Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-ietf-avtcore-multiplex-guidelines-11: (with DISCUSS and COMMENT)
Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 16 June 2020 08:42 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3EAD3A1138; Tue, 16 Jun 2020 01:42:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tZre59negnS1; Tue, 16 Jun 2020 01:42:27 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50082.outbound.protection.outlook.com [40.107.5.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 841A63A1174; Tue, 16 Jun 2020 01:42:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mOGOBxu23rmvOs+sz69so8bzzOM/T9T4qfNNodaMn+dkck9gz7yQAkRPNxuilBFDgTC/GoZMZYtgoSFSkE+cLqyzhR5eUKp0qUUqurX1WEPbzSGLRWXpIWp+es/tu4mR4eB++5YJ9oCsWhUOfxQ8Spcs9JEmFrFejI4XOkHjO9+P2cD3JQqNOSozwUqVs+hNa8sxUwIlxImPebaK7EZ+tPVhgf4//Lq4WTImWVeXKdMDMt3XZemolDMVURNgxUveAs9SaIGxwQKwyHcXoPCGkkCPrNPW5WqAqVD1CV2w0ENe93ySDjn4fWd/qYgkvqXCKwsYcCOLs74DMs81UB0WfA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rK9tC1fBK4ZYs9QMFOV/d5AzWgCRpWW4mPjxlaLPqt8=; b=CZHk2XgTemjwc3l3vNlvG+Fg+bu8W9snMUcZkStMDewN2FpRVcFdQk43FIuMWZb6akb1310ZoeCeMOHElz6kyyXMMXcZ/ARgY5ZRjoNlTPypNtfUGAoCIPK9rEmE4WGyMgZg/g9TApEtt4DRB9twgkLBYpZADtyOWDxHEJMX/NMHdLF1NotX/T77vWQ8G9+3DfKCGC/xzLdz4AgStYTibeo0xdQXH5sUYE+SmeYX9VjfKNxZTtkJM5oMq8/0FFl95U3h9RVW4bObYH1L010EvK9UWreZDPz0tt7enzRPm/sED6LA8iv5QLqCwnkLPReUinE0Vv/MU+gS9IsKvBFWHQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rK9tC1fBK4ZYs9QMFOV/d5AzWgCRpWW4mPjxlaLPqt8=; b=O2J+v0DwmGHJWmkse8kj/JObdP/Gl7ZmYQuCM7kHXMUxcz/19FNXHyiW4Js1OnEq8IRPo86d6GdpVUQpA1VG+u58ausWnQAzUf4yUWSzaCBhsRIzq6U+oLb9bgxgTTjQ285PEqgHPOySr3UXd7E5YZnmVA7SwvpSRV376TZ1sxI=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3770.eurprd07.prod.outlook.com (2603:10a6:7:84::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.11; Tue, 16 Jun 2020 08:42:20 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::546c:3b3:9193:3351]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::546c:3b3:9193:3351%6]) with mapi id 15.20.3109.018; Tue, 16 Jun 2020 08:42:20 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "kaduk@mit.edu" <kaduk@mit.edu>
CC: "avtcore-chairs@ietf.org" <avtcore-chairs@ietf.org>, "jonathan.lennox42@gmail.com" <jonathan.lennox42@gmail.com>, "draft-ietf-avtcore-multiplex-guidelines@ietf.org" <draft-ietf-avtcore-multiplex-guidelines@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "avt@ietf.org" <avt@ietf.org>
Thread-Topic: Benjamin Kaduk's Discuss on draft-ietf-avtcore-multiplex-guidelines-11: (with DISCUSS and COMMENT)
Thread-Index: AQHV8nVfscRE4Hh/T0ytC2wkFDjOc6g6MfOAgABPeoCAoQ2+AA==
Date: Tue, 16 Jun 2020 08:42:19 +0000
Message-ID: <dacf71b0c72624671d95c354bf3cd4c82989fc44.camel@ericsson.com>
References: <158336138445.29463.15585769228284211900@ietfa.amsl.com> <d4b939b79839e0ed42658bf8d72fb09fd3c15051.camel@ericsson.com> <20200305211519.GY98042@kduck.mit.edu>
In-Reply-To: <20200305211519.GY98042@kduck.mit.edu>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [176.10.164.117]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7c6d872f-a419-42bd-b64f-08d811d12e9d
x-ms-traffictypediagnostic: HE1PR0702MB3770:
x-microsoft-antispam-prvs: <HE1PR0702MB377067A98B2ED98075344EA9959D0@HE1PR0702MB3770.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 04362AC73B
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZxzAkiYnED1QTSmOCh1he5cgW/nvioKVpQNVDXcsy7ZA79t0fs1xxrlU0Bsh3OErqkys8hoL8vi+jCd3pp3IExcplBq8em8e4H4/Cm68fIrxZGMUtMV8S1KeWuDmWXF9FmWyRQpBcZTCuTq3fzBOR7S6IYxtvHHApCbNFoabzbgFe3jHnEUMInqxIBYOA7v5Sxq7fBD0cD1mM/MaogW+3sd5W5ilJShFv4xRYZoM8quIPRQHG2nbhvsmgoqI9X3Cw6Epx4EDJFT18RyIs/gYt2UGpkZIxSBx65wDgYMqrYCe1oAI+QXPRX664nQJbOZ3XNgk7lG6l1K6Y/XPCn+IadQg0PqjscithRmH1/Uu1KbsVBGeZr+Jg+SGzLN4Ld0DgHj9tzhXPx6xYwESyTDbYervMp2xg7PUHfQh12KqpNHQEn4USkmHcD/L/3JjIy+euRkWTqR+qTHtuiZgrciGmw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(396003)(346002)(366004)(136003)(376002)(316002)(8676002)(186003)(2616005)(44832011)(4326008)(6916009)(83380400001)(6506007)(30864003)(966005)(5660300002)(26005)(478600001)(54906003)(6512007)(6486002)(76116006)(66446008)(66556008)(66476007)(64756008)(66946007)(86362001)(8936002)(2906002)(71200400001)(36756003)(66574015)(99106002)(579004)(559001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 