One document matched: draft-ietf-rtcweb-data-channel-00.xml
<?xml version="1.0"?>
<?rfc symrefs="yes"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes" ?>
<?rfc compact="yes" ?>
<?rfc subcompact="no" ?>
<?rfc sortrefs="no" ?>
<?rfc strict="yes" ?>
<rfc ipr="trust200902"
docName="draft-ietf-rtcweb-data-channel-00.txt" category='info'>
<front>
<title abbrev="data P2P in RTCWEB">
RTCWeb Datagram Connection
</title>
<author initials="R." surname="Jesup" fullname="Randell Jesup">
<organization>Mozilla</organization>
<address>
<postal>
<street></street>
<code></code>
<city></city>
<country>USA</country>
</postal>
<email>randell-ietf@jesup.org</email>
</address>
</author>
<author initials="S." surname="Loreto" fullname="Salvatore Loreto">
<organization>Ericsson</organization>
<address>
<postal>
<street>Hirsalantie 11</street>
<code>02420</code>
<city>Jorvas</city>
<country>Finland</country>
</postal>
<email>salvatore.loreto@ericsson.com</email>
</address>
</author>
<author initials="M." surname="Tuexen" fullname="Michael Tuexen">
<organization abbrev='Muenster Univ. of Appl. Sciences'>
Muenster University of Applied Sciences</organization>
<address>
<postal>
<street>Stegerwaldstrasse 39</street>
<code>48565</code>
<city> Steinfurt</city>
<country>Germany</country>
</postal>
<email>tuexen@fh-muenster.de</email>
</address>
</author>
<date/>
<area>RAI</area>
<workgroup>RTCWeb Working Group</workgroup>
<abstract>
<t>The Web Real-Time Communication (WebRTC) working group is charged to provide
protocol support for direct interactive rich communication using audio, video,
and data between two peers' web-browsers.
This document describes the non-media data transport aspects of the WebRTC framework.
It provides an architectural overview of how the Stream Control Transmission Protocol (SCTP) is used in
the WebRTC context as a generic transport service allowing Web Browser to exchange generic data from peer to peer.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>The issue of how best to handle non-media data types in the context of RTCWEB has reached a general consensus
on the usage of SCTP <xref target="RFC4960"/> encapsulated on DTLS <xref target="RFC6347"/>:</t>
<figure title="Basic stack diagram"
anchor="fig-stack">
<artwork>
+----------+
| SCTP |
+----------+
| DTLS |
+----------+
| ICE/UDP |
+----------+
</artwork>
</figure>
<t>The encapsulation of SCTP over DTLS over ICE/UDP provides a NAT traversal solution together with
confidentiality, source authenticated, integrity protected transfers. This data transport service operates in parallel to the media transports, and all of them can eventually share a single transport-layer port number.</t>
<t>SCTP provides multiple streams natively with reliable, unreliable and partially-reliable delivery modes.</t>
<t>The remainder of this document is organized as follows: <xref target='sec-req'/> and <xref target='sec-use-cases'/>
provide requirements and use cases for both unreliable and reliable peer to peer datagram base channel;
<xref target='sec-p-a-2'/> arguments SCTP over DTLS over UDP; <xref target='sec-sctp-usage'/> provides an overview of how SCTP should be used by the RTCWeb protocol framework for transporting non-media data between browsers.</t>
</section>
<section title="Requirements"
anchor="sec-req">
<t>
This section lists the requirements for P2P data connections between two browsers.
</t>
<t>
<list style='format Req. %d'>
<t>Multiple simultaneous datagram streams must be supported.
