idnits 2.17.00 (12 Aug 2021) /tmp/idnits32503/draft-ietf-mmusic-ice-sip-sdp-39.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 9 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 13, 2019) is 1005 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 4566 (Obsoleted by RFC 8866) ** Obsolete normative reference: RFC 6336 (Obsoleted by RFC 8839) -- Obsolete informational reference (is this intentional?): RFC 5245 (Obsoleted by RFC 8445, RFC 8839) Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MMUSIC M. Petit-Huguenin 3 Internet-Draft Impedance Mismatch 4 Obsoletes: 5245 (if approved) S. Nandakumar 5 Intended status: Standards Track Cisco Systems 6 Expires: February 14, 2020 C. Holmberg 7 A. Keranen 8 Ericsson 9 R. Shpount 10 TurboBridge 11 August 13, 2019 13 Session Description Protocol (SDP) Offer/Answer procedures for 14 Interactive Connectivity Establishment (ICE) 15 draft-ietf-mmusic-ice-sip-sdp-39 17 Abstract 19 This document describes Session Description Protocol (SDP) Offer/ 20 Answer procedures for carrying out Interactive Connectivity 21 Establishment (ICE) between the agents. 23 This document obsoletes RFC 5245. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on February 14, 2020. 42 Copyright Notice 44 Copyright (c) 2019 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 This document may contain material from IETF Documents or IETF 58 Contributions published or made publicly available before November 59 10, 2008. The person(s) controlling the copyright in some of this 60 material may not have granted the IETF Trust the right to allow 61 modifications of such material outside the IETF Standards Process. 62 Without obtaining an adequate license from the person(s) controlling 63 the copyright in such materials, this document may not be modified 64 outside the IETF Standards Process, and derivative works of it may 65 not be created outside the IETF Standards Process, except to format 66 it for publication as an RFC or to translate it into languages other 67 than English. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 73 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 74 4. SDP Offer/Answer Procedures . . . . . . . . . . . . . . . . . 4 75 4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 4 76 4.2. Generic Procedures . . . . . . . . . . . . . . . . . . . 5 77 4.2.1. Encoding . . . . . . . . . . . . . . . . . . . . . . 5 78 4.2.2. RTP/RTCP Considerations . . . . . . . . . . . . . . . 6 79 4.2.3. Determining Role . . . . . . . . . . . . . . . . . . 6 80 4.2.4. STUN Considerations . . . . . . . . . . . . . . . . . 6 81 4.2.5. Verifying ICE Support Procedures . . . . . . . . . . 7 82 4.2.6. SDP Example . . . . . . . . . . . . . . . . . . . . . 8 83 4.3. Initial Offer/Answer Exchange . . . . . . . . . . . . . . 8 84 4.3.1. Sending the Initial Offer . . . . . . . . . . . . . . 8 85 4.3.2. Sending the Initial Answer . . . . . . . . . . . . . 9 86 4.3.3. Receiving the Initial Answer . . . . . . . . . . . . 10 87 4.3.4. Concluding ICE . . . . . . . . . . . . . . . . . . . 10 88 4.4. Subsequent Offer/Answer Exchanges . . . . . . . . . . . . 11 89 4.4.1. Sending Subsequent Offer . . . . . . . . . . . . . . 11 90 4.4.2. Sending Subsequent Answer . . . . . . . . . . . . . . 14 91 4.4.3. Receiving Answer for a Subsequent Offer . . . . . . . 16 92 5. Grammar . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 93 5.1. "candidate" Attribute . . . . . . . . . . . . . . . . . . 18 94 5.2. "remote-candidates" Attribute . . . . . . . . . . . . . . 20 95 5.3. "ice-lite" and "ice-mismatch" Attributes . . . . . . . . 21 96 5.4. "ice-ufrag" and "ice-pwd" Attributes . . . . . . . . . . 21 97 5.5. "ice-pacing" Attribute . . . . . . . . . . . . . . . . . 22 98 5.6. "ice-options" Attribute . . . . . . . . . . . . . . . . . 22 99 6. Keepalives . . . . . . . . . . . . . . . . . . . . . . . . . 23 100 7. SIP Considerations . . . . . . . . . . . . . . . . . . . . . 23 101 7.1. Latency Guidelines . . . . . . . . . . . . . . . . . . . 23 102 7.1.1. Offer in INVITE . . . . . . . . . . . . . . . . . . . 24 103 7.1.2. Offer in Response . . . . . . . . . . . . . . . . . . 25 104 7.2. SIP Option Tags and Media Feature Tags . . . . . . . . . 25 105 7.3. Interactions with Forking . . . . . . . . . . . . . . . . 25 106 7.4. Interactions with Preconditions . . . . . . . . . . . . . 25 107 7.5. Interactions with Third Party Call Control . . . . . . . 26 108 8. Interactions with Application Layer Gateways and SIP . . . . 26 109 9. Security Considerations . . . . . . . . . . . . . . . . . . . 27 110 9.1. IP Address Privacy . . . . . . . . . . . . . . . . . . . 28 111 9.2. Attacks on the Offer/Answer Exchanges . . . . . . . . . . 28 112 9.3. The Voice Hammer Attack . . . . . . . . . . . . . . . . . 28 113 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29 114 10.1. SDP Attributes . . . . . . . . . . . . . . . . . . . . . 29 115 10.1.1. candidate Attribute . . . . . . . . . . . . . . . . 29 116 10.1.2. remote-candidates Attribute . . . . . . . . . . . . 29 117 10.1.3. ice-lite Attribute . . . . . . . . . . . . . . . . . 30 118 10.1.4. ice-mismatch Attribute . . . . . . . . . . . . . . . 30 119 10.1.5. ice-pwd Attribute . . . . . . . . . . . . . . . . . 31 120 10.1.6. ice-ufrag Attribute . . . . . . . . . . . . . . . . 31 121 10.1.7. ice-options Attribute . . . . . . . . . . . . . . . 32 122 10.1.8. ice-pacing Attribute . . . . . . . . . . . . . . . . 32 123 10.2. Interactive Connectivity Establishment (ICE) Options 124 Registry . . . . . . . . . . . . . . . . . . . . . . . . 33 125 10.3. Candidate Attribute Extension Subregistry Establishment 33 126 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 127 12. Changes from RFC 5245 . . . . . . . . . . . . . . . . . . . . 34 128 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 129 13.1. Normative References . . . . . . . . . . . . . . . . . . 34 130 13.2. Informative References . . . . . . . . . . . . . . . . . 36 131 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 37 132 Appendix B. The remote-candidates Attribute . . . . . . . . . . 39 133 Appendix C. Why Is the Conflict Resolution Mechanism Needed? . . 40 134 Appendix D. Why Send an Updated Offer? . . . . . . . . . . . . . 41 135 Appendix E. Contributors . . . . . . . . . . . . . . . . . . . . 42 136 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42 138 1. Introduction 140 This document describes how Interactive Connectivity Establishment 141 (ICE) is used with Session Description Protocol (SDP) offer/answer 142 [RFC3264]. The ICE specification [RFC8445] describes procedures that 143 are common to all usages of ICE and this document gives the 144 additional details needed to use ICE with SDP offer/answer. 146 This document obsoletes RFC 5245. 148 NOTE: Previously both the common ICE procedures, and the SDP offer/ 149 answer specific details, were described in[RFC5245]. [RFC8445] 150 obsoleted [RFC5245], and the SDP offer/answer specific details were 151 removed from the document. Section 12 describes the changes to the 152 SDP offer/answer specific details specified in this document. 154 2. Conventions 156 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 157 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 158 "OPTIONAL" in this document are to be interpreted as described in BCP 159 14 [RFC2119] [RFC8174] when, and only when, they appear in all 160 capitals, as shown here. 162 3. Terminology 164 Readers should be familiar with the terminology defined in [RFC3264], 165 in [RFC8445] and the following: 167 Default Destination/Candidate: The default destination for a 168 component of a data stream is the transport address that would be 169 used by an agent that is not ICE aware. A default candidate for a 170 component is one whose transport address matches the default 171 destination for that component. For the RTP component, the 172 default connection address is in the "c=" line of the SDP, and the 173 port and transport protocol are in the "m=" line. For the RTCP 174 component, the address and port are indicated using the "a=rtcp" 175 attribute defined in [RFC3605], if present; otherwise, the RTCP 176 component address is the same as the address of the RTP component, 177 and its port is one greater than the port of the RTP component. 179 4. SDP Offer/Answer Procedures 181 4.1. Introduction 183 [RFC8445] defines ICE candidate exchange as the process for ICE 184 agents (Initiator and Responder) to exchange their candidate 185 information required for ICE processing at the agents. For the 186 purposes of this specification, the candidate exchange process 187 corresponds to the [RFC3264] Offer/Answer protocol and the terms 188 "offerer" and "answerer" correspond to the initiator and responder 189 roles from [RFC8445] respectively. 191 Once the initiating agent has gathered, pruned, and prioritized its 192 set of candidates [RFC8445], the candidate exchange with the peer 193 agent begins. 195 4.2. Generic Procedures 197 4.2.1. Encoding 199 Section 5 provides detailed rules for constructing various SDP 200 attributes defined in this specification. 202 4.2.1.1. Data Streams 204 Each data stream [RFC8445] is represented by an SDP media description 205 ("m=" section). 207 4.2.1.2. Candidates 209 Within an "m=" section, each candidate (including the default 210 candidate) associated with the data stream is represented by an SDP 211 candidate attribute. 213 Prior to nomination, the "c=" line associated with an "m=" section 214 contains the connection address of the default candidate, while the 215 "m=" line contains the port and transport protocol of the default 216 candidate for that "m=" section. 218 After nomination, the "c=" line for a given "m=" section contains the 219 connection address of the nominated candidate (the local candidate of 220 the nominated candidate pair) and the "m=" line contains the port and 221 transport protocol corresponding to the nominated candidate for that 222 "m=" section. 224 4.2.1.3. Username and Password 226 The ICE username is represented by an SDP ice-ufrag attribute and the 227 ICE password is represented by an SDP ice-pwd attribute. 229 4.2.1.4. Lite Implementations 231 An ICE lite implementation [RFC8445] MUST include an SDP ice-lite 232 attribute. A full implementation MUST NOT include that attribute. 234 4.2.1.5. ICE Extensions 236 An agent uses the SDP ice-options attribute to indicate support of 237 ICE extensions. 