P2PSIP C. Jennings Internet-Draft Cisco Intended status: Standards Track B. Lowekamp Expires: May 21, 2008 SIPeerior; William & Mary E. Rescorla Network Resonance J. Rosenberg Cisco November 18, 2007 REsource LOcation And Discovery (RELOAD) draft-bryan-p2psip-reload-02 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on May 21, 2008. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document defines REsource LOcation And Discovery (RELOAD), a peer-to-peer (P2P) binary signaling protocol for usage on the Internet. A P2P signaling protocol provides its clients with an Jennings, et al. Expires May 21, 2008 [Page 1] Internet-Draft RELOAD November 2007 abstract hash table service between a set of cooperating peers that form the overlay network. RELOAD is designed to support a P2P Session Initiation Protocol (P2PSIP) network, but it can be utilized by other applications with similar requirements by defining new usages that specify the data types that must be stored for a particular application, such as location for SIP. RELOAD defines a security model based on a certificate enrollment service that provides unique identities. NAT traversal is a fundamental service of the protocol. This draft represents a concrete proposal for the P2PSIP Peer Protocol. The protocol described here builds on the lessons and experiences from designing and implementing the dSIP, ASP, and RELOAD protocols and is a merge of features from RELOAD-01 and ASP. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Architecture . . . . . . . . . . . . . . . . . . . . . . . 6 1.1.1. Usage Layer . . . . . . . . . . . . . . . . . . . . . 7 1.1.2. Overlay Routing and Storage Layer . . . . . . . . . . 8 1.1.3. Forwarding Layer . . . . . . . . . . . . . . . . . . . 9 1.2. Security . . . . . . . . . . . . . . . . . . . . . . . . . 9 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 9 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.1. Distributed Storage Layer . . . . . . . . . . . . . . . . 11 3.1.1. DHT Concepts . . . . . . . . . . . . . . . . . . . . . 11 3.1.2. DHT Topology . . . . . . . . . . . . . . . . . . . . . 12 3.1.3. Routing . . . . . . . . . . . . . . . . . . . . . . . 12 3.1.4. Storing and Retrieving Typed Data . . . . . . . . . . 14 3.1.5. Joining, Leaving, and Maintenance . . . . . . . . . . 15 3.2. Forwarding Layer . . . . . . . . . . . . . . . . . . . . . 15 3.2.1. Forming Direct Connections . . . . . . . . . . . . . . 16 3.2.2. Via Lists . . . . . . . . . . . . . . . . . . . . . . 16 3.2.3. Clients . . . . . . . . . . . . . . . . . . . . . . . 17 3.3. Transport Layer . . . . . . . . . . . . . . . . . . . . . 18 3.4. Enrollment . . . . . . . . . . . . . . . . . . . . . . . . 18 3.4.1. Certificate Issuance . . . . . . . . . . . . . . . . . 19 3.4.2. Bootstrap . . . . . . . . . . . . . . . . . . . . . . 19 3.5. Security . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.5.1. Certificate-Based Security . . . . . . . . . . . . . . 20 3.5.2. Shared-Key Security . . . . . . . . . . . . . . . . . 21 3.6. Migration . . . . . . . . . . . . . . . . . . . . . . . . 22 3.7. Usages Layer . . . . . . . . . . . . . . . . . . . . . . . 22 3.7.1. SIP Usage . . . . . . . . . . . . . . . . . . . . . . 23 3.7.2. Certificate Store Usage . . . . . . . . . . . . . . . 25 3.7.3. TURN Usage . . . . . . . . . . . . . . . . . . . . . . 25 Jennings, et al. Expires May 21, 2008 [Page 2] Internet-Draft RELOAD November 2007 3.7.4. Other Usages . . . . . . . . . . . . . . . . . . . . . 25 4. Base Protocol . . . . . . . . . . . . . . . . . . . . . . . . 26 4.1. Forwarding Header . . . . . . . . . . . . . . . . . . . . 26 4.1.1. Changes to Forwarding Header . . . . . . . . . . . . . 29 4.1.2. Message Routing . . . . . . . . . . . . . . . . . . . 30 4.1.3. Fragmentation and Reassembly . . . . . . . . . . . . . 32 4.1.4. Route Logging . . . . . . . . . . . . . . . . . . . . 32 4.2. Message Contents Format . . . . . . . . . . . . . . . . . 34 4.2.1. Common Header . . . . . . . . . . . . . . . . . . . . 35 4.2.2. Payload . . . . . . . . . . . . . . . . . . . . . . . 35 4.2.3. Signature . . . . . . . . . . . . . . . . . . . . . . 35 4.3. Response Codes and Response Errors . . . . . . . . . . . . 37 4.4. Timeout and Retransmission . . . . . . . . . . . . . . . . 39 5. Method Definitions . . . . . . . . . . . . . . . . . . . . . . 39 5.1. Connection Management . . . . . . . . . . . . . . . . . . 39 5.1.1. PING . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.1.2. CONNECT . . . . . . . . . . . . . . . . . . . . . . . 41 5.1.3. TUNNEL . . . . . . . . . . . . . . . . . . . . . . . . 44 5.2. Data Storage and Retrieval . . . . . . . . . . . . . . . . 46 5.2.1. STORE . . . . . . . . . . . . . . . . . . . . . . . . 46 5.2.2. FETCH . . . . . . . . . . . . . . . . . . . . . . . . 53 5.2.3. REMOVE . . . . . . . . . . . . . . . . . . . . . . . . 57 5.2.4. FIND . . . . . . . . . . . . . . . . . . . . . . . . . 58 5.3. DHT Maintenance . . . . . . . . . . . . . . . . . . . . . 60 5.3.1. JOIN . . . . . . . . . . . . . . . . . . . . . . . . . 60 5.3.2. LEAVE . . . . . . . . . . . . . . . . . . . . . . . . 61 5.3.3. UPDATE . . . . . . . . . . . . . . . . . . . . . . . . 61 6. ICE and Connection Formation . . . . . . . . . . . . . . . . . 61 6.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 62 6.2. Collecting STUN Servers . . . . . . . . . . . . . . . . . 63 6.3. Gathering Candidates . . . . . . . . . . . . . . . . . . . 64 6.4. Encoding the CONNECT Message . . . . . . . . . . . . . . . 64 6.5. Verifying ICE Support . . . . . . . . . . . . . . . . . . 65 6.6. Role Determination . . . . . . . . . . . . . . . . . . . . 65 6.7. Connectivity Checks . . . . . . . . . . . . . . . . . . . 66 6.8. Concluding ICE . . . . . . . . . . . . . . . . . . . . . . 66 6.9. Subsequent Offers and Answers . . . . . . . . . . . . . . 66 6.10. Media Keepalives . . . . . . . . . . . . . . . . . . . . . 66 6.11. Sending Media . . . . . . . . . . . . . . . . . . . . . . 66 6.12. Receiving Media . . . . . . . . . . . . . . . . . . . . . 67 7. Chord Algorithm . . . . . . . . . . . . . . . . . . . . . . . 67 7.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 67 7.2. Routing . . . . . . . . . . . . . . . . . . . . . . . . . 67 7.3. Redundancy . . . . . . . . . . . . . . . . . . . . . . . . 68 7.4. Joining . . . . . . . . . . . . . . . . . . . . . . . . . 68 7.5. UPDATEs . . . . . . . . . . . . . . . . . . . . . . . . . 69 7.5.1. Sending UPDATEs . . . . . . . . . . . . . . . . . . . 70 7.5.2. Receiving UPDATEs . . . . . . . . . . . . . . . . . . 70 Jennings, et al. Expires May 21, 2008 [Page 3] Internet-Draft RELOAD November 2007 7.5.3. Stabilization . . . . . . . . . . . . . . . . . . . . 71 7.6. Leaving . . . . . . . . . . . . . . . . . . . . . . . . . 72 8. Enrollment and Bootstrap . . . . . . . . . . . . . . . . . . . 72 8.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 72 8.2. Overlay Configuration . . . . . . . . . . . . . . . . . . 72 8.3. Credentials . . . . . . . . . . . . . . . . . . . . . . . 74 8.4. Locating a Peer . . . . . . . . . . . . . . . . . . . . . 74 9. Usages . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 9.1. Generic Usage Requirements . . . . . . . . . . . . . . . . 75 9.2. SIP Usage . . . . . . . . . . . . . . . . . . . . . . . . 76 9.2.1. SIP-REGISTRATION type . . . . . . . . . . . . . . . . 76 9.2.2. GRUUs . . . . . . . . . . . . . . . . . . . . . . . . 78 9.2.3. SIP Connect . . . . . . . . . . . . . . . . . . . . . 78 9.2.4. SIP Tunnel . . . . . . . . . . . . . . . . . . . . . . 78 9.3. TURN Usage . . . . . . . . . . . . . . . . . . . . . . . . 79 9.4. Certificate Store Usages . . . . . . . . . . . . . . . . . 82 10. Security Considerations . . . . . . . . . . . . . . . . . . . 83 10.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 83 10.2. Attacks on P2P Overlays . . . . . . . . . . . . . . . . . 84 10.3. Certificate-based Security . . . . . . . . . . . . . . . . 84 10.4. Shared-Secret Security . . . . . . . . . . . . . . . . . . 85 10.5. Storage Security . . . . . . . . . . . . . . . . . . . . . 86 10.5.1. Authorization . . . . . . . . . . . . . . . . . . . . 86 10.5.2. Distributed Quota . . . . . . . . . . . . . . . . . . 87 10.5.3. Correctness . . . . . . . . . . . . . . . . . . . . . 87 10.5.4. Residual Attacks . . . . . . . . . . . . . . . . . . . 87 10.6. Routing Security . . . . . . . . . . . . . . . . . . . . . 88 10.6.1. Background . . . . . . . . . . . . . . . . . . . . . . 88 10.6.2. Admissions Control . . . . . . . . . . . . . . . . . . 89 10.6.3. Peer Identification and Authentication . . . . . . . . 89 10.6.4. Protecting the Signaling . . . . . . . . . . . . . . . 90 10.6.5. Residual Attacks . . . . . . . . . . . . . . . . . . . 90 10.7. SIP-Specific Issues . . . . . . . . . . . . . . . . . . . 90 10.7.1. Fork Explosion . . . . . . . . . . . . . . . . . . . . 91 10.7.2. Malicious Retargeting . . . . . . . . . . . . . . . . 91 10.7.3. Privacy Issues . . . . . . . . . . . . . . . . . . . . 91 11. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 91 13. Appendix: Operation with SIP clients outside the DHT domain . 91 14. Appendix: Notes on DHT Algorithm Selection . . . . . . . . . . 91 15. References . . . . . . . . . . . . . . . . . . . . . . . . . . 92 15.1. Normative References . . . . . . . . . . . . . . . . . . . 92 15.2. Informative References . . . . . . . . . . . . . . . . . . 93 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 94 Intellectual Property and Copyright Statements . . . . . . . . . . 96 Jennings, et al. Expires May 21, 2008 [Page 4] Internet-Draft RELOAD November 2007 1. Introduction This document defines REsource LOcation And Discovery (RELOAD), a peer-to-peer (P2P) signaling protocol for usage on the Internet. It provides a Distributed Hash Table (DHT) service, which allows participating nodes to read and write entries into a hash table that is stored collectively among the participants. RELOAD is a lightweight, binary protocol. It provides several functions that are critical for a successful P2P protocol for the Internet. These are: Security Framework: Security is one of the most challenging problems in a P2P protocol. A P2P network will often be established among a set of peers none of which trust each other. Yet, despite this lack of trust, the network must operate reliably to allow storage and retrieval of data. RELOAD defines an abstract enrollment server, which all entities trust to generate unique identifiers for each user. Using that small amount of trust as an anchor, RELOAD defines a security framework that allows for authorization of P2P protocol functions and authentication of data stored in the overlay. Usage Model: RELOAD is designed to support a variety of applications, including P2P multimedia communications with the Session Initiation Protocol [I-D.ietf-p2psip-concepts]. Consequently, RELOAD has the notion of a usage, one of which is defined to support each application (this document also defines the SIP usage for multimedia communications). Each usage identifies a set of data types that need to be stored and retrieved from the DHT (the SIP usage defines data types for registrations, certificates, and Traversal Using Relay NAT (TURN) [I-D.ietf-behave-turn] servers). Each type defines a data structure, authorization policies, size quota, and information required for storage and retrieval in the DHT. The usage concept allows RELOAD to be used with new applications through a simple documentation process that supplies the details for each application. NAT Traversal: Operations for NAT traversal are part of the base design, including establishing new RELOAD connections and tunneling SIP or other application protocols required by P2PSIP. RELOAD makes use of Interactive Connectivity Establishment (ICE) [I-D.ietf-mmusic-ice] to facilitate the creation of the P2P network and the establishment of links for use by the application protocol (SIP and RTP, for example). RELOAD also defines how peers in the P2P network act as STUN and TURN servers and how those resources can be discovered through the DHT. With these features, RELOAD can run in modes in which all the peers are behind NATs, yet are able to fully participate without imposing any constraints on the actual