Section 3.4.2)
) and each of them is furthermore provided either at the session- and each of them is furthermore provided either at the session
level or within this particular media description. level or within this particular media description.
5. All extension capabilities referenced by the potential 5. All extension capabilities referenced by the potential
configuration and supported by the answerer are valid themselves configuration and supported by the answerer are valid themselves
(as defined by that particular extension) and each of them are (as defined by that particular extension) and each of them are
furthermore provided either at the session-level or within this furthermore provided either at the session level or within this
particular media description. Unknown or unsupported extension particular media description. Unknown or unsupported extension
capabilities MUST be ignored, unless they are prefixed with the capabilities MUST be ignored, unless they are prefixed with the
plus ("+") sign, which indicates that the extension MUST be plus ("+") sign, which indicates that the extension MUST be
supported in order to use that potential configuration. If the supported in order to use that potential configuration. If the
extension is not supported, that potential configuration is not extension is not supported, that potential configuration is not
valid to the answerer. valid to the answerer.
The most preferred valid potential configuration in a media The most preferred valid potential configuration in a media
description is the valid potential configuration with the lowest description is the valid potential configuration with the lowest
configuration number. The answerer MUST now process the offer for configuration number. The answerer MUST now process the offer for
that media stream based on the most preferred valid potential that media stream based on the most preferred valid potential
configuration. Conceptually, this entails the answerer constructing configuration. Conceptually, this entails the answerer constructing
an (internal) offer as follows. First, all capability negotiation an (internal) offer as follows. First, all capability negotiation
parameters from the offer SDP session description are removed, parameters from the offer SDP session description are removed,
thereby yielding an offer SDP session description with the actual thereby yielding an offer SDP session description with the actual
configuration as if SDP capability negotiation was not done in the configuration as if SDP Capability Negotiation was not done in the
first place. Secondly, this actual configuration SDP session first place. Secondly, this actual configuration SDP session
description is modified as follows for each media stream offered, description is modified as follows for each media stream offered,
based on the capability negotiation parameters included originally: based on the capability negotiation parameters included originally:
o If a transport protocol capability is included in the potential o If a transport protocol capability is included in the potential
configuration, then it replaces the transport protocol provided configuration, then it replaces the transport protocol provided in
in the "m=" line for that media description. the "m=" line for that media description.
o If attribute capabilities are present with a delete-attributes o If attribute capabilities are present with a delete-attributes
session indication ("-s") or media and session indication ("- session indication ("-s") or media and session indication ("-ms"),
ms"), then all session-level attributes from the actual then all session-level attributes from the actual configuration
configuration SDP session description MUST be deleted in the SDP session description MUST be deleted in the resulting potential
resulting potential configuration SDP session description in configuration SDP session description in accordance with the
accordance with the procedures in Section 3.5.1. If attribute procedures in Section 3.5.1. If attribute capabilities are
capabilities are present with a delete-attributes media present with a delete-attributes media indication ("-m") or media
indication ("-m") or media and session indication ("-ms"), then and session indication ("-ms"), then all attributes from the
all attributes from the actual configuration SDP session actual configuration SDP session description inside this media
description inside this media description MUST be deleted. description MUST be deleted.
o If a session-level attribute capability is included, the o If a session-level attribute capability is included, the attribute
attribute (and its associated value, if any) contained in it MUST (and its associated value, if any) contained in it MUST be added
be added to the resulting SDP session description. All such added to the resulting SDP session description. All such added session-
session-level attributes MUST be listed before the session-level level attributes MUST be listed before the session-level
attributes that were initially present in the SDP session attributes that were initially present in the SDP session
description. Furthermore, the added session-level attributes MUST description. Furthermore, the added session-level attributes MUST
be added in the order they were provided in the potential be added in the order they were provided in the potential
configuration (see also Section 3.5.1. ). configuration (see also Section 3.5.1).
This allows for attributes with implicit preference ordering This allows for attributes with implicit preference ordering to
to be added in the desired order; the "crypto" attribute be added in the desired order; the "crypto" attribute [RFC4568]
[RFC4568] is one such example. is one such example.
o If a media-level attribute capability is included, then the o If a media-level attribute capability is included, then the
attribute (and its associated value, if any) MUST be added to the attribute (and its associated value, if any) MUST be added to the
resulting SDP session description within the media description in resulting SDP session description within the media description in
question. All such added media-level attributes MUST be listed question. All such added media-level attributes MUST be listed
before the media-level attributes that were initially present in before the media-level attributes that were initially present in
the media description in question. Furthermore, the added media- the media description in question. Furthermore, the added media-
level attributes MUST be added in the order they were provided in level attributes MUST be added in the order they were provided in
the potential configuration (see also Section 3.5.1. ). the potential configuration (see also Section 3.5.1).
o If a supported extension capability is included, then it MUST be o If a supported extension capability is included, then it MUST be
processed in accordance with the rules provided for that processed in accordance with the rules provided for that
particular extension capability. particular extension capability.
The above steps MUST be performed exactly once per potential The above steps MUST be performed exactly once per potential
configuration, i.e. there MUST NOT be any recursive processing of configuration, i.e., there MUST NOT be any recursive processing of
any additional capability negotiation parameters that may any additional capability negotiation parameters that may (illegally)
(illegally) have been nested inside capabilities themselves. have been nested inside capabilities themselves.
As an example of this, consider the (illegal) attribute capability As an example of this, consider the (illegal) attribute capability
a=acap:1 acap:2 foo:a a=acap:1 acap:2 foo:a
The resulting potential configuration SDP session description The resulting potential configuration SDP session description will,
will, after the above processing has been done, contain the after the above processing has been done, contain the attribute
attribute capability capability
a=acap:2 foo:a a=acap:2 foo:a
However, since we do not perform any recursive processing of However, since we do not perform any recursive processing of
capability negotiation parameters, this second attribute capability negotiation parameters, this second attribute capability
capability parameter will not be processed by the offer/answer parameter will not be processed by the offer/answer procedure.
procedure. Instead, it will simply appear as a (useless) attribute Instead, it will simply appear as a (useless) attribute in the SDP
in the SDP session description that will be ignored by further session description that will be ignored by further processing.
processing.
Note that a transport protocol from the potential configuration Note that a transport protocol from the potential configuration
replaces the transport protocol in the actual configuration, but an replaces the transport protocol in the actual configuration, but an
attribute capability from the potential configuration is simply attribute capability from the potential configuration is simply added
added to the actual configuration. In some cases, this can result in to the actual configuration. In some cases, this can result in
having one or more meaningless attributes in the resulting potential having one or more meaningless attributes in the resulting potential
configuration SDP session description, or worse, ambiguous or configuration SDP session description, or worse, ambiguous or
potentially even illegal attributes. Use of delete-attributes for potentially even illegal attributes. Use of delete-attributes for
the session and/or media level attributes MUST be done to avoid such the session- and/or media-level attributes MUST be done to avoid such
scenarios. Nevertheless, it is RECOMMENDED that implementations scenarios. Nevertheless, it is RECOMMENDED that implementations
ignore meaningless attributes that may result from potential ignore meaningless attributes that may result from potential
configurations. configurations.
For example, if the actual configuration was using Secure RTP and For example, if the actual configuration was using Secure RTP and
included an "a=crypto" attribute for the SRTP keying material, included an "a=crypto" attribute for the SRTP keying material,
then use of a potential configuration that uses plain RTP would then use of a potential configuration that uses plain RTP would
make the "crypto" attribute meaningless. The answerer may or may make the "crypto" attribute meaningless. The answerer may or may
not ignore such a meaningless attribute. The offerer can here not ignore such a meaningless attribute. The offerer can here
ensure correct operation by using delete-attributes to remove the ensure correct operation by using delete-attributes to remove the
crypto attribute (but will then need to provide attribute "crypto" attribute (but will then need to provide attribute
capabilities to reconstruct the SDP session description with the capabilities to reconstruct the SDP session description with the
necessary attributes deleted, e.g. rtpmaps). necessary attributes deleted, e.g., rtpmaps).
Also note, that while it is permissible to include media-level Also note, that while it is permissible to include media-level
attribute capabilities at the session-level, the base SDP Capability attribute capabilities at the session level, the base SDP Capability
Negotiation framework defined here does not define any procedures Negotiation framework defined here does not define any procedures for
for use of them, i.e. the answerer effectively ignores them. use of them, i.e., the answerer effectively ignores them.
Please refer to Section 3.6.2.1. for examples of how the answerer Please refer to Section 3.6.2.1 for examples of how the answerer may
may conceptually "see" the resulting offered alternative potential conceptually "see" the resulting offered alternative potential
configurations. configurations.
The answerer MUST check that he supports all mandatory attribute The answerer MUST check that he supports all mandatory attribute
capabilities from the potential configuration (if any), the capabilities from the potential configuration (if any), the transport
transport protocol capability (if any) from the potential protocol capability (if any) from the potential configuration, and
configuration, and all mandatory extension capabilities from the all mandatory extension capabilities from the potential configuration
potential configuration (if any). If he does not, the answerer MUST (if any). If he does not, the answerer MUST proceed to the second
proceed to the second-most preferred valid potential configuration most preferred valid potential configuration for the media
for the media description, etc. description, etc.
o In the case of attribute capabilities, support implies that the o In the case of attribute capabilities, support implies that the
attribute name contained in the capability is supported and it attribute name contained in the capability is supported and it can
can (and will) be negotiated successfully in the offer/answer (and will) be negotiated successfully in the offer/answer exchange
exchange with the value provided. This does not necessarily imply with the value provided. This does not necessarily imply that the
that the value provided is supported in its entirety. For value provided is supported in its entirety. For example, the
example, the "a=fmtp" parameter is often provided with one or "a=fmtp" parameter is often provided with one or more values in a
more values in a list, where the offerer and answerer negotiate list, where the offerer and answerer negotiate use of some subset
use of some subset of the values provided. Other attributes may of the values provided. Other attributes may include mandatory
include mandatory and optional parts to their values; support for and optional parts to their values; support for the mandatory part
the mandatory part is all that is required here. is all that is required here.
A side-effect of the above rule is that whenever an "fmtp" or A side effect of the above rule is that whenever an "fmtp" or
"rtpmap" parameter is provided as a mandatory attribute "rtpmap" parameter is provided as a mandatory attribute
capability, the corresponding media format (codec) must be capability, the corresponding media format (codec) must be
supported and use of it negotiated successfully. If this is supported and use of it negotiated successfully. If this is
not the offerer's intent, the corresponding attribute not the offerer's intent, the corresponding attribute
capabilities must be listed as optional instead. capabilities must be listed as optional instead.
o In the case of transport protocol capabilities, support implies o In the case of transport protocol capabilities, support implies
that the transport protocol contained in the capability is that the transport protocol contained in the capability is
supported and the transport protocol can (and will) be negotiated supported and the transport protocol can (and will) be negotiated
successfully in the offer/answer exchange. successfully in the offer/answer exchange.
o In the case of extension capabilities, the extension MUST define o In the case of extension capabilities, the extension MUST define
the rules for when the extension capability is considered the rules for when the extension capability is considered
supported and those rules MUST be satisfied. supported and those rules MUST be satisfied.
If the answerer has exhausted all potential configurations for the If the answerer has exhausted all potential configurations for the
media description, without finding a valid one that is also media description, without finding a valid one that is also
supported, then the answerer MUST process the offered media stream supported, then the answerer MUST process the offered media stream
based on the actual configuration plus any session-level attributes based on the actual configuration plus any session-level attributes
added by a valid and supported potential configuration from another added by a valid and supported potential configuration from another
media description in the offered SDP session description. media description in the offered SDP session description.
The above process describes potential configuration selection as a The above process describes potential configuration selection as a
per media stream process. Inter-media stream coordination of per-media-stream process. Inter-media stream coordination of
selected potential configurations however is required in some cases. selected potential configurations however is required in some cases.
First of all, session-level attributes added by a potential First of all, session-level attributes added by a potential
configuration for one media description MUST NOT cause any problems configuration for one media description MUST NOT cause any problems
for potential configurations selected by other media descriptions in for potential configurations selected by other media descriptions in
the offer SDP session description. If the session-level attributes the offer SDP session description. If the session-level attributes
are mandatory, then those session-level attributes MUST furthermore are mandatory, then those session-level attributes MUST furthermore
be supported by the session as a whole (i.e., all the media be supported by the session as a whole (i.e., all the media
descriptions if relevant). As mentioned earlier, this adds descriptions if relevant). As mentioned earlier, this adds
additional complexity to the overall processing and hence it is additional complexity to the overall processing and hence it is
RECOMMENDED not to use session-level attribute capabilities in RECOMMENDED not to use session-level attribute capabilities in
potential configurations, unless absolutely necessary. potential configurations, unless absolutely necessary.
Once the answerer has selected a valid and supported offered Once the answerer has selected a valid and supported offered
potential configuration for all of the media streams (or has fallen potential configuration for all of the media streams (or has fallen
back to the actual configuration plus any added session attributes), back to the actual configuration plus any added session attributes),
the answerer MUST generate a valid virtual answer SDP session the answerer MUST generate a valid virtual answer SDP session
description based on the selected potential configuration SDP description based on the selected potential configuration SDP session
session description, as "seen" by the answerer using normal description, as "seen" by the answerer using normal offer/answer
offer/answer rules (see Section 3.6.2.1. for examples). The actual rules (see Section 3.6.2.1 for examples). The actual answer SDP
answer SDP session description is formed from the virtual answer SDP session description is formed from the virtual answer SDP session
session description as follows: If the answerer selected one of the description as follows: if the answerer selected one of the potential
potential configurations in a media description, the answerer MUST configurations in a media description, the answerer MUST include an
include an actual configuration attribute ("a=acfg") within that actual configuration attribute ("a=acfg") within that media
media description. The "a=acfg" attribute MUST identify the description. The "a=acfg" attribute MUST identify the configuration
configuration number for the selected potential configuration as number for the selected potential configuration as well as the actual
well as the actual parameters that were used from that potential parameters that were used from that potential configuration; if the
configuration; if the potential configuration included alternatives, potential configuration included alternatives, the selected
the selected alternatives only MUST be included. Only the known and alternatives only MUST be included. Only the known and supported
supported parameters will be included. Unknown or unsupported parameters will be included. Unknown or unsupported parameters MUST
parameters MUST NOT be included in the actual configuration NOT be included in the actual configuration attribute. In the case
attribute. In the case of attribute capabilities, only the known and of attribute capabilities, only the known and supported capabilities
supported capabilities are included; unknown or unsupported are included; unknown or unsupported attribute capabilities MUST NOT
attribute capabilities MUST NOT be included. be included.
If the answerer supports one or more capability negotiation If the answerer supports one or more capability negotiation
extensions that were not included in a required capability extensions that were not included in a required capability
negotiation extensions attribute in the offer, then the answerer negotiation extensions attribute in the offer, then the answerer
SHOULD furthermore include a supported capability negotiation SHOULD furthermore include a supported capability negotiation
attribute ("a=csup") at the session-level with option tags for the attribute ("a=csup") at the session level with option tags for the
extensions supported across media streams. Also, if the answerer extensions supported across media streams. Also, if the answerer
supports one or more capability negotiation extensions for only supports one or more capability negotiation extensions for only
particular media descriptions, then a supported capability particular media descriptions, then a supported capability
negotiation attribute with those option-tags SHOULD be included negotiation attribute with those option tags SHOULD be included
within each relevant media description. The required capability within each relevant media description. The required capability
negotiation attribute ("a=creq") MUST NOT be used in an answer. negotiation attribute ("a=creq") MUST NOT be used in an answer.
The offerer's originally provided actual configuration is contained The offerer's originally provided actual configuration is contained
in the offer media description's "m=" line (and associated in the offer media description's "m=" line (and associated
parameters). The answerer MAY send media to the offerer in parameters). The answerer MAY send media to the offerer in
accordance with that actual configuration as soon as it receives the accordance with that actual configuration as soon as it receives the
offer, however it MUST NOT send media based on that actual offer; however, it MUST NOT send media based on that actual
configuration if it selects an alternative potential configuration. configuration if it selects an alternative potential configuration.
If the answerer selects one of the potential configurations, then If the answerer selects one of the potential configurations, then the
the answerer MAY immediately start to send media to the offerer in answerer MAY immediately start to send media to the offerer in
accordance with the selected potential configuration, however the accordance with the selected potential configuration; however, the
offerer MAY discard such media or play out garbage until the offerer offerer MAY discard such media or play out garbage until the offerer
receives the answer. Please refer to section 3.9. for additional receives the answer. Please refer to Section 3.9. for additional
considerations and possible alternative solutions outside the base considerations and possible alternative solutions outside the base
SDP Capability Negotiation framework. SDP Capability Negotiation framework.
If the answerer selected a potential configuration instead of the If the answerer selected a potential configuration instead of the
actual configuration, then it is RECOMMENDED that the answerer sends actual configuration, then it is RECOMMENDED that the answerer send
back an answer SDP session description as soon as possible. This back an answer SDP session description as soon as possible. This
minimizes the risk of having media discarded or played out as minimizes the risk of having media discarded or played out as garbage
garbage by the offerer. In the case of SIP [RFC3261] without any by the offerer. In the case of SIP [RFC3261] without any extensions,
extensions, this implies that if the offer was received in an INVITE this implies that if the offer was received in an INVITE message,
message, then the answer SDP session description should be provided then the answer SDP session description should be provided in the
in the first non-100 provisional response sent back (per RFC3261, first non-100 provisional response sent back (per RFC 3261, the
the answer would need to be repeated in the 200 response as well, answer would need to be repeated in the 200 response as well, unless
unless a relevant extension such as [RFC3262] is being used). a relevant extension such as [RFC3262] is being used).
