INTERNET-DRAFT
MMUSIC Working Group                                              D. Yon
Document: draft-ietf-mmusic-sdp-comedia-05.txt             Dialout.Net
Expires September 2003                                      March 2003
Internet-Draft                                          Dialout.Net, Inc
Expires: November 12, 2004                                  G. Camarillo
                                                                Ericsson
                                                            May 14, 2004

     Connection-Oriented Media Transport in SDP
                  <draft-ietf-mmusic-sdp-comedia-05.txt> the Session Description
                             Protocol (SDP)
                  draft-ietf-mmusic-sdp-comedia-06.txt

Status of this Memo

   This document is an Internet-Draft

   By submitting this Internet-Draft, I certify that any applicable
   patent or other IPR claims of which I am aware have been disclosed,
   and is any of which I become aware will be disclosed, in full conformance accordance with
   all provisions of Section 10 of RFC2026.
   RFC 3668.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-
   Drafts. Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at:
   http://www.ietf.org/ietf/1id-abstracts.txt at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at: at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on November 12, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2002). (2004). All Rights Reserved.

Abstract

   This document describes how to express media transport over
   connection-oriented protocols using the Session Description Protocol
   (SDP). It defines two new protocol identifiers: TCP and TLS. TCP/TLS.  It
   also defines the syntax and semantics for an SDP "direction"
   attribute that setup attribute, which describes the connection
   setup procedure.

Yon                                                                  1

1 procedure, and the SDP reconnect attribute.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Protocol Identifiers . . . . . . . . . . . . . . . . . . . . .  3
     3.1   TCP  . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
     3.2   TCP/TLS  . . . . . . . . . . . . . . . . . . . . . . . . .  4
   4.  Setup Attribute  . . . . . . . . . . . . . . . . . . . . . . .  4
     4.1   The Setup Attribute in the Offer/answer Model  . . . . . .  4
     4.2   Multiple-Connection Avoidance when Using Actpass . . . . .  5
   5.  The Reconnect Attribute  . . . . . . . . . . . . . . . . . . .  6
   6.  Connection Lifetime  . . . . . . . . . . . . . . . . . . . . .  7
     6.1   Session Renegotiation  . . . . . . . . . . . . . . . . . .  7
   7.  Examples . . . . . . . . . . . . . . . . . . . . . . . . . . .  8
     7.1   Passive/Active . . . . . . . . . . . . . . . . . . . . . .  8
     7.2   Passive/Active with Reconnect  . . . . . . . . . . . . . .  9
     7.3   Actpass  . . . . . . . . . . . . . . . . . . . . . . . . .  9
   8.  Security Considerations  . . . . . . . . . . . . . . . . . . . 10
   9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 10
   10.   Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10
   11.   References . . . . . . . . . . . . . . . . . . . . . . . . . 11
   11.1  Normative References . . . . . . . . . . . . . . . . . . . . 11
   11.2  Informational References . . . . . . . . . . . . . . . . . . 11
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12
       Intellectual Property and Copyright Statements . . . . . . . . 13

1.  Introduction

   The Session Description Protocol [SDP] [4] provides a general-purpose
   format for describing multimedia sessions in announcements or
   invitations. SDP uses an entirely textual data format (the US-ASCII
   subset of [UTF-8]) UTF-8 [6]) to maximize portability among transports.  SDP
   does not define a protocol, but only the syntax to describe a
   multimedia session with sufficient information to discover and participate in that
   session.  Session descriptions may be sent using arbitrary existing
   application protocols for transport (e.g., SAP,
   SIP, RTSP, SAP [9], SIP [10], RTSP
   [7], email, HTTP, HTTP [8], etc.).

   [SDP] describes

   SDP [4] defines two protocol identifiers: RTP/AVP and UDP, both of
   which are unreliable, represent unreliable connectionless protocols, an protocols. While these
   transports are appropriate
   choice choices for multimedia streams.  There are, however, streams, there are
   applications for which the connection-oriented transports such as TCP are
   more
   appropriate, but [SDP] provides no way to describe a session that
   uses protocols other than RTP or UDP. appropriate. We define two new protocol identifiers: TCP and
   TCP/TLS. Both represent connection-oriented reliable transports.

   Connection-oriented protocols introduce a new factor when describing
   a session: not only must it be possible to express that a protocol
   will be based on this protocol, but it must also describe how should end points perform the connection setup
   procedure.  This memo defines We define two new protocol
   identifiers, TCP and TLS, along with the syntax and semantics of the
   a=direction attributes to describe connection setup:
   setup and a=reconnect attributes.

