File: draft-ietf-bfcpbis-bfcp-websocket-15.txt

package info (click to toggle)
doc-rfc 20181229-2
  • links: PTS, VCS
  • area: non-free
  • in suites: buster
  • size: 570,944 kB
  • sloc: xml: 285,646; sh: 107; python: 90; perl: 42; makefile: 14
file content (784 lines) | stat: -rw-r--r-- 30,505 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784




BFCPBIS Working Group                                         V. Pascual
Internet-Draft                                                    Oracle
Intended status: Standards Track                                A. Roman
Expires: August 12, 2017                                          Quobis
                                                              S. Cazeaux
                                                   France Telecom Orange
                                                            G. Salgueiro
                                                         R. Ravindranath
                                                                   Cisco
                                                        February 8, 2017


   The WebSocket Protocol as a Transport for the Binary Floor Control
                            Protocol (BFCP)
                  draft-ietf-bfcpbis-bfcp-websocket-15

Abstract

   The WebSocket protocol enables two-way realtime communication between
   clients and servers.  This document specifies the use of Binary Floor
   Control Protocol(BFCP) as a new WebSocket sub-protocol enabling a
   reliable transport mechanism between BFCP entities in new scenarios.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 12, 2017.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of



Pascual, et al.          Expires August 12, 2017                [Page 1]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  The WebSocket Protocol  . . . . . . . . . . . . . . . . . . .   3
   4.  The WebSocket BFCP Sub-Protocol . . . . . . . . . . . . . . .   4
     4.1.  Handshake . . . . . . . . . . . . . . . . . . . . . . . .   4
     4.2.  BFCP Encoding . . . . . . . . . . . . . . . . . . . . . .   5
   5.  Transport Reliability . . . . . . . . . . . . . . . . . . . .   5
   6.  SDP Considerations  . . . . . . . . . . . . . . . . . . . . .   6
     6.1.  Transport Negotiation . . . . . . . . . . . . . . . . . .   6
     6.2.  SDP Media Attributes  . . . . . . . . . . . . . . . . . .   6
   7.  SDP Offer/Answer Procedures . . . . . . . . . . . . . . . . .   7
     7.1.  General . . . . . . . . . . . . . . . . . . . . . . . . .   7
     7.2.  Example Usage of 'websocket-uri' SDP Attribute  . . . . .   7
   8.  Authentication  . . . . . . . . . . . . . . . . . . . . . . .   8
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .   9
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  10
     10.1.  Registration of the WebSocket BFCP Sub-Protocol  . . . .  10
     10.2.  Registration of the 'TCP/WS/BFCP' and 'TCP/WSS/BFCP' SDP
            'proto' Values . . . . . . . . . . . . . . . . . . . . .  11
   11. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  11
   12. References  . . . . . . . . . . . . . . . . . . . . . . . . .  11
     12.1.  Normative References . . . . . . . . . . . . . . . . . .  11
     12.2.  Informative References . . . . . . . . . . . . . . . . .  12
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  13

1.  Introduction

   The WebSocket(WS) [RFC6455] protocol enables two-way message exchange
   between clients and servers on top of a persistent TCP connection,
   optionally secured with Transport Layer Security (TLS) [RFC5246].
   The initial protocol handshake makes use of Hypertext Transfer
   Protocol (HTTP) [RFC7230] semantics, allowing the WebSocket protocol
   to reuse existing HTTP infrastructure.

   The Binary Floor Control Protocol (BFCP) is a protocol to coordinate
   access to shared resources in a conference.  It is defined in
   [I-D.ietf-bfcpbis-rfc4582bis] and is used between floor participants




Pascual, et al.          Expires August 12, 2017                [Page 2]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   and floor control servers, and between floor chairs (i.e.,
   moderators) and floor control servers.

