[Sframe] A possible framework for SFrame and repacketization
Richard Barnes <rlb@ipv.sx> Tue, 08 November 2022 23:55 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A2C8C1526EE for <sframe@ietfa.amsl.com>; Tue, 8 Nov 2022 15:55:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rdF9KGcaRDrW for <sframe@ietfa.amsl.com>; Tue, 8 Nov 2022 15:55:35 -0800 (PST)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52970C147924 for <sframe@ietf.org>; Tue, 8 Nov 2022 15:55:22 -0800 (PST)
Received: by mail-lf1-x134.google.com with SMTP id g12so23393733lfh.3 for <sframe@ietf.org>; Tue, 08 Nov 2022 15:55:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20210112.gappssmtp.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=ao2I01j70yAp0tcMyvb5LRfp2FfBb/lurckm69+k7lI=; b=vSHaZ3L6JUuUQr2edWCgqnyAxFcoTYRC4JDwiUpi1nhBZBDJLBRRuaxK8WGHDvRi4z VAIMcbiFnvphf36tQR3jnfCyZFLPdJFiT/DTJEvINGBxmFR37JOlcTg5BIal+VF6gjaP Dn27KBZqPffusksbLSld0W8OaEzT+ePIb9UXtBID7w/LepXpKBALHycDMil25pOr1Zll hOYbnC1lIaNmoF2Muw8bVwuI9AJ1LXL7S2zbVe7P78q3Dns4vtFG+8/R1cHc2lMeOzyo lF7GAyK0xvqUdRXJSXQmQBZyiJmJkpAGRN5MTy0tpWglOZJC/2j/Jn4N8m8tqpMHgct2 x7sA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=ao2I01j70yAp0tcMyvb5LRfp2FfBb/lurckm69+k7lI=; b=bs/miBZHu5MniVAEwwS7KPut8eXG1M8jRfXFj5b2fgeAg1MyKUnEmhTb+yPgeyS7pr LzxOfEEItr0QhlRYuuvtU2EJ70LR2CWNWTBp0yGbJcu/33czLItSb1XNTuJ93vMmh3EA kl7ilj8zJCW/0jID4k+g4qamo7A6SvXFalKJ+NNBFNILWcRyfAfAjhgtUkouODzOkkjn IPlrOM1s43syXlfnWgKnjDqKxnDP5e1rUNGKikaS3/B1IEE0OTiJh9YaANGvkEoF0zSV 2nBXf4EwfSdPazRb68JGfWjVMpoy+2ZvEAJ5aMhaClH4KZNmdUrsvm9dflxuiW1jmPF7 ZJDg==
X-Gm-Message-State: ACrzQf3cHx7lNHYB00X3xAXD3U6CCqEZLB8IfJSkTSjmfmuqmNRMYTWC xFTN2tXslH4cPRXIV26PFQ4pSdJOYzJbw7QpEtPWfUILSM7Kur5A
X-Google-Smtp-Source: AMsMyM74+bWvnJpeUgv14ri6msahLiL2PDVLP7f1r6CTUoQTQAAOAJ97oA18smwcAsD5nYH/yWjFoby4O4l4R49k2Wk=
X-Received: by 2002:a19:5048:0:b0:4b1:3856:e422 with SMTP id z8-20020a195048000000b004b13856e422mr12120017lfj.368.1667951720221; Tue, 08 Nov 2022 15:55:20 -0800 (PST)
MIME-Version: 1.0
From: Richard Barnes <rlb@ipv.sx>
Date: Tue, 08 Nov 2022 18:55:09 -0500
Message-ID: <CAL02cgT7Zafaz4YqJe6WR3k=A-mbh1zUqySu9JuixKZ=C80MvQ@mail.gmail.com>
To: "avt@ietf.org WG" <avt@ietf.org>, sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c971cc05ecfe4531"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/nstkntr2QSyOcOKLxigBsBgcWFM>
Subject: [Sframe] A possible framework for SFrame and repacketization
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2022 23:55:36 -0000
Hey AVTCORE and SFrame WGs, After the SFrame / repacketization discussion today, I had a few more thoughts on this question, which I think might point toward a productive direction here. The below notes are a little stream-of-consciousness, but hopefully get the point across. tl;dr: We should treat SFrame and generic fragmentation as new layers in the RTP processing stack. If we do that, the design and the work to do become pretty clear and straightforward. First: The repacketization problem in RTP is not SFrame-specific. It arises any time the media forwarder doesn't understand the codec, which could be due to encryption or just software. As Jonathan pointed out in the room, RTP generally assumes that a media forwarder does understand the codec, but there are situations such as E2EE where that might not be the case. The question here is whether we accommodate these situations, and if so how. In terms of SFrame-in-RTP, there's still not consensus on where SFrame goes in the media processing stack: * Capture / Render * Encode / Decode * [[ does SFrame go here? == SFrame, requires generic packetization ]] * Packetize / Depacketize * [[ or does SFrame go here? == SPacket, prevents repacketization ]] * SRTP protect / unprotect Repacketization on opaque data effectively requires that there be two layers of fragmentation / reassembly, the sender's fragemntation and the forwarder's. The sender's fragmentation has to be preserved because the fragments might not make sense if the forwarder combined them or broke them apart (e.g., they might not authenticate). The forwarder's fragmentation is necessary to fit within the MTU. Fortunately, I think this actually leads us to a nicer, more unified architecture for integrating SFrame: * Capture / Render * Encode / Decode * Codec-aware fragment / reassemble * SFrame protect / unprotect * Opaque fragment / reassemble * SRTP protect / unprotect This model includes both the SFrame and SPacket cases as special cases. For SFrame, the codec-aware fragmentation is trivial and the opaque fragmentation is non-trivial; for SPacket, the opaque packetization is trivial and the codec-aware fragmentation is non-trivial. It also points to how you would define and negotiate the various parts: * Define two new mechanisms: 1. SFrame as a generic protect/unprotect algorithm, and 2. a generic fragmentation / reassembly protocol (basically Peter's proposal) * Signal these independently in SDP, and independently of the codec etc, since they're independent layers. * If you negotiate (1) but not (2), you get SPacket and no repacketization. * If you negotiate (1) and (2), then you get SFrame and repacketization. * If you negotiate (2) and not (1), you get generic repacketization on any codec. Conveniently, the SFrame WG is already working on (1); (2) would be straightforward for AVTCORE to handle. There are some details to work out, like how the RTP header metadata gets associated across all these layers and how MTU responsibilities sort out between the two fragmentation layers. But maybe this is an overall approach that makes sense to folks? The only real alternative is the current state of affairs, where we only have SPacket, no SFrame and no repacketization. If we want either of those, it seems like we need to do something like the above. --Richard P.S. For folks with the Encoded Transform discussion in mind, I think this also provides a clean model for the "packet-level" processing we have been discussing in that context. You simply generalize the above stack so that instead of "SFrame", it says "JS-provided transform". The current frame-level transforms would short-circuit the diagram, skipping the codec-aware fragmentation stage.
- [Sframe] A possible framework for SFrame and repa… Richard Barnes