Application Layer Protocol Negotiation (ALPN) labels for Session Traversal Utilities for NAT (STUN) and its Usages

STUN can be securely transported using TLS-over-TCP (referred to as TLS ), as specified in , or TLS-over-UDP (referred to as DTLS ), as specified in . ALPN enables an endpoint to positively identify an application protocol in TLS/DTLS and distinguish it from other TLS/DTLS protocols. With ALPN, the client sends the list of supported application protocols as part of the TLS/DTLS ClientHello message. The server chooses a protocol and sends the selected protocol as part of the TLS/DTLS ServerHello message. Application protocol negotiation can thus be accomplished within the TLS/DTLS handshake, without adding network round-trips. A STUN protocol identifier and its associated usages, such as TURN , can be used to identify the purpose of a flow without initiating a session. This capability is useful and adds efficiency, as shown in the following scenarios. Consider an Enterprise network that deploys a TURN server in a DeMilitarized Zone (DMZ) to audit all media sessions from inside the Enterprise premises to any external peer. In this deployment, an Enterprise firewall could use the TURN ALPN identifier to detect the use of a TURN server that is outside the Enterprise domain (i.e., a TURN server provided by an application server, access network, etc). If a firewall is configured to block all outgoing traffic except for TCP traffic to specific ports (e.g., 443 for HTTPS), a TURN server listening on its default ports (3478 for TCP/UDP, 5349 for TLS) would not be reachable. However, despite the restrictions imposed by the firewall, a TURN server can still be reached on the allowed HTTPS port if the TURN ALPN identifier is used to establish usage of TURN as part of the TLS handshake. This document defines entries in the "Application Layer Protocol Negotiation (ALPN) Protocol IDs" registry established by to identify the STUN protocol and its usages.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

The document proposes the following ALPN labels to identify the STUN protocol and its associated usages. Label to identify the specific use of STUN over (D)TLS for TURN . Label to identify the specific use of STUN over (D)TLS for NAT discovery. This label is used as a fallback for STUN usages that do not have a corresponding ALPN label. This document does not explicitly assign ALPN labels for other usages of STUN, such as NAT Behavior Discovery using STUN (). All such usages that do not have a dedicated label are implicitly identified by the generic "stun" ALPN label.

The following entries are to be added to the "Application Layer Protocol Negotiation (ALPN) Protocol IDs" registry established by . The "stun" label identifies STUN over (D)TLS: Protocol: Session Traversal Utilities for NAT (STUN) Identification Sequence: 0x73 0x74 0x75 0x6E ("stun") Specification: This document (RFCXXXX) The "stun.turn" label identifies TURN usage over (D)TLS: Protocol: Traversal Using Relays around NAT (TURN) Identification Sequence: 0x73 0x74 0x75 0x6E 0x2E 0x74 0x75 0x72 0x6E ("stun.turn") Specification: This document (RFCXXXX) The "stun.nat-discovery" label identifies usage of STUN for the purposes of NAT/behavior discovery over (D)TLS: Protocol: NAT discovery using Session Traversal Utilities for NAT (STUN) Identification Sequence: 0x73 0x74 0x75 0x6E 0x2E 0x6e 0x61 0x74 0x2d 0x64 0x69 0x73 0x63 0x6f 0x76 0x65 0x72 0x79 ("stun.nat-discovery") Specification: This document (RFCXXXX)

The ALPN STUN protocol identifier does not introduce any specific security considerations beyond those detailed in the TLS ALPN Extension specification . It also does not impact security of TLS/DTLS session establishment nor application data exchange.

This work benefited from the discussions and invaluable input by the various members of the TRAM working group. These include Simon Perrault, Paul Kyzivat, Brandon Williams and Andrew Hutton. Special thanks to Martin Thomson and Oleg Moskalenko for their constructive comments, suggestions, and early reviews that were critical to the formulation and refinement of this document.