wdiff draft-ietf-taps-minset-08.txt draft-ietf-taps-minset-09.txt

TAPS M. Welzl
Internet-Draft S. Gjessing
Intended status: Informational University of Oslo
Expires: March 9, 17, 2019 September 5, 13, 2018

A Minimal Set of Transport Services for End Systems
draft-ietf-taps-minset-08
draft-ietf-taps-minset-09

Abstract

This draft recommends a minimal set of Transport Services offered by
end systems, and gives guidance on choosing among the available
mechanisms and protocols. It is based on the set of transport
features in RFC 8303.

Status of This Memo

This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

This Internet-Draft will expire on March 9, 17, 2019.

This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Deriving the minimal set . . . . . . . . . . . . . . . . . . 5
4. The Minimal Reduced Set of Transport Features . . . . . . . . . . . . 5
3.1. ESTABLISHMENT, AVAILABILITY and TERMINATION 6
4.1. CONNECTION Related Transport Features . . . . . . . 5
3.2. MAINTENANCE . . . 7
4.2. DATA Transfer Related Transport Features . . . . . . . . 8
4.2.1. Sending Data . . . . . . . . . . . . 8
3.2.1. Connection groups . . . . . . . . 8
4.2.2. Receiving Data . . . . . . . . . . 8
3.2.2. Individual connections . . . . . . . . . 9
4.2.3. Errors . . . . . . 10
3.3. DATA Transfer . . . . . . . . . . . . . . . . . 9
5. Discussion . . . . . 10
3.3.1. Sending Data . . . . . . . . . . . . . . . . . . . . 10
3.3.2. 9
5.1. Sending Messages, Receiving Data . . Bytes . . . . . . . . . . . . 9
5.2. Stream Schedulers Without Streams . . . . . 11
4. Acknowledgements . . . . . . . 10
5.3. Early Data Transmission . . . . . . . . . . . . . . . 12
5. IANA Considerations . . 11
5.4. Sender Running Dry . . . . . . . . . . . . . . . . . . . 12
6. Security Considerations
5.5. Capacity Profile . . . . . . . . . . . . . . . . . . . . 12
7. References
5.6. Security . . . . . . . . . . . . . . . . . . . . . . . . 13
5.7. Packet Size . . 12
7.1. Normative References . . . . . . . . . . . . . . . . . . 12
7.2. Informative References . . . 13
6. The Minimal Set of Transport Features . . . . . . . . . . . . 14
6.1. ESTABLISHMENT, AVAILABILITY and TERMINATION . . 13
Appendix A. Deriving the minimal set . . . . . 14
6.2. MAINTENANCE . . . . . . . . . 14
A.1. Step 1: Categorization -- The Superset of Transport
Features . . . . . . . . . . . . . . 17
6.2.1. Connection groups . . . . . . . . . . 15
A.1.1. CONNECTION Related Transport Features . . . . . . . . 17
A.1.2. 18
6.2.2. Individual connections . . . . . . . . . . . . . . . 19
6.3. DATA Transfer Related Transport Features . . . . . . 33
A.2. Step 2: Reduction -- The Reduced Set of Transport
Features . . . . . . . . . . . . . . . . 20
6.3.1. Sending Data . . . . . . . . 38
A.2.1. CONNECTION Related Transport Features . . . . . . . . 39
A.2.2. DATA Transfer Related Transport Features . . . . 20
6.3.2. Receiving Data . . 40
A.3. Step 3: Discussion . . . . . . . . . . . . . . . . . 21
7. Acknowledgements . . 41
A.3.1. Sending Messages, Receiving Bytes . . . . . . . . . . 41
A.3.2. Stream Schedulers Without Streams . . . . . . . . . . 42
A.3.3. Early Data Transmission 21
8. IANA Considerations . . . . . . . . . . . . . . . 43
A.3.4. Sender Running Dry . . . . . . 21
9. Security Considerations . . . . . . . . . . . 44
A.3.5. Capacity Profile . . . . . . . . 21
10. References . . . . . . . . . . 44
A.3.6. Security . . . . . . . . . . . . . . . 22
10.1. Normative References . . . . . . . 45
A.3.7. Packet Size . . . . . . . . . . . 22
10.2. Informative References . . . . . . . . . . 45
Appendix B. Revision information . . . . . . . 22
Appendix A. The Superset of Transport Features . . . . . . . . . 46
Authors' Addresses 24
A.1. CONNECTION Related Transport Features . . . . . . . . . . 25
A.2. DATA Transfer Related Transport Features . . . . . . . . 41
A.2.1. Sending Data . . . . . 47 . . . . . . . . . . . . . . . 41
A.2.2. Receiving Data . . . . . . . . . . . . . . . . . . . 45
A.2.3. Errors . . . . . . . . . . . . . . . . . . . . . . . 46
Appendix B. Revision information . . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 48

1. Introduction

Currently, the set of transport services that most applications use
is based on TCP and UDP (and protocols that are layered on top of
them); this limits the ability for the network stack to make use of
features of other transport protocols. For example, if a protocol
supports out-of-order message delivery but applications always assume
that the network provides an ordered bytestream, then the network
stack can not immediately deliver a message that arrives out-of-
order: doing so would break a fundamental assumption of the
application. The net result is unnecessary head-of-line blocking
delay.

By exposing the transport services of multiple transport protocols, a
transport system can make it possible for applications to use these
services without being statically bound to a specific transport
protocol. The first step towards the design of such a system was
taken by [RFC8095], which surveys a large number of transports, and
[RFC8303] as well as [RFC8304], which identify the specific transport
features that are exposed to applications by the protocols TCP,
MPTCP, UDP(-Lite) and SCTP as well as the LEDBAT congestion control
mechanism. LEDBAT was included as the only congestion control
mechanism in this list because the "low extra delay background
transport" service that it offers is significantly different from the
typical service provided by other congestion control mechanisms.
This memo is based on these documents and follows the same
terminology (also listed below). Because the considered transport
protocols conjointly cover a wide range of transport features, there
is reason to hope that the resulting set (and the reasoning that led
to it) will also apply to many aspects of other transport protocols
that may be in use today, or may be designed in the future.

By decoupling applications from transport protocols, a transport
system provides a different abstraction level than the Berkeley
sockets interface. interface [POSIX]. As with high- vs. low-level programming
languages, a higher abstraction level allows more freedom for
automation below the interface, yet it takes some control away from
the application programmer. This is the design trade-off that a
transport system developer is facing, and this document provides
guidance on the design of this abstraction level. Some transport
features are currently rarely offered by APIs, yet they must be
offered or they can never be used. Other transport features are
offered by the APIs of the protocols covered here, but not exposing
them in an API would allow for more freedom to automate protocol
usage in a transport system. The minimal set presented in this
document here is an
effort to find a middle ground that can be recommended for transport
systems to implement, on the basis of the transport features
discussed in [RFC8303].

Applications use a wide variety of APIs today. The transport
features in the minimal set in this document must be reflected in
*all* network APIs in order for the underlying functionality to
become usable everywhere. For example, it does not help an
application that talks to a library which offers its own
communication interface if the underlying Berkeley Sockets API is
extended to offer "unordered message delivery", but the library only
exposes an ordered bytestream. Both the Berkeley Sockets API and the
library would have to expose the "unordered message delivery"
transport feature (alternatively, there may be ways for certain types
of libraries to use this transport feature without exposing it, based
on knowledge about the applications -- but this is not the general
case). Similarly, transport protocols such as SCTP offer multi-
streaming, which cannot be utilized, e.g., to prioritize messages
between streams, unless applications communicate the priorities and
the group of connections upon which these priorities should be
applied. In most situations, in the interest of being as flexible
and efficient as possible, the best choice will be for a library to
expose at least all of the transport features that are recommended as
a "minimal set" here.

This "minimal set" can be implemented "one-sided" over TCP. This
means that a sender-side transport system can talk to a standard TCP
receiver, and a receiver-side transport system can talk to a standard
TCP sender. If certain limitations are put in place, the "minimal
set" can also be implemented "one-sided" over UDP.

2. Terminology

Transport Feature: a specific end-to-end feature that While the transport
layer provides to an application. Examples include
confidentiality, reliable delivery, ordered delivery, message-
versus-stream orientation, etc.
Transport Service: a set
possibility of Transport Features, without an
association to any given framing protocol, which provides a
complete service to an application.
Transport Protocol: an such "one-sided" implementation that provides one or more
different transport services using a specific framing and header
format on may help deployment,
it comes at the wire.
Transport Service Instance: an arrangement cost of transport protocols
with a selected limiting the set to services that can also be
provided by TCP (or, with further limitations, UDP). Thus, the
minimal set of transport features and configuration parameters here is applicable for many, but
not all, applications: some application protocols have requirements
that
implements are not met by this "minimal set".

Note that, throughout this document, protocols are meant to be used
natively. For example, when transport features of UDP, or
"implementation over" UDP is discussed, this refers to native usage
of UDP.

2. Terminology

Transport Feature: a single specific end-to-end feature that the transport service, e.g.,
layer provides to an application. Examples include
confidentiality, reliable delivery, ordered delivery, message-
versus-stream orientation, etc.
Transport Service: a protocol stack (RTP
over UDP). set of Transport Features, without an
association to any given framing protocol, which provides a
complete service to an application.
Transport Protocol: an implementation that provides one or more
different transport services using a specific framing and header
format on the wire.
Application: an entity that uses the a transport layer interface for
end-to-end delivery of data across the network (this may also be
an upper layer protocol or tunnel encapsulation).

Application-specific knowledge: knowledge that only applications
have.
Endpoint:
End system: an entity that communicates with one or more other
endpoints end
systems using a transport protocol. An end system provides a
transport layer interface to applications.
Connection: shared state of two or more endpoints end systems that persists
across messages that are transmitted between these endpoints. end systems.
Connection Group: a set of connections which share the same
configuration (configuring one of them causes all other
connections in the same group to be configured in the same way).
We call connections that belong to a connection group "grouped",
while "ungrouped" connections are not a part of a connection
group.
Socket: the combination of a destination IP address and a
destination port number.

Moreover, throughout the document, the protocol name "UDP(-Lite)" is
used when discussing transport features that are equivalent for UDP
and UDP-Lite; similarly, the protocol name "TCP" refers to both TCP
and MPTCP.

3. The Minimal Set of Transport Features

Based on Deriving the categorization, reduction, and discussion in Appendix A,
this section describes a minimal set of transport features

We assume that end
systems should offer. The described transport system can be
implemented over TCP. Elements applications have no specific requirements that need
knowledge about the network, e.g. regarding the choice of network
interface or the system end-to-end path. Even with these assumptions, there
are certain requirements that are not marked
with "!UDP" can strictly kept by transport
protocols today, and these must also be implemented over UDP.

The arguments laid out in Appendix A.3 ("discussion") were used to
make the final representation kept by a transport system.
Some of the minimal set as short, simple and
general as possible. There may be situations where these arguments
do not apply -- e.g., implementers may have specific reasons requirements relate to
expose multi-streaming as a visible transport features that we call
"Functional".

Functional transport features provide functionality to applications, that cannot be
used without the application knowing about them, or else they violate
assumptions that might cause the restrictive open / close semantics may application to fail. For example,
ordered message delivery is a functional transport feature: it cannot
be problematic under some
circumstances. In such cases, configured without the representation in Appendix A.2
("reduction") should application knowing about it because the
application's assumption could be considered.

As that messages always arrive in Appendix A, Appendix A.2 and [RFC8303], we categorize
order. Failure includes any change of the
minimal set application behavior that
is not performance oriented, e.g. security.

"Change DSCP" and "Disable Nagle algorithm" are examples of transport
features as 1) CONNECTION related
(ESTABLISHMENT, AVAILABILITY, MAINTENANCE, TERMINATION) and 2) DATA
Transfer related (Sending Data, Receiving Data, Errors). Here, the
focus is on connections that the we call "Optimizing": if a transport system offers as
autonomously decides to enable or disable them, an
abstraction application will
not fail, but a transport system may be able to communicate more
efficiently if the application, as opposed application is in control of this optimizing
transport feature. These transport features require application-
specific knowledge (e.g., about delay/bandwidth requirements or the
length of future data blocks that are to connections be transmitted).

The transport features of IETF transport protocols that the transport system uses.

3.1. ESTABLISHMENT, AVAILABILITY do not
require application-specific knowledge and TERMINATION

A connection must first be "created" to allow for some initial
configuration to could therefore be carried out before the
utilized by a transport system can
actively or passively establish communication with a remote endpoint.
All configuration parameters in Section 3.2 can be used initially,
although some on its own without involving the
application are called "Automatable".

We approach the construction of them may only take effect when a connection has been
established with a chosen transport protocol. Configuring a
connection early helps a minimal set of transport system make features
in the right decisions.
For example, grouping information can influence following way:

1. Categorization (Appendix A): the superset of transport system
to implement a connection features
from [RFC8303] is presented, and transport features are
categorized as Functional, Optimizing or Automatable for later
reduction.
2. Reduction (Section 4): a stream shorter list of a multi-streaming protocol's
existing association or not.

For ungrouped connections, early configuration transport features is necessary because
it allows
derived from the categorization in the first step. This removes
all transport system to know which protocols it should try
to use. In particular, a transport system that only makes a one-time
choice for a particular protocol must know early about strict
requirements features that must be kept, do not require application-specific
knowledge or it can end up would result in semantically incorrect behavior if
they were implemented over TCP or UDP.
3. Discussion (Section 5): the resulting list shows a deadlock
situation (e.g., having chosen UDP and later be asked to support
reliable transfer). As an example description number of how
peculiarities that are discussed, to correctly
handle these cases, we provide the following decision tree (this a basis for
constructing the minimal set.
4. Construction (Section 6): Based on the reduced set and the
discussion of the transport features therein, a minimal set is
derived from Appendix A.2.1 excluding authentication,
constructed.

Following [RFC8303] and retaining its terminology, we divide the
transport features into two main groups as explained in
Section 6): follows:

1. CONNECTION related transport features
- Will it ever be necessary ESTABLISHMENT
- AVAILABILITY
- MAINTENANCE
- TERMINATION

2. DATA Transfer related transport features
- Sending Data
- Receiving Data
- Errors

4. The Reduced Set of Transport Features

By hiding automatable transport features from the application, a
transport system can gain opportunities to offer any automate the usage of
network-related functionality. This can facilitate using the following?
* Reliably transfer data
* Notify
transport system for the peer application programmer and it allows for
optimizations that may not be possible for an application. For
instance, system-wide configurations regarding the usage of closing/aborting
* Preserve data ordering

Yes: SCTP or TCP multiple
interfaces can better be used.
- Is any exploited if the choice of the following useful interface is
not entirely up to the application?
* Choosing a scheduler application. Therefore, since they are not
strictly necessary to operate between connections expose in a group, transport system, we do not include
automatable transport features in the reduced set of transport
features. This leaves us with only the possibility transport features that are
either optimizing or functional.

A transport system should be able to configure a priority communicate via TCP or weight per connection
* Configurable message reliability
* Unordered message delivery
* Request UDP if
alternative transport protocols are found not to delay the acknowledgement (SACK) of work. For many
transport features, this is possible -- often by simply not doing
anything when a message

Yes: SCTP specific request is preferred.
No:
- Is any made. For some transport
features, however, it was identified that direct usage of neither TCP
nor UDP is possible: in these cases, even not doing anything would
incur semantically incorrect behavior. Whenever an application would
make use of one of these transport features, this would eliminate the
possibility to use TCP or UDP. Thus, we only keep the functional and
optimizing transport features for which an implementation over either
TCP or UDP is possible in our reduced set.

The following useful list contains the transport features from Appendix A,
reduced using these rules. The "minimal set" derived in this
document is meant to be implementable "one-sided" over TCP, and, with
limitations, UDP. In the application?
* list, we therefore precede a transport
feature with "T:" if an implementation over TCP is possible, "U:" if
an implementation over UDP is possible, and "T,U:" if an
implementation over either TCP or UDP is possible.

4.1. CONNECTION Related Transport Features

ESTABLISHMENT:

o T,U: Connect
o T,U: Specify number of attempts and/or timeout for the first
establishment message
o T: Configure authentication
o T: Hand over a message to reliably transfer (possibly multiple
times) before connection establishment
*
o T: Hand over a message to reliably transfer during connection
establishment

AVAILABILITY:

o T,U: Listen
o T: Configure authentication

MAINTENANCE:

o T: Change timeout for aborting connection (using retransmit limit
or time value)

o T: Suggest timeout to the peer
*
o T,U: Disable Nagle algorithm
o T,U: Notification of Excessive Retransmissions (early warning
below abortion threshold)
*
o T,U: Specify DSCP field
o T,U: Notification of ICMP error message arrival

Yes: TCP is preferred.
No: SCTP and TCP are equally preferable.

No: all protocols can be used.
- Is any of the following useful
o T: Change authentication parameters
o T: Obtain authentication information
o T,U: Set Cookie life value
o T,U: Choose a scheduler to the application?
* operate between streams of an
association
o T,U: Configure priority or weight for a scheduler
o T,U: Disable checksum when sending
o T,U: Disable checksum requirement when receiving
o T,U: Specify checksum coverage used by the sender
*
o T,U: Specify minimum checksum coverage required by receiver

Yes: UDP-Lite is preferred.
No: UDP is preferred.

