git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@2267 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Peter Saint-Andre 2008-09-25 20:56:20 +00:00
parent 79b6b0e61f
commit a2874ca846
1 changed files with 320 additions and 64 deletions

View File

@ -27,6 +27,18 @@
&stpeter;
&hildjj;
&seanegan;
<revision>
<version>0.21</version>
<date>2008-09-25</date>
<initials>psa</initials>
<remark>
<ul>
<li>Added section on fallback to Raw UDP transport method.</li>
<li>Modified namespaces to incorporate namespace versioning.</li>
<li>Cleaned up XML schemas.</li>
</ul>
</remark>
</revision>
<revision>
<version>0.20</version>
<date>2008-07-31</date>
@ -154,7 +166,7 @@
<p>Note: &icecore; has been approved for publication as an RFC but has not yet been published as an RFC. While every effort has been made to keep this document synchronized with &icecore;, the interested reader is referred to &icecore; for a detailed description of the ICE methodology.</p>
<p>The process for ICE negotiation is largely the same in Jingle as it is in ICE. There are several differences:</p>
<ul>
<li>Instead of using SIP as the signalling channel, Jingle uses XMPP as the signalling channel.</li>
<li>Instead of using the Session Initiation Protocol (SIP) as the signalling channel, Jingle uses XMPP as the signalling channel.</li>
<li>In Jingle, each candidate transport is typically sent in a separate IQ exchange (rather than sending all candidates at once as in &icecore;). This approach takes advantage of the request-response semantics of the XMPP &IQ; stanza type and enables the parties to send higher-priority candidates earlier in the negotiation, thus resulting in a faster negotiation. However, a Jingle client MAY send multiple candidates at a time in order to ensure interworking with entities that adhere to the SDP offer / answer model described in &rfc3264;.</li>
<li>Syntax from the Session Description Protocol (see &rfc4566;) is mapped to an XML syntax suitable for sending over the XMPP signalling channel.</li>
<li>ICE candidates can be upgraded during a session (e.g., to change an IP address).</li>
@ -174,7 +186,7 @@
</ol>
</section1>
<section1 topic='Jingle Conformance' anchor='conformance'>
<p>In accordance with Section 8 of <cite>XEP-0166</cite>, this document specifies the following information related to the Jingle ice-udp transport method:</p>
<p>In accordance with Section 10 of <cite>XEP-0166</cite>, this document specifies the following information related to the Jingle ice-udp transport method:</p>
<ol>
<li><p>The transport negotiation process is defined in the <link url='#protocol'>Protocol Description</link> section of this document.</p></li>
<li><p>The semantics of the &TRANSPORT; element are defined in the <link url='#protocol-negotiate'>ICE Negotiation</link> section of this document.</p></li>
@ -184,9 +196,9 @@
</section1>
<section1 topic='Protocol Description' anchor='protocol'>
<section2 topic='Flow' anchor='protocol-flow'>
<p>The overall protocol flow for negotiation of the Jingle ICE-UDP Transport Method is as follows (note: many of these events happen simultaneously, not in sequence). The examples follow the scenario described in Section 17 of &icecore;, except that we substitute the Shakespearean characters "Romeo" and "Juliet" for the generic entities "L" and "R".</p>
<p>The overall protocol flow for negotiation of the Jingle ICE-UDP Transport Method is as follows (note: many of these events happen simultaneously, not in sequence).</p>
<code><![CDATA[
INITIATOR RESPONDER
INITIATOR RESPONDER
| |
| Jingle session-initiate |
|----------------------------------->|
@ -219,25 +231,32 @@ INITIATOR RESPONDER
|<-----------------------------------|
| Jingle ack (XMPP IQ-result) |
|----------------------------------->|
|<========MEDIA NOW FLOWS===========>|
| |
]]></code>
<p>Note: The examples in this document follow the scenario described in Section 17 of &icecore;, except that we substitute the Shakespearean characters "Romeo" and "Juliet" for the generic entities "L" and "R".</p>
</section2>
<section2 topic='Transport Initiation' anchor='protocol-initiate'>
<p>In order for the initiator in a Jingle exchange to start the negotiation, it MUST send a Jingle "session-initiate" stanza as described in <cite>XEP-0166</cite>. A content type MUST include one transport method. If the initiator wishes to negotiate the ice-udp transport method for an application format, it MUST include an empty &TRANSPORT; child element qualified by the 'urn:xmpp:tmp:jingle:transports:ice-udp' namespace &NSNOTE;.</p>
<p>In order for the initiator in a Jingle exchange to start the negotiation, it MUST send a Jingle "session-initiate" stanza as described in <cite>XEP-0166</cite>. A content type MUST include one transport method. If the initiator wishes to negotiate the ice-udp transport method for an application format, it MUST include an empty &TRANSPORT; child element qualified by the 'urn:xmpp:jingle:transports:ice-udp:0' namespace &VNOTE;.</p>
<example caption="Initiation"><![CDATA[
<iq from='romeo@montague.net/orchard'
id='jingle1'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='session-initiate'
initiator='romeo@montague.net/orchard'