   Modern web browsers include a WebSocket client stack complying with
   the WebSocket API [WS-API] as specified by the W3C.  It is expected
   that other client applications (those running in personal computers
   and devices such as smartphones) will also make a WebSocket client
   stack available.  This document extends the applicability of
   [I-D.ietf-bfcpbis-rfc4582bis] and [I-D.ietf-bfcpbis-rfc4583bis] to
   enable the usage of BFCP in these scenarios.

   The transport over which BFCP entities exchange messages depends on
   how the clients obtain information to contact the floor control
   server (e.g. using an Session Description Protocol (SDP) offer/answer
   exchange per [I-D.ietf-bfcpbis-rfc4583bis] or the procedure described
   in RFC5018 [RFC5018]).  [I-D.ietf-bfcpbis-rfc4582bis] defines two
   transports for BFCP: TCP and UDP.  This specification defines a new
   WebSocket sub-protocol (as defined in Section 1.9 in [RFC6455]) for
   transporting BFCP messages between a WebSocket client and server.
   This sub-protocol provides a reliable and boundary preserving
   transport for BFCP when run on top of TCP.  Since WebSocket provides
   a reliable transport, the extensions defined in
   [I-D.ietf-bfcpbis-rfc4582bis] for sending BFCP over unreliable
   transports are not applicable.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2.1.  Definitions

   BFCP WebSocket Client:  Any BFCP entity capable of opening outbound
         connections to WebSocket servers and communicating using the
         WebSocket BFCP sub-protocol as defined by this document.

   BFCP WebSocket Server:  Any BFCP entity capable of listening for
         inbound connections from WebSocket clients and communicating
         using the WebSocket BFCP sub-protocol as defined by this
         document.

3.  The WebSocket Protocol

   The WebSocket protocol [RFC6455] is a transport layer on top of TCP
   (optionally secured with TLS [RFC5246]) in which both client and
   server exchange message units in both directions.  The protocol
   defines a connection handshake, WebSocket sub-protocol and extensions



Pascual, et al.          Expires August 12, 2017                [Page 3]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   negotiation, a frame format for sending application and control data,
   a masking mechanism, and status codes for indicating disconnection
   causes.

   The WebSocket connection handshake is based on HTTP [RFC7230] and
   utilizes the HTTP GET method with an "Upgrade" request.  This is sent
   by the client and then answered by the server (if the negotiation
   succeeded) with an HTTP 101 status code.  Once the handshake is
   completed the connection upgrades from HTTP to the WebSocket
   protocol.  This handshake procedure is designed to reuse the existing
   HTTP infrastructure.  During the connection handshake, client and
   server agree on the application protocol to use on top of the
   WebSocket transport.  Such an application protocol (also known as a
   "WebSocket sub-protocol") defines the format and semantics of the
   messages exchanged by the endpoints.  This could be a custom protocol
   or a standardized one (as the WebSocket BFCP sub-protocol defined in
   this document).  Once the HTTP 101 response is processed both client
   and server reuse the underlying TCP connection for sending WebSocket
   messages and control frames to each other.  Unlike plain HTTP, this
   connection is persistent and can be used for multiple message
   exchanges.

   The WebSocket protocol defines message units to be used by
   applications for the exchange of data, so it provides a message
   boundary-preserving transport layer.

4.  The WebSocket BFCP Sub-Protocol

   The term WebSocket sub-protocol refers to an application-level
   protocol layered on top of a WebSocket connection.  This document
   specifies the WebSocket BFCP sub-protocol for carrying BFCP messages
   over a WebSocket connection.

4.1.  Handshake

   The BFCP WebSocket Client and BFCP WebSocket Server negotiate usage
   of the WebSocket BFCP sub-protocol during the WebSocket handshake
   procedure as defined in Section 1.3 of [RFC6455].  The Client MUST
   include the value "BFCP" in the Sec-WebSocket-Protocol header in its
   handshake request.  The 101 reply from the Server MUST contain "BFCP"
   in its corresponding Sec-WebSocket-Protocol header.