239 An agent compliant to this specification MUST include an SDP ice- 240 options attribute with an "ice2" attribute value [RFC8445]. If an 241 agent receives an SDP offer or answer that indicates ICE support, but 242 that does not contain an SDP ice-options attribute with an "ice2" 243 attribute value, the agent can assume that the peer is compliant to 244 [RFC5245]. 246 4.2.1.6. Inactive and Disabled Data Streams 248 If an "m=" section is marked as inactive [RFC4566], or has a 249 bandwidth value of zero [RFC4566], the agent MUST still include ICE- 250 related SDP attributes. 252 If the port value associated with an "m=" section is set to zero 253 (implying a disabled stream) as defined in section 8.2 of [RFC3264], 254 the agent SHOULD NOT include ICE-related SDP candidate attributes in 255 that "m=" section, unless an SDP extension specifying otherwise is 256 used. 258 4.2.2. RTP/RTCP Considerations 260 If an agent utilizes both RTP and RTCP, and separate ports are used 261 for RTP and RTCP, the agent MUST include SDP candidate attributes for 262 both the RTP and RTCP components. 264 The agent includes an SDP rtcp attribute following the procedures in 265 [RFC3605]. Hence, in the cases where the RTCP port value is one 266 higher than the RTP port value and the RTCP component address the 267 same as the address of the RTP component, the SDP rtcp attribute 268 might be omitted. 270 NOTE: [RFC5245] required that an agent always includes the SDP rtcp 271 attribute, even if the RTCP port value was one higher than the RTP 272 port value. This specification aligns the rtcp attribute procedures 273 with [RFC3605]. 275 If the agent does not utilize RTCP, it indicates that by including 276 b=RS:0 and b=RR:0 SDP attributes, as described in [RFC3556]. 278 4.2.3. Determining Role 280 The offerer acts as the Initiating agent. The answerer acts as the 281 Responding agent. The ICE roles (controlling and controlled) are 282 determined using the procedures in [RFC8445]. 284 4.2.4. STUN Considerations 286 Once an agent has provided its local candidates to its peer in an SDP 287 offer or answer, the agent MUST be prepared to receive STUN 288 connectivity check Binding requests on those candidates. 290 4.2.5. Verifying ICE Support Procedures 292 An ICE agent is considered to indicate support of ICE by including at 293 least the SDP ice-pwd and ice-ufrag attributes in an offer or answer. 294 An ICE agent compliant with this specification MUST also include an 295 SDP ice-options attribute with an "ice2" attribute value. 297 The agents will proceed with the ICE procedures defined in [RFC8445] 298 and this specification if, for each data stream in the SDP it 299 received, the default destination for each component of that data 300 stream appears in a candidate attribute. For example, in the case of 301 RTP, the connection address, port, and transport protocol in the "c=" 302 and "m=" lines, respectively, appear in a candidate attribute and the 303 value in the rtcp attribute appears in a candidate attribute. 305 This specification provides no guidance on how an agent should 306 proceed in the cases where the above condition is not met with the 307 few exceptions noted below: 309 1. The presence of certain application layer gateways might modify 310 the transport address information as described in Section 8. The 311 behavior of the responding agent in such a situation is 312 implementation dependent. Informally, the responding agent might 313 consider the mismatched transport address information as a 314 plausible new candidate learnt from the peer and continue its ICE 315 processing with that transport address included. Alternatively, 316 the responding agent MAY include an "a=ice-mismatch" attribute in 317 its answer for such data streams. If an agent chooses to include 318 an "a=ice-mismatch" attribute in its answer for a data stream, 319 then it MUST also omit "a=candidate" attributes, MUST terminate 320 the usage of ICE procedures and [RFC3264] procedures MUST be used 321 instead for this data stream. 323 2. The transport address from the peer for the default destination 324 is set to IPv4/IPv6 address values "0.0.0.0"/"::" and port value 325 of "9". This MUST NOT be considered as a ICE failure by the peer 326 agent and the ICE processing MUST continue as usual. 328 3. In some cases, the controlling/initiator agent may receive the 329 SDP answer that may omit "a=candidate" attributes for the data 330 stream, and instead include a media level "a=ice-mismatch" 331 attribute. This signals to the offerer that the answerer 332 supports ICE, but that ICE processing was not used for this data 333 stream. In this case, ICE processing MUST be terminated for this 334 data stream and [RFC3264] procedures MUST be followed instead. 336 4. The transport address from the peer for the default destination 337 is an FQDN. Regardless of the procedures used to resolve FQDN or 338 the resolution result, this MUST NOT be considered as a ICE 339 failure by the peer agent and the ICE processing MUST continue as 340 usual. 342 4.2.6. SDP Example 344 The following is an example SDP message that includes ICE attributes 345 (lines folded for readability): 347 v=0 348 o=jdoe 2890844526 2890842807 IN IP4 203.0.113.141 349 s= 350 c=IN IP4 192.0.2.3 351 t=0 0 352 a=ice-options:ice2 353 a=ice-pacing:50 354 a=ice-pwd:asd88fgpdd777uzjYhagZg 355 a=ice-ufrag:8hhY 356 m=audio 45664 RTP/AVP 0 357 b=RS:0 358 b=RR:0 359 a=rtpmap:0 PCMU/8000 360 a=candidate:1 1 UDP 2130706431 203.0.113.141 8998 typ host 361 a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr 362 203.0.113.141 rport 8998 364 4.3. Initial Offer/Answer Exchange 366 4.3.1. Sending the Initial Offer 368 When an offerer generates the initial offer, in each "m=" section it 369 MUST include SDP candidate attributes for each available candidate 370 associated with the "m=" section. In addition, the offerer MUST 371 include an SDP ice-ufrag attribute, an SDP ice-pwd attribute and an 372 SDP ice-options attribute with an "ice2" attribute value in the 373 offer. If the offerer is a full ICE implementation, it SHOULD 374 include an ice-pacing attribute in the offer (if not included, the 375 default value will apply). A lite ICE implementation MUST NOT 376 included the ice-pacing attribute in the offer (as it will not 377 perform connectivity checks). 379 It is valid for an offer "m=" line to include no SDP candidate 380 attributes and with default destination set to the IP address values 381 "0.0.0.0"/"::" and port value of "9". This implies that the offering 382 agent is only going to use peer reflexive candidates or that 383 additional candidates would be provided in subsequent signaling 384 messages. 386 Note: Within the scope of this document, "Initial Offer" refers to 387 the first SDP offer that is sent in order to negotiate usage of 388 ICE. It might, or might not, be the initial SDP offer of the SDP 389 session. 391 Note: The procedures in this document only consider "m=" sections 392 associated with data streams where ICE is used. 394 4.3.2. Sending the Initial Answer 396 When an answerer receives an initial offer that indicates that the 397 offerer supports ICE, and if the answerer accepts the offer and the 398 usage of ICE, in each "m=" section within the answer, it MUST include 399 SDP candidate attributes for each available candidate associated with 400 the "m=" section. In addition, the answerer MUST include an SDP ice- 401 ufrag attribute, an SDP ice-pwd attribute and an SDP ice-options 402 attribute with an "ice2" attribute value in the answer. If the 403 answerer is a full ICE implementation, it SHOULD include an ice- 404 pacing attribute in the answerer (if not included, the default value 405 will apply). A lite ICE implementation MUST NOT included the ice- 406 pacing attribute in the answer (as it will not perform connectivity 407 chekcks). 409 In each "m=" line, the answerer MUST use the same transport protocol 410 as was used in the offer "m=" line. If none of the candidates in the 411 "m=" line in the answer use the same transport protocol as indicated 412 in the offer "m=" line, then, in order to avoid ICE mismatch, the 413 default destination MUST be set to IP address values "0.0.0.0"/"::" 414 and port value of "9". 416 It is also valid for an answer "m=" line to include no SDP candidate 417 attributes and with default destination set to the IP address values 418 "0.0.0.0"/"::" and port value of "9". This implies that the 419 answering agent is only going to use peer reflexive candidates or 420 that additional candidates would be provided in subsequent signaling 421 messages. 423 Once the answerer has sent the answer, it can start performing 424 connectivity checks towards the peer candidates that were provided in 425 the offer. 427 If the offer does not indicate support of ICE Section 4.2.5, the 428 answerer MUST NOT accept the usage of ICE. If the answerer still 429 accepts the offer, the answerer MUST NOT include any ICE-related SDP 430 attributes in the answer. Instead the answerer will generate the 431 answer according to normal offer/answer procedures [RFC3264]. 433 If the answerer detects a possibility of an ICE mismatch, procedures 434 described in Section 4.2.5 are followed. 436 4.3.3. Receiving the Initial Answer 438 When an offerer receives an initial answer that indicates that the 439 answerer supports ICE, it can start performing connectivity checks 440 towards the peer candidates that were provided in the answer. 442 If the answer does not indicate that the answerer supports ICE, or if 443 the answerer included "a=ice-mismatch" attributes for all the active 444 data streams in the answer, the offerer MUST terminate the usage of 445 ICE for the entire session and [RFC3264] procedures MUST be followed 446 instead. 448 On the other hand, if the answer indicates support for ICE but 449 includes "a=ice-mismatch" in certain active data streams, then the 450 offerer MUST terminate the usage of ICE procedures and [RFC3264] 451 procedures MUST be used instead for only these data streams. Also, 452 ICE procedures MUST be used for data streams where an "a=ice- 453 mismatch" attribute was not included. 455 If the offerer detects an ICE mismatch for one or more data streams 456 in the answer, as described in Section 4.2.5, the offerer MUST 457 terminate the usage of ICE for the entire session. The subsequent 458 actions taken by the offerer are implementation dependent and are out 459 of the scope of this specification. 