sid='a73sjjvkla37jfea'>
<content name='this-is-the-audio-content'>
<description xmlns='urn:xmpp:tmp:jingle:apps:audio-rtp'>
[ ... ]
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='96' name='speex' clockrate='16000'/>
<payload-type id='97' name='speex' clockrate='8000'/>
<payload-type id='18' name='G729'/>
<payload-type id='0' name='PCMU' />
<payload-type id='103' name='L16' clockrate='16000' channels='2'/>
<payload-type id='98' name='x-ISAC' clockrate='8000'/>
</description>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'/>
</content>
@ -277,7 +296,7 @@ INITIATOR RESPONDER
</section2>
<section2 topic='Candidate Negotiation' anchor='protocol-candidates'>
<p>Once the responder acknowledges receipt of the session initiation request as shown above, both initiator and responder MUST immediately negotiate connectivity over the ICE transport by exchanging XML-formatted candidate transports for the channel. This negotiation proceeds immediately in order to maximize the possibility that media can be exchanged as quickly as possible. <note>Concurrent with negotiation of the ICE candidates, it is possible for the initiator and responder to negotiate which content types the session will include, which transport methods will be tried for each content type, etc. Those negotiation flows are shown in other specifications, such as <cite>XEP-0166</cite>. This document specifies only negotiation of the ICE transport method.</note></p>
<p>Note: In order to expedite session establishment, the initiator MAY send transport candidates immediately after sending the "session-initiate" message and before receiving acknowledgement from the responder (i.e., the initiator MUST consider the session to be live even before receiving acknowledgement). Given in-order delivery, the responder should receive such "transport-info" messages after receiving the "session-initiate" message; if not, it is appropriate for the responder to return &lt;unknown-session/&gt; errors since according to its state machine the session does not exist. If either party receives an &lt;unknown-session/&gt; from the other party, it MUST terminate the negotiation and the session.</p>
<p>Note: In order to expedite session establishment, the initiator MAY send transport candidates immediately after sending the "session-initiate" message and before receiving acknowledgement from the responder (i.e., the initiator MUST consider the session to be live even before receiving acknowledgement). Given in-order delivery as mandated by &xmppcore;, the responder will receive such "transport-info" messages after receiving the "session-initiate" message; if not, it is appropriate for the responder to return &lt;unknown-session/&gt; errors since according to its state machine the session does not exist. If either party receives an &lt;unknown-session/&gt; from the other party, it MUST terminate the negotiation and the session.</p>
<p>Note: See the <link url='#security'>Security Considerations</link> section of this document regarding the exposure of IP addresses on behalf by the responder's client.</p>
<p>The candidate syntax and negotiation flow are described below.</p>
<section3 topic='Syntax of Candidate Element' anchor='protocol-candidates-syntax'>
@ -384,10 +403,10 @@ INITIATOR RESPONDER
</table>
</section3>
<section3 topic='Exchange of Candidates' anchor='protocol-candidates-exchange'>
<p>The first step in negotiating connectivity is for each party to immediately begin sending transport candidates to the other party. <note>The fact that both parties send candidates means that Jingle requires each party to be a full implementation of ICE, not a lite implementation as specified in &icecore;.</note> These candidates SHOULD be gathered by following the procedure specified in Section 4.1.1 of &icecore; (typically by communicating with a stanadlone STUN server in order to discover the client's public IP address and port) and prioritized by following the procedure specified in Section 4.1.2 of &icecore;.</p>
<p>Each candidate or set of candidates shall be sent as &lt;candidate/&gt; children of a &TRANSPORT; element qualified by the 'urn:xmpp:tmp:jingle:transports:ice-udp' namespace. The &TRANSPORT; element shall be sent via a Jingle action of "transport-info" as shown in the examples below.</p>
<p>Either party MAY include multiple &lt;candidate/&gt; elements in one &TRANSPORT; element. Sending one candidate per transport-info action typically results in a faster negotiation because the candidates most likely to succeed are sent first and it is not necessary to gather all candidates before beginning to send any candidates. Furthermore, because certain candidates may be more "expensive" in terms of bandwidth or processing power, the initiator may not want to advertise their existence unless it is necessary to do so after other candidates have failed.) However, sending multiple candidates in a single "transport-info" action can help to ensure interoperability with entities that implement the SDP offer/answer model described in <cite>RFC 3264</cite>. An entity SHOULD send one candidate per "transport-info" action and send multiple such actions, instead of sending multiple candidates in a single "transport-info" action; the only exception is if the other party advertises support for the "urn:ietf:rfc:3264" service discovery feature.</p>