   Below is an example of a WebSocket handshake in which the Client
   requests the WebSocket BFCP sub-protocol support from the Server:







Pascual, et al.          Expires August 12, 2017                [Page 4]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


     GET / HTTP/1.1
     Host: bfcp-ws.example.com
     Upgrade: websocket
     Connection: Upgrade
     Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
     Origin: http://www.example.com
     Sec-WebSocket-Protocol: BFCP
     Sec-WebSocket-Version: 13

   The handshake response from the Server accepting the WebSocket BFCP
   sub-protocol would look as follows:

     HTTP/1.1 101 Switching Protocols
     Upgrade: websocket
     Connection: Upgrade
     Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
     Sec-WebSocket-Protocol: BFCP

   Once the negotiation has been completed, the WebSocket connection is
   established and can be used for the transport of BFCP messages.

4.2.  BFCP Encoding

   BFCP messages use a TLV (Type-Length-Value) binary encoding,
   therefore BFCP WebSocket Clients and BFCP WebSocket Servers MUST be
   transported in unfragmented binary WebSocket frames
   (FIN:1,opcode:%x2) to exchange BFCP messages.  The WebSocket frame
   data MUST be a valid BCFP message, so the length of the payload of
   the WebSocket frame MUST be lower than the maximum size allowed (2^16
   +12 bytes) for a BCFP message as described in
   [I-D.ietf-bfcpbis-rfc4582bis].  In addition, the encoding rules for
   reliable protocols defined in [I-D.ietf-bfcpbis-rfc4582bis] MUST be
   followed.

   While this specification assumes that BFCP encoding is only TLV
   binary, future documents may define other mechanisms like JSON
   serialization.  if encoding changes a new subprotocol identifier
   would need to be selected.

   Each BFCP message MUST be carried within a single WebSocket message,
   and a WebSocket message MUST NOT contain more than one BFCP message.

5.  Transport Reliability

   WebSocket [RFC6455] provides a reliable transport and therefore the
   BFCP WebSocket sub-protocol defined by this document also provides
   reliable BFCP transport.  Thus, client and server transactions using
   WebSocket for transport MUST follow the procedures for reliable



Pascual, et al.          Expires August 12, 2017                [Page 5]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   transports as defined in [I-D.ietf-bfcpbis-rfc4582bis] and
   [I-D.ietf-bfcpbis-rfc4583bis].

   BFCP WebSocket clients cannot receive incoming WebSocket connections
   initiated by any other peer.  This means that a BFCP WebSocket client
   MUST actively initiate a connection towards a BFCP WebSocket server.
   The BFCP server is a will have a globally routable address and thus
   does not require ICE as clients always initiate connections to it.

6.  SDP Considerations

6.1.  Transport Negotiation

   Rules to generate an 'm' line for a BFCP stream are described in
   [I-D.ietf-bfcpbis-rfc4583bis], Section 3

   New values are defined for the transport field: TCP/WS/BFCP and
   TCP/WSS/BFCP.

      TCP/WS/BFCP is used when BFCP runs on top of WS, which in turn
      runs on top of TCP.

      TCP/WSS/BFCP is used when BFCP runs on top of WSS, which in turn
      runs on top of TLS and TCP.

   The port field is set following the rules in Section 3 and
   Section 8.1 of [I-D.ietf-bfcpbis-rfc4583bis].  Depending on the value
   of the SDP 'setup' attribute defined in [RFC4145], the port field
   contains the port to which the remote endpoint will direct BFCP
   messages or is irrelevant (i.e., the endpoint will initiate the
   connection towards the remote endpoint) and should be set to a value
   of 9, which is the discard port.  Connection attribute and port MUST
   follow the rules of [RFC4145]

   While this document recommends the use of secure WebSockets (i.e.TCP/
   WSS) for security reasons, TCP/WS is also permitted so as to achieve
   maximum compatibility among clients.

