rfc8839xml2.original.xml   rfc8839.xml 
<?xml version="1.0" encoding="US-ASCII"?> <?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd"> <!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent">
<?rfc toc='yes' ?>
<rfc category="std" docName="draft-ietf-mmusic-ice-sip-sdp-39" ipr="pre5378Trust <rfc xmlns:xi="http://www.w3.org/2001/XInclude"
200902" obsoletes="5245"> number="8839"
obsoletes="5245, 6336"
updates=""
category="std"
consensus="true"
docName="draft-ietf-mmusic-ice-sip-sdp-39"
ipr="pre5378Trust200902"
submissionType="IETF"
xml:lang="en"
tocInclude="true"
symRefs="true"
sortRefs="true"
version="3">
<!-- xml2rfc v2v3 conversion 2.30.0 -->
<front> <front>
<title abbrev="ICE SDP Usage">Session Description Protocol (SDP) Offer/Answe <title abbrev="ICE SDP Usage">Session Description Protocol (SDP) Offer/Answe
r procedures for Interactive Connectivity Establishment (ICE)</title> r Procedures for Interactive Connectivity Establishment (ICE)</title>
<author surname="Petit-Huguenin" initials="M.P." fullname="Marc Petit-Huguen <seriesInfo name="RFC" value="8839"/>
in"> <author surname="Petit-Huguenin" initials="M." fullname="Marc Petit-Huguenin
">
<organization>Impedance Mismatch</organization> <organization>Impedance Mismatch</organization>
<address> <address>
<email>marc@petit-huguenin.org</email> <email>marc@petit-huguenin.org</email>
</address> </address>
</author> </author>
<author surname="Nandakumar" initials="S.N." fullname="Suhas Nandakumar"> <author surname="Nandakumar" initials="S." fullname="Suhas Nandakumar">
<organization>Cisco Systems</organization> <organization>Cisco Systems</organization>
<address> <address>
<postal> <postal>
<street>707 Tasman Dr</street> <street>707 Tasman Dr</street>
<city>Milpitas</city> <city>Milpitas</city>
<region>CA</region> <region>CA</region>
<code>95035</code> <code>95035</code>
<country>USA</country> <country>United States of America</country>
</postal> </postal>
<email>snandaku@cisco.com</email> <email>snandaku@cisco.com</email>
</address> </address>
</author> </author>
<author fullname="Christer Holmberg" initials="C.H." surname="Holmberg"> <author fullname="Christer Holmberg" initials="C." surname="Holmberg">
<organization abbrev="Ericsson">Ericsson</organization> <organization abbrev="Ericsson">Ericsson</organization>
<address> <address>
<postal> <postal>
<street>Hirsalantie 11</street> <street>Hirsalantie 11</street>
<city>Jorvas</city> <city>Jorvas</city>
<region/> <region/>
<code>02420</code> <code>02420</code>
<country>Finland</country> <country>Finland</country>
</postal> </postal>
<email>christer.holmberg@ericsson.com</email> <email>christer.holmberg@ericsson.com</email>
</address> </address>
</author> </author>
<author surname="Keranen" initials="A.K." fullname="Ari Keranen">
<author surname="Keränen" initials="A." fullname="Ari Keränen">
<organization>Ericsson</organization> <organization>Ericsson</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Jorvas</city> <city>Jorvas</city>
<code>02420</code> <code>02420</code>
<country>Finland</country> <country>Finland</country>
</postal> </postal>
<email>ari.keranen@ericsson.com</email> <email>ari.keranen@ericsson.com</email>
</address> </address>
</author> </author>
<author fullname="Roman Shpount" initials="R.S." surname="Shpount"> <author fullname="Roman Shpount" initials="R." surname="Shpount">
<organization abbrev="TurboBridge">TurboBridge</organization> <organization abbrev="TurboBridge">TurboBridge</organization>
<address> <address>
<postal> <postal>
<street>4905 Del Ray Avenue, Suite 300</street> <street>4905 Del Ray Avenue, Suite 300</street>
<city>Bethesda</city> <city>Bethesda</city>
<region>MD</region> <region>MD</region>
<code>20814</code> <code>20814</code>
<country>USA</country> <country>United States of America</country>
</postal> </postal>
<phone>+1 (240) 292-6632</phone>
<email>rshpount@turbobridge.com</email> <email>rshpount@turbobridge.com</email>
</address> </address>
</author> </author>
<date day="13" month="August" year="2019"/> <date month="January" year="2021"/>
<area>RAI</area> <area>ART</area>
<workgroup>MMUSIC</workgroup> <workgroup>MMUSIC</workgroup>
<keyword>SIP</keyword>
<keyword>Session Initial Protocol</keyword>
<abstract> <abstract>
<t> <t>
This document describes Session Description Protocol (SDP) Offer/Answer procedur This document describes Session Description Protocol (SDP) Offer/Answer
es procedures for carrying out Interactive Connectivity Establishment (ICE)
for carrying out Interactive Connectivity Establishment (ICE) between the agents between the agents.
.
</t> </t>
<t> <t>
This document obsoletes RFC 5245. This document obsoletes RFCs 5245 and 6336.
</t> </t>
</abstract> </abstract>
</front> </front>
<middle> <middle>
<section anchor="intro" title="Introduction"> <section anchor="intro" numbered="true" toc="default">
<name>Introduction</name>
<t> <t>
This document describes how Interactive Connectivity Establishment (ICE) is used This document describes how Interactive Connectivity Establishment (ICE) is
with Session Description Protocol (SDP) offer/answer <xref target="RFC3264"/>. T used with Session Description Protocol (SDP) offer/answer <xref
he ICE specification target="RFC3264" format="default"/>. The ICE specification <xref
<xref target="RFC8445"/> describes procedures that are common to all usages of I target="RFC8445" format="default"/> describes procedures that are common to
CE and this document all usages of ICE, and this document gives the additional details needed to
gives the additional details needed to use ICE with SDP offer/answer. use ICE with SDP offer/answer.
</t> </t>
<t>This document obsoletes RFC 5245. </t>
<t hangText="Note:"> <t>This document obsoletes RFCs 5245 and 6336. </t>
NOTE: Previously both the common ICE procedures, and the SDP offer/answer specif <t>
ic details, were described in<xref target="RFC5245"/>. <xref target="RFC8445"/> NOTE: Previously both the common ICE procedures, and the SDP offer/answer
obsoleted <xref target="RFC5245"/>, and the SDP offer/answer specific details we specific details, were described in <xref target="RFC5245"
re removed from the document. <xref target="sec.5245"/> describes the changes to format="default"/>. <xref target="RFC8445" format="default"/> obsoleted <xref
the SDP offer/answer specific details specified in this document. target="RFC5245" format="default"/>, and the SDP offer/answer-specific details
were removed from the document. <xref target="sec.5245" format="default"/>
describes the changes to the SDP offer/answer-specific details specified in
this document.
</t> </t>
</section> </section>
<section title="Conventions"> <section numbered="true" toc="default">
<name>Conventions</name>
<t> <t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
"MAY", and "OPTIONAL" in this document are to be interpreted as NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
described in BCP 14 <xref target="RFC2119"></xref> <xref target="RFC8174 "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"></xref> "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are
when, and only when, they appear in all capitals, as shown here. to be interpreted as described in BCP&nbsp;14 <xref target="RFC2119"/>
<xref target="RFC8174"/> when, and only when, they appear in all capitals,
as shown here.
</t> </t>
</section> </section>
<section title="Terminology"> <section numbered="true" toc="default">
<name>Terminology</name>
<t> <t>
Readers should be familiar with the terminology defined in <xref target="RFC3264 Readers should be familiar with the terminology defined in <xref
"/>, target="RFC3264" format="default"/>, in <xref target="RFC8445"
in <xref target="RFC8445"/> and the following: format="default"/>, and the following:
</t> </t>
<t>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Default Destination/Candidate:"> <dt>Default Destination/Candidate:</dt>
<dd>
The default destination for a component of a data stream is the transport The default destination for a component of a data stream is the transport
address that would be used by an agent that is not ICE aware. A default address that would be used by an agent that is not ICE aware. A default
candidate for a component is one whose transport address matches the default candidate for a component is one whose transport address matches the default
destination for that component. For the RTP component, the default connection ad destination for that component. For the RTP component, the default connection
dress address is in the "c=" line of the SDP, and the port and transport protocol
is in the "c=" line of the SDP, and the port and transport protocol are in are in the "m=" line. For the RTP Control Protocol (RTCP) component, the
the "m=" line. For the RTCP component, the address and port are indicated address and port are indicated using the "rtcp" attribute defined in <xref
using the "a=rtcp" attribute defined in <xref target="RFC3605"/>, if present; ot target="RFC3605" format="default"/>, if present; otherwise, the RTCP component
herwise, address is the same as the address of the RTP component, and its port is one
the RTCP component address is the same as the address of the RTP component, and greater than the port of the RTP component.
its port is one greater than the port of the RTP component. </dd>
</t> </dl>
</list>
</t>
</section> </section>
<section title="SDP Offer/Answer Procedures"> <section numbered="true" toc="default">
<section title="Introduction"> <name>SDP Offer/Answer Procedures</name>
<t><xref target="RFC8445"/> defines ICE candidate exchange as the proces <section numbered="true" toc="default">
s for ICE <name>Introduction</name>
agents (Initiator and Responder) to exchange their candidate information <t><xref target="RFC8445" format="default"/> defines ICE candidate
required for ICE processing at the agents. For the purposes of this exchange as the process for ICE agents (initiator and responder) to
specification, the candidate exchange process corresponds to the <xref target="R exchange their candidate information required for ICE processing at
FC3264"/> the agents. For the purposes of this specification, the candidate
Offer/Answer protocol and the terms "offerer" and "answerer" correspond exchange process corresponds to the Offer/Answer protocol <xref
to the initiator and responder roles from <xref target="RFC8445"/> respectively. target="RFC3264" format="default"/>, and the terms "offerer" and
"answerer" correspond to the initiator and responder roles from <xref
target="RFC8445" format="default"/> respectively.
</t> </t>
<t> <t>
Once the initiating agent has gathered, pruned, and prioritized its Once the initiating agent has gathered, pruned, and prioritized its set of
set of candidates <xref target="RFC8445"/>, the candidate exchange with the peer candidates <xref target="RFC8445" format="default"/>, the candidate exchange
agent begins. with the peer agent begins.
</t> </t>
</section> </section>
<section title="Generic Procedures"> <section numbered="true" toc="default">
<section anchor="sec-encoding" title="Encoding"> <name>Generic Procedures</name>
<t><xref target="sec-grammar"/> provides detailed rules for constructi <section anchor="sec-encoding" numbered="true" toc="default">
ng various SDP <name>Encoding</name>
attributes defined in this specification. <t><xref target="sec-grammar" format="default"/> provides detailed
rules for constructing various SDP attributes defined in this
specification.
</t> </t>
<section title="Data Streams"> <section numbered="true" toc="default">
<name>Data Streams</name>
<t> <t>
Each data stream <xref target="RFC8445"/> is represented by an SDP media descrip Each data stream <xref target="RFC8445" format="default"/> is represented by
tion ("m=" section). an SDP media description ("m=" section).
</t> </t>
</section> </section>
<section title="Candidates"> <section numbered="true" toc="default">
<name>Candidates</name>
<t> <t>
Within an "m=" section, each candidate (including the default candidate) associa ted Within an "m=" section, each candidate (including the default candidate) associa ted
with the data stream is represented by an SDP candidate attribute. with the data stream is represented by an SDP "candidate" attribute.
</t> </t>
<t> <t>
Prior to nomination, the "c=" line associated with an "m=" section contains Prior to nomination, the "c=" line associated with an "m=" section contains
the connection address of the default candidate, while the "m=" line contains th e port the connection address of the default candidate, while the "m=" line contains th e port
and transport protocol of the default candidate for that "m=" section. and transport protocol of the default candidate for that "m=" section.
</t> </t>
<t> <t>
After nomination, the "c=" line for a given "m=" section contains the After nomination, the "c=" line for a given "m=" section contains the
connection address of the nominated candidate (the local candidate of the connection address of the nominated candidate (the local candidate of the
nominated candidate pair) and the "m=" line contains the port and nominated candidate pair), and the "m=" line contains the port and
transport protocol corresponding to the nominated candidate for that transport protocol corresponding to the nominated candidate for that
"m=" section. "m=" section.
</t> </t>
</section> </section>
<section title="Username and Password"> <section numbered="true" toc="default">
<name>Username and Password</name>
<t> <t>
The ICE username is represented by an SDP ice-ufrag attribute and the ICE The ICE username is represented by an SDP "ice-ufrag" attribute, and the ICE
password is represented by an SDP ice-pwd attribute. password is represented by an SDP "ice-pwd" attribute.
</t> </t>
</section> </section>
<section title="Lite Implementations"> <section numbered="true" toc="default">
<name>Lite Implementations</name>
<t> <t>
An ICE lite implementation <xref target="RFC8445"/> MUST include an SDP ice-lite An ICE-lite implementation <xref target="RFC8445" format="default"/> <bcp14>MUST
attribute. </bcp14> include an SDP "ice-lite" attribute.
A full implementation MUST NOT include that attribute. A full implementation <bcp14>MUST NOT</bcp14> include that attribute.
</t> </t>
</section> </section>
<section title="ICE Extensions"> <section numbered="true" toc="default">
<name>ICE Extensions</name>
<t> <t>
An agent uses the SDP ice-options attribute to indicate support of ICE An agent uses the SDP "ice-options" attribute to indicate support of ICE
extensions. extensions.
</t> </t>
<t> <t>
An agent compliant to this specification MUST include an SDP ice-options An agent compliant with this specification <bcp14>MUST</bcp14> include an SDP "i
attribute with an "ice2" attribute value <xref target="RFC8445"/>. If an agent r ce-options"
eceives an SDP offer attribute with an "ice2" attribute value <xref target="RFC8445" format="default"
or answer that indicates ICE support, but that does not contain an SDP ice-optio />. If an agent receives an SDP offer
ns attribute with an "ice2" attribute value, or answer that indicates ICE support, but that does not contain an SDP "ice-opti
the agent can assume that the peer is compliant to <xref target="RFC5245"/>. ons" attribute with an "ice2" attribute value,
the agent can assume that the peer is compliant to <xref target="RFC5245" format
="default"/>.
</t> </t>
</section> </section>
<section title="Inactive and Disabled Data Streams"> <section numbered="true" toc="default">
<name>Inactive and Disabled Data Streams</name>
<t> <t>
If an "m=" section is marked as inactive <xref target="RFC4566"/>, or has a band If an "m=" section is marked as inactive <xref target="RFC4566" format="default"
width />, or has a bandwidth
value of zero <xref target="RFC4566"/>, the agent MUST still include ICE-related value of zero <xref target="RFC4566" format="default"/>, the agent <bcp14>MUST</
SDP bcp14> still include ICE-related SDP
attributes. attributes.
</t> </t>
<t> <t>
If the port value associated with an "m=" section is set to zero (implying a If the port value associated with an "m=" section is set to zero (implying a
disabled stream) as defined in section 8.2 of <xref target="RFC3264"/>, the agen disabled stream) as defined in <xref target="RFC3264" sectionFormat="of" section
t SHOULD NOT ="8.2" format="default"/>, the agent <bcp14>SHOULD NOT</bcp14>
include ICE-related SDP candidate attributes in that "m=" section, unless an include ICE-related SDP "candidate" attributes in that "m=" section, unless an
SDP extension specifying otherwise is used. SDP extension specifying otherwise is used.
</t> </t>
</section> </section>
</section> </section>
<section title="RTP/RTCP Considerations"> <section numbered="true" toc="default">
<name>RTP/RTCP Considerations</name>
<t> <t>
If an agent utilizes both RTP and RTCP, and separate ports If an agent utilizes both RTP and RTCP, and separate ports
are used for RTP and RTCP, the agent MUST include SDP candidate are used for RTP and RTCP, the agent <bcp14>MUST</bcp14> include SDP "candidate"
attributes for both the RTP and RTCP components. attributes for both the RTP and RTCP components.
</t> </t>
<t> <t>
The agent includes an SDP rtcp attribute following the procedures The agent includes an SDP "rtcp" attribute following the procedures
in <xref target="RFC3605"/>. Hence, in the cases where the RTCP in <xref target="RFC3605" format="default"/>. Hence, in the cases where the RTCP
port value is one higher than the RTP port value and the RTCP component port value is one higher than the RTP port value and the RTCP component
address the same as the address of the RTP component, the SDP rtcp attribute address the same as the address of the RTP component, the SDP "rtcp" attribute
might be omitted. might be omitted.
</t> </t>
<t> <t>
NOTE: <xref target="RFC5245"/> required that an agent always includes the NOTE: <xref target="RFC5245" format="default"/> required that an agent always in
SDP rtcp attribute, even if the RTCP port value was one higher than the cludes the
RTP port value. This specification aligns the rtcp attribute procedures SDP "rtcp" attribute, even if the RTCP port value was one higher than the
with <xref target="RFC3605"/>. RTP port value. This specification aligns the "rtcp" attribute procedures
with <xref target="RFC3605" format="default"/>.
</t> </t>
<t> <t>
If the agent does not utilize RTCP, it indicates that by including b=RS:0 If the agent does not utilize RTCP, it indicates that by including "RS:0"
and b=RR:0 SDP attributes, as described in <xref target="RFC3556"/>. and "RR:0" SDP attributes as described in <xref target="RFC3556" format="default
"/>.
</t> </t>
</section> </section>
<section title="Determining Role"> <section numbered="true" toc="default">
<name>Determining Role</name>
<t> <t>
The offerer acts as the Initiating agent. The answerer acts as the The offerer acts as the initiating agent. The answerer acts as the
Responding agent. The ICE roles (controlling and controlled) are determined responding agent. The ICE roles (controlling and controlled) are determined
using the procedures in <xref target="RFC8445"/>. using the procedures in <xref target="RFC8445" format="default"/>.
</t> </t>
</section> </section>
<section title="STUN Considerations"> <section numbered="true" toc="default">
<name>STUN Considerations</name>
<t> <t>
Once an agent has provided its local candidates to its peer in an SDP Once an agent has provided its local candidates to its peer in an SDP
offer or answer, the agent MUST be prepared to receive STUN connectivity offer or answer, the agent <bcp14>MUST</bcp14> be prepared to receive STUN
(Session Traversal Utilities for NAT, <xref target="RFC5389" format="default"/>)
connectivity
check Binding requests on those candidates. check Binding requests on those candidates.
</t> </t>
</section> </section>
<section anchor="sec-ice-mismatch" title="Verifying ICE Support Procedur <section anchor="sec-ice-mismatch" numbered="true" toc="default">
es"> <name>Verifying ICE Support Procedures</name>
<t> <t>
An ICE agent is considered to indicate support of ICE by including An ICE agent indicates support of ICE by including
at least the SDP ice-pwd and ice-ufrag attributes in an offer or ans at least the SDP "ice-pwd" and "ice-ufrag" attributes in an offer or
wer. answer.
