draft-ietf-rtcweb-use-cases-and-requirements-01.txt   draft-ietf-rtcweb-use-cases-and-requirements-02.txt 
RTCWEB Working Group C. Holmberg RTCWEB Working Group C. Holmberg
Internet-Draft S. Hakansson Internet-Draft S. Hakansson
Intended status: Standards Track G. Eriksson Intended status: Informational G. Eriksson
Expires: January 5, 2012 Ericsson Expires: February 20, 2012 Ericsson
July 4, 2011 August 19, 2011
Web Real-Time Communication Use-cases and Requirements Web Real-Time Communication Use-cases and Requirements
draft-ietf-rtcweb-use-cases-and-requirements-01.txt draft-ietf-rtcweb-use-cases-and-requirements-02.txt
Abstract Abstract
This document describes web based real-time communication use-cases. This document describes web based real-time communication use-cases.
Based on the use-cases, the document also derives requirements Based on the use-cases, the document also derives requirements
related to the browser, and the API used by web applications to related to the browser, and the API used by web applications to
request and control media stream services provided by the browser. request and control media stream services provided by the browser.
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 5, 2012. This Internet-Draft will expire on February 20, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 14
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Use-cases . . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Use-cases . . . . . . . . . . . . . . . . . . . . . . . . . . 3
4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3 4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3
4.2. Browser-to-browser use-cases . . . . . . . . . . . . . . . 3 4.2. Browser-to-browser use-cases . . . . . . . . . . . . . . . 3
4.2.1. Simple Video Communication Service . . . . . . . . . . 3 4.2.1. Simple Video Communication Service . . . . . . . . . . 3
4.2.2. Simple Video Communication Service, access change . . 4 4.2.2. Simple Video Communication Service, NAT/FW that
4.2.3. Simple Video Communication Service, QoS . . . . . . . 4 blocks UDP . . . . . . . . . . . . . . . . . . . . . . 4
4.2.4. Simple video communication service with 4.2.3. Simple Video Communication Service, access change . . 4
4.2.4. Simple Video Communication Service, QoS . . . . . . . 5
4.2.5. Simple video communication service with
inter-operator calling . . . . . . . . . . . . . . . . 5 inter-operator calling . . . . . . . . . . . . . . . . 5
4.2.5. Hockey Game Viewer . . . . . . . . . . . . . . . . . . 5 4.2.6. Hockey Game Viewer . . . . . . . . . . . . . . . . . . 6
4.2.6. Multiparty video communication . . . . . . . . . . . . 6 4.2.7. Multiparty video communication . . . . . . . . . . . . 6
4.2.7. Multiparty on-line game with voice communication . . . 7 4.2.8. Multiparty on-line game with voice communication . . . 7
4.3. Browser - GW/Server use cases . . . . . . . . . . . . . . 7 4.2.9. Distributed Music Band . . . . . . . . . . . . . . . . 7
4.3.1. Telephony terminal . . . . . . . . . . . . . . . . . . 7 4.3. Browser - GW/Server use cases . . . . . . . . . . . . . . 8
4.3.2. Fedex Call . . . . . . . . . . . . . . . . . . . . . . 7 4.3.1. Telephony terminal . . . . . . . . . . . . . . . . . . 8
4.3.3. Video conferencing system with central server . . . . 8 4.3.2. Fedex Call . . . . . . . . . . . . . . . . . . . . . . 8
5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.3.3. Video conferencing system with central server . . . . 9
5.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.2. Browser requirements . . . . . . . . . . . . . . . . . . . 9 5.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.3. API requirements . . . . . . . . . . . . . . . . . . . . . 11 5.2. Browser requirements . . . . . . . . . . . . . . . . . . . 10
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 5.3. API requirements . . . . . . . . . . . . . . . . . . . . . 12
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13
7.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 13 7.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 14
7.2. Browser Considerations . . . . . . . . . . . . . . . . . . 13 7.2. Browser Considerations . . . . . . . . . . . . . . . . . . 14
7.3. Web Application Considerations . . . . . . . . . . . . . . 13 7.3. Web Application Considerations . . . . . . . . . . . . . . 14
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 8. Additional use cases . . . . . . . . . . . . . . . . . . . . . 14
9. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 14 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 10. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 15
10.1. Normative References . . . . . . . . . . . . . . . . . . . 14 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17
10.2. Informative References . . . . . . . . . . . . . . . . . . 15 11.1. Normative References . . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 11.2. Informative References . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction 1. Introduction
This document presents a few use-case of web applications that are This document presents a few use-case of web applications that are
executed in a browser and use real-time communication capabilities. executed in a browser and use real-time communication capabilities.
