| rfc8833v2.txt | rfc8833.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) M. Thomson | Internet Engineering Task Force (IETF) M. Thomson | |||
| Request for Comments: 8833 Mozilla | Request for Comments: 8833 Mozilla | |||
| Category: Standards Track May 2020 | Category: Standards Track January 2021 | |||
| ISSN: 2070-1721 | ISSN: 2070-1721 | |||
| Application-Layer Protocol Negotiation (ALPN) for WebRTC | Application-Layer Protocol Negotiation (ALPN) for WebRTC | |||
| Abstract | Abstract | |||
| This document specifies two Application-Layer Protocol Negotiation | This document specifies two Application-Layer Protocol Negotiation | |||
| (ALPN) labels for use with Web Real-Time Communication (WebRTC). The | (ALPN) labels for use with Web Real-Time Communication (WebRTC). The | |||
| "webrtc" label identifies regular WebRTC: a DTLS session that is used | "webrtc" label identifies regular WebRTC: a DTLS session that is used | |||
| to establish keys for the Secure Real-time Transport Protocol (SRTP) | to establish keys for the Secure Real-time Transport Protocol (SRTP) | |||
| skipping to change at line 36 ¶ | skipping to change at line 36 ¶ | |||
| received public review and has been approved for publication by the | received public review and has been approved for publication by the | |||
| Internet Engineering Steering Group (IESG). Further information on | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 7841. | Internet Standards is available in Section 2 of RFC 7841. | |||
| Information about the current status of this document, any errata, | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | and how to provide feedback on it may be obtained at | |||
| https://www.rfc-editor.org/info/rfc8833. | https://www.rfc-editor.org/info/rfc8833. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at line 150 ¶ | skipping to change at line 150 ¶ | |||
| application to manage signaling for a session without having access | application to manage signaling for a session without having access | |||
| to the media that is exchanged in the session. | to the media that is exchanged in the session. | |||
| Without some form of indication that is securely bound to the | Without some form of indication that is securely bound to the | |||
| session, a WebRTC endpoint is unable to properly distinguish between | session, a WebRTC endpoint is unable to properly distinguish between | |||
| a session that requires this confidentiality protection and one that | a session that requires this confidentiality protection and one that | |||
| does not. The ALPN identifier provides that signal. | does not. The ALPN identifier provides that signal. | |||
| A browser is required to enforce this confidentiality protection | A browser is required to enforce this confidentiality protection | |||
| using isolation controls similar to those used in content cross- | using isolation controls similar to those used in content cross- | |||
| origin protections (see Section 5.3 of [HTML5]). These protections | origin protections (see the "Origin" section of [HTML5]). These | |||
| ensure that media is protected from applications, which are not able | protections ensure that media is protected from applications, which | |||
| to read or modify the contents of a protected flow of media. Media | are not able to read or modify the contents of a protected flow of | |||
| that is produced from a session using the "c-webrtc" identifier MUST | media. Media that is produced from a session using the "c-webrtc" | |||
| only be displayed to users. | identifier MUST only be displayed to users. | |||
| The promise to apply confidentiality protections do not apply to data | The promise to apply confidentiality protections do not apply to data | |||
| that is sent using data channels. Confidential data depends on | that is sent using data channels. Confidential data depends on | |||
| having both data sources and consumers that are exclusively browser | having both data sources and consumers that are exclusively browser | |||
| or user based. No mechanisms currently exist to take advantage of | or user based. No mechanisms currently exist to take advantage of | |||
| data confidentiality, though some use cases suggest that this could | data confidentiality, though some use cases suggest that this could | |||
| be useful, for example, confidential peer-to-peer file transfer. | be useful, for example, confidential peer-to-peer file transfer. | |||
| Alternative labels might be provided in the future to support these | Alternative labels might be provided in the future to support these | |||
| use cases. | use cases. | |||
| skipping to change at line 269 ¶ | skipping to change at line 269 ¶ | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | |||
| "Transport Layer Security (TLS) Application-Layer Protocol | "Transport Layer Security (TLS) Application-Layer Protocol | |||
| Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | |||
| July 2014, <https://www.rfc-editor.org/info/rfc7301>. | July 2014, <https://www.rfc-editor.org/info/rfc7301>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8827] Rescorla, E., "WebRTC Security Architecture", RFC 8827, | [RFC8827] Rescorla, E., "WebRTC Security Architecture", RFC 8827, | |||
| DOI 10.17487/RFC8827, May 2020, | DOI 10.17487/RFC8827, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8827>. | <https://www.rfc-editor.org/info/rfc8827>. | |||
| [RFC8831] Jesup, R., Loreto, S., and M. Tüxen, "WebRTC Data | [RFC8831] Jesup, R., Loreto, S., and M. Tüxen, "WebRTC Data | |||
| Channels", RFC 8831, DOI 10.17487/RFC8831, May 2020, | Channels", RFC 8831, DOI 10.17487/RFC8831, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8831>. | <https://www.rfc-editor.org/info/rfc8831>. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [HTML5] Berjon, R., Leithead, T., Doyle Navara, E., O'Connor, E., | [HTML5] WHATWG, "HTML - Living Standard", Section 7.5, January | |||
| and S. Pfeiffer, "HTML 5", W3C Candidate Recommendation | 2021, <https://html.spec.whatwg.org/#origin>. | |||
| CR-html5-20121217, August 2010, | ||||
| <http://www.w3.org/TR/2012/CR-html5-20121217/>. | ||||
| [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", | [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", | |||
| RFC 4960, DOI 10.17487/RFC4960, September 2007, | RFC 4960, DOI 10.17487/RFC4960, September 2007, | |||
| <https://www.rfc-editor.org/info/rfc4960>. | <https://www.rfc-editor.org/info/rfc4960>. | |||
| [RFC8445] Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive | [RFC8445] Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive | |||
| Connectivity Establishment (ICE): A Protocol for Network | Connectivity Establishment (ICE): A Protocol for Network | |||
| Address Translator (NAT) Traversal", RFC 8445, | Address Translator (NAT) Traversal", RFC 8445, | |||
| DOI 10.17487/RFC8445, July 2018, | DOI 10.17487/RFC8445, July 2018, | |||
| <https://www.rfc-editor.org/info/rfc8445>. | <https://www.rfc-editor.org/info/rfc8445>. | |||
| [RFC8825] Alvestrand, H., "Overview: Real-Time Protocols for | [RFC8825] Alvestrand, H., "Overview: Real-Time Protocols for | |||
| Browser-Based Applications", RFC 8825, | Browser-Based Applications", RFC 8825, | |||
| DOI 10.17487/RFC8825, May 2020, | DOI 10.17487/RFC8825, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8825>. | <https://www.rfc-editor.org/info/rfc8825>. | |||
| [RFC8835] Alvestrand, H., "Transports for WebRTC", RFC 8835, | [RFC8835] Alvestrand, H., "Transports for WebRTC", RFC 8835, | |||
| DOI 10.17487/RFC8835, May 2020, | DOI 10.17487/RFC8835, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8835>. | <https://www.rfc-editor.org/info/rfc8835>. | |||
| Author's Address | Author's Address | |||
| Martin Thomson | Martin Thomson | |||
| Mozilla | Mozilla | |||
| Email: martin.thomson@gmail.com | Email: martin.thomson@gmail.com | |||
| End of changes. 8 change blocks. | ||||
| 15 lines changed or deleted | 13 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||