Note
o T,U: Specify DF field
o T,U: Get max. transport-message size that this decision tree is not optimal for all cases. For
example, if an application wants to use "Specify checksum coverage
used by the sender", which is only offered by UDP-Lite, and
"Configure priority or weight for a scheduler", which is only offered
by SCTP, the above decision tree will always choose UDP-Lite, making
it impossible to use SCTP's schedulers with priorities between
grouped connections. We caution implementers to may be aware of the full
set of trade-offs, for which we recommend consulting the list in
Appendix A.2.1 when deciding how to initialize sent using a connection.

To summarize, non-
fragmented IP packet from the following parameters serve as input for configured interface
o T,U: Get max. transport-message size that may be received from the
transport system to help it choose
configured interface
o T,U: Obtain ECN field
o T,U: Enable and configure a suitable protocol: "Low Extra Delay Background Transfer"

TERMINATION:

o Reliability: a boolean that should be set to true when any of the
following will be useful to the application: T: Close after reliably transfer
data; notify delivering all remaining data, causing an
event informing the peer of closing/aborting; preserve data ordering. application on the other side
o Checksum coverage: a boolean to specify whether it will be useful
to T: Abort without delivering remaining data, causing an event
informing the application to specify checksum coverage when sending or
receiving. on the other side
o Configure message priority: a boolean that should be set to true
when any of T,U: Abort without delivering remaining data, not causing an event
informing the following per-message configuration or
prioritization mechanisms will application on the other side
o T,U: Timeout event when data could not be useful delivered for too long

4.2. DATA Transfer Related Transport Features

4.2.1. Sending Data

o T: Reliably transfer data, with congestion control
o T: Reliably transfer a message, with congestion control
o T,U: Unreliably transfer a message
o T: Configurable Message Reliability
o T: Ordered message delivery (potentially slower than unordered)
o T,U: Unordered message delivery (potentially faster than ordered)
o T,U: Request not to the application:
choosing bundle messages
o T: Specifying a scheduler key id to operate between grouped connections, with
the possibility be used to configure authenticate a priority or weight per connection;
configurable message reliability; unordered message delivery;
requesting
o T,U: Request not to delay the acknowledgement (SACK) of a message. message

4.2.2. Receiving Data

o Early T,U: Receive data (with no message timeout notifications: delimiting)
o U: Receive a boolean message
o T,U: Information about partial message arrival

4.2.3. Errors

This section describes sending failures that should be set are associated with a
specific call to true when any of in the following will be useful to "Sending Data" category (Appendix A.2.1).

o T,U: Notification of send failures
o T,U: Notification that the
application: hand over a message stack has no more user data to reliably transfer (possibly
multiple times) before connection establishment; suggest timeout send
o T,U: Notification to the peer; notification of excessive retransmissions (early
warning below abortion threshold); notification of ICMP error a receiver that a partial message arrival.

Once delivery
has been aborted

5. Discussion

The reduced set in the previous section exhibits a connection is created, it can be queried for number of
peculiarities, which we will discuss in the maximum
amount following. This section
focuses on TCP because, with the exception of data that an application can possibly expect to have
reliably transmitted before or during one particular
transport connection
establishment (with zero being feature ("Receive a possible answer) (see message" -- we will discuss this in
Section 3.2.1). An application can also give 5.1), the connection list shows that UDP is strictly a
message for reliable transmission before or during connection
establishment (!UDP); the transport system will then subset of TCP.
We can first try to transmit
it as early as possible. An application can facilitate sending understand how to build a
message particularly early by marking it as "idempotent" (see
Section 3.3.1); in this case, transport system that
can run over TCP, and then narrow down the receiving application must be
prepared result further to potentially receive multiple copies of the message
(because idempotent messages are reliably transferred, asking for
idempotence is not necessary for systems allow
that support UDP).

After creation, a transport the system can actively establish
communication with a peer, always run over either TCP or it can passively listen for incoming
connection requests. Note that active establishment may or may not
trigger UDP (which
effectively means removing everything related to reliability,
ordering, authentication and closing/aborting with a notification on the listening side. It is possible that
the first notification on to
the listening side is peer).

Note that, because the arrival functional transport features of UDP are --
with the
first data that the active side sends (a receiver-side transport
system could handle this by continuing to block exception of "Receive a "Listen" call,
immediately followed by issuing "Receive", message" -- a subset of TCP, TCP can
be used as a replacement for example; callback-
based implementations could simply skip UDP whenever an application does not
need message delimiting (e.g., because the equivalent of "Listen"). application-layer protocol
already does it). This also means has been recognized by many applications that the active opening side is assumed
already do this in practice, by trying to be the
first side sending data.

A communicate with UDP at
first, and falling back to TCP in case of a connection failure.

5.1. Sending Messages, Receiving Bytes

For implementing a transport system can actively close over TCP, there are several
transport features related to sending, but only a connection, i.e. terminate it
after reliably delivering all remaining data single transport
feature related to the peer (if reliable receiving: "Receive data delivery was requested earlier (!UDP)), in which case (with no message
delimiting)" (and, strangely, "information about partial message
arrival"). Notably, the peer transport feature "Receive a message" is notified that
also the connection only non-automatable transport feature of UDP(-Lite) for
which no implementation over TCP is closed. Alternatively, a
connection can be aborted without delivering outstanding data possible.

To support these TCP receiver semantics, we define an "Application-
Framed Bytestream" (AFra-Bytestream). AFra-Bytestreams allow senders
to operate on messages while minimizing changes to the
peer. TCP socket
API. In case reliable or partially reliable data delivery was
requested earlier (!UDP), the peer is notified that particular, nothing changes on the connection is
aborted. A timeout receiver side - data can
be configured to abort accepted via a connection when data
could not be delivered for too long (!UDP); however, timeout-based
abortion does not notify normal TCP socket.

In an AFra-Bytestream, the peer sending application that can optionally inform
the connection has
been aborted. Because half-closed connections are not supported,
when a host implementing a transport system receives a notification
that the peer is closing about message boundaries and required properties per
message (configurable order and reliability, or aborting the connection (!UDP), its peer
may not be able to read outstanding data. This means that
unacknowledged data residing embedding a transport system's send buffer may
have request
not to be dropped from that buffer upon arrival delay the acknowledgement of a "close" or
"abort" notification from the peer.

3.2. MAINTENANCE

A transport system must offer means to group connections, but it
cannot guarantee truly grouping them using message). Whenever the transport protocols sending
application specifies per-message properties that relax the notion of
reliable in-order delivery of bytes, it uses (e.g., it cannot be guaranteed that connections become
multiplexed as streams on a single SCTP association when SCTP may not
be available). The transport system must therefore ensure assume that
group- versus non-group-configurations are handled correctly in some
way (e.g., by applying the configuration to all grouped connections
even when they are not multiplexed, or informing the
receiving application
about grouping success or failure).

As a general rule, any configuration described below should be
carried out as early as possible is 1) able to aid the transport system's
decision making.

3.2.1. Connection groups

The following transport features determine message boundaries,
provided that messages are always kept intact, and notifications (some directly
from Appendix A.2, some new or changed, based on 2) able to accept
these relaxed per-message properties. Any signaling of such
information to the discussion in
Appendix A.3) automatically apply peer is up to all grouped connections:

(!UDP) Configure a timeout: an application-layer protocol and
considered out of scope of this can be done document.

For example, if an application requests to transfer fixed-size
messages of 100 bytes with partial reliability, this needs the following
parameters:

o A timeout value for aborting connections, in seconds
o A timeout value
receiving application to be suggested prepared to the peer (if possible), accept data in
seconds
o The number chunks of retransmissions after which 100
bytes. If, then, some of these 100-byte messages are missing (e.g.,
if SCTP with Configurable Reliability is used), this is the expected
application should behavior. With TCP, no messages would be notifed of "Excessive Retransmissions"

Configure urgency: missing, but
this can be done with is also correct for the following parameters:

o A number to identify application, and the type of scheduler possible
retransmission delay is acceptable within the best-effort service
model (see [RFC7305], Section 3.5). Still, the receiving application
would separate the byte stream into 100-byte chunks.

Note that should this usage of messages does not require all messages to be used to
operate between connections
equal in size. Many application protocols use some form of Type-
Length-Value (TLV) encoding, e.g. by defining a header including
length fields; another alternative is the group (no guarantees given).
Schedulers are defined in [RFC8260].
o A "capacity profile" number to identify how use of byte stuffing
methods such as COBS [COBS]. If an application wants needs message
numbers, e.g. to use its available capacity. Choices can be "lowest possible
latency at restore the expense correct sequence of overhead" (which would disable any
Nagle-like algorithm), "scavenger", or values that help determine
the DSCP value for a connection (e.g. similar to table 1 in
[I-D.ietf-tsvwg-rtcweb-qos]).
o A buffer limit (in bytes); when messages, these must
also be encoded by the sender has less than application itself, as the
provided limit sequence number
related transport features of bytes in SCTP are not provided by the buffer, "minimum
set" (in the application may be
notified. Notifications are interest of enabling usage of TCP).

5.2. Stream Schedulers Without Streams

We have already stated that multi-streaming does not guaranteed, and it is optional
for a transport system require
application-specific knowledge. Potential benefits or disadvantages
of, e.g., using two streams of an SCTP association versus using two
separate SCTP associations or TCP connections are related to support buffer limit values greater than
0. Note that this limit and its notification should operate
across
knowledge about the buffers of network and the whole particular transport system, i.e. also any
potential buffers that protocol in
use, not the application. However, the transport system itself may use on top features "Choose a
scheduler to operate between streams of the transport's send buffer.

Following Appendix A.3.7, these properties an association" and
"Configure priority or weight for a scheduler" operate on streams.
Here, streams identify communication channels between which a
scheduler operates, and they can be queried:

o The maximum message size assigned a priority. Moreover,
the transport features in the MAINTENANCE category all operate on
assocations in case of SCTP, i.e. they apply to all streams in that may be sent without fragmentation
via
assocation.

With only these semantics necessary to represent, the configured interface. This is optional for interface to a
transport system to offer, and becomes easier if we assume that connections may return an error ("not available"). It
can aid applications implementing Path MTU Discovery.
o The maximum be
not only a transport message size that can protocol's connection or association, but could
also be sent, in bytes.
Irrespective of fragmentation, there is a size limit stream of an existing SCTP association, for the
messages that example. We
only need to allow for a way to define a possible grouping of
connections. Then, all MAINTENANCE transport features can be handed over said to SCTP or UDP(-Lite); because
operate on connection groups, not connections, and a scheduler
operates on the service provided by connections within a group.

To be compatible with multiple transport system is independent of the protocols and uniformly
allow access to both transport connections and streams of a multi-
streaming protocol, it must allow an application the semantics of opening and closing need to query this
value -- be
the maximum size most restrictive subset of all of the underlying options. For
example, TCP's support of half-closed connections can be seen as a message in an Application-Framed-
Bytestream (see Appendix A.3.1). This may also return an error
when data is
feature on top of the more restrictive "ABORT"; this feature cannot
be supported because not delimited ("not available").
o The maximum all protocols used by a transport message size that can be received from the
configured interface, in bytes (or "not available").
o The maximum amount system
(including streams of data that can possibly be sent an association) support half-closed
connections.

5.3. Early Data Transmission

There are two transport features related to transferring a message
early: "Hand over a message to reliably transfer (possibly multiple
times) before or
during connection establishment, in bytes.

In addition establishment", which relates to the already mentioned closing / aborting notifications TCP Fast
Open [RFC7413], and possible send errors, "Hand over a message to reliably transfer during
connection establishment", which relates to SCTP's ability to
transfer data together with the following notifications COOKIE-Echo chunk. Also without TCP
Fast Open, TCP can occur:

o Excessive Retransmissions: transfer data during the configured (or a default) number of
retransmissions has been reached, yielding this early warning
below an abortion threshold.
o ICMP Arrival (parameter: ICMP message): an ICMP packet carrying handshake, together with
the conveyed ICMP message has arrived.
o ECN Arrival (parameter: ECN value): a SYN packet carrying -- however, the conveyed
ECN value has arrived. This can be useful for applications
implementing congestion control.
o Timeout (parameter: s seconds): receiver of this data could may not be delivered for s
seconds.
o Drain: hand it
over to the send buffer has either drained below application until the configured
buffer limit or it handshake has become completely empty. This is a generic
notification that tries to enable uniform access to
"TCP_NOTSENT_LOWAT" completed. Also,
different from TCP Fast Open, this data is not delimited as well a message
by TCP (thus, not visible as the "SENDER DRY" notification (as
discussed in Appendix A.3.4 -- SCTP's "SENDER DRY" is a special
case where the threshold (for unsent data) ``message''). This functionality is 0
commonly available in TCP and there is also
no more unacknowledged data supported in several implementations,
even though the send buffer).

3.2.2. Individual connections

Configure priority TCP specification does not explain how to provide it
to applications.

A transport system could differentiate between the cases of
transmitting data "before" (possibly multiple times) or weight for a scheduler, as described in
[RFC8260].

Configure checksum usage: this can be done with "during" the following
parameters, but there is no guarantee
handshake. Alternatively, it could also assume that any checksum limitations data that are
handed over early will indeed be enforced (the default behavior is "full coverage,
checksum enabled"):

o A boolean to enable / disable usage of a checksum when sending
o The desired coverage (in bytes) of transmitted as early as possible, and
"before" the checksum handshake would only be used when sending
o A boolean for messages that are
explicitly marked as "idempotent" (i.e., it would be acceptable to enable / disable requiring a checksum when receiving
o
transfer them multiple times).

The required minimum coverage (in bytes) amount of data that can successfully be transmitted before or
during the checksum when
receiving

3.3. DATA Transfer

3.3.1. Sending Data

When sending a message, no guarantees are given about handshake depends on various factors: the
preservation transport
protocol, the use of message boundaries to the peer; if message boundaries
are needed, the receiving application at header options, the peer must know about
them beforehand (or choice of IPv4 and IPv6 and
the Path MTU. A transport system cannot use TCP). Note that
an application should already be able therefore allow a sending
application to hand over query the maximum amount of data it can possibly
transmit before the
transport system establishes a (or, if exposed, during) connection with a chosen establishment.

5.4. Sender Running Dry

The transport
protocol. Regarding the message feature "Notification that is being handed over, the
following parameters can stack has no more user
data to send" relates to SCTP's "SENDER DRY" notification. Such
notifications can, in principle, be used:

o Reliability: this parameter is used to convey a choice of: fully
reliable with congestion control (!UDP), unreliable without
congestion control, unreliable with congestion control (!UDP),
partially reliable with congestion control (see [RFC3758] and
[RFC7496] for details on how avoid having an
unnecessarily large send buffer, yet ensure that the transport sender
always has data available when it has an opportunity to specify partial reliability)
(!UDP). The latter two choices are optional transmit it.
This has been found to be very beneficial for a some applications
[WWDC2015]. However, "SENDER DRY" truly means that the entire send
buffer (including both unsent and unacknowledged data) has emptied --
i.e., when it notifies the sender, it is already too late, the
transport
system protocol already missed an opportunity to offer and may result send data. Some
modern TCP implementations now include the unspecified
"TCP_NOTSENT_LOWAT" socket option that was proposed in full reliability. Note [WWDC2015],
which limits the amount of unsent data that
applications sending unreliable data without congestion control
should themselves perform congestion control TCP can keep in accordance with
[RFC2914].
o (!UDP) Ordered: the
socket buffer; this boolean parameter lets an application choose
between ordered message delivery (true) and possibly unordered,
potentially faster message delivery (false).
o Bundle: a boolean that expresses a preference allows to specify at which buffer filling level
the socket becomes writable, rather than waiting for allowing the buffer to
bundle messages (true) or not (false). No guarantees are given.
o DelAck: a boolean that, if false, lets an application request that
run empty.

SCTP allows to configure the peer would not delay sender-side buffer too: the acknowledgement for automatable
Transport Feature "Configure send buffer size" provides this message.
o Fragment: a boolean that expresses
functionality, but only for the complete buffer, which includes both
unsent and unacknowledged data. SCTP does not allow to control these
two sizes separately. It therefore makes sense for a preference transport
system to allow for allowing uniform access to
fragment messages (true) or not (false), at "TCP_NOTSENT_LOWAT" as well as
the IP level. No
guarantees are given. "SENDER DRY" notification.

5.5. Capacity Profile

The transport features:

o (!UDP) Idempotent: Disable Nagle algorithm
o Enable and configure a boolean that expresses whether "Low Extra Delay Background Transfer"
o Specify DSCP field

all relate to a message is
idempotent (true) QoS-like application need such as "low latency" or not (false). Idempotent messages may arrive
multiple times at
"scavenger". In the receiver (but interest of flexibility of a transport system,
they will arrive at least
once). When data is idempotent it can could therefore be used by the receiver
immediately on a connection establishment attempt. Thus, if data
is handed over before the transport system establishes offered in a
connection with uniform, more abstract way,
where a chosen transport protocol, stating that system could e.g. decide by itself how to use
combinations of LEDBAT-like congestion control and certain DSCP
values, and an application would only specify a
message is idempotent facilitates transmitting general "capacity
profile" (a description of how it wants to use the peer
application particularly early.