3.6.2.1. Example Views of Potential Configurations 3.6.2.1. Example Views of Potential Configurations
The following examples illustrate how the answerer may conceptually The following examples illustrate how the answerer may conceptually
"see" a potential configuration. Consider the following offered SDP "see" a potential configuration. Consider the following offered SDP
session description: session description:
v=0 v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com o=alice 2891092738 2891092738 IN IP4 lost.example.com
s= s=
t=0 0 t=0 0
c=IN IP4 lost.example.com c=IN IP4 lost.example.com
a=tool:foo a=tool:foo
a=acap:1 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=acap:1 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tcap:1 RTP/SAVP RTP/AVP a=tcap:1 RTP/SAVP RTP/AVP
skipping to change at page 44, line 32 skipping to change at page 42, line 32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=1 a=1|2 a=pcfg:1 t=1 a=1|2
m=video 52000 RTP/AVP 31 m=video 52000 RTP/AVP 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=pcfg:1 t=1 a=1|3 a=pcfg:1 t=1 a=1|3
This particular SDP session description offers an audio stream and a This particular SDP session description offers an audio stream and a
video stream, each of which can either use plain RTP (actual video stream, each of which can either use plain RTP (actual
configuration) or secure RTP (potential configuration). Furthermore, configuration) or Secure RTP (potential configuration). Furthermore,
two different keying mechanisms are offered, namely session-level two different keying mechanisms are offered, namely session-level Key
Key Management Extensions using MIKEY (attribute capability 1) and Management Extensions using MIKEY (attribute capability 1) and media-
media-level SDP Security Descriptions (attribute capabilities 2 and level SDP security descriptions (attribute capabilities 2 and 3).
3). There are several potential configurations here, however, below There are several potential configurations here, however, below we
we show the one the answerer "sees" when using potential show the one the answerer "sees" when using potential configuration 1
configuration 1 for both audio and video, and furthermore using for both audio and video, and furthermore using attribute capability
attribute capability 1 (MIKEY) for both (we have removed all the 1 (MIKEY) for both (we have removed all the capability negotiation
capability negotiation attributes for clarity): attributes for clarity):
v=0 v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com o=alice 2891092738 2891092738 IN IP4 lost.example.com
s= s=
t=0 0 t=0 0
c=IN IP4 lost.example.com c=IN IP4 lost.example.com
a=tool:foo a=tool:foo
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
m=audio 59000 RTP/SAVP 98 m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
m=video 52000 RTP/SAVP 31 m=video 52000 RTP/SAVP 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
Note that the transport protocol in the media descriptions indicate Note that the transport protocol in the media descriptions indicate
use of secure RTP. use of Secure RTP.
Below, we show the offer the answerer "sees" when using potential Below, we show the offer the answerer "sees" when using potential
configuration 1 for both audio and video and furthermore using configuration 1 for both audio and video and furthermore using
attribute capability 2 and 3 respectively (SDP security attribute capability 2 and 3, respectively, (SDP security
descriptions) for the audio and video stream - note the order in descriptions) for the audio and video stream -- note the order in
which the resulting attributes are provided: which the resulting attributes are provided:
v=0 v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com o=alice 2891092738 2891092738 IN IP4 lost.example.com
s= s=
t=0 0 t=0 0
c=IN IP4 lost.example.com c=IN IP4 lost.example.com
a=tool:foo a=tool:foo
m=audio 59000 RTP/SAVP 98 m=audio 59000 RTP/SAVP 98
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
m=video 52000 RTP/SAVP 31 m=video 52000 RTP/SAVP 31
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
Again, note that the transport protocol in the media descriptions Again, note that the transport protocol in the media descriptions
indicate use of secure RTP. indicate use of Secure RTP.
And finally, we show the offer the answerer "sees" when using And finally, we show the offer the answerer "sees" when using
potential configuration 1 with attribute capability 1 (MIKEY) for potential configuration 1 with attribute capability 1 (MIKEY) for the
the audio stream, and potential configuration 1 with attribute audio stream, and potential configuration 1 with attribute capability
capability 3 (SDP security descriptions) for the video stream: 3 (SDP security descriptions) for the video stream:
v=0 v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com o=alice 2891092738 2891092738 IN IP4 lost.example.com
s= s=
t=0 0 t=0 0
c=IN IP4 lost.example.com c=IN IP4 lost.example.com
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tool:foo a=tool:foo
m=audio 59000 RTP/SAVP 98 m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
skipping to change at page 46, line 16 skipping to change at page 44, line 14
3.6.3. Offerer Processing of the Answer 3.6.3. Offerer Processing of the Answer
When the offerer attempted to use SDP Capability Negotiation in the When the offerer attempted to use SDP Capability Negotiation in the
offer, the offerer MUST examine the answer for actual use of SDP offer, the offerer MUST examine the answer for actual use of SDP
Capability Negotiation. Capability Negotiation.
For each media description where the offerer included a potential For each media description where the offerer included a potential
configuration attribute ("a=pcfg"), the offerer MUST first examine configuration attribute ("a=pcfg"), the offerer MUST first examine
that media description for the presence of a valid actual that media description for the presence of a valid actual
configuration attribute ("a=acfg"). An actual configuration configuration attribute ("a=acfg"). An actual configuration
attribute is valid if: attribute is valid if:
o it refers to a potential configuration that was present in the o it refers to a potential configuration that was present in the
corresponding offer, and corresponding offer, and
o it contains the actual parameters that were used from that o it contains the actual parameters that were used from that
potential configuration; if the potential configuration included potential configuration; if the potential configuration included
alternatives, the selected alternatives only MUST be included. alternatives, the selected alternatives only MUST be included.
Note that the answer will include only parameters and attribute Note that the answer will include only parameters and attribute
capabilities that are known and supported by the answerer, as capabilities that are known and supported by the answerer, as
described in Section 3.6.2. described in Section 3.6.2.
If a valid actual configuration attribute is not present in a media If a valid actual configuration attribute is not present in a media
description, then the offerer MUST process the answer SDP session description, then the offerer MUST process the answer SDP session
description for that media stream per the normal offer/answer rules description for that media stream per the normal offer/answer rules
defined in [RFC3264]. However, if a valid one is found, the offerer defined in [RFC3264]. However, if a valid one is found, the offerer
MUST instead process the answer as follows: MUST instead process the answer as follows:
o The actual configuration attribute specifies which of the o The actual configuration attribute specifies which of the
potential configurations was used by the answerer to generate the potential configurations was used by the answerer to generate the
answer for this media stream. This includes all the supported answer for this media stream. This includes all the supported
attribute capabilities and the transport capabilities referenced attribute capabilities and the transport capabilities referenced
by the potential configuration selected, where the attribute by the potential configuration selected, where the attribute
capabilities have any associated delete-attributes included. capabilities have any associated delete-attributes included.
Extension capabilities supported by the answerer are included as Extension capabilities supported by the answerer are included as
well. well.
o The offerer MUST now process the answer in accordance with the o The offerer MUST now process the answer in accordance with the
rules in [RFC3264], except that it must be done as if the offer rules in [RFC3264], except that it must be done as if the offer
consisted of the selected potential configuration instead of the consisted of the selected potential configuration instead of the
original actual configuration, including any transport protocol original actual configuration, including any transport protocol
changes in the media ("m=") line(s), attributes added and deleted changes in the media ("m=") line(s), attributes added and deleted
by the potential configuration at the media and session level, by the potential configuration at the media and session level, and
and any extensions used. If this derived answer is not a valid any extensions used. If this derived answer is not a valid answer
answer to the potential configuration offer selected by the to the potential configuration offer selected by the answerer, the
answerer, the offerer MUST instead continue further processing as offerer MUST instead continue further processing as it would have
it would have for a regular offer/answer exchange, where the for a regular offer/answer exchange, where the answer received
answer received does not adhere to the rules of [RFC3264]. does not adhere to the rules of [RFC3264].
If the offer/answer exchange was successful, and if the answerer If the offer/answer exchange was successful, and if the answerer
selected one of the potential configurations from the offer as the selected one of the potential configurations from the offer as the
actual configuration, and the selected potential configuration actual configuration, and the selected potential configuration
differs from the actual configuration in the offer (the "m=", "a=", differs from the actual configuration in the offer (the "m=", "a=",
etc. lines), then the offerer SHOULD initiate another offer/answer etc., lines), then the offerer SHOULD initiate another offer/answer
exchange. This second offer/answer exchange will not modify the exchange. This second offer/answer exchange will not modify the
session in any way, however it will help intermediaries (e.g. session in any way; however, it will help intermediaries (e.g.,
middleboxes), that look at the SDP session description but do not middleboxes), which look at the SDP session description but do not
support the capability negotiation extensions, understand the support the capability negotiation extensions, understand the details
details of the media stream(s) that were actually negotiated. This of the media stream(s) that were actually negotiated. This new offer
new offer MUST contain the selected potential configuration as the MUST contain the selected potential configuration as the actual
actual configuration, i.e., with the actual configuration used in configuration, i.e., with the actual configuration used in the "m="
the "m=" line and any other relevant attributes, bandwidth line and any other relevant attributes, bandwidth parameters, etc.
parameters, etc.
Note that, per normal offer/answer rules, the second offer/answer Note that, per normal offer/answer rules, the second offer/answer
exchange still needs to update the version number in the "o=" line exchange still needs to update the version number in the "o=" line
((<sess-version> in [RFC4566]). Attribute lines carrying keying (<sess-version> in [RFC4566]). Attribute lines carrying keying
material SHOULD repeat the keys from the previous offer, unless re- material SHOULD repeat the keys from the previous offer, unless
keying is necessary, e.g. due to a previously forked SIP INVITE re-keying is necessary, e.g., due to a previously forked SIP INVITE
request. Please refer to Section 3.12. for additional considerations request. Please refer to Section 3.12 for additional considerations
related to intermediaries. related to intermediaries.
3.6.4. Modifying the Session 3.6.4. Modifying the Session
Capabilities and potential configurations may be included in Capabilities and potential configurations may be included in
subsequent offers as defined in [RFC3264], Section 8. The procedure subsequent offers as defined in [RFC3264], Section 8. The procedure
for doing so is similar to that described above with the answer for doing so is similar to that described above with the answer
including an indication of the actual selected configuration used by including an indication of the actual selected configuration used by
the answerer. the answerer.
If the answer indicates use of a potential configuration from the If the answer indicates use of a potential configuration from the
offer, then the guidelines provided in Section 3.6.3. for doing a offer, then the guidelines provided in Section 3.6.3 for doing a
second offer/answer exchange using that potential configuration as second offer/answer exchange using that potential configuration as
the actual configuration apply. the actual configuration apply.
3.7. Interactions with ICE 3.7. Interactions with ICE
Interactive Connectivity Establishment (ICE) [ICE] provides a Interactive Connectivity Establishment (ICE) [RFC5245] provides a
mechanism for verifying connectivity between two endpoints by mechanism for verifying connectivity between two endpoints by sending
sending STUN messages directly between the media endpoints. The Session Traversal Utilities for NAT (STUN) messages directly between
basic ICE specification [ICE] is only defined to support UDP-based the media endpoints. The basic ICE specification [RFC5245] is only
connectivity, however it allows for extensions to support other defined to support UDP-based connectivity; however, it allows for
transport protocols, such as TCP, which is being specified in extensions to support other transport protocols, such as TCP, which
[ICETCP]. ICE defines a new "a=candidate" attribute, which, among is being specified in [ICETCP]. ICE defines a new "a=candidate"
other things, indicates the possible transport protocol(s) to use attribute, which, among other things, indicates the possible
and then associates a priority with each of them. The most preferred transport protocol(s) to use and then associates a priority with each
transport protocol that *successfully* verifies connectivity will of them. The most preferred transport protocol that *successfully*
end up being used. verifies connectivity will end up being used.
When using ICE, it is thus possible that the transport protocol that When using ICE, it is thus possible that the transport protocol that
will be used differs from what is specified in the "m=" line. Since will be used differs from what is specified in the "m=" line. Since
both ICE and SDP Capability Negotiation may specify alternative both ICE and SDP Capability Negotiation may specify alternative
transport protocols, there is a potentially unintended interaction transport protocols, there is a potentially unintended interaction
when using these together. when using these together.
We provide the following guidelines for addressing that. We provide the following guidelines for addressing that.
There are two basic scenarios to consider: There are two basic scenarios to consider:
1) A particular media stream can run over different transport 1) A particular media stream can run over different transport
protocols (e.g. UDP, TCP, or TCP/TLS), and the intent is simply to protocols (e.g., UDP, TCP, or TCP/TLS), and the intent is simply
use the one that works (in the preference order specified). to use the one that works (in the preference order specified).
2) A particular media stream can run over different transport 2) A particular media stream can run over different transport
protocols (e.g. UDP, TCP, or TCP/TLS) and the intent is to have the protocols (e.g., UDP, TCP, or TCP/TLS) and the intent is to have
negotiation process decide which one to use (e.g. T.38 over TCP or the negotiation process decide which one to use (e.g., T.38 over
UDP). TCP or UDP).
In scenario 1, there should be ICE "a=candidate" attributes for UDP, In scenario 1, there should be ICE "a=candidate" attributes for UDP,
TCP, etc. but otherwise nothing special in the potential TCP, etc., but otherwise nothing special in the potential
configuration attributes to indicate the desire to use different configuration attributes to indicate the desire to use different
transport protocols (e.g. UDP, or TCP). The ICE procedures transport protocols (e.g., UDP, or TCP). The ICE procedures
essentially cover the capability negotiation required (by having the essentially cover the capability negotiation required (by having the
answerer select something it supports and then use of trial and answerer select something it supports and then use of trial and error
error connectivity checks). connectivity checks).
Scenario 2 does not require a need to support or use ICE. Instead, Scenario 2 does not require a need to support or use ICE. Instead,
we simply use transport protocol capabilities and potential we simply use transport protocol capabilities and potential
configuration attributes to indicate the desired outcome. configuration attributes to indicate the desired outcome.
The scenarios may be combined, e.g. by offering potential The scenarios may be combined, e.g., by offering potential
configuration alternatives where some of them can support only one configuration alternatives where some of them can support only one
transport protocol (e.g. UDP), whereas others can support multiple transport protocol (e.g., UDP), whereas others can support multiple
transport protocols (e.g. UDP or TCP). In that case, there is a need transport protocols (e.g., UDP or TCP). In that case, there is a
for tight control over the ICE candidates that will be used for a need for tight control over the ICE candidates that will be used for
particular configuration, yet the actual configuration may want to a particular configuration, yet the actual configuration may want to
use all of the ICE candidates. In that case, the ICE candidate use all of the ICE candidates. In that case, the ICE candidate
attributes can be defined as attribute capabilities and the relevant attributes can be defined as attribute capabilities and the relevant
ones should then be included in the proper potential configurations ones should then be included in the proper potential configurations
(for example candidate attributes for UDP only for potential (for example, candidate attributes for UDP only for potential
configurations that are restricted to UDP, whereas there could be configurations that are restricted to UDP, whereas there could be
candidate attributes for UDP, TCP, and TCP/TLS for potential candidate attributes for UDP, TCP, and TCP/TLS for potential
configurations that can use all three). Furthermore, use of the configurations that can use all three). Furthermore, use of the
delete-attributes in a potential configuration can be used to ensure delete-attributes in a potential configuration can be used to ensure
that ICE will not end up using a transport protocol that is not that ICE will not end up using a transport protocol that is not
desired for a particular configuration. desired for a particular configuration.
SDP Capability Negotiation recommends use of a second offer/answer SDP Capability Negotiation recommends use of a second offer/answer
exchange when the negotiated actual configuration was one of the exchange when the negotiated actual configuration was one of the
potential configurations from the offer (see Section 3.6.3. ). potential configurations from the offer (see Section 3.6.3).
Similarly, ICE requires use of a second offer/answer exchange if the Similarly, ICE requires use of a second offer/answer exchange if the
chosen candidate is not the same as the one in the m/c-line from the chosen candidate is not the same as the one in the m/c-line from the
offer. When ICE and capability negotiation are used at the same offer. When ICE and capability negotiation are used at the same
time, the two secondary offer/answer exchanges SHOULD be combined to time, the two secondary offer/answer exchanges SHOULD be combined to
a single one. a single one.
3.8. Interactions with SIP Option Tags 3.8. Interactions with SIP Option Tags
SIP [RFC3261] allows for SIP extensions to define a SIP option tag SIP [RFC3261] allows for SIP extensions to define a SIP option tag
that identifies the SIP extension. Support for one or more such that identifies the SIP extension. Support for one or more such
extensions can be indicated by use of the SIP Supported header, and extensions can be indicated by use of the SIP Supported header, and
required support for one or more such extensions can be indicated by required support for one or more such extensions can be indicated by
use of the SIP Require header. The "a=csup" and "a=creq" attributes use of the SIP Require header. The "a=csup" and "a=creq" attributes
defined by the SDP Capability Negotiation framework are similar, defined by the SDP Capability Negotiation framework are similar,
except that support for these two attributes by themselves cannot be except that support for these two attributes by themselves cannot be
guaranteed (since they are specified as extensions to the SDP guaranteed (since they are specified as extensions to the SDP
specification [RFC4566] itself). specification [RFC4566] itself).
