Internet Engineering Task Force MMUSIC WG Internet Draft H. Schulzrinne draft-ietf-mmusic-rfc2326bis-11.txt Columbia U. October 24, 2005 A. Rao Expires: April, 2006 Cisco R. Lanphier RealNetworks Magnus Westerlund Ericsson A. Narasimhan Overture Real Time Streaming Protocol 2.0 (RTSP) STATUS OF THIS MEMO By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Abstract This memorandum defines RTSP version 2.0 which is a revision of the Proposed Standard RTSP version 1.0 which is defined in RFC 2326. The Real Time Streaming Protocol, or RTSP, is an application-level protocol for control over the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of real-time data, such as audio and video. Sources of data can include both live data feeds and stored clips. This protocol is intended to control multiple data delivery H. Schulzrinne et. al. [Page 1] Internet Draft RTSP October 24, 2005 sessions, provide a means for choosing delivery channels such as UDP, multicast UDP and TCP, and provide a means for choosing delivery mechanisms based upon RTP (RFC 3550). H. Schulzrinne et. al. [Page 2] Internet Draft RTSP October 24, 2005 H. Schulzrinne et. al. [Page 3] Internet Draft RTSP October 24, 2005 1 Introduction 1.1 RTSP Specification Update This memorandum specifies RTSP 2.0 which is an update of RTSP 1.0, a proposed standard defined in RFC 2326 [24]. The goal of this version is to correct the many flaws that have been identified in RTSP 1.0 since its publication. The corrections are such that full backwards compatibility was impossible. Thus a new version was decided the most appropriate solution to get a more functional protocol. There are no plans to revise RTSP 1.0. Appendix H catalogs the changes of this version in relation to RTSP 1.0. A few open issues still remain to be resolved, and are listed in appendix G. These are intended to be close quickly. A list of bugs against RFC 2326 is available at "http://rtspspec.sourceforge.net". These bugs should be taken into account when reading this memorandum. Input on the unresolved bugs and other issues can be sent via e-mail to the MMUSIC WG's mailing list mmusic@ietf.org and the authors. RTSP 2.0 is reduced in functionality in regards to RTSP 1.0 and aims at specifying the RTSP core, functionality and rules for extensions, and basic interaction with the media delivery protocol RTP. Any other functionality would be need to be published as extension documents. The Working group has discussed a number of different proposals to extensions and is currently working on: o NAT and FW traversal mechanisms for RTSP are described in a document called "How to make Real-Time Streaming Protocol (RTSP) traverse Network Address Translators (NAT) and interact with Firewalls." [25]. 1.2 Purpose The Real-Time Streaming Protocol (RTSP) establishes and controls one or several time-synchronized streams of continuous media such as audio and video. Put simply, RTSP acts as a "network remote control" for multimedia servers. There is no notion of an RTSP connection in the protocol. Instead, an RTSP server maintains a session labeled by an identifier to associate groups of media streams and their states. An RTSP session is not tied to a transport-level connection such as a TCP connection. During a session, a client may open and close many reliable transport connections to the server to issue RTSP requests for that session. H. Schulzrinne et. al. [Page 9] Internet Draft RTSP October 24, 2005 This memorandum describes the use of RTSP over a reliable connection based transport level protocol such as TCP. RTSP may be implemented over an unreliable connectionless transport protocol such as UDP. While nothing in RTSP precludes this, additional definition of this problem area needs to be handled as an extension to the core specification. The mechanisms of RTSP's operation over UDP were left out of this spec. because they were poorly defined in RFC 2326 [24] and the tradeoff in size and complexity of this memorandum for a small gain in a limited problem space was not deemed justifiable. The set of streams to be controlled in an RTSP session is defined by a presentation description. This memorandum does not define a format for the presentation description. However appendix C defines how SDP [1] is used for this purpose. The streams controlled by RTSP may use RTP [2] for their data transport, but the operation of RTSP does not depend on the transport mechanism used to carry continuous media. RTSP is intentionally similar in syntax and operation to HTTP/1.1 [3] so that extension mechanisms to HTTP can in most cases also be added to RTSP. However, RTSP differs in a number of important aspects from HTTP: o RTSP introduces a number of new methods and has a different protocol identifier. o RTSP has the notion of a session built into the protocol. o An RTSP server needs to maintain state by default in almost all cases, as opposed to the stateless nature of HTTP. o Both an RTSP server and client can issue requests. o Data is usually carried out-of-band by a different protocol. Session descriptions returned in a DESCRIBE response (see Section 11.2) and interleaving of RTP with RTSP over TCP are exceptions to this rule (see Section 12). o RTSP is defined to use ISO 10646 (UTF-8) rather than ISO 8859-1, consistent with HTML internationalization efforts [26]. o The Request-URI always contains the absolute URI. Because of backward compatibility with a historical blunder, HTTP/1.1 [3] carries only the absolute path in the request and puts the host name in a separate header field. H. Schulzrinne et. al. [Page 10] Internet Draft RTSP October 24, 2005 This makes "virtual hosting" easier, where a single host with one IP address hosts several document trees. The protocol supports the following operations: Retrieval of media from media server: The client can either request a presentation description via RTSP DESCRIBE, HTTP or some other method. If the presentation is being multicast, the presentation description contains the multicast addresses and ports to be used for the continuous media. If the presentation is to be sent only to the client via unicast, the client provides the destination of necessity. Invitation of a media server to a conference: A media server can be "invited" to join an existing conference to play back media into the presentation. This mode is useful for example distributed teaching applications. Several parties in the conference may take turns "pushing the remote control buttons". RTSP requests may be handled by proxies, tunnels and caches as in HTTP/1.1 [3]. 1.3 Notational Conventions Since many of the definitions and syntax are identical to HTTP/1.1, this specification only points to the section where they are defined rather than copying it. For brevity, [HX.Y] is to be taken to refer to Section X.Y of the current HTTP/1.1 specification (RFC 2616 [3]). All the mechanisms specified in this document are described in both prose and the Augmented Backus-Naur form (ABNF) described in detail in RFC 4234 [4]. Indented and smaller-type paragraphs are used to provide informative background and motivation. This is intended to give readers who were not involved with the formulation of the specification an understanding of why things are the way they are in RTSP. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [5]. The word, "unspecified" is used to indicate functionality or features that are not defined in this specification. Such functionality cannot be used in a standardized manner without further definition in an extension specification to RTSP. H. Schulzrinne et. al. [Page 11] Internet Draft RTSP October 24, 2005 1.4 Terminology Some of the terminology has been adopted from HTTP/1.1 [3]. Terms not listed here are defined as in HTTP/1.1. Aggregate control: The concept of controlling multiple streams using a single timeline, generally maintained by the server. A client, for example, uses aggregate control when it issues a single play or pause message to simultaneously control both the audio and video in a movie. Aggregate control URI: The URI used in an RTSP request to refer to and control an aggregated session. It normally, but not always, corresponds to the presentation URI specified in the session description. See Section 11.3 for more information. Conference: a multiparty, multimedia presentation, where "multi" implies greater than or equal to one. Client: The client requests media service from the media server. Connection: A transport layer virtual circuit established between two programs for the purpose of communication. Container file: A file which may contain multiple media streams which often constitutes a presentation when played together. The concept of a container file is not embedded in the protocol. However, RTSP servers may offer aggregate control on the media streams within these files. Continuous media: Data where there is a timing relationship between source and sink; that is, the sink needs to reproduce the timing relationship that existed at the source. The most common examples of continuous media are audio and motion video. Continuous media can be real-time (interactive or conversational), where there is a "tight" timing relationship between source and sink, or streaming (playback), where the relationship is less strict. Entity: The information transferred as the payload of a request or response. An entity consists of meta-information in the form of entity-header fields and content in the form of an entity-body, as described in Section 8. Feature-tag: A tag representing a certain set of functionality, i.e. a feature. H. Schulzrinne et. al. [Page 12] Internet Draft RTSP October 24, 2005 Live: Normally used to describe a presentation or session with media coming from an ongoing event. This generally results in that the session has a unbound or only loosely defined duration, and that no seek operations are possible. Media initialization: Datatype/codec specific initialization. This includes such things as clock rates, color tables, etc. Any transport-independent information which is required by a client for playback of a media stream occurs in the media initialization phase of stream setup. Media parameter: Parameter specific to a media type that may be changed before or during stream playback. Media server: The server providing playback services for one or more media streams. Different media streams within a presentation may originate from different media servers. A media server may reside on the same host or on a different host from which the presentation is invoked. Media server indirection: Redirection of a media client to a different media server. (Media) stream: A single media instance, e.g., an audio stream or a video stream as well as a single whiteboard or shared application group. When using RTP, a stream consists of all RTP and RTCP packets created by a source within an RTP session. Message: The basic unit of RTSP communication, consisting of a structured sequence of octets matching the syntax defined in Section 19 and transmitted over a connection or a connectionless transport. Non-Aggregated Control: Control of a single media stream. Only possible in RTSP sessions with a single media. Participant: Member of a conference. A participant may be a machine, e.g., a playback server. Presentation: A set of one or more streams presented to the client as a complete media feed and described by a presentation description as defined below. Presentations with more than one media stream is often handled in RTSP under aggregate control. Presentation description: A presentation description contains information about one or more media streams within a H. Schulzrinne et. al. [Page 13] Internet Draft RTSP October 24, 2005 presentation, such as the set of encodings, network addresses and information about the content. Other IETF protocols such as SDP (RFC 2327 [1]) use the term "session" for a presentation. The presentation description may take several different formats, including but not limited to the session description protocol format, SDP. Response: An RTSP response. If an HTTP response is meant, that is indicated explicitly. Request: An RTSP request. If an HTTP request is meant, that is indicated explicitly. Request-URI: The URI used in a request to indicate the resource on which the request is to be performed. RTSP agent: Refers to either an RTSP client, an RTSP server, or an RTSP Proxy. In this specification, there are many capabilities that are common to these three entities such as the capability to send requests or receive responses. This term will be used when describing functionality that is applicable to all three of these entities. RTSP session: A stateful abstraction upon which the main control methods of RTSP operate. An RTSP session is a server entity; it is created, maintained and destroyed by the server. It is established by an RTSP server upon the completion of a successful SETUP request (when 200 OK response is sent) and is labelled by a session identifier at that time. The session exists until timed out by the server or explicitly removed by a TEARDOWN request. An RTSP session is a stateful entity; an RTSP server maintains an explicit session state machine (see Appendix A) where most state transitions are triggered by client requests. The existence of a session implies the existence of state about the session's media streams and their respective transport mechanisms. A given session can have zero or more media streams associated with it. An RTSP server uses the session to aggregate control over multiple media streams. Transport initialization: The negotiation of transport information (e.g., port numbers, transport protocols) between the client and the server. URI: Universal Resource Identifier, see RFC 3986 [6]. In RTSP the used URIs are as general rule in fact URL's as they gives an location for the resource. As URLs are a subset of URIs, they will be referred to as URIs to cover also the H. Schulzrinne et. al. [Page 14] Internet Draft RTSP October 24, 2005 cases when an RTSP URI would not be an URL. URL: Universal Resource Locator, is an URI which identifies the resource through its primary access mechanism, rather than identifying the resource by name or by some other attribute(s) of that resource. 1.5 Protocol Properties RTSP has the following properties: Extendable: New methods and parameters can be easily added to RTSP. Easy to parse: RTSP can be parsed by standard HTTP or MIME parsers. Secure: RTSP re-uses web security mechanisms, either at the transport level (TLS, RFC 2246 [7]) or within the protocol itself. All HTTP authentication mechanisms such as basic (RFC 2616 [3]) and digest authentication (RFC 2617 [8]) are directly applicable. Transport-independent: RTSP does not preclude the use of an unreliable datagram protocol (UDP) (RFC 768 [9]) as it would be possible to implement application-level reliability. The use of a connectionless datagram protocol such as UDP requires additional definition that may be provided as extensions to the core RTSP specification. The usage of the reliable stream protocol TCP (RFC 793 [10]) and secured reliable stream protocol TLS over TCP [7] is what is currently defined as transport protocol of RTSP messages. Multi-server capable: Each media stream within a presentation can reside on a different server. The client automatically establishes several concurrent control sessions with the different media servers. Media synchronization is performed at the transport level. Separation of stream control and conference initiation: Stream control is divorced from inviting a media server to a conference. In particular, SIP [27] or H.323 [28] may be used to invite a server to a conference. Suitable for professional applications: RTSP supports frame- level accuracy through SMPTE time stamps to allow remote digital editing. H. Schulzrinne et. al. [Page 15] Internet Draft RTSP October 24, 2005 Presentation description neutral: The protocol does not impose a particular presentation description or metafile format and can convey the type of format to be used. However, the presentation description is required to contain at least one RTSP URI. Proxy and firewall friendly: The protocol should be readily handled by both application and transport-layer (SOCKS [29]) firewalls. A firewall may need to understand the SETUP method to open a "hole" for the media stream. HTTP-friendly: Where sensible, RTSP reuses HTTP concepts, so that the existing infrastructure can be reused. This infrastructure includes PICS (Platform for Internet Content Selection [30,31]) for associating labels with content. However, RTSP does not just add methods to HTTP since the controlling continuous media requires server state in most cases. Appropriate server control: If a client can start a stream, it needs to be able to stop a stream. Servers should not start streaming to clients in such a way that clients cannot stop the stream. Transport negotiation: The client can negotiate the transport method prior to actually needing to process a continuous media stream. 1.6 Extending RTSP Since not all media servers have the same functionality, media servers by necessity will support different sets of requests. For example: o A server may not be capable of seeking (absolute positioning) if it is to support live events only. o Some servers may not support setting stream parameters and thus not support GET_PARAMETER and SET_PARAMETER. o Some server may support an RTSP extension. A server SHOULD implement all header fields described in Section 14. It is up to the creators of presentation descriptions not to ask the impossible of a server. This situation is similar in HTTP/1.1 [3], where the methods described in [H19.5] are not likely to be supported across all servers. H. Schulzrinne et. al. [Page 16] Internet Draft RTSP October 24, 2005 RTSP can be extended in three ways, listed here in order of the magnitude of changes supported: o Existing methods can be extended with new parameters, e.g. headers, as long as these parameters can be safely ignored by the recipient. If the client needs negative acknowledgement when a method extension is not supported, a tag corresponding to the extension may be added in the Require: field (see Section 14.37). o New methods can be added. If the recipient of the message does not understand the request, it responds with error code 501 (Not Implemented) and the sender should not attempt to use this method again. A client may also use the OPTIONS method to inquire about methods supported by the server. The server MUST list the methods it supports using the Public response header. o A new version of the protocol can be defined, allowing almost all aspects (except the position of the protocol version number) to change. The basic capability discovery mechanism can be used to both discover support for a certain feature and to ensure that a feature is available when performing a request. For detailed explanation of this see section 10. 1.7 Overall Operation Each presentation and media stream is identified by an RTSP URI. The overall presentation and the properties of the media the presentation is made up of are defined by a presentation description file, the format of which is outside the scope of this specification. The presentation description file may be obtained by the client using HTTP or other means such as email and may not necessarily be stored on the media server. For the purposes of this specification, a presentation description is assumed to describe one or more presentations, each of which maintains a common time axis. For simplicity of exposition and without loss of generality, it is assumed that the presentation description contains exactly one such presentation. A presentation may contain several media streams. The presentation description file contains a description of the media streams making up the presentation, including their encodings, language, and other parameters that enable the client to choose the most appropriate combination of media. In this presentation description, each media stream that is individually controllable by H. Schulzrinne et. al. [Page 17] Internet Draft RTSP October 24, 2005 RTSP is identified by an RTSP URI, which points to the media server handling that particular media stream and names the stream stored on that server. Several media streams can be located on different servers; for example, audio and video streams can be split across servers for load sharing. The description also enumerates which transport methods the server is capable of. Besides the media parameters, the network destination address and port need to be determined. Several modes of operation can be distinguished: Unicast: The media is transmitted to the source of the RTSP request, with the port number chosen by the client. Alternatively, the media is transmitted on the same reliable stream as RTSP. Multicast, server chooses address: The media server picks the multicast address and port. This is the typical case for a live or near-media-on-demand transmission. Multicast, client chooses address: If the server is to participate in an existing multicast conference, the multicast address, port and encryption key are given by the conference description, established by means outside the scope of this specification, for example by a SIP created conference. 1.8 RTSP States RTSP controls a stream which may be sent via a separate protocol, independent of the control channel. For example, RTSP control may be transported on a TCP connection while the media data is conveyed via UDP. Thus, data delivery continues even if no RTSP requests are received by the media server. Also, during its lifetime, a single media stream may be controlled by RTSP requests issued sequentially on different TCP connections. Therefore, the server needs to maintain "session state" to be able to correlate RTSP requests with a stream. The state transitions are described in Appendix A. Many methods in RTSP do not contribute to state. However, the following play a central role in defining the allocation and usage of stream resources on the server: SETUP, PLAY, PAUSE, REDIRECT, and TEARDOWN. SETUP: Causes the server to allocate resources for a stream and create an RTSP session. PLAY: Starts data transmission on a stream allocated via SETUP. H. Schulzrinne et. al. [Page 18] Internet Draft RTSP October 24, 2005 PAUSE: Temporarily halts a stream without freeing server resources. REDIRECT: Indicates that the session should be moved to new server / location TEARDOWN: Frees resources associated with the stream. The RTSP session ceases to exist on the server. RTSP methods that contribute to state use the Session header field (Section 14.42) to identify the RTSP session whose state is being manipulated. The server generates session identifiers in response to SETUP requests (Section 11.3). 1.9 Relationship with Other Protocols RTSP has some overlap in functionality with HTTP. It also may interact with HTTP in that the initial contact with streaming content is often to be made through a web page. The current protocol specification aims to allow different hand-off points between a web server and the media server implementing RTSP. For example, the presentation description can be retrieved using HTTP or RTSP, which reduces round trips in web-browser-based scenarios, yet also allows for stand alone RTSP servers and clients which do not rely on HTTP at all. However, RTSP differs fundamentally from HTTP in that most data delivery takes place out-of-band in a different protocol. HTTP is an asymmetric protocol where the client issues requests and the server responds. In RTSP, both the media client and media server can issue requests. RTSP requests are also stateful; they may set parameters and continue to control a media stream long after the request has been acknowledged. Re-using HTTP functionality has advantages in at least two areas, namely security and proxies. The requirements are very similar, so having the ability to adopt HTTP work on caches, proxies and authentication is valuable. RTSP assumes the existence of a presentation description format that can express both static and temporal properties of a presentation containing several media streams. Session Description Protocol (SDP) [1] is generally the format of choice; however, RTSP is not bound to it. For data delivery, most real-time media will use RTP as a transport protocol. While RTSP works well with RTP, it is not tied to RTP. 2 RTSP Use Cases H. Schulzrinne et. al. [Page 19] Internet Draft RTSP October 24, 2005 This section describes the most important and considered use cases for RTSP. They are listed in descending order of importance in regards to ensuring that all necessary functionality is present. This specification does only fully support usage of the two first. Also in these first two cases, there are special cases or exceptions that are not supported without extensions, e.g. the redirection of media to another address than the controlling entity. 2.1 On-demand Playback of Stored Content An RTSP capable server stores content suitable for being streamed to a client. A client desiring playback of any of the stored content then uses RTSP to set up and configure the media transport required for the desired content. Then RTSP is used to initiate, halt and manipulate the actual transmission (playout) of the content. There are also requirement on being able to use RTSP to carry necessary description and synchronization information for the content. The above high level description can be broken down into a number of functionalities that RTSP needs to be capable of. Presentation Description: The possibility to carry initialization information about the presentation (content), for example, which media codec(s) that are needed for the content. Other information that are important; how many media stream that the presentation contains; what transport protocols used for the media streams; and identifiers for these media streams. This information is required before setup of the content is possible. The information is also needed by the client to determine if it is capable at all to support the content. This information is not required to be sent using RTSP, instead other external protocols can be utilized to transport presentation descriptions. Two good examples are the use of HTTP [3] or email to fetch or receive presentation descriptions like SDP [1]. .XP Setup: Performing setup of some or all of the media streams in a presentation. The setup itself consist of determining which protocols for media transport to use; the necessary parameters for the protocol, like addresses and ports. .XP Control of Transmission: After the necessary media streams has been established the client can request the server to start transmitting the content. There is need to allow the client to at arbitrary times start or stop the transmission of the content. There are also exist need to be able to start the transmission at an any point in the timeline of the presentation. .XP Synchronization: For media transport protocols like RTP [16] it might be beneficial to carry synchronization information within RTSP. Either due to the H. Schulzrinne et. al. [Page 20] Internet Draft RTSP October 24, 2005 lack of inter media synchronization within the protocol itself, or the potential delay before the synchronization is established (which is the case for RTP when using RTCP). .XP Termination There is also need to be able to terminate the established contexts. For this use cases there is a number of assumption about how it works. These are listed below: On-Demand content: The content available is stored at the server and can be accessed at any time during a time period when it is intended to be available. .XP Independent sessions: A server is capable of serving a number of clients simultaneously, including from the same piece of content at different points in that presentations time-line. .XP Unicast Transport: Content for each individual client is transmitted to them using unicast traffic. It is also possible to redirect the media traffic to another destination than where the entity controlling traffic uses. However allowing this without appropriate mechanisms for checking that the destination approves of this is allows for distributed denial of service attacks (DDoS). 2.2 Unicast distribution of Live Content This use cases is not that different from the above on-demand content case (see section 2.1. The difference is really the restriction the content itself establish. Live content is continuously distributed as it becomes available from a source, i.e. the main difference to on- demand is that one starts distributing content before the end of it has become available to the server. In many cases the consumer of live content is only interested in consuming what is actually happens "now", i.e. very similar to broadcast TV. However in this case it is assumed that there exist no broadcast or multicast channel to the users, and instead the server functions as a distribution node, sending the same content to multiple receivers, using unicast traffic between server and client. This unicast traffic and the transport parameters are individually negotiated for each receiving client. Another aspect of live content is that it has often very limited time of availability, as it is only is available for the duration of the event the content covers. A example of such a live content could for example be a music concert, which lasts 2 hour and starts at a predetermined time. Thus there is need to announce when and for how long the live content is available. 2.3 On-demand Playback using Multicast It is possible to use RTSP to request that media is delivered to a multicast group. The entity setting up the session (the controller) H. Schulzrinne et. al. [Page 21] Internet Draft RTSP October 24, 2005 will then control when and what media that is delivered to the group. Also this use case has some potential for denial of service attacks, in this case flooding any multicast group. Therefore there is need for a mechanism indicating that the group actually accepts the traffic from the RTSP server. An open issue in this use case is how one ensures that all receivers listening to the multicast or broadcast receives the session presentation configuring the receivers. 2.4 Inviting a RTSP server into a conference If one has an established conference or group session, it is possible to have a RTSP server distribute media to the whole group. The transmission to the group is simplest controlled by a single participant or leader of the conference. Shared control might be possible, but would require further investigation and possibly extensions. There are some protocol mechanisms missing for this scenario. For reasonable complexity in the media transmission stage, this use case assumes that there exist either multicast or a conference focus that redistribute media to all participants. In some more detail, this use case is intended to be able to handle the following scenario: A conference leader or participant (from here called the controller) has some pre-stored content on a RTSP server that he likes to share with the group. The controller sets up an RTSP session at the streaming server for the content the controller likes to share. The session description for the content is retrieved by the controller. The media destination for the media content is sent to the shared multicast group or conference focus. When desired by the controller, he/she can start and stop the transmission of the media to the conference group. There are several issues with this use case that is not solved by this core specification for RTSP: o Denial of service threat, to avoid a RTSP server from being a unknowing participant of a denial of service attack the server needs to be able to verify the destinations acceptance for the media. Such a mechanism does not yet exist that can be used to verify the approval to received media, instead only policies can be used, which can be made to work in controlled environments. .IP o 2 The problem of distributing the presentation description to all participants in the group. To enable a media receiver to decode the content correctly the media configuration information will need to be distributed reliable to all participants. This will most likely require support from an external protocol. .IP o 2 Passing the control. If it is desired to be able to pass the control of the RTSP session between the participants some support will be required by an external protocol for the necessary exchange of state information and possibly floor control of who is H. Schulzrinne et. al. [Page 22] Internet Draft RTSP October 24, 2005 controlling the RTSP session. So if there interest in this use case further work on the necessary extensions has to be performed. 2.5 Live Content using Multicast This use case does in its simplest form do not require any use of RTSP at all. This is what multicast conferences being announced with SAP and SDP are intended to handle. However in use cases where more advance features like access control to the multicast session is desired, RTSP could be used for session establishment. A client desiring to join a live multicasted media session with cryptographic (encryption) access control could use RTSP in the following way. The source of the session, announces the session and gives all interested to join, a RTSP URI. The client connects to the server and requests the presentation description allowing for configuration the reception. In this step it is possible to use secured transport for the client, and also desired levels of authentication, for example for charging purposes or simply access control. An RTSP link also allows for load balancing between multiple servers. However if this was the only thing that occurred it could probably be solved as simply using HTTP. However for session where the sender likes to keep track of each individual receiver during the session, and possibly use this side channel for pushing out key-updates or other side information that is desirable to be done on a per receiver basis, and the receivers are not know prior to the session start, the state establishment that RTSP provides can be beneficial. In this case a client would establish a RTSP session to the multicast group. The RTSP server will not transmit any media, instead it will simply point to the multicast group. However the client and server will be able to keep the session alive for as long as the receiver participates in the session. Thus enabling, for example server to client pushes of updates. This use cases will most likely not be able to actually implement without some extensions in relation to the server to client push mechanism. Here a method like ANNOUNCE (see RFC 2326 [24] might be suitable, however it will require a RTSP extension to revive the method. 3 Protocol Parameters 3.1 RTSP Version HTTP Specification Section [H3.1] applies, with HTTP replaced by RTSP. This specification defines version 2.0 of RTSP. 3.2 RTSP URI H. Schulzrinne et. al. [Page 23] Internet Draft RTSP October 24, 2005 The "rtsp", "rtsps" schemes are used to refer to network resources via the RTSP protocol. This section defines the scheme-specific syntax and semantics for RTSP URIs. The RTSP URI is case sensitive. An URI scheme "rtspu" was defined in RFC 2326 for transport of RTSP messages over unreliable transport (UDP) and is currently deprecated and reserved, and MUST NOT be used . See Appendix E for further information. Informative RTSP URI syntax: rtsp[u|s]://host[:port]/abspath[?query]#fragment See section 19.2.1 for the formal definition of the RTSP URI syntax. The fragment identifier is used as defined in section 4.1 of [6], i.e. the fragment is to be stripped from the URI by the requestor and not included in the request. The user agent also needs to interpret the value of the fragment based on the media type the request relates to, i.e. the media type indicated in Content-Type header in the response to DESCRIBE. The syntax of any URI query string is unspecified and responder (usually the server) specific. As it is from the requestor an opaque string, it needs to be handled as such. The URI scheme rtsp requires that commands are issued via a reliable protocol (within the Internet, TCP), while the scheme rtsps identifies a reliable transport using secure transport (TLS [7]). If the no port number is provided in the URI, port number 554 SHALL be used. The semantics are that the identified resource can be controlled by RTSP at the server listening for TCP (scheme "rtsp") connections on that port of host, and the Request-URI for the resource is rtsp_URI. For the scheme rtsps the TCP and UDP port 322 is registered and SHALL be assumed. The use of IP addresses in URIs SHOULD be avoided whenever possible (see RFC 1924 [11]). This specification updates the RTSP URI scheme to allow for literal IPv6 addresses using the host specification in RFC 2732 [12]. Note: Using qualified domain names in any URI is one requirement for making it possible for RTSP 1.0 (RFC 2326) implementations of RTSP to use IPv6. A presentation or a stream is identified by a textual media H. Schulzrinne et. al. [Page 24] Internet Draft RTSP October 24, 2005 identifier, using the character set and escape conventions [H3.2] of URIs (RFC 3986 [6]). URIs may refer to a stream or an aggregate of streams, i.e., a presentation. Accordingly, requests described in Section 11 can apply to either the whole presentation or an individual stream within the presentation. Note that some request methods can only be applied to streams, not presentations and vice versa. For example, the RTSP URI: rtsp://media.example.com:554/twister/audiotrack may identify the audio stream within the presentation "twister", which can be controlled via RTSP requests issued over a TCP connection to port 554 of host media.example.com Also, the RTSP URI: rtsp://media.example.com:554/twister identifies the presentation "twister", which may be composed of audio and video streams. This does not imply a standard way to reference streams in URIs. The presentation description defines the hierarchical relationships in the presentation and the URIs for the individual streams. A presentation description may name a stream "a.mov" and the whole presentation "b.mov". The path components of the RTSP URI are opaque to the client and do not imply any particular file system structure for the server. This decoupling also allows presentation descriptions to be used with non-RTSP media control protocols simply by replacing the scheme in the URI. 3.3 Session Identifiers Session identifiers are strings of any arbitrary length. A session identifier MUST be chosen randomly and MUST be at least eight characters long to make guessing it more difficult. (See Section 20.) 3.4 SMPTE Relative Timestamps H. Schulzrinne et. al. [Page 25] Internet Draft RTSP October 24, 2005 A SMPTE relative timestamp expresses time relative to the start of the clip. Relative timestamps are expressed as SMPTE time codes for frame-level access accuracy. The time code has the format hours:minutes:seconds:frames.subframes, with the origin at the start of the clip. The default smpte format is "SMPTE 30 drop" format, with frame rate is 29.97 frames per second. Other SMPTE codes MAY be supported (such as "SMPTE 25") through the use of alternative use of "smpte time". For the "frames" field in the time value can assume the values 0 through 29. The difference between 30 and 29.97 frames per second is handled by dropping the first two frame indices (values 00 and 01) of every minute, except every tenth minute. If the frame value is zero, it may be omitted. Subframes are measured in one-hundredth of a frame. Examples: smpte=10:12:33:20- smpte=10:07:33- smpte=10:07:00-10:07:33:05.01 smpte-25=10:07:00-10:07:33:05.01 3.5 Normal Play Time Normal play time (NPT) indicates the stream absolute position relative to the beginning of the presentation, not to be confused with the Network Time Protocol (NTP) [32]. The timestamp consists of a decimal fraction. The part left of the decimal may be expressed in either seconds or hours, minutes, and seconds. The part right of the decimal point measures fractions of a second. The beginning of a presentation corresponds to 0.0 seconds. Negative values are not defined. The special constant now is defined as the current instant of a live type event. It MAY only be used for live type events, and SHALL NOT be used for on-demand content. NPT is defined as in DSM-CC [33]: "Intuitively, NPT is the clock the viewer associates with a program. It is often digitally displayed on a VCR. NPT advances normally when in normal play mode (scale = 1), advances at a faster rate when in fast scan forward (high positive scale ratio), decrements when in scan reverse (high negative scale ratio) and is fixed in pause mode. NPT is (logically) equivalent to SMPTE time codes." Examples: npt=123.45-125 H. Schulzrinne et. al. [Page 26] Internet Draft RTSP October 24, 2005 npt=12:05:35.3- npt=now- The syntax conforms to ISO 8601 [34]. The npt-sec notation is optimized for automatic generation, the ntp-hhmmss notation for consumption by human readers. The "now" constant allows clients to request to receive the live feed rather than the stored or time-delayed version. This is needed since neither absolute time nor zero time are appropriate for this case. 3.6 Absolute Time Absolute time is expressed as ISO 8601 [34] timestamps, using UTC (GMT). Fractions of a second may be indicated. Example for November 8, 1996 at 14h37 and 20 and a quarter seconds UTC: 19961108T143720.25Z 3.7 Feature-tags Feature-tags are unique identifiers used to designate features in RTSP. These tags are used in Require (Section 14.37), Proxy-Require (Section 14.31), Proxy-Supported (Section 14.32), Unsupported (Section 14.46), and Supported (Section 14.43) header fields. Feature tag needs to indicate which combination of clients, servers, or proxies they applies too. The creator of a new RTSP feature-tag should either prefix the feature-tag with a reverse domain name (e.g., "com.example.mynewfeature" is an apt name for a feature whose inventor can be reached at "example.com"), or register the new feature-tag with the Internet Assigned Numbers Authority (IANA), see IANA Section 21. The usage of feature tags are further described in section 10 that deals with capability handling. 