Based on the use-cases, the document derives requirements related to Based on the use-cases, the document derives requirements related to
the browser and the API used by web applications in the browser. the browser and the API used by web applications in the browser.
The document focuses on requirements related to real-time media The document focuses on requirements related to real-time media
streams. Requirements related to privacy, signalling between the streams. Requirements related to privacy, signalling between the
skipping to change at page 4, line 24 skipping to change at page 4, line 24
packet losses, and is sometimes goes down completely. packet losses, and is sometimes goes down completely.
One user is located behind a Network Address Translator (NAT). One user is located behind a Network Address Translator (NAT).
4.2.1.2. Derived Requirements 4.2.1.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F25 F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F25
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13
4.2.2. Simple Video Communication Service, access change 4.2.2. Simple Video Communication Service, NAT/FW that blocks UDP
4.2.2.1. Description 4.2.2.1. Description
This use case is almost identical to the previos one. The difference This use case is almost identical to the previos one. The difference
is that the user changes network access during the session: is that one of the users is behind a NAT that blocks UDP traffic.
4.2.2.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F23, F25, F26
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13
4.2.3. Simple Video Communication Service, access change
4.2.3.1. Description
This use case is almost identical to "4.2.1 Simple Video
Communication Service". The difference is that the user changes
network access during the session:
The communication device used byt one of the users have several The communication device used byt one of the users have several
network adapters (Ethernet, WiFi, Cellular). The communication network adapters (Ethernet, WiFi, Cellular). The communication
device is access the internet using Ethernet, but the user has to device is access the internet using Ethernet, but the user has to
start a trip during the session. The communication device start a trip during the session. The communication device
automatically changes to use WiFi when the ethernet cable is removed automatically changes to use WiFi when the ethernet cable is removed
and then moves to cellular access to the internet when moving out of and then moves to cellular access to the internet when moving out of
WiFi coverage. The session continues even though the access method WiFi coverage. The session continues even though the access method
changes. changes.
4.2.2.2. Derived Requirements 4.2.3.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F23, F25 F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F23, F25
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13
4.2.3. Simple Video Communication Service, QoS 4.2.4. Simple Video Communication Service, QoS
4.2.3.1. Description 4.2.4.1. Description
This use case is almost identical to the previos one. The use of QoS This use case is almost identical to the previos one. The use of QoS
capabilities is added: capabilities is added:
The user in the previous use case that starts a trip is behind a The user in the previous use case that starts a trip is behind a
common residential router that supports prioritization of traffic. common residential router that supports prioritization of traffic.
In addition, the user's provider of cellular access has QoS support In addition, the user's provider of cellular access has QoS support
enabled. The user is able to take advantage of the QoS support both enabled. The user is able to take advantage of the QoS support both
when accessing via the residential router and when using cellular. when accessing via the residential router and when using cellular.
4.2.3.2. Derived Requirements 4.2.4.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F21, F22, F23, F25 F1, F2, F3, F4, F5, F6, F8, F9, F10, F21, F22, F23, F25
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13
4.2.4. Simple video communication service with inter-operator calling 4.2.5. Simple video communication service with inter-operator calling
4.2.4.1. Description 4.2.5.1. Description
Two users have logged into two different web applications, provided Two users have logged into two different web applications, provided
by different service providers. by different service providers.
The service providers are interconnected by some means, but exchange The service providers are interconnected by some means, but exchange
no more information about the users than what can be carried using no more information about the users than what can be carried using
SIP. SIP.
NOTE: More profiling of what this means may be needed. NOTE: More profiling of what this means may be needed.
Each web service publishes information about user login status for Each web service publishes information about user login status for
users that have a relationship with the other user; how this is users that have a relationship with the other user; how this is
established is out of scope. established is out of scope.
The same functionality as in the "Simple Video Communication Service" The same functionality as in the "4.2.1 Simple Video Communication
is available. Service" is available.
The same issues with connectivity apply. The same issues with connectivity apply.