SIP extensions with associated option tags can introduce SIP extensions with associated option tags can introduce enhancements
enhancements to not only SIP, but also SDP. This is for example the to not only SIP, but also SDP. This is for example the case for SIP
case for SIP preconditions defined in [RFC3312]. When using SDP preconditions defined in [RFC3312]. When using SDP Capability
Capability Negotiation, some potential configurations may include Negotiation, some potential configurations may include certain SDP
certain SDP extensions, whereas others may not. Since the purpose of extensions, whereas others may not. Since the purpose of the SDP
the SDP Capability Negotiation is to negotiate a session based on Capability Negotiation is to negotiate a session based on the
the features supported by both sides, use of the SIP Require header features supported by both sides, use of the SIP Require header for
for such extensions may not produce the desired result. For example, such extensions may not produce the desired result. For example, if
if one potential configuration requires SIP preconditions support, one potential configuration requires SIP preconditions support,
another does not, and the answerer does not support preconditions, another does not, and the answerer does not support preconditions,
then use of the SIP Require header for preconditions would result in then use of the SIP Require header for preconditions would result in
a session failure, in spite of the fact that a valid and supported a session failure, in spite of the fact that a valid and supported
potential configuration was included in the offer. potential configuration was included in the offer.
In general, this can be alleviated by use of mandatory and optional In general, this can be alleviated by use of mandatory and optional
attribute capabilities in a potential configuration. There are attribute capabilities in a potential configuration. There are
however cases where permissible SDP values are tied to the use of however cases where permissible SDP values are tied to the use of the
the SIP Require header. SIP preconditions [RFC3312] is one such SIP Require header. SIP preconditions [RFC3312] is one such example,
example, where preconditions with a "mandatory" strength-tag can where preconditions with a "mandatory" strength-tag can only be used
only be used when a SIP Require header with the SIP option tag when a SIP Require header with the SIP option tag "precondition" is
"precondition" is included. Future SIP extensions that may want to included. Future SIP extensions that may want to use the SDP
use the SDP Capability Negotiation framework should avoid such Capability Negotiation framework should avoid such coupling.
coupling.
3.9. Processing Media before Answer 3.9. Processing Media before Answer
The offer/answer model [RFC3264] requires an offerer to be able to The offer/answer model [RFC3264] requires an offerer to be able to
receive media in accordance with the offer prior to receiving the receive media in accordance with the offer prior to receiving the
answer. This property is retained with the SDP Capability answer. This property is retained with the SDP Capability
Negotiation extensions defined here, but only when the actual Negotiation extensions defined here, but only when the actual
configuration is selected by the answerer. If a potential configuration is selected by the answerer. If a potential
configuration is chosen, the offerer may decide to not process any configuration is chosen, the offerer may decide not to process any
media received before the answer is received. This may lead to media received before the answer is received. This may lead to
clipping. Consequently, the SDP Capability Negotiation framework clipping. Consequently, the SDP Capability Negotiation framework
recommends sending back an answer SDP session description as soon as recommends sending back an answer SDP session description as soon as
possible. possible.
The issue can be resolved by introducing a three-way handshake. In The issue can be resolved by introducing a three-way handshake. In
the case of SIP, this can for example be done by defining a the case of SIP, this can, for example, be done by defining a
precondition [RFC3312] for capability negotiation (or use an precondition [RFC3312] for capability negotiation (or by using an
existing precondition that is known to generate a second existing precondition that is known to generate a second offer/answer
offer/answer exchange before proceeding with the session). However, exchange before proceeding with the session). However, preconditions
preconditions are often viewed as complicated to implement and they are often viewed as complicated to implement and they may add to
may add to overall session establishment delay by requiring an extra overall session establishment delay by requiring an extra
offer/answer exchange. offer/answer exchange.
An alternative three-way handshake can be performed by use of ICE An alternative three-way handshake can be performed by use of ICE
[ICE]. When ICE is being used, and the answerer receives a STUN [RFC5245]. When ICE is being used, and the answerer receives a STUN
Binding Request for any one of the accepted media streams from the Binding Request for any one of the accepted media streams from the
offerer, the answerer knows the offer has received his answer. At offerer, the answerer knows the offer has received his answer. At
that point, the answerer knows that the offerer will be able to that point, the answerer knows that the offerer will be able to
process incoming media according to the negotiated configuration and process incoming media according to the negotiated configuration and
hence he can start sending media without the risk of the offerer hence he can start sending media without the risk of the offerer
either discarding it or playing garbage. either discarding it or playing garbage.
Please note that, the above considerations notwithstanding, this Please note that, the above considerations notwithstanding, this
document does not place any requirements on the offerer to process document does not place any requirements on the offerer to process
and play media before answer; it merely provides recommendations for and play media before answer; it merely provides recommendations for
how to ensure that media sent by the answerer and received by the how to ensure that media sent by the answerer and received by the
offerer prior to receiving the answer, can in fact be rendered by offerer prior to receiving the answer can in fact be rendered by the
the offerer. offerer.
In some use cases a three-way handshake is not needed. An example is In some use cases, a three-way handshake is not needed. An example
when the offerer does not need information from the answer, such as is when the offerer does not need information from the answer, such
keying material in the SDP session description, in order to process as keying material in the SDP session description, in order to
incoming media. The SDP Capability Negotiation framework does not process incoming media. The SDP Capability Negotiation framework
define any such solutions, however extensions may do so. For does not define any such solutions; however, extensions may do so.
example, one technique proposed for best-effort SRTP in [BESRTP] is For example, one technique proposed for best-effort SRTP in [BESRTP]
to provide different RTP payload type mappings for different is to provide different RTP payload type mappings for different
transport protocols used, outside of the actual configuration, while transport protocols used, outside of the actual configuration, while
still allowing them to be used by the answerer (exchange of keying still allowing them to be used by the answerer (exchange of keying
material is still needed, e.g. inband). The basic SDP Capability material is still needed, e.g., inband). The basic SDP Capability
Negotiation framework defined here does not include the ability to Negotiation framework defined here does not include the ability to do
do so, however extensions that enable that may be defined. so; however, extensions that enable that may be defined.
3.10. Indicating Bandwidth Usage 3.10. Indicating Bandwidth Usage
The amount of bandwidth used for a particular media stream depends The amount of bandwidth used for a particular media stream depends on
on the negotiated codecs, transport protocol and other parameters. the negotiated codecs, transport protocol and other parameters. For
For example use of Secure RTP [RFC3711] with integrity protection example the use of Secure RTP [RFC3711] with integrity protection
requires more bandwidth than plain RTP [RFC3551]. SDP defines the requires more bandwidth than plain RTP [RFC3551]. SDP defines the
bandwidth ("b=") parameter to indicate the proposed bandwidth for bandwidth ("b=") parameter to indicate the proposed bandwidth for the
the session or media stream. session or media stream.
In SDP as defined by [RFC4566], each media description contains one In SDP, as defined by [RFC4566], each media description contains one
transport protocol and one or more codecs. When specifying the transport protocol and one or more codecs. When specifying the
proposed bandwidth, the worst case scenario must be taken into proposed bandwidth, the worst case scenario must be taken into
account, i.e., use of the highest bandwidth codec provided, the account, i.e., use of the highest bandwidth codec provided, the
transport protocol indicated, and the worst case (bandwidth-wise) transport protocol indicated, and the worst case (bandwidth-wise)
parameters that can be negotiated (e.g., a 32-bit HMAC or an 80-bit parameters that can be negotiated (e.g., a 32-bit Hashed Message
HMAC). Authentication Code (HMAC) or an 80-bit HMAC).
The base SDP Capability Negotiation framework does not provide a way The base SDP Capability Negotiation framework does not provide a way
to negotiate bandwidth parameters. The issue thus remains, however to negotiate bandwidth parameters. The issue thus remains; however,
it is potentially worse than with SDP per [RFC4566], since it is it is potentially worse than with SDP per [RFC4566], since it is
easier to negotiate additional codecs, and furthermore possible to easier to negotiate additional codecs, and furthermore possible to
negotiate different transport protocols. The recommended approach negotiate different transport protocols. The recommended approach
for addressing this is the same as for plain SDP; the worst case for addressing this is the same as for plain SDP; the worst case (now
(now including potential configurations) needs to be taken into including potential configurations) needs to be taken into account
account when specifying the bandwidth parameters in the actual when specifying the bandwidth parameters in the actual configuration.
configuration. This can make the bandwidth value less accurate than This can make the bandwidth value less accurate than in SDP per
in SDP per [RFC4566] (due to potential greater variability in the [RFC4566] (due to potential greater variability in the potential
potential configuration bandwidth use). Extensions can be defined to configuration bandwidth use). Extensions can be defined to address
address this shortcoming. this shortcoming.
The Transport Independent Application Specific Maximum (TIAS)
bandwidth type as defined in [RFC3890] SHOULD NOT be used to try and
alleviate bandwidth variability concerns due to different transport
protocols, since there are some inconsistencies between [RFC3264]
and [RFC3890]. More specifically, [RFC3264] defines the bandwidth
parameter to apply to the receive direction for unicast streams,
whereas [RFC3890] intends to use bandwidth in the send direction.
Implementers are encouraged to look for an expected future solution
to this.
Note, that when using RTP retransmission [RFC4588] with the RTCP- Note, that when using RTP retransmission [RFC4588] with the RTCP-
based feedback profile [RFC4585] (RTP/AVPF), the retransmitted based feedback profile [RFC4585] (RTP/AVPF), the retransmitted
packets are part of the media stream bandwidth when using SSRC- packets are part of the media stream bandwidth when using
multiplexing. If a feedback based protocol is offered as the actual synchronization source (SSRC) multiplexing. If a feedback-based
configuration transport protocol, a non-feedback based protocol is protocol is offered as the actual configuration transport protocol, a
offered as a potential configuration transport protocol and ends up non-feedback-based protocol is offered as a potential configuration
being used, the actual bandwidth usage may be lower than the transport protocol and ends up being used, the actual bandwidth usage
indicated bandwidth value in the offer (and vice versa). may be lower than the indicated bandwidth value in the offer (and
vice versa).
3.11. Dealing with Large Number of Potential Configurations 3.11. Dealing with Large Number of Potential Configurations
When using the SDP Capability Negotiation, it is easy to generate When using the SDP Capability Negotiation, it is easy to generate
offers that contain a large number of potential configurations. For offers that contain a large number of potential configurations. For
example, in the offer: example, in the offer:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVP 0 18 m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
FEC_ORDER=FEC_SRTP FEC_ORDER=FEC_SRTP
a=acap:2 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=acap:2 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=acap:3 rtcp-fb:0 nack a=acap:3 rtcp-fb:0 nack
a=pcfg:1 t=1 a=1,3|2,3 a=pcfg:1 t=1 a=1,3|2,3
a=pcfg:2 t=2 a=1|2 a=pcfg:2 t=2 a=1|2
a=pcfg:3 t=3 a=3 a=pcfg:3 t=3 a=3
we have 5 potential configurations on top of the actual we have 5 potential configurations on top of the actual configuration
configuration for a single media stream. Adding an extension for a single media stream. Adding an extension capability with just
capability with just two alternatives for each would double that two alternatives for each would double that number (to 10), and doing
number (to 10), and doing the equivalent with two media streams the equivalent with two media streams would again double that number
would again double that number (to 20). While it is easy (and (to 20). While it is easy (and inexpensive) for the offerer to
inexpensive) for the offerer to generate such offers, processing generate such offers, processing them at the answering side may not
them at the answering side may not be. Consequently, it is be. Consequently, it is RECOMMENDED that offerers do not create
RECOMMENDED that offerers do not create offers with unnecessarily offers with unnecessarily large number of potential configurations in
large number of potential configurations in them. them.
On the answering side, implementers MUST take care to avoid On the answering side, implementers MUST take care to avoid excessive
excessive memory and CPU consumption. For example, a naive memory and CPU consumption. For example, a naive implementation that
implementation that first generates all the valid potential first generates all the valid potential configuration SDP session
configuration SDP session descriptions internally, could find itself descriptions internally, could find itself being memory exhausted,
being memory exhausted, especially if it supports a large number of especially if it supports a large number of endpoints. Similarly, a
endpoints. Similarly, a naive implementation that simply performs naive implementation that simply performs iterative trial-and-error
iterative trial-and-error processing on each possible potential processing on each possible potential configuration SDP session
configuration SDP session description (in the preference order description (in the preference order specified) could find itself
specified) could find itself being CPU constrained. An alternative being CPU constrained. An alternative strategy is to prune the
strategy is to prune the search space first by discarding the set of search space first by discarding the set of offered potential
offered potential configurations where the transport protocol configurations where the transport protocol indicated (if any) is not
indicated (if any) is not supported, and/or one or more mandatory supported, and/or one or more mandatory attribute capabilities (if
attribute capabilities (if any) are either not supported or not any) are either not supported or not valid. Potential configurations
valid. Potential configurations with unsupported mandatory extension with unsupported mandatory extension configurations in them can be
configurations in them can be discarded as well. discarded as well.
3.12. SDP Capability Negotiation and Intermediaries 3.12. SDP Capability Negotiation and Intermediaries
An intermediary is here defined as an entity between a SIP user An intermediary is here defined as an entity between a SIP user agent
agent A and a SIP user agent B, that need to perform some kind of A and a SIP user agent B, that needs to perform some kind of
processing on the SDP session descriptions exchanged between A and processing on the SDP session descriptions exchanged between A and B,
B, in order for the session establishment to operate as intended. in order for the session establishment to operate as intended.
Examples of such intermediaries include Session Border Controllers Examples of such intermediaries include Session Border Controllers
(SBCs) that may perform media relaying, Proxy Call Session Control (SBCs) that may perform media relaying, Proxy Call Session Control
Functions (P-CSCF) that may authorize use of a certain amount of Functions (P-CSCFs) that may authorize use of a certain amount of
network resources (bandwidth), etc. The presence and design of such network resources (bandwidth), etc. The presence and design of such
intermediaries may not follow the "Internet" model or the SIP intermediaries may not follow the "Internet" model or the SIP
requirements for proxies (which are not supposed to look in message requirements for proxies (which are not supposed to look in message
bodies such as SDP session descriptions), however they are a fact of bodies such as SDP session descriptions); however, they are a fact of
life in some deployment scenarios and hence deserve consideration. life in some deployment scenarios and hence deserve consideration.
If the intermediary needs to understand the characteristics of the If the intermediary needs to understand the characteristics of the
media sessions being negotiated, e.g. the amount of bandwidth used media sessions being negotiated, e.g., the amount of bandwidth used
or the transport protocol negotiated, then use of the SDP Capability or the transport protocol negotiated, then use of the SDP Capability
Negotiation framework may impact them. For example, some Negotiation framework may impact them. For example, some
intermediaries are known to disallow answers where the transport intermediaries are known to disallow answers where the transport
protocol differs from the one in the offer. Use of the SDP protocol differs from the one in the offer. Use of the SDP
Capability Negotiation framework in the presence of such Capability Negotiation framework in the presence of such
intermediaries could lead to session failures. Intermediaries that intermediaries could lead to session failures. Intermediaries that
need to authorize use of network resources based on the negotiated need to authorize use of network resources based on the negotiated
media stream parameters are affected as well. If they inspect only media stream parameters are affected as well. If they inspect only
the offer, then they may authorize parameters assuming a different the offer, then they may authorize parameters assuming a different
transport protocol, codecs, etc. than what is actually being transport protocol, codecs, etc., than what is actually being
negotiated. For these, and other, reasons it is RECOMMENDED that negotiated. For these, and other, reasons it is RECOMMENDED that
implementers of intermediaries add support for the SDP Capability implementers of intermediaries add support for the SDP Capability
Negotiation framework. Negotiation framework.
The SDP Capability Negotiation framework itself attempts to help out The SDP Capability Negotiation framework itself attempts to help out
these intermediaries as well, by recommending a second offer/answer these intermediaries as well, by recommending a second offer/answer
exchange when use of a potential configuration has been negotiated exchange when use of a potential configuration has been negotiated
(see Section 3.6.3. ). However, there are several limitations with (see Section 3.6.3). However, there are several limitations with
this approach. First of all, although the second offer/answer this approach. First of all, although the second offer/answer
exchange is RECOMMENDED, it is not required and hence may not be exchange is RECOMMENDED, it is not required and hence may not be
performed. Secondly, the intermediary may refuse the initial answer, performed. Secondly, the intermediary may refuse the initial answer,
e.g. due to perceived transport protocol mismatch. Thirdly, the e.g., due to perceived transport protocol mismatch. Thirdly, the
strategy is not foolproof since the offer/answer procedures strategy is not foolproof since the offer/answer procedures [RFC3264]
[RFC3264] leave the original offer/answer exchange in effect when a leave the original offer/answer exchange in effect when a subsequent
subsequent one fails. Consider the following example: one fails. Consider the following example:
1. Offerer generates an SDP session description offer with the 1. Offerer generates an SDP session description offer with the actual
actual configuration specifying a low bandwidth configuration configuration specifying a low-bandwidth configuration (e.g.,
(e.g. plain RTP) and a potential configuration specifying a plain RTP) and a potential configuration specifying a high(er)
high(er) bandwidth configuration (e.g. secure RTP with bandwidth configuration (e.g., Secure RTP with integrity).
integrity).