3.8 Entity Tags H. Schulzrinne et. al. [Page 27] Internet Draft RTSP October 24, 2005 Entity tags are opaque strings that are used to compare two entities from the same resource, for example in caches or to optimize setup after a redirect. Further explanation is present in [H3.11]. For explanation on how to compare Entity tags see [H13.3]. Entity tags can be carried in the ETag header (see section 14.21) or in SDP (see section C.1.8). Entity tags are used in RTSP to make some methods conditional. The methods are made conditional through the inclusion of headers, see 14.25 and 14.27. 4 RTSP Message RTSP is a text-based protocol and uses the ISO 10646 character set in UTF-8 encoding (RFC 2279 [13]). Lines SHALL be terminated by CRLF. Text-based protocols make it easier to add optional parameters in a self-describing manner. Since the number of parameters and the frequency of commands is low, processing efficiency is not a concern. Text-based protocols, if done carefully, also allow easy implementation of research prototypes in scripting languages such as Tcl, Visual Basic and Perl. The 10646 character set avoids tricky character set switching, but is invisible to the application as long as US-ASCII is being used. This is also the encoding used for RTCP. ISO 8859-1 translates directly into Unicode with a high-order octet of zero. ISO 8859-1 characters with the most-significant bit set are represented as 1100001x 10xxxxxx. (See RFC 2279 [13]) Requests contain methods, the object the method is operating upon and parameters to further describe the method. Methods are idempotent, unless otherwise noted. Methods are also designed to require little or no state maintenance at the media server. 4.1 Message Types See [H4.1]. 4.2 Message Headers See [H4.2]. 4.3 Message Body See [H4.3] H. Schulzrinne et. al. [Page 28] Internet Draft RTSP October 24, 2005 4.4 Message Length When a message body is included with a message, the length of that body is determined by one of the following (in order of precedence): 1. Any response message which MUST NOT include a message body (such as the 1xx, 204, and 304 responses) is always terminated by the first empty line after the header fields, regardless of the entity-header fields present in the message. (Note: An empty line consists of only CRLF.) 2. If a Content-Length header field (section 14.16) is present, its value in bytes represents the length of the message-body. If this header field is not present, a value of zero is assumed. Unlike an HTTP message, an RTSP message MUST contain a Content-Length header field whenever it contains a message body. Note that RTSP does not (at present) support the HTTP/1.1 "chunked" transfer coding(see [H3.6.1]). Given the moderate length of presentation descriptions returned, the server should always be able to determine its length, even if it is generated dynamically, making the chunked transfer encoding unnecessary. 5 General Header Fields See [H4.5], except that Pragma, Trailer, Transfer-Encoding, Upgrade, and Warning headers are not defined. RTSP further defines the CSeq, and Timestamp. The general headers are listed in table 1: Header Name Comment _________________________________ Cache-Control See section 14.10 Connection See section 14.11 CSeq See section 14.19 Date See section 14.20 Supported See section 14.43 Timestamp See section 14.44 Via See section 14.49 Table 1: The General headers used in RTSP. H. Schulzrinne et. al. [Page 29] Internet Draft RTSP October 24, 2005 6 Request A request messages uses the format outlined below, regardless of the direction of a request, client to server or server to client: o Request line, containing the method to be applied to the resource, the identifier of the resource, and the protocol version in use; o zero or more Header lines, that can be of the following types: general (Section 5), request (Section 6.2), or entity (Section 8.1); o One empty line (CR/LF) to indicate the end of the header section; o Optionally a message body (entity), consisting of one or more lines. the length of the message body in number of bytes is indicated by the Content-Length entity header. 6.1 Request Line The request line provides the key information about the request: What method, on what resources and using which RTSP version. The methods that are defined by this specification are listed in Table 2. Method Defined In Section _________________________________ DESCRIBE Section 11.2 GET_PARAMETER Section 11.7 OPTIONS Section 11.1 PAUSE Section 11.5 PLAY Section 11.4 REDIRECT Section 11.9 SETUP Section 11.3 SET_PARAMETER Section 11.8 TEARDOWN Section 11.6 Table 2: The RTSP Methods The syntax of the RTSP request line is the following: SP SP CRLF H. Schulzrinne et. al. [Page 30] Internet Draft RTSP October 24, 2005 Note: This syntax cannot be freely changed in future versions of RTSP. This line needs to remain parsable by older RTSP implementations since it indicates the RTSP version of the message. In contrast to HTTP/1.1 [3], RTSP requests identify the resource through an absolute RTSP URI (scheme, host, and port)(see section 3.2) rather than just the absolute path. HTTP/1.1 requires servers to understand the absolute URI, but clients are supposed to use the Host request header. This is purely needed for backward-compatibility with HTTP/1.0 servers, a consideration that does not apply to RTSP. An asterisk "*" can be used in the Request-URI to indicate that the request does not apply to a particular resource, but to the server or proxy itself, and is only allowed when the request method does not necessarily apply to a resource. For example: OPTIONS * RTSP/2.0 An OPTIONS in this form will determine the capabilities of the server or the proxy that first receives the request. If the capability of the specific server needs to be determined, without regard to the capability of an intervening proxy, the server should be addressed explicitly with an absolute URI that contains the server's address. For example: OPTIONS rtsp://example.com RTSP/2.0 6.2 Request Header Fields The RTSP headers in Table 3 can be included in a request, as request headers, to modify the specifics of the request. These headers may also be used in the response to a request, as response headers, to modify the specifics of a response (Section 7.1.2). Detailed headers definition are provided in Section 14. H. Schulzrinne et. al. [Page 31] Internet Draft RTSP October 24, 2005 Header Defined in Section _____________________________________ Accept Section 14.1 Accept-Encoding Section 14.3 Accept-Language Section 14.4 Authorization Section 14.7 Bandwidth Section 14.8 Blocksize Section 14.9 From Section 14.23 If-Match Section 14.25 If-Modified-Since Section 14.26 If-None-Match Section 14.27 Proxy-Require Section 14.31 Range Section 14.34 Referer Section 14.35 Require Section 14.37 Scale Section 14.39 Session Section 14.42 Speed Section 14.40 Supported Section 14.43 Transport Section 14.45 User-Agent Section 14.47 Table 3: The RTSP request headers 7 Response [H6] applies except that HTTP-Version is replaced by RTSP-Version. Also, RTSP defines additional status codes and does not define some HTTP codes. The valid response codes and the methods they can be used with are defined in Table 4. After receiving and interpreting a request message, the recipient responds with an RTSP response message. 7.1 Status-Line The first line of a Response message is the Status-Line, consisting of the protocol version followed by a numeric status code, and the textual phrase associated with the status code, with each element separated by SP characters. No CR or LF is allowed except in the final CRLF sequence. SP SP CRLF H. Schulzrinne et. al. [Page 32] Internet Draft RTSP October 24, 2005 7.1.1 Status Code and Reason Phrase The Status-Code element is a 3-digit integer result code of the attempt to understand and satisfy the request. These codes are fully defined in Section 13. The Reason-Phrase is intended to give a short textual description of the Status-Code. The Status-Code is intended for use by automata and the Reason-Phrase is intended for the human user. The client is not required to examine or display the Reason- Phrase. The first digit of the Status-Code defines the class of response. The last two digits do not have any categorization role. There are 5 values for the first digit: o 1xx: Informational - Request received, continuing process o 2xx: Success - The action was successfully received, understood, and accepted o 3rr: Redirection - Further action needs to be taken in order to complete the request o 4xx: Client Error - The request contains bad syntax or cannot be fulfilled o 5xx: Server Error - The server failed to fulfill an apparently valid request The individual values of the numeric status codes defined for RTSP/2.0, and an example set of corresponding Reason-Phrases, are presented in table 4. The reason phrases listed here are only recommended; they may be replaced by local equivalents without affecting the protocol. Note that RTSP adopts most HTTP/1.1 [3] status codes and adds RTSP-specific status codes starting at x50 to avoid conflicts with newly defined HTTP status codes. RTSP status codes are extensible. RTSP applications are not required to understand the meaning of all registered status codes, though such understanding is obviously desirable. However, applications MUST understand the class of any status code, as indicated by the first digit, and treat any unrecognized response as being equivalent to the x00 status code of that class, with the exception that an unrecognized response MUST NOT be cached. For example, if an unrecognized status code of 431 is received by the client, it can safely assume that there was something wrong with its request and treat the response as if it had received a 400 status code. In such cases, user agents SHOULD present to the user the entity returned with the response, since that entity is likely to include human- H. Schulzrinne et. al. [Page 33] Internet Draft RTSP October 24, 2005 readable information which will explain the unusual status. 7.1.2 Response Header Fields The response-header fields allow the request recipient to pass additional information about the response which cannot be placed in the Status-Line. These header fields give information about the server and about further access to the resource identified by the Request-URI. All headers currently being classified as response headers are listed in table 5. Response-header field names can be extended reliably only in combination with a change in the protocol version. However, new or experimental header fields MAY be given the semantics of response- header fields if all parties in the communication recognize them to be response-header fields. Unrecognized header fields are treated as entity-header fields. 8 Entity Request and Response messages MAY transfer an entity if not otherwise restricted by the request method or response status code. An entity consists of entity-header fields and an entity-body, although some responses will only include the entity-headers. The SET_PARAMETER, and GET_PARAMETER request and response, and DESCRIBE response MAY have an entity. All 4xx and 5xx responses MAY also have an entity. In this section, both sender and recipient refer to either the client or the server, depending on who sends and who receives the entity. 8.1 Entity Header Fields Entity-header fields define optional meta-information about the entity-body or, if no body is present, about the resource identified by the request. The entity header fields are listed in table 8.1. The extension-header mechanism allows additional entity-header fields to be defined without changing the protocol, but these fields cannot be assumed to be recognizable by the recipient. Unrecognized header fields SHOULD be ignored by the recipient and forwarded by proxies. 8.2 Entity Body H. Schulzrinne et. al. [Page 34] Internet Draft RTSP October 24, 2005 See [H7.2] with the addition that an RTSP message with an entity body MUST include the Content-Type and Content-Length headers. 9 Connections RTSP requests can be transmitted over two different connection scenarios listed below: o persistent - transport connections used for several request/response transactions; o transient - transport connections used for a single request/response transaction. RFC 2326 attempted to specify an optional mechanism for transmitting RTSP messages in connectionless mode over a transport protocol such as UDP. However, it was not specified in sufficient enough detail to allow for interoperable implementations. In an attempt to reduce complexity and scope, and due to lack of interest, RTSP 2.0 does not attempt to define a mechanism for supporting RTSP over UDP or other connectionless transport protocols. A side-effect is that RTSP requests SHALL NOT be sent to multicast groups since no connection can be established with a specific receiver in multicast environments. Certain RTSP headers, such as the CSeq header (Section 14.19), which may appear to be relevant to only connectionless transport scenarios are still retained and must be implemented according to the specification. In the case of CSeq it is quite useful in proxy situations for keeping track of the different request when aggregating several client requests to a single TCP connection. 9.1 Reliability and Acknowledgements Since RTSP is transmitted primarily over connection oriented, reliable transport protocols, all RTSP requests MUST be acknowledged by the receiver. RTSP requests that are not immediately acknowledged MUST NOT be retransmitted at the application level. Instead, the application must rely on the underlying transport to provide reliability. If both the underlying reliable transport such as TCP and the RTSP application retransmit requests, each packet loss or message loss may result in two retransmissions. The receiver typically cannot take advantage of the application-layer retransmission since the transport stack will not deliver the application-layer retransmission H. Schulzrinne et. al. [Page 35] Internet Draft RTSP October 24, 2005 Code Reason Method __________________________________________________________ 100 Continue all __________________________________________________________ 200 OK all 201 Reserved n/a 250 Reserved n/a __________________________________________________________ 300 Multiple Choices all 301 Moved Permanently all 302 Found all 303 See Other all 305 Use Proxy all __________________________________________________________ 400 Bad Request all 401 Unauthorized all 402 Payment Required all 403 Forbidden all 404 Not Found all 405 Method Not Allowed all 406 Not Acceptable all 407 Proxy Authentication Required all 408 Request Timeout all 410 Gone all 411 Length Required all 412 Precondition Failed DESCRIBE, SETUP 413 Request Entity Too Large all 414 Request-URI Too Long all 415 Unsupported Media Type all 451 Parameter Not Understood SET_PARAMETER 452 reserved n/a 453 Not Enough Bandwidth SETUP 454 Session Not Found all 455 Method Not Valid In This State all 456 Header Field Not Valid all 457 Invalid Range PLAY, PAUSE 458 Parameter Is Read-Only SET_PARAMETER 459 Aggregate Operation Not Allowed all 460 Only Aggregate Operation Allowed all 461 Unsupported Transport all 462 Destination Unreachable all 463 Destination Prohibited SETUP 470 Connection Authorization Required all 471 Connection Credentials not accepted all __________________________________________________________ 500 Internal Server Error all 501 Not Implemented all 502 Bad Gateway all 503 Service Unavailable all 504 Gateway Timeout all H. Schulzrinne et. al. [Page 36] Internet Draft RTSP October 24, 2005 Table 4: Status codes and their usage with RTSP methods Header Defined in Section __________________________________________ Accept-Ranges Section 14.5 Connection-Credentials Section 14.12 ETag Section 14.21 Location Section 14.29 Proxy-Authenticate Section 14.30 Public Section 14.33 Range Section 14.34 Retry-After Section 14.36 RTP-Info Section 14.38 Scale Section 14.39 Session Section 14.42 Server Section 14.41 Speed Section 14.40 Transport Section 14.45 Unsupported Section 14.46 Vary Section 14.48 WWW-Authenticate Section 14.50 Table 5: The RTSP response headers Header Defined in Section ____________________________________ Allow Section 14.6 Content-Base Section 14.13 Content-Encoding Section 14.14 Content-Language Section 14.15 Content-Length Section 14.16 Content-Location Section 14.17 Content-Type Section 14.18 Expires Section 14.22 Last-Modified Section 14.28 Table 6: The RTSP entity headers before the first attempt has reached the receiver. If the packet loss is caused by congestion, multiple retransmissions at different layers will exacerbate the congestion. Lack of acknowledgement of an RTSP request should be handled within the constraints of the connection timeout considerations described H. Schulzrinne et. al. [Page 37] Internet Draft RTSP October 24, 2005 below (Section 9.4). 9.2 Using Connections A TCP transport can be used for both persistent connections (for several message exchanges) and transient connections (for a single message exchange). Implementations of this specification MUST support RTSP over TCP. The scheme of the RTSP URI (Section 3.2) indicates the default port that the server will listen on. A server MUST handle both persistent and transient connections. Transient connections facilitate mechanisms for fault tolerance. They also allow for application layer mobility. A server and client pair that support transient connections can survive the loss of a TCP connection, e.g. due to a NAT timeout. When the client has discovered that the TCP connection has been lost, it can set up a new one when there is need to communicate again. A persistent connection MAY be used for all transactions between the server and client, including messages to multiple RTSP sessions. However a persistent connection MAY also be closed after a few message exchanges. For example, a client may use a persistent connection for the initial SETUP and PLAY message exchanges in a session and then close the connection. Later, when the client wishes to send a new request, such as a PAUSE for the session, a new connection would be opened. This connection may either be transient or persistent. A client SHOULD NOT have more than one connection to the server at any given point. If a client or proxy handles multiple RTSP sessions on the same server, it SHOULD use only one connection for managing those sessions. This saves connection resources on the server. It also reduces complexity by and enabling the server to maintain less state about its sessions and connections. Unlike HTTP, RTSP allows a server to send requests to a client. However, this can be supported only if a client establishes a persistent connection with the server. In cases where a persistent connection does not exist between a server and its client, due to the lack of a signalling channel, the server may be forced to drop an RTSP session without notifying the client. An example of such a case is when the server desires to send a REDIRECT request for an RTSP H. Schulzrinne et. al. [Page 38] Internet Draft RTSP October 24, 2005 session to the client but is not able to do so because it cannot reach the client. Without a persistent connection between the client and the server, the media server has no reliable way of reaching the client. Also, this is the only way that requests from a server to its client are likely to traverse firewalls. In light of the above, it is RECOMMENDED that clients use persistent connections whenever possible. A client that supports persistent connections MAY "pipeline" its requests (i.e., send multiple requests without waiting for each response). A server MUST send its responses to those requests in the order that the requests were received. 9.3 Closing Connections The client MAY close a connection at any point when no outstanding request/response transactions exist for any RTSP session being managed through the connection. The server, however, SHOULD NOT close a connection until all RTSP sessions being managed through the connection have been timed out (Section 14.42). A server SHOULD NOT close a connection immediately after responding to a session-level TEARDOWN request for the last RTSP session being controlled through the connection. Instead, it should wait for a reasonable amount of time for the client to: receive the TEARDOWN response, take appropriate action, and initiate the connection closing. The server SHOULD wait at least 10 seconds after sending the TEARDOWN response before closing the connection. This is to ensure that the client has time to issue a SETUP for a new session on the existing connection after having torn the last one down. 10 seconds should give the client ample opportunity get its message to the server. A server SHOULD NOT close the connection directly as a result of responding to a request with an error code. Certain error responses such as "460 Only Aggregate Operation Allowed" (Section 13.4.12) are used for negotiating capabilities of a server with respect to content or other factors. In such cases, it is inefficient for the server to close a connection on an error response. Also, such behavior would prevent implementation of advanced/special types of requests or result in extra overhead for the client when testing for new features. On H. Schulzrinne et. al. [Page 39] Internet Draft RTSP October 24, 2005 the flip side, keeping connections open after sending an error response poses a Denial of Service security risk (Section 20). If a server initiates a connection close while the client is attempting to send a new request, the client will have to close its current connection, establish a new connection and send its request over the new connection. An RTSP message should not be terminated through a connection close. Such a message will be considered to be incomplete by the receiver and discarded. An RTSP message is properly terminated as defined in Section 4. 9.4 Timing Out Connections and RTSP Messages Receivers of a request (responder) SHOULD respond to requests in a timely manner even when a reliable transport such as TCP is used. Similarly, the sender of a request (requestor) SHOULD wait for a sufficient time for a response before concluding that the responder will not be acting upon its request. A responder SHOULD respond to all requests within 5 seconds. If the responder recognizes that processing of a request will take longer than 5 seconds, it SHOULD send a 100 response as soon as possible. It SHOULD continue sending a 100 response every 5 seconds thereafter until it is ready to send the final response to the requestor. After sending a 100 response, the receiver MUST send a final response indicating the success or failure of the request. A requestor SHOULD wait at least 10 seconds for a response before concluding that the responder will not be responding to its request. After receiving a 100 response, the requestor SHOULD continue waiting for further responses. If more than 10 seconds elapses without receiving any response, the requestor MAY assume that the responder is unresponsive and abort the connection. A requestor SHOULD wait longer than 10 seconds for a response if it is experiencing significant transport delays on its connection to the responder. The requestor is capable of determining the RTT of the request/response cycle using the Timestamp header (section 14.44) in any RTSP request. 9.5 Use of IPv6 Explicit IPv6 support was not present in RTSP 1.0 (RFC 2326). RTSP 2.0 has been updated for explicit IPv6 support. Implementations of RTSP 2.0 MUST understand literal IPv6 addresses in URIs and headers. H. Schulzrinne et. al. [Page 40] Internet Draft RTSP October 24, 2005 10 Capability Handling This section describes the capability handling mechanism available in RTSP which allows RTSP to be extended. Extensions to this version of the protocol are basically done in two ways. First, new headers can be added. Secondly, new methods can be added. The capability handling mechanism is designed to handle both cases. When a method is added, the involved parties can use the OPTIONS method to discover wether it is supported. This is done by issuing a OPTIONS request to the other party. Depending on the URI it will either apply in regards to a certain media resource, the whole server in general, or simply the next hop. The OPTIONS response will contain a Public header which declares all methods supported for the indicated resource. It is not necessary to use OPTIONS to discover support of a method, the client could simply try the method. If the receiver of the request does not support the method it will respond with an error code indicating the the method is either not implemented (501) or does not apply for the resource (405). The choice between the two discovery methods depends on the requirements of the service. Feature-Tags are defined to handle functionality additions that are not new methods. Each feature-tag represents a certain block of functionality. The amount of functionality that a feature-tag represents can vary significantly. A feature-tag can for example represent the functionality a single RTSP header provides. Another feature-tag can represent much more functionality, such as the "play.basic" feature tag which represents the minimal playback implementation. Feature-tags are used to determine wether the client, server or proxy supports the functionality that is necessary to achieve the desired service. To determine support of a feature-tag, several different headers can be used, each explained below: Supported: The supported header is used to determine the complete set of functionality that both client and server have. The intended usage is to determine before one needs to use a functionality that it is supported. It can be used in any method, however OPTIONS is the most suitable one as it at the same time determines all methods that are implemented. When sending a request the requestor declares all its capabilities by including all supported feature- tags. This results in that the receiver learns the requestors feature support. The receiver then includes its set of features in the response. H. Schulzrinne et. al. [Page 41] Internet Draft RTSP October 24, 2005 Proxy-Supported: The Proxy-Supported header is used similar to the Supported header, but instead of giving the supported functionality of the client or server it provides both the requestor and the responder a view of what functionality the proxy chain between the two supports. Proxies are required to add this header whenever the Supported header is present, but proxies may independently of the requestor add it. Require: The Require header can be included in any request where the end-point, i.e. the client or server, is required to understand the feature to correctly perform the request. This can, for example, be a SETUP request where the server is required to understand a certain parameter to be able to set up the media delivery correctly. Ignoring this parameter would not have the desired effect and is not acceptable. Therefore the end-point receiving a request containing a Require MUST negatively acknowledge any feature that it does not understand and not perform the request. The response in cases where features are not supported are 551 (Option Not Supported). Also the features that are not supported are given in the Unsupported header in the response. Proxy-Require: This method has the same purpose and workings as Require except that it only applies to proxies and not the end-point. Features that needs to be supported by both proxies and end-point needs to be included in both the Require and Proxy-Require header. Unsupported: This header is used in a 551 error response, to indicate which feature(s) that was not supported. Such a response is only the result of the usage of the Require and/or Proxy-Require header where one or more feature where not supported. This information allows the requestor to make the best of situations as it knows which features are not supported. 11 Method Definitions The method indicates what is to be performed on the resource identified by the Request-URI. The method name is case-sensitive. New methods may be defined in the future. Method names SHALL NOT start with a $ character (decimal 24) and MUST be a token as defined by the ABNF [4] in the syntax chapter 19. The methods are summarized in Table 7. H. Schulzrinne et. al. [Page 42] Internet Draft RTSP October 24, 2005 method direction object Server req. Client req. ___________________________________________________________________ DESCRIBE C -> S P,S recommended recommended GET_PARAMETER C -> S, S -> C P,S optional optional OPTIONS C -> S, S -> C P,S R=Req, Sd=Opt Sd=Req, R=Opt PAUSE C -> S P,S required required PLAY C -> S P,S required required REDIRECT S -> C P,S optional required SETUP C -> S S required required SET_PARAMETER C -> S, S -> C P,S required optional TEARDOWN C -> S P,S required required Table 7: Overview of RTSP methods, their direction, and what objects (P: presentation, S: stream) they operate on. Legend: R=Respond, Sd=Send, Opt: Optional, Req: Required, Rec: Recommended Note on Table 7: GET_PARAMETER is recommended, but not required. For example, a fully functional server can be built to deliver media without any parameters. SET_PARAMETER is required however due to its usage for keep-alive. PAUSE is now required due to that it is the only way of getting out of the state machines play state without terminating the whole session. If an RTSP agent does not support a particular method, it MUST return 501 (Not Implemented) and the requesting RTSP agent, in turn, SHOULD NOT try this method again for the given agent / resource combination. 11.1 OPTIONS The semantics of the RTSP OPTIONS method is equivalent to that of the HTTP OPTIONS method described in [H9.2]. In RTSP however, OPTIONS is bi-directional, in that a client can request it to a server and vice versa. A client MUST implement the capability to send an OPTIONS request and a server or a proxy MUST implement the capability to respond to an OPTIONS request. The client, server or proxy MAY also implement the converse of their required capability. An OPTIONS request may be issued at any time. Such a request does not modify the session state. However, it may prolong the session lifespan (see below). The URI in an OPTIONS request determines the scope of the request and the corresponding response. If the Request- URI refers to a specific media resource on a given host, the scope is limited to the set of methods supported for that media resource by the indicated RTSP agent. A Request-URI with only the host address limits the scope to the specified RTSP agent's general capabilities without regard to any specific media. If the Request-URI is an H. Schulzrinne et. al. [Page 43] Internet Draft RTSP October 24, 2005 asterisk ("*"), the scope is limited to the general capabilities of the next hop (i.e. the RTSP agent in direct communication with the request sender). Regardless of scope of the request, the Public header MUST always be included in the OPTIONS response listing the methods that are supported by the responding RTSP agent. In addition, if the scope of the request is limited to a media resource, the Allow header MUST be included in the response to enumerate the set of methods that are allowed for that resource unless the set of methods completely matches the set in the Public header. If the given resource is not available, the RTSP agent SHOULD return an appropriate response code such as 3rr or 4xx. The Supported header MAY be included in the request to query the set of features that are supported by the responding RTSP agent. The OPTIONS method can be used to keep an RTSP session alive. However, it is not the preferred means of session keep-alive signalling, see section 14.42. An OPTIONS request intended for keeping alive an RTSP session MUST include the Session header with the associated session ID. Such a request SHOULD also use the media or the aggregated control URI as the Request-URI. Example: C->S: OPTIONS * RTSP/2.0 CSeq: 1 User-Agent: PhonyClient/1.2 Require: Proxy-Require: gzipped-messages Supported: play.basic S->C: RTSP/2.0 200 OK CSeq: 1 Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE Supported: play.basic, implicit-play, gzipped-messages Server: PhonyServer/1.1 Note that some of the feature-tags in Require and Proxy-Require are necessarily fictional features (one would hope that we would not purposefully overlook a truly useful feature just so that we could have a strong example in this section). 11.2 DESCRIBE H. Schulzrinne et. al. [Page 44] Internet Draft RTSP October 24, 2005 The DESCRIBE method is used to retrieve the description of a presentation or media object from a server. The Request-URI of the DESCRIBE request identifies the media resource of interest. The client MAY include the Accept header in the request to list the description formats that it understands. The server SHALL respond with a description of the requested resource and return the description in the entity of the response. The DESCRIBE reply- response pair constitutes the media initialization phase of RTSP. Example: C->S: DESCRIBE rtsp://server.example.com/fizzle/foo RTSP/2.0 CSeq: 312 User-Agent: PhonyClient 1.2 Accept: application/sdp, application/rtsl, application/mheg S->C: RTSP/2.0 200 OK CSeq: 312 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.1 Content-Type: application/sdp Content-Length: 367 v=0 o=mhandley 2890844526 2890842807 IN IP4 126.16.64.4 s=SDP Seminar i=A Seminar on the session description protocol u=http://www.example.com/lectures/sdp.ps e=seminar@example.com (Seminar Management) c=IN IP4 224.2.17.12/127 t=2873397496 2873404696 a=recvonly m=audio 3456 RTP/AVP 0 m=video 2232 RTP/AVP 31 m=application 32416 UDP WB a=orient:portrait The DESCRIBE response SHOULD contain all media initialization information for the resource(s) that it describes. Servers SHOULD NOT use the DESCRIBE response as a means of media indirection by having the description point at another server, instead usage of 3rr responses are recommended. By forcing a DESCRIBE response to contain all media H. Schulzrinne et. al. [Page 45] Internet Draft RTSP October 24, 2005 initialization for the set of streams that it describes, and discouraging the use of DESCRIBE for media indirection, any looping problems can be avoided that might have resulted from other approaches. Media initialization is a requirement for any RTSP-based system, but the RTSP specification does not dictate that this is required to be done via the DESCRIBE method. There are three ways that an RTSP client may receive initialization information: o via an RTSP DESCRIBE request o via some other protocol (HTTP, email attachment, etc.) o via some form of a user interface If a client obtains a valid description from an alternate source, the client MAY use this description for initialization purposes without issuing a DESCRIBE request for the same media. It is RECOMMENDED that minimal servers support the DESCRIBE method, and highly recommended that minimal clients support the ability to act as "helper applications" that accept a media initialization file from a user interface, and/or other means that are appropriate to the operating environment of the clients. 11.3 SETUP The SETUP request for an URI specifies the transport mechanism to be used for the streamed media. The SETUP method may be used in three different cases; Create an RTSP session, add a media to a session, and change the transport parameters of already set up media stream. When in PLAY state, using SETUP to create or add media to a session when in PLAY state is unspecified. Otherwise SETUP can be used in all three states; INIT, and READY, for both purposes and in PLAY to change the transport parameters. The Transport header, see section 14.45, specifies the transport parameters acceptable to the client for data transmission; the response will contain the transport parameters selected by the server. This allows the client to enumerate in priority order the transport mechanisms and parameters acceptable to it, while the server can select the most appropriate. It is expected that the session description format used will enable the client to select a limited number possible configurations that are offered to the server to choose from. All transport parameters SHOULD be included in the Transport header, the use of other headers for this purpose is discouraged due to middle boxes such as firewalls, or NATs. H. Schulzrinne et. al. [Page 46] Internet Draft RTSP October 24, 2005 For the benefit of any intervening firewalls, a client SHOULD indicate the transport parameters even if it has no influence over these parameters, for example, where the server advertises a fixed multicast address. Since SETUP includes all transport initialization information, firewalls and other intermediate network devices (which need this information) are spared the more arduous task of parsing the DESCRIBE response, which has been reserved for media initialization. In a SETUP response the server SHOULD include the Accept-Ranges header (see section 14.5 to indicate which time formats that are acceptable to use for this media resource. C->S: SETUP rtsp://example.com/foo/bar/baz.rm RTSP/2.0 CSeq: 302 Transport: RTP/AVP;unicast;dest_addr=":4588"/":4589", RTP/AVP/TCP;unicast;interleaved=0-1 S->C: RTSP/2.0 200 OK CSeq: 302 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.1 Session: 47112344;timeout=60 Transport: RTP/AVP;unicast;dest_addr=":4588"/":4589"; src_addr="192.0.2.241:6256"/"192.0.2.241:6257"; ssrc=2A3F93ED Accept-Ranges: NPT In the above example the client wants to create an RTSP session containing the media resource "rtsp://example.com/foo/bar/baz.rm". The transport parameters acceptable to the client is either RTP/AVP/UDP (UDP per default) to be received on client port 4588 and 4589 or RTP/AVP interleaved on the RTSP control channel. The server selects the RTP/AVP/UDP transport and adds the ports it will send and received RTP and RTCP from, and the RTP SSRC that will be used by the server. The server MUST generate a session identifier in response to a successful SETUP request, unless a SETUP request to a server includes a session identifier, in which case the server MUST bundle this setup request into the existing session (aggregated session) or return error 459 (Aggregate Operation Not Allowed) (see Section 13.4.11). H. Schulzrinne et. al. [Page 47] Internet Draft RTSP October 24, 2005 An Aggregate control URI MUST be used to control an aggregated session. This URI MUST be different from the stream control URIs of the individual media streams included in the aggregate. The Aggregate control URI is to be specified by the session description if the server supports aggregated control and aggregated control is desired for the session. However even if aggregated control is offered the client MAY chose to not set up the session in aggregated control. If an Aggregate control URI is not specified in the session description, it is normally an indication that non-aggregated control should be used. The SETUP of media streams in an aggregate which has not been given an aggregated control URI is unspecified. While the session ID sometimes has enough information for aggregate control of a session, the Aggregate control URI is still important for some methods such as SET_PARAMETER where the control URI enables the resource in question to be easily identified. The Aggregate control URI is also useful for proxies, enabling them to route the request to the appropriate server, and for logging, where it is useful to note the actual resource that a request was operating on. A session will exist until it is either removed by a TEARDOWN request or is timed-out by the server. The server MAY remove a session that has not demonstrated liveness signs from the client(s) within a certain timeout period. The default timeout value is 60 seconds; the server MAY set this to a different value and indicate so in the timeout field of the Session header in the SETUP response. For further discussion see section 14.42. Signs of liveness for an RTSP session are: o Any RTSP request from a client(s) which includes a Session header with that session's ID. o If RTP is used as a transport for the underlying media streams, an RTCP sender or receiver report from the client(s) for any of the media streams in that RTSP session. RTCP Sender Reports may for example be received in sessions where the server is invited into a conference session and is as valid for keep-alive. If a SETUP request on a session fails for any reason, the session state, as well as transport and other parameters for associated streams SHALL remain unchanged from their values as if the SETUP request had never been received by the server. 