MMUSIC Working Group                                              D. Yon
Internet-Draft                                          Dialout.Net, Inc
Expires: November 12, December 10, 2004                                  G. Camarillo
                                                            May 14,
                                                           June 11, 2004

     Connection-Oriented Media Transport in the Session Description
                             Protocol (SDP)

Status of this Memo

   By submitting this Internet-Draft, I certify that any applicable
   patent or other IPR claims of which I am aware have been disclosed,
   and any of which I become aware will be disclosed, in accordance with
   RFC 3668.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://

   The list of Internet-Draft Shadow Directories can be accessed at

   This Internet-Draft will expire on November 12, December 10, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2004). All Rights Reserved.


   This document describes how to express media transport over
   connection-oriented protocols using the Session Description Protocol
   (SDP). It defines two new protocol identifiers: the SDP TCP and TCP/TLS.  It
   also defines protocol identifier, the SDP setup
   attribute, which describes the connection setup procedure, and the
   SDP reconnect attribute. connid attribute, which provides a connection identifier.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Protocol Identifiers . . . . . . . . . . . . . . . . . . . . .  3
     3.1   TCP  . . . . . . Identifier  . . . . . . . . . . . . . . . . . . . . .  3
     3.2   TCP/TLS  . .
   4.  Setup Attribute  . . . . . . . . . . . . . . . . . . . . . . .  4
     4.1   The Setup Attribute in the Offer/answer Model  . . . . . .  4
   5.  The Connid Attribute . . . . . . . . . . . . . . . . .  4
     4.1   The Setup Attribute in the Offer/answer Model  . . . . . .  4
     4.2   Multiple-Connection Avoidance when Using Actpass . . . . .  5
   5.  The Reconnect Attribute
     5.1   Offerer Behaviour  . . . . . . . . . . . . . . . . . . . .  6
   6.  Connection Lifetime
     5.2   Answerer Behaviour . . . . . . . . . . . . . . . . . . . .  6
   6.  Connection Management  . .  7
     6.1   Session Renegotiation . . . . . . . . . . . . . . . . . .  7
   7.  Examples . . . . . . . . . . . . . . . . . . . . . . . . . . .  8
     7.1   Passive/Active . . . . . . . . . . . . . . . . . . . . . .  8
     7.2   Passive/Active with Reconnect  . . . . . . . . Connection Reestablishment . . . . . .  9  8
     7.3   Actpass  . . . .   Actpass/Passive  . . . . . . . . . . . . . . . . . . . . .  9
   8.  Security Considerations  . . . . . . . . . . . . . . . . . . . 10  9
   9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 10
   10.   Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10
   11.   References . . . . . . . . . . . . . . . . . . . . . . . . . 11 10
   11.1  Normative References . . . . . . . . . . . . . . . . . . . . 11 10
   11.2  Informational References . . . . . . . . . . . . . . . . . . 11 10
       Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12 11
       Intellectual Property and Copyright Statements . . . . . . . . 13 12

1.  Introduction

   The Session Description Protocol [4] [3] provides a general-purpose
   format for describing multimedia sessions in announcements or
   invitations. SDP uses an entirely textual data format (the US-ASCII
   subset of UTF-8 [6]) [5]) to maximize portability among transports.  SDP
   does not define a protocol, but only the syntax to describe a
   multimedia session with sufficient information to participate in that
   session. Session descriptions may be sent using arbitrary existing
   application protocols for transport (e.g., SAP [9], SIP [10], RTSP
   [6], email, HTTP [8], etc.).

   SDP [4] [3] defines two protocol identifiers: RTP/AVP and UDP, both of
   which represent unreliable connectionless protocols. While these
   transports are appropriate choices for multimedia streams, there are
   applications for which connection-oriented transports transports, such as TCP TCP,
   are more appropriate. We define two a new protocol identifiers: identifier, TCP, to
   describe TCP and
   TCP/TLS. Both represent connection-oriented reliable transports. connetions in SDP.

   Connection-oriented protocols introduce a two new factor when
   describing a session: how and when should end points perform the
   connection setup procedure. We define two new attributes to describe
   connection setup: setups: setup and reconnect. connid.

2.  Terminology

   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
   RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
   described in BCP 14, RFC 2119 [2] and indicate requirement levels for
   compliant implementations.

3.  Protocol Identifiers Identifier

   The following is the ABNF for an m= line, as specified by RFC 2327

    media-field =         "m=" media space port ["/" integer]
                          space proto 1*(space fmt) CRLF

   We define two a new values for the proto field: TCP and TCP/TLS.