2. An intermediary (e.g. an SBC or P-CSCF), that does not support 2. An intermediary (e.g., an SBC or P-CSCF), that does not support
SDP Capability Negotiation, authorizes the session based on the SDP Capability Negotiation, authorizes the session based on the
actual configuration it sees in the SDP session description. actual configuration it sees in the SDP session description.
3. The answerer chooses the high(er) bandwidth potential 3. The answerer chooses the high(er) bandwidth potential
configuration and generates an answer SDP session description configuration and generates an answer SDP session description
based on that. based on that.
4. The intermediary passes through the answer SDP session 4. The intermediary passes through the answer SDP session
description. description.
5. The offerer sees the accepted answer, and generates an updated 5. The offerer sees the accepted answer, and generates an updated
offer that contains the selected potential configuration as the offer that contains the selected potential configuration as the
actual configuration. In other words, the high(er) bandwidth actual configuration. In other words, the high(er) bandwidth
configuration (which has already been negotiated successfully) is configuration (which has already been negotiated successfully) is
now the actual configuration in the offer SDP session now the actual configuration in the offer SDP session description.
description.
6. The intermediary sees the new offer, however it does not 6. The intermediary sees the new offer; however, it does not
authorize the use of the high(er) bandwidth configuration, and authorize the use of the high(er) bandwidth configuration, and
consequently generates a rejection message to the offerer. consequently generates a rejection message to the offerer.
7. The offerer receives the rejected offer. 7. The offerer receives the rejected offer.
After step 7, per RFC 3264, the offer/answer exchange that completed After step 7, per RFC 3264, the offer/answer exchange that completed
in step 5 remains in effect, however the intermediary may not have in step 5 remains in effect; however, the intermediary may not have
authorized the necessary network resources and hence the media authorized the necessary network resources and hence the media stream
stream may experience quality issues. The solution to this problem may experience quality issues. The solution to this problem is to
is to upgrade the intermediary to support the SDP Capability upgrade the intermediary to support the SDP Capability Negotiation
Negotiation framework. framework.
3.13. Considerations for Specific Attribute Capabilities 3.13. Considerations for Specific Attribute Capabilities
3.13.1. The rtpmap and fmtp Attributes 3.13.1. The "rtpmap" and "fmtp" Attributes
The base SDP Capability Negotiation framework defines transport The base SDP Capability Negotiation framework defines transport
capabilities and attribute capabilities. Media capabilities, which capabilities and attribute capabilities. Media capabilities, which
can be used to describe media formats and their associated can be used to describe media formats and their associated
parameters, are not defined in this document, however the "rtpmap" parameters, are not defined in this document; however, the "rtpmap"
and "fmtp" attributes can nevertheless be used as attribute and "fmtp" attributes can nevertheless be used as attribute
capabilities. Using such attribute capabilities in a potential capabilities. Using such attribute capabilities in a potential
configuration requires a bit of care though. configuration requires a bit of care though.
The rtpmap parameter binds an RTP payload type to a media format The rtpmap parameter binds an RTP payload type to a media format
(e.g. codec). While it is possible to provide rtpmaps for payload (e.g., codec). While it is possible to provide rtpmaps for payload
types not found in the corresponding "m=" line, such rtpmaps provide types not found in the corresponding "m=" line, such rtpmaps provide
no value in normal offer/answer exchanges, since only the payload no value in normal offer/answer exchanges, since only the payload
types found in the "m=" line are part of the offer (or answer). This types found in the "m=" line are part of the offer (or answer). This
applies to the base SDP Capability Negotiation framework as well: applies to the base SDP Capability Negotiation framework as well.
Only the media formats (e.g. RTP payload types) provided in the "m="
line are actually offered; inclusion of rtpmap attributes with other Only the media formats (e.g., RTP payload types) provided in the "m="
RTP payload types in a potential configuration does not change this line are actually offered; inclusion of "rtpmap" attributes with
fact and hence they do not provide any useful information there. other RTP payload types in a potential configuration does not change
this fact and hence they do not provide any useful information there.
They may still be useful as pure capabilities though (outside a They may still be useful as pure capabilities though (outside a
potential configuration) in order to inform a peer of additional potential configuration) in order to inform a peer of additional
codecs supported. codecs supported.
It is possible to provide an rtpmap attribute capability with a It is possible to provide an "rtpmap" attribute capability with a
payload type mapping to a different codec than a corresponding payload type mapping to a different codec than a corresponding actual
actual configuration "rtpmap" attribute for the media description configuration "rtpmap" attribute for the media description has. Such
has. Such practice is permissible as a way of indicating a practice is permissible as a way of indicating a capability. If that
capability. If that capability is included in a potential capability is included in a potential configuration, then delete-
configuration, then delete-attributes (see Section 3.5.1. ) MUST be attributes (see Section 3.5.1) MUST be used to ensure that there is
used to ensure that there is not multiple rtpmap attributes for the not multiple "rtpmap" attributes for the same payload type in a given
same payload type in a given media description (which would not be media description (which would not be allowed by SDP [RFC4566]).
allowed by SDP [RFC4566]).
Similar considerations and rules apply to the "fmtp" attribute. An Similar considerations and rules apply to the "fmtp" attribute. An
fmtp attribute capability for a media format not included in the "fmtp" attribute capability for a media format not included in the
"m=" line is useless in a potential configuration (but may be useful "m=" line is useless in a potential configuration (but may be useful
as a capability by itself). An fmtp attribute capability in a as a capability by itself). An "fmtp" attribute capability in a
potential configuration for a media format that already has an fmtp potential configuration for a media format that already has an "fmtp"
attribute in the actual configuration may lead to multiple fmtp attribute in the actual configuration may lead to multiple fmtp
format parameters for that media format and that is not allowed by format parameters for that media format and that is not allowed by
SDP [RFC4566]. The delete-attributes MUST be used to ensure that SDP [RFC4566]. The delete-attributes MUST be used to ensure that
there is not multiple fmtp attributes for a given media format in a there are not multiple "fmtp" attributes for a given media format in
media description. a media description.
Extensions to the base SDP Capability Negotiation framework may Extensions to the base SDP Capability Negotiation framework may
change the above behavior. change the above behavior.
3.13.2. Direction Attributes 3.13.2. Direction Attributes
SDP defines the "inactive", "sendonly", "recvonly", and "sendrecv" SDP defines the "inactive", "sendonly", "recvonly", and "sendrecv"
direction attributes. The direction attributes can be applied at direction attributes. The direction attributes can be applied at
either the session-level or the media-level. In either case, it is either the session level or the media level. In either case, it is
possible to define attribute capabilities for these direction possible to define attribute capabilities for these direction
capabilities; if used by a potential configuration, the normal capabilities; if used by a potential configuration, the normal
offer/answer procedures still apply. For example, if an offered offer/answer procedures still apply. For example, if an offered
potential configuration includes the "sendonly" direction attribute, potential configuration includes the "sendonly" direction attribute,
and it is selected as the actual configuration, then the answer MUST and it is selected as the actual configuration, then the answer MUST
include a corresponding "recvonly" (or "inactive") attribute. include a corresponding "recvonly" (or "inactive") attribute.
3.14. Relationship to RFC 3407 3.14. Relationship to RFC 3407
RFC 3407 defines capability descriptions with limited abilities to RFC 3407 defines capability descriptions with limited abilities to
describe attributes, bandwidth parameters, transport protocols and describe attributes, bandwidth parameters, transport protocols and
media formats. RFC 3407 does not define any negotiation procedures media formats. RFC 3407 does not define any negotiation procedures
for actually using those capability descriptions. for actually using those capability descriptions.
This document defines new attributes for describing attribute This document defines new attributes for describing attribute
capabilities and transport capabilities. It also defines procedures capabilities and transport capabilities. It also defines procedures
for using those capabilities as part of an offer/answer exchange. In for using those capabilities as part of an offer/answer exchange. In
contrast to RFC 3407, this document does not define bandwidth contrast to RFC 3407, this document does not define bandwidth
parameters, and it also does not define how to express ranges of parameters, and it also does not define how to express ranges of
values. Extensions to this document may be defined in order to fully values. Extensions to this document may be defined in order to fully
cover all the capabilities provided by RFC 3407 (for example more cover all the capabilities provided by RFC 3407 (for example, more
general media capabilities). general media capabilities).
It is RECOMMENDED that implementations use the attributes and It is RECOMMENDED that implementations use the attributes and
procedures defined in this document instead of those defined in procedures defined in this document instead of those defined in
[RFC3407]. If capability description interoperability with legacy [RFC3407]. If capability description interoperability with legacy
RFC 3407 implementations is desired, implementations MAY include RFC 3407 implementations is desired, implementations MAY include both
both RFC 3407 capability descriptions and capabilities defined by RFC 3407 capability descriptions and capabilities defined by this
this document. The offer/answer negotiation procedures defined in document. The offer/answer negotiation procedures defined in this
this document will not use the RFC 3407 capability descriptions. document will not use the RFC 3407 capability descriptions.
4. Examples 4. Examples
In this section, we provide examples showing how to use the SDP In this section, we provide examples showing how to use the SDP
Capability Negotiation. Capability Negotiation.
4.1. Multiple Transport Protocols 4.1. Multiple Transport Protocols
The following example illustrates how to use the SDP Capability The following example illustrates how to use the SDP Capability
Negotiation extensions to negotiate use of one out of several Negotiation extensions to negotiate use of one out of several
possible transport protocols. The offerer uses the expected least- possible transport protocols. The offerer uses the expected least-
common-denominator (plain RTP) as the actual configuration, and the common-denominator (plain RTP) as the actual configuration, and the
alternative transport protocols as the potential configurations. alternative transport protocols as the potential configurations.
The example is illustrated by the offer/answer exchange below, where The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob: Alice sends an offer to Bob:
Alice Bob Alice Bob
| (1) Offer (RTP/[S]AVP[F]) | | (1) Offer (RTP/[S]AVP[F]) |
|--------------------------------->| |--------------------------------->|
skipping to change at page 57, line 37 skipping to change at page 55, line 24
|<---------------------------------| |<---------------------------------|
| | | |
| (3) Offer (RTP/AVPF) | | (3) Offer (RTP/AVPF) |
|--------------------------------->| |--------------------------------->|
| | | |
| (4) Answer (RTP/AVPF) | | (4) Answer (RTP/AVPF) |
|<---------------------------------| |<---------------------------------|
| | | |
Alice's offer includes plain RTP (RTP/AVP), RTP with RTCP-based Alice's offer includes plain RTP (RTP/AVP), RTP with RTCP-based
feedback (RTP/AVPF), Secure RTP (RTP/SAVP), and Secure RTP with feedback (RTP/AVPF), Secure RTP (RTP/SAVP), and Secure RTP with RTCP-
RTCP-based feedback (RTP/SAVPF) as alternatives. RTP is the default, based feedback (RTP/SAVPF) as alternatives. RTP is the default, with
with RTP/SAVPF, RTP/SAVP, and RTP/AVPF as the alternatives and RTP/SAVPF, RTP/SAVP, and RTP/AVPF as the alternatives and preferred
preferred in the order listed: in the order listed:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVP 0 18 m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4 inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
FEC_ORDER=FEC_SRTP FEC_ORDER=FEC_SRTP
a=acap:2 rtcp-fb:0 nack a=acap:2 rtcp-fb:0 nack
a=pcfg:1 t=1 a=1,[2] a=pcfg:1 t=1 a=1,[2]
a=pcfg:2 t=2 a=1 a=pcfg:2 t=2 a=1
a=pcfg:3 t=3 a=[2] a=pcfg:3 t=3 a=[2]
The "m=" line indicates that Alice is offering to use plain RTP with The "m=" line indicates that Alice is offering to use plain RTP with
PCMU or G.729. The capabilities are provided by the "a=tcap" and PCMU or G.729. The capabilities are provided by the "a=tcap" and
"a=acap" attributes. The "tcap" capability indicates that Secure "a=acap" attributes. The "tcap" capability indicates that Secure RTP
RTP with RTCP-Based feedback (RTP/SAVPF), Secure RTP (RTP/SAVP), and with RTCP-based feedback (RTP/SAVPF), Secure RTP (RTP/SAVP), and RTP
RTP with RTCP-Based feedback are supported. The first "acap" with RTCP-based feedback are supported. The first "acap" attribute
attribute provides an attribute capability with a handle of 1. The provides an attribute capability with a handle of 1. The capability
capability is a "crypto" attribute, which provides the keying is a "crypto" attribute, which provides the keying material for SRTP
material for SRTP using SDP security descriptions [RFC4568]. The using SDP security descriptions [RFC4568]. The second "acap"
second "acap" attribute provides an attribute capability with a attribute provides an attribute capability with a handle of 2. The
handle of 2. The capability is an "rtcp-fb" attribute, which is used capability is an "rtcp-fb" attribute, which is used by the RTCP-based
by the RTCP-based feedback profiles to indicate that payload type 0 feedback profiles to indicate that payload type 0 (PCMU) supports
(PCMU) supports feedback type "nack". The "a=pcfg" attributes feedback type "nack". The "a=pcfg" attributes provide the potential
provide the potential configurations included in the offer by configurations included in the offer by reference to the
reference to the capabilities. There are three potential capabilities. There are three potential configurations:
configurations:
o Potential configuration 1, which is the most preferred potential o Potential configuration 1, which is the most preferred potential
configuration specifies use of transport protocol capability 1 configuration specifies use of transport protocol capability 1
(RTP/SAVPF) and attribute capabilities 1 (the "crypto" attribute) (RTP/SAVPF) and attribute capabilities 1 (the "crypto" attribute)
and 2 (the "rtcp-fb" attribute). Support for the first one is and 2 (the "rtcp-fb" attribute). Support for the first one is
mandatory whereas support for the second one is optional. mandatory whereas support for the second one is optional.
o Potential configuration 2, which is the second most preferred o Potential configuration 2, which is the second most preferred
potential configuration specifies use of transport protocol potential configuration specifies use of transport protocol
capability 2 (RTP/SAVP) and mandatory attribute capability 1 (the capability 2 (RTP/SAVP) and mandatory attribute capability 1 (the
"crypto" attribute). "crypto" attribute).
o Potential configuration 3, which is the least preferred potential o Potential configuration 3, which is the least preferred potential
configuration (but the second least preferred configuration configuration (but the second least preferred configuration
overall, since the actual configuration provided by the "m=" line overall, since the actual configuration provided by the "m=" line
is always the least preferred configuration), specifies use of is always the least preferred configuration), specifies use of
transport protocol capability 3 (RTP/AVPF) and optional attribute transport protocol capability 3 (RTP/AVPF) and optional attribute
capability 2 (the "rtcp-fb" attribute). capability 2 (the "rtcp-fb" attribute).
Bob receives the SDP session description offer from Alice. Bob does Bob receives the SDP session description offer from Alice. Bob does
not support any secure RTP profiles, however he supports plain RTP not support any Secure RTP profiles; however, he supports plain RTP
and RTP with RTCP-based feedback, as well as the SDP Capability and RTP with RTCP-based feedback, as well as the SDP Capability
Negotiation extensions, and hence he accepts the potential Negotiation extensions, and hence he accepts the potential
configuration for RTP with RTCP-based feedback provided by Alice: configuration for RTP with RTCP-based feedback provided by Alice:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/AVPF 0 18 m=audio 54568 RTP/AVPF 0 18
a=rtcp-fb:0 nack a=rtcp-fb:0 nack
a=acfg:1 t=3 a=[2] a=acfg:1 t=3 a=[2]
Bob includes the "a=acfg" attribute in the answer to inform Alice Bob includes the "a=acfg" attribute in the answer to inform Alice
that he based his answer on an offer containing the potential that he based his answer on an offer containing the potential
configuration with transport protocol capability 3 and optional configuration with transport protocol capability 3 and optional
attribute capability 2 from the offer SDP session description (i.e. attribute capability 2 from the offer SDP session description (i.e.,
the RTP/AVPF profile using the "rtcp-fb" value provided). Bob also the RTP/AVPF profile using the "rtcp-fb" value provided). Bob also
includes an "rtcp-fb" attribute with the value "nack" value for RTP includes an "rtcp-fb" attribute with the value "nack" value for RTP
payload type 0. payload type 0.
When Alice receives Bob's answer, session negotiation has completed, When Alice receives Bob's answer, session negotiation has completed,
however Alice nevertheless chooses to generate a new offer using the however Alice nevertheless chooses to generate a new offer using the
actual configuration. This is done purely to assist any actual configuration. This is done purely to assist any
intermediaries that may reside between Alice and Bob but do not intermediaries that may reside between Alice and Bob but do not
support the SDP Capability Negotiation framework (and hence may not support the SDP Capability Negotiation framework (and hence may not
understand the negotiation that just took place): understand the negotiation that just took place):
Alice's updated offer includes only RTP/AVPF, and it is not using Alice's updated offer includes only RTP/AVPF, and it is not using the
the SDP Capability Negotiation framework (Alice could have included SDP Capability Negotiation framework (Alice could have included the
the capabilities as well if she wanted to): capabilities as well if she wanted):
v=0 v=0
o=- 25678 753850 IN IP4 192.0.2.1 o=- 25678 753850 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
m=audio 53456 RTP/AVPF 0 18 m=audio 53456 RTP/AVPF 0 18
a=rtcp-fb:0 nack a=rtcp-fb:0 nack
The "m=" line now indicates that Alice is offering to use RTP with The "m=" line now indicates that Alice is offering to use RTP with
RTCP-based feedback and using PCMU or G.729. The "rtcp-fb" RTCP-based feedback and using PCMU or G.729. The "rtcp-fb" attribute
attribute provides the feedback type "nack" for payload type 0 again provides the feedback type "nack" for payload type 0 again (but as
(but as part of the actual configuration). part of the actual configuration).