11.3.1 Changing Transport Parameters H. Schulzrinne et. al. [Page 48] Internet Draft RTSP October 24, 2005 A client MAY issue a SETUP request for a stream that is already set up or playing in the session to change transport parameters, which a server MAY allow. If it does not allow changing of parameters, it MUST respond with error 455 (Method Not Valid In This State). Reasons to support changing transport parameters, is to allow for application layer mobility and flexibility to utilize the best available transport as it becomes available. If a client receives a 455 when trying to change transport parameters while the server is in play state, it MAY try to put the server in ready state using PAUSE. Before trying issuing the SETUP request again. If also that fails the changing of transport parameters will require that the client performs a TEARDOWN of the affected media and then setting it up again. In aggregated session avoiding tearing down all the media at the same time will avoid the creation of a new session. All transport parameters MAY be changed. However the primary usage expected is to either change transport protocol completely, like switching from Interleaved TCP mode to RTP or vise versa or change delivery address. In a SETUP response for a request to change the transport parameters while in Play state, the server SHOULD include the Range to indicate from what point the new transport parameters are used. Further, if RTP is used for delivery, the server SHOULD also include the RTP-Info header to indicate from what timestamp and RTP sequence number the change has taken place. If both RTP-Info and Range is included in the response the "rtp_time" parameter and range MUST be for the corresponding time, i.e. be used in the same way as for PLAY to ensure the correct synchronization information is available. If the transport parameters change while in PLAY state results in a change of synchronization related information, for example changing RTP SSRC, the server MUST provide in the SETUP response the necessary synchronization information. However the server is RECOMMENDED to avoid changing the synchronization information if possible. 11.4 PLAY The PLAY method tells the server to start sending data via the mechanism specified in SETUP. A client MUST NOT issue a PLAY request until any outstanding SETUP requests have been acknowledged as successful. PLAY requests are valid when the session is in READY or PLAY states. A PLAY request MUST include a Session header to indicate which session the request applies to. In an aggregated session the PLAY request MUST contain an aggregated control URI. A server SHALL responde with error 460 (Only Aggregate Operation Allowed) if the client PLAY Request-URI is for one of the H. Schulzrinne et. al. [Page 49] Internet Draft RTSP October 24, 2005 media. The media in an aggregate SHALL be played in sync. If a client want individual control of the media it needs to use separate RTSP sessions for each media. The PLAY request SHALL position the normal play time to the beginning of the range specified by the Range header and delivers stream data until the end of the range if given, else to the end of the media is reached. To allow for precise composition multiple ranges MAY be specified in one PLAY Request. The range values are valid if all given ranges are part of any media within the aggregate. If a given range value points outside of the media, the response SHALL be the 457 (Invalid Range) error code. The below example will first play seconds 10 through 15, then, immediately following, seconds 20 to 25, and finally seconds 30 through the end. C->S: PLAY rtsp://audio.example.com/audio RTSP/2.0 CSeq: 835 Session: 12345678 Range: npt=10-15, npt=20-25, npt=30- See the description of the PAUSE request for further examples. A PLAY request without a Range header is legal. It SHALL start playing a stream from the beginning (npt=0-) unless the stream has been paused or is currently playing. If a stream has been paused via PAUSE, stream delivery resumes at the pause point. If a stream is currently playing, the new PLAY begins at the current stream position. The stream SHALL play until the end of the media. The Range header MUST NOT contain a time parameter. The usage of time in PLAY method has been deprecated. If a request with time parameter is received the server SHOULD respond with a 457 (Invalid Range) to indicate that the time parameter is not supported. Server MUST include a "Range" header in any PLAY response. The response MUST use the same format as the request's range header contained. If no Range header was in the request, the NPT time format SHOULD be used unless the client showed support for an other format more appropriate. Also for a session with live media streams the Range header MUST indicate a valid time. It is RECOMMENDED that normal play time is used, either the "now" indicator, for example "npt=now-", or the time since session start as an open interval, e.g. "npt=96.23-". An absolute time value (clock) for the corresponding H. Schulzrinne et. al. [Page 50] Internet Draft RTSP October 24, 2005 time MAY be given, i.e. "clock=20030213T143205Z-". The UTC clock format SHOULD only be used if client has shown support for it. A media server only supporting playback MUST support the npt format and MAY support the clock and smpte formats. For an on-demand stream, the server MUST reply with the actual range that will be played back, i.e. for which duration any media (having content at this time) is delivered. This may differ from the requested range if alignment of the requested range to valid frame boundaries is required for the media source. Note that some media streams in an aggregate may need to be delivered from even earlier points. Also, some media format have a very long duration per individual data unit, therefore it might be necessary for the client to parse the data unit, and select where to start. Example: Single audio stream (MIDI) C->S: PLAY rtsp://example.com/audio RTSP/2.0 CSeq: 836 Session: 12345678 Range: npt=7.05- S->C: RTSP/2.0 200 OK CSeq: 836 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.0 Range: npt=3.52- RTP-Info:url="rtsp://example.com/audio" ssrc=0D12F123:seq=14783;rtptime=2345962545 S->C: RTP Packet TS=2345962545 => NPT=3.52 Duration: 4.15 seconds In this example the client receives the first media packet that stretches all the way up and past the requested playtime. Thus, it is the client's decision if to render to the user the time between 3.52 and 7.05, or to skip it. In most cases it is probably most suitable to not render that time period. For live media sources it might be impossible to specify from which point in time all media streams carrying active content can actually be delivered. Therefore a server MAY specify a start time (or now-) in the range header, for which not all media will be available from. H. Schulzrinne et. al. [Page 51] Internet Draft RTSP October 24, 2005 If no range is specified in the request, the start position SHALL still be returned in the reply. If the medias that are part of an aggregate has different lengths, the PLAY request SHALL be performed as long as the given range is valid for any media, for example the longest media. Media will be sent whenever it is available for the given play-out point. A PLAY response MAY include a header(s) carrying synchronization information. As the information necessary is dependent on the media transport format, further rules specifying the header and its usage is needed. For RTP the RTP-Info header is specified, see section 14.38. After playing the desired range, the presentation does NOT transition to the READY state, media delivery simply stops. A PAUSE request MUST be issued before the stream enters the READY state. A PLAY request while the stream is still in the PLAYING state is legal, and can be issued without an intervening PAUSE request. Such a request SHALL replace the current PLAY action with the new one requested, i.e. being handle the same as the request was received in ready state. In the case the first time range in Range header has a open start time (-endtime), the server SHALL continue to play from where it currently was. A client desiring to play the media from the beginning MUST send a PLAY request with a Range header pointing at the beginning, e.g. npt=0-. If a PLAY request is received without a Range header when media delivery has stopped at the end, the server SHOULD respond with a 457 "Invalid Range" error response. In that response the current pause point in a Range header SHALL be included. The following example plays the whole presentation starting at SMPTE time code 0:10:20 until the end of the clip. Note: The RTP-Info headers has been broken into several lines to fit the page. C->S: PLAY rtsp://audio.example.com/twister.en RTSP/2.0 CSeq: 833 Session: 12345678 Range: smpte=0:10:20- S->C: RTSP/2.0 200 OK CSeq: 833 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.0 Range: smpte=0:10:22-0:15:45 RTP-Info:url="rtsp://example.com/twister.en" ssrc=0D12F123:seq=14783;rtptime=2345962545 H. Schulzrinne et. al. [Page 52] Internet Draft RTSP October 24, 2005 For playing back a recording of a live presentation, it may be desirable to use clock units: C->S: PLAY rtsp://audio.example.com/meeting.en RTSP/2.0 CSeq: 835 Session: 12345678 Range: clock=19961108T142300Z-19961108T143520Z S->C: RTSP/2.0 200 OK CSeq: 835 Date: 23 Jan 1997 15:35:06 GMT Server:PhonyServer 1.0 Range: clock=19961108T142300Z-19961108T143520Z RTP-Info:url="rtsp://example.com/meeting.en" ssrc=0D12F123:seq=53745;rtptime=484589019 All range specifiers in this specification allow for ranges with unspecified begin times (e.g. "npt=-30"). When used in a PLAY request, the server treats this as a request to start/resume playback from the current pause point, ending at the end time specified in the Range header. If the pause point is located later than the given end value, a 457 (Invalid Range) response SHALL be given. The possibility to replace a current PLAY request with a new one replaces two RTSP 1.0 functions: o The queued play functionality described in RFC 2326 [24] is removed and multiple ranges can be used to achieve a similar functionality. o The use of PLAY for keep-alive signaling, i.e. PLAY request without a range header in PLAY state, has also been deprecated. Instead a client can use, SET_PARAMETER (recommended) or OPTIONS (allowed) for keep alive. 11.5 PAUSE The PAUSE request causes the stream delivery to be interrupted (halted) temporarily. A PAUSE request MUST be done with the aggregated control URI for aggregated sessions, resulting in all media being halted, or the media URI for non-aggregated sessions. Any attempt to do muting of a single media with an PAUSE request in an aggregated session SHALL be responded with error 460 (Only Aggregate Operation Allowed). After resuming playback, H. Schulzrinne et. al. [Page 53] Internet Draft RTSP October 24, 2005 synchronization of the tracks MUST be maintained. Any server resources are kept, though servers MAY close the session and free resources after being paused for the duration specified with the timeout parameter of the Session header in the SETUP message. Example: C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 834 Session: 12345678 S->C: RTSP/2.0 200 OK CSeq: 834 Date: 23 Jan 1997 15:35:06 GMT Range: npt=45.76- The PAUSE request MAY contain a Range header specifying when the stream or presentation is to be halted. This point is referred to as the "pause point". The time parameter in the Range MUST NOT be used. The Range header MUST contain a single value, expressed as the beginning value an open range. For example, the following clip will be played from 10 seconds through 21 seconds of the clip's normal play time, under the assumption that the PAUSE request reaches the server within 11 seconds of the PLAY request. Note that some lines has been broken in an non-correct way to fit the page: C->S: PLAY rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 834 Session: 12345678 Range: npt=10-30 S->C: RTSP/2.0 200 OK CSeq: 834 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.0 Range: npt=10-30 RTP-Info:url="rtsp://example.com/fizzle/audiotrack" ssrc=0D12F123:seq=5712;rtptime=934207921, url="rtsp://example.com/fizzle/videotrack" ssrc=4FAD8726:seq=57654;rtptime=2792482193 Session: 12345678 C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 835 H. Schulzrinne et. al. [Page 54] Internet Draft RTSP October 24, 2005 Session: 12345678 Range: npt=21- S->C: RTSP/2.0 200 OK CSeq: 835 Date: 23 Jan 1997 15:35:09 GMT Server: PhonyServer 1.0 Range: npt=21- Session: 12345678 The pause request becomes effective the first time the server is encountering the time point specified in any of the multiple ranges. If the Range header specifies a time outside any range from the PLAY request, the error 457 (Invalid Range) SHALL be returned. If a media unit (such as an audio or video frame) starts presentation at exactly the pause point, it is not played. If the Range header is missing, stream delivery is interrupted immediately on receipt of the message and the pause point is set to the current normal play time. However, the pause point in the media stream MUST be maintained. A subsequent PLAY request without Range header SHALL resume from the pause point and play until media end. If the server has already sent data beyond the time specified in the PAUSE request's Range header, a PLAY without range SHALL resume at the point in time specified by the PAUSE request's Range header, as it is assumed that the client has discarded data after that point. This ensures continuous pause/play cycling without gaps. The pause point after any PAUSE request SHALL be returned to the client by adding a Range header with what remains unplayed of the PLAY request's ranges, i.e. including all the remaining ranges part of multiple range specification. If one desires to resume playing a ranged request, one simply includes the Range header from the PAUSE response. For example, if the server have a play request for ranges 10 to 15 and 20 to 29 pending and then receives a pause request for NPT 21, it would start playing the second range and stop at NPT 21. If the pause request is for NPT 12 and the server is playing at NPT 13 serving the first play request, the server stops immediately. If the pause request is for NPT 16, the server returns a 457 error message. To prevent that the second range is played and the server stops after completing the first range, a PAUSE request for NPT 20 needs to be issued. As another example, if a server has received requests to play ranges H. Schulzrinne et. al. [Page 55] Internet Draft RTSP October 24, 2005 10 to 15 and then 13 to 20 (that is, overlapping ranges), the PAUSE request for NPT=14 would take effect while the server plays the first range, with the second range effectively being ignored, assuming the PAUSE request arrives before the server has started playing the second, overlapping range. Regardless of when the PAUSE request arrives, it sets the pause point to 14. The below example messages is for the above case when the PAUSE request arrives before the first occurrence of NPT=14. C->S: PLAY rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 834 Session: 12345678 Range: npt=10-15, npt=13-20 S->C: RTSP/2.0 200 OK CSeq: 834 Date: 23 Jan 1997 15:35:06 GMT Server: PhonyServer 1.0 Range: npt=10-15, npt=13-20 RTP-Info:url="rtsp://example.com/fizzle/audiotrack" ssrc=0D12F123:seq=5712;rtptime=934207921, url="rtsp://example.com/fizzle/videotrack" ssrc=789DAF12:seq=57654;rtptime=2792482193 Session: 12345678 C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 835 Session: 12345678 Range: npt=14- S->C: RTSP/2.0 200 OK CSeq: 835 Date: 23 Jan 1997 15:35:09 GMT Server: PhonyServer 1.0 Range: npt=14-15, npt=13-20 Session: 12345678 If a client issues a PAUSE request and the server acknowledges and enters the READY state, the proper server response, if the player issues another PAUSE, is still 200 OK. The 200 OK response MUST include the Range header with the current pause point, even if the PAUSE request is asking for some other pause point. See examples below: Examples: H. Schulzrinne et. al. [Page 56] Internet Draft RTSP October 24, 2005 C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 834 Session: 12345678 S->C: RTSP/2.0 200 OK CSeq: 834 Session: 12345678 Date: 23 Jan 1997 15:35:06 GMT Range: npt=45.76-98.36 C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 835 Session: 12345678 Range: 86- S->C: RTSP/2.0 200 OK CSeq: 835 Session: 12345678 Date: 23 Jan 1997 15:35:07 GMT Range: npt=45.76-98.36 11.6 TEARDOWN The TEARDOWN client to server request stops the stream delivery for the given URI, freeing the resources associated with it. A TEARDOWN request MAY be performed on either an aggregated or a media control URI. However some restrictions apply depending on the current state. The TEARDOWN request SHALL contain a Session header indicating what session the request applies to. A TEARDOWN using the aggregated control URI or the media URI in a session under non-aggregated control MAY be done in any state (Ready, and Play). A successful request SHALL result in that media delivery is immediately halted and the session state is destroyed. This SHALL be indicated through the lack of a Session header in the response. A TEARDOWN using a media URI in an aggregated session MAY only be done in Ready state. Such a request only removes the indicated media stream and associated resources from the session. This may result in that a session returns to non-aggregated control, due to that it only contains a single media after the requests completion. A session that will exist after the processing of the TEARDOWN request SHALL in the response to that TEARDOWN request contain a Session header. Thus the presence of the Session indicates to the receiver of the response if the session is still existing or has been removed. H. Schulzrinne et. al. [Page 57] Internet Draft RTSP October 24, 2005 Example: C->S: TEARDOWN rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 892 Session: 12345678 S->C: RTSP/2.0 200 OK CSeq: 892 Server: PhonyServer 1.0 11.7 GET_PARAMETER The GET_PARAMETER request retrieves the value of a parameter or parameters for a presentation or stream specified in the URI. If the Session header is present in a request, the value of a parameter MUST be retrieved in the specified session context. The content of the reply and response is left to the implementation. The method MAY also be used without a body (entity). If the this request is successful, i.e. a 200 OK response is received, then the keep-alive timer has been updated. Any non-required header present in such a request may or may not been processed. To allow a client to determine if any such header has been processed, it is necessary to use a feature tag and the Require header. Due to this reason it is RECOMMENDED that any parameters to be retrieved are sent in the body, rather than using any header. Example: S->C: GET_PARAMETER rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 431 Content-Type: text/parameters Session: 12345678 Content-Length: 26 packets_received jitter C->S: RTSP/2.0 200 OK CSeq: 431 Content-Length: 38 Content-Type: text/parameters packets_received: 10 jitter: 0.3838 H. Schulzrinne et. al. [Page 58] Internet Draft RTSP October 24, 2005 The "text/parameters" section is only an example type for a body carrying parameters. 11.8 SET_PARAMETER This method requests to set the value of a parameter or a set of parameters for a presentation or stream specified by the URI. The method MAY also be used without a body (entity). It is the RECOMMENDED method to use in request sent for the sole purpose of updating the keep-alive timer. If this request is successful, i.e. a 200 OK response is received, then the keep-alive timer has been updated. Any non-required header present in such a request may or may not been processed. To allow a client to determine if any such header has been processed, it is necessary to use a feature tag and the Require header. Due to this reason it is RECOMMENDED that any parameters are sent in the body, rather than using any header. A request is RECOMMENDED to only contain a single parameter to allow the client to determine why a particular request failed. If the request contains several parameters, the server MUST only act on the request if all of the parameters can be set successfully. A server MUST allow a parameter to be set repeatedly to the same value, but it MAY disallow changing parameter values. If the receiver of the request does not understand or cannot locate a parameter, error 451 (Parameter Not Understood) SHALL be used. In the case a parameter is not allowed to change, the error code is 458 (Parameter Is Read- Only). The response body SHOULD contain only the parameters that have errors. Otherwise no body SHALL be returned. Note: transport parameters for the media stream MUST only be set with the SETUP command. Restricting setting transport parameters to SETUP is for the benefit of firewalls. The parameters are split in a fine-grained fashion so that there can be more meaningful error indications. However, it may make sense to allow the setting of several parameters if an atomic setting is desirable. Imagine device control where the client does not want the camera to pan unless it can also tilt to the right angle at the same time. Example: C->S: SET_PARAMETER rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 421 H. Schulzrinne et. al. [Page 59] Internet Draft RTSP October 24, 2005 Content-length: 20 Content-type: text/parameters barparam: barstuff S->C: RTSP/2.0 451 Parameter Not Understood CSeq: 421 Content-length: 10 Content-type: text/parameters barparam The "text/parameters" section is only an example type for parameters. This method is intentionally loosely defined with the intention that the reply content and response content will be defined by the one desiring to use this mechanism. 11.9 REDIRECT The REDIRECT method is issued by a server to inform a client that it required to connect to another server location to access the resource indicated by the Request-URI. The presence of the Session header in a REDIRECT request indicates the scope of the request, and determines the specific semantics of the request. A REDIRECT request with a Session header has end-to-end (i.e. server to client) scope and applies only to the given session. Any intervening proxies SHOULD NOT disconnect the control channel while there are other remaining end-to-end sessions. The OPTIONAL Location header, if included in such a request, SHALL contain a complete absolute URI pointing to the resource to which the client SHOULD reconnect. Specifically, the Location SHALL NOT contain just the host and port. A client may receive a REDIRECT request with a Session header, if and only if, an end-to-end session has been established. A client may receive a REDIRECT request without a Session header at any time when it has communication or a connection established with a server. The scope of such a request is limited to the next-hop (i.e. the RTSP agent in direct communication with the server) and applies, as well, to the control connection between the next-hop RTSP agent and the server. A REDIRECT request without a Session header indicates that all sessions and pending requests being managed via the control connection MUST be redirected. The OPTIONAL Location header, if included in such a request, SHOULD contain an absolute URI H. Schulzrinne et. al. [Page 60] Internet Draft RTSP October 24, 2005 with only the host address and the OPTIONAL port number of the server to which the RTSP agent SHOULD reconnect. Any intervening proxies SHOULD do all of the following in the order listed: 1. respond to the REDIRECT request 2. disconnect the control channel from the requesting server 3. connect to the server at the given host address 4. pass the REDIRECT request to each applicable client (typically those clients with an active session or an unanswered request) Note: The proxy is responsible for accepting REDIRECT responses from its clients; these responses MUST NOT be passed on to either the original server or the redirected server. The lack of a Location header in any REDIRECT request is indicative of the server no longer being able to fulfill the current request and having no alternatives for the client to continue with its normal operation. It is akin to a server initiated TEARDOWN that applies both to sessions as well as the general connection associated with that client. When the Range header is not included in a REDIRECT request, the client SHOULD perform the redirection immediately and return a response to the server. The server can consider the session as terminated and can free any associated state after it receives the successful (2xx) response. The server MAY close the signalling connection upon receiving the response and the client SHOULD close the signalling connection after sending the 2xx response. The exception to this is when the client has several sessions on the server being managed by the given signalling connection. In this case, the client SHOULD close the connection when it has received and responded to REDIRECT requests for all the sessions managed by the signalling connection. If the OPTIONAL Range header is included in a REDIRECT request, it indicates when the redirection takes effect. The range value MUST be an open ended single value, e.g. npt=59-, indicating the play out time when redirection SHALL occur. Alternatively, a range with a time= parameter indicates the wall clock time by when the redirection MUST take place. When the time= parameter is present in the range, any range value MUST be ignored even though it MUST be syntactically correct. When the indicated redirect point is reached, a client MUST issue a TEARDOWN request and SHOULD close the signalling connection after receiving a 2xx response. The normal connection considerations H. Schulzrinne et. al. [Page 61] Internet Draft RTSP October 24, 2005 apply for the server. The differentiation of REDIRECT requests with and without range headers is to allow for clear and explicit state handling. As the state in the server needs to be kept until the point of redirection, the handling becomes more clear if the client is required to TEARDOWN the session at the redirect point. After a REDIRECT request has been processed, a client that wants to continue to send or receive media for the resource identified by the Request-URI will have to establish a new session with the designated host. If the URI given in the Location header is a valid resource URI, a client SHOULD issue a DESCRIBE request for the URI. Note: The media resource indicated by the Location header can be identical, slightly different or totally different. This is the reason why a new DESCRIBE request SHOULD be issued. If the Location header contains only a host address, the client MAY assume that the media on the new server is identical to the media on the old server, i.e. all media configuration information from the old session is still valid except for the host address. This example request redirects traffic for this session to the new server at the given absolute time: S->C: REDIRECT rtsp://example.com/fizzle/foo RTSP/2.0 CSeq: 732 Location: rtsp://s2.example.com:8001 Range: npt=0- ;time=19960213T143205Z Session: uZ3ci0K+Ld-M 12 Embedded (Interleaved) Binary Data In order to fulfill certain requirements on the network side, e.g. in conjunction with network address translators that block RTP traffic over UDP, it may be necessary to interleave RTSP messages and media stream data. This interleaving should generally be avoided unless necessary since it complicates client and server operation and imposes additional overhead. Also head of line blocking may cause problems. Interleaved binary data SHOULD only be used if RTSP is H. Schulzrinne et. al. [Page 62] Internet Draft RTSP October 24, 2005 carried over TCP. Stream data such as RTP packets is encapsulated by an ASCII dollar sign (24 decimal), followed by a one-byte channel identifier, followed by the length of the encapsulated binary data as a binary, two-byte integer in network byte order. The stream data follows immediately afterwards, without a CRLF, but including the upper-layer protocol headers. Each $ block SHALL contain exactly one upper-layer protocol data unit, e.g., one RTP packet. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | "$" = 24 | Channel ID | Length in bytes | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ : Length number of bytes of binary data : +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The channel identifier is defined in the Transport header with the interleaved parameter(Section 14.45). When the transport choice is RTP, RTCP messages are also interleaved by the server over the TCP connection. The usage of RTCP messages is indicated by including a range containing a second channel in the interleaved parameter of the Transport header, see section 14.45. If RTCP is used, packets SHALL be sent on the first available channel higher than the RTP channel. The channels are bi-directional and therefore RTCP traffic are sent on the second channel in both directions. RTCP is needed for synchronization when two or more streams are interleaved in such a fashion. Also, this provides a convenient way to tunnel RTP/RTCP packets through the TCP control connection when required by the network configuration and transfer them onto UDP when possible. C->S: SETUP rtsp://example.com/bar.file RTSP/2.0 CSeq: 2 H. Schulzrinne et. al. [Page 63] Internet Draft RTSP October 24, 2005 Transport: RTP/AVP/TCP;unicast;interleaved=0-1 S->C: RTSP/2.0 200 OK CSeq: 2 Date: 05 Jun 1997 18:57:18 GMT Transport: RTP/AVP/TCP;unicast;interleaved=5-6 Session: 12345678 C->S: PLAY rtsp://example.com/bar.file RTSP/2.0 CSeq: 3 Session: 12345678 S->C: RTSP/2.0 200 OK CSeq: 3 Session: 12345678 Date: 05 Jun 1997 18:59:15 GMT RTP-Info: url="rtsp://example.com/bar.file" ssrc=0D12F123:seq=232433;rtptime=972948234 S->C: $005{2 byte length}{"length" bytes data, w/RTP header} S->C: $005{2 byte length}{"length" bytes data, w/RTP header} S->C: $006{2 byte length}{"length" bytes RTCP packet} 13 Status Code Definitions Where applicable, HTTP status [H10] codes are reused. Status codes that have the same meaning are not repeated here. See Table 4 for a listing of which status codes may be returned by which requests. All error messages, 4xx and 5xx MAY return a body containing further information about the error. 13.1 Success 1xx 13.1.1 100 Continue See, [H10.1.1]. 13.2 Success 2xx 13.3 Redirection 3xx The notation "3rr" indicates response codes from 300 to 399 inclusive which are meant for redirection. The response code 304 is excluded from this set, as it is not used for redirection. See [H10.3] for definition of status code 300 to 305. However H. Schulzrinne et. al. [Page 64] Internet Draft RTSP October 24, 2005 comments are given for some to how they apply to RTSP. Within RTSP, redirection may be used for load balancing or redirecting stream requests to a server topologically closer to the client. Mechanisms to determine topological proximity are beyond the scope of this specification. A 3rr code MAY be used to respond to any request. It is RECOMMENDED that they are used if necessary before a session is established, i.e. in response to DESCRIBE or SETUP. However in cases where a server is not able to send a REDIRECT request to the client, the server MAY need to resort to using 3rr responses to inform a client with a established session about the need for redirecting the session. If an 3rr response is received for an request in relation to a established session, the client SHOULD send a TEARDOWN request for the session, and MAY reestablish the session using the resource indicated by the Location. If the the Location header is used in a response it SHALL contain an absolute URI pointing out the media resource the client is redirected to, the URI SHALL NOT only contain the host name. 13.3.1 300 Multiple Choices See [H10.3.1] [TBW] 13.3.2 301 Moved Permanently The request resource are moved permanently and resides now at the URI given by the location header. The user client SHOULD redirect automatically to the given URI. This response MUST NOT contain a message-body. The Location header MUST be included in the response. 13.3.3 302 Found The requested resource reside temporarily at the URI given by the Location header. The Location header MUST be included in the response. Is intended to be used for many types of temporary redirects, e.g. load balancing. It is RECOMMENDED that one set the reason phrase to something more meaningful than "Found" in these cases. The user client SHOULD redirect automatically to the given URI. This response MUST NOT contain a message-body. 13.3.4 303 See Other This status code SHALL NOT be used in RTSP. However as it was allowed to use in RTSP 1.0 (RFC 2326). H. Schulzrinne et. al. [Page 65] Internet Draft RTSP October 24, 2005 13.3.5 304 Not Modified If the client has performed a conditional DESCRIBE or SETUP (see 14.26) and the requested resource has not been modified, the server SHOULD send a 304 response. This response MUST NOT contain a message-body. The response MUST include the following header fields: o Date o ETag and/or Content-Location, if the header would have been sent in a 200 response to the same request. o Expires, Cache-Control, and/or Vary, if the field-value might differ from that sent in any previous response for the same variant. This response is independent for the DESCRIBE and SETUP requests. That is, a 304 response to DESCRIBE does NOT imply that the resource content is unchanged (only the session description) and a 304 response to SETUP does NOT imply that the resource description is unchanged. The ETag and If-Match headers may be used to link the DESCRIBE and SETUP in this manner. 13.3.6 305 Use Proxy See [H10.3.6]. 13.4 Client Error 4xx 13.4.1 400 Bad Request The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications [H10.4.1]. If the request does not have a CSeq header, the server MUST NOT include a CSeq in the response. 13.4.2 405 Method Not Allowed The method specified in the request is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. This status code is also to be used if a request attempts to use a method not indicated during SETUP, e.g., if a RECORD request is issued even though the mode parameter in the Transport header only specified PLAY. H. Schulzrinne et. al. [Page 66] Internet Draft RTSP October 24, 2005 13.4.3 451 Parameter Not Understood The recipient of the request does not support one or more parameters contained in the request. When returning this error message the sender SHOULD return a entity body containing the offending parameter(s). 13.4.4 452 reserved This error code was removed from RFC 2326 [24] and is obsolete. 13.4.5 453 Not Enough Bandwidth The request was refused because there was insufficient bandwidth. This may, for example, be the result of a resource reservation failure. 13.4.6 454 Session Not Found The RTSP session identifier in the Session header is missing, invalid, or has timed out. 13.4.7 455 Method Not Valid in This State The client or server cannot process this request in its current state. The response SHOULD contain an Allow header to make error recovery easier. 13.4.8 456 Header Field Not Valid for Resource The server could not act on a required request header. For example, if PLAY contains the Range header field but the stream does not allow seeking. This error message may also be used for specifying when the time format in Range is impossible for the resource. In that case the Accept-Ranges header SHOULD be returned to inform the client of which format(s) that are allowed. 13.4.9 457 Invalid Range The Range value given is out of bounds, e.g., beyond the end of the presentation. 13.4.10 458 Parameter Is Read-Only The parameter to be set by SET_PARAMETER can be read but not modified. When returning this error message the sender SHOULD return a entity body containing the offending parameter(s). H. Schulzrinne et. al. [Page 67] Internet Draft RTSP October 24, 2005 13.4.11 459 Aggregate Operation Not Allowed The requested method may not be applied on the URI in question since it is an aggregate (presentation) URI. The method may be applied on a media URI. 13.4.12 460 Only Aggregate Operation Allowed The requested method may not be applied on the URI in question since it is not an aggregate control (presentation) URI. The method may be applied on the aggregate control URI. 13.4.13 461 Unsupported Transport The Transport field did not contain a supported transport specification. 13.4.14 462 Destination Unreachable The data transmission channel could not be established because the client address could not be reached. This error will most likely be the result of a client attempt to place an invalid dest_addr parameter in the Transport field. 13.4.15 463 Destination Prohibited The data transmission channel was not established because the server prohibited access to the client address. This error is most likely the result of a client attempt to redirect media traffic to another destination with a dest_addr parameter in the Transport header. 13.4.16 470 Connection Authorization Required The secured connection attempt need user or client authorization before proceeding. The next hops certificate is included in this response in the Accept-Credentials header. 13.4.17 471 Connection Credentials not accepted When performing a secure connection over multiple connections, a intermediary has refused to connect to the next hop and carry out the request due to unacceptable credentials for the used policy. 13.5 Server Error 5xx 13.5.1 551 Option not supported A feature-tag given in the Require or the Proxy-Require fields was H. Schulzrinne et. al. [Page 68] Internet Draft RTSP October 24, 2005 not supported. The Unsupported header SHOULD be returned stating the feature for which there is no support. 14 Header Field Definitions method direction object acronym Body _________________________________________________ DESCRIBE C -> S P,S DES r GET_PARAMETER C -> S, S -> C P,S GPR R,r OPTIONS C -> S P,S OPT S -> C PAUSE C -> S P,S PSE PLAY C -> S P,S PLY REDIRECT S -> C P,S RDR SETUP C -> S S STP SET_PARAMETER C -> S, S -> C P,S SPR R,r TEARDOWN C -> S P,S TRD Table 8: Overview of RTSP methods, their direction, and what objects (P: presentation, S: stream) they operate on. Body notes if a method is allowed to carry body and in which direction, R = Request, r=response. Note: It is allowed for all error messages 4xx and 5xx to have a body The general syntax for header fields is covered in Section 4.2 This section lists the full set of header fields along with notes on meaning, and usage. The syntax definition for header fields are present in section 19.2.3. Throughout this section, we use [HX.Y] to refer to Section X.Y of the current HTTP/1.1 specification RFC 2616 [3]. Examples of each header field are given. Information about header fields in relation to methods and proxy processing is summarized in Tables 9, 10, 11, and 12. The "where" column describes the request and response types in which the header field can be used. Values in this column are: R: header field may only appear in requests; r: header field may only appear in responses; 2xx, 4xx, etc.: A numerical value or range indicates response codes with which the header field can be used; c: header field is copied from the request to the response. H. Schulzrinne et. al. [Page 69] Internet Draft RTSP October 24, 2005 An empty entry in the "where" column indicates that the header field may be present in all requests and responses. The "proxy" column describes the operations a proxy may perform on a header field. An empty proxy column indicates that the proxy SHALL NOT do any changes to that header, all allowed operations are explicitly stated: a: A proxy can add or concatenate the header field if not present. m: A proxy can modify an existing header field value. d: A proxy can delete a header field value. r: A proxy needs to be able to read the header field, and thus this header field cannot be encrypted. The rest of the columns relate to the presence of a header field in a method. The method names when abbreviated, are according to table 8: c: Conditional; requirements on the header field depend on the context of the message. m: The header field is mandatory. m*: The header field SHOULD be sent, but clients/servers need to be prepared to receive messages without that header field. o: The header field is optional. *: The header field is SHALL be present if the message body is not empty. See sections 14.16, 14.18 and 4.3 for details. -: The header field is not applicable. "Optional" means that a Client/Server MAY include the header field in a request or response. The Client/Server behavior when receiving such headers varies, for some it may ignore the header field, in other case it is request to process the header. This is regulated by the method and header descriptions. Example of such headers that require processing are the Require and Proxy-Require header fields discussed in 14.37 and 14.31. A "mandatory" header field MUST be present in a request, and MUST be understood by the Client/Server receiving the request. A mandatory response header field MUST be present in the response, and the header field MUST be understood by the Client/Server processing the response. "Not applicable" means that the header field MUST NOT be present in a request. If one is placed H. Schulzrinne et. al. [Page 70] Internet Draft RTSP October 24, 2005 in a request by mistake, it MUST be ignored by the Client/Server receiving the request. Similarly, a header field labeled "not applicable" for a response means that the Client/Server MUST NOT place the header field in the response, and the Client/Server MUST ignore the header field in the response. A Client/Server SHOULD ignore extension header parameters that are not understood. The From and Location header fields contain an URI. If the URI contains a comma, or semicolon, the URI MUST be enclosed in double quotas ("). Any URI parameters are contained within these quotas. If the URI is not enclosed in double quotas, any semicolon- delimited parameters are header-parameters, not URI parameters. 