2 reconnect.

2.  Terminology

   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
   "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
   RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
   described in BCP 14, RFC 2119 [7] [2] and indicate requirement levels for
   compliant implementations.

3

3.  Protocol Identifiers

   The m= line in [SDP] following is where an endpoint specifies the protocol
   used ABNF for the an m= line, as specified by RFC 2327
   [4].

    media-field =         "m=" media in the session.  See the "Media Announcements"
   section of [SDP] space port ["/" integer]
                          space proto 1*(space fmt) CRLF

   We define two new values for a discussion on protocol identifiers. the proto field: TCP and TCP/TLS.

3.1  TCP

   The TCP protocol identifier is similar to the UDP protocol identifier
   in that it only describes the transport protocol without
   any connotation as to protocol, and not the
   upper-layer protocol.  An m= line that specifies "TCP" MUST further
   qualify the application-layer protocol using a an fmt identifier.

   Media lines with the TCP protocol identifier (see [SDP] Appendix B). are carried using TCP
   [1].

3.2 TLS  TCP/TLS

   The TLS TCP/TLS protocol identifier specifies that the session will use
   the Transport Layer Security (TLS) protocol [TLS] with an implied transport
   protocol of TCP.  To describe [3] on top on a media session that uses TLS over
   TCP, the protocol identifier "TLS" must be specified in the m= line.

Yon            INTERNET-DRAFT - Expires September 2003              2 TCP [1]
   connection.

   An m= line that specifies TLS contain the TCP/TLS protocol identifier MUST further
   qualify the protocol using a fmt identifier.

4  Direction

4.  Setup Attribute

   An important

   The setup attribute indicates which of connection-oriented protocols is the setup
   procedure.  One endpoint needs to end points should initiate
   the connection and the
   other endpoint needs to accept establishment (e.g., send the connection. initial TCP SYN). The direction
   setup attribute is used to describe these roles, charset-independent and the syntax is as
   follows:

          a=direction:<role> can be a session-level or
   a media-level attribute. The <role> following is one the ABNF of the following:

   passive: setup
   attribute:

         setup-attr           =  "a=setup:" role
         role                 =  "active" / "passive" / "actpass"

      Active: The endpoint will accept initiate an incoming outgoing connection.

   active:
      Passive: The endpoint will initiate accept an outgoing incoming connection.

   both:
      ActPass: The endpoint will both accept an incoming connection and
      will initiate an outgoing connection.

4.1 Semantics

   The default value of direction:passive

   By specifying direction:passive, the endpoint indicates that the
   port number specified in the setup attribute is actpass. That is, an m=
   line without an associated setup line is available considered to accept be actpass.

4.1  The Setup Attribute in the Offer/answer Model

   The offer/answer model, defined in RFC 3264 [5], provides endpoints
   with a
   connection means to obtain shared view of a session. Some session
   parameters are negotiated (e.g., codecs to use), while others are
   simply communicated from one endpoint to the other endpoint.

4.2 Semantics (e.g., IP
   addresses). The value of direction:active

   By specifying direction:active, the endpoint setup attribute falls into the first
   category. That is, both endpoints negotiate its value using the
   offer/answer model.

   The negotiation of the value of the setup attribute takes places as
   follows. The offerer states which role or roles is willing to perform
   and the answerer, taking the offerer's willingness into
   consideration, chooses which roles both endpoints will actually
   perform during connection establishment. The following are the values
   that the setup attribute can take in an offer/answer exchange:

            Offer     Answer
            _______________
            active    passive
            passive   active
            actpass   active / passive / actpass

   The value active indicates that it will the endpoint SHOULD initiate a
   connection to the port number on the m= line of the other endpoint.
   The port number on its own m= line is irrelevant, and the opposite
   endpoint MUST NOT attempt to initiate a connection to the port number
   specified there. Nevertheless, since the m= line must contain a valid
   port number, the endpoint specifying
   direction:active using the value active SHOULD
   specify a port number of 9 (the discard port) on its m= line.  The
   endpoint MUST NOT specify a port number of zero, as that carries
   other semantics in [SDP]. SDP.

   The following
   SDP fragment shows an example of direction:active:

        c=IN IP4 10.1.1.1
        m=image 9 TCP t38
        a=direction:active IN IP4

4.3 Semantics of direction:both

   By specifying direction:both, the endpoint value passive indicates that it will
   both the endpoint SHOULD be ready to
   accept a TCP connection on the port number of its own specified in the m= line,
   and line.

