Millicast

sergio.garcia.murillo@cosmosoftware.io

CoSMo Software

alex.gouaillard@cosmosoftware.io

WIT wish This document describes a simple HTTP-based protocol that will allow WebRTC-based ingestion of content into streaming services and/or Content Delivery Networks (CDNs). This document updates RFCs 8840 and 8842.

Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at .

Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents () in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.

Table of Contents

• .  Introduction
• .  Terminology
• .  Overview
• .  Protocol Operation
  • .  HTTP Usage
  • .  Ingest Session Setup
  • .  ICE Support
    • .  HTTP PATCH Request Usage
    • .  Trickle ICE
    • .  ICE Restarts
  • .  WebRTC Constraints
    • .  SDP Bundle
    • .  Single MediaStream
    • .  No Partially Successful Answers
    • .  DTLS Setup Role and SDP "setup" Attribute
    • .  Trickle ICE and ICE Restarts
  • .  Load Balancing and Redirections
  • .  STUN/TURN Server Configuration
    • .  Congestion Control
  • .  Authentication and Authorization
    • .  Bearer Token Authentication
  • .  Simulcast and Scalable Video Coding
  • .  Protocol Extensions
• .  Security Considerations
• .  IANA Considerations
  • .  Link Relation Type: ice-server
  • .  URN Sub-namespace for WHIP (urn:ietf:params:whip)
  • .  WebRTC-HTTP Ingestion Protocol (WHIP) URNs Registry
  • .  WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs Registry
  • .  Registering WHIP URNs and WHIP Extension URNs
    • .  Registration Procedure
    • .  Guidance for the Designated Expert
    • .  Registration Template
• .  References
  • .  Normative References
  • .  Informative References
• Acknowledgements
• Authors' Addresses

Introduction The IETF RTCWEB Working Group standardized the JavaScript Session Establishment Protocol (JSEP) , a mechanism used to control the setup, management, and teardown of a multimedia session. It also describes how to negotiate media flows using the offer/answer model with the Session Description Protocol (SDP) , including the formats for data sent over the wire (e.g., media types, codec parameters, and encryption). WebRTC intentionally does not specify a signaling transport protocol at the application level. Unfortunately, the lack of a standardized signaling mechanism in WebRTC has been an obstacle to its adoption as an ingestion protocol within the broadcast and streaming industry, where a streamlined production pipeline is taken for granted. For example, cables carrying raw media to hardware encoders are plugged in and then the encoded media is pushed to any streaming service or Content Delivery Network (CDN) using an ingestion protocol. While WebRTC can be integrated with standard signaling protocols like SIP or Extensible Messaging and Presence Protocol (XMPP) , they are not designed to be used in broadcasting and streaming services, and there is also no sign of adoption in that industry. The Real-Time Streaming Protocol (RTSP) , which is based on RTP, does not support the SDP offer/answer model for negotiating the characteristics of the media session. This document proposes a simple protocol based on HTTP for supporting WebRTC as a media ingestion method that:

• is easy to implement,
• is as easy to use as popular IP-based broadcast protocols,
• is fully compliant with WebRTC and RTCWEB specs,
• enables ingestion on both classical media platforms and WebRTC end-to-end platforms (achieving the lowest possible latency),
• lowers the requirements on both hardware encoders and broadcasting services to support WebRTC, and
• is usable in both web browsers and standalone encoders.

Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Overview The WebRTC-HTTP Ingestion Protocol (WHIP) is designed to facilitate a one-time exchange of Session Description Protocol (SDP) offers and answers using HTTP POST requests. This exchange is a fundamental step in establishing an Interactive Connectivity Establishment (ICE) and Datagram Transport Layer Security (DTLS) session between the WHIP client, which represents the encoder or media producer, and the media server, which is the broadcasting ingestion endpoint. Upon successful establishment of the ICE/DTLS session, unidirectional media data transmission commences from the WHIP client to the media server. It is important to note that SDP renegotiations are not supported in WHIP. This means that no modifications to the "m=" sections can be made after the initial SDP offer/answer exchange via HTTP POST is completed and that only ICE-related information can be updated via HTTP PATCH requests as defined in . The following diagram illustrates the core operation of WHIP for initiating and terminating an ingest session:

WHIP Session Setup and Teardown +-------------+ +---------------+ +--------------+ +---------------+ | WHIP client | | WHIP endpoint | | Media server | | WHIP session | +--+----------+ +---------+-----+ +------+-------+ +--------|------+ | | | | | | | | |HTTP POST (SDP offer) | | | +------------------------>+ | | |201 Created (SDP answer) | | | +<------------------------+ | | | ICE/STUN REQUEST | | +--------------------------------------->+ | | ICE/STUN RESPONSE | | |<---------------------------------------+ | | DTLS SETUP | | |<======================================>| | | RTP/RTCP FLOW | | +<-------------------------------------->+ | | HTTP DELETE | +---------------------------------------------------------->+ | 200 OK | <-----------------------------------------------------------x

The elements in are described as follows:

WHIP client:

This represents the WebRTC media encoder or producer, which functions as a client of WHIP by encoding and delivering media to a remote media server.

WHIP endpoint:

This denotes the ingest server that receives the initial WHIP request.

WHIP endpoint URL:

This refers to the URL of the WHIP endpoint responsible for creating the WHIP session.

Media server:

This is the WebRTC media server or consumer responsible for establishing the media session with the WHIP client and receiving the media content it produces.

WHIP session:

This indicates the server handling the allocated HTTP resource by the WHIP endpoint for an ongoing ingest session.

WHIP session URL:

This refers to the URL of the WHIP resource allocated by the WHIP endpoint for a specific media session. To modify the session (e.g., ICE operations or session termination), the WHIP client can send requests to the WHIP session using this URL.

illustrates the communication flow between a WHIP client, WHIP endpoint, media server, and WHIP session. This flow outlines the process of setting up and tearing down an ingest session using WHIP, which involves negotiation, ICE for Network Address Translation (NAT) traversal, DTLS and the Secure Real-time Transport Protocol (SRTP) for security, and RTP/RTCP for media transport:

• The WHIP client initiates the communication by sending an HTTP POST with an SDP offer to the WHIP endpoint.
• The WHIP endpoint responds with a "201 Created" message containing an SDP answer.
• The WHIP client and media server establish ICE and DTLS sessions for NAT traversal and secure communication.
• RTP and RTCP flows are established for media transmission from the WHIP client to the media server, secured by the SRTP profile.
• The WHIP client sends an HTTP DELETE to terminate the WHIP session.
• The WHIP session responds with a "200 OK" to confirm the session termination.