Bob receives the SDP session description offer from Alice, which he Bob receives the SDP session description offer from Alice, which he
accepts, and then generates an answer to Alice: accepts, and then generates an answer to Alice:
v=0 v=0
o=- 24351 621815 IN IP4 192.0.2.2 o=- 24351 621815 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/AVPF 0 18 m=audio 54568 RTP/AVPF 0 18
a=rtcp-fb:0 nack a=rtcp-fb:0 nack
Bob includes the same "rtcp-fb" attribute as before, and the session Bob includes the same "rtcp-fb" attribute as before, and the session
proceeds without change. Although Bob did not include any proceeds without change. Although Bob did not include any
capabilities in his answer, he could have done so if he wanted to. capabilities in his answer, he could have done so if he wanted.
Note that in this particular example, the answerer supported the SDP Note that in this particular example, the answerer supported the SDP
Capability Negotiation framework and hence the attributes and Capability Negotiation framework and hence the attributes and
procedures defined here, however had he not, the answerer would procedures defined here; however, had he not, the answerer would
simply have ignored the new attributes received in step 1 and simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead: answer would have been generated in step 2 instead:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
t=0 0 t=0 0
m=audio 54568 RTP/AVP 0 18 m=audio 54568 RTP/AVP 0 18
4.2. DTLS-SRTP or SRTP with Media Level Security Descriptions 4.2. DTLS-SRTP or SRTP with Media-Level Security Descriptions
The following example illustrates how to use the SDP Capability The following example illustrates how to use the SDP Capability
Negotiation framework to negotiate use of SRTP using either SDP Negotiation framework to negotiate use of SRTP using either SDP
Security Descriptions or DTLS-SRTP. The offerer (Alice) wants to security descriptions or DTLS-SRTP. The offerer (Alice) wants to
establish a secure RTP audio stream but is willing to use plain RTP. establish a Secure RTP audio stream but is willing to use plain RTP.
Alice prefers to use DTLS-SRTP as the key management protocol, but Alice prefers to use DTLS-SRTP as the key management protocol, but
supports SDP security descriptions as well (note that [DTLS-SRTP- supports SDP security descriptions as well (note that [RFC5763]
FRAMEWORK] contains additional DTLS-SRTP examples). contains additional DTLS-SRTP examples).
The example is illustrated by the offer/answer exchange below, where The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob: Alice sends an offer to Bob:
Alice Bob Alice Bob
| (1) Offer (RTP/[S]AVP,SDES | DTLS-SRTP)| | (1) Offer (RTP/[S]AVP,SDES | DTLS-SRTP)|
|--------------------------------------->| |--------------------------------------->|
| | | |
|<--------- DTLS-SRTP handshake -------->| |<--------- DTLS-SRTP handshake -------->|
skipping to change at page 61, line 22 skipping to change at page 58, line 42
| (2) Answer (DTLS-SRTP) | | (2) Answer (DTLS-SRTP) |
|<---------------------------------------| |<---------------------------------------|
| | | |
| (3) Offer (DTLS-SRTP) | | (3) Offer (DTLS-SRTP) |
|--------------------------------------->| |--------------------------------------->|
| | | |
| (4) Answer (DTLS-SRTP) | | (4) Answer (DTLS-SRTP) |
|<---------------------------------------| |<---------------------------------------|
| | | |
Alice's offer includes an audio stream which offers use of plain RTP Alice's offer includes an audio stream that offers use of plain RTP
and secure RTP as alternatives. For the secure RTP stream, it can be and Secure RTP as alternatives. For the Secure RTP stream, it can be
established using either DTLS-SRTP or SDP Security Descriptions: established using either DTLS-SRTP or SDP security descriptions:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
a=acap:1 setup:actpass a=acap:1 setup:actpass
a=acap:2 fingerprint: SHA-1 \ a=acap:2 fingerprint: SHA-1 \
4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB 4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB
a=tcap:1 UDP/TLS/RTP/SAVP RTP/SAVP a=tcap:1 UDP/TLS/RTP/SAVP RTP/SAVP
m=audio 59000 RTP/AVP 98 m=audio 59000 RTP/AVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_32 a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=1 a=1,2 a=pcfg:1 t=1 a=1,2
a=pcfg:2 t=2 a=3 a=pcfg:2 t=2 a=3
The first (and preferred) potential configuration for the audio The first (and preferred) potential configuration for the audio
stream specifies use of transport capability 1 (UDP/TLS/RTP/SAVP), stream specifies use of transport capability 1 (UDP/TLS/RTP/SAVP),
i.e. DTLS-SRTP, and attribute capabilities 1 and 2 (active/passive i.e., DTLS-SRTP, and attribute capabilities 1 and 2 (active/passive
mode and certificate fingerprint), both of which must be supported mode and certificate fingerprint), both of which must be supported to
to choose this potential configuration. The second (and less choose this potential configuration. The second (and less preferred)
preferred) potential configuration specifies use of transport potential configuration specifies use of transport capability 2
capability 2 (RTP/SAVP) and mandatory attribute capability 3, i.e. (RTP/SAVP) and mandatory attribute capability 3, i.e., the SDP
the SDP security description. security description.
Bob receives the SDP session description offer from Alice. Bob Bob receives the SDP session description offer from Alice. Bob
supports DTLS-SRTP as preferred by Alice and Bob now initiates the supports DTLS-SRTP as preferred by Alice and Bob now initiates the
DTLS-SRTP handshake to establish the DTLS-SRTP session (see [DTLS- DTLS-SRTP handshake to establish the DTLS-SRTP session (see [RFC5764]
SRTP] for details). for details).
Bob also sends back an answer to Alice as follows: Bob also sends back an answer to Alice as follows:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
a=setup:active a=setup:active
a=fingerprint: SHA-1 \ a=fingerprint: SHA-1 \
FF:FF:FF:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB FF:FF:FF:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 UDP/TLS/RTP/SAVP 98 m=audio 54568 UDP/TLS/RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=acfg:1 t=1 a=1,2 a=acfg:1 t=1 a=1,2
For the audio stream, Bob accepted the use of DTLS-SRTP, and hence For the audio stream, Bob accepted the use of DTLS-SRTP, and hence
the profile in the "m=" line is "UDP/TLS/RTP/SAVP". Bob also includes the profile in the "m=" line is "UDP/TLS/RTP/SAVP". Bob also
a "setup:active" attribute to indicate he is the active endpoint for includes a "setup:active" attribute to indicate he is the active
the DTLS-SRTP session as well as the fingerprint for Bob's endpoint for the DTLS-SRTP session as well as the fingerprint for
certificate. Bob's "acfg" attribute indicates that he chose potential Bob's certificate. Bob's "acfg" attribute indicates that he chose
configuration 1 from Alice's offer. potential configuration 1 from Alice's offer.
When Alice receives Bob's answer, session negotiation has completed When Alice receives Bob's answer, session negotiation has completed
(and Alice can verify the DTLS handshake using Bob's certificate (and Alice can verify the DTLS handshake using Bob's certificate
fingerprint in the answer), however Alice nevertheless chooses to fingerprint in the answer); however, Alice nevertheless chooses to
generate a new offer using the actual configuration. This is done generate a new offer using the actual configuration. This is done
purely to assist any intermediaries that may reside between Alice purely to assist any intermediaries that may reside between Alice and
and Bob but do not support the capability negotiation extensions Bob but do not support the capability negotiation extensions (and
(and hence may not understand the negotiation that just took place): hence may not understand the negotiation that just took place).
Alice's updated offer includes only DTLS-SRTP for the audio stream, Alice's updated offer includes only DTLS-SRTP for the audio stream,
and it is not using the SDP Capability Negotiation framework (Alice and it is not using the SDP Capability Negotiation framework (Alice
could have included the capabilities as well if she wanted to): could have included the capabilities as well if she wanted):
v=0 v=0
o=- 25678 753850 IN IP4 192.0.2.1 o=- 25678 753850 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
a=setup:actpass a=setup:actpass
a=fingerprint: SHA-1 \ a=fingerprint: SHA-1 \
4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB 4A:AD:B9:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB
m=audio 59000 UDP/TLS/RTP/AVP 98 m=audio 59000 UDP/TLS/RTP/AVP 98
skipping to change at page 63, line 26 skipping to change at page 61, line 6
a=setup:active a=setup:active
a=fingerprint: SHA-1 \ a=fingerprint: SHA-1 \
FF:FF:FF:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB FF:FF:FF:B1:3F:82:18:3B:54:02:12:DF:3E:5D:49:6B:19:E5:7C:AB
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 UDP/TLS/RTP/SAVP 98 m=audio 54568 UDP/TLS/RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=acfg:1 t=1 a=1,2 a=acfg:1 t=1 a=1,2
Bob includes the same "setup:active" and fingerprint attributes as Bob includes the same "setup:active" and fingerprint attributes as
before, and the session proceeds without change. Although Bob did before, and the session proceeds without change. Although Bob did
not include any capabilities in his answer, he could have done so if not include any capabilities in his answer, he could have done so if
he wanted to. he wanted.
Note that in this particular example, the answerer supported the Note that in this particular example, the answerer supported the
capability extensions defined here, however had he not, the answerer capability extensions defined here; however, had he not, the answerer
would simply have ignored the new attributes received in step 1 and would simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead: answer would have been generated in step 2 instead:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/AVP 98 m=audio 54568 RTP/AVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
Finally, if Bob had chosen to use SDP Security Descriptions instead Finally, if Bob had chosen to use SDP security descriptions instead
of DTLS-SRTP, the following answer would have been generated: of DTLS-SRTP, the following answer would have been generated:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98 m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:2 t=2 a=3 a=acfg:2 t=2 a=3
4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level Security 4.3. Best-Effort SRTP with Session-Level MIKEY and Media-Level Security
Descriptions Descriptions
The following example illustrates how to use the SDP Capability The following example illustrates how to use the SDP Capability
Negotiation extensions to support so-called Best-Effort Secure RTP Negotiation extensions to support so-called Best-Effort Secure RTP as
as well as alternative keying mechanisms, more specifically MIKEY well as alternative keying mechanisms, more specifically MIKEY
[RFC3830] and SDP Security Descriptions. The offerer (Alice) wants [RFC3830] and SDP security descriptions. The offerer (Alice) wants
to establish an audio and video session. Alice prefers to use to establish an audio and video session. Alice prefers to use
session-level MIKEY as the key management protocol, but supports SDP session-level MIKEY as the key management protocol, but supports SDP
security descriptions as well. security descriptions as well.
The example is illustrated by the offer/answer exchange below, where The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob: Alice sends an offer to Bob:
Alice Bob Alice Bob
| (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) | | (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) |
|--------------------------------------->| |--------------------------------------->|
skipping to change at page 64, line 41 skipping to change at page 62, line 20
| (2) Answer (RTP/SAVP, SDES) | | (2) Answer (RTP/SAVP, SDES) |
|<---------------------------------------| |<---------------------------------------|
| | | |
| (3) Offer (RTP/SAVP, SDES) | | (3) Offer (RTP/SAVP, SDES) |
|--------------------------------------->| |--------------------------------------->|
| | | |
| (4) Answer (RTP/SAVP, SDES) | | (4) Answer (RTP/SAVP, SDES) |
|<---------------------------------------| |<---------------------------------------|
| | | |
Alice's offer includes an audio and a video stream. The audio stream Alice's offer includes an audio and a video stream. The audio stream
offers use of plain RTP and secure RTP as alternatives, whereas the offers use of plain RTP and Secure RTP as alternatives, whereas the
video stream offers use of plain RTP, RTP with RTCP-based feedback, video stream offers use of plain RTP, RTP with RTCP-based feedback,
Secure RTP, and Secure RTP with RTCP-based feedback as alternatives: Secure RTP, and Secure RTP with RTCP-based feedback as alternatives:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
a=acap:1 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=acap:1 key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
skipping to change at page 65, line 23 skipping to change at page 62, line 48
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=acap:4 rtcp-fb:* nack a=acap:4 rtcp-fb:* nack
a=pcfg:1 t=1 a=1,4|3,4 a=pcfg:1 t=1 a=1,4|3,4
a=pcfg:2 t=2 a=1|3 a=pcfg:2 t=2 a=1|3
a=pcfg:3 t=3 a=4 a=pcfg:3 t=3 a=4
The potential configuration for the audio stream specifies use of The potential configuration for the audio stream specifies use of
transport capability 2 (RTP/SAVP) and either attribute capability 1 transport capability 2 (RTP/SAVP) and either attribute capability 1
(session-level MIKEY as the keying mechanism) or 2 (SDP Security (session-level MIKEY as the keying mechanism) or 2 (SDP security
Descriptions as the keying mechanism). Support for either of these descriptions as the keying mechanism). Support for either of these
attribute capabilities is mandatory. There are three potential attribute capabilities is mandatory. There are three potential
configurations for the video stream. configurations for the video stream.
o The first configuration with configuration number 1 uses o The first configuration with configuration number 1 uses transport
transport capability 1 (RTP/SAVPF) with either attribute capability 1 (RTP/SAVPF) with either attribute capabilities 1 and
capabilities 1 and 4 (session-level MIKEY and the "rtcp-fb" 4 (session-level MIKEY and the "rtcp-fb" attribute) or attribute
attribute) or attribute capabilities 3 and 4 (SDP security capabilities 3 and 4 (SDP security descriptions and the "rtcp-fb"
descriptions and the "rtcp-fb" attribute). In this example, the attribute). In this example, the offerer insists on not only the
offerer insists on not only the keying mechanism being supported, keying mechanism being supported, but also that the "rtcp-fb"
but also that the "rtcp-fb" attribute is supported with the value attribute is supported with the value indicated. Consequently,
indicated. Consequently, all the attribute capabilities are all the attribute capabilities are marked as mandatory in this
marked as mandatory in this potential configuration. potential configuration.
o The second configuration with configuration number 2 uses o The second configuration with configuration number 2 uses
transport capability 2 (RTP/SAVP) and either attribute capability transport capability 2 (RTP/SAVP) and either attribute capability
1 (session-level MIKEY) or attribute capability 3 (SDP security 1 (session-level MIKEY) or attribute capability 3 (SDP security
descriptions). Both attribute capabilities are mandatory in this descriptions). Both attribute capabilities are mandatory in this
configuration. configuration.
o The third configuration with configuration number 3 uses o The third configuration with configuration number 3 uses transport
transport capability 3 (RTP/AVPF) and mandatory attribute capability 3 (RTP/AVPF) and mandatory attribute capability 4 (the
capability 4 (the "rtcp-fb" attribute). "rtcp-fb" attribute).
Bob receives the SDP session description offer from Alice. Bob Bob receives the SDP session description offer from Alice. Bob
supports Secure RTP, Secure RTP with RTCP-based feedback and the SDP supports Secure RTP, Secure RTP with RTCP-based feedback and the SDP
Capability Negotiation extensions. Bob also supports SDP Security Capability Negotiation extensions. Bob also supports SDP security
Descriptions, but not MIKEY, and hence he generates the following descriptions, but not MIKEY, and hence he generates the following
answer: answer:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98 m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:1 t=2 a=2 a=acfg:1 t=2 a=2
m=video 55468 RTP/SAVPF 31 m=video 55468 RTP/SAVPF 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=rtcp-fb:* nack a=rtcp-fb:* nack
a=acfg:1 t=1 a=3,4 a=acfg:1 t=1 a=3,4
For the audio stream, Bob accepted the use of secure RTP, and hence For the audio stream, Bob accepted the use of Secure RTP, and hence
the profile in the "m=" line is "RTP/SAVP". Bob also includes a the profile in the "m=" line is "RTP/SAVP". Bob also includes a
"crypto" attribute with his own keying material, and an "acfg" "crypto" attribute with his own keying material, and an "acfg"
attribute identifying actual configuration 1 for the audio media attribute identifying actual configuration 1 for the audio media
stream from the offer, using transport capability 2 (RTP/SAVP) and stream from the offer, using transport capability 2 (RTP/SAVP) and
attribute capability 2 (the crypto attribute from the offer). For attribute capability 2 (the "crypto" attribute from the offer). For
the video stream, Bob accepted the use of secure RTP with RTCP-based the video stream, Bob accepted the use of Secure RTP with RTCP-based
feedback, and hence the profile in the "m=" line is "RTP/SAVPF". Bob feedback, and hence the profile in the "m=" line is "RTP/SAVPF". Bob
also includes a "crypto" attribute with his own keying material, and also includes a "crypto" attribute with his own keying material, and
an "acfg" attribute identifying actual configuration 1 for the video an "acfg" attribute identifying actual configuration 1 for the video
stream from the offer, using transport capability 1 (RTP/SAVPF) and stream from the offer, using transport capability 1 (RTP/SAVPF) and
attribute capabilities 3 (the crypto attribute from the offer) and 4 attribute capabilities 3 (the "crypto" attribute from the offer) and
(the "rtcp-fb" attribute from the offer). 4 (the "rtcp-fb" attribute from the offer).