   The value actpass indicates that it will also the endpoint SHOULD initiate a
   connection to the port number on the m= line of the other endpoint.

Yon            INTERNET-DRAFT - Expires September 2003              3
   Since this attribute describes behavior endpoint
   and that is similar the endpoint SHOULD be ready to
   connectionless media descriptions accept a connection on the
   port number specified in [SDP], it the m= line. It is RECOMMENDED that, if
   possible, endpoints set the default value
   for port number on their m= line to the direction attribute and is therefore optional.

   Endpoints may choose
   source port number which they will use to specify direction:both for one or more establish the connection
   towards the remote endpoint. This way, the transport-layer protocol
   (e.g., TCP) can take care of simultaneous opens.

   Endpoints typically use the actpass value for the following reasons:

      1)
   1.  The endpoint offerer has no preference as to whether it accepts or
       initiates the connection, and therefore connection and, so, is offering letting the remote
         endpoint a choice of connection setup procedures.

      2) answerer choose.
   2.  The endpoints intend to use a single connection to transport the
       media, but it is not known whether firewall NAT (Network Address
       Translator) issues will prevent either endpoint from initiating
       or accepting the connection.  Therefore So, both endpoints will attempt to
       initiate a connection in hopes hoping that at least one will succeed.

   If one

4.2  Multiple-Connection Avoidance when Using Actpass

   When an offer/answer exchange results in actpass, each endpoint specifies either direction:active or
   direction:passive and
   attempts to establish a transport connection towards the other specifies direction:both, both
   endpoints MUST behave as if the latter had specified the inverse
   direction
   endpoint. If only one of the former.  For example, specifying direction:both
   when the other endpoint specifies direction:active SHALL cause both
   endpoints connections succeeds, this connection is
   used to behave as transfer media. Nevertheless, if the former had specified
   direction:passive.  Conversely, specifying direction:both when the
   other endpoint specifies direction:passive SHALL cause both
   endpoints connections succeed,
   one of them needs to behave as if the former had specified direction:active.

   If be terminated so that both endpoints specify direction:both then each endpoint MUST
   initiate exchange
   data over a connection single connection. In this section, we provide rules to
   choose which of the two connections should be terminated (or not even
   initiated).

   First of all, if the endpoints follow the recommendation of setting
   the port number specified on the in their m= line of to the opposite endpoint.  There is one exception source port number which they
   will use to this requirement: establish the connection towards the remote endpoint, the
   transport layer should take care of simultaneous opens (at least if
   TCP is the transport protocol). If, for some reason, any of the
   endpoints does not follow this recommendation, both endpoints should
   follow the rules below.

   If an endpoint receives the incoming is notified about a connection establishment attempt
   from the opposite other endpoint prior to initiating before performing its own outbound connection, then that
   endpoint MAY use that connection rather than attempt to make an
   outbound connection to the opposite endpoint.

   If only one connection succeeds, then that connection will be used
   to carry the media.  Once attempt,
   it has transmitted data on this
   connection, the initiating SHOULD behave as a passive endpoint MUST and SHOULD NOT perform another
   connection attempt to the accepting endpoint.  This allows the
   accepting endpoint to release or recycle the listening port for
   another session once it has received data from the initiating
   endpoint.

   If both connections succeed, the following rules SHALL apply:

   a) Each endpoint MUST accept data from either
   establish any other connection.

   b) Once

   In case two connections are established, if an endpoint has transmitted receives data to
   (i.e., media) over one of the connections,
     it MUST use that connection exclusively for transmission.

   c) Once an endpoint has transmitted AND received data, if one connections before having sent any data
   on any of the
     connections is determined to be idle, connections, the endpoint SHOULD close
     the idle connection.

Yon            INTERNET-DRAFT - Expires September 2003              4

4.4 Optimizing direction:both

   As discussed in the previous section, there is terminate the possibility
   connection that has not carried any data.

