MMUSIC Working Group F. Andreasen
Internet-Draft Cisco Systems
Intended Status: Proposed Standard March 4, 2007
Obsolotes: 3407
Expires: September 2007
SDP Capability Negotiation
draft-ietf-mmusic-sdp-capability-negotiation-05.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that
any applicable patent or other IPR claims of which he or she is
aware have been or will be disclosed, and any of which he or she
becomes aware will be disclosed, in accordance with Section 6 of
BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on September 4, 2007.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
The Session Description Protocol (SDP) was intended for describing
multimedia sessions for the purposes of session announcement, session
invitation, and other forms of multimedia session initiation. SDP was
not intended to provide capability indication or capability
negotiation, however over the years, SDP has seen widespread adoption
and as a result it has been gradually extended to provide limited
support for these. SDP and its current extensions however do not have
Andreasen Expires September 4, 2007 [Page 1]
Internet-Draft SDP Capability Negotiation March 2007
the ability to negotiate one or more alternative transport protocols
(e.g. RTP profiles) which makes it particularly difficult to deploy
new RTP profiles such as secure RTP or RTP with RTCP-based feedback.
The purpose of this document is to address that and other real-life
limitations by extending SDP with capability negotiation parameters
and associated offer/answer procedures to use those parameters in a
backwards compatible manner.
The solution provided in this document provides a general SDP
capability negotiation framework. It also defines specifically how to
provide attributes and transport protocols as capabilities and
negotiate them using the framework. Extensions for other types of
capabilities (e.g. media types and formats) may be provided in other
documents.
Table of Contents
1. Introduction...................................................3
2. Conventions used in this document..............................6
3. SDP Capability Negotiation Solution............................6
3.1. Solution Overview.........................................6
3.2. Relationship to RFC 3407..................................9
3.3. Version and Extension Indication Attributes...............9
3.3.1. Supported Capability Negotiation Extensions Attribute9
3.3.2. Required Capability Negotiation Extension Attribute.11
3.4. Capability Attributes....................................12
3.4.1. Attribute Capability Attribute......................13
3.4.2. Transport Protocol Capability Attribute.............14
3.4.3. Extension Capability Attributes.....................16
3.5. Configuration Attributes.................................16
3.5.1. Potential Configuration Attribute...................16
3.5.2. Actual Configuration Attribute......................22
3.6. Offer/Answer Model Extensions............................24
3.6.1. Generating the Initial Offer........................24
3.6.2. Generating the Answer...............................27
3.6.2.1. Example Views of Potential Configurations......31
3.6.3. Offerer Processing of the Answer....................34
3.6.4. Modifying the Session...............................35
3.7. Interactions with ICE....................................35
3.8. Processing Media before Answer...........................36
3.9. Considerations for Specific Attribute Capabilities.......37
3.9.1. The rtpmap and fmtp Attributes......................37
3.9.2. Direction Attributes................................38
4. Examples......................................................38
4.1. Best-Effort Secure RTP...................................38
4.2. Multiple Transport Protocols.............................41
Andreasen Expires September 4, 2007 [Page 2]
Internet-Draft SDP Capability Negotiation March 2007
4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level
Security Descriptions.........................................45
4.4. SRTP with Session-Level MIKEY and Media Level Security
Descriptions as Alternatives..................................49
5. Security Considerations.......................................51
6. IANA Considerations...........................................53
6.1. New SDP Attributes.......................................53
6.2. New SDP Capability Negotiation Option Tag Registry.......54
6.3. New SDP Capability Negotiation Potential Configuration
Parameter Registry............................................55
7. To Do and Open Issues.........................................55
8. Acknowledgments...............................................55
9. Change Log....................................................56
9.1. draft-ietf-mmusic-sdp-capability-negotiation-05..........56
9.2. draft-ietf-mmusic-sdp-capability-negotiation-04..........57
9.3. draft-ietf-mmusic-sdp-capability-negotiation-03..........57
9.4. draft-ietf-mmusic-sdp-capability-negotiation-02..........57
9.5. draft-ietf-mmusic-sdp-capability-negotiation-01..........58
9.6. draft-ietf-mmusic-sdp-capability-negotiation-00..........59
10. References...................................................60
10.1. Normative References....................................60
10.2. Informative References..................................60
Author's Addresses...............................................62
Intellectual Property Statement..................................63
Full Copyright Statement.........................................63
Acknowledgment...................................................63
1. Introduction
The Session Description Protocol (SDP) was intended for describing
multimedia sessions for the purposes of session announcement, session
invitation, and other forms of multimedia session initiation. The SDP
contains one or more media stream descriptions with information such
as IP-address and port, type of media stream (e.g. audio or video),
transport protocol (possibly including profile information, e.g.
RTP/AVP or RTP/SAVP), media formats (e.g. codecs), and various other
session and media stream parameters that define the session.
Simply providing media stream descriptions is sufficient for session
announcements for a broadcast application, where the media stream
parameters are fixed for all participants. When a participant wants
to join the session, he obtains the session announcement and uses the
media descriptions provided, e.g., joins a multicast group and
receives media packets in the encoding format specified. If the
media stream description is not supported by the participant, he is
unable to receive the media.
Andreasen Expires September 4, 2007 [Page 3]
Internet-Draft SDP Capability Negotiation March 2007
Such restrictions are not generally acceptable to multimedia session
invitations, where two or more entities attempt to establish a media
session that uses a set of media stream parameters acceptable to all
participants. First of all, each entity must inform the other of its
receive address, and secondly, the entities need to agree on the
media stream parameters to use for the session, e.g. transport
protocols and codecs. We here make a distinction between the
capabilities supported by each participant, the way in which those
capabilities can be supported and the parameters that can actually be
used for the session. More generally, we can say that we have the
following:
o A set of capabilities for the session and its associated media
stream components, supported by each side.
o A set of potential configurations indicating which combinations of
those capabilities can be used for the session and its associated
media stream components.
o An actual configuration for the session and its associated media
stream components, which specifies which combinations of session
parameters and media stream components to use and with what
parameters.
o A negotiation process that takes the set of potential
configurations (combinations of capabilities) as input and
provides the actual configurations as output.
SDP by itself was designed to provide only one of these, namely the
actual configurations, however over the years, use of SDP has been
extended beyond its original scope. Session negotiation semantics
were defined by the offer/answer model in RFC 3264. It defines how
two entities, an offerer and an answerer, exchange session
descriptions to negotiate a session. The offerer can include one or
more media formats (codecs) per media stream, and the answerer then
selects one or more of those offered and returns them in an answer.
Both the offer and the answer contain actual configurations;
capabilities and potential configurations are not supported. The
answer however may reduce the set of actual configurations from the
offer as well as extend the set of actual configurations that can be
used to receive media by the answerer.
Other relevant extensions have been defined. Simple capability
declarations, which define how to provide a simple and limited set of
capability descriptions in SDP was defined in RFC 3407. Grouping of
media lines, which defines how media lines in SDP can have other
Andreasen Expires September 4, 2007 [Page 4]
Internet-Draft SDP Capability Negotiation March 2007
semantics than the traditional "simultaneous media streams"
semantics, was defined in RFC 3388, etc.
Each of these extensions was designed to solve a specific limitation
of SDP. Since SDP had already been stretched beyond its original
intent, a more comprehensive capability declaration and negotiation
process was intentionally not defined. Instead, work on a "next
generation" of a protocol to provide session description and
capability negotiation was initiated [SDPng]. SDPng however has not
gained traction and has remained as work in progress for an extended
period of time. Existing real-time multimedia communication
protocols such as SIP, RTSP, Megaco, and MGCP continue to use SDP.
SDP and its current extensions however do not address an increasingly
important problem: the ability to negotiate one or more alternative
transport protocols (e.g., RTP profiles). This makes it difficult to
deploy new RTP profiles such as secure RTP (SRTP) [SRTP], RTP with
RTCP-Based Feedback [AVPF], etc. This particular problem is
exacerbated by the fact that RTP profiles are defined independently.
When a new profile is defined and N other profiles already exist,
there is a potential need for defining N additional profiles, since
profiles cannot be combined automatically. For example, in order to
support the plain and secure RTP version of RTP with and without
RTCP-based feedback, four separate profiles (and hence profile
definitions) are needed: RTP/AVP [RFC3551], RTP/SAVP [SRTP], RTP/AVPF
[AVPF], and RTP/SAVPF [SAVPF]. In addition to the pressing profile
negotiation problem, other important real-life limitations have been
found as well.
The purpose of this document is to define a mechanism that enables
SDP to provide limited support for indicating capabilities and their
associated potential configurations, and negotiate the use of those
potential configurations as actual configurations. It is not the
intent to provide a full-fledged capability indication and
negotiation mechanism along the lines of SDPng or ITU-T H.245.
Instead, the focus is on addressing a set of well-known real-life
limitations. More specifically, the solution provided in this
document provides a general SDP capability negotiation framework. It
also defines specifically how to provide attributes and transport
protocols as capabilities and negotiate them using the framework.
Extensions for other types of capabilities (e.g. media types and
formats) may be provided in other documents.
As mentioned above, SDP is used by several protocols, and hence the
mechanism should be usable by all of these. One particularly
important protocol for this problem is the Session Initiation
Protocol (SIP) [RFC3261]. SIP uses the offer/answer model (which is
not specific to SIP) to negotiate sessions and hence the mechanism
Andreasen Expires September 4, 2007 [Page 5]
Internet-Draft SDP Capability Negotiation March 2007
defined here defines the offer/answer procedures to use for the
capability negotiation framework.
The rest of the document is structured as follows. In Section 3. we
present our SDP capability negotiation solution, which consists of
new SDP attributes and associated offer/answer procedures. In Section
4. we provide examples illustrating its use and in Section 5. we
provide the security considerations.
2. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. SDP Capability Negotiation Solution
In this section we first provide an overview of the SDP Capability
negotiation solution. This is followed by definitions of new SDP
attributes for the solution and its associated updated offer/answer
procedures.
3.1. Solution Overview
The solution consists of the following:
o Two new attributes to support extensions to the framework itself
as follows:
o A new attribute ("a=csup") that lists the supported base and
extension options to the framework.
o A new attribute ("a=creq") that lists the extensions to the
framework that are required to be supported by the entity
receiving the SDP in order to do capability negotiation.
o Two new attributes used to express capabilities as follows
(additional attributes can be defined as extensions):
o A new attribute ("a=acap") that defines how to list an
attribute name, either with or without an associated value, as
a capability.
o A new attribute ("a=tcap") that defines how to list transport
protocols (e.g. "RTP/AVP") as capabilities.
o Two new attributes to negotiate configurations as follows:
Andreasen Expires September 4, 2007 [Page 6]
Internet-Draft SDP Capability Negotiation March 2007
o A new attribute ("a=pcfg") that lists the potential
configurations supported. This is done by reference to the
capabilities from the SDP in question. Multiple potential
configurations have an explicitly indicated ordering
associated with them. Extension capabilities can be defined
and referenced in the potential configurations.
o A new attribute ("a=acfg") to be used in an answer SDP. The
attribute identifies a potential configuration from an offer
SDP which were used as an actual configuration to form the
answer SDP. Extension capabilities can be included as well.
o Extensions to the offer/answer model that allow for capabilities
and potential configurations to be included in an offer.
Capabilities can be provided at the session level or the media
level. Potential configurations can be included at the media level
only, where they constitute alternative offers that may be
accepted by the answerer instead of the actual configuration(s)
included in the "m=" line(s). The answerer indicates which (if
any) of the potential configurations it used to form the answer by
including the actual configuration attribute ("a=acfg") in the
answer. Capabilities may be included in answers as well, where
they can aid in guiding a subsequent new offer.
The mechanism is illustrated by the offer/answer exchange below,
where Alice sends an offer to Bob:
Alice Bob
| (1) Offer (SRTP and RTP) |
|--------------------------------->|
| |
| (2) Answer (SRTP) |
|<---------------------------------|
| |
Alice's offer includes RTP and SRTP as alternatives. RTP is the
default (actual configuration), but SRTP is the preferred one
(potential configuration):
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/AVP 0 18
Andreasen Expires September 4, 2007 [Page 7]
Internet-Draft SDP Capability Negotiation March 2007
a=tcap:1 RTP/SAVP
a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=1 a=1
The "m=" line indicates that Alice is offering to use plain RTP with
PCMU or G.729. The capabilities are provided by the "a=tcap" and
"a=acap" attributes. The transport capabilities ("a=tcap") indicate
that secure RTP under the AVP profile ("RTP/SAVP") is supported with
an associated transport capability handle of 1. The "acap" attribute
provides an attribute capability with a handle of 1. The attribute
capability is a "crypto" attribute, which provides the keying
material for SRTP using SDP security descriptions [SDES]. The
"a=pcfg" attribute provides the potential configuration included in
the offer by reference to the capability parameters. One alternative
is provided; it has a configuration number of 1 and it consists of
transport protocol capability 1 (i.e. the RTP/SAVP profile - secure
RTP), and the attribute capability 1, i.e. the crypto attribute
provided. Potential configurations are always preferred over the
actual configuration included in the offer SDP, and hence Alice is
expressing a preference for using secure RTP.
Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP
Capability Negotiation framework, and hence he accepts the
(preferred) potential configuration for Secure RTP provided by Alice:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4
a=acfg:1 t=1 a=1
Bob includes the "a=acfg" attribute in the answer to inform Alice
that he based his answer on an offer containing the potential
configuration with transport protocol capability 1 and attribute
capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the
keying material provided). Bob also includes his keying material in
a crypto attribute. If Bob supported one or more extensions to the
capability negotiation framework, he would have included option tags
for those in the answer as well (in an "a=csup" attribute).
Note that in this particular example, the answerer supported the
capability negotiation extensions defined here, however had he not,
Andreasen Expires September 4, 2007 [Page 8]
Internet-Draft SDP Capability Negotiation March 2007
the answerer would simply have ignored the new attributes and
accepted the (actual configuration) offer to use normal RTP. In that
case, the following answer would have been generated instead:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/AVP 0 18
3.2. Relationship to RFC 3407
RFC 3407 defines capability descriptions with limited abilities to
describe attributes, bandwidth parameters, transport protocols and
media formats. RFC 3407 does not define any negotiation procedures
for actually using those capability descriptions.
This document obsoletes RFC 3407 by defining new attributes for
describing attribute capabilities and transport capabilities. It also
defines procedures for actually using those capabilities as part of
an offer/answer exchange. Extensions to this document may be defined
in order to fully cover all the capabilities provided by RFC 3407
(for example more general media capabilities).
It is RECOMMENDED that implementations use the attributes and
procedures defined in this document instead of those defined in
[RFC3407].
If capability description interoperability with legacy RFC 3407
implementations is desired, implementations MAY include both RFC 3407
capability descriptions and capabilities defined by this document.
The offer/answer negotiation procedures however will not be able to
use the RFC 3407 capability descriptions.
3.3. Version and Extension Indication Attributes
In this section, we present the new attributes associated with
indicating the SDP capability negotiation extensions supported and
required.
3.3.1. Supported Capability Negotiation Extensions Attribute
The SDP Capability negotiation solution allows for capability
negotiation extensions to be defined. Associated with each such
extension is an option tag that identifies the extension in question.
Andreasen Expires September 4, 2007 [Page 9]
Internet-Draft SDP Capability Negotiation March 2007
Option-tags MUST be registered with IANA per the procedures defined
in Section 6.
The Supported Capability Negotiation Extensions attribute ("a=csup")
contains a comma-separated list of option tags identifying the SDP
Capability negotiation extensions supported by the entity that
generated the SDP. The attribute is defined as follows:
a=csup: <option-tag-list>
RFC 4566, Section 9, provides the ABNF for SDP attributes. The "csup"
attribute adheres to the RFC 4566 "attribute" production, with an
att-value defined as follows:
att-value = option-tag-list
option-tag-list = option-tag *(COMMA option-tag)
option-tag = token ; defined in [RFC4566]
COMMA = "," ; defined in [RFC4234]
Implementers familiar with the Session Initiation Protocol (SIP)
should note that the above definition of COMMA differs from the one
in [RFC3261].
A special base option tag with a value of "cap-v0" is defined for the
basic SDP capability negotiation framework. Entities can use this
option tag with the "a=csup" attribute to indicate support for the
SDP capability negotiation framework specified in this document.
The following examples illustrates the use of the "a=csup" attribute
with the "cap-v0" option tags and two hypothetical option tags, "foo"
and "bar" (note the lack of white space):
a=csup:cap-v0
a=csup:foo
a=csup:bar
a=csup:cap-v0,foo,bar
The "a=csup" attribute can be provided at the session and the media-
level. When provided at the session-level, it applies to the entire
SDP. When provided at the media-level, it applies to the media
description in question only (option-tags provided at the session
level apply as well). There can be at most one "a=csup" attributes at
the session-level and at most one at the media-level (one per media
description in the latter case).
Andreasen Expires September 4, 2007 [Page 10]
Internet-Draft SDP Capability Negotiation March 2007
Whenever an entity that supports one or more extensions to the SDP
Capability Negotiation framework generates an SDP, it SHOULD include
the "a=csup" attribute with the option tags for the extensions it
supports at the session and/or media-level, unless those option tags
are already provided in one or more "a=creq" attribute (see Section
3.3.2. ) at the relevant levels. The base option tag MAY be included.
3.3.2. Required Capability Negotiation Extension Attribute
The Required Capability Negotiation Extensions attribute ("a=creq")
contains a comma-separated list of option tags (see Section 3.3.1. )
identifying the SDP Capability negotiation extensions that MUST be
supported by the entity receiving the SDP in order for that entity to
properly process the SDP Capability Negotiation attributes and
associated procedures. Support for the basic negotiation framework is
implied by the presence of an "a=pcfg" attribute (see Section 3.5.1.
) and hence there is no need to include the "a=creq" attribute with
the base option-tag ("cap-v0"). Still, it is allowed to do so.
The attribute is defined as follows:
a=creq: <option-tag-list>
The "creq" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows:
att-value = option-tag-list
The following examples illustrate the use of the "a=creq" attribute
with the "cap-v0" base option tag and two hypothetical option tags,
"foo" and "bar" (note the lack of white space):
a=creq:cap-v0
a=creq:foo
a=creq:bar
a=creq:cap-v0,foo,bar
The "a=creq" attribute can be provided at the session and the media-
level. When provided at the session-level, it applies to the entire
SDP. When provided at the media-level, it applies to the media-stream
in question only (required option tags provided at the session level
apply as well). There can be at most one "a=creq" attribute at the
session-level and at most one "a=creq" attribute at the media-level
(one per media description in the latter case).
Andreasen Expires September 4, 2007 [Page 11]
Internet-Draft SDP Capability Negotiation March 2007
When an entity generates an SDP and it requires the recipient of that
SDP to support one or more SDP capability negotiation extensions in
order to properly process the SDP Capability negotiation, the
"a=creq" attribute MUST be included with option-tags that identify
the required extensions at the session and/or media level, unless it
is already known that the receiving entity supports those option-tags
at the relevant levels (in which case their inclusion is OPTIONAL).
An example of this is when generating an answer to an offer. If the
answerer supports the required option-tags from the offer, and the
answerer does not require any additional option-tags beyond what
was listed in either the required ("a=creq") or supported
("a=csup") attributes from the offer, then the answerer is not
required to include a required ("a=creq") attribute with any
option-tags that may need to be supported (such as the base option
tag - "cap-v0").
Support for the basic negotiation framework is implied by the
presence of an "a=pcfg" attribute (see Section 3.5.1. ) and hence it
is not required to include the "a=creq" attribute with the base
option-tag ("cap-v0").
A recipient that receives an SDP and does not support one or more of
the required extensions listed in a "creq" attribute, MUST NOT
perform the SDP capability negotiation defined in this document. For
non-supported extensions provided at the session-level, this implies
that SDP capability negotiation MUST NOT be performed at all. For
non-supported extensions at the media-level, this implies that SDP
capability negotiation MUST NOT be performed for the media stream in
question.
When an entity does not support one or more required SDP capability
negotiation extensions, the entity SHOULD proceed as if the SDP
capability negotiation attributes were not included in the first
place, i.e. all the capability negotiation attributes should be
ignored. In that case, the entity SHOULD include a "csup" attribute
listing the SDP capability negotiation extensions it actually
supports.
This ensures that introduction of the SDP capability negotiation
mechanism does not introduce any new failure scenarios.
3.4. Capability Attributes
In this section, we present the new attributes associated with
indicating the capabilities for use by the SDP Capability
negotiation.
Andreasen Expires September 4, 2007 [Page 12]
Internet-Draft SDP Capability Negotiation March 2007
3.4.1. Attribute Capability Attribute
Attributes and their associated values can be expressed as
capabilities by use of a new attribute capability attribute
("a=acap"), which is defined as follows:
a=acap: <att-cap-num> <att-par>
where <att-cap-num> is an integer between 1 and 2^31-1 (both
included) used to number the attribute capability and <att-par> is an
attribute ("a=") in its full '<type>=<value>' form (see [RFC4566]).
Support for a specific attribute (name) (without any particular
values) can be indicated by providing only the '<type>' (i.e. the
attribute name).
The "acap" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows:
att-value = att-cap-num 1*WSP att-par
att-cap-num = 1*DIGIT ;defined in [RFC4234]
att-par = attribute ;defined in RFC 4566
Note that white-space is not permitted before the att-cap-num.
The "acap" attribute can be provided at the session level for
session-level attributes and the media level for media-level
attributes. The "acap" attribute MUST NOT be used to provide a media-
level attribute at the session-level or vice versa.
Each occurrence of the "acap" attribute in the entire session
description MUST use a different value of <att-cap-num>.
There is a need to be able to reference both session-level and
media-level attributes in potential configurations at the media
level, and this provides for a simple solution to avoiding overlap
between the references (handles) to each attribute capability.
The <att-cap-num> values provided are independent of similar <cap-
num> values provided for other types of capabilities, i.e., they form
a separate name-space for attribute capabilities.
The following examples illustrate use of the "acap" attribute:
a=acap:1 a=ptime:20
a=acap:2 a=ptime:30
Andreasen Expires September 4, 2007 [Page 13]
Internet-Draft SDP Capability Negotiation March 2007
a=acap:3 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyONQ6gAA
AAAGEEoo2pee4hp2UaDX8ZE22YwKAAAPZG9uYWxkQGR1Y2suY29tAQAAAAAAAQAk0
JKpgaVkDaawi9whVBtBt0KZ14ymNuu62+Nv3ozPLygwK/GbAV9iemnGUIZ19fWQUO
SrzKTAv9zV
a=acap:4 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=acap:5 a=crypto
a=acap:6 a=key-mgmt
The first two provide attribute values for the ptime attribute. The
third provides SRTP parameters by using MIKEY with the key-mgmt
attribute [KMGMT]. The fourth provides SRTP parameters by use of
security descriptions with the crypto attribute [SDES]. Note that the
line-wrapping and new-lines in example three and four are provided
for formatting reasons only - they are not permitted in actual SDP.
The 5th attribute capability merely indicates support for the
"crypto" attribute (without any further information about particular
values to use with it), and the 6th attribute capability merely
indicates support for the "key-mgmt" attribute.
Readers familiar with RFC 3407 may notice the similarity between
the RFC 3407 "cpar" attribute and the above. There are however a
couple of important differences, most notably that the "acap"
attribute contains a handle that enables referencing it and it
furthermore supports attributes only (the "cpar" attribute defined
in RFC 3407 supports bandwidth information as well). The "acap"
attribute also is not automatically associated with any particular
capabilities.
3.4.2. Transport Protocol Capability Attribute
Transport Protocols can be expressed as capabilities by use of a new
Transport Protocol Capability attribute ("a=tcap") defined as
follows:
a=tcap: <trpr-cap-num> <proto-list>
where <trpr-cap-num> is an integer between 1 and 2^31-1 (both
included) used to number the transport address capability for later
reference, and <proto-list> is one or more <proto>, separated by
white space, as defined in the SDP "m=" line.
The "tcap" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows:
Andreasen Expires September 4, 2007 [Page 14]
Internet-Draft SDP Capability Negotiation March 2007
att-value = trpr-cap-num 1*WSP proto-list
trpr-cap-num = 1*DIGIT ;defined in [RFC4234]
proto-list = proto *(1*WSP proto) ; defined in RFC 4566
Note that white-space is not permitted before the trpr-cap-num.
The "tcap" attribute can be provided at the session- and media-level.
There can be multiple "tcap" attributes at the session-level as well
as within each media description. Each occurrence of the "tcap"
attribute in the entire session description MUST use a different
value of <trpr-cap-num>. When multiple <proto> values are provided,
the first one is associated with the value <trpr-cap-num>, the second
one with the value one higher, etc. The <trpr-cap-num> values
provided are independent of similar <cap-num> values provided for
other capability attributes, i.e., they form a separate name-space
for transport protocol capabilities.
Below, we provide examples of the "a=tcap" attribute:
a=tcap:1 RTP/AVP
a=tcap:2 RTP/AVPF
a=tcap:3 RTP/SAVP RTP/SAVPF
The first one provides a capability for the "RTP/AVP" profile defined
in [RFC3551] and the second one provides a capability for the RTP
with RTCP-Based Feedback profile defined in [AVPF]. The third one
provides capabilities for the "RTP/SAVP" and "RTP/SAVPF" profiles.
Transport capabilities are inherently included in the "m=" line,
however they still need to be specified explicitly in a "tcap"
attribute, if they are to be used as a capability.
This may seem redundant (and indeed it is from the offerer's point
of view), however it is done to protect against middle-boxes that
may modify "m=" lines while passing unknown attributes through. If
an implicit transport capability were used instead (e.g. a reserved
transport capability number could be used to refer to the transport
protocol in the "m=" line), and a middle-box were to modify the
transport protocol in the "m=" line (e.g. to translate between
plain RTP and secure RTP), then the potential configuration
referencing that implicit transport capability may no longer be
correct. With explicit capabilities, we avoid this pitfall,
although the potential configuration preference (see Section 3.5.1.
