diff --git a/xep-0176.xml b/xep-0176.xml index 3be1c35b..4ec715f6 100644 --- a/xep-0176.xml +++ b/xep-0176.xml @@ -2,7 +2,7 @@ %ents; -ICE-13"> +ICE-14"> ]> @@ -27,6 +27,12 @@ &scottlu; &hildjj; &seanegan; + + 0.7 + 2007-03-23 + psa +

Updated to track ICE-14 and ICE-TCP-03; moved text on discovery of STUN servers to separate specification.

 + 0.6 2006-12-21 @@ -65,7 +71,6 @@ -

Note: This document depends on the IETF's &ice; specification, which is a work in progress. Every effort has been made to keep this document synchronized with draft-ietf-mmusic-ice, for which the latest published version is 13 (hereafter referred to as "&icecurr;"). The interested reader is referred to the &icecurr; for a detailed description of the ICE methodology, which for the most part this document merely maps to XMPP syntax.

&xep0166; defines a framework for negotiating and managing out-of-band data sessions over XMPP. In order to provide a flexible framework, the base Jingle specification defines neither data transport methods nor content formats, leaving that up to separate specifications. The current document defines a transport method for establishing and managing data connections between XMPP entities, using the ICE methodology currently being developed within the IETF.

The process for ICE negotiation is largely the same in Jingle as it is in &icecurr;. There are several differences:

+

Note: This document depends on the IETF's &ice; specification, which is a work in progress. Every effort has been made to keep this document synchronized with draft-ietf-mmusic-ice, for which the latest published version is 14 (hereafter referred to as "&icecurr;"). The interested reader is referred to &icecurr; for a detailed description of the ICE methodology, which for the most part this document merely maps to XMPP syntax.

The Jingle transport method defined herein is designed to meet the following requirements:

@@ -87,7 +93,7 @@ -

In order for the initiator in a Jingle exchange to start the negotiation, it MUST send a Jingle "session-initiate" stanza as described in XEP-0166. This stanza MUST include at least one transport method. If the initiator wishes to negotiate the ICE transport, it MUST include an empty &TRANSPORT; child element qualified by the 'http://www.xmpp.org/extensions/xep-0176.html#ns' namespace (see Protocol Namespaces).

+

In order for the initiator in a Jingle exchange to start the negotiation, it MUST send a Jingle "session-initiate" stanza as described in XEP-0166. This stanza MUST include at least one transport method. If the initiator wishes to negotiate the ICE transport, it MUST include an empty &TRANSPORT; child element qualified by the 'http://www.xmpp.org/extensions/xep-0176.html#ns' namespace &NSNOTE;.

- + ... @@ -115,25 +121,27 @@

The candidate syntax and negotiation flow are described below.

The following is an example of the candidate format:

- - - - + + + + + ]]> @@ -147,149 +155,155 @@ component - A Component ID as defined in &icecurr; + A Component ID as defined in &icecurr;. Component ID value in a=candidate line 1 foundation - A Foundation as defined in &icecurr; + A Foundation as defined in &icecurr;. Foundation value in a=candidate line 1 generation - An index, starting at 0, that enables the parties to keep track of updates to the candidate throughout the life of the session + An index, starting at 0, that enables the parties to keep track of updates to the candidate throughout the life of the session. N/A 0 ip - The Internet Protocol (IP) address for the candidate transport mechanism; this may be either an IPv4 address or an IPv6 address + The Internet Protocol (IP) address for the candidate transport mechanism; this may be either an IPv4 address or an IPv6 address. IP Address value in a=candidate line 10.0.1.1 network - An index, starting at 0, referencing which network this candidate is on for a given peer (used for diagnostic purposes if the calling hardware has more than one Network Interface Card or NIC) + An index, starting at 0, referencing which network this candidate is on for a given peer (used for diagnostic purposes if the calling hardware has more than one Network Interface Card or NIC). N/A 0 port - The port at the candidate IP address + The port at the candidate IP address. Port value in a=candidate line 8998 priority A Priority as defined in &icecurr; - In accordance with the rules specified in Section 5.2 of &icecurr;, the priority values shown in the examples within this document have been calculated as follows. The "type preference" for local candidates is stipulated to be "126" and for server reflexive candidates "66". The "local preference" for network 0 is stipulated to be "4096", for network 1 "2048", and for network 2 "1024". + In accordance with the rules specified in Section 5.3 of &icecurr;, the priority values shown in the examples within this document have been calculated as follows. The "type preference" for local candidates is stipulated to be "126" and for server reflexive candidates "66". The "local preference" for network 0 is stipulated to be "4096", for network 1 "2048", and for network 2 "1024". Priority value in a=candidate line 9909 protocol - The protocol to be used; allowable values are: "udp" (when standard &icecurr; is used); "tcp", "tcp-act", and "tcp-pass" (when &ice-tcp; is used); and "ssltcp" (definition to follow) + The protocol to be used. The allowable values are: "udp" (when standard &icecurr; is used); "tcp-act", "tcp-pass", and "tcp-so" (when &ice-tcp; is used); and "ssltcp" (definition to follow in a separate specification). Transport protocol field in a=candidate line udp pwd - A Password as defined in &icecurr; + A Password as defined in &icecurr;. a=ice-pwd line asd88fgpdd777uzjYhagZg type - A Candidate Type as defined in &icecurr;; the allowable values are "host" for host candidates, "srflx" for server reflexive candidates, "prflx" for peer reflexive candidates, and "relay" for relayed candidates + A Candidate Type as defined in &icecurr;. The allowable values are "host" for host candidates, "prflx" for peer reflexive candidates, "relay" for relayed candidates, and "srflx" for server reflexive candidates. Typ field in a=candidate line srflx ufrag - A User Fragment as defined in &icecurr; + A User Fragment as defined in &icecurr;. a=ice-ufrag line 8hhy -

The first step in negotiating connectivity is for each client to immediately begin sending candidate transport methods to the other client. These candidates SHOULD be gathered by following the procedure specified in Section 5.1 of &icecurr; and prioritized by following the procedure specified in Section 5.2 of &icecurr;. Each candidate MUST be sent in a &JINGLE; element with an action of "transport-info".

+

The first step in negotiating connectivity is for each client to immediately begin sending candidate transport methods to the other client. These candidates SHOULD be gathered by following the procedure specified in Section 5.3 of &icecurr; and prioritized by following the procedure specified in Section 5.4 of &icecurr;. Each candidate MUST be sent in a &JINGLE; element with an action of "transport-info".

If the responder receives and can successfully process a given candidate, it returns an IQ-result (if not, for example because the candidate data is improperly formatted, it returns an error).

Note well that the responder is only indicating receipt of the candidate, not telling the initiator that the candidate will be used.

The initiator keeps sending candidates, one after the other (without stopping to receive an acknowledgement of receipt from the responder for each candidate) until it has exhausted its supply of possible or desirable candidate transports. (Because certain candidates may be more "expensive" in terms of bandwidth or processing power, the initiator may not want to advertise their existence unless necessary.) For each candidate, the responder acknowledges receipt.

At the same time (i.e., immediately after provisionally accepting the session, not waiting for the initiator to begin or finish sending candidates), the responder also begins sending candidates that may work for it. As above, the initiator acknowledges receipt of the candidates.

-

As the initiator and responder receive candidates, they probe the various candidate transports for connectivity. In performing these connectivity checks, client SHOULD follow the procedure specified in Section 7 of &icecurr;.

- As the initiator and responder receive candidates, they probe the various candidate transports for connectivity. In performing these connectivity checks, a client SHOULD follow the procedure specified in Section 7 of &icecurr;.