<p>If the responder receives and can successfully process a given candidate or set of candidates, it returns an IQ-result (if not, for example because the candidate data is improperly formatted, it returns an error). Note: The responder is only indicating receipt of the candidate or set of candidates, not telling the initiator that the candidate will be used.</p>
<p>The first step in negotiating connectivity is for each party to immediately begin sending transport candidates to the other party. <note>The fact that both parties send candidates means that Jingle requires each party to be a full implementation of ICE, not a lite implementation as specified in &icecore;.</note> These candidates SHOULD be gathered by following the procedure specified in Section 4.1.1 of &icecore; (typically by communicating with a standalone STUN server in order to discover the client's public IP address and port) and prioritized by following the procedure specified in Section 4.1.2 of &icecore;.</p>
<p>Each candidate or set of candidates shall be sent as &lt;candidate/&gt; children of a &TRANSPORT; element qualified by the 'urn:xmpp:jingle:transports:ice-udp:0' namespace. The &TRANSPORT; element shall be sent via a Jingle action of "transport-info" as shown in the examples below.</p>
<p>Either party MAY include multiple &lt;candidate/&gt; elements in one &TRANSPORT; element. Sending one candidate per transport-info action typically results in a faster negotiation because the candidates most likely to succeed are sent first and it is not necessary to gather all candidates before beginning to send any candidates. Furthermore, because certain candidates can be more "expensive" in terms of bandwidth or processing power, the initiator might not want to advertise their existence unless it is necessary to do so after other candidates have failed. However, sending multiple candidates in a single "transport-info" action can help to ensure interoperability with entities that implement the SDP offer/answer model described in <cite>RFC 3264</cite>. An entity SHOULD send one candidate per "transport-info" action and send multiple such actions, instead of sending multiple candidates in a single "transport-info" action; the only exception is if the other party advertises support for the "urn:ietf:rfc:3264" service discovery feature as described in the <link url='#support-sdp'>SDP Offer / Answer Support</link> section of this document.</p>
<p>If the responder receives and can successfully process a given candidate or set of candidates, it returns an IQ-result (if not, for example because the candidate data is improperly formatted, it returns an IQ-error). Note: The responder is only indicating receipt of the candidate or set of candidates, not telling the initiator that the candidate will be used.</p>
<p>The initiator keeps sending candidates (without stopping to receive an acknowledgement of receipt from the responder for each candidate) until it has exhausted its supply of possible or desirable candidate transports. For each candidate or set of candidates, the responder acknowledges receipt.</p>
<p>At the same time (i.e., immediately after acknowledging receipt of the session-initiate request, not waiting for the initiator to begin or finish sending candidates), the responder also begins sending potential candidates, in order of desirability according to the responder. As above, the initiator acknowledges receipt of the candidates.</p>
<example caption="Initiator sends some candidates"><![CDATA[
@ -395,12 +414,12 @@ INITIATOR RESPONDER
id='info1'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-info'
initiator='romeo@montague.net/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -421,12 +440,12 @@ INITIATOR RESPONDER
id='info2'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-info'
initiator='romeo@montague.net/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -463,12 +482,12 @@ INITIATOR RESPONDER
to='romeo@montague.lit/orchard'
id='info3'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-info'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='YH75Fviy6338Vbrhrlp8Yh'
ufrag='9uB6'>
<candidate component='1'
@ -485,7 +504,7 @@ INITIATOR RESPONDER
</jingle>
</iq>
]]></example>
<p>As above for the candidates sent by the responder, here the initiator acknowledges receipt of the candidates sent by the responder.</p>
<p>As above for the candidates sent by the initiator, here the initiator acknowledges receipt of the candidates sent by the responder.</p>
<example caption="Initiator acknowledges receipt"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='info3'
@ -505,7 +524,12 @@ INITIATOR RESPONDER
<li>The STUN Binding Requests generated by the responder MUST include the ICE-CONTROLLED attribute.</li>