Protocol Operation

HTTP Usage Following the guidelines in , WHIP clients MUST NOT match error codes returned by the WHIP endpoints and resources to a specific error cause indicated in this specification. WHIP clients MUST be able to handle all applicable status codes by gracefully falling back to the generic n00 semantics of a given status code on unknown error codes. WHIP endpoints and resources could convey finer-grained error information by a problem details json object in the response message body of the failed request as per . The WHIP endpoints and sessions are origin servers as defined in ; they handle the requests and provide responses for the underlying HTTP resources. Those HTTP resources do not have any representation defined in this specification, so the WHIP endpoints and sessions MUST return a 2xx successful response with no content when a GET request is received.

Ingest Session Setup In order to set up an ingest session, the WHIP client MUST generate an SDP offer according to the JSEP rules for an initial offer as per and send an HTTP POST request as per to the configured WHIP endpoint URL. The HTTP POST request MUST have a content type of "application/sdp" and contain the SDP offer as the body. The WHIP endpoint MUST generate an SDP answer according to the JSEP rules for an initial answer as per and return the following: a "201 Created" response with a content type of "application/sdp", the SDP answer as the body, and a Location header field pointing to the newly created WHIP session. If the HTTP POST to the WHIP endpoint has a content type different than "application/sdp" or the SDP is malformed, the WHIP endpoint MUST reject the HTTP POST request with an appropriate 4xx error response. As WHIP only supports the ingestion use case with unidirectional media, the WHIP client SHOULD use the "sendonly" attribute in the SDP offer but MAY use the "sendrecv" attribute instead; the "inactive" and "recvonly" attributes MUST NOT be used. The WHIP endpoint MUST use the "recvonly" attribute in the SDP answer. is an example of an HTTP POST sent from a WHIP client to a WHIP endpoint and the "201 Created" response from the WHIP endpoint containing the Location header pointing to the newly created WHIP session.

Example of the SDP Offer/Answer Exchange Done via an HTTP POST POST /whip/endpoint HTTP/1.1 Host: whip.example.com Content-Type: application/sdp Content-Length: 1101 v=0 o=- 5228595038118931041 2 IN IP4 127.0.0.1 s=- t=0 0 a=group:BUNDLE 0 1 a=extmap-allow-mixed a=ice-options:trickle ice2 m=audio 9 UDP/TLS/RTP/SAVPF 111 c=IN IP4 0.0.0.0 a=rtcp:9 IN IP4 0.0.0.0 a=ice-ufrag:EsAw a=ice-pwd:bP+XJMM09aR8AiX1jdukzR6Y a=fingerprint:sha-256 DA:7B:57:DC:28:CE:04:4F:31:79:85:C4:31:67:EB: 27:58:29:ED:77:2A:0D:24:AE:ED:AD:30:BC:BD:F1:9C:02 a=setup:actpass a=mid:0 a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid a=sendonly a=msid:d46fb922-d52a-4e9c-aa87-444eadc1521b ce326ecf-a081-453a-8f9f- 0605d5ef4128 a=rtcp-mux a=rtcp-mux-only a=rtpmap:111 opus/48000/2 a=fmtp:111 minptime=10;useinbandfec=1 m=video 0 UDP/TLS/RTP/SAVPF 96 97 a=mid:1 a=bundle-only a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid a=extmap:10 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id a=extmap:11 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id a=sendonly a=msid:d46fb922-d52a-4e9c-aa87-444eadc1521b 3956b460-40f4-4d05-acef- 03abcdd8c6fd a=rtpmap:96 VP8/90000 a=rtcp-fb:96 ccm fir a=rtcp-fb:96 nack a=rtcp-fb:96 nack pli a=rtpmap:97 rtx/90000 a=fmtp:97 apt=96 HTTP/1.1 201 Created ETag: "xyzzy" Content-Type: application/sdp Content-Length: 1053 Location: https://whip.example.com/session/id v=0 o=- 1657793490019 1 IN IP4 127.0.0.1 s=- t=0 0 a=group:BUNDLE 0 1 a=extmap-allow-mixed a=ice-lite a=ice-options:trickle ice2 m=audio 9 UDP/TLS/RTP/SAVPF 111 c=IN IP4 0.0.0.0 a=rtcp:9 IN IP4 0.0.0.0 a=ice-ufrag:38sdf4fdsf54 a=ice-pwd:2e13dde17c1cb009202f627fab90cbec358d766d049c9697 a=fingerprint:sha-256 F7:EB:F3:3E:AC:D2:EA:A7:C1:EC:79:D9:B3:8A:35: DA:70:86:4F:46:D9:2D:CC:D0:BC:81:9F:67:EF:34:2E:BD a=candidate:1 1 UDP 2130706431 198.51.100.1 39132 typ host a=setup:passive a=mid:0 a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid a=recvonly a=rtcp-mux a=rtcp-mux-only a=rtpmap:111 opus/48000/2 a=fmtp:111 minptime=10;useinbandfec=1 m=video 0 UDP/TLS/RTP/SAVPF 96 97 c=IN IP4 0.0.0.0 a=mid:1 a=bundle-only a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid a=extmap:10 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id a=extmap:11 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id a=recvonly a=rtpmap:96 VP8/90000 a=rtcp-fb:96 ccm fir a=rtcp-fb:96 nack a=rtcp-fb:96 nack pli a=rtpmap:97 rtx/90000 a=fmtp:97 apt=96

Once a session is set up, consent freshness as per SHALL be used to detect non-graceful disconnection by full ICE implementations and DTLS teardown for session termination by either side. To explicitly terminate a WHIP session, the WHIP client MUST send an HTTP DELETE request to the WHIP session URL returned in the Location header field of the initial HTTP POST. Upon receiving the HTTP DELETE request, the WHIP session will be removed and the resources freed on the media server, terminating the ICE and DTLS sessions. A media server terminating a session MUST follow the procedures in for immediate revocation of consent. The WHIP endpoints MUST support OPTIONS requests for Cross-Origin Resource Sharing (CORS) as defined in . The "200 OK" response to any OPTIONS request SHOULD include an Accept-Post header with a media type value of "application/sdp" as per .

ICE Support ICE is a protocol that addresses the complexities of NAT traversal commonly encountered in Internet communication. NATs hinder direct communication between devices on different local networks, posing challenges for real-time applications. ICE facilitates seamless connectivity by employing techniques to discover and negotiate efficient communication paths. Trickle ICE optimizes the connectivity process by incrementally sharing potential communication paths, reducing latency, and facilitating quicker establishment. ICE restarts are crucial for maintaining connectivity in dynamic network conditions or disruptions, allowing devices to re-establish communication paths without complete renegotiation. This ensures minimal latency and reliable real-time communication. Trickle ICE and ICE restart support are RECOMMENDED for both WHIP sessions and clients.

