IETF Logo Mail Archive

Re: [AVTCORE] Last question about AVP profiles for RTP over QUIC (was: Re: Registering AVP Profiles for RTP over QUIC)

Joerg Ott <ott@in.tum.de> Fri, 24 June 2022 07:26 UTC

Return-Path: <ott@in.tum.de>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27554C15AAFC for <avt@ietfa.amsl.com>; Fri, 24 Jun 2022 00:26:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.885
X-Spam-Level:
X-Spam-Status: No, score=-8.885 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-1.876, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=in.tum.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cdM-9HxnUJII for <avt@ietfa.amsl.com>; Fri, 24 Jun 2022 00:26:06 -0700 (PDT)
Received: from mailout2.rbg.tum.de (mailout2.rbg.tum.de [IPv6:2a09:80c0::202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21A63C14CF10 for <avt@ietf.org>; Fri, 24 Jun 2022 00:26:04 -0700 (PDT)
Received: from mailrelay1.rbg.tum.de (mailrelay1.in.tum.de [IPv6:2a09:80c0:254::14]) by mailout2.rbg.tum.de (Postfix) with ESMTPS id 1E1974C01F4; Fri, 24 Jun 2022 09:26:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=in.tum.de; s=20220209; t=1656055560; bh=yrfRe93iqL7C8ocZqqZVAy1aHSnc2SBNU2i1Ob0FWvs=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=eXe9jwa3QuvQ8/wfM5cVrx7Y9yIfAKkFQSQCNqm4IBZIp6olJlLQZcdSeN6hBVUXJ EURxOhZ/e6eWu+i2e2Q2UQGTnAiU+GXayxWOzUQW0u2Vem0lWjMH5O+SDuasj/+7pn ysV9Fgxnm8OkIO8rLoablzp/vdqpwHVxHUVPV/hMbDE7l+zVXBtRmmYKttCWsiFVh4 HrYO+RvrLROLW68eOOsf4a3UjH2GhtGAwJLXWDHUoHU+Xc6/yWqkKxNqp8XFpXAfuu NNgjtsARI8N1O2bpBXy6Tr0Cabz+sFaLB7dUvIrPwNwHLPP9FdOEnebjXZiP9kMS3N 4f47r4jv+4zlw==
Received: by mailrelay1.rbg.tum.de (Postfix, from userid 112) id 1B0DB1A1; Fri, 24 Jun 2022 09:26:00 +0200 (CEST)
Received: from mailrelay1.rbg.tum.de (localhost [127.0.0.1]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id DCF261A0; Fri, 24 Jun 2022 09:25:59 +0200 (CEST)
Received: from mail.in.tum.de (mailproxy.in.tum.de [IPv6:2a09:80c0::78]) by mailrelay1.rbg.tum.de (Postfix) with ESMTPS id D694819F; Fri, 24 Jun 2022 09:25:59 +0200 (CEST)
Received: by mail.in.tum.de (Postfix, from userid 112) id C74374A02E6; Fri, 24 Jun 2022 09:25:59 +0200 (CEST)
Received: (Authenticated sender: ott) by mail.in.tum.de (Postfix) with ESMTPSA id BDF734A006C; Fri, 24 Jun 2022 09:25:56 +0200 (CEST) (Extended-Queue-bit xtech_vi@fff.in.tum.de)
Message-ID: <99761e8d-7cc5-9cb4-3460-1b5390c0b170@in.tum.de>
Date: Fri, 24 Jun 2022 09:25:53 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, Roman Shpount <roman@telurix.com>
Cc: IETF AVTCore WG <avt@ietf.org>
References: <CAKKJt-dvotzuaK66T8WQd7YgNLNr_6vqa4W8-z=5FvujpGWA=A@mail.gmail.com> <CAKKJt-c+PrYeackVCyGOpoiPGw6f90D7fZYw+D9MGPNKdEC8cA@mail.gmail.com> <CAD5OKxvVK5WRRY_UQsbnHA2TF9Qd0sNfKcdmuQhCFsFMOr83zA@mail.gmail.com> <CAKKJt-dXF6rLEGBPqTo-q6MwPC8gJ1mKG=ADMXrD86eG-2Q4Og@mail.gmail.com>
From: Joerg Ott <ott@in.tum.de>
In-Reply-To: <CAKKJt-dXF6rLEGBPqTo-q6MwPC8gJ1mKG=ADMXrD86eG-2Q4Og@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/w0ZQ8loPHFgn48yT26FwYu3FhfA>
Subject: Re: [AVTCORE] Last question about AVP profiles for RTP over QUIC (was: Re: Registering AVP Profiles for RTP over QUIC)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2022 07:26:11 -0000