6.2.  SDP Media Attributes

   [I-D.ietf-bfcpbis-sdp-ws-uri] defines a new SDP attribute to indicate
   the connection Uniform Resource Identifier (URI) for the WebSocket
   Client.  The SDP attribute 'websocket-uri' defined in Section 3 of
   [I-D.ietf-bfcpbis-sdp-ws-uri] MUST be used when BFCP runs on top of
   WS or WSS.  When the 'websocket-uri' attribute is present in the
   media section of the SDP, the procedures mentioned in Section 4 of
   [I-D.ietf-bfcpbis-sdp-ws-uri] MUST be followed.




Pascual, et al.          Expires August 12, 2017                [Page 6]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


7.  SDP Offer/Answer Procedures

7.1.  General

   An endpoint (i.e., both the offerer and the answerer) MUST create an
   SDP media description ("m=" line) for each BFCP-over-WebSocket media
   stream and MUST assign either TCP/WSS/BFCP or TCP/WS/BFCP value to
   the "proto" field of the "m=" line depending on whether the endpoint
   wishes to use secure WebSocket or WebSocket.  Furthermore, the server
   side, which could be either the offerer or answerer, MUST add an
   "a=websocket-uri" attribute in the media section depending on whether
   it wishes to use WebSocket or secure WebSocket.  This new attribute
   MUST follow the syntax defined in [I-D.ietf-bfcpbis-sdp-ws-uri].
   Additionally, the SDP Offer/Answer procedures defined in Section 4 of
   [I-D.ietf-bfcpbis-sdp-ws-uri] MUST be followed for the "m=" line
   associated with a BFCP-over-WebSocket media stream.

7.2.  Example Usage of 'websocket-uri' SDP Attribute

   The following is an example of an "m=" line for a BFCP connection.
   In this example, the offerer sends the SDP with the "proto" field
   having a value of TCP/WSS/BFCP * indicating that the offerer wishes
   to use secure WebSocket as a transport for the media stream.

   Offer (browser):
   m=application 9 TCP/WSS/BFCP *
   a=setup:active
   a=connection:new
   a=floorctrl:c-only
   m=audio 55000 RTP/AVP 0
   m=video 55002 RTP/AVP 31

   Answer (server):
   m=application 50000 TCP/WSS/BFCP *
   a=setup:passive
   a=connection:new
   a=websocket-uri:wss://bfcp-ws.example.com?token=3170449312
   a=floorctrl:s-only
   a=confid:4321
   a=userid:1234
   a=floorid:1 m-stream:10
   a=floorid:2 m-stream:11
   m=audio 50002 RTP/AVP 0
   a=label:10
   m=video 50004 RTP/AVP 31
   a=label:11





Pascual, et al.          Expires August 12, 2017                [Page 7]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   It is possible that an endpoint (e.g., a browser) sends an offerless
   INVITE to the server.  In such cases the server will act as SDP
   offerer.  The server MUST assign the SDP "setup" attribute with a
   value of "passive".  The server MUST have an "a=websocket-uri"
   attribute with a "ws-URI" or "wss-URI" value depending on whether the
   server wishes to use WebSocket or secure WebSocket.  This attribute
   MUST follow the syntax defined in Section 3 of
   [I-D.ietf-bfcpbis-sdp-ws-uri] .  For BFCP application, the "proto"
   value in the "m=" line MUST be TCP/WSS/BFCP if WebSocket is over TLS,
   else it MUST be TCP/WS/BFCP.

8.  Authentication

   Section 9 of [I-D.ietf-bfcpbis-rfc4582bis] states that BFCP clients
   and floor control servers SHOULD authenticate each other prior to
   accepting messages, and RECOMMENDS that mutual TLS/DTLS
   authentication be used.  However, browser-based WebSocket clients
   have no control over the use of TLS in the WebSocket API [WS-API], so
   it is RECOMMENDED that standard Web-based methods for client and
   server authentication are used, as follows.