DHT algorithm or routing topology. Jennings, et al. Expires May 21, 2008 [Page 5] Internet-Draft RELOAD November 2007 High Performance Routing: The very nature of DHT algorithms introduces a requirement that peers participating in the P2P network route requests on behalf of other peers in the network. This introduces a load on those other peers, in the form of bandwidth and processing power. RELOAD has been defined to reduce the amount of bandwidth and processing required of peers. It does so by using a very lightweight binary protocol, and furthermore, by defining a packet structure that facilitates low-complexity forwarding, including hardware-based forwarding. In particular, a fixed-length header is used for routing the message through the overlay without the contents needing to be parsed by (or even visible to) intermediate peers. The header includes no information about specific IP addresses because none are needed to route along an overlay. The header only includes lists of peers which the message should be routed through/too, as well as some minor options and version flags. Clearly separating the header components necessary for routing from the message contents simplifies processing and increases security. Transport Flexibility: RELOAD has native support for both DTLS and TLS for the underlying transport protocol, with support for DTLS over UDP as mandatory to implement. TLS over TCP is preferred because it has better bulk performance and connection stability, but UDP is more likely to provide direct connections between peers in the presence of NATs. Explicit support for fragmentation is provided and required when using UDP. Because there is no single universally available and suitable transport protocol, the peer protocol must be flexible in this regard. New transports can be supported trivially. Pluggable DHT Algorithms: RELOAD has been designed with an abstract interface to the DHT layer to simplify implementing a variety of DHT algorithms. This specification also defines how RELOAD is used with Chord, which is mandatory to implement. Specifying a default "must implement" DHT will allow interoperability, while the extensibility allows selection of DHTs optimized for a particular application. These properties were designed specifically to meet the requirements for a P2P protocol to support SIP. However, RELOAD is not limited to usage by SIP and could serve as a tool for supporting other P2P applications with similar needs. RELOAD is also based on the concepts introduced in [I-D.ietf-p2psip-concepts]. 1.1. Architecture Architecturally this specification splits into several layers, as shown in the following figure. Jennings, et al. Expires May 21, 2008 [Page 6] Internet-Draft RELOAD November 2007 Application -------------------------------------- Usage-defined API +-------+ +-------+ Usage | SIP | | XMPP | ... Layer | Usage | | Usage | +-------+ +-------+ -------------------------------------- Distributed Storage API Overlay Overlay +-------------+ Routing & Routing & +----+ | +-----+ | Storage Replication | DB | | |Chord| ... | Topology Layer Logic +----+ | | | | Plugins | +-----+ | +-------------+ -------------------------------------- +------+ +-----+ Forwarding Forwarding & | STUN | | ICE | Layer Encoding Logic +------+ +-----+ -------------------------------------- Common Packet Encoding Transport +-------+ +------+ Layer |TLS | |DTLS | +-------+ +------+ The three layers defined by RELOAD include: Usage Layer: Provides an application-specific interface that maps an application's requirements onto the generic services of the DHT. Overlay Routing & Storage Layer: Implements the DHT. Chooses what links to establish to form the DHT's overlay network, manages the storage and migration of data for this peer and on behalf of other peers, and performs searches for requested data across the DHT. Forwarding Layer: Provides services analogous to the Link Layer in the IP model. Also handles setting up connections across NATs using ICE. 1.1.1. Usage Layer The top layer, called the Usage Layer, has application usages, such as the SIP Location Usage, that use the abstract distributed storage API to store and retrieve data from the DHT. The goal of this layer is to implement application-specific usages of the Overlay Routing and Storage Layer below it. The Usage defines how a specific application maps its data into something that can be stored in the DHT, where to store the data, how to secure the data, and finally how applications can retrieve and use the data. The architecture diagram shows both a SIP usage and an XMPP usage. A single application may require multiple usages. A usage may define Jennings, et al. Expires May 21, 2008 [Page 7] Internet-Draft RELOAD November 2007 multiple types of data that are stored in the overlay and may also rely on types originally defined by other usages. A usage is not itself encoded on the wire --- only the types are --- but is rather a specification of the functionality that is required for a given application. One usage may depend on another. For example, the SIP usage depends on a Certificate Store usage (not shown in the diagram) to obtain the certificates required to authenticate messages. Because certificates are stored in standard X.509 form, there is no reason for each usage to specify this service independently. 1.1.2. Overlay Routing and Storage Layer The Overlay Routing and Storage Layer stores and retrieves information, performs maintenance of the DHT as peers join and leave the DHT, and routes messages on the overlay. The DHT implementation is provided by a pluggable component so that each overlay can select an appropriate DHT that relies on the common RELOAD core code. The Overlay Routing and Replication Logic provides a fairly generic interface that allows the DHT implementation to control the overlay and resource operations and messages. Since each DHT is defined and functions differently, we generically refer to the table of other peers that the DHT maintains and uses to route requests (neighbors) as a Routing Table. The Logic component makes queries to the DHT's Routing Table to determine the next hop, then encodes and sends the message itself. Similarly, the DHT issues periodic update requests through the logic component to maintain and update its Routing Table. The DHT shown in the illustration is Chord, but a variety of DHT algorithms are possible through a pluggable interface. A single node could be functioning in multiple overlays simultaneously, each using its own DHT algorithm. Each peer is identified by and its location in the overlay determined by its Peer-ID that is assigned by the enrollment server when the user or peer first enrolls in the overlay. The Peer-ID also determines the range of Resource-IDs for which it will be responsible. The exact mapping between these is determined by the DHT algorithm used by the overlay, therefore the logic component always queries the DHT to determine where a particular resource should be stored. As peers enter and leave, resources may be stored on different peers, so the information related to them is exchanged as peers enter and leave. Redundancy is used to protect against loss of information in the event of a peer failure and to protect against compromised or subversive peers. The Logic component notifies the DHT as neighbors join and leave, and the DHT updates its Routing Table and issues Jennings, et al. Expires May 21, 2008 [Page 8] Internet-Draft RELOAD November 2007 resource migration requests as appropriate. 1.1.3. Forwarding Layer This layer is responsible for getting a packet to the next peer, as determined by the Routing and Storage Layer. The Forwarding Layer establishes and maintains the network connections required by the DHT's Routing Table. This layer is also responsible for setting up connections to other peers through NATs and firewalls using ICE, and it can elect to forward traffic using relays for NAT and firewall traversal. 1.2. Security RELOAD's security framework is built upon an enrollment server. The enrollment server issues each new peer a certificate that assigns it a Peer-ID. By generating the Peer-IDs randomly and controlling what peers are issued certificates, the enrollment server protects against many of the attacks on the overlay network. Similarly, all users are issued certificates for their identities by the enrollment server. All resources stored on the overlay must be signed by their creator, thus ensuring that an attacker cannot forge data belonging to another user. The enrollment process is a one-time-only procedure. The peer or user do not have to communicate further with it once they have obtained their certificates. TLS or DTLS are used for communication between peers. In combination with the certificates, this provides both confidentiality and authentication for communication across the overlay. Applications such as P2PSIP can also make use of the users' certificates to achieve secure end-to-end connections at the application layer. In addition to the enrollment server model, RELOAD offers a security model using a pre-shared-key. Although this provides significantly less security than is provided through an enrollment server, it allows ad hoc or ephemeral overlays to be set up with minimal effort on the part of the users. 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. We use the terminology and definitions from the Concepts and Terminology for Peer to Peer SIP [I-D.ietf-p2psip-concepts] draft extensively in this document. Other terms used in this document are Jennings, et al. Expires May 21, 2008 [Page 9] Internet-Draft RELOAD November 2007 defined inline when used and are also defined below for reference. The following important terms from the Concepts document are defined below for reference. DHT: A distributed hash table. A DHT is an abstract hash table service realized by storing the contents of the hash table across a set of peers. DHT Algorithm: An algorithm that defines the rules for determining which peers in a DHT store a particular piece of data and for determining a topology of interconnections amongst peers in order to find a piece of data. Examples of DHT algorithms are Chord, Bamboo and Tapestry. DHT Instance: A specific hash table and the collection of peers that are collaborating to provide read and write access to it. There can be any number of DHT instances running in an IP network at a time, and each operates in isolation of the others. P2P Network: Another name for a DHT instance. P2P Network Name: A string that identifies a unique P2P network. P2P network names look like DNS names - for example, "example.org". Lookup of such a name in DNS would typically return services associated with the DHT, such as enrollment servers, bootstrap peers, or gateways (for example, a SIP gateway between a traditional SIP and a P2P SIP network called "example.com"). Resource-ID: A non-human-friendly value that identifies some resources and which is used as a key for storing and retrieving the resource. One way to generate a Resource-ID is by applying a mapping function to some other unique name (e.g., User Name or Service Name) for the resource. The Resource-ID is used by the distributed database algorithm to determine the peer or peers that are responsible for storing the data for the overlay. Peer: A host that is participating in the DHT. By virtue of its participation it can store data and is responsible for some portion of the overlay. Peer-ID: A Resource-ID that uniquely identifies a peer. Peer-IDs 0 and 2^N - 1 are reserved and are invalid peer-IDs. A value of zero is not used in the wire protocol but can be used to indicate an invalid peer in implementations and APIs. The peer-id of 2^N-1 is used on the wire protocol as a wildcard. Resource: An object associated with an identifier. The identifier for the object is a string that can be mapped into a Resource-ID by using the string as a seed to the hash function. A SIP resource, for example, is identified by its AOR. Jennings, et al. Expires May 21, 2008 [Page 10] Internet-Draft RELOAD November 2007 User: A human being. We also introduce the following important new terms. Connection Table: The set of peers to which a peer is directly connected. This includes peers with which CONNECT handshakes have been done but which have not sent any UPDATEs. Routing Table: The set of peers which a peer can use to route DHT messages. In general, these peers will all be on the connection table but not vice versa, because some peers will have CONNECTed but not sent updates. Peers may send messages directly to peers which are on the connection table but may only route messages to other peers through peers which are on the routing table. Seed: A seed is a string used as an input to a hash function, the result of which is a Resource-ID. Usage: A usage is an application that wishes to use the DHT for some purpose. Each application wishing to use the DHT defines a set of data types that it wishes to use. The SIP usage defines the location, certificate, STUN server and TURN server data types. 