Note that there may 0 or more media streams in parallel with the data streams,
and the number and state (active/inactive) of the media streams may change at
any time.</t>
<t>Both reliable and unreliable datagram streams must be supported.</t>
<t>Data streams must be congestion controlled; either individually,
as a class, or in conjunction with the media streams, to ensure
that datagram exchanges don't cause congestion problems for the
media streams, and that the rtcweb PeerConnection as a whole is
fair with competing streams such as TCP.</t>
<t>The application should be able to provide guidance as to the
relative priority of each datagram stream relative to each other,
and relative to the media streams. [ TBD: how this is encoded and
what the impact of this is. ] This will interact with the
congestion control algorithms.</t>
<t>Datagram streams must be encrypted; allowing for confidentiality,
integrity and source authentication.
See <xref target="I-D.ietf-rtcweb-security"/> and
<xref target="I-D.ietf-rtcweb-security-arch"/> for detailed info.</t>
<t>Consent and NAT traversal mechanism: These are handled by the
PeerConnection's ICE <xref target="RFC5245"/> connectivity checks and
optional TURN servers.</t>
<t>Data streams must provide message fragmentation support such that
IP-layer fragmentation does not occur no matter how large a message
the Javascript application passes to be sent.</t>
<t>The data stream transport protocol must not encode local IP addresses
inside its protocol fields; doing so reveals potentially private information,
and leads to failure if the address is depended upon.</t>
<t>The data stream protocol should support unbounded-length "messages"
(i.e., a virtual socket stream) at the application layer, for such things as
image-file-transfer; or else it must support at least a maximum
application-layer message size of 4GB.</t>
<t>The data stream packet format/encoding must be such
that it is impossible for a malicious Javascript to generate an
application message crafted such that it could be interpreted as a native
protocol over UDP - such as UPnP, RTP, SNMP, STUN, etc.</t>
<t>The data stream transport protocol must start with the assumption
of a PMTU of 1280 [ *** need justification ***] bytes until measured
otherwise.</t>
<!-- MT: Why? Shouldn't SCTP just do PMTU discovery? -->
<!-- MT: 1280 is the minimum PMTU for IPv6. However, we need to take
any IPv6 optional headers, the UDP header (8 bytes) and the DTLS
overhead (it depends on the choosen cipher suite) into account.
Same for UPv4. -->
<t>The data stream transport protocol must not rely on ICMP or ICMPv6
being generated or being passed back, such as for PMTU discovery.</t>
<t>It must be possible to implement the protocol stack in the user
application space.</t>
</list>
</t>
</section>
<section title="Use Cases"
anchor="sec-use-cases">
<section title="Use Cases for Unreliable Datagram Based Channels"
anchor="sec-use-cases-unreliable">
<t>
<list style='format U-C %d' counter='UseCases'>
<t>A real-time game where position and object state information is
sent via one or more unreliable data channels.
Note that at any time there may be no media channels, or all media channels
may be inactive, and that there may also be reliable data channels in use.</t>
<t>Non-critical state updates about a user in a video chat or
conference, such as Mute state.</t>
</list>
</t>
</section>
<section title="Use Cases for Reliable Channels (Datagram or Stream Based)"
anchor="sec-use-cases-reliable">
<t>Note that either reliable datagrams or streams are possible;
reliable streams would be fairly simple to layer on top of SCTP reliable
datagrams with in-order delivery.</t>
<t>
<list style='format U-C %d' counter='UseCases'>
<t> A real-time game where critical state information needs to be
transferred, such as control information. Typically this would be datagrams.
Such a game may have no media channels, or they may be inactive at any
given time, or may only be added due to in-game actions.</t>
<t>Non-realtime file transfers between people chatting.
This could be datagrams or streaming. Note that this may involve a large
number of files to transfer sequentially or in parallel, such as when
sharing a folder of images or a directory of files.</t>
<t>Realtime text chat while talking with an individual or with multiple
people in a conference. Typically this would be datagrams.</t>
<t>Renegotiation of the set of media streams in the PeerConnection.