   When a BFCP WebSocket client connects to a BFCP WebSocket server, it
   SHOULD use TCP/WSS as its transport.  If the signaling or control
   protocol traffic used to set up the conference is authenticated and
   confidentiality and integrity protected, Secure WebSocket (WSS) MUST
   be used, and the floor control server MUST authenticate the client..
   The WebSocket client MUST follow the procedures in [RFC7525] while
   setting up TLS connection with the WebSocket server.  The BFCP client
   validates the server by means of verifying the server certificate.
   This means the "websocket-uri" value MUST contain a hostname.  The
   verification process does not use a=fingerprint.

   A floor control server that receives a message over TCP/WS can
   mandate the use of TCP/WSS by generating an Error message, as
   described in Section 13.8 of [I-D.ietf-bfcpbis-rfc4582bis], with an
   Error code with a value of 9 (use TLS).

   Prior to sending BFCP requests, a BFCP WebSocket client connects to a
   BFCP WebSocket server and performs the connection handshake.  As
   described in Section 3 the handshake procedure involves a HTTP GET
   method request from the client and a response from the server
   including an HTTP 101 status code.

   In order to authorize the WebSocket connection, the BFCP WebSocket
   server SHOULD inspect any cookie [RFC6265] headers present in the
   HTTP GET request.  For many web applications the value of such a
   cookie is provided by the web server once the user has authenticated
   themselves to the web server, which could be done by many existing



Pascual, et al.          Expires August 12, 2017                [Page 8]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   mechanisms.  As an alternative method, the BFCP WebSocket Server
   could request HTTP authentication by replying to the Client's GET
   method request with a HTTP 401 status code.  The WebSocket protocol
   [RFC6455] covers this usage in Section 4.1:

      If the status code received from the server is not 101, the
      WebSocket client stack handles the response per HTTP [RFC7230]
      procedures, in particular the client might perform authentication
      if it receives 401 status code.

      If the status code received from the server is not 101, the
      WebSocket client stack handles the response per HTTP [RFC7230]
      procedures, in particular the client might perform authentication
      if it receives 401 status code.  The WebSocket clients are
      vulnerable to the attacks of basic authentication (mentioned in
      Section 4 of [RFC7617]) and digest authentication (mentioned in
      Section 5 of [RFC7616]]).  To overcome some of these weakness, the
      WebSocket clients for example can use HTTP Origin-Bound
      Authentication (HOBA) mechanism mentioned in [RFC7486].

9.  Security Considerations

   Considerations from [I-D.ietf-bfcpbis-rfc4582bis],
   [I-D.ietf-bfcpbis-rfc4583bis] and RFC5018 [RFC5018] apply.

   BFCP relies on lower-layer security mechanisms to provide replay and
   integrity protection and confidentiality.  It is RECOMMENDED that the
   BFCP traffic transported over a WebSocket communication be protected
   by using a secure WebSocket connection (using TLS [RFC5246] over
   TCP).  The security considerations in [RFC6455] apply for BFCP over
   WebSocket as well.  The security model here is a typical webserver-
   client model where the client validates the server certificate and
   then connects to the server.  Section 8 describes the authentication
   procedures between client and server.

   When using BFCP over websockets, the security mechanisms defined in
   [I-D.ietf-bfcpbis-rfc4582bis] are not used.  Instead, the application
   is required to build and rely on the security mechanisms in
   [RFC6455].

   The rest of this section analyses the threats described in Section 14
   of [I-D.ietf-bfcpbis-rfc4582bis] when WebSocket is used as transport
   protocol for BFCP.

   An attacker attempting to impersonate a floor control server is
   avoided by having servers accept BFCP messages over WSS only.  As
   with any other web connection, the clients will verify the servers
   certificate.  The floor control WebSocket client MUST follow the



Pascual, et al.          Expires August 12, 2017                [Page 9]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   procedures in [RFC7525] (including hostname verification as per
   Section 6.1 in [RFC7525]) while setting up TLS connection with floor
   control webSocket server.