3. Overview 3.1. Distributed Storage Layer Each logical address in the DHT where data can be stored is referred to as a Resource-ID. A given peer will be responsible for storing data from many Resource-ID locations. Typically literature on DHTs uses the term "key" to refer to a location in the DHT; however, in this specification the term key is used to refer to public or private keys used for cryptographic operations and the term Resource-ID is used to refer to a location for storage in the DHT. 3.1.1. DHT Concepts While very early P2P systems used flood based techniques, most newer P2P systems locate resources using a Distributed Hash Table, or DHT to improve efficiency. Peers are organized using a Distributed Hash Table (DHT) structure. In such a system, every resource has a Resource-ID, which is obtained by hashing some keyword or value that uniquely identifies the resource. Resources can be thought of as being stored in a hash table at the entry corresponding to their Resource-ID. The peers that make up the overlay network are also assigned an ID, called a Peer-ID, in the same hash space as the Resource-IDs. A peer is responsible for storing all resources that have Resource-IDs near the peer's Peer-ID. The hash space is divided up so that all of the hash space is always the responsibility of some particular peer, although as peers enter and leave the system a particular peer's area may change. Messages are exchanged between Jennings, et al. Expires May 21, 2008 [Page 11] Internet-Draft RELOAD November 2007 the peers in the DHT as the peers enter and leave to preserve the structure of the DHT and exchange stored entries. Various DHT implementations may visualize the hash space as a grid, circle, or line. Peers keep information about the location of other peers in the hash space and typically know about many peers nearby in the hash space, and progressively fewer more distant peers. We refer to this table of other peers as a Routing Table. When a peer wishes to search, it consults the list of peers it is aware of and contacts the peer with the Peer-ID nearest the desired Resource-ID. If that peer does not know how to find the resource, it either returns information about a closer peer it knows about, or forwards the request to a closer peer. In this fashion, the request eventually reaches the peer responsible for the resource, which then replies to the requester. 3.1.2. DHT Topology Each DHT will have a somewhat different structure, but many of the concepts are common. The DHT defines a large space of Resource-IDs, which can be thought of as addresses. In many DHTs, the Resource-IDs are simply 128- or 160-bit integers. Each DHT also has a distance metric such that we can say that Resource-ID A is closer to Resource-ID B than to Resource-ID C. When the Resource-IDs are n-bit integers, they are often considered to be arranged in a ring so that (2^n)-1 and (0) are consecutive and distance is simply distance around the ring. Each peer in the DHT is assigned a Peer-ID and is "responsible" for the nearby space of Resource-IDs. So, for instance, if we have a peer P, then it could also be responsible for storing data associated with Resource-ID P+epsilon as long as no other peer P was closer. The DHT Resource-ID space is divided so that some peer is responsible for each Resource-ID. 3.1.3. Routing The way routing works in a DHT is specified by the specific DHT algorithm but the basic concepts are common to most systems. Each peer maintains connections to some other set of peers N. There need not be anything special about the peers in N, except that the peer has a direct connection to them: it can reach them without going through any other peer. When it wishes to deliver a message to some peer P, it selects some member of N, N_i that is closer to P than itself (as a degenerate case, P may be in N). The peer sends message to message to N_i. At this point two things can happen: Jennings, et al. Expires May 21, 2008 [Page 12] Internet-Draft RELOAD November 2007 Recursive Routing N_i repeats the same process as P, sending the message to one of its peers N_j. This same process repeats until the message is delivered to N. Iterative Routing N_i consults its table of direct connections and selects a new peer N_j which is closer to N. It responds to the original sending peer with a redirect to N_j. The original peer then sends the message to N_j, where the process repeats until the sending peer is redirected to N. The advantage of iterative routing is that it consumes less resources for the intermediate peers; they only have to send redirect messages rather than forwarding requests and responses. The advantage of recursive routing is that it does not require the sending or receiving peer to have a rich set of connections to other nodes in the overlay. Thus, iterative routing is problematic in NATed networks because there is no way to guarantee that a peer will be able to form a connection to whatever peer it is redirected to. [[TODO: The details of which routing strategy are to be used and how they are selected are kind of unclear. This needs WG discussion.]] In most DHTs, the peers in N are selected in a particular way. One common strategy is to have them arranged exponentially further away from yourself so that any message can be routed in a O(log(N)) steps. The details of the routing structure depend on the DHT algorithm, however, since it defines the distance metric and the structure of the connection table. In RELOAD, messages may either be REQUESTS or RESPONSES to REQUESTS. Requests are routed as described above. In principle, responses could be routed the same way. This is called "Asymmetric" routing because requests and responses will generally follow different paths through the network. Asymmetric routing makes diagnosis of errors difficult because you need to be able to acquire debugging information at multiple locations. In the alternative strategy, called "Symmetric" routing, as requests travel through the network they accumulate a history of the peers they passed through and responses are routed in the opposite direction so that they follow the same path in reverse. RELOAD supports both flavors of routing. Symmetric routing is easier to debug. Symmetric routing is also required when the overlay topology is changing. For example, when a new peer is joining the overlay, asymmetric routing cannot work because the response would not be able to reach the new peer until it has completed the joining process. Symmetric routing solves this situation because the response is routed from the admitting peer through the bootstrap peer, thus relying on a path that is already known and established. In order to implement symmetric routing, Jennings, et al. Expires May 21, 2008 [Page 13] Internet-Draft RELOAD November 2007 RELOAD provides the Via List (Section 3.2.2) feature. Asymmetric routing, however, requires no state to be stored in the message (as a Via List) or in on-path peers. [[TODO: again, this is a topic that needs WG discussion. It seems like there are situations where symmetric is very desirable (e.g., startup). It's less clear that asymmetric will have a performance/ state difference that will be significant.]] 3.1.4. Storing and Retrieving Typed Data The Data Storage Layer provides operations to STORE, FETCH, and REMOVE data. Each location in the DHT is referenced by a single integer Resource-ID. However, each location may contain data elements of multiple types. Furthermore, there may be multiple values of each type, as shown below. +--------------------------------+ | Resource-ID | | | | +------------+ +------------+ | | | Type 1 | | Type 2 | | | | | | | | | | +--------+ | | +--------+ | | | | | Value | | | | Value | | | | | +--------+ | | +--------+ | | | | | | | | | | +--------+ | | +--------+ | | | | | Value | | | | Value | | | | | +--------+ | | +--------+ | | | | | +------------+ | | | +--------+ | | | | | Value | | | | | +--------+ | | | +------------+ | +--------------------------------+ Each type-id is a code point assigned by IANA. Note that a type-id may be employed by multiple usages and new usages are encouraged to use previously defined types where possible. As part of the type definition, protocol designers may define constraints, such as limits on size, on the values which may be stored. For many types, the set may be restricted to a single item; some sets may be allowed to contain multiple identical items while others may only have unique items. Some typical types of sets that a type definition would use include: Jennings, et al. Expires May 21, 2008 [Page 14] Internet-Draft RELOAD November 2007 single value: There can be at most one item in the set and any value overwrites the previous item. array: Many values can be stored and addressed by index. dictionary: The values stored are indexed by a key. Often this key is one of the values from the certificate of the peer sending the STORE request. 3.1.5. Joining, Leaving, and Maintenance When a new peer wishes to join the DHT, it must have a peer-id that it is allowed to use. It uses one of the peer-ids in the certificate it received from the enrollment server. The main steps in joining the DHT are: o Forming connections to some other peers. o Acquiring the data values this peer is responsible for storing. o Informing the other peers which were previously responsible for that data that this peer has taken over responsibility. First, the peer ("JP," for Joining Peer) uses the bootstrap procedures to find some (any) peer in the DHT. It then typically contacts the peer which would have formerly been responsible for the peer's Resource-ID (since that is where in the DHT the peer will be joining), the Admitting Peer (AP). It copies the other peer's state, including the data values it is now responsible for and the identities of the peers with which the other peer has direct connections. The details of this operation depend mostly on the DHT involved, but a typical case would be: 1. JP sends a JOIN request to AP announcing its intention to join. 2. AP sends an OK response. 3. AP does a sequence of STOREs to JP to give it the data it will need. 4. AP does UPDATEs to JP and to other peers to tell it about its own routing table. At this point, both JP and AP consider JP responsible for some section of the DHT. 5. JP makes its own connections to the appropriate peers in the DHT. After this process is completed, JP is a full member of the DHT and can process STORE/FETCH requests. 3.2. Forwarding Layer The forwarding layer is responsible for looking at message and doing one of three things: Jennings, et al. Expires May 21, 2008 [Page 15] Internet-Draft RELOAD November 2007 o Deciding the message was destined for this peer and passing the message up to the layer above this. o Looking at the peer-id that represents the next peer to send the message too and if there is an existing connection, sending the message over the connection. o Requesting the DHT Routing logic to tell the forwarding layer which peer the message needs to be forwarded to, and then sending the message. 