An ICE agent compliant with this specification MUST also include an An ICE agent compliant with this specification <bcp14>MUST</bcp14> a
SDP ice-options attribute with an "ice2" attribute value. lso include an
SDP "ice-options" attribute with an "ice2" attribute value.
</t> </t>
<t> <t>
The agents will proceed with the ICE procedures defined in <xref target="RFC8445 "/> and The agents will proceed with the ICE procedures defined in <xref target="RFC8445 " format="default"/> and
this specification if, for each data stream in the SDP it received, the this specification if, for each data stream in the SDP it received, the
default destination for each component of that data stream appears in default destination for each component of that data stream appears in
a candidate attribute. For example, in the case of RTP, the a "candidate" attribute. For example, in the case of RTP, the
connection address, port, and transport protocol in the connection address, port, and transport protocol in the
"c=" and "m=" lines, respectively, appear in a candidate "c=" and "m=" lines, respectively, appear in a "candidate"
attribute and the value in the rtcp attribute appears in a candidate attribute, and the value in the "rtcp" attribute appears in a "candidate"
attribute. attribute.
</t> </t>
<t> <t>
This specification provides no guidance on how an agent should proceed This specification provides no guidance on how an agent should proceed
in the cases where the above condition is not met with the few in the cases where the above condition is not met with the few
exceptions noted below: exceptions noted below:
</t> </t>
<t> <ol spacing="normal" type="1">
<list style="numbers"> <li>
<t> The presence of certain Application Layer Gateways might modify
The presence of certain application layer gateways might modify the transport address information as described in <xref target="sec-alg-sip" for
the transport address information as described in <xref target="sec-alg-sip"/>. mat="default"/>.
The behavior of the responding agent in such a situation is The behavior of the responding agent in such a situation is
implementation dependent. Informally, the responding agent might implementation dependent. Informally, the responding agent might
consider the mismatched transport address information as a consider the mismatched transport address information as a
plausible new candidate learnt from the peer and continue its plausible new candidate learned from the peer and continue its
ICE processing with that transport address included. ICE processing with that transport address included.
Alternatively, the responding agent MAY include an "a=ice-mismatch" Alternatively, the responding agent <bcp14>MAY</bcp14> include an "ice-mismatch"
attribute in its answer for such data streams. If an agent chooses to attribute in its answer for such data streams. If an agent chooses to
include an "a=ice-mismatch" attribute in its answer for a data stream, include an "ice-mismatch" attribute in its answer for a data stream,
then it MUST also omit "a=candidate" attributes, MUST terminate then it <bcp14>MUST</bcp14> also omit "candidate" attributes, <bcp14>MUST</bcp14
the usage of ICE procedures and <xref target="RFC3264"/> procedures MUST be used > terminate
instead for this data stream. the usage of ICE procedures, and <xref target="RFC3264" format="default"/>
procedures <bcp14>MUST</bcp14> be used instead for this data stream.
</t> </li>
<t> <li>
The transport address from the peer for the default destination The transport address from the peer for the default destination
is set to IPv4/IPv6 address values "0.0.0.0"/"::" and port value of "9". is set to IPv4/IPv6 address values "0.0.0.0"/"::" and port value of "9".
This MUST NOT be considered as a ICE failure by the peer agent and This <bcp14>MUST NOT</bcp14> be considered as an ICE failure by the peer agent,
the ICE processing MUST continue as usual. and
the ICE processing <bcp14>MUST</bcp14> continue as usual.
</t> </li>
<t> <li>
In some cases, the controlling/initiator agent may receive the SDP answer In some cases, the controlling/initiator agent may receive an SDP answer
that may omit "a=candidate" attributes for the data stream, and instead that may omit "candidate" attributes for the data stream, and instead
include a media level "a=ice-mismatch" attribute. This signals to the include a media-level "ice-mismatch" attribute. This signals to the
offerer that the answerer supports ICE, but that ICE processing was not offerer that the answerer supports ICE, but that ICE processing was not
used for this data stream. In this case, ICE processing MUST be terminated used for this data stream. In this case, ICE processing <bcp14>MUST</bcp14> be t
for this data stream and <xref target="RFC3264"/> procedures MUST be followed in erminated
stead. for this data stream, and <xref target="RFC3264" format="default"/> procedures <
bcp14>MUST</bcp14> be followed instead.
</t> </li>
<t> <li>
The transport address from the peer for the default destination is The transport address from the peer for the default destination is
an FQDN. Regardless of the procedures used to resolve FQDN or the an FQDN. Regardless of the procedures used to resolve FQDN or the
resolution result, this MUST NOT be considered as a ICE failure by resolution result, this <bcp14>MUST NOT</bcp14> be considered as an ICE failure
the peer agent and the ICE processing MUST continue as usual. by
the peer agent, and the ICE processing <bcp14>MUST</bcp14> continue as usual.
</t> </li>
</list> </ol>
</t>
</section> </section>
<section title="SDP Example"> <section numbered="true" toc="default">
<name>SDP Example</name>
<t> <t>
The following is an example SDP message that includes ICE attributes The following is an example SDP message that includes ICE attributes
(lines folded for readability): (lines folded for readability):
</t> </t>
<figure> <sourcecode name="" type="sdp"><![CDATA[
<artwork><![CDATA[
v=0 v=0
o=jdoe 2890844526 2890842807 IN IP4 203.0.113.141 o=jdoe 2890844526 2890842807 IN IP4 203.0.113.141
s= s=
c=IN IP4 192.0.2.3 c=IN IP4 192.0.2.3
t=0 0 t=0 0
a=ice-options:ice2 a=ice-options:ice2
a=ice-pacing:50 a=ice-pacing:50
a=ice-pwd:asd88fgpdd777uzjYhagZg a=ice-pwd:asd88fgpdd777uzjYhagZg
a=ice-ufrag:8hhY a=ice-ufrag:8hhY
m=audio 45664 RTP/AVP 0 m=audio 45664 RTP/AVP 0
b=RS:0 b=RS:0
b=RR:0 b=RR:0
a=rtpmap:0 PCMU/8000 a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 203.0.113.141 8998 typ host a=candidate:1 1 UDP 2130706431 203.0.113.141 8998 typ host
a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr
203.0.113.141 rport 8998 203.0.113.141 rport 8998
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
</section> </section>
<section title="Initial Offer/Answer Exchange"> <section numbered="true" toc="default">
<section title="Sending the Initial Offer"> <name>Initial Offer/Answer Exchange</name>
<section numbered="true" toc="default">
<name>Sending the Initial Offer</name>
<t> <t>
When an offerer generates the initial offer, in each "m=" section it MUST When an offerer generates the initial offer, in each "m=" section it <bcp14>MUST
include SDP candidate attributes for each available candidate associated </bcp14>
with the "m=" section. In addition, the offerer MUST include an SDP ice-ufrag include SDP "candidate" attributes for each available candidate associated
attribute, an SDP ice-pwd attribute and an SDP ice-options attribute with with the "m=" section. In addition, the offerer <bcp14>MUST</bcp14> include an S
DP "ice-ufrag"
attribute, an SDP "ice-pwd" attribute, and an SDP "ice-options" attribute with
an "ice2" attribute value in the offer. If the offerer is a full ICE implementat ion, an "ice2" attribute value in the offer. If the offerer is a full ICE implementat ion,
it SHOULD include an ice-pacing attribute in the offer (if not included, the it <bcp14>SHOULD</bcp14> include an "ice-pacing" attribute in the offer (if not
default value will apply). A lite ICE implementation MUST NOT included the ice-p included, the
acing default value will apply). A lite ICE implementation <bcp14>MUST NOT</bcp14> inc
lude the "ice-pacing"
attribute in the offer (as it will not perform connectivity checks). attribute in the offer (as it will not perform connectivity checks).
</t> </t>
<t> <t>
It is valid for an offer "m=" line to include no SDP candidate attributes It is valid for an offer "m=" line to include no SDP "candidate" attributes
and with default destination set to the IP address values and have the default destination set to the IP address values
"0.0.0.0"/"::" and port value of "9". This implies that the offering agent "0.0.0.0"/"::" and the port value to "9".
is only going to use peer reflexive candidates or that additional candidates This implies that the offering agent is only going to use peer-reflexive
would be provided in subsequent signaling messages. candidates or will provide additional candidates in subsequent signaling
messages.
</t> </t>
<t> <dl newline="false" spacing="normal">
<list style="hanging"> <dt>Note:</dt>
<t hangText="Note:"> <dd>
Within the scope of this document, "Initial Offer" refers to the first Within the scope of this document, "initial offer" refers to the first
SDP offer that is sent in order to negotiate usage of ICE. It might, or SDP offer that is sent in order to negotiate usage of ICE. It might, or
might not, be the initial SDP offer of the SDP session. might not, be the initial SDP offer of the SDP session.
</t> </dd>
</list> </dl>
</t> <dl newline="false" spacing="normal">
<t> <dt>Note:</dt>
<list style="hanging"> <dd>
<t hangText="Note:">
The procedures in this document only consider "m=" sections associated The procedures in this document only consider "m=" sections associated
with data streams where ICE is used. with data streams where ICE is used.
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="Sending the Initial Answer"> <section numbered="true" toc="default">
<name>Sending the Initial Answer</name>
<t> <t>
When an answerer receives an initial offer that indicates When an answerer receives an initial offer indicating
that the offerer supports ICE, and if the answerer accepts that the offerer supports ICE, and if the answerer accepts
the offer and the usage of ICE, in each "m=" section within the offer and the usage of ICE, the answerer <bcp14>MUST</bcp14> include
the answer, it MUST include SDP candidate attributes for in each "m=" section within the answer the SDP "candidate"
each available candidate associated with the "m=" section. attributes for each available candidate associated with
In addition, the answerer MUST include an SDP ice-ufrag the "m=" section.
attribute, an SDP ice-pwd attribute and an SDP ice-options In addition, the answerer <bcp14>MUST</bcp14> include an SDP "ice-ufrag"
attribute, an SDP "ice-pwd" attribute, and an SDP "ice-options"
attribute with an "ice2" attribute value in the answer. If the attribute with an "ice2" attribute value in the answer. If the
answerer is a full ICE implementation, it SHOULD include an answerer is a full ICE implementation, it <bcp14>SHOULD</bcp14> include an
ice-pacing attribute in the answerer (if not included, the "ice-pacing" attribute in the answer (if not included, the
default value will apply). A lite ICE implementation MUST NOT default value will apply). A lite ICE implementation <bcp14>MUST NOT</bcp14>
included the ice-pacing attribute in the answer (as it will include the "ice-pacing" attribute in the answer (as it will
not perform connectivity chekcks). not perform connectivity checks).
</t> </t>
<t> <t>
In each "m=" line, the answerer MUST use the same transport In each "m=" line, the answerer <bcp14>MUST</bcp14> use the same transport
protocol as was used in the offer "m=" line. If none of protocol as was used in the offer "m=" line. If none of
the candidates in the "m=" line in the answer use the same the candidates in the "m=" line in the answer uses the same
transport protocol as indicated in the offer "m=" line, transport protocol as indicated in the offer "m=" line,
then, in order to avoid ICE mismatch, the default destination then, in order to avoid ICE mismatch, the default destination
MUST be set to IP address values "0.0.0.0"/"::" and <bcp14>MUST</bcp14> be set to IP address values "0.0.0.0"/"::" and
port value of "9". port value of "9".
</t> </t>
<t> <t>
It is also valid for an answer "m=" line to include no SDP It is also valid for an answer "m=" line to include no SDP
candidate attributes and with default destination set "candidate" attributes and have the default destination set
to the IP address values "0.0.0.0"/"::" and port value of "9". to the IP address values "0.0.0.0"/"::" and the port value to "9".
This implies that the answering agent is only going to use peer This implies that the answering agent is only going to use
reflexive candidates or that additional candidates would be peer-reflexive candidates or that additional candidates would be
provided in subsequent signaling messages. provided in subsequent signaling messages.
</t> </t>
<t> <t>
Once the answerer has sent the answer, it can start performing Once the answerer has sent the answer, it can start performing
connectivity checks towards the peer candidates that were provided connectivity checks towards the peer candidates that were provided
in the offer. in the offer.
</t> </t>
<t> <t>
If the offer does not indicate support of ICE <xref target="sec-ice-mismatch"/>, If the offer does not indicate support of ICE (<xref target="sec-ice-mismatch" f
the answerer ormat="default"/>), the answerer
MUST NOT accept the usage of ICE. If the answerer still accepts <bcp14>MUST NOT</bcp14> accept the usage of ICE. If the answerer still accepts
the offer, the answerer MUST NOT include any ICE-related SDP the offer, the answerer <bcp14>MUST NOT</bcp14> include any ICE-related SDP
attributes in the answer. Instead the answerer will generate attributes in the answer. Instead, the answerer will generate
the answer according to normal offer/answer procedures <xref target="RFC3264"/>. the answer according to normal offer/answer procedures <xref target="RFC3264" fo
rmat="default"/>.
</t> </t>
<t> <t>
If the answerer detects a possibility of an ICE mismatch, If the answerer detects a possibility of an ICE mismatch,
procedures described in <xref target="sec-ice-mismatch"/> are followed. procedures described in <xref target="sec-ice-mismatch" format="default"/> are f ollowed.
</t> </t>
</section> </section>
<section title="Receiving the Initial Answer"> <section numbered="true" toc="default">
<name>Receiving the Initial Answer</name>
<t> <t>
When an offerer receives an initial answer that indicates When an offerer receives an initial answer that indicates
that the answerer supports ICE, it can start performing that the answerer supports ICE, it can start performing
connectivity checks towards the peer candidates that were connectivity checks towards the peer candidates that were
provided in the answer. provided in the answer.
</t> </t>
<t> <t>
If the answer does not indicate that the answerer If the answer does not indicate that the answerer supports ICE, or if the
supports ICE, or if the answerer included "a=ice-mismatch" answerer included "ice-mismatch" attributes for all the active data streams
attributes for all the active data streams in in the answer, the offerer <bcp14>MUST</bcp14> terminate the usage of ICE for
the answer, the offerer MUST terminate the usage of ICE the entire session, and <xref target="RFC3264" format="default"/> procedures
for the entire session and <xref target="RFC3264"/> procedures MUST be <bcp14>MUST</bcp14> be followed instead.
followed instead.
</t> </t>
<t> <t>
On the other hand, if the answer indicates support for On the other hand, if the answer indicates support for
ICE but includes "a=ice-mismatch" in certain active data ICE but includes "ice-mismatch" in certain active data
streams, then the offerer MUST terminate the usage of ICE streams, then the offerer <bcp14>MUST</bcp14> terminate the usage of ICE
procedures and <xref target="RFC3264"/> procedures procedures, and <xref target="RFC3264" format="default"/> procedures
MUST be used instead for only these data streams. Also, ICE <bcp14>MUST</bcp14> be used instead for only these data streams. Also, ICE
procedures MUST be used for data streams where an "a=ice-mismatch" procedures <bcp14>MUST</bcp14> be used for data streams where an "ice-mismatch"
attribute was not included. attribute was not included.
</t> </t>
<t> <t>
If the offerer detects an ICE mismatch for one or more If the offerer detects an ICE mismatch for one or more data streams in the
data streams in the answer, as described in <xref target="sec-ice-mismatch"/>, answer, as described in <xref target="sec-ice-mismatch" format="default"/>,
the offerer MUST terminate the usage of ICE for the entire session. the offerer <bcp14>MUST</bcp14> terminate the usage of ICE for the entire
The subsequent actions taken by the offerer are implementation session. The subsequent actions taken by the offerer are implementation
dependent and are out of the scope of this specification. dependent and are out of the scope of this specification.
</t> </t>
</section> </section>
<section title="Concluding ICE"> <section numbered="true" toc="default">
<name>Concluding ICE</name>
<t> <t>
Once the agent has successfully nominated a pair <xref target="RFC8445"/>, the s Once the agent has successfully nominated a pair <xref target="RFC8445"
tate of the format="default"/>, the state of the checklist associated with the pair is set
checklist associated with the pair is set to Completed. Once the state of each c to Completed. Once the state of each checklist is set to either Completed or
hecklist is Failed, for each Completed checklist, the agent checks whether the nominated
set to either Completed or Failed, for each Completed checklist the agent checks pair matches the default candidate pair. If there are one or more pairs that
whether the do not match, and the peer did not indicate support for the 'ice2' ice-option,
nominated pair matches the default candidate pair. If there are one or more pair the controlling agent <bcp14>MUST</bcp14> generate a subsequent offer in which
s that do not the connection address, port, and transport protocol in the "c=" and "m="
match, and the peer did not indicate support for the 'ice2' ice-option, the cont lines associated with each data stream match the corresponding local
rolling agent information of the nominated pair for that data stream (<xref
MUST generate a subsequent offer, in which the connection address, port and tran target="sec-send-subsequent-offer-after-nom" format="default"/>). If the peer
sport protocol did indicate support for the 'ice2' ice-option, the controlling agent does not
in the "c=" and "m=" lines associated with each data stream match the correspond immediately need to generate an updated offer in order to align a connection
ing address, port, and protocol with a nominated pair. However, later in the
local information of the nominated pair for that data stream (<xref target="sec- session, whenever the controlling agent does send a subsequent offer, it
send-subsequent-offer-after-nom"/>). <bcp14>MUST</bcp14> do the alignment as described above.
If the peer did indicate support for the 'ice2' ice-option, the controlling agen </t>
t does not
immediately need to generate an updated offer in order to align a connection add
ress, port
and protocol with a nominated pair. However, later in the session, whenever the
controlling agent
does sent a subsequent offer, it MUST do the alignment as described above.
</t>
<t>
If there are one or more checklists with the state set to Failed, the controllin
g
agent MUST generate a subsequent offer in order to remove the associated data st
reams by setting
the port value of the data streams to zero (<xref target="sec-send-subsequent-of
fer-remove"/>),
even if the peer did indicate support for the 'ice2' ice-option. If needed, such
offer is used to align the connection address, port and transport protocol, as
described above.
</t>
<t> <t>
As described in <xref target="RFC8445"/>, once the controlling agent has nominat If there are one or more checklists with the state set to Failed, the
ed controlling agent <bcp14>MUST</bcp14> generate a subsequent offer in order to
a candidate pair for a checklist, the agent MUST NOT nominate another pair remove the associated data streams by setting the port value of the data
for that checklist during the lifetime of the ICE session (i.e. until streams to zero (<xref target="sec-send-subsequent-offer-remove"
format="default"/>), even if the peer did indicate support for the 'ice2'
ice-option. If needed, such offer is used to align the connection address,
port, and transport protocol, as described above.