When Alice receives Bob's answer, session negotiation has completed, When Alice receives Bob's answer, session negotiation has completed;
however Alice nevertheless chooses to generate a new offer using the however, Alice nevertheless chooses to generate a new offer using the
actual configuration. This is done purely to assist any actual configuration. This is done purely to assist any
intermediaries that may reside between Alice and Bob but do not intermediaries that may reside between Alice and Bob but do not
support the capability negotiation extensions (and hence may not support the capability negotiation extensions (and hence may not
understand the negotiation that just took place): understand the negotiation that just took place).
Alice's updated offer includes only SRTP for the audio stream SRTP Alice's updated offer includes only SRTP for the audio stream SRTP
with RTCP-based feedback for the video stream, and it is not using with RTCP-based feedback for the video stream, and it is not using
the SDP Capability Negotiation framework (Alice could have included the SDP Capability Negotiation framework (Alice could have included
the capabilities as well is she wanted to): the capabilities as well is she wanted):
v=0 v=0
o=- 25678 753850 IN IP4 192.0.2.1 o=- 25678 753850 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
m=audio 59000 RTP/SAVP 98 m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
m=video 52000 RTP/SAVPF 31 m=video 52000 RTP/SAVPF 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=rtcp-fb:* nack a=rtcp-fb:* nack
The "m=" line for the audio stream now indicates that Alice is The "m=" line for the audio stream now indicates that Alice is
offering to use secure RTP with PCMU or G.729, whereas the "m=" line offering to use Secure RTP with PCMU or G.729, whereas the "m=" line
for the video stream indicates that Alice is offering to use secure for the video stream indicates that Alice is offering to use Secure
RTP with RTCP-based feedback and H.261. Each media stream includes a RTP with RTCP-based feedback and H.261. Each media stream includes a
"crypto" attribute, which provides the SRTP keying material, with "crypto" attribute, which provides the SRTP keying material, with the
the same value again. same value again.
Bob receives the SDP session description offer from Alice, which he Bob receives the SDP session description offer from Alice, which he
accepts, and then generates an answer to Alice: accepts, and then generates an answer to Alice:
v=0 v=0
o=- 24351 621815 IN IP4 192.0.2.2 o=- 24351 621815 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98 m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
m=video 55468 RTP/SAVPF 31 m=video 55468 RTP/SAVPF 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=rtcp-fb:* nack a=rtcp-fb:* nack
Bob includes the same crypto attribute as before, and the session Bob includes the same "crypto" attribute as before, and the session
proceeds without change. Although Bob did not include any proceeds without change. Although Bob did not include any
capabilities in his answer, he could have done so if he wanted to. capabilities in his answer, he could have done so if he wanted.
Note that in this particular example, the answerer supported the Note that in this particular example, the answerer supported the
capability extensions defined here, however had he not, the answerer capability extensions defined here; however, had he not, the answerer
would simply have ignored the new attributes received in step 1 and would simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead: answer would have been generated in step 2 instead:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/AVP 98 m=audio 54568 RTP/AVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
m=video 55468 RTP/AVP 31 m=video 55468 RTP/AVP 31
skipping to change at page 68, line 36 skipping to change at page 66, line 19
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
a=key-mgmt:mikey AQEFgM0XflABAAAAAAAAAAAAAAYAyO... a=key-mgmt:mikey AQEFgM0XflABAAAAAAAAAAAAAAYAyO...
m=audio 54568 RTP/SAVP 98 m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=acfg:1 t=2 a=1 a=acfg:1 t=2 a=1
m=video 55468 RTP/SAVPF 31 m=video 55468 RTP/SAVPF 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=rtcp-fb:* nack a=rtcp-fb:* nack
a=acfg:1 t=1 a=1,4 a=acfg:1 t=1 a=1,4
It should be noted, that although Bob could have chosen session- It should be noted, that although Bob could have chosen session-level
level MIKEY for one media stream, and SDP Security Descriptions for MIKEY for one media stream, and SDP security descriptions for another
another media stream, there are no well-defined offerer processing media stream, there are no well-defined offerer processing rules of
rules of the resulting answer for this, and hence the offerer may the resulting answer for this, and hence the offerer may incorrectly
incorrectly assume use of MIKEY for both streams. To avoid this, if assume use of MIKEY for both streams. To avoid this, if the answerer
the answerer chooses session-level MIKEY, then all secure RTP based chooses session-level MIKEY, then all Secure RTP-based media streams
media streams SHOULD use MIKEY (this applies irrespective of whether SHOULD use MIKEY (this applies irrespective of whether or not SDP
SDP Capability Negotiation is being used or not). Use of media-level Capability Negotiation is being used). Use of media-level MIKEY does
MIKEY does not have a similar constraint. not have a similar constraint.
4.4. SRTP with Session-Level MIKEY and Media Level Security 4.4. SRTP with Session-Level MIKEY and Media-Level Security
Descriptions as Alternatives Descriptions as Alternatives
The following example illustrates how to use the SDP Capability The following example illustrates how to use the SDP Capability
Negotiation framework to negotiate use of either MIKEY or SDP Negotiation framework to negotiate use of either MIKEY or SDP
Security Descriptions, when one of them is included as part of the security descriptions, when one of them is included as part of the
actual configuration, and the other one is being selected. The actual configuration, and the other one is being selected. The
offerer (Alice) wants to establish an audio and video session. Alice offerer (Alice) wants to establish an audio and video session. Alice
prefers to use session-level MIKEY as the key management protocol, prefers to use session-level MIKEY as the key management protocol,
but supports SDP security descriptions as well. but supports SDP security descriptions as well.
The example is illustrated by the offer/answer exchange below, where The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob: Alice sends an offer to Bob:
Alice Bob Alice Bob
| (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) | | (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) |
|--------------------------------------->| |--------------------------------------->|
| | | |
| (2) Answer (RTP/SAVP, SDES) | | (2) Answer (RTP/SAVP, SDES) |
|<---------------------------------------| |<---------------------------------------|
| | | |
Alice's offer includes an audio and a video stream. Both the audio Alice's offer includes an audio and a video stream. Both the audio
and the video stream offer use of secure RTP: and the video stream offer use of Secure RTP:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO... a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
m=audio 59000 RTP/SAVP 98 m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32 a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 a=-s:1 a=pcfg:1 a=-s:1
m=video 52000 RTP/SAVP 31 m=video 52000 RTP/SAVP 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=acap:2 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:2 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=pcfg:1 a=-s:2 a=pcfg:1 a=-s:2
Alice does not know whether Bob supports MIKEY or SDP Security Alice does not know whether Bob supports MIKEY or SDP security
Descriptions. She could include attributes for both, however the descriptions. She could include attributes for both; however, the
resulting procedures and potential interactions are not well- resulting procedures and potential interactions are not well-
defined. Instead, she places a session-level key-mgmt attribute for defined. Instead, she places a session-level "key-mgmt" attribute
MIKEY in the actual configuration with SDP security descriptions as for MIKEY in the actual configuration with SDP security descriptions
an alternative in the potential configuration. The potential as an alternative in the potential configuration. The potential
configuration for the audio stream specifies that all session level configuration for the audio stream specifies that all session-level
attributes are to be deleted (i.e. the session-level "a=key-mgmt" attributes are to be deleted (i.e., the session-level "a=key-mgmt"
attribute) and that mandatory attribute capability 2 is to be used attribute) and that mandatory attribute capability 2 is to be used
(i.e. the crypto attribute). The potential configuration for the (i.e., the "crypto" attribute). The potential configuration for the
video stream is similar, except it uses its own mandatory crypto video stream is similar, except it uses its own mandatory "crypto"
attribute capability (2). Note how deletion of the session-level attribute capability (2). Note how the deletion of the session-level
attributes does not affect the media-level attributes. attributes does not affect the media-level attributes.
Bob receives the SDP session description offer from Alice. Bob Bob receives the SDP session description offer from Alice. Bob
supports Secure RTP and the SDP Capability Negotiation framework. supports Secure RTP and the SDP Capability Negotiation framework.
Bob also supports both SDP Security Descriptions and MIKEY. Since Bob also supports both SDP security descriptions and MIKEY. Since
the potential configuration is more preferred than the actual the potential configuration is more preferred than the actual
configuration, Bob (conceptually) generates an internal potential configuration, Bob (conceptually) generates an internal potential
configuration SDP session description that contains the crypto configuration SDP session description that contains the "crypto"
attributes for the audio and video stream, but not the key-mgmt attributes for the audio and video stream, but not the "key-mgmt"
attribute for MIKEY, thereby avoiding any ambiguity between the two attribute for MIKEY, thereby avoiding any ambiguity between the two
keying mechanisms. As a result, he generates the following answer: keying mechanisms. As a result, he generates the following answer:
v=0 v=0
o=- 24351 621814 IN IP4 192.0.2.2 o=- 24351 621814 IN IP4 192.0.2.2
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.2 c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98 m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000 a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32 inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:1 a=-s:1 a=acfg:1 a=-s:1
m=video 55468 RTP/SAVP 31 m=video 55468 RTP/SAVP 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32 inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=acfg:1 a=-s:2 a=acfg:1 a=-s:2
For the audio stream, Bob accepted the use of secure RTP using SDP For the audio stream, Bob accepted the use of Secure RTP using SDP
security descriptions. Bob therefore includes a "crypto" attribute security descriptions. Bob therefore includes a "crypto" attribute
with his own keying material, and an "acfg" attribute identifying with his own keying material, and an "acfg" attribute identifying the
actual configuration 1 for the audio media stream from the offer, actual configuration 1 for the audio media stream from the offer,
with the delete-attributes ("-s") and attribute capability 1 (the with the delete-attributes ("-s") and attribute capability 1 (the
crypto attribute from the offer). For the video stream, Bob also "crypto" attribute from the offer). For the video stream, Bob also
accepted the use of secure RTP using SDP security descriptions. Bob accepted the use of Secure RTP using SDP security descriptions. Bob
therefore includes a "crypto" attribute with his own keying therefore includes a "crypto" attribute with his own keying material,
material, and an "acfg" attribute identifying actual configuration 1 and an "acfg" attribute identifying actual configuration 1 for the
for the video stream from the offer, with the delete-attributes ("- video stream from the offer, with the delete-attributes ("-s") and
s") and attribute capability 2. attribute capability 2.
Below, we illustrate the offer SDP session description, when Bob Below, we illustrate the offer SDP session description, when Bob
instead offers the "crypto" attribute as the actual configuration instead offers the "crypto" attribute as the actual configuration
keying mechanism and "key-mgmt" as the potential configuration: keying mechanism and "key-mgmt" as the potential configuration:
v=0 v=0
o=- 25678 753849 IN IP4 192.0.2.1 o=- 25678 753849 IN IP4 192.0.2.1
s= s=
t=0 0 t=0 0
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
skipping to change at page 71, line 24 skipping to change at page 69, line 24
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=acap:2 rtpmap:98 AMR/8000 a=acap:2 rtpmap:98 AMR/8000
a=pcfg:1 a=-m:1,2 a=pcfg:1 a=-m:1,2
m=video 52000 RTP/SAVP 31 m=video 52000 RTP/SAVP 31
a=rtpmap:31 H261/90000 a=rtpmap:31 H261/90000
a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80 a=acap:3 crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=acap:4 rtpmap:31 H261/90000 a=acap:4 rtpmap:31 H261/90000
a=pcfg:1 a=-m:1,4 a=pcfg:1 a=-m:1,4
Note how we this time need to perform delete-attributes at the Note how we this time need to perform delete-attributes at the media
media-level instead of the session-level. When doing that, all level instead of the session level. When doing that, all attributes
attributes from the actual configuration SDP session description, from the actual configuration SDP session description, including the
including the rtpmaps provided, are removed. Consequently, we had to rtpmaps provided, are removed. Consequently, we had to include these
include these rtpmaps as capabilities as well, and then include them rtpmaps as capabilities as well, and then include them in the
in the potential configuration, thereby effectively recreating the potential configuration, thereby effectively recreating the original
original rtpmap attributes in the resulting potential configuration "rtpmap" attributes in the resulting potential configuration SDP
SDP session description. session description.
5. Security Considerations 5. Security Considerations
The SDP Capability Negotiation Framework is defined to be used The SDP Capability Negotiation framework is defined to be used within
within the context of the offer/answer model, and hence all the the context of the offer/answer model, and hence all the offer/answer
offer/answer security considerations apply here as well [RFC3264]. security considerations apply here as well [RFC3264]. Similarly, the
Similarly, the Session Initiation Protocol (SIP) uses SDP and the Session Initiation Protocol (SIP) uses SDP and the offer/answer
offer/answer model, and hence, when used in that context, the SIP model, and hence, when used in that context, the SIP security
security considerations apply as well [RFC3261]. considerations apply as well [RFC3261].
However, SDP Capability Negotiation introduces additional security However, SDP Capability Negotiation introduces additional security
issues. Its use as a mechanism to enable alternative transport issues. Its use as a mechanism to enable alternative transport
protocol negotiation (secure and non-secure) as well as its ability protocol negotiation (secure and non-secure) as well as its ability
to negotiate use of more or less secure keying methods and material to negotiate use of more or less secure keying methods and material
warrant further security considerations. Also, the (continued) warrant further security considerations. Also, the (continued)
support for receiving media before answer combined with negotiation support for receiving media before answer combined with negotiation
of alternative transport protocols (secure and non-secure) warrant of alternative transport protocols (secure and non-secure) warrants
further security considerations. We discuss these issues below. further security considerations. We discuss these issues below.
The SDP Capability Negotiation framework allows for an offered media The SDP Capability Negotiation framework allows for an offered media
stream to both indicate and support various levels of security for stream to both indicate and support various levels of security for
that media stream. Different levels of security can for example be that media stream. Different levels of security can for example be
negotiated by use of alternative attribute capabilities each negotiated by use of alternative attribute capabilities each
indicating more or less secure keying methods as well as more or indicating more or less secure keying methods as well as more or less
less strong ciphers. Since the offerer indicates support for each of strong ciphers. Since the offerer indicates support for each of
these alternatives, he will presumably accept the answerer seemingly these alternatives, he will presumably accept the answerer seemingly
selecting any of the offered alternatives. If an attacker can modify selecting any of the offered alternatives. If an attacker can modify
the SDP session description offer, he can thereby force the the SDP session description offer, he can thereby force the
negotiation of the weakest security mechanism that the offerer is negotiation of the weakest security mechanism that the offerer is
willing to accept. This may enable the attacker to compromise the willing to accept. This may enable the attacker to compromise the
security of the negotiated media stream. Similarly, if the offerer security of the negotiated media stream. Similarly, if the offerer
wishes to negotiate use of a secure media stream (e.g. secure RTP), wishes to negotiate use of a secure media stream (e.g., Secure RTP),
but includes a non-secure media stream (e.g. plain RTP) as a valid but includes a non-secure media stream (e.g., plain RTP) as a valid
(but less preferred) alternative, then an attacker that can modify (but less preferred) alternative, then an attacker that can modify
the offered SDP session description will be able to force the the offered SDP session description will be able to force the
establishment of an insecure media stream. The solution to both of establishment of an insecure media stream. The solution to both of
these problems involves the use of integrity protection over the SDP these problems involves the use of integrity protection over the SDP
session description. Ideally, this integrity protection provides session description. Ideally, this integrity protection provides
end-to-end integrity protection in order to protect from any man-in- end-to-end integrity protection in order to protect from any man-in-
the-middle attack; secure multiparts such as S/MIME [RFC5751] the-middle attack; secure multiparts such as Secure/Multipurpose
provide one such solution, however S/MIME requires use and Internet Mail Extensions (S/MIME) [RFC5751] provide one such
availability of a Public Key Infrastructure (PKI). A slightly less solution; however, S/MIME requires use and availability of a Public
secure alternative when using SIP, but generally much easier to Key Infrastructure (PKI). A slightly less secure alternative when
deploy in practice, is to use SIP Identity [RFC4474]; this requires using SIP, but generally much easier to deploy in practice, is to use
the existence of an authentication service (see [RFC4474]). Although SIP Identity [RFC4474]; this requires the existence of an
this mechanism still requires a PKI, it only requires that servers authentication service (see [RFC4474]). Although this mechanism
(as opposed to end-users) have third party validatable certificates, still requires a PKI, it only requires that servers (as opposed to
which significantly reduces the barrier to entry by ordinary users. end-users) have third-party validatable certificates, which
Yet another, and considerably less secure, alternative is to use significantly reduces the barrier to entry by ordinary users. Yet
hop-by-hop security only, e.g. TLS or IPsec thereby ensuring the another, and considerably less secure, alternative is to use hop-by-
integrity of the offered SDP session description on a hop-by-hop hop security only, e.g., TLS or IPsec thereby ensuring the integrity
basis. This is less secure because SIP allows partially trusted of the offered SDP session description on a hop-by-hop basis. This
intermediaries on the signaling path, and such intermediaries is less secure because SIP allows partially trusted intermediaries on
processing the SIP request at each hop would be able to perform a the signaling path, and such intermediaries processing the SIP
man-in- the-middle attack by modifying the offered SDP session request at each hop would be able to perform a man-in-the-middle
description. In simple architectures where the two UA's proxies attack by modifying the offered SDP session description. In simple
communicate directly, the security provided by this method is architectures where the two UA's proxies communicate directly, the
roughly comparable to that provided by the previously discussed security provided by this method is roughly comparable to that
signature-based mechanisms. provided by the previously discussed signature-based mechanisms.