3.2.1. Forming Direct Connections As described in Section 3.1.3, a peer maintains a set of direct connections to other peers in the DHT. Consider the case of a peer JP just joining the DHT. It communicates with the admitting peer AP and gets the list of the peers in AP's routing table. Naively, it could simply connect to the IP address listed for each peer, but this works poorly if some of those peers are behind a NAT or firewall. Instead, we use the CONNECT request to establish a connection. Say that peer A wishes to form a direct connection to peer B. It gathers ICE candidates and packages them up in a CONNECT request which it sends to B through usual DHT routing procedures. B does its own candidate gathering and sends back an OK response with its candidates. A and B then do ICE connectivity checks on the candidate pairs. The result is a connection between A and B. At this point, A and B can add each other to their routing tables and send messages directly between themselves without going through other DHT peers. In general, a peer needs to maintain connections to all of the peers near it in the DHT and to enough other peers to have efficient routing (the details depend on the specific DHT). If a peer cannot form a connection to some other peer, this isn't necessarily a disaster; DHTs can route correctly even with not fully connected links. However, a peer should try to maintain the specified link set and if it detects that it has fewer direct connections, should form more as required. 3.2.2. Via Lists In a general messaging system, messages need a source and a destination and peers need to be able to send a response to the peer that sent the request. This can be particularly tricky in overlay networks when a new peer is joining, or the overlay network is stabilizing and different peers have different ideas on what the overlay topology is. A simple and reliable way to make sure that a response can reach the node that sent the request in these situations is to have the response traverse the reverse path of the request. Jennings, et al. Expires May 21, 2008 [Page 16] Internet-Draft RELOAD November 2007 The approach used to do this is to have each node the request traverses add its peer-id to the "via list" in the request. Then the response is routed by looking at the list and using it as list of peers that the response will be routed thorough. To support this, each message has a route list of nodes it needs to be routed through as well as a via list of what nodes it has traversed. When a peer receives a message from the Transport Layer, it adds the peer-id of the node it received the message from to the end of the via list. When a peer goes to transmit a message to the Transport Layer, it looks at the first entry on the route list. If the entry is this peer, it removes this entry from the list and looks at the next entry and if the entry is not this peer, it sends the message to the first peer on the route list. When a peer goes to send a response to a request, it can simply copy the via list in reverse to form the route list for the response if it wishes to route the response along the reverse path as the request. [Discussion is need about if all responses are routed this way or not] Peers that are willing to maintain state may do list compression for privacy reason and to reduce the message size. They do this by taking some number of entries off the via list and replacing them with a unique entry that this peer can later identify. Later, if the peer sees the unique entry in a route list, it removes the unique entry and replaces it with the all the entries removed from the original via list (and reverses the order of these entries). Note that this technique will generally require storing some per-message state on the intermediate peer, so this is a bandwidth/per-peer state tradeoff. The exception is if the list is not compressed but rather the peer-ids are simply encrypted. The via list approach provides several features. First it allows a response to follow the same path as the request. This is particularly important for peers that are sending requests while they are joining and before other peers can route to them as well as situations where message are being exchanged to stabilize the overlay network. It also makes it easier to diagnose and manage the system when all peers see the response to any request they forward. 3.2.3. Clients RELOAD also allows for the possibility of Client nodes. A client is a node which connects to an admitting peer (or peers) like an ordinary peer but never sends a JOIN or an UPDATE. It is therefore in the AP's connection table but not routing table and never is used to store any DHT data. However, because it is reachable through the Jennings, et al. Expires May 21, 2008 [Page 17] Internet-Draft RELOAD November 2007 AP, it can still send and receive messages. The client MUST still have the usual credentials. Because the client may only have a connection to a single AP, which, due to topology shifts may no longer be the responsible peer, clients SHOULD use symmetric routing and should advertise route lists that contain both the AP to which they are connected and themselves. E.g., if the client has peer-id X and the AP has peer-id Y, the client should advertise the route list (Y, X). This guarantees reachability. Note that clients MAY also contact APs which are not in fact responsible for the client's peer-id. 3.3. Transport Layer This layer sends and receives messages over TLS and DTLS. For TLS it simply pushes the messages into the stream. For DTLS it takes care of fragmentation issues. The reason for including TLS is the improved performance it can offer for bulk transport of data. The reason for including DTLS is that the percentage of the time that two devices behind NATs can form a direct connection without a relay is much higher for DTLS than for TLS. 3.4. Enrollment Before a new user can join the DHT for the first time, they must enroll in the P2P Network for the DHT they want to join. Enrollment will typically be done by contacting a centralized enrollment server. Other approaches (for instance static out of band configuration) are possible but are outside the scope of this specification. During enrollment a new node learns about a particular overlay, sets up a names and credentials, and discovers the bootstrap nodes. This would typically be done when a new peer joined an overlay for the very first time. Bootstrap is the process that happens each time a node boots and is how the peer finds an node that can be used to join the overlay. Before a node can join an overlay, it needs to be provided with a name for the overlay. Some examples are "example.com", "example", and "example.local". An DNS SRV lookup is done on this name for the service name p2p_enroll and a proto of tcp. If the TLD for the name is .local, then this DNS SRV lookup is done using [I-D.cheshire-dnsext-multicastdns] and the service name p2p_menroll. The intention here is to support ad hoc/local overlays. The resulting DNS lookup will provide the address of a enrollment server. Once this server is found, HTTPS is used to retrieve a XML file that contains the parameters for the overlay. These include things such Jennings, et al. Expires May 21, 2008 [Page 18] Internet-Draft RELOAD November 2007 as: what algorithms the overlay uses, overlay parameters, what usages are a peer on this overlay is required to support, the type of credentials required, addresses of credentials servers, the root certificate for the DHT, information about the DHT algorithm that is being used, a P2P-Network-Id that uniquely identifies this ring, and any other parameters it may need to connect to the DHT. The DHT also informs the peers what Usages it is required to support to be a peer on this P2P Network. An initial list of bootstrap nodes that consist of multiple bootstrap entries that each have the IP address and port for contacting a bootstrap server. Some of the address may be multicast addresses. In the case of multicast DNS, every peer may also act as an enrollment server. If shared-key security (Section 3.5.2) is being used, then the peer can proceed directly to bootstrap. If certificate-based security (Section 3.5.1 is being used, the peer MUST contact the credential server to obtain a certificate. 3.4.1. Certificate Issuance Once the peer has the XML file that identifies if credentials are needed, it can contact the credential server. The user establishes his identity to the server's satisfaction and provides the server with its public key. The centralized server then returns a certificate binding the user's user name to their public key. The properties of the certificate are discussed more in Section 3.5. The amount of authentication performed here can vary radically depending on the DHT network being joined. Some networks may do no verification at all and some may require extensive identity verification. The only invariant that the enrollment server needs to ensure is that no two users may have the same identity. 3.4.2. Bootstrap The above steps are only done the first time a peer joins a new overlay or when the overlay parameters are close to expiring and need to be refreshed. The next step is the bootstrap step which is done every time the peer boots. Bootstrapping consists of looking at the list of cached nodes and bootstraps nodes and sending a RELOAD PING to them to see if they respond. Once a node responds, it can be used to join the overlay. After a node has joined, it keeps track of a small number of peers to which it could directly connect. Theses are saved as the cached nodes and used next time the peer boots. The point of the cached nodes is to reduce the load on the bootstrap nodes. Jennings, et al. Expires May 21, 2008 [Page 19] Internet-Draft RELOAD November 2007 3.5. Security 3.5.1. Certificate-Based Security The certificate-based security model revolves around the enrollment process allocating a unique name to the user and issuing a certificate [RFC3280] for a public/private key pair for the user. All peers in a particular DHT can verify these certificates. A given peer acts on behalf of a user, and that user is somewhat responsible for its operation. The certificate serves two purposes: o It entitles the user to store data at specific locations in the DHT. o It entitles the user to operate a peer that has a peer-id found in the certificate. When the peer is acting as a DTLS or TLS server, it can use this certificate so that a client connecting to it knows it is connected to the correct server. When a user enrolls, or enrolls a new device, the user is given a certificate. This certificate contains information that identifies the user and the device they are using. If a user has more than one device, typically they would get one certificate for each device. This allows each device to act as a separate peer. The contents of the certificate include: o A public key provided by the user. o Zero, one, or more user names that the DHT is allowing this user to use. For example, "alice@example.org". Typically a certificate will have one name. In the SIP usage, this name corresponds to the AOR. o Zero, one, or more peer-ids. Typically there will be one peer-id. Each device will use a different peer-id, even if two devices belong to the same user. Peer-IDs should be chosen randomly by the enrollment server. o A serial number that is unique to this certificate across all the certificates issued for this DHT. o An expiration time for the certificate. Note that because peer-IDs are chosen randomly, they will be randomly distributed with respect to the user name. This has the result that any given peer is highly unlikely to be responsible for storing data corresponding to its own user, which promotes high availability. Jennings, et al. Expires May 21, 2008 [Page 20] Internet-Draft RELOAD November 2007 3.5.1.1. Storage Permissions When a peer uses a STORE request to place data at a particular location X, it must sign with the private key that corresponds to a certificate that is suitable for storing at location X. Each data type in a usage defines the exact rules for determining what certificate is appropriate. However, the most natural rule is that a certificate for a user name or peer-id X is a permission to store data at the same resource id that would be found by an attempt to look up X. The digital signature over the data serves two purposes. First, it allows the peer responsible for storing the data to verify that this STORE is authorized. Second, it provides integrity for the data. The signature is saved along with the data value (or values) so that any reader can verify the integrity of the data. Of course, the responsible peer can "lose" the value but it cannot undetectably modify it. 3.5.1.2. Peer Permissions The second purpose of a certificate is to allow the device to act as a peer with the specified peer-ID. When a peer wishes to connect to peer X, it forms a TLS/DTLS connection to the peer and then performs TLS mutual authentication and verifies that the presented certificate contains peer-ID X. Note that because the formation of a connection between two nodes generally requires traversing other nodes in the DHT, as specified in Section 3.2.1, those nodes can interfere with connection initiation. However, if they attempt to impersonate the target peer they will be unable to complete the TLS mutual authentication: therefore such attacks can be detected. 