Hi Spencer, Roman,

> On Sun, May 22, 2022 at 11:49 PM Roman Shpount <roman@telurix.com 
> <mailto:roman@telurix.com>> wrote:
> 
>     As the person who proposed this, I am for this.
> 
>     You would probably need to register TCP/QUIC/RTP/AVPF as well, which
>     would be RTP over QUICK over TCP with RFC4571 framing. See
>     https://datatracker.ietf.org/doc/html/rfc8841#section-8
>     <https://datatracker.ietf.org/doc/html/rfc8841#section-8> for a
>     similar definition for SCTP. 
> 
> 
> I've been thinking about this one for a while (see date on your reply, 
> vs date on my reply).
> 
> I may be dense, but I'm thinking that it would take (significant) work 
> for us to convince the QUIC working group to produce another QUIC 
> binding, based on TCP, rather than UDP, and that in the absence of such 
> a protocol revision, this isn't useful for the use cases people have 
> been talking about, so far.

QUIC is defined to run over UDP, so a registration of TCP/QUIC/RTP/AVPF
would not be useful.

> Usually, when I've had conversations about "falling back to TCP", it's 
> been in an HTTP/3-QUIC context, where a client's UDP packets are being 
> blocked or severely rate-limited, so falling back to HTTP/2 (or even 
> HTTP/1.1) over TCP makes perfect sense.

Right.

For RTP, 'falling back' be negotiated out of band by something like ICE.
But you would only fall back to connectivity options (and list those in
the first place) that are actually implementable.

> If UDP/QUIC/RTP/AVPF is being blocked, wouldn't an RTP endpoint just 
> failover to TCP/RTP/SAVPF, the same way it would if a path was blocking 
> UDP packets today?

Or TCP/TLS/RTP/SAVPF or DTLS/RTP if just QUIC is the problem.  Right.

> Can anyone help me understand what I'm missing here?

Nothing, I would say.