3.1  TCP TCP.

   The TCP protocol identifier is similar to the UDP protocol identifier
   in that it only describes the transport protocol, and not the
   upper-layer protocol.  An m= line that specifies "TCP" MUST further
   qualify the application-layer protocol using an fmt identifier. Media
   lines with the TCP protocol identifier are carried using TCP [1].

3.2  TCP/TLS

   The TCP/TLS

   It is RECOMMENDED that documents defining new SDP protocol identifier specifies
   identifiers that involve extra protocol layers between TCP and the session will
   media itself (e.g., TLS [7] over TCP) start with the string "TCP/"
   (e.g., TCP/TLS).

   The following sections define the setup and the connid attributes.
   While they are applicable to m= lines that use the Transport Layer Security (TLS) protocol [3] on top on a TCP [1]

   An protocol
   identifier, they are not limited to them. These attributes SHOULD be
   used in any m= line that contain which uses a connection-oriented transport
   protocol, even if the TCP/TLS protocol identifier MUST further
   qualify of the protocol using a fmt identifier. m= line is not TCP.

4.  Setup Attribute

   The setup attribute indicates which of the end points should initiate
   the connection establishment (e.g., send the initial TCP SYN). The
   setup attribute is charset-independent and can be a session-level or
   a media-level attribute. The following is the ABNF of the setup

         setup-attr           =  "a=setup:" role
         role                 =  "active" / "passive" / "actpass"

      Active: The endpoint will initiate an outgoing connection.
      Passive: The endpoint will accept an incoming connection.
      ActPass: The endpoint will both is willing to accept an incoming connection and
      or to initiate an outgoing connection.

4.1  The default value of the setup attribute is actpass. That is, an m=
   line without an associated setup line is considered to be actpass.

4.1  The Setup Attribute in Setup Attribute in the Offer/answer Model

   The offer/answer model, defined in RFC 3264 [5], [4], provides endpoints
   with a means to obtain shared view of a session. Some session
   parameters are negotiated (e.g., codecs to use), while others are
   simply communicated from one endpoint to the other (e.g., IP
   addresses). The value of the setup attribute falls into the first
   category. That is, both endpoints negotiate its value using the
   offer/answer model.

   The negotiation of the value of the setup attribute takes places as
   follows. The offerer states which role or roles is willing to perform
   and the answerer, taking the offerer's willingness into
   consideration, chooses which roles both endpoints will actually
   perform during connection establishment. The following are the values
   that the setup attribute can take in an offer/answer exchange:

            Offer     Answer
            active    passive
            passive   active
            actpass   active / passive / actpass

   The value active indicates that the endpoint SHOULD initiate a
   connection to the port number on the m= line of the other endpoint.
   The port number on its own m= line is irrelevant, and the opposite
   endpoint MUST NOT attempt to initiate a connection to the port number
   specified there. Nevertheless, since the m= line must contain a valid
   port number, the endpoint specifying using the value active SHOULD
   specify a port number of 9 (the discard port) on its m= line. The
   endpoint MUST NOT specify a port number of zero, as except to denote an
   m= line that carries
   other semantics in SDP. has been or is being refused.

   The value passive indicates that the endpoint SHOULD be ready to
   accept a connection on the port number specified in the m= line.

   The value actpass indicates that the endpoint SHOULD offerer can either initiate a
   connection to the port number on the m= line of the other endpoint
   and that in the endpoint SHOULD be ready to answer or accept
   a connection on the port number specified in the m= line. It is RECOMMENDED that, if
   possible, endpoints set the port number on their m= line to the
   source port number which they will use to establish the connection
   towards the remote endpoint. This way, the transport-layer protocol
   (e.g., TCP) can take care of simultaneous opens.

   Endpoints typically use in the actpass value for
   offer. That is, the following reasons:
   1.  The offerer has no preference as to whether it
   accepts or initiates the connection and, so, is letting the answerer

   The endpoints intend to use a single connection to transport the
       media, but it is not known whether NAT (Network Address
       Translator) issues will prevent either endpoint from initiating
       or accepting default value of the connection. So, both endpoints will attempt to
       initiate a connection hoping that at least one will succeed.

4.2  Multiple-Connection Avoidance when Using Actpass

   When setup attribute in an offer/answer exchange results
   is active in actpass, each endpoint
   attempts to establish a transport connection towards the other
   endpoint. If only one offer and passive in the answer.