3.5.1.3. Expiry and Renewal At some point before the certificate expires, the user will need to get a new certificate from the enrollment server. 3.5.2. Shared-Key Security RELOAD also defines a shared-key security model which can be used in closed networks where the peers are not mutually suspicious. In this model, the peers all share a single key which is used to authenticate the peer-to-peer DTLS connections via TLS-PSK. If shared-key security mode is in use, a TLS-PSK cipher suite MUST be used. This is useful for admission control, but is completely unsafe in any setting where peers are not mutually trusted, since it allows any Jennings, et al. Expires May 21, 2008 [Page 21] Internet-Draft RELOAD November 2007 peer to impersonate any other peer. 3.6. Migration At some point in time, a given P2P Network may want to migrate from one underlying DHT algorithm to another or update to a later extension of the protocol. This can also be used for crypto agility issues. The migration approach is done by basically having peers initializing algorithm A. When the clients go to periodically renew their credentials, they find out that the P2P Network now requires them to use algorithm A but also to store all the data with algorithm B. At this point there are effectively two DHT rings in use, rings A and B. All data is written to both but queries only go to A. At some point when the clients periodically renew their credentials, they learn that the P2P Network has moved to storing to both A and B but that FETCH requests are done with P2P Network B and that any SEND should first be attempted on P2P Network B and if that fails, retried on P2P Network A. In the final stage when clients renew credentials, they find out that P2P Network A is no longer required and only P2P Network B is in use. Some types of usages and environments may be able to migrate very quickly and do all of these steps in under a week, depending on how quickly software that supports both A and B is deployed and how often credentials are renewed. On the other hand, some very ad-hoc environments involving software from many different providers may take years to migrate. 3.7. Usages Layer By itself, the distributed storage layer just provides infrastructure on which applications are built. In order to do anything useful, a usage must be defined. Each Usage needs to specify several things: o Register code points for any type that the Usage defines. o Define the data structure for each of the types. o Define access control rules for each type. o Provide a size limit for each type. o Define how the seed is formed that is hashed to form the Resource-ID where each type is stored. o Describe how values will be merged after a network partition. Unless otherwise specified, the default merging rule is to act as if all the values that need to be merged were stored and that the order they were stored in corresponds to the storing times associated with (and carried in) their values. The types defined by a usage may also be applied to other usages. However, a need for different parameters, such as different size limits, would imply the need to create a new type. Jennings, et al. Expires May 21, 2008 [Page 22] Internet-Draft RELOAD November 2007 3.7.1. SIP Usage From the perspective of P2PSIP, the most important usage is the SIP Usage. The basic function of the SIP usage is to allow Alice to start with a SIP URI (e.g., "bob@dht.example.com") and end up with a connection which Bob's SIP UA can use to pass SIP messages back and forth to Alice's SIP UA. This is done using three key operations that are provided by the SIP Usage. They are: o Mapping SIP URIs that are not GRUUs to other SIP URIs or to the DHT peer responsible for the SIP UA. o Mapping SIP GRUUs to the DHT peer responsible for the SIP UA. o Forming a connection directly to a DHT peer that is used to send SIP messages to the SIP UA. All SIP URIs for a given overlay MUST be constructed so that they terminate in the domain name of the overlay. For instance, if the overlay name is "example.com", then all AORs must be of the form {sip,sips}:username@example.com. Accordingly, to dereference a URI, a P2PSIP implementation MUST check to see if the domain matches an overlay which it is a member of. If so, it uses the following procedures. Otherwise, it MUST follow [RFC3263] procedures. Note that unless the P2PSIP overlay provides some kind of SIP gateway, this is likely to be only partially successful, since, for instance, the callee may not be able to call back. 3.7.1.1. SIP Location A peer acting as a SIP UA stores their registration information in the DHT by storing either another URI (for retargeting) or a route lists to reach them at a Resource-ID in the DHT formed from the user's SIP AOR. When another peer wishes to find a peer that is registered for a SIP URI, the lookup of the user's name is done by taking the user's SIP Address or Record (AOR) and using it as the seed that is hashed to get a Resource-ID. When the seed is dereferenced, the result is a set of values. Each value is either another SIP URI or a route list. If the value is a SIP URI, the calling peer looks up that URI and continues the process until he gets a route list. If the value is a route list, then it is used to reach a peer that represents a SIP UA registered for that AOR. Typically this route list will have just one entry but in the case of peers or clients that can not be directly reached, a route list with more than one entry may need to be used. Jennings, et al. Expires May 21, 2008 [Page 23] Internet-Draft RELOAD November 2007 The seed for this usage is a user's SIP AOR, such as "sip:alice@example.com". This allows the set to store many values but only one for each peer. The authorization policy is that STORE requests are only allowed if the user name in the signing certificate, when turned into a SIP URL and hashed, matches the Resource-ID. This policy ensures that only a user with the certificate with the user name "alice@example.com" can write to the Resource-ID that will be used to look up calls to "sip:alice@example.com". Open Issue: Should the seed be "sip:alice@example.com", "alice@example.com", or a string that includes the code point defined for the type? The issue here is determining whether different usages that store data at a seed that is primarily formed from "alice@example.com" should hash to the same Resource-ID as the SIP Usage. For example, if a buddy list had a seed that was roughly the same, would we want the buddy list information to end up on the same peers that stored the SIP location data or on different peers? 3.7.1.2. SIP GRUUs GRUUs that refer to peers in the P2P network are constructed by simply forming a GRUU, where the value of gr URI parameter contains a base64 encoded version of the route list that will reach the peer. Typically the route list is just a single entry with the peer-id of peer. 3.7.1.3. SIP Connect This usage allows two clients to form a new TLS or DTLS connection between them and then use this connection for sending SIP messages to one another. This does not store any information in the DHT, but it allows the CONNECT request to be used to set up a TLS or DTLS connection between two peers and then use that connection to send SIP messages back and forth. The CONNECT request will ensure that the connection is formed to a peer that has a certificate which includes the user that the connection is being formed to. 3.7.1.4. SIP Tunnel This TUNNEL request allows two peers to exchange SIP messages across the overlay using the TUNNEL method without first setting up a direct connection using CONNECT. This allows a SIP message to be sent immediately, without the delay associated with CONNECT and for a simple SIP exchange, it may result in fewer messages being sent. Jennings, et al. Expires May 21, 2008 [Page 24] Internet-Draft RELOAD November 2007 3.7.2. Certificate Store Usage This usage allows each user to store their certificate in the DHT so that it can be retrieved to be checked by various peers and applications. Peers acting on behalf of a particular user store that user's certificate in the DHT, and any peer that needs the certificate can do a FETCH to retrieve the certificate. Typically it is retrieved to check a signature on a request or the signature on a chunk of data that the DHT has received. 3.7.3. TURN Usage This usage defines a new type for finding STUN-Relay servers. Any peer that supports this usage saves a pointer to the IP address and port of the TURN server in the DHT. When a peer wishes to discover a TURN server, it picks a random Resource-ID and performs a FIND at that Resource-ID for the appropriate type for the service. If nothing is found, this can be repeated until an appropriate set of servers are found. 3.7.4. Other Usages This will likely be left out of scope of the initial system but just to give people a flavor of how these issues might be dealt with.... 3.7.4.1. Storing Buddy Lists Buddy lists with reciprocal subscribes - when see indication buddy might be online, such as SUBSCRIBE from buddy, retry SUBSCRIBE to buddy. Subscriber ends up doing composition. Single users with different devices can synchronize buddy lists when both are online 3.7.4.2. Storing Users' VCards 3.7.4.3. Finding Voicemail Message Recorder Voicemail is a complicated problem because the amount of storage required to store a voicemail message can be large. Some proposed designs may require peers to store voicemail and others may require users to provide their own storage and delivery systems. Accordingly, this is being left out of the base protocol. Jennings, et al. Expires May 21, 2008 [Page 25] Internet-Draft RELOAD November 2007 4. Base Protocol RELOAD is a message-oriented request/response protocol. The messages are encoded using binary fields. All integers are represented in network byte order. The general philosophy behind the design was to use Type, Length, Value fields to allow for extensibility. However, for the parts of a structure that were required in all messages, just define theses in a fixed position as adding a type and length for them is unnecessary and would simply increases bandwidth and introduces new potentials for interoperability issues. Each message has three parts: Forwarding Header: Each message has a generic header which is used to forward the message between peers and to its final destination. This header is the only information that an intermediate peer (i.e., one that is not the target of a message) needs to examine. Message Contents: The message being delivered between the peers. From the perspective of the forwarding layer, the contents is opaque, however, it is interpreted by the higher layers. Signature: A digital signature over the message contents and parts of the header of the message. Note that this signature can be computed without parsing the message contents. The following sections describe the format of each part of the message. 