14.1 Accept The Accept request-header field can be used to specify certain presentation description content types which are acceptable for the response. The "level" parameter for presentation descriptions is properly defined as part of the MIME type registration, not here. See [H14.1] for syntax. Example of use: Accept: application/rtsl q=1.0, application/sdp 14.2 Accept-Credentials The Accept-Credentials header is a request header used to indicate to any trusted intermediary how to handle further secured connections to proxies or servers. See section 18 for the usage of this header. It SHALL only be included in client to server requests. In a request the header SHALL contain the method (User, Proxy, or Any) for approving credentials selected by the requestor. The method SHALL NOT be changed by any proxy. If the method is "User" the header H. Schulzrinne et. al. [Page 71] Internet Draft RTSP October 24, 2005 Header Where Proxy DES OPT SETUP PLAY PAUSE TRD _________________________________________________________________ Accept R o - - - - - Accept-Credentials R r o o o o o o Accept-Encoding R r o - - - - - Accept-Language R r o - - - - - Accept-Ranges r r - - o - - - Accept-Ranges 456 r - - - o o - Allow r am c c c - - - Allow 405 am m m m m m m Authorization R o o o o o o Bandwidth R o o o o - - Blocksize R o - o o - - Cache-Control r - - o - - - Connection o o o o o o Connection-Credentials 470,407 ar o o o o o o Content-Base r o - - - - - Content-Base 4xx o o o o o o Content-Encoding R r - - - - - - Content-Encoding r r o - - - - - Content-Encoding 4xx r o o o o o o Content-Language R r - - - - - - Content-Language r r o - - - - - Content-Language 4xx r o o o o o o Content-Length r r * - - - - - Content-Length 4xx r * * * * * * Content-Location r o - - - - - Content-Location 4xx o o o o o o Content-Type r * - - - - - Content-Type 4xx * * * * * * CSeq Rc rm m m m m m m Date am o o o o o o ETag r r o - o - - - Expires r r o - - - - - From R r o o o o o o Host - - - - - - If-Match R r - - o - - - If-Modified-Since R r o - o - - - If-None-Match R r o - - - - - Last-Modified r r o - - - - - Location 3rr o o o o o o Table 9: Overview of RTSP header fields (A-L) related to methods DESCRIBE, OPTIONS, SETUP, PLAY, PAUSE, and TEARDOWN. H. Schulzrinne et. al. [Page 72] Internet Draft RTSP October 24, 2005 Header Where Proxy DES OPT SETUP PLAY PAUSE TRD _____________________________________________________________ Proxy-Authenticate 407 amr m m m m m m Proxy-Require R ar o o o o o o Proxy-Require r r c c c c c c Proxy-Supported R amr oc oc oc oc oc oc Proxy-Supported r c c c c c c Public r admr - m* - - - - Public 501 admr m* m* m* m* m* m* Range R - - - o o - Range r - - c m* m* - Referer R o o o o o o Require R o o o o o o Retry-After 3rr,503 o o o - - - RTP-Info r - - o c - - Scale - - - o - - Session R r - o o m m m Session r r - c m m m o Server R r - o - - - - Server r r o o o o o o Speed - - - o - - Supported R amr o o o o o o Supported r amr c c c c c c Timestamp R admr o o o o o o Timestamp c admr m m m m m m Transport amr - - m - - - Unsupported r c c c c c c User-Agent R m* m* m* m* m* m* Vary r c c c c c c Via R amr o o o o o o Via c dr m m m m m m WWW-Authenticate 401 m m m m m m _____________________________________________________________ Header Where Proxy DES OPT SETUP PLAY PAUSE TRD Table 10: Overview of RTSP header fields (P-W) related to methods DESCRIBE, OPTIONS, SETUP, PLAY, PAUSE, and TEARDOWN. contains zero or more of credentials that the client accept. Each credential SHALL consist of one URI identifying the proxy or server, and the SHA-1 [14] hash computed over that entity's DER encoded certificate [15] in Base64 [35]. H. Schulzrinne et. al. [Page 73] Internet Draft RTSP October 24, 2005 Header Where Proxy GPR SPR RDR __________________________________________________ Accept-Credentials R r o o o Allow 405 amr m m m Authorization R o o o Bandwidth R - o - Blocksize R - o - Connection o o o Connection-Credentials 470,407 ar o o o Content-Base R o o - Content-Base r o o - Content-Base 4xx o o o Content-Encoding R r o o - Content-Encoding r r o o - Content-Encoding 4xx r o o o Content-Language R r o o - Content-Language r r o o - Content-Language 4xx r o o o Content-Length R r * * - Content-Length r r * * - Content-Length 4xx r * * * Content-Location R o o - Content-Location r o o - Content-Location 4xx o o o Content-Type R * * - Content-Type r * * - Content-Type 4xx * * * CSeq Rc mr m m m Date am o o o From R r o o o Host - - - Last-Modified R r - - - Last-Modified r r o - - Location 3rr o o o Location R - - m Proxy-Authenticate 407 amr m m m Proxy-Require R ar o o o Proxy-Require r r c c c Proxy-Supported R amr oc oc oc Proxy-Supported r c c c Public 501 admr m* m* m* __________________________________________________ Header Where Proxy GPR SPR RDR Table 11: Overview of RTSP header fields (A-P) related to methods GET_PARAMETER, SET_PARAMETER, and REDIRECT. H. Schulzrinne et. al. [Page 74] Internet Draft RTSP October 24, 2005 Header Where Proxy GPR SPR RDR ____________________________________________ Range R - - o Referer R o o o Require R r o o o Retry-After 3rr,503 o o - Scale - - - Session R r o o o Session r r c c o Server R r o o o Server r r o o - Supported R adrm o o o Supported r adrm c c c Timestamp R adrm o o o Timestamp c adrm m m m Unsupported r arm c c c User-Agent R r m* m* - User-Agent r r - - m* Vary r c c - Via R amr o o o Via c dr m m m WWW-Authenticate 401 m m m ____________________________________________ Header Where Proxy GPR SPR RDR Table 12: Overview of RTSP header fields (R-W) related to methods GET_PARAMETER, SET_PARAMETER, and REDIRECT. "rtsps://proxy2.example.com/";exaIl9VMbQMOFGClx5rXnPJKVNI=, "rtsps://server.example.com/";lurbjj5khhB0NhIuOXtt4bBRH1M= 14.3 Accept-Encoding See [H14.3] 14.4 Accept-Language See [H14.4]. Note that the language specified applies to the presentation description and any reason phrases, not the media content. 14.5 Accept-Ranges The Accept-Ranges response-header field allows the server to indicate H. Schulzrinne et. al. [Page 75] Internet Draft RTSP October 24, 2005 its acceptance of range requests and possible formats for a resource: Accept-Ranges: NPT, SMPTE This header has the same syntax as [H14.5] and the syntax is defined in 19.2.3. However, new range-units are defined. Inclusion of any of the time formats indicates acceptance by the server for PLAY and PAUSE requests with this format. The headers value is valid for the resource specified by the URI in the request, this response corresponds to. A server SHOULD use this header in SETUP responses to indicate to the client which range time formats the media supports. The header SHOULD also be included in "456" responses which is a result of use of unsupported range formats. 14.6 Allow The Allow entity-header field lists the methods supported by the resource identified by the Request-URI. The purpose of this field is to strictly inform the recipient of valid methods associated with the resource. An Allow header field MUST be present in a 405 (Method Not Allowed) response. See [H14.7] for syntax definition. The Allow header MUST also be present in all OPTIONS responses where the content of the header will not include exactly the same methods as listed in the Public header. The Allow SHALL also be included in SETUP and DESCRIBE responses, if the methods allowed for the resource is different than the minimal implementation set. Example of use: Allow: SETUP, PLAY, SET_PARAMETER 14.7 Authorization See [H14.8] 14.8 Bandwidth The Bandwidth request-header field describes the estimated bandwidth available to the client, expressed as a positive integer and measured in bits per second. The bandwidth available to the client may change during an RTSP session, e.g., due to mobility. H. Schulzrinne et. al. [Page 76] Internet Draft RTSP October 24, 2005 Example: Bandwidth: 4000 14.9 Blocksize The Blocksize request-header field is sent from the client to the media server asking the server for a particular media packet size. This packet size does not include lower-layer headers such as IP, UDP, or RTP. The server is free to use a blocksize which is lower than the one requested. The server MAY truncate this packet size to the closest multiple of the minimum, media-specific block size, or override it with the media-specific size if necessary. The block size MUST be a positive decimal number, measured in octets. The server only returns an error (4xx) if the value is syntactically invalid. 14.10 Cache-Control The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. Cache directives MUST be passed through by a proxy or gateway application, regardless of their significance to that application, since the directives may be applicable to all recipients along the request/response chain. It is not possible to specify a cache- directive for a specific cache. Cache-Control should only be specified in a SETUP request and its response. Note: Cache-Control does not govern the caching of responses as for HTTP, instead it applies to the media stream identified by the SETUP request. The caching of RTSP requests are generally not cacheable, for further information see section 16. Below is the description of the cache directives that can be included in the Cache-Control header. no-cache: Indicates that the media stream MUST NOT be cached anywhere. This allows an origin server to prevent caching even by caches that have been configured to return stale responses to client requests. public: Indicates that the media stream is cacheable by any cache. private: Indicates that the media stream is intended for a single user and MUST NOT be cached by a shared cache. A H. Schulzrinne et. al. [Page 77] Internet Draft RTSP October 24, 2005 private (non-shared) cache may cache the media stream. no-transform: An intermediate cache (proxy) may find it useful to convert the media type of a certain stream. A proxy might, for example, convert between video formats to save cache space or to reduce the amount of traffic on a slow link. Serious operational problems may occur, however, when these transformations have been applied to streams intended for certain kinds of applications. For example, applications for medical imaging, scientific data analysis and those using end-to-end authentication all depend on receiving a stream that is bit-for-bit identical to the original media stream. Therefore, if a response includes the no-transform directive, an intermediate cache or proxy MUST NOT change the encoding of the stream. Unlike HTTP, RTSP does not provide for partial transformation at this point, e.g., allowing translation into a different language. only-if-cached: In some cases, such as times of extremely poor network connectivity, a client may want a cache to return only those media streams that it currently has stored, and not to receive these from the origin server. To do this, the client may include the only-if-cached directive in a request. If it receives this directive, a cache SHOULD either respond using a cached media stream that is consistent with the other constraints of the request, or respond with a 504 (Gateway Timeout) status. However, if a group of caches is being operated as a unified system with good internal connectivity, such a request MAY be forwarded within that group of caches. max-stale: Indicates that the client is willing to accept a media stream that has exceeded its expiration time. If max-stale is assigned a value, then the client is willing to accept a response that has exceeded its expiration time by no more than the specified number of seconds. If no value is assigned to max-stale, then the client is willing to accept a stale response of any age. min-fresh: Indicates that the client is willing to accept a media stream whose freshness lifetime is no less than its current age plus the specified time in seconds. That is, the client wants a response that will still be fresh for at least the specified number of seconds. must-revalidate: When the must-revalidate directive is present in a SETUP response received by a cache, that cache MUST H. Schulzrinne et. al. [Page 78] Internet Draft RTSP October 24, 2005 NOT use the entry after it becomes stale to respond to a subsequent request without first revalidating it with the origin server. That is, the cache is required to do an end-to-end revalidation every time, if, based solely on the origin server's Expires, the cached response is stale.) proxy-revalidate: The proxy-revalidate directive has the same meaning as the must-revalidate directive, except that it does not apply to non-shared user agent caches. It can be used on a response to an authenticated request to permit the user's cache to store and later return the response without needing to revalidate it (since it has already been authenticated once by that user), while still requiring proxies that service many users to revalidate each time (in order to make sure that each user has been authenticated). Note that such authenticated responses also need the public cache control directive in order to allow them to be cached at all. max-age: When an intermediate cache is forced, by means of a max-age=0 directive, to revalidate its own cache entry, and the client has supplied its own validator in the request, the supplied validator might differ from the validator currently stored with the cache entry. In this case, the cache MAY use either validator in making its own request without affecting semantic transparency. However, the choice of validator might affect performance. The best approach is for the intermediate cache to use its own validator when making its request. If the server replies with 304 (Not Modified), then the cache can return its now validated copy to the client with a 200 (OK) response. If the server replies with a new entity and cache validator, however, the intermediate cache can compare the returned validator with the one provided in the client's request, using the strong comparison function. If the client's validator is equal to the origin server's, then the intermediate cache simply returns 304 (Not Modified). Otherwise, it returns the new entity with a 200 (OK) response. 14.11 Connection See [H14.10]. The use of the connection option "close" in RTSP messages SHOULD be limited to error messages when the server is unable to recover and therefore see it necessary to close the connection. The reason is that the client has the choice of continuing using a connection indefinitely, as long as it sends valid H. Schulzrinne et. al. [Page 79] Internet Draft RTSP October 24, 2005 messages. 14.12 Connection-Credentials The Connection-Credentials response header is used to carry the credentials of any next hop that need to be approved by the requestor. It SHALL only be used in server to client responses. The Connection-Credentials header in an RTSP response SHALL, if included, contain the credentials information of the next hop that an intermediary needs to securely connect to. The credential MUST include the URI of the next proxy or server and the DER encoded X.509v3 [15] certificate in base64 [35]. Example: Connection-Credentials:"rtsps://proxy2.example.com/";MIIDNTCC... 14.13 Content-Base The Content-Base entity-header field may be used to specify the base URI for resolving relative URIs within the entity. Content-Base: rtsp://media.example.com/movie/twister If no Content-Base field is present, the base URI of an entity is defined either by its Content-Location (if that Content-Location URI is an absolute URI) or the URI used to initiate the request, in that order of precedence. Note, however, that the base URI of the contents within the entity-body may be redefined within that entity-body. 14.14 Content-Encoding See [H14.11] 14.15 Content-Language See [H14.12] 14.16 Content-Length The Content-Length general-header field contains the length of the body (entity) of the message (i.e. after the double CRLF following the last header). Unlike HTTP, it MUST be included in all messages H. Schulzrinne et. al. [Page 80] Internet Draft RTSP October 24, 2005 that carry body beyond the header portion of the message. If it is missing, a default value of zero is assumed. It is interpreted according to [H14.13]. 14.17 Content-Location See [H14.14] 14.18 Content-Type See [H14.17]. Note that the content types suitable for RTSP are likely to be restricted in practice to presentation descriptions and parameter-value types. 14.19 CSeq The CSeq general-header field specifies the sequence number for an RTSP request-response pair. This field MUST be present in all requests and responses. For every RTSP request containing the given sequence number, the corresponding response will have the same number. Any retransmitted request MUST contain the same sequence number as the original (i.e. the sequence number is not incremented for retransmissions of the same request). For each new RTSP request the CSeq value SHALL be incremented by one. The initial sequence number MAY be any number, however it is RECOMMENDED to start at 0. Each sequence number series is unique between each requester and responder, i.e. the client has one series for its request to a server and the server has another when sending request to the client. Each requester and responder is identified with its network address. Example: CSeq: 239 14.20 Date See [H14.18]. An RTSP message containing a body MUST include a Date header if the sending host has a clock. Servers SHOULD include a Date header in all other RTSP messages. 14.21 ETag The ETag response header MAY be included in DESCRIBE or SETUP responses. The entity tag returned in a DESCRIBE response is for the included entity, while for SETUP it refers to the media resource just set up. This differentiation allows for cache validation of both H. Schulzrinne et. al. [Page 81] Internet Draft RTSP October 24, 2005 session description and the media resource associated with the description. If the ETag is provided both inside the entity, e.g. within the "a=etag" attribute in SDP, and in the response message, then both tags SHALL be identical. It is RECOMMENDED that the ETag is primarily given in the RTSP response message, to ensure that caches can use the ETag without requiring content inspection. SETUP and DESCRIBE requests can be made conditional upon the ETag using the headers If-Match (Section 14.25) and If-None-Match (Section 14.27). 14.22 Expires The Expires entity-header field gives a date and time after which the description or media-stream should be considered stale. The interpretation depends on the method: DESCRIBE response: The Expires header indicates a date and time after which the presentation description (body) SHOULD be considered stale. SETUP response: The Expires header indicate a date and time after which the media stream SHOULD be considered stale. A stale cache entry may not normally be returned by a cache (either a proxy cache or an user agent cache) unless it is first validated with the origin server (or with an intermediate cache that has a fresh copy of the entity). See section 16 for further discussion of the expiration model. The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after that time. The format is an absolute date and time as defined by HTTP-date in [H3.3]; it MUST be in RFC1123-date format: An example of its use is Expires: Thu, 01 Dec 1994 16:00:00 GMT RTSP/2.0 clients and caches MUST treat other invalid date formats, especially including the value "0", as having occurred in the past (i.e., already expired). To mark a response as "already expired," an origin server should use H. Schulzrinne et. al. [Page 82] Internet Draft RTSP October 24, 2005 an Expires date that is equal to the Date header value. To mark a response as "never expires," an origin server SHOULD use an Expires date approximately one year from the time the response is sent. RTSP/2.0 servers SHOULD NOT send Expires dates more than one year in the future. The presence of an Expires header field with a date value of some time in the future on a media stream that otherwise would by default be non-cacheable indicates that the media stream is cacheable, unless indicated otherwise by a Cache-Control header field (Section 14.10). 14.23 From See [H14.22]. 14.24 Host The Host HTTP request header field [H14.23] is not needed for RTSP, and SHALL NOT be sent. It SHALL be silently ignored if received. 14.25 If-Match See [H14.24]. The If-Match request-header field is especially useful for ensuring the integrity of the presentation description, in both the case where it is fetched via means external to RTSP (such as HTTP), or in the case where the server implementation is guaranteeing the integrity of the description between the time of the DESCRIBE message and the SETUP message. By including the ETag given in or with the session description in a SETUP request, the client ensures that resources set up are matching the description. A SETUP request for which the ETag validation check fails, SHALL responde using 412 (Precondition Failed). This validation check is also very useful if a session has been redirected from one server to another. 14.26 If-Modified-Since The If-Modified-Since request-header field is used with the DESCRIBE and SETUP methods to make them conditional. If the requested variant has not been modified since the time specified in this field, a description will not be returned from the server (DESCRIBE) or a stream will not be set up (SETUP). Instead, a 304 (Not Modified) response SHALL be returned without any message-body. An example of the field is: H. Schulzrinne et. al. [Page 83] Internet Draft RTSP October 24, 2005 If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT 14.27 If-None-Match See [H14.26]. This request header can be used with entity tags to make DESCRIBE requests conditional. A new session description is retrieved only if another entity than the already available would be included. If the entity available for delivery is matching the one the client already has, then a 304 (Not Modified) response is given. 14.28 Last-Modified The Last-Modified entity-header field indicates the date and time at which the origin server believes the presentation description or media stream was last modified. See [H14.29]. For the methods DESCRIBE, the header field indicates the last modification date and time of the description, for SETUP that of the media stream. 14.29 Location See [H14.30]. 14.30 Proxy-Authenticate See [H14.33]. 14.31 Proxy-Require The Proxy-Require request-header field is used to indicate proxy- sensitive features that MUST be supported by the proxy. Any Proxy- Require header features that are not supported by the proxy MUST be negatively acknowledged by the proxy to the client using the Unsupported header. The proxy SHALL use the 551 (Option Not Supported) status code in the response. Any feature tag included in the Proxy-Require does not apply to the end-point (server or client). To ensure that a feature is supported by both proxies and servers the tag needs to be included in also a Require header. See Section 14.37 for more details on the mechanics of this message and a usage example. Example of use: Proxy-Require: play.basic H. Schulzrinne et. al. [Page 84] Internet Draft RTSP October 24, 2005 14.32 Proxy-Supported The Proxy-Supported header field enumerates all the extensions supported by the proxy using feature tags. The header carries the intersection of extensions supported by the forwarding proxies. The Proxy-Supported header MAY be included in any request by a proxy. It SHALL be added by any proxy if the Supported header is present in a request. When present in a request, the receiver MUST in the response copy the received Proxy-Supported header. The Proxy-Supported header field contains a list of feature-tags applicable to proxies, as described in Section 3.7. The list are the intersection of all feature-tags understood by the proxies. To achieve an intersection, the proxy adding the Proxy-Supported header includes all proxy feature-tags it understands. Any proxy receiving a request with the header, checks the list and removes any feature tag it do not support. A Proxy-Supported header present in the response SHALL NOT be touched by the proxies. Example: C->P1: OPTIONS rtsp://example.com/ RTSP/2.0 Supported: foo, bar, blech P1->P2: OPTIONS rtsp://example.com/ RTSP/2.0 Supported: foo, bar, blech Proxy-Supported: proxy-foo, proxy-bar, proxy-blech Via: 2.0 prox1.example.com P2->S: OPTIONS rtsp://example.com/ RTSP/2.0 Supported: foo, bar, blech Proxy-Supported: proxy-foo, proxy-blech Via: 2.0 prox1.example.com, 2.0 prox2.example.com S->C: RTSP/2.0 200 OK Supported: foo, bar, baz Proxy-Supported: proxy-foo, proxy-blech Public: OPTIONS, SETUP, PLAY, PAUSE, TEARDOWN Via: 2.0 prox1.example.com, 2.0 prox2.example.com 14.33 Public The Public response header field lists the set of methods supported by the response sender. This header applies to the general capabilities of the sender and its only purpose is to indicate the H. Schulzrinne et. al. [Page 85] Internet Draft RTSP October 24, 2005 sender's capabilities to the recipient. The methods listed may or may not be applicable to the Request-URI; the Allow header field (section 14.7) MAY be used to indicate methods allowed for a particular URI. Example of use: Public: OPTIONS, SETUP, PLAY, PAUSE, TEARDOWN In the event that there are proxies between the sender and the recipient of a response, each intervening proxy MUST modify the Public header field to remove any methods that are not supported via that proxy. The resulting Public header field will contain an intersection of the sender's methods and the methods allowed through by the intervening proxies. In general proxies should allow all methods to transparently pass through from the sending RTSP agent to the receiving RTSP agent, but there may be cases where this is not desirable for a given proxy. Modification of the Public response header field by the intervening proxies ensures that the request sender gets an accurate response indicating the methods that can be used on the target agent via the proxy chain. 14.34 Range The Range header specifies a time range in PLAY (Section 11.4), PAUSE (Section 11.5), SETUP (Section 11.3), and REDIRECT (Section 11.9) requests and/or responses. The range can be specified in a number of units. This specification defines smpte (Section 3.4), npt (Section 3.5), and clock (Section 3.6) range units. While byte ranges [H14.35.1] and other extended units MAY be used, their behavior is unspecified since they are not normally meaningful in RTSP. Servers supporting the Range header MUST understand the NPT range format and SHOULD understand the SMPTE range format. If the Range header is sent in a time format that is not understood, the recipient SHOULD return 456 (Header Field Not Valid for Resource) and include an Accept-Ranges header indicating the supported time formats for the given resource. The Range header MAY contain a time parameter in UTC, specifying the time at which the operation is to be made effective. This functionality SHALL be used only with the REDIRECT method. Ranges are half-open intervals, including the first point, but H. Schulzrinne et. al. [Page 86] Internet Draft RTSP October 24, 2005 excluding the second point. In other words, a range of A-B starts exactly at time A, but stops just before B. Only the start time of a media unit such as a video or audio frame is relevant. For example, assume that video frames are generated every 40 ms. A range of 10.0-10.1 would include a video frame starting at 10.0 or later time and would include a video frame starting at 10.08, even though it lasted beyond the interval. A range of 10.0-10.08, on the other hand, would exclude the frame at 10.08. Example: Range: clock=19960213T143205Z-;time=19970123T143720Z The notation is similar to that used for the HTTP/1.1 [3] byte-range header. It allows clients to select an excerpt from the media object, and to play from a given point to the end as well as from the current location to a given point. By default, range intervals increase, where the second point is larger than the first point. Example: Range: npt=10-15 However, range intervals can also decrease if the Scale header (see section 14.39) indicates a negative scale value. For example, this would be the case when a playback in reverse is desired. Example: Scale: -1 Range: npt=15-10 Decreasing ranges are still half open intervals as described above. Thus, for range A-B, A is closed and B is open. In the above example, 15 is closed and 10 is open. An exception to this rule is the case when B=0 in a decreasing range. In this case, the range is closed on both ends, as otherwise there would be no way to reach 0 on a reverse playback. H. Schulzrinne et. al. [Page 87] Internet Draft RTSP October 24, 2005 Example: Scale: -1 Range: npt=15-0 In this range both 15 and 0 are closed. A decreasing range interval without a corresponding negative Scale header is not valid. 14.35 Referer See [H14.36]. The URI refers to that of the presentation description, typically retrieved via HTTP. 14.36 Retry-After See [H14.37]. 14.37 Require The Require request-header field is used by clients or servers to ensure that the other end-point supports features that are required in respect to this request. It can also be used to query if the other end-point supports certain features, however the use of the Supported (Section 14.43) is much more effective in this purpose. The server MUST respond to this header by using the Unsupported header to negatively acknowledge those feature-tags which are NOT supported. The response SHALL use the error code 551 (Option Not Supported). This header does not apply to proxies, for the same functionality in respect to proxies see, header Proxy-Require (Section 14.31). This is to make sure that the client-server interaction will proceed without delay when all features are understood by both sides, and only slow down if features are not understood (as in the example below). For a well-matched client-server pair, the interaction proceeds quickly, saving a round-trip often required by negotiation mechanisms. In addition, it also removes state ambiguity when the client requires features that the server does not understand. Example: C->S: SETUP rtsp://server.com/foo/bar/baz.rm RTSP/2.0 H. Schulzrinne et. al. [Page 88] Internet Draft RTSP October 24, 2005 CSeq: 302 Require: funky-feature Funky-Parameter: funkystuff S->C: RTSP/2.0 551 Option not supported CSeq: 302 Unsupported: funky-feature In this example, "funky-feature" is the feature-tag which indicates to the client that the fictional Funky-Parameter field is required. The relationship between "funky-feature" and Funky-Parameter is not communicated via the RTSP exchange, since that relationship is an immutable property of "funky-feature" and thus should not be transmitted with every exchange. Proxies and other intermediary devices SHALL ignore this header. If a particular extension requires that intermediate devices support it, the extension should be tagged in the Proxy-Require field instead (see Section 14.31). 14.38 RTP-Info The RTP-Info response-header field is used to set RTP-specific parameters in the PLAY response. For streams using RTP as transport protocol the RTP-Info header SHOULD be part of a 200 response to PLAY. The exclusion of the RTP-Info in a PLAY response for RTP transported media will result in that a client needs to synchronize the media streams using RTCP. This may have negative impact as the RTCP can be lost, and does not need to be particulary timely in their arrival. Also functionality as informing the client from which packet a seek has occurred is affected. The RTP-Info MAY also be included in SETUP responses to provide synchronization information when changing transport parameters, see 11.3. The header can carry the following parameters: url: Indicates the stream URI which for which the following RTP parameters correspond, this URI MUST be the same used in the SETUP request for this media stream. Any relative URI H. Schulzrinne et. al. [Page 89] Internet Draft RTSP October 24, 2005 SHALL use the Request-URI as base URI. This parameter SHALL be present. ssrc: The Synchronization source (SSRC) that the RTP timestamp and sequence number provide applies to. This parameter SHALL be present. seq: Indicates the sequence number of the first packet of the stream that is direct result of the request. This allows clients to gracefully deal with packets when seeking. The client uses this value to differentiate packets that originated before the seek from packets that originated after the seek. Note that a client may not receive the packet with the expressed sequence number, and instead packets with a higher sequence number, due to packet loss or reordering. This parameter is RECOMMENDED to be present. rtptime: SHALL indicate the RTP timestamp value corresponding to the start time value in the Range response header, or if not explicitly given the implied start point. The client uses this value to calculate the mapping of RTP time to NPT or other media timescale. This parameter SHOULD be present to ensure inter-media synchronization is achieved. There exist no requirement that any received RTP packet will have the same RTP timestamp value as the one in the parameter used to establish synchronization. A mapping from RTP timestamps to NTP timestamps (wall clock) is available via RTCP. However, this information is not sufficient to generate a mapping from RTP timestamps to media clock time (NPT, etc.). Furthermore, in order to ensure that this information is available at the necessary time (immediately at startup or after a seek), and that it is delivered reliably, this mapping is placed in the RTSP control channel. In order to compensate for drift for long, uninterrupted presentations, RTSP clients should additionally map NPT to NTP, using initial RTCP sender reports to do the mapping, and later reports to check drift against the mapping. Example: Range:npt=3.25-15 RTP-Info:url="rtsp://example.com/foo/audio" ssrc=0A13C760:seq=45102; rtptime=12345678,url="rtsp://example.com/foo/video" ssrc=9A9DE123:seq=30211;rtptime=29567112 H. Schulzrinne et. al. [Page 90] Internet Draft RTSP October 24, 2005 Lets assume that audio uses a 16kHz RTP timestamp clock and Video a 90kHz RTP timestamp clock. Then the media synchronization is depicted in the following way. NPT 3.0---3.1---3.2-X-3.3---3.4---3.5---3.6 Audio PA A Video V PV X: NPT time value = 3.25, from Range header. A: RTP timestamp value for Audio from RTP-Info header (12345678). V: RTP timestamp value for Video from RTP-Info header (29567112). PA: RTP audio packet carrying an RTP timestamp of 12344878. Which corresponds to NPT = (12344878 - A) / 16000 + 3.25 = 3.2 PV: RTP video packet carrying an RTP timestamp of 29573412. Which corresponds to NPT = (29573412 - V) / 90000 + 3.25 = 3.32 14.39 Scale A scale value of 1 indicates normal play at the normal forward viewing rate. If not 1, the value corresponds to the rate with respect to normal viewing rate. For example, a ratio of 2 indicates twice the normal viewing rate ("fast forward") and a ratio of 0.5 indicates half the normal viewing rate. In other words, a ratio of 2 has normal play time increase at twice the wallclock rate. For every second of elapsed (wallclock) time, 2 seconds of content will be delivered. A negative value indicates reverse direction. For certain media transports this may require certain considerations to work consistent, see section B.1 for description on how RTP handles this. Unless requested otherwise by the Speed parameter, the data rate SHOULD not be changed. Implementation of scale changes depends on the server and media type. For video, a server may, for example, deliver only key frames or selected key frames. For audio, it may time-scale the audio while preserving pitch or, less desirably, deliver fragments of audio. The server should try to approximate the viewing rate, but may restrict the range of scale values that it supports. The response MUST contain the actual scale value chosen by the server. If the server does not implement the possibility to scale, it will not return a Scale header. A server supporting Scale operations for PLAY SHALL indicate this with the use of the "play.scale" feature- tags. When indicating a negative scale for a reverse playback, the Range H. Schulzrinne et. al. [Page 91] Internet Draft RTSP October 24, 2005 header MUST indicate a decreasing range as described in section 14.34. Example of playing in reverse at 3.5 times normal rate: Scale: -3.5 Range: npt=15-10 14.40 Speed The Speed request-header field requests the server to deliver data to the client at a particular speed, contingent on the server's ability and desire to serve the media stream at the given speed. Implementation by the server is OPTIONAL. The default is the bit rate of the stream. The parameter value is expressed as a decimal ratio, e.g., a value of 2.0 indicates that data is to be delivered twice as fast as normal. A speed of zero is invalid. All speeds may not be possible to support. Therefore the actual used speed MUST be included in the response. The lack of a response header is indication of lack of support from the server of this functionality. Support of the speed functionality are indicated by the "play.speed" featuretag. Example: Speed: 2.5 Use of this field changes the bandwidth used for data delivery. It is meant for use in specific circumstances where preview of the presentation at a higher or lower rate is necessary. Implementors should keep in mind that bandwidth for the session may be negotiated beforehand (by means other than RTSP), and therefore re-negotiation may be necessary. When data is delivered over UDP, it is highly recommended that means such as RTCP be used to track packet loss rates. If the data transport is performed over public best-effort networks the sender MUST perform congestion control of the stream(s). This can result in that the communicated speed is impossible to maintain. 14.41 Server See [H14.38], however the header syntax is corrected in section 19.2.3. H. Schulzrinne et. al. [Page 92] Internet Draft RTSP October 24, 2005 14.42 Session The Session request-header and response-header field identifies an RTSP session. An RTSP session is created by the server as a result of a successful SETUP request and in the response the session identifier is given to the client. The RTSP session exist until destroyed by a TEARDOWN or timed out by the server. The session identifier is chosen by the server (see Section 3.3) and MUST be returned in the SETUP response. Once a client receives a session identifier, it SHALL be included in any request related to that session. This means that the Session header MUST be included in a request using the following methods: PLAY, PAUSE, and TEARDOWN, and MAY be included in SETUP, OPTIONS, SET_PARAMETER, GET_PARAMETER, and REDIRECT, and SHALL NOT be included in DESCRIBE. In an RTSP response the session header SHALL be included in methods, SETUP, PLAY, and PAUSE, and MAY be included in methods, TEARDOWN, and REDIRECT, and if included in the request of the following methods it SHALL also be included in the response, OPTIONS, GET_PARAMETER, and SET_PARAMETER, and SHALL NOT be included in DESCRIBE. The timeout parameter MAY be included in a SETUP response, and SHALL NOT be included in requests. The server uses it to indicate to the client how long the server is prepared to wait between RTSP commands or other signs of life before closing the session due to lack of activity (see below and Section A). The timeout is measured in seconds, with a default of 60 seconds (1 minute). The length of the session timeout SHALL NOT be changed in a established session. The mechanisms for showing liveness of the client is, any RTSP request with a Session header, if RTP & RTCP is used an RTCP message, or through any other used media protocol capable of indicating liveness of the RTSP client. It is RECOMMENDED that a client does not wait to the last second of the timeout before trying to send a liveness message. The RTSP message may be lost or when using reliable protocols, such as TCP, the message may take some time to arrive safely at the receiver. To show liveness between RTSP request issued to accomplish other things, the following mechanisms can be used, in descending order of preference: RTCP: If RTP is used for media transport RTCP SHOULD be used. If RTCP is used to report transport statistics, it SHALL also work as keep alive. The server can determine the client by used network address and port together with the fact that the client is reporting on the servers SSRC(s). A downside of using RTCP is that it only gives statistical guarantees to reach the server. However that probability is so low that it can be ignored in most cases. For example, a H. Schulzrinne et. al. [Page 93] Internet Draft RTSP October 24, 2005 session with 60 seconds timeout and enough bitrate assigned to RTCP messages to send a message from client to server on average every 5 seconds. That client have for a network with 5 % packet loss, the probability to fail showing liveness sign in that session within the timeout interval of 2.4*E-16. In sessions with shorter timeout times, or much higher packet loss, or small RTCP bandwidths SHOULD also use any of the mechanisms below. SET_PARAMETER: When using SET_PARAMETER for keep alive, no body SHOULD be included. This method is the RECOMMENDED RTSP method to use in request only intended to perform keep- alive. OPTIONS: This method does also work. However it causes the server to perform unnecessary processing and result in bigger responses than necessary for the task. The reason for this is that the server needs to determine what capabilities that are associated with the media resource to correctly populate the Public and Allow headers. Note that a session identifier identifies an RTSP session across transport sessions or connections. RTSP requests for a given session can use different URIs (Presentation and media URIs). Note, that there are restrictions depending on the session which URIs that are acceptable for a given method. However, multiple "user" sessions for the same URI from the same client will require use of different session identifiers. The session identifier is needed to distinguish several delivery requests for the same URI coming from the same client. The response 454 (Session Not Found) SHALL be returned if the session identifier is invalid. 