   When two connections will be created when only one is needed.  While
   rules in the previous section accommodate the closing of an idle
   connection, they do not prevent a race condition where the are established and both endpoints
   simultaneously start sending
   data on opposite connections thereby
   causing two connections to be used where one would have sufficed.
   While it is not possible to entirely eliminate this race condition, before receiving anything from the other endpoint, it is in may happen
   that each of the endpoints' interest to minimize its occurrence.
   Therefore, when endpoints choose a session is negotiated through interactive exchange
   of SDP between endpoints (as in the case of SIP) AND the result of
   the negotiation is that each endpoint specifies direction:both, it
   is RECOMMENDED that the endpoints use the following guidelines:

   a) There comes a point during the exchange of SDP where one endpoint
     is prepared to send the final message that will complete the
     negotiation and allow the session to begin.  For the purposes of
     this discussion, the endpoint that will send this final message
     will be called the Initiator, and the endpoint that will receive
     this message will be called the Acceptor.

   b) The Initiator, upon receiving sufficient information to initiate a
     connection, MUST attempt to connect to the Acceptor as soon as
     possible.

   c) In order to lower the likelihood that the Acceptor will also
     attempt to initiate a connection, the Initiator SHOULD incorporate
     a short delay between initiating the connection and sending the
     final SDP to the Acceptor.

   d) The delay time chosen by the Initiator MUST NOT introduce an
     unacceptable session setup delay should the different connection to the
     Acceptor not succeed.

4.5 Bidirectional versus Unidirectional Media

   In traditional SDP transport types the flow is unidirectional.  If
   the intent is for media to flow in both directions, both endpoints
   must specify SDP that describes where to deliver the media and what
   media type(s) to use.  For example, if only Endpoint A presents SDP
   then media can only flow towards Endpoint A, as Endpoint B has not
   specified where and how to send media to it.

   Because most connection-oriented media is inherently bi-directional,
   endpoints may encounter a situation where only one side presented
   SDP yet there is now a network path that can carry media in either
   direction.  In keeping with traditional SDP semantics, an endpoint
   MUST NOT send data to the other endpoint unless it has specified SDP
   information describing
   data. If the type of media it can accept.

   It is, however, perfectly acceptable for an endpoint to transmit answerer receives data on the same over a connection it is using to receive data, so long as

Yon            INTERNET-DRAFT - Expires September 2003              5
   the other endpoint has advertised its willingness to accept data.
   Likewise, it is perfectly acceptable for an endpoint to receive after having
   sent data on the same connection other connection, it is using to transmit SHOULD continue sending data to on
   the
   corresponding remote endpoint.  In other words, for a bi-directional
   application-level session, a connection may be used to send until an application-layer data in
   both directions (contingent to rules outlined in Section 2.3) as
   long as one side of the connection is attached to either of the
   advertised SDP transport addresses.

4.6 Treating UDP and RTP/AVP like Connection Oriented Media

   Endpoints MAY specify a direction attribute for UDP or RTP/AVP
   media.  This indicates boundary. At
   that point, the endpoint would like to treat this
   media as a type of connection-oriented media.  (The endpoint may do answerer SHOULD terminate this to facilitate NAT traversal for example.)  Note that for
   backwards compatibility, an endpoint which can specify
   direction:active MUST include valid addresses and ports in the SDP
   as always.  If the peer's SDP does not include a direction
   attribute, it knows that the peer does not support connection-
   oriented media, and media exchange will proceed normally, as if
   connection-oriented media were not offered.

   Endpoints that specify direction:passive MUST NOT send any media,
   any packets whatsoever (including control packets such as RTCP),
   from their passive ports until they receive a packet on these ports
   and record the source address connection and port of the sender.  The passive
   endpoint then assumes that the first packet received corresponds to
   its active peer.  From this point onward, passive endpoints MUST
   send UDP or RTP media from the same port as the port indicated in
   the m= line.  Passive endpoints MUST send RTCP media (if any) from start
   using the port connection on which they expect to receive it (typically the RTP port
   number plus 1).

   Endpoints offerer was sending data.

   Note that specify direction:active MUST be prepared to receive
   on the ports from which they send.  Once they learn the IP address
   and port of their peer from the peer's SDP, they SHOULD immediately
   send some kind of media (even if just comfort noise) to each of
   these ports.  This is so the peer can learn their IP address and
   port, different applications may define application-layer
   boundaries in order different ways. A typical suitable point for the
   answerer to send media back without additional delay.
   Effectively, change connections is the exchange end of an application-layer
   message and the first media packet completes a bi-
   directional handshake between beginning of the active and passive peer.

5 next one.