HTTP PATCH Request Usage The WHIP client MAY perform Trickle ICE or ICE restarts by sending an HTTP PATCH request as per to the WHIP session URL. This HTTP PATCH request MUST contain a body with an SDP fragment with media type "application/trickle-ice-sdpfrag" as specified in , which carries the relevant ICE information. If the HTTP PATCH request sent to the WHIP session URL has a content type different than "application/trickle-ice-sdpfrag" or the SDP fragment is malformed, the WHIP session MUST reject the HTTP PATCH with an appropriate 4xx error response. If the WHIP session supports either Trickle ICE or ICE restarts, but not both, it MUST return a "422 Unprocessable Content" error response for the HTTP PATCH requests that are not supported as per . The WHIP client MAY send overlapping HTTP PATCH requests to one WHIP session. Consequently, those HTTP PATCH requests may be received out of order by the WHIP session. Thus, if the WHIP session supports ICE restarts, it MUST generate a unique strong entity-tag identifying the ICE session as per . The initial value of the entity-tag identifying the initial ICE session MUST be returned in an ETag header field in the "201 Created" response to the initial POST request to the WHIP endpoint. WHIP clients SHOULD NOT use entity-tag validation when matching a specific ICE session is not required, for example, when initiating a DELETE request to terminate a session. WHIP sessions MUST ignore any entity-tag value sent by the WHIP client when ICE session matching is not required, as in the HTTP DELETE request. Missing or outdated ETags in the PATCH requests from WHIP clients will be answered by WHIP sessions as per and , with a "428 Precondition Required" response for a missing entity-tag and a "412 Precondition Failed" response for a non-matching entity-tag.

Trickle ICE Depending on the Trickle ICE support on the WHIP client, the initial offer by the WHIP client MAY be sent after the full ICE gathering is complete with the full list of ICE candidates, or it MAY only contain local candidates (or even an empty list of candidates) as per . For the purpose of reducing setup times, when using Trickle ICE, the WHIP client SHOULD send the SDP offer (containing either locally gathered ICE candidates or an empty list of candidates) as soon as possible. In order to simplify the protocol, the WHIP session cannot signal additional ICE candidates to the WHIP client after the SDP answer has been sent. The WHIP endpoint SHALL gather all the ICE candidates for the media server before responding to the client request, and the SDP answer SHALL contain the full list of ICE candidates of the media server. As the WHIP client needs to know the WHIP session URL associated with the ICE session in order to send a PATCH request containing new ICE candidates, it MUST wait and buffer any gathered candidates until the "201 Created" HTTP response to the initial POST request is received. In order to reduce the HTTP traffic and processing time required, the WHIP client SHOULD send a single aggregated HTTP PATCH request with all the buffered ICE candidates once the response is received. Additionally, if ICE restarts are supported by the WHIP session, the WHIP client needs to know the entity-tag associated with the ICE session in order to send a PATCH request containing new ICE candidates; thus, it MUST also wait and buffer any gathered candidates until it receives the HTTP response with the new entity-tag value to the last PATCH request performing an ICE restart. WHIP clients generating the HTTP PATCH body with the SDP fragment and its subsequent processing by WHIP sessions MUST follow the guidelines defined in with the following considerations:

• As per , only "m=" sections not marked as bundle-only can gather ICE candidates, so given that the "max-bundle" policy is being used, the SDP fragment will contain only the offerer-tagged "m=" line of the bundle group.
• The WHIP client MAY exclude ICE candidates from the HTTP PATCH body if they have already been confirmed by the WHIP session with a successful HTTP response to a previous HTTP PATCH request.

WHIP sessions and clients that support Trickle ICE MUST make use of entity-tags and conditional requests as explained in . When a WHIP session receives a PATCH request that adds new ICE candidates without performing an ICE restart, it MUST return a "204 No Content" response without a body and MUST NOT include an ETag header in the response. If the WHIP session does not support a candidate transport or is not able to resolve the connection address, it MUST silently discard the candidate and continue processing the rest of the request normally. shows an example of the Trickle ICE procedure where the WHIP client sends a PATCH request with updated ICE candidate information and receives a successful response from the WHIP session.

Example of a Trickle ICE Request and Response PATCH /session/id HTTP/1.1 Host: whip.example.com If-Match: "xyzzy" Content-Type: application/trickle-ice-sdpfrag Content-Length: 576 a=group:BUNDLE 0 1 m=audio 9 UDP/TLS/RTP/SAVPF 111 a=mid:0 a=ice-ufrag:EsAw a=ice-pwd:P2uYro0UCOQ4zxjKXaWCBui1 a=candidate:1387637174 1 udp 2122260223 192.0.2.1 61764 typ host generation 0 ufrag EsAw network-id 1 a=candidate:3471623853 1 udp 2122194687 198.51.100.2 61765 typ host generation 0 ufrag EsAw network-id 2 a=candidate:473322822 1 tcp 1518280447 192.0.2.1 9 typ host tcptype active generation 0 ufrag EsAw network-id 1 a=candidate:2154773085 1 tcp 1518214911 198.51.100.2 9 typ host tcptype active generation 0 ufrag EsAw network-id 2 a=end-of-candidates HTTP/1.1 204 No Content

ICE Restarts As defined in , when an ICE restart occurs, a new SDP offer/answer exchange is triggered. However, as WHIP does not support renegotiation of non-ICE-related SDP information, a WHIP client will not send a new offer when an ICE restart occurs. Instead, the WHIP client and WHIP session will only exchange the relevant ICE information via an HTTP PATCH request as defined in and MUST assume that the previously negotiated non-ICE-related SDP information still applies after the ICE restart. When performing an ICE restart, the WHIP client MUST include the updated "ice-pwd" and "ice-ufrag" in the SDP fragment of the HTTP PATCH request body as well as the new set of gathered ICE candidates as defined in . Similar to what is defined in , as per , only "m=" sections not marked as bundle-only can gather ICE candidates, so given that the "max-bundle" policy is being used, the SDP fragment will contain only the offerer-tagged "m=" line of the bundle group. A WHIP client sending a PATCH request for performing ICE restart MUST contain an If-Match header field with a field-value of "*" as per . states that an agent MUST discard any received requests containing "ice-pwd" and "ice-ufrag" attributes that do not match those of the current ICE Negotiation Session. However, any WHIP session receiving updated "ice-pwd" and "ice-ufrag" attributes MUST consider the request as performing an ICE restart instead and, if supported, SHALL return a "200 OK" with an "application/trickle-ice-sdpfrag" body containing the new ICE username fragment and password and a new set of ICE candidates for the WHIP session. Also, the "200 OK" response for a successful ICE restart MUST contain the new entity-tag corresponding to the new ICE session in an ETag response header field and MAY contain a new set of ICE candidates for the media server. As defined in , the set of candidates after an ICE restart may include some, none, or all of the previous candidates for that data stream and may include a totally new set of candidates. Therefore, after performing a successful ICE restart, both the WHIP client and the WHIP session MUST replace the previous set of remote candidates with the new set exchanged in the HTTP PATCH request and response, discarding any remote ICE candidate not present on the new set. Both the WHIP client and the WHIP session MUST ensure that the HTTP PATCH request and response bodies include the same "ice-options," "ice-pacing," and "ice-lite" attributes as those used in the SDP offer or answer. If the ICE restart request cannot be satisfied by the WHIP session, the resource MUST return an appropriate HTTP error code and MUST NOT terminate the session immediately and keep the existing ICE session. The WHIP client MAY retry performing a new ICE restart or terminate the session by issuing an HTTP DELETE request instead. In any case, the session MUST be terminated if the ICE consent expires as a consequence of the failed ICE restart as per . In case of unstable network conditions, the ICE restart HTTP PATCH requests and responses might be received out of order. In order to mitigate this scenario, when the client performs an ICE restart, it MUST discard any previous ICE username fragment and password and ignore any further HTTP PATCH response received from a pending HTTP PATCH request. WHIP clients MUST apply only the ICE information received in the response to the last sent request. If there is a mismatch between the ICE information at the WHIP client and at the WHIP session (because of an out-of-order request), the Session Traversal Utilities for NAT (STUN) requests will contain invalid ICE information and will be dropped by the receiving side. If this situation is detected by the WHIP client, it MUST send a new ICE restart request to the server. demonstrates a Trickle ICE restart procedure example. The WHIP client sends a PATCH request containing updated ICE information, including a new username fragment and password, along with newly gathered ICE candidates. In response, the WHIP session provides ICE information for the session after the ICE restart, including the updated username fragment and password, as well as the previous ICE candidate.