2uG7V8ScrgQMFkd+DM8tp++B5+JkICFMgg6vUi/3RweVWDwlQIpn+pUE6p2VQ+xFK9/ChdH8gADzEPBLfhDacQf9BWjwQPkMm6qbmQy4BCttmkK6y+qrwVLhq1Jv2c9t4HBU8MwQLEQW1KXTJGWvLYrKHR3ETSAU7JRs6qYSPZLafjTUxEh6SV3mV6Y6R1Xve7SHT7OAb05ORf1XNZcYHDWhH9/TpFdlu85Acjwg2AfL2p+a9JCSKqslaolamdVciFT43uyaxRJQ1XQMa7Vl6RRffnRrkyGbqXtouuJMmeS/2eqFz29XXVs6iGJinr6PAjswrgAkj9Gd+CNoXRbURu7vLz2gVdHqSJ1YQBUCRD3ulw/E3KsoOCwXbjiw9clO41mlqfB+yFA4SKRzcNg+l+5iTJeTSzDLj4FEWN5VyEKbNxYUyCCKMLvy0q4iq0yDqvy5C8FDysS31nf078U1J5VKAEcZxCiNcoh4DegHiPLCuSBQ3Ac9Mf0KtiimHDsU
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <E1B59FAF71D44144B88B617ECF448AC7@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7c6d872f-a419-42bd-b64f-08d811d12e9d
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jun 2020 08:42:19.9041 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wVsnMCFysSlDKG1ZOzeRI+jKVWLnTZWrC+uqZKhCCl2hFPmNShWl4KuhH1mTvvRdpUs8Vi7kT2x9JgjAB9aTBgy1CWRWpOT+gwbLrS20dCg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3770
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/b-B5eOvsTfnWuoCcCwGIALbo3cc>
Subject: Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-ietf-avtcore-multiplex-guidelines-11: (with DISCUSS and COMMENT)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2020 08:42:31 -0000
Hi Ben, We now believe that we have addressed the discuss and the comments you made: A new version of I-D, draft-ietf-avtcore-multiplex-guidelines-12.txt has been successfully submitted by Magnus Westerlund and posted to the IETF repository. Name: draft-ietf-avtcore-multiplex-guidelines Revision: 12 Title: Guidelines for using the Multiplexing Features of RTP to Support Multiple Media Streams Document date: 2020-06-16 Group: avtcore Pages: 43 URL: https://www.ietf.org/internet-drafts/draft-ietf-avtcore-multiplex-guidelines-12.txt Status: https://datatracker.ietf.org/doc/draft-ietf-avtcore-multiplex-guidelines/ Htmlized: https://tools.ietf.org/html/draft-ietf-avtcore-multiplex-guidelines-12 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-avtcore-multiplex-guidelines Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-avtcore-multiplex-guidelines-12 Cheers Magnus On Thu, 2020-03-05 at 13:15 -0800, Benjamin Kaduk wrote: > On Thu, Mar 05, 2020 at 04:30:52PM +0000, Magnus Westerlund wrote: > > Hi Ben, > > > > Thanks for the many detailed comments. Please see inline for reponses and > > comments. > > > > On Wed, 2020-03-04 at 14:36 -0800, Benjamin Kaduk via Datatracker wrote: > > > Benjamin Kaduk has entered the following ballot position for > > > draft-ietf-avtcore-multiplex-guidelines-11: Discuss > > > > > > When responding, please keep the subject line intact and reply to all > > > email addresses included in the To and CC lines. (Feel free to cut this > > > introductory paragraph, however.) > > > > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > > > > The document, along with other ballot positions, can be found here: > > > https://datatracker.ietf.org/doc/draft-ietf-avtcore-multiplex-guidelines/ > > > > > > > > > > > > ---------------------------------------------------------------------- > > > DISCUSS: > > > ---------------------------------------------------------------------- > > > > > > As Mirja maybe already noted, Section 3.4.3 says: > > > > > > Section 8.3 of the RTP Specification [RFC3550] recommends using a > > > single SSRC space across all RTP sessions for layered coding. Based > > > on the experience so far however, we recommend to use a solution with > > > explicit binding between the RTP streams that is agnostic to the used > > > SSRC values. That way, solutions using multiple RTP streams in a > > > > > > This sounds an awful lot like we're