5.  The Connid Attribute

   The preceding description of the connections succeeds, this connection is
   used to transfer media. Nevertheless, if both connections succeed,
   one setup attribute has been in the
   context of them needs using SDP to be terminated so that both endpoints exchange
   data over initiate a single connection. In this section, we provide rules to
   choose which of the two connections should session. Still, SDP may be terminated (or not even

   First of all, if the
   exchanged between endpoints follow the recommendation at various stages of setting
   the port number in their m= line a session to the source port number which they
   will use to establish the connection towards the remote endpoint, the
   transport layer should take care of simultaneous opens (at least if
   TCP is the transport protocol). If, for some reason, any of the
   endpoints does not follow this recommendation, both endpoints should
   follow the rules below.

   If an endpoint is notified about a connection establishment attempt
   from the other endpoint before performing its own connection attempt,
   it SHOULD behave as a passive endpoint and SHOULD NOT attempt to
   establish any other connection.

   In case two connections are established, if an endpoint receives data
   (i.e., media) over one of the connections before having sent any data
   on any of the connections, the endpoint SHOULD terminate the
   connection that has not carried any data.

   When two connections are established and both endpoints start sending
   data before receiving anything from the other endpoint, it may happen
   that each of the endpoints choose a different connection to send
   data. If the answerer receives data over a connection after having
   sent data on the other connection, it SHOULD continue sending data on
   the other connection until an application-layer data boundary. At
   that point, the answerer SHOULD terminate this connection and start
   using the connection on which the offerer was sending data.

   Note that different applications may define application-layer
   boundaries in different ways. A typical suitable point for the
   answerer to change connections is the end of an application-layer
   message and the beginning of the next one.

5.  The Reconnect Attribute

   The preceding description of the setup attribute has been in the
   context of using SDP to initiate a session. Still, SDP may be
   exchanged between endpoints at various stages of a session to
   accomplish tasks such as terminating a session, redirecting media
   accomplish tasks such as terminating a session, redirecting media to
   a new endpoint, or renegotiating the media parameters for a session.
   After the initial session has been established, it may be ambiguous
   as to whether subsequent SDP exchange represents a confirmation that
   the endpoint is to continue using the current media connection
   unchanged, or is a request to make a new media connection. The
   media-level connid attribute, which is charset-independent and can be a
   session-level or a media-level attribute, charset-independent, is used
   to disambiguate these two scenarios. The following is the ABNF of the reconnect
   connid attribute:


         connid                 =  "a=reconnect"

   On reception of "a=connid:" connection-identifier
         connection-identifier  = token

   The connid attribute provides an identifier for the transport-layer
   connection used by the m= line. Connid values are meaningful in the
   context of a particular m= line. So, different m= lines in the same
   session description MAY have the same connid value.

5.1  Offerer Behaviour

   Offerers and answerers use the connid attribute to decide whether a
   new transport connection needs to be established or, on the other
   hand, the existing transport connection should still be used.

   When an offerer generates an m= line which uses a connection-oriented
   transport, it SHOULD provide such an m= line with a reconnect connection
   identifier using a connid attribute, unless the endpoints
   SHOULD close application using the existing connection,
   m= line has other means to deal with connection reestablishment. The
   connid attribute in case an initial offer (i.e., no transport connection
   has been established yet) can take any value. This value identifies
   the initial connection that the endpoints will attempt to establish.

   After the initial offer/answer exchange, any of the endpoints can
   generate a new offer to change some characteristics of the session
   (e.g., the direction attribute). If such an offerer wants to continue
   using the previously-established transport-layer connection for the
   m= line, the offerer MUST use the same connid value for the m= line.
   If, on the other hand, the offerer wants to establish a new
   transport-layer connection for the m= line, it was still up, MUST use a new connid
   value. This new connid value MUST be different from the current
   connid value in use and SHOULD establish be different than any connid value
   used previously in the same m= line.

      The connid value in an offer is only compared with the connid
      value currently in use. So, having a connid value different than
      the one in use is enough to trigger the establishment of a new connection according
      connection. Still, we recommend to use a value different than all
      the setup attribute previous ones used in the m= line.

   Either line to make debugging easier.
      Note that, according to the offerer or rules in this section, an offer that
      changes the answerer can include transport address (IP address plus port number) of an
      m= line will have a reconnect attribute new connid value for this m=line.

5.2  Answerer Behaviour

   The connid value for an m= line is negotiated using the offer/answer
   model. The resulting connid value after an offer/answer exchange is
   the connid value in the answer.

   For an m= line. In any event, line, if the offer contained this attribute, contains a new connid value (i.e.,
   different from the answer one in use) the answerer MUST contain it as well.