Example of an ICE Restart Request and Response PATCH /session/id HTTP/1.1 Host: whip.example.com If-Match: "*" Content-Type: application/trickle-ice-sdpfrag Content-Length: 82 a=ice-options:trickle ice2 a=group:BUNDLE 0 1 m=audio 9 UDP/TLS/RTP/SAVPF 111 a=mid:0 a=ice-ufrag:ysXw a=ice-pwd:vw5LmwG4y/e6dPP/zAP9Gp5k a=candidate:1387637174 1 udp 2122260223 192.0.2.1 61764 typ host generation 0 ufrag EsAw network-id 1 a=candidate:3471623853 1 udp 2122194687 198.51.100.2 61765 typ host generation 0 ufrag EsAw network-id 2 a=candidate:473322822 1 tcp 1518280447 192.0.2.1 9 typ host tcptype active generation 0 ufrag EsAw network-id 1 a=candidate:2154773085 1 tcp 1518214911 198.51.100.2 9 typ host tcptype active generation 0 ufrag EsAw network-id 2 HTTP/1.1 200 OK ETag: "abccd" Content-Type: application/trickle-ice-sdpfrag Content-Length: 252 a=ice-lite a=ice-options:trickle ice2 a=group:BUNDLE 0 1 m=audio 9 UDP/TLS/RTP/SAVPF 111 a=mid:0 a=ice-ufrag:289b31b754eaa438 a=ice-pwd:0b66f472495ef0ccac7bda653ab6be49ea13114472a5d10a a=candidate:1 1 udp 2130706431 198.51.100.1 39132 typ host a=end-of-candidates

WebRTC Constraints To simplify the implementation of WHIP in both clients and media servers, WHIP introduces specific restrictions on WebRTC usage. The following subsections will explain these restrictions in detail.

SDP Bundle Both the WHIP client and the WHIP endpoint SHALL support and use the "max-bundle" policy as defined in . The WHIP client and the media server MUST support multiplexed media associated with the BUNDLE group as per . In addition, per , the WHIP client and media server SHALL use RTP/RTCP multiplexing for all bundled media. In order to reduce the network resources required at the media server, both the WHIP client and WHIP endpoints MUST include the "rtcp-mux-only" attribute in each bundled "m=" section as per .

Single MediaStream WHIP only supports a single MediaStream as defined in ; therefore, all "m=" sections MUST contain a "msid" attribute with the same value. The MediaStream MUST contain at least one MediaStreamTrack of any media kind, and it MUST NOT have two or more MediaStreamTracks for the same media (audio or video). However, it would be possible for future revisions of this specification to allow more than a single MediaStream or MediaStreamTrack of each media kind. Therefore, in order to ensure forward compatibility, if the number of audio and/or video MediaStreamTracks or the number of MediaStreams are not supported by the WHIP endpoint, it MUST reject the HTTP POST request with a "422 Unprocessable Content" or "400 Bad Request" error response. The WHIP endpoint MAY also return a problem statement that provides further error details about the failed request, as recommended in .

No Partially Successful Answers The WHIP endpoint SHOULD NOT reject individual "m=" sections, as specified in , if an error occurs when processing the "m=" section; instead, it SHOULD reject the HTTP POST request with a "422 Unprocessable Content" or "400 Bad Request" error response to prevent having partially successful ingest sessions, which can be misleading to end users. The WHIP endpoint MAY also return a problem statement as recommended in proving further error details about the failed request.

DTLS Setup Role and SDP "setup" Attribute When a WHIP client sends an SDP offer, it SHOULD insert an SDP "setup" attribute with an "actpass" attribute value, as defined in . However, if the WHIP client only implements the DTLS client role, it MAY use an SDP "setup" attribute with an "active" attribute value. If the WHIP endpoint does not support an SDP offer with an SDP "setup" attribute with an "active" attribute value, it SHOULD reject the request with a "422 Unprocessable Content" or "400 Bad Request" error response. NOTE: defines that the offerer must insert an SDP "setup" attribute with an "actpass" attribute value. However, the WHIP client will always communicate with a media server that is expected to support the DTLS server role, in which case the client might choose to only implement support for the DTLS client role.

Trickle ICE and ICE Restarts The media server SHOULD support full ICE, unless it is connected to the Internet with an IP address that is accessible by each WHIP client that is authorized to use it, in which case it MAY support only ICE lite. The WHIP client MUST implement and use full ICE. Trickle ICE and ICE restart support is OPTIONAL for both the WHIP clients and media servers as explained in .

Load Balancing and Redirections WHIP endpoints and media servers might not be colocated on the same server, so it is possible to load balance incoming requests to different media servers. WHIP clients SHALL support HTTP redirections as per . In order to avoid POST requests being redirected as GET requests, status codes "301 Moved Permanently" and "302 Found" MUST NOT be used; the preferred method for performing load balancing is via the "307 Temporary Redirect" response status code as described in . Redirections are not required to be supported for the PATCH and DELETE requests. In case of high load, the WHIP endpoints MAY return a "503 Service Unavailable" response indicating that the server is currently unable to handle the request due to a temporary overload or scheduled maintenance as described in , which will likely be alleviated after some delay. The WHIP endpoint might send a Retry-After header field indicating the minimum time that the user agent ought to wait before making a follow-up request as described in .