trying to update the recommendations > > > from RFC 3550, and looks like different text than was discussed in > > > Mirja's ballot thread. Let's discuss whether the formal Updates: > > > mechanism is appropriate here or we should consider rewording. > > > > > > I think maybe the simplest rewording is dropping the explicit reference to > > Section 8.3. It is a good recommendation to use an explicit mechanism that > > is > > independent on your RTP session structure. > > I am mindful of the concern raised in the ongoing appeal against the IESG > regarding "updates/revises other documents by describing them as > inconsistent with the specification under review rather than enumerating > them", so we may want to just note here that "experience has found that an > explicit binding between the RTP streams, agnostic of SSRC values, behaves > well". > > > AVTCORE should consider updating this part of the RTP specification. And > > that is > > a fairly short and straightforward document. > > Agreed. > > > > > > > > > > ---------------------------------------------------------------------- > > > COMMENT: > > > ---------------------------------------------------------------------- > > > > > > Abstract, Introduction > > > > > > Do we consider SRTP to be included in discussion of "RTP"? > > > > Yes, SRTP is actually "just" a profile of RTP or actually two (SAVP and > > SAVPF). > > > > > > > > Section 1 > > > > > > from a particular usage of the RTP multiplexing points. The document > > > will provide some guidelines and recommend against some usages as > > > being unsuitable, in general or for particular purposes. > > > > > > If something is unsuitable in general, should the protocol feature be > > > deprecated/removed? > > > > One common unsuitable usage is to overload the payload type for other > > purposes. > > We can't deprecate the PT as that would mean that a receiver can't interpret > > the > > RTP Payload in the right way. This document do discuss why overloading it is > > unsuitable and provides alternatives for how to do this a better way. > > > > > > > > Section 2.1 > > > > > > RTP Session Group: One or more RTP sessions that are used together > > > to perform some function. Examples are multiple RTP sessions used > > > to carry different layers of a layered encoding. In an RTP > > > Session Group, CNAMEs are assumed to be valid across all RTP > > > sessions, and designate synchronisation contexts that can cross > > > RTP sessions; i.e. SSRCs that map to a common CNAME can be assumed > > > to have RTCP SR timing information derived from a common clock > > > such that they can be synchronised for playout. > > > > > > I suggest expanding "RTCP SR timing" or providing a definition. > > > > Yes, we can expand that to RTCP Sender Report timing. > > > > > > Section 3.1 > > > > > > It seems a little surprising to use simulcast as an example in the > > > "needed to represent one media source" bullet and then have separate > > > bullets for simulcast permutations. > > > > Yes, that is a bit strange, let us look at what to do about that. > > > > > > > > sessions to group the RTP streams. The choice suitable for one > > > reason, might not be the choice suitable for another reason. The > > > > > > nit: is it the "reason" or the "situation"/"scenario" that is relevant > > > here? > > > > Scenario I would say. > > > > > > > > Section 3.2 > > > > > > RTP streams. Figure 1 outlines the process of demultiplexing > > > incoming RTP streams starting already at the socket representing > > > reception of one or transport flows, e.g. an UDP destination port. > > > > > > nit: "one or more"? > > > > Yes, from an RTP session perspective, multiple sockets / 5-tuple UDP flows > > etc > > can actually be used to provide RTP/RTCP packets. This becomes much more > > evident > > if you look at some of the topologies discussed in RFC 7667. > > I was just noting that "of one or transport" was missing a word ... but > this sounds reasonable, too :) > > > So maybe there should be multiple arrows with packets and "Socket(s)" in the > > box > > to make this clearer. > > > > > > > > I'd consider putting more arrowheads in the downward direction, though > > > it's unclear if the resultant vertical expansion of the figure is worth > > > it. > > > > You mean into the PB and DEC boxes? > > Right. > > > Let us try this, it would "only" ad two more rows. > > > > > > > > Section 3.2.1 > > > > > > For RTP session separation within a single endpoint, RTP relies on > > > the underlying transport layer, and on the signalling to identify RTP > > > sessions in a manner that is meaningful to the application. A single > > > endpoint can have one or more transport flows for the same RTP > > > session, and a single RTP session can therefore span multiple > > > transport layer flows even if all endpoints use a single transport > > > layer flow per endpoint for that RTP session. The signalling layer > > > > > > nit: "therefore" seems misplaced; the relevant linkage in the logic > > > seems to be that there could be one transport flow per endpoint pair > > > (as we don't require multicast usage). > > > > Yes, I think just deleting "therefore" appear without downsides. > > > > > > > > > > Independently if an endpoint has one or more IP addresses, a single > > > > > > nit: I'm not sure if "independently" is the right conjunctive adverb, > > > but whatever is used it should have a comma after it. > > > > > > > Will look at it. > > > > > Section 3.2.2 > > > > > > Endpoints that are both RTP sender and RTP receiver use the same SSRC > > > in both roles. > > > > > > If I have multiple SSRCs as a sender, do I have freedom to vary amongst > > > them when acting as an RTP receiver (or RTCP sender)? > > > > So, they are all RTP receiver and per default they all need to report on > > reception etc and be RTCP sender. We have an RFC 8108 that clarifies this > > handling. There is also an protocol extension that allows an optimization in > > this case, see drat-ietf-avtcore-rtp-multi-stream-optimisation (stuck in > > cluster > > 238). > > > > > > > > > > SSRC values are unique across RTP sessions. For the RTP > > > retransmission [RFC4588] case it is recommended to use explicit > > > binding of the source RTP stream and the redundancy stream, e.g. > > > using the RepairedRtpStreamId RTCP SDES item [I-D.ietf-avtext-rid]. > > > > > > Some indication of whether this recommendation is new in this document > > > or "long-standing" might be worthwhile. > > > > Yes, so this is new as the RID mechanism is recently new (result of RTCWeb) > > and > > therefore can not be generally expected to be available. We can indicate > > this. > > > > > > > > Note that RTP sequence number and RTP timestamp are scoped by the > > > SSRC and thus specific per RTP stream. > > > > > > And now I wonder about the behavior of these two in the retransmission > > > case from the previous paragraph. But that's likely off-topic for this > > > document :) > > > > For RFC 4588 retransmission, the retransmissions are done on a seperate > > stream, > > with the orignal sequence number indicated in the RTP payload. > > > > > > > > An endpoint that generates more than one media type, e.g. a > > > conference participant sending both audio and video, need not (and, > > > indeed, should not) use the same SSRC value across RTP sessions. > > > > > > I'm not sure I understand why the guidance on cross-session behavior is > > > specific to the multi-media-type case. > > > > No, it applies to primary and redundancy stream similarly. However, here > > might > > there be legacy. > > > > > > > > RTCP compound packets containing the CNAME SDES item is the > > > designated method to bind an SSRC to a CNAME, effectively cross- > > > correlating SSRCs within and between RTP Sessions as coming from the > > > same endpoint. The main property attributed to SSRCs associated with > > > the same CNAME is that they are from a particular