An application can be notified available
capacity). A need for "lowest possible latency at the expense of a failure
overhead" could then translate into automatically disabling the Nagle
algorithm.

In some cases, the Nagle algorithm is best controlled directly by the
application because it is not only related to send a specific
message. There general profile but
also to knowledge about the size of future messages. For fine-grain
control over Nagle-like functionality, the "Request not to bundle
messages" is no guarantee available.

5.6. Security

Both TCP and SCTP offer authentication. TCP authenticates complete
segments. SCTP allows to configure which of such notifications, i.e. send
failures can also silently occur.

3.3.2. Receiving Data

A receiving application obtains an "Application-Framed Bytestream"
(AFra-Bytestream); SCTP's chunk types must
always be authenticated -- if this concept is further described in
Appendix A.3.1). In line with TCP's receiver semantics, exposed as such, it creates an AFra-
Bytestream is just a stream of bytes to the receiver. If message
boundaries were specified by
undesirable dependency on the sender, transport protocol. For compatibility
with TCP, a receiver-side transport system implementing should only the minimum set of allow to configure complete
transport services
defined here will still not inform the receiving application about
them (this limitation layer packets, including headers, IP pseudo-header (if any)
and payload.

Security is only needed for discussed in a separate document
[I-D.ietf-taps-transport-security]. The minimal set presented in the
present document excludes all security related transport systems that are
implemented to directly use TCP).

Different features
from TCP's semantics, if the sending application has
allowed that messages are not fully reliably transferred, or
delivered out of order, then such re-ordering or unreliability may Appendix A: "Configure authentication", "Change authentication
parameters", "Obtain authentication information" and and "Set Cookie
life value" as well as "Specifying a key id to be
reflected per message in the arriving data. Messages will always
stay intact - i.e. if used to
authenticate a message".

5.7. Packet Size

UDP(-Lite) has a transport feature called "Specify DF field". This
yields an incomplete error message is contained at the end in case of the arriving data block, this sending a message that exceeds the
Path MTU, which is guaranteed necessary for a UDP-based application to continue in
the next arriving data block.

4. Acknowledgements

The authors would like be able
to thank all implement Path MTU Discovery (a function that UDP-based
applications must do by themselves). The "Get max. transport-message
size that may be sent using a non-fragmented IP packet from the participants of
configured interface" transport feature yields an upper limit for the TAPS
Working Group
Path MTU (minus headers) and can therefore help to implement Path MTU
Discovery more efficiently.

6. The Minimal Set of Transport Features

Based on the NEAT categorization, reduction, and MAMI research projects for valuable
input to discussion in Section 3,
this document. We especially thank Michael Tuexen for help
with connection connection establishment/teardown, Gorry Fairhurst
for his suggestions regarding fragmentation and packet sizes, and
Spencer Dawkins for his extremely detailed and constructive review.
This work has received funding from the European Union's Horizon 2020
research and innovation programme under grant agreement No. 644334
(NEAT).

5. IANA Considerations

This memo includes no request to IANA.

6. Security Considerations

Authentication, confidentiality protection, and integrity protection
are identified as section describes a minimal set of transport features by [RFC8095]. As currently
deployed in that end
systems should offer. Any configuration based the Internet, these features are generally provided by a
protocol or layer on top described minimum
set of transport feature can always be realized over TCP but also
gives the transport protocol; no current full-
featured standards-track system flexibility to choose another transport protocol provides all if
implemented. In the text of these
transport features on its own. Therefore, these transport features
are not considered in this document, with the exception section, "not UDP" is used to
indicate elements of native
authentication capabilities the system that cannot be implemented over UDP.
Conversely, all elements of TCP and SCTP for which the security
considerations in [RFC5925] and [RFC4895] apply. The minimum
requirements for a secure transport system that are discussed not marked with "not
UDP" can also be implemented over UDP.

The arguments laid out in a
separate document (Section Section 5 on Security Features and Transport
Dependencies ("discussion") were used to make
the final representation of [I-D.ietf-taps-transport-security]).

7. References

7.1. Normative References

[I-D.ietf-taps-transport-security]
Pauly, T., Perkins, C., Rose, K., the minimal set as short, simple and C. Wood, "A Survey
of Transport Security Protocols", draft-ietf-taps-
transport-security-02 (work in progress), June 2018.

[RFC8095] Fairhurst, G., Ed., Trammell, B., Ed., and M. Kuehlewind,
Ed., "Services Provided by IETF Transport Protocols and
Congestion Control Mechanisms", RFC 8095,
DOI 10.17487/RFC8095, March 2017,
<https://www.rfc-editor.org/info/rfc8095>.

[RFC8303] Welzl, M., Tuexen, M., and N. Khademi, "On the Usage of
Transport Features Provided by IETF Transport Protocols",
RFC 8303, DOI 10.17487/RFC8303, February 2018,
<https://www.rfc-editor.org/info/rfc8303>.

7.2. Informative References

[COBS] Cheshire, S. and M. Baker, "Consistent Overhead Byte
Stuffing", IEEE/ACM Transactions on Networking Vol. 7, No.
2, April 1999.

[I-D.ietf-tsvwg-rtcweb-qos]
Jones, P., Dhesikan, S., Jennings, C., and D. Druta, "DSCP
Packet Markings for WebRTC QoS", draft-ietf-tsvwg-rtcweb-
qos-18 (work in progress), August 2016.

[LBE-draft]
Bless, R., "A Lower Effort Per-Hop Behavior (LE PHB)",
Internet-draft draft-tsvwg-le-phb-03, February 2018.

[RFC2914] Floyd, S., "Congestion Control Principles", BCP 41,
RFC 2914, DOI 10.17487/RFC2914, September 2000,
<https://www.rfc-editor.org/info/rfc2914>.

[RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P.
Conrad, "Stream Control Transmission Protocol (SCTP)
Partial Reliability Extension", RFC 3758,
DOI 10.17487/RFC3758, May 2004,
<https://www.rfc-editor.org/info/rfc3758>.

[RFC4895] Tuexen, M., Stewart, R., Lei, P., and E. Rescorla,
"Authenticated Chunks for the Stream Control Transmission
Protocol (SCTP)", RFC 4895, DOI 10.17487/RFC4895, August
2007, <https://www.rfc-editor.org/info/rfc4895>.

[RFC4987] Eddy, W., "TCP SYN Flooding Attacks and Common
Mitigations", RFC 4987, DOI 10.17487/RFC4987, August 2007,
<https://www.rfc-editor.org/info/rfc4987>.

[RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP
Authentication Option", RFC 5925, DOI 10.17487/RFC5925,
June 2010, <https://www.rfc-editor.org/info/rfc5925>.

[RFC7305] Lear, E., Ed., "Report from the IAB Workshop on Internet
Technology Adoption and Transition (ITAT)", RFC 7305,
DOI 10.17487/RFC7305, July 2014,
<https://www.rfc-editor.org/info/rfc7305>.

[RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP
Fast Open", RFC 7413, DOI 10.17487/RFC7413, December 2014,
<https://www.rfc-editor.org/info/rfc7413>.

[RFC7496] Tuexen, M., Seggelmann, R., Stewart, R., and S. Loreto,
"Additional Policies for the Partially Reliable Stream
Control Transmission Protocol Extension", RFC 7496,
DOI 10.17487/RFC7496, April 2015,
<https://www.rfc-editor.org/info/rfc7496>.

[RFC8260] Stewart, R., Tuexen, M., Loreto, S., and R. Seggelmann,
"Stream Schedulers and User Message Interleaving for the
Stream Control Transmission Protocol", RFC 8260,
DOI 10.17487/RFC8260, November 2017,
<https://www.rfc-editor.org/info/rfc8260>.

[RFC8304] Fairhurst, G. and T. Jones, "Transport Features of the
User Datagram Protocol (UDP) and Lightweight UDP (UDP-
Lite)", RFC 8304, DOI 10.17487/RFC8304, February 2018,
<https://www.rfc-editor.org/info/rfc8304>.

[WWDC2015]
Lakhera, P. and S. Cheshire, "Your App and Next Generation
Networks", Apple Worldwide Developers Conference 2015, San
Francisco, USA, June 2015,
<https://developer.apple.com/videos/wwdc/2015/?id=719>.

Appendix A. Deriving the minimal set

We approach the construction of a minimal set of transport features
in the following way:

1. Categorization (Appendix A.1): the superset of transport features
from [RFC8303] is presented, and transport features are
categorized for later reduction.
2. Reduction (Appendix A.2): a shorter list of transport features is
derived from the categorization in the first step. This removes
all transport features that do not require application-specific
knowledge or would result in semantically incorrect behavior if
they were implemented over TCP or UDP.
3. Discussion (Appendix A.3): the resulting list shows a number of
peculiarities that are discussed, to provide a basis for
constructing the minimal set.

4. Construction (Section 3): Based on the reduced set and the
discussion of the transport features therein, a minimal set is
constructed.

A.1. Step 1: Categorization -- The Superset of Transport Features

Following [RFC8303], we divide the transport features into two main
groups as follows:

1. CONNECTION related transport features
- ESTABLISHMENT
- AVAILABILITY
- MAINTENANCE
- TERMINATION

2. DATA Transfer related transport features
- Sending Data
- Receiving Data
- Errors

We assume that applications have no specific requirements that need
knowledge about the network, e.g. regarding the choice of network
interface or the end-to-end path. Even with these assumptions, there
are certain requirements that are strictly kept by transport
protocols today, and these must also be kept by a transport system.
Some of these requirements relate to transport features that we call
"Functional".

Functional transport features provide functionality that cannot be
used without the application knowing about them, or else they violate
assumptions that might cause the application to fail. For example,
ordered message delivery is a functional transport feature: it cannot
be configured without the application knowing about it because the
application's assumption could be that messages always arrive in
order. Failure includes any change of the application behavior that
is not performance oriented, e.g. security.

"Change DSCP" and "Disable Nagle algorithm" are examples of transport
features that we call "Optimizing": if a transport system
autonomously decides to enable or disable them, an application will
not fail, but a transport system
general as possible. There may be able to communicate more
efficiently if the application is in control of this optimizing
transport feature. These transport features require application-
specific knowledge (e.g., about delay/bandwidth requirements or the
length of future data blocks that are to be transmitted).

The transport features of IETF transport protocols that do not
require application-specific knowledge and could therefore be
utilized by a transport system on its own without involving the
application are called "Automatable".

Finally, in three cases, transport features are aggregated and/or
slightly changed from [RFC8303] in the description below. These
transport features are marked as "ADDED". These situations where these arguments
do not add any new
functionality but just represent a simple refactoring step that helps apply -- e.g., implementers may have specific reasons to streamline the derivation process (e.g., by removing a choice of
expose multi-streaming as a
parameter for visible functionality to applications, or
the sake of applications that restrictive open / close semantics may not care about this
choice). The corresponding transport features are automatable, and
they are listed immediately below the "ADDED" transport feature. be problematic under some
circumstances. In this description, transport services are presented following such cases, the
nomenclature "CATEGORY.[SUBCATEGORY].SERVICENAME.PROTOCOL",
equivalent to "pass 2" representation in [RFC8303]. We also sketch how functional
or optimizing transport features can Section 4
("reduction") should be implemented by a transport
system. The "minimal set" derived considered.

As in this document is meant to be
implementable "one-sided" over TCP, and, with limitations, UDP.
Hence, for all transport features that are categorized as
"functional" or "optimizing", Section 3, Section 4 and for which no matching TCP and/or
UDP primitive exists in "pass 2" of [RFC8303], a brief discussion on
how to implement them over TCP and/or UDP is included.

We designate some we categorize the minimal
set of transport features as "automatable" on 1) CONNECTION related (ESTABLISHMENT,
AVAILABILITY, MAINTENANCE, TERMINATION) and 2) DATA Transfer related
(Sending Data, Receiving Data, Errors). Here, the basis of
a broader decision focus is on
connections that affects multiple transport features:

o Most the transport features that are related to multi-streaming were
designated system offers as "automatable". This was done because an abstraction to the decision
on whether
application, as opposed to use multi-streaming or not does not depend on
application-specific knowledge. This means connections of transport protocols that a
the transport system uses.

6.1. ESTABLISHMENT, AVAILABILITY and TERMINATION

A connection that
is exhibited to an application could must first be implemented by using a
single stream of an SCTP association instead of mapping it "created" to a
complete SCTP association allow for some initial
configuration to be carried out before the transport system can
actively or TCP connection. This could passively establish communication with a remote end
system. All configuration parameters in Section 6.2 can be
achieved by using more than one stream used
initially, although some of them may only take effect when an SCTP association is
first a
connection has been established (CONNECT.SCTP parameter "outbound stream
count"), maintaining an internal stream number, and using this
stream number when sending data (SEND.SCTP parameter "stream
number"). Closing or aborting with a chosen transport protocol.
Configuring a connection could then simply free
the stream number for future use. This is discussed further in
Appendix A.3.2.
o All early helps a transport features that are related to using multiple paths or system make the choice of
right decisions. For example, grouping information can influence the network interface were designated
transport system to implement a connection as
"automatable". Choosing a path stream of a multi-
streaming protocol's existing association or an interface does not depend on
application-specific knowledge. not.

For example, "Listen" could
always listen on all available interfaces and "Connect" could use
the default interface for the destination IP address.

A.1.1. CONNECTION Related Transport Features

ESTABLISHMENT:

o Connect
Protocols: TCP, SCTP, UDP(-Lite)
Functional ungrouped connections, early configuration is necessary because
it allows the notion of a connection is often reflected
in applications as an expectation transport system to be able know which protocols it should try
to communicate after
a "Connect" succeeded, with use. In particular, a communication sequence relating to
this transport feature system that only makes a one-time
choice for a particular protocol must know early about strict
requirements that must be kept, or it can end up in a deadlock
situation (e.g., having chosen UDP and later be asked to support
reliable transfer). As an example description of how to correctly
handle these cases, we provide the following decision tree (this is defined by
derived from Section 4.1 excluding authentication, as explained in
Section 9):

- Will it ever be necessary to offer any of the application
protocol.
Implementation: via CONNECT.TCP, CONNECT.SCTP following?
* Reliably transfer data
* Notify the peer of closing/aborting
* Preserve data ordering

Yes: SCTP or CONNECT.UDP(-
Lite).

o Specify which IP Options must always TCP can be used
Protocols: TCP, UDP(-Lite)
Automatable because IP Options relate used.
- Is any of the following useful to knowledge about the
network, not application?
* Choosing a scheduler to operate between connections
in a group, with the application.

o possibility to configure a priority
or weight per connection
* Configurable message reliability
* Unordered message delivery
* Request multiple streams
Protocols: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Limit to delay the number acknowledgement (SACK) of inbound streams
Protocols: a message

Yes: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Specify number is preferred.
No:
- Is any of attempts and/or the following useful to the application?
* Hand over a message to reliably transfer (possibly
multiple times) before connection establishment
* Suggest timeout for to the first
establishment peer
* Notification of Excessive Retransmissions (early
warning below abortion threshold)
* Notification of ICMP error message
Protocols: TCP, arrival

Yes: TCP is preferred.
No: SCTP
Functional because and TCP are equally preferable.

No: all protocols can be used.
- Is any of the following useful to the application?
* Specify checksum coverage used by the sender
* Specify minimum checksum coverage required by receiver

Yes: UDP-Lite is preferred.
No: UDP is preferred.

Note that this decision tree is closely related to potentially assumed
reliable data delivery not optimal for data that all cases. For
example, if an application wants to use "Specify checksum coverage
used by the sender", which is sent before only offered by UDP-Lite, and
"Configure priority or during
connection establishment.
Implementation: Using weight for a parameter of CONNECT.TCP and CONNECT.SCTP.
Implementation over UDP: Do nothing (this is irrelevant in case of
UDP because there, reliable data delivery scheduler", which is not assumed).

o Obtain multiple sockets
Protocols: SCTP
Automatable because only offered
by SCTP, the usage of multiple paths to communicate above decision tree will always choose UDP-Lite, making
it impossible to use SCTP's schedulers with priorities between
grouped connections. Also, several other factors may influence the same end host relates
decisions for or against a protocol -- e.g. penetration rates, the
ability to knowledge about work through NATs, etc. We caution implementers to be
aware of the network, not full set of trade-offs, for which we recommend
consulting the
application.

o Disable MPTCP
Protocols: MPTCP
Automatable because list in Section 4.1 when deciding how to initialize a
connection.