+ - - - + + + + + ]]> - - - - + + + + + ]]> - - - - + + + + + ]]>

For each candidate received, the other party MUST acknowledge receipt or return an error:

- @@ -299,31 +313,33 @@ -

If, based on STUN connectivity checks, the responder determines that it will be able to establish a connection using a given candidate, it sends a &JINGLE; element with an action of 'transport-accept' to the initiator, specifying the candidate that succeeded:

+

If, based on STUN connectivity checks, the responder determines that it will be able to establish a connection using a given candidate, it sends a &JINGLE; element with an action of 'content-accept' (or 'session-accept') to the initiator, specifying the candidate that succeeded:

- - - + + + + + ]]> -

The &JINGLE; element in the transport-accept stanza SHOULD possess a 'responder' attribute that explicitly specifies the full JID of the responding entity. If provided, all future commmunications SHOULD be sent to the JID provided in the 'responder' attribute.

+

The &JINGLE; element in the content-accept stanza SHOULD possess a 'responder' attribute that explicitly specifies the full JID of the responding entity. If provided, all future commmunications SHOULD be sent to the JID provided in the 'responder' attribute.

If the initiator can also send data over that candidate, then it acknowledges the responder's acceptance:

@@ -337,19 +353,21 @@ initiator='romeo@montague.net/orchard' responder='juliet@capulet.com/balcony' sid='a73sjjvkla37jfea'> - - - + + + + + @@ -360,38 +378,25 @@ - -

If an entity supports this specification, it MUST return a feature of "http://www.xmpp.org/extensions/xep-0176.html#ns" in response to &xep0030; information requests.

-

As mentioned in the Deployment Notes of this document, the administrator of an XMPP server may wish to deploy a STUN server in order to ease the process of negotiating use of the Jingle ICE transport. A client can become aware of a STUN server in the following ways:

-
    -
  1. Specified in the default settings for the client (while this may seem sub-optimal, it is acceptable at present because there are so few public STUN servers).
    2. -
  2. Manually added by a human user into the client's configuration.
    3. -
  3. Discovered via DNS SRV records as specified in Section 9.1 of &rfc3489;.
    4. -
  4. Discovered via the XMPP &xep0030; extension.
    5. -
-

It is OPTIONAL for a STUN server to support XMPP for the purpose of service discovery. Therefore, client developers SHOULD NOT depend on the existence of XMPP-aware STUN servers.

-

If a STUN server is accessible via XMPP, it SHOULD be advertised by returning an appropriate item in response to service discovery item requests sent to the address of an XMPP server:

- - - - - - - - - - ]]> -

A subsequent service discovery information request to the STUN server MUST result in a response indicating that the STUN server has a service discovery category of "proxy" and type of "stun", as well as advertisement of appropriate service discovery features (because the XMPP interaction is necessary only in order to discover the identity of the STUN server, the only feature that an XMPP-aware STUN server SHOULD advertise is "http://jabber.org/protocol/disco#info".)

- + +

If an entity supports the Jingle ICE transport, it MUST return a feature of "http://www.xmpp.org/extensions/xep-0176.html#ns" &NSNOTE; in response to &xep0030; information requests.

+ - - + ]]> + - - + ... + + ... ]]> @@ -402,9 +407,7 @@ - -

In order to secure the end-to-end data stream, implementations SHOULD use encryption methods appropriate to the transport method in use.

- +

In order to secure the data stream that is negotiated via the Jingle ICE transport, implementations SHOULD use encryption methods appropriate to the transport method and media being exchanged (for details regarding audio and video exchanges via RTP, refer to XEP-0167 and XEP-0180).

 @@ -429,20 +432,6 @@ ]]> - -

The XMPP Registrar shall include a Service Discovery type of "stun" within the "proxy" category.

-

The registry submission is as follows:

- - proxy - - stun - a STUN (Simple Traversal of UDP through NATs) service per RFC 3489 - XEP-0176 - - - ]]> -