4.1. Forwarding Header The layout of the forwarding header is shown below Jennings, et al. Expires May 21, 2008 [Page 26] Internet-Draft RELOAD November 2007 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | R | E | L | O | 4 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Overlay | 8 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | |F|L| | | TTL | Routing |R|F| Fragment Offset | | | |A|R| | | | |G|G| | 12 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |E| | | |X| Version | Length | |P| | | 16 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Transaction ID | + + | | 24 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Route | Via | | | List | List | Flags | | Length | Length | | 28 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | // Route List // | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | // Via List // | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | // Route Log // | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The first four bytes identify this message as a RELOAD message. The Overlay field is the 32bit checksum/hash of the overlay being used. The CRC-32 checksum MUST be used to convert the variable length string representing the overlay name into a 32bit value. The purpose of this field is to allow nodes to participate in multiple overlays and to detect accidental misconfiguration. TTL (time-to-live) is an 8 bit field indicating the number of Jennings, et al. Expires May 21, 2008 [Page 27] Internet-Draft RELOAD November 2007 iterations, or hops, a message can experience before it is discarded. The TTL u_int8 number MUST be stored in network byte order and MUST be decremented by one at every hop along the route the message traverses. If the TTL is 0, the message MUST NOT be propagated further and MUST be discarded. The initial value of the TTL should be TBD. Routing is an 8 bit field that specifies the type of routing the requester would like for the message. The following Routing options MUST be understood: UNSPECIFIED : 0x00 RECURSIVE : 0x01 ITERATIVE : 0x02 If a peer is unable or unwilling to perform the type of routing requested, the peer MUST respond with a 499 error message that indicates its unwillingness to process the message. FRAG is a 1 bit field used to specify if this message is a fragment. NOT-FRAGMENT : 0x0 FRAGMENT : 0x1 LFRG is a 1 bit field used to specify whether this is the last fragment in a complete message. NOT-LAST-FRAGMENT : 0x0 LAST-FRAGMENT : 0x1 [[Open Issue: How should the fragment offset and total length be encoded in the header? Right now we have 14 bits reserved with the intention that they be used for fragmenting, though additional bytes in the header might be needed for fragmentation.]] EXP is a 1 bit field that specifies if this protocol is experimental or not. The EXP bit can be set to denote that this version of the protocol is private, in-house. This makes it possible to have private protocol versions that don't collide with IETF standards. Version is a 7 bit field that indicates the version of the RELOAD protocol being used. Version1.0 : 0x1 Jennings, et al. Expires May 21, 2008 [Page 28] Internet-Draft RELOAD November 2007 The message Length is the count in bytes of the size of the message, including the header. The Transaction ID is a unique 64 bit number that identifies this transaction and also serves as a salt to randomize the request and the response. Responses use the same Transaction ID as the request they correspond to. Transaction IDs are also used for fragment reassembly. The Route List Length and the Via List Length contain the lengths of the route and via lists respectively, in the number of peer-ids. [[Open Issue: How should we handle peer-id lengths? This basically assumes they're fixed length per DHT algorithm (but not fixed-length for RELOAD) so that you can unambiguously parse things. Should we have a length byte?]] The flags word contains control flags. There is one currently defined flag. ROUTE-LOG : 0x1 The ROUTE-LOG flag indicates that the route log should be included (see Section 4.1.4 The Route List contains a sequence of peer-ids which the message should pass through. The route list is constructed by the message originator. The route list shrinks as the message traverses each listed peer. The Via List contains the sequence of peer-ids through which the message has passed. The via list starts out empty and grows as the message traverses each peer. 4.1.1. Changes to Forwarding Header The RELOAD-01 forwarding header was completely fixed, whereas this header includes lists that change en-route. However, this type of operation is easily accomplished in both software and hardware, therefore we still view it as a low-overhead header. The changes include the following. o Rearranged fields to have a cleaner separation between payload and header. o Removed DHT, Hash, and Security parameters. These are now in the overlay bootstrap system rather than per-message. Jennings, et al. Expires May 21, 2008 [Page 29] Internet-Draft RELOAD November 2007 o Source and destination IDs are now route lists to accommodate source routing and recursion without state on intermediate peers. o Added route log to header to allow payload/header separation. 4.1.2. Message Routing 4.1.2.1. Request Origination In order to send a message to a given peer-id or resource-id, a peer must construct an appropriate route list. The most common such route list is a single entry containing the peer/resource-id. This simply uses the normal DHT routing mechanisms to forward the message to that destination. Messages can also be source routed. In order to construct a source route, the originator provides a route list containing a sequence of resource-ids. The semantics of this route list are that the message is to traverse in order (potentially with intermediate hops) each entry on the route list. As each peer is traversed, that entry is removed from the route list. This makes it possible to address a peer which is potentially behind a NAT or a firewall in such a way that it cannot be connected to directly under any circumstances. 4.1.2.2. Response Origination When a peer sends a response to a request, it SHOULD construct the route list by reversing the order of the entries on the via list. This has the result that the response traverses (at least) the same peers as the request traversed, except in reverse order (symmetric routing). For asymmetric routing, the peer MAY simply use the first entry on the via list. 4.1.2.3. Message Receipt and Forwarding When a peer receives a message, it first examines the overlay, version, and other header fields to determine whether the message is one it can process. If any of these are incorrect (e.g., the message is for an overlay in which the peer does not participate) it is an error. The peer SHOULD generate an appropriate error but MAY simply drop the message. Once the peer has determined that the message is correctly formatted, it examines the first entry on the route list. There are three possible cases here: o The first entry on the route list is a private id which is being used for route list compression. Jennings, et al. Expires May 21, 2008 [Page 30] Internet-Draft RELOAD November 2007 o The first entry on the route list is an id for which the peer is responsible. o The first entry on the route list is for which another peer is responsible. These cases are handled separately. 4.1.2.3.1. Private ID If the first entry on the route list is a private id, the peer replaces that entry with the store local value that it indexes and then re-examines the route list to determine which case now applies. 4.1.2.3.2. Responsible ID If the first entry on the route list is a id for which the peer is responsible, the peer strips the entry off the route list. If there are remaining entries on the route list, the peer then re-examines the route list to determine which case now applies. If the route list is now empty, then the message was destined for this peer and it MUST pass it to the next layer up. 4.1.2.3.3. Other ID If neither of the other two cases applies, then the peer MUST forward the message towards the first entry on the route list. This means that it MUST select one of the peers in its route table which is closer to the first entry than to itself and send the message to that peer. If the first entry on the route list is in the peer's connection table, then it SHOULD forward the message to that peer directly. When forwarding a message, the peer MUST: o Decrement the TTL value o Update the via list. The natural way to update the via list is simply to add the peer-id of the peer from which the message was received to the end of the list. However, peers may use any algorithm of their choice provided that if the peer received a route list constructed by reversing the via list it would be able to route the outgoing message correctly, enabling symmetric routing. For instance, if node D receives a message from node C with via list (A, B), the simple approach is simply to forward to the next node (E) with via list (A, B, C). Now, if E wants to respond to the message, it reverses the via list to produce the route list, resulting in (D, Jennings, et al. Expires May 21, 2008 [Page 31] Internet-Draft RELOAD November 2007 C, B, A). When D forwards the response to C, the route list will contain (B, A). However, node D could also list compression and send E the via list (X). E would then use the route list (D, X). When D processes this route list, it MUST detect that X is a compressed entry, recover the via list (A, B, C), and reverse that to produce the correct route list (C, B, A) before sending it to C. Note that if a peer is using list compression and then exits the overlay, the message cannot be forwarded and will be dropped. The ordinary timeout and retransmission networks provide stability over this type of failure. 4.1.3. Fragmentation and Reassembly In order to allow transport over datagram protocols, RELOAD messages may be fragmented. If a message is too large for a peer to transmit to the next peer it MUST fragment the message. Note that this implies that intermediate peers may re-fragment messages if the incoming and outgoing paths have different maximum datagram sizes. Intermediate peers SHOULD NOT reassemble fragments. Upon receipt of a fragmented message by the intended peer, the peer holds the fragments in a holding buffer until the entire message has been received. The message is then reassembled into a single unfragmented message and processed. In order to prevent denial of service attacks, receivers SHOULD time out incomplete fragments. [[TODO: Describe algorithm]] 4.1.4. Route Logging The route logging feature provides diagnostic information about the path taken by the request so far and in this manner it is similar in function to SIP's [RFC3261] Via header field. If the ROUTE-LOG flag is set in the Flags word, at each hop peers MUST append a route log entry to the route log element in the header. The order of the route log entry elements in the message is determined by the order of the peers were traversed along the path. The first route log entry corresponds to the peer at the first hop along the path, and each subsequent entry corresponds to the peer at the next hop along the path. If the ROUTE-LOG flag is set in a request, the route log MUST be copied into the response and the ROUTE-LOG flag set so that the originator receives the ROUTE-LOG data. Jennings, et al. Expires May 21, 2008 [Page 32] Internet-Draft RELOAD November 2007 STRUCTURE: route_log 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Entries Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Entries | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The route log is simply a variable length list of route log entries. The first two bytes are the length, followed by a sequence of route leg entries, each of which may be individually parsed. STRUCTURE: route_log_entry 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Version Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Version | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Transport | | +-+-+-+-+-+-+-+-+ + | Id | + + | | + + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Uptime | +-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Certificate Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Certificate | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Address | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jennings, et al. Expires May 21, 2008 [Page 33] Internet-Draft RELOAD November 2007 STRUCTURE: ip4_address_type 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0x01 | Addr | 004 +-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Port | 007 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ STRUCTURE: ip6_address_type 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0x02 | | 004 +-+-+-+-+-+-+-+-+ + | Addr | 008 + + | | 012 + + | | 016 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Port | 019 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Each route log entry consists of the following values: Version - A textual representation of the software version Transport - The transport type, 1 for TLS, 2 for DTLS Id - The peer-id of the peer. Uptime - The uptime of the peer in seconds. Certificate - The peer's certificate. Note that this may be omitted by setting the length to zero. Address - The address and port of the peer. 4.2. Message Contents Format Although from the perspective of the forwarding layer the content is opaque, all RELOAD messages share a common content structure consisting of two parts: Common Header: A common header containing the request method/ response code, and a transaction ID. Payload: The actual body of the request/response. These are dependent on whether this is a request or response and the type of request being carried. Jennings, et al. Expires May 21, 2008 [Page 34] Internet-Draft RELOAD November 2007 4.2.1. Common Header The layout of the common header is shown below: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| | | |/| Code | Reserved | |r| | | 4 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ R/r is a one bit field used to specify if this is a request or a response. REQUEST : 0x0 RESPONSE : 0x1 Code is a 15 bit field that indicates either the message method or the response code (depending on the value of the R/r bit) 4.2.2. Payload Payload is a simple string of uninterpreted bytes preceded by a length field indicating the length of the data. The bytes themselves are dependent on the code value. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Length | | | 4 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | // Length bytes of data // | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4.2.3. Signature The Signature element is used to attach signatures to messages and or stored data elements. All signatures are formatted using this element. However, the input structure to the signature computation Jennings, et al. Expires May 21, 2008 [Page 35] Internet-Draft RELOAD November 2007 varies depending on the data element being signed. STRUCTURE: signature 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Algorithm | Signature Value Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Signature Value | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Identity | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The signature construct is just a container for the signature. It contains the following values: Algorithm - The signature algorithm in use. This may have the values RSA-SHA1 (0x01) or RSA-SHA-256 (0x02). Value - The signature value itself. This is just the string of bytes emitted by the signature algorithm. Identity - The identity or certificate used to form the signature A number of possible identity formats are permitted, as shown below. The peer may indicate any of: o Peer-id o User name o The certificate itself. The first byte of the identity field is a type indicating the type of identity in use. For signatures over messages the input to the signature function is: Jennings, et al. Expires May 21, 2008 [Page 36] Internet-Draft RELOAD November 2007 STRUCTURE: message_signature_input 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Overlay | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | 008 + + | Xid | 012 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Signer Identity | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Message Contents | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The contents of this structure are as follows: Overlay - The overlay identifier from the message. Xid - The transaction id from the message. Signer Identity - The identify of the signer (from the signature structure.) Message Contents - The contents section of the message. [[TODO: Check the inputs to this carefully.]] The input to signatures over data values is different, and is decribed in Section 5.2.1.3. 4.3. Response Codes and Response Errors A peer processing a request returns its status in the Code field of the common header. If the request was a success, the code should be 200 (OK) and the payload should be as specified above. If the request failed, then the response code should be as defined below. Jennings, et al. Expires May 21, 2008 [Page 37] Internet-Draft RELOAD November 2007 200 (OK): Indicates a successful request. The information returned in the response will depend on the request method. 302 (Moved Temporarily): The requesting peer SHOULD retry the request at the new address specified in the 302 response message. 401 (Unauthorized): The requesting peer needs to sign and provide a certificate. [[TODO: The semantics here don't seem quite right.]] 403 (Forbidden): The requesting peer does not have permission to make this request. 404 (Not Found): The resource or peer cannot be found or does not exist. 408 (Request Timeout): A response to the request has not been received in a suitable amount of time. The requesting peer MAY resend the request at a later time. 412 (Precondition Failed): A request can't be completed because some precondition was incorrect. For instance, the wrong generation counter was provided 498 (Incompatible with Overlay) A peer receiving the request is using a different overlay, DHT algorithm, or hash algorithm. [[Open Issue: What is the best error number and reason phrase to use?]] 499 (UnWilling To Proxy) A peer receiving the request is unwilling to support the Routing mechanism specified in the Routing field of the message header. [[Open Issue: What is the best error number and reason phrase to use?]] For any code other than 200, the payload should be as defined below: STRUCTURE: error_response 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reason Phrase Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Reason Phrase | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Error Info Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Error Info | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The contents of this payload are: Jennings, et al. Expires May 21, 2008 [Page 38] Internet-Draft RELOAD November 2007 Reason Phrase - A freeform text string indicating the reason for the response. The reason phrase SHOULD BE as indicated in the above list (e.g., "Moved Temporarily). Error Info - Payload specific error information. This MUST be empty except as specified below. For the response code 302, the error-payload-rest is the peer-id of the peer to which the request SHOULD be redirected. This error code is used for iterative routing. 4.4. Timeout and Retransmission Timeout and retransmission are handled on an end-to-end basis. The requesting node retransmits requests until it receives a response or a timeout. The retransmit algorithm defined in Section 17.1.2.1 of [RFC3261] SHOULD be used. Retransmissions MUST use the same transaction ID. 5. Method Definitions In this section, we define the initial set of methods supported by RELOAD. New methods are defined by adding new method codes. Each method defines the contents of the payload element (see Section 4.2.2). 5.1. Connection Management 5.1.1. PING PING is used to test connectivity along a path. A ping can be addressed to a specific peer-id or to the anycast peer-id (all 1s). In either case, the target peer-ids respond with a simple response containing some status information. 5.1.1.1. Request Definition STRUCTURE: ping_request 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ping Info Len | | +-+-+-+-+-+-+-+-+ + | Ping Info | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jennings, et al. Expires May 21, 2008 [Page 39] Internet-Draft RELOAD November 2007 The PING request contains a list (potentially empty) of the pieces of status information that the requester would like the responder to provide. The two currently defined types are: RESPONSIBLE-SET : 0x01 NUM-RESOURCES : 0x02 RESPONSIBLE-SET indicates that the peer should Respond with the fraction of the overlay for which the responding peer is responsible (in parts per billion). NUM-RESOURCES indicates that the peer should Respond with the number of resources currently being stored by the peer. 5.1.1.2. Response Definition STRUCTURE: ping_response 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | 004 + + | Response Id | 008 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Infos Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Infos | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The ping response contains the following elements: Response ID - A randomly generated 64-bit response ID. This is used to distinguish PING responses in cases where the PING request is multicast. Infos - A sequence of ping info data structures, as shown below. Jennings, et al. Expires May 21, 2008 [Page 40] Internet-Draft RELOAD November 2007 STRUCTURE: ping_info_data 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Info | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ STRUCTURE: info_responsible_type 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0x01 | Info Responsible Type | 004 +-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | 005 +-+-+-+-+-+-+-+-+ STRUCTURE: info_num_resources_type 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0x02 | Info Num Resources Type | 004 +-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | 005 +-+-+-+-+-+-+-+-+ The ping info data elements are simple typed elements, with a type identifier as the leading 16 bits and then arbitrary (type-specific) text following. In the case of the two defined types, the responses are 32-bit integers. The responding peer SHOULD include any values that the requesting peer requested and that it recognizes. They SHOULD be returned in the requested order. 5.1.2. CONNECT A node sends a CONNECT request when it wishes to establish a direct TCP or UDP connection to another node for the purposes of sending RELOAD messages or application layer protocol messages, such as SIP. Detailed procedures for the CONNECT and its response are described in Section 6. Jennings, et al. Expires May 21, 2008 [Page 41] Internet-Draft RELOAD November 2007 Note A CONNECT does not result in updating the routing table of either node. That function is performed by UPDATEs. If node A has CONNECTed to node B, it MAY route messages which are directly addressed to B through that channel but MUST NOT route messages through B to other peers via that channel. 5.1.2.1. Request Definition Jennings, et al. Expires May 21, 2008 [Page 42] Internet-Draft RELOAD November 2007 STRUCTURE: connect_data 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ufrag Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Ufrag | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Password Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Password | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Application | Fingerprint Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Fingerprint | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Role Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Role | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Candidate List Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Candidate List | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ STRUCTURE: candidate 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Candidate String Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Candidate String | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jennings, et al. Expires May 21, 2008 [Page 43] Internet-Draft RELOAD November 2007 The values contained in connect-request are: Ufrag - The username fragment (from ICE) Password - The ICE password. Application - A 16-bit port number. This port number represents the IANA registered port of the protocol that is going to be sent on this connection. For SIP, this is 5060 or 5061, and for RELOAD is TBD. By using the IANA registered port, we avoid the need for an additional registry and allow RELOAD to be used to set up connections for any existing or future application protocol. Fingerprint - One fingerprint attribute (from RFC 4572 [RFC4572]. Role - An active/passive/actpass attribute from RFC 4145 [RFC4145]. Candidate - One or more ICE candidate values. Each candidate has an IP address, IP address family, port, transport protocol, priority, foundation, component ID, STUN type and related address. The candidate_list is a list of string candidate values. These values should be generated using the procedures of Section 6. 