One document matched: draft-ietf-rtcweb-data-channel-04.xml
<?xml version='1.0'?>
<?rfc symrefs='yes'?>
<!DOCTYPE rfc SYSTEM 'rfc2629.dtd'>
<?rfc toc='yes' ?>
<?rfc compact='yes' ?>
<?rfc subcompact='no' ?>
<?rfc sortrefs='no' ?>
<?rfc strict='yes' ?>
<rfc category='std'
ipr='trust200902'
docName='draft-ietf-rtcweb-data-channel-04.txt'>
<front>
<title>RTCWeb Data Channels</title>
<author initials='R.' surname='Jesup' fullname='Randell Jesup'>
<organization>Mozilla</organization>
<address>
<postal>
<street></street>
<code></code>
<city></city>
<country>US</country>
</postal>
<email>randell-ietf@jesup.org</email>
</address>
</author>
<author initials='S.' surname='Loreto' fullname='Salvatore Loreto'>
<organization>Ericsson</organization>
<address>
<postal>
<street>Hirsalantie 11</street>
<code>02420</code>
<city>Jorvas</city>
<country>FI</country>
</postal>
<email>salvatore.loreto@ericsson.com</email>
</address>
</author>
<author initials='M.' surname='Tuexen' fullname='Michael Tuexen'>
<organization abbrev='Muenster Univ. of Appl. Sciences'>
Muenster University of Applied Sciences</organization>
<address>
<postal>
<street>Stegerwaldstrasse 39</street>
<code>48565</code>
<city> Steinfurt</city>
<country>DE</country>
</postal>
<email>tuexen@fh-muenster.de</email>
</address>
</author>
<date/>
<abstract>
<t>The Web Real-Time Communication (WebRTC) working group is charged to provide
protocol support for direct interactive rich communication using audio, video,
and data between two peers' web-browsers.
This document specifies the non-media data transport aspects of the WebRTC
framework. It provides an architectural overview of how the Stream Control
Transmission Protocol (SCTP) is used in the WebRTC context as a generic
transport service allowing Web Browser to exchange generic data from peer to
peer.</t>
</abstract>
</front>
<middle>
<section title='Introduction'>
<t>Non-media data types in the context of RTCWeb are handled by using SCTP
<xref target='RFC4960'/> encapsulated in DTLS <xref target='RFC6347'/>.</t>
<figure title='Basic stack diagram'
anchor='fig-stack'
align='center'>
<artwork>
+----------+
| SCTP |
+----------+
| DTLS |
+----------+
| ICE/UDP |
+----------+
</artwork>
</figure>
<t>The encapsulation of SCTP over DTLS
(see <xref target='I-D.ietf-tsvwg-sctp-dtls-encaps'/>) over ICE/UDP
(see <xref target='RFC5245'/>) provides a NAT traversal
solution together with confidentiality, source authentication, and
integrity protected transfers.
This data transport service operates in parallel to the media transports,
and all of them can eventually share a single transport-layer port number.</t>
<t>SCTP as specified in <xref target='RFC4960'/> with the partial reliability
extension defined in <xref target='RFC3758'/> provides multiple streams
natively with reliable, and partially-reliable delivery modes.</t>
<t>The remainder of this document is organized as follows:
<xref target='sec-req'/> and <xref target='sec-use-cases'/> provide requirements
and use cases for both unreliable and reliable peer to peer datagram base channel;
<xref target='sec-p-a-2'/> arguments SCTP over DTLS over UDP;
<xref target='sec-sctp-usage'/> provides an specification of how SCTP should be
used by the RTCWeb protocol framework for transporting non-media data between
browsers.</t>
</section>
<section title='Conventions'>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
in this document are to be interpreted as described in
<xref target='RFC2119'/>.</t>
</section>
<section title='Use Cases'
anchor='sec-use-cases'>
<t>This section defined use cases specific to data channels.
For general use cases see
<xref target='I-D.ietf-rtcweb-use-cases-and-requirements'/>.</t>
<section title='Use Cases for Unreliable Data Channels'
anchor='sec-use-cases-unreliable'>
<t><list style='format U-C %d' counter='UseCases'>
<t>A real-time game where position and object state information is
sent via one or more unreliable data channels.
Note that at any time there may be no media channels, or all media channels
may be inactive, and that there may also be reliable data channels in use.</t>
<t>Providing non-critical information to a user about the reason for a state
update in a video chat or conference, such as Mute state.</t>
</list></t>
</section>
<section title='Use Cases for Reliable Data Channels'
anchor='sec-use-cases-reliable'>
<t><list style='format U-C %d' counter='UseCases'>
<t> A real-time game where critical state information needs to be
transferred, such as control information.
