| draft-ietf-rtcweb-ip-handling-08.txt | draft-ietf-rtcweb-ip-handling-09.txt | |||
|---|---|---|---|---|
| Network Working Group J. Uberti | Network Working Group J. Uberti | |||
| Internet-Draft Google | Internet-Draft Google | |||
| Intended status: Standards Track G. Shieh | Intended status: Standards Track G. Shieh | |||
| Expires: December 5, 2018 Facebook | Expires: December 15, 2018 Facebook | |||
| June 3, 2018 | June 13, 2018 | |||
| WebRTC IP Address Handling Requirements | WebRTC IP Address Handling Requirements | |||
| draft-ietf-rtcweb-ip-handling-08 | draft-ietf-rtcweb-ip-handling-09 | |||
| Abstract | Abstract | |||
| This document provides information and requirements for how IP | This document provides information and requirements for how IP | |||
| addresses should be handled by WebRTC implementations. | addresses should be handled by WebRTC implementations. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| skipping to change at page 1, line 32 ¶ | skipping to change at page 1, line 32 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 5, 2018. | This Internet-Draft will expire on December 15, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 5, line 8 ¶ | skipping to change at page 5, line 8 ¶ | |||
| 2. By default, WebRTC should be able to negotiate direct peer-to- | 2. By default, WebRTC should be able to negotiate direct peer-to- | |||
| peer connections between endpoints (i.e., without traversing a | peer connections between endpoints (i.e., without traversing a | |||
| NAT or relay server), by providing a minimal set of local IP | NAT or relay server), by providing a minimal set of local IP | |||
| addresses to the application for use in the ICE process. This | addresses to the application for use in the ICE process. This | |||
| ensures that applications that need true peer-to-peer routing for | ensures that applications that need true peer-to-peer routing for | |||
| bandwidth or latency reasons can operate successfully. However, | bandwidth or latency reasons can operate successfully. However, | |||
| it should be possible to suppress these addresses (with the | it should be possible to suppress these addresses (with the | |||
| resultant impact on direct connections) if desired. | resultant impact on direct connections) if desired. | |||
| 3. By default, WebRTC traffic should not be sent through application | 3. By default, WebRTC traffic should not be sent through proxy | |||
| proxy servers, due to the media quality problems associated with | servers, due to the media quality problems associated with | |||
| sending WebRTC traffic over TCP, which is almost always used when | sending WebRTC traffic over TCP, which is almost always used when | |||
| communicating with such proxies, as well as proxy performance | communicating with such proxies, as well as proxy performance | |||
| issues that may result from proxying WebRTC's long-lived, high- | issues that may result from proxying WebRTC's long-lived, high- | |||
| bandwidth connections. However, it should be possible to force | bandwidth connections. However, it should be possible to force | |||
| WebRTC to send its traffic through a configured proxy if desired. | WebRTC to send its traffic through a configured proxy if desired. | |||
| 5.2. Modes and Recommendations | 5.2. Modes and Recommendations | |||
| Based on these ideas, we define four specific modes of WebRTC | Based on these ideas, we define four specific modes of WebRTC | |||
| behavior, reflecting different media quality/privacy tradeoffs: | behavior, reflecting different media quality/privacy tradeoffs: | |||
| Mode 1: Enumerate all addresses: WebRTC MUST use all network | Mode 1: Enumerate all addresses: WebRTC MUST use all network | |||
| interfaces to attempt communication with STUN servers, TURN | interfaces to attempt communication with STUN servers, TURN | |||
| servers, or peers. This will converge on the best media | servers, or peers. This will converge on the best media | |||
| path, and is ideal when media performance is the highest | path, and is ideal when media performance is the highest | |||
| priority, but it discloses the most information. | priority, but it discloses the most information. | |||
| Mode 2: Default route + associated local addresses: WebRTC MUST | Mode 2: Default route + associated local addresses: WebRTC MUST | |||
| follow the kernel routing table rules, which will typically | follow the kernel routing table rules, which will typically | |||
| cause media packets to take the same route as the | cause media packets to take the same route as the | |||
| application's HTTP traffic. If an application TURN server | application's HTTP traffic. If an enterprise TURN server is | |||
| is present, the preferred route MUST be through this TURN | present, the preferred route MUST be through this TURN | |||
