%ents; ICE-11"> ]>
Jingle ICE Transport This document defines a Jingle transport method that results in sending data between two entities using Interactive Connectivity Establishment (ICE) methodology. &LEGALNOTICE; 0176 Experimental Standards Track Standards JIG Council XMPP Core XEP-0166 ice &stpeter; &joebeda; &scottlu; &hildjj; &seanegan; 0.4 2006-09-13 psa

Updated to track ICE-10; added section on service discovery.

0.3 2006-07-12 se/psa

Specified that DTMF must use in-band signalling (XEP-0181).

0.2 2006-03-24 psa

Recommended use of RTP-native methods for DTMF.

0.1 2006-03-01 psa/jb Initial version (split from XEP-0166).

&xep0166; defines a framework for negotiating and managing out-of-band data sessions over XMPP. In order to provide a flexible framework, the base Jingle specification defines neither data transport methods nor content (session) types, leaving that up to separate specifications. The current document defines a transport method for establishing and managing data connections between XMPP entities, using the &ice; methodology currently being developed within the IETF.

The process for ICE negotiation is largely the same in Jingle as it is in draft-ietf-mmusic-ice. There are several differences:

Note: This document depends on the IETF's Interactive Connectivity Establishment (ICE) specification, which is a work in progress. Every effort has been made to keep this document synchronized with draft-ietf-mmusic-ice, for which the latest published version is 11 (hereafter referred to as "&ice11;"). The interested reader is referred to the &ice11; for a detailed description of the ICE methodology, which for the most part this document merely maps to XMPP syntax.

Note: This document still needs to be updated to track the changes between ICE-10 and ICE-11. That work will be completed as soon as possible.

The Jingle transport method defined herein is designed to meet the following requirements:

  1. Make it possible to establish and manage out-of-band connections between two XMPP entities, even if they are behind Network Address Translators (NATs) or firewalls.
  2. Make it relatively easy to implement support in standard Jabber/XMPP clients.
  3. Where communication with non-XMPP entities is needed, push as much complexity as possible onto server-side gateways between the XMPP network and the non-XMPP network.

The reader is referred to draft-ietf-mmusic-ice for a description of various terms used in the context of ICE. Those terms are not reproduced here.

In order for the initiator in a Jingle exchange to start the negotiation, it MUST send a Jingle "session-initiate" stanza as described in XEP-0166. This stanza MUST include at least one transport method. If the initiator wishes to negotiate the ICE transport, it MUST include an empty &TRANSPORT; child element qualified by the 'http://jabber.org/protocol/jingle/transport/ice' namespace.

... ... ]]>

As described in XEP-0166, to provisionally accept the session initiation request, the responder returns an IQ-result:

]]>

If the responder provisionally accepts the session initiation request as shown above, both initiator and responder MUST immediately negotiate connectivity over the ICE transport by exchanging XML-formatted candidate transports for the channel. This negotiation proceeds immediately in order to maximize the possibility that media can be exchanged as quickly as possible. Concurrent with negotiation of the ICE candidates, it is possible for the initiator and responder to negotiate which content types the session will include, which transport methods will be tried for each content type, etc. Those negotiation flows are shown in XEP-0166. This document specifies only negotiation of the ICE transport method.

The candidate syntax and negotiation flow are described below.

The following is an example of the candidate format:

]]>

The attributes of the <candidate/> element are described in the following table:

Name Description SDP Syntax Example
component A Component ID as defined in &ice11; Component ID value in a=candidate line 1
foundation A Foundation as defined in &ice11; Foundation value in a=candidate line 1
generation An index, starting at 0, that enables the parties to keep track of updates to the candidate throughout the life of the session N/A 0
ip The Internet Protocol (IP) address for the candidate transport mechanism; this may be either an IPv4 address or an IPv6 address IP Address value in a=candidate line 10.0.1.1
network An index, starting at 0, referencing which network this candidate is on for a given peer (used for diagnostic purposes if the calling hardware has more than one Network Interface Card or NIC) N/A 0
port The port at the candidate IP address Port value in a=candidate line 8998
priority A Priority as defined in &ice11; Priority value in a=candidate line 9909
protocol The protocol to be used; allowable values are: "udp" (when standard &ice11; is used); "tcp", "tcp-act", and "tcp-pass" (when &ice-tcp; is used); and "ssltcp" (definition to follow) a=ice-ufrag line udp
pwd A Password as defined in &ice11; a=ice-pwd line asd88fgpdd777uzjYhagZg
type A Candidate Type as defined in &ice11;; the allowable values are "host" for host candidates, "srflx" for server reflexive candidates, "prflx" for peer reflexive candidates, and "relay" for relayed candidates Typ field in a=candidate line srflx
ufrag A User Fragment as defined in &ice11; a=ice-ufrag line 8hhy

The first step in negotiating connectivity is for each client to immediately begin sending candidate transport methods to the other client. These candidates SHOULD be gathered by following the procedure specified in Section 4.1 of &ice11; and prioritized by following the procedure specified in Section 4.2 of &ice11;. Each candidate MUST be sent in a &JINGLE; element with an action of "transport-info".