461 4.3.4. Concluding ICE 463 Once the agent has successfully nominated a pair [RFC8445], the state 464 of the checklist associated with the pair is set to Completed. Once 465 the state of each checklist is set to either Completed or Failed, for 466 each Completed checklist the agent checks whether the nominated pair 467 matches the default candidate pair. If there are one or more pairs 468 that do not match, and the peer did not indicate support for the 469 'ice2' ice-option, the controlling agent MUST generate a subsequent 470 offer, in which the connection address, port and transport protocol 471 in the "c=" and "m=" lines associated with each data stream match the 472 corresponding local information of the nominated pair for that data 473 stream (Section 4.4.1.2.2). If the peer did indicate support for the 474 'ice2' ice-option, the controlling agent does not immediately need to 475 generate an updated offer in order to align a connection address, 476 port and protocol with a nominated pair. However, later in the 477 session, whenever the controlling agent does sent a subsequent offer, 478 it MUST do the alignment as described above. 480 If there are one or more checklists with the state set to Failed, the 481 controlling agent MUST generate a subsequent offer in order to remove 482 the associated data streams by setting the port value of the data 483 streams to zero (Section 4.4.1.1.2), even if the peer did indicate 484 support for the 'ice2' ice-option. If needed, such offer is used to 485 align the connection address, port and transport protocol, as 486 described above. 488 As described in [RFC8445], once the controlling agent has nominated a 489 candidate pair for a checklist, the agent MUST NOT nominate another 490 pair for that checklist during the lifetime of the ICE session (i.e. 491 until ICE is restarted). 493 [draft-ietf-ice-pac] provides a mechanism for allowing the ICE 494 process to run long enough in order to find working candidate pairs, 495 by waiting for potential peer-reflexive candidates, even though no 496 candidate pairs were received from the peer or all current candidate 497 pairs associated with a checklist have either failed or been 498 discarded. It is OPTIONAL for an ICE agent to support the mechanism. 500 4.4. Subsequent Offer/Answer Exchanges 502 Either agent MAY generate a subsequent offer at any time allowed by 503 [RFC3264]. This section defines rules for construction of subsequent 504 offers and answers. 506 Should a subsequent offer fail, ICE processing continues as if the 507 subsequent offer had never been made. 509 4.4.1. Sending Subsequent Offer 511 4.4.1.1. Procedures for All Implementations 513 4.4.1.1.1. ICE Restart 515 An agent MAY restart ICE processing for an existing data stream 516 [RFC8445]. 518 The rules governing the ICE restart imply that setting the connection 519 address in the "c=" line to "0.0.0.0" (for IPv4)/ "::" (for IPv6) 520 will cause an ICE restart. Consequently, ICE implementations MUST 521 NOT utilize this mechanism for call hold, and instead MUST use 522 "a=inactive" and "a=sendonly" as described in [RFC3264]. 524 To restart ICE, an agent MUST change both the ice-pwd and the ice- 525 ufrag for the data stream in an offer. However, it is permissible to 526 use a session-level attribute in one offer, but to provide the same 527 ice-pwd or ice-ufrag as a media-level attribute in a subsequent 528 offer. This MUST NOT be considered as ICE restart. 530 An agent sets the rest of the ICE-related fields in the SDP for this 531 data stream as it would in an initial offer of this data stream 532 (Section 4.2.1). Consequently, the set of candidates MAY include 533 some, none, or all of the previous candidates for that data stream 534 and MAY include a totally new set of candidates. The agent MAY 535 modify the attribute values of the SDP ice-options and SDP ice-pacing 536 attributes, and it MAY change its role using the SDP ice-lite 537 attribute. The agent MUST NOT modify the SDP ice-options, ice-pacing 538 and ice-lite attributes in a subsequent offer unless the offer is 539 sent in order to request an ICE restart. 541 4.4.1.1.2. Removing a Data Stream 543 If an agent removes a data stream by setting its port to zero, it 544 MUST NOT include any candidate attributes for that data stream and 545 SHOULD NOT include any other ICE-related attributes defined in 546 Section 5 for that data stream. 548 4.4.1.1.3. Adding a Data Stream 550 If an agent wishes to add a new data stream, it sets the fields in 551 the SDP for this data stream as if this were an initial offer for 552 that data stream (Section 4.2.1). This will cause ICE processing to 553 begin for this data stream. 555 4.4.1.2. Procedures for Full Implementations 557 This section describes additional procedures for full 558 implementations, covering existing data streams. 560 4.4.1.2.1. Before Nomination 562 When an offerer sends a subsequent offer; in each "m=" section for 563 which a candidate pair has not yet been nominated, the offer MUST 564 include the same set of ICE-related information that the offerer 565 included in the previous offer or answer. The agent MAY include 566 additional candidates it did not offer previously, but which it has 567 gathered since the last offer/answer exchange, including peer 568 reflexive candidates. 570 The agent MAY change the default destination for media. As with 571 initial offers, there MUST be a set of candidate attributes in the 572 offer matching this default destination. 574 4.4.1.2.2. After Nomination 576 Once a candidate pair has been nominated for a data stream, the 577 connection address, port and transport protocol in each "c=" and "m=" 578 line associated with that data stream MUST match the data associated 579 with the nominated pair for that data stream. In addition, the 580 offerer only includes SDP candidates (one per component) representing 581 the local candidates of the nominated candidate pair. The offerer 582 MUST NOT include any other SDP candidate attributes in the subsequent 583 offer. 585 In addition, if the agent is controlling, it MUST include the 586 "a=remote-candidates" attribute for each data stream whose checklist 587 is in the Completed state. The attribute contains the remote 588 candidates corresponding to the nominated pair in the valid list for 589 each component of that data stream. It is needed to avoid a race 590 condition whereby the controlling agent chooses its pairs, but the 591 updated offer beats the connectivity checks to the controlled agent, 592 which doesn't even know these pairs are valid, let alone selected. 593 See Appendix B for elaboration on this race condition. 595 4.4.1.3. Procedures for Lite Implementations 597 If the ICE state is Running, a lite implementation MUST include all 598 of its candidates for each component of each data stream in 599 "a=candidate" attributes in any subsequent offer. The candidates are 600 formed identically to the procedures for initial offers. 602 A lite implementation MUST NOT add additional host candidates in a 603 subsequent offer, and MUST NOT modify the username fragments and 604 passwords. If an agent needs to offer additional candidates, or 605 modify the username fragments and passwords, it MUST request an ICE 606 restart (Section 4.4.1.1.1) for that data stream. 608 If ICE has completed for a data stream and if the agent is 609 controlled, the default destination for that data stream MUST be set 610 to the remote candidate of the candidate pair for that component in 611 the valid list. For a lite implementation, there is always just a 612 single candidate pair in the valid list for each component of a data 613 stream. Additionally, the agent MUST include a candidate attribute 614 for each default destination. 616 If the ICE state is Completed and if the agent is controlling (which 617 only happens when both agents are lite), the agent MUST include the 618 "a=remote-candidates" attribute for each data stream. The attribute 619 contains the remote candidates from the candidate pairs in the valid 620 list (one pair for each component of each data stream). 622 4.4.2. Sending Subsequent Answer 624 If ICE is Completed for a data stream, and the offer for that data 625 stream lacked the "a=remote-candidates" attribute, the rules for 626 construction of the answer are identical to those for the offerer, 627 except that the answerer MUST NOT include the "a=remote-candidates" 628 attribute in the answer. 630 A controlled agent will receive an offer with the "a=remote- 631 candidates" attribute for a data stream when its peer has concluded 632 ICE processing for that data stream. This attribute is present in 633 the offer to deal with a race condition between the receipt of the 634 offer, and the receipt of the Binding Response that tells the 635 answerer the candidate that will be selected by ICE. See Appendix B 636 for an explanation of this race condition. Consequently, processing 637 of an offer with this attribute depends on the winner of the race. 639 The agent forms a candidate pair for each component of the data 640 stream by: 642 o Setting the remote candidate equal to the offerer's default 643 destination for that component (i.e. the contents of the "m=" and 644 "c=" lines for RTP, and the "a=rtcp" attribute for RTCP) 646 o Setting the local candidate equal to the transport address for 647 that same component in the "a=remote-candidates" attribute in the 648 offer. 650 The agent then sees if each of these candidate pairs is present in 651 the valid list. If a particular pair is not in the valid list, the 652 check has "lost" the race. Call such a pair a "losing pair". 654 The agent finds all the pairs in the checklist whose remote 655 candidates equal the remote candidate in the losing pair: 657 o If none of the pairs are In-Progress, and at least one is Failed, 658 it is most likely that a network failure, such as a network 659 partition or serious packet loss, has occurred. The agent SHOULD 660 generate an answer for this data stream as if the remote- 661 candidates attribute had not been present, and then restart ICE 662 for this stream. 664 o If at least one of the pairs is In-Progress, the agent SHOULD wait 665 for those checks to complete, and as each completes, redo the 666 processing in this section until there are no losing pairs. 668 Once there are no losing pairs, the agent can generate the answer. 