   An attacker attempting to impersonate a floor control client is
   avoided by having servers accept BFCP messages over WSS only.  As
   described in Section 10.5 of [RFC6455] the floor control server can
   use any client authentication mechanism and follow the steps in
   Section 8 of this document.

   Attackers may attempt to modify messages exchanged by a client and a
   floor control server.  This can be prevented by having WSS between
   client and server.

   An attacker trying to replay the messages is prevented by having
   floor control servers check that messages arriving over a given WSS
   connection use an authorized user ID.

   Attackers may may eavesdrop on the network to get access to
   confidential information between the floor control server and a
   client (e.g., why a floor request was denied).  In order to ensure
   that BFCP users are getting the level of protection that they would
   get using the BFCP protocol directly, applications need to have a way
   to control the websocket libraries to use encryption algorithms
   specified in Section 7 of [I-D.ietf-bfcpbis-rfc4582bis] . Since the
   WebSocket API [WS-API] does not have a way to allow an application to
   select the encryption algorithm to be used, the protection level
   provided when WSS is used is limited to the underlying TLS algorithm
   used by WebSocket library.

10.  IANA Considerations

10.1.  Registration of the WebSocket BFCP Sub-Protocol

   This specification requests IANA to register the WebSocket BFCP sub-
   protocol under the "WebSocket Subprotocol Name" Registry with the
   following data:

   Subprotocol Identifier:  BFCP

   Subprotocol Common Name:  WebSocket Transport for BFCP (Binary Floor
      Control Protocol)

   Subprotocol Definition:  RFCXXXX

   [[NOTE TO RFC EDITOR: Please change XXXX to the number assigned to
   this specification, and remove this paragraph on publication.]]




Pascual, et al.          Expires August 12, 2017               [Page 10]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


10.2.  Registration of the 'TCP/WS/BFCP' and 'TCP/WSS/BFCP' SDP 'proto'
       Values

   This document defines two new values for the SDP 'proto' field under
   the Session Description Protocol (SDP) Parameters registry.  The
   resulting entries are shown in Figure 1 below:

                    Value                    Reference
                  ----------                -----------
                 TCP/WS/BFCP                 RFCXXXX;
                 TCP/WSS/BFCP                RFCXXXX;

                Figure 1: Values for the SDP 'proto' Field

   [[NOTE TO RFC EDITOR: Please change XXXX to the number assigned to
   this specification, and remove this paragraph on publication.]]

11.  Acknowledgements

   The authors want to thank Robert Welbourn, from Acme Packet and
   Sergio Garcia Murillo who made significant contributions to the first
   version of this document.  This work benefited from the thorough
   review and constructive comments of Charles Eckel, Christer Holmberg,
   Paul Kyzivat, Dan Wing and Alissa Cooper.  Thanks to Bert Wijnen,
   Robert Sparks and Mirja Kuehlewind for their reviews and comments on
   this document.

   Thanks for Spencers Dawkin, Ben Campbell, Kathleen Moriarty, Alexey
   Melnikov, Jari Arkko and Stephen Farrell for their feedback and
   comments during IESG reviews.

12.  References

12.1.  Normative References

   [I-D.ietf-bfcpbis-rfc4582bis]
              Camarillo, G., Drage, K., Kristensen, T., Ott, J., and C.
              Eckel, "The Binary Floor Control Protocol (BFCP)", draft-
              ietf-bfcpbis-rfc4582bis-16 (work in progress), November
              2015.

   [I-D.ietf-bfcpbis-rfc4583bis]
              Camarillo, G., Kristensen, T., and P. Jones, "Session
              Description Protocol (SDP) Format for Binary Floor Control
              Protocol (BFCP) Streams", draft-ietf-bfcpbis-rfc4583bis-16
              (work in progress), September 2016.