) may not reflect that of the middle-box (which some may view as a
feature).
Andreasen Expires September 4, 2007 [Page 15]
Internet-Draft SDP Capability Negotiation March 2007
3.4.3. Extension Capability Attributes
The SDP Capability Negotiation framework allows for new capabilities
to be defined as extensions and used with the general capability
negotiation framework. The syntax and semantics of such new
capability attributes are not defined here, however in order to be
used with potential configurations, they SHOULD allow for a numeric
handle to be associated with each capability. This handle can be used
as a reference within the potential and actual configuration
attributes (see Section 3.5.1. and 3.5.2. ). The definition of such
extension capability attributes MUST also state whether they can be
applied at the session-level, media-level, or both.
3.5. Configuration Attributes
3.5.1. Potential Configuration Attribute
Potential Configurations can be expressed by use of a new Potential
Configuration Attribute ("a=pcfg") defined as follows:
a=pcfg: <config-number> <pot-cfg-list>
where <config-number> is an integer between 1 and 2^31-1 (both
included).
The "pcfg" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows:
att-value = config-number 1*WSP pot-cfg-list
config-number = 1*DIGIT ;defined in [RFC4234]
pot-cfg-list = pot-config *(1*WSP pot-config)
pot-config = pot-attribute-config-list /
pot-transport-protocol-config-list /
pot-extension-config-list
The missing productions are defined below. Note that white-space is
not permitted before the config-number.
The potential configuration attribute can be provided at the media-
level only and there can be multiple instances of it within a given
media description. The attribute includes a configuration number,
which is an integer between 1 and 2^31-1 (both included). The
configuration number MUST be unique within the media description
(i.e. it has media level scope only). The configuration number also
indicates the relative preference of potential configurations; lower
numbers are preferred over higher numbers.
Andreasen Expires September 4, 2007 [Page 16]
Internet-Draft SDP Capability Negotiation March 2007
After the configuration number, one or more potential configuration
lists MUST be provided. The potential configuration lists generally
reference one or more capabilities, and those capabilities are
(conceptually) used to construct a new internal version of the SDP by
use of purely syntactic add, delete and replace operations on the
original SDP (actual configuration), thereby generating a new
potential configuration SDP that can be used by conventional SDP
procedures if actually selected.
This document defines potential attribute configuration lists and
potential transport protocol configuration lists. Each of these MUST
NOT be present more than once in a particular potential configuration
attribute. Potential extension configuration lists can be included as
well; unknown potential extension configuration lists MUST be ignored
(if support is required, then the "a=creq" attribute with suitable
option tags should be used). There can be more than one potential
extension configuration list, however each particular potential
extension configuration list MUST NOT be present more than once in a
given potential configuration attribute. Together, these potential
configuration lists define a potential configuration.
There can be multiple potential configurations provided within a
media description. Each of these indicates not only a willingness,
but in fact a desire to use the potential configuration.
Attribute capabilities are used in a potential configuration by use
of the pot-attribute-config-list parameter, which is defined by the
following ABNF:
pot-attribute-config-list
= "a=" [delete-attributes ":"]
att-cap-inst-list *(BAR att-cap-inst-list)
delete-attributes = DELETE ( "m" ; media attributes
/ "s" ; session attributes
/ "ms" ) ; media and session attributes
att-cap-inst-list = att-cap-inst *(COMMA att-cap-inst)
att-cap-inst = [att-cap-operator] att-cap-num
att-cap-operator = DELETE / REPLACE
att-cap-num = 1*DIGIT ;defined in [RFC4234]
BAR = "|"
DELETE = "-"
REPLACE = "/"
Note that white space is not permitted within this production.
Andreasen Expires September 4, 2007 [Page 17]
Internet-Draft SDP Capability Negotiation March 2007
Each potential attribute configuration list can optionally begin with
instructions for how to handle attributes that are part of the actual
configuration (i.e. the "a=" lines present in the original SDP). By
default, such attributes will remain as part of the configuration in
question. However, if delete-attributes indicates "-m", then all
attribute lines within the media description in question will be
deleted (i.e. all "a=" lines under the "m=" line in question). If
delete-attributes indicates "-s", then all attribute lines at the
session-level will be deleted (i.e. all "a=" lines before the first
"m=" line). If delete-attributes indicates "-ms", then all attribute
lines within this media description ("m=" line) and all attribute
lines at the session-level will be deleted.
The attribute capability instruction list comes next. It contains one
or more alternative lists of attribute capability instructions. The
lists are separated by a vertical bar ("|"), and each list contains
one or more attribute capability instructions separated by commas
(","). An attribute capability instruction is merely an attribute
capability number that may optionally be prefixed by an attribute
capability operator. Each attribute capability number (att-cap-num)
identifies a particular attribute capability by referring to
attribute capability numbers defined above and hence MUST be between
1 and 2^31-1 (both included). The following example illustrates the
above:
a=-m:1,2,-3,/4|1,2,5
where
o "a=-m:1,2,-3,/4|1,2,5" is the potential attribute configuration
list
o "-m" is the delete-attributes
o "1,2,-3,/4" and "1,2,5" are both attribute capability instruction
lists. The two lists are alternatives, since they are separated by
a vertical bar above
o "1" is an attribute capability instruction without any attribute
capability operator. It is also an attribute capability number
o "-3" is an attribute capability instruction, where "-" is an
attribute capability operator, and "3" is the attribute capability
number.
Andreasen Expires September 4, 2007 [Page 18]
Internet-Draft SDP Capability Negotiation March 2007
o "/4" is an attribute capability instruction, where "/" is an
attribute capability operator, and "4" is the attribute capability
number.
By default, each referenced attribute capability will result in the
corresponding attribute name and its associated value (contained
inside the attribute capability) merely being added to the resulting
potential configuration SDP. The attribute capability operators
change this default behavior:
o For session-level attribute capabilities, the DELETE operator ("-
") will result in the deletion of all session-level occurrences of
attributes with the same attribute-name (attribute values are
ignored) as the attribute contained inside that attribute
capability. The attribute contained inside the attribute
capability will NOT be added to the resulting potential
configuration SDP.
For example, if delete was indicated for a session-level "key-
mgmt" attribute capability ("a=acap:1 a=key-mgmt..."), all
occurrences of "a=key-mgmt" at the session-level would be
deleted.
o For media-level attribute capabilities, the DELETE operator ("-")
will result in the deletion of all occurrences of attributes with
the same attribute-name (attribute values are ignored) as the
attribute contained inside that attribute capability, within this
particular media description ("m=" line) only. The attribute
contained inside the attribute capability will NOT be added to the
resulting potential configuration SDP.
For example, if delete was indicated for a media-level "crypto"
attribute capability ("a=acap:1 a=crypto..."), all occurrences
of "a=crypto" inside the media description ("m=" line) in
question would be deleted.
o For session-level attribute capabilities, the REPLACE operator
("/") is similar to the DELETE operator, except that the attribute
contained inside the attribute capability WILL be added to the
resulting potential configuration SDP (at the session-level).
For example, if replace was indicated for a session-level "key-
mgmt" attribute capability ("a=acap:1 a=key-mgmt..."), all
occurrences of "a=key-mgmt" at the session-level would be
deleted, and the "key-mgmt" attribute name and its associated
value from the attribute capability would be added to the
resulting SDP for that configuration.
Andreasen Expires September 4, 2007 [Page 19]
Internet-Draft SDP Capability Negotiation March 2007
o For media-level attribute capabilities, the REPLACE operator ("/")
is similar to the DELETE operator, except that the attribute
contained inside the attribute capability WILL be added to the
resulting potential configuration SDP (within the media
description in question).
For example, if replace was indicated for a media-level
"crypto" attribute capability ("a=acap:1 a=crypto..."), all
occurrences of "a=crypto" inside the media description ("m="
line) in question would be deleted, and the "crypto" attribute
name and its associated value from the attribute capability
would be added to the resulting SDP for that configuration.
Alternative attribute capability instruction lists are separated by a
vertical bar ("|"), the scope of which extends to the next
alternative (i.e. "," has higher precedence than "|"). The
alternatives are ordered by preference with the most preferred listed
first. Exactly one of the alternative lists MUST be selected in its
entirety in order to use this potential configuration attribute.
Potential transport protocol configuration lists are included in a
potential configuration by use of the pot-transport-protocol-config-
list parameter, which is defined by the following ABNF:
pot-transport-protocol-config-list =
"t=" trpr-cap-num *(BAR trpr-cap-num)
trpr-cap-num = 1*DIGIT ; defined in [RFC4234]
Note that white-space is not permitted within this production.
The trpr-cap-num refers to transport protocol capability numbers
defined above and hence MUST be between 1 and 2^31-1 (both included).
Alternative potential transport protocol capabilities are separated
by a vertical bar ("|"). The alternatives are ordered by preference
with the most preferred listed first. When there are no transport
protocol capabilities included in a potential configuration at the
media level, the transport protocol information from the associated
"m=" line will be used. When included, exactly one of the
alternatives MUST be selected in order to use this potential
configuration attribute.
In the presence of middle-boxes (the existence of which may not be
known), care should be taken with assuming that the transport
protocol in the "m=" line will not be modified by a middle-box. Use
of an explicit transport protocol capability will guard against any
capability negotiation implications of that.
Andreasen Expires September 4, 2007 [Page 20]
Internet-Draft SDP Capability Negotiation March 2007
Extension capabilities can be included in a potential configuration
as well by use of potential extension configuration lists. Such
potential configuration extension lists MUST adhere to the following
ABNF:
pot-extension-config-list = ext-cap-name "="
ext-cap-list
ext-cap-name = token ; defined in [RFC4566]
ext-cap-list = 1*VCHAR ; defined in [RFC4234]
Note that white-space is not permitted within this production.
The ext-cap-name refers to the type of extension capability and the
ext-cap-list is here merely defined as a sequence of visible
characters. The actual extension supported MUST refine both of these
further. For extension capabilities that merely need to be referenced
by a capability number, it is RECOMMENDED to follow a structure
similar to what has been specified above. Unsupported or unknown
potential extension configuration lists in a potential configuration
attribute MUST be ignored.
The "creq" attribute and its associated rules can be used to ensure
that required extensions are supported in the first place.
Potential configuration attributes can be provided at the media level
only, however it is possible to reference capabilities provided at
either the session or media level. There are certain semantic rules
and restrictions associated with this:
A (media level) potential configuration attribute in a given media
description MUST NOT reference a media-level capability provided in a
different media description; doing so invalidates that potential
configuration (note that a potential configuration attribute can
contain more than one potential configuration by use of
alternatives). A potential configuration attribute can however
reference a session-level capability. The semantics of doing so
depends on the type of capability. In the case of transport protocol
capabilities it has no particular implication. In the case of
attribute capabilities however, it does. More specifically, the
attribute name and value (provided within that attribute capability)
will be considered part of the resulting SDP for that particular
configuration at the *session* level. In other words, it will be as-
if that attribute was simply provided with that value at the session-
level in the first place. Note that individual media streams perform
capability negotiation individually, and hence it is possible that
another media stream (where the attribute was part of a potential
configuration) chose a configuration without that session level
Andreasen Expires September 4, 2007 [Page 21]
Internet-Draft SDP Capability Negotiation March 2007
attribute. The session-level attribute however remains "active" and
hence applies to the entire resulting potential configuration SDP. It
is up to the entity that generated the SDP with these capabilities
and potential configuration attributes in the first place, to ensure,
that in such cases, the resulting potential configuration SDP is
still meaningful.
The session-level operation of extension capabilities is undefined:
Consequently, each new session-level extension capability defined
MUST specify the implication of making it part of a configuration at
the media level.
Below, we provide an example of the "a=pcfg" attribute in a complete
media description in order to properly indicate the supporting
attributes:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/AVPF 0 18
a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=tcap:1 RTP/AVPF RTP/AVP
a=tcap:3 RTP/SAVP RTP/SAVPF
a=pcfg:1 t=4|3 a=1
a=pcfg:8 t=1|2
We have two potential configuration attributes listed here. The first
one (and most preferred, since its configuration number is "1")
indicates that either of the profiles RTP/SAVPF or RTP/SAVP
(specified by the transport protocol capability numbers 4 and 3) can
be supported with attribute capability 1 (the "crypto" attribute);
RTP/SAVPF is preferred over RTP/SAVP since its capability number (4)
is listed first in the preferred potential configuration. The second
potential configuration attribute indicates that the RTP/AVPF or
RTP/AVP profile can be used, with RTP/AVPF being the preferred one.
This non secure RTP alternative is the less preferred one since its
configuration number is "8".
3.5.2. Actual Configuration Attribute
The actual configuration attribute identifies which of the potential
configurations from an offer SDP was selected and used as an actual
configuration in an answer SDP. This is done by including the
configuration number and the configuration lists from the offer that
Andreasen Expires September 4, 2007 [Page 22]
Internet-Draft SDP Capability Negotiation March 2007
were actually selected and used by the answerer in his offer/answer
procedure as follows:
o A selected potential attribute configuration MUST include the
delete-attributes and the selected alternative att-cap-inst-list
(i.e. containing both operators and capability numbers from the
potential configuration). If delete-attributes were not included
in the potential configuration, they will of course not be present
here either.
o A selected potential transport protocol configuration MUST include
the selected transport protocol capability number.
o A selected potential extension configuration MUST include the
selected extension configuration parameters as specified for that
particular extension.