<li>The parties MUST use STUN short term credentials to authenticate requests and perform message integrity checks. As in &icecore;, the username in the STUN Binding Request is of the form "ufrag-of-sender:ufrag-of-peer" and the password is the value of the 'pwd' attribute provided by the peer. <note>Thus when Romeo sends a STUN Binding Request to Juliet the credentials will be STUN username "8hhy:9uB6" and password "YH75Fviy6338Vbrhrlp8Yh" whereas when Juliet sends a STUN Binding Request to Romeo the credentials will be STUN username "9uB6:8hhy" and password "asd88fgpdd777uzjYhagZg".</note></li>
</ol>
<p>When it receives a STUN Binding Request, each party MUST return a STUN Binding Response, which may indicate either an error case or the success case. As described in Section 7.1.2.2 of &icecore;, a connectivity check succeeds if the STUN transaction generated a success response, the source IP address and port of the response equals the destination IP address and port that the Binding Request was sent to, and the destination IP address and port of the response match the source IP address and port that the Binding Request was sent from.</p>
<p>When it receives a STUN Binding Request, each party MUST return a STUN Binding Response, which indicates either an error case or the success case. As described in Section 7.1.2.2 of &icecore;, a connectivity check succeeds if <em>all</em> of the following are true:</p>
<ol>
<li>The STUN transaction generated a success response.</li>
<li>The source IP address and port of the response equals the destination IP address and port to which the Binding Request was sent.</li>
<li>The destination IP address and port of the response match the source IP address and port from which the Binding Request was sent.</li>
</ol>
<p>For the candidates exchanged in the previous section, the connectivity checks would be as follows. In particular, the parties send one STUN Binding Request from each of their local candidates to each of the remote candidates.</p>
<code><![CDATA[
INITIATOR NAT RESPONDER
@ -535,7 +559,7 @@ INITIATOR NAT RESPONDER
| map 192.0.2.3:45664 | |
|<======================| |
| | |
|================RTP now can flow==============>|
|==============Media Now Can Flow==============>|
| | |
| | STUN Binding Request |
| | from 192.0.2.1:3478 |
@ -556,7 +580,7 @@ INITIATOR NAT RESPONDER
| | map 192.0.2.1:3478 |
| |======================>|
| | |
|<===============RTP now can flow===============|
|==============Media Now Can Flow==============>|
| | |
]]></code>
<p>Note: Here the initiator (controlling agent) is using "aggressive nomination" as described in Section 8.1.1.2 of &icecore; and therefore includes the USE-CANDIDATE attribute in the STUN Binding Requests it sends.</p>
@ -573,16 +597,17 @@ INITIATOR NAT RESPONDER
id='accept1'
to='romeo@montague.net/orchard'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='session-accept'
initiator='romeo@montague.net/orchard'
responder='juliet@capulet.com/balcony'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<description xmlns='urn:xmpp:tmp:jingle:apps:audio-rtp'>
[ ... ]
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='97' name='speex' clockrate='8000'/>
<payload-type id='18' name='G729'/>
</description>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'>
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'>
<candidate component='1'
foundation='1'
generation='0'
@ -609,7 +634,7 @@ INITIATOR NAT RESPONDER
to='juliet@capulet.com/balcony'
type='result'/>
]]></example>
<p>Now the initiator and responder can begin sending data over the negotiated connection (in fact, they could have sent data as soon as the connectivity checks succeeded, as shown in the preceding examples).</p>
<p>Now the initiator and responder can begin sending media data over the negotiated connection (in fact, they could have sent data as soon as the connectivity checks succeeded, as shown in the preceding examples).</p>
<p>If a candidate succeeded for the responder but the initiator cannot send data over that candidate, it MUST return a &notacceptable; error in response to the responder's acceptance of the successful candidate:</p>
<example caption="Initiator returns error in response to acceptance of successful candidate"><![CDATA[
<iq from='romeo@montague.net/orchard'
@ -621,22 +646,22 @@ INITIATOR NAT RESPONDER
</error>
</iq>
]]></example>
<p>If the responder cannot find a suitable candidate transport or it receives a &notacceptable; error from the initiator in response to its acceptance of a suitable transport, it SHOULD terminate the session as described in Section 6.8 of <cite>XEP-0166</cite>.</p>
<p>If the responder cannot find a suitable candidate transport or it receives a &notacceptable; error from the initiator in response to its acceptance of a suitable transport, it SHOULD terminate the session as described in Section 6.7 of <cite>XEP-0166</cite>.</p>
</section2>
<section2 topic='Modifying an Existing Candidate' anchor='protocol-modify'>
<p>The creator of a content type MAY modify an existing, in-use candidate at any time during the session, for example to change the IP address or port. This is done by sending a transport-replace action with the changed candidate information, where the value of the 'generation' is incremented to specify that the candidate information is a modification to an existing candidate.</p>
