Connection Establishment in BFCP draft-ietf-xcon-bfcp-connection-00.txt

1
Connection Establishment in BFCPdraft-ietf-xcon-
bfcp-connection-00.txt

• Gonzalo.Camarillo_at_ericsson.com

2
BFCP Connection Establishment

• Using an offer/answer exchange
• draft-ietf-mmusic-sdp-bfcp-03.txt
• Authentication based on TLS media
• Exchange of certificate fingerprints
• Already approved
• Without an offer/answer exchange
• draft-ietf-xcon-bfcp-connection-00.txt
• Digest-based client authentication is included
• Server authentication relies on TLS certificates

3
Offer/answer-based Mechanism
INVITE sipsalice_at_atlanta.com SIP/2.0 From
Conference ltsipsconference_at_atlanta.comgt
tag1245 To Alice ltsipsalice_at_atlanta.comgt Call-I
Da84b4c76e66710 CSeq 1 INVITE Content-Type
application/sdp Content-Length 142 v0
oconference 2890844527 2890844527 IN IP4
192.0.2.2 sSession SDP t2873397496 0 cIN IP4
192.0.2.2 mapplication 50000 TCP/TLS/BFCP
asetuppassive aconnectionnew
afingerprintSHA-1 \ 4AADB9B13F82183B54
0212DF3E5D496B19AB afloorctrls-only
aconfid4321 auserid1234 afloorid1
m-stream10 maudio 3456 RTP/AVP 0 alabel10
4
Offer/answer-based Mechanism
SIP/2.0 200 OK From Conference
ltsipsconference_at_atlanta.comgt tag1245 To alice
ltsipsalice_at_atlanta.comgttag2234 Call-ID
a84b4c76e66710 CSeq 1 INVITE Content-Type
application/sdp Content-Length 131 v0
oconference 2890844527 2890844527 IN IP4
192.0.2.1 sSession SDP t2873397496 0 cIN IP4
192.0.2.1 mapplication 9 TCP/TLS/BFCP
asetupactive aconnectionnew
afingerprintSHA-1 \ 4AADB9B13F82183B54
0212DF3E5D496B19AB afloorctrlc-only
maudio 55000 RTP/AVP 0
5
Offer/answer-based Mechanism
ACK sipsalice_at_192.0.2.1 SIP/2.0 To Conference
ltsipsconference_at_atlanta.comgttag2234 From
Alice ltsipsalice_at_atlanta.comgt tag1245 Call-ID
a84b4c76e66710 CSeq 1 ACK Content-Length 0
6
Offer/answer-based Mechanism
7
No Offer/answer
FloorQuery TransactionID 254 UserID
557 FloorID543
Error TransactionID 254 UserID 557
FloorID543 Error-Code 10 (DIGEST Attribute
Needed) Digest AlgortihmHMAC-SHA1
Nonce 456789
FloorQuery TransactionID 896 UserID
557 FloorID543 Nonce 456789 Digest556767788
8
New Attributes

• DIGEST

• NONCE

• Definition of Error Specific Details for Error
  Code 10 (DIGEST Attribute Needed)

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6
7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
ALGORITHM ID
ALGORITHM ID
ALGORITHM ID
ALGORITHM ID
..
ALGORITHM ID
ALGORITHM ID
9
Open Issue Provisioning

• The data model needs to include
• Servers transport address
• Conference ID
• User ID
• draft-novo-xcon-common-data-model will be updated
  accordingly

10
Open Issue DNS Procedures

• Client gets the transport address of the server
  to perform an active TCP open
• Do we allow FQDNs?
• If so, which DNS procedures do we define?
• SRV, A, AAAA...?

11
Open Issue Connection Reestablishment

• The server notices that the TCP connection is
  down (it cannot deliver a BFCP message)
• Proposal only clients reestablish TCP
  connections

12
Open Issue Digest Usage

• Do we want to recommend that only the first BFCP
  message over a TLS connection is authenticated
  using digest?
• BFCP is designed to be bandwidth efficient
• We got a set of comments about digest in the
  original IESG review of the BFCP spec
• Next revision of the draft will incorporate them
  all