5.1.2.2. Response Definition If a peer receives a CONNECT request, it SHOULD follow the procedures of Section 6 to process the request and generate its own response, containing a connect-data production. It should then begin ICE checks. When a peer receives a CONNECT response, it SHOULD parse the response and begin its own ICE checks. 5.1.3. TUNNEL A node sends a TUNNEL request when it wishes to exchange application- layer protocol messages without the expense of establishing a direct connection via CONNECT or when ICE is unable to establish a direct connection via CONNECT and a TURN relay is not available. The application-level protocols that are routed via the TUNNEL request are defined by that application's usage. Note The decision of whether to route application-level traffic across the overlay or to open a direct connection requires careful consideration of the overhead involved in each transaction. Establishing a direct connection requires greater initial setup costs, but after setup, communication is faster and imposes no overhead on the overlay. For example, for the SIP usage, an INVITE to establish a voice call might be routed over the overlay, a SUBSCRIBE with regular updates would be better used with a CONNECT, and media would both impose too great a load on the overlay and likely receive unacceptable performance. However, there may be a tradeoff between locating TURN servers and Jennings, et al. Expires May 21, 2008 [Page 44] Internet-Draft RELOAD November 2007 relying on TUNNEL for packet routing. When a usage requires the TUNNEL method, it must specify the specific application protocol(s) that will be TUNNELed and for each protocol, specify: o An application attribute that indicates the protocol being tunneled. This the IANA-registered port of the application protocol. o The conditions under which the application will be TUNNELed over the overlay rather than using a direct CONNECT. o A mechanism for moving future application-level communication from TUNNELing on the overlay to a direct CONNECTion, or an explanation why this is unnecessary. o A means of associating messages together as required for dialog- oriented or request/response-oriented protocols. o How the TUNNELed message (and associated responses) will be delivered to the correct application. This is particularly important if there might be multiple instances of the application on or behind a single peer. 5.1.3.1. Request Definition STRUCTURE: tunnel_data 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Application | Dialog Id Len | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Dialog Id | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Application Pdu Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Application Pdu | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ For each of the values indicated here which were originally text, they are preceded by a length field of either one or two bytes. The values contained in connect-request are: Jennings, et al. Expires May 21, 2008 [Page 45] Internet-Draft RELOAD November 2007 Application - A 16-bit port number. This port number represents the IANA registered port of the protocol that is going to be sent on this connection. For SIP, this is 5060 or 5061, and for RELOAD is TBD. By using the IANA registered port, we avoid the need for an additional registry and allow RELOAD to be used to set up connections for any existing or future application protocol. Dialog ID - An arbitrary string providing an application-defined way of associating related TUNNELed messages. This attribute may also encode sequence information as required by the application protocol. Application PDU - An application PDU in the format specified by the application. 5.1.3.2. Response Definition A TUNNEL response serves as confirmation that the message was received by the destination peer. It implies nothing about the processing of the application. If the application protocol specifies an acknowledgement or confirmation, that must be sent with a separate TUNNEL request 5.2. Data Storage and Retrieval The STORE, FETCH, and REMOVE methods are used to manipulate information in the DHT. They form an instantiation of the abstract GET and PUT operations described in [I-D.ietf-p2psip-concepts]. 5.2.1. STORE The STORE method is used to store data in the overlay. As described in Section 3.1.4 each location may contain data of multiple types. Each type-id is a code point assigned to a specific application usage by IANA. As part of the Usage definition, protocol designers may define constraints, such as limits on size, on the values which may be stored. For many types, the set may be restricted to a single item; some sets may be allowed to contain multiple identical items while others may only have unique items. The protocol currently defines the following data models: o single value o array o dictionary Each type-id MUST specify the appropriate data model for that type. The format of the STORE request depends on the data model. Jennings, et al. Expires May 21, 2008 [Page 46] Internet-Draft RELOAD November 2007 5.2.1.1. Request Definition A STORE production is a sequence of type-data pairs, each of which represents a sequence of stored values for a given type-id. The same type-id MUST NOT be used twice in a given store request. Each value is then processed in turn. These operations MUST be atomic. If any operation fails, the state MUST be rolled back to before the request was received. STRUCTURE: store_request 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | 004 + + | Resource | 008 + + | | 012 + + | | 016 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Store Data Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Store Data | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ A single STORE request stores data of a number of types to a single resource location. The contents of the request are: Resource - The resource to store at. Store Type Data - A series of elements, one for each type of data to be stored. Jennings, et al. Expires May 21, 2008 [Page 47] Internet-Draft RELOAD November 2007 STRUCTURE: store_type_data 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Generation | 008 + +-+-+-+-+-+-+-+-+ | | | 012 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Values Len | | +-+-+-+-+-+-+-+-+ + | Values | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Each store type data element represents the data to be stored for a single type-id. The contents of the element are: Type - The type-id Generation - The expected current state of the generation counter. Values - The value or values to be stored. This may contain one or more stored_data values depending on the data model associated with each type-id. STRUCTURE: stored_data 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Storage Time | 008 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | 012 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Data-value | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | / / | Signature | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Jennings, et al. Expires May 21, 2008 [Page 48] Internet-Draft RELOAD November 2007 Each stored_data element represents a single stored data value. These elements are individually signed. The contents of the element are as follows: Length - The length of the stored data element. Storage Time - The time when the data was stored in absolute time, represented in seconds since the Unix epoch. Any attempt to store a data value with a storage time before that of a value known to the receiving peer MUST generate a 412 error. This prevents rollback attacks. Note that this does not require synchronized clocks: the receiving peer uses the storage time in the previous store, not its own clock. Lifetime - The validity period for the data, in seconds, starting from the time of store. Signature - A signature over the data value. Section 5.2.1.3 describes the signature computation. The element is formatted as described in Section 4.2.3 Data Value - The data value itself, as described below. Jennings, et al. Expires May 21, 2008 [Page 49] Internet-Draft RELOAD November 2007 STRUCTURE: single_value_entry 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Value Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Value | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ STRUCTURE: array_entry 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Index | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Value Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Value | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ STRUCTURE: dictionary_entry 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Key Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Key | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Value Len | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Value | / / | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The responsible peer MUST perform the following checks: o The type-id is known. o The signature over the message is valid or (depending on overlay policy) no signature is required. Jennings, et al. Expires May 21, 2008 [Page 50] Internet-Draft RELOAD November 2007 o The signatures over each individual data element (if any) are valid. o Each element is signed by a credential which is authorized to write this type at this resource-id o If the generation-counter is non-zero, it must equal the current value of the generation-counter for this type. This feature allows the generation counter to be used in a way similar to the HTTP Etag feature. o The storage time values are greater than that of any value which would be replaced by this STORE. [[OPEN ISSUE: do peers need to save the storage time of REMOVEs to prevent reinsertion?]] If all these checks succeed, the peer MUST attempt to store the data values. If the store succeeds and the data is changed, then the peer must increase the generation counter by at least one. If there are multiple stored values in a single store-type-data, it is permissible for the peer to increase the generation counter by only 1 for the entire type-id, or by 1 or more than one for each value. We now discuss each type of value. 5.2.1.1.1. Single Value There may be only one single-value element for each resource-id, type pair. A store of a new single-value element MUST overwrite the current value. 5.2.1.1.2. Array A store of an array entry replaces (or inserts) the given value at the location specified by the index. Arrays are zero-based. Note that arrays can be sparse. Thus, a store of "X" at index 2 in an empty array produces an array with the values [ NA, NA, "X"]. Future attempts to fetch elements at index 0 or 1 will return empty strings. If the index value is -1, then the value is placed at the end of the array. 5.2.1.1.3. Dictionary A stored dictionary entry has a dictionary-key used as a lookup key and a dictionary-value containing the data. There may be only one value any given dictionary-key and therefore a write to a dictionary- key overwrites whatever is there. 5.2.1.2. Response Definition In response to a successful STORE request the peer MUST return a series of store_type_response elements containing the current value Jennings, et al. Expires May 21, 2008 [Page 51] Internet-Draft RELOAD November 2007 of the generation counter for each type-id. STRUCTURE: store_type_response 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | | 004 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Generation | 008 + +-+-+-+-+-+-+-+-+ | | 011 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The contents of each element are: Type - The type-id being represented. Generation - The current value of the generation counter for that type-id. The response itself is just the store_type_response values packed end-to-end. If the request was rejected beca