<p>The creator of a content type MAY modify an existing, in-use candidate at any time during the session, for example to change the IP address or port. This is done by sending a transport-replace action with the changed candidate information, where the value of the 'generation' attribute is incremented to specify that the candidate information is a modification to an existing candidate.</p>
<p>An example follows (change to IP address and port).</p>
<example caption="Initiator modifies the in-use candidate"><![CDATA[
<iq from='romeo@montague.net/orchard'
id='rep2'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-replace'
initiator='romeo@montague.net/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -666,13 +691,13 @@ INITIATOR NAT RESPONDER
id='accept2'
to='romeo@montague.net/orchard'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-accept'
initiator='romeo@montague.net/orchard'
responder='juliet@capulet.com/balcony'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -705,12 +730,12 @@ INITIATOR NAT RESPONDER
id='info4'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-info'
initiator='romeo@montague.net/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -740,13 +765,13 @@ INITIATOR NAT RESPONDER
id='rep3'
to='juliet@capulet.com/balcony'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-replace'
initiator='romeo@montague.net/orchard'
responder='juliet@capulet.com/balcony'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -776,13 +801,13 @@ INITIATOR NAT RESPONDER
id='accept3'
to='romeo@montague.net/orchard'
type='set'>
<jingle xmlns='urn:xmpp:tmp:jingle'
<jingle xmlns='urn:xmpp:jingle:0'
action='transport-accept'
initiator='romeo@montague.net/orchard'
responder='juliet@capulet.com/balcony'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='this-is-the-audio-content'>
<transport xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'
pwd='asd88fgpdd777uzjYhagZg'
ufrag='8hhy'>
<candidate component='1'
@ -810,9 +835,236 @@ INITIATOR NAT RESPONDER
</section2>
</section1>
<section1 topic='Fallback to Raw UDP' anchor='fallback'>
<p>It can happen that the responder does not support ICE, in which case it can be necessary to fall back to use of the &xep0177;. One typical scenario is communication between an ICE-aware Jingle endpoint and a non-ICE-aware SIP endpoint through a Jingle-to-SIP gateway, as follows:</p>
<ol>
<li>The Jingle endpoint sends a session-initiate request to the SIP endpoint, specifying a transport method of ICE-UDP.</li>
<li>Based on capabilities information, the gateway knows that the SIP endpoint does not support ICE, so it enables the endpoints to use its media relay. It does this by:
<ul>
<li>Sending a content-add request to the Jingle endpoint on behalf of the SIP endpoint, specifying a transport method of Raw UDP and a candidate whose IP address and port are hosted at the gateway.</li>
<li>Sending a content-remove request to the Jingle endpoint on behalf of the SIP endpoint, specifying a transport method of ICE-UDP.</li>
<li>Sending SIP INVITE to the SIP endpoint on behalf of the Jingle endpoint, speciying an IP address and port at the gateway.</li>
</ul>
</li>
</ol>
<p>The session flow is as follows.</p>
<code><![CDATA[
Romeo Gateway Juliet
| | |
| session-initiate | |
| (audio definition) | |
|------------------------>| |
| ack | |
|<------------------------| |
| content-add | |
| (Raw UDP) | |
|<------------------------| |
| ack | |
|------------------------>| |
| content-accept | |
|------------------------>| |
| ack | |
|<------------------------| SIP INVITE |
| |------------------------>|
| | 200 OK |
| |<------------------------|
| session-accept | |
|<------------------------| |
| ack | |
|------------------------>| |
| MEDIA SESSION |
|<=================================================>|
| | session-terminate |
| |<------------------------|
| session-terminate | |
|<------------------------| |
| ack | |
|------------------------>| ack |
| |------------------------>|
| | |
]]></code>
<p>The protocol flow is as follows, showing only the stanzas sent between Romeo and the gateway (acting on Juliet's behalf).</p>
<example caption="Initiator sends session-initiate"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='jingle1'
to='juliet@capulet.lit/balcony'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='session-initiate'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='voice'>
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='96' name='speex' clockrate='16000'/>
<payload-type id='97' name='speex' clockrate='8000'/>
<payload-type id='18' name='G729'/>
<payload-type id='103' name='L16' clockrate='16000' channels='2'/>
<payload-type id='98' name='x-ISAC' clockrate='8000'/>
</description>
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'/>
</content>
</jingle>
</iq>
]]></example>
<example caption="Responder acknowledges session-initiate"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='accept1'
to='romeo@montague.lit/orchard'
type='result'/>
]]></example>
<p>Immediately the gateway sends a content-add action to Romeo, specifying a transport of Raw UDP with a candidate whose IP address and port identify a media relay at the gateway.</p>
