IETF Logo Mail Archive

Re: [MMUSIC] Bundling data channel and RTP? - Text proposal

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 27 May 2015 08:54 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C0E61A905A for <mmusic@ietfa.amsl.com>; Wed, 27 May 2015 01:54:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u9jvlYNCmWIE for <mmusic@ietfa.amsl.com>; Wed, 27 May 2015 01:54:31 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 742431A9050 for <mmusic@ietf.org>; Wed, 27 May 2015 01:54:30 -0700 (PDT)
X-AuditID: c1b4fb2d-f794d6d000004501-f7-556586447295
Received: from ESESSHC023.ericsson.se (Unknown_Domain [153.88.253.125]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 7D.3C.17665.44685655; Wed, 27 May 2015 10:54:28 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.71]) by ESESSHC023.ericsson.se ([153.88.183.87]) with mapi id 14.03.0210.002; Wed, 27 May 2015 10:54:27 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Christian Groves <Christian.Groves@nteczone.com>, "mmusic@ietf.org" <mmusic@ietf.org>
Thread-Topic: [MMUSIC] Bundling data channel and RTP? - Text proposal
Thread-Index: AdCWueoLsROxlWDYR6SbmQrUuOlHngAPEbUAAFSKmYAABF7jcA==
Date: Wed, 27 May 2015 08:54:26 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D866141@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B1D852384@ESESSMB209.ericsson.se> <55634C34.4080304@alum.mit.edu> <5565838D.2020005@nteczone.com>
In-Reply-To: <5565838D.2020005@nteczone.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.148]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprCIsWRmVeSWpSXmKPExsUyM+Jvra5LW2qowYEeOYsv7xtZLLZOFbK4 duYfo8XU5Y9ZLFZsOMBqMePCVGYHNo+/7z8weeycdZfdY8GmUo8lS34yeaw4P5PF49aUggC2 KC6blNSczLLUIn27BK6MNSc2sRZsM6toe7+EsYHxrXYXIyeHhICJxPWZ3WwQtpjEhXvrgWwu DiGBo4wSR6fdYoVwFjNKTG18w9LFyMHBJmAh0f0PrFlEIFpi0sJmsAZmgbuMEv9v/WYGSQgL uEj8WtLDAlHkKrHiOURcRMBJ4mZ3MxOIzSKgKnF3wXQwm1fAV2L7naWMEMv6GSWWHZ4KluAU 0JGY9OEyI4jNCHTe91NrwOLMAuISt57MZ4I4W0BiyZ7zzBC2qMTLx/9YIWwlicYlT1gh6vUk bkydwgZha0ssW/iaGWKxoMTJmU9YJjCKzUIydhaSlllIWmYhaVnAyLKKUbQ4tbg4N93IWC+1 KDO5uDg/Ty8vtWQTIzAaD275rbuDcfVrx0OMAhyMSjy8iqqpoUKsiWXFlbmHGKU5WJTEeb26 QkKFBNITS1KzU1MLUovii0pzUosPMTJxcEo1MC4xe9wr9N1G6eNTAwuraXsnTk/0VhQ/r/39 csuRMpM0SyG/BccL29RW3rAy0e3ddOJfgc6S11/dvzVMf3QyMr2Ed77Kpx9Zj77zCYgbMcTL 8Z8qvczBMP3OEvabyfpPspp/2R5oOuFzye4/48P8V6KbWHcfmb5xz1M/VlmRU21b9Ptznj2T 4VRiKc5INNRiLipOBACNrIwWpwIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/32PHQ2S4Zmr3UqJpkblIRk7R-GM>
Cc: "pkyzivat@alum.mit.edu" <pkyzivat@alum.mit.edu>
Subject: Re: [MMUSIC] Bundling data channel and RTP? - Text proposal
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 08:54:34 -0000

Hi Christian,

>With respect to the text below I don't think you need the "When DTLS is used for more than one media stream within a >BUNDLE group". All you need to say is that there may only be one DTLS association per BUNDLE. Also it could be more >confusing to mention more than one media stream, because SRTP doesn't use DTLS for the media stream, only key >exchange.

Sounds good.

>One interesting question that Albrecht brought up in a separate email discussion is what happens if you first establish a >DTLS association for datachannel and then at a later stage you add SRTP media? I take it that you'd have to re-establish >the DTLS connection and perform a handshake using the "use_srtp" extension. That makes transitioning messy.

There is a related (not BUNDLE specific) discussion on when one is allowed to re-establish a DTLS connection, and the idea (I don't have the exact details in front of me) is that it can happen only when an IP address or port changes. That obviously does not have to occur if you add SRTP.

Roman/Justin/Martin/Paul/whoever-cares-about-this, do you have an opinion?