Such a game may have no media channels, or they may be inactive at any
given time, or may only be added due to in-game actions.</t>
<t>Non-realtime file transfers between people chatting.
Note that this may involve a large number of files to transfer sequentially
or in parallel, such as when sharing a folder of images or a directory of files.</t>
<t>Realtime text chat while talking with an individual or with multiple
people in a conference.</t>
<t>Renegotiation of the set of media streams in the PeerConnection.</t>
<t>Proxy browsing, where a browser uses data channels of a PeerConnection
to send and receive HTTP/HTTPS requests and data, for example to avoid local
internet filtering or monitoring.</t>
</list></t>
</section>
</section>
<section title='Requirements'
anchor='sec-req'>
<t>This section lists the requirements for P2P data channels between
two browsers.</t>
<t><list style='format Req. %d'>
<t>Multiple simultaneous data channels MUST be supported.
Note that there may 0 or more media streams in parallel with the data channels,
and the number and state (active/inactive) of the media streams may change at
any time.</t>
<t>Both reliable and unreliable data channels MUST be supported.</t>
<t>Data channels MUST be congestion controlled; either individually,
as a class, or in conjunction with the media streams, to ensure
that data channels don't cause congestion problems for the
media streams, and that the RTCWeb PeerConnection as a whole is
fair with competing traffic such as TCP.</t>
<t>The application SHOULD be able to provide guidance as to the
relative priority of each data channel relative to each other,
and relative to the media streams.
[ TBD: how this is encoded and what the impact of this is. ]
This will interact with the congestion control algorithms.</t>
<t>Data channels MUST be secured; allowing for confidentiality,
integrity and source authentication.
See <xref target='I-D.ietf-rtcweb-security'/> and
<xref target='I-D.ietf-rtcweb-security-arch'/> for detailed info.</t>
<!--<t>Consent and NAT traversal mechanism: These are handled by the
PeerConnection's ICE <xref target='RFC5245'/> connectivity checks and
optional TURN servers.</t>-->
<t>Data channels MUST provide message fragmentation support such that
IP-layer fragmentation can be avoided no matter how large a message the
Javascript application passes to be sent. It also MUST ensure that large
data channel transfers don't unduely delay traffic on other data
channels.</t>
<t>The data channel transport protocol MUST NOT encode local IP addresses
inside its protocol fields; doing so reveals potentially private information,
and leads to failure if the address is depended upon.</t>
<t>The data channel transport protocol SHOULD support unbounded-length "messages"
(i.e., a virtual socket stream) at the application layer, for such things as
image-file-transfer; Implementations might enforce a reasonable message size
limit.</t>
<!-- FIXME: Why this limit? Is it enough?-->
<!-- FIXME: If there is a limit, does this need to be exposed to the other
side and application so it can adapt (and application-layer-fragment if
need be)? Or do we want to provide a partial-delivery option to help
remove memory limitations on message size? -->
<!-- Mooted by running over DTLS:
<t>The data channel packet format/encoding MUST be such
that it is impossible for a malicious Javascript to generate an
application message crafted such that it could be interpreted as a native
protocol over UDP - such as UPnP, RTP, SNMP, STUN, etc.</t> -->
<t>The data channel transport protocol SHOULD avoid IP fragmentation. It
MUST support PMTU discovery and MUST NOT rely on ICMP or ICMPv6
being generated or being passed back, especially for PMTU discovery.</t>
<t>It MUST be possible to implement the protocol stack in the user
application space.</t>
</list></t>
</section>
<section title='SCTP over DTLS over UDP Considerations'
anchor='sec-p-a-2'>
<t>The important features of SCTP in the RTCWeb context are:
<list style='symbols'>
<t>TCP-friendly congestion control.</t>
<t>The congestion control is modifiable for integration with media stream congestion control.</t>
<t>Support for multiple channels with different characteristics.</t>
<t>Support for out-of-order delivery.</t>
<t>Support for large datagrams and PMTU-discovery and fragmentation.</t>
<t>Reliable or partial reliability support.</t>
<t>Support of multiple streams.</t>
</list></t>
<t>SCTP multihoming will not be used in RTCWeb.