Note that the selected configuration number and all selected
capability numbers used in the actual configuration attribute refer
to those from the offer; not the answer.
The answer may for example include capabilities as well. The actual
configuration attribute does not refer to any of those.
The Actual Configuration Attribute ("a=acfg") is defined as follows:
a=acfg: <sel-cfg-list>
The "acfg" attribute adheres to the RFC 4566 "attribute" production,
with an att-value defined as follows:
att-value = config-number 1*WSP sel-cfg-list
;config-number defined in Section 3.5.1.
sel-cfg-list = sel-cfg *(1*WSP sel-cfg)
sel-cfg = sel-attribute-config /
sel-transport-protocol-config /
sel-extension-config
sel-attribute-config =
"a=" [delete-attributes ":"] att-cap-inst-list
; defined in Section 3.5.1.
sel-transport-protocol-config =
"t=" trpr-cap-num ; defined in Section 3.5.1.
sel-extension-config =
ext-cap-name "=" 1*VCHAR ; defined in Section 3.5.1.
Andreasen Expires September 4, 2007 [Page 23]
Internet-Draft SDP Capability Negotiation March 2007
Note that white-space is not permitted before the config-number.
The actual configuration ("a=acfg") attribute can be provided at the
media-level only. There MUST NOT be more than one occurrence of an
actual configuration attribute within a given media description.
Below, we provide an example of the "a=acfg" attribute (building on
the previous example with the potential configuration attribute):
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/SAVPF 0
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:1 t=4 a=1
It indicates that the answerer used an offer consisting of potential
configuration number 1 with transport protocol capability 4 from the
offer (RTP/SAVPF) and attribute capability 1 (the "crypto"
attribute). The answerer includes his own "crypto" attribute as well.
3.6. Offer/Answer Model Extensions
In this section, we define extensions to the offer/answer model
defined in [RFC3264] to allow for potential configurations to be
included in an offer, where they constitute offers that may be
accepted by the answerer instead of the actual configuration(s)
included in the "m=" line(s).
The procedures defined in the following subsections apply to both
unicast and multicast streams.
3.6.1. Generating the Initial Offer
An offerer that wants to use the SDP capability negotiation
extensions defined in this document MUST include the following in the
offer:
Andreasen Expires September 4, 2007 [Page 24]
Internet-Draft SDP Capability Negotiation March 2007
o An attribute capability attribute ("a=acap") as defined in Section
3.4.1. for each attribute name and associated value (if any) that
needs to be indicated as a capability in the offer.
Session-level attributes and associated values MUST be provided in
attribute capabilities at the session-level only, whereas media-
level attributes and associated values MUST be provided in
attribute capabilities at the media-level only. Attributes that
can be provided at either the session- or media-level can be
represented as attribute capabilities at either the session- or
media-level. Attribute capabilities for '<type>=<value>'
attributes can include an attribute name only; such attribute
capabilities MUST NOT be referenced by a potential configuration,
unless the DELETE operator is used for it. If there is not a need
to indicate any attributes as attribute capabilities, then there
will not be any "a=acap" attributes either.
o One or more a transport protocol capability attributes ("a=tcap")
as defined in Section 3.4.2. with values for each transport
protocol that needs to be indicated as a capability in the offer.
Transport protocol capabilities that apply to multiple media
descriptions SHOULD be provided at the session-level whereas
transport protocol capabilities that apply to a specific media
description ("m=" line) only, SHOULD be provided within that
particular media description. If there is not a need to indicate
any transport protocols as transport protocol capabilities, then
there will not be any "a=tcap" attributes either.
o One or more extension capability attributes (as outlined in
Section 3.4.3. ) for each extension capability that is referenced
by a potential configuration.
o One or more potential configuration attributes ("a=pcfg") as
defined in Section 3.5.1. within each media description where
alternative potential configurations are to be negotiated. Each
potential configuration attribute MUST adhere to the rules
provided in Section 3.5.1. and the additional rules provided
below.
If the offerer requires support for more or extensions (besides the
base protocol defined here), then the offerer MUST include one or
more "a=creq" attribute as follows:
o If one or more capability negotiation extensions are required to
be supported for the entire session description, then option tags
for those extensions MUST be included in a single session-level
"creq" attribute.
Andreasen Expires September 4, 2007 [Page 25]
Internet-Draft SDP Capability Negotiation March 2007
o For each media description that requires one or more capability
negotiation extensions not listed at the session-level, a single
"creq" attribute containing all the required extensions for that
media description MUST be included within the media description
(in accordance with Section 3.3.2. ).
The offerer SHOULD furthermore include the following:
o One or more supported capability negotiation extension attributes
("a=csup") as defined in Section 3.3.2. if the offerer supports
one or more capability negotiation extensions not included in a
corresponding "a=creq" attribute (i.e. at the session-level or in
the same media description). Option tags provided in "a=csup"
attributes at the session-level indicate extensions supported for
the entire session description whereas option tags provided in
"a=csup" attributes in a media description indicate extensions
supported for that particular media description only.
Capabilities provided in an offer merely indicate what the offerer is
capable of doing. They do not constitute a commitment or even an
indication to actually use them. Each potential configuration however
constitutes an alternative offer that the offerer would like to use.
The potential configurations may be used by the answerer to negotiate
and establish the session.
The offerer MUST include one or more potential configuration
attributes ("a=pcfg") within each media description where the offerer
wants to provide alternative offers (in the form of potential
configurations). Each potential configuration attribute in a given
media description MUST contain a unique configuration number and one
or more potential configuration lists, as described in Section 3.5.1.
Each potential configuration list MUST refer to capabilities that are
provided either at the session-level or within that particular media
description; otherwise, the potential configuration is considered
invalid.
The current actual configuration is included in the "m=" line (as
defined by [RFC3264]). Note that the actual configuration is by
definition the least-preferred configuration, and hence the answerer
will seek to negotiate use of one of the potential configurations
instead. If the offerer wishes a different preference for the actual
configuration, the offerer MUST include a corresponding potential
configuration with the relevant configuration number (which indicates
the relative preference between potential configurations); this
corresponding potential configuration should simply duplicate the
actual configuration.
Andreasen Expires September 4, 2007 [Page 26]
Internet-Draft SDP Capability Negotiation March 2007
Per [RFC3264], once the offerer generates the offer, he must be
prepared to receive incoming media in accordance with that offer.
That rule applies here as well, but for the actual configurations
provided in the offer only: Media received by the offerer according
to one of the potential configurations MAY be discarded, until the
offerer receives an answer indicating what the actual selected
configuration is. Once that answer is received, incoming media MUST
be processed in accordance with the actual selected configuration
indicated and the answer received (provided the offer/answer exchange
completed successfully).
3.6.2. Generating the Answer
When receiving an offer, the answerer MUST check for the presence of
a required capability negotiation extension attribute ("a=creq")
provided at the session level. If one is found, then capability
negotiation MUST be performed. If none is found, then the answerer
MUST check each offered media description for the presence of a
required capability negotiation extension attribute ("a=creq") and
one or more potential configuration attributes ("a=pcfg"). Capability
negotiation MUST be performed for each media description where either
of those is present in accordance with the procedures described
below.
The answerer MUST first ensure that it supports any required
capability negotiation extensions:
o If a session-level "creq" attribute is provided, and it contains
an option-tag that the answerer does not support, then the
answerer MUST NOT use any of the potential configuration
attributes provided for any of the media descriptions. Instead,
the normal offer/answer procedures MUST continue as per [RFC3264].
Furthermore, the answerer MUST include a session-level supported
capability negotiation extensions attribute ("a=csup") with option
tags for the capability negotiation extensions supported by the
answerer.
o If a media-level "creq" attribute is provided, and it contains an
option tag that the answerer does not support, then the answerer
MUST NOT use any of the potential configuration attributes
provided for that particular media description. Instead, the
offer/answer procedures MUST continue as per [RFC3264].
Furthermore, the answerer MUST include a supported capability
negotiation extensions attribute ("a=csup") in that media
description with option tags for the capability negotiation
extensions supported by the answerer for that media description.
Andreasen Expires September 4, 2007 [Page 27]
Internet-Draft SDP Capability Negotiation March 2007
Assuming all required capability negotiation extensions are
supported, the answerer now proceeds as follows.
For each media description where capability negotiation is to be
performed (i.e. all required capability negotiation extensions are
supported and at least one valid potential configuration attribute is
present), the answerer MUST attempt to perform capability negotiation
by using the most preferred potential configuration that is valid. A
potential configuration is valid if:
1. It is in accordance with the syntax and semantics provided in
Section 3.5.1.
2. It contains a configuration number that is unique within that
media description.
3. All attribute capabilities referenced by the potential
configuration are valid themselves (as defined in Section 3.4.1. )
and each of them is furthermore provided either at the session-
level or within this particular media description.
4. All transport protocol capabilities referenced by the potential
configuration are valid themselves (as defined in Section 3.4.2. )
and each of them is furthermore provided either at the session-
level or within this particular media description.
5. All extension capabilities referenced by the potential
configuration and supported by the answerer are valid themselves
(as defined by that particular extension) and each of them are
furthermore provided either at the session-level or within this
particular media description. Unknown or unsupported extension
capabilities MUST be ignored.
The most preferred valid potential configuration in a media
description is the valid potential configuration with the lowest
configuration number. The answerer MUST now process the offer for
that media stream based on the most preferred valid potential
configuration. Conceptually, this entails the answerer constructing
an (internal) offer that consists of the offer SDP, with the
following changes:
o If a transport protocol capability is included in the potential
configuration, then it replaces the transport protocol provided in
the "m=" line for that media description.
Andreasen Expires September 4, 2007 [Page 28]
Internet-Draft SDP Capability Negotiation March 2007
o If attribute capabilities are present with a delete-attributes
indication, then session-level attributes and/or media-level
attributes for this media description MUST be deleted in
accordance with the delete-attributes provided per the procedures
in Section 3.5.1.
o If a session-level attribute capability is included, then the
operation is as follows (see also Section 3.5.1. ):
a. If the attribute capability number is not prefixed with an
attribute capability operator, then the attribute (and its
associated value, if any) MUST be added to the resulting SDP.
All such added session-level attributes MUST be listed before
the session-level attributes that were initially present in
the SDP. Furthermore, the added session-level attributes MUST
be added in the order they were provided in the potential
configuration.
b. If the attribute capability number is prefixed with a DELETE
operator in the potential configuration, then all session-
level occurrences of an attribute with the same attribute-name
(attribute values are ignored) as the attribute contained
inside that attribute capability MUST be deleted from the
original SDP as detailed in Section 3.5.1. .
c. If the attribute capability number is prefixed with a REPLACE
operator in the potential configuration, then the above DELETE
operation MUST first be performed, and the attribute MUST then
be added to the resulting SDP in the same order as specified
above in a).
o If a media-level attribute capability is included, then the
operation is as follows (see also Section 3.5.1. ):
a. If the attribute capability number is not prefixed with an
attribute capability operator, then the attribute (and its
associated value, if any) MUST be added to the resulting SDP
within the media description in question. All such added
media-level attributes MUST be listed before the media-level
attributes that were initially present in the SDP in the media
description in question. Furthermore, the added media-level
attributes MUST be added in the order they were provided in
the potential configuration.
Andreasen Expires September 4, 2007 [Page 29]
Internet-Draft SDP Capability Negotiation March 2007
b. If the attribute capability number is prefixed with a DELETE
operator in the potential configuration, then all media-level
occurrences of an attribute with the same attribute-name
(attribute values are ignored) as the attribute contained
inside that attribute capability MUST be deleted from the
original SDP in the media description in question as detailed
in Section 3.5.1. .
c. If the attribute capability number is prefixed with a REPLACE
operator in the potential configuration, then the above DELETE
operation MUST first be performed, and the attribute MUST then
be added to the resulting SDP in the same order as specified
above in a).
o If a supported extension capability is included, then it is
processed in accordance with the rules provided for that
particular extension capability.
Note that whereas a transport protocol from the potential
configuration replaces the transport protocol in the actual
configuration, an attribute capability from the potential
configuration is instead added to the actual configuration by
default. In some cases, this can result in having one or more
meaningless attributes in the resulting SDP, or worse, ambiguous or
potentially even illegal attributes. The delete-attributes for the
session and/or media level attributes as well as the DELETE and
REPLACE attribute capability operators MUST be used to avoid such
scenarios. Nevertheless, it is RECOMMENDED that implementations
ignore meaningless attributes that may result from potential
configurations.
For example, if the actual configuration was using Secure RTP and
included an "a=crypto" attribute for the SRTP keying material, then
use of a potential configuration that uses plain RTP would make the
"crypto" attribute meaningless. The answerer may or may not ignore
such a meaningless attribute. The offerer can here ensure correct
operation by using the above operators to actually delete the
crypto attribute.