Typically this would be datagrams.</t>
<t>Proxy browsing, where a browser uses data channels of a PeerConnection
to send and receive HTTP/HTTPS requests and data, for example to avoid local
internet filtering or monitoring. Typically this would be streams.</t>
</list>
</t>
</section>
</section>
<section title="Datagrams over SCTP over DTLS over UDP"
anchor="sec-p-a-2">
<t>The encapsulation of SCTP over DTLS as defined in
<xref target="I-D.tuexen-tsvwg-sctp-dtls-encaps"/> provides a NAT traversal solution
together with confidentiality, source authenticated, integrity protected transfers.
SCTP provides also natively several interesting features for transporting
non-media data between browsers:</t>
<t><list style="symbols">
<t>Support of multiple streams.</t>
<t>Ordered and unordered delivery of user messages.</t>
<t>Reliable and partial-reliable transport of user messages.</t>
</list></t>
<t>Each SCTP user message contains a so called Payload Protocol Identifier (PPID)
that is passed to SCTP by its upper layer and sent to its peer.
This value represents an application (or upper layer) specified
protocol identifier and be used to transport multiple protocols
over a single SCTP association. The sender provides for each protocol a
specific PPID and the receiver demultiplexes the messages based on the
received PPID.</t>
<!--
<t>Moreover SCTP provides the possibility to transport different "protocols"
over multiple streams and associations using the PPID
(Payload Protocol Identifier).
An application can set a different PPID with each send call.
This allows the receiving application to look at this information
(as well as the stream id/seq) on receiving to know what type of protocol
the data payload has.</t>
-->
<t>The encapsulation of SCTP over DTLS,
together with the SCTP features listed above satisfies all the requirements listed in in
<xref target='sec-req'/>.</t>
<!--
<t>There are SCTP implementations for most Operating Systems in wide use:</t>
<t>
<list style="empty">
<t>Linux (mainline kernel 2.6.36)</t>
<t>FreeBSD (release kernel 8.2)</t>
<t>Mac OS X</t>
<t>Windows (SctpDrv4)</t>
<t>Solaris (OpenSolaris 2009.06)</t>
<t>and a user-land SCTP implementation (based on the FreeBSD implementation).</t>
</list>
</t>
<section title="User Space versus Kernel Implementation"
anchor="sec-sctp-1">
<t>Even though kernel implementations of SCTP are already available for most
platforms (see <xref target='sec-p-a-2'/> ), there are compelling reasons for
using an SCTP stack that works well in user land.</t>
<t>The main reason is deployability.</t>
<t>Web browsers supporting WebRTC are expected to run on a wide range of old
and new operating systems. They support operating systems 10 years old or more,
they run on mobile and desktop operating systems,
and they are highly portable to new operating systems.
This is achieved by having a fairly narrow portability layer to minimize
what needs to be supported on old operating systems and ported to new ones.
This creates a need to implement as much functionality as possible
inside the application instead of relying on the operating system.</t>
<t>As a user-land implementation of SCTP is available, this meets
requirement 12.</t>
</section>
-->
<t>The layering of protocols for WebRTC is shown in the following
<xref target='fig-sctp-layering'/>.</t>
<figure title='WebRTC protocol layers'
anchor='fig-sctp-layering'>
<artwork>
+------+
|WEBAPP|
+------+
| SCTP |
+--------------------+
| STUN | SRTP | DTLS |
+--------------------+
| ICE |
+--------------------+
| UDP1 | UDP2 | ... |
+--------------------+
</artwork>
</figure>
<t>This stack (especially in contrast to DTLS over SCTP <xref target="RFC6083"/>) has been chosen
because it</t>
<t><list style='symbols'>
<t>supports the transmission of arbitrary large user messages.</t>
<t>shares the DTLS connection with the media channels.</t>
<t>provides privacy for the SCTP control information.</t>
</list></t>
<t>Considering the protocol stack of <xref target='fig-sctp-layering'/> the usage of DTLS over UDP is specified in
<xref target='RFC6347'/>, while the usage of SCTP on top of DTLS is specified in
<xref target='I-D.tuexen-tsvwg-sctp-dtls-encaps'/>.</t>
<t>Since DTLS is typically implemented in user-land, an SCTP user-land
implementation must also be used.</t>
<t>When using DTLS as the lower layer, only single homed SCTP
associations can be used, since DTLS does not expose any address management
to its upper layer. The ICE/UDP layer can handle IP address changes during a
session without needing to notify the DTLS and SCTP layers, though it would
be advantageous to retest path MTU on an IP address change.</t>
<t>DTLS implementations used for this stack must support
controlling fields of the IP layer like the Don't fragment (DF)-bit in case of IPv4 and the
Differentiated Services Code Point (DSCP) field. This is required for performing path MTU discovery.