5.  The Reconnect Attribute

   The preceding description of the a=direction setup attribute has been in the
   context of using SDP to initiate a session.  However, Still, SDP may be
   exchanged between endpoints at various stages of a session to
   accomplish tasks such as terminating a session, redirecting media to
   a new endpoint, or renegotiating the media parameters for a session,
   etc. session.
   After the initial session has been established, it may be ambiguous
   as to whether subsequent SDP exchange represents a confirmation that
   the endpoint is to continue using the current media connection
   unchanged, or is a request to make a new media

Yon            INTERNET-DRAFT - Expires September 2003              6 connection. The
   reconnect attribute attribute, which is charset-independent and can be a
   session-level or a media-level attribute, is used to disambiguate
   these two scenarios, and the syntax scenarios. The following is as follows:

          a=reconnect

   SDP containing a=reconnect signals that the specified session does
   NOT refer to an existing connection between the two endpoints.  If
   the endpoints agree to continue ABNF of the session, reconnect
   attribute:

         reconnect-attr       =  "a=reconnect"

   On reception of an m= line with a reconnect attribute, the endpoints MUST
   SHOULD close the existing connection for the currently negotiated session, connection, in case it was still up, and MUST create
   SHOULD establish a new connection according to the a=direction setup attribute in
   the SDP.  If an endpoint receives SDP that contains
   a=reconnect, the endpoint's response MUST also contain a=reconnect.
   Endpoints MUST NOT include a=reconnect in SDP that negotiates the
   start of a session.

   See section 6, "Connection and Listener Lifetime Considerations" for
   more information on scenarios that are relevant to m= line.

   Either the a=reconnect
   attribute.

6  Connection and Listener Lifetime Considerations

6.1 Listener Lifetime

   An endpoint that has specified direction:both offerer or direction:passive
   MUST be ready to accept the answerer can include a connection on reconnect attribute
   in an m= line. In any event, if the appropriate address and
   port during offer contained this attribute,
   the time slot(s) advertised for that session.  The
   endpoint answer MUST keep the address and port available for incoming
   connections until either:

   a) The time window for the session has expired, or

   b) The endpoint has received the expected number of incoming
     connections on that address and port, or

   c) Subsequent exchanges have superceded the SDP that originally
     advertised the availability of the address and port.

   Once the endpoint has determined that a listener is no longer needed
   on a specific address and port, contain it SHOULD terminate the listener.
   The endpoint is then free to re-use the address and port for
   subsequent session advertisements.

6.2 as well.

6.  Connection Lifetime

   An endpoint that intends to initiate the connection MUST SHOULD initiate
   the connection immediately after it has sufficient information to do
   so, even if it does not intend to immediately begin sending media to
   the remote endpoint.  This allows media to flow from the remote
   endpoint. An endpoint MUST SHOULD NOT close the connection until the
   session has expired, been explicitly terminated, or the media stream
   is redirected to a different address or port.

Yon            INTERNET-DRAFT - Expires September 2003              7

   If the endpoint determines that the connection has been closed, it
   MAY attempt to re-establish the connection. The decision to do so is
   application and/or and context dependant.  If the endpoint opts to
   re-establish the connection, it MUST NOT assume that the original
   address and port advertised by the remote endpoint is still valid.
   Instead, the endpoint MUST renegotiate the session parameters by
   exchanging new SDP.

6.3

6.1  Session Renegotiation and Connection Lifetime

   There are scenarios where SDP is sent by an endpoint in order to
   renegotiate an existing session.  These include muting/unmuting a
   session, renegotiating the attributes of the media used by the
   session, or extending the length of a session about to expire.
   Connection-oriented media introduces some ambiguities into session
   renegotiation as to when the direction attribute must be obeyed and
   when it is ignored.

   The scenario of extending the duration of an existing session is a
   good example: in order to extend an existing session, endpoints will
   typically resend the original SDP with updated time information. In
   connectionless media the result is no change to the existing media
   streams.  The problem with connection oriented media is that the
   original SDP will contain a direction setup attribute which can be
   construed considered
   as a request to create a new connection, as opposed to a request to
   maintain steady state.  To avoid this ambiguity, the The following rule SHALL apply to subsequent exchanges of SDP: help avoid this ambiguity:

      If the transport section (the c= and m= lines)
          combined with the direction attribute of an SDP
          message
      description describes an existing connection between two
          endpoints, AND endpoints
      and the SDP m= line does not contain a=reconnect,
          then a reconnect attribute, the
      endpoints MUST SHOULD use that connection to carry the media described
      in the remainder of the message. The endpoints MUST SHOULD NOT attempt
      to set up a new connection, regardless of what is specified in the
          direction
      setup attribute.

