rfc9622v6.txt   rfc9622.txt 
skipping to change at line 30 skipping to change at line 30
An Abstract Application Programming Interface (API) for Transport An Abstract Application Programming Interface (API) for Transport
Services Services
Abstract Abstract
This document describes an abstract Application Programming Interface This document describes an abstract Application Programming Interface
(API) to the transport layer that enables the selection of transport (API) to the transport layer that enables the selection of transport
protocols and network paths dynamically at runtime. This API enables protocols and network paths dynamically at runtime. This API enables
faster deployment of new protocols and protocol features without faster deployment of new protocols and protocol features without
requiring changes to the applications. The specified API follows the requiring changes to the applications. The specified API follows the
Transport Services architecture by providing asynchronous, atomic Transport Services Architecture by providing asynchronous, atomic
transmission of messages. It is intended to replace the BSD Socket transmission of Messages. It is intended to replace the BSD Socket
API as the common interface to the transport layer, in an environment API as the common interface to the transport layer, in an environment
where endpoints could select from multiple network paths and where endpoints could select from multiple network paths and
potential transport protocols. potential transport protocols.
Status of This Memo Status of This Memo
This is an Internet Standards Track document. This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has (IETF). It represents the consensus of the IETF community. It has
skipping to change at line 185 skipping to change at line 185
B.2.3. unreliable-datagram B.2.3. unreliable-datagram
Appendix C. Relationship to the Minimal Set of Transport Services Appendix C. Relationship to the Minimal Set of Transport Services
for End Systems for End Systems
Acknowledgements Acknowledgements
Authors' Addresses Authors' Addresses
1. Introduction 1. Introduction
This document specifies an abstract Application Programming Interface This document specifies an abstract Application Programming Interface
(API) that describes the interface component of the high-level (API) that describes the interface component of the high-level
Transport Services architecture defined in [RFC9621]. A Transport Transport Services Architecture defined in [RFC9621]. A Transport
Services system supports asynchronous, atomic transmission of Services System supports asynchronous, atomic transmission of
messages over transport protocols and network paths dynamically Messages over transport protocols and network paths dynamically
selected at runtime, in environments where an endpoint selects from selected at runtime, in environments where an endpoint selects from
multiple network paths and potential transport protocols. multiple network paths and potential transport protocols.
Applications that adopt this API will benefit from a wide set of Applications that adopt this API will benefit from a wide set of
transport features that can evolve over time. This protocol- transport features that can evolve over time. This protocol-
independent API ensures that the system providing the API can independent API ensures that the system providing the API can
optimize its behavior based on the application requirements and optimize its behavior based on the application requirements and
network conditions, without requiring changes to the applications. network conditions, without requiring changes to the applications.
This flexibility enables faster deployment of new features and This flexibility enables faster deployment of new features and
protocols and can support applications by offering racing and protocols and can support applications by offering racing and
fallback mechanisms, which otherwise need to be separately fallback mechanisms, which otherwise need to be separately
implemented in each application. Transport Services Implementations implemented in each application. Transport Services Implementations
are free to take any desired form as long as the API specification in are free to take any desired form as long as the API specification in
this document is honored; a non-prescriptive guide to implementing a this document is honored; a non-prescriptive guide to implementing a
Transport Services system is available (see [RFC9623]). Transport Services System is available (see [RFC9623]).
The Transport Services system derives specific path and Protocol The Transport Services System derives specific path and Protocol
Selection Properties and supported transport features from the Selection Properties and supported transport features from the
analysis provided in [RFC8095], [RFC8923], and [RFC8922]. The analysis provided in [RFC8095], [RFC8923], and [RFC8922]. The
Transport Services API enables an implementation to dynamically Transport Services API enables an implementation to dynamically
choose a transport protocol rather than statically binding choose a transport protocol rather than statically binding
applications to a protocol at compile time. The Transport Services applications to a protocol at compile time. The Transport Services
API also provides applications with a way to override transport API also provides applications with a way to override transport
selection and instantiate a specific stack, e.g., to support servers selection and instantiate a specific stack, e.g., to support servers
wishing to listen to a specific protocol. However, forcing a choice wishing to listen to a specific protocol. However, forcing a choice
to use a specific transport stack is discouraged for general use to use a specific Protocol Stack is discouraged for general use
because it can reduce portability. because it can reduce portability.
1.1. Terminology and Notation 1.1. Terminology and Notation
The Transport Services API is described in terms of: The Transport Services API is described in terms of:
* Objects with which an application can interact; * Objects with which an application can interact;
* Actions the application can perform on these objects; * Actions the application can perform on these objects;
skipping to change at line 261 skipping to change at line 261
Action(param0, param1?, ...) Action(param0, param1?, ...)
Event<param0, param1?, ...> Event<param0, param1?, ...>
Objects that are passed as parameters to actions use call-by-value Objects that are passed as parameters to actions use call-by-value
behavior. Actions not associated with an object are actions on the behavior. Actions not associated with an object are actions on the
API; they are equivalent to actions on a per-application global API; they are equivalent to actions on a per-application global
context. context.
Events are sent to the application or application-supplied code Events are sent to the application or application-supplied code
(e.g., framers; see Section 9.1.2) for processing; the details of (e.g., Framers; see Section 9.1.2) for processing; the details of
event interfaces are specific to the platform or implementation and event interfaces are specific to the platform or implementation and
can be implemented using other forms of asynchronous processing, as can be implemented using other forms of asynchronous processing, as
idiomatic for the implementing platform. idiomatic for the implementing platform.
We also make use of the following basic types: We also make use of the following basic types:
Boolean: Instances take the value true or false. Boolean: Instances take the value true or false.
Integer: Instances take integer values. Integer: Instances take integer values.
skipping to change at line 313 skipping to change at line 313
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2. Overview of the API Design 2. Overview of the API Design
The design of the API specified in this document is based on a set of The design of the API specified in this document is based on a set of
principles, themselves an elaboration on the architectural design principles, themselves an elaboration on the architectural design
principles defined in [RFC9621]. The API defined in this document principles defined in [RFC9621]. The API defined in this document
provides: provides:
* A Transport Services system that can offer a variety of transport * A Transport Services System that can offer a variety of transport
protocols, independent of the Protocol Stacks that will be used at protocols, independent of the Protocol Stacks that will be used at
runtime. To the degree possible, all common features of these runtime. To the degree possible, all common features of these
Protocol Stacks are made available to the application in a Protocol Stacks are made available to the application in a
transport-independent way. This enables applications written for transport-independent way. This enables applications written for
a single API to make use of transport protocols in terms of the a single API to make use of transport protocols in terms of the
features they provide. features they provide.
* A unified API to datagram and stream-oriented transports, allowing * A unified API to datagram and stream-oriented transports, allowing
the use of a common API for Connection establishment and closing. the use of a common API for Connection establishment and closing.
skipping to change at line 345 skipping to change at line 345
(e.g., Provisioning Domain (PvD) information [RFC7556]) where (e.g., Provisioning Domain (PvD) information [RFC7556]) where
available. available.
* Explicit support for transport-specific features to be applied, * Explicit support for transport-specific features to be applied,
when that particular transport is part of a chosen Protocol Stack. when that particular transport is part of a chosen Protocol Stack.
* Explicit support for security properties as first-order transport * Explicit support for security properties as first-order transport
features. features.
* Explicit support for configuration of cryptographic identities and * Explicit support for configuration of cryptographic identities and
transport security parameters persistent across multiple transport Security Parameters persistent across multiple
Connections. Connections.
* Explicit support for multistreaming and multipath transport * Explicit support for multistreaming and multipath transport
protocols, and the grouping of related Connections into Connection protocols, and the grouping of related Connections into Connection
Groups through "cloning" of Connections (see Section 7.4). This Groups through "cloning" of Connections (see Section 7.4). This
function allows applications to take full advantage of new function allows applications to take full advantage of new
transport protocols supporting these features. transport protocols supporting these features.
3. API Summary 3. API Summary
An application primarily interacts with this API through two objects: An application primarily interacts with this API through two objects:
Preconnections and Connections. A Preconnection object (Section 6) Preconnections and Connections. A Preconnection object (Section 6)
represents a set of properties and constraints on the selection and represents a set of Properties and constraints on the selection and
configuration of paths and protocols to establish a Connection with configuration of paths and protocols to establish a Connection with
an Endpoint. A Connection object represents an instance of a an Endpoint. A Connection object represents an instance of a
transport Protocol Stack on which data can be sent to and/or received transport Protocol Stack on which data can be sent to and/or received
from a Remote Endpoint (i.e., a logical connection that, depending on from a Remote Endpoint (i.e., a logical connection that, depending on
the kind of transport, can be bidirectional or unidirectional, and the kind of transport, can be bidirectional or unidirectional, and
that can use a stream protocol or a datagram protocol). Connections that can use a stream protocol or a datagram protocol). Connections
are presented consistently to the application, irrespective of are presented consistently to the application, irrespective of
whether the underlying transport is connectionless or connection whether the underlying transport is connectionless or connection
oriented. Connections can be created from Preconnections in three oriented. Connections can be created from Preconnections in three
ways: ways:
* initiating the Preconnection (i.e., creating a Connection from the * initiating the Preconnection (i.e., creating a Connection from the
Preconnection, actively opening, as in a client; see Initiate in Preconnection, actively opening, as in a client; see Initiate in
Section 7.1), Section 7.1),
* listening on the Preconnection (i.e., creating a Listener based on * listening on the Preconnection (i.e., creating a Listener based on
the Preconnection, passively opening, as in a server; see Listen the Preconnection, passively opening, as in a server; see Listen
in Section 7.2), or in Section 7.2), or
* a rendezvous for the Preconnection (i.e., peer-to-peer connection * a rendezvous for the Preconnection (i.e., peer-to-peer Connection
establishment; see Rendezvous in Section 7.3). establishment; see Rendezvous in Section 7.3).
Once a Connection is established, data can be sent and received on it Once a Connection is established, data can be sent and received on it
in the form of Messages. The API supports the preservation of in the form of Messages. The API supports the preservation of
message boundaries via both explicit Protocol Stack support and Message boundaries via both explicit Protocol Stack support and
application support through a Message Framer that finds message application support through a Message Framer that finds Message
boundaries in a stream. Messages are received asynchronously through boundaries in a stream. Messages are received asynchronously through
event handlers registered by the application. Errors and other event handlers registered by the application. Errors and other
notifications also happen asynchronously on the Connection. It is notifications also happen asynchronously on the Connection. It is
not necessary for an application to handle all events; some events not necessary for an application to handle all events; some events
can have implementation-specific default handlers. can have implementation-specific default handlers.
The application SHOULD NOT assume that ignoring events (e.g., errors) The application SHOULD NOT assume that ignoring events (e.g., errors)
is always safe. is always safe.
3.1. Usage Examples 3.1. Usage Examples
skipping to change at line 412 skipping to change at line 412
* a client, by connecting to a Remote Endpoint using Initiate, * a client, by connecting to a Remote Endpoint using Initiate,
sending requests, and receiving responses; see Section 3.1.2. sending requests, and receiving responses; see Section 3.1.2.
* a peer, by connecting to a Remote Endpoint using Rendezvous while * a peer, by connecting to a Remote Endpoint using Rendezvous while
simultaneously waiting for incoming Connections, sending Messages, simultaneously waiting for incoming Connections, sending Messages,
and receiving Messages; see Section 3.1.3. and receiving Messages; see Section 3.1.3.