synchronisation > > > context and can be synchronised at playback. > > > > > > I am curious (but not necessarily needing to see in this document) where > > > the security considerations regarding CNAME spoofing (where an attacker > > > claims the CNAME of an existing source to attempt to be treated as part > > > of the victim's output) are discussed. > > > > So I think there are a number of security issues that might not be as well > > discussed as they should be. RTP unfortunately has quite a vunerable > > interals, > > and also the fact that the most used security mechanisms don't provide true > > source authentication, only, authenticating it to the group of keyed users > > makes > > this potentially problematic. > > > > RFC 7941 do mention this issue, but does not go further than say that you > > deploy > > source authentication based on your needs. The PERC documents likely have > > some > > additional discussion of this. Middleboxes have an interesting role here as > > they > > can be used as defense against this spofing by tracking which endpoints that > > own > > which SSRCs and refue to accept multiple endpoint to inject SSRC bound to > > the > > same SDES CNAME. However, there are of course some use cases, like FEC where > > third party actors need to add SSRCs with same CNAME. > > > > > > > > > > > > Section 3.2.4 > > > > > > The RTP payload type is scoped by the sending endpoint within an RTP > > > session. PT has the same meaning across all RTP streams in an RTP > > > session. All SSRCs sent from a single endpoint share the same > > > > > > I'd suggest "same meaning across all RTP streams from that sender", > > > though given the previous (and next!) sentence it is probably not > > > strictly necessary. > > > > So there subtle thing here. Due to SDP Offer/answer there even in star > > multi- > > party the configuration is actually done per receiver endpoint per RTP > > session. > > This can easily forces RTP middleboxes to perform PT translation due to that > > each endpoint in an RTP session actually have its own numbering schemem of > > equivalent PT configurations. But, there is a point to actually state that > > PTs > > are valid on RTP session level and trying to configure them with a SSRC > > scope is > > not without issues and should be avoided. > > > > > > > > > > Section 3.3 > > > > > > o Does my communication peer support RTP as defined with multiple > > > SSRCs per RTP session? > > > > > > There's potentially some ambiguity about grouping/binding in this text. > > > > > > gateway, for example a need to monitor the RTP streams. Beware that > > > changing the stream transport characteristics in the translator, can > > > require thorough understanding of the application logic, specifically > > > any congestion control or media adaptation to ensure appropriate > > > media handling. > > > > > > While congestion control and media adaptation are important, they're > > > hardly the only things that a middlebox might need to know about (but > > > fail to implement properly, which is the point of this warning). I'd > > > suggest rephrasing to be a range/selection rather than drilling into > > > specific points (e.g., "from congestion control to media adaptation or > > > particular application-layer semantics"). > > > > I think it sounds reasonable, will see what my co-authors if they have > > additional feedback. > > > > > > > > Within the uses enabled by the RTP standard the point to point > > > topology can contain one to many RTP sessions with one to many media > > > sources per session, each having one or more RTP streams per media > > > source. > > > > > > micro-nit: "one to many", "one to many", "one or more" ruins the > > > parallelism > > > :) > > > > Thanks :-) > > > > > > > > 3.4.3 > > > > > > o Signalling based (SDP) > > > > > > "e.g., SDP", no? > > > > > > Yes. > > > > > > An RTP/RTCP-based grouping solution is to use the RTCP SDES CNAME to > > > bind related RTP streams to an endpoint