   This disambiguates most session renegotiation scenarios, with
      Note that if the
   exception of muting.  Muting a media stream is accomplished by
   sending port number in the original session SDP but with an "a=inactive" or
   "a=sendonly/recvonly" attribute.  This m= line changes, there is still valid for connection
   oriented media, with no
      need to use the additional caveat that reconnect attribute because the endpoints MUST
   NOT close new port will
      trigger the establishment of a new connection described by that SDP.

7 anyway.

7.  Examples

   What follows are a number of examples that show the most common usage
   of the direction setup attribute combined with TCP-based media descriptions.
   For the purpose of brevity, the main portion of the session
   description is omitted in the examples and is assumed to be the
   following:

Yon            INTERNET-DRAFT - Expires September 2003              8

           v=0
           o=me 2890844526 2890842807 IN IP4 10.1.1.2
           s=Call me using TCP
           t=3034423619 3042462419

7.1 Example: simple passive/active  Passive/Active

   An endpoint offerer at 10.1.1.2 192.0.2.2 signals the its availability of for a T.38 fax
   session at port 54111:

           c=IN IP4 10.1.1.2 192.0.2.2
           m=image 54111 TCP t38
        a=direction:passive
           a=setup:passive

   An endpoint answerer at 10.1.1.1 192.0.2.1 receiving this description offer responds with the
   following:
   following answer:

           c=IN IP4 10.1.1.1 192.0.2.1
           m=image 9 TCP t38
        a=direction:active
           a=setup:active

   The endpoint at 10.1.1.1 192.0.2.1 then initiates the TCP connection to port
   54111 at 10.1.1.2. 192.0.2.2.

7.2 Example: simple passive/active  Passive/Active with reconnect Reconnect

   Continuing the preceding example, consider the scenario where the TCP
   connection fails and the endpoints wish to reestablish the connection
   for the session.  The endpoint at 10.1.1.2 192.0.2.2 signals this intent with
   the following SDP:

           c=IN IP4 10.1.1.2 192.0.2.2
           m=image 54111 TCP t38
        a=direction:passive
           a=setup:passive
           a=reconnect

   The a=reconnect reconnect attribute informs the endpoint at 10.1.1.1 192.0.2.1 that this
   SDP represents the intent to establish a new connection for media
   transport, rather than continuing with the original connection.
   Because the endpoint at 10.1.1.1 192.0.2.1 may not yet be aware that the TCP
   connection has failed, this eliminates any ambiguity. If 10.1.1.1 192.0.2.1
   agrees to continue the session using a new connection, it responds
   with:

           c=IN IP4 10.1.1.1 192.0.2.1
           m=image 9 TCP t38
        a=direction:active
           a=setup:active IN IP4
           a=reconnect

7.3 Example: agnostic both  Actpass

   An endpoint offerer at 10.1.1.2 192.0.2.2 signals the its availability of for a T.38 fax
   session at TCP port 54111, but 54111. Additionally, this offerer is also willing
   to set up the media stream by initiating the TCP connection:

Yon            INTERNET-DRAFT - Expires September 2003              9
        c=IN IP4 10.1.1.2
        m=image 54111 TCP t38
        a=direction:both

   The endpoint at 10.1.1.1 has three choices:

      1) It can respond with either of the two direction:active
         descriptions listed in the previous example.  In this case the
         endpoint at 10.1.1.1 must initiate a connection to port 54111
         at 10.1.1.2.

      2) It can respond with a description similar to the following:

               c=IN IP4 10.1.1.1
               m=image 54321 TCP t38
               a=direction:passive

         In this case the endpoint at 10.1.1.2 must initiate a
         connection to port 54321 at 10.1.1.1.

      3) It can respond with a description that specifies
         direction:both, which is covered in the next example.

7.4 Example: redundant both

   An endpoint at 10.1.1.2 uses the same description as the previous
   example:

           c=IN IP4 10.1.1.2 192.0.2.2
           m=image 54111 TCP t38
        a=direction:both

   Unlike the previous example, the
           a=setup:actpass

   The endpoint at 10.1.1.1 192.0.2.1 responds with the following description:

           c=IN IP4 10.1.1.1 192.0.2.1
           m=image 54321 TCP t38
        a=direction:both
           a=setup:actpass

   This will cause the endpoint at 10.1.1.2 offerer (at 192.0.2.2) to initiate a connection
   to port 54321 at 10.1.1.1, 192.0.2.1 and the endpoint at 10.1.1.1 answerer (at 192.0.2.1) to
   initiate a connection to port 54111 at 10.1.1.2.  Whichever TCP connection
   succeeds will be used.  If both succeed, one of the connections may
   be closed as an optimization, using the rules in section 3.3.

