One document matched: draft-ietf-rtcweb-data-channel-01.xml
<?xml version="1.0"?>
<?rfc symrefs="yes"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes" ?>
<?rfc compact="yes" ?>
<?rfc subcompact="no" ?>
<?rfc sortrefs="no" ?>
<?rfc strict="yes" ?>
<rfc ipr="trust200902"
docName="draft-ietf-rtcweb-data-channel-01.txt" category='info'>
<front>
<title abbrev="data P2P in RTCWEB">
RTCWeb Datagram Connection
</title>
<author initials="R." surname="Jesup" fullname="Randell Jesup">
<organization>Mozilla</organization>
<address>
<postal>
<street></street>
<code></code>
<city></city>
<country>USA</country>
</postal>
<email>randell-ietf@jesup.org</email>
</address>
</author>
<author initials="S." surname="Loreto" fullname="Salvatore Loreto">
<organization>Ericsson</organization>
<address>
<postal>
<street>Hirsalantie 11</street>
<code>02420</code>
<city>Jorvas</city>
<country>Finland</country>
</postal>
<email>salvatore.loreto@ericsson.com</email>
</address>
</author>
<author initials="M." surname="Tuexen" fullname="Michael Tuexen">
<organization abbrev='Muenster Univ. of Appl. Sciences'>
Muenster University of Applied Sciences</organization>
<address>
<postal>
<street>Stegerwaldstrasse 39</street>
<code>48565</code>
<city> Steinfurt</city>
<country>Germany</country>
</postal>
<email>tuexen@fh-muenster.de</email>
</address>
</author>
<date/>
<area>RAI</area>
<workgroup>RTCWeb Working Group</workgroup>
<abstract>
<t>The Web Real-Time Communication (WebRTC) working group is charged to provide
protocol support for direct interactive rich communication using audio, video,
and data between two peers' web-browsers.
This document describes the non-media data transport aspects of the WebRTC framework.
It provides an architectural overview of how the Stream Control Transmission Protocol (SCTP) is used in
the WebRTC context as a generic transport service allowing Web Browser to exchange generic data from peer to peer.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>The issue of how best to handle non-media data types in the context of RTCWEB has reached a general consensus
on the usage of SCTP <xref target="RFC4960"/> encapsulated on DTLS <xref target="RFC6347"/>:</t>
<figure title="Basic stack diagram"
anchor="fig-stack">
<artwork>
+----------+
| SCTP |
+----------+
| DTLS |
+----------+
| ICE/UDP |
+----------+
</artwork>
</figure>
<t>The encapsulation of SCTP over DTLS over ICE/UDP provides a NAT traversal solution together with
confidentiality, source authenticated, integrity protected transfers. This data transport service operates in parallel to the media transports, and all of them can eventually share a single transport-layer port number.</t>
<t>SCTP provides multiple streams natively with reliable, unreliable and partially-reliable delivery modes.</t>
<t>The remainder of this document is organized as follows: <xref target='sec-req'/> and <xref target='sec-use-cases'/>
provide requirements and use cases for both unreliable and reliable peer to peer datagram base channel;
<xref target='sec-p-a-2'/> arguments SCTP over DTLS over UDP; <xref target='sec-sctp-usage'/> provides an overview of how SCTP should be used by the RTCWeb protocol framework for transporting non-media data between browsers.</t>
</section>
<section title="Requirements"
anchor="sec-req">
<t>
This section lists the requirements for P2P data connections between two browsers.
</t>
<t>
<list style='format Req. %d'>
<t>Multiple simultaneous datagram streams must be supported.
Note that there may 0 or more media streams in parallel with the data streams,
and the number and state (active/inactive) of the media streams may change at
any time.</t>
<t>Both reliable and unreliable datagram streams must be supported.</t>
<t>Data streams must be congestion controlled; either individually,
as a class, or in conjunction with the media streams, to ensure
that datagram exchanges don't cause congestion problems for the
media streams, and that the rtcweb PeerConnection as a whole is
fair with competing streams such as TCP.</t>
<t>The application should be able to provide guidance as to the
relative priority of each datagram stream relative to each other,
and relative to the media streams. [ TBD: how this is encoded and
what the impact of this is. ] This will interact with the
congestion control algorithms.</t>
<t>Datagram streams must be encrypted; allowing for confidentiality,
integrity and source authentication.