STUN/TURN Server Configuration The WHIP endpoint MAY return STUN/TURN server configuration URLs and credentials usable by the client in the "201 Created" response to the HTTP POST request to the WHIP endpoint URL. A reference to each STUN/TURN server will be returned using the Link header field with a "rel" attribute value of "ice-server". The Link target URI is the server URI as defined in and . The credentials are encoded in the Link target attributes as follows:

• username: If the Link header field represents a Traversal Using Relays around NAT (TURN) server, then this attribute specifies the username to use with that TURN server.
• credential: This attribute represents a long-term authentication password, as described in .

illustrates the Link headers included in a "201 Created" response, providing the ICE server URLs and associated credentials.

Example of a STUN/TURN Server's Configuration Link: <stun:stun.example.net>; rel="ice-server" Link: <turn:turn.example.net?transport=udp>; rel="ice-server"; username="user"; credential="myPassword" Link: <turn:turn.example.net?transport=tcp>; rel="ice-server"; username="user"; credential="myPassword" Link: <turns:turn.example.net?transport=tcp>; rel="ice-server"; username="user"; credential="myPassword"

NOTE: The naming of both the "rel" attribute value of "ice-server" and the target attributes follows that used in the RTCConfiguration dictionary in Section 4.2.1 of the W3C WebRTC recommendation (see ). The "rel" attribute value of "ice-server" is not prepended with the "urn:ietf:params:whip:" so it can be reused by other specifications, which may use this mechanism to configure the usage of STUN/TURN servers. NOTE: Depending on the ICE agent implementation, the WHIP client may need to call the setConfiguration method before calling the setLocalDescription method with the local SDP offer in order to avoid having to perform an ICE restart for applying the updated STUN/TURN server configuration on the next ICE gathering phase. There are some WebRTC implementations that do not support updating the STUN/TURN server configuration after the local offer has been created as specified in . In order to support these clients, the WHIP endpoint MAY also include the STUN/TURN server configuration in the responses to OPTIONS requests sent to the WHIP endpoint URL before the POST request is sent. However, this method is NOT RECOMMENDED to be used by the WHIP clients, and if it is supported by the underlying WHIP client's WebRTC implementation, the WHIP client SHOULD wait for the information to be returned by the WHIP endpoint in the response of the HTTP POST request instead. The generation of the TURN server credentials may require sending a request to an external provider, which can both add latency to the OPTIONS request processing and increase the processing required to handle that request. In order to prevent this, the WHIP endpoint SHOULD NOT return the STUN/TURN server configuration if the OPTIONS request is a preflight request for CORS as defined in , that is, if the OPTIONS request does not contain an Access-Control-Request-Method with a POST value and the Access-Control-Request-Headers HTTP header does not contain the Link value. The WHIP clients MAY also support configuring the STUN/TURN server URIs with long-term credentials provided by either the broadcasting service or an external TURN provider, overriding the values provided by the WHIP endpoint.

Congestion Control defines the congestion control requirements for interactive real-time media to be used in WebRTC. These requirements are based on the assumption that the data needs to be provided continuously within a very limited time window (a delay of no more than hundreds of milliseconds end-to-end). If the latency target is higher, some of the requirements present in could be relaxed to allow more flexible implementations.

Authentication and Authorization All WHIP endpoints, sessions, and clients MUST support HTTP authentication as per . Additionally, in order to ensure interoperability, bearer token authentication as defined in the next section MUST be supported by all WHIP entities. However, this does not preclude the support of additional HTTP authentication schemes as defined in .

Bearer Token Authentication WHIP endpoints and sessions MAY require the HTTP request to be authenticated using an HTTP Authorization header field with a bearer token as specified in . WHIP clients MUST implement this authentication and authorization mechanism and send the HTTP Authorization header field in all HTTP requests sent to either the WHIP endpoint or session (except the preflight OPTIONS requests for CORS). The nature, syntax, and semantics of the bearer token, as well as how to distribute it to the client, are outside the scope of this document. Examples of tokens that could be used include, but are not limited to, JSON Web Tokens (JWTs) as per and a shared secret stored on a database. The tokens are typically made available to the end user alongside the WHIP endpoint URL and configured on the WHIP clients (similar to the way Real Time Messaging Protocol (RTMP) URLs and Stream Keys are distributed). WHIP endpoints and sessions could perform the authentication and authorization by encoding an authentication token within the URLs for the WHIP endpoints or sessions instead. In case the WHIP client is not configured to use a bearer token, the HTTP Authorization header field MUST NOT be sent in any request.

Simulcast and Scalable Video Coding Simulcast as per MAY be supported by both the media servers and WHIP clients through negotiation in the SDP offer/answer. If the client supports simulcast and wants to enable it for ingesting, it MUST negotiate the support in the SDP offer according to the procedures in . A server accepting a simulcast offer MUST create an answer according to the procedures in . It is possible for both media servers and WHIP clients to support Scalable Video Coding (SVC). However, as there is no universal negotiation mechanism in SDP for SVC, the encoder must consider the negotiated codec(s), intended usage, and SVC support in available decoders when configuring SVC.

Protocol Extensions In order to support future extensions to be defined for WHIP, a common procedure for registering and announcing the new extensions is defined. Protocol extensions supported by the WHIP sessions MUST be advertised to the WHIP client in the "201 Created" response to the initial HTTP POST request sent to the WHIP endpoint. The WHIP endpoint MUST return one Link header field for each extension that it supports, with the extension "rel" attribute value containing the extension URN and the URL for the HTTP resource that will be available for receiving requests related to that extension. Protocol extensions are optional for both WHIP clients and servers. WHIP clients MUST ignore any Link target attribute with an unknown "rel" attribute value, and WHIP sessions MUST NOT require the usage of any extension. Each protocol extension MUST register a unique "rel" attribute value that starts with the prefix "urn:ietf:params:whip:ext" in the "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" registry (). For example, consider a potential extension of server-to-client communication using server-sent events as specified in Section 9.2 of . The URL for connecting to the server-sent event resource for the ingested stream could be returned in the initial HTTP "201 Created" response with a Link header field and a "rel" attribute of "urn:ietf:params:whip:ext:example:server-sent-events" (this document does not specify such an extension and uses it only as an example). In this theoretical case, the "201 Created" response to the HTTP POST request would look like: shows the "201 Created" response to the HTTP POST request in this theoretical case (i.e., the WHIP extension supported by the WHIP session, as indicated in the Link header of the "201 Created" response).

Example of a WHIP Extension HTTP/1.1 201 Created Content-Type: application/sdp Location: https://whip.example.com/session/id Link: <https://whip.example.com/session/id/sse>; rel="urn:ietf:params:whip:ext:example:server-sent-events"

Security Considerations This document specifies a new protocol on top of HTTP and WebRTC; thus, security protocols and considerations from related specifications apply to the WHIP specification. These include:

• WebRTC security considerations: See . HTTPS SHALL be used in order to preserve the WebRTC security model.
• Transport Layer Security (TLS): See and .
• HTTP security: See and .
• URI security: See .