or to a synchronization > > > context. For applications with a single RTP stream per type (media, > > > source or redundancy stream), CNAME is sufficient for that purpose > > > independent if one or more RTP sessions are used. However, some > > > > > > nit: "independent if" doesn't parse properly; maybe "independently of > > > whether"? > > > > Yes, whether should do it. > > > > > > > > independent if one or more RTP sessions are used. However, some > > > applications choose not to use CNAME because of perceived complexity > > > or a desire not to implement RTCP and instead use the same SSRC value > > > to bind related RTP streams across multiple RTP sessions. RTP > > > > > > [It's interesting to see this noted, given that we talk about how if you > > > don't implement RTCP you're not actually using RTP, just the RTP packet > > > formats; and how we discuss that reusing the same SSRC value across > > > multiple RTP sessions can be risky. That said, this should not > > > discourage us from documenting what implementations actually do...] > > > > So RTCP implementation is usually done to today, but many early voice only > > usage > > skipped it. So it is background why things ended up like they are. > > > > > > > > Section 3.4.4 > > > > > > There exist a number of Forward Error Correction (FEC) based schemes > > > for how to reduce the packet loss of the original streams. Most of > > > > > > nit: I think this is either "mitigate packet loss" or "reduce lost data > > > from a media stream", but "reduce packet loss" it is not. > > > > Yes, will address. > > > > > > > > Using multiple RTP sessions supports the case where some set of > > > receivers might not be able to utilise the FEC information. By > > > placing it in a separate RTP session and if separating RTP sessions > > > on transport level, FEC can easily be ignored already on transport > > > level, without considering any RTP layer information. > > > > > > nit: "the transport level" > > > > Ok. > > > > > > > > Section 4.1.2 > > > > > > BUNDLE [I-D.ietf-mmusic-sdp-bundle-negotiation], it is possible for > > > the RTP translator to map the RTP streams between both sides using > > > some method, e.g. if the number and order of SDP "m=" lines between > > > both sides are the same. There are also challenges with SSRC > > > > > > (There's nothing in SDP that requires that to be the case, though, this > > > would merely be a "convenient property shared by the two applications' > > > behavior"?) > > > > So part is implied meaning of number and order of m= lines for particular > > applications / systems. This gets interesting when you interconnect such > > systems > > with a translator. > > > > > > > > Section 4.1.3 > > > > > > For applications that use any security mechanism, e.g., in the form > > > of SRTP, the gateway needs to be able to decrypt and verify source > > > integrity of the incoming packets, and re-encrypt, integrity protect, > > > and sign the packets as peer in the other application's security > > > context. This is necessary even if all that's needed is a simple > > > > > > Can you clarify what is meant by "sign the packets as peer" here? Is it > > > implying that the terminating gateway needs to have credentials so as to > > > impersonate both "real" participants to the other? > > > > Yes, they need to be a trusted party by both communicating peers in this > > case. > > Unless you use PERC all RTP level middleboxes will have to have access to > > the > > security context. > > > > > (Also, nit: "sign packets as the peer" might be a more grammatical > > > wording, as "peer" needs an article.) > > > > Ok. > > > > > > > > If one uses security functions, like SRTP, and as can be seen from > > > above, they incur both additional risk due to the requirement to have > > > the gateway in the security association between the endpoints (unless > > > the gateway is on the transport level), and additional complexities > > > in form of the decrypt-encrypt