The DTLS implementation must also support sending user messages exceeding
the path MTU.</t>
<t>When supporting multiple SCTP associations over a single DTLS
connection, incoming ICMP or ICMPv6 messages can't be processed by the SCTP
layer, since there is no way to identify the corresponding association.
Therefore the number of SCTP associations should be limited to one or ICMP and
ICMPv6 messages should be ignored.
In general, the lower layer interface of an SCTP implementation has to be
adapted to address the differences between IPv4 or IPv6 (being connection-less)
or DTLS (being connection-oriented).</t>
<t>When protocol stack of <xref target='fig-sctp-layering'/> is used,
DTLS protects the complete SCTP packet, so it
provides confidentiality, integrity and source authentication
of the complete SCTP packet.</t>
<t>This protocol stack supports the usage of
multiple SCTP streams. A user message can be sent ordered or unordered
and, if the SCTP implementations support <xref target='RFC3758'/>,
with partial reliability. When using partial reliability, it might make
sense to use a policy limiting the number of retransmissions. Limiting
the number of retransmissions to zero provides a UDP like service where
each user messages is sent exactly once.</t>
<t>SCTP provides congestion control on a per-association base. This means
that all SCTP streams within a single SCTP association share the same
congestion window. Traffic not being sent over SCTP is not covered by
the SCTP congestion control. Due to the typical parallel SRTP media
streams, it will be advantageous to select a delay-sensitive congestion
control algorithm or to at least coordinate congestion control between the
data channels and the media streams to avoid a data channel transfer
ending up with most or all the channel bandwidth.</t>
</section>
<section title="The Envisioned Usage of SCTP in the RTCWeb Context"
anchor="sec-sctp-usage">
<t>The appealing features of SCTP in the RTCWeb context are:</t>
<t><list style="symbols">
<t>TCP-friendly congestion control.</t>
<t>The congestion control is modifiable for integration with media stream congestion control.</t>
<t>Support for multiple channels with different characteristics.</t>
<t>Support for out-of-order delivery.</t>
<t>Support for large datagrams and PMTU-discovery and fragmentation.</t>
<t>Reliable or partial reliability support.</t>
<t>Support of multiple streams.</t>
</list></t>
<t>Multihoming will not be used in this scenario.
The SCTP layer would simply act as if it were running on a single-homed host,
since that is the abstraction that the lower layer (a connection oriented,
unreliable datagram service) would expose.</t>
<section title="Association Setup"
anchor="sec-sctp-setup">
<t>The SCTP association would be set up when the two endpoints of the WebRTC
PeerConnection agree on opening it, as negotiated by JSEP (typically an
exchange of SDP) <xref target='I-D.ietf-rtcweb-jsep'/>.
It would use the DTLS connection created at the start of the
PeerConnection connection.</t>
<t>The application should indicate the number of simultaneous streams
required when opening the association, and if no value is supplied, the
implementation should provide a default, with a suggested value of 16.
If more simultaneous streams are needed, <xref target="RFC6525"/> allows
adding additional (but not removing) streams to an existing association.
There can be up to 65536 SCTP streams per SCTP association in each direction.</t>
</section>
<section title="SCTP Streams">
<t>SCTP defines a stream as an unidirectional logical channel existing within
an SCTP association one to another SCTP endpoint. The streams are used to
provide the notion of in-sequence delivery. Each user message is sent
on a particular stream, either order or unordered. Ordering is preserved only
for all ordered messages sent on the same stream.</t>
</section>
<section title="Channel Definition">
<!--
It is also worth to mention that the relationship between stream numbers
in opposite directions is strictly a matter of how the applications use them.