669 It MUST set the default destination for media to the candidates in 670 the remote-candidates attribute from the offer (each of which will 671 now be the local candidate of a candidate pair in the valid list). 672 It MUST include a candidate attribute in the answer for each 673 candidate in the remote-candidates attribute in the offer. 675 4.4.2.1. ICE Restart 677 If the offerer in a subsequent offer requested an ICE restart 678 (Section 4.4.1.1.1) for a data stream, and if the answerer accepts 679 the offer, the answerer follows the procedures for generating an 680 initial answer. 682 For a given data stream, the answerer MAY include the same candidates 683 that were used in the previous ICE session, but it MUST change the 684 SDP ice-pwd and ice-ufrag attribute values. 686 The answerer MAY modify the attribute values of the SDP ice-options 687 and SDP ice-pacing attributes, and it MAY change its role using the 688 SDP ice-lite attribute. The answerer MUST NOT modify the SDP ice- 689 options, ice-pacing and ice-lite attributes in a subsequent answer 690 unless the answer is sent for an offer that was used to request an 691 ICE restart (Section 4.4.1.1.1). If any of the SDP attributes have 692 been modified in a subsequent offer that is not used to request an 693 ICE restart, the answerer MUST reject the offer. 695 4.4.2.2. Lite Implementation specific procedures 697 If the received offer contains the remote-candidates attribute for a 698 data stream, the agent forms a candidate pair for each component of 699 the data stream by: 701 o Setting the remote candidate equal to the offerer's default 702 destination for that component (i.e., the contents of the "m=" and 703 "c=" lines for RTP, and the "a=rtcp" attribute for RTCP). 705 o Setting the local candidate equal to the transport address for 706 that same component in the "a=remote-candidates" attribute in the 707 offer. 709 The state of the checklist associated with that data stream is set to 710 Completed. 712 Furthermore, if the agent believed it was controlling, but the offer 713 contained the "a=remote-candidates" attribute, both agents believe 714 they are controlling. In this case, both would have sent updated 715 offers around the same time. 717 However, the signaling protocol carrying the offer/answer exchanges 718 will have resolved this glare condition, so that one agent is always 719 the 'winner' by having its offer received before its peer has sent an 720 offer. The winner takes the role of controlling, so that the loser 721 (the answerer under consideration in this section) MUST change its 722 role to controlled. 724 Consequently, if the agent was going to send an updated offer since, 725 based on the rules in section 8.2 of [RFC8445], it was controlling, 726 it no longer needs to. 728 Besides the potential role change, change in the Valid list, and 729 state changes, the construction of the answer is performed 730 identically to the construction of an offer. 732 4.4.3. Receiving Answer for a Subsequent Offer 734 4.4.3.1. Procedures for Full Implementations 736 There may be certain situations where the offerer receives an SDP 737 answer that lacks ICE candidates although the initial answer included 738 them. One example of such an "unexpected" answer might be happen 739 when an ICE-unaware Back-to-Back User Agent (B2BUA) introduces a 740 media server during call hold using 3rd party call-control procedures 741 [RFC3725]. Omitting further details how this is done, this could 742 result in an answer being received at the holding UA that was 743 constructed by the B2BUA. With the B2BUA being ICE-unaware, that 744 answer would not include ICE candidates. 746 Receiving an answer without ICE attributes in this situation might be 747 unexpected, but would not necessarily impair the user experience. 749 When the offerer receives an answer indicating support for ICE, the 750 offer performs one of the following actions: 752 o If the offer was a restart, the agent MUST perform ICE restart 753 procedures as specified in Section 4.4.3.1.1 755 o If the offer/answer exchange removed a data stream, or an answer 756 rejected an offered data stream, an agent MUST flush the Valid 757 list for that data stream. It MUST also terminate any STUN 758 transactions in progress for that data stream. 760 o If the offer/answer exchange added a new data stream, the agent 761 MUST create a new checklist for it (and an empty Valid list to 762 start of course) which in turn triggers the candidate processing 763 procedures [RFC8445]. 765 o If the checklist state associated with a data stream is Running, 766 the agent recomputes the checklist. If a pair on the new 767 checklist was also on the previous checklist, its candidate pair 768 state is copied over. Otherwise, its candidate pair state is set 769 to Frozen. If none of the checklists are active (meaning that the 770 candidate pair states in each checklist are Frozen), appropriate 771 procedures in [RFC8445] are performed to move candidate pair(s) to 772 the Waiting state to further continue ICE processing. 774 o If the ICE state is Completed and the SDP answer conforms to 775 Section 4.4.2, the agent MUST remain in the Completed ICE state. 777 However, if the ICE support is no longer indicated in the SDP answer, 778 the agent MUST fall-back to [RFC3264] procedures and SHOULD NOT drop 779 the dialog because of the missing ICE support or unexpected answer. 780 Once the agent sends a new offer later on, it MUST perform an ICE 781 restart. 783 4.4.3.1.1. ICE Restarts 785 The agent MUST remember the nominated pair in the Valid list for each 786 component of the data stream, called the "previous selected pair", 787 prior to the restart. The agent will continue to send media using 788 this pair, as described in section 12 of [RFC8445]. Once these 789 destinations are noted, the agent MUST flush the Valid lists and 790 checklists, and then recompute the checklist and its states, thus 791 triggering the candidate processing procedures [RFC8445] 793 4.4.3.2. Procedures for Lite Implementations 795 If ICE is restarting for a data stream, the agent MUST create a new 796 Valid list for that data stream. It MUST remember the nominated pair 797 in the previous Valid list for each component of the data stream, 798 called the "previous selected pairs", and continue to send media 799 there as described in section 12 of [RFC8445]. The state of each 800 checklist for each data stream MUST change to Running, and the ICE 801 state MUST be set to Running. 803 5. Grammar 805 This specification defines eight new SDP attributes -- the 806 "candidate", "remote-candidates", "ice-lite", "ice-mismatch", "ice- 807 ufrag", "ice-pwd", "ice-pacing", and "ice-options" attributes. 809 This section also provides non-normative examples of the attributes 810 defined. 812 The syntax for the attributes follow Augmented BNF as defined in 813 [RFC5234]. 815 5.1. "candidate" Attribute 817 The candidate attribute is a media-level attribute only. It contains 818 a transport address for a candidate that can be used for connectivity 819 checks. 821 candidate-attribute = "candidate" ":" foundation SP component-id SP 822 transport SP 823 priority SP 824 connection-address SP ;from RFC 4566 825 port ;port from RFC 4566 826 SP cand-type 827 [SP rel-addr] 828 [SP rel-port] 829 *(SP cand-extension) 831 foundation = 1*32ice-char 832 component-id = 1*3DIGIT 833 transport = "UDP" / transport-extension 834 transport-extension = token ; from RFC 3261 835 priority = 1*10DIGIT 836 cand-type = "typ" SP candidate-types 837 candidate-types = "host" / "srflx" / "prflx" / "relay" / token 838 rel-addr = "raddr" SP connection-address 839 rel-port = "rport" SP port 840 cand-extension = extension-att-name SP extension-att-value 841 extension-att-name = token 842 extension-att-value = *VCHAR 843 ice-char = ALPHA / DIGIT / "+" / "/" 845 This grammar encodes the primary information about a candidate: its 846 IP address, port and transport protocol, and its properties: the 847 foundation, component ID, priority, type, and related transport 848 address: 850 : is taken from RFC 4566 [RFC4566]. It is the 851 IP address of the candidate, allowing for IPv4 addresses, IPv6 852 addresses, and fully qualified domain names (FQDNs). When parsing 853 this field, an agent can differentiate an IPv4 address and an IPv6 854 address by presence of a colon in its value - the presence of a 855 colon indicates IPv6. An agent generating local candidates MUST 856 NOT use FQDN addresses. An agent processing remote candidates 857 MUST ignore candidate lines that include candidates with FQDN or 858 IP address versions that are not supported or recognized. The 859 procedures for generation and handling of FQDN candidates, as well 860 as, how agents indicate support for such procedures, need to be 861 specified in an extension specification. 863 : is also taken from RFC 4566 [RFC4566]. It is the port of 864 the candidate. 866 : indicates the transport protocol for the candidate. 867 This specification only defines UDP. However, extensibility is 868 provided to allow for future transport protocols to be used with 869 ICE by extending the sub-registry "ICE Transport Protocols" under 870 "Interactive Connectivity Establishment (ICE)" registry. 872 : is composed of 1 to 32 s. It is an 873 identifier that is equivalent for two candidates that are of the 874 same type, share the same base, and come from the same STUN 875 server. The foundation is used to optimize ICE performance in the 876 Frozen algorithm as described in [RFC8445] 878 : is a positive integer between 1 and 256 (inclusive) 879 that identifies the specific component of the data stream for 880 which this is a candidate. It MUST start at 1 and MUST increment 881 by 1 for each component of a particular candidate. For data 882 streams based on RTP, candidates for the actual RTP media MUST 883 have a component ID of 1, and candidates for RTCP MUST have a 884 component ID of 2. See section 13 in [RFC8445] for additional 885 discussion on extending ICE to new data streams. 887 : is a positive integer between 1 and (2**31 - 1) 888 inclusive. The procedures for computing candidate's priority is 889 described in section 5.1.2 of [RFC8445]. 891 : encodes the type of candidate. This specification 892 defines the values "host", "srflx", "prflx", and "relay" for host, 893 server reflexive, peer reflexive, and relayed candidates, 894 respectively. Specifications for new candidate types MUST define 895 how, if at all, various steps in the ICE processing differ from 896 the ones defined by this specification. 