The SCTP layer will simply act as if it were running on a single-homed host,
since that is the abstraction that the lower layer (a connection oriented,
unreliable datagram service) exposes.</t>
<t>The encapsulation of SCTP over DTLS defined in
<xref target='I-D.ietf-tsvwg-sctp-dtls-encaps'/> provides confidentiality,
source authenticated, and integrity protected transfers. Using DTLS
over UDP in combination with ICE enables NAT traversal in IPv4 based networks.
SCTP as specified in <xref target='RFC4960'/> MUST be used in
combination with the extension defined in <xref target='RFC3758'/> and
provides the following interesting features for transporting non-media
data between browsers:
<list style='symbols'>
<t>Support of multiple unidirectional streams.</t>
<t>Ordered and unordered delivery of user messages.</t>
<t>Reliable and partial-reliable transport of user messages.</t>
</list></t>
<t>Each SCTP user message contains a so called Payload Protocol
Identifier (PPID) that is passed to SCTP by its upper layer and sent to its peer.
This value can be used to multiplex multiple protocols
over a single SCTP association. The sender provides for each protocol a
specific PPID and the receiver can demultiplex the messages based on the
received PPID.</t>
<!--
<t>Moreover SCTP provides the possibility to transport different "protocols"
over multiple streams and associations using the PPID
(Payload Protocol Identifier).
An application can set a different PPID with each send call.
This allows the receiving application to look at this information
(as well as the stream id/seq) on receiving to know what type of protocol
the data payload has.</t>
-->
<t>The encapsulation of SCTP over DTLS, together with the SCTP features listed
above satisfies all the requirements listed in <xref target='sec-req'/>.</t>
<!--
<t>There are SCTP implementations for most Operating Systems in wide use:</t>
<t>
<list style='empty'>
<t>Linux (mainline kernel 2.6.36)</t>
<t>FreeBSD (release kernel 8.2)</t>
<t>Mac OS X</t>
<t>Windows (SctpDrv4)</t>
<t>Solaris (OpenSolaris 2009.06)</t>
<t>and a user-land SCTP implementation (based on the FreeBSD implementation).</t>
</list>
</t>
<section title='User Space versus Kernel Implementation'
anchor='sec-sctp-1'>
<t>Even though kernel implementations of SCTP are already available for most
platforms (see <xref target='sec-p-a-2'/> ), there are compelling reasons for
using an SCTP stack that works well in user land.</t>
<t>The main reason is deployability.</t>
<t>Web browsers supporting WebRTC are expected to run on a wide range of old
and new operating systems. They support operating systems 10 years old or more,
they run on mobile and desktop operating systems,
and they are highly portable to new operating systems.
This is achieved by having a fairly narrow portability layer to minimize
what needs to be supported on old operating systems and ported to new ones.
This creates a need to implement as much functionality as possible
inside the application instead of relying on the operating system.</t>
<t>As a user-land implementation of SCTP is available, this meets
requirement 12.</t>
</section>
-->
<t>The layering of protocols for WebRTC is shown in the following
<xref target='fig-sctp-layering'/>.</t>
<figure title='WebRTC protocol layers'
anchor='fig-sctp-layering'
align='center'>
<artwork>
+------+
|RTCWEB|
| DATA |
+------+
| SCTP |
+--------------------+
| STUN | SRTP | DTLS |
+--------------------+
| ICE |
+--------------------+
| UDP1 | UDP2 | ... |
+--------------------+
</artwork>
</figure>
<t>This stack (especially in contrast to DTLS over SCTP <xref target='RFC6083'/>
in combination with SCTP over UDP <xref target='I-D.ietf-tsvwg-sctp-udp-encaps'/>)
has been chosen because it
<list style='symbols'>
<t>supports the transmission of arbitrary large user messages.</t>
<t>shares the DTLS connection with the media channels.</t>
<t>provides privacy for the SCTP control information.</t>
</list></t>
<t>Considering the protocol stack of <xref target='fig-sctp-layering'/> the
usage of DTLS over UDP is specified in <xref target='RFC6347'/>, while the
usage of SCTP on top of DTLS is specified in
<xref target='I-D.ietf-tsvwg-sctp-dtls-encaps'/>.</t>
<t>Since DTLS is typically implemented in user-land, the SCTP stack also
needs to be a user-land stack.</t>
<t>When using DTLS as the lower layer, only single homed SCTP associations
MUST be used, since DTLS does not expose any address management to its upper
layer.