   In order to minimize the chance that two connections are created,
   the endpoint at 10.1.1.1 may opt to use 192.0.2.2. Ideally, the recommendation in
   section 3.4, which
   offerer would result in events occurring in the following
   sequence:

      1) The endpoint at 10.1.1.2 sends SDP use 192.0.2.2:5411 as listed above.  The
         endpoint MUST enable a listener on port 54111 at this time,
         but is not able to initiate a TCP connection due to the fact

Yon            INTERNET-DRAFT - Expires September 2003             10
         that it does not have sufficient information from the endpoint
         at 10.1.1.1.

      2) The endpoint at 10.1.1.1, upon receiving the SDP, immediately
         initiates a TCP connection to 10.1.1.2:54111.

      3) In order to minimize the chance source of a duplicate connection, its connection
   attempt and the
         endpoint at 10.1.1.1 pauses answerer would use 192.0.2.1:54321 as its.

8.  Security Considerations

   See RFC 2327 [4] for a short time security and other considerations specific to allow
   the
         endpoint at 10.1.1.2 Session Description Protocol in general.

   An attacker may attempt to receive the substitute TCP/TLS with only TCP connection initiation.

      4) After the short pause, the endpoint at 10.1.1.1 sends the SDP
         response as listed above.

   The pause in #3 gives the first TCP connection attempt a chance
   session description. So, it is STRONGLY RECOMMENDED that integrity
   protection be applied to
   succeed, since withholding the SDP response deprives the endpoint at
   10.1.1.2 of session descriptions. For session
   descriptions carried in SIP [10], S/MIME is the information it needs natural choice to attempt its own TCP
   connection.

7.5 Example: "Bidirectional" RTP and RTCP

   An endpoint at 10.1.1.2 is behind
   provide such end-to-end integrity protection, as described in RFC
   3261 [10]. Other applications MAY use a different form of integrity
   protection.

   This document touches upon NAT and does not know its own
   public address.

        c=IN IP4 10.1.1.2
        m=audio 9 RTP/AVP 0
        a=direction:active

   A peer with a public IP address responds as follows and waits to
   receive RTP and RTCP packets from its active peer.

        c=IN IP4 1.2.3.4
        m=audio 18240 RTP/AVP 0
        a=direction:passive

   The endpoint at 10.1.1.2 immediately sends RTP from port 9012 traversal. Implementers should be
   aware of some issues that relate to
   1.2.3.4 port 18240. A NAT translates the source address use of private IP addresses
   within the offer/answer model (i.e., they are not specific to 5.6.7.8
   port 1542.  The passive endpoint receives this RTP packet and stores this source address.
   document).

   When the passive an endpoint wants to send RTP
   media it sends it back to 5.6.7.8 port 1542. The NAT translates this
   destination receives a session description with a private IP
   address back to 10.1.1.2 port 9012 and delivers it that belongs to a different address space, in most of the active endpoint.

   Likewise
   cases, the endpoint at 10.1.1.2 immediately sends RTCP from port
   9013 will not be able to 1.2.3.4:18241. The NAT translates reach such an address.
   Nevertheless, if this to 5.6.7.8:1984. The
   passive endpoint receives particular address also exists in the RTCP packet and stores
   endpoint's address space, the source
   address. The passive endpoint sends its RTCP to 5.6.7.8:1984 which
   is translated back to 10.1.1.2:9013 and delivered to may end up reaching a
   different peer than the active
   endpoint.

8  Security Considerations

   See [SDP] for security and other considerations specific to one that generated the
   Session Description Protocol in general.

Yon            INTERNET-DRAFT - Expires September 2003             11

9 session description.
   It is RECOMMENDED that endpoints authenticate their peer somehow
   (e.g., using TLS [3]) or that they encrypt their media.

9.  IANA Considerations

   As recommended

   This document defines two session and media level SDP attributes:
   setup and reconnect. Their formats are defined in Section 4 and
   Section 5 respectively. These two attributes should be registered by [SDP] Appendix B,
   the direction IANA on http://www.iana.org/assignments/sdp-parameters under
   "att-field (both session and reconnect
   attributes described in this media level)".

   This document defines two proto values: TCP and TCP/TLS. Their
   formats are defined in Section 3.1 and Section 3.2 respectively.
   These two proto values should be registered with
   IANA, as should by the "TCP" and "TLS" protocol identifiers. IANA on http://
   www.iana.org/assignments/sdp-parameters under "proto".