<example caption="Gateway sends content-add on behalf of responder"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='add1'
to='romeo@montague.lit/orchard'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='content-add'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<content creator='responder' name='voice2'>
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='18' name='G729'/>
</description>
<transport xmlns='urn:xmpp:jingle:transports:raw-udp:0'>
<candidate generation='0'
id='a9j3mnbtu1'
ip='10.1.1.104'
port='13540'/>
</transport>
</content>
</jingle>
</iq>
]]></example>
<p>Romeo then acknowledges the content-add action and immediately also sends a content-accept.</p>
<example caption="Initiator acknowledges content-add"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='add1'
to='juliet@capulet.lit/balcony'
type='result'/>
]]></example>
<example caption="Initiator accepts new content definition"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='accept1'
to='juliet@capulet.lit/balcony'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='content-accept'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<content creator='responder' name='voice2'>
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='18' name='G729'/>
</description>
<transport xmlns='urn:xmpp:jingle:transports:raw-udp:0'>
<candidate generation='0'
id='a9j3mnbtu1'
ip='10.1.1.104'
port='13540'/>
</transport>
</content>
</jingle>
</iq>
]]></example>
<p>The gateway then acknowledges the acceptance on behalf of Juliet.</p>
<example caption="Gateway acknowledges content-accept"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='accept1'
to='romeo@montague.lit/orchard'
type='result'/>
]]></example>
<p>Now the gateway removes the old content definition based on the ICE-UDP transport.</p>
<example caption="Gateway sends content-remove on behalf of responder"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='remove1'
to='romeo@montague.lit/orchard'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='content-add'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='voice2'>
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='96' name='speex' clockrate='16000'/>
<payload-type id='97' name='speex' clockrate='8000'/>
<payload-type id='18' name='G729'/>
<payload-type id='103' name='L16' clockrate='16000' channels='2'/>
<payload-type id='98' name='x-ISAC' clockrate='8000'/>
</description>
<transport xmlns='urn:xmpp:jingle:transports:ice-udp:0'/>
</content>
</jingle>
</iq>
]]></example>
<p>Romeo then acknowledges the content-replace action.</p>
<example caption="Initiator acknowledges content-add"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='add1'
to='juliet@capulet.lit/balcony'
type='result'/>
]]></example>
<p>Eventually, the responder sends a session-accept.</p>
<example caption="Responder sends session-accept"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='accept1'
to='romeo@montague.lit/orchard'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='session-accept'
initiator='romeo@montague.lit/orchard'
responder='juliet@capulet.lit/balcony'
sid='a73sjjvkla37jfea'>
<content creator='initiator' name='voice'>
<description xmlns='urn:xmpp:jingle:apps:rtp:0' media='audio'>
<payload-type id='18' name='G729'/>
</description>
<transport xmlns='urn:xmpp:jingle:transports:raw-udp:0'>
<candidate generation='0'
id='a9j3mnbtu1'
ip='10.1.1.104'
port='13540'/>
</transport>
</content>
</jingle>
</iq>
]]></example>
<example caption="Initiator acknowledges session-accept"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='accept1'
to='juliet@capulet.lit/balcony'
type='result'/>
]]></example>
<p>The endpoints now begin to exchange session media.</p>
<p>The endpoints can continue the session as long as desired.</p>
<p>Eventually, one of the endpoints terminates the session.</p>
<example caption="Responder terminates the session"><![CDATA[
<iq from='juliet@capulet.lit/balcony'
id='term1'
to='romeo@montague.lit/orchard'
type='set'>
<jingle xmlns='urn:xmpp:jingle:0'
action='session-terminate'
initiator='romeo@montague.lit/orchard'
sid='a73sjjvkla37jfea'>
<reason>
<no-error/>
<text>Sorry, gotta go!</text>
</reason>
</jingle>
</iq>
]]></example>
<p>The other party then acknowledges termination of the session:</p>
<example caption="Initiator acknowledges termination"><![CDATA[
<iq from='romeo@montague.lit/orchard'
id='term1'
to='juliet@capulet.lit/balcony'
type='result'/>
]]></example>
</section1>
<section1 topic='Determining Support' anchor='support'>
<section2 topic='ICE Support' anchor='support-ice'>
<p>If an entity supports the Jingle ice-udp transport, it MUST return a feature of "urn:xmpp:tmp:jingle:transports:ice-udp" &NSNOTE; in response to &xep0030; information requests.</p>
<p>If an entity supports the Jingle ice-udp transport, it MUST return a feature of "urn:xmpp:jingle:transports:ice-udp:0" &VNOTE; in response to &xep0030; information requests.</p>
<example caption="Service discovery information request"><![CDATA[
<iq from='romeo@montague.net/orchard'
id='disco1'
@ -828,12 +1080,12 @@ INITIATOR NAT RESPONDER
type='result'>
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:tmp:jingle:transports:ice-udp'/>
<feature var='urn:xmpp:jingle:transports:ice-udp:0'/>
...