The ICE/UDP layer can handle IP address changes during a session without needing
to notify the DTLS and SCTP layers, though it would be advantageous to retest
path MTU on an IP address change.</t>
<t>DTLS implementations used for this stack SHOULD support controlling fields of
the IP layer like the Don't fragment (DF)-bit in case of IPv4 and the
Differentiated Services Code Point (DSCP) field required for supporting
<xref target='I-D.ietf-rtcweb-qos'/>.
Being able to set the (DF)-bit in case of IPv4 is required for performing
path MTU discovery. The DTLS implementation SHOULD also support sending
user messages exceeding the path MTU.</t>
<t>Incoming ICMP or ICMPv6 messages can't be processed by
the SCTP layer, since there is no way to identify the corresponding
association. Therefore SCTP MUST support performing Path MTU discovery
without relying on ICMP or ICMPv6 as specified in <xref target='RFC4821'/>
using probing messages specified in <xref target='RFC4820'/>.
The initial Path MTU MUST NOT exceed 1280 [ *** need justification ***] bytes
until measured otherwise.</t>
<!-- MT: Why? Shouldn't SCTP just do PMTU discovery? -->
<!-- MT: 1280 is the minimum PMTU for IPv6. However, we need to take
any IPv6 optional headers, the UDP header (8 bytes) and the DTLS
overhead (it depends on the choosen cipher suite) into account.
Same for UPv4. -->
<t>In general, the lower layer interface of an SCTP implementation SHOULD be
adapted to address the differences between IPv4 or IPv6 (being connection-less)
or DTLS (being connection-oriented).</t>
<t>When protocol stack of <xref target='fig-sctp-layering'/> is used, DTLS
protects the complete SCTP packet, so it provides confidentiality, integrity and
source authentication of the complete SCTP packet.</t>
<t>This protocol stack MUST support the usage of multiple SCTP streams.
A user message can be sent ordered or unordered and with partial or full
reliability.
The partial reliability extension MUST support policies to limit
<list style='symbols'>
<t>the transmission and retransmission by time.</t>
<t>the number of retransmissions.</t>
</list>
Limiting the number of retransmissions to zero combined with unordered delivery
provides a UDP-like service where each user message is sent exactly once
and delivered in the order received.</t>
<t>SCTP provides congestion control on a per-association base. This means
that all SCTP streams within a single SCTP association share the same
congestion window. Traffic not being sent over SCTP is not covered by
the SCTP congestion control. Due to the typical parallel SRTP media
streams, a delay-sensitive congestion control algorithm MUST be supported
and the congestion control MAY be coordinated between the
data channels and the media streams to avoid a data channel transfer
ending up with most or all the channel bandwidth.</t>
<!-- FIXME: We need to be more specific here... -->
<t>Since SCTP does not support the negotiation of a congestion control algorithm,
the algorithm either MUST be negotiated before establishment of the
SCTP association or MUST NOT require any negotiation because it only requires
sender side behavior using existing information carried in the association.</t>
</section>
<section title='The Usage of SCTP in the RTCWeb Context'
anchor='sec-sctp-usage'>
<section title='Association Setup'
anchor='sec-sctp-setup'>
<t>The SCTP association will be set up when the two endpoints of the WebRTC
PeerConnection agree on opening it, as negotiated by JSEP (typically an
exchange of SDP) <xref target='I-D.ietf-rtcweb-jsep'/>. Additionally,
the negotiation SHOULD include some type of congestion control selection.
It will use the DTLS connection selected via SDP; typically this will be
shared via BUNDLE or equivalent with DTLS connections used to key the
DTLS-SRTP media streams.</t>
<!-- FIXME: Negotiation of CC. -->
<!-- FIXME: Bundle Issue. -->
<t>The application SHOULD indicate the initial number of streams
required when opening the association, and if no value is supplied, the
implementation SHOULD provide an appropriate default.
If more simultaneous streams are needed, <xref target='RFC6525'/> allows
adding additional (but not removing) streams to an existing association.
Note there can be up to 65536 SCTP streams per SCTP association in each
direction.</t>
</section>
<section title='SCTP Streams'>
<t>SCTP defines a stream as an unidirectional logical channel existing within
an SCTP association one to another SCTP endpoint. The streams are used to
provide the notion of in-sequence delivery and for multiplexing.
Each user message is sent on a particular stream, either order or unordered.