On top of that, WHIP exposes a thin new attack surface specific to the REST API methods used within it:

• HTTP POST flooding and resource exhaustion: It would be possible for an attacker in possession of authentication credentials valid for ingesting a WHIP stream to make multiple HTTP POST requests to the WHIP endpoint. This will force the WHIP endpoint to process the incoming SDP and allocate resources for being able to set up the DTLS/ICE connection. While the malicious client does not need to initiate the DTLS/ICE connection at all, the WHIP session will have to wait for the DTLS/ICE connection timeout in order to release the associated resources. If the connection rate is high enough, this could lead to resource exhaustion on the servers handling the requests, and they will not be able to process legitimate incoming ingests. In order to prevent this scenario, WHIP endpoints SHOULD implement a rate limit and avalanche control mechanism for incoming initial HTTP POST requests.
• Insecure Direct Object References (IDORs) for WHIP session URLs: If the URLs returned by the WHIP endpoint for the location of WHIP sessions are easy to guess, it would be possible for an attacker to send multiple HTTP DELETE requests and terminate all the WHIP sessions currently running. In order to prevent this scenario, WHIP endpoints SHOULD generate URLs with enough randomness, using a cryptographically secure pseudorandom number generator following the best practices in "Randomness Requirements for Security" , and implement a rate limit and avalanche control mechanism for HTTP DELETE requests. The security considerations for Universally Unique IDentifiers (UUIDs) in are applicable for generating the WHIP session URLs.
• HTTP PATCH flooding: Similar to the HTTP POST flooding, a malicious client could also create resource exhaustion by sending multiple HTTP PATCH requests to the WHIP session, although the WHIP sessions can limit the impact by not allocating new ICE candidates and reusing the existing ICE candidates when doing ICE restarts. In order to prevent this scenario, WHIP endpoints SHOULD implement a rate limit and avalanche control mechanism for incoming HTTP PATCH requests.

IANA Considerations Per this specification, IANA has added a new link relation type and a new URN sub-namespace for WHIP. IANA has also created registries to manage entries within the "urn:ietf:params:whip" and "urn:ietf:params:whip:ext" namespaces.

Link Relation Type: ice-server The link relation type below has been registered by IANA in the "Link Relation Types" registry per :

Relation Name:

ice-server

Description:

Conveys the STUN and TURN servers that can be used by an ICE agent to establish a connection with a peer.

Reference:

RFC 9725

URN Sub-namespace for WHIP (urn:ietf:params:whip) IANA has added a new entry in the "IETF URN Sub-namespace for Registered Protocol Parameter Identifiers" registry, following the template in :

Registry name:

whip

Specification:

RFC 9725

Repository:

<https://www.iana.org/assignments/whip>

Index value:

An IANA-assigned positive integer that identifies the registration. The first entry added to this registry uses the value 1, and this value is incremented for each subsequent entry added to the registry.

To manage this sub-namespace, IANA has created two registries within a new registry group called "WebRTC-HTTP Ingestion Protocol (WHIP)":

• "WebRTC-HTTP Ingestion Protocol (WHIP) URNs" registry ()
• "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" registry ()

WebRTC-HTTP Ingestion Protocol (WHIP) URNs Registry The "WebRTC-HTTP Ingestion Protocol (WHIP) URNs" registry is used to manage entries within the "urn:ietf:params:whip" namespace. The registration procedure is "Specification Required" . The registry contains the following fields: URN, Name, Reference, IANA Registry Reference, and Change Controller. This document is listed as the reference. The registry contains a single initial entry:

URN:

urn:ietf:params:whip:ext

Name:

WebRTC-HTTP Ingestion Protocol (WHIP) extension URNs

Reference:

of RFC 9725

IANA Registry Reference:

See "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" on <https://www.iana.org/assignments/whip>

Change Controller:

IETF

WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs Registry The "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" registry is used to manage entries within the "urn:ietf:params:whip:ext" namespace. The registration procedure is "Specification Required" . The registry contains the following fields: URN, Name, Reference, IANA Registry Reference, and Change Controller. This document is listed as the reference. A WHIP extension URN is used as a value in the "rel" attribute of the Link header as defined in for the purpose of signaling the WHIP extensions supported by the WHIP endpoint. WHIP extension URNs have an "ext" type.

Registering WHIP URNs and WHIP Extension URNs This section defines the process for registering new URNs in the "WebRTC-HTTP Ingestion Protocol (WHIP) URNs" registry () and the "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" registry ().

Registration Procedure The IETF has created a mailing list, <wish@ietf.org>, which can be used for public discussion of proposals prior to registration. Use of the mailing list is strongly encouraged. A designated expert (DE) , appointed by the IESG, will monitor the <wish@ietf.org> mailing list and review registrations. Registration of new entries in the WHIP registries defined in this document MUST be documented in a permanent and readily available public specification, in sufficient detail so that interoperability between independent implementations is possible, and reviewed by the DE as per . A Standards Track RFC is REQUIRED for the registration of new value data types that modify existing properties. A Standards Track RFC is also REQUIRED for registration of WHIP extension URNs that modify WHIP extensions previously documented in an existing RFC. The registration procedure begins when a completed registration template, defined in , is sent to <iana@iana.org>. Decisions made by the DE can be appealed to an Applications and Real-Time (ART) Area Director, then to the IESG. The normal appeals procedure described in RFC 2026 is to be followed. Once the registration procedure concludes successfully, IANA will create or modify the corresponding record in the "WebRTC-HTTP Ingestion Protocol (WHIP) URNs Registry" or "WebRTC-HTTP Ingestion Protocol (WHIP) Extension URNs" registry. An RFC specifying one or more new WHIP extension URNs MUST include the completed registration template(s), which MAY be expanded with additional information. These completed template(s) are intended to go in the body of the document, not in the IANA Considerations section. The RFC MUST include the syntax and semantics of any extension-specific attributes that may be provided in a Link header field advertising the extension.

Guidance for the Designated Expert The DE is expected to do the following:

• Ascertain the existence of suitable documentation (a specification) as described in and verify that the document is permanently and publicly available. Specifications should be documented in an Internet-Draft.
• Check the clarity of purpose and use of the requested registration.
• Verify that any request for one of these registrations has been made available for review and comments by posting the request to the <wish@ietf.org> mailing list.
• Ensure that any other request for a code point does not conflict with work that is active or already published by the IETF.