6.  Connection Lifetime

   An endpoint that intends to initiate use this value in
   the connection SHOULD initiate answer. If the connection immediately after it has sufficient information to do
   so, even if it does not intend to immediately begin sending media to offer contains the connid value in use and the remote endpoint.  This allows media
   answerer wishes to flow from continue using the remote
   endpoint. An endpoint SHOULD NOT close existing transport-layer
   connection, the connection until answerer MUST use this connid value in the
   session has expired, been explicitly terminated, or answer. If
   the media stream
   is redirected offer contains the connid value in use but the answerer wishes to
   establish a different address or port.

   If new transport-layer connection, the endpoint determines that answerer MUST use a
   new connid value in the connection has been closed, it
   MAY attempt to re-establish answer.

   If the connection. The decision to do so is
   application and context dependant.

6.1  Session Renegotiation

   There are scenarios where SDP is sent by connid value for an endpoint in order to
   renegotiate m= line resulting from an existing session.  These include muting/unmuting a
   session, renegotiating offer/answer
   exchange is different than the attributes of connid in use so far, the media used endpoints
   SHOULD establish a new transport-layer connection as indicated by the
   session, or extending the length of
   setup attribute. If a session about to expire.
   Connection-oriented media introduces some ambiguities into session
   renegotiation as to when previous connection is still up, the direction attribute must be obeyed and
   when endpoint
   responsible for establishing the new connection performing the active
   role SHOULD close it as soon as the offer/answer exchange is ignored.

   The scenario of extending

   If the duration of connid value for an existing session m= line resulting from an offer/answer
   exchange is a
   good example: the same as the connid in order to extend an existing session, use so far, the endpoints will
   typically resend
   SHOULD continue using the original SDP with updated time information. existing connection.

   connectionless media the result is no change past, it was proposed to use the existing media
   streams.  The problem with connection oriented media is that the
   original SDP will contain presence of a setup media-level
      SDP attribute which can be considered as a request flag to create indicate that a new connection, as opposed connection needed
      to be established. We chose not to follow the flag approach
      because an offerer whose intent was to signal "no changes" in a
      session would need to issue a request different offer than the previous
      one (i.e., it would need to
   maintain steady state. The following rule help avoid this ambiguity:

      If remove the flag from the transport section (the c= and m= lines) of line). By
      using the connid attribute instead, an SDP
      description describes offerer signals "no
      changes" in a session by issuing an existing identical offer to the one in

6.  Connection Management

   An endpoint that according to an offer/answer exchange is supposed to
   initiate a new connection between two endpoints
      and SHOULD initiate it as soon as the m= line offer/
   answer exchange is completed, even if the endpoint does not contain a reconnect attribute, intend to
   immediately begin sending media to the remote endpoint. This allows
   media to flow from the remote endpoint if needed.

   Typically, endpoints SHOULD use that do not close the connection to carry until the media described
      in session
   has expired, been explicitly terminated, or a new connid value has
   been provided for the m= line. Additionaly, specific applications can
   describe further scenarios where an end-point may close a given
   connection. In case the remainder session is explicitly terminated by one of
   the message. The endpoints SHOULD NOT attempt
      to set up (e.g., the endpoint sends a new connection, regardless of what SIP [10] BYE), the end
   point terminating the session is specified in responsible for closing the
      setup attribute.

   If an endpoint determines that if the port number in the transport-connection for an m=
   line changes, there is no
      need to use has been closed and it should be reestablished, it SHOULD
   perform a new offer/answer exchange using a new connid value for this
   m= line.

      Note that the reconnect SDP direction attribute because (e.g., a=sendonly) deals
      with the new port will
      trigger media sent over the establishment of a new connection anyway. transport-connection, but has no
      impact on the transport-connection itself.

7.  Examples

   What follows are a number of

   The following examples that show the most common usage of the setup
   attribute combined with TCP-based media descriptions. For the purpose
   of brevity, the main portion of the session description is omitted in
   the examples examples, which only show m= lines and is assumed to be the

           o=me 2890844526 2890842807 IN IP4
           s=Call me using TCP
           t=3034423619 3042462419 their attributes
   (including c= lines).