14.43 Supported The Supported header field enumerates all the extensions supported by the client or server using feature tags. The header carries the extensions supported by the message sending entity. The Supported header MAY be included in any request. When present in a request, the receiver MUST respond with its corresponding Supported header. Note, also in 4xx and 5xx responses is the supported header included. The Supported header field contains a list of feature-tags, described in Section 3.7, that are understood by the client or server. H. Schulzrinne et. al. [Page 94] Internet Draft RTSP October 24, 2005 Example: C->S: OPTIONS rtsp://example.com/ RTSP/2.0 Supported: foo, bar, blech S->C: RTSP/2.0 200 OK Supported: bar, blech, baz 14.44 Timestamp The Timestamp general-header field describes when the agent sent the request. The value of the timestamp is of significance only to the agent and may use any timescale. The responding agent MUST echo the exact same value and MAY, if it has accurate information about this, add a floating point number indicating the number of seconds that has elapsed since it has received the request. The timestamp is used by the agent to compute the round-trip time to the responding agent so that it can adjust the timeout value for retransmissions. It also resolves retransmission ambiguities for unreliable transport of RTSP. 14.45 Transport The Transport request and response header field indicates which transport protocol is to be used and configures its parameters such as destination address, compression, multicast time-to-live and destination port for a single stream. It sets those values not already determined by a presentation description. Transports are comma separated, listed in order of preference. Parameters may be added to each transport, separated by a semicolon. The server SHOULD return a Transport response-header field in the response to indicate the values actually chosen. The Transport header field MAY also be used to change certain transport parameters. A server MAY refuse to change parameters of an existing stream. A Transport request header field MAY contain a list of transport options acceptable to the client, in the form of multiple transportspec entries. In that case, the server MUST return the single (transport-spec) which was actually chosen. The number of transportspec entries is expected to be limited as the client will get guidance on what configurations that are possible from the presentation description. A transport-spec transport option may only contain one of any given parameter within it. Parameters MAY be given in any order. Additionally, it may only contain the unicast or the multicast H. Schulzrinne et. al. [Page 95] Internet Draft RTSP October 24, 2005 transport type parameter. Unknown parameters SHALL be ignored. The requester need to ensure that the responder understands the parameters through the use of feature tags and the Require header. Any parameters part of future extensions requires clarification if they are safe to ignore in accordance to this specification, or is required to be understood. If a parameter is required to be understood, then a feature tag MUST be defined for the functionality and used in the Require and/or Proxy-Require headers. The Transport header field is restricted to describing a single media stream. (RTSP can also control multiple streams as a single entity.) Making it part of RTSP rather than relying on a multitude of session description formats greatly simplifies designs of firewalls. The syntax for the transport specifier is transport/profile/lower-transport. The default value for the "lower-transport" parameters is specific to the profile. For RTP/AVP, the default is UDP. There are two different methods for how to specify where the media should be delivered: o The presence of this parameter and its values indicates the destination address or addresses (host address and port pairs for IP flows) necessary for the media transport. o The lack of the dest_addr parameter indicates that the server SHALL send media to same address for which the RTSP messages originates. Does not work for transports requiring explicitly given destination ports. The choice of method for indicating where the media is to be delivered depends on the use case. In many case the only allowed method will be to use no explicit address indication and have the server deliver media to the source of the RTSP messages. An RTSP proxy will need to take care. If the media is not desired to be routed through the proxy, the proxy will need to introduce the destination indication. Below are the configuration parameters associated with transport: H. Schulzrinne et. al. [Page 96] Internet Draft RTSP October 24, 2005 General parameters: unicast / multicast: This parameter is a mutually exclusive indication of whether unicast or multicast delivery will be attempted. One of the two values MUST be specified. Clients that are capable of handling both unicast and multicast transmission needs to indicate such capability by including two full transport-specs with separate parameters for each. layers: The number of multicast layers to be used for this media stream. The layers are sent to consecutive addresses starting at the dest_addr address. dest_addr: A general destination address parameter that can contain one or more address specifications. Each combination of Protocol/Profile/Lower Transport needs to have the format and interpretation of its address specification defined. For RTP/AVP/UDP and RTP/AVP/TCP, the address specification is a tuple containing a host address and port. The client originating the RTSP request MAY specify the destination address of the stream recipient with the host address part of the tuple. When the destination address is specified, the recipient may be a different party than the originator of the request. To avoid becoming the unwitting perpetrator of a remote-controlled denial-of-service attack, a server MUST perform security checks (see Section 20.1) and SHOULD log such attempts before allowing the client to direct a media stream to a recipient address not chosen by the server. Implementations cannot rely on TCP as reliable means of client identification. If the server does not allow the host address part of the tuple to be set, it SHALL return 463 (Destination Prohibited). The host address part of the tuple MAY be empty, for example ":58044", in cases when only destination port is desired to be specified. src_addr: A general source address parameter that can contain one or more address specifications. Each combination of Protocol/Profile/Lower Transport needs to have the format and interpretation of its address specification defined. For RTP/AVP/UDP and RTP/AVP/TCP, the address specification is a tuple containing a host address and port. This parameter MUST be specified by the server if it transmits media packets from another address than the one H. Schulzrinne et. al. [Page 97] Internet Draft RTSP October 24, 2005 RTSP messages are sent to. This will allow the client to verify source address and give it a destination address for its RTCP feedback packets if RTP is used. The address or addresses indicated in the src_addr parameter SHOULD be used both for sending and receiving of the media streams data packets. The main reasons are threefold: First, indicating the port and source address(s) lets the receiver know where from the packets is expected to originate. Secondly, traversal of NATs are greatly simplified when traffic is flowing symmetrically over a NAT binding. Thirdly, certain NAT traversal mechanisms, needs to know to which address and port to send so called "binding packets" from the receiver to the sender, thus creating a address binding in the NAT that the sender to receiver packet flow can use. This information may also be available through SDP. However, since this is more a feature of transport than media initialization, the authoritative source for this information should be in the SETUP response. mode: The mode parameter indicates the methods to be supported for this session. Valid values are PLAY and RECORD. If not provided, the default is PLAY. The RECORD value was defined in RFC 2326 and is deprecated in this specification. append: The append parameter was used together with RECORD and is now deprecated. interleaved: The interleaved parameter implies mixing the media stream with the control stream in whatever protocol is being used by the control stream, using the mechanism defined in Section 12. The argument provides the channel number to be used in the $ statement and MUST be present. This parameter MAY be specified as a range, e.g., interleaved=4-5 in cases where the transport choice for the media stream requires it, e.g. for RTP with RTCP. The channel number given in the request are only a guidance from the client to the server on what channel number(s) to use. The server MAY set any valid channel number in the response. The declared channel(s) are bi-directional, so both end-parties MAY send data on the given channel. One example of such usage is the second channel used for RTCP, where both server and client sends RTCP packets on the same channel. H. Schulzrinne et. al. [Page 98] Internet Draft RTSP October 24, 2005 This allows RTP/RTCP to be handled similarly to the way that it is done with UDP, i.e., one channel for RTP and the other for RTCP. Multicast-specific: ttl: multicast time-to-live. RTP-specific: These parameters are MAY only be used if the media transport protocol is RTP. ssrc: The ssrc parameter, if included in a SETUP response, indicates the RTP SSRC [16] value(s) that will be used by the media server for RTP packets within the stream. It is expressed as an eight digit hexadecimal value. The ssrc parameter SHALL NOT be specified in requests. The functionality of specifying the ssrc parameter in a SETUP request is deprecated as it is incompatible with the specification of RTP in RFC 3550 [16]. If the parameter is included in the Transport header of a SETUP request, the server MAY ignore it, and choose an appropriate SSRC for the stream. The server MAY set the ssrc parameter in the Transport header of the response. The combination of transport protocol, profile and lower transport needs to be defined. A number of combinations are defined in the appendix B. Below is a usage example, showing a client advertising the capability to handle multicast or unicast, preferring multicast. Since this is a unicast-only stream, the server responds with the proper transport parameters for unicast. C->S: SETUP rtsp://example.com/foo/bar/baz.rm RTSP/2.0 CSeq: 302 Transport: RTP/AVP;multicast;mode="PLAY", RTP/AVP;unicast;dest_addr="192.0.2.5:3456"/ "192.0.2.5:3457";mode="PLAY" S->C: RTSP/2.0 200 OK CSeq: 302 Date: 23 Jan 1997 15:35:06 GMT Session: 47112344 Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:3456"/ H. Schulzrinne et. al. [Page 99] Internet Draft RTSP October 24, 2005 "192.0.2.5:3457";src_addr="192.0.2.224:6256" /"192.0.2.224:6257";mode="PLAY" 14.46 Unsupported The Unsupported response-header field lists the features not supported by the server. In the case where the feature was specified via the Proxy-Require field (Section 14.31), if there is a proxy on the path between the client and the server, the proxy MUST send a response message with a status code of 551 (Option Not Supported). The request SHALL NOT be forwarded. See Section 14.37 for a usage example. 14.47 User-Agent See [H14.43] for explanation, however the syntax is clarified due to an error in RFC 2616. A Client SHOULD include this header in all RTSP messages it sends. 14.48 Vary See [H14.44] 14.49 Via See [H14.45]. 14.50 WWW-Authenticate See [H14.47]. 15 Proxies RTSP Proxies are RTSP agents that sit in between a client and a server. A proxy can take on both the role as a client and as server depending on what it tries to accomplish. Proxies are also introduced for several different reasons. Caching Proxy: This type of proxy is used to reduce the workload on servers and connections. By caching a presentation, both description and media streams the proxy can serve a client content without requesting it from the server once it has been cached and hasn't become stale. See the caching section 16. H. Schulzrinne et. al. [Page 100] Internet Draft RTSP October 24, 2005 Access Proxy: This type of proxy is used to ensure that a RTSP client get access to servers on an external network. Thus this proxy is placed on the border between two domains, e.g. a private address space and the public internet. The proxy performs the necessary translation, usually addresses, and often also media stream translation or redirection. Security Proxy: This type of proxy is used to help facilitate security functions around RTSP. For example when having a firewalled network, the security proxy request that the necessary pinholes in the firewall is opened when a client in the protected network want to access media streams on the external side. It can also provide network owners with a logging and audit point for RTSP sessions, e.g. for corporations that tracks or limits their employees access to certain type of content. All type of proxies can be used also when using secured communication with TLS as RTSP 2.0 allows the client to approve certificates for connection establishment from a proxy, see section 18.3.2. Access proxies SHOULD NOT be used in equipment like NATs and firewalls that aren't expected to be regularly maintained, like home or small office equipment. In these cases it is better to use the NAT traversal procedures defined for RTSP 2.0 [25]. The reason for these recommendations is that any extensions of RTSP resulting in new media transport protocols or profiles, new parameters etc may fail in a proxy that isn't maintained. Thus resulting in blocking further development of RTSP and its usage. The existence of proxies must always be considered when developing new RTSP extensions. There must be definition of how proxies may handle the extension, if it is required to understand it, thus requiring a feature tag to be used in the Proxy-Require header. 16 Caching In HTTP, response-request pairs are cached. RTSP differs significantly in that respect. Responses are not cacheable, with the exception of the presentation description returned by DESCRIBE. (Since the responses for anything but DESCRIBE and GET_PARAMETER do not return any data, caching is not really an issue for these requests.) However, it is desirable for the continuous media data, typically delivered out-of-band with respect to RTSP, to be cached, as well as the session description. On receiving a SETUP or PLAY request, a proxy ascertains whether it H. Schulzrinne et. al. [Page 101] Internet Draft RTSP October 24, 2005 has an up-to-date copy of the continuous media content and its description. It can determine whether the copy is up-to-date by issuing a SETUP or DESCRIBE request, respectively, and comparing the Last-Modified header with that of the cached copy. If the copy is not up-to-date, it modifies the SETUP transport parameters as appropriate and forwards the request to the origin server. Subsequent control commands such as PLAY or PAUSE then pass the proxy unmodified. The proxy delivers the continuous media data to the client, while possibly making a local copy for later reuse. The exact behavior allowed to the cache is given by the cache-response directives described in Section 14.10. A cache MUST answer any DESCRIBE requests if it is currently serving the stream to the requestor, as it is possible that low-level details of the stream description may have changed on the origin-server. Note that an RTSP cache, unlike the HTTP cache, is of the "cut- through" variety. Rather than retrieving the whole resource from the origin server, the cache simply copies the streaming data as it passes by on its way to the client. Thus, it does not introduce additional latency. To the client, an RTSP proxy cache appears like a regular media server, to the media origin server like a client. Just as an HTTP cache has to store the content type, content language, and so on for the objects it caches, a media cache has to store the presentation description. Typically, a cache eliminates all transport-references (that is, multicast information) from the presentation description, since these are independent of the data delivery from the cache to the client. Information on the encodings remains the same. If the cache is able to translate the cached media data, it would create a new presentation description with all the encoding possibilities it can offer. 17 Examples This section contains several different examples trying to illustrate possible ways of using RTSP. The examples can also help with the understanding of how functions of RTSP work. However remember that this is examples and the normative and syntax description in the other sections takes precedence. Please also note that many of the example MAY contain syntax illegal line breaks to accommodate the formatting restriction that the RFC series impose. 17.1 Media on Demand (Unicast) Client C requests a movie distributed from two different media servers A (audio.example.com ) and V (video.example.com ). The media description is stored on a web server W. The media description H. Schulzrinne et. al. [Page 102] Internet Draft RTSP October 24, 2005 contains descriptions of the presentation and all its streams, including the codecs that are available, dynamic RTP payload types, the protocol stack, and content information such as language or copyright restrictions. It may also give an indication about the timeline of the movie. In this example, the client is only interested in the last part of the movie. C->W: GET /twister.sdp HTTP/1.1 Host: www.example.com Accept: application/sdp W->C: HTTP/1.0 200 OK Date: 23 Jan 1997 15:35:06 GMT Content-Type: application/sdp Content-Length: 264 Expires: 23 Jan 1998 15:35:06 GMT v=0 o=- 2890844526 2890842807 IN IP4 192.16.24.202 s=RTSP Session e=adm@example.com a=range:npt=0-1:49:34 t=0 0 m=audio 0 RTP/AVP 0 a=control:rtsp://audio.example.com/twister/audio.en m=video 0 RTP/AVP 31 a=control:rtsp://video.example.com/twister/video C->A: SETUP rtsp://audio.example.com/twister/audio.en RTSP/2.0 CSeq: 1 User-Agent: PhonyClient/1.2 Transport: RTP/AVP/UDP;unicast;dest_addr=":3056"/":3057", RTP/AVP/TCP;unicast;interleaved=0-1 A->C: RTSP/2.0 200 OK CSeq: 1 Session: 12345678 Transport: RTP/AVP/UDP;unicast;dest_addr=":3056"/":3057"; src_addr="192.0.2.5:5000"/"192.0.2.5:5001" Date: 23 Jan 1997 15:35:12 GMT Server: PhonyServer/1.0 Expires: 24 Jan 1997 15:35:12 GMT Cache-Control: public Accept-Ranges: NPT, SMPTE H. Schulzrinne et. al. [Page 103] Internet Draft RTSP October 24, 2005 C->V: SETUP rtsp://video.example.com/twister/video RTSP/2.0 CSeq: 1 User-Agent: PhonyClient/1.2 Transport: RTP/AVP/UDP;unicast;dest_addr=":3058"/":3059", RTP/AVP/TCP;unicast;interleaved=0-1 V->C: RTSP/2.0 200 OK CSeq: 1 Session: 23456789 Transport: RTP/AVP/UDP;unicast;dest_addr=":3058"/":3059"; src_addr="192.0.2.5:5002"/"192.0.2.5:5003" Date: 23 Jan 1997 15:35:12 GMT Server: PhonyServer/1.0 Cache-Control: public Expires: 24 Jan 1997 15:35:12 GMT Accept-Ranges: NPT, SMPTE C->V: PLAY rtsp://video.example.com/twister/video RTSP/2.0 CSeq: 2 User-Agent: PhonyClient/1.2 Session: 23456789 Range: smpte=0:10:00- V->C: RTSP/2.0 200 OK CSeq: 2 Session: 23456789 Range: smpte=0:10:00-1:49:23 RTP-Info: url="rtsp://video.example.com/twister/video" ssrc=A17E189D:seq=12312232;rtptime=78712811 Server: PhonyServer/2.0 Date: 23 Jan 1997 15:35:13 GMT C->A: PLAY rtsp://audio.example.com/twister/audio.en RTSP/2.0 CSeq: 2 User-Agent: PhonyClient/1.2 Session: 12345678 Range: smpte=0:10:00- A->C: RTSP/2.0 200 OK CSeq: 2 Session: 12345678 Range: smpte=0:10:00-1:49:23 RTP-Info: url="rtsp://audio.example.com/twister/audio.en" ssrc=3D124F01:seq=876655;rtptime=1032181 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:13 GMT H. Schulzrinne et. al. [Page 104] Internet Draft RTSP October 24, 2005 C->A: TEARDOWN rtsp://audio.example.com/twister/audio.en RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 Session: 12345678 A->C: RTSP/2.0 200 OK CSeq: 3 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:36:52 GMT C->V: TEARDOWN rtsp://video.example.com/twister/video RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 Session: 23456789 V->C: RTSP/2.0 200 OK CSeq: 3 Server: PhonyServer/2.0 Date: 23 Jan 1997 15:36:52 GMT Even though the audio and video track are on two different servers, may start at slightly different times, and may drift with respect to each other, the client can synchronize the two using standard RTP methods, in particular the time scale contained in the RTCP sender reports. Initial synchronization is achieved through the RTP-Info and Range headers information in the PLAY response. 17.2 Streaming of a Container file For purposes of this example, a container file is a storage entity in which multiple continuous media types pertaining to the same end-user presentation are present. In effect, the container file represents an RTSP presentation, with each of its components being RTSP streams. Container files are a widely used means to store such presentations. While the components are transported as independent streams, it is desirable to maintain a common context for those streams at the server end. This enables the server to keep a single storage handle open easily. It also allows treating all the streams equally in case of any prioritization of streams by the server. It is also possible that the presentation author may wish to prevent H. Schulzrinne et. al. [Page 105] Internet Draft RTSP October 24, 2005 selective retrieval of the streams by the client in order to preserve the artistic effect of the combined media presentation. Similarly, in such a tightly bound presentation, it is desirable to be able to control all the streams via a single control message using an aggregate URI. The following is an example of using a single RTSP session to control multiple streams. It also illustrates the use of aggregate URIs. In a container file it is also desirable to not write any URI parts which is not kept, when the container is distributed, like the host and most of the path element. Therefore this example also uses the "*" and relative URI in the delivered SDP. Client C requests a presentation from media server M. The movie is stored in a container file. The client has obtained an RTSP URI to the container file. C->M: DESCRIBE rtsp://example.com/twister.3gp RTSP/2.0 CSeq: 1 User-Agent: PhonyClient/1.2 M->C: RTSP/2.0 200 OK CSeq: 1 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:06 GMT Content-Type: application/sdp Content-Length: 257 Content-Base: rtsp://example.com/twister.3gp/ Expires: 24 Jan 1997 15:35:06 GMT v=0 o=- 2890844256 2890842807 IN IP4 172.16.2.93 s=RTSP Session i=An Example of RTSP Session Usage e=adm@example.com a=control: * a=range: npt=0-0:10:34.10 t=0 0 m=audio 0 RTP/AVP 0 a=control: trackID=1 m=video 0 RTP/AVP 26 a=control: trackID=4 C->M: SETUP rtsp://example.com/twister.3gp/trackID=1 RTSP/2.0 CSeq: 2 User-Agent: PhonyClient/1.2 Require: play.basic H. Schulzrinne et. al. [Page 106] Internet Draft RTSP October 24, 2005 Transport: RTP/AVP;unicast;dest_addr=":8000"/":8001" M->C: RTSP/2.0 200 OK CSeq: 2 Server: PhonyServer/1.0 Transport: RTP/AVP;unicast;dest_addr=":8000"/":8001; src_addr="192.0.2.5:9000"/"192.0.2.5:9001" ssrc=93CB001E Session: 12345678 Expires: 24 Jan 1997 15:35:12 GMT Date: 23 Jan 1997 15:35:12 GMT Accept-Ranges: NPT C->M: SETUP rtsp://example.com/twister.3gp/trackID=4 RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 Require: play.basic Transport: RTP/AVP;unicast;dest_addr=":8002"/":8003" Session: 12345678 M->C: RTSP/2.0 200 OK CSeq: 3 Server: PhonyServer/1.0 Transport: RTP/AVP;unicast;dest_addr=":8002"/":8003; src_addr="192.0.2.5:9002"/"192.0.2.5:9003"; ssrc=A813FC13 Session: 12345678 Expires: 24 Jan 1997 15:35:13 GMT Date: 23 Jan 1997 15:35:13 GMT Accept-Range: NPT C->M: PLAY rtsp://example.com/twister.3gp/ RTSP/2.0 CSeq: 4 User-Agent: PhonyClient/1.2 Range: npt=0-10, npt=30- Session: 12345678 M->C: RTSP/2.0 200 OK CSeq: 4 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:14 GMT Session: 12345678 Range: npt=0-10, npt=30-623.10 RTP-Info: url="rtsp://example.com/twister.3gp/trackID=4" ssrc=0D12F123:seq=12345;rtptime=3450012, url="rtsp://example.com/twister.3gp/trackID=1"; ssrc=4F312DD8:seq=54321;rtptime=2876889 H. Schulzrinne et. al. [Page 107] Internet Draft RTSP October 24, 2005 C->M: PAUSE rtsp://example.com/twister.3gp/ RTSP/2.0 CSeq: 5 User-Agent: PhonyClient/1.2 Session: 12345678 M->C: RTSP/2.0 200 OK CSeq: 5 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:36:01 GMT Session: 12345678 Range: npt=34.57-623.10 C->M: PLAY rtsp://example.com/twister.3gp/ RTSP/2.0 CSeq: 6 User-Agent: PhonyClient/1.2 Range: npt=34.57-623.10 Session: 12345678 M->C: RTSP/2.0 200 OK CSeq: 6 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:36:01 GMT Session: 12345678 Range: npt=34.57-623.10 RTP-Info: url="rtsp://example.com/twister.3gp/trackID=4" ssrc=0D12F123:seq=12555;rtptime=6330012, url="rtsp://example.com/twister.3gp/trackID=1" ssrc=4F312DD8:seq=55021;rtptime=3132889 17.3 Single Stream Container Files Some RTSP servers may treat all files as though they are "container files", yet other servers may not support such a concept. Because of this, clients SHOULD use the rules set forth in the session description for Request-URIs, rather than assuming that a consistent URI may always be used throughout. Below are an example of how a multi-stream server might expect a single-stream file to be served: C->S: DESCRIBE rtsp://foo.com/test.wav RTSP/2.0 Accept: application/x-rtsp-mh, application/sdp CSeq: 1 User-Agent: PhonyClient/1.2 S->C: RTSP/2.0 200 OK H. Schulzrinne et. al. [Page 108] Internet Draft RTSP October 24, 2005 CSeq: 1 Content-base: rtsp://foo.com/test.wav/ Content-type: application/sdp Content-length: 148 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:06 GMT Expires: 23 Jan 1997 17:00:00 GMT v=0 o=- 872653257 872653257 IN IP4 172.16.2.187 s=mu-law wave file i=audio test t=0 0 a=control: * m=audio 0 RTP/AVP 0 a=control:streamid=0 C->S: SETUP rtsp://foo.com/test.wav/streamid=0 RTSP/2.0 Transport: RTP/AVP/UDP;unicast; dest_addr=":6970"/":6971";mode="PLAY" CSeq: 2 User-Agent: PhonyClient/1.2 S->C: RTSP/2.0 200 OK Transport: RTP/AVP/UDP;unicast;dest_addr=":6970"/":6971"; src_addr="192.0.2.5:6970"/"192.0.2.5:6971"; mode="PLAY";ssrc=EAB98712 CSeq: 2 Session: 2034820394 Expires: 23 Jan 1997 16:00:00 GMT Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:07 GMT C->S: PLAY rtsp://foo.com/test.wav/ RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 Session: 2034820394 S->C: RTSP/2.0 200 OK CSeq: 3 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:08 GMT Session: 2034820394 Range: npt=0-600 RTP-Info: url="rtsp://foo.com/test.wav/streamid=0" ssrc=0D12F123:seq=981888;rtptime=3781123 H. Schulzrinne et. al. [Page 109] Internet Draft RTSP October 24, 2005 Note the different URI in the SETUP command, and then the switch back to the aggregate URI in the PLAY command. This makes complete sense when there are multiple streams with aggregate control, but is less than intuitive in the special case where the number of streams is one. However the server has declared that the aggregated control URI in the SDP and therefore this is legal. In this case, it is also required that servers accept implementations that use the non-aggregated interpretation and use the individual media URI, like this: C->S: PLAY rtsp://example.com/test.wav/streamid=0 RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 17.4 Live Media Presentation Using Multicast The media server M chooses the multicast address and port. Here, it is assumed that the web server only contains a pointer to the full description, while the media server M maintains the full description. C->W: GET /sessions.html HTTP/2.0 Host: www.example.com W->C: HTTP/2.0 200 OK Content-Type: text/html ... ... C->M: DESCRIBE rtsp://live.example.com/concert/audio RTSP/2.0 CSeq: 1 Supported: play.basic, play.scale M->C: RTSP/2.0 200 OK CSeq: 1 Content-Type: application/sdp Content-Length: 182 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:06 GMT H. Schulzrinne et. al. [Page 110] Internet Draft RTSP October 24, 2005 Supported: play.basic v=0 o=- 2890844526 2890842807 IN IP4 192.16.24.202 s=RTSP Session m=audio 3456 RTP/AVP 0 c=IN IP4 224.2.0.1/16 a=control: rtsp://live.example.com/concert/audio a=range:npt=0- C->M: SETUP rtsp://live.example.com/concert/audio RTSP/2.0 CSeq: 2 Transport: RTP/AVP;multicast M->C: RTSP/2.0 200 OK CSeq: 2 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:06 GMT Transport: RTP/AVP;multicast;dest_addr="224.2.0.1:3456"/" 224.2.0.1:3457";ttl=16 Session: 0456804596 Accept-Ranges: NPT, UTC C->M: PLAY rtsp://live.example.com/concert/audio RTSP/2.0 CSeq: 3 Session: 0456804596 M->C: RTSP/2.0 200 OK CSeq: 3 Server: PhonyServer/1.0 Date: 23 Jan 1997 15:35:07 GMT Session: 0456804596 Range:npt=1256- RTP-Info: url="rtsp://live.example.com/concert/audio" ssrc=0D12F123:seq=1473; rtptime=80000 17.5 Capability Negotiation This examples illustrate how the client and server determines their capability to support a special feature, in this case "play.scale". The server, through the clients request and the included Supported header, learns that the client is supporting this updated specification, and also supports the playback time scaling feature of RTSP. The server's response contains the following feature related information to the client; it supports the updated specification (play.basic), the extended functionality of time scaling of content H. Schulzrinne et. al. [Page 111] Internet Draft RTSP October 24, 2005 (play.scale), and one "example.com" proprietary feature (example.com.flight). The client also learns the methods supported (Public header) by the server for the indicated resource. C->S: OPTIONS rtsp://media.example.com/movie/twister.3gp RTSP/2.0 CSeq: 1 Supported: play.basic, play.scale User-Agent: PhonyClient/1.2 S->C: RTSP/2.0 200 OK CSeq: 1 Public: OPTIONS, SETUP, PLAY, PAUSE, TEARDOWN Server: PhonyServer/2.0 Supported: play.basic, play.scale, example.com.flight When the client sends its SETUP request it tells the server that it is requires support of the play.scale feature for this session by including the Require header. C->S: SETUP rtsp://media.example.com/twister.3gp/trackID=1 RTSP/2.0 CSeq: 3 User-Agent: PhonyClient/1.2 Transport: RTP/AVP/UDP;unicast;dest_addr=":3056"/":3057", RTP/AVP/TCP;unicast;interleaved=0-1 Require: play.scale S->C: RTSP/2.0 200 OK CSeq: 3 Session: 12345678 Transport: RTP/AVP/UDP;unicast;dest_addr=":3056"/":3057"; src_addr="192.0.2.5:5000"/"192.0.2.5:5001" Server: PhonyServer/2.0 Accept-Ranges: NPT, SMPTE 18 Security Framework The RTSP security framework consists of two high level components: the pure authentication mechanisms based on HTTP authentication, and the transport protection based on TLS, which is independent of RTSP. Because of the similarity in syntax and usage between RTSP servers and HTTP servers, the security for HTTP is re-used to a large extent. H. Schulzrinne et. al. [Page 112] Internet Draft RTSP October 24, 2005 18.1 RTSP and HTTP Authentication RTSP and HTTP share common authentication schemes, and thus follow the same usage guidelines as specified in [8] and also in [H15]. Servers SHOULD implement both basic and digest [8] authentication. It should be stressed that using the HTTP authentication alone does not provide full control message security. Therefore, in environments requiring tighter security for the control messages, TLS SHOULD be used, see Section 18.2. 18.2 RTSP over TLS RTSP SHALL follow the same guidelines with regards to TLS [7] usage as specified for HTTP, see [17]. RTSP over TLS is separated from unsecured RTSP both on URI level and port level. Instead of using the "rtsp" scheme identifier in the URI, the "rtsps" scheme identifier MUST be used to signal RTSP over TLS. If no port is given in a URI with the "rtsps" scheme, port 322 SHALL be used for TLS over TCP/IP. When a client tries to setup an insecure channel to the server (using the "rtsp" URI), and the policy for the resource requires a secure channel, the server SHALL redirect the client to the secure service by sending a 301 redirect response code together with the correct Location URI (using the "rtsps" scheme). It should be noted that TLS allows for mutual authentication (when using both server and client certificates). Still, one of the more common way TLS is used is to only provide server side authentication (often to avoid client certificates). TLS is then used in addition to HTTP authentication, providing transport security and server authentication, while HTTP Authentication is used to authenticate the client. RTSP includes the possibility to keep a TCP session up between the client and server, throughout the RTSP session lifetime. It may be convenient to keep the TCP session, not only to save the extra setup time for TCP, but also the extra setup time for TLS (even if TLS uses the resume function, there will be almost two extra roundtrips). Still, when TLS is used, such behavior introduces extra active state in the server, not only for TCP and RTSP, but also for TLS. This may increase the vulnerability to DoS attacks. In addition to these recommendations, Section 18.3 gives further recommendations of TLS usage with proxies. 18.3 Security and Proxies H. Schulzrinne et. al. [Page 113] Internet Draft RTSP October 24, 2005 The nature of a proxy is often to act as a "man-in-the-middle", while security is often about preventing the existence of a "man-in-the- middle". This section provides the clients with the possibility to use proxies even when applying secure transports (TLS). The client needs to select between using the below specified procedure or using a TLS connection directly (by-passing any proxies) to the server. The choice may be dependent on policies. There are basically two categories of inspecting proxies, the transparent proxies (which the client is not aware of) and the non- transparent proxies (which the client is aware of). An infrastructure based on proxies requires that the trust model is such that both client and servers can trust the proxies to handle the RTSP messages correctly. To be able to trust a proxy, the client and server also needs to be aware of the proxy. Hence, transparent proxies cannot generally be seen as trusted and will not work well with security (unless they work only at transport layer). In the rest of this section any reference to proxy will be to a non-transparent proxy, which requires to inspect/manipulate the RTSP messages. The HTTP Authentication is built on the assumption of proxies and can provide user-proxy authentication and proxy-proxy/server authentication in addition to the client-server authentication. When TLS is applied and a proxy is used, the client will use the proxy's destination URI address when sending messages. This implies that for TLS, the client will authenticate the proxy server and not the end server. Note that, when the client checks the server certificate in TLS, it MUST check the proxy's identity (URI or possibly other known identity) against the proxy's identity as presented in the proxy's Certificate message. The problem is that for proxy accepted by the client, it needs to be provided information on which grounds it should accept the next-hop certificate. Both the proxy and the user may have rules for this, and the user have the possibility to select the desired behavior. To handle this case, the Accept-Credentials header (See Section 14.2) is used, where the client can force the proxy/proxies to relay back the certificates used by any intermediate proxies as well as the server. Given the assumption that the proxies are viewed as trusted, it gives the user a possibility to enforce policies to each trusted proxy of whether it should accept the next entity in the chain. A proxy MUST use TLS for the next hop if the RTSP request includes a "rtsps" URI. TLS MAY be applied on intermediate links (e.g. between client and proxy, or between proxy and proxy), even if the resource and the end server does not require to use it. H. Schulzrinne et. al. [Page 114] Internet Draft RTSP October 24, 2005 18.3.1 Accept-Credentials The Accept-Credentials header can be used by the client to distribute simple authorization policies to intermediate proxies. The client includes the Accept-Credentials header to dictate how the proxy treats the server/next proxy certificate. There are currently three methods defined: Any, which means that the proxy (or proxies) SHALL accept whatever certificate presented. This is of course not a recommended option to use, but may be useful in certain circumstances (such as testing). Proxy, which means that the proxy (or proxies) MUST use its own policies to validate the certificate and decide whether to accept it or not. This is convenient in cases where the user has a strong trust relation with the proxy. Reason why a strong trust relation may exist are; personal/company proxy, proxy has a out-of-band policy configuration mechanism. User, which means that the proxy (or proxies) MUST send credential information about the next hop to the client for authorization. The client can then decide whether the proxy should accept the certificate or not. See section 18.3.2 for further details. If the Accept-Credentials header is not included in the RTSP request from the client, the default method used SHALL be "Proxy". If something else than the "Proxy" method is used, the Accept- Credentials header SHALL always be included in the RTSP request from the client. This is because it cannot be assumed that the proxy always keeps the TLS state or the users previously preference between different RTSP messages (in particular if the time interval between the messages is long). The "Any" and "Proxy" methods does not require the proxy to provide any specific response, but only apply the policy as defined for respectively method. If the policy do not accept the credentials of the next hop, the entity SHALL respond with a message using status code 471 (Connection Credentials not accepted). An RTSP request in the direction server to client MUST NOT include the Accept-Credential header. As for the non-secured communication, the possibility for these request depends on the presence of a client established connection. However if the server to client request is in relation to a session established over a TLS secured channel, if MUST be sent in a TLS secured connection. That secured connection H. Schulzrinne et. al. [Page 115] Internet Draft RTSP October 24, 2005 MUST also be the one used by the last client to server request. If no such transport connection exist at the time when the server desire to send the request, it silently fails. Further policies MAY be defined and registered, but should be done so with caution. 18.3.2 User approved TLS procedure For the "User" method each proxy MUST perform the the following procedure for each RTSP request: o Setup the TLS session to the next hop if not already present (i.e. run the TLS handshake, but do not send the RTSP request). o Extract the peer certificate for the TLS session. o Check if a matching identity and hash of the peer certificate is present in the Accept-Credentials header. If present, send the message to the next hop, and conclude these procedures. If not, go to the next step. o The proxy responds to the RTSP request with a 470 or 407 response code. The 407 response code MAY be used when the proxy requires both user and connection authorization from user or client. In this message the proxy SHALL include a Connection-Credentials header, see section 14.12 with the next hop's identity and certificate. The client MUST upon receiving a 470 or 407 response with Connection-Credentials header take the decision on whether to accept the certificate or not (if it cannot do so, the user SHOULD be consulted). If the certificate is accepted, the client has to again send the RTSP request. In that request the client has to include the Accept-Credentials header including the hash over the DER encoded certificate for all trusted proxies in the chain. Example: C->P: SETUP rtsps://test.example.org/secret/audio RTSP/2.0 CSeq: 2 Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:4588"/ "192.0.2.5:4589" P->C: RTSP/2.0 470 Connection Authorization Required CSeq: 2 Connection-Credentials: "rtsps://test.example.org"; H. Schulzrinne et. al. [Page 116] Internet Draft RTSP October 24, 2005 MIIDNTCCAp... C->P: SETUP rtsps://test.example.org/secret/audio RTSP/2.0 CSeq: 2 Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:4588"/ "192.0.2.5:4589" Accept-Credentials: User "rtsps://test.example.org" ; dPYD 7txp oGTb AqZZ QJ+v aeOk yH4= ... One implication of this process is that the connection for secured RTSP messages may take significantly more round-trip times for the first message. An complete extra message exchange between the proxy connecting to the next hop and the client results because of the process for approval for each hop. However after the first message exchange the remaining message should not be delayed, if each message contains the chain of proxies that the requestor accepts. The procedure of including the credentials in each request rather than building state in each proxy, avoids the need for revocation procedures. 