898 and : convey transport addresses related to the 899 candidate, useful for diagnostics and other purposes. 900 and MUST be present for server reflexive, peer 901 reflexive, and relayed candidates. If a candidate is server or 902 peer reflexive, and are equal to the base 903 for that server or peer reflexive candidate. If the candidate is 904 relayed, and are equal to the mapped address 905 in the Allocate response that provided the client with that 906 relayed candidate (see Appendix B.3 of [RFC8445] for a discussion 907 of its purpose). If the candidate is a host candidate, 908 and MUST be omitted. 910 In some cases, e.g., for privacy reasons, an agent may not want to 911 reveal the related address and port. In this case the address 912 MUST be set to "0.0.0.0" (for IPv4 candidates) or "::" (for IPv6 913 candidates) and the port to '9'. 915 The candidate attribute can itself be extended. The grammar allows 916 for new name/value pairs to be added at the end of the attribute. 917 Such extensions MUST be made through IETF Review or IESG Approval 918 [RFC8126] and the assignments MUST contain the specific extension and 919 a reference to the document defining the usage of the extension. 921 An implementation MUST ignore any name/value pairs it doesn't 922 understand. 924 Example: SDP line for UDP server reflexive candidate attribute for 925 the RTP component 927 a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr 928 203.0.113.141 rport 8998 930 5.2. "remote-candidates" Attribute 932 The syntax of the "remote-candidates" attribute is defined using 933 Augmented BNF as defined in [RFC5234]. The remote-candidates 934 attribute is a media-level attribute only. 936 remote-candidate-att = "remote-candidates:" remote-candidate 937 0*(SP remote-candidate) 938 remote-candidate = component-ID SP connection-address SP port 940 The attribute contains a connection-address and port for each 941 component. The ordering of components is irrelevant. However, a 942 value MUST be present for each component of a data stream. This 943 attribute MUST be included in an offer by a controlling agent for a 944 data stream that is Completed, and MUST NOT be included in any other 945 case. 947 Example: Remote candidates SDP lines for the RTP and RTCP components: 949 a=remote-candidates:1 192.0.2.3 45664 950 a=remote-candidates:2 192.0.2.3 45665 952 5.3. "ice-lite" and "ice-mismatch" Attributes 954 The syntax of the "ice-lite" and "ice-mismatch" attributes, both of 955 which are flags, is: 957 ice-lite = "ice-lite" 958 ice-mismatch = "ice-mismatch" 960 "ice-lite" is a session-level attribute only, and indicates that an 961 agent is a lite implementation. "ice-mismatch" is a media-level 962 attribute and only reported in the answer. It indicates that the 963 offer arrived with a default destination for a media component that 964 didn't have a corresponding candidate attribute. Inclusion of 965 "a=ice-mismatch" attribute for a given data stream implies that even 966 though both agents support ICE, ICE procedures MUST NOT be used for 967 this data stream and [RFC3264] procedures MUST be used instead. 969 5.4. "ice-ufrag" and "ice-pwd" Attributes 971 The "ice-ufrag" and "ice-pwd" attributes convey the username fragment 972 and password used by ICE for message integrity. Their syntax is: 974 ice-pwd-att = "ice-pwd:" password 975 ice-ufrag-att = "ice-ufrag:" ufrag 976 password = 22*256ice-char 977 ufrag = 4*256ice-char 979 The "ice-pwd" and "ice-ufrag" attributes can appear at either the 980 session-level or media-level. When present in both, the value in the 981 media-level takes precedence. Thus, the value at the session-level 982 is effectively a default that applies to all data streams, unless 983 overridden by a media-level value. Whether present at the session or 984 media-level, there MUST be an ice-pwd and ice-ufrag attribute for 985 each data stream. If two data streams have identical ice-ufrag's, 986 they MUST have identical ice-pwd's. 988 The ice-ufrag and ice-pwd attributes MUST be chosen randomly at the 989 beginning of a session (the same applies when ICE is restarting for 990 an agent). 992 [RFC8445] requires the ice-ufrag attribute to contain at least 24 993 bits of randomness, and the ice-pwd attribute to contain at least 128 994 bits of randomness. This means that the ice-ufrag attribute will be 995 at least 4 characters long, and the ice-pwd at least 22 characters 996 long, since the grammar for these attributes allows for 6 bits of 997 information per character. The attributes MAY be longer than 4 and 998 22 characters, respectively, of course, up to 256 characters. The 999 upper limit allows for buffer sizing in implementations. Its large 1000 upper limit allows for increased amounts of randomness to be added 1001 over time. For compatibility with the 512 character limitation for 1002 the STUN username attribute value and for bandwidth conservation 1003 considerations, the ice-ufrag attribute MUST NOT be longer than 32 1004 characters when sending, but an implementation MUST accept up to 256 1005 characters when receiving. 1007 Example shows sample ice-ufrag and ice-pwd SDP lines: 1009 a=ice-pwd:asd88fgpdd777uzjYhagZg 1010 a=ice-ufrag:8hhY 1012 5.5. "ice-pacing" Attribute 1014 The "ice-pacing" is a session level attribute that indicates the 1015 desired connectivity check pacing (Ta interval), in milliseconds, 1016 that the sender wishes to use. See section 14.2 of [RFC8445] for 1017 more information regarding selecting a pacing value. The syntax is: 1019 ice-pacing-att = "ice-pacing:" pacing-value 1020 pacing-value = 1*10DIGIT 1022 If absent in an offer or answer the default value of the attribute is 1023 50 ms, which is the recommended value specified in [RFC8445]. 1025 Once both agents have indicated the pacing value they with to use, 1026 both agents MUST use the larger of the indicated values. 1028 Example shows an ice-pacing SDP line with value '50': 1029 a=ice-pacing:50 1031 5.6. "ice-options" Attribute 1033 The "ice-options" attribute is a session- and media-level attribute. 1034 It contains a series of tokens that identify the options supported by 1035 the agent. Its grammar is: 1037 ice-options = "ice-options:" ice-option-tag 1038 *(SP ice-option-tag) 1039 ice-option-tag = 1*ice-char 1041 The existence of an ice-option in an offer indicates that a certain 1042 extension is supported by the agent and it is willing to use it, if 1043 the peer agent also includes the same extension in the answer. There 1044 might be further extension specific negotiation needed between the 1045 agents that determine how the extension gets used in a given session. 1046 The details of the negotiation procedures, if present, MUST be 1047 defined by the specification defining the extension (Section 10.2). 1049 Example shows an ice-options SDP line with 'ice2' and 'rtp+ecn' [RFC6679] values: 1051 a=ice-options:ice2 rtp+ecn 1053 6. Keepalives 1055 All the ICE agents MUST follow the procedures defined in section 11 1056 of [RFC8445] for sending keepalives. The keepalives MUST be sent 1057 regardless of whether the data stream is currently inactive, 1058 sendonly, recvonly, or sendrecv, and regardless of the presence or 1059 value of the bandwidth attribute. An agent can determine that its 1060 peer supports ICE by the presence of "a=candidate" attributes for 1061 each media session. 1063 7. SIP Considerations 1065 Note that ICE is not intended for NAT traversal for SIP signaling, 1066 which is assumed to be provided via another mechanism [RFC5626]. 1068 When ICE is used with SIP, forking may result in a single offer 1069 generating a multiplicity of answers. In that case, ICE proceeds 1070 completely in parallel and independently for each answer, treating 1071 the combination of its offer and each answer as an independent offer/ 1072 answer exchange, with its own set of local candidates, pairs, 1073 checklists, states, and so on. 1075 7.1. Latency Guidelines 1077 ICE requires a series of STUN-based connectivity checks to take place 1078 between endpoints. These checks start from the answerer on 1079 generation of its answer, and start from the offerer when it receives 1080 the answer. These checks can take time to complete, and as such, the 1081 selection of messages to use with offers and answers can affect 1082 perceived user latency. Two latency figures are of particular 1083 interest. These are the post-pickup delay and the post-dial delay. 1084 The post-pickup delay refers to the time between when a user "answers 1085 the phone" and when any speech they utter can be delivered to the 1086 caller. The post-dial delay refers to the time between when a user 1087 enters the destination address for the user and ringback begins as a 1088 consequence of having successfully started alerting the called user 1089 agent. 1091 Two cases can be considered -- one where the offer is present in the 1092 initial INVITE and one where it is in a response. 1094 7.1.1. Offer in INVITE 1096 To reduce post-dial delays, it is RECOMMENDED that the caller begin 1097 gathering candidates prior to actually sending its initial INVITE, so 1098 that the candidates can be provided in the INVITE. This can be 1099 started upon user interface cues that a call is pending, such as 1100 activity on a keypad or the phone going off-hook. 1102 On the receipt of the offer, the answerer SHOULD generate an answer 1103 in a provisional response as soon as it has completed gathering the 1104 candidates. ICE requires that a provisional response with an SDP be 1105 transmitted reliably. This can be done through the existing 1106 Provisional Response Acknowledgment (PRACK) mechanism [RFC3262] or 1107 through an ICE specific optimization, wherein, the agent retransmits 1108 the provisional response with the exponential backoff timers 1109 described in [RFC3262]. Such retransmissions MUST cease on receipt 1110 of a STUN Binding request with the transport address matching the 1111 candidate address for one of the data streams signaled in that SDP or 1112 on transmission of the answer in a 2xx response. If no Binding 1113 request is received prior to the last retransmit, the agent does not 1114 consider the session terminated. For the ICE lite peers, the agent 1115 MUST cease retransmitting the 18x after sending it four times since 1116 there will be no Binding request sent and the number four is 1117 arbitrarily chosen to limit the number of 18x retransmits. 