The examples in this section presume that a transport protocol is The examples in this section presume that a transport protocol is
available between the Local and Remote Endpoints and that this available between the Local and Remote Endpoints and that this
protocol provides reliable data transfer, preservation of data protocol provides reliable data transfer, preservation of data
ordering, and preservation of message boundaries. In this case, the ordering, and preservation of Message boundaries. In this case, the
application can choose to receive only complete Messages. application can choose to receive only complete Messages.
If none of the available transport protocols provide preservation of If none of the available transport protocols provide preservation of
message boundaries, but there is a transport protocol that provides a Message boundaries, but there is a transport protocol that provides a
reliable ordered byte-stream, an application could receive this byte- reliable ordered byte-stream, an application could receive this byte-
stream as partial Messages and transform it into application-layer stream as partial Messages and transform it into application-layer
Messages. Alternatively, an application might provide a Message Messages. Alternatively, an application might provide a Message
Framer, which can transform a sequence of Messages into a byte-stream Framer, which can transform a sequence of Messages into a byte-stream
and vice versa (Section 9.1.2). and vice versa (Section 9.1.2).
3.1.1. Server Example 3.1.1. Server Example
This is an example of how an application might listen for incoming This is an example of how an application might listen for incoming
Connections using the Transport Services API, receive a request, and Connections using the Transport Services API, receive a request, and
skipping to change at line 607 skipping to change at line 607
// Add the new Local Endpoints to the Connection: // Add the new Local Endpoints to the Connection:
Connection.AddLocal(ResolvedLocal) Connection.AddLocal(ResolvedLocal)
//---- PathChange event handler end ---- //---- PathChange event handler end ----
// Close the Connection in a Receive event handler: // Close the Connection in a Receive event handler:
Connection.Close() Connection.Close()
4. Transport Properties 4. Transport Properties
Each application using the Transport Services API declares its Each application using the Transport Services API declares its
preferences for how the Transport Services system is to operate. preferences for how the Transport Services System is to operate.
This is done by using Transport Properties, as defined in [RFC9621], This is done by using Transport Properties, as defined in [RFC9621],
at each stage of the lifetime of a Connection. at each stage of the lifetime of a Connection.
Transport Properties are divided into Selection, Connection, and Transport Properties are divided into Selection, Connection, and
Message Properties. Message Properties.
Selection Properties (see Section 6.2) can only be set during Selection Properties (see Section 6.2) can only be set during
preestablishment. They are only used to specify which paths and preestablishment. They are only used to specify which paths and
Protocol Stacks can be used and are preferred by the application. Protocol Stacks can be used and are preferred by the application.
Calling Initiate on a Preconnection creates an outbound Connection, Calling Initiate on a Preconnection creates an outbound Connection,
skipping to change at line 647 skipping to change at line 647
Preconnections is preferred over setting them later. Early Preconnections is preferred over setting them later. Early
specification of Connection Properties allows their use as additional specification of Connection Properties allows their use as additional
input to the selection process. Protocol-specific Properties, which input to the selection process. Protocol-specific Properties, which
enable configuration of specialized features of a specific protocol enable configuration of specialized features of a specific protocol
(see Section 3.2 of [RFC9621]), are not used as input to the (see Section 3.2 of [RFC9621]), are not used as input to the
selection process; they only support configuration if the respective selection process; they only support configuration if the respective
protocol has been selected. protocol has been selected.
4.1. Transport Property Names 4.1. Transport Property Names
Transport Properties are referred to by property names, represented Transport Properties are referred to by names, represented as case-
as case-insensitive strings. These names serve two purposes: insensitive strings. These names serve two purposes:
* Allowing different components of a Transport Services * Allowing different components of a Transport Services
Implementation to pass Transport Properties (e.g., between a Implementation to pass Transport Properties (e.g., between a
language frontend and a policy manager) or to enable a Transport language frontend and a policy manager) or to enable a Transport
Services Implementation to represent properties retrieved from a Services Implementation to represent Properties retrieved from a
file or other storage to the application. file or other storage to the application.
* Making the code of different Transport Services Implementations * Making the code of different Transport Services Implementations
look similar. While individual programming languages might look similar. While individual programming languages might
preclude strict adherence to the naming convention of representing preclude strict adherence to the naming convention of representing
property names as case-insensitive strings (for instance, by Property names as case-insensitive strings (for instance, by
prohibiting the use of hyphens in symbols), users interacting with prohibiting the use of hyphens in symbols), users interacting with
multiple implementations will still benefit from the consistency multiple implementations will still benefit from the consistency
resulting from the use of visually similar symbols. resulting from the use of visually similar symbols.
Transport Property Names are hierarchically organized in the form Transport Property names are hierarchically organized in the form
[<Namespace>.]<PropertyName>. [<Namespace>.]<PropertyName>.
* The optional Namespace component and its trailing dot character * The optional Namespace component and its trailing dot character
(".") MUST be omitted for well-known generic properties, i.e., for (".") MUST be omitted for well-known generic Properties, i.e., for
properties that are not specific to a protocol. Properties that are not specific to a protocol.
* Protocol-specific Properties MUST use the protocol acronym as the * Protocol-specific Properties MUST use the protocol acronym as the
Namespace (e.g., a Connection that uses TCP could support a TCP- Namespace (e.g., a Connection that uses TCP could support a TCP-
specific Transport Property, such as the TCP User Timeout value, specific Transport Property, such as the TCP User Timeout value,
in a Protocol-specific Property called tcp.userTimeoutValue (see in a Protocol-specific Property called tcp.userTimeoutValue (see
Section 8.2)). Section 8.2)).
* Vendor-specific or implementation-specific properties MUST be * Vendor-specific or implementation-specific Properties MUST be
placed in a Namespace starting with the underscore character ("_") placed in a Namespace starting with the underscore character ("_")
and SHOULD use a string identifying the vendor or implementation. and SHOULD use a string identifying the vendor or implementation.
* For IETF protocols, the name of a Protocol-specific Property MUST * For IETF protocols, the name of a Protocol-specific Property MUST
be specified in an RFC from the IETF Stream (after IETF Review be specified in an RFC from the IETF Stream (after IETF Review
[RFC8126]). An IETF protocol Namespace does not start with an [RFC8126]). An IETF protocol Namespace does not start with an
underscore character ("_"). underscore character ("_").
Namespaces for each of the keywords provided in the "Protocol Namespaces for each of the keywords provided in the "Protocol
Numbers" registry (see <https://www.iana.org/assignments/protocol- Numbers" registry (see <https://www.iana.org/assignments/protocol-
numbers/>) are reserved for Protocol-specific Properties and MUST NOT numbers/>) are reserved for Protocol-specific Properties and MUST NOT
be used for vendor-specific or implementation-specific properties. be used for vendor-specific or implementation-specific Properties.
Terms listed as keywords, as in the "Protocol Numbers" registry, Terms listed as keywords, as in the "Protocol Numbers" registry,
SHOULD be avoided as any part of a vendor-specific or implementation- SHOULD be avoided as any part of a vendor-specific or implementation-
specific property name. specific Property name.
Though Transport Property Names are case insensitive, it is Though Transport Property names are case insensitive, it is
recommended to use camelCase to improve readability. Implementations recommended to use camelCase to improve readability. Implementations
may transpose Transport Property Names into snake_case or PascalCase may transpose Transport Property names into snake_case or PascalCase
to blend into the language environment. to blend into the language environment.
4.2. Transport Property Types 4.2. Transport Property Types
Each Transport Property has one of the basic types described in Each Transport Property has one of the basic types described in
Section 1.1. Section 1.1.
Most Selection Properties (see Section 6.2) are of the Enumeration Most Selection Properties (see Section 6.2) are of the Enumeration
type, and they use the Preference Enumeration, which takes one of type, and they use the Preference Enumeration, which takes one of
five possible values (Prohibit, Avoid, No Preference, Prefer, or five possible values (Prohibit, Avoid, No Preference, Prefer, or
Require) denoting the level of preference for a given property during Require) denoting the level of preference for a given Property during
protocol selection. protocol selection.
5. Scope of the API Definition 5. Scope of the API Definition
This document defines a language- and platform-independent API of a This document defines a language- and platform-independent API of a
Transport Services system. Given the wide variety of languages and Transport Services System. Given the wide variety of languages and
language conventions used to write applications that use the language conventions used to write applications that use the
transport layer to connect to other applications over the Internet, transport layer to connect to other applications over the Internet,
this independence makes this API necessarily abstract. this independence makes this API necessarily abstract.
There is no interoperability benefit in tightly defining how the API There is no interoperability benefit in tightly defining how the API
is presented to application programmers across diverse platforms. is presented to application programmers across diverse platforms.
However, maintaining the "shape" of the abstract API across different However, maintaining the "shape" of the abstract API across different
platforms reduces the effort for programmers who learn to use the platforms reduces the effort for programmers who learn to use the
Transport Services API to then apply their knowledge to another Transport Services API to then apply their knowledge to another
platform. That said, implementations have significant freedom in platform. That said, implementations have significant freedom in
skipping to change at line 735 skipping to change at line 735
protocol with the shape of the API. We make the following protocol with the shape of the API. We make the following
recommendations: recommendations:
* Actions, events, and errors in implementations of the Transport * Actions, events, and errors in implementations of the Transport
Services API SHOULD use the names assigned to them in this Services API SHOULD use the names assigned to them in this
document, subject to capitalization, punctuation, and other document, subject to capitalization, punctuation, and other
typographic conventions in the language of the implementation, typographic conventions in the language of the implementation,
unless the implementation itself uses different names for unless the implementation itself uses different names for
substantially equivalent objects for networking by convention. substantially equivalent objects for networking by convention.
* Transport Services systems SHOULD implement each Selection * Transport Services Systems SHOULD implement each Selection
Property, Connection Property, and MessageContext Property Property, Connection Property, and MessageContext Property
specified in this document. These features SHOULD be implemented specified in this document. These features SHOULD be implemented
even when, in a specific implementation, it will always result in even when, in a specific implementation, it will always result in
no operation, e.g., there is no action when the API specifies a no operation, e.g., there is no action when the API specifies a
Property that is not available in a transport protocol implemented Property that is not available in a transport protocol implemented
on a specific platform. For example, if TCP is the only on a specific platform. For example, if TCP is the only
underlying transport protocol, the Message Property msgOrdered can underlying transport protocol, the Message Property msgOrdered can
be implemented (trivially, as a no-op) as disabling the be implemented (trivially, as a no-op) as disabling the
requirement for ordering will not have any effect on delivery requirement for ordering will not have any effect on delivery
order for Connections over TCP. Similarly, the msgLifetime order for Connections over TCP. Similarly, the msgLifetime
Message Property can be implemented but ignored, as the Message Property can be implemented but ignored, as the
description of this Property (Section 9.1.3.1) states that "it is description of this Property (Section 9.1.3.1) states that "it is
not guaranteed that a Message will not be sent when its Lifetime not guaranteed that a Message will not be sent when its Lifetime
has expired". has expired".
* Implementations can use other representations for Transport * Implementations can use other representations for Transport
Property Names, e.g., by providing constants, but should provide a Property names, e.g., by providing constants, but should provide a
straightforward mapping between their representation and the straightforward mapping between their representation and the
property names specified here. Property names specified here.
6. Preestablishment Phase 6. Preestablishment Phase
The preestablishment phase allows applications to specify properties The preestablishment phase allows applications to specify Properties
for the Connections that they are about to make or to query the API for the Connections that they are about to make or to query the API
about potential Connections they could make. about potential Connections they could make.