</t>
<t>
As described in <xref target="RFC8445" format="default"/>, once the controlling
agent has nominated
a candidate pair for a checklist, the agent <bcp14>MUST NOT</bcp14> nominate ano
ther pair
for that checklist during the lifetime of the ICE session (i.e., until
ICE is restarted). ICE is restarted).
</t> </t>
<t>
<xref target="draft-ietf-ice-pac"/> provides a mechanism for <t>
<xref target="RFC8863" format="default"/> provides a mechanism for
allowing the ICE process to run long enough in order to find working candidate pairs, allowing the ICE process to run long enough in order to find working candidate pairs,
by waiting for potential peer-reflexive candidates, even though no candidate p airs were by waiting for potential peer-reflexive candidates, even though no candidate p airs were
received from the peer or all current candidate pairs associated with a checkl ist have received from the peer or all current candidate pairs associated with a checkl ist have
either failed or been discarded. It is OPTIONAL for an ICE agent to support th e mechanism. either failed or been discarded.
</t> </t>
</section> </section>
</section> </section>
<section title="Subsequent Offer/Answer Exchanges"> <section numbered="true" toc="default">
<name>Subsequent Offer/Answer Exchanges</name>
<t> <t>
Either agent MAY generate a subsequent offer at any time allowed by Either agent <bcp14>MAY</bcp14> generate a subsequent offer at any time allowed
<xref target="RFC3264"/>. This section defines rules for construction of subsequ by
ent <xref target="RFC3264" format="default"/>. This section defines rules for constr
uction of subsequent
offers and answers. offers and answers.
</t> </t>
<t> <t>
Should a subsequent offer fail, ICE processing continues as if the Should a subsequent offer fail, ICE processing continues as if the
subsequent offer had never been made. subsequent offer had never been made.
</t> </t>
<section anchor="sec-send-subsequent-offer" title="Sending Subsequent Of <section anchor="sec-send-subsequent-offer" numbered="true" toc="default
fer"> ">
<section title="Procedures for All Implementations"> <name>Sending Subsequent Offer</name>
<section anchor="sec-suboffer-restarts" title="ICE Restart"> <section numbered="true" toc="default">
<name>Procedures for All Implementations</name>
<section anchor="sec-suboffer-restarts" numbered="true" toc="default
">
<name>ICE Restart</name>
<t> <t>
An agent MAY restart ICE processing for an existing data stream <xref target="RF C8445"/>. An agent <bcp14>MAY</bcp14> restart ICE processing for an existing data stream < xref target="RFC8445" format="default"/>.
</t> </t>
<t> <t>
The rules governing the ICE restart imply that setting the connection address The rules governing the ICE restart imply that setting the connection address
in the "c=" line to "0.0.0.0" (for IPv4)/ "::" (for IPv6) will cause an ICE rest art. in the "c=" line to "0.0.0.0" (for IPv4)/ "::" (for IPv6) will cause an ICE rest art.
Consequently, ICE implementations MUST NOT utilize this mechanism for call hold, Consequently, ICE implementations <bcp14>MUST NOT</bcp14> utilize this mechanism
and instead MUST use "a=inactive" and "a=sendonly" as described in <xref target= for call hold,
"RFC3264"/>. and instead <bcp14>MUST</bcp14> use "inactive" and "sendonly" as described in
<xref target="RFC3264" format="default"/>.
</t> </t>
<t> <t>
To restart ICE, an agent MUST change both the ice-pwd and the ice-ufrag for To restart ICE, an agent <bcp14>MUST</bcp14> change both the "ice-pwd" and the " ice-ufrag" for
the data stream in an offer. However, it is permissible to use a session-level the data stream in an offer. However, it is permissible to use a session-level
attribute in one offer, but to provide the same ice-pwd or ice-ufrag as a attribute in one offer, but to provide the same "ice-pwd" or "ice-ufrag" as a
media-level attribute in a subsequent offer. This MUST NOT be considered media-level attribute in a subsequent offer. This <bcp14>MUST NOT</bcp14> be con
sidered
as ICE restart. as ICE restart.
</t> </t>
<t> <t>
An agent sets the rest of the ICE-related fields in the SDP for this data stream as it An agent sets the rest of the ICE-related fields in the SDP for this data stream as it
would in an initial offer of this data stream (<xref target="sec-encoding"/>). would in an initial offer of this data stream (<xref target="sec-encoding" forma
Consequently, the set of candidates MAY include some, none, or all of the t="default"/>).
previous candidates for that data stream and MAY include a totally new set of Consequently, the set of candidates <bcp14>MAY</bcp14> include some, none, or al
candidates. The agent MAY modify the attribute values of the SDP ice-options and l of the
SDP ice-pacing attributes, and it MAY change its role using the SDP ice-lite att previous candidates for that data stream and <bcp14>MAY</bcp14> include a totall
ribute. y new set of
The agent MUST NOT modify the SDP ice-options, ice-pacing and ice-lite attribute candidates. The agent <bcp14>MAY</bcp14> modify the attribute values of the SDP
s in a "ice-options" and
SDP "ice-pacing" attributes, and it <bcp14>MAY</bcp14> change its role using the
SDP "ice-lite" attribute.
The agent <bcp14>MUST NOT</bcp14> modify the SDP "ice-options", "ice-pacing", an
d "ice-lite" attributes in a
subsequent offer unless the offer is sent in order to request an ICE restart. subsequent offer unless the offer is sent in order to request an ICE restart.
</t> </t>
</section> </section>
<section title="Removing a Data Stream" anchor="sec-send-subsequent- <section anchor="sec-send-subsequent-offer-remove" numbered="true" t
offer-remove"> oc="default">
<name>Removing a Data Stream</name>
<t> <t>
If an agent removes a data stream by setting its port to zero, it MUST NOT If an agent removes a data stream by setting its port to zero, it <bcp14>MUST NO
include any candidate attributes for that data stream and SHOULD NOT include T</bcp14>
any other ICE-related attributes defined in <xref target="sec-grammar"/> for tha include any "candidate" attributes for that data stream and <bcp14>SHOULD NOT</b
t data stream. cp14> include
any other ICE-related attributes defined in <xref target="sec-grammar" format="d
efault"/> for that data stream.
</t> </t>
</section> </section>
<section title="Adding a Data Stream"> <section numbered="true" toc="default">
<name>Adding a Data Stream</name>
<t> <t>
If an agent wishes to add a new data stream, it sets the fields in the SDP for If an agent wishes to add a new data stream, it sets the fields in the SDP for
this data stream as if this were an initial offer for that data stream this data stream as if this were an initial offer for that data stream
(<xref target="sec-encoding"/>). This will cause ICE processing to begin for thi s data stream. (<xref target="sec-encoding" format="default"/>). This will cause ICE processing to begin for this data stream.
</t> </t>
</section> </section>
</section> </section>
<section title="Procedures for Full Implementations"> <section numbered="true" toc="default">
<name>Procedures for Full Implementations</name>
<t> <t>
This section describes additional procedures for full implementations, This section describes additional procedures for full implementations,
covering existing data streams. covering existing data streams.
</t> </t>
<section title="Before Nomination"> <section numbered="true" toc="default">
<name>Before Nomination</name>
<t> <t>
When an offerer sends a subsequent offer; in each "m=" section for which a When an offerer sends a subsequent offer; in each "m=" section for which a
candidate pair has not yet been nominated, the offer MUST include the candidate pair has not yet been nominated, the offer <bcp14>MUST</bcp14> include the
same set of ICE-related information that the offerer included in the same set of ICE-related information that the offerer included in the
previous offer or answer. The agent MAY include additional candidates previous offer or answer. The agent <bcp14>MAY</bcp14> include additional candid ates
it did not offer previously, but which it has gathered since the last it did not offer previously, but which it has gathered since the last
offer/answer exchange, including peer reflexive candidates. offer/answer exchange, including peer-reflexive candidates.
</t> </t>
<t> <t>
The agent MAY change the default destination for media. As with initial The agent <bcp14>MAY</bcp14> change the default destination for media. As with i
offers, there MUST be a set of candidate attributes in the offer matching nitial
offers, there <bcp14>MUST</bcp14> be a set of "candidate" attributes in the offe
r matching
this default destination. this default destination.
</t> </t>
</section> </section>
<section title="After Nomination" anchor="sec-send-subsequent-offer- <section anchor="sec-send-subsequent-offer-after-nom" numbered="true
after-nom"> " toc="default">
<name>After Nomination</name>
<t> <t>
Once a candidate pair has been nominated for a data stream, the connection addre ss, Once a candidate pair has been nominated for a data stream, the connection addre ss,
port and transport protocol in each "c=" and "m=" line associated with that data port, and transport protocol in each "c=" and "m=" line associated with that dat
stream MUST match the data associated with the nominated pair for that a
data stream. In addition, the offerer only includes SDP candidates stream <bcp14>MUST</bcp14> match the data associated with the nominated pair for
(one per component) representing the local candidates of the nominated candidate that
pair. The offerer MUST NOT include any other SDP candidate attributes in the data stream. In addition, the offerer only includes SDP "candidate" attributes
(one per component) representing the local candidates of the nominated candidate
pair.
The offerer <bcp14>MUST NOT</bcp14> include any other SDP "candidate" attributes
in the
subsequent offer. subsequent offer.
</t> </t>
<t> <t>
In addition, if the agent is controlling, it MUST include the In addition, if the agent is controlling, it <bcp14>MUST</bcp14> include the
"a=remote-candidates" attribute for each data stream whose checklist "remote-candidates" attribute for each data stream whose checklist
is in the Completed state. The attribute contains the remote candidates is in the Completed state. The attribute contains the remote candidates
corresponding to the nominated pair in the valid list for each corresponding to the nominated pair in the valid list for each
component of that data stream. It is needed to avoid a race condition component of that data stream. It is needed to avoid a race condition
whereby the controlling agent chooses its pairs, but the updated offer whereby the controlling agent chooses its pairs, but the updated offer
beats the connectivity checks to the controlled agent, which doesn&#8217;t beats the connectivity checks to the controlled agent, which doesn't
even know these pairs are valid, let alone selected. See Appendix B even know these pairs are valid, let alone selected. See <xref target="sec-why-r
emote" format="default"/>
for elaboration on this race condition. for elaboration on this race condition.
</t> </t>
</section> </section>
</section> </section>
<section title="Procedures for Lite Implementations"> <section numbered="true" toc="default">
<name>Procedures for Lite Implementations</name>
<t> <t>
If the ICE state is Running, a lite implementation MUST include all of If the ICE state is Running, a lite implementation <bcp14>MUST</bcp14> include a
its candidates for each component of each data stream in "a=candidate" ll of
its candidates for each component of each data stream in "candidate"
attributes in any subsequent offer. The candidates are formed identically attributes in any subsequent offer. The candidates are formed identically
to the procedures for initial offers. to the procedures for initial offers.
</t> </t>
<t> <t>
A lite implementation MUST NOT add additional host candidates in a A lite implementation <bcp14>MUST NOT</bcp14> add additional host candidates in
subsequent offer, and MUST NOT modify the username fragments and a
subsequent offer, and <bcp14>MUST NOT</bcp14> modify the username fragments and
passwords. If an agent needs to offer additional candidates, or passwords. If an agent needs to offer additional candidates, or
modify the username fragments and passwords, it MUST request an to modify the username fragments and passwords, it <bcp14>MUST</bcp14> request a
ICE restart (<xref target="sec-suboffer-restarts"/>) for that data stream. n
ICE restart (<xref target="sec-suboffer-restarts" format="default"/>) for that d
ata stream.
</t> </t>
<t> <t>
If ICE has completed for a data stream and if the agent is controlled, If ICE has completed for a data stream, and if the agent is controlled,
the default destination for that data stream MUST be set to the the default destination for that data stream <bcp14>MUST</bcp14> be set to the
remote candidate of the candidate pair for that component in the valid list. remote candidate of the candidate pair for that component in the valid list.
For a lite implementation, there is always just a single candidate pair in For a lite implementation, there is always just a single candidate pair in
the valid list for each component of a data stream. Additionally, the agent the valid list for each component of a data stream. Additionally, the agent
MUST include a candidate attribute for each default destination. <bcp14>MUST</bcp14> include a "candidate" attribute for each default destination .
</t> </t>
<t> <t>
If the ICE state is Completed and if the agent is controlling (which only If the ICE state is Completed, and if the agent is controlling (which only
happens when both agents are lite), the agent MUST include the happens when both agents are lite), the agent <bcp14>MUST</bcp14> include the
"a=remote-candidates" attribute for each data stream. The attribute "remote-candidates" attribute for each data stream. The attribute
contains the remote candidates from the candidate pairs in the contains the remote candidates from the candidate pairs in the
valid list (one pair for each component of each data stream). valid list (one pair for each component of each data stream).
</t> </t>
</section> </section>
</section> </section>
<section anchor="sec-subsequent-answer" title="Sending Subsequent Answer <section anchor="sec-subsequent-answer" numbered="true" toc="default">
"> <name>Sending Subsequent Answer</name>
<t> <t>
If ICE is Completed for a data stream, and the offer for that data If ICE is Completed for a data stream, and the offer for that data
stream lacked the "a=remote-candidates" attribute, the rules for stream lacked the "remote-candidates" attribute, the rules for
construction of the answer are identical to those for the offerer, construction of the answer are identical to those for the offerer,
except that the answerer MUST NOT include the "a=remote-candidates" except that the answerer <bcp14>MUST NOT</bcp14> include the "remote-candidates"
attribute in the answer. attribute in the answer.
</t> </t>
<t> <t>
A controlled agent will receive an offer with the "a=remote-candidates" A controlled agent will receive an offer with the "remote-candidates"
attribute for a data stream when its peer has concluded ICE processing attribute for a data stream when its peer has concluded ICE processing
for that data stream. This attribute is present in the for that data stream. This attribute is present in the
offer to deal with a race condition between the receipt of the offer, offer to deal with a race condition between the receipt of the offer,
and the receipt of the Binding Response that tells the answerer the and the receipt of the Binding response that tells the answerer the
candidate that will be selected by ICE. See Appendix B for an candidate that will be selected by ICE. See <xref target="sec-why-remote" format
="default"/> for an
explanation of this race condition. Consequently, processing of an explanation of this race condition. Consequently, processing of an
offer with this attribute depends on the winner of the race. offer with this attribute depends on the winner of the race.
</t> </t>
<t> <t>
The agent forms a candidate pair for each component of the data stream by: The agent forms a candidate pair for each component of the data stream by:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t> Setting the remote candidate equal to the offerer's default
Setting the remote candidate equal to the offerer&#8217;s default destination for that component (i.e., the contents of the "m=" and
destination for that component (i.e. the contents of the "m=" and "c=" lines for RTP, and the "rtcp" attribute for RTCP)
"c=" lines for RTP, and the "a=rtcp" attribute for RTCP)
</t> </li>
<t> <li>
Setting the local candidate equal to the transport address for Setting the local candidate equal to the transport address for
that same component in the "a=remote-candidates" attribute in the that same component in the "remote-candidates" attribute in the
offer. offer.
</t> </li>
</list> </ul>
</t>
<t> <t>
The agent then sees if each of these candidate pairs is present The agent then sees if each of these candidate pairs is present
in the valid list. If a particular pair is not in the valid list, in the valid list. If a particular pair is not in the valid list,
the check has "lost" the race. Call such a pair a "losing pair". the check has "lost" the race. Call such a pair a "losing pair".
</t> </t>
<t> <t>
The agent finds all the pairs in the checklist whose remote The agent finds all the pairs in the checklist whose remote
candidates equal the remote candidate in the losing pair: candidates equal the remote candidate in the losing pair:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols">
<t> <li>
If none of the pairs are In-Progress, and at least one is Failed, If none of the pairs is In-Progress, and at least one is Failed,
it is most likely that a network failure, such as a network it is most likely that a network failure, such as a network
partition or serious packet loss, has occurred. The agent SHOULD partition or serious packet loss, has occurred. The agent <bcp14>SHOULD</bcp14>
generate an answer for this data stream as if the remote- generate an answer for this data stream as if the "remote-
candidates attribute had not been present, and then restart ICE candidates" attribute had not been present, and then restart ICE
for this stream. for this stream.
</t> </li>
<t> <li>
If at least one of the pairs is In-Progress, the agent SHOULD wait If at least one of the pairs is In-Progress, the agent <bcp14>SHOULD</bcp14> wai
t
for those checks to complete, and as each completes, redo the for those checks to complete, and as each completes, redo the
processing in this section until there are no losing pairs. processing in this section until there are no losing pairs.
</t> </li>
</list> </ul>
</t>
<t> <t>
Once there are no losing pairs, the agent can generate the answer. Once there are no losing pairs, the agent can generate the answer.
It MUST set the default destination for media to the candidates in It <bcp14>MUST</bcp14> set the default destination for media to the candidates i
the remote-candidates attribute from the offer (each of which will n
the "remote-candidates" attribute from the offer (each of which will
now be the local candidate of a candidate pair in the valid list). now be the local candidate of a candidate pair in the valid list).
It MUST include a candidate attribute in the answer for each It <bcp14>MUST</bcp14> include a "candidate" attribute in the answer for each
candidate in the remote-candidates attribute in the offer. candidate in the "remote-candidates" attribute in the offer.
</t> </t>
<section title="ICE Restart">
<section numbered="true" toc="default">
<name>ICE Restart</name>
<t> <t>
If the offerer in a subsequent offer requested an ICE restart (<xref target="sec -suboffer-restarts"/>) If the offerer in a subsequent offer requested an ICE restart (<xref target="sec -suboffer-restarts" format="default"/>)
for a data stream, and if the answerer accepts the offer, the for a data stream, and if the answerer accepts the offer, the
answerer follows the procedures for generating an initial answer. answerer follows the procedures for generating an initial answer.
</t> </t>
<t> <t>
For a given data stream, the answerer MAY include the same For a given data stream, the answerer <bcp14>MAY</bcp14> include the same
candidates that were used in the previous ICE session, but candidates that were used in the previous ICE session, but
it MUST change the SDP ice-pwd and ice-ufrag attribute it <bcp14>MUST</bcp14> change the SDP "ice-pwd" and "ice-ufrag" attribute
values. values.
</t> </t>
<t> <t>
The answerer MAY modify the attribute values of the SDP ice-options and The answerer <bcp14>MAY</bcp14> modify the attribute values of the SDP "ice-opti
SDP ice-pacing attributes, and it MAY change its role using the SDP ice-lite att ons" and
ribute. SDP "ice-pacing" attributes, and it <bcp14>MAY</bcp14> change its role using the
The answerer MUST NOT modify the SDP ice-options, ice-pacing and ice-lite attrib SDP "ice-lite" attribute.
utes in a The answerer <bcp14>MUST NOT</bcp14> modify the SDP "ice-options", "ice-pacing",
and "ice-lite" attributes in a
subsequent answer unless the answer is sent for an offer that was used to reques t an ICE restart subsequent answer unless the answer is sent for an offer that was used to reques t an ICE restart
(<xref target="sec-suboffer-restarts"/>). If any of the SDP attributes have been (<xref target="sec-suboffer-restarts" format="default"/>). If any of the SDP att
modified in ributes have been modified in
a subsequent offer that is not used to request an ICE restart, the answerer MUST a subsequent offer that is not used to request an ICE restart, the answerer <bcp
reject the 14>MUST</bcp14> reject the
offer. offer.