1119 Once the answer has been sent, the agent SHOULD begin its 1120 connectivity checks. Once candidate pairs for each component of a 1121 data stream enter the valid list, the answerer can begin sending 1122 media on that data stream. 1124 However, prior to this point, any media that needs to be sent towards 1125 the caller (such as SIP early media [RFC3960]) MUST NOT be 1126 transmitted. For this reason, implementations SHOULD delay alerting 1127 the called party until candidates for each component of each data 1128 stream have entered the valid list. In the case of a PSTN gateway, 1129 this would mean that the setup message into the PSTN is delayed until 1130 this point. Doing this increases the post-dial delay, but has the 1131 effect of eliminating 'ghost rings'. Ghost rings are cases where the 1132 called party hears the phone ring, picks up, but hears nothing and 1133 cannot be heard. This technique works without requiring support for, 1134 or usage of, preconditions [RFC3312]. It also has the benefit of 1135 guaranteeing that not a single packet of media will get clipped, so 1136 that post-pickup delay is zero. If an agent chooses to delay local 1137 alerting in this way, it SHOULD generate a 180 response once alerting 1138 begins. 1140 7.1.2. Offer in Response 1142 In addition to uses where the offer is in an INVITE, and the answer 1143 is in the provisional and/or 200 OK response, ICE works with cases 1144 where the offer appears in the response. In such cases, which are 1145 common in third party call control [RFC3725], ICE agents SHOULD 1146 generate their offers in a reliable provisional response (which MUST 1147 utilize [RFC3262]), and not alert the user on receipt of the INVITE. 1148 The answer will arrive in a PRACK. This allows for ICE processing to 1149 take place prior to alerting, so that there is no post-pickup delay, 1150 at the expense of increased call setup delays. Once ICE completes, 1151 the callee can alert the user and then generate a 200 OK when they 1152 answer. The 200 OK would contain no SDP, since the offer/answer 1153 exchange has completed. 1155 Alternatively, agents MAY place the offer in a 2xx instead (in which 1156 case the answer comes in the ACK). When this happens, the callee 1157 will alert the user on receipt of the INVITE, and the ICE exchanges 1158 will take place only after the user answers. This has the effect of 1159 reducing call setup delay, but can cause substantial post-pickup 1160 delays and media clipping. 1162 7.2. SIP Option Tags and Media Feature Tags 1164 [RFC5768] specifies a SIP option tag and media feature tag for usage 1165 with ICE. ICE implementations using SIP SHOULD support this 1166 specification, which uses a feature tag in registrations to 1167 facilitate interoperability through signaling intermediaries. 1169 7.3. Interactions with Forking 1171 ICE interacts very well with forking. Indeed, ICE fixes some of the 1172 problems associated with forking. Without ICE, when a call forks and 1173 the caller receives multiple incoming data streams, it cannot 1174 determine which data stream corresponds to which callee. 1176 With ICE, this problem is resolved. The connectivity checks which 1177 occur prior to transmission of media carry username fragments, which 1178 in turn are correlated to a specific callee. Subsequent media 1179 packets that arrive on the same candidate pair as the connectivity 1180 check will be associated with that same callee. Thus, the caller can 1181 perform this correlation as long as it has received an answer. 1183 7.4. Interactions with Preconditions 1185 Quality of Service (QoS) preconditions, which are defined in 1186 [RFC3312] and [RFC4032], apply only to the transport addresses listed 1187 as the default targets for media in an offer/answer. If ICE changes 1188 the transport address where media is received, this change is 1189 reflected in an updated offer that changes the default destination 1190 for media to match ICE's selection. As such, it appears like any 1191 other re-INVITE would, and is fully treated in RFCs 3312 and 4032, 1192 which apply without regard to the fact that the destination for media 1193 is changing due to ICE negotiations occurring "in the background". 1195 Indeed, an agent SHOULD NOT indicate that QoS preconditions have been 1196 met until the checks have completed and selected the candidate pairs 1197 to be used for media. 1199 ICE also has (purposeful) interactions with connectivity 1200 preconditions [RFC5898]. Those interactions are described there. 1201 Note that the procedures described in Section 7.1 describe their own 1202 type of "preconditions", albeit with less functionality than those 1203 provided by the explicit preconditions in [RFC5898]. 1205 7.5. Interactions with Third Party Call Control 1207 ICE works with Flows I, III, and IV as described in [RFC3725]. Flow 1208 I works without the controller supporting or being aware of ICE. 1209 Flow IV will work as long as the controller passes along the ICE 1210 attributes without alteration. Flow II is fundamentally incompatible 1211 with ICE; each agent will believe itself to be the answerer and thus 1212 never generate a re-INVITE. 1214 The flows for continued operation, as described in Section 7 of 1215 [RFC3725], require additional behavior of ICE implementations to 1216 support. In particular, if an agent receives a mid-dialog re-INVITE 1217 that contains no offer, it MUST restart ICE for each data stream and 1218 go through the process of gathering new candidates. Furthermore, 1219 that list of candidates SHOULD include the ones currently being used 1220 for media. 1222 8. Interactions with Application Layer Gateways and SIP 1224 Application Layer Gateways (ALGs) are functions present in a Network 1225 Address Translation (NAT) device that inspect the contents of packets 1226 and modify them, in order to facilitate NAT traversal for application 1227 protocols. Session Border Controllers (SBCs) are close cousins of 1228 ALGs, but are less transparent since they actually exist as 1229 application-layer SIP intermediaries. ICE has interactions with SBCs 1230 and ALGs. 1232 If an ALG is SIP aware but not ICE aware, ICE will work through it as 1233 long as the ALG correctly modifies the SDP. A correct ALG 1234 implementation behaves as follows: 1236 o The ALG does not modify the "m=" and "c=" lines or the rtcp 1237 attribute if they contain external addresses. 1239 o If the "m=" and "c=" lines contain internal addresses, the 1240 modification depends on the state of the ALG: 1242 * If the ALG already has a binding established that maps an 1243 external port to an internal connection address and port 1244 matching the values in the "m=" and "c=" lines or rtcp 1245 attribute, the ALG uses that binding instead of creating a new 1246 one. 1248 * If the ALG does not already have a binding, it creates a new 1249 one and modifies the SDP, rewriting the "m=" and "c=" lines and 1250 rtcp attribute. 1252 Unfortunately, many ALGs are known to work poorly in these corner 1253 cases. ICE does not try to work around broken ALGs, as this is 1254 outside the scope of its functionality. ICE can help diagnose these 1255 conditions, which often show up as a mismatch between the set of 1256 candidates and the "m=" and "c=" lines and rtcp attributes. The ice- 1257 mismatch attribute is used for this purpose. 1259 ICE works best through ALGs when the signaling is run over TLS. This 1260 prevents the ALG from manipulating the SDP messages and interfering 1261 with ICE operation. Implementations that are expected to be deployed 1262 behind ALGs SHOULD provide for TLS transport of the SDP. 1264 If an SBC is SIP aware but not ICE aware, the result depends on the 1265 behavior of the SBC. If it is acting as a proper Back-to-Back User 1266 Agent (B2BUA), the SBC will remove any SDP attributes it doesn't 1267 understand, including the ICE attributes. Consequently, the call 1268 will appear to both endpoints as if the other side doesn't support 1269 ICE. This will result in ICE being disabled, and media flowing 1270 through the SBC, if the SBC has requested it. If, however, the SBC 1271 passes the ICE attributes without modification, yet modifies the 1272 default destination for media (contained in the "m=" and "c=" lines 1273 and rtcp attribute), this will be detected as an ICE mismatch, and 1274 ICE processing is aborted for the call. It is outside of the scope 1275 of ICE for it to act as a tool for "working around" SBCs. If one is 1276 present, ICE will not be used and the SBC techniques take precedence. 1278 9. Security Considerations 1280 The generic ICE security considerations are defined in [RFC8445], and 1281 the generic SDP offer/answer security considerations are defined in 1282 [RFC3264]. These security considerations also apply to 1283 implementations of this document. 1285 9.1. IP Address Privacy 1287 In some cases, e.g., for privacy reasons, an agent may not want to 1288 reveal the related address and port. In this case the address MUST 1289 be set to "0.0.0.0" (for IPv4 candidates) or "::" (for IPv6 1290 candidates) and the port to '9'. 1292 9.2. Attacks on the Offer/Answer Exchanges 1294 An attacker that can modify or disrupt the offer/answer exchanges 1295 themselves can readily launch a variety of attacks with ICE. They 1296 could direct media to a target of a DoS attack, they could insert 1297 themselves into the data stream, and so on. These are similar to the 1298 general security considerations for offer/answer exchanges, and the 1299 security considerations in [RFC3264] apply. These require techniques 1300 for message integrity and encryption for offers and answers, which 1301 are satisfied by the TLS mechanism [RFC3261] when SIP is used. As 1302 such, the usage of TLS with ICE is RECOMMENDED. 1304 9.3. The Voice Hammer Attack 1306 The voice hammer attack is an amplification attack, and can be 1307 triggered even if the attacker is an authenticated and valid 1308 participant in a session. In this attack, the attacker initiates 1309 sessions to other agents, and maliciously includes the connection 1310 address and port of a DoS target as the destination for media traffic 1311 signaled in the SDP. This causes substantial amplification; a single 1312 offer/answer exchange can create a continuing flood of media packets, 1313 possibly at high rates (consider video sources). The use of ICE can 1314 help to prevent against this attack. 