Please refer to Section 3.6.2.1. for examples of how the answerer may
conceptually "see" the resulting offered alternative potential
configurations.
If the answerer is not able to support the most preferred valid
potential configuration for the media description, the answerer MUST
proceed to the second-most preferred valid potential configuration
for the media description, etc. If the answerer is not able to
Andreasen Expires September 4, 2007 [Page 30]
Internet-Draft SDP Capability Negotiation March 2007
support any of the valid potential configurations, the answerer MUST
process the offer per normal offer/answer rules, i.e. the actual
configuration provided will be used as the least preferred
alternative.
Once the answerer has selected an offered configuration for the media
stream, the answerer MUST generate a valid answer SDP based on the
selected configuration as "seen" by the answerer. Furthermore, if the
answerer selected one of the potential configurations in a media
description, the answerer MUST include an actual configuration
attribute within that media description that identifies the
configuration number for that potential configuration as well as the
actual parameters that were used from that potential configuration
(if the potential configuration included alternatives, only the
selected alternatives must be included). Only the known and supported
parameters will be included. Unknown or unsupported parameters MUST
NOT be included in the actual configuration attribute.
If the answerer supports one or more capability negotiation
extensions that were not included in a required capability
negotiation extensions attribute in the offer, then the answerer
SHOULD furthermore include a supported capability negotiation
attribute ("a=csup") at the session-level with option tags for the
extensions supported across media streams. Also, if the answerer
supports one or more capability negotiation extensions for particular
media descriptions only, then a supported capability negotiation
attribute with those option-tags SHOULD be included within each
relevant media description.
The offerer's originally provided actual configuration is contained
in the media description's "m=" line (and associated parameters). The
answerer can send media to the offerer in accordance with that actual
configuration as soon as it receives the offer, however it MUST NOT
send media based on that actual configuration if it selects an
alternative potential configuration. If the answerer selects one of
the potential configurations, then the answerer MAY start to send
media to the offerer in accordance with the selected potential
configuration, however the offerer MAY discard such media until the
offerer receives the answer.
3.6.2.1. Example Views of Potential Configurations
The following examples illustrate how the answerer may conceptually
"see" a potential configuration. Consider the following offered SDP:
v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com
Andreasen Expires September 4, 2007 [Page 31]
Internet-Draft SDP Capability Negotiation March 2007
s=
t=0 0
c=IN IP4 lost.example.com
a=tool:foo
a=acap:1 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tcap:1 RTP/SAVP RTP/AVP
m=audio 59000 RTP/AVP 98
a=rtpmap:98 AMR/8000
a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=1 a=1|2
m=video 52000 RTP/AVP 31
a=rtpmap:31 H261/90000
a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=pcfg:1 t=1 a=1|3
This particular SDP offers an audio stream and a video stream, each
of which can either use plain RTP (actual configuration) or secure
RTP (potential configuration). Furthermore, two different keying
mechanisms are offered, namely session-level Key Management
Extensions using MIKEY (attribute capability 1) and media-level SDP
Security Descriptions (attribute capabilities 2 and 3). There are
several potential configurations here, however, below we show the one
the answerer "sees" when using potential configuration 1 for both
audio and video, and furthermore using attribute capability 1 (MIKEY)
for both (we have removed all the capability negotiation attributes
for clarity):
v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com
s=
t=0 0
c=IN IP4 lost.example.com
a=tool:foo
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000
m=video 52000 RTP/SAVP 31
a=rtpmap:31 H261/90000
Note that the transport protocol in the media descriptions indicate
use of secure RTP.
Below, we show the offer the answerer "sees" when using potential
configuration 1 for both audio and video and furthermore using
Andreasen Expires September 4, 2007 [Page 32]
Internet-Draft SDP Capability Negotiation March 2007
attribute capability 2 and 3 respectively (SDP security descriptions)
for the audio and media stream - note the order in which the
resulting attributes are provided:
v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com
s=
t=0 0
c=IN IP4 lost.example.com
a=tool:foo
m=audio 59000 RTP/SAVP 98
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=rtpmap:98 AMR/8000
m=video 52000 RTP/SAVP 31
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=rtpmap:31 H261/90000
Again, note that the transport protocol in the media descriptions
indicate use of secure RTP.
And finally, we show the offer the answerer "sees" when using
potential configuration 1 with attribute capability 1 (MIKEY) for the
audio stream, and potential configuration 1 with attribute capability
3 (SDP security descriptions) for the video stream:
v=0
o=alice 2891092738 2891092738 IN IP4 lost.example.com
s=
t=0 0
c=IN IP4 lost.example.com
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tool:foo
m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000
m=video 52000 RTP/SAVP 31
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=rtpmap:31 H261/90000
Andreasen Expires September 4, 2007 [Page 33]
Internet-Draft SDP Capability Negotiation March 2007
3.6.3. Offerer Processing of the Answer
When the offerer attempted to use SDP Capability Negotiation in the
offer, the offerer MUST examine the answer for actual use of
capability negotiation.
For each media description where the offerer included a potential
configuration attribute, the offerer MUST first examine the media
description for the presence of an actual configuration attribute
("a=acfg"). If an actual configuration attribute is not present in a
media description, then the offerer MUST process the answer SDP for
that media stream per the normal offer/answer rules defined in
[RFC3264]. However, if one is found, then the offerer MUST instead
process the answer as follows:
o The actual configuration attribute specifies which of the
potential configurations were used by the answerer to generate the
answer. This includes all the capabilities from the potential
configuration offered, i.e. the attribute capabilities and
associated delete-attributes and operators, transport protocol
capabilities, and any extension capability parameters included.
o The offerer MUST now process the answer in accordance with the
rules in [RFC3264], except that it must be done as if the offer
had contained the selected potential configuration as the actual
configuration in the media description ("m=" line) and relevant
attributes in the offer.
If the offer/answer exchange was successful, and if the answerer
selected one of the potential configurations from the offer as the
actual configuration, then the offerer MAY perform another
offer/answer exchange: The new offer should contain the selected
potential configuration as the actual configuration, i.e. with the
actual configuration used in the "m=" line and any other relevant
attributes. This second offer/answer exchange will not modify the
session in any way, however it will help intermediaries that look at
the SDP, but do not understand or support the capability negotiation
extensions, to understand the details of the media stream(s) that
were actually negotiated. If it is known or suspected that one or
more such intermediaries exist, then this second offer/answer SHOULD
be performed (this is already done when using Interactive
Connectivity Establishment [ICE]). Note that, per normal offer/answer
rules, the second offer/answer exchange still needs to update the
version number in the "o=" line ((<sess-version> in [RFC4566]).
Attribute lines carrying keying material SHOULD repeat the keys from
the previous offer, unless re-keying is necessary, e.g. due to a
previously forked SIP INVITE request.
Andreasen Expires September 4, 2007 [Page 34]
Internet-Draft SDP Capability Negotiation March 2007
3.6.4. Modifying the Session
Capabilities and potential configurations may be included in
subsequent offers as defined in [RFC3264], Section 8. The procedure
for doing so is similar to that described above with the answer
including an indication of the actual selected configuration used by
the answerer.
If the answer indicates use of a potential configuration from the
offer, then the guidelines provided in Section 3.6.3. for doing a
second offer/answer exchange using that potential configuration as
the actual configuration apply.
3.7. Interactions with ICE
Interactive Connectivity Establishment (ICE) [ICE] provides a
mechanism for verifying connectivity between two endpoints by sending
STUN messages directly between the media endpoints. The basic ICE
specification [ICE] is defined to support UDP-based connectivity
only, however it allows for extensions to support other transport
protocols, such as TCP, which is being specified in [ICETCP]. ICE
defines a new "a=candidate" attribute, which, among other things,
indicates the possible transport protocol(s) to use and then
associates a priority with each of them. The most preferred transport
protocol that *successfully* verifies connectivity will end up being
used.
When using ICE, it is thus possible that the transport protocol that
will be used differs from what is specified in the "m=" line.
Furthermore, since both ICE and SDP Capability Negotiation may now
specify alternative transport protocols, there is a potentially
unintended interaction when using these together.
We provide the following guidelines for addressing that.
There are two basic scenarios to consider here:
1) A particular media stream can run over different transport
protocols (e.g. UDP, TCP, or TCP/TLS), and the intent is simply to
use the one that works (in the preference order specified).
2) A particular media stream can run over different transport
protocols (e.g. UDP, TCP, or TCP/TLS) and the intent is to have the
negotiation process decide which one to use (e.g. T.38 over TCP or
UDP).
In scenario 1, there should be ICE "a=candidate" attributes for UDP,
Andreasen Expires September 4, 2007 [Page 35]
Internet-Draft SDP Capability Negotiation March 2007
TCP, etc. but otherwise nothing special in the potential
configuration attributes to indicate the desire to use different
transport protocols (e.g. UDP, or TCP). The ICE procedures
essentially cover the capability negotiation required (by having the
answerer select something it supports and then use of trial and
error).
Scenario 2 does not require a need to support or use ICE. Instead, we
simply use transport protocol capabilities and potential
configuration attributes to indicate the desired outcome.
The scenarios may be combined, e.g. by offering potential
configuration alternatives where some of them can support one
transport protocol only (e.g. UDP), whereas others can support
multiple transport protocols (e.g. UDP or TCP). In that case, there
is a need for tight control over the ICE candidates that will
actually be used for a particular configuration, yet the actual
configuration may want to use all of them. In that case, the ICE
candidate attributes can be defined as attribute capabilities and the
relevant ones should then be included in the proper potential
configurations (for example candidate attributes for UDP only for
potential configurations that are restricted to UDP, whereas there
could be candidate attributes for UDP, TCP, and TCP/TLS for potential
configurations that can use all three). Furthermore, use of the
delete-attributes, as well as the DELETE and REPLACE operators on
attribute capabilities in a potential configuration can be used to
ensure that ICE will not end up using a transport protocol that is
not desired.
3.8. Processing Media before Answer
The offer/answer model requires an offerer to be able to receive
media in accordance with the offer prior to receiving the answer.
This property is retained with the SDP capability negotiation
extensions defined here, but only when the actual configuration is
selected by the answerer. If a potential configuration is chosen, it
is permissible for the offerer to not process any media received
before the answer is received. This however may lead to clipping.
In the case of SIP, this issue could be solved easily by defining a
precondition [RFC3312] for capability negotiation, however
preconditions are viewed as complicated to implement and they add to
overall session establishment delay by requiring an extra
offer/answer exchange. An alternative is therefore desirable.
The SDP capability negotiation framework does not define such an
alternative, however extensions may do so. For example, one technique
Andreasen Expires September 4, 2007 [Page 36]
Internet-Draft SDP Capability Negotiation March 2007
proposed for best-effort SRTP in [BESRTP] is to provide different RTP
payload type mappings for different transport protocols used, outside
of the actual configuration, while still allowing them to be used by
the answerer (exchange of keying material is still needed). The basic
SDP capability negotiation framework defined here does not include
the ability to do so, however extensions that enable that may be
defined.
3.9. Considerations for Specific Attribute Capabilities
3.9.1. The rtpmap and fmtp Attributes
The core SDP Capability Negotiation framework defines transport
capabilities and attribute capabilities. Media capabilities, which
can be used to describe media formats and their associated
parameters, are not defined in this document, however the "rtpmap"
and "fmtp" attributes can nevertheless be used as attribute
capabilities. Using such attribute capabilities in a potential
configuration requires a bit of care though.
The rtpmap parameter binds an RTP payload type to a media format
(codec). While it is possible to provide rtpmaps for payload types
not found in the corresponding "m=" line, such rtpmaps provide no
value in normal offer/answer exchanges, since only the payload types
found in the "m=" line is part of the offer (or answer). This applies
to the core SDP capability negotiation framework as well: Only the
media formats (e.g. RTP payload types) provided in the "m=" line are
actually offered; inclusion of rtpmap attributes with other RTP
payload types in a potential configuration does not change this fact
and hence they do not provide any useful information. They may still
be useful as pure capabilities though (outside a potential
configuration).
It is possible to provide an rtpmap attribute capability with a
payload type mapping to a different codec than a corresponding actual
configuration "rtpmap" attribute for the media description has. Such
practice is permissible as a way of indicating a capability. If that
capability is included in a potential configuration, then delete-
attributes and/or DELETE/REPLACE attribute capability operators MUST
be used to ensure that there is not multiple rtpmap attributes for
the same payload type in a given media description, which would not
be allowed by SDP [RFC4566].
Similar considerations and rules apply to the "fmtp" attribute. An
fmtp attribute capability for a media format not included in the "m="
line is useless in a potential configuration (but may be useful as a
capability by itself) . An fmtp attribute capability in a potential
Andreasen Expires September 4, 2007 [Page 37]
Internet-Draft SDP Capability Negotiation March 2007
configuration for a media format that already has an fmtp attribute
in the actual configuration may lead to multiple fmtp format
parameters for that media format and that is not allowed by SDP
[RFC4566]. The delete-attributes and/or DELETE/REPLACE attribute
capability operators MUST be used to ensure that there is not
multiple fmtp attributes for a given media format in a media
description.