A Preconnection object represents a potential Connection. It is a A Preconnection object represents a potential Connection. It is a
passive object (a data structure) that merely maintains the state passive object (a data structure) that merely maintains the state
that describes the properties of a Connection that might exist in the that describes the Properties of a Connection that might exist in the
future. This state comprises Local Endpoint and Remote Endpoint future. This state comprises Local Endpoint and Remote Endpoint
objects that denote the endpoints of the potential Connection (see objects that denote the Endpoints of the potential Connection (see
Section 6.1), the Selection Properties (see Section 6.2), any Section 6.1), the Selection Properties (see Section 6.2), any
preconfigured Connection Properties (Section 8.1), and the security preconfigured Connection Properties (Section 8.1), and the Security
parameters (see Section 6.3): Parameters (see Section 6.3):
Preconnection := NewPreconnection([]LocalEndpoint, Preconnection := NewPreconnection([]LocalEndpoint,
[]RemoteEndpoint, []RemoteEndpoint,
TransportProperties, TransportProperties,
SecurityParameters) SecurityParameters)
At least one Local Endpoint MUST be specified if the Preconnection is At least one Local Endpoint MUST be specified if the Preconnection is
used to Listen for incoming Connections, but the list of Local used to Listen for incoming Connections, but the list of Local
Endpoints MAY be empty if the Preconnection is used to Initiate Endpoints MAY be empty if the Preconnection is used to Initiate
connections. If no Local Endpoint is specified, the Transport connections. If no Local Endpoint is specified, the Transport
Services system will assign an ephemeral local port to the Connection Services System will assign an ephemeral local port to the Connection
on the appropriate interface(s). At least one Remote Endpoint MUST on the appropriate interface(s). At least one Remote Endpoint MUST
be specified if the Preconnection is used to Initiate Connections, be specified if the Preconnection is used to Initiate Connections,
but the list of Remote Endpoints MAY be empty if the Preconnection is but the list of Remote Endpoints MAY be empty if the Preconnection is
used to Listen for incoming Connections. At least one Local Endpoint used to Listen for incoming Connections. At least one Local Endpoint
and one Remote Endpoint MUST be specified if a peer-to-peer and one Remote Endpoint MUST be specified if a peer-to-peer
Rendezvous is to occur based on the Preconnection. Rendezvous is to occur based on the Preconnection.
If more than one Local Endpoint is specified on a Preconnection, then If more than one Local Endpoint is specified on a Preconnection, then
the application is indicating that all of the Local Endpoints are the application is indicating that all of the Local Endpoints are
eligible to be used for Connections. For example, their Endpoint eligible to be used for Connections. For example, their Endpoint
Identifiers might correspond to different interfaces on a multihomed Identifiers might correspond to different interfaces on a multihomed
host or their Endpoint Identifiers might correspond to local host or their Endpoint Identifiers might correspond to local
interfaces and a STUN server that can be resolved to a server- interfaces and a STUN server that can be resolved to a server-
reflexive address for a Preconnection used to make a peer-to-peer reflexive address for a Preconnection used to make a peer-to-peer
Rendezvous. Rendezvous.
If more than one Remote Endpoint is specified on the Preconnection, If more than one Remote Endpoint is specified on the Preconnection,
the application is indicating that it expects all of the Remote the application is indicating that it expects all of the Remote
Endpoints to offer an equivalent service and that the Transport Endpoints to offer an equivalent service and that the Transport
Services system can choose any of them for a Connection. For Services System can choose any of them for a Connection. For
example, a Remote Endpoint might represent various network interfaces example, a Remote Endpoint might represent various network interfaces
of a host, or a server-reflexive address that can be used to reach a of a host, or a server-reflexive address that can be used to reach a
host, or a set of hosts that provide equivalent local balanced host, or a set of hosts that provide equivalent local balanced
service. service.
In most cases, it is expected that a single Remote Endpoint will be In most cases, it is expected that a single Remote Endpoint will be
specified by name, and a later call to Initiate on the Preconnection specified by name, and a later call to Initiate on the Preconnection
(see Section 7.1) will internally resolve that name to a list of (see Section 7.1) will internally resolve that name to a list of
concrete Endpoint Identifiers. Specifying multiple Remote Endpoints concrete Endpoint Identifiers. Specifying multiple Remote Endpoints
on a Preconnection allows applications to override this for more on a Preconnection allows applications to override this for more
detailed control. detailed control.
If Message Framers are used (see Section 9.1.2), they MUST be added If Message Framers are used (see Section 9.1.2), they MUST be added
to the Preconnection during preestablishment. to the Preconnection during preestablishment.
6.1. Specifying Endpoints 6.1. Specifying Endpoints
The Transport Services API uses the Local Endpoint and Remote The Transport Services API uses the Local Endpoint and Remote
Endpoint objects to refer to the endpoints of a Connection. Endpoint objects to refer to the Endpoints of a Connection.
Endpoints can be created as either remote or local: Endpoints can be created as either remote or local:
RemoteSpecifier := NewRemoteEndpoint() RemoteSpecifier := NewRemoteEndpoint()
LocalSpecifier := NewLocalEndpoint() LocalSpecifier := NewLocalEndpoint()
A single Endpoint object represents the identity of a network host. A single Endpoint object represents the identity of a network host.
That endpoint can be more or less specific, depending on which That Endpoint can be more or less specific, depending on which
Endpoint Identifiers are set. For example, an Endpoint that only Endpoint Identifiers are set. For example, an Endpoint that only
specifies a hostname can, in fact, finally correspond to several specifies a hostname can, in fact, finally correspond to several
different IP addresses on different hosts. different IP addresses on different hosts.
An Endpoint object can be configured with the following identifiers: An Endpoint object can be configured with the following identifiers:
* HostName (string): * HostName (string):
RemoteSpecifier.WithHostName("example.com") RemoteSpecifier.WithHostName("example.com")
skipping to change at line 887 skipping to change at line 887
example, an Endpoint object cannot specify two IP addresses. Two example, an Endpoint object cannot specify two IP addresses. Two
separate IP addresses are represented as two Endpoint objects. If a separate IP addresses are represented as two Endpoint objects. If a
Preconnection specifies a Remote Endpoint with a specific IP address Preconnection specifies a Remote Endpoint with a specific IP address
set, it will only establish Connections to that IP address. If, on set, it will only establish Connections to that IP address. If, on
the other hand, a Remote Endpoint specifies a hostname but no the other hand, a Remote Endpoint specifies a hostname but no
addresses, the Transport Services Implementation can perform name addresses, the Transport Services Implementation can perform name
resolution and attempt using any address derived from the original resolution and attempt using any address derived from the original
hostname of the Remote Endpoint. Note that multiple Remote Endpoints hostname of the Remote Endpoint. Note that multiple Remote Endpoints
can be added to a Preconnection, as discussed in Section 7.5. can be added to a Preconnection, as discussed in Section 7.5.
The Transport Services system resolves names internally, when the The Transport Services System resolves names internally, when the
Initiate, Listen, or Rendezvous method is called to establish a Initiate, Listen, or Rendezvous action is called to establish a
Connection. Privacy considerations for the timing of this resolution Connection. Privacy considerations for the timing of this resolution
are given in Section 13. are given in Section 13.
The Resolve action on a Preconnection can be used by the application The Resolve action on a Preconnection can be used by the application
to force early binding when required, for example, with some Network to force early binding when required, for example, with some Network
Address Translator (NAT) traversal protocols (see Section 7.3). Address Translator (NAT) traversal protocols (see Section 7.3).
6.1.1. Using Multicast Endpoints 6.1.1. Using Multicast Endpoints
To use multicast, a Preconnection is first created with the Local or To use multicast, a Preconnection is first created with the Local or
Remote Endpoint Identifier specifying the Any-Source Multicast (ASM) Remote Endpoint Identifier specifying the Any-Source Multicast (ASM)
or Source-Specific Multicast (SSM) group and destination port number. or Source-Specific Multicast (SSM) group and destination port number.
This is then followed by a call to either Initiate, Listen, or This is then followed by a call to either Initiate, Listen, or
Rendezvous, depending on whether the resulting Connection is to be Rendezvous, depending on whether the resulting Connection is to be
used to send messages to the multicast group, receive messages from used to send Messages to the multicast group, receive Messages from
the group, or both send and receive messages (as is the case for an the group, or both send and receive Messages (as is the case for an
ASM group). ASM group).
Note that the Transport Services API has separate specifier calls for Note that the Transport Services API has separate specifier calls for
multicast groups to avoid introducing filter properties for single- multicast groups to avoid introducing filter Properties for single-
source multicast and seeks to avoid confusion that can be caused by source multicast and seeks to avoid confusion that can be caused by
overloading the unicast specifiers. overloading the unicast specifiers.
Calling Initiate on that Preconnection creates a Connection that can Calling Initiate on that Preconnection creates a Connection that can
be used to send Messages to the multicast group. The Connection be used to send Messages to the multicast group. The Connection
object that is created will support Send but not Receive. Any object that is created will support Send but not Receive. Any
Connections created this way are send-only and do not join the Connections created this way are send-only and do not join the
multicast group. The resulting Connection will have a Local Endpoint multicast group. The resulting Connection will have a Local Endpoint
identifying the local interface to which the Connection is bound and identifying the local interface to which the Connection is bound and
a Remote Endpoint identifying the multicast group. a Remote Endpoint identifying the multicast group.
skipping to change at line 954 skipping to change at line 954
LocalSpecifier.WithSingleSourceMulticastGroupIP(GroupAddress, LocalSpecifier.WithSingleSourceMulticastGroupIP(GroupAddress,
SourceAddress) SourceAddress)
LocalSpecifier.WithAnySourceMulticastGroupIP(GroupAddress) LocalSpecifier.WithAnySourceMulticastGroupIP(GroupAddress)
LocalSpecifier.WithPort(PortNumber) LocalSpecifier.WithPort(PortNumber)
Calling Rendezvous on a Preconnection with an ASM group address as Calling Rendezvous on a Preconnection with an ASM group address as
the Remote Endpoint Identifier will trigger the Transport Services the Remote Endpoint Identifier will trigger the Transport Services
Implementation to join the multicast group and also indicates that Implementation to join the multicast group and also indicates that
the resulting Connection can be used to send Messages to the the resulting Connection can be used to send Messages to the
multicast group. The Rendezvous call will return both: multicast group. The Rendezvous action will return both:
1. a Connection that can be used to send to the group and that acts 1. a Connection that can be used to send to the group and that acts
the same as a Connection returned by calling Initiate with a the same as a Connection returned by calling Initiate with a
multicast Remote Endpoint and multicast Remote Endpoint and
2. a Listener that acts as if Listen had been called with a 2. a Listener that acts as if Listen had been called with a
multicast Remote Endpoint. multicast Remote Endpoint.
Calling Rendezvous on a Preconnection with an SSM group address as Calling Rendezvous on a Preconnection with an SSM group address as
the Local Endpoint Identifier results in an EstablishmentError. the Local Endpoint Identifier results in an EstablishmentError.
skipping to change at line 981 skipping to change at line 981
RemoteSpecifier.WithHopLimit(HopLimit) RemoteSpecifier.WithHopLimit(HopLimit)
LocalSpecifier.WithAnySourceMulticastGroupIP(GroupAddress) LocalSpecifier.WithAnySourceMulticastGroupIP(GroupAddress)
LocalSpecifier.WithPort(PortNumber) LocalSpecifier.WithPort(PortNumber)
LocalSpecifier.WithHopLimit(HopLimit) LocalSpecifier.WithHopLimit(HopLimit)
See Section 6.1.5 for more examples. See Section 6.1.5 for more examples.