</t> </t>
</section> </section>
<section title="Lite Implementation specific procedures"> <section numbered="true" toc="default">
<name>Lite Implementation Specific Procedures</name>
<t> <t>
If the received offer contains the remote-candidates attribute for a If the received offer contains the "remote-candidates" attribute for a
data stream, the agent forms a candidate pair for each component of the data stream, the agent forms a candidate pair for each component of the
data stream by: data stream by:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t> Setting the remote candidate equal to the offerer's default destination
Setting the remote candidate equal to the offerer&#8217;s default destination
for that component (i.e., the contents of the "m=" and "c=" lines for RTP, for that component (i.e., the contents of the "m=" and "c=" lines for RTP,
and the "a=rtcp" attribute for RTCP). and the "rtcp" attribute for RTCP).
</t> </li>
<t> <li>
Setting the local candidate equal to the transport address for that same Setting the local candidate equal to the transport address for that same
component in the "a=remote-candidates" attribute in the offer. component in the "remote-candidates" attribute in the offer.
</t> </li>
</list> </ul>
</t>
<t> <t>
The state of the checklist associated with that data stream is set to Completed. The state of the checklist associated with that data stream is set to Completed.
</t> </t>
<t> <t>
Furthermore, if the agent believed it was controlling, but the offer contained Furthermore, if the agent believed it was controlling, but the offer contained
the "a=remote-candidates" attribute, both agents believe they are controlling. the "remote-candidates" attribute, both agents believe they are controlling.
In this case, both would have sent updated offers around the same time. In this case, both would have sent updated offers around the same time.
</t> </t>
<t> <t>
However, the signaling protocol carrying the offer/answer exchanges However, the signaling protocol carrying the offer/answer exchanges
will have resolved this glare condition, so that one agent is always will have resolved this glare condition, so that one agent is always
the 'winner' by having its offer received before its peer has sent the 'winner' by having its offer received before its peer has sent
an offer. The winner takes the role of controlling, so that the an offer. The winner takes the role of controlling, so that the
loser (the answerer under consideration in this section) MUST loser (the answerer under consideration in this section) <bcp14>MUST</bcp14>
change its role to controlled. change its role to controlled.
</t> </t>
<t> <t>
Consequently, if the agent was going to send an updated offer since, Consequently, if the agent was controlling based on the rules
based on the rules in section 8.2 of <xref target="RFC8445"/>, it was controllin in <xref target="RFC8445" sectionFormat="of" section="8.2" format="default"/>
g, and was going to send an updated offer, it no longer needs to.
it no longer needs to.
</t> </t>
<t> <t>
Besides the potential role change, change in the Valid list, and Besides the potential role change, change in the valid list, and
state changes, the construction of the answer is performed identically state changes, the construction of the answer is performed identically
to the construction of an offer. to the construction of an offer.
</t> </t>
</section> </section>
</section> </section>
<section title="Receiving Answer for a Subsequent Offer"> <section numbered="true" toc="default">
<section title="Procedures for Full Implementations"> <name>Receiving Answer for a Subsequent Offer</name>
<section numbered="true" toc="default">
<name>Procedures for Full Implementations</name>
<t> <t>
There may be certain situations where the offerer receives There may be certain situations where the offerer receives
an SDP answer that lacks ICE candidates although the initial answer an SDP answer that lacks ICE candidates although the initial answer
included them. One example of such an "unexpected" answer might be included them. One example of such an "unexpected" answer might
happen when an ICE-unaware Back-to-Back User Agent (B2BUA) happen when an ICE-unaware Back-to-Back User Agent (B2BUA)
introduces a media server during call hold using 3rd party introduces a media server during call hold using third party
call-control procedures <xref target="RFC3725"/>. Omitting further details how t call control procedures <xref target="RFC3725" format="default"/>.
his Omitting further details on how this is done, this could
is done, this could result in an answer being received at the holding result in an answer that was constructed by the B2BUA
UA that was constructed by the B2BUA. With the B2BUA being being received at the holding UA. With the B2BUA being
ICE-unaware, that answer would not include ICE candidates. ICE-unaware, that answer would not include ICE candidates.
</t> </t>
<t> <t>
Receiving an answer without ICE attributes in this situation might be Receiving an answer without ICE attributes in this situation might be
unexpected, but would not necessarily impair the user experience. unexpected, but would not necessarily impair the user experience.
</t> </t>
<t> <t>
When the offerer receives an answer indicating support for ICE, the When the offerer receives an answer indicating support for ICE, the
offer performs one of the following actions: offer performs one of the following actions:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t> If the offer was a restart, the agent <bcp14>MUST</bcp14> perform ICE restart
If the offer was a restart, the agent MUST perform ICE restart procedures as specified in <xref target="sec-restart-subsequent" format="default
procedures as specified in <xref target="sec-restart-subsequent"/></t> "/>.</li>
<t> <li>
If the offer/answer exchange removed a data stream, or an If the offer/answer exchange removed a data stream, or an
answer rejected an offered data stream, an agent MUST flush the answer rejected an offered data stream, an agent <bcp14>MUST</bcp14> flush the
Valid list for that data stream. It MUST also terminate any valid list for that data stream. It <bcp14>MUST</bcp14> also terminate any
STUN transactions in progress for that data stream. STUN transactions in progress for that data stream.
</li>
</t> <li>
<t>
If the offer/answer exchange added a new data stream, the agent If the offer/answer exchange added a new data stream, the agent
MUST create a new checklist for it (and an empty Valid list to <bcp14>MUST</bcp14> create a new checklist for it (and an empty valid list to
start of course) which in turn triggers the candidate start of course), which in turn triggers the candidate
processing procedures <xref target="RFC8445"/>. processing procedures <xref target="RFC8445" format="default"/>.
</li>
</t> <li>
<t>
If the checklist state associated with a data stream is Running, the agent If the checklist state associated with a data stream is Running, the agent
recomputes the checklist. If a pair on the new checklist was recomputes the checklist. If a pair on the new checklist was
also on the previous checklist, its candidate pair state is copied over. also on the previous checklist, its candidate pair state is copied over.
Otherwise, its candidate pair state is set to Frozen. If none of the checklist s Otherwise, its candidate pair state is set to Frozen. If none of the checklist s
are active (meaning that the candidate pair states in each checklist are active (meaning that the candidate pair states in each checklist
are Frozen), appropriate procedures in <xref target="RFC8445"/> are Frozen), appropriate procedures in <xref target="RFC8445" format="default" />
are performed to move candidate pair(s) to the Waiting state to are performed to move candidate pair(s) to the Waiting state to
further continue ICE processing. further continue ICE processing.
</t> </li>
<t> <li>
If the ICE state is Completed and the SDP answer conforms to If the ICE state is Completed, and the SDP answer conforms to
<xref target="sec-subsequent-answer"/>, the agent MUST remain in the <xref target="sec-subsequent-answer" format="default"/>, the agent <bcp14>MUST</
bcp14> remain in the
Completed ICE state. Completed ICE state.
</t> </li>
</list> </ul>
</t>
<t> <t>
However, if the ICE support is no longer indicated in the SDP answer, However, if the ICE support is no longer indicated in the SDP answer,
the agent MUST fall-back to <xref target="RFC3264"/> procedures and SHOULD NOT the agent <bcp14>MUST</bcp14> fall back to <xref target="RFC3264" format="defaul
drop the dialog because of the missing ICE support or unexpected answer. t"/>
Once the agent sends a new offer later on, it MUST perform an ICE restart. procedures and <bcp14>SHOULD NOT</bcp14> drop the dialog because of the
missing ICE support or unexpected answer.
When the agent sends a new offer, it <bcp14>MUST</bcp14> perform an ICE restart.
</t> </t>
<section anchor="sec-restart-subsequent" title="ICE Restarts"> <section anchor="sec-restart-subsequent" numbered="true" toc="defaul
t">
<name>ICE Restarts</name>
<t> <t>
The agent MUST remember the nominated pair in the Valid list for each The agent <bcp14>MUST</bcp14> remember the nominated pair in the valid list for each
component of the data stream, called the "previous selected pair", prior component of the data stream, called the "previous selected pair", prior
to the restart. The agent will continue to send media using this pair, to the restart. The agent will continue to send media using this pair,
as described in section 12 of <xref target="RFC8445"/>. Once these destinations as described in <xref target="RFC8445" sectionFormat="of" section="12" format="d
are efault"/>. Once these destinations are
noted, the agent MUST flush the Valid lists and checklists, and then recompute noted, the agent <bcp14>MUST</bcp14> flush the valid lists and checklists, and t
hen recompute
the checklist and its states, thus triggering the candidate processing the checklist and its states, thus triggering the candidate processing
procedures <xref target="RFC8445"/></t> procedures <xref target="RFC8445" format="default"/>.</t>
</section> </section>
</section> </section>
<section title="Procedures for Lite Implementations"> <section numbered="true" toc="default">
<name>Procedures for Lite Implementations</name>
<t> <t>
If ICE is restarting for a data stream, the agent MUST create a new If ICE is restarting for a data stream, the agent <bcp14>MUST</bcp14> create a n
Valid list for that data stream. It MUST remember the nominated pair in the ew
previous Valid list for each component of the data stream, called valid list for that data stream. It <bcp14>MUST</bcp14> remember the nominated p
air in the
previous valid list for each component of the data stream, called
the "previous selected pairs", and continue to send media there as the "previous selected pairs", and continue to send media there as
described in section 12 of <xref target="RFC8445"/>. The state of each described in <xref target="RFC8445" sectionFormat="of" section="12" format="defa
checklist for each data stream MUST change to Running, and the ICE state ult"/>. The state of each
MUST be set to Running. checklist for each data stream <bcp14>MUST</bcp14> change to Running, and the IC
E state
<bcp14>MUST</bcp14> be set to Running.
</t> </t>
</section> </section>
</section> </section>
</section> </section>
</section> </section>
<section anchor="sec-grammar" title="Grammar"> <section anchor="sec-grammar" numbered="true" toc="default">
<name>Grammar</name>
<t> <t>
This specification defines eight new SDP attributes&#8201;&#8212;&#8201;the "can didate", This specification defines eight new SDP attributes -- the "candidate",
"remote-candidates", "ice-lite", "ice-mismatch", "ice-ufrag", "ice-pwd", "ice-pa cing", "remote-candidates", "ice-lite", "ice-mismatch", "ice-ufrag", "ice-pwd", "ice-pa cing",
and "ice-options" attributes. and "ice-options" attributes.
</t> </t>
<t> <t>
This section also provides non-normative examples of the attributes defined. This section also provides non-normative examples of the attributes defined.
</t> </t>
<t> <t>
The syntax for the attributes follow Augmented BNF as defined in <xref target="R FC5234"/>. The syntax for the attributes follow Augmented BNF as defined in <xref target="R FC5234" format="default"/>.
</t> </t>
<section title="&quot;candidate&quot; Attribute"> <section numbered="true" toc="default">
<name>"candidate" Attribute</name>
<t> <t>
The candidate attribute is a media-level attribute only. The "candidate" attribute is a media-level attribute only.
It contains a transport address for a candidate that can be used for connectivit y checks. It contains a transport address for a candidate that can be used for connectivit y checks.
</t> </t>
<figure> <sourcecode name="" type="abnf"><![CDATA[
<artwork><![CDATA[
candidate-attribute = "candidate" ":" foundation SP component-id SP candidate-attribute = "candidate" ":" foundation SP component-id SP
transport SP transport SP
priority SP priority SP
connection-address SP ;from RFC 4566 connection-address SP ;from RFC 4566
port ;port from RFC 4566 port ;port from RFC 4566
SP cand-type SP cand-type
[SP rel-addr] [SP rel-addr]
[SP rel-port] [SP rel-port]
*(SP cand-extension) *(SP cand-extension)
skipping to change at line 890 skipping to change at line 974
transport-extension = token ; from RFC 3261 transport-extension = token ; from RFC 3261
priority = 1*10DIGIT priority = 1*10DIGIT
cand-type = "typ" SP candidate-types cand-type = "typ" SP candidate-types
candidate-types = "host" / "srflx" / "prflx" / "relay" / token candidate-types = "host" / "srflx" / "prflx" / "relay" / token
rel-addr = "raddr" SP connection-address rel-addr = "raddr" SP connection-address
rel-port = "rport" SP port rel-port = "rport" SP port
cand-extension = extension-att-name SP extension-att-value cand-extension = extension-att-name SP extension-att-value
extension-att-name = token extension-att-name = token
extension-att-value = *VCHAR extension-att-value = *VCHAR
ice-char = ALPHA / DIGIT / "+" / "/" ice-char = ALPHA / DIGIT / "+" / "/"
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
This grammar encodes the primary information about a candidate: its IP address, This grammar encodes the primary information about a candidate: its IP address,
port and transport protocol, and its properties: the foundation, component ID, p riority, port and transport protocol, and its properties: the foundation, component ID, p riority,
type, and related transport address: type, and related transport address:
</t> </t>
<t> <dl newline="false" spacing="normal">
<list style="hanging"> <dt>&lt;connection-address&gt;:</dt>
<t hangText="&lt;connection-address&gt;:"> <dd>
is taken from RFC 4566 <xref target="RFC4566"/>. is taken from RFC 4566 <xref target="RFC4566" format="default"/>.
It is the IP address of the candidate, allowing for It is the IP address of the candidate, allowing for
IPv4 addresses, IPv6 addresses, and fully qualified domain names (FQDNs). IPv4 addresses, IPv6 addresses, and fully qualified domain names (FQDNs).
When parsing this field, an agent can differentiate an IPv4 address When parsing this field, an agent can differentiate an IPv4 address
and an IPv6 address by presence of a colon in its value - and an IPv6 address by presence of a colon in its value -
the presence of a colon indicates IPv6. An agent generating the presence of a colon indicates IPv6. An agent generating
local candidates MUST NOT use FQDN addresses. An agent processing remote local candidates <bcp14>MUST NOT</bcp14> use FQDN addresses. An agent processing
candidates MUST ignore candidate lines that include candidates with remote
FQDN or IP address versions that are not supported or recognized. candidates <bcp14>MUST</bcp14> ignore "candidate" lines that include candidates
with
FQDNs or IP address versions that are not supported or recognized.
The procedures for generation and handling of FQDN candidates, as well as, The procedures for generation and handling of FQDN candidates, as well as,
how agents indicate support for such procedures, need to be specified in an how agents indicate support for such procedures, need to be specified in an
extension specification. extension specification.
</t> </dd>
<t hangText="&lt;port&gt;:"> <dt>&lt;port&gt;:</dt>
is also taken from RFC 4566 <xref target="RFC4566"/>. <dd>
is also taken from RFC 4566 <xref target="RFC4566" format="default"/>.
It is the port of the candidate. It is the port of the candidate.
</t> </dd>
<t hangText="&lt;transport&gt;:"> <dt>&lt;transport&gt;:</dt>
<dd>
indicates the transport protocol for the candidate. indicates the transport protocol for the candidate.
This specification only defines UDP. However, extensibility is provided to allow for This specification only defines UDP. However, extensibility is provided to allow for
future transport protocols to be used with ICE by extending the sub-registry future transport protocols to be used with ICE by extending the subregistry
"ICE Transport Protocols" under "Interactive Connectivity Establishment (ICE)" r "ICE Transport Protocols" under the "Interactive Connectivity Establishment (ICE
egistry. )" registry.
</t> </dd>
<t hangText="&lt;foundation&gt;:"> <dt>&lt;foundation&gt;:</dt>
<dd>
is composed of 1 to 32 &lt;ice-char&gt;s. is composed of 1 to 32 &lt;ice-char&gt;s.
It is an identifier that is equivalent for two candidates that are of the same t ype, It is an identifier that is equivalent for two candidates that are of the same t ype,
share the same base, and come from the same STUN server. share the same base, and come from the same STUN server.
The foundation is used to optimize ICE performance in the Frozen algorithm as The foundation is used to optimize ICE performance in the Frozen algorithm as
described in <xref target="RFC8445"/></t> described in <xref target="RFC8445" format="default"/>.</dd>
<t hangText="&lt;component-id&gt;:"> <dt>&lt;component-id&gt;:</dt>
<dd>
is a positive integer between 1 and 256 (inclusive) that is a positive integer between 1 and 256 (inclusive) that
identifies the specific component of the data stream for which this is a candida te. identifies the specific component of the data stream for which this is a candida te.
It MUST start at 1 and MUST increment by 1 for each component of a particular ca It <bcp14>MUST</bcp14> start at 1 and <bcp14>MUST</bcp14> increment by 1 for eac
ndidate. h component of a particular candidate.
For data streams based on RTP, candidates for the actual RTP media MUST have a c For data streams based on RTP, candidates for the actual RTP media <bcp14>MUST</
omponent bcp14> have a component
ID of 1, and candidates for RTCP MUST have a component ID of 2. ID of 1, and candidates for RTCP <bcp14>MUST</bcp14> have a component ID of 2.
See section 13 in <xref target="RFC8445"/> for additional discussion on extendin See <xref target="RFC8445" sectionFormat="of" section="13" format="default"/> fo
g ICE to new data streams. r additional discussion on extending ICE to new data streams.
</t> </dd>
<t hangText="&lt;priority&gt;:"> <dt>&lt;priority&gt;:</dt>
<dd>
is a positive integer between 1 and (2**31 - 1) inclusive. The procedures is a positive integer between 1 and (2**31 - 1) inclusive. The procedures
for computing candidate&#8217;s priority is described in section 5.1.2 of <xref for computing a candidate's priority are described in <xref target="RFC8445" sec
target="RFC8445"/>. tionFormat="of" section="5.1.2" format="default"/>.
</t> </dd>
<t hangText="&lt;cand-type&gt;:"> <dt>&lt;cand-type&gt;:</dt>
<dd>
encodes the type of candidate. encodes the type of candidate.
This specification defines the values "host", "srflx", "prflx", and "relay" for host, This specification defines the values "host", "srflx", "prflx", and "relay" for host,
server reflexive, peer reflexive, and relayed candidates, respectively. server-reflexive, peer-reflexive, and relayed candidates, respectively.
Specifications for new candidate types MUST define how, if at all, various steps Specifications for new candidate types <bcp14>MUST</bcp14> define how, if at all
in the ICE , various steps in the ICE
processing differ from the ones defined by this specification. processing differ from the ones defined by this specification.