Extensions to the core SDP capability negotiation framework of course
may change the above behavior.
3.9.2. Direction Attributes
SDP defines the "inactive", "sendonly", "recvonly", and "sendrecv"
direction attributes. The direction attributes can be applied at
either the session-level or the media-level. In either case, it is
possible to define attribute capabilities for these direction
capabilities. Note that if used by a potential configuration, then
the normal offer/answer procedures still apply. For example, if an
offered potential configuration includes the "sendonly" direction
attribute, it is selected as the actual configuration, then the
answer must include a corresponding "recvonly" (or "inactive")
attribute.
4. Examples
In this section, we provide examples showing how to use the SDP
Capability Negotiation.
4.1. Best-Effort Secure RTP
The following example illustrates how to use the SDP Capability
negotiation extensions to support so-called Best-Effort Secure RTP.
In that scenario, the offerer supports both RTP and Secure RTP. If
the answerer does not support secure RTP (or the SDP capability
negotiation extensions), an RTP session will be established. However,
if the answerer supports Secure RTP and the SDP Capability
Negotiation extensions, a Secure RTP session will be established.
The best-effort Secure RTP negotiation is illustrated by the
offer/answer exchange below, where Alice sends an offer to Bob:
Andreasen Expires September 4, 2007 [Page 38]
Internet-Draft SDP Capability Negotiation March 2007
Alice Bob
| (1) Offer (SRTP and RTP) |
|--------------------------------->|
| |
| (2) Answer (SRTP) |
|<---------------------------------|
| |
| (3) Offer (SRTP) |
|--------------------------------->|
| |
| (4) Answer (SRTP) |
|<---------------------------------|
| |
Alice's offer includes RTP and SRTP as alternatives. RTP is the
default, but SRTP is the preferred one:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVP RTP/AVP
a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
FEC_ORDER=FEC_SRTP
a=pcfg:1 t=1 a=1
The "m=" line indicates that Alice is offering to use plain RTP with
PCMU or G.729. The capabilities are provided by the "a=tcap" and
"a=acap" attributes. The "tcap" capability indicates that both
Secure RTP and normal RTP are supported. The "acap" attribute
provides an attribute capability with a handle of 1. The capability
is a "crypto" attribute, which provides the keying material for SRTP
using SDP security descriptions [SDES]. The "a=pcfg" attribute
provides the potential configurations included in the offer by
reference to the capabilities. A single potential configuration with
a configuration number of "1" is provided. It includes is transport
protocol capability 1 (RTP/SAVP, i.e. secure RTP) together with the
attribute capability 1, i.e. the crypto attribute provided.
Bob receives the SDP offer from Alice. Bob supports SRTP and the SDP
Capability Negotiation extensions, and hence he accepts the potential
configuration for Secure RTP provided by Alice:
Andreasen Expires September 4, 2007 [Page 39]
Internet-Draft SDP Capability Negotiation March 2007
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4
a=acfg:1 t=1 a=1
Bob includes the "a=acfg" attribute in the answer to inform Alice
that he based his answer on an offer containing the potential
configuration with transport protocol capability 1 and attribute
capability 1 from the offer SDP (i.e. the RTP/SAVP profile using the
keying material provided). Bob also includes his keying material in
a crypto attribute.
When Alice receives Bob's answer, session negotiation has completed,
however Alice nevertheless generates a new offer using the actual
configuration. This is done purely to assist any middle-boxes that
may reside between Alice and Bob but do not support the capability
negotiation extensions (and hence may not understand the negotiation
that just took place):
Alice's updated offer includes only SRTP, and it is not using the SDP
capability negotiation extensions (Alice could have included the
capabilities as well is she wanted to):
v=0
o=- 25678 753850 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
FEC_ORDER=FEC_SRTP
The "m=" line now indicates that Alice is offering to use secure RTP
with PCMU or G.729. The "crypto" attribute, which provides the SRTP
keying material, is included with the same value again.
Bob receives the SDP offer from Alice, which he accepts, and then
generates an answer to Alice:
v=0
o=- 24351 621815 IN IP4 192.0.2.2
Andreasen Expires September 4, 2007 [Page 40]
Internet-Draft SDP Capability Negotiation March 2007
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/SAVP 0 18
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4
Bob includes the same crypto attribute as before, and the session
proceeds without change. Although Bob did not include any
capabilities in his answer, he could of course have done so if he
wanted to.
Note that in this particular example, the answerer supported the
capability extensions defined here, however had he not, the answerer
would simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/AVP 0 18
4.2. Multiple Transport Protocols
The following example illustrates how to use the SDP Capability
negotiation extensions to negotiate use of one out of several
possible transport protocols. As in the previous example, the offerer
uses the expected least-common-denominator (plain RTP) as the actual
configuration, and the alternative transport protocols as the
potential configurations.
The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob:
Andreasen Expires September 4, 2007 [Page 41]
Internet-Draft SDP Capability Negotiation March 2007
Alice Bob
| (1) Offer (RTP/[S]AVP[F]) |
|--------------------------------->|
| |
| (2) Answer (RTP/AVPF) |
|<---------------------------------|
| |
| (3) Offer (RTP/AVPF) |
|--------------------------------->|
| |
| (4) Answer (RTP/AVPF) |
|<---------------------------------|
| |
Alice's offer includes plain RTP (RTP/AVP), RTP with RTCP-based
feedback (RTP/AVPF), Secure RTP (RTP/SAVP), and Secure RTP with RTCP-
based feedback (RTP/SAVPF) and SRTP as alternatives. RTP is the
default, with RTP/SAVPF, RTP/SAVP, and RTP/AVPF as the alternatives
and preferred in the order listed:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/AVP 0 18
a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
a=acap:1 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz|2^20|1:4
FEC_ORDER=FEC_SRTP
a=acap:2 a=rtcp-fb:0 nack
a=pcfg:1 t=1 a=1,2
a=pcfg:2 t=2 a=1
a=pcfg:3 t=3 a=2
The "m=" line indicates that Alice is offering to use plain RTP with
PCMU or G.729. The capabilities are provided by the "a=tcap" and
"a=acap" attributes. The "tcap" capability indicates that Secure RTP
with RTCP-Based feedback (RTP/SAVPF), Secure RTP (RTP/SAVP), and RTP
with RTCP-Based feedback are supported. The first "acap" attribute
provides an attribute capability with a handle of 1. The capability
is a "crypto" attribute, which provides the keying material for SRTP
using SDP security descriptions [SDES]. The second "acap" attribute
provides an attribute capability with a handle of 2. The capability
is an "rtcp-fb" attribute, which is used by the RTCP-based feedback
Andreasen Expires September 4, 2007 [Page 42]
Internet-Draft SDP Capability Negotiation March 2007
profiles to indicate that payload type 0 (PCMU) supports feedback
type "nack". The "a=pcfg" attributes provide the potential
configurations included in the offer by reference to the
capabilities. There are three potential configurations:
o Potential configuration 1, which is the most preferred potential
configuration specifies use of transport protocol capability 1
(RTP/SAVPF) and attribute capabilities 1 (the "crypto" attribute)
and 2 (the "rtcp-fb" attribute).
o Potential configuration 2, which is the second most preferred
potential configuration specifies use of transport protocol
capability 2 (RTP/SAVP) and attribute capability 1 (the "crypto"
attribute).
o Potential configuration 3, which is the least preferred potential
configuration (but the second least preferred configuration
overall, since the actual configuration provided by the "m=" line
is always the least preferred configuration), specifies use of
transport protocol capability 3 (RTP/AVPF) and attribute
capability 2 (the "rtcp-fb" attribute).
Bob receives the SDP offer from Alice. Bob does not support any
secure RTP profiles, however he supports plain RTP and RTP with RTCP-
based feedback, as well as the SDP Capability Negotiation extensions,
and hence he accepts the potential configuration for RTP with RTCP-
based feedback provided by Alice:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/AVPF 0 18
a=rtcp-fb:0 nack
a=acfg:1 t=3 a=2
Bob includes the "a=acfg" attribute in the answer to inform Alice
that he based his answer on an offer containing the potential
configuration with transport protocol capability 3 and attribute
capability 2 from the offer SDP (i.e. the RTP/AVPF profile using the
"rtcp-fb" value provided). Bob also includes an "rtcp-fb" attribute
with the value "nack" value for RTP payload type 0.
When Alice receives Bob's answer, session negotiation has completed,
however Alice nevertheless generates a new offer using the actual
configuration. This is done purely to assist any middle-boxes that
Andreasen Expires September 4, 2007 [Page 43]
Internet-Draft SDP Capability Negotiation March 2007
may reside between Alice and Bob but do not support the capability
negotiation extensions (and hence may not understand the negotiation
that just took place):
Alice's updated offer includes only RTP/AVPF, and it is not using the
SDP capability negotiation extensions (Alice could have included the
capabilities as well is she wanted to):
v=0
o=- 25678 753850 IN IP4 192.0.2.1
s=
c=IN IP4 192.0.2.1
t=0 0
m=audio 53456 RTP/AVPF 0 18
a=rtcp-fb:0 nack
The "m=" line now indicates that Alice is offering to use RTP with
RTCP-based feedback and using PCMU or G.729. The "rtcp-fb" attribute
provides the feedback type "nack" for payload type 0 again (but as
part of the actual configuration).
Bob receives the SDP offer from Alice, which he accepts, and then
generates an answer to Alice:
v=0
o=- 24351 621815 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
t=0 0
m=audio 54568 RTP/AVPF 0 18
a=rtcp-fb:0 nack
Bob includes the same "rtcp-fb" attribute as before, and the session
proceeds without change. Although Bob did not include any
capabilities in his answer, he could of course have done so if he
wanted to.
Note that in this particular example, the answerer supported the
capability extensions defined here, however had he not, the answerer
would simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
c=IN IP4 192.0.2.2
Andreasen Expires September 4, 2007 [Page 44]
Internet-Draft SDP Capability Negotiation March 2007
t=0 0
m=audio 54568 RTP/AVP 0 18
4.3. Best-Effort SRTP with Session-Level MIKEY and Media Level Security
Descriptions
The following example illustrates how to use the SDP Capability
negotiation extensions to support so-called Best-Effort Secure RTP as
well as alternative keying mechanisms, more specifically MIKEY and
SDP Security Descriptions. The offerer (Alice) wants to establish an
audio and video session. Alice prefers to use session-level MIKEY as
the key management protocol, but supports SDP security descriptions
as well.
The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob:
Alice Bob
| (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) |
|--------------------------------------->|
| |
| (2) Answer (RTP/SAVP, SDES) |
|<---------------------------------------|
| |
| (3) Offer (RTP/SAVP, SDES) |
|--------------------------------------->|
| |
| (4) Answer (RTP/SAVP, SDES) |
|<---------------------------------------|
| |
Alice's offer includes an audio and a video stream. The audio stream
offers use of plain RTP and secure RTP as alternatives, whereas the
video stream offers use plain RTP, RTP with RTCP-based feedback,
Secure RTP, and Secure RTP with RTCP-based feedback as alternatives:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
t=0 0
c=IN IP4 192.0.2.1
a=acap:1 a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
m=audio 59000 RTP/AVP 98
a=rtpmap:98 AMR/8000
Andreasen Expires September 4, 2007 [Page 45]
Internet-Draft SDP Capability Negotiation March 2007
a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 t=2 a=1|2
m=video 52000 RTP/AVP 31
a=rtpmap:31 H261/90000
a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=acap:4 a=rtcp-fb:* nack
a=pcfg:1 t=1 a=1,4|3,4
a=pcfg:2 t=2 a=1|3
a=pcfg:3 t=3 a=4
The potential configuration for the audio stream specifies use of
transport capability 2 (RTP/SAVP) and either attribute capability 1
(session-level MIKEY as the keying mechanism) or 2 (SDP Security
Descriptions as the keying mechanism). There are three potential
configurations for the video stream.
o The first configuration with configuration number 1 uses transport
capability 1 (RTP/SAVPF) with either attribute capabilities 1 and
4 (session-level MIKEY and the "rtcp-fb" attribute) or attribute
capabilities 3 and 4 (SDP security descriptions and the "rtcp-fb"
attribute).
o The second configuration with configuration number 2 uses
transport capability 2 (RTP/SAVP) and either attribute capability
1 (session-level MIKEY) or attribute capability 3 (SDP security
descriptions).
o The third configuration with configuration number 3 uses transport
capability 3 (RTP/AVPF) and attribute capability 4 (the "rtcp-fb"
attribute).