6.1.2. Constraining Interfaces for Endpoints 6.1.2. Constraining Interfaces for Endpoints
Note that this API has multiple ways to constrain and prioritize Note that this API has multiple ways to constrain and prioritize
endpoint candidates based on the network interface: Endpoint candidates based on the network interface:
* Specifying an interface on a Remote Endpoint qualifies the scope * Specifying an interface on a Remote Endpoint qualifies the scope
zone of the Remote Endpoint, e.g., for link-local addresses. zone of the Remote Endpoint, e.g., for link-local addresses.
* Specifying an interface on a Local Endpoint explicitly binds all * Specifying an interface on a Local Endpoint explicitly binds all
candidates derived from this Endpoint to use the specified candidates derived from this Endpoint to use the specified
interface. interface.
* Specifying an interface using the interface Selection Property * Specifying an interface using the interface Selection Property
(Section 6.2.11) or indirectly via the pvd Selection Property (Section 6.2.11) or indirectly via the pvd Selection Property
(Section 6.2.12) influences the selection among the available (Section 6.2.12) influences the selection among the available
candidates. candidates.
While specifying an Interface on an Endpoint restricts the candidates While specifying an interface on an Endpoint restricts the candidates
available for Connection establishment in the preestablishment phase, available for Connection establishment in the preestablishment phase,
the Selection Properties prioritize and constrain the Connection the Selection Properties prioritize and constrain the Connection
establishment. establishment.
6.1.3. Protocol-Specific Endpoints 6.1.3. Protocol-Specific Endpoints
An Endpoint can have an alternative definition when using different An Endpoint can have an alternative definition when using different
protocols. For example, a server that supports both TLS/TCP and QUIC protocols. For example, a server that supports both TLS/TCP and QUIC
could be accessible on two different port numbers, depending on which could be accessible on two different port numbers, depending on which
protocol is used. protocol is used.
To scope an Endpoint to apply conditionally to a specific transport To scope an Endpoint to apply conditionally to a specific transport
protocol (such as defining an alternate port to use when QUIC is protocol (such as defining an alternate port to use when QUIC is
selected, as opposed to TCP), an Endpoint can be associated with a selected, as opposed to TCP), an Endpoint can be associated with a
protocol identifier. Protocol identifiers are objects or enumeration protocol identifier. Protocol identifiers are objects or Enumeration
values provided by the Transport Services API that will vary based on values provided by the Transport Services API that will vary based on
which protocols are implemented in a particular system. which protocols are implemented in a particular system.
AlternateRemoteSpecifier.WithProtocol(QUIC) AlternateRemoteSpecifier.WithProtocol(QUIC)
The following example shows a case where example.com has a server The following example shows a case where example.com has a server
running on port 443 with an alternate port of 8443 for QUIC. Both running on port 443 with an alternate port of 8443 for QUIC. Both
endpoints can be passed when creating a Preconnection. endpoints can be passed when creating a Preconnection.
RemoteSpecifier := NewRemoteEndpoint() RemoteSpecifier := NewRemoteEndpoint()
skipping to change at line 1167 skipping to change at line 1167
SecurityParameters := ... SecurityParameters := ...
Preconnection := NewPreconnection(LocalSpecifier, Preconnection := NewPreconnection(LocalSpecifier,
RemoteSpecifier, RemoteSpecifier,
TransportProperties, TransportProperties,
SecurityProperties) SecurityProperties)
Connection, Listener := Preconnection.Rendezvous() Connection, Listener := Preconnection.Rendezvous()
6.2. Specifying Transport Properties 6.2. Specifying Transport Properties
A Preconnection object holds properties reflecting the application's A Preconnection object holds Properties reflecting the application's
requirements and preferences for the transport. These include requirements and preferences for the transport. These include
Selection Properties for selecting Protocol Stacks and paths, as well Selection Properties for selecting Protocol Stacks and paths, as well
as Connection Properties and Message Properties for configuration of as Connection Properties and Message Properties for configuration of
the detailed operation of the selected Protocol Stacks on a per- the detailed operation of the selected Protocol Stacks on a per-
Connection and per-Message level. Connection and per-Message level.
The protocol(s) and path(s) selected as candidates during The protocol(s) and path(s) selected as candidates during
establishment are determined and configured using these properties. establishment are determined and configured using these Properties.
Since there could be paths over which some transport protocols are Since there could be paths over which some transport protocols are
unable to operate, or Remote Endpoints that support only specific unable to operate, or Remote Endpoints that support only specific
network addresses or transports, transport protocol selection is network addresses or transports, transport protocol selection is
necessarily tied to path selection. This could involve choosing necessarily tied to path selection. This could involve choosing
between multiple local interfaces that are connected to different between multiple local interfaces that are connected to different
access networks. access networks.
When additional information (such as PvD information [RFC7556]) is When additional information (such as PvD information [RFC7556]) is
available about the networks over which an endpoint can operate, this available about the networks over which an Endpoint can operate, this
can inform the selection between alternate network paths. Path can inform the selection between alternate network paths. Path
information can include the Path MTU (PMTU), the set of supported information can include the Path MTU (PMTU), the set of supported
Differentiated Services Code Points (DSCPs), expected usage, cost, Differentiated Services Code Points (DSCPs), expected usage, cost,
etc. The usage of this information by the Transport Services System etc. The usage of this information by the Transport Services System
is generally independent of the specific mechanism or protocol used is generally independent of the specific mechanism or protocol used
to receive the information (e.g., zero-conf, DHCP, or IPv6 Router to receive the information (e.g., zero-conf, DHCP, or IPv6 Router
Advertisements (RAs)). Advertisements (RAs)).
Most Selection Properties are represented as Preferences, which can Most Selection Properties are represented as Preferences, which can
take one of five values: take one of five values:
+============+=========================================+ +============+=========================================+
| Preference | Effect | | Preference | Effect |
+============+=========================================+ +============+=========================================+
| Require | Select only protocols/paths providing | | Require | Select only protocols/paths providing |
| | the property; otherwise, fail | | | the Property; otherwise, fail |
+------------+-----------------------------------------+ +------------+-----------------------------------------+
| Prefer | Prefer protocols/paths providing the | | Prefer | Prefer protocols/paths providing the |
| | property; otherwise, proceed | | | Property; otherwise, proceed |
+------------+-----------------------------------------+ +------------+-----------------------------------------+
| No | No preference | | No | No preference |
| Preference | | | Preference | |
+------------+-----------------------------------------+ +------------+-----------------------------------------+
| Avoid | Prefer protocols/paths not providing | | Avoid | Prefer protocols/paths not providing |
| | the property; otherwise, proceed | | | the Property; otherwise, proceed |
+------------+-----------------------------------------+ +------------+-----------------------------------------+
| Prohibit | Select only protocols/paths not | | Prohibit | Select only protocols/paths not |
| | providing the property; otherwise, fail | | | providing the Property; otherwise, fail |
+------------+-----------------------------------------+ +------------+-----------------------------------------+
Table 1: Selection Property Preference Levels Table 1: Selection Property Preference Levels
The implementation MUST ensure an outcome that is consistent with all The implementation MUST ensure an outcome that is consistent with all
application requirements expressed using Require and Prohibit. While application requirements expressed using Require and Prohibit. While
preferences expressed using Prefer and Avoid influence protocol and preferences expressed using Prefer and Avoid influence protocol and
path selection as well, outcomes can vary, even given the same path selection as well, outcomes can vary, even given the same
Selection Properties, because the available protocols and paths can Selection Properties, because the available protocols and paths can
differ across systems and contexts. However, implementations are differ across systems and contexts. However, implementations are
RECOMMENDED to seek to provide a consistent outcome to an RECOMMENDED to seek to provide a consistent outcome to an
application, when provided with the same set of Selection Properties. application, when provided with the same set of Selection Properties.
Note that application preferences can conflict with each other. For Note that application preferences can conflict with each other. For
example, if an application indicates a preference for a specific path example, if an application indicates a preference for a specific path
by specifying an interface, but also a preference for a protocol, a by specifying an interface, but also a preference for a protocol, a
situation might occur in which the preferred protocol is not situation might occur in which the preferred protocol is not
available on the preferred path. In such cases, applications can available on the preferred path. In such cases, applications can
expect properties that determine path selection to be prioritized expect Properties that determine path selection to be prioritized
over properties that determine protocol selection. The transport over Properties that determine protocol selection. The Transport
system SHOULD determine the preferred path first, regardless of Services System SHOULD determine the preferred path first, regardless
protocol preferences. This ordering is chosen to provide consistency of protocol preferences. This ordering is chosen to provide
across implementations; this is based on the fact that it is more consistency across implementations; this is based on the fact that it
common for the use of a given network path to determine cost to the is more common for the use of a given network path to determine cost
user (i.e., an interface type preference might be based on a user's to the user (i.e., an interface type preference might be based on a
preference to avoid being charged more for a cellular data plan). user's preference to avoid being charged more for a cellular data
plan).
Selection and Connection Properties, as well as defaults for Message Selection and Connection Properties, as well as defaults for Message
Properties, can be added to a Preconnection to configure the Properties, can be added to a Preconnection to configure the
selection process and to further configure the eventually selected selection process and to further configure the eventually selected
Protocol Stack(s). They are collected into a TransportProperties Protocol Stack(s). They are collected into a TransportProperties
object to be passed into a Preconnection object: object to be passed into a Preconnection object:
TransportProperties := NewTransportProperties() TransportProperties := NewTransportProperties()
Individual properties are then set on the TransportProperties object. Individual Properties are then set on the TransportProperties object.
Setting a Transport Property to a value overrides the previous value Setting a Transport Property to a value overrides the previous value
of this Transport Property. of this Transport Property.
TransportProperties.Set(property, value) TransportProperties.Set(property, value)
To aid readability, implementations MAY provide additional To aid readability, implementations MAY provide additional
convenience functions to simplify the use of Selection Properties: convenience functions to simplify the use of Selection Properties:
see Appendix B.1 for examples. In addition, implementations MAY see Appendix B.1 for examples. In addition, implementations MAY
provide a mechanism to create TransportProperties objects that are provide a mechanism to create TransportProperties objects that are
preconfigured for common use cases, as outlined in Appendix B.2. preconfigured for common use cases, as outlined in Appendix B.2.
skipping to change at line 1272 skipping to change at line 1273
A Connection gets its Transport Properties by either being explicitly A Connection gets its Transport Properties by either being explicitly
configured via a Preconnection, being configured after establishment, configured via a Preconnection, being configured after establishment,
or inheriting them from an antecedent via cloning; see Section 7.4 or inheriting them from an antecedent via cloning; see Section 7.4
for more details. for more details.
Section 8.1 provides a list of Connection Properties, while Selection Section 8.1 provides a list of Connection Properties, while Selection
Properties are listed in the subsections below. Selection Properties Properties are listed in the subsections below. Selection Properties
are only considered during establishment and cannot be changed after are only considered during establishment and cannot be changed after
a Connection is established. At this point, Selection Properties can a Connection is established. At this point, Selection Properties can
only be read to check the properties used by the Connection. Upon only be read to check the Properties used by the Connection. Upon
reading, the Preference type of a Selection Property changes into reading, the Preference type of a Selection Property changes into
Boolean, where: Boolean, where:
* true means that the selected Protocol Stack supports the feature * true means that the selected Protocol Stack supports the feature
or uses the path associated with the Selection Property, and or uses the path associated with the Selection Property, and
* false means that the Protocol Stack does not support the feature * false means that the Protocol Stack does not support the feature
or use the path. or use the path.