4.2.4.2. Derived requirements 4.2.5.2. Derived requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F25 F1, F2, F3, F4, F5, F6, F8, F9, F10, F22, F24, F25
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13
4.2.5. Hockey Game Viewer 4.2.6. Hockey Game Viewer
4.2.5.1. Description 4.2.6.1. Description
An ice-hockey club uses an application that enables talent scouts to, An ice-hockey club uses an application that enables talent scouts to,
in real-time, show and discuss games and players with the club in real-time, show and discuss games and players with the club
manager. The talent scouts use a mobile phone with two cameras, one manager. The talent scouts use a mobile phone with two cameras, one
front-facing and one rear facing. front-facing and one rear facing.
The club manager uses a desktop for viewing the game and discussing The club manager uses a desktop for viewing the game and discussing
with the talent scout. The video stream captured by the front facing with the talent scout. The video stream captured by the front facing
camera (that is capturing the game) of the mobile phone is shown in a camera (that is capturing the game) of the mobile phone is shown in a
big window on the desktop screen, while a thumbnail of the rear big window on the desktop screen, while a thumbnail of the rear
facing camera is overlaid. facing camera is overlaid.
Most of the mobile phone screen is covered by a self view of the Most of the mobile phone screen is covered by a self view of the
front facing camera. A thumbnail of the rear facing cameras view is front facing camera. A thumbnail of the rear facing cameras view is
overlaid. overlaid.
4.2.5.2. Derived Requirements 4.2.6.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F14 F1, F2, F3, F4, F5, F6, F8, F9, F10, F14
A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A15 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A15
4.2.6. Multiparty video communication 4.2.7. Multiparty video communication
4.2.6.1. Description 4.2.7.1. Description
In this use case the simple video communication service is extended In this use case the simple video communication service is extended
by allowing multiparty sessions. No central server is involved - the by allowing multiparty sessions. No central server is involved - the
browser of each participant sends and receives streams to and from browser of each participant sends and receives streams to and from
all other session participants. The web application in the browser all other session participants. The web application in the browser
of each user is responsible for setting up streams to all receivers. of each user is responsible for setting up streams to all receivers.
The audio sent by each participant is a mono stream. However, in The audio sent by each participant is a mono stream. However, in
order to enhance intelligibility, the web application pans the audio order to enhance intelligibility, the web application pans the audio
from different participants differently when rendering the audio. from different participants differently when rendering the audio.
skipping to change at page 6, line 46 skipping to change at page 7, line 12
Each video stream received is by default displayed in a thumbnail Each video stream received is by default displayed in a thumbnail
frame within the browser, but users can change the display size. frame within the browser, but users can change the display size.
Note: What this uses case adds in terms of requirements is Note: What this uses case adds in terms of requirements is
capabilities to send streams to and receive streams from several capabilities to send streams to and receive streams from several
peers concurrently, as well as the capabilities to render the video peers concurrently, as well as the capabilities to render the video
from all recevied streams and be able to spatialize and mix the audio from all recevied streams and be able to spatialize and mix the audio
from all received streams locally in the browser. from all received streams locally in the browser.
4.2.6.2. Derived Requirements 4.2.7.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F10, F11, F12, F13, F14, F22 F1, F2, F3, F4, F5, F6, F8, F9, F10, F11, F12, F13, F14, F22
A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13, A14, A15 A1, A2, A3, A4, A5, A6, A7, A8, A9, A10, A11, A12, A13, A14, A15
4.2.7. Multiparty on-line game with voice communication 4.2.8. Multiparty on-line game with voice communication
4.2.7.1. Description 4.2.8.1. Description
In this use-case, the voice part of the multiparty video In this use-case, the voice part of the multiparty video
communication application is used in the context of an on-line game. communication application is used in the context of an on-line game.
The received voice audio media is rendered together with game sound The received voice audio media is rendered together with game sound
objects. For example, the sound of a tank moving from left to right objects. For example, the sound of a tank moving from left to right
over the screen must be rendered and played to the user together with over the screen must be rendered and played to the user together with
the voice media. the voice media.
Quick updates of the game state is required. Quick updates of the game state is required.
Note: the difference regarding local audio processing compared to the Note: the difference regarding local audio processing compared to the
"Multiparty video communication" use case is that other sound objects "Multiparty video communication" use case is that other sound objects
than the streams must be possible to be included in the than the streams must be possible to be included in the
spatialization and mixing. "Other sound objects" could for example a spatialization and mixing. "Other sound objects" could for example a
file with the sound of the tank, that file could be stored locally or file with the sound of the tank, that file could be stored locally or
remotely. remotely.