Bob receives the SDP offer from Alice. Bob supports Secure RTP,
Secure RTP with RTCP-based feedback and the SDP Capability
Negotiation extensions. Bob also supports SDP Security Descriptions,
but not MIKEY, and hence he generates the following answer:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
t=0 0
c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
Andreasen Expires September 4, 2007 [Page 46]
Internet-Draft SDP Capability Negotiation March 2007
a=acfg:1 t=2 a=2
m=video 55468 RTP/SAVPF 31
a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=rtcp-fb:* nack
a=acfg:1 t=1 a=3,4
For the audio stream, Bob accepted the use of secure RTP, and hence
the profile in the "m=" line is "RTP/SAVP". Bob also includes a
"crypto" attribute with his own keying material, and an "acfg"
attribute identifying actual configuration 1 for the audio media
stream from the offer, using transport capability 2 (RTP/SAVP) and
attribute capability 2 (the crypto attribute from the offer). For the
video stream, Bob accepted the use of secure RTP with RTCP-based
feedback, and hence the profile in the "m=" line is "RTP/SAVPF". Bob
also includes a "crypto" attribute with his own keying material, and
an "acfg" attribute identifying actual configuration 1 for the video
stream from the offer, using transport capability 1 (RTP/SAVPF) and
attribute capabilities 3 (the crypto attribute from the offer) and 4
(the "rtcp-fb" attribute from the offer).
When Alice receives Bob's answer, session negotiation has completed,
however Alice nevertheless generates a new offer using the actual
configuration. This is done purely to assist any middle-boxes that
may reside between Alice and Bob but do not support the capability
negotiation extensions (and hence may not understand the negotiation
that just took place):
Alice's updated offer includes only SRTP for the audio stream SRTP
with RTCP-based feedback for the video stream, and it is not using
the SDP capability negotiation extensions (Alice could have included
the capabilities as well is she wanted to):
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
t=0 0
c=IN IP4 192.0.2.1
m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
m=video 52000 RTP/SAVPF 31
a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80
Andreasen Expires September 4, 2007 [Page 47]
Internet-Draft SDP Capability Negotiation March 2007
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=rtcp-fb:* nack
The "m=" line for the audio stream now indicates that Alice is
offering to use secure RTP with PCMU or G.729, whereas the "m=" line
for the video stream now indicates that Alice is offering to use
secure RTP with RTCP-based feedback with H.261. Each media stream
includes a "crypto" attribute, which provides the SRTP keying
material, with the same value again.
Bob receives the SDP offer from Alice, which he accepts, and then
generates an answer to Alice:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
t=0 0
c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
m=video 55468 RTP/SAVPF 31
a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=rtcp-fb:* nack
Bob includes the same crypto attribute as before, and the session
proceeds without change. Although Bob did not include any
capabilities in his answer, he could of course have done so if he
wanted to.
Note that in this particular example, the answerer supported the
capability extensions defined here, however had he not, the answerer
would simply have ignored the new attributes received in step 1 and
accepted the offer to use normal RTP. In that case, the following
answer would have been generated in step 2 instead:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
t=0 0
c=IN IP4 192.0.2.2
m=audio 54568 RTP/AVP 98
a=rtpmap:98 AMR/8000
m=video 55468 RTP/AVP 31
Andreasen Expires September 4, 2007 [Page 48]
Internet-Draft SDP Capability Negotiation March 2007
a=rtpmap:31 H261/90000
a=rtcp-fb:* nack
Finally, if Bob had chosen to use session-level MIKEY instead of SDP
security descriptions instead, the following answer would have been
generated:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
t=0 0
c=IN IP4 192.0.2.1
a=key-mgmt:mikey AQEFgM0XflABAAAAAAAAAAAAAAYAyO...
m=audio 59000 RTP/AVP 98
a=rtpmap:98 AMR/8000
a=acfg:1 t=2 a=1
m=video 52000 RTP/SAVPF 31
a=rtpmap:31 H261/90000
a=rtcp-fb:* nack
a=acfg:1 t=1 a=1,4
It should be noted, that although Bob could have chosen session-level
MIKEY for one media stream, and SDP Security Descriptions for another
media stream, there are no well-defined offerer processing rules of
the resulting answer for this, and hence the offerer may incorrectly
assume use of MIKEY for both streams. To avoid this, if the answerer
chooses session-level MIKEY, then all secure RTP based media streams
SHOULD use MIKEY (this applies irrespective of whether SDP capability
negotiation is being used or not). Use of media-level MIKEY does not
have a similar constraint.
4.4. SRTP with Session-Level MIKEY and Media Level Security Descriptions
as Alternatives
The following example illustrates how to use the SDP Capability
negotiation extensions to negotiate use of either MIKEY or SDP
Security Descriptions, when one of them is included as part of the
actual configuration, and the other one is being selected. The
offerer (Alice) wants to establish an audio and video session. Alice
prefers to use session-level MIKEY as the key management protocol,
but supports SDP security descriptions as well.
The example is illustrated by the offer/answer exchange below, where
Alice sends an offer to Bob:
Andreasen Expires September 4, 2007 [Page 49]
Internet-Draft SDP Capability Negotiation March 2007
Alice Bob
| (1) Offer (RTP/[S]AVP[F], SDES|MIKEY) |
|--------------------------------------->|
| |
| (2) Answer (RTP/SAVP, SDES) |
|<---------------------------------------|
| |
Alice's offer includes an audio and a video stream. Both the audio
and the video stream offer use of secure RTP:
v=0
o=- 25678 753849 IN IP4 192.0.2.1
s=
t=0 0
c=IN IP4 192.0.2.1
a=key-mgmt:mikey AQAFgM0XflABAAAAAAAAAAAAAAsAyO...
a=acap:1 a=key-mgmt
m=audio 59000 RTP/SAVP 98
a=rtpmap:98 AMR/8000
a=acap:2 a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20|1:32
a=pcfg:1 a=-1,2
m=video 52000 RTP/SAVP 31
a=rtpmap:31 H261/90000
a=acap:3 a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20|1:32
a=pcfg:1 a=-1,3
Alice does not know whether Bob supports MIKEY or SDP Security
Descriptions. She could include attributes for both, however the
resulting procedures and potential interactions are not well-defined.
Instead, she places a session-level key-mgmt attribute for MIKEY in
the actual configuration with SDP security descriptions as an
alternative in the potential configuration. Note the presence of
attribute capability 1; it merely lists the "a=key-mgmt" attribute
without any associated value. The potential configuration for the
audio stream specifies that attribute capability 1 is to be deleted
(i.e. any session-level "a=key-mgmt" attributes) and that attribute
capability 2 is to be used (i.e. the crypto attribute). The potential
configuration for the video stream is similar, except it uses it's
own crypto attribute capability (3).
Bob receives the SDP offer from Alice. Bob supports Secure RTP and
the SDP Capability Negotiation extensions. Bob supports both SDP
Andreasen Expires September 4, 2007 [Page 50]
Internet-Draft SDP Capability Negotiation March 2007
Security Descriptions and MIKEY. Since the potential configuration is
more preferred than the actual configuration, he (conceptually)
generates an internal potential configuration SDP that contains the
crypto attributes for the audio and video stream, but not the key-
mgmt attribute for MIKEY, thereby avoiding any ambiguity between the
two keying mechanisms. As a result, he generates the following
answer:
v=0
o=- 24351 621814 IN IP4 192.0.2.2
s=
t=0 0
c=IN IP4 192.0.2.2
m=audio 54568 RTP/SAVP 98
a=rtpmap:98 AMR/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_32
inline:WSJ+PSdFcGdUJShpX1ZjNzB4d1BINUAvLEw6UzF3|2^20|1:32
a=acfg:1 a=-1,2
m=video 55468 RTP/SAVP 31
a=rtpmap:31 H261/90000
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:AwWpVLFJhQX1cfHJSojd0RmdmcmVCspeEc3QGZiN|2^20|1:32
a=acfg:1 a=-1,3
For the audio stream, Bob accepted the use of secure RTP using SDP
security descriptions. Bob therefore includes a "crypto" attribute
with his own keying material, and an "acfg" attribute identifying
actual configuration 1 for the audio media stream from the offer,
with attribute capability 1 deleted, and attribute capability 2
included (the crypto attribute from the offer). For the video stream,
Bob also accepted the use of secure RTP using SDP security
descriptions. Bob therefore includes a "crypto" attribute with his
own keying material, and an "acfg" attribute identifying actual
configuration 1 for the video stream from the offer, with attribute
capability 1 deleted, and attribute capability 3 included.
5. Security Considerations
The SDP Capability Negotiation Framework is defined to be used within
the context of the offer/answer model, and hence all the offer/answer
security considerations apply here as well. Similarly, the Session
Initiation Protocol (SIP) uses SDP and the offer/answer model, and
hence, when used in that context, the SIP security considerations
apply as well.
However, SDP Capability Negotiations introduces additional security
issues. Its use as a mechanism to enable alternative transport
Andreasen Expires September 4, 2007 [Page 51]
Internet-Draft SDP Capability Negotiation March 2007
protocol negotiation (secure and non-secure) as well as its ability
to negotiate use of more or less secure keying methods and material
warrant further security considerations. Also, the (continued)
support for receiving media before answer combined with negotiation
of alternative transport protocols (secure and non-secure) warrant
further security considerations. We discuss these issues below.
The SDP capability negotiation framework allows for an offered media
stream to both indicate and support various levels of security for
that media stream. Different levels of security can for example be
negotiated by use of alternative attribute capabilities each
indicating more or less secure keying methods as well as more or less
strong ciphers. Since the offerer indicates support for each of these
alternatives, he will presumably accept the answerer seemingly
selecting any of the offered alternatives. If an attacker can modify
the SDP offer, he can thereby force the negotiation of the weakest
security mechanism that the offerer is willing to accept. This may in
turn enable the attacker to compromise the security of the negotiated
media stream. Similarly, if the offerer wishes to negotiate use of a
secure media stream (e.g. secure RTP), but includes a non-secure
media stream (e.g. plain RTP) as a valid (but less preferred)
alternative, then an attacker that can modify the offered SDP will be
able to force the establishment of an insecure media stream. The
solution to both of these problems involves the use of integrity
protection over the SDP. Ideally, this integrity protection provides
end-to-end integrity protection in order to protect from any man-in-
the-middle attack; secure multiparts such as S/MIME [SMIME] provide
one such solution, however S/MIME requires use and availability of a
Public Key Infrastructure (PKI). A slightly less secure alternative
when using SIP, but generally much easier to deploy in practice
(since it does not require a PKI), is to use SIP Identity [RFC4474];
this requires the existence of an authentication service (see
[RFC4474]). Yet another, and considerably less secure, alternative is
to use hop-by-hop security only, e.g. TLS or IPSec thereby ensuring
the integrity of the offered SDP on a hop-by-hop basis. Note however
that SIP proxies or other intermediaries processing the SIP request
at each hop are able to perform a man-in-the-middle attack by
modifying the offered SDP.
Per the normal offer/answer procedures, as soon as the offerer has
generated an offer, the offerer must be prepared to receive media in
accordance with that offer. The SDP Capability Negotiation preserves
that behavior for the actual configuration in the offer, however the
offerer has no way of knowing which configuration (actual or
potential) configuration was actually selected by the offerer, until
an answer indication is received. This opens up a new security issue
where an attacker may be able to interject media towards the offerer
Andreasen Expires September 4, 2007 [Page 52]
Internet-Draft SDP Capability Negotiation March 2007
until the answer is received. For example, the offerer may use plain
RTP as the actual configuration and secure RTP as an alternative
potential configuration. Even though the answerer selects secure RTP,
the offerer will not know that until he receives the answer, and
hence an attacker will be able to send media to the offerer
meanwhile. The easiest protection against such an attack is to not
offer use of the non-secure media stream in the actual configuration,
however that may in itself have undesirable side-effects: If the
answerer does not support the non-secure media stream and also does
not support the capability negotiation framework, then negotiation of
the media stream will fail. Alternatively, SDP security preconditions
[sprecon] can be used. This will ensure that media is not flowing
until session negotiation has completed and hence the selected
configuration is known. Use of preconditions however requires both
side to support them. If they don't, and use of them is required, the
session will fail. As a (limited) work around to this, it is
RECOMMENDED that SIP entities generate an answer SDP and send it to
the offerer as soon as possible, for example in a 183 Session
Progress message. This will limit the time during which an attacker
can send media to the offerer.
Additional security considerations apply to the answer SDP as well.
The actual configuration attribute tells the offerer which potential
configuration the answer was actually based on, and hence an attacker
that can either modify or remove the actual configuration attribute
in the answer can cause session failure as well as extend the time
window during which the offerer will accept incoming media that does
not conform to the actual answer. The solutions to this SDP answer
integrity problem are the same as for the offer, i.e. use of end-to-
end integrity protection, SIP identity, or hop-by-hop protection. The
mechanism to use depends on the mechanisms supported by the offerer
as well as the acceptable security trade-offs.
6. IANA Considerations
6.1. New SDP Attributes
The IANA is hereby requested to register the following new SDP
attributes as follows:
Attribute name: csup
Long form name: Supported capability negotiation extensions
Type of attribute: Session-level and media-level
Subject to charset: No
Purpose: Option tags for supported SDP capability
negotiation extensions
Appropriate values: See Section 3.3.1.
Andreasen Expires September 4, 2007 [Page 53]
Internet-Draft SDP Capability Negotiation March 2007
Attribute name: creq
Long form name: Required capability negotiation extensions
Type of attribute: Session-level and media-level
Subject to charset: No
Purpose: Option tags for required SDP capability
negotiation extensions
Appropriate values: See Section 3.3.2.