Implementations of Transport Services systems could alternatively use Implementations of Transport Services Systems could alternatively use
the Require and Prohibit Preference values to represent true and the Require and Prohibit Preference values to represent true and
false, respectively. Other types of Selection Properties remain false, respectively. Other types of Selection Properties remain
unchanged when they are made available for reading after a Connection unchanged when they are made available for reading after a Connection
is established. is established.
An implementation of the Transport Services API needs to provide An implementation of the Transport Services API needs to provide
sensible defaults for Selection Properties. The default values for sensible defaults for Selection Properties. The default values for
each property below represent a configuration that can be implemented each Property below represent a configuration that can be implemented
over TCP. If these default values are used and TCP is not supported over TCP. If these default values are used and TCP is not supported
by a Transport Services system, then an application using the default by a Transport Services System, then an application using the default
set of Properties might not succeed in establishing a Connection. set of Properties might not succeed in establishing a Connection.
Using the same default values for independent Transport Services Using the same default values for independent Transport Services
systems can be beneficial when applications are ported between Systems can be beneficial when applications are ported between
different implementations/platforms, even if this default could lead different implementations/platforms, even if this default could lead
to a Connection failure when TCP is not available. If default values to a Connection failure when TCP is not available. If default values
other than those suggested below are used, it is RECOMMENDED to other than those suggested below are used, it is RECOMMENDED to
clearly document any differences. clearly document any differences.
6.2.1. Reliable Data Transfer (Connection) 6.2.1. Reliable Data Transfer (Connection)
Name: reliability Name: reliability
Type: Preference Type: Preference
Default: Require Default: Require
This property specifies whether the application needs to use a This Property specifies whether the application needs to use a
transport protocol that ensures that all data is received at the transport protocol that ensures that all data is received at the
Remote Endpoint in order, without loss or duplication. When reliable Remote Endpoint in order, without loss or duplication. When reliable
data transfer is enabled, this also entails being notified when a data transfer is enabled, this also entails being notified when a
Connection is closed or aborted. Connection is closed or aborted.
6.2.2. Preservation of Message Boundaries 6.2.2. Preservation of Message Boundaries
Name: preserveMsgBoundaries Name: preserveMsgBoundaries
Type: Preference Type: Preference
Default: No Preference Default: No Preference
This property specifies whether the application needs or prefers to This Property specifies whether the application needs or prefers to
use a transport protocol that preserves message boundaries. use a transport protocol that preserves Message boundaries.
6.2.3. Configure Per-Message Reliability 6.2.3. Configure Per-Message Reliability
Name: perMsgReliability Name: perMsgReliability
Type: Preference Type: Preference
Default: No Preference Default: No Preference
This property specifies whether an application considers it useful to This Property specifies whether an application considers it useful to
specify different reliability requirements for individual Messages in specify different reliability requirements for individual Messages in
a Connection. a Connection.
6.2.4. Preservation of Data Ordering 6.2.4. Preservation of Data Ordering
Name: preserveOrder Name: preserveOrder
Type: Preference Type: Preference
Default: Require Default: Require
This property specifies whether the application wishes to use a This Property specifies whether the application wishes to use a
transport protocol that can ensure that data is received by the transport protocol that can ensure that data is received by the
application at the Remote Endpoint in the same order as it was sent. application at the Remote Endpoint in the same order as it was sent.
6.2.5. Use 0-RTT Session Establishment with a Safely Replayable Message 6.2.5. Use 0-RTT Session Establishment with a Safely Replayable Message
Name: zeroRttMsg Name: zeroRttMsg
Type: Preference Type: Preference
Default: No Preference Default: No Preference
This property specifies whether an application would like to supply a This Property specifies whether an application would like to supply a
Message to the transport protocol before connection establishment, Message to the transport protocol before Connection establishment,
which will then be reliably transferred to the Remote Endpoint before which will then be reliably transferred to the Remote Endpoint before
or during connection establishment. This Message can potentially be or during connection establishment. This Message can potentially be
received multiple times (i.e., multiple copies of the Message data received multiple times (i.e., multiple copies of the Message data
could be passed to the Remote Endpoint). See also Section 9.1.3.4. could be passed to the Remote Endpoint). See also Section 9.1.3.4.
6.2.6. Multistream Connections in a Group 6.2.6. Multistream Connections in a Group
Name: multistreaming Name: multistreaming
Type: Preference Type: Preference
Default: Prefer Default: Prefer
This property specifies whether the application would prefer multiple This Property specifies whether the application would prefer multiple
Connections within a Connection Group to be provided by streams of a Connections within a Connection Group to be provided by streams of a
single underlying transport connection, where possible. single underlying transport connection, where possible.
6.2.7. Full Checksum Coverage on Sending 6.2.7. Full Checksum Coverage on Sending
Name: fullChecksumSend Name: fullChecksumSend
Type: Preference Type: Preference
Default: Require Default: Require
This property specifies the application's need for protection against This Property specifies the application's need for protection against
corruption for all data transmitted on this Connection. Disabling corruption for all data transmitted on this Connection. Disabling
this property could enable the application to influence the sender this Property could enable the application to influence the sender
checksum coverage after Connection establishment (see checksum coverage after Connection establishment (see
Section 9.1.3.6). Section 9.1.3.6).
6.2.8. Full Checksum Coverage on Receiving 6.2.8. Full Checksum Coverage on Receiving
Name: fullChecksumRecv Name: fullChecksumRecv
Type: Preference Type: Preference
Default: Require Default: Require
This property specifies the application's need for protection against This Property specifies the application's need for protection against
corruption for all data received on this Connection. Disabling this corruption for all data received on this Connection. Disabling this
property could enable the application to influence the required Property could enable the application to influence the required
minimum receiver checksum coverage after Connection establishment minimum receiver checksum coverage after Connection establishment
(see Section 8.1.1). (see Section 8.1.1).
6.2.9. Congestion Control 6.2.9. Congestion Control
Name: congestionControl Name: congestionControl
Type: Preference Type: Preference
Default: Require Default: Require
This property specifies whether or not the application would like the This Property specifies whether or not the application would like the
Connection to be congestion controlled. Note that if a Connection is Connection to be congestion controlled. Note that if a Connection is
not congestion controlled, an application using such a Connection not congestion controlled, an application using such a Connection
SHOULD itself perform congestion control in accordance with [RFC2914] SHOULD itself perform congestion control in accordance with [RFC2914]
or use a circuit breaker in accordance with [RFC8084], whichever is or use a circuit breaker in accordance with [RFC8084], whichever is
appropriate. Also note that reliability is usually combined with appropriate. Also note that reliability is usually combined with
congestion control in protocol implementations rendering "reliable congestion control in protocol implementations rendering "reliable
but not congestion controlled", a request that is unlikely to but not congestion controlled", a request that is unlikely to
succeed. If the Connection is congestion controlled, performing succeed. If the Connection is congestion controlled, performing
additional congestion control in the application can have negative additional congestion control in the application can have negative
performance implications. performance implications.
6.2.10. Keep-Alive Packets 6.2.10. Keep-Alive Packets
Name: keepAlive Name: keepAlive
Type: Preference Type: Preference
Default: No Preference Default: No Preference
This property specifies whether or not the application would like the This Property specifies whether or not the application would like the
Connection to send keep-alive packets. Note that if a Connection Connection to send keep-alive packets. Note that if a Connection
determines that keep-alive packets are being sent, the application determines that keep-alive packets are being sent, the application
itself SHOULD avoid generating additional keep-alive messages. Note itself SHOULD avoid generating additional keep-alive Messages. Note
that, when supported, the system will use the default period for that, when supported, the system will use the default period for
generation of the keep-alive packets. (See also Section 8.1.4.) generation of the keep-alive packets. (See also Section 8.1.4.)
6.2.11. Interface Instance or Type 6.2.11. Interface Instance or Type
Name: interface Name: interface
Type: Set of (Preference, Enumeration) Type: Set of (Preference, Enumeration)
Default: Empty (not setting a preference for any interface) Default: Empty (not setting a Preference for any interface)
This property allows the application to select any specific network This Property allows the application to select any specific network
interfaces or categories of interfaces it wants to Require, Prohibit, interfaces or categories of interfaces it wants to Require, Prohibit,
Prefer, or Avoid. Note that marking a specific interface as Require Prefer, or Avoid. Note that marking a specific interface as Require
strictly limits path selection to that single interface, and often strictly limits path selection to that single interface, and often
leads to less flexible and resilient connection establishment. leads to less flexible and resilient Connection establishment.
In contrast to other Selection Properties, this property is a set of In contrast to other Selection Properties, this Property is a set of
tuples of (Enumerated) interface identifier and preference. It can tuples of (enumerated) interface identifier and Preference. It can
either be implemented directly as such or be implemented to make one either be implemented directly as such or be implemented to make one
preference available for each interface and interface type available Preference available for each interface and interface type available
on the system. on the system.
The set of valid interface types is specific to the implementation or The set of valid interface types is specific to the implementation or
system. For example, on a mobile device, there could be Wi-Fi and system. For example, on a mobile device, there could be Wi-Fi and
Cellular interface types available; whereas, on a desktop computer, Cellular interface types available; whereas, on a desktop computer,
Wi-Fi and Wired Ethernet interface types might be available. An Wi-Fi and Wired Ethernet interface types might be available. An
implementation should provide all types that are supported on the implementation should provide all types that are supported on the
local system to allow applications to be written generically. For local system to allow applications to be written generically. For
example, if a single implementation is used on both mobile devices example, if a single implementation is used on both mobile devices
and desktop devices, it ought to define the Cellular interface type and desktop devices, it ought to define the Cellular interface type
for both systems, since an application might wish to always prohibit for both systems, since an application might wish to always prohibit
cellular. Cellular.
The set of interface types is expected to change over time as new The set of interface types is expected to change over time as new
access technologies become available. The taxonomy of interface access technologies become available. The taxonomy of interface
types on a given Transport Services system is implementation types on a given Transport Services System is implementation
specific. specific.
Interface types SHOULD NOT be treated as a proxy for properties of Interface types SHOULD NOT be treated as a proxy for properties of
interfaces, such as metered or unmetered network access. If an interfaces, such as metered or unmetered network access. If an
application needs to prohibit metered interfaces, this should be application needs to prohibit metered interfaces, this should be
specified via Provisioning Domain attributes (see Section 6.2.12) or specified via Provisioning Domain attributes (see Section 6.2.12) or
another specific property. another specific Property.
Note that this property is not used to specify an interface scope Note that this Property is not used to specify an interface scope
zone for a particular Endpoint. Section 6.1.2 provides details about zone for a particular Endpoint. Section 6.1.2 provides details about
how to qualify endpoint candidates on a per-interface basis. how to qualify endpoint candidates on a per-interface basis.