cycles needed for each forwarded > > > packet. SRTP, due to its keying structure, also requires that each > > > > > > This sentence is pretty complicated. Even in the first part, I'm not > > > sure what "they" in "they incur both" refers to...it seems that the risk > > > is to the participant(s) ("one") rather than the "security functions" > > > themselves... > > > > I think "they" equals gateways. Let us attempt to reformulate. > > > > > > > > RTP session needs different master keys, as use of the same key in > > > two RTP sessions can for some ciphers result in two-time pads that > > > completely breaks the confidentiality of the packets. > > > > > > I'd suggest discussing this as "reuse of a one-time pad" rather than a > > > "two-time pad". > > > > Ok > > > > > > > > Section 4.1.4 > > > > > > Endpoints that aren't updated to handle multiple streams following > > > these recommendations can have issues with participating in RTP > > > sessions containing multiple SSRCs within a single session, such as: > > > > > > Talking about endpoints being "updated [...] following these > > > recommendations" also makes me wonder whether an Updates relationship to > > > 3550 or other document(s) would be appropriate. > > > > So this being an informational document targeting Application designers > > using > > RTP and the intention is not really to change things in this document. There > > do > > exist a number of documents that will update RFC 3550. When Cluster 238 is > > processed RFC 3550 will have a number of Updated RFCs. > > > > So, I still think the answer is no to have this document update RFC 3550. > > > > > > > > Section 4.2.2 > > > > > > the, in most cases 2-3, additional flows. However, packet loss > > > causes extra delays, at least 100 ms, which is the minimal > > > retransmission timer for ICE. > > > > > > Doesn't RFC 8445 say 500 ms, not 100? > > > > Yes, your right. Probably wrote this during the discussion in the ICE WG and > > never reflected over the final consensus in the document. Will correct. > > > > > > > > Deep Packet Inspection and Multiple Streams: Firewalls differ in how > > > deeply they inspect packets. There exist some risk that deeply > > > inspecting firewalls will have similar legacy issues with multiple > > > SSRCs as some RTP stack implementations. > > > > > > Re "some risk", can we say that this has definitely been seen in the > > > wild at least once? > > > > I can't point to a particular case from the top of my head. But I have not > > been > > much in the day to day running RTP applications. However, I do assume this > > have > > been an issue. Let me check. > > > > > > > > Section 4.3.1 > > > > > > only premium users are allowed to access. The mechanism preventing a > > > receiver from getting the high quality stream can be based on the > > > stream being encrypted with a key that user can't access without > > > paying premium, using the key-management to limit access to the key. > > > > > > nit: there seems to be a missing word here ("paying a premium"?) > > > > Yes. > > > > > > > > SRTP [RFC3711] has no special functions for dealing with different > > > sets of master keys for different SSRCs. The key-management > > > functions have different capabilities to establish different sets of > > > keys, normally on a per-endpoint basis. For example, DTLS-SRTP > > > [RFC5764] and Security Descriptions [RFC4568] establish different > > > keys for outgoing and incoming traffic from an endpoint. This key > > > usage has to be written into the cryptographic context, possibly > > > associated with different SSRCs. > > > > > > I don't really understand what this paragraph is trying to say. > > > > I think it tries to warn that there are a descrepancy between how SRTP is > > defined, the implementations capabilities when combined with particular key- > > manangement and the full set of RTP's flexibilities to create an RTP > > Session. > > > > Will see if we can clarify this a