</t> </dd>
<t hangText="&lt;rel-addr&gt; and &lt;rel-port&gt;:"> <dt>&lt;rel-addr&gt; and &lt;rel-port&gt;:</dt>
convey transport addresses related to the candidate,
useful for diagnostics and other purposes. <dd>
&lt;rel-addr&gt; and &lt;rel-port&gt; MUST be present for server reflexive, peer convey transport addresses related to the candidate, useful for diagnostics
reflexive, and other purposes. &lt;rel-addr&gt; and &lt;rel-port&gt; <bcp14>MUST</bcp14> be
and relayed candidates. If a candidate is server or peer reflexive, &lt;rel-addr present for
&gt; and server-reflexive, peer-reflexive, and relayed candidates.
&lt;rel-port&gt; are equal to the base for that server or peer reflexive candida If a candidate is server-reflexive or peer-reflexive, &lt;rel-addr&gt; and &lt;r
te. If the el-port&gt;
candidate is relayed, &lt;rel-addr&gt; and &lt;rel-port&gt; are equal to the map are equal to the base for that server-reflexive or peer-reflexive candidate.
ped address in the If the candidate is relayed, &lt;rel-addr&gt; and &lt;rel-port&gt; are equal to
Allocate response that provided the client with that relayed candidate (see the mapped address in the Allocate response that provided the client with
Appendix B.3 of <xref target="RFC8445"/> for a discussion of its purpose). that relayed candidate (see <xref target="RFC5766" section="6.3" sectionFormat="
of" format="default"/>).
If the candidate is a host candidate, &lt;rel-addr&gt; and &lt;rel-port&gt; MUST be omitted. If the candidate is a host candidate, &lt;rel-addr&gt; and &lt;rel-port&gt; MUST be omitted.
</t> </dd>
<t hangText=""> <dt></dt>
<dd>
In some cases, e.g., for privacy reasons, an agent may not want to reveal the re lated In some cases, e.g., for privacy reasons, an agent may not want to reveal the re lated
address and port. In this case the address MUST be set to "0.0.0.0" (for IPv4 ca address and port. In this case the address <bcp14>MUST</bcp14> be set to "0.0.0.
ndidates) 0" (for IPv4 candidates)
or "::" (for IPv6 candidates) and the port to '9'. or "::" (for IPv6 candidates) and the port to "9".
</t> </dd>
</list> </dl>
</t>
<t> <t>
The candidate attribute can itself be extended. The grammar allows for new name/ The "candidate" attribute can itself be extended. The grammar allows for new nam
value pairs e/value pairs
to be added at the end of the attribute. Such extensions MUST be made through IE to be added at the end of the attribute. Such extensions <bcp14>MUST</bcp14> be
TF Review or made through IETF Review or
IESG Approval <xref target="RFC8126"/> and the assignments MUST contain the spec IESG Approval <xref target="RFC8126" format="default"/>, and the assignments <bc
ific extension and a p14>MUST</bcp14> contain the specific extension and a
reference to the document defining the usage of the extension. reference to the document defining the usage of the extension.
</t> </t>
<t> <t>
An implementation MUST ignore any name/value pairs it doesn&#8217;t understand. An implementation <bcp14>MUST</bcp14> ignore any name/value pairs it doesn't und erstand.
</t> </t>
<figure> <t>
<artwork><![CDATA[ The following is an example SDP line for a UDP server-reflexive "candidate" attr
Example: SDP line for UDP server reflexive candidate attribute for ibute for
the RTP component the RTP component:
</t>
<sourcecode name="" type="sdp"><![CDATA[
a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr a=candidate:2 1 UDP 1694498815 192.0.2.3 45664 typ srflx raddr
203.0.113.141 rport 8998 203.0.113.141 rport 8998
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
<section title="&quot;remote-candidates&quot; Attribute"> <section numbered="true" toc="default">
<name>"remote-candidates" Attribute</name>
<t> <t>
The syntax of the "remote-candidates" attribute is defined using Augmented BNF The syntax of the "remote-candidates" attribute is defined using Augmented BNF
as defined in <xref target="RFC5234"/>. as defined in <xref target="RFC5234" format="default"/>.
The remote-candidates attribute is a media-level attribute only. The "remote-candidates" attribute is a media-level attribute only.
</t> </t>
<figure>
<artwork><![CDATA[ <sourcecode type="abnf"><![CDATA[
remote-candidate-att = "remote-candidates:" remote-candidate remote-candidate-att = "remote-candidates:" remote-candidate
0*(SP remote-candidate) 0*(SP remote-candidate)
remote-candidate = component-ID SP connection-address SP port remote-candidate = component-id SP connection-address SP port
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
The attribute contains a connection-address and port for each component. The ord ering The attribute contains a connection-address and port for each component. The ord ering
of components is irrelevant. However, a value MUST be present for each component of components is irrelevant. However, a value <bcp14>MUST</bcp14> be present for
of a each component of a
data stream. This attribute MUST be included in an offer by a controlling agent data stream. This attribute <bcp14>MUST</bcp14> be included in an offer by a con
for trolling agent for
a data stream that is Completed, and MUST NOT be included in any other case. a data stream that is Completed, and <bcp14>MUST NOT</bcp14> be included in any
other case.
</t> </t>
<figure> <t>
<artwork><![CDATA[ The following is an example of "remote-candidates" SDP lines for the RTP and RTC
Example: Remote candidates SDP lines for the RTP and RTCP components: P components:
</t>
<sourcecode name="" type="sdp"><![CDATA[
a=remote-candidates:1 192.0.2.3 45664 a=remote-candidates:1 192.0.2.3 45664
a=remote-candidates:2 192.0.2.3 45665 a=remote-candidates:2 192.0.2.3 45665
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
<section title="&quot;ice-lite&quot; and &quot;ice-mismatch&quot; Attribut <section numbered="true" toc="default">
es"> <name>"ice-lite" and "ice-mismatch" Attributes</name>
<t> <t>
The syntax of the "ice-lite" and "ice-mismatch" attributes, both of which are fl ags, is: The syntax of the "ice-lite" and "ice-mismatch" attributes, both of which are fl ags, is:
</t> </t>
<figure> <sourcecode type="abnf"><![CDATA[
<artwork><![CDATA[
ice-lite = "ice-lite" ice-lite = "ice-lite"
ice-mismatch = "ice-mismatch" ice-mismatch = "ice-mismatch"
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
"ice-lite" is a session-level attribute only, and indicates that an agent is a "ice-lite" is a session-level attribute only, and indicates that an agent is a
lite implementation. "ice-mismatch" is a media-level attribute and only lite implementation. "ice-mismatch" is a media-level attribute and only
reported in the answer. It indicates that the offer arrived with a default reported in the answer. It indicates that the offer arrived with a default
destination for a media component that didn&#8217;t have a corresponding candida destination for a media component that didn't have a corresponding "candidate"
te attribute. Inclusion of "ice-mismatch" attribute for a given data stream implies
attribute. Inclusion of "a=ice-mismatch" attribute for a given data stream impli that even though both agents support ICE, ICE procedures <bcp14>MUST NOT</bcp14>
es be used for this data
that even though both agents support ICE, ICE procedures MUST NOT be used for th stream, and <xref target="RFC3264" format="default"/> procedures <bcp14>MUST</bc
is data p14> be used instead.
stream and <xref target="RFC3264"/> procedures MUST be used instead.
</t> </t>
</section> </section>
<section title="&quot;ice-ufrag&quot; and &quot;ice-pwd&quot; Attributes"> <section numbered="true" toc="default">
<name>"ice-ufrag" and "ice-pwd" Attributes</name>
<t> <t>
The "ice-ufrag" and "ice-pwd" attributes convey the username fragment and passwo rd used by ICE for message integrity. The "ice-ufrag" and "ice-pwd" attributes convey the username fragment and passwo rd used by ICE for message integrity.
Their syntax is: Their syntax is:
</t> </t>
<figure> <sourcecode type="abnf"><![CDATA[
<artwork><![CDATA[
ice-pwd-att = "ice-pwd:" password ice-pwd-att = "ice-pwd:" password
ice-ufrag-att = "ice-ufrag:" ufrag ice-ufrag-att = "ice-ufrag:" ufrag
password = 22*256ice-char password = 22*256ice-char
ufrag = 4*256ice-char ufrag = 4*256ice-char
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
The "ice-pwd" and "ice-ufrag" attributes can appear at either the session-level The "ice-pwd" and "ice-ufrag" attributes can appear at either the session-level
or media-level. When present in both, the value in the media-level takes precede nce. or media-level. When present in both, the value in the media-level takes precede nce.
Thus, the value at the session-level is effectively a default that applies to al l Thus, the value at the session-level is effectively a default that applies to al l
data streams, unless overridden by a media-level value. Whether present at the s ession data streams, unless overridden by a media-level value. Whether present at the s ession
or media-level, there MUST be an ice-pwd and ice-ufrag attribute for each data s or media-level, there <bcp14>MUST</bcp14> be an "ice-pwd" and "ice-ufrag" attrib
tream. ute for each data stream.
If two data streams have identical ice-ufrag&#8217;s, they MUST have identical i If two data streams have identical "ice-ufrag"s, they <bcp14>MUST</bcp14> have i
ce-pwd&#8217;s. dentical "ice-pwd"s.
</t> </t>
<t> <t>
The ice-ufrag and ice-pwd attributes MUST be chosen randomly at the beginning of The "ice-ufrag" and "ice-pwd" attributes <bcp14>MUST</bcp14> be chosen randomly at the beginning of
a session (the same applies when ICE is restarting for an agent). a session (the same applies when ICE is restarting for an agent).
</t> </t>
<t><xref target="RFC8445"/> requires the ice-ufrag attribute to contain <t><xref target="RFC8445" format="default"/> requires the "ice-ufrag" at
at least 24 bits of tribute to contain at least 24 bits of
randomness, and the ice-pwd attribute to contain at least 128 bits of randomness, and the "ice-pwd" attribute to contain at least 128 bits of
randomness. This means that the ice-ufrag randomness. This means that the "ice-ufrag"
attribute will be at least 4 characters long, and the ice-pwd at least 22 charac attribute will be at least 4 characters long, and the "ice-pwd" at least 22 char
ters long, acters long,
since the grammar for these attributes allows for 6 bits of information per char acter. since the grammar for these attributes allows for 6 bits of information per char acter.
The attributes MAY be longer than 4 and 22 characters, respectively, of course, up to The attributes <bcp14>MAY</bcp14> be longer than 4 and 22 characters, respective ly, of course, up to
256 characters. The upper limit allows for buffer sizing in implementations. 256 characters. The upper limit allows for buffer sizing in implementations.
Its large upper limit allows for increased amounts of randomness to be added ove r time. Its large upper limit allows for increased amounts of randomness to be added ove r time.
For compatibility with the 512 character limitation for the STUN username attrib For compatibility with the 512-character limitation for the STUN username attrib
ute value ute value
and for bandwidth conservation considerations, the ice-ufrag attribute MUST NOT and for bandwidth conservation considerations, the "ice-ufrag" attribute <bcp14>
be longer MUST NOT</bcp14> be longer
than 32 characters when sending, but an implementation MUST accept up to 256 ch than 32 characters when sending, but an implementation <bcp14>MUST</bcp14> acce
aracters pt up to 256 characters
when receiving. when receiving.
</t> </t>
<figure> <t>
<artwork><![CDATA[ The following example shows sample "ice-ufrag" and "ice-pwd" SDP lines:
Example shows sample ice-ufrag and ice-pwd SDP lines: </t>
<sourcecode name="" type="sdp"><![CDATA[
a=ice-pwd:asd88fgpdd777uzjYhagZg a=ice-pwd:asd88fgpdd777uzjYhagZg
a=ice-ufrag:8hhY a=ice-ufrag:8hhY
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
<section title="&quot;ice-pacing&quot; Attribute">
<section numbered="true" toc="default">
<name>"ice-pacing" Attribute</name>
<t> <t>
The "ice-pacing" is a session level attribute that indicates the desired connect The "ice-pacing" is a session-level attribute that indicates the desired connect
ivity ivity-check pacing (Ta interval), in milliseconds, that the sender wishes to use
check pacing (Ta interval), in milliseconds, that the sender wishes to use. See . See
section 14.2 <xref target="RFC8445" sectionFormat="of" section="14.2" format="default"/> for
of <xref target="RFC8445"/> for more information regarding selecting a pacing va more information regarding selecting a pacing value.
lue.
The syntax is: The syntax is:
</t> </t>
<figure> <sourcecode type="abnf"><![CDATA[
<artwork><![CDATA[
ice-pacing-att = "ice-pacing:" pacing-value ice-pacing-att = "ice-pacing:" pacing-value
pacing-value = 1*10DIGIT pacing-value = 1*10DIGIT
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
If absent in an offer or answer the default value of the attribute is 50 ms, If absent in an offer or answer, the default value of the attribute is 50 ms,
which is the recommended value specified in <xref target="RFC8445"/>. which is the recommended value specified in <xref target="RFC8445" format="defau
lt"/>.
</t> </t>
<t> <t>
As defined in <xref target="RFC8445" format="default"/>, regardless of the Ta va
lue
chosen for each agent, the combination of all transactions from all agents (if a
given
implementation runs several concurrent agents) will not be sent more often than
once every 5 ms.
</t> </t>
<t> <t>
Once both agents have indicated the pacing value they with to use, both As defined in <xref target="RFC8445" format="default"/>, once both agents have
agents MUST use the larger of the indicated values. indicated the pacing value they want to use, both agents will use the larger of
the
indicated values.
</t> </t>
<figure> <t>
<artwork><![CDATA[ The following example shows an "ice-pacing" SDP line with value '50':
Example shows an ice-pacing SDP line with value '50': </t>
<sourcecode name="" type="sdp"><![CDATA[
a=ice-pacing:50 a=ice-pacing:50
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
<section anchor="sec-ice-options" title="&quot;ice-options&quot; Attribute <section anchor="sec-ice-options" numbered="true" toc="default">
"> <name>"ice-options" Attribute</name>
<t> <t>
The "ice-options" attribute is a session- and media-level attribute. The "ice-options" attribute is a session-level and media-level attribute.
It contains a series of tokens that identify the options supported by the agent. It contains a series of tokens that identify the options supported by the agent.
Its grammar is: Its grammar is:
</t> </t>
<figure> <sourcecode type="abnf"><![CDATA[
<artwork><![CDATA[
ice-options = "ice-options:" ice-option-tag ice-options = "ice-options:" ice-option-tag
*(SP ice-option-tag) *(SP ice-option-tag)
ice-option-tag = 1*ice-char ice-option-tag = 1*ice-char
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
The existence of an ice-option in an offer indicates that a certain extension The existence of an "ice-options" in an offer indicates that a certain extension
is supported by the agent and it is willing to use it, if the peer agent also in is supported by the agent, and it is willing to use it if the peer agent also in
cludes cludes
the same extension in the answer. There might be further extension specific the same extension in the answer. There might be further extension-specific
negotiation needed between the agents that determine how the extension gets used negotiation needed between the agents that determine how the extension gets used
in a given session. The details of the negotiation procedures, if present, MUST in a given session. The details of the negotiation procedures, if present, <bcp1
be 4>MUST</bcp14> be
defined by the specification defining the extension (<xref target="sec-iana-ice- defined by the specification defining the extension (<xref target="sec-iana-ice-
options"/>). options" format="default"/>).
</t> </t>
<figure> <t>The following example shows an "ice-options" SDP line with 'ice2' and
<artwork><![CDATA[ 'rtp+ecn' <xref target="RFC6679" format="default"/> values.</t>
Example shows an ice-options SDP line with 'ice2' and 'rtp+ecn' [RFC6679] values <sourcecode name="" type="sdp"><![CDATA[
:
a=ice-options:ice2 rtp+ecn a=ice-options:ice2 rtp+ecn
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
</section> </section>
<section anchor="sec-keepalive" title="Keepalives"> <section anchor="sec-keepalive" numbered="true" toc="default">
<name>Keepalives</name>
<t> <t>
All the ICE agents MUST follow the procedures defined in section 11 of <xref tar All the ICE agents <bcp14>MUST</bcp14> follow the procedures defined in
get="RFC8445"/> <xref target="RFC8445" sectionFormat="of" section="11" format="default"/>
for sending keepalives. The keepalives MUST be sent regardless of whether the for sending keepalives. As defined in <xref target="RFC8445" format="default"/>
data stream is currently inactive, sendonly, recvonly, or sendrecv, and regardle ,
ss the keepalives will be sent regardless of whether the data stream is currently
inactive, sendonly, recvonly, or sendrecv, and regardless
of the presence or value of the bandwidth attribute. An agent can determine that its of the presence or value of the bandwidth attribute. An agent can determine that its
peer supports ICE by the presence of "a=candidate" attributes for each media ses sion. peer supports ICE by the presence of "candidate" attributes for each media sessi on.
</t> </t>
</section> </section>
<section title="SIP Considerations"> <section numbered="true" toc="default">
<name>SIP Considerations</name>
<t> <t>
Note that ICE is not intended for NAT traversal for SIP signaling, which is assu med to be Note that ICE is not intended for NAT traversal for SIP signaling, which is assu med to be
provided via another mechanism <xref target="RFC5626"/>. provided via another mechanism <xref target="RFC5626" format="default"/>.
</t> </t>
<t> <t>
When ICE is used with SIP, forking may result in a single offer generating a When ICE is used with SIP, forking may result in a single offer generating a
multiplicity of answers. In that case, ICE proceeds completely in parallel and multiplicity of answers. In that case, ICE proceeds completely in parallel and
independently for each answer, treating the combination of its offer and independently for each answer, treating the combination of its offer and
each answer as an independent offer/answer exchange, with its own set of local each answer as an independent offer/answer exchange, with its own set of local
candidates, pairs, checklists, states, and so on. candidates, pairs, checklists, states, and so on.
</t> </t>
<section anchor="sec-latency" title="Latency Guidelines"> <section anchor="sec-latency" numbered="true" toc="default">
<name>Latency Guidelines</name>
<t> <t>
ICE requires a series of STUN-based connectivity checks to take place between ICE requires a series of STUN-based connectivity checks to take place between
endpoints. These checks start from the answerer on generation of its answer, endpoints. These checks start from the answerer on generation of its answer,
and start from the offerer when it receives the answer. and start from the offerer when it receives the answer.
These checks can take time to complete, and as such, the selection of These checks can take time to complete, and as such, the selection of
messages to use with offers and answers can affect perceived user latency. messages to use with offers and answers can affect perceived user latency.
Two latency figures are of particular interest. These are the post-pickup delay Two latency figures are of particular interest. These are the post-pickup delay
and the post-dial delay. The post-pickup delay refers to the time between when and the post-dial delay. The post-pickup delay refers to the time between when
a user "answers the phone" and when any speech they utter can be delivered to a user "answers the phone" and when any speech they utter can be delivered to
the caller. The post-dial delay refers to the time between when a user enters the caller. The post-dial delay refers to the time between when a user enters
the destination address for the user and ringback begins as a consequence of the destination address for the user and ringback begins as a consequence of
having successfully started alerting the called user agent. having successfully started alerting the called user agent.