Attribute name: acap
Long form name: Attribute capability
Type of attribute: Session-level and media-level
Subject to charset: No
Purpose: Attribute capability containing an attribute
name and associated value
Appropriate values: See Section 3.4.1.
Attribute name: tcap
Long form name: Transport Protocol Capability
Type of attribute: Session-level and media-level
Subject to charset: No
Purpose: Transport protocol capability listing one or
more transport protocols
Appropriate values: See Section 3.4.2.
Attribute name: pcfg
Long form name: Potential Configuration
Type of attribute: Media-level
Subject to charset: No
Purpose: Potential configuration for SDP capability
negotiation
Appropriate values: See Section 3.5.1.
Attribute name: acfg
Long form name: Actual configuration
Type of attribute: Media-level
Subject to charset: No
Purpose: Actual configuration for SDP capability
negotiation
Appropriate values: See Section 3.5.2.
6.2. New SDP Capability Negotiation Option Tag Registry
The IANA is hereby requested to create a new SDP Capability
Negotiation Option Tag registry. An IANA SDP capability negotiation
option tag registration MUST be documented in an RFC in accordance
with the [RFC2434] Specification Required policy. The RFC MUST
provide the name of the option tag, a syntax and a semantic
Andreasen Expires September 4, 2007 [Page 54]
Internet-Draft SDP Capability Negotiation March 2007
specification of any new SDP attributes and any extensions to the
potential and actual configuration attributes provided in this
document. New SDP attributes that are intended to be capabilities for
use by the capability negotiation framework MUST adhere to the
guidelines provided in Section 3.4.3. Extensions to the potential and
actual configuration attributes MUST adhere to the syntax provided in
Section 3.5.1. and 3.5.2.
The option tag "cap-v0" is defined in this document and the IANA is
hereby requested to register this option tag.
6.3. New SDP Capability Negotiation Potential Configuration Parameter
Registry
The IANA is hereby requested to create a new SDP Capability
Negotiation Potential Configuration Parameter registry. An IANA SDP
Capability Negotiation potential configuration registration MUST be
document in an RFC in accordance with the [RFC2434] Specification
Required policy. The RFC MUST define the syntax and semantics of each
new potential configuration parameter. The syntax MUST adhere to the
syntax provided for extensions in Section 3.5.1. and the semantics
MUST adhere to the semantics provided for extensions in Section
3.5.1. and 3.5.2. Associated with each registration MUST be the
encoding name for the parameter as well as a short descriptive name
for it.
The potential configuration parameters "a" for "attribute" and "t"
for "transport protocol" are defined in this document and the IANA is
hereby requested to register these.
7. To Do and Open Issues
o Add additional examples showing use of delete-attributes and the
DELETE/REPLACE attribute capability operators.
8. Acknowledgments
This document is heavily influenced by the discussions and work done
by the SDP Capability Negotiation Design team. The following people
in particular provided useful comments and suggestions to either the
document itself or the overall direction of the solution defined in
here: Francois Audet, John Elwell, Roni Even, Robert Gilman, Cullen
Jennings, Matt Lepinski, Joerg Ott, Colin Perkins, Thomas Stach, and
Dan Wing.
Andreasen Expires September 4, 2007 [Page 55]
Internet-Draft SDP Capability Negotiation March 2007
9. Change Log
9.1. draft-ietf-mmusic-sdp-capability-negotiation-05
o Allowed for '<type>=<value>' attributes to be listed as attribute
capabilities the attribute name only.
o Changed IP-address to conform to RFC 3330 guidelines.
o Added section on relationship to RFC 3407 and "Obsoletes: 3407" in
the front.
o Disallowed use of white space in a number of places for more
consistency with existing SDP practice
o Changed "csup" and "creq" attributes to not allow multiple
instances at the session-level and multiple instances per media
description (only one for each now)
o Changed to not require use of "creq" with base option tag ("cap-
v0").
o Relaxed restrictions on extension capabilities
o Updated potential configuration attribute syntax and semantics. In
particular, potential configuration attributes can now replace and
delete various existing attributes in original SDP to better
control potential attribute interactions with the actual
configuration while preserving message size efficiency.
o Updated actual configuration attribute to align with the updates
to the potential configuration attributes.
o Updated offer/answer procedures to align with other changes.
o Changed recommendation for second offer/answer exchange to "MAY"
strength, unless for the cases where it is known or suspected that
it is needed.
o Updated ICE interactions to explain how the new attribute
delete/replace features can solve certain potential interactions.
o Updated rtpmap and fmtp section to allow potential configurations
to use remapped payload types in attribute capabilities for
rtpmaps and fmtp parameters.
o Added section on direction attributes.
Andreasen Expires September 4, 2007 [Page 56]
Internet-Draft SDP Capability Negotiation March 2007
o Added another example showing SRTP with session-level MIKEY and
SDP Security Descriptions using the attribute capability DELETE
operator.
9.2. draft-ietf-mmusic-sdp-capability-negotiation-04
The following are the major changes compared to version -03:
o Added explicit ordering rules for attributes added by potential
configurations.
o Noted that ICE interaction issues (ice-tcp specifically) may not
be as clear as originally thought.
o Added considerations on using rtpmap and fmtp attributes as
attribute capabilities.
o Added multiple transport protocol example.
o Added session-level MIKEY and media level security descriptions
example.
9.3. draft-ietf-mmusic-sdp-capability-negotiation-03
The following are the major changes compared to version -02:
o Base option tag name changed from "v0" to "cap-v0".
o Added new section on extension capability attributes
o Firmed up offer/answer procedures.
o Added security considerations
o Added IANA considerations
9.4. draft-ietf-mmusic-sdp-capability-negotiation-02
The following are the major changes compared to version -01:
o Potential configurations are no longer allowed at the session
level
o Renamed capability attributes ("capar" to "acap" and "ctrpr" to
"tcap")
Andreasen Expires September 4, 2007 [Page 57]
Internet-Draft SDP Capability Negotiation March 2007
o Changed name and semantics of the initial number (now called
configuration number) in potential configuration attributes; must
now be unique and can be used as a handle
o Actual configuration attribute now includes configuration number
from the selected potential configuration attribute
o Added ABNF throughout
o Specified that answerer should include "a=csup" in case of
unsupported required extensions in offer.
o Specified use of second offer/answer exchange when answerer
selected a potential configuration
o Updated rules (and added restrictions) for referencing media- and
session-level capabilities in potential configurations (at the
media level)
o Added initial section on ICE interactions
o Added initial section on receiving media before answer
9.5. draft-ietf-mmusic-sdp-capability-negotiation-01
The following are the major changes compared to version -00:
o Media capabilities are no longer considered a core capability and
hence have been removed. This leaves transport protocols and
attributes as the only capabilities defined by the core.
o Version attribute has been removed and an option tag to indicate
the actual version has been defined instead.
o Clarified rules for session-level and media level attributes
provided at either level as well how they can be used in potential
configurations.
o Potential configuration parameters no longer have implicit
ordering; an explicit preference indicator is now included.
o The parameter name for transport protocols in the potential and
actual configuration attributes have been changed "p" to "t".
o Clarified operator precedence within potential and actual
configuration attributes.
Andreasen Expires September 4, 2007 [Page 58]
Internet-Draft SDP Capability Negotiation March 2007
o Potential configurations at the session level now limited to
indicate latent capability configurations. Consequently, an actual
configuration attribute can no longer be provided at the session
level.
o Cleaned up capability and potential configuration terminology -
they are now two clearly different things.
9.6. draft-ietf-mmusic-sdp-capability-negotiation-00
Version 00 is the initial version. The solution provided in this
initial version is based on an earlier (individual submission)
version of [SDPCapNeg]. The following are the major changes compared
to that document:
o Solution no longer based on RFC 3407, but defines a set of similar
attributes (with some differences).
o Various minor changes to the previously defined attributes.
o Multiple transport capabilities can be included in a single "tcap"
attribute
o A version attribute is now included.
o Extensions to the framework are formally supported.
o Option tags and the ability to list supported and required
extensions are supported.
o A best-effort SRTP example use case has been added.
o Some terminology change throughout to more clearly indicate what
constitutes capabilities and what constitutes configurations.
Andreasen Expires September 4, 2007 [Page 59]
Internet-Draft SDP Capability Negotiation March 2007
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3264] Rosenberg, J., and H. Schulzrinne, "An Offer/Answer Model
with Session Description Protocol (SDP)", RFC 3264, June
2002.
[RFC3407] F. Andreasen, "Session Description Protocol (SDP) Simple
Capability Declaration", RFC 3407, October 2002.
[RFC3605] C. Huitema, "Real Time Control Protocol (RTCP) attribute in
Session Description Protocol (SDP)", RFC 3605, October
2003.
[RFC4234] Crocker, D., and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", RFC 4234, October 2005.
[RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Description Protocol", RFC 4566, July 2006.
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 2434,
October 1998.
10.2. Informative References
[RFC2046] Freed, N., and N. Borensteain, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046,
November 1996.
[RFC2327] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Description Protocol", RFC 2327, April 1998.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E. Schooler,
"SIP: Session Initiation Protocol", RFC 3261, June 2002.
[RFC3388] Camarillo, G., Eriksson, G., Holler, J., and H.
Schulzrinne, "Grouping of Media Lines in the Session
Description Protocol (SDP)", RFC 3388, December 2002.
Andreasen Expires September 4, 2007 [Page 60]
Internet-Draft SDP Capability Negotiation March 2007
[RFC3551] Schulzrinne, H., and S. Casner, "RTP Profile for Audio and
Video Conferences with Minimal Control", RFC 3551, July
2003.
[SRTP] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
Norrman, "The Secure Real-time Transport Protocol (SRTP)",
RFC 3711, March 2004.
[RFC3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions
(S/MIME) Version 3.1 Message Specification", RFC 3851, July
2004.
[RFC4091] Camarillo, G., and J. Rosenberg, The Alternative Network
Address Types (ANAT) Semantics for the Session Description
Protocol (SDP) Grouping Framework, RFC 4091, June 2005.
[AVPF] Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey,
"Extended RTP Profile for RTCP-Based Feedback (RTP/AVPF)",
Work in Progress, August 2004.
[I-D.jennings-sipping-multipart] Wing, D., and C. Jennings, "Session
Initiation Protocol (SIP) Offer/Answer with Multipart
Alternative", Work in Progress, March 2006.
[SAVPF] Ott, J., and E Carrara, "Extended Secure RTP Profile for
RTCP-based Feedback (RTP/SAVPF)", Work in Progress,
December 2005.
[SDES] Andreasen, F., Baugher, M., and D. Wing, "Session
Description Protocol Security Descriptions for Media
Streams", RFC 4568, July 2006.
[SDPng] Kutscher, D., Ott, J., and C. Bormann, "Session Description
and Capability Negotiation", Work in Progress, February
2005.
[BESRTP] Kaplan, H., and F. Audet, "Session Description Protocol
(SDP) Offer/Answer Negotiation for Best-Effort Secure Real-
Time Transport Protocol, Work in progress, August 2006.
[KMGMT] Arkko, J., Lindholm, F., Naslund, M., Norrman, K., and E.
Carrara, "Key Management Extensions for Session Description
Protocol (SDP) and Real Time Streaming Protocol (RTSP)",
RFC 4567, July 2006.
Andreasen Expires September 4, 2007 [Page 61]
Internet-Draft SDP Capability Negotiation March 2007
[SDPCapNegRqts] Andreasen, F. "SDP Capability Negotiation:
Requirementes and Review of Existing Work", work in
progress, December 2006.
[SDPCapNeg] Andreasen, F. "SDP Capability Negotiation", work in
progress, December 2006.
[MIKEY] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K.
Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830,
August 2004.
[ICE] J. Rosenberg, "Interactive Connectivity Establishment
(ICE): A Methodology for Network Address Translator (NAT)
Traversal for Offer/Answer Protocols", work in progress,
January 2007.
[ICETCP] J. Rosenberg, "TCP Candidates with Interactive Connectivity
Establishment (ICE)", work in progress, October 2006.
[RFC3312] G. Camarillo, W. Marshall, and J. Rosenberg, "Integration
of Resource Management and Session Initiatio Protocol
(SIP)", RFC 3312, October 2002.
[SMIME] B. Ramsdell, "Secure/Multipurpose Internet Mail Extensions
(S/MIME) Version 3.1 Message Specification", RFC 3851, July
2004.
[RFC4474] J. Peterson, and C. Jennings, "Enhancements for
Authenticated Identity Management in the Session Initiation
Protocol (SIP)", RFC 4474, August 2006.
[sprecon] Andreasen, F. and D. Wing, "Security Preconditions for
Session Description Protocol Media Streams", Work in
Progress, October 2006.
Author's Addresses
Flemming Andreasen
Cisco Systems
Edison, NJ
Email: fandreas@cisco.com
Andreasen Expires September 4, 2007 [Page 62]
Internet-Draft SDP Capability Negotiation March 2007
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Andreasen Expires September 4, 2007 [Page 63]