See <xref target="I-D.ietf-rtcweb-security"/> and
<xref target="I-D.ietf-rtcweb-security-arch"/> for detailed info.</t>
<t>Consent and NAT traversal mechanism: These are handled by the
PeerConnection's ICE <xref target="RFC5245"/> connectivity checks and
optional TURN servers.</t>
<t>Data streams must provide message fragmentation support such that
IP-layer fragmentation does not occur no matter how large a message
the Javascript application passes to be sent.</t>
<t>The data stream transport protocol must not encode local IP addresses
inside its protocol fields; doing so reveals potentially private information,
and leads to failure if the address is depended upon.</t>
<t>The data stream protocol should support unbounded-length "messages"
(i.e., a virtual socket stream) at the application layer, for such things as
image-file-transfer; or else it must support at least a maximum
application-layer message size of 2GB.</t>
<t>The data stream packet format/encoding must be such
that it is impossible for a malicious Javascript to generate an
application message crafted such that it could be interpreted as a native
protocol over UDP - such as UPnP, RTP, SNMP, STUN, etc.</t>
<t>The data stream transport protocol must start with the assumption
of a PMTU of 1280 [ *** need justification ***] bytes until measured
otherwise.</t>
<!-- MT: Why? Shouldn't SCTP just do PMTU discovery? -->
<!-- MT: 1280 is the minimum PMTU for IPv6. However, we need to take
any IPv6 optional headers, the UDP header (8 bytes) and the DTLS
overhead (it depends on the choosen cipher suite) into account.
Same for UPv4. -->
<t>The data stream transport protocol must not rely on ICMP or ICMPv6
being generated or being passed back, such as for PMTU discovery.</t>
<t>It must be possible to implement the protocol stack in the user
application space.</t>
</list>
</t>
</section>
<section title="Use Cases"
anchor="sec-use-cases">
<section title="Use Cases for Unreliable Datagram Based Channels"
anchor="sec-use-cases-unreliable">
<t>
<list style='format U-C %d' counter='UseCases'>
<t>A real-time game where position and object state information is
sent via one or more unreliable data channels.
Note that at any time there may be no media channels, or all media channels
may be inactive, and that there may also be reliable data channels in use.</t>
<t>Non-critical state updates about a user in a video chat or
conference, such as Mute state.</t>
</list>
</t>
</section>
<section title="Use Cases for Reliable Channels (Datagram or Stream Based)"
anchor="sec-use-cases-reliable">
<t>Note that either reliable datagrams or streams are possible;
reliable streams would be fairly simple to layer on top of SCTP reliable
datagrams with in-order delivery.</t>
<t>
<list style='format U-C %d' counter='UseCases'>
<t> A real-time game where critical state information needs to be
transferred, such as control information. Typically this would be datagrams.
Such a game may have no media channels, or they may be inactive at any
given time, or may only be added due to in-game actions.</t>
<t>Non-realtime file transfers between people chatting.
This could be datagrams or streaming. Note that this may involve a large
number of files to transfer sequentially or in parallel, such as when
sharing a folder of images or a directory of files.</t>
<t>Realtime text chat while talking with an individual or with multiple
people in a conference. Typically this would be datagrams.</t>
<t>Renegotiation of the set of media streams in the PeerConnection.
Typically this would be datagrams.</t>
<t>Proxy browsing, where a browser uses data channels of a PeerConnection
to send and receive HTTP/HTTPS requests and data, for example to avoid local
internet filtering or monitoring. Typically this would be streams.</t>
</list>
</t>
</section>
</section>
<section title="Datagrams over SCTP over DTLS over UDP"
anchor="sec-p-a-2">
<t>The encapsulation of SCTP over DTLS as defined in
<xref target="I-D.tuexen-tsvwg-sctp-dtls-encaps"/> provides a NAT traversal solution
together with confidentiality, source authenticated, integrity protected transfers.
SCTP provides also natively several interesting features for transporting
non-media data between browsers:</t>
<t><list style="symbols">
<t>Support of multiple streams.</t>
<t>Ordered and unordered delivery of user messages.</t>
<t>Reliable and partial-reliable transport of user messages.</t>
</list></t>
<t>Each SCTP user message contains a so called Payload Protocol Identifier (PPID)
that is passed to SCTP by its upper layer and sent to its peer.