</t> </t>
<t> <t>
Two cases can be considered&#8201;&#8212;&#8201;one where the offer is present i n the initial Two cases can be considered -- one where the offer is present in the initial
INVITE and one where it is in a response. INVITE and one where it is in a response.
</t> </t>
<section title="Offer in INVITE"> <section numbered="true" toc="default">
<name>Offer in INVITE</name>
<t> <t>
To reduce post-dial delays, it is RECOMMENDED that the caller begin gathering To reduce post-dial delays, it is <bcp14>RECOMMENDED</bcp14> that the caller beg in gathering
candidates prior to actually sending its initial INVITE, so that the candidates candidates prior to actually sending its initial INVITE, so that the candidates
can be provided in the INVITE. This can be started upon can be provided in the INVITE. This can be started upon
user interface cues that a call is pending, such as activity on a keypad or user interface cues that a call is pending, such as activity on a keypad or
the phone going off-hook. the phone going off-hook.
</t> </t>
<t> <t>
On the receipt of the offer, the answerer SHOULD generate an answer in a On the receipt of the offer, the answerer <bcp14>SHOULD</bcp14> generate an answ er in a
provisional response as soon as it has completed gathering provisional response as soon as it has completed gathering
the candidates. ICE requires that a provisional response with an SDP be the candidates. ICE requires that a provisional response with an SDP be
transmitted reliably. This can be done through the existing transmitted reliably. This can be done through the existing
Provisional Response Acknowledgment (PRACK) Provisional Response Acknowledgment (PRACK)
mechanism <xref target="RFC3262"/> or through an ICE specific optimization, wher ein, mechanism <xref target="RFC3262" format="default"/> or through an ICE-specific o ptimization, wherein,
the agent retransmits the provisional response with the exponential backoff the agent retransmits the provisional response with the exponential backoff
timers described in <xref target="RFC3262"/>. Such retransmissions MUST cease on receipt timers described in <xref target="RFC3262" format="default"/>. Such retransmissi ons <bcp14>MUST</bcp14> cease on receipt
of a STUN Binding request with the transport address matching the candidate addr ess of a STUN Binding request with the transport address matching the candidate addr ess
for one of the data streams signaled in that SDP or on transmission of the answe r for one of the data streams signaled in that SDP or on transmission of the answe r
in a 2xx response. If no Binding request is received prior to the last retransmi t, in a 2xx response. If no Binding request is received prior to the last retransmi t,
the agent does not consider the session terminated. For the ICE lite peers, the the agent does not consider the session terminated. For the ICE-lite peers, the
agent MUST cease retransmitting the 18x after agent <bcp14>MUST</bcp14> cease retransmitting the 18x response after
sending it four times since there will be no Binding request sent and sending it four times since there will be no Binding request sent, and
the number four is arbitrarily chosen to limit the number of 18x retransmits. the number four is arbitrarily chosen to limit the number of 18x retransmits.
</t> </t>
<t> <t>
Once the answer has been sent, the agent SHOULD begin its connectivity checks. Once the answer has been sent, the agent <bcp14>SHOULD</bcp14> begin its connect ivity checks.
Once candidate pairs for each component of a data stream enter the valid list, Once candidate pairs for each component of a data stream enter the valid list,
the answerer can begin sending media on that data stream. the answerer can begin sending media on that data stream.
</t> </t>
<t> <t>
However, prior to this point, any media that needs to be sent towards the However, prior to this point, any media that needs to be sent towards the
caller (such as SIP early media <xref target="RFC3960"/>) MUST NOT be transmitte caller (such as SIP early media <xref target="RFC3960" format="default"/>) <bcp1
d. For this 4>MUST NOT</bcp14> be transmitted. For this
reason, implementations SHOULD delay alerting the called party until candidates reason, implementations <bcp14>SHOULD</bcp14> delay alerting the called party un
til candidates
for each component of each data stream have entered the valid list. for each component of each data stream have entered the valid list.
In the case of a PSTN gateway, this would mean that the setup message into the In the case of a PSTN gateway, this would mean that the setup message into the
PSTN is delayed until this point. Doing this increases the post-dial delay, but PSTN is delayed until this point. Doing this increases the post-dial delay, but
has the effect of eliminating 'ghost rings'. has the effect of eliminating 'ghost rings'.
Ghost rings are cases where the called party hears the phone ring, picks up, but Ghost rings are cases where the called party hears the phone ring, picks up, but
hears nothing and cannot be heard. This technique works without requiring suppor t hears nothing and cannot be heard. This technique works without requiring suppor t
for, or usage of, preconditions <xref target="RFC3312"/>. It also has the benefi t of guaranteeing for, or usage of, preconditions <xref target="RFC3312" format="default"/>. It al so has the benefit of guaranteeing
that not a single packet of media will get clipped, so that post-pickup delay is zero. that not a single packet of media will get clipped, so that post-pickup delay is zero.
If an agent chooses to delay local alerting in this way, it SHOULD generate a 18 0 If an agent chooses to delay local alerting in this way, it <bcp14>SHOULD</bcp14 > generate a 180
response once alerting begins. response once alerting begins.
</t> </t>
</section> </section>
<section title="Offer in Response"> <section numbered="true" toc="default">
<name>Offer in Response</name>
<t> <t>
In addition to uses where the offer is in an INVITE, and the answer is in the In addition to uses where the offer is in an INVITE, and the answer is in the
provisional and/or 200 OK response, ICE works with cases where the offer appears provisional and/or 200 OK response, ICE works with cases where the offer appears
in the response. in the response.
In such cases, which are common in third party call control <xref target="RFC372 In such cases, which are common in third party call control <xref target="RFC372
5"/>, ICE 5" format="default"/>, ICE
agents SHOULD generate their offers in a reliable provisional response agents <bcp14>SHOULD</bcp14> generate their offers in a reliable provisional res
(which MUST utilize <xref target="RFC3262"/>), and not alert the user on receipt ponse
of the INVITE. (which <bcp14>MUST</bcp14> utilize <xref target="RFC3262" format="default"/>), a
nd not alert the user on receipt of the INVITE.
The answer will arrive in a PRACK. The answer will arrive in a PRACK.
This allows for ICE processing to take place prior to alerting, so that there is no This allows for ICE processing to take place prior to alerting, so that there is no
post-pickup delay, at the expense of increased call setup delays. post-pickup delay, at the expense of increased call setup delays.
Once ICE completes, the callee can alert the user and then generate a 200 OK Once ICE completes, the callee can alert the user and then generate a 200 OK
when they answer. when they answer.
The 200 OK would contain no SDP, since the offer/answer exchange has completed. The 200 OK would contain no SDP, since the offer/answer exchange has completed.
</t> </t>
<t> <t>
Alternatively, agents MAY place the offer in a 2xx instead (in which case the Alternatively, agents <bcp14>MAY</bcp14> place the offer in a 2xx instead (in wh ich case the
answer comes in the ACK). answer comes in the ACK).
When this happens, the callee will alert the user on receipt of the INVITE, When this happens, the callee will alert the user on receipt of the INVITE,
and the ICE exchanges will take place only after the user answers. and the ICE exchanges will take place only after the user answers.
This has the effect of reducing call setup delay, but can cause substantial This has the effect of reducing call-setup delay, but can cause substantial
post-pickup delays and media clipping. post-pickup delays and media clipping.
</t> </t>
</section> </section>
</section> </section>
<section title="SIP Option Tags and Media Feature Tags"> <section numbered="true" toc="default">
<t><xref target="RFC5768"/> specifies a SIP option tag and media feature <name>SIP Option Tags and Media Feature Tags</name>
tag for usage with ICE. <t><xref target="RFC5768" format="default"/> specifies a SIP option tag
ICE implementations using SIP SHOULD support this specification, which uses a and media feature tag for usage with ICE.
ICE implementations using SIP <bcp14>SHOULD</bcp14> support this specification,
which uses a
feature tag in registrations to facilitate interoperability through signaling feature tag in registrations to facilitate interoperability through signaling
intermediaries. intermediaries.
</t> </t>
</section> </section>
<section title="Interactions with Forking"> <section numbered="true" toc="default">
<name>Interactions with Forking</name>
<t> <t>
ICE interacts very well with forking. ICE interacts very well with forking.
Indeed, ICE fixes some of the problems associated with forking. Indeed, ICE fixes some of the problems associated with forking.
Without ICE, when a call forks and the caller receives multiple incoming Without ICE, when a call forks and the caller receives multiple incoming
data streams, it cannot determine which data stream corresponds to data streams, it cannot determine which data stream corresponds to
which callee. which callee.
</t> </t>
<t> <t>
With ICE, this problem is resolved. With ICE, this problem is resolved.
The connectivity checks which occur prior to transmission of media carry The connectivity checks which occur prior to transmission of media carry
username fragments, which in turn are correlated to a specific callee. username fragments which in turn are correlated to a specific callee.
Subsequent media packets that arrive on the same candidate pair as the Subsequent media packets that arrive on the same candidate pair as the
connectivity check will be associated with that same callee. connectivity check will be associated with that same callee.
Thus, the caller can perform this correlation as long as it has received an answ er. Thus, the caller can perform this correlation as long as it has received an answ er.
</t> </t>
</section> </section>
<section title="Interactions with Preconditions"> <section numbered="true" toc="default">
<name>Interactions with Preconditions</name>
<t> <t>
Quality of Service (QoS) preconditions, which are defined in <xref target="RFC33 Quality of Service (QoS) preconditions, which are defined in <xref target="RFC33
12"/> 12" format="default"/>
and <xref target="RFC4032"/>, apply only to the transport addresses listed as th and <xref target="RFC4032" format="default"/>, apply only to the transport addre
e default sses listed as the default
targets for media in an offer/answer. targets for media in an offer/answer.
If ICE changes the transport address where media is received, this change If ICE changes the transport address where media is received, this change
is reflected in an updated offer that changes the default destination for is reflected in an updated offer that changes the default destination for
media to match ICE&#8217;s selection. As such, it appears like any other re-INVI TE would, media to match ICE's selection. As such, it appears like any other re-INVITE wou ld,
and is fully treated in RFCs 3312 and 4032, which apply without regard to the fa ct and is fully treated in RFCs 3312 and 4032, which apply without regard to the fa ct
that the destination for media is changing due to ICE negotiations occurring that the destination for media is changing due to ICE negotiations occurring
"in the background". "in the background".
</t> </t>
<t> <t>
Indeed, an agent SHOULD NOT indicate that QoS preconditions have been met Indeed, an agent <bcp14>SHOULD NOT</bcp14> indicate that QoS preconditions have been met
until the checks have completed and selected the candidate pairs to be used for media. until the checks have completed and selected the candidate pairs to be used for media.
</t> </t>
<t> <t>
ICE also has (purposeful) interactions with connectivity preconditions <xref tar get="RFC5898"/>. ICE also has interactions with connectivity preconditions <xref target="RFC5898" format="default"/>.
Those interactions are described there. Those interactions are described there.
Note that the procedures described in <xref target="sec-latency"/> descri be their own type of "preconditions", albeit with less functionality than those provided by the explicit preconditions in <xref target="RFC5898"/>. Note that the procedures described in <xref target="sec-latency" format=" default"/> describe their own type of "preconditions", albeit with less function ality than those provided by the explicit preconditions in <xref target="RFC5898 " format="default"/>.
</t> </t>
</section> </section>
<section title="Interactions with Third Party Call Control"> <section numbered="true" toc="default">
<name>Interactions with Third Party Call Control</name>
<t> <t>
ICE works with Flows I, III, and IV as described in <xref target="RFC3725"/>. ICE works with Flows I, III, and IV as described in <xref target="RFC3725" forma t="default"/>.
Flow I works without the controller supporting or being aware of ICE. Flow I works without the controller supporting or being aware of ICE.
Flow IV will work as long as the controller passes along the ICE attributes with out alteration. Flow IV will work as long as the controller passes along the ICE attributes with out alteration.
Flow II is fundamentally incompatible with ICE; each agent will believe itself t o be the answerer and thus never generate a re-INVITE. Flow II is fundamentally incompatible with ICE; each agent will believe itself t o be the answerer and thus never generate a re-INVITE.
</t> </t>
<t> <t>
The flows for continued operation, as described in Section 7 of <xref target="RF The flows for continued operation, as described in <xref target="RFC3725" sectio
C3725"/>, require additional behavior of ICE implementations to support. nFormat="of" section="7" format="default"/>,
In particular, if an agent receives a mid-dialog re-INVITE that contains no offe require additional behavior of ICE implementations to support.
r, it MUST restart ICE for each data stream and go through the process of gather In particular, if an agent receives a mid-dialog re-INVITE that contains no offe
ing new candidates. r, it <bcp14>MUST</bcp14> restart ICE for each data stream and go through the pr
Furthermore, that list of candidates SHOULD include the ones currently being use ocess of gathering new candidates.
d for media. Furthermore, that list of candidates <bcp14>SHOULD</bcp14> include the ones curr
ently being used for media.
</t> </t>
</section> </section>
</section> </section>
<section anchor="sec-alg-sip" title="Interactions with Application Layer Gat <section anchor="sec-alg-sip" numbered="true" toc="default">
eways and SIP"> <name>Interactions with Application Layer Gateways and SIP</name>
<t> <t>
Application Layer Gateways (ALGs) are functions present in a Network Add ress Translation (NAT) Application Layer Gateways (ALGs) are functions present in a Network Add ress Translation (NAT)
device that inspect the contents of packets and modify them, in order to facilitate NAT traversal device that inspect the contents of packets and modify them, in order to facilitate NAT traversal
for application protocols. Session Border Controllers (SBCs) are close c ousins of ALGs, but are for application protocols. Session Border Controllers (SBCs) are close c ousins of ALGs, but are
less transparent since they actually exist as application-layer SIP inte rmediaries. ICE has less transparent since they actually exist as application-layer SIP inte rmediaries. ICE has
interactions with SBCs and ALGs. interactions with SBCs and ALGs.
</t> </t>
<t> <t>
If an ALG is SIP aware but not ICE aware, ICE will work through it as lo ng as the ALG correctly If an ALG is SIP aware but not ICE aware, ICE will work through it as lo ng as the ALG correctly
modifies the SDP. A correct ALG implementation behaves as follows: modifies the SDP. A correct ALG implementation behaves as follows:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t> The ALG does not modify the "m=" and "c=" lines or the "rtcp" attrib
The ALG does not modify the "m=" and "c=" lines or the rtcp attribut ute if they contain
e if they contain
external addresses. external addresses.
</t> </li>
<li>
<t> <t>
If the "m=" and "c=" lines contain internal addresses, the modificat ion depends on the state of the ALG: If the "m=" and "c=" lines contain internal addresses, the modificat ion depends on the state of the ALG:
<list style="symbols"> </t>
<t> <ul spacing="normal">
<li>
If the ALG already has a binding established that maps an extern al port to an internal connection If the ALG already has a binding established that maps an extern al port to an internal connection
address and port matching the values in the "m=" and "c=" lines or rtcp attribute, the ALG uses that address and port matching the values in the "m=" and "c=" lines or "rtcp" attribute, the ALG uses that
binding instead of creating a new one. binding instead of creating a new one.
</t> </li>
<t> <li>
If the ALG does not already have a binding, it creates a new one and modifies the SDP, rewriting If the ALG does not already have a binding, it creates a new one and modifies the SDP, rewriting
the "m=" and "c=" lines and rtcp attribute. the "m=" and "c=" lines and "rtcp" attribute.
</t> </li>
</list> </ul>
</t> </li>
</list> </ul>
</t>
<t> <t>
Unfortunately, many ALGs are known to work poorly in these corner cases. Unfortunately, many ALGs are known to work poorly in these corner cases.
ICE does not try to work around broken ALGs, as this is outside the scop e of its functionality. ICE does not try to work around broken ALGs, as this is outside the scop e of its functionality.
ICE can help diagnose these conditions, which often show up as a mismatc h between the set of candidates and ICE can help diagnose these conditions, which often show up as a mismatc h between the set of candidates and
the "m=" and "c=" lines and rtcp attributes. The ice-mismatch attribute is used for this purpose. the "m=" and "c=" lines and "rtcp" attributes. The "ice-mismatch" attrib ute is used for this purpose.
</t> </t>
<t> <t>
ICE works best through ALGs when the signaling is run over TLS. ICE works best through ALGs when the signaling is run over TLS.
This prevents the ALG from manipulating the SDP messages and interfering with ICE operation. This prevents the ALG from manipulating the SDP messages and interfering with ICE operation.
Implementations that are expected to be deployed behind ALGs SHOULD prov ide for TLS transport of the SDP. Implementations that are expected to be deployed behind ALGs <bcp14>SHOU LD</bcp14> provide for TLS transport of the SDP.
</t> </t>
<t> <t>
If an SBC is SIP aware but not ICE aware, the result depends on the beha vior of the SBC. If an SBC is SIP aware but not ICE aware, the result depends on the beha vior of the SBC.
If it is acting as a proper Back-to-Back User Agent (B2BUA), the SBC wil l remove any SDP attributes If it is acting as a proper Back-to-Back User Agent (B2BUA), the SBC wil l remove any SDP attributes
it doesn&#8217;t understand, including the ICE attributes. Consequently, it doesn't understand, including the ICE attributes. Consequently, the c
the call will appear to both all will appear to both
endpoints as if the other side doesn&#8217;t support ICE. This will resu endpoints as if the other side doesn't support ICE. This will result in
lt in ICE being disabled, and ICE being disabled, and
media flowing through the SBC, if the SBC has requested it. If, however, the SBC passes the ICE attributes media flowing through the SBC, if the SBC has requested it. If, however, the SBC passes the ICE attributes
without modification, yet modifies the default destination for media (co ntained in the "m=" and "c=" lines without modification, yet modifies the default destination for media (co ntained in the "m=" and "c=" lines
and rtcp attribute), this will be detected as an ICE mismatch, and ICE p rocessing is aborted for the call. and "rtcp" attribute), this will be detected as an ICE mismatch, and ICE processing is aborted for the call.
It is outside of the scope of ICE for it to act as a tool for "working a round" SBCs. It is outside of the scope of ICE for it to act as a tool for "working a round" SBCs.
If one is present, ICE will not be used and the SBC techniques take prec edence. If one is present, ICE will not be used and the SBC techniques take prec edence.
</t> </t>
</section> </section>
<section title="Security Considerations"> <section numbered="true" toc="default">
<name>Security Considerations</name>
<t> <t>
The generic ICE security considerations are defined in <xref target="RFC The generic ICE security considerations are defined in <xref target="RFC
8445"/>, and the 8445" format="default"/>, and the
generic SDP offer/answer security considerations are defined in <xref ta generic SDP offer/answer security considerations are defined in <xref ta
rget="RFC3264"/>. These rget="RFC3264" format="default"/>. These
security considerations also apply to implementations of this document. security considerations also apply to implementations of this document.