Regards,

Christer


On 26/05/2015 2:22 AM, Paul Kyzivat wrote:
> On 5/25/15 3:14 AM, Christer Holmberg wrote:
>> Hi,
>>
>> Below is a suggestion for a "DTLS considerations" section. Let me 
>> know if you think there are more rules/restrictions that we should 
>> document.
>
> My reply to your other message implies that it is probably important 
> to say more than this.
>
> Also, I *think* it is possible to mix RTP over UDP with RTP over DTLS 
> in the same bundle. (Though I can't think of any utility to doing so.) 
> I don't think what you say below is inconsistent with that, but it 
> might be good to think through the implications.
>
>     Thanks,
>     Paul
>
>> --------------------
>>
>> X.  DTLS Considerations
>>
>>     One or more media streams within a BUNDLE group can use
>>     the Datagram Transport Layer Security (DTLS) protocol [RFC6347]
>>     in order to encrypt the data, or to negotiate encryption keys
>>     if another encryption mechanism is used to encrypt media.
>>
>>     When DTLS is used for more than one media stream within a BUNDLE
>>     group, the following rules apply:
>>
>>     o  A single DTLS association [RFC6347] MUST be used for all media
>>     using DTLS; and
>>
>>         o  Each media protocol using DTLS MUST use the same mechanism 
>> for
>>     determining which endpoint (the offerer or answerer) becomes DTLS 
>> client and DTLS server.
>>
>> --------------------
>>
>> Regards,
>>
>> Christer
>>
>>
>>
>> -----Original Message-----
>> From: mmusic [mailto:mmusic-bounces@ietf.org] On Behalf Of Christer 
>> Holmberg
>> Sent: 25 May 2015 04:59
>> To: Christian Groves; mmusic@ietf.org
>> Subject: Re: [MMUSIC] Bundling data channel and RTP?
>>
>> Hi,
>>
>> I wonder whether we should have a "DTLS considerations" section in 
>> BUNDLE, and specify that all bundled media MUST use the same DTLS 
>> connection for key management, encryption etc.
>>
>> Would it even be possible to establish multiple DTLS connections on a 
>> single 5-tuple?
>>
>> Regards,
>>
>> Christer
>>
>> -----Original Message-----
>> From: mmusic [mailto:mmusic-bounces@ietf.org] On Behalf Of Christian 
>> Groves
>> Sent: 22 May 2015 10:20
>> To: mmusic@ietf.org
>> Subject: Re: [MMUSIC] Bundling data channel and RTP?
>>
>> Hello Magnus and Martin,
>>
>> Thanks for confirming that.
>>
>> It would be good to cover bundling the SRTP and DTLS/SCTP m-lines the 
>> BUNDLE and JSEP drafts.
>>
>> Regards, Christian
>>
>>
>>
>> On 20 May 2015 at 17:21, Christian
>> Groves<Christian.Groves@nteczone.com>  wrote:
>>
>>> Can anyone confirm the intention that a single DTLS connection is 
>>> used for SRTP key exchange and also SCTP packets?
>>
>> Yes, the record layer carries SCTP and exporters from the same 
>> session are used to key SRTP.
>>
>>
>>
>> On 21/05/2015 7:34 PM, Magnus Westerlund wrote:
>>> Christian Groves skrev den 2015-05-21 02:21:
>>>> Can anyone confirm the intention that a single DTLS connection is 
>>>> used for SRTP key exchange and also SCTP packets?
>>>>
>>>> draft-ietf-rtcweb-transports-08 indicates:
>>>>
>>>> /WebRTC implementations MUST support multiplexing of DTLS and RTP 
>>>> over//
>>>> //   the same port pair, as described in the DTLS_SRTP specification//
>>>> //   [RFC5764], section 5.1.2.  All application layer protocol
>>>> payloads//
>>>> //   over this DTLS connection are SCTP packets./
>>>>
>>>> To me this implies a single DTLS connection. However in RFC5764 
>>>> clause
>>>> 4.1 it says:
>>>> /Once the "use_srtp" extension is negotiated, the RTP or RTCP//
>>>> //   application data is protected solely using SRTP. Application
>>>> data is//
>>>> //   never sent in DTLS record-layer "application_data" packets.
>>>> Rather,//
>>>> //   complete RTP or RTCP packets are passed to the DTLS stack, 
>>>> which//
>>>> //   passes them to the SRTP stack, which protects them 
>>>> appropriately.//
>>>> /
>>>> In the second sentence "application data" is not qualified with 
>>>> "RTP or RTCP" so it could be taken that its not possible to use the 
>>>> DTLS connection for anything else. However I take it that as the 
>>>> rest of the paragraph talks about RTP or RTCP that these were meant 
>>>> when application data is mentioned?
>>>>
>>>> Can only one add some clarity?
>>>>
>>>
>>> Yes, that is clearly the intention as I understand it in WebRTC.
>>>
>>> Cheers
>>>
>>> Magnus Westerlund
>>>
>>> --------------------------------------------------------------------
>>> -- Services, Media and Network features, Ericsson Research EAB/TXM
>>> ----------------------------------------------------------------------
>>> Ericsson AB                 | Phone  +46 10 7148287
>>> Färögatan 6                 | Mobile +46 73 0949079
>>> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
>>> --------------------------------------------------------------------
>>> --
>>>
>>>
>>
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>>
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>>
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>>
>
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>

_______________________________________________
mmusic mailing list
mmusic@ietf.org
https://www.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email