10.  Acknowledgements

   The author authors would like to thank Jonathan Rosenberg, Rohan Mahy,
   Anders Kristensen, Jeorg Joerg Ott, Paul Kyzivat, and Robert Fairlie-
   Cuninghame
   Fairlie-Cuninghame, and Colin Perkins for their valuable insights and
   contributions.

Yon            INTERNET-DRAFT - Expires

11.  References

11.1  Normative References

   [1]  Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
        September 2003             12

Appendix A: Direction Attribute Syntax

   This appendix provides an Augmented BNF [ABNF] grammar for
   expressing the direction attribute for connection setup.  It is
   intended as an extension to the grammar 1981.

   [2]  Bradner, S., "Key words for the Session Description
   Protocol, as defined use in [SDP].  Specifically, it describes the
   syntax for the new "connection-setup" attribute field, which MAY be
   either a session-level or media-level attribute.

   connection-setup =    "direction" ":" direction-spec

   direction-spec =      "both" / "active" / "passive"

   reconnect-attribute = "reconnect"

References

   [ABNF]      D. Crocker, P. Overell, "Augmented BNF for Syntax
               Specifications: ABNF," RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [3]  Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC 2234, November 1997

   [SDP]       M.
        2246, January 1999.

   [4]  Handley, M. and V. Jacobson, "SDP: Session Description
               Protocol,"
        Protocol", RFC 2327, April 1998

   [T38]       International Telecommunication Union, "Procedures for
               Real-Time Group 3 Facsimile Communications over IP
               Networks," Recommendation T.38, June 1998

   [TLS]       T. Dierks, C. Allen, "The TLS Protocol," 1998.

   [5]  Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with
        Session Description Protocol (SDP)", RFC 2246,
               January 1999

   [UTF-8]     F. 3264, June 2002.

   [6]  Yergeau, F., "UTF-8, a transformation format of Unicode
               and ISO 10646," 10646", STD
        63, RFC 3629, November 2003.

11.2  Informational References

   [7]   Schulzrinne, H., Rao, A. and R. Lanphier, "Real Time Streaming
         Protocol (RTSP)", RFC 2326, April 1998.

   [8]   Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
         Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol --
         HTTP/1.1", RFC 2616, June 1999.

   [9]   Handley, M., Perkins, C. and E. Whelan, "Session Announcement
         Protocol", RFC 2044, 2974, October 1996

Author's Address 2000.

   [10]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
         Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP:
         Session Initiation Protocol", RFC 3261, June 2002.

Authors' Addresses

   David Yon
   Dialout.Net, Inc. Inc
   One Indian Head Plaza
   Nashua, NH  03060

   Phone: (603) 324-4100
   USA

   EMail: yon@dialout.net

Full Copyright

   Gonzalo Camarillo
   Ericsson
   Hirsalantie 11
   Jorvas  02420
   Finland

   EMail: Gonzalo.Camarillo@ericsson.com

Intellectual Property Statement

   Copyright (C)

   The Internet Society (2003).  All Rights Reserved.

   This document and translations IETF takes no position regarding the validity or scope of it may any
   Intellectual Property Rights or other rights that might be copied and furnished claimed to
   others, and derivative works that comment on or otherwise explain it
   or assist in its
   pertain to the implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction use of any
   kind, provided that the above copyright notice and this paragraph
   are included on all such copies and derivative works.  However, technology described in
   this

Yon            INTERNET-DRAFT - Expires September 2003             13 document itself may or the extent to which any license under such rights
   might or might not be modified in available; nor does it represent that it has
   made any independent effort to identify any way, such as by removing rights. Information
   on the copyright notice or references IETF's procedures with respect to rights in IETF Documents can
   be found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the Internet Society IETF Secretariat and any
   assurances of licenses to be made available, or other
   Internet organizations, except as needed for the purpose result of
   developing Internet standards in which case the procedures an
   attempt made to obtain a general license or permission for
   copyrights defined in the Internet Standards process must be
   followed, use of
   such proprietary rights by implementers or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not users of this
   specification can be
   revoked by obtained from the Internet Society or IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its successors attention any
   copyrights, patents or patent applications, or assigns. other proprietary
   rights that may cover technology that may be required to implement
   this standard. Please address the information to the IETF at
   ietf-ipr@ietf.org.

Disclaimer of Validity

   This document and the information contained herein is are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIMS DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."

Yon            INTERNET-DRAFT - Expires September 2003             14 PURPOSE.

Copyright Statement

   Copyright (C) The Internet Society (2004). This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.

Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.