</t> </t>
<section title="IP Address Privacy"> <section numbered="true" toc="default">
<name>IP Address Privacy</name>
<t> <t>
In some cases, e.g., for privacy reasons, an agent may not want to rev eal the related In some cases, e.g., for privacy reasons, an agent may not want to rev eal the related
address and port. In this case the address MUST be set to "0.0.0.0" (f or IPv4 candidates) address and port. In this case the address <bcp14>MUST</bcp14> be set to "0.0.0.0" (for IPv4 candidates)
or "::" (for IPv6 candidates) and the port to '9'. or "::" (for IPv6 candidates) and the port to '9'.
</t> </t>
</section> </section>
<section title="Attacks on the Offer/Answer Exchanges"> <section numbered="true" toc="default">
<name>Attacks on the Offer/Answer Exchanges</name>
<t> <t>
An attacker that can modify or disrupt the offer/answer exchanges them selves can readily An attacker that can modify or disrupt the offer/answer exchanges them selves can readily
launch a variety of attacks with ICE. They could direct media to a tar get of a DoS attack, launch a variety of attacks with ICE. They could direct media to a tar get of a DoS attack,
they could insert themselves into the data stream, and so on. These ar e similar to the general they could insert themselves into the data stream, and so on. These ar e similar to the general
security considerations for offer/answer exchanges, and the security c onsiderations in security considerations for offer/answer exchanges, and the security c onsiderations in
<xref target="RFC3264"/> apply. These require techniques for message i <xref target="RFC3264" format="default"/> apply. These require techniq
ntegrity and encryption ues for message integrity and encryption
for offers and answers, which are satisfied by the TLS mechanism <xref for offers and answers, which are satisfied by the TLS mechanism <xref
target="RFC3261"/> when target="RFC3261" format="default"/> when
SIP is used. As such, the usage of TLS with ICE is RECOMMENDED. SIP is used. As such, the usage of TLS with ICE is <bcp14>RECOMMENDED<
/bcp14>.
</t> </t>
</section> </section>
<section anchor="sec-voice-hammer" title="The Voice Hammer Attack"> <section anchor="sec-voice-hammer" numbered="true" toc="default">
<name>The Voice Hammer Attack</name>
<t> <t>
The voice hammer attack is an amplification attack, and can be trigger ed even if the attacker The voice hammer attack is an amplification attack, and can be trigger ed even if the attacker
is an authenticated and valid participant in a session. is an authenticated and valid participant in a session.
In this attack, the attacker initiates sessions to other agents, and m aliciously includes In this attack, the attacker initiates sessions to other agents, and m aliciously includes
the connection address and port of a DoS target as the destination for media traffic the connection address and port of a DoS target as the destination for media traffic
signaled in the SDP. This causes substantial amplification; a single o ffer/answer exchange signaled in the SDP. This causes substantial amplification; a single o ffer/answer exchange
can create a continuing flood of media packets, possibly at high rates (consider video sources). can create a continuing flood of media packets, possibly at high rates (consider video sources).
The use of ICE can help to prevent against this attack. The use of ICE can help to prevent against this attack.
</t> </t>
<t> <t>
Specifically, if ICE is used, the agent receiving the malicious SDP wi ll first perform connectivity Specifically, if ICE is used, the agent receiving the malicious SDP wi ll first perform connectivity
checks to the target of media before sending media there. If this targ et is a third-party host, the checks to the target of media before sending media there. If this targ et is a third-party host, the
checks will not succeed, and media is never sent. checks will not succeed, and media is never sent. The ICE extension d
efined in <xref target="RFC7675" format="default"/>
can be used to further protect against voice hammer attacks.
</t> </t>
<t> <t>
Unfortunately, ICE doesn&#8217;t help if it&#8217;s not used, in which case an attacker could simply Unfortunately, ICE doesn't help if it's not used, in which case an att acker could simply
send the offer without the ICE parameters. However, in environments wh ere the set of clients is known, send the offer without the ICE parameters. However, in environments wh ere the set of clients is known,
and is limited to ones that support ICE, the server can reject any off ers or answers that don&#8217;t and is limited to ones that support ICE, the server can reject any off ers or answers that don't
indicate ICE support. indicate ICE support.
</t> </t>
<t> <t>
SIP User Agents (UA) <xref target="RFC3261"/> that are not willing to SIP user agents (UA) <xref target="RFC3261" format="default"/> that ar
receive non-ICE answers MUST include e not willing to receive non-ICE answers <bcp14>MUST</bcp14> include
an "ice" Option Tag <xref target="RFC5768"/> in the SIP Require Header an "ice" option tag <xref target="RFC5768" format="default"/> in the S
Field in their offer. UAs that IP Require header field in their offer. UAs that
reject non-ICE offers will generally use a 421 response code, together reject non-ICE offers will generally use a 421 response code, together
with an Option Tag "ice" in the with an option tag "ice" in the
Require Header Field in the response. Require header field in the response.
</t> </t>
</section> </section>
</section> </section>
<section anchor="iana" title="IANA Considerations">
<section title="SDP Attributes"> <section anchor="iana" numbered="true" toc="default">
<name>IANA Considerations</name>
<section numbered="true" toc="default">
<name>SDP Attributes</name>
<t> <t>
The original ICE specification defined seven new SDP attributes per the procedur es of The original ICE specification defined seven new SDP attributes per the procedur es of
Section 8.2.4 of <xref target="RFC4566"/>. The registration information from the <xref target="RFC4566" sectionFormat="of" section="8.2.4" format="default"/>.
original specification The registration information from the original specification
is included here with modifications to include Mux Category and also defines is included here with modifications to include Mux Category <xref target="RFC885
a new SDP attribute 'ice-pacing'. 9" format="default"/>
and also defines a new SDP attribute "ice-pacing".
</t> </t>
<section title="candidate Attribute"> <section numbered="true" toc="default">
<t> <name>"candidate" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
candidate candidate
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
media-level media-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and provides one of many possible candidate addresses for communication. and provides one of many possible candidate addresses for communication.
These addresses are validated with an end-to-end connectivity check using Sessio n These addresses are validated with an end-to-end connectivity check using Sessio n
Traversal Utilities for NAT (STUN). Traversal Utilities for NAT (STUN).
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact Email:"> <dt>Contact Email:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
TRANSPORT TRANSPORT
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="remote-candidates Attribute"> <section numbered="true" toc="default">
<t> <name>"remote-candidates" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
remote-candidates remote-candidates
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
media-level media-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and provides the identity of the remote candidates that the offerer wishes the a nswerer and provides the identity of the remote candidates that the offerer wishes the a nswerer
to use in its answer. to use in its answer.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact Email:"> <dt>Contact Email:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
TRANSPORT TRANSPORT
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-lite Attribute"> <section numbered="true" toc="default">
<t> <name>"ice-lite" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
ice-lite ice-lite
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
session-level session-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and indicates that an agent has the minimum functionality required to support IC E and indicates that an agent has the minimum functionality required to support IC E
inter-operation with a peer that has a full implementation. inter-operation with a peer that has a full implementation.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact Email:"> <dt>Contact Email:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
NORMAL NORMAL
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-mismatch Attribute"> <section numbered="true" toc="default">
<t> <name>"ice-mismatch" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
ice-mismatch ice-mismatch
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
media-level media-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), and in dicates that an agent is ICE capable, but did not proceed with ICE due to a mism atch of candidates with the default destination for media signaled in the SDP. This attribute is used with Interactive Connectivity Establishment (ICE), and in dicates that an agent is ICE capable, but did not proceed with ICE due to a mism atch of candidates with the default destination for media signaled in the SDP.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact e-mail:"> <dt>Contact e-mail:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
NORMAL NORMAL
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-pwd Attribute"> <section numbered="true" toc="default">
<t> <name>"ice-pwd" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
ice-pwd ice-pwd
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
session- or media-level session- or media-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and provides the password used to protect STUN connectivity checks. and provides the password used to protect STUN connectivity checks.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact e-mail:"> <dt>Contact e-mail:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
TRANSPORT TRANSPORT
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-ufrag Attribute"> <section numbered="true" toc="default">
<t> <name>"ice-ufrag" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
ice-ufrag ice-ufrag
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
session- or media-level session- or media-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and provides the fragments used to construct the username in STUN connectivity c hecks. and provides the fragments used to construct the username in STUN connectivity c hecks.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact e-mail:"> <dt>Contact e-mail:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
TRANSPORT TRANSPORT
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-options Attribute"> <section numbered="true" toc="default">
<t> <name>"ice-options" Attribute</name>
<list style="hanging"> <dl newline="false" spacing="normal">
<t hangText="Attribute Name:"> <dt>Attribute Name:</dt>
<dd>
ice-options ice-options
</t> </dd>
<t hangText="Long Form:"> <dt>Long Form:</dt>
<dd>
ice-options ice-options
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
session-level session-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE), This attribute is used with Interactive Connectivity Establishment (ICE),
and indicates the ICE options or extensions used by the agent. and indicates the ICE options or extensions used by the agent.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact e-mail:"> <dt>Contact e-mail:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
NORMAL NORMAL
</t> </dd>
</list> </dl>
</t>
</section> </section>
<section title="ice-pacing Attribute"> <section numbered="true" toc="default">
<name>"ice-pacing" Attribute</name>
<t> <t>
This specification also defines a new SDP attribute, "ice-pacing" according This specification also defines a new SDP attribute, "ice-pacing", according
to the following data: to the following data:
</t> </t>
<t> <dl newline="false" spacing="normal">
<list style="hanging"> <dt>Attribute Name:</dt>
<t hangText="Attribute Name:"> <dd>
ice-pacing ice-pacing
</t> </dd>
<t hangText="Type of Attribute:"> <dt>Type of Attribute:</dt>
<dd>
session-level session-level
</t> </dd>
<t hangText="Subject to charset:"> <dt>Subject to charset:</dt>
<dd>
No No
</t> </dd>
<t hangText="Purpose:"> <dt>Purpose:</dt>
<dd>
This attribute is used with Interactive Connectivity Establishment (ICE) This attribute is used with Interactive Connectivity Establishment (ICE)
to indicate desired connectivity check pacing values. to indicate desired connectivity check pacing values.
</t> </dd>
<t hangText="Appropriate Values:"> <dt>Appropriate Values:</dt>
See <xref target="sec-grammar"/> of RFC XXXX. <dd>
</t> See <xref target="sec-grammar" format="default"/> of RFC 8839.
<t hangText="Contact Name:"> </dd>
<dt>Contact Name:</dt>
<dd>
IESG IESG
</t> </dd>
<t hangText="Contact e-mail:"> <dt>Contact e-mail:</dt>
<dd>
iesg@ietf.org iesg@ietf.org
</t> </dd>
<t hangText="Reference:"> <dt>Reference:</dt>
RFCXXXX <dd>
</t> RFC 8839
<t hangText="Mux Category:"> </dd>
<dt>Mux Category:</dt>
<dd>
NORMAL NORMAL
</t> </dd>
</list> </dl>
</t>
</section> </section>
</section> </section>
<section anchor="sec-iana-ice-options" title="Interactive Connectivity Est
ablishment (ICE) Options Registry"> <section anchor="sec-iana-ice-options" numbered="true" toc="default">
<name>Interactive Connectivity Establishment (ICE) Options Registry</nam
e>
<t> <t>
IANA maintains a registry for ice-options identifiers under the Specification IANA maintains a registry for "ice-options" identifiers under the Specification
Required policy as defined in "Guidelines for Writing an IANA Considerations Required policy as defined in "Guidelines for Writing an IANA Considerations
Section in RFCs" <xref target="RFC8126"/>. Section in RFCs" <xref target="RFC8126" format="default"/>.
</t> </t>
<t> <t>
ICE options are of unlimited length according to the syntax in ICE options are of unlimited length according to the syntax in
<xref target="sec-ice-options"/>; however, they are RECOMMENDED to be no longer <xref target="sec-ice-options" format="default"/>; however, they are <bcp14>RECO MMENDED</bcp14> to be no longer
than 20 characters. This is to reduce message sizes and allow for than 20 characters. This is to reduce message sizes and allow for
efficient parsing. ICE options are defined at the session level. efficient parsing. ICE options are defined at the session level.
</t> </t>
<t> <t>
A registration request MUST include the following information: A registration request <bcp14>MUST</bcp14> include the following information:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t>
The ICE option identifier to be registered The ICE option identifier to be registered
</t> </li>
<t> <li>
Name and email address of organization or individuals having change control
</li>
<li>
Short description of the ICE extension to which the option relates Short description of the ICE extension to which the option relates
</t> </li>
<t> <li>
Reference(s) to the specification defining the ICE option and the related extens ions Reference(s) to the specification defining the ICE option and the related extens ions
</t> </li>
</list> </ul>
</t>
</section> </section>
<section anchor="sec-iana-cand-ext" title="Candidate Attribute Extension S <section anchor="sec-iana-cand-ext" numbered="true" toc="default">
ubregistry Establishment"> <name>Candidate Attribute Extension Subregistry Establishment</name>
<t> <t>
This section creates a new sub-registry, "Candidate Attribute Extensio This section creates a new subregistry, "Candidate Attribute
ns", under the sdp-parameters Extensions", under the SDP Parameters
registry: http://www.iana.org/assignments/sdp-parameters. registry: <eref target="http://www.iana.org/assignments/sdp-parameters
"/>.
</t> </t>
<t> <t>
The purpose of the sub-registry is to register SDP candidate attribute extensions. The purpose of the subregistry is to register SDP "candidate" attribut e extensions.
</t> </t>
<t> <t>
When a candidate extension is registered in the sub-registry, it needs When a "candidate" extension is registered in the subregistry, it need
to meet the "Specification Required" s to meet the "Specification Required"
policies defined in <xref target="RFC8126"/>. policies defined in <xref target="RFC8126" format="default"/>.
</t> </t>
<t> <t>
Candidate attribute extensions MUST follow the 'cand-extension' syntax "candidate" attribute extensions <bcp14>MUST</bcp14> follow the 'cand-
. The attribute extension extension' syntax. The attribute extension
name MUST follow the 'extension-att-name' syntax, and the attribute ex name <bcp14>MUST</bcp14> follow the 'extension-att-name' syntax, and t
tension value MUST follow the he attribute extension value <bcp14>MUST</bcp14> follow the
'extension-att-value' syntax. 'extension-att-value' syntax.
</t> </t>
<t> <t>
A registration request MUST include the following information: A registration request <bcp14>MUST</bcp14> include the following infor mation:
</t> </t>
<t> <ul spacing="normal">
<list style="symbols"> <li>
<t>
The name of the attribute extension. The name of the attribute extension.
</t> </li>
<t>
<li>
Name and email address of organization or individuals having change control
</li>
<li>
A short description of the attribute extension. A short description of the attribute extension.
</t> </li>
<t> <li>
A reference to a specification that describes the semantics, usage and possible A reference to a specification that describes the semantics, usage and possible
values of the attribute extension. values of the attribute extension.
</t> </li>
</list> </ul>
</t>
</section> </section>
</section> </section>
<section title="Acknowledgments"> <section anchor="sec.5245" numbered="true" toc="default">
<t> <name>Changes from RFC 5245</name>
A large part of the text in this document was taken from <xref target="RFC5245"/
>, authored by
Jonathan Rosenberg.
</t>
<t>
Some of the text in this document was taken from <xref target="RFC6336"/>, autho
red by Magnus Westerlund
and Colin Perkins.
</t>
<t>
Many thanks to Flemming Andreasen for shepherd review feedback.
</t>
<t> <t>
Thanks to following experts for their reviews and constructive feedback: Thomas <xref target="RFC8445" format="default"/> describes the changes made to th
Stach, e
Adam Roach, Peter Saint-Andre, Roman Danyliw, Alissa Cooper, Benjamin Kaduk, Mir
ja Kuhlewind, Alexey Melnikov, Eric Vyncke for their detailed reviews.
</t>
</section>
<section title="Changes from RFC 5245" anchor="sec.5245">
<t>
<xref target="RFC8445"/> describes the changes that were done to the
common SIP procedures, including removal of aggressive nomination, common SIP procedures, including removal of aggressive nomination,
modifying the procedures for calculating candidate pair states and modifying the procedures for calculating candidate pair states,
scheduling connectivity checks and the calculation of timer values. scheduling connectivity checks, and the calculation of timer values.