If the responder receives and can successfully process a given candidate, it returns an IQ-result (if not, for example because the candidate data is improperly formatted, it returns an error).

Note well that the responder is only indicating receipt of the candidate, not telling the initiator that the candidate will be used.

The initiator keeps sending candidates, one after the other (without stopping to receive an acknowledgement of receipt from the responder for each candidate) until it has exhausted its supply of possible or desirable candidate transports. (Because certain candidates may be more "expensive" in terms of bandwidth or processing power, the initiator may not want to advertise their existence unless necessary.) For each candidate, the responder acknowledges receipt.

At the same time (i.e., immediately after provisionally accepting the session, not waiting for the initiator to begin or finish sending candidates), the responder also begins sending candidates that may work for it. As above, the initiator acknowledges receipt of the candidates.

As the initiator and responder receive candidates, they probe the various candidate transports for connectivity. In performing these connectivity checks, client SHOULD follow the procedure specified in Section 7 of &ice11;.

]]> ]]> ]]>

For each candidate received, the other party MUST acknowledge receipt or return an error:

]]>

If, based on STUN connectivity checks, the responder determines that it will be able to establish a connection using a given candidate, it sends a &JINGLE; element with an action of 'transport-accept' to the initiator, specifying the candidate that succeeded:

]]>

The &JINGLE; element in the transport-accept stanza SHOULD possess a 'responder' attribute that explicitly specifies the full JID of the responding entity. If provided, all future commmunications SHOULD be sent to the JID provided in the 'responder' attribute.

If the initiator can also send data over that candidate, then it acknowledges the responder's acceptance:

]]>

Now the initiator and responder can begin sending data over the negotiated connection.

If a candidate succeeeded for the responder but the initiator cannot send data over that candidate, it MUST return a ¬acceptable; error in response to the responder's acceptance of the successful candidate:

]]>

If the responder cannot find a suitable candidate transport or it receives a ¬acceptable; errror from the initiator in response to its acceptance of a suitable transport, it SHOULD terminate the session as described below.

In order to gracefully end the session, either the responder or the initiator MUST a send a "terminate" action to the other party:

]]>

The initiator then acknowledges termination of the session:

]]>

Unfortunately, not all sessions end gracefully. The following events MUST be considered session-ending events, and any further communication for the session type MUST be completed through negotiation of a new session:

  • Receipt of a 'redirect' or 'terminate' action from the other party.
  • Receipt of &UNAVAILABLE; from the other party.

In particular, one party MUST consider the session to be in the ENDED state if it receives presence of type "unavailable" from the other party:

]]>

Naturally, in this case there is nothing for the initiator to acknowledge.

If an entity supports this specification, it MUST return a feature of "http://jabber.org/protocol/jingle/transport/ice" in response to &xep0030; information requests.

As mentioned in the Deployment Notes of this document, server administrators may wish to deploy STUN servers in order to ease the process of negotiating use of the Jingle ICE transport. If a STUN server is accessible via XMPP, it SHOULD be advertised by returning an appropriate item in response to service discovery item requests sent to the address of an XMPP server:

]]>

A subsequent service discovery information request to the STUN server MUST result in a response indicating that the STUN server has a service discovery category of "proxy" and type of "stun":

]]>

Because the XMPP interaction is necessary only in order to discover the identity of the STUN server, only support for the "http://jabber.org/protocol/disco#info" feature is RECOMMEND.

It is OPTIONAL for a STUN server to support XMPP, and STUN servers may be configured into an XMPP client via other means (e.g., user configuration or default settings). Client developers SHOULD NOT depend on the existence of XMPP-aware STUN servers.

If it is necessary to send Dual Tone Multi-Frequency (DTMF) tones, it is REQUIRED to use the XML format specified &xep0181;.

This specification applies exclusively to Jabber/XMPP clients and places no additional requirements on Jabber/XMPP servers. However, service administrators may wish to deploy a STUN server in order to ease the client-to-client negotiation process.

In order to secure the end-to-end data stream, implementations SHOULD use encryption methods appropriate to the transport method in use.

This document requires no interaction with &IANA;.

The ®ISTRAR; shall include 'http://jabber.org/protocol/jingle/transport/ice' in its registry of protocol namespaces.

The XMPP Registrar shall include "http://jabber.org/protocol/jingle/transport/ice" in its registry of Jingle transport methods. The registry submission is as follows:

®PROCESS; ice A method for negotiation of out-of-band connections with built-in NAT and firewall traversal, similar to the IETF's Interactive Connectivity Establishment (ICE) methodology. XEP-0176 ]]>

The XMPP Registrar shall include a Service Discovery type of "stun" within the "proxy" category.

The registry submission is as follows:

proxy stun a STUN (Simple Traversal of UDP Through NATs) service per RFC 3489 XEP-0176 ]]>
]]>