19 Syntax The RTSP syntax is described in an Augmented Backus-Naur Form (ABNF) as defined in RFC 4234 [4]. It uses the basic definitions present in RFC 4234. Please note that ABNF strings, e.g. "Accept", are case insensitive as specified in section 2.3 of RFC 4234. 19.1 Base Syntax RTSP header field values can be folded onto multiple lines if the continuation line begins with a space or horizontal tab. All linear white space, including folding, has the same semantics as SP. A recipient MAY replace any linear white space with a single SP before interpreting the field value or forwarding the message downstream. This is intended to behave exactly as HTTP/1.1 as described in RFC 2616 [8]. The SWS construct is used when linear white space is optional, generally between tokens and separators. To separate the header name from the rest of value, a colon is used, which, by the above rule, allows whitespace before, but no line break, and whitespace after, including a linebreak. The HCOLON defines this construct. H. Schulzrinne et. al. [Page 117] Internet Draft RTSP October 24, 2005 OCTET = %x00-FF ; any 8-bit sequence of data CHAR = %x01-7F ; any US-ASCII character (octets 1 - 127) UPALPHA = %x41-5A ; any US-ASCII uppercase letter "A".."Z" LOALPHA = %x61-7A ;any US-ASCII lowercase letter "a".."z" ALPHA = UPALPHA / LOALPHA DIGIT = %x30-39 ; any US-ASCII digit "0".."9" CTL = %x00-1F / %x7F ; any US-ASCII control character ; (octets 0 - 31) and DEL (127) CR = %x0D ; US-ASCII CR, carriage return (13 LF = %x0A ; US-ASCII LF, linefeed (10) SP = %x20 ; US-ASCII SP, space (32) HT = %x09 ; US-ASCII HT, horizontal-tab (9) DQUOTE = %x22 ; US-ASCII double-quote mark (34) BACKSLASH = %x5C ; US-ASCII backslash (92) CRLF = CR LF LWS = [CRLF] 1*( SP / HT ) SWS = [LWS] ; sep whitespace HCOLON = *( SP / HTAB ) ":" SWS TEXT = %x20-7D / %x80-FF ; any OCTET except CTLs tspecials = "(" / ")" / "<" / ">" / "@" / "," / ";" / ":" / BACKSLASH / DQUOTE / "/" / "[" / "]" / "?" / "=" / "{" / "}" / SP / HT token = 1*(%x21 / %x23-27 / %x2A-2B / %x2D-2E / %x30-39 / %x41-5A / %x5E-7A / %x7C / %x7E) ; 1* quoted-string = ( DQUOTE *qdtext DQUOTE ) qdtext = %x20-21 / %x23-7D / %x80-FF ; any TEXT except <"> quoted-pair = BACKSLASH CHAR ctext = %x20-27 / %x2A-7D / %x80-FF ; any OCTET except CTLs, "(" and ")" generic-param = token [ EQUAL gen-value ] gen-value = token / host / quoted-string safe = "$" / "-" / "_" / "." / "+" extra = "!" / "*" / "'" / "(" / ")" / "," rtsp-extra = "!" / "*" / "'" / "(" / ")" HEX = DIGIT / "A" / "B" / "C" / "D" / "E" / "F" / "a" / "b" / "c" / "d" / "e" / "f" LHEX = DIGIT / %x61-66 ;lowercase a-f reserved = ";" / "/" / "?" / ":" / "@" / "&" / "=" unreserved = ALPHA / DIGIT / safe / extra rtsp-unreserved = ALPHA / DIGIT / safe / rtsp-extra H. Schulzrinne et. al. [Page 118] Internet Draft RTSP October 24, 2005 base64 = *base64-unit [base64-pad] base64-unit = 4base64-char base64-pad = (2base64-char "==") / (3base64-char "=") base64-char = ALPHA / DIGIT / "+" / "/" SLASH = SWS "/" SWS ; slash EQUAL = SWS "=" SWS ; equal LPAREN = SWS "(" SWS ; left parenthesis RPAREN = SWS ")" SWS ; right parenthesis COMMA = SWS "," SWS ; comma SEMI = SWS ";" SWS ; semicolon COLON = SWS ":" SWS ; colon LDQUOT = SWS DQUOTE ; open double quotation mark RDQUOT = DQUOTE SWS ; close double quotation mark RAQUOT = ">" SWS ; right angle quote LAQUOT = SWS "<" ; left angle quote TEXT-UTF8char = %x21-7E / UTF8-NONASCII UTF8-NONASCII = %xC0-DF 1UTF8-CONT / %xE0-EF 2UTF8-CONT / %xF0-F7 3UTF8-CONT / %xF8-FB 4UTF8-CONT / %xFC-FD 5UTF8-CONT UTF8-CONT = %x80-BF 19.2 RTSP Protocol Definition 19.2.1 Generic Protocol elements URI-reference = RTSP-URI / relative-ref relative-ref = < As defined in RFC 3986 [6]> RTSP-URI = rtsp-uri-def / rtsps-uri-def / rtspu-uri-def rtsp-uri-def = "rtsp:" rtsp-uri-rest rtsps-uri-def = "rtsps:" rtsp-uri-rest rtspu-uri-def = "rtspu:" rtsp-uri-rest rtsp-uri-rest = "//" host [":" port] [abs-path-def] [frag-def] abs-path-def = abs-path ["?" query] frag-def = "#" fragment host = abs-path = port = *DIGIT ; Is expected to be 1*5DIGIT query = fragment = absolute-URI = IPv4address = 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT H. Schulzrinne et. al. [Page 119] Internet Draft RTSP October 24, 2005 IPv6address = hexpart [ ":" IPv4address ] hexpart = hexseq / hexseq "::" [ hexseq ] / "::" [ hexseq ] hexseq = hex4 *( ":" hex4) hex4 = 1*4HEXDIG smpte-range = smpte-type "=" smpte-range-spec ;Section 3.4 smpte-range-spec = ( smpte-time "-" [ smpte-time ] ) / ( "-" smpte-time ) smpte-type = "smpte" / "smpte-30-drop" / "smpte-25" / smpte-type-extension ; other timecodes may be added smpte-type-extension = token smpte-time = 1*2DIGIT ":" 1*2DIGIT ":" 1*2DIGIT [ ":" 1*2DIGIT [ "." 1*2DIGIT ] ] npt-range = "npt=" npt-range-spec ; Section 3.5 npt-range-spec = ( npt-time "-" [ npt-time ] ) / ( "-" npt-time ) npt-time = "now" / npt-sec / npt-hhmmss npt-sec = 1*DIGIT [ "." *DIGIT ] npt-hhmmss = npt-hh ":" npt-mm ":" npt-ss [ "." *DIGIT ] npt-hh = 1*DIGIT ; any positive number npt-mm = 1*2DIGIT ; 0-59 npt-ss = 1*2DIGIT ; 0-59 utc-range = "clock=" utc-range-spec ; Section 3.6 utc-range-spec = ( utc-time "-" [ utc-time ] ) / ( "-" utc-time ) utc-time = utc-date "T" utc-clock "Z" utc-date = 8DIGIT ; < YYYYMMDD > utc-clock = 6DIGIT [ "." fraction ]; < HHMMSS.fraction > fraction = 1*DIGIT feature-tag = token session-id = 8*( ALPHA / DIGIT / safe ) extension-header = header-name HCOLON header-value header-name = token header-value = *(TEXT-UTF8char / UTF8-CONT / LWS) 19.2.2 Message Syntax H. Schulzrinne et. al. [Page 120] Internet Draft RTSP October 24, 2005 RTSP-message = Request / Response ; RTSP/2.0 messages Request = Request-Line ; Section 6.1 *( general-header ; Section 5 / request-header ; Section 6.2 / entity-header ) ; Section 8.1 CRLF [ message-body ] ; Section 4.3 Response = Status-Line ; Section 7.1 *( general-header ; Section 5 / response-header ; Section 7.1.2 / entity-header ) ; Section 8.1 CRLF [ message-body ] ; Section 4.3 Request-Line = Method SP Request-URI SP RTSP-Version CRLF Status-Line = RTSP-Version SP Status-Code SP Reason-Phrase CRLF Method = "DESCRIBE" ; Section 11.2 / "GET_PARAMETER" ; Section 11.7 / "OPTIONS" ; Section 11.1 / "PAUSE" ; Section 11.5 / "PLAY" ; Section 11.4 / "REDIRECT" ; Section 11.9 / "SETUP" ; Section 11.3 / "SET_PARAMETER" ; Section 11.8 / "TEARDOWN" ; Section 11.6 / extension-method extension-method = token Request-URI = "*" / RTSP-URI RTSP-Version = "RTSP/" 1*DIGIT "." 1*DIGIT message-body = 1*OCTET Status-Code = "100" ; Continue / "200" ; OK / "201" ; Created / "250" ; Low on Storage Space / "300" ; Multiple Choices / "301" ; Moved Permanently / "302" ; Moved Temporarily H. Schulzrinne et. al. [Page 121] Internet Draft RTSP October 24, 2005 / "303" ; See Other / "304" ; Not Modified / "305" ; Use Proxy / "400" ; Bad Request / "401" ; Unauthorized / "402" ; Payment Required / "403" ; Forbidden / "404" ; Not Found / "405" ; Method Not Allowed / "406" ; Not Acceptable / "407" ; Proxy Authentication Required / "408" ; Request Time-out / "410" ; Gone / "411" ; Length Required / "412" ; Precondition Failed / "413" ; Request Entity Too Large / "414" ; Request-URI Too Large / "415" ; Unsupported Media Type / "451" ; Parameter Not Understood / "452" ; reserved / "453" ; Not Enough Bandwidth / "454" ; Session Not Found / "455" ; Method Not Valid in This State / "456" ; Header Field Not Valid for Resource / "457" ; Invalid Range / "458" ; Parameter Is Read-Only / "459" ; Aggregate operation not allowed / "460" ; Only aggregate operation allowed / "461" ; Unsupported transport / "462" ; Destination unreachable / "463" ; Destination Prohibited / "470" ; Connection Authorization Required / "471" ; Connection Credentials not accepted / "500" ; Internal Server Error / "501" ; Not Implemented / "502" ; Bad Gateway / "503" ; Service Unavailable / "504" ; Gateway Time-out / "505" ; RTSP Version not supported / "551" ; Option not supported / extension-code extension-code = 3DIGIT Reason-Phrase = *TEXT general-header = Cache-Control ; Section 14.10 / Connection ; Section 14.11 H. Schulzrinne et. al. [Page 122] Internet Draft RTSP October 24, 2005 / CSeq ; Section 14.19 / Date ; Section 14.20 / Proxy-Supported ; Section 14.32 / Supported ; Section 14.43 / Timestamp ; Section 14.44 / Via ; Section 14.49 / extension-header request-header = Accept ; Section 14.1 and [H14.1] / Accept-Credentials ; Section 14.2 / Accept-Encoding ; Section 14.3 and [H14.3] / Accept-Language ; Section 14.4 and [H14.4] / Authorization ; Section 14.7 and [H14.8] / Bandwidth ; Section 14.8 / Blocksize ; Section 14.9 / From ; Section 14.23 / If-Match ; Section 14.25 / If-Modified-Since ; Section 14.26 and [H14.25] / If-None-Match ; Section 14.27 / Proxy-Require ; Section 14.31 / Range ; Section 14.34 / Referer ; Section 14.35 / Require ; Section 14.37 / Scale ; Section 14.39 / Session ; Section 14.42 / Speed ; Section 14.40 / Supported ; Section 14.43 / Transport ; Section 14.45 / User-Agent ; Section 14.47 / extension-header response-header = Accept-Credentials ; Section 14.2 / Accept-Ranges ; Section 14.5 / Connection-Creds ; Section 14.12 / ETag ; Section 14.21 / Location ; Section 14.29 / Proxy-Authenticate ; Section 14.30 / Public ; Section 14.33 / Range ; Section 14.34 / Retry-After ; Section 14.36 / RTP-Info ; Section 14.38 / Scale ; Section 14.39 / Session ; Section 14.42 / Server ; Section 14.41 H. Schulzrinne et. al. [Page 123] Internet Draft RTSP October 24, 2005 / Speed ; Section 14.40 / Transport ; Section 14.45 / Unsupported ; Section 14.46 / Vary ; Section 14.48 / WWW-Authenticate ; Section 14.50 / extension-header entity-header = Allow ; Section 14.6 / Content-Base ; Section 14.13 / Content-Encoding ; Section 14.14 / Content-Language ; Section 14.15 / Content-Length ; Section 14.16 / Content-Location ; Section 14.17 / Content-Type ; Section 14.18 / Expires ; Section 14.22 and [H14.21] / Last-Modified ; Section 14.28 / extension-header 19.2.3 Header Syntax All header syntaxes not defined in this section are defined in section 14 of the HTTP 1.1 specification [3]. Accept = Accept-name HCOLON [ accept-range *(COMMA accept-range) ] accept-range = media-range *(SEMI accept-param) media-range = ( "*/*" / ( m-type SLASH "*" ) / ( m-type SLASH m-subtype ) ) *( SEMI m-parameter ) accept-param = ("q" EQUAL qvalue) / generic-param qvalue = ( "0" [ "." *3DIGIT ] ) / ( "1" [ "." *3("0") ] ) Accept-Credentials = "Accept-Credentials" HCOLON cred-decision CRLF cred-decision = ("User" COMMA [cred-info]) / "Proxy" / "Any" / token ; For future extensions cred-info = cred-info-data *(COMMA cred-info-data) cred-info-data = DQUOTE RTSP-URI DQUOTE SEMI base64 Accept-Encoding = "Accept-Encoding" HCOLON [ encoding *(COMMA encoding) ] encoding = codings *(SEMI accept-param) codings = content-coding / "*" H. Schulzrinne et. al. [Page 124] Internet Draft RTSP October 24, 2005 content-coding = token Accept-Language = "Accept-Language" HCOLON [ language *(COMMA language) ] language = language-range *(SEMI accept-param) language-range = ( ( 1*8ALPHA *( "-" 1*8ALPHA ) ) / "*" ) Accept-Ranges = "Accept-Ranges" HCOLON acceptable-ranges CRLF acceptable-ranges = (range-unit *(COMMA range-unit)) / "none" range-unit = "NPT" / "SMPTE" / "UTC" / extension-format extension-format = token Allow = "Allow" HCOLON [Method *(COMMA Method)] Authorization = "Authorization" HCOLON credentials credentials = ("Digest" LWS digest-response) / other-response digest-response = dig-resp *(COMMA dig-resp) dig-resp = username / realm / nonce / digest-uri / dresponse / algorithm / cnonce / opaque / message-qop / nonce-count / auth-param username = "username" EQUAL username-value username-value = quoted-string digest-uri = "uri" EQUAL LDQUOT digest-uri-value RDQUOT digest-uri-value = Request-URI ; by HTTP/1.1 message-qop = "qop" EQUAL qop-value cnonce = "cnonce" EQUAL cnonce-value cnonce-value = nonce-value nonce-count = "nc" EQUAL nc-value nc-value = 8LHEX dresponse = "response" EQUAL request-digest request-digest = LDQUOT 32LHEX RDQUOT auth-param = auth-param-name EQUAL ( token / quoted-string ) auth-param-name = token other-response = auth-scheme LWS auth-param *(COMMA auth-param) auth-scheme = token Bandwidth = "Bandwidth" HCOLON 1*DIGIT CRLF Blocksize = "Blocksize" HCOLON 1*DIGIT CRLF Cache-Control = "Cache-Control" HCOLON cache-directive CRLF *(COMMA cache-directive) cache-directive = cache-rqst-directive / cache-rspns-directive cache-rqst-directive = "no-cache" / "max-stale" [EQUAL delta-seconds] H. Schulzrinne et. al. [Page 125] Internet Draft RTSP October 24, 2005 / "min-fresh" EQUAL delta-seconds / "only-if-cached" / cache-extension cache-rspns-directive = "public" / "private" / "no-cache" / "no-transform" / "must-revalidate" / "proxy-revalidate" / "max-age" EQUAL delta-seconds / cache-extension cache-extension = token [EQUAL (token / quoted-string)] delta-seconds = 1*DIGIT Connection-Creds = "Connection-Credentials" HCOLON cred-info CRLF Connection = "Connection" HCOLON (connection-token) *(COMMA connection-token) CRLF connection-token = token Content-Base = "Content-Base" HCOLON URI-reference CRLF Content-Encoding = "Content-Encoding" HCOLON content-coding *(COMMA content-coding) Content-Language = "Content-Language" HCOLON language-tag *(COMMA language-tag) language-tag = primary-tag *( "-" subtag ) primary-tag = 1*8ALPHA subtag = 1*8ALPHA Content-Length = "Content-Length" HCOLON 1*DIGIT Content-Location = "Content-Location" HCOLON URI-reference Content-Type = ( "Content-Type" / "c" ) HCOLON media-type media-type = m-type SLASH m-subtype *(SEMI m-parameter) m-type = discrete-type / composite-type discrete-type = "text" / "image" / "audio" / "video" / "application" / extension-token composite-type = "message" / "multipart" / extension-token extension-token = ietf-token / x-token ietf-token = token x-token = "x-" token m-subtype = extension-token / iana-token iana-token = token m-parameter = m-attribute EQUAL m-value m-attribute = token m-value = token / quoted-string CSeq = "Cseq" HCOLON 1*DIGIT CRLF Date = "Date" HCOLON RTSP-date RTSP-date = rfc1123-date ; HTTP-date rfc1123-date = wkday "," SP date1 SP time SP "GMT" H. Schulzrinne et. al. [Page 126] Internet Draft RTSP October 24, 2005 date1 = 2DIGIT SP month SP 4DIGIT ; day month year (e.g., 02 Jun 1982) time = 2DIGIT ":" 2DIGIT ":" 2DIGIT ; 00:00:00 - 23:59:59 wkday = "Mon" / "Tue" / "Wed" / "Thu" / "Fri" / "Sat" / "Sun" month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" / "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec" ETag = "ETag" HCOLON entity-tag Expires = "Expires" HCOLON delta-seconds From = "From" HCOLON from-spec from-spec = ( name-addr / addr-spec ) *( SEMI from-param ) name-addr = [ display-name ] LAQUOT addr-spec RAQUOT addr-spec = RTSP-URI / absolute-URI display-name = *(token LWS)/ quoted-string from-param = tag-param / generic-param tag-param = "tag" EQUAL token If-Match = "If-Match" HCOLON ( "*" / entity-tag-list) entity-tag-list = entity-tag *(COMMA entity-tag) entity-tag = [ weak ] opaque-tag weak = "W/" opaque-tag = quoted-string If-Modified-Since = "If-Modified-Since" HCOLON RTSP-date If-None-Match = "If-None-Match" HCOLON ("*" / entity-tag-list) Last-Modified = "Last-Modified" HCOLON RTSP-date Location = "Location" HCOLON RTSP-URI Proxy-Authenticate = "Proxy-Authenticate" HCOLON challenge challenge = ("Digest" LWS digest-cln *(COMMA digest-cln)) / other-challenge other-challenge = auth-scheme LWS auth-param *(COMMA auth-param) digest-cln = realm / domain / nonce / opaque / stale / algorithm / qop-options / auth-param realm = "realm" EQUAL realm-value realm-value = quoted-string domain = "domain" EQUAL LDQUOT URI *( 1*SP URI ) RDQUOT URI = RTSP-URI / abs-path nonce = "nonce" EQUAL nonce-value nonce-value = quoted-string opaque = "opaque" EQUAL quoted-string stale = "stale" EQUAL ( "true" / "false" ) algorithm = "algorithm" EQUAL ("MD5" / "MD5-sess" / token) qop-options = "qop" EQUAL LDQUOT qop-value *("," qop-value) RDQUOT qop-value = "auth" / "auth-int" / token H. Schulzrinne et. al. [Page 127] Internet Draft RTSP October 24, 2005 Proxy-Require = "Proxy-Require" HCOLON feature-tag CRLF *(COMMA feature-tag) Proxy-Supported = "Proxy-Supported" HCOLON feature-tag *(COMMA feature-tag) CRLF Public = "Public" HCOLON Method *(COMMA Method) CRLF Range = "Range" HCOLON ranges-list [exec-time] CRLF ranges-list = ranges-spec *(COMMA ranges-spec) exec-time = SEMI "time" EQUAL utc-time ranges-spec = npt-range / utc-range / smpte-range Referer = "Referer" HCOLON URI-reference Require = "Require" HCOLON feature-tag-list CRLF feature-tag-list = feature-tag *(COMMA feature-tag) RTP-Info = "RTP-Info" HCOLON rtsp-info-spec *(COMMA rtsp-info-spec) CRLF rtsp-info-spec = stream-url 1*ssrc-parameter stream-url = "url" EQUAL DQUOTE URI-reference DQUOTE ssrc-parameter = LWS "ssrc" EQUAL ssrc HCOLON ri-parameter *(SEMI ri-parameter) ri-parameter = "seq" EQUAL 1*DIGIT / "rtptime" EQUAL 1*DIGIT Retry-After = "Retry-After" HCOLON delta-seconds [ comment ] *( SEMI retry-param ) retry-param = ("duration" EQUAL delta-seconds) / generic-param Scale = "Scale" HCOLON ["-"] 1*DIGIT [ "." *DIGIT ] CRLF Speed = "Speed" HCOLON 1*DIGIT [ "." *DIGIT ] CRLF Server = "Server" HCOLON ( product / comment ) *(LWS (product / comment)) CRLF product = token [SLASH product-version] product-version = token comment = LPAREN *( ctext / quoted-pair) RPAREN Session = "Session" HCOLON session-id [ SEMI "timeout" EQUAL delta-seconds ] CRLF Supported = "Supported" HCOLON [feature-tag-list] CRLF Timestamp = "Timestamp" HCOLON timestamp-value LWS [delay] timestamp-value = *DIGIT [ "." *DIGIT ] delay = *DIGIT [ "." *DIGIT ] Transport = "Transport" HCOLON transport-spec *(COMMA transport-spec) CRLF H. Schulzrinne et. al. [Page 128] Internet Draft RTSP October 24, 2005 transport-spec = transport-id *tr-parameter transport-id = trans-id-rtp / other-trans trans-id-rtp = "RTP/" profile ["/" lower-transport] ; no LWS is allowed inside transport-id other-trans = token *("/" token) profile = "AVP" / "SAVP" / "AVPF" / token lower-transport = "TCP" / "UDP" / token tr-parameter = SEMI ( "unicast" / "multicast" ) / SEMI "interleaved" EQUAL channel [ "-" channel ] / SEMI "append" / SEMI "ttl" EQUAL ttl / SEMI "layers" EQUAL 1*DIGIT / SEMI "ssrc" EQUAL ssrc *(SLASH ssrc) / SEMI "client_ssrc" EQUAL ssrc / SEMI "mode" EQUAL mode-spec / SEMI "dest_addr" EQUAL addr-list / SEMI "src_addr" EQUAL addr-list / SEMI trn-param-ext trn-param-ext = par-name EQUAL trn-par-value par-name = token trn-par-value = *(rtsp-unreserved / DQUOTE *TEXT DQUOTE) ttl = 1*3DIGIT ; 0 to 255 ssrc = 8HEX channel = 1*3DIGIT mode-spec = ( DQUOTE mode *(COMMA mode) DQUOTE ) mode = "PLAY" / "RECORD" / token addr-list = quoted-addr *(SLASH quoted-addr) quoted-addr = DQUOTE (host-port / extension-addr) DQUOTE host-port = host [":" port] / ":" port extension-addr = 1*qdtext Unsupported = "Unsupported" HCOLON feature-tag-list CRLF User-Agent = "User-Agent" HCOLON ( product / comment ) 0*(LWS (product / comment)) CRLF Vary = "Vary" HCOLON ( "*" / field-name-list) field-name-list = field-name *(COMMA field-name) field-name = token Via = "Via" HCOLON via-parm *(COMMA via-parm) via-parm = sent-protocol LWS sent-by *( SEMI via-params ) via-params = via-ttl / via-maddr / via-received / via-branch / via-extension H. Schulzrinne et. al. [Page 129] Internet Draft RTSP October 24, 2005 via-ttl = "ttl" EQUAL ttl via-maddr = "maddr" EQUAL host via-received = "received" EQUAL (IPv4address / IPv6address) via-branch = "branch" EQUAL token via-extension = generic-param sent-protocol = protocol-name SLASH protocol-version SLASH transport-prot protocol-name = "RTSP" / token protocol-version = token transport-prot = "UDP" / "TCP" / "TLS" / other-transport other-transport = token sent-by = host [ COLON port ] WWW-Authenticate = "WWW-Authenticate" HCOLON challenge 19.3 SDP extension Syntax This section defines in ABNF the SDP extensions defined for RTSP. See section C for the definition of the extensions in text. control-attribute = "a=control:" *SP RTSP-URI a-range-def = "a=range:" ranges-spec CRLF a-etag-def = "a=etag:" etag-string CRLF etag-string = 1*(%x01-09/%x0B-0C/%x0E-FF) 20 Security Considerations Because of the similarity in syntax and usage between RTSP servers and HTTP servers, the security considerations outlined in [H15] apply. Specifically, please note the following: Abuse of Server Log Information: RTSP and HTTP servers will presumably have similar logging mechanisms, and thus should be equally guarded in protecting the contents of those logs, thus protecting the privacy of the users of the servers. See [H15.1.1] for HTTP server recommendations regarding server logs. Transfer of Sensitive Information: There is no reason to believe that information transferred via RTSP may be any less sensitive than that normally transmitted via HTTP. Therefore, all of the precautions regarding the protection of data privacy and user privacy apply to implementors of RTSP clients, servers, and proxies. See [H15.1.2] for further details. H. Schulzrinne et. al. [Page 130] Internet Draft RTSP October 24, 2005 Attacks Based On File and Path Names: Though RTSP URIs are opaque handles that do not necessarily have file system semantics, it is anticipated that many implementations will translate portions of the Request-URIs directly to file system calls. In such cases, file systems SHOULD follow the precautions outlined in [H15.5], such as checking for ".." in path components. Personal Information: RTSP clients are often privy to the same information that HTTP clients are (user name, location, etc.) and thus should be equally sensitive. See [H15.1] for further recommendations. Privacy Issues Connected to Accept Headers: Since may of the same "Accept" headers exist in RTSP as in HTTP, the same caveats outlined in [H15.1.4] with regards to their use should be followed. DNS Spoofing: Presumably, given the longer connection times typically associated to RTSP sessions relative to HTTP sessions, RTSP client DNS optimizations should be less prevalent. Nonetheless, the recommendations provided in [H15.3] are still relevant to any implementation which attempts to rely on a DNS-to-IP mapping to hold beyond a single use of the mapping. Location Headers and Spoofing: If a single server supports multiple organizations that do not trust each another, then it needs to check the values of Location and Content- Location header fields in responses that are generated under control of said organizations to make sure that they do not attempt to invalidate resources over which they have no authority. ([H15.4]) In addition to the recommendations in the current HTTP specification (RFC 2616 [3], as of this writing) and also of the previous RFC2068 [18], future HTTP specifications may provide additional guidance on security issues. The following are added considerations for RTSP implementations. Concentrated denial-of-service attack: The protocol offers the opportunity for a remote-controlled denial-of-service attack. See Section . Session hijacking: Since there is no or little relation between a transport layer connection and an RTSP session, it is possible for a malicious client to issue requests with H. Schulzrinne et. al. [Page 131] Internet Draft RTSP October 24, 2005 random session identifiers which would affect unsuspecting clients. The server SHOULD use a large, random and non- sequential session identifier to minimize the possibility of this kind of attack. For real session security, client authentication needs to be performed. Authentication: Servers SHOULD implement both basic and digest [8] authentication. In environments requiring tighter security for the control messages, the transport layer mechanism TLS (RFC 2246 [7]) SHOULD be used. Stream issues: RTSP only provides for stream control. Stream delivery issues are not covered in this section, nor in the rest of this draft. RTSP implementations will most likely rely on other protocols such as RTP, IP multicast, RSVP and IGMP, and should address security considerations brought up in those and other applicable specifications. Persistently suspicious behavior: RTSP servers SHOULD return error code 403 (Forbidden) upon receiving a single instance of behavior which is deemed a security risk. RTSP servers SHOULD also be aware of attempts to probe the server for weaknesses and entry points and MAY arbitrarily disconnect and ignore further requests clients which are deemed to be in violation of local security policy. 20.1 Remote denial of Service Attack The attacker may initiate traffic flows to one or more IP addresses by specifying them as the destination in SETUP requests. While the attacker's IP address may be known in this case, this is not always useful in prevention of more attacks or ascertaining the attackers identity. Thus, an RTSP server MUST only allow client-specified destinations for RTSP-initiated traffic flows if the server has ensured that the specified destination address accepts receiving media through different security mechanisms. Security mechanism that are acceptable in an increased generality are; verification of the client's identity, either against a database of known users using RTSP authentication mechanisms (preferably digest authentication or stronger); a list of addresses that accept to be media destinations, especially considering user identity; and media path based verification. The server SHOULD NOT allow the destination field to be set unless a mechanism exists in the system to authorize the request originator to direct streams to the recipient. It is preferred that this authorization be performed by the recipient itself and the credentials passed along to the server. However, in certain cases, H. Schulzrinne et. al. [Page 132] Internet Draft RTSP October 24, 2005 such as when recipient address is a multicast group, or when the recipient is unable to communicate with the server in an out-of-band manner, this may not be possible. In these cases server may chose another method such as a server-resident authorization list to ensure that the request originator has the proper credentials to request stream delivery to the recipient. 21 IANA Considerations This section set up a number of registers for RTSP 2.0 that should be maintained by IANA. For each registry there is a description on what it is required to contain, what specification is needed when adding a entry with IANA, and finally the entries that this document needs to register. See also the section 1.6 "Extending RTSP". There is also an IANA registration of two SDP attributes. The sections describing how to register an item uses some of the requirements level described in RFC 2434 [19], namely "First Come, First Served", "Specification Required", and "Standards Action". A registration request to IANA MUST contain the following information: o A name of the item to register according to the rules specified by the intended registry. o Indication of who has change control over the feature (for example, IETF, ISO, ITU-T, other international standardization bodies, a consortium, a particular company or group of companies, or an individual); o A reference to a further description, if available, for example (in order of preference) an RFC, a published standard, a published paper, a patent filing, a technical report, documented source code or a computer manual; o For proprietary features, contact information (postal and email address); 21.1 Feature-tags 21.1.1 Description When a client and server try to determine what part and functionality of the RTSP specification and any future extensions that its counter part implements there is need for a namespace. This registry contains named entries representing certain functionality. H. Schulzrinne et. al. [Page 133] Internet Draft RTSP October 24, 2005 The usage of feature-tags is explained in section 10 and 11.1. 21.1.2 Registering New Feature-tags with IANA The registering of feature-tags is done on a first come, first served basis. The name of the feature MUST follow these rules: The name may be of any length, but SHOULD be no more than twenty characters long. The name MUST NOT contain any spaces, or control characters. The registration SHALL indicate if the feature tag applies to clients, servers, or proxies only or any combinations of these. Any proprietary feature SHALL have as the first part of the name a vendor tag, which identifies the organization. 21.1.3 Registered entries The following feature-tags are in this specification defined and hereby registered. The change control belongs to the Authors and the IETF MMUSIC WG. play.basic: The minimal implementation for playback operations according to section D. Applies for both clients, servers and proxies. play.scale: Support of scale operations for media playback. Applies only for servers. play.speed: Support of the speed functionality for playback. Applies only for servers 21.2 RTSP Methods 21.2.1 Description What a method is, is described in section 11. Extending the protocol with new methods allow for totally new functionality. 21.2.2 Registering New Methods with IANA A new method MUST be registered through an IETF standard track document. The reason is that new methods may radically change the protocols behavior and purpose. A specification for a new RTSP method MUST consist of the following items: o A method name which follows the ABNF rules for methods. H. Schulzrinne et. al. [Page 134] Internet Draft RTSP October 24, 2005 o A clear specification on what action and response a request with the method will result in. Which directions the method is used, C -> S or S -> C or both. How the use of headers, if any, modifies the behavior and effect of the method. o A list or table specifying which of the registered headers that are allowed to use with the method in request or/and response. o Describe how the method relates to network proxies. 21.2.3 Registered Entries This specification, RFCXXXX, registers 9 methods: DESCRIBE, GET_PARAMETER, OPTIONS, PAUSE, PLAY, REDIRECT, SETUP, SET_PARAMETER, and TEARDOWN. 21.3 RTSP Status Codes 21.3.1 Description A status code is the three digit numbers used to convey information in RTSP response messages, see 7. The number space is limited and care should be taken not to fill the space. 21.3.2 Registering New Status Codes with IANA A new status code can only be registered by an IETF standards track document. A specification for a new status code MUST specify the following: o The requested number. o A description what the status code means and the expected behavior of the sender and receiver of the code. 21.3.3 Registered Entries RFCXXX, registers the numbered status code defined in the ABNF entry "Status-Code" except "extension-code" in section 19.2.2. 21.4 RTSP Headers 21.4.1 Description By specifying new headers a method(s) can be enhanced in many different ways. An unknown header will be ignored by the receiving entity. If the new header is vital for a certain functionality, a H. Schulzrinne et. al. [Page 135] Internet Draft RTSP October 24, 2005 feature-tag for the functionality can be created and demanded to be used by the counter-part with the inclusion of a Require header carrying the feature-tag. 21.4.2 Registering New Headers with IANA A public available specification is required to register a header. The specification SHOULD be a standards document, preferable an IETF RFC. The specification MUST contain the following information: o The name of the header. o An ABNF specification of the header syntax. o A list or table specifying when the header may be used, encompassing all methods, their request or response, the direction (C -> S or S -> C). o How the header is to be handled by proxies. o A description of the purpose of the header. 21.4.3 Registered entries All headers specified in section 14 in RFCXXXX are to be registered. Furthermore the following RTSP headers defined in other specifications are registered: o x-wap-profile defined in [36]. o x-wap-profile-diff defined in [36]. o x-wap-profile-warning defined in [36]. o x-predecbufsize defined in [36]. o x-initpredecbufperiod defined in [36]. o x-initpostdecbufperiod defined in [36]. o 3gpp-videopostdecbufsize defined in [36]. o 3GPP-Link-Char defined in [36]. o 3GPP-Adaptation defined in [36]. H. Schulzrinne et. al. [Page 136] Internet Draft RTSP October 24, 2005 o 3GPP-QoE-Metrics defined in [36]. o 3GPP-QoE-Feedback defined in [36]. The use of "X-" is NOT RECOMMENDED but the above headers in the register list was defined prior to the clarification. 21.5 Transport Header registries The transport header contains a number of parameters which have possibilities for future extensions. Therefore registries for these needs to be defined. 21.5.1 Transport Protocols A registry for the parameter transport-protocol SHALL be defined with the following rules: o Registering require an public available standards specification. o A contact person or organization with address and email. o A value definition that are following the ABNF token definition. o A describing text that explains how the registered value are used in RTSP. This specification registers 1 value: o Use of the RTP [16] protocol for media transport. The usage is explained in RFC XXXX, appendix B.1. 21.5.2 Profile A registry for the parameter profile SHALL be defined with the following rules: o Registering requires public available standards specification. o A contact person or organization with address and email. o A value definition that are following the BNF token definition. o A definition of which Transport protocol(s) that this profile is valid for. H. Schulzrinne et. al. [Page 137] Internet Draft RTSP October 24, 2005 o A describing text that explains how the registered value are used in RTSP. This specification registers 3 value: o The "RTP profile for audio and video conferences with minimal control" [2] MUST only be used when the transport specification's transport-protocol is "RTP". o The "Extended RTP Profile for RTCP-based Feedback (RTP/AVPF)" [20] MUST only be used when the transport specification's transport-protocol is "RTP" o The "The Secure Real-time Transport Protocol (SRTP)" [21] MUST only be used when the transport specification's transport- protocol is "RTP". 21.5.3 Lower Transport A registry for the parameter lower-transport SHALL be defined with the following rules: o Registering requires public available standards specification. o A contact person or organization with address and email. o A value definition that are following the BNF token definition. o A text describing how the registered value are used in RTSP. This specification registers 2 values: UDP: Indicates the use of the "User datagram protocol" [9] for media transport. TCP: Indicates the use Transmission control protocol [10] for media transport. 21.5.4 Transport modes A registry for the transport parameter mode SHALL be defined with the following rules: o Registering requires an IETF standard tracks document. o A contact person or organization with address and email. H. Schulzrinne et. al. [Page 138] Internet Draft RTSP October 24, 2005 o A value definition that are following the ABNF token definition. o A describing text that explains how the registered value are used in RTSP. This specification registers 1 values: PLAY: See RFC XXXX. 21.5.5 Transport Parameters A registry for parameters that may be included in the Transport header SHALL be defined with the following rules: o Registering required a Open Standards document o A value definition that are following the ABNF token definition. o A describing text that explains how the registered value are used in RTSP. This specification registers all the transport parameters defined in Section 14.45. 21.6 Cache Directive Extensions There exist a number of cache directives which can be sent in the Cache-Control header. A registry for this cache directives SHALL be defined with the following rules: o Registering requires an IETF standard tracks document. o A registration is required to contain a contact person. o Name of the directive and a definition of the value, if any. o Specification if it is an request or response directive. o A describing text that explains how the cache directive is used for RTSP controlled media streams. This specification registers the following values: no-cache: public: H. Schulzrinne et. al. [Page 139] Internet Draft RTSP October 24, 2005 private: no-transform: only-if-cached: max-stale: min-fresh: must-revalidate: proxy-revalidate: max-age: 21.7 Accept-Credentials policies In section 18.3.1 three policies for how to handle certificates. Further policies may be defined and SHALL be registered with IANA using the following rules: o Registering requires an IETF standard tracks document. o A registration is required name a contact person. o Name of the policy. o A describing text that explains how the policy works for handling the certificates. This specification registers the following values: Any Proxy User 21.8 URI Schemes This specification defines two URI schemes ("rtsp" and "rtsps") and reserves a third one ("rtspu"). This will need to be done in accordance with RFC 2717. 