Ordering is preserved only for ordered messages sent on the same stream.</t>
</section>
<section title='Channel Definition'>
<t>The W3C has consensus on defining the application API for WebRTC dataChannels
to be bidirectional. They also consider the notions of in-sequence,
out-of-sequence, reliable and un-reliable as properties of Channels. One strong
wish is for the application-level API to be close to the API for WebSockets,
which implies bidirectional streams of data and waiting for onopen to fire
before sending, a textual label used to identify the meaning of the stream,
among other things.</t>
<t>The realization of a bidirectional Data Channel is a pair of one
incoming stream and one outgoing SCTP stream.</t>
<t>The simple protocol specified in <xref target='I-D.jesup-rtcweb-data-protocol'/>
MUST be used to set up and manage the bidirectional data channels.</t>
<t>Note that there's no requirement for the SCTP streams used to create
a bidirectional channel have the same number in each direction.
How stream values are selected is protocol and implementation dependent.</t>
<t>Closing of a Data Channel MUST be signaled by resetting the corresponding
streams <xref target='RFC6525'/>.
Resetting a stream set the Stream Sequence Numbers (SSNs) of the stream back to
'zero' with a corresponding notification to the application layer
that the reset has been performed. Streams are available to reuse after a reset
has been performed.</t>
<t><xref target='RFC6525'/> also guarantees that all the messages are delivered
(or expired) before resetting the stream.</t>
<!--
<t>It might be useful to use a specific pair of SCTP streams for
transporting control information.</t>
-->
</section>
<section title='Usage of Payload Protocol Identifier'>
<t>The SCTP Payload Protocol Identifiers (PPIDs) can be used to signal the
interpretation of the "Payload data", like the protocol specified in
<xref target='I-D.jesup-rtcweb-data-protocol'/> uses them to identify
a Javascript string,
a Javascript binary data (ArrayBuffer or Blob) and to provide fragmentation
support for large messages that may cause the message to monopolize the
SCTP association.</t>
</section>
<!--
<t>TBD not sure if we want discuss here or in the actual protocol draft:
<list style='empty'>
<t>the fact that all the control message will be transported on stream 0
and usage of stream "0" as 'control stream' vs using PPID to include the
control information directly in the stream. Reliable, unreliable etc. staff
is something that will be set only on the sending side via PPID.</t>
<t>how to get the out-of-order and loss data for unreliable data from
the stack if the JS API is designed to provide those feedback. -
it is expected to be available for non-reliable channels (Randell)</t>
</list>
</t>
-->
</section>
<!--
<section title='Minor Protocol and Message Format'
anchor='sec-mes-format'>
<t>A separate draft (draft-jesup-rtcweb-data-protocol) proposes
the minor protocol to set up and manage the bidirectional data channels
needed to satisfy the requirements in this document for WebRTC.</t>
<t> Masking of the protocol is not needed if the lower layer always encrypts
with DTLS.</t>
</section>
-->
<section title='Security Considerations'
anchor='sec-security'>
<t>This document does not add any additional considerations to the ones given in
<xref target='I-D.ietf-rtcweb-security'/> and
<xref target='I-D.ietf-rtcweb-security-arch'/>.</t>
</section>
<section title='IANA Considerations'
anchor='sec-IANA'>
<t>This document does not require any actions by the IANA.</t>
</section>
<section title='Acknowledgments'>
<t>Many thanks for comments, ideas, and text from
Harald Alvestrand,
Adam Bergkvist,
Cullen Jennings,
Eric Rescorla,
Randall Stewart,
Justin Uberti,
and Magnus Westerlund.</t>
</section>
</middle>
<back>
<references title='Normative References'>
<?rfc include='reference.RFC.2119' ?>
<?rfc include='reference.RFC.3758'?>
<?rfc include='reference.RFC.4820'?>
<?rfc include='reference.RFC.4821'?>
<?rfc include='reference.RFC.4960'?>
<?rfc include='reference.RFC.5245'?>
<?rfc include='reference.RFC.6347'?>
<?rfc include='reference.RFC.6525'?>
<?rfc include='reference.I-D.jesup-rtcweb-data-protocol'?>
<?rfc include='reference.I-D.ietf-tsvwg-sctp-dtls-encaps'?>
<?rfc include='reference.I-D.ietf-rtcweb-security'?>
<?rfc include='reference.I-D.ietf-rtcweb-security-arch'?>
<?rfc include='reference.I-D.ietf-rtcweb-jsep'?>
<?rfc include='reference.I-D.ietf-rtcweb-qos'?>
</references>
<references title='Informative References'>
<?rfc include='reference.RFC.6083'?>
<?rfc include='reference.I-D.ietf-rtcweb-use-cases-and-requirements'?>
<?rfc include='reference.I-D.ietf-tsvwg-sctp-udp-encaps'?>
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 19:29:48 |