Best,
Jörg


> 
> Best,
> 
> Spencer
> 
>     The main reason for this definition is ice-tcp support. If you do a
>     session update once the ice-tcp candidate is nominated, the protocol
>     in the m= line should match the protocol for the only remaining
>     candidate, so TCP/QUIC/RTP/AVPF would be used.
> 
>     Best,
>     _____________
>     Roman Shpount
> 
> 
>     On Sun, May 22, 2022 at 7:41 PM Spencer Dawkins at IETF
>     <spencerdawkins.ietf@gmail.com
>     <mailto:spencerdawkins.ietf@gmail.com>> wrote:
> 
>         So, we had a spirited discussion about a few things in this
>         thread, but I'd like to reset back to my original question.
> 
>         On Wed, May 11, 2022 at 3:46 PM Spencer Dawkins at IETF
>         <spencerdawkins.ietf@gmail.com
>         <mailto:spencerdawkins.ietf@gmail.com>> wrote:
> 
>             Dear AVTCORE,
> 
>             I've had an open PR in
>             https://github.com/SpencerDawkins/sdp-rtp-quic/pull/9
>             <https://github.com/SpencerDawkins/sdp-rtp-quic/pull/9> for
>             a while,so I could get a sense of how AVT profiles are
>             supposed to work, and I'd like to push on that now (with a
>             virtual interim meeting coming up next week)..
> 
>             The high-level summary of discussion in
>             https://github.com/SpencerDawkins/sdp-rtp-quic-issues/issues/5
>             <https://github.com/SpencerDawkins/sdp-rtp-quic-issues/issues/5>
>             (note that this discussion is in a different repo, because
>             reasons) has been roughly,"what's the difference between
>             QUIC/RTP/AVPF and QUIC/RTP/SAVPF"?
> 
>             The arguments about not registering secure AVP profiles involve
> 
>               *   the computational overhead of double encryption for
>                 all packets, plus
>               * the payload overhead of 10 bytes per packet since you
>                 have 2 HMACs.
> 
>             The arguments about registering secure AVP profiles seem to
>             revolve around
> 
>               * Minimizing the impact of added QUIC support in existing
>                 implementations that are using /RTP/SAVPF now.
>               * QUIC encryption protects payloads between QUIC
>                 endpoints, but there are many multi-endpoint RTP
>                 topologies (https://www.rfc-editor.org/rfc/rfc7667
>                 <https://www.rfc-editor.org/rfc/rfc7667> has about 50
>                 pages of them), and when a middlebox receives
>                 QUIC/RTP/AVPF, it's not obvious whether the middlebox should
>                   o forward the RTP payload using RTP/AVPF (where
>                     the outgoing AVPF matches the incoming AVPF), or
>                   o forward the RTP payload using RTP/SAVPF, where the
>                     outgoing SRTP encryption matches the incoming QUIC 
> 
>             It seems to me that there are three choices:
> 
>               * Use only QUIC/RTP/AVPF, and and require middleboxes
>                 receiving QUIC/RTP/AVPF traffic to always forward that
>                 traffic over RTP/SAVPF
>               * Use only QUIC/RTP/AVPF, and and require senders to
>                 signal middleboxes whether they should forward that
>                 traffic over RTP/AVPF or RTP/SAVPF
>               * Register both QUIC/RTP/AVPF and QUIC/RTP/SAVPF, and if
>                 you have to do double encryption on the QUIC/RTP paths
>                 to get RTP/SAVPF on the other side of a middlebox, too bad
> 
>             So, my questions are,
> 
>               * What am I missing here?
>               * Are any of the choices I'm listing obviously the *BEST*
>                 choice?
> 
>         My recommendation for what I was registering now, in
>         sdp-rtp-quic, in my way-too-quick talk at the interim meeting
>         last week, was that I wasonly registering QUIC/RTP/AVPF (if we
>         ever figure out what SAVP and SAVPF mean when RTP is carried
>         over QUIC, we can register them later).
> 
>         We didn't have time for Q&A after my talk, but in Jabber, this
>         happened:
> 
>             11:50:08 Roman Shpount It should be UDP/QUIC/RTP/AVPF
>             11:50:26 Sergio Garcia Murillo +1 to UDP/QUIC/RTP/AVPF
> 
> 
>         So, we haven't talked about this, and if I'm making commits
>         to sdp-rtp-quic, I should ask about it now.
> 
>         After a quick spin through
>         https://www.iana.org/assignments/sdp-parameters/sdp-parameters.xhtml#sdp-parameters-2
>         <https://www.iana.org/assignments/sdp-parameters/sdp-parameters.xhtml#sdp-parameters-2>,
>         I think this is reasonable and correct.
> 
>         So, that would give me one proto registration for UDP/QUIC/RTP/AVPF.
> 
>         I'll make this change before IETF 114.
> 
>         Any obvious objections? Please reply here, if so.
> 
>         Best,
> 
>         Spencer
> 
>             Best,
> 
>             Spencer
> 
>         _______________________________________________
>         Audio/Video Transport Core Maintenance
>         avt@ietf.org <mailto:avt@ietf.org>
>         https://www.ietf.org/mailman/listinfo/avt
>         <https://www.ietf.org/mailman/listinfo/avt>
> 
> 
> _______________________________________________
> Audio/Video Transport Core Maintenance
> avt@ietf.org
> https://www.ietf.org/mailman/listinfo/avt

v2.23.0 | Report a Bug | By Email