This value represents an application (or upper layer) specified
protocol identifier and be used to transport multiple protocols
over a single SCTP association. The sender provides for each protocol a
specific PPID and the receiver demultiplexes the messages based on the
received PPID.</t>
<t>The encapsulation of SCTP over DTLS,
together with the SCTP features listed above satisfies all the requirements listed in in
<xref target='sec-req'/>.</t>
<t>The layering of protocols for WebRTC is shown in the following
<xref target='fig-sctp-layering'/>.</t>
<figure title='WebRTC protocol layers'
anchor='fig-sctp-layering'>
<artwork>
+------+
|RTCWEB|
| DATA |
+------+
| SCTP |
+--------------------+
| STUN | SRTP | DTLS |
+--------------------+
| ICE |
+--------------------+
| UDP1 | UDP2 | ... |
+--------------------+
</artwork>
</figure>
<t>This stack (especially in contrast to DTLS over SCTP <xref target="RFC6083"/>) has been chosen
because it</t>
<t><list style='symbols'>
<t>supports the transmission of arbitrary large user messages.</t>
<t>shares the DTLS connection with the media channels.</t>
<t>provides privacy for the SCTP control information.</t>
</list></t>
<t>Considering the protocol stack of <xref target='fig-sctp-layering'/> the usage of DTLS over UDP is specified in
<xref target='RFC6347'/>, while the usage of SCTP on top of DTLS is specified in
<xref target='I-D.tuexen-tsvwg-sctp-dtls-encaps'/>.</t>
<t>Since DTLS is typically implemented in user-land, an SCTP user-land
implementation must also be used.</t>
<t>When using DTLS as the lower layer, only single homed SCTP
associations can be used, since DTLS does not expose any address management
to its upper layer. The ICE/UDP layer can handle IP address changes during a
session without needing to notify the DTLS and SCTP layers, though it would
be advantageous to retest path MTU on an IP address change.</t>
<t>DTLS implementations used for this stack must support
controlling fields of the IP layer like the Don't fragment (DF)-bit in case of IPv4 and the
Differentiated Services Code Point (DSCP) field. This is required for performing path MTU discovery.
The DTLS implementation must also support sending user messages exceeding
the path MTU.</t>
<t>When supporting multiple SCTP associations over a single DTLS
connection, incoming ICMP or ICMPv6 messages can't be processed by the SCTP
layer, since there is no way to identify the corresponding association.
Therefore the number of SCTP associations should be limited to one or ICMP and
ICMPv6 messages should be ignored.
In general, the lower layer interface of an SCTP implementation has to be
adapted to address the differences between IPv4 or IPv6 (being connection-less)
or DTLS (being connection-oriented).</t>
<t>When protocol stack of <xref target='fig-sctp-layering'/> is used,
DTLS protects the complete SCTP packet, so it
provides confidentiality, integrity and source authentication
of the complete SCTP packet.</t>
<t>This protocol stack supports the usage of multiple SCTP streams. A
user message can be sent ordered or unordered and, if the SCTP
implementations support <xref target='RFC3758'/>, with partial
reliability. When using partial reliability, it might make sense to
use a policy limiting the number of retransmissions by time or
number. Limiting the number of retransmissions to zero provides a
UDP-like service where each user message is sent exactly once.</t>
<t>SCTP provides congestion control on a per-association base. This
means that all SCTP streams within a single SCTP association share the
same congestion window. Traffic not being sent over SCTP is not
covered by the SCTP congestion control. Due to the typical parallel
SRTP media streams, it will be advantageous to select a
delay-sensitive congestion control algorithm or to at least coordinate
congestion control between the data channels and the media streams to
avoid a data channel transfer ending up with most or all the channel
bandwidth. Since SCTP does not have an internal negotiaton mechanism
for selecting a congestion control algorithm, the algorithm should be
negotiated before establishment of the SCTP associaton.</t>
</section>
<section title="The Envisioned Usage of SCTP in the RTCWeb Context"
anchor="sec-sctp-usage">
<t>The appealing features of SCTP in the RTCWeb context are:</t>
<t><list style="symbols">
<t>TCP-friendly congestion control.</t>
<t>The congestion control is modifiable for integration with media stream congestion control.</t>
<t>Support for multiple channels with different characteristics.</t>
<t>Support for out-of-order delivery.</t>
<t>Support for large datagrams and PMTU-discovery and fragmentation.</t>
<t>Reliable or partial reliability support.</t>
<t>Support of multiple streams.</t>
</list></t>
<t>Multihoming will not be used in this scenario.