1316 Specifically, if ICE is used, the agent receiving the malicious SDP 1317 will first perform connectivity checks to the target of media before 1318 sending media there. If this target is a third-party host, the 1319 checks will not succeed, and media is never sent. 1321 Unfortunately, ICE doesn't help if it's not used, in which case an 1322 attacker could simply send the offer without the ICE parameters. 1323 However, in environments where the set of clients is known, and is 1324 limited to ones that support ICE, the server can reject any offers or 1325 answers that don't indicate ICE support. 1327 SIP User Agents (UA) [RFC3261] that are not willing to receive non- 1328 ICE answers MUST include an "ice" Option Tag [RFC5768] in the SIP 1329 Require Header Field in their offer. UAs that reject non-ICE offers 1330 will generally use a 421 response code, together with an Option Tag 1331 "ice" in the Require Header Field in the response. 1333 10. IANA Considerations 1335 10.1. SDP Attributes 1337 The original ICE specification defined seven new SDP attributes per 1338 the procedures of Section 8.2.4 of [RFC4566]. The registration 1339 information from the original specification is included here with 1340 modifications to include Mux Category and also defines a new SDP 1341 attribute 'ice-pacing'. 1343 10.1.1. candidate Attribute 1345 Attribute Name: candidate 1347 Type of Attribute: media-level 1349 Subject to charset: No 1351 Purpose: This attribute is used with Interactive Connectivity 1352 Establishment (ICE), and provides one of many possible candidate 1353 addresses for communication. These addresses are validated with 1354 an end-to-end connectivity check using Session Traversal Utilities 1355 for NAT (STUN). 1357 Appropriate Values: See Section 5 of RFC XXXX. 1359 Contact Name: IESG 1361 Contact Email: iesg@ietf.org 1363 Reference: RFCXXXX 1365 Mux Category: TRANSPORT 1367 10.1.2. remote-candidates Attribute 1369 Attribute Name: remote-candidates 1371 Type of Attribute: media-level 1373 Subject to charset: No 1375 Purpose: This attribute is used with Interactive Connectivity 1376 Establishment (ICE), and provides the identity of the remote 1377 candidates that the offerer wishes the answerer to use in its 1378 answer. 1380 Appropriate Values: See Section 5 of RFC XXXX. 1382 Contact Name: IESG 1384 Contact Email: iesg@ietf.org 1386 Reference: RFCXXXX 1388 Mux Category: TRANSPORT 1390 10.1.3. ice-lite Attribute 1392 Attribute Name: ice-lite 1394 Type of Attribute: session-level 1396 Subject to charset: No 1398 Purpose: This attribute is used with Interactive Connectivity 1399 Establishment (ICE), and indicates that an agent has the minimum 1400 functionality required to support ICE inter-operation with a peer 1401 that has a full implementation. 1403 Appropriate Values: See Section 5 of RFC XXXX. 1405 Contact Name: IESG 1407 Contact Email: iesg@ietf.org 1409 Reference: RFCXXXX 1411 Mux Category: NORMAL 1413 10.1.4. ice-mismatch Attribute 1415 Attribute Name: ice-mismatch 1417 Type of Attribute: media-level 1419 Subject to charset: No 1421 Purpose: This attribute is used with Interactive Connectivity 1422 Establishment (ICE), and indicates that an agent is ICE capable, 1423 but did not proceed with ICE due to a mismatch of candidates with 1424 the default destination for media signaled in the SDP. 1426 Appropriate Values: See Section 5 of RFC XXXX. 1428 Contact Name: IESG 1429 Contact e-mail: iesg@ietf.org 1431 Reference: RFCXXXX 1433 Mux Category: NORMAL 1435 10.1.5. ice-pwd Attribute 1437 Attribute Name: ice-pwd 1439 Type of Attribute: session- or media-level 1441 Subject to charset: No 1443 Purpose: This attribute is used with Interactive Connectivity 1444 Establishment (ICE), and provides the password used to protect 1445 STUN connectivity checks. 1447 Appropriate Values: See Section 5 of RFC XXXX. 1449 Contact Name: IESG 1451 Contact e-mail: iesg@ietf.org 1453 Reference: RFCXXXX 1455 Mux Category: TRANSPORT 1457 10.1.6. ice-ufrag Attribute 1459 Attribute Name: ice-ufrag 1461 Type of Attribute: session- or media-level 1463 Subject to charset: No 1465 Purpose: This attribute is used with Interactive Connectivity 1466 Establishment (ICE), and provides the fragments used to construct 1467 the username in STUN connectivity checks. 1469 Appropriate Values: See Section 5 of RFC XXXX. 1471 Contact Name: IESG 1473 Contact e-mail: iesg@ietf.org 1475 Reference: RFCXXXX 1476 Mux Category: TRANSPORT 1478 10.1.7. ice-options Attribute 1480 Attribute Name: ice-options 1482 Long Form: ice-options 1484 Type of Attribute: session-level 1486 Subject to charset: No 1488 Purpose: This attribute is used with Interactive Connectivity 1489 Establishment (ICE), and indicates the ICE options or extensions 1490 used by the agent. 1492 Appropriate Values: See Section 5 of RFC XXXX. 1494 Contact Name: IESG 1496 Contact e-mail: iesg@ietf.org 1498 Reference: RFCXXXX 1500 Mux Category: NORMAL 1502 10.1.8. ice-pacing Attribute 1504 This specification also defines a new SDP attribute, "ice-pacing" 1505 according to the following data: 1507 Attribute Name: ice-pacing 1509 Type of Attribute: session-level 1511 Subject to charset: No 1513 Purpose: This attribute is used with Interactive Connectivity 1514 Establishment (ICE) to indicate desired connectivity check pacing 1515 values. 1517 Appropriate Values: See Section 5 of RFC XXXX. 1519 Contact Name: IESG 1521 Contact e-mail: iesg@ietf.org 1523 Reference: RFCXXXX 1524 Mux Category: NORMAL 1526 10.2. Interactive Connectivity Establishment (ICE) Options Registry 1528 IANA maintains a registry for ice-options identifiers under the 1529 Specification Required policy as defined in "Guidelines for Writing 1530 an IANA Considerations Section in RFCs" [RFC8126]. 1532 ICE options are of unlimited length according to the syntax in 1533 Section 5.6; however, they are RECOMMENDED to be no longer than 20 1534 characters. This is to reduce message sizes and allow for efficient 1535 parsing. ICE options are defined at the session level. 1537 A registration request MUST include the following information: 1539 o The ICE option identifier to be registered 1541 o Short description of the ICE extension to which the option relates 1543 o Reference(s) to the specification defining the ICE option and the 1544 related extensions 1546 10.3. Candidate Attribute Extension Subregistry Establishment 1548 This section creates a new sub-registry, "Candidate Attribute 1549 Extensions", under the sdp-parameters registry: 1550 http://www.iana.org/assignments/sdp-parameters. 1552 The purpose of the sub-registry is to register SDP candidate 1553 attribute extensions. 1555 When a candidate extension is registered in the sub-registry, it 1556 needs to meet the "Specification Required" policies defined in 1557 [RFC8126]. 1559 Candidate attribute extensions MUST follow the 'cand-extension' 1560 syntax. The attribute extension name MUST follow the 'extension-att- 1561 name' syntax, and the attribute extension value MUST follow the 1562 'extension-att-value' syntax. 1564 A registration request MUST include the following information: 1566 o The name of the attribute extension. 1568 o A short description of the attribute extension. 1570 o A reference to a specification that describes the semantics, usage 1571 and possible values of the attribute extension. 1573 11. Acknowledgments 1575 A large part of the text in this document was taken from [RFC5245], 1576 authored by Jonathan Rosenberg. 1578 Some of the text in this document was taken from [RFC6336], authored 1579 by Magnus Westerlund and Colin Perkins. 1581 Many thanks to Flemming Andreasen for shepherd review feedback. 1583 Thanks to following experts for their reviews and constructive 1584 feedback: Thomas Stach, Adam Roach, Peter Saint-Andre, Roman Danyliw, 1585 Alissa Cooper, Benjamin Kaduk, Mirja Kuhlewind, Alexey Melnikov, Eric 1586 Vyncke for their detailed reviews. 1588 12. Changes from RFC 5245 1590 [RFC8445] describes the changes that were done to the common SIP 1591 procedures, including removal of aggressive nomination, modifying the 1592 procedures for calculating candidate pair states and scheduling 1593 connectivity checks and the calculation of timer values. 1595 This document defines the following SDP offer/answer specific 1596 changes: 1598 o SDP offer/answer realization and usage of of 'ice2' option. 1600 o Definition and usage of SDP 'ice-pacing' attribute. 1602 o Explicit text that an ICE agent must not generate candidates with 1603 FQDNs, and must discard such candidates if received from the peer 1604 agent. 1606 o Relax requirement to include SDP 'rtcp' attribute. 1608 o Generic clarifications of SDP offer/answer procedures. 1610 13. References 1612 13.1. Normative References 1614 [draft-ietf-ice-pac] 1615 Holmberg, C. and J. Uberti, "Interactive Connectivity 1616 Establishment Patiently Awaiting Connectivity (ICE PAC)", 1617 draft-ietf-ice-pac-02 (work in progress), July 2019, 1618 . 1621 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1622 Requirement Levels", BCP 14, RFC 2119, 1623 DOI 10.17487/RFC2119, March 1997, 1624 . 1626 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 1627 A., Peterson, J., Sparks, R., Handley, M., and E. 1628 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 1629 DOI 10.17487/RFC3261, June 2002, 1630 . 1632 [RFC3262] Rosenberg, J. and H. Schulzrinne, "Reliability of 1633 Provisional Responses in Session Initiation Protocol 1634 (SIP)", RFC 3262, DOI 10.17487/RFC3262, June 2002, 1635 . 1637 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 1638 with Session Description Protocol (SDP)", RFC 3264, 1639 DOI 10.17487/RFC3264, June 2002, 1640 . 1642 [RFC3312] Camarillo, G., Ed., Marshall, W., Ed., and J. Rosenberg, 1643 "Integration of Resource Management and Session Initiation 1644 Protocol (SIP)", RFC 3312, DOI 10.17487/RFC3312, October 1645 2002, . 1647 [RFC3556] Casner, S., "Session Description Protocol (SDP) Bandwidth 1648 Modifiers for RTP Control Protocol (RTCP) Bandwidth", 1649 RFC 3556, DOI 10.17487/RFC3556, July 2003, 1650 . 1652 [RFC3605] Huitema, C., "Real Time Control Protocol (RTCP) attribute 1653 in Session Description Protocol (SDP)", RFC 3605, 1654 DOI 10.17487/RFC3605, October 2003, 1655 . 1657 [RFC4032] Camarillo, G. and P. Kyzivat, "Update to the Session 1658 Initiation Protocol (SIP) Preconditions Framework", 1659 RFC 4032, DOI 10.17487/RFC4032, March 2005, 1660 . 1662 [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 1663 Description Protocol", RFC 4566, DOI 10.17487/RFC4566, 1664 July 2006, . 