4.2.7.2. Derived Requirements 4.2.8.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F15, F20 F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13, F15, F20
A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A16
4.2.9. Distributed Music Band
4.2.9.1. Description
In this use-case, a music band is playing music while the members are
at different physical locations. No central server is used, instead
all streams are set up in a mesh fashion.
Discussion: This use case was briefly discussed at the Quebec webrtc
meeting and it got support. So far the only concrete requirement
(A17) derived is that the application must be able to ask the browser
to treat the audio signal as audio (in contrast to speech). However,
the use case should be further analysed to determine other
requirements (could be e.g. on delay mic->speaker, level control of
audio signals, etc.).
4.2.9.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F8, F9, F11, F12, F13
A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A14, A15, A17
4.3. Browser - GW/Server use cases 4.3. Browser - GW/Server use cases
4.3.1. Telephony terminal 4.3.1. Telephony terminal
4.3.1.1. Description 4.3.1.1. Description
A mobile telephony operator allows its customers to use a web browser A mobile telephony operator allows its customers to use a web browser
to access their services. After a simple log in the user can place to access their services. After a simple log in the user can place
and receive calls in the same way as when using a normal mobile and receive calls in the same way as when using a normal mobile
phone. When a call is received or placed, the identity will be shown phone. When a call is received or placed, the identity will be shown
skipping to change at page 8, line 49 skipping to change at page 9, line 36
stream is selected for display until the video can be displayed is stream is selected for display until the video can be displayed is
short. short.
The organization has an internal network set up with an aggressive The organization has an internal network set up with an aggressive
firewall handling access to the internet. If users can not firewall handling access to the internet. If users can not
physically access the internal network, they can establish a Virtual physically access the internal network, they can establish a Virtual
Private Network (VPN). Private Network (VPN).
It is essential that the communication can not be eavesdropped. It is essential that the communication can not be eavesdropped.
All participant are authenticated by the central server, and
authorized to connect to the central server. The participants are
identified to each other by the central server, and the participants
do not have access to each others' credentials such as e-mail
addresses or login IDs.
Note: This use case adds requirements on support for fast stream Note: This use case adds requirements on support for fast stream
switches F7, on encryption of media and on ability to traverse very switches F7, on encryption of media and on ability to traverse very
restrictive FWs. It also introduces simulcast, but no concrete restrictive FWs. It also introduces simulcast, but no concrete
requirement is put for this. requirement is put for this.
4.3.3.2. Derived Requirements 4.3.3.2. Derived Requirements
F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F14, F16, F17 F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F14, F16, F17
A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A15 A1, A2, A3, A4, A5, A7, A8, A9, A10, A11, A12, A13, A15
skipping to change at page 11, line 28 skipping to change at page 12, line 19
F23 It MUST be possible to move from one network F23 It MUST be possible to move from one network
interface to another one interface to another one
---------------------------------------------------------------- ----------------------------------------------------------------
F24 The browser MUST be able to initiate and accept a F24 The browser MUST be able to initiate and accept a
media session where the data needed for establishment media session where the data needed for establishment
can be carried in SIP. can be carried in SIP.
---------------------------------------------------------------- ----------------------------------------------------------------
F25 The browser MUST support a baseline audio and F25 The browser MUST support a baseline audio and
video codec video codec
---------------------------------------------------------------- ----------------------------------------------------------------
F26 The browser MUST be able to send streams to a
peer in presence of NATs that block UDP traffic.
----------------------------------------------------------------
5.3. API requirements 5.3. API requirements
REQ-ID DESCRIPTION REQ-ID DESCRIPTION
---------------------------------------------------------------- ----------------------------------------------------------------
A1 The web application MUST be able to query the A1 The web application MUST be able to ask the
user about the usage of cameras and microphones browser for permission to use cameras
as input devices. and microphones as input devices.
---------------------------------------------------------------- ----------------------------------------------------------------
A2 The web application MUST be able to control how A2 The web application MUST be able to control how
streams generated by input devices are used. streams generated by input devices are used.
---------------------------------------------------------------- ----------------------------------------------------------------
A3 The web application MUST be able to control the A3 The web application MUST be able to control the
local rendering of streams (locally generated streams local rendering of streams (locally generated streams
and streams received from a peer). and streams received from a peer).