To summarize, the following parameters serve as input for the usage of multiple paths
transport system to communicate help it choose and configure a suitable protocol:

o Reliability: a boolean that should be set to true when any of the same end host relates
following will be useful to knowledge about the network, not application: reliably transfer
data; notify the
application.
Implementation: via a boolean parameter in CONNECT.MPTCP. peer of closing/aborting; preserve data ordering.
o Configure authentication
Protocols: TCP, SCTP
Functional because this has Checksum coverage: a direct influence on security.
Implementation: via parameters in CONNECT.TCP and CONNECT.SCTP.
With TCP, this allows boolean to configure Master Key Tuples (MKTs) specify whether it will be useful
to
authenticate complete segments (including the TCP IPv4
pseudoheader, TCP header, and TCP data). With SCTP, this allows application to specify which chunk types must always be authenticated.
Authenticating only certain chunk types creates checksum coverage when sending or
receiving.
o Configure message priority: a reduced level of
security boolean that is not supported by TCP; to be compatible, this should therefore only allow be set to authenticate all chunk types. Key
material must true
when any of the following per-message configuration or
prioritization mechanisms will be provided in useful to the application:
choosing a way that is compatible scheduler to operate between grouped connections, with both
[RFC4895] and [RFC5925].
Implementation over UDP: Not possible (UDP does
the possibility to configure a priority or weight per connection;
configurable message reliability; unordered message delivery;
requesting not offer this
functionality).

o Indicate (and/or obtain upon completion) an Adaptation Layer via
an adaptation code point
Protocols: SCTP
Functional because it allows to send extra data for delay the sake acknowledgement (SACK) of
identifying an adaptation layer, which by itself is application-
specific.
Implementation: via a parameter in CONNECT.SCTP.
Implementation over TCP: not possible (TCP does not offer this
functionality).
Implementation over UDP: not possible (UDP does not offer this
functionality). message.
o Request Early message timeout notifications: a boolean that should be set
to negotiate interleaving true when any of user messages
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in the CONNECTION.ESTABLISHMENT
category is automatable.
Implementation: via a parameter in CONNECT.SCTP.

o Hand following will be useful to the
application: hand over a message to reliably transfer (possibly
multiple times) before connection establishment; suggest timeout
to the peer; notification of excessive retransmissions (early
warning below abortion threshold); notification of ICMP error
message arrival.

Once a connection is created, it can be queried for the maximum
amount of data that an application can possibly expect to have
reliably transmitted before or during transport connection
establishment
Protocols: TCP
Functional because (with zero being a possible answer) (see
Section 6.2.1). An application can also give the connection a
message for reliable transmission before or during connection
establishment (not UDP); the transport system will then try to
transmit it as early as possible. An application can facilitate
sending a message particularly early by marking it as "idempotent"
(see Section 6.3.1); in this is closely tied case, the receiving application must be
prepared to properties potentially receive multiple copies of the data message
(because idempotent messages are reliably transferred, asking for
idempotence is not necessary for systems that support UDP).

After creation, a transport system can actively establish
communication with a peer, or it can passively listen for incoming
connection requests. Note that an application sends active establishment may or expects to receive.
Implementation: via a parameter in CONNECT.TCP.
Implementation over UDP: not possible (UDP does may not provide
reliability).

o Hand over
trigger a message to reliably transfer during connection
establishment
Protocols: SCTP
Functional because this can only work if notification on the message listening side. It is limited in
size, making it closely tied to properties possible that
the first notification on the listening side is the arrival of the
first data that an
application the active side sends or expects (a receiver-side transport
system could handle this by continuing to receive.
Implementation: via block a parameter in CONNECT.SCTP.
Implementation over TCP: not possible (TCP does not allow
identification "Listen" call,
immediately followed by issuing "Receive", for example; callback-
based implementations could simply skip the equivalent of message boundaries because it provides "Listen").
This also means that the active opening side is assumed to be the
first side sending data.

A transport system can actively close a byte
stream service)
Implementation over UDP: not possible (UDP connection, i.e. terminate it
after reliably delivering all remaining data to the peer (if reliable
data delivery was requested earlier (not UDP)), in which case the
peer is unreliable).

o Enable UDP encapsulation with notified that the connection is closed. Alternatively, a specified remote UDP port number
Protocols: SCTP
Automatable because UDP encapsulation relates
connection can be aborted without delivering outstanding data to knowledge about the network, not
peer. In case reliable or partially reliable data delivery was
requested earlier (not UDP), the application.

AVAILABILITY:

o Listen
Protocols: TCP, SCTP, UDP(-Lite)
Functional because peer is notified that the notion of accepting connection requests
is
often reflected in applications as an expectation to aborted. A timeout can be able configured to
communicate after a "Listen" succeeded, with abort a communication
sequence relating to this transport feature that is defined by connection when
data could not be delivered for too long (not UDP); however, timeout-
based abortion does not notify the peer application protocol.
ADDED. This differs from that the 3 automatable
connection has been aborted. Because half-closed connections are not
supported, when a host implementing a transport features
below in system receives a
notification that it leaves the choice of interfaces for listening
open.
Implementation: by listening on all interfaces via LISTEN.TCP (not
providing a local IP address) peer is closing or LISTEN.SCTP (providing SCTP port
number / address pairs for all local IP addresses). LISTEN.UDP(-
Lite) supports both methods.

o Listen, 1 specified local interface
Protocols: TCP, SCTP, UDP(-Lite)
Automatable because decisions about local interfaces relate to
knowledge about the network and aborting the Operating System, connection (not
UDP), its peer may not the
application.

o Listen, N specified local interfaces
Protocols: SCTP
Automatable because decisions about local interfaces relate be able to
knowledge about the network and the Operating System, not the
application.

o Listen, all local interfaces
Protocols: TCP, SCTP, UDP(-Lite)
Automatable because decisions about local interfaces relate read outstanding data. This means
that unacknowledged data residing in a transport system's send buffer
may have to
knowledge about the network and the Operating System, not the
application.

o Specify which IP Options must always be used
Protocols: TCP, UDP(-Lite)
Automatable because IP Options relate dropped from that buffer upon arrival of a "close" or
"abort" notification from the peer.

6.2. MAINTENANCE

A transport system must offer means to knowledge about group connections, but it
cannot guarantee truly grouping them using the
network, transport protocols
that it uses (e.g., it cannot be guaranteed that connections become
multiplexed as streams on a single SCTP association when SCTP may not
be available). The transport system must therefore ensure that
group- versus non-group-configurations are handled correctly in some
way (e.g., by applying the application.

o Disable MPTCP
Protocols: MPTCP
Automatable because the usage of multiple paths to communicate to
the same end host relates configuration to knowledge about the network, all grouped connections
even when they are not multiplexed, or informing the
application.

o Configure authentication
Protocols: TCP, SCTP
Functional because this has application
about grouping success or failure).

As a direct influence on security.
Implementation: via parameters in LISTEN.TCP and LISTEN.SCTP.
Implementation over TCP: With TCP, this allows to configure Master
Key Tuples (MKTs) general rule, any configuration described below should be
carried out as early as possible to authenticate complete segments (including aid the
TCP IPv4 pseudoheader, TCP header, transport system's
decision making.

6.2.1. Connection groups

The following transport features and TCP data). With SCTP, this
allows notifications (some directly
from Section 4, some new or changed, based on the discussion in
Section 5) automatically apply to specify which chunk types must always be authenticated.
Authenticating only certain chunk types creates all grouped connections:

(not UDP) Configure a reduced level of
security that is not supported by TCP; to be compatible, timeout: this
should therefore only allow can be done with the following
parameters:

o A timeout value for aborting connections, in seconds
o A timeout value to authenticate all chunk types. Key
material must be provided suggested to the peer (if possible), in a way that is compatible with both
[RFC4895] and [RFC5925].
Implementation over UDP: not possible (UDP does not offer
authentication).
seconds
o Obtain requested The number of streams
Protocols: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Limit retransmissions after which the number application should
be notifed of inbound streams
Protocols: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2. "Excessive Retransmissions"

Configure urgency: this can be done with the following parameters:

o Indicate (and/or obtain upon completion) an Adaptation Layer via
an adaptation code point
Protocols: SCTP
Functional because it allows A number to send extra data for identify the sake type of
identifying an adaptation layer, which by itself is application-
specific.
Implementation: via a parameter in LISTEN.SCTP.
Implementation over TCP: not possible (TCP does not offer this
functionality).
Implementation over UDP: not possible (UDP does not offer this
functionality).

o Request scheduler that should be used to negotiate interleaving of user messages
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams
operate between connections in the CONNECTION.ESTABLISHMENT
category is automatable.
Implementation: via a parameter group (no guarantees given).
Schedulers are defined in LISTEN.SCTP.

MAINTENANCE: [RFC8260].
o Change timeout for aborting connection (using retransmit limit or
time value)
Protocols: TCP, SCTP
Functional because this is closely related A "capacity profile" number to potentially assumed
reliable data delivery.
Implementation: via CHANGE_TIMEOUT.TCP or CHANGE_TIMEOUT.SCTP.
Implementation over UDP: not identify how an application wants
to use its available capacity. Choices can be "lowest possible (UDP is unreliable and there
is no
latency at the expense of overhead" (which would disable any
Nagle-like algorithm), "scavenger", or values that help determine
the DSCP value for a connection timeout).

o Suggest timeout (e.g. similar to table 1 in
[I-D.ietf-tsvwg-rtcweb-qos]).
o A buffer limit (in bytes); when the peer
Protocols: TCP
Functional because this is closely related to potentially assumed
reliable data delivery.
Implementation: via CHANGE_TIMEOUT.TCP.
Implementation over UDP: sender has less than the
provided limit of bytes in the buffer, the application may be
notified. Notifications are not possible (UDP is unreliable guaranteed, and there it is no connection timeout).

o Disable Nagle algorithm
Protocols: TCP, SCTP
Optimizing because optional
for a transport system to support buffer limit values greater than
0. Note that this decision depends on knowledge about limit and its notification should operate
across the
size buffers of future data blocks and the delay between them.
Implementation: via DISABLE_NAGLE.TCP and DISABLE_NAGLE.SCTP.
Implementation over UDP: do nothing (UDP does not implement whole transport system, i.e. also any
potential buffers that the
Nagle algorithm). transport system itself may use on top
of the transport's send buffer.

Following Section 5.7, these properties can be queried:

o Request The maximum message size that may be sent without fragmentation
via the configured interface. This is optional for a transport
system to offer, and may return an immediate heartbeat, returning success/failure
Protocols: SCTP
Automatable because this informs about network-specific knowledge. error ("not available"). It
can aid applications implementing Path MTU Discovery.
o Notification of Excessive Retransmissions (early warning below
abortion threshold)
Protocols: TCP
Optimizing because it The maximum transport message size that can be sent, in bytes.
Irrespective of fragmentation, there is an early warning to a size limit for the application,
informing it of an impending functional event.
Implementation: via ERROR.TCP.
Implementation
messages that can be handed over UDP: do nothing (there is no abortion
threshold).

o Add path
Protocols: MPTCP, SCTP
MPTCP Parameters: source-IP; source-Port; destination-IP;
destination-Port to SCTP Parameters: local IP address
Automatable or UDP(-Lite); because
the usage service provided by a transport system is independent of multiple paths to communicate to the same end host relates
transport protocol, it must allow an application to knowledge about query this
value -- the network, maximum size of a message in an Application-Framed-
Bytestream (see Section 5.1). This may also return an error when
data is not the
application. delimited ("not available").
o Remove path
Protocols: MPTCP, SCTP
MPTCP Parameters: source-IP; source-Port; destination-IP;
destination-Port
SCTP Parameters: local IP address
Automatable because The maximum transport message size that can be received from the usage
configured interface, in bytes (or "not available").
o The maximum amount of multiple paths to communicate to
the same end host relates data that can possibly be sent before or
during connection establishment, in bytes.

In addition to knowledge about the network, not already mentioned closing / aborting notifications
and possible send errors, the
application. following notifications can occur:

o Set primary path
Protocols: SCTP
Automatable because Excessive Retransmissions: the usage configured (or a default) number of multiple paths to communicate to
the same end host relates to knowledge about the network, not
retransmissions has been reached, yielding this early warning
below an abortion threshold.
o ICMP Arrival (parameter: ICMP message): an ICMP packet carrying
the
application. conveyed ICMP message has arrived.
o Suggest primary path to the peer
Protocols: SCTP
Automatable because the usage of multiple paths to communicate to
the same end host relates to knowledge about ECN Arrival (parameter: ECN value): a packet carrying the network, conveyed
ECN value has arrived. This can be useful for applications
implementing congestion control.
o Timeout (parameter: s seconds): data could not the
application. be delivered for s
seconds.
o Configure Path Switchover
Protocols: SCTP
Automatable because Drain: the usage of multiple paths to communicate to send buffer has either drained below the same end host relates configured
buffer limit or it has become completely empty. This is a generic
notification that tries to knowledge about enable uniform access to
"TCP_NOTSENT_LOWAT" as well as the network, not "SENDER DRY" notification (as
discussed in Section 5.4 -- SCTP's "SENDER DRY" is a special case
where the
application.

o Obtain status (query or notification)
Protocols: SCTP, MPTCP
SCTP parameters: association connection state; destination
transport address list; destination transport address reachability
states; current local threshold (for unsent data) is 0 and peer receiver window size; current local
congestion window sizes; number of there is also no
more unacknowledged DATA chunks;
number of DATA chunks pending receipt; primary path; most recent
SRTT on primary path; RTO on primary path; SRTT and RTO on other
destination addresses; MTU per path; interleaving supported yes/no
MPTCP parameters: subflow-list (identified by source-IP; source-
Port; destination-IP; destination-Port)
Automatable because these parameters relate to knowledge about data in the
network, not send buffer).

6.2.2. Individual connections

Configure priority or weight for a scheduler, as described in
[RFC8260].

Configure checksum usage: this can be done with the application. following
parameters, but there is no guarantee that any checksum limitations
will indeed be enforced (the default behavior is "full coverage,
checksum enabled"):

o Specify DSCP field
Protocols: TCP, SCTP, UDP(-Lite)
Optimizing because choosing a suitable DSCP value requires
application-specific knowledge.
Implementation: via SET_DSCP.TCP A boolean to enable / SET_DSCP.SCTP disable usage of a checksum when sending
o The desired coverage (in bytes) of the checksum used when sending
o A boolean to enable / SET_DSCP.UDP(-
Lite) disable requiring a checksum when receiving
o Notification The required minimum coverage (in bytes) of ICMP error message arrival
Protocols: TCP, UDP(-Lite)
Optimizing because these messages can inform the checksum when
receiving

6.3. DATA Transfer

6.3.1. Sending Data

When sending a message, no guarantees are given about success or
failure the
preservation of functional transport features (e.g., host unreachable
relates message boundaries to "Connect")
Implementation: via ERROR.TCP or ERROR.UDP(-Lite).

o Obtain information the peer; if message boundaries
are needed, the receiving application at the peer must know about interleaving support
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in
them beforehand (or the CONNECTION.ESTABLISHMENT
category transport system cannot use TCP). Note that
an application should already be able to hand over data before the
transport system establishes a connection with a chosen transport
protocol. Regarding the message that is automatable.
Implementation: via STATUS.SCTP.

o Change authentication being handed over, the
following parameters
Protocols: TCP, SCTP
Functional because this has a direct influence on security.
Implementation: via SET_AUTH.TCP and SET_AUTH.SCTP.
Implementation over TCP: With SCTP, can be used:

o Reliability: this allows parameter is used to adjust key_id,
key, convey a choice of: fully
reliable with congestion control (not UDP), unreliable without
congestion control, unreliable with congestion control (not UDP),
partially reliable with congestion control (see [RFC3758] and hmac_id. With TCP,
[RFC7496] for details on how to specify partial reliability) (not
UDP). The latter two choices are optional for a transport system
to offer and may result in full reliability. Note that
applications sending unreliable data without congestion control
should themselves perform congestion control in accordance with
[RFC8085].
o (not UDP) Ordered: this allows boolean parameter lets an application
choose between ordered message delivery (true) and possibly
unordered, potentially faster message delivery (false).
o Bundle: a boolean that expresses a preference for allowing to change
bundle messages (true) or not (false). No guarantees are given.
o DelAck: a boolean that, if false, lets an application request that
the preferred
outgoing MKT (current_key) and peer would not delay the preferred incoming MKT
(rnext_key), respectively, acknowledgement for this message.
o Fragment: a segment boolean that is sent on expresses a preference for allowing to
fragment messages (true) or not (false), at the
connection. Key material must be provided in IP level. No
guarantees are given.
o (not UDP) Idempotent: a way boolean that expresses whether a message
is
compatible with both [RFC4895] and [RFC5925].
Implementation over UDP: not possible (UDP does idempotent (true) or not offer
authentication).

o Obtain authentication information
Protocols: SCTP
Functional because authentication decisions (false). Idempotent messages may have been made
arrive multiple times at the receiver (but they will arrive at
least once). When data is idempotent it can be used by the peer, and this has an influence
receiver immediately on the necessary application-
level measures to provide a certain level of security.
Implementation: via GET_AUTH.SCTP.
Implementation connection establishment attempt. Thus,
if data is handed over TCP: With SCTP, this allows to obtain key_id
and a chunk list. With TCP, this allows to obtain current_key and
rnext_key from before the transport system establishes a previously received segment. Key material must
be provided in
connection with a way chosen transport protocol, stating that a
message is compatible with both [RFC4895] and
[RFC5925].
Implementation over UDP: not possible (UDP does not offer
authentication).

o Reset Stream
Protocols: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Notification of Stream Reset
Protocols: STCP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Reset Association
Protocols: SCTP
Automatable because deciding idempotent facilitates transmitting it to reset an association does not
require application-specific knowledge.
Implementation: via RESET_ASSOC.SCTP.

o Notification the peer
application particularly early.