1666 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 1667 Specifications: ABNF", STD 68, RFC 5234, 1668 DOI 10.17487/RFC5234, January 2008, 1669 . 1671 [RFC5768] Rosenberg, J., "Indicating Support for Interactive 1672 Connectivity Establishment (ICE) in the Session Initiation 1673 Protocol (SIP)", RFC 5768, DOI 10.17487/RFC5768, April 1674 2010, . 1676 [RFC6336] Westerlund, M. and C. Perkins, "IANA Registry for 1677 Interactive Connectivity Establishment (ICE) Options", 1678 RFC 6336, DOI 10.17487/RFC6336, July 2011, 1679 . 1681 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1682 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1683 May 2017, . 1685 [RFC8445] Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive 1686 Connectivity Establishment (ICE): A Protocol for Network 1687 Address Translator (NAT) Traversal", RFC 8445, 1688 DOI 10.17487/RFC8445, July 2018, 1689 . 1691 13.2. Informative References 1693 [RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. 1694 Camarillo, "Best Current Practices for Third Party Call 1695 Control (3pcc) in the Session Initiation Protocol (SIP)", 1696 BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004, 1697 . 1699 [RFC3960] Camarillo, G. and H. Schulzrinne, "Early Media and Ringing 1700 Tone Generation in the Session Initiation Protocol (SIP)", 1701 RFC 3960, DOI 10.17487/RFC3960, December 2004, 1702 . 1704 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 1705 (ICE): A Protocol for Network Address Translator (NAT) 1706 Traversal for Offer/Answer Protocols", RFC 5245, 1707 DOI 10.17487/RFC5245, April 2010, 1708 . 1710 [RFC5626] Jennings, C., Ed., Mahy, R., Ed., and F. Audet, Ed., 1711 "Managing Client-Initiated Connections in the Session 1712 Initiation Protocol (SIP)", RFC 5626, 1713 DOI 10.17487/RFC5626, October 2009, 1714 . 1716 [RFC5898] Andreasen, F., Camarillo, G., Oran, D., and D. Wing, 1717 "Connectivity Preconditions for Session Description 1718 Protocol (SDP) Media Streams", RFC 5898, 1719 DOI 10.17487/RFC5898, July 2010, 1720 . 1722 [RFC6679] Westerlund, M., Johansson, I., Perkins, C., O'Hanlon, P., 1723 and K. Carlberg, "Explicit Congestion Notification (ECN) 1724 for RTP over UDP", RFC 6679, DOI 10.17487/RFC6679, August 1725 2012, . 1727 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1728 Writing an IANA Considerations Section in RFCs", BCP 26, 1729 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1730 . 1732 Appendix A. Examples 1734 For the example shown in section 15 of [RFC8445] the resulting offer 1735 (message 5) encoded in SDP looks like: 1737 v=0 1738 o=jdoe 2890844526 2890842807 IN IP6 $L-PRIV-1.IP 1739 s= 1740 c=IN IP6 $NAT-PUB-1.IP 1741 t=0 0 1742 a=ice-options:ice2 1743 a=ice-pacing:50 1744 a=ice-pwd:asd88fgpdd777uzjYhagZg 1745 a=ice-ufrag:8hhY 1746 m=audio $NAT-PUB-1.PORT RTP/AVP 0 1747 b=RS:0 1748 b=RR:0 1749 a=rtpmap:0 PCMU/8000 1750 a=candidate:1 1 UDP 2130706431 $L-PRIV-1.IP $L-PRIV-1.PORT typ host 1751 a=candidate:2 1 UDP 1694498815 $NAT-PUB-1.IP $NAT-PUB-1.PORT typ 1752 srflx raddr $L-PRIV-1.IP rport $L-PRIV-1.PORT 1754 The offer, with the variables replaced with their values, will look 1755 like (lines folded for clarity): 1757 v=0 1758 o=jdoe 2890844526 2890842807 IN IP6 fe80::6676:baff:fe9c:ee4a 1759 s= 1760 c=IN IP6 2001:db8:8101:3a55:4858:a2a9:22ff:99b9 1761 t=0 0 1762 a=ice-options:ice2 1763 a=ice-pacing:50 1764 a=ice-pwd:asd88fgpdd777uzjYhagZg 1765 a=ice-ufrag:8hhY 1766 m=audio 45664 RTP/AVP 0 1767 b=RS:0 1768 b=RR:0 1769 a=rtpmap:0 PCMU/8000 1770 a=candidate:1 1 UDP 2130706431 fe80::6676:baff:fe9c:ee4a 8998 typ host 1771 a=candidate:2 1 UDP 1694498815 2001:db8:8101:3a55:4858:a2a9:22ff:99b9 1772 45664 typ srflx raddr fe80::6676:baff:fe9c:ee4a rport 8998 1774 The resulting answer looks like: 1776 v=0 1777 o=bob 2808844564 2808844564 IN IP4 $R-PUB-1.IP 1778 s= 1779 c=IN IP4 $R-PUB-1.IP 1780 t=0 0 1781 a=ice-options:ice2 1782 a=ice-pacing:50 1783 a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh 1784 a=ice-ufrag:9uB6 1785 m=audio $R-PUB-1.PORT RTP/AVP 0 1786 b=RS:0 1787 b=RR:0 1788 a=rtpmap:0 PCMU/8000 1789 a=candidate:1 1 UDP 2130706431 $R-PUB-1.IP $R-PUB-1.PORT typ host 1791 With the variables filled in: 1793 v=0 1794 o=bob 2808844564 2808844564 IN IP4 192.0.2.1 1795 s= 1796 c=IN IP4 192.0.2.1 1797 t=0 0 1798 a=ice-options:ice2 1799 a=ice-pacing:50 1800 a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh 1801 a=ice-ufrag:9uB6 1802 m=audio 3478 RTP/AVP 0 1803 b=RS:0 1804 b=RR:0 1805 a=rtpmap:0 PCMU/8000 1806 a=candidate:1 1 UDP 2130706431 192.0.2.1 3478 typ host 1808 Appendix B. The remote-candidates Attribute 1810 The "a=remote-candidates" attribute exists to eliminate a race 1811 condition between the updated offer and the response to the STUN 1812 Binding request that moved a candidate into the Valid list. This 1813 race condition is shown in Figure 1. On receipt of message 4, agent 1814 L adds a candidate pair to the valid list. If there was only a 1815 single data stream with a single component, agent L could now send an 1816 updated offer. However, the check from agent R has not yet generated 1817 a response, and agent R receives the updated offer (message 7) before 1818 getting the response (message 9). Thus, it does not yet know that 1819 this particular pair is valid. To eliminate this condition, the 1820 actual candidates at R that were selected by the offerer (the remote 1821 candidates) are included in the offer itself, and the answerer delays 1822 its answer until those pairs validate. 1824 Agent L Network Agent R 1825 |(1) Offer | | 1826 |------------------------------------------>| 1827 |(2) Answer | | 1828 |<------------------------------------------| 1829 |(3) STUN Req. | | 1830 |------------------------------------------>| 1831 |(4) STUN Res. | | 1832 |<------------------------------------------| 1833 |(5) STUN Req. | | 1834 |<------------------------------------------| 1835 |(6) STUN Res. | | 1836 |-------------------->| | 1837 | |Lost | 1838 |(7) Offer | | 1839 |------------------------------------------>| 1840 |(8) STUN Req. | | 1841 |<------------------------------------------| 1842 |(9) STUN Res. | | 1843 |------------------------------------------>| 1844 |(10) Answer | | 1845 |<------------------------------------------| 1847 Figure 1: Race Condition Flow 1849 Appendix C. Why Is the Conflict Resolution Mechanism Needed? 1851 When ICE runs between two peers, one agent acts as controlled, and 1852 the other as controlling. Rules are defined as a function of 1853 implementation type and offerer/answerer to determine who is 1854 controlling and who is controlled. However, the specification 1855 mentions that, in some cases, both sides might believe they are 1856 controlling, or both sides might believe they are controlled. How 1857 can this happen? 1859 The condition when both agents believe they are controlled shows up 1860 in third party call control cases. Consider the following flow: 1862 A Controller B 1863 |(1) INV() | | 1864 |<-------------| | 1865 |(2) 200(SDP1) | | 1866 |------------->| | 1867 | |(3) INV() | 1868 | |------------->| 1869 | |(4) 200(SDP2) | 1870 | |<-------------| 1871 |(5) ACK(SDP2) | | 1872 |<-------------| | 1873 | |(6) ACK(SDP1) | 1874 | |------------->| 1876 Figure 2: Role Conflict Flow 1878 This flow is a variation on flow III of RFC 3725 [RFC3725]. In fact, 1879 it works better than flow III since it produces fewer messages. In 1880 this flow, the controller sends an offerless INVITE to agent A, which 1881 responds with its offer, SDP1. The agent then sends an offerless 1882 INVITE to agent B, which it responds to with its offer, SDP2. The 1883 controller then uses the offer from each agent to generate the 1884 answers. When this flow is used, ICE will run between agents A and 1885 B, but both will believe they are in the controlling role. With the 1886 role conflict resolution procedures, this flow will function properly 1887 when ICE is used. 1889 At this time, there are no documented flows that can result in the 1890 case where both agents believe they are controlled. However, the 1891 conflict resolution procedures allow for this case, should a flow 1892 arise that would fit into this category. 1894 Appendix D. Why Send an Updated Offer? 1896 Section 11.1 describes rules for sending media. Both agents can send 1897 media once ICE checks complete, without waiting for an updated offer. 1898 Indeed, the only purpose of the updated offer is to "correct" the SDP 1899 so that the default destination for media matches where media is 1900 being sent based on ICE procedures (which will be the highest- 1901 priority nominated candidate pair). 1903 This raises the question -- why is the updated offer/answer exchange 1904 needed at all? Indeed, in a pure offer/answer environment, it would 1905 not be. The offerer and answerer will agree on the candidates to use 1906 through ICE, and then can begin using them. As far as the agents 1907 themselves are concerned, the updated offer/answer provides no new 1908 information. However, in practice, numerous components along the 1909 signaling path look at the SDP information. These include entities 1910 performing off-path QoS reservations, NAT traversal components such 1911 as ALGs and Session Border Controllers (SBCs), and diagnostic tools 1912 that passively monitor the network. For these tools to continue to 1913 function without change, the core property of SDP -- that the 1914 existing, pre-ICE definitions of the addresses used for media -- the 1915 "m=" and "c=" lines and the rtcp attribute -- must be retained. For 1916 this reason, an updated offer must be sent. 1918 Appendix E. Contributors 1920 Following experts have contributed textual and structural 1921 improvements for this work 1923 1. Thomas Stach 1925 * thomass.stach@gmail.com 1927 Authors' Addresses 1929 Marc Petit-Huguenin 1930 Impedance Mismatch 1932 Email: marc@petit-huguenin.org 1934 Suhas Nandakumar 1935 Cisco Systems 1936 707 Tasman Dr 1937 Milpitas, CA 95035 1938 USA 1940 Email: snandaku@cisco.com 1942 Christer Holmberg 1943 Ericsson 1944 Hirsalantie 11 1945 Jorvas 02420 1946 Finland 1948 Email: christer.holmberg@ericsson.com 1949 Ari Keranen 1950 Ericsson 1951 Jorvas 02420 1952 Finland 1954 Email: ari.keranen@ericsson.com 1956 Roman Shpount 1957 TurboBridge 1958 4905 Del Ray Avenue, Suite 300 1959 Bethesda, MD 20814 1960 USA 1962 Phone: +1 (240) 292-6632 1963 Email: rshpount@turbobridge.com