</query>
</iq>
]]></example>
<p>Naturally, support MAY also be determined via the dynamic, presence-based profile of Service Discovery defined in &xep0115;.</p>
<p>In order for an application to determine whether an entity supports this protocol, where possible it SHOULD use the dynamic, presence-based profile of service discovery defined in &xep0115;. However, if an application has not received entity capabilities information from an entity, it SHOULD use explicit service discovery instead.</p>
</section2>
<section2 topic='SDP Offer / Answer Support' anchor='support-sdp'>
<p>If an entity supports the SDP offer / answer model described in <cite>RFC 3264</cite> and therefore prefers to receive multiple candidates in a single "transport-info" action, it MUST advertise support for the "urn:ietf:rfc:3264" service discovery feature. Typically this feature will be advertised only by gateways between Jingle and SIP.</p>
@ -853,7 +1105,7 @@ INITIATOR NAT RESPONDER
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:ietf:rfc:3264'/>
<feature var='urn:xmpp:tmp:jingle:transports:ice-udp'/>
<feature var='urn:xmpp:jingle:transports:ice-udp:0'/>
...
</query>
</iq>
@ -862,21 +1114,21 @@ INITIATOR NAT RESPONDER
</section1>
<section1 topic='Implementation Notes' anchor='impl'>
<p>In order to speed the negotiation process so that media can flow as quickly as possible, the initiatior should gather and prioritize candidates in advance, or as soon as the principal begins the process of initiating a session.</p>
<p>The protocol-level "session-accept" action is not to be confused with an interface-level acceptance of the session request. After receiving and acknowledging the "session-initiate" action received from the initiator, the responder's client should present an interface element that enables a human user to explicitly agree to proceeding with the session (e.g., an "Accept Incoming Call?" pop-up window including "Yes" and "No" buttons). However, the responder's client should not return a "session-accept" action to the initiator until the responder has explicitly agreed to proceed with the session (unless the initiator is on a list of entities whose sessions are automatically accepted).</p>
<p>In order to speed the negotiation process so that media can flow as quickly as possible, the initiator SHOULD gather and prioritize candidates in advance, or as soon as the principal begins the process of initiating a session.</p>
<p>The protocol-level "session-accept" action is not to be confused with an interface-level acceptance of the session request. After receiving and acknowledging the "session-initiate" action received from the initiator, the responder's client SHOULD present an interface element that enables a human user to explicitly agree to proceeding with the session (e.g., an "Accept Incoming Call?" pop-up window including "Yes" and "No" buttons). However, the responder's client SHOULD NOT return a "session-accept" action to the initiator until the responder has explicitly agreed to proceed with the session (unless the initiator is on a list of entities whose sessions are automatically accepted).</p>
</section1>
<section1 topic='Deployment Notes' anchor='deploy'>
<p>This specification applies exclusively to Jabber/XMPP clients and places no additional requirements on Jabber/XMPP servers. However, service administrators may wish to deploy a STUN server in order to ease the client-to-client negotiation process. See &xep0215; for related information.</p>
<p>This specification applies exclusively to Jabber/XMPP clients and places no additional requirements on Jabber/XMPP servers. However, service administrators might wish to deploy a STUN server in order to ease the client-to-client negotiation process. See &xep0215; for related information.</p>
</section1>
<section1 topic='Security Considerations' anchor='security'>
<section2 topic='Sharing IP Addresses' anchor='security-sharing'>
<p>By definition, the exchange of transport candidates results in exposure of the sender's IP addresses, which comprise a form of personally identifying information. A Jingle client MUST enable a user to control which entities will be allowed to receive such information. If a human user explicitly accepts a session request, then the client should consider that action to imply approval of IP address sharing. However, waiting for a human user to explicitly accept the session request can result in delays during session setup, since it is more efficient to immediately begin sharing transport candidates. Therefore, it is RECOMMENDED for the client to immediately send transport candidates to a contact (without waiting for explicit user approval of the session request) in the following cases:</p>