An application can be notified of Association Reset
Protocols: STCP
Automatable because this notification does not relate a failure to
application-specific knowledge.

o Add Streams
Protocols: SCTP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Notification send a specific
message. There is no guarantee of Added Stream
Protocols: STCP
Automatable because using multi-streaming does not require
application-specific knowledge.
Implementation: see Appendix A.3.2.

o Choose such notifications, i.e. send
failures can also silently occur.

6.3.2. Receiving Data

A receiving application obtains an "Application-Framed Bytestream"
(AFra-Bytestream); this concept is further described in Section 5.1).
In line with TCP's receiver semantics, an AFra-Bytestream is just a scheduler to operate between streams
stream of an association
Protocols: SCTP
Optimizing because bytes to the scheduling decision requires application-
specific knowledge. However, if receiver. If message boundaries were
specified by the sender, a receiver-side transport system would
implementing only the minimum set of transport services defined here
will still not inform the receiving application about them (this
limitation is only needed for transport systems that are implemented
to directly use
this, TCP).

Different from TCP's semantics, if the sending application has
allowed that messages are not fully reliably transferred, or
delivered out of order, then such re-ordering or unreliability may be
reflected per message in the arriving data. Messages will always
stay intact - i.e. if an incomplete message is contained at the end
of the arriving data block, this message is guaranteed to continue in
the next arriving data block.

7. Acknowledgements

The authors would like to thank all the participants of the TAPS
Working Group and the NEAT and MAMI research projects for valuable
input to this document. We especially thank Michael Tuexen for help
with connection connection establishment/teardown, Gorry Fairhurst
for his suggestions regarding fragmentation and packet sizes, and
Spencer Dawkins for his extremely detailed and constructive review.
This work has received funding from the European Union's Horizon 2020
research and innovation programme under grant agreement No. 644334
(NEAT).

8. IANA Considerations

This memo includes no request to IANA.

9. Security Considerations

Authentication, confidentiality protection, and integrity protection
are identified as transport features by [RFC8095]. As currently
deployed in the Internet, these features are generally provided by a
protocol or wrongly configure it layer on its own, this would only affect
the performance top of data transfers; the outcome would still be
correct within the "best effort" service model.
Implementation: using SET_STREAM_SCHEDULER.SCTP.
Implementation over TCP: do nothing (streams are not available in
TCP, but no guarantee is given that this transport feature has any
effect).
Implementation over UDP: do nothing (streams are not available in
UDP, but protocol; no guarantee is given that this current full-
featured standards-track transport feature has any
effect).

o Configure priority or weight for a scheduler
Protocols: SCTP
Optimizing because the priority or weight requires application-
specific knowledge. However, if a protocol provides all of these
transport system would not use
this, or wrongly configure it features on its own, own. Therefore, these transport features
are not considered in this would only affect document, with the performance exception of data transfers; the outcome would still be
correct within native
authentication capabilities of TCP and SCTP for which the "best effort" service model.
Implementation: using CONFIGURE_STREAM_SCHEDULER.SCTP.
Implementation over TCP: do nothing (streams are not available security
considerations in
TCP, but no guarantee is given that this [RFC5925] and [RFC4895] apply. The minimum
requirements for a secure transport feature has any
effect).
Implementation over UDP: do nothing (streams system are not available discussed in
UDP, but no guarantee is given that this transport feature has any
effect).

o Configure send buffer size
Protocols: SCTP
Automatable because this decision relates to knowledge about the
network a
separate document (Section 5 on Security Features and the Operating System, not the application (see also
the discussion Transport
Dependencies of [I-D.ietf-taps-transport-security]).

10. References

10.1. Normative References

[I-D.ietf-taps-transport-security]
Pauly, T., Perkins, C., Rose, K., and C. Wood, "A Survey
of Transport Security Protocols", draft-ietf-taps-
transport-security-02 (work in Appendix A.3.4).

o Configure receive buffer (and rwnd) size
Protocols: SCTP
Automatable because this decision relates to knowledge about the
network progress), June 2018.

[RFC8095] Fairhurst, G., Ed., Trammell, B., Ed., and the Operating System, not the application.

o Configure message fragmentation
Protocols: SCTP
Automatable because fragmentation relates to knowledge about the
network M. Kuehlewind,
Ed., "Services Provided by IETF Transport Protocols and
Congestion Control Mechanisms", RFC 8095,
DOI 10.17487/RFC8095, March 2017,
<https://www.rfc-editor.org/info/rfc8095>.

[RFC8303] Welzl, M., Tuexen, M., and N. Khademi, "On the Operating System, not the application.
Implementation: Usage of
Transport Features Provided by always enabling it with
CONFIG_FRAGMENTATION.SCTP IETF Transport Protocols",
RFC 8303, DOI 10.17487/RFC8303, February 2018,
<https://www.rfc-editor.org/info/rfc8303>.

10.2. Informative References

[COBS] Cheshire, S. and auto-setting the fragmentation size
based M. Baker, "Consistent Overhead Byte
Stuffing", IEEE/ACM Transactions on network or Networking Vol. 7, No.
2, April 1999.

[I-D.ietf-tsvwg-rtcweb-qos]
Jones, P., Dhesikan, S., Jennings, C., and D. Druta, "DSCP
Packet Markings for WebRTC QoS", draft-ietf-tsvwg-rtcweb-
qos-18 (work in progress), August 2016.

[LBE-draft]
Bless, R., "A Lower Effort Per-Hop Behavior (LE PHB)",
Internet-draft draft-tsvwg-le-phb-03, February 2018.

[POSIX] "IEEE Standard for Information Technology--Portable
Operating System conditions.

o Configure PMTUD
Protocols: SCTP
Automatable because Path MTU Discovery relates to knowledge about
the network, not the application.

o Configure delayed SACK timer
Protocols: SCTP
Automatable because the receiver-side decision to delay sending
SACKs relates to knowledge about the network, not the application
(it can be relevant Interface (POSIX(R)) Base Specifications,
Issue 7", IEEE Std 1003.1-2017 (Revision of IEEE Std
1003.1-2008), January 2018,
<http://www.opengroup.org/onlinepubs/9699919799/functions/
contents.html>.

[RFC4895] Tuexen, M., Stewart, R., Lei, P., and E. Rescorla,
"Authenticated Chunks for a sending application to request not to
delay the SACK of a message, but this is a different transport
feature).

o Set Cookie life value
Protocols: SCTP
Functional because it relates to security (possibly weakened by
keeping a cookie very long) versus the time between connection
establishment attempts. Knowledge about both issues can be
application-specific.
Implementation over TCP: the closest specified Stream Control Transmission
Protocol (SCTP)", RFC 4895, DOI 10.17487/RFC4895, August
2007, <https://www.rfc-editor.org/info/rfc4895>.

[RFC4987] Eddy, W., "TCP SYN Flooding Attacks and Common
Mitigations", RFC 4987, DOI 10.17487/RFC4987, August 2007,
<https://www.rfc-editor.org/info/rfc4987>.

[RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP functionality
is
Authentication Option", RFC 5925, DOI 10.17487/RFC5925,
June 2010, <https://www.rfc-editor.org/info/rfc5925>.

[RFC7305] Lear, E., Ed., "Report from the cookie in TCP IAB Workshop on Internet
Technology Adoption and Transition (ITAT)", RFC 7305,
DOI 10.17487/RFC7305, July 2014,
<https://www.rfc-editor.org/info/rfc7305>.

[RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP
Fast Open; Open", RFC 7413, DOI 10.17487/RFC7413, December 2014,
<https://www.rfc-editor.org/info/rfc7413>.

[RFC7496] Tuexen, M., Seggelmann, R., Stewart, R., and S. Loreto,
"Additional Policies for this, [RFC7413] states that the server "can expire Partially Reliable Stream
Control Transmission Protocol Extension", RFC 7496,
DOI 10.17487/RFC7496, April 2015,
<https://www.rfc-editor.org/info/rfc7496>.

[RFC8085] Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage
Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085,
March 2017, <https://www.rfc-editor.org/info/rfc8085>.

[RFC8260] Stewart, R., Tuexen, M., Loreto, S., and R. Seggelmann,
"Stream Schedulers and User Message Interleaving for the cookie at any time to enhance security"
Stream Control Transmission Protocol", RFC 8260,
DOI 10.17487/RFC8260, November 2017,
<https://www.rfc-editor.org/info/rfc8260>.

[RFC8304] Fairhurst, G. and section 4.1.2 describes an example implementation where
updating T. Jones, "Transport Features of the key
User Datagram Protocol (UDP) and Lightweight UDP (UDP-
Lite)", RFC 8304, DOI 10.17487/RFC8304, February 2018,
<https://www.rfc-editor.org/info/rfc8304>.

[SCTP-stream-1]
Weinrank, F. and M. Tuexen, "Transparent Flow Mapping for
NEAT", IFIP NETWORKING Workshop on the server side causes the cookie to expire.
Alternatively, for implementations that do not support TCP Fast
Open, this transport feature could also affect the validity Future of SYN
cookies (see Section 3.6 Internet
Transport (FIT 2017), June 2017.

[SCTP-stream-2]
Welzl, M., Niederbacher, F., and S. Gjessing, "Beneficial
Transparent Deployment of SCTP", IEEE GlobeCom 2011,
December 2011.

Appendix A. The Superset of [RFC4987]).
Implementation over UDP: not possible (UDP does not offer Transport Features

In this
functionality).

o Set maximum burst
Protocols: SCTP
Automatable because it relates to knowledge about the network, not
the application.

o Configure size where messages description, transport features are broken up for partial delivery
Protocols: SCTP
Functional because this is closely tied to properties of presented following the data
that an application sends or expects
nomenclature "CATEGORY.[SUBCATEGORY].FEATURENAME.PROTOCOL",
equivalent to receive.
Implementation over TCP: not possible (TCP does not offer
identification of message boundaries).
Implementation over UDP: not possible (UDP does not fragment
messages).

o Disable checksum when sending
Protocols: UDP
Functional because application-specific knowledge "pass 2" in [RFC8303]. We also sketch how functional
or optimizing transport features can be implemented by a transport
system. The "minimal set" derived in this document is necessary meant to
decide whether it can be acceptable
implementable "one-sided" over TCP, and, with limitations, UDP.
Hence, for all transport features that are categorized as
"functional" or "optimizing", and for which no matching TCP and/or
UDP primitive exists in "pass 2" of [RFC8303], a brief discussion on
how to lose data integrity.
Implementation: via SET_CHECKSUM_ENABLED.UDP.
Implementation implement them over TCP: do nothing (TCP does not offer to disable TCP and/or UDP is included.

We designate some transport features as "automatable" on the checksum, but transmitting data with an intact checksum will
not yield basis of
a semantically wrong result). broader decision that affects multiple transport features:

o Disable checksum requirement when receiving
Protocols: UDP
Functional because application-specific knowledge is necessary Most transport features that are related to
decide multi-streaming were
designated as "automatable". This was done because the decision
on whether it can be acceptable to lose data integrity.
Implementation: via SET_CHECKSUM_REQUIRED.UDP.
Implementation over TCP: do nothing (TCP does use multi-streaming or not offer to disable
the checksum, but transmitting data with an intact checksum will does not yield a semantically wrong result).

o Specify checksum coverage used by the sender
Protocols: UDP-Lite
Functional because depend on
application-specific knowledge knowledge. This means that a connection that
is necessary exhibited to
decide for which parts an application could be implemented by using a
single stream of the data an SCTP association instead of mapping it can be acceptable to lose
data integrity.
Implementation: via SET_CHECKSUM_COVERAGE.UDP-Lite.
Implementation over TCP: do nothing (TCP does not offer to limit
the checksum length, but transmitting a
complete SCTP association or TCP connection. This could be
achieved by using more than one stream when an SCTP association is
first established (CONNECT.SCTP parameter "outbound stream
count"), maintaining an internal stream number, and using this
stream number when sending data with an intact checksum
will not yield (SEND.SCTP parameter "stream
number"). Closing or aborting a semantically wrong result).
Implementation over UDP: if checksum coverage connection could then simply free
the stream number for future use. This is set discussed further in
Section 5.2.
o All transport features that are related to cover
payload data, do nothing. Else, either do nothing (transmitting
data with an intact checksum will not yield using multiple paths or
the choice of the network interface were designated as
"automatable". Choosing a semantically wrong
result), path or an interface does not depend on
application-specific knowledge. For example, "Listen" could
always listen on all available interfaces and "Connect" could use
the transport feature "Disable checksum when
sending".

o Specify minimum checksum coverage required by receiver
Protocols: UDP-Lite
Functional because application-specific knowledge is necessary to
decide default interface for which parts of the data it can be acceptable to lose
data integrity.
Implementation: via SET_MIN_CHECKSUM_COVERAGE.UDP-Lite.
Implementation over TCP: destination IP address.

Finally, in three cases, transport features are aggregated and/or
slightly changed from [RFC8303] in the description below. These
transport features are marked as "CHANGED FROM RFC8303". These do nothing (TCP does
not offer to limit
the checksum length, add any new functionality but transmitting data with an intact checksum
will not yield just represent a semantically wrong result).
Implementation over UDP: if checksum coverage is set simple refactoring
step that helps to cover
payload data, do nothing. Else, either do nothing (transmitting
data with an intact checksum will not yield streamline the derivation process (e.g., by
removing a semantically wrong
result), or use choice of a parameter for the sake of applications that
may not care about this choice). The corresponding transport
features are automatable, and they are listed immediately below the
"CHANGED FROM RFC8303" transport feature "Disable checksum
requirement when receiving". feature.

A.1. CONNECTION Related Transport Features

ESTABLISHMENT:

o Specify DF field Connect
Protocols: TCP, SCTP, UDP(-Lite)
Optimizing
Functional because the DF field can notion of a connection is often reflected
in applications as an expectation to be used able to carry out Path MTU
Discovery, which can lead an application communicate after
a "Connect" succeeded, with a communication sequence relating to choose message sizes
this transport feature that can be transmitted more efficiently. is defined by the application
protocol.
Implementation: via MAINTENANCE.SET_DF.UDP(-Lite) and
SEND_FAILURE.UDP(-Lite).
Implementation over TCP: do nothing (with CONNECT.TCP, CONNECT.SCTP or CONNECT.UDP(-
Lite).

o Specify which IP Options must always be used
Protocols: TCP, UDP(-Lite)
Automatable because IP Options relate to knowledge about the sending
application is
network, not in control of transport message sizes, making
this functionality irrelevant). the application.

o Get max. transport-message size that may be sent Request multiple streams
Protocols: SCTP
Automatable because using a non-
fragmented IP packet from multi-streaming does not require
application-specific knowledge (example implementations of using
multi-streaming without involving the configured interface application are described in
[SCTP-stream-1] and [SCTP-stream-2]).
Implementation: see Section 5.2.

o Limit the number of inbound streams
Protocols: UDP(-Lite)
Optimizing SCTP
Automatable because this can lead an application to choose message
sizes that can be transmitted more efficiently.
Implementation over TCP: do nothing (this information is using multi-streaming does not
available with TCP). require
application-specific knowledge.
Implementation: see Section 5.2.

o Get max. transport-message size that may be received from Specify number of attempts and/or timeout for the
configured interface
Protocols: UDP(-Lite)
Optimizing first
establishment message
Protocols: TCP, SCTP
Functional because this can, is closely related to potentially assumed
reliable data delivery for example, influence an
application's memory management. data that is sent before or during
connection establishment.
Implementation: Using a parameter of CONNECT.TCP and CONNECT.SCTP.
Implementation over TCP: do UDP: Do nothing (this information is irrelevant in case of
UDP because there, reliable data delivery is not
available with TCP). assumed).

o Specify TTL/Hop count field Obtain multiple sockets
Protocols: UDP(-Lite) SCTP
Automatable because a transport system can use a large enough
system default the usage of multiple paths to avoid communication failures. Allowing an
application communicate to configure it differently can produce notifications
of ICMP error message arrivals that yield information which only
the same end host relates to knowledge about the network, not the
application.

o Obtain TTL/Hop count field Disable MPTCP
Protocols: UDP(-Lite) MPTCP
Automatable because the TTL/Hop count field relates usage of multiple paths to communicate to knowledge
about the network, not the application.

o Specify ECN field
Protocols: UDP(-Lite)
Automatable because
the ECN field same end host relates to knowledge about the network, not the
application.
Implementation: via a boolean parameter in CONNECT.MPTCP.

o Obtain ECN field Configure authentication
Protocols: UDP(-Lite)
Optimizing TCP, SCTP
Functional because this information can has a direct influence on security.
Implementation: via parameters in CONNECT.TCP and CONNECT.SCTP.
With TCP, this allows to configure Master Key Tuples (MKTs) to
authenticate complete segments (including the TCP IPv4
pseudoheader, TCP header, and TCP data). With SCTP, this allows
to specify which chunk types must always be used authenticated.
Authenticating only certain chunk types creates a reduced level of
security that is not supported by an application TCP; to better carry out congestion control (this is relevant when
choosing be compatible, this
should therefore only allow to authenticate all chunk types. Key
material must be provided in a data transmission transport service way that does not
already do congestion control).
Implementation over TCP: do nothing (this information is not
available compatible with TCP).

o Specify IP Options
Protocols: UDP(-Lite)
Automatable because IP Options relate to knowledge about the
network, both
[RFC4895] and [RFC5925].