The SCTP layer would simply act as if it were running on a single-homed host,
since that is the abstraction that the lower layer (a connection oriented,
unreliable datagram service) would expose.</t>
<section title="Association Setup"
anchor="sec-sctp-setup">
<t>The SCTP association would be set up when the two endpoints of the
WebRTC PeerConnection agree on opening it, as negotiated by JSEP
(typically an exchange of SDP) <xref target='I-D.ietf-rtcweb-jsep'/>.
Additionally, the negotiation should include some type of congestion
control selection. It would use the DTLS connection created at the
start of the PeerConnection connection.</t>
<t>The application should indicate the number of simultaneous streams
required when opening the association, and if no value is supplied, the
implementation should provide a default, with a suggested value of 16.
If more simultaneous streams are needed, <xref target="RFC6525"/> allows
adding additional (but not removing) streams to an existing association.
There can be up to 65535 SCTP streams per SCTP association in each direction.</t>
</section>
<section title="SCTP Streams">
<t>SCTP defines a stream as an unidirectional logical channel existing within
an SCTP association one to another SCTP endpoint. The streams are used to
provide the notion of in-sequence delivery. Each user message is sent
on a particular stream, either order or unordered. Ordering is preserved only
for all ordered messages sent on the same stream.</t>
</section>
<section title="Channel Definition">
<t>The W3C has consensus on defining the application API for WebRTC
dataChannels to be bidirectional. They also consider the notions of
in-sequence, out-of-sequence, reliable and un-reliable as properties
of Channels. One strong wish is for the application-level API to be
close to the API for WebSockets, which implies bidirectional streams
of data and waiting for onopen to fire before sending, a textual label
used to identify the meaning of the stream, among other things.</t>
<t>A possible realization of a bidirectional Data Channel is a pair of one
incoming stream and one outcoming SCTP stream.</t>
<t>Note that there's no requirement for the SCTP streams used to
create a bidirectional channel have the same number in each direction.
How stream values are selected and used to provide this functionality
is up to the protocol.</t>
<t>Closing of a Data Channel
can be signalled resetting the corresponding streams <xref target="RFC6525"/>.
Resetting a stream set the Stream Sequence Numbers (SSNs) of the stream back to
'zero' with a corresponding notification to the application layer
that the reset has been performed. Closed streams are available to reuse.</t>
<t><xref target="RFC6525"/> also guarantees that all the messages are delivered
(or expired) before resetting the stream.</t>
</section>
<section title='Usage of Payload Protocol Identifier'>
<t>The SCTP Payload Protocol Identifiers (PPIDs) can be used to signal the
interpretation of the "Payload data", like a string, ASCII or binary data.</t>
<t>RFC 4960 <xref target="RFC4960"/> creates the registry from which these
identifiers have been assigned. Eventual PPIDs defined within the RTCWeb Context
have to be registered with IANA.</t>
</section>
</section>
<section title="Minor Protocol and Message Format"
anchor="sec-mes-format">
<t>A separate draft (draft-jesup-rtcweb-data-protocol) proposes the
minor protocol to set up and manage the bidirectional data channels
needed to satisify the requirements in this document for WebRTC.</t>
<t> Masking of the protocol is not needed if the lower layer always encrypts with DTLS.</t>
</section>
<section title="Security Considerations"
anchor="sec-security">
<t>To be done.</t>
</section>
<section title="IANA Considerations"
anchor="sec-IANA">
<t>This document does not require any actions by the IANA.</t>
</section>
<section title="Acknowledgments">
<t>Many thanks for comments, ideas, and text from Cullen Jennings, Eric Rescorla,
Randall Stewart, Justin Uberti, Adam Bergkvist and Harald Alvestrand.</t>
</section>
</middle>
<back>
<references title="Informative References">
<?rfc include="reference.RFC.3758"?>
<?rfc include="reference.RFC.4960"?>
<?rfc include="reference.RFC.5245"?>
<?rfc include="reference.RFC.6083"?>
<?rfc include="reference.RFC.6347"?>
<?rfc include="reference.RFC.6525"?>
<?rfc include="reference.I-D.ietf-rtcweb-security"?>
<?rfc include="reference.I-D.ietf-rtcweb-security-arch"?>
<?rfc include="reference.I-D.ietf-rtcweb-jsep"?>
<?rfc include="reference.I-D.ietf-tsvwg-sctp-udp-encaps"?>
<?rfc include="reference.I-D.tuexen-tsvwg-sctp-dtls-encaps"?>
</references>
</back>
</rfc>
<!-- Change log
Major changes and addition of protocol (to be split out)
-->
| PAFTECH AB 2003-2026 | 2026-04-23 19:29:53 |