6.2.12. Provisioning Domain Instance or Type 6.2.12. Provisioning Domain Instance or Type
Name: pvd Name: pvd
Type: Set of (Preference, Enumeration) Type: Set of (Preference, Enumeration)
Default: Empty (not setting a preference for any PvD) Default: Empty (not setting a Preference for any PvD)
Similar to interface (see Section 6.2.11), this property allows the Similar to interface (see Section 6.2.11), this Property allows the
application to control path selection by selecting which specific PvD application to control path selection by selecting which specific PvD
or categories of PvDs it wants to Require, Prohibit, Prefer, or or categories of PvDs it wants to Require, Prohibit, Prefer, or
Avoid. Provisioning Domains define consistent sets of network Avoid. Provisioning Domains define consistent sets of network
properties that might be more specific than network interfaces properties that might be more specific than network interfaces
[RFC7556]. [RFC7556].
As with interface, this property is a set of tuples of (Enumerated) As with interface, this Property is a set of tuples of (enumerated)
PvD identifier and preference. It can either be implemented directly PvD identifier and Preference. It can either be implemented directly
as such or be implemented to make one preference available for each as such or be implemented to make one Preference available for each
interface and interface type available on the system. interface and interface type available on the system.
The identification of a specific PvD is specific to the The identification of a specific PvD is specific to the
implementation or system. [RFC8801] defines how to use an FQDN to implementation or system. [RFC8801] defines how to use an FQDN to
identify a PvD when advertised by a network, but systems might also identify a PvD when advertised by a network, but systems might also
use other locally relevant identifiers such as string names or use other locally relevant identifiers such as string names or
Integers to identify PvDs. As with requiring specific interfaces, Integers to identify PvDs. As with requiring specific interfaces,
requiring a specific PvD strictly limits the path selection. requiring a specific PvD strictly limits the path selection.
Categories or types of PvDs are also defined to be specific to the Categories or types of PvDs are also defined to be specific to the
skipping to change at line 1532 skipping to change at line 1533
6.2.13. Use Temporary Local Address 6.2.13. Use Temporary Local Address
Name: useTemporaryLocalAddress Name: useTemporaryLocalAddress
Type: Preference Type: Preference
Default: Avoid for Listeners and Rendezvous Connections; Prefer for Default: Avoid for Listeners and Rendezvous Connections; Prefer for
other Connections other Connections
This property allows the application to express a preference for the This Property allows the application to express a preference for the
use of temporary local addresses, sometimes called "privacy" use of temporary local addresses, sometimes called "privacy"
addresses [RFC8981]. Temporary addresses are generally used to addresses [RFC8981]. Temporary addresses are generally used to
prevent linking connections over time when a stable address, prevent linking connections over time when a stable address,
sometimes called a "permanent" address, is not needed. There are sometimes called a "permanent" address, is not needed. There are
some caveats to note when specifying this property. First, if an some caveats to note when specifying this Property. First, if an
application requires the use of temporary addresses, the resulting application requires the use of temporary addresses, the resulting
Connection cannot use IPv4 because temporary addresses do not exist Connection cannot use IPv4 because temporary addresses do not exist
in IPv4. Second, temporary local addresses might involve trading off in IPv4. Second, temporary local addresses might involve trading off
privacy for performance. For instance, temporary addresses (e.g., privacy for performance. For instance, temporary addresses (e.g.,
[RFC8981]) can interfere with resumption mechanisms that some [RFC8981]) can interfere with resumption mechanisms that some
protocols rely on to reduce initial latency. protocols rely on to reduce initial latency.
6.2.14. Multipath Transport 6.2.14. Multipath Transport
Name: multipath Name: multipath
Type: Enumeration Type: Enumeration
Default: Disabled for Connections created through initiate and Default: Disabled for Connections created through Initiate and
rendezvous; Passive for Listeners Rendezvous; Passive for Listeners
This property specifies whether, and how, applications want to take This Property specifies whether, and how, applications want to take
advantage of transferring data across multiple paths between the same advantage of transferring data across multiple paths between the same
end hosts. Using multiple paths allows Connections to migrate end hosts. Using multiple paths allows Connections to migrate
between interfaces or aggregate bandwidth as availability and between interfaces or aggregate bandwidth as availability and
performance properties change. Possible values are as follows: performance properties change. Possible values are as follows:
Disabled: The Connection will not use multiple paths once Disabled: The Connection will not use multiple paths once
established, even if the chosen transport supports using multiple established, even if the chosen transport supports using multiple
paths. paths.
Active: The Connection will negotiate the use of multiple paths if Active: The Connection will negotiate the use of multiple paths if
the chosen transport supports it. the chosen transport supports it.
Passive: The Connection will support the use of multiple paths if Passive: The Connection will support the use of multiple paths if
the Remote Endpoint requests it. the Remote Endpoint requests it.
The policy for using multiple paths is specified using the separate The policy for using multiple paths is specified using the separate
multipathPolicy property; see Section 8.1.7. To enable the peer multipathPolicy Property; see Section 8.1.7. To enable the peer
endpoint to initiate additional paths toward a local address other Endpoint to initiate additional paths toward a local address other
than the one initially used, it is necessary to set the than the one initially used, it is necessary to set the
advertisesAltaddr property (see Section 6.2.15). advertisesAltaddr Property (see Section 6.2.15).
Setting this property to Active can have privacy implications. It Setting this Property to Active can have privacy implications. It
enables the transport to establish connectivity using alternate paths enables the transport to establish connectivity using alternate paths
that might result in users being linkable across the multiple paths, that might result in users being linkable across the multiple paths,
even if the advertisesAltaddr property (see Section 6.2.15) is set to even if the advertisesAltaddr Property (see Section 6.2.15) is set to
false. false.
Note that Multipath Transport has no corresponding Selection Property Note that this Property has no corresponding Selection Property of
of type "Preference". Enumeration values other than Disabled are type "Preference". Enumeration values other than Disabled are
interpreted as a preference for choosing protocols that can make use interpreted as a preference for choosing protocols that can make use
of multiple paths. The Disabled value implies a requirement not to of multiple paths. The Disabled value implies a requirement not to
use multiple paths in parallel but does not prevent choosing a use multiple paths in parallel but does not prevent choosing a
protocol that is capable of using multiple paths, e.g., it does not protocol that is capable of using multiple paths, e.g., it does not
prevent choosing TCP but prevents sending the MP_CAPABLE option in prevent choosing TCP but prevents sending the MP_CAPABLE option in
the TCP handshake. the TCP handshake.
6.2.15. Advertisement of Alternative Addresses 6.2.15. Advertisement of Alternative Addresses
Name: advertisesAltaddr Name: advertisesAltaddr
Type: Boolean Type: Boolean
Default: false Default: false
This property specifies whether alternative addresses, e.g., of other This Property specifies whether alternative addresses, e.g., of other
interfaces, ought to be advertised to the peer endpoint by the interfaces, ought to be advertised to the peer Endpoint by the
Protocol Stack. Advertising these addresses enables the peer Protocol Stack. Advertising these addresses enables the peer
endpoint to establish additional connectivity, e.g., for Connection Endpoint to establish additional connectivity, e.g., for Connection
migration or using multiple paths. migration or using multiple paths.
Note that this can have privacy implications because it might result Note that this can have privacy implications because it might result
in users being linkable across the multiple paths. Also, note that in users being linkable across the multiple paths. Also, note that
setting this to false does not prevent the local Transport Services setting this to false does not prevent the local Transport Services
system from _establishing_ connectivity using alternate paths (see System from _establishing_ connectivity using alternate paths (see
Section 6.2.14); it only prevents _proactive advertisement_ of Section 6.2.14); it only prevents _proactive advertisement_ of
addresses. addresses.
6.2.16. Direction of Communication 6.2.16. Direction of Communication
Name: direction Name: direction
Type: Enumeration Type: Enumeration
Default: Bidirectional Default: Bidirectional
This property specifies whether an application wants to use the This Property specifies whether an application wants to use the
Connection for sending and/or receiving data. Possible values are as Connection for sending and/or receiving data. Possible values are as
follows: follows:
Bidirectional: The Connection must support sending and receiving Bidirectional: The Connection must support sending and receiving
data. data.
Unidirectional send: The Connection must support sending data, and Unidirectional send: The Connection must support sending data, and
the application cannot use the Connection to receive any data. the application cannot use the Connection to receive any data.
Unidirectional receive: The Connection must support receiving data, Unidirectional receive: The Connection must support receiving data,
and the application cannot use the Connection to send any data. and the application cannot use the Connection to send any data.
Since unidirectional communication can be supported by transports Since unidirectional communication can be supported by transports
offering bidirectional communication, specifying unidirectional offering bidirectional communication, specifying unidirectional
communication might cause a transport stack that supports communication might cause a Protocol Stack that supports
bidirectional communication to be selected. bidirectional communication to be selected.
6.2.17. Notification of ICMP Soft Error Message Arrival 6.2.17. Notification of ICMP Soft Error Message Arrival
Name: softErrorNotify Name: softErrorNotify
Type: Preference Type: Preference
Default: No Preference Default: No Preference
This property specifies whether an application considers it useful to This Property specifies whether an application considers it useful to
be informed when an ICMP error message arrives that does not force be informed when an ICMP error message arrives that does not force
termination of a connection. When set to true, received ICMP errors termination of a connection. When set to true, received ICMP errors
are available as SoftError events; see Section 8.3.1. Note that even are available as SoftError events; see Section 8.3.1. Note that even
if a protocol supporting this property is selected, not all ICMP if a protocol supporting this Property is selected, not all ICMP
errors will necessarily be delivered, so applications cannot rely errors will necessarily be delivered, so applications cannot rely
upon receiving them [RFC8085]. upon receiving them [RFC8085].
6.2.18. Initiating Side Is Not the First to Write 6.2.18. Initiating Side Is Not the First to Write
Name: activeReadBeforeSend Name: activeReadBeforeSend
Type: Preference Type: Preference
Default: No Preference Default: No Preference
The most common client-server communication pattern involves the The most common client-server communication pattern involves the
client actively opening a Connection, then sending data to the client actively opening a Connection, then sending data to the
server. The server listens (passive open), reads, and then answers. server. The server listens (passive open), reads, and then answers.
This property specifies whether an application wants to diverge from This Property specifies whether an application wants to diverge from
this pattern by either: this pattern by either:
1. actively opening with Initiate, immediately followed by reading 1. actively opening with Initiate, immediately followed by reading
or or
2. passively opening with Listen, immediately followed by writing. 2. passively opening with Listen, immediately followed by writing.
This property is ignored when establishing connections using This Property is ignored when establishing connections using
Rendezvous. Requiring this property limits the choice of mappings to Rendezvous. Requiring this Property limits the choice of mappings to
underlying protocols, which can reduce efficiency. For example, it underlying protocols, which can reduce efficiency. For example, it
prevents the Transport Services system from mapping Connections to prevents the Transport Services System from mapping Connections to
Stream Control Transmission Protocol (SCTP) streams, where the first Stream Control Transmission Protocol (SCTP) streams, where the first
transmitted data takes the role of an active open signal. transmitted data takes the role of an active open signal.
6.3. Specifying Security Parameters and Callbacks 6.3. Specifying Security Parameters and Callbacks
Most security parameters, e.g., TLS ciphersuites, local identity and Most Security Parameters, e.g., TLS ciphersuites, local identity and
private key, etc., can be configured statically. Others are private key, etc., can be configured statically. Others are
dynamically configured during Connection establishment. Security dynamically configured during Connection establishment. Security
parameters and callbacks are partitioned based on their place in the Parameters and callbacks are partitioned based on their place in the
lifetime of Connection establishment. Similar to Transport lifetime of Connection establishment. Similar to Transport
Properties, both parameters and callbacks are inherited during Properties, both parameters and callbacks are inherited during
cloning (see Section 7.4). cloning (see Section 7.4).