| server. Once an interface has been chosen, the private IPv4 | server. Once an interface has been chosen, the private IPv4 | |||
| and IPv6 addresses associated with this interface MUST be | and IPv6 addresses associated with this interface MUST be | |||
| discovered and provided to the application. This ensures | discovered and provided to the application. This ensures | |||
| that direct connections can still be established in this | that direct connections can still be established in this | |||
| mode. | mode. | |||
| Mode 3: Default route only: This is the the same as Mode 2, except | Mode 3: Default route only: This is the the same as Mode 2, except | |||
| that the associated private addresses MUST NOT be provided; | that the associated private addresses MUST NOT be provided; | |||
| the only IP addresses gathered are those discovered via | the only IP addresses gathered are those discovered via | |||
| mechanisms like STUN and TURN (on the default route). This | mechanisms like STUN and TURN (on the default route). This | |||
| may cause traffic to hairpin through a NAT, fall back to an | may cause traffic to hairpin through a NAT, fall back to an | |||
| application TURN server, or fail altogether, with resulting | application TURN server, or fail altogether, with resulting | |||
| quality implications. | quality implications. | |||
| Mode 4: Force proxy: This is the same as Mode 3, but when the | Mode 4: Force proxy: This is the same as Mode 3, but when the | |||
| application's HTTP traffic is sent through an application | application's HTTP traffic is sent through a proxy, WebRTC | |||
| proxy, WebRTC media traffic MUST also be proxied. If the | media traffic MUST also be proxied. If the proxy does not | |||
| proxy does not support UDP (as is the case for all HTTP and | support UDP (as is the case for all HTTP and most SOCKS | |||
| most SOCKS [RFC1928] proxies), or the WebRTC implementation | [RFC1928] proxies), or the WebRTC implementation does not | |||
| does not support UDP proxying, the use of UDP will be | support UDP proxying, the use of UDP will be disabled, and | |||
| disabled, and TCP will be used to send and receive media | TCP will be used to send and receive media through the | |||
| through the proxy. Use of TCP will result in reduced media | proxy. Use of TCP will result in reduced media quality, in | |||
| quality, in addition to any performance considerations | addition to any performance considerations associated with | |||
| associated with sending all WebRTC media through the proxy | sending all WebRTC media through the proxy server. | |||
| server. | ||||
| Mode 1 MUST only be used when user consent has been provided. The | Mode 1 MUST only be used when user consent has been provided. The | |||
| details of this consent are left to the implementation; one potential | details of this consent are left to the implementation; one potential | |||
| mechanism is to tie this consent to getUserMedia consent. | mechanism is to tie this consent to getUserMedia consent. | |||
| Alternatively, implementations can provide a specific mechanism to | Alternatively, implementations can provide a specific mechanism to | |||
| obtain user consent. | obtain user consent. | |||
| In cases where user consent has not been obtained, Mode 2 SHOULD be | In cases where user consent has not been obtained, Mode 2 SHOULD be | |||
| used. | used. | |||
| skipping to change at page 9, line 42 ¶ | skipping to change at page 9, line 42 ¶ | |||
| Time Communication Use Cases and Requirements", RFC 7478, | Time Communication Use Cases and Requirements", RFC 7478, | |||
| DOI 10.17487/RFC7478, March 2015, | DOI 10.17487/RFC7478, March 2015, | |||
| <https://www.rfc-editor.org/info/rfc7478>. | <https://www.rfc-editor.org/info/rfc7478>. | |||
| [RFC8089] Kerwin, M., "The "file" URI Scheme", RFC 8089, | [RFC8089] Kerwin, M., "The "file" URI Scheme", RFC 8089, | |||
| DOI 10.17487/RFC8089, February 2017, | DOI 10.17487/RFC8089, February 2017, | |||
| <https://www.rfc-editor.org/info/rfc8089>. | <https://www.rfc-editor.org/info/rfc8089>. | |||
| Appendix A. Change log | Appendix A. Change log | |||
| Changes in draft -09: | ||||
| o Fixed confusing text regarding enterprise TURN servers. | ||||
| Changes in draft -08: | Changes in draft -08: | |||
| o Discuss how enterprise TURN servers should be handled. | o Discuss how enterprise TURN servers should be handled. | |||
| Changes in draft -07: | Changes in draft -07: | |||
| o Clarify consent guidance. | o Clarify consent guidance. | |||
| Changes in draft -06: | Changes in draft -06: | |||
| End of changes. 7 change blocks. | ||||
| 18 lines changed or deleted | 21 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||