Implementation over UDP: Not possible (UDP does not the application. offer this
functionality).

o Obtain IP Options Indicate (and/or obtain upon completion) an Adaptation Layer via
an adaptation code point
Protocols: UDP(-Lite)
Automatable SCTP
Functional because IP Options relate it allows to knowledge about the
network, not the application.

o Enable and configure a "Low Extra Delay Background Transfer"
Protocols: A protocol implementing the LEDBAT congestion control
mechanism
Optimizing because whether this service is appropriate or not
depends on application-specific knowledge. However, wrongly using
this will only affect the speed of send extra data transfers (albeit
including other transfers that may compete with the transport
system's transfer in for the network), so it sake of
identifying an adaptation layer, which by itself is still correct within
the "best effort" service model. application-
specific.
Implementation: via CONFIGURE.LEDBAT and/or SET_DSCP.TCP /
SET_DSCP.SCTP / SET_DSCP.UDP(-Lite) [LBE-draft]. a parameter in CONNECT.SCTP.
Implementation over TCP: do nothing not possible (TCP does not support LEDBAT
congestion control, but not implementing offer this functionality will
not yield a semantically wrong behavior).
functionality).
Implementation over UDP: do nothing not possible (UDP does not offer congestion
control).

TERMINATION: this
functionality).

o Close after reliably delivering all remaining data, causing an
event informing the application on the other side Request to negotiate interleaving of user messages
Protocols: TCP, SCTP
Functional
Automatable because it requires using multiple streams, but
requesting multiple streams in the notion of a connection CONNECTION.ESTABLISHMENT
category is often reflected automatable.
Implementation: controlled via a parameter in applications as an expectation CONNECT.SCTP. One
possible implementation is to have all outstanding data
delivered and no longer be able always try to communicate after a "Close"
succeeded, with enable interleaving.

o Hand over a communication sequence relating message to reliably transfer (possibly multiple times)
before connection establishment
Protocols: TCP
Functional because this
transport feature that is defined by closely tied to properties of the data
that an application protocol. sends or expects to receive.
Implementation: via CLOSE.TCP and CLOSE.SCTP. a parameter in CONNECT.TCP.
Implementation over UDP: not possible (UDP is unreliable and hence
does not know when all remaining data is delivered; it does also not offer to cause an event related to closing at the peer). provide
reliability).

o Abort without delivering remaining data, causing an event
informing the application on the other side Hand over a message to reliably transfer during connection
establishment
Protocols: TCP, SCTP
Functional because this can only work if the notion of a connection message is often reflected limited in applications as an expectation to potentially not have all
outstanding data delivered and no longer be able
size, making it closely tied to communicate
after an "Abort" succeeded. On both sides properties of a connection, the data that an
application protocol may define a communication sequence relating sends or expects to this transport feature. receive.
Implementation: via ABORT.TCP and ABORT.SCTP. a parameter in CONNECT.SCTP.
Implementation over UDP: TCP: not possible (UDP (TCP does not offer to cause
an event related to aborting at allow
identification of message boundaries because it provides a byte
stream service)
Implementation over UDP: not possible (UDP is unreliable).

o Enable UDP encapsulation with a specified remote UDP port number
Protocols: SCTP
Automatable because UDP encapsulation relates to knowledge about
the peer).

o Abort without delivering remaining data, network, not causing an event
informing the application on the other side application.

AVAILABILITY:

o Listen
Protocols: TCP, SCTP, UDP(-Lite)
Functional because the notion of a accepting connection requests is
often reflected in applications as an expectation to potentially not have all
outstanding data delivered and no longer be able to
communicate after an "Abort" succeeded. On both sides of a connection, an
application protocol may define "Listen" succeeded, with a communication
sequence relating to this transport feature.
Implementation: via ABORT.UDP(-Lite).
Implementation over TCP: stop using feature that is defined by the connection, wait
application protocol.
CHANGED FROM RFC8303. This differs from the 3 automatable
transport features below in that it leaves the choice of
interfaces for listening open.
Implementation: by listening on all interfaces via LISTEN.TCP (not
providing a
timeout.

o Timeout event when data could not be delivered local IP address) or LISTEN.SCTP (providing SCTP port
number / address pairs for too long all local IP addresses). LISTEN.UDP(-
Lite) supports both methods.

o Listen, 1 specified local interface
Protocols: TCP, SCTP, UDP(-Lite)
Automatable because decisions about local interfaces relate to
knowledge about the network and the Operating System, not the
application.

o Listen, N specified local interfaces
Protocols: SCTP
Functional
Automatable because this notifies that potentially assumed reliable
data delivery is no longer provided.
Implementation: via TIMEOUT.TCP decisions about local interfaces relate to
knowledge about the network and TIMEOUT.SCTP.
Implementation over UDP: do nothing (this event will the Operating System, not occur
with UDP).

A.1.2. DATA Transfer Related Transport Features

A.1.2.1. Sending Data the
application.

o Reliably transfer data, with congestion control Listen, all local interfaces
Protocols: TCP, SCTP, UDP(-Lite)
Automatable because decisions about local interfaces relate to
knowledge about the network and the Operating System, not the
application.

o Specify which IP Options must always be used
Protocols: TCP, SCTP
Functional UDP(-Lite)
Automatable because this is closely tied IP Options relate to properties knowledge about the
network, not the application.

o Disable MPTCP
Protocols: MPTCP
Automatable because the usage of multiple paths to communicate to
the data
that an application sends or expects same end host relates to receive.
Implementation: via SEND.TCP and SEND.SCTP.
Implementation over UDP: knowledge about the network, not possible (UDP is unreliable). the
application.

o Reliably transfer a message, with congestion control Configure authentication
Protocols: TCP, SCTP
Functional because this is closely tied to properties of the data
that an application sends or expects to receive. has a direct influence on security.
Implementation: via SEND.SCTP. parameters in LISTEN.TCP and LISTEN.SCTP.
Implementation over TCP: via SEND.TCP. With SEND.TCP, message
boundaries will not be identifiable by TCP, this allows to configure Master
Key Tuples (MKTs) to authenticate complete segments (including the receiver, because
TCP
provides a byte stream service.
Implementation over UDP: not possible (UDP is unreliable).

o Unreliably transfer a message
Protocols: IPv4 pseudoheader, TCP header, and TCP data). With SCTP, UDP(-Lite)
Optimizing because this
allows to specify which chunk types must always be authenticated.
Authenticating only applications know about the time
criticality of their communication, and reliably transfering certain chunk types creates a
message is never incorrect for the receiver reduced level of a potentially
unreliable data transfer, it is just slower.
ADDED. This differs from the 2 automatable transport features
below in
security that it leaves the choice of congestion control open.
Implementation: via SEND.SCTP or SEND.UDP(-Lite).
Implementation over TCP: use SEND.TCP. With SEND.TCP, messages
will is not supported by TCP; to be compatible, this
should therefore only allow to authenticate all chunk types. Key
material must be sent reliably, provided in a way that is compatible with both
[RFC4895] and message boundaries will [RFC5925].
Implementation over UDP: not be
identifiable by the receiver. possible (UDP does not offer
authentication).

o Unreliably transfer a message, with congestion control Obtain requested number of streams
Protocols: SCTP
Automatable because congestion control relates to knowledge about
the network, using multi-streaming does not the application. require
application-specific knowledge.
Implementation: see Section 5.2.

o Unreliably transfer a message, without congestion control Limit the number of inbound streams
Protocols: UDP(-Lite) SCTP
Automatable because congestion control relates to knowledge about
the network, using multi-streaming does not the application. require
application-specific knowledge.
Implementation: see Section 5.2.

o Configurable Message Reliability Indicate (and/or obtain upon completion) an Adaptation Layer via
an adaptation code point
Protocols: SCTP
Optimizing
Functional because only applications know about the time
criticality of their communication, and reliably transfering a
message is never incorrect it allows to send extra data for the receiver sake of a potentially
unreliable data transfer, it
identifying an adaptation layer, which by itself is just slower. application-
specific.
Implementation: via SEND.SCTP. a parameter in LISTEN.SCTP.
Implementation over TCP: By using SEND.TCP and ignoring this
configuration: based on the assumption of the best-effort service
model, unnecessarily delivering data does not violate application
expectations. Moreover, it is not possible to associate the
requested reliability to a "message" in TCP anyway. (TCP does not offer this
functionality).
Implementation over UDP: not possible (UDP is unreliable).

o Choice of stream
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in the CONNECTION.ESTABLISHMENT
category is automatable. Implementation: see Appendix A.3.2. does not offer this
functionality).

o Choice Request to negotiate interleaving of path (destination address) user messages
Protocols: SCTP
Automatable because it requires using multiple sockets, streams, but
obtaining
requesting multiple sockets streams in the CONNECTION.ESTABLISHMENT
category is automatable.
Implementation: via a parameter in LISTEN.SCTP.

MAINTENANCE:

o Ordered message delivery (potentially slower than unordered) Change timeout for aborting connection (using retransmit limit or
time value)
Protocols: TCP, SCTP
Functional because this is closely tied related to properties of the potentially assumed
reliable data
that an application sends or expects to receive. delivery.
Implementation: via SEND.SCTP.
Implementation over TCP: By using SEND.TCP. With SEND.TCP,
messages will not be identifiable by the receiver. CHANGE_TIMEOUT.TCP or CHANGE_TIMEOUT.SCTP.
Implementation over UDP: not possible (UDP does not offer any
guarantees regarding ordering). is unreliable and there
is no connection timeout).

o Unordered message delivery (potentially faster than ordered) Suggest timeout to the peer
Protocols: SCTP, UDP(-Lite) TCP
Functional because this is closely tied related to properties of the potentially assumed
reliable data
that an application sends or expects to receive. delivery.
Implementation: via SEND.SCTP. CHANGE_TIMEOUT.TCP.
Implementation over TCP: By using SEND.TCP and always sending data
ordered: based on the assumption of the best-effort service model,
ordered delivery may just be slower and does not violate
application expectations. Moreover, it is UDP: not possible to
associate the requested delivery order to a "message" in TCP
anyway. (UDP is unreliable and there
is no connection timeout).

o Request not to bundle messages Disable Nagle algorithm
Protocols: TCP, SCTP
Optimizing because this decision depends on knowledge about the
size of future data blocks and the delay between them.
Implementation: via SEND.SCTP. DISABLE_NAGLE.TCP and DISABLE_NAGLE.SCTP.
Implementation over TCP: By using SEND.TCP and DISABLE_NAGLE.TCP
to disable UDP: do nothing (UDP does not implement the
Nagle algorithm when the request is made and enable
it again when the request is no longer made. Note that algorithm).

o Request an immediate heartbeat, returning success/failure
Protocols: SCTP
Automatable because this is
not fully equivalent informs about network-specific knowledge.

o Notification of Excessive Retransmissions (early warning below
abortion threshold)
Protocols: TCP
Optimizing because it relates is an early warning to the time application,
informing it of issuing the
request rather than a specific message. an impending functional event.
Implementation: via ERROR.TCP.
Implementation over UDP: do nothing (UDP never bundles messages). (there is no abortion
threshold).

o Specifying a "payload protocol-id" (handed over as such by the
receiver) Add path
Protocols: MPTCP, SCTP
Functional
MPTCP Parameters: source-IP; source-Port; destination-IP;
destination-Port
SCTP Parameters: local IP address
Automatable because it allows to send extra application data with
every message, for the sake of identification usage of data, which by
itself is application-specific.
Implementation: SEND.SCTP.
Implementation over TCP: not possible (this functionality is not
available in TCP).

Implementation over UDP: not possible (this functionality is not
available in UDP).

o Specifying a key id multiple paths to be used communicate to authenticate a message
the same end host relates to knowledge about the network, not the
application.

o Remove path
Protocols: MPTCP, SCTP
Functional
MPTCP Parameters: source-IP; source-Port; destination-IP;
destination-Port
SCTP Parameters: local IP address
Automatable because this has a direct influence on security.
Implementation: via a parameter in SEND.SCTP.
Implementation over TCP: This could be emulated by using
SET_AUTH.TCP before and after the message is sent. Note that this
is not fully equivalent because it usage of multiple paths to communicate to
the same end host relates to knowledge about the time network, not the
application.

o Set primary path
Protocols: SCTP
Automatable because the usage of issuing multiple paths to communicate to
the request rather than a specific message.
Implementation over UDP: not possible (UDP does same end host relates to knowledge about the network, not offer
authentication). the
application.

o Request not Suggest primary path to delay the acknowledgement (SACK) peer
Protocols: SCTP
Automatable because the usage of a message multiple paths to communicate to
the same end host relates to knowledge about the network, not the
application.

o Configure Path Switchover
Protocols: SCTP
Optimizing
Automatable because only an application knows for which message it
wants the usage of multiple paths to quickly be informed communicate to
the same end host relates to knowledge about success / failure of its
delivery.
Implementation over TCP: do nothing (TCP does not offer this
functionality, but ignoring this request from the application will
not yield a semantically wrong behavior).
Implementation over UDP: do nothing (UDP does network, not offer this
functionality, but ignoring this request from the application will
not yield a semantically wrong behavior).

A.1.2.2. Receiving Data
application.

o Receive data (with no message delimiting) Obtain status (query or notification)
Protocols: TCP
Functional because a SCTP, MPTCP
SCTP parameters: association connection state; destination
transport system must be able to send address list; destination transport address reachability
states; current local and
receive data.
Implementation: via RECEIVE.TCP.
Implementation over UDP: do nothing (UDP only works peer receiver window size; current local
congestion window sizes; number of unacknowledged DATA chunks;
number of DATA chunks pending receipt; primary path; most recent
SRTT on messages; primary path; RTO on primary path; SRTT and RTO on other
destination addresses; MTU per path; interleaving supported yes/no
MPTCP parameters: subflow-list (identified by source-IP; source-
Port; destination-IP; destination-Port)
Automatable because these can be handed over, parameters relate to knowledge about the application can still ignore
network, not the
message boundaries). application.

o Receive a Notification of ICMP error message arrival
Protocols: SCTP, TCP, UDP(-Lite)
Functional
Optimizing because this is closely tied to properties of the data
that an application sends these messages can inform about success or expects
failure of functional transport features (e.g., host unreachable
relates to receive. "Connect")
Implementation: via RECEIVE.SCTP and RECEIVE.UDP(-Lite).
Implementation over TCP: not possible (TCP does not support
identification of message boundaries). ERROR.TCP or ERROR.UDP(-Lite).

o Choice of stream to receive from Obtain information about interleaving support
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in the CONNECTION.ESTABLISHMENT
category is automatable.
Implementation: see Appendix A.3.2. via STATUS.SCTP.

o Information about partial message arrival Change authentication parameters
Protocols: TCP, SCTP
Functional because this is closely tied to properties of the data
that an application sends or expects to receive. has a direct influence on security.
Implementation: via RECEIVE.SCTP. SET_AUTH.TCP and SET_AUTH.SCTP.
Implementation over TCP: do nothing (this information With SCTP, this allows to adjust key_id,
key, and hmac_id. With TCP, this allows to change the preferred
outgoing MKT (current_key) and the preferred incoming MKT
(rnext_key), respectively, for a segment that is not
available sent on the
connection. Key material must be provided in a way that is
compatible with TCP). both [RFC4895] and [RFC5925].
Implementation over UDP: do nothing (this information is not
available with UDP).