This document specifies an abstract API, which could appear to This document specifies an abstract API, which could appear to
conflict with the need for security parameters to be unambiguous. conflict with the need for Security Parameters to be unambiguous.
The Transport Services System SHOULD provide reasonable, secure The Transport Services System SHOULD provide reasonable, secure
defaults for each enumerated security parameter, such that users of defaults for each enumerated Security Parameter, such that users of
the system only need to specify parameters required to establish a the system only need to specify parameters required to establish a
secure connection (e.g., serverCertificate or clientCertificate). secure connection (e.g., serverCertificate or clientCertificate).
Specifying security parameters from enumerated values (e.g., specific Specifying Security Parameters from enumerated values (e.g., specific
ciphersuites) might constrain which transport protocols can be ciphersuites) might constrain which transport protocols can be
selected during Connection establishment. selected during Connection establishment.
Security configuration parameters are specified in the Security Parameters are specified in the preestablishment phase and
preestablishment phase and are created as follows: are created as follows:
SecurityParameters := NewSecurityParameters() SecurityParameters := NewSecurityParameters()
Specific parameters are added using a call to Set on the Specific parameters are added using a call to Set on the
SecurityParameters. SecurityParameters.
As with the rest of the Transport Services API, the exact names of As with the rest of the Transport Services API, the exact names of
parameters and/or values of enumerations (e.g., ciphersuites) used in parameters and/or values of Enumerations (e.g., ciphersuites) used in
the security parameters are specific to the system or implementation the Security Parameters are specific to the system or implementation
and ought to be chosen to follow the principle of least surprise for and ought to be chosen to follow the principle of least surprise for
users of the platform/language environment in question. users of the platform/language environment in question.
For security parameters that are enumerations of known values, such For Security Parameters that are Enumerations of known values, such
as TLS ciphersuites, implementations are responsible for exposing the as TLS ciphersuites, implementations are responsible for exposing the
set of values they support. For security parameters that are not set of values they support. For Security Parameters that are not
simple value types, such as certificates and keys, implementations simple value types, such as certificates and keys, implementations
are responsible for exposing types appropriate for the platform/ are responsible for exposing types appropriate for the platform/
language environment. language environment.
Applications SHOULD use common safe defaults for values such as TLS Applications SHOULD use common safe defaults for values such as TLS
ciphersuites whenever possible. However, as discussed in [RFC8922], ciphersuites whenever possible. However, as discussed in [RFC8922],
many transport security protocols require specific security many transport security protocols require specific Security
parameters and constraints from the client at the time of Parameters and constraints from the client at the time of
configuration and actively during a handshake. configuration and actively during a handshake.
The set of security parameters defined here is not exhaustive, but The set of Security Parameters defined here is not exhaustive, but
illustrative. Implementations SHOULD expose an equivalent to the illustrative. Implementations SHOULD expose an equivalent to the
parameters listed below to allow for sufficient configuration of parameters listed below to allow for sufficient configuration of
security parameters, but the details are expected to vary based on Security Parameters, but the details are expected to vary based on
platform and implementation constraints. Applications MUST be able platform and implementation constraints. Applications MUST be able
to constrain the security protocols and versions that the Transport to constrain the security protocols and versions that the Transport
Services System will use. Services System will use.
Representation of security parameters in implementations ought to Representation of Security Parameters in implementations ought to
parallel that chosen for Transport Property names as suggested in parallel that chosen for Transport Property names as suggested in
Section 5. Section 5.
Connections that use Transport Services SHOULD use security in Connections that use Transport Services SHOULD use security in
general. However, for compatibility with endpoints that do not general. However, for compatibility with endpoints that do not
support transport security protocols (such as a TCP endpoint that support transport security protocols (such as a TCP endpoint that
does not support TLS), applications can initialize their security does not support TLS), applications can initialize their Security
parameters to indicate that security can be disabled or Parameters to indicate that security can be disabled or
opportunistic. If security is disabled, the Transport Services opportunistic. If security is disabled, the Transport Services
system will not attempt to add transport security automatically. If System will not attempt to add transport security automatically. If
security is opportunistic, it will allow Connections without security is opportunistic, it will allow Connections without
transport security, but it will still attempt to use unauthenticated transport security, but it will still attempt to use unauthenticated
security if available. security if available.
SecurityParameters := NewDisabledSecurityParameters() SecurityParameters := NewDisabledSecurityParameters()
SecurityParameters := NewOpportunisticSecurityParameters() SecurityParameters := NewOpportunisticSecurityParameters()
6.3.1. Allowed Security Protocols 6.3.1. Allowed Security Protocols
Name: allowedSecurityProtocols Name: allowedSecurityProtocols
Type: Implementation-specific enumeration of security protocol names Type: Implementation-specific Enumeration of security protocol names
and/or versions and/or versions
Default: Implementation-specific best available security protocols Default: Implementation-specific best available security protocols
This property allows applications to restrict which security This Property allows applications to restrict which security
protocols and security protocol versions can be used in the Protocol protocols and security protocol versions can be used in the Protocol
Stack. Applications MUST be able to constrain the security protocols Stack. Applications MUST be able to constrain the security protocols
used by this or an equivalent mechanism, in order to prevent the use used by this or an equivalent mechanism, in order to prevent the use
of security protocols with unknown or weak security properties. of security protocols with unknown or weak security properties.
SecurityParameters.Set(allowedSecurityProtocols, [ tls_1_2, tls_1_3 ]) SecurityParameters.Set(allowedSecurityProtocols, [ tls_1_2, tls_1_3 ])
6.3.2. Certificate Bundles 6.3.2. Certificate Bundles
Names: serverCertificate, clientCertificate Names: serverCertificate, clientCertificate
skipping to change at line 1827 skipping to change at line 1828
field. Note that the Transport Services System can provide ALPN field. Note that the Transport Services System can provide ALPN
values automatically based on the protocols being used, if not values automatically based on the protocols being used, if not
explicitly specified by the application. explicitly specified by the application.
SecurityParameters.Set(alpn, ["h2"]) SecurityParameters.Set(alpn, ["h2"])
6.3.5. Groups, Ciphersuites, and Signature Algorithms 6.3.5. Groups, Ciphersuites, and Signature Algorithms
Names: supportedGroup, ciphersuite, signatureAlgorithm Names: supportedGroup, ciphersuite, signatureAlgorithm
Types: Arrays of implementation-specific enumerations Types: Arrays of implementation-specific Enumerations
Default: Automatic selection Default: Automatic selection
These are used to restrict what cryptographic parameters are used by These are used to restrict what cryptographic parameters are used by
underlying transport security protocols. When not specified, these underlying transport security protocols. When not specified, these
algorithms should use known and safe defaults for the system. algorithms should use known and safe defaults for the system.
SecurityParameters.Set(supportedGroup, secp256r1) SecurityParameters.Set(supportedGroup, secp256r1)
SecurityParameters.Set(ciphersuite, TLS_AES_128_GCM_SHA256) SecurityParameters.Set(ciphersuite, TLS_AES_128_GCM_SHA256)
SecurityParameters.Set(signatureAlgorithm, ecdsa_secp256r1_sha256) SecurityParameters.Set(signatureAlgorithm, ecdsa_secp256r1_sha256)
skipping to change at line 1878 skipping to change at line 1879
way, e.g., as a Union type or special value. way, e.g., as a Union type or special value.
SecurityParameters.Set(preSharedKey, key, myIdentity) SecurityParameters.Set(preSharedKey, key, myIdentity)
6.3.8. Connection Establishment Callbacks 6.3.8. Connection Establishment Callbacks
Security decisions, especially pertaining to trust, are not static. Security decisions, especially pertaining to trust, are not static.
Once configured, parameters can also be supplied during Connection Once configured, parameters can also be supplied during Connection
establishment. These are best handled as client-provided callbacks. establishment. These are best handled as client-provided callbacks.
Callbacks block the progress of the Connection establishment, which Callbacks block the progress of the Connection establishment, which
distinguishes them from other events in the transport system. How distinguishes them from other events in the Transport Services
callbacks and events are implemented is specific to each System. How callbacks and events are implemented is specific to each
implementation. Security handshake callbacks that could be invoked implementation. Security handshake callbacks that could be invoked
during Connection establishment include: during Connection establishment include:
* Trust verification callback: Invoked when a Remote Endpoint's * Trust verification callback: Invoked when a Remote Endpoint's
trust must be verified before the handshake protocol can continue. trust must be verified before the handshake protocol can continue.
For example, the application could verify an X.509 certificate as For example, the application could verify an X.509 certificate as
described in [RFC5280]. described in [RFC5280].
TrustCallback := NewCallback({ TrustCallback := NewCallback({
// Handle the trust and return the result // Handle the trust and return the result
skipping to change at line 1906 skipping to change at line 1907
ChallengeCallback := NewCallback({ ChallengeCallback := NewCallback({
// Handle the challenge // Handle the challenge
}) })
SecurityParameters.SetIdentityChallengeCallback(ChallengeCallback) SecurityParameters.SetIdentityChallengeCallback(ChallengeCallback)
7. Establishing Connections 7. Establishing Connections
Before a Connection can be used for data transfer, it needs to be Before a Connection can be used for data transfer, it needs to be
established. Establishment ends the preestablishment phase; all established. Establishment ends the preestablishment phase; all
transport properties and cryptographic parameter specification must transport Properties and cryptographic parameter specification must
be complete before establishment, as these will be used to select be complete before establishment, as these will be used to select
candidate Paths and Protocol Stacks for the Connection. Candidate Paths and Protocol Stacks for the Connection.
Establishment can be active, using the Initiate action; passive, Establishment can be active, using the Initiate action; passive,
using the Listen action; or simultaneous for peer-to-peer using the Listen action; or simultaneous for peer-to-peer
connections, using the Rendezvous action. These actions are connections, using the Rendezvous action. These actions are
described in the subsections below. described in the subsections below.
7.1. Active Open: Initiate 7.1. Active Open: Initiate
Active open is the action of establishing a Connection to a Remote Active open is the action of establishing a Connection to a Remote
Endpoint presumed to be listening for incoming Connection requests. Endpoint presumed to be listening for incoming Connection requests.
Active open is used by clients in client-server interactions. Active Active open is used by clients in client-server interactions. Active
open is supported by the Transport Services API through the Initiate open is supported by the Transport Services API through the Initiate
action: action:
Connection := Preconnection.Initiate(timeout?) Connection := Preconnection.Initiate(timeout?)
The timeout parameter specifies how long to wait before aborting The timeout parameter specifies how long to wait before aborting
Active open. Before calling Initiate, the caller must have populated active open. Before calling Initiate, the caller must have populated
a Preconnection object with a Remote Endpoint object to identify the a Preconnection object with a Remote Endpoint object to identify the
endpoint, optionally a Local Endpoint object (if not specified, the Endpoint, optionally a Local Endpoint object (if not specified, the
system will attempt to determine a suitable Local Endpoint), as well system will attempt to determine a suitable Local Endpoint), as well
as all properties necessary for candidate selection. as all Properties necessary for candidate selection.
The Initiate action returns a Connection object. Once Initiate has The Initiate action returns a Connection object. Once Initiate has
been called, any changes to the Preconnection MUST NOT have any been called, any changes to the Preconnection MUST NOT have any
effect on the Connection. However, the Preconnection can be reused, effect on the Connection. However, the Preconnection can be reused,
e.g., to Initiate another Connection. e.g., to Initiate another Connection.