It is the responsibility of the SCTP user to create and manage these
correlations if they are so desired.</t>-->
<t>The W3C seems to have consensus on defining the application API for
WebRTC dataChannels to be bidirectional. They also consider the notions
of in-sequence, out-of-sequence, reliable and un-reliable as properties
of Channels.</t>
<t>A possible realization of a bidirectional Data Channel is a pair of one
incoming stream and one outcoming SCTP stream.</t>
<t>Closing of a Data Channel
can be signalled resetting the corresponding streams <xref target="RFC6525"/>.
Resetting a stream set the Stream Sequence Numbers (SSNs) of the stream back to
'zero' with a corresponding notification to the application layer
that the reset has been performed. Closed streams are available to reuse.</t>
<t><xref target="RFC6525"/> also guarantees that all the messages are delivered
(or expired) before resetting the stream.</t>
<t>It might be useful to use a specific pair of SCTP streams for transporting control information.</t>
</section>
<section title='Usage of Payload Protocol Identifier'>
<t>The SCTP Payload Protocol Identifiers (PPIDs) can be used to signal the
interpretation of the "Payload data", like a string, ASCII or binary data.</t>
<t>RFC 4960 <xref target="RFC4960"/> creates the registry from which these
identifiers have been assigned. Eventual PPIDs defined within the RTCWeb Context
have to be registered with IANA.</t>
</section>
<!--
<t>TBD not sure if we want discuss here or in the actual protocol draft:
<list style="empty">
<t>the fact that all the control message will be transported on stream 0
and usage of stream "0" as 'control stream' vs using PPID to include the
control information directly in the stream. Reliable, unreliable etc. staff
is something that will be set only on the sending side via PPID.</t>
<t>how to get the out-of-order and loss data for unreliable data from
the stack if the JS API is designed to provide those feedback. -
it is expected to be available for non-reliable channels (Randell)</t>
</list>
</t>
-->
</section>
<section title="Minor Protocol and Message Format"
anchor="sec-mes-format">
<t>A separate draft (draft-jesup-rtcweb-data-protocol) is being
submitted to define the minor protocol to set up and manage the
bidirectional data channels needed to satisify the requirements in this
document for WebRTC.</t>
<t> Masking of the protocol is not needed if the lower layer always encrypts with DTLS.</t>
</section>
<section title="Security Considerations"
anchor="sec-security">
<t>To be done.</t>
</section>
<section title="IANA Considerations"
anchor="sec-IANA">
<t>This document does not require any actions by the IANA.</t>
</section>
<section title="Acknowledgments">
<t>Many thanks for comments, ideas, and text from Cullen Jennings, Eric Rescorla,
Randall Stewart, Justin Uberti, and Harald Alvestrand.</t>
</section>
</middle>
<back>
<references title="Informative References">
<?rfc include="reference.RFC.3758"?>
<?rfc include="reference.RFC.4960"?>
<?rfc include="reference.RFC.5245"?>
<?rfc include="reference.RFC.6083"?>
<?rfc include="reference.RFC.6347"?>
<?rfc include="reference.RFC.6525"?>
<?rfc include="reference.I-D.ietf-rtcweb-security"?>
<?rfc include="reference.I-D.ietf-rtcweb-security-arch"?>
<?rfc include="reference.I-D.ietf-rtcweb-jsep"?>
<?rfc include="reference.I-D.ietf-tsvwg-sctp-udp-encaps"?>
<?rfc include="reference.I-D.tuexen-tsvwg-sctp-dtls-encaps"?>
</references>
</back>
</rfc>
<!-- Change log
Major changes and addition of protocol (to be split out)
-->
| PAFTECH AB 2003-2026 | 2026-04-23 14:21:11 |