---------------------------------------------------------------- ----------------------------------------------------------------
A4 The web application MUST be able to initiate A4 The web application MUST be able to initiate
sending of stream/stream components to a peer. sending of stream/stream components to a peer.
skipping to change at page 12, line 46 skipping to change at page 13, line 39
A14 It MUST be possible for the web application to A14 It MUST be possible for the web application to
control panning, mixing and other processing for control panning, mixing and other processing for
individual streams. individual streams.
---------------------------------------------------------------- ----------------------------------------------------------------
A15 The web application MUST be able to identify the A15 The web application MUST be able to identify the
context of a stream. context of a stream.
---------------------------------------------------------------- ----------------------------------------------------------------
A16 It MUST be possible for the web application to A16 It MUST be possible for the web application to
send and receive datagrams to/from peer send and receive datagrams to/from peer
---------------------------------------------------------------- ----------------------------------------------------------------
A17 It MUST be possible for the web application to
indicate the type of audio signal (speech, audio)
----------------------------------------------------------------
6. IANA Considerations 6. IANA Considerations
TBD TBD
7. Security Considerations 7. Security Considerations
7.1. Introduction 7.1. Introduction
A malicious web application might use the browser to perform Denial A malicious web application might use the browser to perform Denial
Of Service (DOS) attacks on NAT infrastructure, or on peer devices. Of Service (DOS) attacks on NAT infrastructure, or on peer devices.
Also, a malicious web application might silently establish outgoing, Also, a malicious web application might silently establish outgoing,
and accept incoming, streams on an already established connection. and accept incoming, streams on an already established connection.
Based on the identified security risks, this section will describe Based on the identified security risks, this section will describe
security considerations for the browser and web application. security considerations for the browser and web application.
skipping to change at page 13, line 23 skipping to change at page 14, line 20
Based on the identified security risks, this section will describe Based on the identified security risks, this section will describe
security considerations for the browser and web application. security considerations for the browser and web application.
7.2. Browser Considerations 7.2. Browser Considerations
The browser is expected to provide mechanisms for getting user The browser is expected to provide mechanisms for getting user
consent to use device resources such as camera and microphone. consent to use device resources such as camera and microphone.
The browser is expected to provide mechanisms for informing the user The browser is expected to provide mechanisms for informing the user
that device resources such as camera and microphone are in use. that device resources such as camera and microphone are in use
("hot").
The browser is expected to provide mechanisms for users to revice The browser is expected to provide mechanisms for users to revise
consent to use device resources such as camera and microphone. consent to use device resources such as camera and microphone.
The browser is expected to provide mechanisms in order to assure that The browser is expected to provide mechanisms in order to assure that
streams are the ones the recipient intended to receive. streams are the ones the recipient intended to receive.
The browser is needs to ensure that media is not sent, and that The browser is needs to ensure that media is not sent, and that
received media is not rendered, until the associated stream received media is not rendered, until the associated stream
establishment and handshake procedures with the remote peer have been establishment and handshake procedures with the remote peer have been
successfully finished. successfully finished.
The browser needs to ensure that the stream negotiation procedures The browser needs to ensure that the stream negotiation procedures
are not seen as Denial Of Service (DOS) by other entities. are not seen as Denial Of Service (DOS) by other entities.
7.3. Web Application Considerations 7.3. Web Application Considerations
The web application is expected to ensure user consent in sending and The web application is expected to ensure user consent in sending and
receiving media streams. receiving media streams.
8. Acknowledgements 8. Additional use cases
Several additional use cases have been discusses. At this point
these use cases are not included as requirement deriving use cases
for different reasons (lack of documentation, overlap with existing
use cases, lack of consensus). For completeness these additional use
cases are listed below:
1. Use cases regarding different situations when being invited to a
"session", e.g. browser open, browser open but another tab
active, browser open but active in session, browser closed, ....