bit. > > Thanks. > > > > > > > Section 4.3.2 > > > > > > Transport translator-based sessions and multicast sessions, can > > > > > > This doesn't seem to match the terminology we used in § 4.1.2. > > > (This terminology appears a couple other times, later.) > > > > These are RFC 7667 terms. We likely should use the RFC 7667 short hand to > > make > > that clearer. > > > > > > > > Section 5.1 > > > > > > h. If the applications need finer control over which session > > > participants that are included in different sets of security > > > associations, most key-management will have difficulties > > > establishing such a session. > > > > > > nit: the grammar is off, here (remove "that" and use "key-management > > > techniques"?) > > > > Ok. > > > > > > > > Section 5.3 > > > > > > 2. The application can indicate its usage of the RTP streams on RTP > > > session level, in case multiple different usages exist. > > > > > > nit: is this "in case" (precautionary) or "in the case when" > > > (descriptive)? > > > > The later, as each RTP session can be bound to a particular usage. > > > > > > > > Section 6 > > > > > > Transport Support Extensions: When defining new RTP/RTCP extensions > > > > > > nit: should we swap the order of "Support" and "Extensions"? > > > > Or "Extensions for Transport Support". Will address. > > > > > > > > Section 11.1 > > > > > > RFC 3830 does not feel like it needs to be normative. > > > > Agree, its usage is an example. > > > > > > > > Appendix A > > > > > > 4. Sending multiple streams in the same sequence number space makes > > > it impossible to determine which payload type, which stream a > > > packet loss relates to, and thus to which stream to potentially > > > apply packet loss concealment or other stream-specific loss > > > mitigation mechanisms. > > > > > > I don't think this parses properly (around "which payload type,") > > > > Will attempt to address. > > > > > > > > Appendix B.1 > > > > > > One aspect of the existing signalling is that it is focused on RTP > > > sessions, or at least in the case of SDP the media description. > > > > > > nit: I think there's an extra or missing word here (around "the media > > > description"). > > > > Yes, something is strange. > > > > maybe > > > > ... or in the case of SDP, the media descriptions concept. > > That looks better, yes. > > Thanks, > > Ben > > > > > > > o Bitrate/Bandwidth exist today only at aggregate or as a common > > > "any RTP stream" limit, unless either codec-specific bandwidth > > > limiting or RTCP signalling using TMMBR is used. > > > > > > Should we have a reference for TMMBR? > > > > Yes, it is defined in RFC 5104. > > > > > > > > Appendix B.3 > > > > > > RTP streams being transported in RTP has some particular usage in an > > > RTP application. This usage of the RTP stream is in many > > > > > > nit: singular/plural mismatch "has"/"streams" > > > > Thanks. > > > > > > > > > > Cheers > > > > Magnus Westerlund > > > > > > ---------------------------------------------------------------------- > > Networks, Ericsson Research > > ---------------------------------------------------------------------- > > Ericsson AB | Phone +46 10 7148287 > > Torshamnsgatan 23 | Mobile +46 73 0949079 > > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com > > ---------------------------------------------------------------------- > > > > > > -- Cheers Magnus Westerlund ---------------------------------------------------------------------- Networks, Ericsson Research ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Torshamnsgatan 23 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [AVTCORE] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk via Datatracker
- Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-i… Roni Even (A)
- Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-i… Magnus Westerlund
- Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-i… Benjamin Kaduk
- Re: [AVTCORE] Benjamin Kaduk's Discuss on draft-i… Magnus Westerlund