A.1.2.3. Errors

This section describes sending failures that are associated with a
specific call to in the "Sending Data" category (Appendix A.1.2.1). possible (UDP does not offer
authentication).

o Notification of send failures Obtain authentication information
Protocols: SCTP, UDP(-Lite) SCTP
Functional because this notifies that potentially assumed reliable
data delivery is no longer provided.
ADDED. This differs from the 2 automatable transport features
below in that it does not distinugish between unsent authentication decisions may have been made by
the peer, and
unacknowledged messages. this has an influence on the necessary application-
level measures to provide a certain level of security.
Implementation: via SENDFAILURE-EVENT.SCTP and SEND_FAILURE.UDP(-
Lite). GET_AUTH.SCTP.
Implementation over TCP: do nothing (this notification With SCTP, this allows to obtain key_id
and a chunk list. With TCP, this allows to obtain current_key and
rnext_key from a previously received segment. Key material must
be provided in a way that is not
available compatible with both [RFC4895] and will therefore
[RFC5925].
Implementation over UDP: not occur with TCP). possible (UDP does not offer
authentication).

o Notification of an unsent (part of a) message Reset Stream
Protocols: SCTP, UDP(-Lite) SCTP
Automatable because the distinction between unsent and
unacknowledged is network-specific. using multi-streaming does not require
application-specific knowledge.
Implementation: see Section 5.2.

o Notification of an unacknowledged (part of a) message Stream Reset
Protocols: SCTP STCP
Automatable because the distinction between unsent and
unacknowledged is network-specific. using multi-streaming does not require
application-specific knowledge.
Implementation: see Section 5.2.

o Notification that the stack has no more user data to send Reset Association
Protocols: SCTP
Optimizing
Automatable because reacting deciding to reset an association does not
require application-specific knowledge.
Implementation: via RESET_ASSOC.SCTP.

o Notification of Association Reset
Protocols: STCP
Automatable because this notification requires the
application does not relate to be involved, and ensuring that the stack
application-specific knowledge.

o Add Streams
Protocols: SCTP
Automatable because using multi-streaming does not
run dry require
application-specific knowledge.
Implementation: see Section 5.2.

o Notification of data (for too long) can improve performance.
Implementation over TCP: do nothing (see the discussion in
Appendix A.3.4).
Implementation over UDP: do nothing (this notification is not
available and will therefore Added Stream
Protocols: STCP
Automatable because using multi-streaming does not occur with UDP). require
application-specific knowledge.
Implementation: see Section 5.2.

o Notification to a receiver that Choose a partial message delivery has
been aborted scheduler to operate between streams of an association
Protocols: SCTP
Functional
Optimizing because the scheduling decision requires application-
specific knowledge. However, if a transport system would not use
this, or wrongly configure it on its own, this is closely tied to properties of would only affect
the performance of data
that an application sends or expects to receive. transfers; the outcome would still be
correct within the "best effort" service model.
Implementation: using SET_STREAM_SCHEDULER.SCTP.
Implementation over TCP: do nothing (this notification is (streams are not available and will therefore not occur with TCP). in
TCP, but no guarantee is given that this transport feature has any
effect).
Implementation over UDP: do nothing (this notification is (streams are not available and will therefore not occur with UDP).

A.2. Step 2: Reduction -- The Reduced Set of Transport Features

By hiding automatable transport features from the application, a
transport system can gain opportunities to automate the usage of
network-related functionality. This can facilitate using the
transport system for the application programmer and it allows for
optimizations in
UDP, but no guarantee is given that may not be possible this transport feature has any
effect).

o Configure priority or weight for an application. For
instance, system-wide configurations regarding the usage of multiple
interfaces can better be exploited if the choice of the interface is
not entirely up to the application. Therefore, since they are not
strictly necessary to expose in a transport system, we do not include
automatable transport features in the reduced set of transport
features. This leaves us with only scheduler
Protocols: SCTP
Optimizing because the transport features that are
either optimizing priority or functional.

A weight requires application-
specific knowledge. However, if a transport system should be able to communicate via TCP would not use
this, or UDP if
alternative transport protocols wrongly configure it on its own, this would only affect
the performance of data transfers; the outcome would still be
correct within the "best effort" service model.
Implementation: using CONFIGURE_STREAM_SCHEDULER.SCTP.
Implementation over TCP: do nothing (streams are found not to work. For many
transport features, this available in
TCP, but no guarantee is possible -- often by simply given that this transport feature has any
effect).
Implementation over UDP: do nothing (streams are not doing
anything when a specific request available in
UDP, but no guarantee is made. For some transport
features, however, it was identified given that direct usage of neither TCP
nor UDP is possible: in these cases, even not doing anything would
incur semantically incorrect behavior. Whenever an application would
make use of one of these this transport features, feature has any
effect).

o Configure send buffer size
Protocols: SCTP
Automatable because this would eliminate the
possibility decision relates to use TCP or UDP. Thus, we only keep knowledge about the functional
network and
optimizing transport features for which an implementation over either
TCP or UDP is possible in our reduced set.

The "minimal set" derived the Operating System, not the application (see also
the discussion in Section 5.4).

o Configure receive buffer (and rwnd) size
Protocols: SCTP
Automatable because this decision relates to knowledge about the
network and the Operating System, not the application.

o Configure message fragmentation
Protocols: SCTP
Automatable because this document is meant relates to be
implementable "one-sided" over TCP, and, with limitations, UDP. In knowledge about the following list, we therefore precede a transport network
and the Operating System, not the application. Note that this
SCTP feature does not control IP-level fragmentation, but decides
on fragmentation of messages by SCTP, in the end system.
Implementation: by always enabling it with
"T:" if an implementation over TCP is possible, "U:" if an
implementation over UDP is possible,
CONFIG_FRAGMENTATION.SCTP and "TU:" if an implementation
over either TCP auto-setting the fragmentation size
based on network or UDP is possible.

A.2.1. CONNECTION Related Transport Features

ESTABLISHMENT:

o T,U: Connect Operating System conditions.

o T,U: Specify number of attempts and/or timeout for Configure PMTUD
Protocols: SCTP
Automatable because Path MTU Discovery relates to knowledge about
the first
establishment message network, not the application.

o T: Configure authentication
o T: Hand over a message delayed SACK timer
Protocols: SCTP
Automatable because the receiver-side decision to reliably transfer (possibly multiple
times) before connection establishment
o T: Hand over a message delay sending
SACKs relates to reliably transfer during connection
establishment

AVAILABILITY:

o T,U: Listen
o T: Configure authentication

MAINTENANCE:

o T: Change timeout knowledge about the network, not the application
(it can be relevant for aborting connection (using retransmit limit
or time value)
o T: Suggest timeout a sending application to request not to
delay the peer
o T,U: Disable Nagle algorithm
o T,U: Notification of Excessive Retransmissions (early warning
below abortion threshold)
o T,U: Specify DSCP field
o T,U: Notification SACK of ICMP error message arrival
o T: Change authentication parameters
o T: Obtain authentication information a message, but this is a different transport
feature).

o T,U: Set Cookie life value
o T,U: Choose a scheduler
Protocols: SCTP
Functional because it relates to operate between streams of an
association
o T,U: Configure priority or weight for a scheduler
o T,U: Disable checksum when sending
o T,U: Disable checksum requirement when receiving
o T,U: Specify checksum coverage used security (possibly weakened by
keeping a cookie very long) versus the sender
o T,U: Specify minimum checksum coverage required by receiver
o T,U: Specify DF field
o T,U: Get max. transport-message size that may time between connection
establishment attempts. Knowledge about both issues can be sent using a non-
fragmented IP packet from
application-specific.
Implementation over TCP: the configured interface
o T,U: Get max. transport-message size closest specified TCP functionality
is the cookie in TCP Fast Open; for this, [RFC7413] states that may be received from
the
configured interface
o T,U: Obtain ECN field
o T,U: Enable server "can expire the cookie at any time to enhance security"
and configure a "Low Extra Delay Background Transfer"

TERMINATION:

o T: Close after reliably delivering all remaining data, causing section 4.1.2 describes an
event informing example implementation where
updating the application key on the other server side
o T: Abort without delivering remaining data, causing an event
informing causes the application on cookie to expire.
Alternatively, for implementations that do not support TCP Fast
Open, this transport feature could also affect the other side
o T,U: Abort without delivering remaining data, validity of SYN
cookies (see Section 3.6 of [RFC4987]).
Implementation over UDP: not causing an event
informing possible (UDP does not offer this
functionality).

o Set maximum burst
Protocols: SCTP
Automatable because it relates to knowledge about the application on network, not
the other side application.

o T,U: Timeout event when data could not be delivered Configure size where messages are broken up for too long

A.2.2. DATA Transfer Related Transport Features

A.2.2.1. Sending Data

o T: Reliably transfer data, with congestion control
o T: Reliably transfer a message, with congestion control
o T,U: Unreliably transfer a message
o T: Configurable Message Reliability
o T: Ordered message partial delivery (potentially slower than unordered)
o T,U: Unordered
Protocols: SCTP
Functional because this is closely tied to properties of the data
that an application sends or expects to receive.
Implementation over TCP: not possible (TCP does not offer
identification of message delivery (potentially faster than ordered)
o T,U: Request boundaries).
Implementation over UDP: not to bundle messages possible (UDP does not fragment
messages).

o T: Specifying a key id Disable checksum when sending
Protocols: UDP
Functional because application-specific knowledge is necessary to
decide whether it can be used acceptable to authenticate a message
o T,U: Request lose data integrity with
respect to random corruption.
Implementation: via SET_CHECKSUM_ENABLED.UDP.
Implementation over TCP: do nothing (TCP does not offer to delay disable
the acknowledgement (SACK) of a message

A.2.2.2. Receiving Data

o T,U: Receive checksum, but transmitting data (with no message delimiting)
o U: Receive a message
o T,U: Information about partial message arrival

A.2.2.3. Errors

This section describes sending failures that are associated with an intact checksum will
not yield a
specific call to in the "Sending Data" category (Appendix A.1.2.1).

o T,U: Notification of send failures semantically wrong result).

o T,U: Notification that the stack has no more user Disable checksum requirement when receiving
Protocols: UDP
Functional because application-specific knowledge is necessary to
decide whether it can be acceptable to lose data integrity with
respect to send
o T,U: Notification random corruption.
Implementation: via SET_CHECKSUM_REQUIRED.UDP.
Implementation over TCP: do nothing (TCP does not offer to a receiver that a partial message delivery
has been aborted

A.3. Step 3: Discussion

The reduced set in the previous section exhibits a number of
peculiarities, which we will discuss in disable
the following. This section
focuses on TCP because, checksum, but transmitting data with the exception of one particular
transport feature ("Receive a message" -- we an intact checksum will discuss this in
Appendix A.3.1),
not yield a semantically wrong result).

o Specify checksum coverage used by the list shows that UDP sender
Protocols: UDP-Lite
Functional because application-specific knowledge is strictly a subset necessary to
decide for which parts of TCP.
We the data it can first try be acceptable to understand how lose
data integrity with respect to build a transport system that
can run random corruption.
Implementation: via SET_CHECKSUM_COVERAGE.UDP-Lite.
Implementation over TCP, and then narrow down the result further TCP: do nothing (TCP does not offer to allow
that limit
the system can always run checksum length, but transmitting data with an intact checksum
will not yield a semantically wrong result).
Implementation over either TCP or UDP (which
effectively means removing everything related UDP: if checksum coverage is set to reliability,
ordering, authentication and closing/aborting cover
payload data, do nothing. Else, either do nothing (transmitting
data with an intact checksum will not yield a notification to semantically wrong
result), or use the peer).

Note that, transport feature "Disable checksum when
sending".

o Specify minimum checksum coverage required by receiver
Protocols: UDP-Lite
Functional because the functional transport features application-specific knowledge is necessary to
decide for which parts of UDP are --
with the exception of "Receive a message" -- a subset of TCP, TCP data it can be used as a replacement for UDP whenever an application does not
need message delimiting (e.g., because the application-layer protocol
already does it). This has been recognized by many applications that
already do this in practice, by trying acceptable to communicate lose
data integrity with UDP at
first, and falling back respect to TCP in case of a connection failure.

A.3.1. Sending Messages, Receiving Bytes

For implementing a transport system random corruption.
Implementation: via SET_MIN_CHECKSUM_COVERAGE.UDP-Lite.
Implementation over TCP, there are several
transport features related TCP: do nothing (TCP does not offer to sending, limit
the checksum length, but only transmitting data with an intact checksum
will not yield a single transport
feature related semantically wrong result).
Implementation over UDP: if checksum coverage is set to receiving: "Receive cover
payload data, do nothing. Else, either do nothing (transmitting
data (with no message
delimiting)" (and, strangely, "information about partial message
arrival"). Notably, the transport feature "Receive with an intact checksum will not yield a message" is
also semantically wrong
result), or use the only non-automatable transport feature of "Disable checksum
requirement when receiving".

o Specify DF field
Protocols: UDP(-Lite) for
which no implementation over TCP is possible.

To support these TCP receiver semantics, we define an "Application-
Framed Bytestream" (AFra-Bytestream). AFra-Bytestreams allow senders
to operate on messages while minimizing changes to the TCP socket
API. In particular, nothing changes on
Optimizing because the receiver side - data DF field can be used to carry out Path MTU
Discovery, which can lead an application to choose message sizes
that can be accepted transmitted more efficiently.
Implementation: via a normal TCP socket.

In an AFra-Bytestream, MAINTENANCE.SET_DF.UDP(-Lite) and
SEND_FAILURE.UDP(-Lite).
Implementation over TCP: do nothing (with TCP, the sending
application can optionally inform
the transport about message boundaries and required properties per
message (configurable order and reliability, or embedding a request is not to delay the acknowledgement in control of transport message sizes, making
this functionality irrelevant).

o Get max. transport-message size that may be sent using a message). Whenever non-
fragmented IP packet from the sending configured interface
Protocols: UDP(-Lite)
Optimizing because this can lead an application specifies per-message properties to choose message
sizes that relax the notion of
reliable in-order delivery of bytes, it must assume can be transmitted more efficiently.
Implementation over TCP: do nothing (this information is not
available with TCP).

o Get max. transport-message size that may be received from the
receiving application
configured interface
Protocols: UDP(-Lite)
Optimizing because this can, for example, influence an
application's memory management.
Implementation over TCP: do nothing (this information is 1) able not
available with TCP).

o Specify TTL/Hop count field
Protocols: UDP(-Lite)
Automatable because a transport system can use a large enough
system default to determine message boundaries,
provided that messages are always kept intact, and 2) able avoid communication failures. Allowing an
application to accept
these relaxed per-message properties. Any signaling configure it differently can produce notifications
of such ICMP error message arrivals that yield information which only
relates to knowledge about the network, not the application.

o Obtain TTL/Hop count field
Protocols: UDP(-Lite)
Automatable because the TTL/Hop count field relates to knowledge
about the peer is up network, not the application.

o Specify ECN field
Protocols: UDP(-Lite)
Automatable because the ECN field relates to an application-layer protocol and
considered out of scope of knowledge about the
network, not the application.

o Obtain ECN field
Protocols: UDP(-Lite)
Optimizing because this document.

For example, if information can be used by an application requests
to transfer fixed-size
messages of 100 bytes better carry out congestion control (this is relevant when
choosing a data transmission transport service that does not
already do congestion control).
Implementation over TCP: do nothing (this information is not
available with partial reliability, this needs the
receiving application TCP).

o Specify IP Options
Protocols: UDP(-Lite)
Automatable because IP Options relate to be prepared knowledge about the
network, not the application.

o Obtain IP Options
Protocols: UDP(-Lite)
Automatable because IP Options relate to accept data in chunks of 100
bytes. If, then, some of these 100-byte messages are missing (e.g.,
if SCTP with Configurable Reliability is used), this is knowledge about the expected
application behavior. With TCP, no messages would be missing, but
this is also correct for
network, not the application, application.

o Enable and configure a "Low Extra Delay Background Transfer"
Protocols: A protocol implementing the possible
retransmission delay LEDBAT congestion control
mechanism
Optimizing because whether this feature is acceptable within appropriate or not
depends on application-specific knowledge. However, wrongly using
this will only affect the best effort service
model (see [RFC7305], Section 3.5). Still, speed of data transfers (albeit
including other transfers that may compete with the receiving application
would separate transport
system's transfer in the network), so it is still correct within
the byte stream into 100-byte chunks.

Note that "best effort" service model.
Implementation: via CONFIGURE.LEDBAT and/or SET_DSCP.TCP /
SET_DSCP.SCTP / SET_DSCP.UDP(-Lite) [LBE-draft].
Implementation over TCP: do nothing (TCP does not support LEDBAT
congestion control, but not implementing this usage of messages functionality will
not yield a semantically wrong behavior).
Implementation over UDP: do nothing (UDP does not require offer congestion
control).

TERMINATION:

o Close after reliably delivering all messages to be
equal in size. Many remaining data, causing an
event informing the application protocols use some form on the other side
Protocols: TCP, SCTP
Functional because the notion of Type-
Length-Value (TLV) encoding, e.g. by defining a header including
length fields; another alternative connection is the use of byte stuffing
methods such often reflected
in applications as COBS [COBS]. If an application needs message
numbers, e.g. expectation to restore the correct sequence of messages, these must
also have all outstanding data
delivered and no longer be encoded by the application itself, as the able to communicate after a "Close"
succeeded, with a communication sequence number
related relating to this
transport features of SCTP are not provided feature that is defined by the "minimum
set" (in the interest of enabling usage of TCP).

A.3.2. Stream Schedulers Without Streams

We have already stated that multi-streaming application protocol.
Implementation: via CLOSE.TCP and CLOSE.SCTP.
Implementation over UDP: not possible (UDP is unreliable and hence
does not require
application-specific knowledge. Potential benefits or disadvantages
of, e.g., using two streams of an SCTP association versus using two
separate SCTP associations or TCP connections are know when all remaining data is delivered; it does also
not offer to cause an event related to
knowledge about closing at the network and peer).

o Abort without delivering remaining data, causing an event
informing the particular transport protocol in
use, not application on the application. However, other side
Protocols: TCP, SCTP
Functional because the transport features "Choose notion of a
scheduler connection is often reflected
in applications as an expectation to operate between streams potentially not have all
outstanding data delivered and no longer be able to communicate
after an "Abort" succeeded. On both sides of a connection, an association" and
"Configure priority or weight for
application protocol may define a scheduler" operate on streams.
Here, streams identify communication channels between which a
scheduler operates, sequence relating
to this transport feature.
Implementation: via ABORT.TCP and they can be assigned a priority. Moreover, ABORT.SCTP.