Per the normal offer/answer procedures, as soon as the offerer has Per the normal offer/answer procedures, as soon as the offerer has
generated an offer, the offerer must be prepared to receive media in generated an offer, the offerer must be prepared to receive media in
accordance with that offer. The SDP Capability Negotiation preserves accordance with that offer. The SDP Capability Negotiation preserves
that behavior for the actual configuration in the offer, however the that behavior for the actual configuration in the offer; however, the
offerer has no way of knowing which configuration (actual or offerer has no way of knowing which configuration (actual or
potential) configuration was selected by the answerer, until an potential) was selected by the answerer, until an answer indication
answer indication is received. This opens up a new security issue is received. This opens up a new security issue where an attacker
where an attacker may be able to interject media towards the offerer may be able to interject media towards the offerer until the answer
until the answer is received. For example, the offerer may use plain is received. For example, the offerer may use plain RTP as the
RTP as the actual configuration and secure RTP as an alternative actual configuration and Secure RTP as an alternative potential
potential configuration. Even though the answerer selects secure configuration. Even though the answerer selects Secure RTP, the
RTP, the offerer will not know that until he receives the answer, offerer will not know that until he receives the answer, and hence an
and hence an attacker will be able to send media to the offerer attacker will be able to send media to the offerer meanwhile. The
meanwhile. The easiest protection against such an attack is to not easiest protection against such an attack is to not offer use of the
offer use of the non-secure media stream in the actual non-secure media stream in the actual configuration; however, that
configuration, however that may in itself have undesirable side- may in itself have undesirable side effects: If the answerer does not
effects: If the answerer does not support the secure media stream support the secure media stream and also does not support the
and also does not support the capability negotiation framework, then capability negotiation framework, then negotiation of the media
negotiation of the media stream will fail. Alternatively, SDP stream will fail. Alternatively, SDP security preconditions
security preconditions [RFC5027] can be used. This will ensure that [RFC5027] can be used. This will ensure that media is not flowing
media is not flowing until session negotiation has completed and until session negotiation has completed and hence the selected
hence the selected configuration is known. Use of preconditions configuration is known. Use of preconditions however requires both
however requires both sides to support them. If they don't, and use sides to support them. If they don't, and use of them is required,
of them is required, the session will fail. As a (limited) work the session will fail. As a (limited) work around to this, it is
around to this, it is RECOMMENDED that SIP entities generate an RECOMMENDED that SIP entities generate an answer SDP session
answer SDP session description and send it to the offerer as soon as description and send it to the offerer as soon as possible, for
possible, for example in a 183 Session Progress message. This will example, in a 183 Session Progress message. This will limit the time
limit the time during which an attacker can send media to the during which an attacker can send media to the offerer. Section 3.9
offerer. Section 3.9. presents other alternatives as well. presents other alternatives as well.
Additional security considerations apply to the answer SDP session Additional security considerations apply to the answer SDP session
description as well. The actual configuration attribute tells the description as well. The actual configuration attribute tells the
offerer which potential configuration the answer was based on, and offerer on which potential configuration the answer was based, and
hence an attacker that can either modify or remove the actual hence an attacker that can either modify or remove the actual
configuration attribute in the answer can cause session failure as configuration attribute in the answer can cause session failure as
well as extend the time window during which the offerer will accept well as extend the time window during which the offerer will accept
incoming media that does not conform to the actual answer. The incoming media that does not conform to the actual answer. The
solutions to this SDP session description answer integrity problem solutions to this SDP session description answer integrity problem
are the same as for the offer, i.e. use of end-to-end integrity are the same as for the offer, i.e., use of end-to-end integrity
protection, SIP identity, or hop-by-hop protection. The mechanism to protection, SIP identity, or hop-by-hop protection. The mechanism to
use depends on the mechanisms supported by the offerer as well as use depends on the mechanisms supported by the offerer as well as the
the acceptable security trade-offs. acceptable security trade offs.
As described in Section 3.1. and 3.11. , SDP Capability Negotiation As described in Sections 3.1 and 3.11, SDP Capability Negotiation
conceptually allows an offerer to include many different offers in a conceptually allows an offerer to include many different offers in a
single SDP session description. This can cause the answerer to single SDP session description. This can cause the answerer to
process a large number of alternative potential offers, which can process a large number of alternative potential offers, which can
consume significant memory and CPU resources. An attacker can use consume significant memory and CPU resources. An attacker can use
this amplification feature to launch a denial of service attack this amplification feature to launch a denial-of-service attack
against the answerer. The answerer must protect itself from such against the answerer. The answerer must protect itself from such
attacks. As explained in Section 3.11. , the answerer can help attacks. As explained in Section 3.11, the answerer can help reduce
reduce the effects of such an attack by first discarding all the effects of such an attack by first discarding all potential
potential configurations that contain unsupported transport configurations that contain unsupported transport protocols,
protocols, unsupported or invalid mandatory attribute capabilities, unsupported or invalid mandatory attribute capabilities, or
or unsupported mandatory extension configurations. The answerer unsupported mandatory extension configurations. The answerer should
should also look out for potential configurations that are designed also look out for potential configurations that are designed to pass
to pass the above test, but nevertheless produce a large number of the above test, but nevertheless produce a large number of potential
potential configuration SDP session descriptions that cannot be configuration SDP session descriptions that cannot be supported.
supported.
A possible way of achieving that is for an attacker to find a A possible way of achieving that is for an attacker to find a
valid session-level attribute that causes conflicts or otherwise valid session-level attribute that causes conflicts or otherwise
interferes with individual media description configurations. At interferes with individual media description configurations. At
time of publication of this document, we do not know of such an the time of publication of this document, we do not know of such
SDP attribute, however this does not mean it does not exist, or an SDP attribute; however, this does not mean it does not exist,
that it will not exist in the future. If such attributes are found or that it will not exist in the future. If such attributes are
to exist, implementers should explicitly protect against them. found to exist, implementers should explicitly protect against
them.
A significant number of valid and supported potential configurations A significant number of valid and supported potential configurations
may remain. However, since all of those contain only valid and may remain. However, since all of those contain only valid and
supported transport protocols and attributes, it is expected that supported transport protocols and attributes, it is expected that
only a few of them will need to be processed on average. Still, the only a few of them will need to be processed on average. Still, the
answerer must ensure that it does not needlessly consume large answerer must ensure that it does not needlessly consume large
amounts of memory or CPU resources when processing those as well as amounts of memory or CPU resources when processing those as well as
be prepared to handle the case where a large number of potential be prepared to handle the case where a large number of potential
configurations still need to be processed. configurations still need to be processed.
6. IANA Considerations 6. IANA Considerations
6.1. New SDP Attributes 6.1. New SDP Attributes
The IANA is hereby requested to register the following new SDP The IANA has registered the following new SDP attributes:
attributes as follows:
Attribute name: csup Attribute name: csup
Long form name: Supported capability negotiation extensions Long form name: Supported capability negotiation extensions
Type of attribute: Session-level and media-level Type of attribute: Session-level and media-level
Subject to charset: No Subject to charset: No
Purpose: Option tags for supported SDP capability Purpose: Option tags for supported SDP Capability
negotiation extensions Negotiation extensions
Appropriate values: See Section 3.3.1. of RFCXXXX Appropriate values: See Section 3.3.1 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
Attribute name: creq Attribute name: creq
Long form name: Required capability negotiation extensions Long form name: Required capability negotiation extensions
Type of attribute: Session-level and media-level Type of attribute: Session-level and media-level
Subject to charset: No Subject to charset: No
Purpose: Option tags for required SDP capability Purpose: Option tags for required SDP Capability
negotiation extensions Negotiation extensions
Appropriate values: See Section 3.3.2. of RFCXXXX Appropriate values: See Section 3.3.2 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
Attribute name: acap Attribute name: acap
Long form name: Attribute capability Long form name: Attribute capability
Type of attribute: Session-level and media-level Type of attribute: Session-level and media-level
Subject to charset: No Subject to charset: No
Purpose: Attribute capability containing an attribute Purpose: Attribute capability containing an attribute
name and associated value name and associated value
Appropriate values: See Section 3.4.1. of RFCXXXX Appropriate values: See Section 3.4.1 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
Attribute name: tcap Attribute name: tcap
Long form name: Transport Protocol Capability Long form name: Transport Protocol Capability
Type of attribute: Session-level and media-level Type of attribute: Session-level and media-level
Subject to charset: No Subject to charset: No
Purpose: Transport protocol capability listing one or Purpose: Transport protocol capability listing one or
more transport protocols more transport protocols
Appropriate values: See Section 3.4.2. of RFCXXXX Appropriate values: See Section 3.4.2 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
Attribute name: pcfg Attribute name: pcfg
Long form name: Potential Configuration Long form name: Potential Configuration
Type of attribute: Media-level Type of attribute: Media-level
Subject to charset: No Subject to charset: No
Purpose: Potential configuration for SDP capability Purpose: Potential configuration for SDP Capability
negotiation Negotiation
Appropriate values: See Section 3.5.1. of RFCXXXX Appropriate values: See Section 3.5.1 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
Attribute name: acfg Attribute name: acfg
Long form name: Actual configuration Long form name: Actual configuration
Type of attribute: Media-level Type of attribute: Media-level
Subject to charset: No Subject to charset: No
Purpose: Actual configuration for SDP capability Purpose: Actual configuration for SDP Capability
negotiation Negotiation
Appropriate values: See Section 3.5.2. of RFCXXXX Appropriate values: See Section 3.5.2 of RFC 5939
-- Note to RFC editor:
-- replace RFCXXXX by this RFC number
Contact name: Flemming Andreasen, fandreas@cisco.com Contact name: Flemming Andreasen, fandreas@cisco.com
6.2. New SDP Capability Negotiation Option Tag Registry 6.2. New SDP Capability Negotiation Option Tag Registry
The IANA is hereby requested to create a new SDP Capability The IANA has created a new SDP Capability Negotiation Option Tag
Negotiation Option Tag registry. An IANA SDP Capability Negotiation registry. An IANA SDP Capability Negotiation Option Tag registration
option tag registration MUST be documented in an RFC in accordance MUST be documented in an RFC in accordance with the [RFC5226] IETF
with the [RFC5226] IETF Review policy. The RFC MUST provide the name Review policy. The RFC MUST provide the name of the option tag, a
of the option tag, a syntax and a semantic specification of any new syntax, and a semantic specification of any new SDP attributes and
SDP attributes and any extensions to the potential configuration any extensions to the potential configuration ("a=pcfg") and actual
("a=pcfg") and actual configuration ("a=acfg") attributes provided configuration ("a=acfg") attributes provided in this document. If
in this document. If the extension defines any new SDP attributes the extension defines any new SDP attributes that are intended to be
that are intended to be capabilities for use by the capability capabilities for use by the capability negotiation framework (e.g.,
negotiation framework (similar to e.g. "a=acap"), those capabilities similar to "a=acap"), those capabilities MUST adhere to the
MUST adhere to the guidelines provided in Section 3.4.3. Extensions guidelines provided in Section 3.4.3. Extensions to the potential
to the potential and actual configuration attributes MUST adhere to and actual configuration attributes MUST adhere to the syntax
the syntax provided in Section 3.5.1. and 3.5.2. provided in Sections 3.5.1 and 3.5.2.
The option tag "cap-v0" is defined in this document and the IANA is The option tag "cap-v0" is defined in this document, and the IANA has
hereby requested to register this option tag. registered this option tag.
6.3. New SDP Capability Negotiation Potential Configuration Parameter 6.3. New SDP Capability Negotiation Potential Configuration Parameter
Registry Registry
The IANA is hereby requested to create a new SDP Capability The IANA has created a new SDP Capability Negotiation Potential
Negotiation Potential Configuration Parameter registry. An IANA SDP Configuration Parameter registry. An IANA SDP Capability Negotiation
Capability Negotiation potential configuration registration MUST be Potential Configuration registration MUST be documented in an RFC in
documented in an RFC in accordance with the [RFC5226] IETF Review accordance with the [RFC5226] IETF Review policy. The RFC MUST
policy. The RFC MUST define the syntax and semantics of each new define the syntax and semantics of each new potential configuration
potential configuration parameter. The syntax MUST adhere to the parameter. The syntax MUST adhere to the syntax provided for
syntax provided for extensions in Section 3.5.1. and the semantics extensions in Section 3.5.1 and the semantics MUST adhere to the
MUST adhere to the semantics provided for extensions in Section semantics provided for extensions in Section 3.5.1 and 3.5.2.
3.5.1. and 3.5.2. Associated with each registration MUST be the Associated with each registration MUST be the encoding name for the
encoding name for the parameter as well as a short descriptive name parameter as well as a short descriptive name for it.
for it.
The potential configuration parameters "a" for "attribute" and "t" The potential configuration parameters "a" for "attribute" and "t"
for "transport protocol" are defined in this document and the IANA for "transport protocol" are defined in this document, and the IANA
is hereby requested to register these. has registered them.
7. Acknowledgments 7. Acknowledgments
The SDP Capability Negotiation solution defined in this document The SDP Capability Negotiation solution defined in this document
draws on the overall capability negotiation framework that was draws on the overall capability negotiation framework that was
defined by [SDPng]. Also, the SDP Capability Negotiation solution is defined by [SDPng]. Also, the SDP Capability Negotiation solution is
heavily influenced by the discussions and work done by the SDP heavily influenced by the discussions and work done by the SDP
Capability Negotiation Design Team. The following people in Capability Negotiation Design Team. The following people in
particular provided useful comments and suggestions to either the particular provided useful comments and suggestions to either the
document itself or the overall direction of the solution defined in document itself or the overall direction of the solution defined
here: Francois Audet, John Elwell, Roni Even, Miguel Garcia, Robert here: Francois Audet, John Elwell, Roni Even, Miguel Garcia, Robert
Gilman, Cullen Jennings, Jonathan Lennox, Matt Lepinski, Jean- Gilman, Cullen Jennings, Jonathan Lennox, Matt Lepinski, Jean-
Francois Mule, Joerg Ott, Colin Perkins, Jonathan Rosenberg, Thomas Francois Mule, Joerg Ott, Colin Perkins, Jonathan Rosenberg, Thomas
Stach, and Dan Wing. Stach, and Dan Wing.
General Area review comments were provided by Christian Vogt, and General Area review comments were provided by Christian Vogt, and
Stephen Kent provided Security Directorate review comments. Eric Stephen Kent provided Security Directorate review comments. Eric
Rescorla provided textual input to the Security Considerations. Rescorla provided textual input to the Security Considerations.
Alexey Melnikov, Robert Sparks, and Magnus Westerlund provided Alexey Melnikov, Robert Sparks, and Magnus Westerlund provided
several review comments as well. several review comments as well.
8. Change Log 8. References
8.1. draft-ietf-mmusic-sdp-capability-negotiation-13
o Clarified that unsupported media-level attributes in session-
level attribute capabilities do not trigger an "invalid"
potential configuration, since such attributes will be ignored
per normal SDP rules.
o Clarified text in Section 3.6.1. to more clearly distinguish
between transport protocols and transport protocol capabilities.
o A couple of editorial nit fixes
8.2. draft-ietf-mmusic-sdp-capability-negotiation-12
Addressing IESG review comments as follows:
o Clarified processing rules for "creq" in Section 3.3.2.
o Removed "iptv_rtsp" example in Section 3.4.2.
o Fixed ABNF error in "attribute-config-list".
o Changed ICE [ICE] reference from informative to normative.
o Minor editorial changes.
8.3. draft-ietf-mmusic-sdp-capability-negotiation-11
Addressing IESG review comments as follows:
o Changed att-cap-num and trpr-cap-num ABNF rules throughout to
allow for no more than 10 digits.
o Disallowed base framework only implementations from generating
media-level attribute capabilities at the session-level, and
added explicit rules for how to process them if received.
o Disallowed attribute capabilities from embedding capability
negotiation parameters and discouraged extension capabilities
from similar behavior. Also specified non-recursive processing of
capabilities on the receive side as a safeguard.
o Clarified that the "tcap" attribute specifies only the transport
protocol, however some MIME types can be viewed as transports as
well. The base framework does not define how to negotiate those
as transports, but rather only as media formats that must be
valid under the transport protocol for the media description.
o Changed definition (and ABNF) for attribute-config-list to allow
for only delete-attributes (i.e., no attribute capabilities)
o Clarified that playout of early media before answer is not a
requirement.
o Clarified various offer/answer aspects related to generation of
potential configuration offer SDP session descriptions and
virtual answer SDP session descriptions as well as operation of
delete-attributes.
o Defined the notion of a "valid" actual configuration and how it
affects offerer processing of the answer.
o Removed recommendation to use the TIAS bandwidth type [RFC3890]
and added note explaining why it should not be used.
o Changed IANA rules for new option tags and potential
configuration parameters to follow "IETF Review" policy, and
clarified that potential configuration parameters must be
registered with IANA.
o Changed numerous instances of "SDP" with the more accurate "SDP
session description" to avoid terminology overload.
o Various editorial clarifications throughout.
8.4. draft-ietf-mmusic-sdp-capability-negotiation-10
Addressing General Area and Security Directorate review comments as
follows:
o Explained and motivated the preference order between potential
and actual configurations earlier in the document.
o Added DTLS-SRTP example use in several places, as well as a new
example call flow for DTLS-SRTP.
o Added that interacting session-level attributes in potential
configurations, which do not provide well-defined operation on
the receiving side, cannot be used in security critical contexts.
o Updated Security Considerations section.
o Rephrased several sentences containing the word "only" to improve
readability.
o Minor editorial nit fixes, especially in the example call flows.