(Matthew Kaufman); discussed at webrtc meeting
2. Different TURN provider scenarios (Cullen Jennings); discussed
at the webrtc meeting
3. E911 (Paul Beaumont) http://www.ietf.org/mail-archive/web/
rtcweb/current/msg00525.html
4. Local Recording (John Ewell) at webrtc meeting
5. Remote recording (John) http://www.ietf.org/mail-archive/web/
rtcweb/current/msg00472.html
6. Emergency access for disabled (Bernard Aboba) http://
www.ietf.org/mail-archive/web/rtcweb/current/msg00478.html
7. Clue use cases (Roni Even) http://tools.ietf.org/html/
draft-ietf-clue-telepresence-use-cases-01
8. Rohan red cross (Cullen Jennings); http://www.ietf.org/
mail-archive/web/rtcweb/current/msg00323.html
9. Remote assistance (ala VNC or RDP) - User is helping another
user on their computer with either view-only or view-with-
control, either of just the browser of the the entire screen. ht
tp://www.ietf.org/mail-archive/web/rtcweb/current/msg00543.html
10. Security camera/baby monitor usage http://www.ietf.org/
mail-archive/web/rtcweb/current/msg00543.html
11. Large multiparty session http://www.ietf.org/mail-archive/web/
rtcweb/current/msg00530.html
9. Acknowledgements
Harald Alvestrand and Ted Hardie have provided comments and feedback Harald Alvestrand and Ted Hardie have provided comments and feedback
on the draft. on the draft.
Harald Alvestrand and Cullen Jennings have provided additional use- Harald Alvestrand and Cullen Jennings have provided additional use-
cases. cases.
Thank You to everyone in the RTCWEB community that have provided Thank You to everyone in the RTCWEB community that have provided
comments, feedback and improvement proposals on the draft content. comments, feedback and improvement proposals on the draft content.
9. Change Log 10. Change Log
[RFC EDITOR NOTE: Please remove this section when publishing] [RFC EDITOR NOTE: Please remove this section when publishing]
Changes from draft-ietf-rtcweb-ucreqs-01
o Changed Intended status to Information
o Changed "Ipr" to "trust200902"
o Added use case "Simple video communication service, NAT/FW that
blocks UDP", and derived new req F26
o Added use case "Distributed Music Band" and derived new req A17
o Added F24 as requirement derived from use case "Simple video
communication service with inter-operator calling"
o Added section "Additional use cases"
o Added text about ID handling to multiparty with central server use
case
o Re-phrased A1 slightly
Changes from draft-ietf-rtcweb-ucreqs-00 Changes from draft-ietf-rtcweb-ucreqs-00
o - Reshuffled: Just two main groups of use cases (b2b and b2GW/ o - Reshuffled: Just two main groups of use cases (b2b and b2GW/
Server); removed some specific use cases and added them instead as Server); removed some specific use cases and added them instead as
flavors to the base use case (Simple video communciation) flavors to the base use case (Simple video communciation)
o - Changed the fromulation of F19 o - Changed the fromulation of F19
o - Removed the requirement on an API for DTMF o - Removed the requirement on an API for DTMF
o - Removed "FX3: There SHOULD be a mapping of the minimum needed o - Removed "FX3: There SHOULD be a mapping of the minimum needed
data for setting up connections into SIP, so that the restriction data for setting up connections into SIP, so that the restriction
to SIP-carriable data can be verified. Not a rew on the browser to SIP-carriable data can be verified. Not a rew on the browser
skipping to change at page 14, line 44 skipping to change at page 16, line 47
Changes from draft-holmberg-rtcweb-ucreqs-00 Changes from draft-holmberg-rtcweb-ucreqs-00
o - Mapping between use-cases and requirements added (Harald o - Mapping between use-cases and requirements added (Harald
Alvestrand, 090311) Alvestrand, 090311)
o - Additional security considerations text (Harald Alvestrand, o - Additional security considerations text (Harald Alvestrand,
090311) 090311)
o - Clarification that user applications are assumed to be executed o - Clarification that user applications are assumed to be executed
by a browser (Ted Hardie, 080311) by a browser (Ted Hardie, 080311)
o - Editorial corrections and clarifications o - Editorial corrections and clarifications
10. References 11. References
11.1. Normative References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
10.2. Informative References 11.2. Informative References
Authors' Addresses Authors' Addresses
Christer Holmberg Christer Holmberg
Ericsson Ericsson
Hirsalantie 11 Hirsalantie 11
Jorvas 02420 Jorvas 02420
Finland Finland
Email: christer.holmberg@ericsson.com Email: christer.holmberg@ericsson.com
 End of changes. 40 change blocks. 
63 lines changed or deleted 162 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/