Registration Template A WHIP extension URN is defined by completing the following template:

URN:

A unique URN (e.g., "urn:ietf:params:whip:ext:example:server-sent-events")

Name:

A descriptive name (e.g., "Sender Side events")

Reference:

A formal reference to the publicly available specification

IANA Registry Reference:

The registry related to the new URN

Change Controller:

For Standards Track documents, this is "IETF". Otherwise, this is the name of the person or body that has change control over the specification.

References Normative References WHATWG WHATWG Living Standard Commit snapshot: . In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document defines a mechanism by which two entities can make use of the Session Description Protocol (SDP) to arrive at a common view of a multimedia session between them. In the model, one participant offers the other a description of the desired session from their perspective, and the other participant answers with the desired session from their perspective. This offer/answer model is most useful in unicast sessions where information from both participants is needed for the complete view of the session. The offer/answer model is used by protocols like the Session Initiation Protocol (SIP). [STANDARDS-TRACK] This document describes a new sub-delegation for the 'ietf' URN namespace for registered protocol items. The 'ietf' URN namespace is defined in RFC 2648 as a root for persistent URIs that refer to IETF- defined resources. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. A Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every possible identifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme. [STANDARDS-TRACK] Security systems are built on strong cryptographic algorithms that foil pattern analysis attempts. However, the security of these systems is dependent on generating secret quantities for passwords, cryptographic keys, and similar quantities. The use of pseudo-random processes to generate secret quantities can result in pseudo-security. A sophisticated attacker may find it easier to reproduce the environment that produced the secret quantities and to search the resulting small set of possibilities than to locate the quantities in the whole of the potential number space. Choosing random quantities to foil a resourceful and motivated adversary is surprisingly difficult. This document points out many pitfalls in using poor entropy sources or traditional pseudo-random number generation techniques for generating such quantities. It recommends the use of truly random hardware techniques and shows that the existing hardware on many systems can be used for this purpose. It provides suggestions to ameliorate the problem when a hardware solution is not available, and it gives examples of how large such quantities need to be for some applications. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Several applications extending the Hypertext Transfer Protocol (HTTP) require a feature to do partial resource modification. The existing HTTP PUT method only allows a complete replacement of a document. This proposal adds a new HTTP method, PATCH, to modify an existing HTTP resource. [STANDARDS-TRACK] This document specifies additional HyperText Transfer Protocol (HTTP) status codes for a variety of common situations. [STANDARDS-TRACK] This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. [STANDARDS-TRACK] This document specifies the syntax and semantics of the Uniform Resource Identifier (URI) scheme for the Session Traversal Utilities for NAT (STUN) protocol. This document specifies the syntax of Uniform Resource Identifier (URI) schemes for the Traversal Using Relays around NAT (TURN) protocol. It defines two URI schemes to provision the TURN Resolution Mechanism (RFC 5928). To prevent WebRTC applications, such as browsers, from launching attacks by sending traffic to unwilling victims, periodic consent to send needs to be obtained from remote endpoints. This document describes a consent mechanism using a new Session Traversal Utilities for NAT (STUN) usage. RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. This specification defines a model for the relationships between resources on the Web ("links") and the type of those relationships ("link relation types"). It also defines the serialisation of such links in HTTP headers with the Link header field. This document describes a protocol for Network Address Translator (NAT) traversal for UDP-based communication. This protocol is called Interactive Connectivity Establishment (ICE). ICE makes use of the Session Traversal Utilities for NAT (STUN) protocol and its extension, Traversal Using Relay NAT (TURN). This document obsoletes RFC 5245. This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations. Session Traversal Utilities for NAT (STUN) is a protocol that serves as a tool for other protocols in dealing with NAT traversal. It can be used by an endpoint to determine the IP address and port allocated to it by a NAT. It can also be used to check connectivity between two endpoints and as a keep-alive protocol to maintain NAT bindings. STUN works with many existing NATs and does not require any special behavior from them. STUN is not a NAT traversal solution by itself. Rather, it is a tool to be used in the context of a NAT traversal solution. This document obsoletes RFC 5389. JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security tokens that contain a set of claims that can be signed and/or encrypted. JWTs are being widely used and deployed as a simple security token format in numerous protocols and applications, both in the area of digital identity and in other application areas. This Best Current Practices document updates RFC 7519 to provide actionable guidance leading to secure implementation and deployment of JWTs. WebRTC is a protocol suite for use with real-time applications that can be deployed in browsers -- "real-time communication on the Web". This document defines the WebRTC threat model and analyzes the security threats of WebRTC in that model. This document specifies a Session Description Protocol (SDP) grouping mechanism for RTP media streams that can be used to specify relations between media streams. This mechanism is used to signal the association between the SDP concept of "media description" and the Web Real-Time Communication (WebRTC) concept of MediaStream/MediaStreamTrack using SDP signaling. This document describes "Trickle ICE", an extension to the Interactive Connectivity Establishment (ICE) protocol that enables ICE agents to begin connectivity checks while they are still gathering candidates, by incrementally exchanging candidates over time instead of all at once. This method can considerably accelerate the process of establishing a communication session. This document describes Session Description Protocol (SDP) Offer/Answer procedures for carrying out Interactive Connectivity Establishment (ICE) between the agents. This document obsoletes RFCs 5245 and 6336. The Interactive Connectivity Establishment (ICE) protocol describes a Network Address Translator (NAT) traversal mechanism for UDP-based multimedia sessions established with the Offer/Answer model. The ICE extension for Incremental Provisioning of Candidates (Trickle ICE) defines a mechanism that allows ICE Agents to shorten session establishment delays by making the candidate gathering and connectivity checking phases of ICE non-blocking and by executing them in parallel. This document defines usage semantics for Trickle ICE with the Session Initiation Protocol (SIP). The document also defines a new SIP Info Package to support this usage together with the corresponding media type. Additionally, a new Session Description Protocol (SDP) "end-of-candidates" attribute and a new SIP option tag "trickle-ice" are defined. This document defines the Session Description Protocol (SDP) offer/answer procedures for negotiating and establishing a Datagram Transport Layer Security (DTLS) association. The document also defines the criteria for when a new DTLS association must be established. The document updates RFCs 5763 and 7345 by replacing common SDP offer/answer procedures with a reference to this specification. This document defines a new SDP media-level attribute, "tls-id". This document also defines how the "tls-id" attribute can be used for negotiating and establishing a Transport Layer Security (TLS) connection, in conjunction with the procedures in RFCs 4145 and 8122. In some application scenarios, it may be desirable to send multiple differently encoded versions of the same media source in different RTP streams. This is called simulcast. This document describes how to accomplish simulcast in RTP and how to signal it in the Session Description Protocol (SDP). The described solution uses an RTP/RTCP identification method to identify RTP streams belonging to the same media source and makes an