8.5. draft-ietf-mmusic-sdp-capability-negotiation-09
Incorporated Working Group Chair review comments and a few additional
comments as follows:
o Clarified that the "a=creq" attribute MUST NOT be used in an
answer (Section 3.6.2. ).
o Various editorial changes throughout.
8.6. draft-ietf-mmusic-sdp-capability-negotiation-08
Incorporated Working Group Last Call comments as follows:
o Added second offer/answer exchange to introductory example, fixed
minor error in that example, and deleted similar example in the
Examples Section.
o Fixed "type=value" semantic error in the attribute capability
definition.
o Clarified that consecutive numbering of capabilities and
potential configurations is not required.
o Fixed inconsistency for which parameters to include in the "acfg"
attribute.
o Changed second offer/answer exchange from MAY to SHOULD strength.
o Clarified there should be a combined second offer/exchange when
using ICE.
o Moved RFC 3407 to informative references.
o Various editorial clarifications.
8.7. draft-ietf-mmusic-sdp-capability-negotiation-07
o Removed the ability to have attribute capabilities provide
attribute names without values, when those attributes otherwise
require an associated value.
o Document no longer obsoletes RFC 3407 but instead recommends that
it is being used instead of RFC 3407.
o Added ability to specific that specific extensions in a potential
configuration are mandatory.
o Changed ABNF for extension-config-list in potential
configurations.
o Removed the redundant "a=" part of attribute capabilities.
o Clarified what it means to support an attribute capability in the
offer/answer procedures.
o Changed "a=acap" attribute and offer/answer procedures to include
only the known and supported attribute capabilities.
o Added new section on indicating bandwidth usage.
8.8. draft-ietf-mmusic-sdp-capability-negotiation-06
o Added additional background text on terminology used, and a new
section on the negotiation model.
o Allowed for session-level attribute capabilities to contain
media-level only attributes, albeit the base framework does not
define (or allow) them to be used in a potential configuration
(extensions may change that)
o Disallowing multiple "a=tcap" attributes at the session-level
and/or on a per media description basis; at most one at the
session-level and per media description now.
o Changed the "a=pcfg" attribute to make a potential configuration
list optional in order to allow for the actual configuration to
be referenced.
o Removed the ability to delete and replace individual attributes
from the actual configuration SDP session description.
o Introduced the notion of mandatory and optional attribute
capabilities in a potential configuration and updated the
"a=pcfg" attribute and associated procedures accordingly.
o Specified that mandatory attribute capabilities and the transport
protocol (if any) from a potential configuration need to be
supported in order to select that potential configuration.
Offer/answer procedures updated accordingly as well.
o Noted potential interaction and synchronization issues with use
of session-level attributes and attribute capabilities and added
recommendation to avoid use of session-level attributes when
possible.
o Fixed error in "a=acfg" grammar (missing config-number) and
updated attribute definition in accordance with the "a=pcfg"
attribute changes.
o Updated text associated with processing media before answer to
allow for playing out garbage or discard until answer received.
Additional detail on alternative solutions provided as well.
o Added recommendation to send back answer SDP session description
as soon as possible, when a potential configuration different
from the actual configuration has been chosen.
o Added new section on interactions with SIP option tags.
o Added new section on dealing with large number of potential
configurations.
o Added new section on SDP capability negotiation and
intermediaries.
o Updated examples in accordance with other changes and to
illustrate use of mandatory and optional attribute capabilities
in a potential configuration.
o Updated security considerations to address potential denial of
service attack caused by large number of potential
configurations.
o Various editorial updates throughout.
8.9. draft-ietf-mmusic-sdp-capability-negotiation-05
o Allowed for '<type>=<value>' attributes to be listed as attribute
capabilities the attribute name only.
o Changed IP-address to conform to RFC 3330 guidelines.
o Added section on relationship to RFC 3407 and "Obsoletes: 3407"
in the front.
o Disallowed use of white space in a number of places for more
consistency with existing SDP practice
o Changed "csup" and "creq" attributes to not allow multiple
instances at the session-level and multiple instances per media
description (only one for each now)
o Changed to not require use of "creq" with base option tag ("cap-
v0").
o Relaxed restrictions on extension capabilities
o Updated potential configuration attribute syntax and semantics.
In particular, potential configuration attributes can now replace
and delete various existing attributes in original SDP session
descriptions to better control potential attribute interactions
with the actual configuration while preserving message size
efficiency.
o Updated actual configuration attribute to align with the updates
to the potential configuration attributes.
o Updated offer/answer procedures to align with other changes.
o Changed recommendation for second offer/answer exchange to "MAY"
strength, unless for the cases where it is known or suspected
that it is needed.
o Updated ICE interactions to explain how the new attribute
delete/replace features can solve certain potential interactions.
o Updated rtpmap and fmtp section to allow potential configurations
to use remapped payload types in attribute capabilities for
rtpmaps and fmtp parameters.
o Added section on direction attributes.
o Added another example showing SRTP with session-level MIKEY and
SDP Security Descriptions using the attribute capability DELETE
operator.
8.10. draft-ietf-mmusic-sdp-capability-negotiation-04
The following are the major changes compared to version -03:
o Added explicit ordering rules for attributes added by potential
configurations.
o Noted that ICE interaction issues (ice-tcp specifically) may not
be as clear as originally thought.
o Added considerations on using rtpmap and fmtp attributes as
attribute capabilities.
o Added multiple transport protocol example.
o Added session-level MIKEY and media level security descriptions
example.
8.11. draft-ietf-mmusic-sdp-capability-negotiation-03
The following are the major changes compared to version -02:
o Base option tag name changed from "v0" to "cap-v0".
o Added new section on extension capability attributes
o Firmed up offer/answer procedures.
o Added security considerations
o Added IANA considerations
8.12. draft-ietf-mmusic-sdp-capability-negotiation-02
The following are the major changes compared to version -01:
o Potential configurations are no longer allowed at the session
level
o Renamed capability attributes ("capar" to "acap" and "ctrpr" to
"tcap")
o Changed name and semantics of the initial number (now called
configuration number) in potential configuration attributes; must
now be unique and can be used as a handle
o Actual configuration attribute now includes configuration number
from the selected potential configuration attribute
o Added ABNF throughout
o Specified that answerer should include "a=csup" in case of
unsupported required extensions in offer.
o Specified use of second offer/answer exchange when answerer
selected a potential configuration
o Updated rules (and added restrictions) for referencing media- and
session-level capabilities in potential configurations (at the
media level)
o Added initial section on ICE interactions
o Added initial section on receiving media before answer
8.13. draft-ietf-mmusic-sdp-capability-negotiation-01
The following are the major changes compared to version -00:
o Media capabilities are no longer considered a core capability and
hence have been removed. This leaves transport protocols and
attributes as the only capabilities defined by the core.
o Version attribute has been removed and an option tag to indicate
the actual version has been defined instead.
o Clarified rules for session-level and media level attributes
provided at either level as well how they can be used in
potential configurations.
o Potential configuration parameters no longer have implicit
ordering; an explicit preference indicator is now included.
o The parameter name for transport protocols in the potential and
actual configuration attributes have been changed "p" to "t".
o Clarified operator precedence within potential and actual
configuration attributes.
o Potential configurations at the session level now limited to
indicate latent capability configurations. Consequently, an
actual configuration attribute can no longer be provided at the
session level.
o Cleaned up capability and potential configuration terminology -
they are now two clearly different things.
8.14. draft-ietf-mmusic-sdp-capability-negotiation-00
Version 00 is the initial version. The solution provided in this
initial version is based on an earlier (individual submission)
version of [SDPCapNeg]. The following are the major changes compared
to that document:
o Solution no longer based on RFC 3407, but defines a set of
similar attributes (with some differences).
o Various minor changes to the previously defined attributes.
o Multiple transport capabilities can be included in a single
"tcap" attribute
o A version attribute is now included.
o Extensions to the framework are formally supported.
o Option tags and the ability to list supported and required
extensions are supported.
o A best-effort SRTP example use case has been added.
o Some terminology change throughout to more clearly indicate what
constitutes capabilities and what constitutes configurations.
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3264] Rosenberg, J., and H. Schulzrinne, "An Offer/Answer Model 8.1. Normative References
with Session Description Protocol (SDP)", RFC 3264, June
2002.
[RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Description Protocol", RFC 4566, July 2006. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model
IANA Considerations Section in RFCs", BCP 26, RFC 5226, with Session Description Protocol (SDP)", RFC 3264, June
May 2008. 2002.
[RFC5234] Crocker, D., and P. Overell, "Augmented BNF for Syntax [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Specifications: ABNF", RFC 5234, January 2008. Description Protocol", RFC 4566, July 2006.
[ICE] J. Rosenberg, "Interactive Connectivity Establishment [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
(ICE): A Methodology for Network Address Translator (NAT) IANA Considerations Section in RFCs", BCP 26, RFC 5226,
Traversal for Offer/Answer Protocols", work in progress, May 2008.
October 2007.
9.2. Informative References [RFC5234] Crocker, D., Ed., and P. Overell, "Augmented BNF for
Syntax Specifications: ABNF", STD 68, RFC 5234, January
2008.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment
A., Peterson, J., Sparks, R., Handley, M., and E. (ICE): A Protocol for Network Address Translator (NAT)
Schooler, "SIP: Session Initiation Protocol", RFC 3261, Traversal for Offer/Answer Protocols", RFC 5245, April
June 2002. 2010.
[RFC3312] G. Camarillo, W. Marshall, and J. Rosenberg, "Integration 8.2. Informative References
of Resource Management and Session Initiation Protocol
(SIP)", RFC 3312, October 2002.
[RFC3262] J. Rosenberg, and H. Schulzrinne, "Reliability of [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
Provisional Responses in Session Initiation Protocol A., Peterson, J., Sparks, R., Handley, M., and E.
(SIP)", RFC 3262, June 2002. Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC3388] Camarillo, G., Eriksson, G., Holler, J., and H. [RFC3312] Camarillo, G., Ed., Marshall, W., Ed., and J. Rosenberg,
Schulzrinne, "Grouping of Media Lines in the Session "Integration of Resource Management and Session Initiation
Description Protocol (SDP)", RFC 3388, December 2002. Protocol (SIP)", RFC 3312, October 2002.
[RFC3407] F. Andreasen, "Session Description Protocol (SDP) Simple [RFC3262] Rosenberg, J. and H. Schulzrinne, "Reliability of
Capability Declaration", RFC 3407, October 2002. Provisional Responses in Session Initiation Protocol
(SIP)", RFC 3262, June 2002.
[RFC3551] Schulzrinne, H., and S. Casner, "RTP Profile for Audio and [RFC3407] Andreasen, F., "Session Description Protocol (SDP) Simple
Video Conferences with Minimal Control", RFC 3551, July Capability Declaration", RFC 3407, October 2002.
2003.
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. [RFC3551] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and
Norrman, "The Secure Real-time Transport Protocol Video Conferences with Minimal Control", STD 65, RFC 3551,
(SRTP).", RFC 3711, March 2004. July 2003.
[RFC3830] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K. [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830, Norrman, "The Secure Real-time Transport Protocol (SRTP)",
August 2004. RFC 3711, March 2004.
[RFC3890] M. Westerlund, "A Transport Independent Bandwidth Modifier [RFC3830] Arkko, J., Carrara, E., Lindholm, F., Naslund, M., and K.
for the Session Description Protocol (SDP).", RFC 3890, Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830,
September 2004. August 2004.
[RFC4145] Yon, D., and G. Camarillo, "TCP-Based Media Transport in [RFC4145] Yon, D. and G. Camarillo, "TCP-Based Media Transport in
the Session Description Protocol (SDP)", RFC 4145, the Session Description Protocol (SDP)", RFC 4145,
September 2005. September 2005.
[RFC4474] J. Peterson, and C. Jennings, "Enhancements for [RFC4474] Peterson, J. and C. Jennings, "Enhancements for
Authenticated Identity Management in the Session Authenticated Identity Management in the Session
Initiation Protocol (SIP)", RFC 4474, August 2006. Initiation Protocol (SIP)", RFC 4474, August 2006.
[RFC4567] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E. [RFC4567] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E.
Carrara, "Key Management Extensions for Session Carrara, "Key Management Extensions for Session
Description Protocol (SDP) and Real Time Streaming Description Protocol (SDP) and Real Time Streaming
Protocol (RTSP)", RFC 4567, July 2006. Protocol (RTSP)", RFC 4567, July 2006.
[RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session [RFC4568] Andreasen, F., Baugher, M., and D. Wing, "Session
Description Protocol Security Descriptions for Media Description Protocol (SDP) Security Descriptions for Media
Streams", RFC 4568, July 2006. Streams", RFC 4568, July 2006.
[RFC4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, [RFC4585] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey,
"Extended RTP Profile for Real-Time Transport Control "Extended RTP Profile for Real-time Transport Control
Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585, July Protocol (RTCP)-Based Feedback (RTP/AVPF)", RFC 4585, July
2006. 2006.
[RFC4588] Rey, J., Leon, D., Miyazaki, A., Varsa, V., and R. [RFC4588] Rey, J., Leon, D., Miyazaki, A., Varsa, V., and R.
Hakenberg, "RTP Retransmission Payload Format", RFC 4588, Hakenberg, "RTP Retransmission Payload Format", RFC 4588,
July 2006. July 2006.
[RFC4756] A. Li, "Forward Error Correction Grouping Semantics in [RFC4756] Li, A., "Forward Error Correction Grouping Semantics in
Session Description Protocol", RFC 4756, November 2006. Session Description Protocol", RFC 4756, November 2006.
[RFC5027] Andreasen, F. and D. Wing, "Security Preconditions for [RFC5027] Andreasen, F. and D. Wing, "Security Preconditions for
Session Description Protocol Media Streams", RFC 5027, Session Description Protocol (SDP) Media Streams", RFC
October 2007. 5027, October 2007.
[RFC5124] Ott, J., and E Carrara, "Extended Secure RTP Profile for [RFC5124] Ott, J. and E. Carrara, "Extended Secure RTP Profile for
Real-time Transport Control Protocol (RTCP)-Based Feedback Real-time Transport Control Protocol (RTCP)-Based Feedback
(RTP/SAVPF)", RFC 5124, February 2008. (RTP/SAVPF)", RFC 5124, February 2008.
[RFC5751] Ramsdell, B., and S. Turner, "Secure/Multipurpose Internet [RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet
Mail Extensions (S/MIME) Version 3.2 Message Mail Extensions (S/MIME) Version 3.2 Message
Specification", RFC 5751, January 2010. Specification", RFC 5751, January 2010.
[BESRTP] Kaplan, H., and F. Audet, "Session Description Protocol [RFC5763] Fischl, J., Tschofenig, H., and E. Rescorla, "Framework
(SDP) Offer/Answer Negotiation for Best-Effort Secure for Establishing a Secure Real-time Transport Protocol
Real-Time Transport Protocol", work in progress, October (SRTP) Security Context Using Datagram Transport Layer
2006. Security (DTLS)", RFC 5763, May 2010.
[DTLS-SRTP] McGrew, D. and E. Rescorla, "Datagram Transport Layer [RFC5764] McGrew, D. and E. Rescorla, "Datagram Transport Layer
Security (DTLS) Extension to Establish Keys for Secure Security (DTLS) Extension to Establish Keys for the Secure
Real-time Transport Protocol (SRTP)", work in progress, Real-time Transport Protocol (SRTP)", RFC 5764, May 2010.
February 2009.
[DTLS-SRTP-FRAMEWORK] Fischl, J., Tschofenig, H., and E. Rescorla, [RFC5888] Camarillo, G. and H. Schulzrinne, "The Session Description
"Framework for Establishing an SRTP Security Context using Protocol (SDP) Grouping Framework", RFC 5888, June 2010.
DTLS", work in progress, March 2009.
[ICETCP] J. Rosenberg, "TCP Candidates with Interactive [BESRTP] Kaplan, H. and F. Audet, "Session Description Protocol
Connectivity Establishment (ICE)", work in progress, (SDP) Offer/Answer Negotiation For Best-Effort Secure
October 2009. Real-Time Transport Protocol", Work in Progress, October
2006.
[SDPCapNeg] Andreasen, F. "SDP Capability Negotiation", (draft- [ICETCP] Rosenberg, J., Keranen, A., Lowekamp, B., and A. Roach,
andreasen-mmusic-sdp-capability-negotiation-01.txt), work "TCP Candidates with Interactive Connectivity
in progress, December 2006. Establishment (ICE)", Work in Progress, September 2010.
[SDPMedCap] Gilman, R, Even, R., and F. Andreasen "SDP Media [SDPMedCap]
Capabilities Negotiation", work in progress, July 2009. Gilman, R., Even, R., and F. Andreasen, "SDP media
capabilities Negotiation", Work in Progress, July 2010.
[SDPng] Kutscher, D., Ott, J., and C. Bormann, "Session [SDPng] Kutscher, D., Ott, J., and C. Bormann, "Session
Description and Capability Negotiation", Work in Progress, Description and Capability Negotiation", Work in Progress,
February 2005. February 2005.
Author's Address Author's Address
Flemming Andreasen Flemming Andreasen
Cisco Systems Cisco Systems
Iselin, NJ 08830 Iselin, NJ 08830
USA USA
Email: fandreas@cisco.com EMail: fandreas@cisco.com
 End of changes. 507 change blocks. 
1950 lines changed or deleted 1469 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/