<p>By definition, the exchange of transport candidates results in exposure of the sender's IP addresses, which comprise a form of personally identifying information. A Jingle client MUST enable a user to control which entities will be allowed to receive such information. If a human user explicitly accepts a session request, then the client SHOULD consider that action to imply approval of IP address sharing. However, waiting for a human user to explicitly accept the session request can result in delays during session setup, since it is more efficient to immediately begin sharing transport candidates. Therefore, it is RECOMMENDED for the client to immediately send transport candidates to a contact (without waiting for explicit user approval of the session request) in the following cases:</p>
<ol>
<li>The user has permanently and formally authorized the contact to view the user's presence information via a presence subscription as reflected in an XMPP roster item (see &xmppim;).</li>
<li>The user has temporarily and dynamically shared presence with the contact via "directed presence" as described in <cite>RFC 3921</cite>.</li>
<li>The user has explicitly added the contact to a "whitelist" of entities who may access the user's personally-identifying information.</li>
<li>The user has explicitly added the contact to a "whitelist" of entities who are allowed to access the user's personally-identifying information.</li>
</ol>
</section2>
<section2 topic='Encryption of Media' anchor='security-media'>
@ -889,16 +1141,15 @@ INITIATOR NAT RESPONDER
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<section2 topic='Protocol Namespaces' anchor='ns'>
<p>Until this specification advances to a status of Draft, its associated namespaces shall be:</p>
<section2 topic='Protocol Namespaces' anchor='registrar-ns'>
<p>This specification defines the following XML namespace:</p>
<ul>
<li>urn:xmpp:tmp:jingle:transports:ice-udp</li>
</ul>
<p>Upon advancement of this specification, the &REGISTRAR; shall issue permanent namespaces in accordance with the process defined in Section 4 of &xep0053;.</p>
<p>The following namespaces are requested, and are thought to be unique per the XMPP Registrar's requirements:</p>
<ul>
<li>urn:xmpp:jingle:transport:ice-udp</li>
<li>urn:xmpp:jingle:transports:ice-udp:0</li>
</ul>
<p>Upon advancement of this specification from a status of Experimental to a status of Draft, the &REGISTRAR; shall add the foregoing namespaces to the registry located at &NAMESPACES;, as described in Section 4 of &xep0053;.</p>
</section2>
<section2 topic='Protocol Versioning' anchor='registrar-versioning'>
<p>If the protocol defined in this specification undergoes a major revision that is not fully backward-compatible with an older version, or that contains significant new features, the XMPP Registrar shall increment the protocol version number found at the end of the XML namespaces defined herein, as described in Section 4 of <cite>XEP-0053</cite>.</p>
</section2>
<section2 topic='Service Discovery Features' anchor='registrar-features'>
<p>If an entity supports the SDP offer / answer model described in <cite>RFC 3264</cite> and therefore prefers to receive one "transport-info" action with multiple candidates, it MUST advertise support for the "urn:ietf:rfc:3264" feature.</p>
@ -906,7 +1157,10 @@ INITIATOR NAT RESPONDER
<code caption='Registry Submission'><![CDATA[
<var>
<name>urn:ietf:rfc:3264</name>
<desc>Signals support for the SDP offer / answer model described in RFC 3264</desc>
<desc>
Signals support for the SDP offer / answer model
described in RFC 3264
</desc>
<doc>XEP-0176</doc>
</var>
]]></code>
@ -917,9 +1171,10 @@ INITIATOR NAT RESPONDER
<transport>
<name>ice-udp</name>
<desc>
A method for negotiation of out-of-band UDP connections with built-in NAT
and firewall traversal, equivalent to the IETF's Interactive Connectivity
Establishment (ICE) methodology when resulting in the use of UDP as the
A method for negotiation of out-of-band UDP connections
with built-in NAT and firewall traversal, equivalent to
the IETF's Interactive Connectivity Establishment (ICE)
methodology when resulting in the use of UDP as the
transport protocol.
</desc>
<type>lossy</type>
@ -935,8 +1190,8 @@ INITIATOR NAT RESPONDER
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:xmpp:tmp:jingle:transports:ice-udp'
xmlns='urn:xmpp:tmp:jingle:transports:ice-udp'
targetNamespace='urn:xmpp:jingle:transports:ice-udp:0'
xmlns='urn:xmpp:jingle:transports:ice-udp:0'
elementFormDefault='qualified'>
<xs:element name='transport'>
@ -958,6 +1213,7 @@ INITIATOR NAT RESPONDER
<xs:attribute name='component' type='xs:unsignedByte' use='required'/>
<xs:attribute name='foundation' type='xs:unsignedByte' use='required'/>
<xs:attribute name='generation' type='xs:unsignedByte' use='required'/>
<xs:attribute name='id' type='xs:NCName' use='required'/>
<xs:attribute name='ip' type='xs:string' use='required'/>
<xs:attribute name='network' type='xs:unsignedByte' use='required'/>
<xs:attribute name='port' type='xs:unsignedShort' use='required'/>