21.9 SDP attributes H. Schulzrinne et. al. [Page 140] Internet Draft RTSP October 24, 2005 This specification defines two SDP [1] attributes that it is requested that IANA register. SDP Attribute ("att-field"): Attribute name: range Long form: Media Range Attribute Type of name: att-field Type of attribute: Media and session level Subject to charset: No Purpose: RFC XXXX Reference: RFC XXXX Values: See ABNF definition. Attribute name: control Long form: RTSP control URI Type of name: att-field Type of attribute: Media and session level Subject to charset: No Purpose: RFC XXXX Reference: RFC XXXX Values: Absolute or Relative URIs. Attribute name: etag Long form: Entity Tag Type of name: att-field Type of attribute: Media and session level Subject to charset: No Purpose: RFC XXXX Reference: RFC XXXX Values: See ABNF definition A RTSP Protocol State Machine The RTSP session state machine describes the behavior of the protocol from RTSP session initialization through RTSP session termination. The State machine is defined on a per session basis which is uniquely identified by the RTSP session identifier. The session may contain one or more media streams depending on state. If a single media stream is part of the session it is in non-aggregated control. If two or more is part of the session it is in aggregated control. H. Schulzrinne et. al. [Page 141] Internet Draft RTSP October 24, 2005 The below state machine is a normative description of the protocols behavior. However, in case of ambiguity with the earlier parts of this specification, the description in the earlier parts SHALL take precedence. A.1 States The state machine contains three states, described below. For each state there exist a table which shows which requests and events that is allowed and if they will result in a state change. Init: Initial state no session exist. Ready: Session is ready to start playing. Play: Session is playing, i.e. sending media stream data in the direction S -> C. A.2 State variables This representation of the state machine needs more than its state to work. A small number of variables are also needed and is explained below. NRM: The number of media streams part of this session. RP: Resume point, the point in the presentation time line at which a request to continue will resume from. A time format for the variable is not mandated. A.3 Abbreviations To make the state tables more compact a number of abbreviations are used, which are explained below. IFI: IF Implemented. md: Media PP: Pause Point, the point in the presentation time line at which the presentation was paused. Prs: Presentation, the complete multimedia presentation. RedP: Redirect Point, the point in the presentation time line at which a REDIRECT was specified to occur. SES: Session. H. Schulzrinne et. al. [Page 142] Internet Draft RTSP October 24, 2005 A.4 State Tables This section contains a table for each state. The table contains all the requests and events that this state is allowed to act on. The events which is method names are, unless noted, requests with the given method in the direction client to server (C -> S). In some cases there exist one or more requisite. The response column tells what type of response actions should be performed. Possible actions that is requested for an event includes: response codes, e.g. 200, headers that MUST be included in the response, setting of state variables, or setting of other session related parameters. The new state column tells which state the state machine changes to. The response to valid request meeting the requisites is normally a 2xx (SUCCESS) unless other noted in the response column. The exceptions needs to be given a response according to the response column. If the request does not meet the requisite, is erroneous or some other type of error occur the appropriate response code MUST be sent. If the response code is a 4xx the session state is unchanged. A response code of 3rr will result in that the session is ended and its state is changed to Init. A response code of 304 results in no state change. However there exist restrictions to when a 3xx response may be used. A 5xx response SHALL not result in any change of the session state, except if the error is not possible to recover from. A unrecoverable error SHALL result the ending of the session. As it in the general case can't be determined if it was a unrecoverable error or not the client will be required to test. In the case that the next request after a 5xx is responded with 454 (Session Not Found) the client knows that the session has ended. The server will timeout the session after the period of time specified in the SETUP response, if no activity from the client is detected. Therefore there exist a timeout event for all states except Init. In the case that NRM=1 the presentation URI is equal to the media URI. For NRM>1 the presentation URI MUST be other than any of the medias that are part of the session. This applies to all states. The methods in Table 13 do not have any effect on the state machine or the state variables. However some methods do change other session related parameters, for example SET_PARAMETER which will set the parameter(s) specified in its body. Also all of these methods that allows Session header will also update the keep-alive timer for the session. H. Schulzrinne et. al. [Page 143] Internet Draft RTSP October 24, 2005 Event Prerequisite Response ______________________________________________________________ DESCRIBE Needs REDIRECT 3rr, Redirect DESCRIBE 200, Session description OPTIONS Session ID 200, Reset session timeout timer OPTIONS 200 SET_PARAMETER Valid parameter 200, change value of parameter GET_PARAMETER Valid parameter 200, return value of parameter Table 13: None state-machine changing events Action Requisite New State Response _____________________________________________________________ SETUP Ready NRM=1, RP=0.0 SETUP Needs Redirect Init 3rr Redirect S -> C:REDIRECT No Session hdr Init Terminate all SES Table 14: State: Init The initial state of the state machine, see Table 14 can only be left by processing a correct SETUP request. As seen in the table the two state variables are also set by a correct request. This table also shows that a correct SETUP can in some cases be redirected to another URI and/or server by a 3rr response. In the Ready state, see Table 15, some of the actions are depending on the number of media streams (NRM) in the session, i.e. aggregated or non-aggregated control. A setup request in the ready state can either add one more media stream to the session or if the media stream (same URI) already is part of the session change the transport parameters. TEARDOWN is depending on both the Request-URI and the number of media stream within the session. If the Request-URI is the presentations URI the whole session is torn down. If a media URI is used in the TEARDOWN request and more than one media exist in the session, the session will remain and a session header MUST be returned in the response. If only a single media stream remains in the session when performing a TEARDOWN with a media URI the session is removed. The number of media streams remaining after tearing down a media stream determines the new state. H. Schulzrinne et. al. [Page 144] Internet Draft RTSP October 24, 2005 Action Requisite New State Response _____________________________________________________________________ SETUP New URI Ready NRM+=1 SETUP Setten up URI Ready Change transport param TEARDOWN Prs URI,NRM>1 Init No session hdr, NRM=0 TEARDOWN md URI,NRM=1 Init No Session hdr, NRM=0 TEARDOWN md URI,NRM>1 Ready Session hdr, NRM-=1 PLAY Prs URI, No range Play Play from RP PLAY Prs URI, Range Play According to range PAUSE Prs URI Ready Return PP S -> C:REDIRECT Range hdr Ready Set RedP S -> C:REDIRECT no range hdr Init Session is removed Timeout Init RedP reached Init TEARDOWN of session Table 15: State: Ready Action Requisite New State Response ______________________________________________________________________ PAUSE PrsURI,No range Ready Set RP to present point PAUSE PrsURI,Range>now Play Set RP & PP to given p. PAUSE PrsURI,Range1 Init No session hdr TEARDOWN md URI,NRM=1 Init No Session hdr, NRM=0 TEARDOWN md URI Play 455 S -> C:REDIRECT Range hdr Play Set RedP S -> C:REDIRECT no range hdr Init Session is removed RedP reached Init TEARDOWN of session Timeout Init Stop Media playout Table 16: State: Play The Play state table, see Table 16, is the largest. The table contains an number of requests that has presentation URI as a prerequisite on the Request-URI, this is due to the exclusion of non-aggregated stream control in sessions with more than one media stream. H. Schulzrinne et. al. [Page 145] Internet Draft RTSP October 24, 2005 To avoid inconsistencies between the client and server, automatic state transitions are avoided. This can be seen at for example "End of media" event when all media has finished playing, the session still remain in Play state. An explicit PAUSE request MUST be sent to change the state to Ready. It may appear that there exist two automatic transitions in "RedP reached" and "PP reached", however they are requested and acknowledge before they take place. The time at which the transition will happen is known by looking at the range header. If the client sends request close in time to these transitions it needs to be prepared for getting error message as the state may or may not have changed. B Media Transport Alternatives This section defines how certain combinations of protocols, profiles and lower transports are used. This includes the usage of the Transport header's source and destination address parameters "src_addr" and "dest_addr". B.1 RTP This section defines the interaction of RTSP with respect to the RTP protocol [16]. It also defines any necessary media transport signalling with regards to RTP. The available RTP profiles and lower layer transports are described below along with rules on signalling the available combinations. B.1.1 AVP The usage of the "RTP Profile for Audio and Video Conferences with Minimal Control" [2] when using RTP for media transport over different lower layer transport protocols is defined below in regards to RTSP. One such case is defined within this document, the use of embedded (interleaved) binary data as defined in section 12. The usage of this method is indicated by include the "interleaved" parameter. When using embedded binary data the "src_addr" and "dest_addr" SHALL NOT be used. This addressing and multiplexing is used as defined with use of channel numbers and the interleaved parameter. B.1.2 AVP/UDP This part describes sending of RTP [16] over lower transport layer UDP [9] according to the profile "RTP Profile for Audio and Video Conferences with Minimal Control" defined in RFC 3551 [2]. This H. Schulzrinne et. al. [Page 146] Internet Draft RTSP October 24, 2005 profiles requires one or two uni- or bi-directional UDP flows per media stream. The first UDP flow is for RTP and the second is for RTCP. Embedding of RTP data with the RTSP messages, in accordance with section 12, SHOULD NOT be performed when RTSP messages are transported over unreliable transport protocols, like UDP [9]. The RTP/UDP and RTCP/UDP flows can be established using the Transport header's "src_addr", and "dest_addr" parameters. In RTSP PLAY mode, the transmission of RTP packets from client to server is unspecified. The behavior in regards to such RTP packets MAY be defined in future. The "src_addr" and "dest_addr" parameters are used in the following way for media playback, i.e. Mode=PLAY: o The "src_addr" and "dest_addr" parameters MUST contain either 1 or 2 address specifications. o Each address specification for RTP/AVP/UDP or RTP/AVP/TCP MUST contain either: - both an address and a port number, or - a port number without an address o The first address and port pair given in either of the parameters applies to the RTP stream. The second address and port pair if present applies to the RTCP stream. o The RTP/UDP packets from the server to the client SHALL be sent to the address and port given by first address and port pair of the "dest_addr" parameter. o The RTCP/UDP packets from the server to the client SHALL be sent to the address and port given by the second address and port pair of the "dest_addr" parameter. If no second pair is given RTCP SHALL NOT be sent. o The RTCP/UDP packets from the client to the server SHALL be sent to the address and port given by the second address and port pair of the "src_addr" parameter. If no second pair is given RTCP SHALL NOT be sent. o The RTP/UDP packets from the client to the server SHALL be sent to the address and port given by the first address and port pair of the "src_addr" parameter. H. Schulzrinne et. al. [Page 147] Internet Draft RTSP October 24, 2005 o RTP and RTCP Packets SHOULD be sent from the corresponding receiver port, i.e. RTCP packets from server should be sent from the "src_addr" parameters second address port pair. B.1.3 AVP/TCP Note that this combination is not yet defined using sperate TCP connections. However the use of embedded (interleaved) binary data transported on the RTSP connection is possible as specified in section 12. When using this declared combination of interleaved binary data the RTSP messages MUST be transported over TCP. A possible future for this profile would be to define the use of a combination of the two drafts "Connection-Oriented Media Transport in SDP" [37] and "Framing RTP and RTCP Packets over Connection-Oriented Transport" [38]. However as this work is not finished, this functionality is unspecified. B.1.4 AVPF The RTP profile "Extended RTP Profile for RTCP-based Feedback (RTP/AVPF)" [20] MAY be used as RTP profiles in session using RTP. All that is defined for AVP SHALL also apply for AVPF. The usage of AVPF is indicated by the media initialization protocol used. In the case of SDP it is indicated by media lines (m=) containing the profile RTP/AVPF. That SDP MAY also contain further AVPF related SDP attributes configuring the AVPF session regarding reporting interval and feedback messages that shall be used that SHALL be followed. B.1.5 SAVP The RTP profile "The Secure Real-time Transport Protocol (SRTP)" [21] is an RTP profile (SAVP) that MAY be used in RTSP sessions using RTP. All that is defined for AVP SHALL also apply for AVPF. The usage of SRTP requires that a security association is established. The protocol used are outside of the scope of RTSP, however a method must exist to enable the usage of the RTP profile SAVP. B.1.6 Handling NPT Jumps in the RTP Media Layer RTSP allows media clients to control selected, non-contiguous sections of media presentations, rendering those streams with an RTP H. Schulzrinne et. al. [Page 148] Internet Draft RTSP October 24, 2005 media layer[16]. Such control allows jumps to be created in NPT timeline of the RTSP session. For example, jumps in NPT can be caused by multiple ranges in the range specifier of a PLAY request or through a "seek" opertaion on an RTSP session which involves a PLAY, PAUSE, PLAY scenario where a new NPT is set for the session. The media layer rendering the RTP stream should not be affected by jumps in NPT. Thus, both RTP sequence numbers and RTP timestamps MUST be continuous and monotonic across jumps of NPT. We cannot assume that the RTSP client can communicate with the RTP media agent, as the two may be independent processes. If the RTP timestamp shows the same gap as the NPT, the media agent will assume that there is a pause in the presentation. If the jump in NPT is large enough, the RTP timestamp may roll over and the media agent may believe later packets to be duplicates of packets just played out. As an example, assume a clock frequency of 8000 Hz, a packetization interval of 100 ms and an initial sequence number and timestamp of zero. C->S: PLAY rtsp://xyz/fizzle RTSP/2.0 CSeq: 4 Session: abcdefg Range: npt=10-15 S->C: RTSP/2.0 200 OK CSeq: 4 Session: abcdefg Range: npt=10-15 RTP-Info: url="rtsp://xyz/fizzle/audiotrack" ssrc=0D12F123:seq=0;rtptime=0 The ensuing RTP data stream is depicted below: S -> C: RTP packet - seq = 0, rtptime = 0, NPT time = 10s S -> C: RTP packet - seq = 1, rtptime = 800, NPT time = 10.1s . . . S -> C: RTP packet - seq = 49, rtptime = 39200, NPT time = 14.9s Immediately after the end of the play range, the client follows up H. Schulzrinne et. al. [Page 149] Internet Draft RTSP October 24, 2005 with a request to PLAY from a new NPT. C->S: PLAY rtsp://xyz/fizzle RTSP/2.0 CSeq: 5 Session: abcdefg Range: npt=18-20; S->C: RTSP/2.0 200 OK CSeq: 5 Session: abcdefg Range: npt=18-20 RTP-Info: url="rtsp://xyz/fizzle/audiotrack" ssrc=0D12F123:seq=50;rtptime=40100 The ensuing RTP data stream is depicted below: S->C: RTP packet - seq = 50, rtptime = 40100, NPT time = 18s S->C: RTP packet - seq = 51, rtptime = 40900, NPT time = 18.1s . . . S->C: RTP packet - seq = 69, rtptime = 55300, NPT time = 19.9s In this example, first, NPT 10 through 15 is played, then the client request the server to skip ahead and play NPT 18 through 20. The first segment is presented as RTP packets with sequence numbers 0 through 49 and timestamp 0 through 39,200. The second segment consists of RTP packets with sequence number 50 through 69, with timestamps 40,100 through 55,200. While there is a gap in the NPT, there is no gap in the sequence number space of the RTP data stream. The RTP timestamp gap is present in the above example due to the time it takes to perform the second play request, in this case 12.5 ms (100/8000). To avoid this gap in playback due to the time it takes to perform RTSP requests, a PLAY request with multiple ranges needs to be specified. That would result in the following example: C->S: PLAY rtsp://xyz/fizzle RTSP/2.0 CSeq: 4 Session: abcdefg Range: npt=10-15;npt=18-20 S->C: RTSP/2.0 200 OK CSeq: 4 H. Schulzrinne et. al. [Page 150] Internet Draft RTSP October 24, 2005 Session: abcdefg Range: npt=10-15 RTP-Info: url="rtsp://xyz/fizzle/audiotrack" ssrc=0D12F123:seq=0;rtptime=0 The ensuing RTP data stream is depicted below: S -> C: RTP packet - seq = 0, rtptime = 0, NPT time = 10s S -> C: RTP packet - seq = 1, rtptime = 800, NPT time = 10.1s . . . S -> C: RTP packet - seq = 49, rtptime = 39200, NPT time = 14.9s S -> C: RTP packet - seq = 50, rtptime = 40100, NPT time = 18s S -> C: RTP packet - seq = 51, rtptime = 40900, NPT time = 18.1s . . . S -> C: RTP packet - seq = 69, rtptime = 55300, NPT time = 19.9s B.1.7 Handling RTP Timestamps after PAUSE During a PAUSE / PLAY interaction in an RTSP session, the duration of time for which the RTP transmission was halted MUST be reflected in the RTP timestamp of each RTP stream. The duration can be calculated for each RTP stream as the time elapsed from when the last RTP packet was sent before the PAUSE request was received and when the first RTP packet was sent after the subsequent PLAY request was received. The duration includes all latency incurred and processing time required to complete the request. The RTP RFC [16] states that: The RTP timestamp for each unit[packet] would be related to the wallclock time at which the unit becomes current on the virtual presentation timeline. In order to satisfy the requirements of [16], the RTP timestamp space needs to increase continuously with real time. While this is not optimal for stored media, it is required for RTP and RTCP to function as intended. Using a continuous RTP timestamp space allows the same timestamp model for both stored and live media and allows better opportunity to integrate both types of media under a single control. As an example, assume a clock frequency of 8000 Hz, a packetization H. Schulzrinne et. al. [Page 151] Internet Draft RTSP October 24, 2005 interval of 100 ms and an initial sequence number and timestamp of zero. C->S: PLAY rtsp://xyz/fizzle RTSP/2.0 CSeq: 4 Session: abcdefg Range: npt=10-15; S->C: RTSP/2.0 200 OK CSeq: 4 Session: abcdefg Range: npt=10-15 RTP-Info: url="rtsp://xyz/fizzle/audiotrack" ssrc=0D12F123:seq=0;rtptime=0 The ensuing RTP data stream is depicted below: S -> C: RTP packet - seq = 0, rtptime = 0, NPT time = 10s S -> C: RTP packet - seq = 1, rtptime = 800, NPT time = 10.1s S -> C: RTP packet - seq = 2, rtptime = 1600, NPT time = 10.2s S -> C: RTP packet - seq = 3, rtptime = 2400, NPT time = 10.3s The client then sends a PAUSE request: C->S: PAUSE rtsp://xyz/fizzle RTSP/2.0 CSeq: 5 Session: abdcdefg S->C: RTSP/2.0 200 OK CSeq: 5 Session: abcdefg Range: npt=10.4-15 20 seconds elapse and then the client sends a PLAY request. In addition the server requires 15 ms to process the request: C->S: PLAY rtsp://xyz/fizzle RTSP/2.0 CSeq: 6 H. Schulzrinne et. al. [Page 152] Internet Draft RTSP October 24, 2005 Session: abcdefg S->C: RTSP/2.0 200 OK CSeq: 6 Session: abcdefg Range: npt=10.4-15 RTP-Info: url="rtsp://xyz/fizzle/audiotrack" ssrc=0D12F123:seq=4;rtptime=164400 The ensuing RTP data stream is depicted below: S -> C: RTP packet - seq = 4, rtptime = 164400, NPT time = 10.4s S -> C: RTP packet - seq = 5, rtptime = 165200, NPT time = 10.5s S -> C: RTP packet - seq = 6, rtptime = 166000, NPT time = 10.6s First, NPT 10 through 10.3 is played, then a PAUSE is received by the server. After 20 seconds a PLAY is received by the server which take 15ms to process. The duration of time for which the session was paused is reflected in the RTP timestamp of the RTP packets sent after this PLAY request. A client can use the RTSP range header and RTP-Info header to map NPT time of a presentation with the RTP timestamp. Note: In RFC 2326 [24], this matter was not clearly defined and was misunderstood commonly. However for RTSP 2.0 it is expected that this will be handled correctly and not exception handling will be required. B.1.8 RTSP / RTP Integration For certain datatypes, tight integration between the RTSP layer and the RTP layer will be necessary. This by no means precludes the above restrictions. Combined RTSP/RTP media clients should use the RTP-Info field to determine whether incoming RTP packets were sent before or after a seek or before or after a PAUSE. B.1.9 Scaling with RTP For scaling (see Section 14.39), RTP timestamps should correspond to the playback timing. For example, when playing video recorded at 30 frames/second at a scale of two and speed (Section 14.40) of one, the server would drop every second frame to maintain and deliver video packets with the normal timestamp spacing of 3,000 per frame, but NPT H. Schulzrinne et. al. [Page 153] Internet Draft RTSP October 24, 2005 would increase by 1/15 second for each video frame. Note: The above scaling puts requirements on the media codec or a media stream to support it. For example motion JPEG or other non-predictive video coding can easier handle the above example. B.1.10 Maintaining NPT synchronization with RTP timestamps The client can maintain a correct display of NPT by noting the RTP timestamp value of the first packet arriving after repositioning. The sequence parameter of the RTP-Info (Section 14.38) header provides the first sequence number of the next segment. B.1.11 Continuous Audio For continuous audio, the server SHOULD set the RTP marker bit at the beginning of serving a new PLAY request or at jumps in timeline. This allows the client to perform playout delay adaptation. B.1.12 Multiple Sources in an RTP Session Note that more than one SSRC MAY be sent in the media stream. If it happens all sources are expected to be rendered simultaneously. B.1.13 Usage of SSRCs and the RTCP BYE Message During an RTSP Session The RTCP BYE message indicates the end of use of a given SSRC. If all sources leave an RTP session, it can, in most cases, be assumed to have ended. Therefore, a client or server SHALL NOT send a RTCP BYE message until it has finished using a SSRC. A server SHOULD keep using a SSRC until the RTP session is terminated. Prolonging the use of a SSRC allows the established synchronization context associated with that SSRC to be used to synchronize subsequent PLAY requests even if the PLAY response is late. An SSRC collision with the SSRC that transmits media does also have consequences, as it will force the media sender to change its SSRC in accordance with the RTP specification [16]. This will result in a loss of synchronization context, and require any receiver to wait for RTCP sender reports for all media requiring synchronization before being able to play out synchronized. Due to these reasons a client joining a session should take care to not select the same SSRC as the server. Any SSRC signalled in the Transport header SHOULD be avoided. A client detecting a collision prior to sending any RTP or RTCP messages can also select a new SSRC. H. Schulzrinne et. al. [Page 154] Internet Draft RTSP October 24, 2005 B.2 Future Additions It is the intention that any future protocol or profile regarding both for media delivery and lower transport should be easy to add to RTSP. This section provides the necessary steps that needs to be meet. The following things needs to be considered when adding a new protocol of profile for use with RTSP: o The protocol or profile needs to define a name tag representing it. This tag is required to be a ABNF "token" to be possible to use in the Transport header specification. o The useful combinations of protocol/profile/lower-layer needs to be defined and for each combination declare the necessary parameters to use in the Transport header. o For new media protocols the interaction with RTSP needs to be addressed. One important factor will be the media synchronization. See the IANA section (21) for information how to register new attributes. C Use of SDP for RTSP Session Descriptions The Session Description Protocol (SDP, RFC 2327 [1]) may be used to describe streams or presentations in RTSP. This description is typically returned in reply to a DESCRIBE request on an URI from a server to a client, or received via HTTP from a server to a client. This appendix describes how an SDP file determines the operation of an RTSP session. SDP as is provides no mechanism by which a client can distinguish, without human guidance, between several media streams to be rendered simultaneously and a set of alternatives (e.g., two audio streams spoken in different languages). However the SDP extension "Grouping of Media Lines in the Session Description Protocol (SDP)" [39] may provide such functionality depending on need. Also future grouping semantics may in the future be developed. C.1 Definitions The terms "session-level", "media-level" and other key/attribute names and values used in this appendix are to be used as defined in SDP (RFC 2327 [1]): C.1.1 Control URI H. Schulzrinne et. al. [Page 155] Internet Draft RTSP October 24, 2005 The "a=control:" attribute is used to convey the control URI. This attribute is used both for the session and media descriptions. If used for individual media, it indicates the URI to be used for controlling that particular media stream. If found at the session level, the attribute indicates the URI for aggregate control (presentation URI). The session level URI SHALL be different from any media level URI. The presence of a session level control attribute SHALL be interpreted as support for aggregated control. The control attribute SHALL be present on media level unless the presentation only contains a single media stream, in which case the attribute MAY only be present on the session level. ABNF for the attribute is defined in section 19.3. Example: a=control:rtsp://example.com/foo This attribute MAY contain either relative or absolute URIs, following the rules and conventions set out in RFC 3986 [6]. Implementations SHALL look for a base URI in the following order: 1. the RTSP Content-Base field; 2. the RTSP Content-Location field; 3. the RTSP Request-URI. If this attribute contains only an asterisk (*), then the URI SHALL be treated as if it were an empty embedded URI, and thus inherit the entire base URI. The URI handling for SDPs from container files need special consideration. For example lets assume that a container file has the URI: "rtsp://example.com/container.mp4". Lets further assume this URI is the base URI, and that there is a absolute media level URI: "rtsp://example.com/container.mp4/trackID=2". A relative media level URI that resolves in accordance with RFC 3986 [6] to the above given media URI is: "container.mp4/trackID=2". It is usually not desirable to need to include in or modify the SDP stored within the container file with the server local name of the container file. To avoid this, one can modify the base URI used to include a trailing slash, e.g. "rtsp://example.com/container.mp4/". In this case the relative URI for the media will only need to be: "trackID=2". However this will also mean that using "*" in the SDP will result in control URI including the trailing slash, i.e. H. Schulzrinne et. al. [Page 156] Internet Draft RTSP October 24, 2005 "rtsp://example.com/container.mp4/". C.1.2 Media Streams The "m=" field is used to enumerate the streams. It is expected that all the specified streams will be rendered with appropriate synchronization. If the session is over multicast, the port number indicated SHOULD be used for reception. The client MAY try to override the destination port, through the Transport header. The servers MAY allow this, the response will indicate if allowed or not. If the session is unicast, the port number is the ones RECOMMENDED by the server to the client, about which receiver ports to use; the client MUST still include its receiver ports in its SETUP request. The client MAY ignore this recommendation. If the server has no preference, it SHOULD set the port number value to zero. The "m=" lines contain information about what transport protocol, profile, and possibly lower-layer is to be used for the media stream. The combination of transport, profile and lower layer, like RTP/AVP/UDP needs to be defined for how to be used with RTSP. The currently defined combinations are defined in section B, further combinations MAY be specified. Usage of grouping of media lines [39] to determine which media lines should or should not be included in a RTSP session is unspecified. Example: m=audio 0 RTP/AVP 31 C.1.3 Payload Type(s) The payload type(s) are specified in the "m=" field. In case the payload type is a static payload type from RFC 3551 [2], no other information may be required. In case it is a dynamic payload type, the media attribute "rtpmap" is used to specify what the media is. The "encoding name" within the "rtpmap" attribute may be one of those specified in RFC 3551 (Sections 5 and 6), or an MIME type registered with IANA, or an experimental encoding as specified in SDP (RFC 2327 [1]). Codec-specific parameters are not specified in this field, but rather in the "fmtp" attribute described below. C.1.4 Format-Specific Parameters Format-specific parameters are conveyed using the "fmtp" media attribute. The syntax of the "fmtp" attribute is specific to the H. Schulzrinne et. al. [Page 157] Internet Draft RTSP October 24, 2005 encoding(s) that the attribute refers to. Note that some of the format specific parameters may be specified outside of the fmtp parameters, like for example the "ptime" attribute for most audio encodings. C.1.5 Range of Presentation The "a=range" attribute defines the total time range of the stored session or an individual media. Non-seekable live sessions can be indicated, while the length of live sessions can be deduced from the "t" and "r" SDP parameters. The attribute is both a session and a media level attribute. For presentations that contains media streams of the same durations, the range attribute SHOULD only be used at session-level. In case of different length the range attribute MUST be given at media level for all media, and SHOULD NOT be given at session level. If the attribute is present at both media level and session level the media level values SHALL be used. The unit is specified first, followed by the value range. The units and their values are as defined in Section 3.4, 3.5 and 3.6 and MAY be extended with further formats. Any open ended range (start-), i.e. without stop range, is of unspecified duration and SHALL be considered as non-seekable content unless this property is overridden. Multiple instances carrying different clock formats MAY be included at either session or media level. ABNF for the attribute is defined in section 19.3. Examples: a=range:npt=0-34.4368 a=range:clock=19971113T2115-19971113T2203 Non seekable stream of unknown duration: a=range:npt=0- C.1.6 Time of Availability The "t=" field MUST contain suitable values for the start and stop times for both aggregate and non-aggregate stream control. The server SHOULD indicate a stop time value for which it guarantees the description to be valid, and a start time that is equal to or before the time at which the DESCRIBE request was received. It MAY also indicate start and stop times of 0, meaning that the session is always available. H. Schulzrinne et. al. [Page 158] Internet Draft RTSP October 24, 2005 For sessions that are of live type, i.e. specific start time, unknown stop time, likely unseekable, the "t=" and "r=" field SHOULD be used to indicate the start time of the event. The stop time SHOULD be given so that the live event will with high probability have ended at that time, while still not be unnecessary long into the future. C.1.7 Connection Information In SDP, the "c=" field contains the destination address for the media stream. For a media destination address that is a IPv6 one, the SDP extension defined in [22] needs to be used. For on-demand unicast streams and some multicast streams, the destination address MAY be specified by the client via the SETUP request, thus overriding any specified address. To identify streams without a fixed destination address, where the client is required to specify a destination address, the "c=" field SHOULD be set to a null value. For addresses of type "IP4", this value SHALL be "0.0.0.0", and for type "IP6", this value SHALL be "0:0:0:0:0:0:0:0", i.e. the unspecified address according to RFC 3513 [23]. C.1.8 Entity Tag The optional "a=etag" attribute identifies a version of the session description. It is opaque to the client. SETUP requests may include this identifier in the If-Match field (see section 14.25) to only allow session establishment if this attribute value still corresponds to that of the current description. The attribute value is opaque and may contain any character allowed within SDP attribute values. ABNF for the attribute is defined in section 19.3. Example: a=etag:158bb3e7c7fd62ce67f12b533f06b83a One could argue that the "o=" field provides identical functionality. However, it does so in a manner that would put constraints on servers that need to support multiple session description types other than SDP for the same piece of media content. C.2 Aggregate Control Not Available If a presentation does not support aggregate control no session level "a=control:" attribute is specified. For a SDP with multiple media H. Schulzrinne et. al. [Page 159] Internet Draft RTSP October 24, 2005 sections specified, each section will have its own control URI specified via the "a=control:" attribute. Example: v=0 o=- 2890844256 2890842807 IN IP4 204.34.34.32 s=I came from a web page e=adm@example.com c=IN IP4 0.0.0.0 t=0 0 m=video 8002 RTP/AVP 31 a=control:rtsp://audio.com/movie.aud m=audio 8004 RTP/AVP 3 a=control:rtsp://video.com/movie.vid Note that the position of the control URI in the description implies that the client establishes separate RTSP control sessions to the servers audio.com and video.com It is recommended that an SDP file contains the complete media initialization information even if it is delivered to the media client through non-RTSP means. This is necessary as there is no mechanism to indicate that the client should request more detailed media stream information via DESCRIBE. C.3 Aggregate Control Available In this scenario, the server has multiple streams that can be controlled as a whole. In this case, there are both a media-level "a=control:" attributes, which are used to specify the stream URIs, and a session-level "a=control:" attribute which is used as the Request-URI for aggregate control. If the media-level URI is relative, it is resolved to absolute URIs according to Section C.1.1 above. Example: C->M: DESCRIBE rtsp://example.com/movie RTSP/2.0 CSeq: 1 M->C: RTSP/2.0 200 OK CSeq: 1 Date: 23 Jan 1997 15:35:06 GMT Content-Type: application/sdp H. Schulzrinne et. al. [Page 160] Internet Draft RTSP October 24, 2005 Content-Base: rtsp://example.com/movie/ Content-Length: 228 v=0 o=- 2890844256 2890842807 IN IP4 204.34.34.32 s=I contain i= e=adm@example.com c=IN IP4 0.0.0.0 t=0 0 a=control:* m=video 8002 RTP/AVP 31 a=control:trackID=1 m=audio 8004 RTP/AVP 3 a=control:trackID=2 In this example, the client is required to establish a single RTSP session to the server, and uses the URIs rtsp://example.com/movie/trackID=1 and rtsp://example.com/movie/trackID=2 to set up the video and audio streams, respectively. The URI rtsp://example.com/movie/ , which is resolved from the "*", controls the whole presentation (movie). A client is not required to issues SETUP requests for all streams within an aggregate object. Servers should allow the client to ask for only a subset of the streams. C.4 RTSP external SDP delivery There are some considerations that needs to be made when the session description is delivered to client outside of RTSP, for example in HTTP or email. First of all the SDP needs to contain absolute URIs, relative will in most cases not work as the delivery will not correctly forward the base URI. And as SDP might be temporarily stored on file system before being loaded into an RTSP capable client, thus if possible to transport the base URI it still would need to be merged into the file. The writing of the SDP session availability information, i.e. "t=" and "r=", needs to be carefully considered. When the SDP is fetched by the DESCRIBE method it is with very high probability that the it is valid. However the same are much less certain for SDPs distributed using other methods. Therefore the publisher of the SDP should take care to follow the recommendations about availability in the SDP H. Schulzrinne et. al. [Page 161] Internet Draft RTSP October 24, 2005 specification [1]. D Minimal RTSP implementation Note: This section is still under development! This section defines the minimal implementation requirements for any client and server. In addition the requirements for supporting the "play.basic" feature tag is defined here. D.1 Minimal Core Implementation The minimal core implementation is what is required to negotiate the usage of any other features. A minimal core implementation is not supporting any other feature set will be useless as the minimal implementation doesn't deliver any service. All feature sets SHALL include the minimal core. A minimal core implementation SHALL support the following functionalities: o Establishing a connection between RTSP agent using TCP. o Implement the reception and response to the OPTIONS method. o Implement the handling of all headers mandatory or conditional in regards to the usage of the OPTIONS method. See tables 9 and 10. This include at least the capability to ignore unknown headers. o Implement the headers related to capability negotiation and exchange: - Require - Supported - Proxy-Require - Proxy-Supported - Unsupported D.2 The Basic Playback Feature Support This section defines what is required to be supported for clients, proxies and servers to be supporting the "play.basic" feature tag. H. Schulzrinne et. al. [Page 162] Internet Draft RTSP October 24, 2005 D.2.1 Client A play.basic supporting client SHALL implement the following: o The RTSP methods as required by Table 7. o All the RTSP headers that are required required or conditional in requests or responses to method required to be supported according to Tables 9, 10, 11, and 12 and in addition the following headers: - Content-Base - Content-Encoding and at least the Identity method. - Content-Location - Location - Range - RTP-Info o Handling of all Status code categories and in addition the following specific status codes: o Media delivery using RTP/AVP over UDP. A play.basic client is RECOMMENDED to support the following: o RTSP basic and digest authentication: The 401 response, the WWW-Authenticate and Authorization headers, and both Basic and Digest authentication methods as defined by [8]. o Expires header o From header o Secure Transport as specified by section D.3. D.2.2 Server To be written! D.2.3 Proxy A play.basic supporting proxy SHALL implement the following: H. Schulzrinne et. al. [Page 163] Internet Draft RTSP October 24, 2005 o Correct handling of the RTSP methods as required by Table 7. o The handling of all RTSP headers that are required to be handled by the server and clients supporting "play.basic" and in addition the following headers: - Cache-Control - Expires - Via D.3 Secure Transport Any Client, Proxy or Server supporting secure transport of RTSP messages and usage of the "rtsps" URI scheme SHALL implement; The Accept-Credentials and Connection-Credentials headers; TLS over TCP. D.4 Old Implementation Text The OLD Text follows from here on and is kept in this revision for comparison reasons: D.5 Client A client implementation MUST be able to do the following : o Generate the following requests: SETUP, TEARDOWN, PLAY. o Include the following headers in requests: CSeq, Connection, Session, Transport. o Parse and understand the following headers in responses: CSeq, Connection, Session, Transport, Content-Language, Content-Encoding, Content-Length, Content-Type. o Understand the class of each error code received and notify the end-user, if one is present, of error codes in classes 4xx and 5xx. The notification requirement may be relaxed if the end-user explicitly does not want it for one or all status codes. o Expect and respond to asynchronous requests from the server, such as REDIRECT. This does not necessarily mean that it should implement the REDIRECT method, merely that it MUST respond positively or negatively to any request received from the server. H. Schulzrinne et. al. [Page 164] Internet Draft RTSP October 24, 2005 Though not required, the following are RECOMMENDED. o Implement RTP/AVP/UDP as a valid transport. o Inclusion of the User-Agent header. o Understand SDP session descriptions as defined in Appendix C o Accept media initialization formats (such as SDP) from standard input, command line, or other means appropriate to the operating environment to act as a "helper application" for other applications (such as web browsers). There may be RTSP applications different from those initially envisioned by the contributors to the RTSP specification for which the requirements above do not make sense. Therefore, the recommendations above serve only as guidelines instead of strict requirements. D.5.1 Basic Playback To support on-demand playback of media streams, the client MUST additionally be able to do the following: o generate the PAUSE request; o implement the REDIRECT method, and the Location header. D.5.2 Authentication-enabled In order to access media presentations from RTSP servers that require authentication, the client MUST additionally be able to do the following: o recognize the 401 (Unauthorized) status code; o parse and include the WWW-Authenticate header; o implement Basic Authentication and Digest Authentication. D.6 Server A minimal server implementation MUST be able to do the following: o Implement the following methods: SETUP, TEARDOWN, OPTIONS, SET_PARAMETER and PLAY. H. Schulzrinne et. al. [Page 165] Internet Draft RTSP October 24, 2005 o Include the following headers in responses: Connection, Content-Length, Content-Type, Content-Language, Content- Encoding, Timestamp, Transport, Proxy-Supported, Public, and Via, and Unsupported. RTP-compliant implementations MUST also implement the RTP-Info field. o Parse and respond appropriately to the following headers in requests: Connection, Proxy-Require, Session, Transport, and Require. o Implement Date header if supporting DESCRIBE Though not required, the following are highly recommended at the time of publication for practical interoperability with initial implementations and/or to be a "good citizen". o Implement RTP/AVP/UDP as a valid transport. o Inclusion of the Server, Cache-Control, and Expires headers. o Implement the DESCRIBE method. o Generate SDP session descriptions as defined in Appendix C There may be RTSP applications different from those initially envisioned by the contributors to the RTSP specification for which the requirements above do not make sense. Therefore, the recommendations above serve only as guidelines instead of strict requirements. D.6.1 Basic Playback To support on-demand playback of media streams, the server MUST additionally be able to do the following: o Recognize the Range header, and return an error if seeking is not supported. o Implement the PAUSE method. In addition, in order to support commonly-accepted user interface features, the following are highly recommended for on-demand media servers: o Include and parse the Range header, with NPT units. Implementation of SMPTE units is recommended. H. Schulzrinne et. al. [Page 166] Internet Draft RTSP October 24, 2005 o Include the length of the media presentation in the media initialization information. o Include mappings from data-specific timestamps to NPT. When RTP is used, the rtptime portion of the RTP-Info field may be used to map RTP timestamps to NPT. Client implementations may use the presence of length information to determine if the clip is seekable, and visably disable seeking features for clips for which the length information is unavailable. A common use of the presentation length is to implement a "slider bar" which serves as both a progress indicator and a timeline positioning tool. Mappings from RTP timestamps to NPT are necessary to ensure correct positioning of the slider bar. D.6.2 Authentication-enabled In order to correctly handle client authentication, the server MUST additionally be able to do the following: o Generate the 401 (Unauthorized) status code when authentication is required for the resource. o Parse and include the WWW-Authenticate header o Implement Basic Authentication and Digest Authentication E Requirements for Unreliable Transport of RTSP messages This section provides any one intending to define how to transport of RTSP messages over a unreliable transport protocol with some information learned by the attempt in RFC 2326 [24]. RFC 2326 define both an URI scheme and some basic functionality for transport of RTSP messages over UDP, however it was not sufficient for reliable usage and successful interoperability. The RTSP scheme defined for unreliable transport of RTSP messages was "rtspu". It has been reserved by this specification as at least one commercial implementation exist, thus avoiding any collisions in the name space. The following considerations should exist for operation of RTSP over an unreliable transport protocol: H. Schulzrinne et. al. [Page 167] Internet Draft RTSP October 24, 2005 o Request shall be acknowledged by the receiver. If there is no acknowledgement, the sender may resend the same message after a timeout of one round-trip time (RTT). Any retransmissions due to lack of acknowledgement must carry the same sequence number as the original request. o The round-trip time can be estimated as in TCP (RFC 1123) [40], with an initial round-trip value of 500 ms. An implementation may cache the last RTT measurement as the initial value for future connections. o If RTSP is used over a small-RTT LAN, standard procedures for optimizing initial TCP round trip estimates, such as those used in T/TCP (RFC 1644) [41], can be beneficial. o The Timestamp header (Section 14.44) is used to avoid the retransmission ambiguity problem [42] and obviates the need for Karn's algorithm. o The registered default port for RTSP over UDP for the server is 554. o RTSP messages can be carried over any lower-layer transport protocol that is 8-bit clean. o RTSP messages are vulnerable to bit errors and should not be subjected to them. o Source authentication, or at least validation that RTSP messages comes from the same entity becomes extremely important, as session hijacking may be substantially easier for RTSP message transport using an unreliable protocol like UDP than for TCP. There exist two RTSP headers thats primarily are intended for being used by the unreliable handling of RTSP messages and which will be maintained: CSeq See section 14.19 Timestamp See section 14.44 F Backwards Compatibility Considerations This section contains notes on issues about backwards compatibility with clients or servers being implemented according to RFC 2326 [24]. A server implementing RTSP/2.0 MUST include a RTSP-Version of H. Schulzrinne et. al. [Page 168] Internet Draft RTSP October 24, 2005 RTSP/2.0 in all responses to requests containing RTSP-Version RTSP/2.0. If a server receives a RTSP/1.0 request, it MAY respond with a RTSP/1.0 response if it chooses to support RFC 2326. If the server chooses not to support RFC 2326, it SHOULD respond with a 505 (RTSP Version not supported) status code. A server MUST NOT respond to a RTSP-Version RTSP/1.0 request with a RTSP-Version RTSP/2.0 response. Clients implementing RTSP/2.0 SHOULD use an OPTIONS request with a RTSP-Version of 2.0 to determine whether a server supports RTSP/2.0. If the server responds with either a RTSP-Version of 1.0 or a status code of 505 (RTSP Version not supported), the client MAY use RTSP/1.0 requests if it chooses to support RFC 2326. F.1 Play Request in Play mode The behavior in the server when a Play is received in Play mode has changed (Section 11.4). In RFC 2326, the new PLAY request would be queued until the current Play completed. Any new PLAY request now take effect immediately replacing the previous request. F.2 Using Persistent Connections Some server implementations of RFC 2326 maintain a one-to-one relationship between a connection and an RTSP session. Such implementations require clients to use a persistent connection to communicate with the server and when a client closes its connection, the server may remove the RTSP session. This is worth noting if a RTSP 2.0 client connects to a 1.0 server. G Open Issues This section contains a list of open issues that still needs to be resolved. However also any open issues in the bug tracker at http://rtspspec.sourceforge.net should also be considered. 