Implementation over UDP: not possible (UDP does not offer to cause
an event related to aborting at the transport features in peer).

o Abort without delivering remaining data, not causing an event
informing the MAINTENANCE category all operate application on
assocations in case of SCTP, i.e. they apply to all streams in that
assocation.

With only these semantics necessary to represent, the interface to a
transport system becomes easier if we assume that connections may be other side
Protocols: UDP(-Lite)
Functional because the notion of a transport protocol's connection or association, but could also be a
stream of is often reflected
in applications as an existing SCTP association, for example. We only need expectation to
allow for a way potentially not have all
outstanding data delivered and no longer be able to communicate
after an "Abort" succeeded. On both sides of a connection, an
application protocol may define a possible grouping of connections. Then,
all MAINTENANCE transport features can be said communication sequence relating
to operate on
connection groups, not connections, and a scheduler operates on this transport feature.
Implementation: via ABORT.UDP(-Lite).
Implementation over TCP: stop using the
connections within connection, wait for a group.

To
timeout.

o Timeout event when data could not be compatible with multiple transport protocols delivered for too long
Protocols: TCP, SCTP
Functional because this notifies that potentially assumed reliable
data delivery is no longer provided.
Implementation: via TIMEOUT.TCP and uniformly
allow access TIMEOUT.SCTP.
Implementation over UDP: do nothing (this event will not occur
with UDP).

A.2. DATA Transfer Related Transport Features

A.2.1. Sending Data

o Reliably transfer data, with congestion control
Protocols: TCP, SCTP
Functional because this is closely tied to both transport connections and streams properties of a multi-
streaming protocol, the semantics of opening data
that an application sends or expects to receive.
Implementation: via SEND.TCP and closing need SEND.SCTP.
Implementation over UDP: not possible (UDP is unreliable).

o Reliably transfer a message, with congestion control
Protocols: SCTP
Functional because this is closely tied to be
the most restrictive subset of all properties of the underlying options. For
example, TCP's support of half-closed connections can data
that an application sends or expects to receive.

Implementation: via SEND.SCTP.
Implementation over TCP: via SEND.TCP. With SEND.TCP, message
boundaries will not be seen as a
feature on top of identifiable by the more restrictive "ABORT"; this feature cannot
be supported receiver, because TCP
provides a byte stream service.
Implementation over UDP: not possible (UDP is unreliable).

o Unreliably transfer a message
Protocols: SCTP, UDP(-Lite)
Optimizing because not all protocols used by only applications know about the time
criticality of their communication, and reliably transfering a transport system
(including streams
message is never incorrect for the receiver of an association) support half-closed
connections.

A.3.3. Early Data Transmission

There are two a potentially
unreliable data transfer, it is just slower.
CHANGED FROM RFC8303. This differs from the 2 automatable
transport features related to transferring a message
early: "Hand below in that it leaves the choice of
congestion control open.
Implementation: via SEND.SCTP or SEND.UDP(-Lite).
Implementation over a TCP: use SEND.TCP. With SEND.TCP, messages
will be sent reliably, and message to reliably boundaries will not be
identifiable by the receiver.

o Unreliably transfer (possibly multiple
times) before connection establishment", which relates to TCP Fast
Open [RFC7413], and "Hand over a message message, with congestion control
Protocols: SCTP
Automatable because congestion control relates to reliably knowledge about
the network, not the application.

o Unreliably transfer during
connection establishment", which a message, without congestion control
Protocols: UDP(-Lite)
Automatable because congestion control relates to SCTP's ability to
transfer data together with knowledge about
the COOKIE-Echo chunk. Also without TCP
Fast Open, TCP can transfer data during network, not the handshake, together with application.

o Configurable Message Reliability
Protocols: SCTP
Optimizing because only applications know about the SYN packet -- however, time
criticality of their communication, and reliably transfering a
message is never incorrect for the receiver of this a potentially
unreliable data may not hand transfer, it is just slower.
Implementation: via SEND.SCTP.
Implementation over to TCP: By using SEND.TCP and ignoring this
configuration: based on the application until assumption of the handshake has completed. Also,
different from TCP Fast Open, this best-effort service
model, unnecessarily delivering data does not violate application
expectations. Moreover, it is not delimited as possible to associate the
requested reliability to a message
by "message" in TCP (thus, anyway.
Implementation over UDP: not visible as a ``message''). This functionality possible (UDP is
commonly available in TCP and supported unreliable).

o Choice of stream
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in several implementations,
even though the TCP specification does not explain how to provide CONNECTION.ESTABLISHMENT
category is automatable. Implementation: see Section 5.2.

o Choice of path (destination address)
Protocols: SCTP
Automatable because it
to applications.

A transport system could differentiate between requires using multiple sockets, but
obtaining multiple sockets in the cases CONNECTION.ESTABLISHMENT
category is automatable.

o Ordered message delivery (potentially slower than unordered)
Protocols: SCTP
Functional because this is closely tied to properties of
transmitting data "before" (possibly multiple times) or "during" the
handshake. Alternatively, it could also assume that data
that are
handed an application sends or expects to receive.
Implementation: via SEND.SCTP.
Implementation over early TCP: By using SEND.TCP. With SEND.TCP,
messages will not be transmitted as early as possible, and
"before" identifiable by the handshake would only be used for messages that are
explicitly marked as "idempotent" (i.e., it would be acceptable receiver.
Implementation over UDP: not possible (UDP does not offer any
guarantees regarding ordering).

o Unordered message delivery (potentially faster than ordered)
Protocols: SCTP, UDP(-Lite)
Functional because this is closely tied to
transfer them multiple times).

The amount properties of the data
that can successfully be transmitted before an application sends or
during the handshake depends expects to receive.
Implementation: via SEND.SCTP.
Implementation over TCP: By using SEND.TCP and always sending data
ordered: based on various factors: the transport
protocol, the use assumption of header options, the choice of IPv4 and IPv6 best-effort service model,
ordered delivery may just be slower and does not violate
application expectations. Moreover, it is not possible to
associate the Path MTU. A transport system should therefore allow requested delivery order to a sending
application "message" in TCP
anyway.

o Request not to query bundle messages
Protocols: SCTP
Optimizing because this decision depends on knowledge about the maximum amount
size of future data blocks and the delay between them.
Implementation: via SEND.SCTP.
Implementation over TCP: By using SEND.TCP and DISABLE_NAGLE.TCP
to disable the Nagle algorithm when the request is made and enable
it can possibly
transmit before (or, if exposed, during) connection establishment.

A.3.4. Sender Running Dry

The transport feature "Notification that again when the stack has request is no more user
data to send" longer made. Note that this is
not fully equivalent because it relates to SCTP's "SENDER DRY" notification. Such
notifications can, in principle, be used the time of issuing the
request rather than a specific message.
Implementation over UDP: do nothing (UDP never bundles messages).

o Specifying a "payload protocol-id" (handed over as such by the
receiver)
Protocols: SCTP
Functional because it allows to avoid having an
unnecessarily large send buffer, yet ensure that the transport sender
always has extra application data with
every message, for the sake of identification of data, which by
itself is application-specific.
Implementation: SEND.SCTP.
Implementation over TCP: not possible (this functionality is not
available when it has an opportunity in TCP).
Implementation over UDP: not possible (this functionality is not
available in UDP).

o Specifying a key id to transmit it.
This has been found be used to authenticate a message
Protocols: SCTP
Functional because this has a direct influence on security.
Implementation: via a parameter in SEND.SCTP.
Implementation over TCP: This could be very beneficial for some applications
[WWDC2015]. However, "SENDER DRY" truly means that the entire send
buffer (including both unsent emulated by using
SET_AUTH.TCP before and unacknowledged data) has emptied --
i.e., when it notifies after the sender, it message is already too late, the
transport protocol already missed an opportunity to send data. Some
modern TCP implementations now include the unspecified
"TCP_NOTSENT_LOWAT" socket option that was proposed in [WWDC2015],
which limits the amount of unsent data sent. Note that TCP can keep in the
socket buffer; this allows
is not fully equivalent because it relates to specify at which buffer filling level the socket becomes writable, time of issuing
the request rather than waiting for the buffer a specific message.
Implementation over UDP: not possible (UDP does not offer
authentication).

o Request not to
run empty. delay the acknowledgement (SACK) of a message
Protocols: SCTP allows
Optimizing because only an application knows for which message it
wants to configure the sender-side buffer too: the automatable
Transport Feature "Configure send buffer size" provides quickly be informed about success / failure of its
delivery.
Implementation over TCP: do nothing (TCP does not offer this
functionality, but only for ignoring this request from the complete buffer, which includes both
unsent and unacknowledged data. SCTP application will
not yield a semantically wrong behavior).

Implementation over UDP: do nothing (UDP does not allow to control these
two sizes separately. It therefore makes sense for offer this
functionality, but ignoring this request from the application will
not yield a semantically wrong behavior).

A.2.2. Receiving Data

o Receive data (with no message delimiting)
Protocols: TCP
Functional because a transport system must be able to allow for uniform access to "TCP_NOTSENT_LOWAT" as well as
the "SENDER DRY" notification.

A.3.5. Capacity Profile

The transport features:

o Disable Nagle algorithm
o Enable send and configure a "Low Extra Delay Background Transfer"
o Specify DSCP field

all relate to a QoS-like
receive data.
Implementation: via RECEIVE.TCP.
Implementation over UDP: do nothing (UDP only works on messages;
these can be handed over, the application need such as "low latency" or
"scavenger". In can still ignore the interest of flexibility of a transport system,
they could therefore be offered in a uniform, more abstract way,
where
message boundaries).

o Receive a transport system could e.g. decide by itself how message
Protocols: SCTP, UDP(-Lite)
Functional because this is closely tied to use
combinations properties of LEDBAT-like congestion control and certain DSCP
values, and the data
that an application would only specify a general "capacity
profile" (a description of how it wants sends or expects to use the available
capacity). A need for "lowest receive.
Implementation: via RECEIVE.SCTP and RECEIVE.UDP(-Lite).
Implementation over TCP: not possible latency at the expense (TCP does not support
identification of
overhead" could then translate into automatically disabling the Nagle
algorithm.

In some cases, the Nagle algorithm is best controlled directly by message boundaries).

o Choice of stream to receive from
Protocols: SCTP
Automatable because it requires using multiple streams, but
requesting multiple streams in the
application CONNECTION.ESTABLISHMENT
category is automatable.
Implementation: see Section 5.2.

o Information about partial message arrival
Protocols: SCTP
Functional because it this is not only related to a general profile but
also closely tied to knowledge about the size properties of future messages. For fine-grain
control over Nagle-like functionality, the "Request not data
that an application sends or expects to bundle
messages" receive.
Implementation: via RECEIVE.SCTP.
Implementation over TCP: do nothing (this information is available.

A.3.6. Security

Both TCP and SCTP offer authentication. TCP authenticates complete
segments. SCTP allows not
available with TCP).
Implementation over UDP: do nothing (this information is not
available with UDP).

A.2.3. Errors

This section describes sending failures that are associated with a
specific call to configure which in the "Sending Data" category (Appendix A.2.1).

o Notification of SCTP's chunk types must
always be authenticated -- if send failures
Protocols: SCTP, UDP(-Lite)
Functional because this notifies that potentially assumed reliable
data delivery is exposed as such, it creates an
undesirable dependency on no longer provided.
CHANGED FROM RFC8303. This differs from the 2 automatable
transport protocol. For compatibility
with TCP, a transport system should only allow to configure complete
transport layer packets, including headers, IP pseudo-header (if any) features below in that it does not distinugish between
unsent and payload.

Security unacknowledged messages.
Implementation: via SENDFAILURE-EVENT.SCTP and SEND_FAILURE.UDP(-
Lite).
Implementation over TCP: do nothing (this notification is discussed in a separate document
[I-D.ietf-taps-transport-security]. The minimal set presented in the
present document excludes all security related transport features:
"Configure authentication", "Change authentication parameters",
"Obtain authentication information" not
available and will therefore not occur with TCP).

o Notification of an unsent (part of a) message
Protocols: SCTP, UDP(-Lite)
Automatable because the distinction between unsent and "Set Cookie life value"
as well as "Specifying a key id to be used
unacknowledged does not relate to authenticate a
message".

A.3.7. Packet Size

UDP(-Lite) has a transport feature called "Specify DF field". This
yields application-specific knowledge.

o Notification of an error message in case unacknowledged (part of sending a a) message
Protocols: SCTP
Automatable because the distinction between unsent and
unacknowledged does not relate to application-specific knowledge.

o Notification that exceeds the
Path MTU, which is necessary for a UDP-based stack has no more user data to send
Protocols: SCTP
Optimizing because reacting to this notification requires the
application to be able
to implement Path MTU Discovery (a function involved, and ensuring that UDP-based
applications must the stack does not
run dry of data (for too long) can improve performance.
Implementation over TCP: do by themselves). The "Get max. transport-message
size nothing (see the discussion in
Section 5.4).
Implementation over UDP: do nothing (this notification is not
available and will therefore not occur with UDP).

o Notification to a receiver that may be sent using a non-fragmented IP packet from partial message delivery has
been aborted
Protocols: SCTP
Functional because this is closely tied to properties of the
configured interface" transport feature yields data
that an upper limit for the
Path MTU (minus headers) application sends or expects to receive.
Implementation over TCP: do nothing (this notification is not
available and can will therefore help to implement Path MTU
Discovery more efficiently. not occur with TCP).
Implementation over UDP: do nothing (this notification is not
available and will therefore not occur with UDP).

Appendix B. Revision information

XXX RFC-Ed please remove this section prior to publication.

-02: implementation suggestions added, discussion section added,
terminology extended, DELETED category removed, various other fixes;
list of Transport Features adjusted to -01 version of [RFC8303]
except that MPTCP is not included.

-03: updated to be consistent with -02 version of [RFC8303].

-04: updated to be consistent with -03 version of [RFC8303].
Reorganized document, rewrote intro and conclusion, and made a first
stab at creating a real "minimal set".

-05: updated to be consistent with -05 version of [RFC8303] (minor
changes). Fixed a mistake regarding Cookie Life value. Exclusion of
security related transport features (to be covered in a separate
document). Reorganized the document (now begins with the minset,
derivation is in the appendix). First stab at an abstract API for
the minset.

draft-ietf-taps-minset-00: updated to be consistent with -08 version
of [RFC8303] ("obtain message delivery number" was removed, as this
has also been removed in [RFC8303] because it was a mistake in
RFC4960. This led to the removal of two more transport features that
were only designated as functional because they affected "obtain
message delivery number"). Fall-back to UDP incorporated (this was
requested at IETF-99); this also affected the transport feature
"Choice between unordered (potentially faster) or ordered delivery of
messages" because this is a boolean which is always true for one
fall-back protocol, and always false for the other one. This was
therefore now divided into two features, one for ordered, one for
unordered delivery. The word "reliably" was added to the transport
features "Hand over a message to reliably transfer (possibly multiple
times) before connection establishment" and "Hand over a message to
reliably transfer during connection establishment" to make it clearer
why this is not supported by UDP. Clarified that the "minset
abstract interface" is not proposing a specific API for all TAPS
systems to implement, but it is just a way to describe the minimum
set. Author order changed.

WG -01: "fall-back to" (TCP or UDP) replaced (mostly with
"implementation over"). References to post-sockets removed (these
were statments that assumed that post-sockets requires two-sided
implementation). Replaced "flow" with "TAPS Connection" and "frame"
with "message" to avoid introducing new terminology. Made sections 3
and 4 in line with the categorization that is already used in the
appendix and [RFC8303], and changed style of section 4 to be even
shorter and less interface-like. Updated reference draft-ietf-tsvwg-
sctp-ndata to RFC8260.

WG -02: rephrased "the TAPS system" and "TAPS connection" etc. to
more generally talk about transport after the intro (mostly replacing
"TAPS system" with "transport system" and "TAPS connection" with
"connection". Merged sections 3 and 4 to form a new section 3.

WG -03: updated sentence referencing
[I-D.ietf-taps-transport-security] to say that "the minimum security
requirements for a taps system are discussed in a separate security
document", wrote "example" in the paragraph introducing the decision
tree. Removed reference draft-grinnemo-taps-he-03 and the sentence
that referred to it.

WG -04: addressed comments from Theresa Enghardt and Tommy Pauly. As
part of that, removed "TAPS" as a term everywhere (abstract, intro,
..).

WG -05: addressed comments from Spencer Dawkins.

WG -06: Fixed nits.

WG -07: Addressed Genart comments from Robert Sparks.

WG -08: Addressed one more Genart comment from Robert Sparks.

WG -09: Addressed comments from Mirja Kuehlewind, Alvaro Retana, Ben
Campbell, Benjamin Kaduk and Eric Rescorla.

Authors' Addresses
Michael Welzl
University of Oslo
PO Box 1080 Blindern
Oslo N-0316
Norway

Phone: +47 22 85 24 20
Email: michawe@ifi.uio.no

Stein Gjessing
University of Oslo
PO Box 1080 Blindern
Oslo N-0316
Norway

Phone: +47 22 85 24 44
Email: steing@ifi.uio.no