7.1  Passive/Active

   An offerer at signals its availability for a T.38 fax
   session at port 54111:

           c=IN IP4

           m=image 54111 TCP t38
           c=IN IP4

   An answerer at receiving this offer responds with the
   following answer:

           c=IN IP4
           m=image 9 TCP t38

   The endpoint at then initiates the TCP connection to port
   54111 at

7.2  Passive/Active with Reconnect Connection Reestablishment

   Continuing the preceding example, consider the scenario where the TCP
   connection fails and the endpoints wish to reestablish the connection
   for the session.  The endpoint at signals this intent with
   the following SDP:

           c=IN IP4

           m=image 54111 TCP t38
           c=IN IP4
   The reconnect attribute new connid value informs the endpoint at that this SDP
   represents the intent to establish a new connection for media
   transport, rather than continuing with the original connection.
   Because the endpoint at may not yet be aware that the TCP
   connection has failed, this eliminates any ambiguity. If agrees to continue the session using a new connection, it
   responds with:

           c=IN IP4

           m=image 9 TCP t38
           a=setup:active IN
           c=IN IP4

7.3  Actpass

   An  Actpass/Passive

   In another example, an offerer at signals its availability
   for a T.38 fax session at TCP port 54111. Additionally, this offerer
   is also willing to set up the media stream by initiating the TCP

           c=IN IP4

           m=image 54111 TCP t38
           c=IN IP4

   The endpoint at responds with the following description:

           c=IN IP4

           m=image 54321 TCP t38
           c=IN IP4

   This will cause the offerer (at to initiate a connection
   to port 54321 at and the answerer (at to
   initiate a connection to port 54111 at Ideally, the
   offerer would use as the source of its connection
   attempt and the answerer would use as its.

8.  Security Considerations

   See RFC 2327 [4] [3] for security and other considerations specific to
   the Session Description Protocol in general.

   An attacker may attempt to substitute TCP/TLS with only TCP in a
   session description. modify the values of the connid attributes
   to have endpoints reestablish connections unnecesaryly. So, it is
   STRONGLY RECOMMENDED that integrity protection be applied to the SDP
   session descriptions. For session descriptions carried in SIP [10],
   S/MIME is the natural choice to provide such end-to-end integrity
   protection, as described in RFC 3261 [10]. Other applications MAY use
   a different form of integrity protection.

   This document touches upon NAT traversal. Implementers should be
   aware of some issues that relate to the use of private IP addresses
   within the offer/answer model (i.e., they are not specific to this

   When an endpoint receives a session description with a private IP
   address that belongs to a different address space, in most of the
   cases, the endpoint will not be able to reach such an address.
   Nevertheless, if this particular address also exists in the
   endpoint's address space, the endpoint may end up reaching a
   different peer than the one that generated the session description.
   It is RECOMMENDED that endpoints authenticate their peer somehow
   (e.g., using TLS [3]) or that they encrypt their media.

9.  IANA Considerations

   This document defines two session and media level SDP attributes:
   setup and reconnect. connid. Their formats are defined in Section 4 and Section
   5 respectively. These two attributes should be registered by the IANA

   under "att-field (both session and media level)".

   This document defines two a proto values: TCP and TCP/TLS. Their
   formats are TCP. Its format is defined in
   Section 3.1 and Section 3.2 respectively.
   These two 3. This proto values value should be registered by the IANA on http://

   under "proto".

10.  Acknowledgements

   The authors would like to thank

   Jonathan Rosenberg, Rohan Mahy, Anders Kristensen, Joerg Ott, Paul
   Kyzivat, Robert Fairlie-Cuninghame, and Colin Perkins for their Perkins, and Christer
   Holmberg provided valuable insights and contributions.

11.  References

11.1  Normative References

   [1]  Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
        September 1981.

   [2]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [3]  Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC
        2246, January 1999.

   [4]  Handley, M. and V. Jacobson, "SDP: Session Description
        Protocol", RFC 2327, April 1998.


   [4]  Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with
        Session Description Protocol (SDP)", RFC 3264, June 2002.


   [5]  Yergeau, F., "UTF-8, a transformation format of ISO 10646", STD
        63, RFC 3629, November 2003.

11.2  Informational References


   [6]   Schulzrinne, H., Rao, A. and R. Lanphier, "Real Time Streaming
         Protocol (RTSP)", RFC 2326, April 1998.

   [7]   Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC
         2246, January 1999.

   [8]   Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
         Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol --
         HTTP/1.1", RFC 2616, June 1999.

   [9]   Handley, M., Perkins, C. and E. Whelan, "Session Announcement
         Protocol", RFC 2974, October 2000.

   [10]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
         Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP:
         Session Initiation Protocol", RFC 3261, June 2002.

Authors' Addresses

   David Yon
   Dialout.Net, Inc
   One Indian Head Plaza
   Nashua, NH  03060


   Gonzalo Camarillo
   Hirsalantie 11
   Jorvas  02420


Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights. Information
   on the IETF's procedures with respect to rights in IETF Documents can
   be found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard. Please address the information to the IETF at

Disclaimer of Validity

   This document and the information contained herein are provided on an

Copyright Statement

   Copyright (C) The Internet Society (2004). This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.


   Funding for the RFC Editor function is currently provided by the
   Internet Society.