extension to SDP to indicate that those RTP streams are different simulcast formats of that media source. The SDP extension consists of a new media-level SDP attribute that expresses capability to send and/or receive simulcast RTP streams. This document defines a new Session Description Protocol (SDP) media-level attribute, 'rtcp-mux-only', that can be used by an endpoint to indicate exclusive support of RTP and RTP Control Protocol (RTCP) multiplexing. The document also updates RFC 5761 by clarifying that an offerer can use a mechanism to indicate that it is not able to send and receive RTCP on separate ports. The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes. This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230. The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document specifies the HTTP/1.1 message syntax, message parsing, connection management, and related security concerns. This document obsoletes portions of RFC 7230. This specification defines a new Session Description Protocol (SDP) Grouping Framework extension called 'BUNDLE'. The extension can be used with the SDP offer/answer mechanism to negotiate the usage of a single transport (5-tuple) for sending and receiving media described by multiple SDP media descriptions ("m=" sections). Such transport is referred to as a "BUNDLE transport", and the media is referred to as "bundled media". The "m=" sections that use the BUNDLE transport form a BUNDLE group. This specification defines a new RTP Control Protocol (RTCP) Source Description (SDES) item and a new RTP header extension. This specification updates RFCs 3264, 5888, and 7941. This specification obsoletes RFC 8843. This document specifies version 1.3 of the Datagram Transport Layer Security (DTLS) protocol. DTLS 1.3 allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. The DTLS 1.3 protocol is based on the Transport Layer Security (TLS) 1.3 protocol and provides equivalent security guarantees with the exception of order protection / non-replayability. Datagram semantics of the underlying transport are preserved by the DTLS protocol. This document obsoletes RFC 6347. This document describes the mechanisms for allowing a JavaScript application to control the signaling plane of a multimedia session via the interface specified in the W3C RTCPeerConnection API and discusses how this relates to existing signaling protocols. This specification obsoletes RFC 8829. This specification defines UUIDs (Universally Unique IDentifiers) -- also known as GUIDs (Globally Unique IDentifiers) -- and a Uniform Resource Name namespace for UUIDs. A UUID is 128 bits long and is intended to guarantee uniqueness across space and time. UUIDs were originally used in the Apollo Network Computing System (NCS), later in the Open Software Foundation's (OSF's) Distributed Computing Environment (DCE), and then in Microsoft Windows platforms. This specification is derived from the OSF DCE specification with the kind permission of the OSF (now known as "The Open Group"). Information from earlier versions of the OSF DCE specification have been incorporated into this document. This document obsoletes RFC 4122. W3C Recommendation Latest version available at: . Informative References Applications often use HTTP as a substrate to create HTTP-based APIs. This document specifies best practices for writing specifications that use HTTP to define new application protocols. It is written primarily to guide IETF efforts to define application protocols using HTTP for deployment on the Internet but might be applicable in other situations. This document obsoletes RFC 3205. This memo documents the process used by the Internet community for the standardization of protocols and procedures. It defines the stages in the standardization process, the requirements for moving a document between stages and the types of documents used during this process. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Advancing a protocol to Draft Standard requires documentation of the interoperation and implementation of the protocol. Historic reports have varied widely in form and level of content and there is little guidance available to new report preparers. This document updates the existing processes and provides more detail on what is appropriate in an interoperability and implementation report. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document updates the Internet Engineering Task Force (IETF) Standards Process defined in RFC 2026. Primarily, it reduces the Standards Process from three Standards Track maturity levels to two. This memo documents an Internet Best Current Practice. This document updates RFC 2026 to no longer use STD 1 as a summary of "Internet Official Protocol Standards". It obsoletes RFC 5000 and requests the IESG to move RFC 5000 (and therefore STD 1) to Historic status. RFC 2026 describes the review performed by the Internet Engineering Steering Group (IESG) on IETF Proposed Standard RFCs and characterizes the maturity level of those documents. This document updates RFC 2026 by providing a current and more accurate characterization of Proposed Standards. This document removes a limit on the number of Area Directors who manage an Area in the definition of "IETF Area". This document updates RFC 2026 (BCP 9) and RFC 2418 (BCP 25). This document requires that the IETF never publish any IETF Stream RFCs without IETF rough consensus. This updates RFC 2026. In RFC 9280, responsibility for the RFC Series moved to the RFC Series Working Group and the RFC Series Approval Board. It is no longer the responsibility of the RFC Editor, and the role of the IAB in the RFC Series is altered. Accordingly, in Section 2.1 of RFC 2026, the sentence "RFC publication is the direct responsibility of the RFC Editor, under the general direction of the IAB" is deleted. WHATWG WHATWG Living Standard Commit snapshot: . This document describes Session Initiation Protocol (SIP), an application-layer control (signaling) protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telephone calls, multimedia distribution, and multimedia conferences. [STANDARDS-TRACK] The Extensible Messaging and Presence Protocol (XMPP) is an application profile of the Extensible Markup Language (XML) that enables the near-real-time exchange of structured yet extensible data between any two or more network entities. This document defines XMPP's core protocol methods: setup and teardown of XML streams, channel encryption, authentication, error handling, and communication primitives for messaging, network availability ("presence"), and request-response interactions. This document obsoletes RFC 3920. [STANDARDS-TRACK] This memorandum defines the Real-Time Streaming Protocol (RTSP) version 2.0, which obsoletes RTSP version 1.0 defined in RFC 2326. RTSP is an application-layer protocol for the setup and control of the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of real-time data, such as audio and video. Sources of data can include both live data feeds and stored clips. This protocol is intended to control multiple data delivery sessions; provide a means for choosing delivery channels such as UDP, multicast UDP, and TCP; and provide a means for choosing delivery mechanisms based upon RTP (RFC 3550). Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA). To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry. This is the third edition of this document; it obsoletes RFC 5226. Congestion control is needed for all data transported across the Internet, in order to promote fair usage and prevent congestion collapse. The requirements for interactive, point-to-point real-time multimedia, which needs low-delay, semi-reliable data delivery, are different from the requirements for bulk transfer like FTP or bursty transfers like web pages. Due to an increasing amount of RTP-based real-time media traffic on the Internet (e.g., with the introduction of the Web Real-Time Communication (WebRTC)), it is especially important to ensure that this kind of traffic is congestion controlled. This document describes a set of requirements that can be used to evaluate other congestion control mechanisms in order to figure out their fitness for this purpose, and in particular to provide a set of possible requirements for a real-time media congestion avoidance technique. This document defines a "problem detail" to carry machine-readable details of errors in HTTP response content to avoid the need to define new error response formats for HTTP APIs. This document obsoletes RFC 7807. W3C Recommendation Latest version available at: .

Acknowledgements The authors wish to thank , , , , , , , , , , and everyone else in the WebRTC community that have provided comments, feedback, text, and improvement proposals on the document and contributed early implementations of the spec.

Authors' Addresses Millicast

sergio.garcia.murillo@cosmosoftware.io

CoSMo Software

alex.gouaillard@cosmosoftware.io