</t> </t>
<t> <t>
This document defines the following SDP offer/answer specific changes: This document defines the following SDP offer/answer specific changes:
<list style="symbols"> </t>
<t>SDP offer/answer realization and usage of of 'ice2' option.</t>
<t>Definition and usage of SDP 'ice-pacing' attribute.</t> <ul spacing="normal">
<t>Explicit text that an ICE agent must not generate candidates with FQD <li>SDP offer/answer realization and usage of 'ice2' option.</li>
Ns, and <li>Definition and usage of SDP "ice-pacing" attribute.</li>
must discard such candidates if received from the peer agent.</t> <li>Explicit text that an ICE agent must not generate candidates with FQ
<t>Relax requirement to include SDP 'rtcp' attribute.</t> DNs, and
<t>Generic clarifications of SDP offer/answer procedures.</t> must discard such candidates if received from the peer agent.</li>
</list> <li>Relax requirement to include SDP "rtcp" attribute.</li>
</t> <li>Generic clarifications of SDP offer/answer procedures.</li>
<li>ICE mismatch is now optional, and an agent has an option to not
trigger mismatch and instead treat the default candidate as an
additional candidate.</li>
<li>FQDNs and "0.0.0.0"/"::" IP addresses with port "9" default
candidates do not trigger ICE mismatch.</li>
</ul>
</section> </section>
</middle> </middle>
<back> <back>
<references title="Normative References"> <references>
<?rfc include="reference.RFC.2119"?> <name>References</name>
<?rfc include="reference.RFC.3261"?> <references>
<?rfc include="reference.RFC.3262"?>
<?rfc include="reference.RFC.3264"?> <name>Normative References</name>
<?rfc include="reference.RFC.3312"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.3556"?> ence.RFC.2119.xml"/>
<?rfc include="reference.RFC.3605"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.4032"?> ence.RFC.3261.xml"/>
<?rfc include="reference.RFC.4566"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.5234"?> ence.RFC.3262.xml"/>
<?rfc include="reference.RFC.5768"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.6336"?> ence.RFC.3264.xml"/>
<?rfc include="reference.RFC.8174"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.8445"?> ence.RFC.3312.xml"/>
<reference anchor="draft-ietf-ice-pac" target="http://www.ietf.org/interne <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
t-drafts/draft-ietf-ice-pac-02.txt"> ence.RFC.3556.xml"/>
<front> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<title>Interactive Connectivity Establishment Patiently Awaiting Conne ence.RFC.3605.xml"/>
ctivity (ICE PAC)</title> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<author initials="C." surname="Holmberg" fullname="Christer Holmberg"> ence.RFC.4032.xml"/>
<organization/> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
</author> ence.RFC.4566.xml"/>
<author initials="J." surname="Uberti" fullname="Justin Uberti"> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<organization/> ence.RFC.5234.xml"/>
</author> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<date year="2019" month="July"/> ence.RFC.5389.xml"/>
<abstract> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<t>During the process of establishing peer-to-peer connectivity, ICE ence.RFC.5768.xml"/>
agents can encounter situations where they have no candidate pairs to check, an <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
d, as a result, conclude that ICE processing has failed. However, because additi ence.RFC.6336.xml"/>
onal candidate pairs can be discovered during ICE processing, declaring failure <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
at this point may be premature. This document discusses when these situations ca ence.RFC.8174.xml"/>
n occur and proposes a way to avoid premature failure. [STANDARDS-TRACK]</t> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
</abstract> ence.RFC.8445.xml"/>
</front> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<seriesInfo name="Internet-Draft" value="draft-ietf-ice-pac-02"/> ence.RFC.5766.xml"/>
</reference> </references>
</references> <references>
<references title="Informative References"> <name>Informative References</name>
<?rfc include="reference.RFC.3725"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.3960"?> ence.RFC.3725.xml"/>
<?rfc include="reference.RFC.5245"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.5626"?> ence.RFC.3960.xml"/>
<?rfc include="reference.RFC.5898"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
<?rfc include="reference.RFC.6679"?> ence.RFC.5245.xml"/>
<?rfc include="reference.RFC.8126"?> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.5626.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.5898.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.6679.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.7675.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.8126.xml"/>
<reference anchor="RFC8859" target="https://www.rfc-editor.org/info/rfc8
859">
<front>
<title>A Framework for Session Description Protocol (SDP)
Attributes When Multiplexing</title>
<author initials="S" surname="Nandakumar" fullname="Suhas Nandakumar
">
<organization/>
</author>
<date month="January" year="2021"/>
</front>
<seriesInfo name="RFC" value="8859"/>
<seriesInfo name="DOI" value="10.17487/RFC8859"/>
</reference>
<reference anchor="RFC8863" target="https://www.rfc-editor.org/info/rfc8863">
<front>
<title>Interactive Connectivity Establishment Patiently Awaiting Connectivity
(ICE PAC)</title>
<author initials="C" surname="Holmberg" fullname="Christer Holmberg">
<organization/>
</author>
<author initials="J" surname="Uberti" fullname="Justin Uberti">
<organization/>
</author>
<date month="January" year="2021"/>
</front>
<seriesInfo name="RFC" value="8863"/>
<seriesInfo name="DOI" value="10.17487/RFC8863"/>
</reference>
</references>
</references> </references>
<section anchor="sec-example" title="Examples"> <section anchor="sec-example" numbered="true" toc="default">
<name>Examples</name>
<t> <t>
For the example shown in section 15 of <xref target="RFC8445"/> the resulting of For the example shown in <xref target="RFC8445" sectionFormat="of" section="15"
fer (message 5) encoded in SDP looks like: format="default"/>,
the resulting offer (message 5) encoded in SDP looks like (lines folded for clar
ity):
</t> </t>
<figure> <sourcecode name="" type="sdp"><![CDATA[
<artwork><![CDATA[
v=0 v=0
o=jdoe 2890844526 2890842807 IN IP6 $L-PRIV-1.IP o=jdoe 2890844526 2890842807 IN IP6 $L-PRIV-1.IP
s= s=
c=IN IP6 $NAT-PUB-1.IP c=IN IP6 $NAT-PUB-1.IP
t=0 0 t=0 0
a=ice-options:ice2 a=ice-options:ice2
a=ice-pacing:50 a=ice-pacing:50
a=ice-pwd:asd88fgpdd777uzjYhagZg a=ice-pwd:asd88fgpdd777uzjYhagZg
a=ice-ufrag:8hhY a=ice-ufrag:8hhY
m=audio $NAT-PUB-1.PORT RTP/AVP 0 m=audio $NAT-PUB-1.PORT RTP/AVP 0
b=RS:0 b=RS:0
b=RR:0 b=RR:0
a=rtpmap:0 PCMU/8000 a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 $L-PRIV-1.IP $L-PRIV-1.PORT typ host a=candidate:1 1 UDP 2130706431 $L-PRIV-1.IP $L-PRIV-1.PORT typ host
a=candidate:2 1 UDP 1694498815 $NAT-PUB-1.IP $NAT-PUB-1.PORT typ a=candidate:2 1 UDP 1694498815 $NAT-PUB-1.IP $NAT-PUB-1.PORT typ
srflx raddr $L-PRIV-1.IP rport $L-PRIV-1.PORT srflx raddr $L-PRIV-1.IP rport $L-PRIV-1.PORT
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
The offer, with the variables replaced with their values, will look like (lines folded for clarity): The offer, with the variables replaced with their values, will look like (lines folded for clarity):
</t> </t>
<figure>
<artwork><![CDATA[ <sourcecode name="" type="sdp"><![CDATA[
v=0 v=0
o=jdoe 2890844526 2890842807 IN IP6 fe80::6676:baff:fe9c:ee4a o=jdoe 2890844526 2890842807 IN IP6 fe80::6676:baff:fe9c:ee4a
s= s=
c=IN IP6 2001:db8:8101:3a55:4858:a2a9:22ff:99b9 c=IN IP6 2001:db8:8101:3a55:4858:a2a9:22ff:99b9
t=0 0 t=0 0
a=ice-options:ice2 a=ice-options:ice2
a=ice-pacing:50 a=ice-pacing:50
a=ice-pwd:asd88fgpdd777uzjYhagZg a=ice-pwd:asd88fgpdd777uzjYhagZg
a=ice-ufrag:8hhY a=ice-ufrag:8hhY
m=audio 45664 RTP/AVP 0 m=audio 45664 RTP/AVP 0
b=RS:0 b=RS:0
b=RR:0 b=RR:0
a=rtpmap:0 PCMU/8000 a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 fe80::6676:baff:fe9c:ee4a 8998 typ host a=candidate:1 1 UDP 2130706431 fe80::6676:baff:fe9c:ee4a 8998
typ host
a=candidate:2 1 UDP 1694498815 2001:db8:8101:3a55:4858:a2a9:22ff:99b9 a=candidate:2 1 UDP 1694498815 2001:db8:8101:3a55:4858:a2a9:22ff:99b9
45664 typ srflx raddr fe80::6676:baff:fe9c:ee4a rport 8998 45664 typ srflx raddr fe80::6676:baff:fe9c:ee4a rport 8998
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
The resulting answer looks like: The resulting answer looks like:
</t> </t>
<figure> <sourcecode name="" type="sdp"><![CDATA[
<artwork><![CDATA[
v=0 v=0
o=bob 2808844564 2808844564 IN IP4 $R-PUB-1.IP o=bob 2808844564 2808844564 IN IP4 $R-PUB-1.IP
s= s=
c=IN IP4 $R-PUB-1.IP c=IN IP4 $R-PUB-1.IP
t=0 0 t=0 0
a=ice-options:ice2 a=ice-options:ice2
a=ice-pacing:50 a=ice-pacing:50
a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh
a=ice-ufrag:9uB6 a=ice-ufrag:9uB6
m=audio $R-PUB-1.PORT RTP/AVP 0 m=audio $R-PUB-1.PORT RTP/AVP 0
b=RS:0 b=RS:0
b=RR:0 b=RR:0
a=rtpmap:0 PCMU/8000 a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 $R-PUB-1.IP $R-PUB-1.PORT typ host a=candidate:1 1 UDP 2130706431 $R-PUB-1.IP $R-PUB-1.PORT typ host
]]></artwork> ]]></sourcecode>
</figure>
<t> <t>
With the variables filled in: With the variables filled in:
</t> </t>
<figure> <sourcecode name="" type="sdp"><![CDATA[
<artwork><![CDATA[
v=0 v=0
o=bob 2808844564 2808844564 IN IP4 192.0.2.1 o=bob 2808844564 2808844564 IN IP4 192.0.2.1
s= s=
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
t=0 0 t=0 0
a=ice-options:ice2 a=ice-options:ice2
a=ice-pacing:50 a=ice-pacing:50
a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh a=ice-pwd:YH75Fviy6338Vbrhrlp8Yh
a=ice-ufrag:9uB6 a=ice-ufrag:9uB6
m=audio 3478 RTP/AVP 0 m=audio 3478 RTP/AVP 0
b=RS:0 b=RS:0
b=RR:0 b=RR:0
a=rtpmap:0 PCMU/8000 a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 192.0.2.1 3478 typ host a=candidate:1 1 UDP 2130706431 192.0.2.1 3478 typ host
]]></artwork> ]]></sourcecode>
</figure>
</section> </section>
<section anchor="sec-why-remote" title="The remote-candidates Attribute">
<section anchor="sec-why-remote" numbered="true" toc="default">
<name>The "remote-candidates" Attribute</name>
<t> <t>
The "a=remote-candidates" attribute exists to eliminate a race condition between The "remote-candidates" attribute exists to eliminate a race condition between t
the updated offer and the response to the STUN Binding request that moved a can he updated offer and the response to the STUN Binding request that moved a candi
didate into the Valid list. date into the valid list.
This race condition is shown in <xref target="fig-race-flow"/>. This race condition is shown in <xref target="fig-race-flow" format="default"/>.
On receipt of message 4, agent L adds a candidate pair to the valid list. On receipt of message 4, agent L adds a candidate pair to the valid list.
If there was only a single data stream with a single component, agent L could no w send an updated offer. If there was only a single data stream with a single component, agent L could no w send an updated offer.
However, the check from agent R has not yet generated a response, and agent R re However, the check from agent R has not yet
ceives the updated offer (message 7) before getting the response (message 9). received a response, and agent R receives the updated offer
(message 7) before getting the response (message 9).
Thus, it does not yet know that this particular pair is valid. Thus, it does not yet know that this particular pair is valid.
To eliminate this condition, the actual candidates at R that were selected by th e offerer (the remote candidates) are included in the offer itself, and the answ erer delays its answer until those pairs validate. To eliminate this condition, the actual candidates at R that were selected by th e offerer (the remote candidates) are included in the offer itself, and the answ erer delays its answer until those pairs validate.
</t> </t>
<figure anchor="fig-race-flow" title="Race Condition Flow"> <figure anchor="fig-race-flow">
<artwork><![CDATA[ <name>Race Condition Flow</name>
<artwork name="" type="" align="left" alt=""><![CDATA[
Agent L Network Agent R Agent L Network Agent R
|(1) Offer | | |(1) Offer | |
|------------------------------------------>| |------------------------------------------>|
|(2) Answer | | |(2) Answer | |
|<------------------------------------------| |<------------------------------------------|
|(3) STUN Req. | | |(3) STUN Req. | |
|------------------------------------------>| |------------------------------------------>|
|(4) STUN Res. | | |(4) STUN Res. | |
|<------------------------------------------| |<------------------------------------------|
|(5) STUN Req. | | |(5) STUN Req. | |
skipping to change at line 1984 skipping to change at line 2184
|------------------------------------------>| |------------------------------------------>|
|(8) STUN Req. | | |(8) STUN Req. | |
|<------------------------------------------| |<------------------------------------------|
|(9) STUN Res. | | |(9) STUN Res. | |
|------------------------------------------>| |------------------------------------------>|
|(10) Answer | | |(10) Answer | |
|<------------------------------------------| |<------------------------------------------|
]]></artwork> ]]></artwork>
</figure> </figure>
</section> </section>
<section anchor="sec-glare" title="Why Is the Conflict Resolution Mechanism <section anchor="sec-glare" numbered="true" toc="default">
Needed?"> <name>Why Is the Conflict Resolution Mechanism Needed?</name>
<t> <t>
When ICE runs between two peers, one agent acts as controlled, and the other as controlling. When ICE runs between two peers, one agent acts as controlled, and the other as controlling.
Rules are defined as a function of implementation type and offerer/answerer to d etermine who is controlling and who is controlled. Rules are defined as a function of implementation type and offerer/answerer to d etermine who is controlling and who is controlled.
However, the specification mentions that, in some cases, both sides might believ e they are controlling, or both sides might believe they are controlled. However, the specification mentions that, in some cases, both sides might believ e they are controlling, or both sides might believe they are controlled.
How can this happen? How can this happen?
</t> </t>
<t> <t>
The condition when both agents believe they are controlled shows up in third par ty call control cases. The condition when both agents believe they are controlled shows up in third par ty call control cases.
Consider the following flow: Consider the following flow:
</t> </t>
<figure anchor="fig-conflict" title="Role Conflict Flow"> <figure anchor="fig-conflict">
<artwork><![CDATA[ <name>Role Conflict Flow</name>
<artwork name="" type="" align="left" alt=""><![CDATA[
A Controller B A Controller B
|(1) INV() | | |(1) INV() | |
|<-------------| | |<-------------| |
|(2) 200(SDP1) | | |(2) 200(SDP1) | |
|------------->| | |------------->| |
| |(3) INV() | | |(3) INV() |
| |------------->| | |------------->|
| |(4) 200(SDP2) | | |(4) 200(SDP2) |
| |<-------------| | |<-------------|
|(5) ACK(SDP2) | | |(5) ACK(SDP2) | |
|<-------------| | |<-------------| |
| |(6) ACK(SDP1) | | |(6) ACK(SDP1) |
| |------------->| | |------------->|
]]></artwork> ]]></artwork>
</figure> </figure>
<t> <t>
This flow is a variation on flow III of RFC 3725 <xref target="RFC3725"/>. This flow is a variation on flow III of RFC 3725 <xref target="RFC3725" format=" default"/>.
In fact, it works better than flow III since it produces fewer messages. In fact, it works better than flow III since it produces fewer messages.
In this flow, the controller sends an offerless INVITE to agent A, which respond s with its offer, SDP1. In this flow, the controller sends an offerless INVITE to agent A, which respond s with its offer, SDP1.
The agent then sends an offerless INVITE to agent B, which it responds to with i ts offer, SDP2. The agent then sends an offerless INVITE to agent B, which it responds to with i ts offer, SDP2.
The controller then uses the offer from each agent to generate the answers. The controller then uses the offer from each agent to generate the answers.
When this flow is used, ICE will run between agents A and B, but both will belie ve they are in the controlling role. When this flow is used, ICE will run between agents A and B, but both will belie ve they are in the controlling role.
With the role conflict resolution procedures, this flow will function properly w hen ICE is used. With the role conflict resolution procedures, this flow will function properly w hen ICE is used.
</t> </t>
<t> <t>
At this time, there are no documented flows that can result in the case where bo th agents believe they are controlled. At this time, there are no documented flows that can result in the case where bo th agents believe they are controlled.
However, the conflict resolution procedures allow for this case, should a flow a rise that would fit into this category. However, the conflict resolution procedures allow for this case, should a flow a rise that would fit into this category.
</t> </t>
</section> </section>
<section title="Why Send an Updated Offer?"> <section numbered="true" toc="default">
<name>Why Send an Updated Offer?</name>
<t> <t>
Section 11.1 describes rules for sending media. <xref target="RFC8445" section="12.1" sectionFormat="of" format="default"/>
describes rules for sending media.
Both agents can send media once ICE checks complete, without waiting for an upda ted offer. Both agents can send media once ICE checks complete, without waiting for an upda ted offer.
Indeed, the only purpose of the updated offer is to "correct" the SDP so that th e default destination for media matches where media is being sent based on ICE p rocedures (which will be the highest-priority nominated candidate pair). Indeed, the only purpose of the updated offer is to "correct" the SDP so that th e default destination for media matches where media is being sent based on ICE p rocedures (which will be the highest-priority nominated candidate pair).
</t> </t>
<t> <t>
This raises the question&#8201;&#8212;&#8201;why is the updated offer/answer exc hange needed at all? This raises the question -- why is the updated offer/answer exchange needed at a ll?
Indeed, in a pure offer/answer environment, it would not be. Indeed, in a pure offer/answer environment, it would not be.
The offerer and answerer will agree on the candidates to use through ICE, and th en can begin using them. The offerer and answerer will agree on the candidates to use through ICE, and th en can begin using them.
As far as the agents themselves are concerned, the updated offer/answer provides no new information. As far as the agents themselves are concerned, the updated offer/answer provides no new information.
However, in practice, numerous components along the signaling path look at the S DP information. However, in practice, numerous components along the signaling path look at the S DP information.
These include entities performing off-path QoS reservations, NAT traversal compo nents such as ALGs and Session Border Controllers (SBCs), and diagnostic tools t hat passively monitor the network. These include entities performing off-path QoS reservations, NAT traversal compo nents such as ALGs and Session Border Controllers (SBCs), and diagnostic tools t hat passively monitor the network.
For these tools to continue to function without change, the core property of SDP &#8201;&#8212;&#8201;that the existing, pre-ICE definitions of the addresses use d for media&#8201;&#8212;&#8201;the "m=" and "c=" lines and the rtcp attribute&# 8201;&#8212;&#8201;must be retained. For these tools to continue to function without change, the core property of SDP -- that the existing, pre-ICE definitions of the addresses used for media -- th e "m=" and "c=" lines and the "rtcp" attribute -- must be retained.
For this reason, an updated offer must be sent. For this reason, an updated offer must be sent.
</t> </t>
</section> </section>
<section title="Contributors"> <section numbered="false" toc="default">
<name>Acknowledgements</name>
<t> <t>
Following experts have contributed textual and structural improvements for this A large part of the text in this document was taken from <xref
work target="RFC5245" format="default"/>, authored by <contact fullname="Jonathan
Rosenberg"/>.
</t> </t>
<t> <t>
<list style="numbers"> Some of the text in this document was taken from <xref target="RFC6336" format="
<t> default"/>,
Thomas Stach authored by <contact fullname="Magnus Westerlund"/> and <contact fullname="Colin
<list style="symbols"><t>thomass.stach@gmail.com</t></list></t> Perkins"/>.
</list> </t>
</t> <t>
Many thanks to <contact fullname="Flemming Andreasen"/> for shepherd review feed
back.
</t>
<t>
Thanks to following experts for their reviews and constructive feedback:
<contact fullname="Thomas Stach"/>, <contact fullname="Adam Roach"/>,
<contact fullname="Peter Saint-Andre"/>, <contact fullname="Roman Danyliw"/>,
<contact fullname="Alissa Cooper"/>, <contact fullname="Benjamin Kaduk"/>,
<contact fullname="Mirja Kühlewind"/>, <contact fullname="Alexey Melnikov"/>, an
d
<contact fullname="Éric Vyncke"/> for their detailed reviews.
</t>
</section>
<section numbered="false" toc="default">
<name>Contributors</name>
<t>
The following experts have contributed textual and structural improvements for t
his work:
</t>
<contact fullname="Thomas Stach">
<address>
<email>thomass.stach@gmail.com</email>
</address>
</contact>
</section> </section>
</back> </back>
</rfc> </rfc>
 End of changes. 413 change blocks. 
1138 lines changed or deleted 1399 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/