1. The minimal implementation chapter is still under refinement. All shall, must and shoulds needs to be included in the minimal and relevant feature tags. Feature-tags for these needs to be defined. Further feature-tags needs to be discussed. H Changes Compared to RTSP 1.0 (RFC 2326), the below changes has been made when defining RTSP 2.0. Note that this list does not reflect minor changes in wording or correction of typographical errors. H. Schulzrinne et. al. [Page 169] Internet Draft RTSP October 24, 2005 o The Transport header has been changed in the following way: - The ABNF has been changed to define that extensions are possible, and that unknown extension parameters are to be ignored. - To prevent backwards compatibility issues, any extension or new parameter requires the usage of a feature tag combined with the Require header. - Syntax unclarities with the Mode parameter has been resolved. - Syntax error with ";" for multicast and unicast has been resolved. - Two new addressing parameters has been defined, src_addr and dest_addr. These replaces the parameters "port", "client_port", "server_port", "destination", "source". - Support for IPv6 explicit addresses in all address fields has been included. - To handle URI definitions that contain ";" or "," a quoted URI format has been introduced and is required. - Defined IANA registries for the transport headers parameters, transport-protocol, profile, lower-transport, and mode. - The transport headers interleaved parameter's text was made more strict and use formal requirements levels. However no change on how it is used was made. - It has been clarified that the client can't request of the server to use a certain RTP SSRC, using a request with the transport parameter SSRC. - Syntax definition for SSRC has been clarified to require 8*8 HEX. It has also been extend to allow multiple values for clients supporting this version. - Clarified the text on the transport headers "dest_addr" parameters regarding what security precautions the server is required to perform. - The embedded (interleaved) binary data and its transport parameter was clarified to being symmetric and that it is H. Schulzrinne et. al. [Page 170] Internet Draft RTSP October 24, 2005 the server that sets the channel numbers. o The Range formats has been changed in the following way: - The NPT format has been given a initial NPT identifier that must now be used. - All formats now support initial open ended formats of type "npt=-10". o RTSP message handling has been changed in the following way: - RTSP messages now uses URIs rather then URLs. - It has been clarified that a 4xx message due to missing CSeq header shall be returned without a CSeq header. - Rules for how to handle timing out RTSP messages has been added. o The HTTP references has been updated to RFC 2616 and RFC 2617. This has resulted in that the Public, and the Content-Base header needed to be defined in the RTSP specification. Known effects on RTSP due to HTTP clarifications: - Content-Encoding header can include encoding of type "identity". o The state machine section has completely been rewritten. It includes now more details and are also more clear about the model used. o A IANA section has been included with contains a number of registries and their rules. This will allow us to use IANA to keep track of all RTSP extensions. o Than transport of RTSP messages has seen the following changes: - The use of UDP for RTSP message transport has been deprecated due to missing interest and to broken specification. - The rules for how TCP connections is to be handled has been clarified. Now it is made clear that servers should not close the TCP connection unless they have been unused for significant time. H. Schulzrinne et. al. [Page 171] Internet Draft RTSP October 24, 2005 - Strong recommendations why server and clients should use persistent connections has also been added. - There is now a requirement on the servers to handle non- persistent connections as this provides fault tolerance. - Added wording on the usage of Connection:Close for RTSP. - specified usage of TLS for RTSP messages, including a scheme to approve a proxies TLS connection to the next hop. o The following header related changes have been made: - Accept-Ranges response header is added. This header clarifies which range formats that can be used for a resource. - Clarified that Range header allows multiple ranges to allow for creating editing list. - Fixed the missing definitions for the Cache-Control header. Also added to the syntax definition the missing delta- seconds for max-stale and min-fresh parameters. - Put requirement on CSeq header that the value is increased by one for each new RTSP request. A Recommendation to start at 1 has also been added. - Added requirement that the Date header must be used for all messages with entity. Also the Server should always include it. - Removed possibility of using Range header with Scale header to indicate when it is to be activated, since it can't work as defined. Also added rule that lack of Scale header in response indicates lack of support for the header. Feature- tags for scaled playback has been defined. - The Speed header must now be responded to indicate support and the actual speed going to be used. A feature-tag is defined. Notes on congestion control was also added. - The Supported header was borrowed from SIP to help with the feature negotiation in RTSP. - Clarified that the Timestamp header can be used to resolve retransmission ambiguities. H. Schulzrinne et. al. [Page 172] Internet Draft RTSP October 24, 2005 - The Session header text has been expanded with a explanation on keep alive and which methods to use. SET_PARAMETER is now recommended to use if only keep-alive within RTSP is desired. - It has been clarified how the Range header formats is used to indicate pause points. - Clarified that RTP-Info URIs that are relative, uses the Request-URI as base URI. Also clarified that used URI must be that one that was used in the SETUP request. They are now also required to be quoted. The header also expresses the SSRC for the provided RTP timestamp and sequence number values. - Added text that requires the Range to always be present in PLAY responses. Clarified what should be sent in case of live streams. - The headers table has been updated using a structured borrowed from SIP. This table carries much more information and should provide a good overview of the available headers. - It has been is clarified that any message with a message body is required to have a Content-Length header. This was the case in RFC 2326 but could be misinterpreted. - To resolve functionality around ETag. The ETag and If-None- Match header has been added from HTTP with necessary clarification in regards to RTSP operation. - Imported the Public header from HTTP RFC 2068 [18] since it has been removed from HTTP due to lack of use. Public is used quite frequently in RTSP. - Clarified rules for populating the Public header so that it is an intersection of the capabilities of all the RTSP agents in a chain. o The Protocol Syntax has been changed in the following way: - All BNF definitions are updated according to the rules defined in RFC 4234 [4] and has been gathered in a separate section 19. - The BNF for the User-Agent and Server headers has been corrected so now only the description is in the HTTP specification. H. Schulzrinne et. al. [Page 173] Internet Draft RTSP October 24, 2005 - The definition in the introduction of the RTSP session has been changed. - The protocol has been made fully IPv6 capable. Certain of the functionality, like using explicit IPv6 addresses in fields requires that the protocol support this updated specification. - Added a fragment part to the RTSP URI. This seem to be indicated by the note below the definition however it was not part of the BNF. - The CHAR rule has been changed to exclude NULL. o The Status codes has been changed in the following way: - The use of status code 303 "See Other" has been deprecated as it does not make sense to use in RTSP. - When sending response 451 and 458 the response body should contain the offending parameters. - Clarification on when a 3rr redirect status code can be received has been added. This includes receiving 3rr as a result of request within a established session. This provides clarification to a previous unspecified behavior. - Removed the 250 (Low On Storage Space) status code as it only is relevant to recording which is deprecated. o The following functionality has been deprecated from the protocol: - The use of Queued Play. - The use of PLAY method for keep-alive in play state. - The RECORD and ANNOUNCE methods and all related functionality. Some of the syntax has been removed. - The possibility to use timed execution of methods with the time parameter in the Range header. - The description on how rtspu works is not part of the core specification and will require external description. Only that it exist is defined here and some requirements for the the transport is provided. H. Schulzrinne et. al. [Page 174] Internet Draft RTSP October 24, 2005 o The following changes has been made in relation to methods: - The OPTIONS method has been clarified with regards to the use of the Public and Allow headers. - The RECORD and ANNOUNCE methods are removed as they are lacking implementation and not considered necessary in the core specification. Any work on these methods should be done as a extension document to RTSP. - Added text clarifying the usage of SET_PARAMETER for keep- alive and usage without any body. o Wrote a new section about how to setup different media transport alternatives and their profiles, and lower layer protocols. This resulted that the appendix on RTP interaction was moved there instead in the part describing RTP. The section also includes guidelines what to think of when writing usage guidelines for new protocols and profiles. o Added a new section describing the available mechanisms to determine if functionality is supported, called "Capability Handling". Renamed option-tags to feature-tags. o Added a contributors section with people who has contribute actual text to the specification. o Added a section Use Cases that describes the major use cases for RTSP. o Clarified the usage of a=range and how to indicate live content that are not seekable with this header. o Text specifying the special behavior of PLAY for live content. H.1 Changes needing to be updated o The minimal implementation specification has been changed: - Required Timestamp, Via, and Unsupported headers for a minimal server implementation. - Recommended that Cache-Control, Expires and Date headers be supported by server implementations. I Author Addresses H. Schulzrinne et. al. [Page 175] Internet Draft RTSP October 24, 2005 Henning Schulzrinne Dept. of Computer Science Columbia University 1214 Amsterdam Avenue New York, NY 10027 USA electronic mail: schulzrinne@cs.columbia.edu Anup Rao Cisco USA electronic mail: anrao@cisco.com Robert Lanphier RealNetworks P.O. Box 91123 Seattle, WA 98111-9223 USA electronic mail: robla@real.com Magnus Westerlund Ericsson AB, EAB/TVA/A Torshamsgatan 23 SE-164 80 STOCKHOLM SWEDEN electronic mail: magnus.westerlund@ericsson.com Aravind Narasimhan Overture Computing Corp., East Windsor, NJ 08520 USA electronic mail: aravind.narasimhan@gmail.com J Contributors The following people have made written contributions that were included in the specification: o Tom Marshall contributed text on the usage of 3rr status codes. o Thomas Zheng contributed text on the usage of the Range in PLAY responses. o Sean Sheedy contributed text on the timeout behavior of RTSP messages and connections, and the 463 status code. o Fredrik Lindholm contributed text about the RTSP security H. Schulzrinne et. al. [Page 176] Internet Draft RTSP October 24, 2005 framework. The following people have provided detailed comments on updated versions of this specification: o Stephan Wenger K Acknowledgements This draft is based on the functionality of the original RTSP draft submitted in October 1996. It also borrows format and descriptions from HTTP/1.1. This document has benefited greatly from the comments of all those participating in the MMUSIC-WG. In addition to those already mentioned, the following individuals have contributed to this specification: Rahul Agarwal, Jeff Ayars, Milko Boic, Torsten Braun, Brent Browning, Bruce Butterfield, Steve Casner, Francisco Cortes, Kelly Djahandari, Martin Dunsmuir, Eric Fleischman, Jay Geagan, Andy Grignon, V. Guruprasad, Peter Haight, Mark Handley, Brad Hefta-Gaub, Volker Hilt, John K. Ho, Go Hori, Philipp Hoschka, Anne Jones, Anders Klemets, Ruth Lang, Stephanie Leif, Jonathan Lennox, Eduardo F. Llach, Thomas Marshall, Rob McCool, David Oran, Joerg Ott, Maria Papadopouli, Sujal Patel, Ema Patki, Alagu Periyannan, Colin Perkins, Igor Plotnikov, Jonathan Sergent, Pinaki Shah, David Singer, Lior Sion, Jeff Smith, Alexander Sokolsky, Dale Stammen, John Francis Stracke, Maureen Chesire, David Walker, Geetha Srikantan, Stephan Wenger, Pekka Pessi, Jae-Hwan Kim and Mela Martti. L Normative References [1] M. Handley and V. Jacobson, "SDP: Session Description Protocol." RFC 2327 (Proposed Standard), Apr. 1998. Updated by RFC 3266. [2] H. Schulzrinne and S. Casner, "RTP Profile for Audio and Video Conferences with Minimal Control." RFC 3551 (Standard), July 2003. [3] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1." RFC 2616 (Draft Standard), June 1999. Updated by RFC 2817. [4] D. Crocker and P. Overell, "Augmented BNF for Syntax Specifications: ABNF." RFC 4234 (Draft Standard), Oct. 2005. [5] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels." RFC 2119 (Best Current Practice), Mar. 1997. H. Schulzrinne et. al. [Page 177] Internet Draft RTSP October 24, 2005 [6] T. Berners-Lee, R. Fielding, and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax." RFC 3986 (Standard), Jan. 2005. [7] T. Dierks and C. Allen, "The TLS Protocol Version 1.0." RFC 2246 (Proposed Standard), Jan. 1999. Updated by RFC 3546. [8] J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen, and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication." RFC 2617 (Draft Standard), June 1999. [9] J. Postel, "User Datagram Protocol." RFC 768 (Standard), Aug. 1980. [10] J. Postel, "Transmission Control Protocol." RFC 793 (Standard), Sept. 1981. Updated by RFC 3168. [11] R. Elz, "A Compact Representation of IPv6 Addresses." RFC 1924 (Informational), Apr. 1996. [12] R. Hinden, B. Carpenter, and L. Masinter, "Format for Literal IPv6 Addresses in URL's." RFC 2732 (Proposed Standard), Dec. 1999. Obsoleted by RFC 3986. [13] F. Yergeau, "UTF-8, a transformation format of ISO 10646." RFC 2279 (Draft Standard), Jan. 1998. Obsoleted by RFC 3629. [14] NIST, "Fips pub 180-1:secure hash standard," tech. rep., National Institute of Standards and Technology, Apr. 1995. [15] R. Housley, W. Polk, W. Ford, and D. Solo, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile." RFC 3280 (Proposed Standard), Apr. 2002. [16] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications." RFC 3550 (Standard), July 2003. [17] E. Rescorla, "HTTP Over TLS." RFC 2818 (Informational), May 2000. [18] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, and T. Berners- Lee, "Hypertext Transfer Protocol -- HTTP/1.1." RFC 2068 (Proposed Standard), Jan. 1997. Obsoleted by RFC 2616. [19] T. Narten and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs." RFC 2434 (Best Current Practice), Oct. 1998. Updated by RFC 3692. H. Schulzrinne et. al. [Page 178] Internet Draft RTSP October 24, 2005 [20] e. a. J. Ott, "Extended rtp profile for rtcp-based feedback (rtp/avpf)," internet draft, Internet Engineering Task Force, Aug. 2004. Work in progress. [21] M. Baugher, D. McGrew, M. Naslund, E. Carrara, and K. Norrman, "The Secure Real-time Transport Protocol (SRTP)." RFC 3711 (Proposed Standard), Mar. 2004. [22] S. Olson, G. Camarillo, and A. B. Roach, "Support for IPv6 in Session Description Protocol (SDP)." RFC 3266 (Proposed Standard), June 2002. [23] R. Hinden and S. Deering, "Internet Protocol Version 6 (IPv6) Addressing Architecture." RFC 3513 (Proposed Standard), Apr. 2003. M Informative References [24] H. Schulzrinne, A. Rao, and R. Lanphier, "Real Time Streaming Protocol (RTSP)." RFC 2326 (Proposed Standard), Apr. 1998. [25] T. Z. M. Westerlund, "How to make real-time streaming protocol (rtsp) traverse network address translators (nat) and interact with firewalls.," internet draft, Internet Engineering Task Force, Feb. 2004. Work in progress. [26] F. Yergeau, G. Nicol, G. Adams, and M. Duerst, "Internationalization of the Hypertext Markup Language." RFC 2070 (Historic), Jan. 1997. Obsoleted by RFC 2854. [27] H. Schulzrinne, "A comprehensive multimedia control architecture for the Internet," in Proc. International Workshop on Network and Operating System Support for Digital Audio and Video (NOSSDAV), (St. Louis, Missouri), May 1997. [28] International Telecommunication Union, "Visual telephone systems and equipment for local area networks which provide a non-guaranteed quality of service," Recommendation H.323, Telecommunication Standardization Sector of ITU, Geneva, Switzerland, May 1996. [29] P. McMahon, "GSS-API Authentication Method for SOCKS Version 5." RFC 1961 (Proposed Standard), June 1996. [30] J. Miller, P. Resnick, and D. Singer, "Rating services and rating systems (and their machine readable descriptions)," Recommendation REC-PICS-services-961031, W3C (World Wide Web Consortium), Boston, Massachusetts, Oct. 1996. [31] J. Miller, T. Krauskopf, P. Resnick, and W. Treese, "PICS label H. Schulzrinne et. al. [Page 179] Internet Draft RTSP October 24, 2005 distribution label syntax and communication protocols," Recommendation REC-PICS-labels-961031, W3C (World Wide Web Consortium), Boston, Massachusetts, Oct. 1996. [32] D. Mills, "Network Time Protocol (Version 3) Specification, Implementation and Analysis." RFC 1305 (Draft Standard), Mar. 1992. [33] ISO/IEC, "Information technology -- generic coding of moving pictures and associated audio informaiton -- part 6: extension for digital storage media and control," Draft International Standard ISO 13818-6, International Organization for Standardization ISO/IEC JTC1/SC29/WG11, Geneva, Switzerland, Nov. 1995. [34] ISO/IEC, "Data elements and interchange formats -- information interchange -- representation of dates and times," Published standard ISO 8601, International Organization for Standardization ISO/IEC, Geneva, Switzerland, Dec. 2000. [35] S. Josefsson, "The Base16, Base32, and Base64 Data Encodings." RFC 3548 (Informational), July 2003. [36] Third Generation Partnership Project (3GPP), "Transparent end- to-end packet-switched streaming service (pss); protocols and codecs," Technical Specification 26.234, Third Generation Partnership Project (3GPP), Dec. 2002. [37] D. Yon, "Connection-oriented media transport in sdp," internet draft, Internet Engineering Task Force, Mar. 2003. Work in progress. [38] J. Lazzaro, "Framing rtp and rtcp packets over connection- oriented transport," internet draft, Internet Engineering Task Force, Oct. 2003. Work in progress. [39] G. Camarillo, G. Eriksson, J. Holler, and H. Schulzrinne, "Grouping of Media Lines in the Session Description Protocol (SDP)." RFC 3388 (Proposed Standard), Dec. 2002. [40] R. Braden, "Requirements for Internet Hosts - Application and Support." RFC 1123 (Standard), Oct. 1989. Updated by RFCs 1349, 2181. [41] R. Braden, "T/TCP -- TCP Extensions for Transactions Functional Specification." RFC 1644 (Experimental), July 1994. [42] W. R. Stevens, TCP/IP illustrated: the implementation, vol. 2. Reading, Massachusetts: Addison-Wesley, 1994. H. Schulzrinne et. al. [Page 180] Internet Draft RTSP October 24, 2005 IPR Notice The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Full Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. H. Schulzrinne et. al. [Page 181] Internet Draft RTSP October 24, 2005 Table of Contents 1 Introduction ........................................ 9 1.1 RTSP Specification Update ........................... 9 1.2 Purpose ............................................. 9 1.3 Notational Conventions .............................. 11 1.4 Terminology ......................................... 12 1.5 Protocol Properties ................................. 15 1.6 Extending RTSP ...................................... 16 1.7 Overall Operation ................................... 17 1.8 RTSP States ......................................... 18 1.9 Relationship with Other Protocols ................... 19 2 RTSP Use Cases ...................................... 19 2.1 On-demand Playback of Stored Content ................ 20 2.2 Unicast distribution of Live Content ................ 21 2.3 On-demand Playback using Multicast .................. 21 2.4 Inviting a RTSP server into a conference ............ 22 2.5 Live Content using Multicast ........................ 23 3 Protocol Parameters ................................. 23 3.1 RTSP Version ........................................ 23 3.2 RTSP URI ............................................ 23 3.3 Session Identifiers ................................. 25 3.4 SMPTE Relative Timestamps ........................... 25 3.5 Normal Play Time .................................... 26 3.6 Absolute Time ....................................... 27 3.7 Feature-tags ........................................ 27 3.8 Entity Tags ......................................... 27 4 RTSP Message ........................................ 28 4.1 Message Types ....................................... 28 4.2 Message Headers ..................................... 28 4.3 Message Body ........................................ 28 4.4 Message Length ...................................... 29 5 General Header Fields ............................... 29 6 Request ............................................. 30 6.1 Request Line ........................................ 30 6.2 Request Header Fields ............................... 31 7 Response ............................................ 32 7.1 Status-Line ......................................... 32 7.1.1 Status Code and Reason Phrase ....................... 33 7.1.2 Response Header Fields .............................. 34 8 Entity .............................................. 34 8.1 Entity Header Fields ................................ 34 8.2 Entity Body ......................................... 34 H. Schulzrinne et. al. [Page 3] Internet Draft RTSP October 24, 2005 9 Connections ......................................... 35 9.1 Reliability and Acknowledgements .................... 35 9.2 Using Connections ................................... 38 9.3 Closing Connections ................................. 39 9.4 Timing Out Connections and RTSP Messages ............ 40 9.5 Use of IPv6 ......................................... 40 10 Capability Handling ................................. 41 11 Method Definitions .................................. 42 11.1 OPTIONS ............................................. 43 11.2 DESCRIBE ............................................ 44 11.3 SETUP ............................................... 46 11.3.1 Changing Transport Parameters ....................... 48 11.4 PLAY ................................................ 49 11.5 PAUSE ............................................... 53 11.6 TEARDOWN ............................................ 57 11.7 GET_PARAMETER ....................................... 58 11.8 SET_PARAMETER ....................................... 59 11.9 REDIRECT ............................................ 60 12 Embedded (Interleaved) Binary Data .................. 62 13 Status Code Definitions ............................. 64 13.1 Success 1xx ......................................... 64 13.1.1 100 Continue ........................................ 64 13.2 Success 2xx ......................................... 64 13.3 Redirection 3xx ..................................... 64 13.3.1 300 Multiple Choices ................................ 65 13.3.2 301 Moved Permanently ............................... 65 13.3.3 302 Found ........................................... 65 13.3.4 303 See Other ....................................... 65 13.3.5 304 Not Modified .................................... 66 13.3.6 305 Use Proxy ....................................... 66 13.4 Client Error 4xx .................................... 66 13.4.1 400 Bad Request ..................................... 66 13.4.2 405 Method Not Allowed .............................. 66 13.4.3 451 Parameter Not Understood ........................ 67 13.4.4 452 reserved ........................................ 67 13.4.5 453 Not Enough Bandwidth ............................ 67 13.4.6 454 Session Not Found ............................... 67 13.4.7 455 Method Not Valid in This State .................. 67 13.4.8 456 Header Field Not Valid for Resource ............. 67 13.4.9 457 Invalid Range ................................... 67 13.4.10 458 Parameter Is Read-Only .......................... 67 13.4.11 459 Aggregate Operation Not Allowed ................. 68 13.4.12 460 Only Aggregate Operation Allowed ................ 68 13.4.13 461 Unsupported Transport ........................... 68 13.4.14 462 Destination Unreachable ......................... 68 13.4.15 463 Destination Prohibited .......................... 68 13.4.16 470 Connection Authorization Required ............... 68 13.4.17 471 Connection Credentials not accepted ............. 68 H. Schulzrinne et. al. [Page 4] Internet Draft RTSP October 24, 2005 13.5 Server Error 5xx .................................... 68 13.5.1 551 Option not supported ............................ 68 14 Header Field Definitions ............................ 69 14.1 Accept .............................................. 71 14.2 Accept-Credentials .................................. 71 14.3 Accept-Encoding ..................................... 75 14.4 Accept-Language ..................................... 75 14.5 Accept-Ranges ....................................... 75 14.6 Allow ............................................... 76 14.7 Authorization ....................................... 76 14.8 Bandwidth ........................................... 76 14.9 Blocksize ........................................... 77 14.10 Cache-Control ....................................... 77 14.11 Connection .......................................... 79 14.12 Connection-Credentials .............................. 80 14.13 Content-Base ........................................ 80 14.14 Content-Encoding .................................... 80 14.15 Content-Language .................................... 80 14.16 Content-Length ...................................... 80 14.17 Content-Location .................................... 81 14.18 Content-Type ........................................ 81 14.19 CSeq ................................................ 81 14.20 Date ................................................ 81 14.21 ETag ................................................ 81 14.22 Expires ............................................. 82 14.23 From ................................................ 83 14.24 Host ................................................ 83 14.25 If-Match ............................................ 83 14.26 If-Modified-Since ................................... 83 14.27 If-None-Match ....................................... 84 14.28 Last-Modified ....................................... 84 14.29 Location ............................................ 84 14.30 Proxy-Authenticate .................................. 84 14.31 Proxy-Require ....................................... 84 14.32 Proxy-Supported ..................................... 85 14.33 Public .............................................. 85 14.34 Range ............................................... 86 14.35 Referer ............................................. 88 14.36 Retry-After ......................................... 88 14.37 Require ............................................. 88 14.38 RTP-Info ............................................ 89 14.39 Scale ............................................... 91 14.40 Speed ............................................... 92 14.41 Server .............................................. 92 14.42 Session ............................................. 93 14.43 Supported ........................................... 94 14.44 Timestamp ........................................... 95 14.45 Transport ........................................... 95 H. Schulzrinne et. al. [Page 5] Internet Draft RTSP October 24, 2005 14.46 Unsupported ......................................... 100 14.47 User-Agent .......................................... 100 14.48 Vary ................................................ 100 14.49 Via ................................................. 100 14.50 WWW-Authenticate .................................... 100 15 Proxies ............................................. 100 16 Caching ............................................. 101 17 Examples ............................................ 102 17.1 Media on Demand (Unicast) ........................... 102 17.2 Streaming of a Container file ....................... 105 17.3 Single Stream Container Files ....................... 108 17.4 Live Media Presentation Using Multicast ............. 110 17.5 Capability Negotiation .............................. 111 18 Security Framework .................................. 112 18.1 RTSP and HTTP Authentication ........................ 113 18.2 RTSP over TLS ....................................... 113 18.3 Security and Proxies ................................ 113 18.3.1 Accept-Credentials .................................. 115 18.3.2 User approved TLS procedure ......................... 116 19 Syntax .............................................. 117 19.1 Base Syntax ......................................... 117 19.2 RTSP Protocol Definition ............................ 119 19.2.1 Generic Protocol elements ........................... 119 19.2.2 Message Syntax ...................................... 120 19.2.3 Header Syntax ....................................... 124 19.3 SDP extension Syntax ................................ 130 20 Security Considerations ............................. 130 20.1 Remote denial of Service Attack ..................... 132 21 IANA Considerations ................................. 133 21.1 Feature-tags ........................................ 133 21.1.1 Description ......................................... 133 21.1.2 Registering New Feature-tags with IANA .............. 134 21.1.3 Registered entries .................................. 134 21.2 RTSP Methods ........................................ 134 21.2.1 Description ......................................... 134 21.2.2 Registering New Methods with IANA ................... 134 21.2.3 Registered Entries .................................. 135 21.3 RTSP Status Codes ................................... 135 21.3.1 Description ......................................... 135 21.3.2 Registering New Status Codes with IANA .............. 135 21.3.3 Registered Entries .................................. 135 21.4 RTSP Headers ........................................ 135 21.4.1 Description ......................................... 135 21.4.2 Registering New Headers with IANA ................... 136 21.4.3 Registered entries .................................. 136 21.5 Transport Header registries ......................... 137 21.5.1 Transport Protocols ................................. 137 21.5.2 Profile ............................................. 137 H. Schulzrinne et. al. [Page 6] Internet Draft RTSP October 24, 2005 21.5.3 Lower Transport ..................................... 138 21.5.4 Transport modes ..................................... 138 21.5.5 Transport Parameters ................................ 139 21.6 Cache Directive Extensions .......................... 139 21.7 Accept-Credentials policies ......................... 140 21.8 URI Schemes ......................................... 140 21.9 SDP attributes ...................................... 140 A RTSP Protocol State Machine ......................... 141 A.1 States .............................................. 142 A.2 State variables ..................................... 142 A.3 Abbreviations ....................................... 142 A.4 State Tables ........................................ 143 B Media Transport Alternatives ........................ 146 B.1 RTP ................................................. 146 B.1.1 AVP ................................................. 146 B.1.2 AVP/UDP ............................................. 146 B.1.3 AVP/TCP ............................................. 148 B.1.4 AVPF ................................................ 148 B.1.5 SAVP ................................................ 148 B.1.6 Handling NPT Jumps in the RTP Media Layer ........... 148 B.1.7 Handling RTP Timestamps after PAUSE ................. 151 B.1.8 RTSP / RTP Integration .............................. 153 B.1.9 Scaling with RTP .................................... 153 B.1.10 Maintaining NPT synchronization with RTP timestamps ..................................................... 154 B.1.11 Continuous Audio .................................... 154 B.1.12 Multiple Sources in an RTP Session .................. 154 B.1.13 Usage of SSRCs and the RTCP BYE Message During an RTSP Session ................................................... 154 B.2 Future Additions .................................... 155 C Use of SDP for RTSP Session Descriptions ............ 155 C.1 Definitions ......................................... 155 C.1.1 Control URI ......................................... 155 C.1.2 Media Streams ....................................... 157 C.1.3 Payload Type(s) ..................................... 157 C.1.4 Format-Specific Parameters .......................... 157 C.1.5 Range of Presentation ............................... 158 C.1.6 Time of Availability ................................ 158 C.1.7 Connection Information .............................. 159 C.1.8 Entity Tag .......................................... 159 C.2 Aggregate Control Not Available ..................... 159 C.3 Aggregate Control Available ......................... 160 C.4 RTSP external SDP delivery .......................... 161 D Minimal RTSP implementation ......................... 162 D.1 Minimal Core Implementation ......................... 162 D.2 The Basic Playback Feature Support .................. 162 D.2.1 Client .............................................. 163 D.2.2 Server .............................................. 163 H. Schulzrinne et. al. [Page 7] Internet Draft RTSP October 24, 2005 D.2.3 Proxy ............................................... 163 D.3 Secure Transport .................................... 164 D.4 Old Implementation Text ............................. 164 D.5 Client .............................................. 164 D.5.1 Basic Playback ...................................... 165 D.5.2 Authentication-enabled .............................. 165 D.6 Server .............................................. 165 D.6.1 Basic Playback ...................................... 166 D.6.2 Authentication-enabled .............................. 167 E Requirements for Unreliable Transport of RTSP messages ....................................................... 167 F Backwards Compatibility Considerations .............. 168 F.1 Play Request in Play mode ........................... 169 F.2 Using Persistent Connections ........................ 169 G Open Issues ......................................... 169 H Changes ............................................. 169 H.1 Changes needing to be updated ..................... 175 I Author Addresses .................................... 175 J Contributors ........................................ 176 K Acknowledgements .................................... 177 L Normative References ................................ 177 M Informative References .............................. 179 H. Schulzrinne et. al. [Page 8]