Pascual, et al.          Expires August 12, 2017               [Page 11]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   [I-D.ietf-bfcpbis-sdp-ws-uri]
              R, R. and G. Salgueiro, "Session Description Protocol
              (SDP) WebSocket Connection URI Attribute", draft-ietf-
              bfcpbis-sdp-ws-uri-09 (work in progress), February 2017.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC4145]  Yon, D. and G. Camarillo, "TCP-Based Media Transport in
              the Session Description Protocol (SDP)", RFC 4145,
              DOI 10.17487/RFC4145, September 2005,
              <http://www.rfc-editor.org/info/rfc4145>.

   [RFC5018]  Camarillo, G., "Connection Establishment in the Binary
              Floor Control Protocol (BFCP)", RFC 5018,
              DOI 10.17487/RFC5018, September 2007,
              <http://www.rfc-editor.org/info/rfc5018>.

   [RFC6455]  Fette, I. and A. Melnikov, "The WebSocket Protocol",
              RFC 6455, DOI 10.17487/RFC6455, December 2011,
              <http://www.rfc-editor.org/info/rfc6455>.

   [RFC7525]  Sheffer, Y., Holz, R., and P. Saint-Andre,
              "Recommendations for Secure Use of Transport Layer
              Security (TLS) and Datagram Transport Layer Security
              (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May
              2015, <http://www.rfc-editor.org/info/rfc7525>.

12.2.  Informative References

   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.2", RFC 5246,
              DOI 10.17487/RFC5246, August 2008,
              <http://www.rfc-editor.org/info/rfc5246>.

   [RFC6265]  Barth, A., "HTTP State Management Mechanism", RFC 6265,
              DOI 10.17487/RFC6265, April 2011,
              <http://www.rfc-editor.org/info/rfc6265>.

   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
              Protocol (HTTP/1.1): Message Syntax and Routing",
              RFC 7230, DOI 10.17487/RFC7230, June 2014,
              <http://www.rfc-editor.org/info/rfc7230>.






Pascual, et al.          Expires August 12, 2017               [Page 12]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   [RFC7486]  Farrell, S., Hoffman, P., and M. Thomas, "HTTP Origin-
              Bound Authentication (HOBA)", RFC 7486,
              DOI 10.17487/RFC7486, March 2015,
              <http://www.rfc-editor.org/info/rfc7486>.

   [RFC7616]  Shekh-Yusef, R., Ed., Ahrens, D., and S. Bremer, "HTTP
              Digest Access Authentication", RFC 7616,
              DOI 10.17487/RFC7616, September 2015,
              <http://www.rfc-editor.org/info/rfc7616>.

   [RFC7617]  Reschke, J., "The 'Basic' HTTP Authentication Scheme",
              RFC 7617, DOI 10.17487/RFC7617, September 2015,
              <http://www.rfc-editor.org/info/rfc7617>.

   [WS-API]   W3C and I. Hickson, Ed., "The WebSocket API", May 2012.

Authors' Addresses

   Victor Pascual
   Oracle

   Email: victor.pascual.avila@oracle.com


   Anton Roman
   Quobis

   Email: anton.roman@quobis.com


   Stephane Cazeaux
   France Telecom Orange

   Email: stephane.cazeaux@orange.com


   Gonzalo Salgueiro
   Cisco Systems, Inc.
   7200-12 Kit Creek Road
   Research Triangle Park, NC  27709
   US

   Email: gsalguei@cisco.com








Pascual, et al.          Expires August 12, 2017               [Page 13]

Internet-Draft      WebSocket as a Transport for BFCP      February 2017


   Ram Mohan Ravindranath
   Cisco Systems, Inc.
   Cessna Business Park,
   Kadabeesanahalli Village, Varthur Hobli,
   Sarjapur-Marathahalli Outer Ring Road
   Bangalore, Karnataka  560103
   India

   Email: rmohanr@cisco.com










































Pascual, et al.          Expires August 12, 2017               [Page 14]