Once Initiate is called, the candidate Protocol Stack(s) can cause Once Initiate is called, the candidate Protocol Stack(s) can cause
one or more candidate transport-layer connections to be created to one or more candidate transport-layer connections to be created to
the specified Remote Endpoint. The caller could immediately begin the specified Remote Endpoint. The caller could immediately begin
sending Messages on the Connection (see Section 9.2) after calling sending Messages on the Connection (see Section 9.2) after calling
skipping to change at line 1951 skipping to change at line 1952
sent while the Connection is being established could be sent multiple sent while the Connection is being established could be sent multiple
times or using multiple candidates. times or using multiple candidates.
The following events can be sent by the Connection after Initiate is The following events can be sent by the Connection after Initiate is
called: called:
Connection -> Ready<> Connection -> Ready<>
The Ready event occurs after Initiate has established a transport- The Ready event occurs after Initiate has established a transport-
layer connection on at least one usable candidate Protocol Stack over layer connection on at least one usable candidate Protocol Stack over
at least one candidate Path. No Receive events (see Section 9.3) at least one Candidate Path. No Receive events (see Section 9.3)
will occur before the Ready event for Connections established using will occur before the Ready event for Connections established using
Initiate. Initiate.
Connection -> EstablishmentError<reason?> Connection -> EstablishmentError<reason?>
An EstablishmentError occurs when: An EstablishmentError occurs when:
* the set of transport properties and security parameters cannot be * the set of transport Properties and Security Parameters cannot be
fulfilled on a Connection for initiation (e.g., the set of fulfilled on a Connection for initiation (e.g., the set of
available Paths and/or Protocol Stacks meeting the constraints is available paths and/or Protocol Stacks meeting the constraints is
empty) or reconciled with the Local and/or Remote Endpoints, empty) or reconciled with the Local and/or Remote Endpoints,
* a Remote Endpoint Identifier cannot be resolved, or * a Remote Endpoint Identifier cannot be resolved, or
* no transport-layer connection can be established to the Remote * no transport-layer connection can be established to the Remote
Endpoint (e.g., because the Remote Endpoint is not accepting Endpoint (e.g., because the Remote Endpoint is not accepting
connections, the application is prohibited from opening a connections, the application is prohibited from opening a
Connection by the operating system, or the establishment attempt Connection by the operating system, or the establishment attempt
has timed out for any other reason). has timed out for any other reason).
skipping to change at line 1986 skipping to change at line 1987
Passive open is the action of waiting for Connections from Remote Passive open is the action of waiting for Connections from Remote
Endpoints, commonly used by servers in client-server interactions. Endpoints, commonly used by servers in client-server interactions.
Passive open is supported by the Transport Services API through the Passive open is supported by the Transport Services API through the
Listen action and returns a Listener object: Listen action and returns a Listener object:
Listener := Preconnection.Listen() Listener := Preconnection.Listen()
Before calling Listen, the caller must have initialized the Before calling Listen, the caller must have initialized the
Preconnection during the preestablishment phase with a Local Endpoint Preconnection during the preestablishment phase with a Local Endpoint
object, as well as all properties necessary for Protocol Stack object, as well as all Properties necessary for Protocol Stack
selection. A Remote Endpoint can optionally be specified, to selection. A Remote Endpoint can optionally be specified, to
constrain what Connections are accepted. constrain what Connections are accepted.
The Listen action returns a Listener object. Once Listen has been The Listen action returns a Listener object. Once Listen has been
called, any changes to the Preconnection MUST NOT have any effect on called, any changes to the Preconnection MUST NOT have any effect on
the Listener. The Preconnection can be disposed of or reused, e.g., the Listener. The Preconnection can be disposed of or reused, e.g.,
to create another Listener. to create another Listener.
Listener.Stop() Listener.Stop()
Listening continues until the global context shuts down or until the Listening continues until the global context shuts down or until the
Stop action is performed on the Listener object. Stop action is performed on the Listener object.
Listener -> ConnectionReceived<Connection> Listener -> ConnectionReceived<Connection>
The ConnectionReceived event occurs when: The ConnectionReceived event occurs when:
* a Remote Endpoint has established or cloned (e.g., by creating a * a Remote Endpoint has established or cloned (e.g., by creating a
new stream in a multi-stream transport; see Section 7.4) a new stream in a multi-stream transport; see Section 7.4) a
transport-layer connection to this Listener (for Connection- transport-layer connection to this Listener (for connection-
oriented transport protocols), or oriented transport protocols), or
* the first Message has been received from the Remote Endpoint (for * the first Message has been received from the Remote Endpoint (for
Connectionless protocols or streams of a multi-streaming connectionless protocols or streams of a multi-streaming
transport) causing a new Connection to be created. transport) causing a new Connection to be created.
The resulting Connection is contained within the ConnectionReceived The resulting Connection is contained within the ConnectionReceived
event and is ready to use as soon as it is passed to the application event and is ready to use as soon as it is passed to the application
via the event. via the event.
Listener.SetNewConnectionLimit(value) Listener.SetNewConnectionLimit(value)
If the caller wants to rate-limit the number of inbound Connections If the caller wants to rate-limit the number of inbound Connections
that will be delivered, it can set a cap using SetNewConnectionLimit. that will be delivered, it can set a cap using SetNewConnectionLimit.
skipping to change at line 2033 skipping to change at line 2034
ConnectionReceived event, the value is automatically decremented. ConnectionReceived event, the value is automatically decremented.
Once the value reaches zero, no further Connections will be delivered Once the value reaches zero, no further Connections will be delivered
until the caller sets the limit to a higher value. By default, this until the caller sets the limit to a higher value. By default, this
value is Infinite. The caller is also able to reset the value to value is Infinite. The caller is also able to reset the value to
Infinite at any point. Infinite at any point.
Listener -> EstablishmentError<reason?> Listener -> EstablishmentError<reason?>
An EstablishmentError occurs when: An EstablishmentError occurs when:
* the Properties and security parameters of the Preconnection cannot * the Properties and Security Parameters of the Preconnection cannot
be fulfilled for listening or cannot be reconciled with the Local be fulfilled for listening or cannot be reconciled with the Local
Endpoint (and/or Remote Endpoint, if specified), Endpoint (and/or Remote Endpoint, if specified),
* the Local Endpoint (or Remote Endpoint, if specified) cannot be * the Local Endpoint (or Remote Endpoint, if specified) cannot be
resolved, or resolved, or
* the application is prohibited from listening by policy. * the application is prohibited from listening by policy.
Listener -> Stopped<> Listener -> Stopped<>
skipping to change at line 2055 skipping to change at line 2056
7.3. Peer-to-Peer Establishment: Rendezvous 7.3. Peer-to-Peer Establishment: Rendezvous
Simultaneous peer-to-peer Connection establishment is supported by Simultaneous peer-to-peer Connection establishment is supported by
the Rendezvous action: the Rendezvous action:
Preconnection.Rendezvous() Preconnection.Rendezvous()
A Preconnection object used in a Rendezvous MUST have both the Local A Preconnection object used in a Rendezvous MUST have both the Local
Endpoint candidates and the Remote Endpoint candidates specified, Endpoint candidates and the Remote Endpoint candidates specified,
along with the Transport Properties and security parameters needed along with the Transport Properties and Security Parameters needed
for Protocol Stack selection before the Rendezvous action is for Protocol Stack selection before the Rendezvous action is
initiated. initiated.
The Rendezvous action listens on the Local Endpoint candidates for an The Rendezvous action listens on the Local Endpoint candidates for an
incoming Connection from the Remote Endpoint candidates, while also incoming Connection from the Remote Endpoint candidates, while also
simultaneously trying to establish a Connection from the Local simultaneously trying to establish a Connection from the Local
Endpoint candidates to the Remote Endpoint candidates. Endpoint candidates to the Remote Endpoint candidates.
If there are multiple Local Endpoints or Remote Endpoints configured, If there are multiple Local Endpoints or Remote Endpoints configured,
then initiating a Rendezvous action will cause the Transport Services then initiating a Rendezvous action will cause the Transport Services
skipping to change at line 2078 skipping to change at line 2079
Interactive Connectivity Establishment (ICE) [RFC8445]. Interactive Connectivity Establishment (ICE) [RFC8445].
If the endpoints are suspected to be behind a NAT, and the Local If the endpoints are suspected to be behind a NAT, and the Local
Endpoint supports a method of discovering NAT bindings, such as STUN Endpoint supports a method of discovering NAT bindings, such as STUN
[RFC8489] or Traversal Using Relays around NAT (TURN) [RFC8656], then [RFC8489] or Traversal Using Relays around NAT (TURN) [RFC8656], then
the Resolve action on the Preconnection can be used to discover such the Resolve action on the Preconnection can be used to discover such
bindings: bindings:
[]LocalEndpoint, []RemoteEndpoint := Preconnection.Resolve() []LocalEndpoint, []RemoteEndpoint := Preconnection.Resolve()
The Resolve call returns lists of Local Endpoints and Remote The Resolve action returns lists of Local Endpoints and Remote
Endpoints that represent the concrete addresses, local and server Endpoints that represent the concrete addresses, local and server
reflexive, on which a Rendezvous for the Preconnection will listen reflexive, on which a Rendezvous for the Preconnection will listen
for incoming Connections and to which it will attempt to establish for incoming Connections and to which it will attempt to establish
Connections. Connections.
Note that the set of Local Endpoints returned by Resolve might or Note that the set of Local Endpoints returned by Resolve might or
might not contain information about all possible local interfaces, might not contain information about all possible local interfaces,
depending on how the Preconnection is configured. The set of depending on how the Preconnection is configured. The set of
available local interfaces can also change over time, so care needs available local interfaces can also change over time, so care needs
to be taken when using stored interface names. to be taken when using stored interface names.
skipping to change at line 2115 skipping to change at line 2116
signaling channel to the Preconnection, the Rendezvous action is signaling channel to the Preconnection, the Rendezvous action is
initiated and causes the Transport Services Implementation to begin initiated and causes the Transport Services Implementation to begin
connectivity checks. connectivity checks.
If successful, the Rendezvous action returns a Connection object via If successful, the Rendezvous action returns a Connection object via
a RendezvousDone event: a RendezvousDone event:
Preconnection -> RendezvousDone<Connection> Preconnection -> RendezvousDone<Connection>
The RendezvousDone event occurs when a Connection is established with The RendezvousDone event occurs when a Connection is established with
the Remote Endpoint. For Connection-oriented transports, this occurs the Remote Endpoint. For connection-oriented transports, this occurs
when the transport-layer connection is established; for when the transport-layer connection is established; for
Connectionless transports, it occurs when the first Message is connectionless transports, it occurs when the first Message is
received from the Remote Endpoint. The resulting Connection is received from the Remote Endpoint. The resulting Connection is
contained within the RendezvousDone event and is ready to use as soon contained within the RendezvousDone event and is ready to use as soon
as it is passed to the application via the event. Changes made to a as it is passed to the application via the event. Changes made to a
Preconnection after Rendezvous has been called MUST NOT have any Preconnection after Rendezvous has been called MUST NOT have any
effect on existing Connections. effect on existing Connections.
An EstablishmentError occurs when: An EstablishmentError occurs when:
* the Properties and Security Parameters of the Preconnection cannot * the Properties and Security Parameters of the Preconnection cannot
be fulfilled for rendezvous or cannot be reconciled with the Local be fulfilled for rendezvous or cannot be reconciled with the Local
skipping to change at line 2200 skipping to change at line 2201
If the underlying protocol supports multi-streaming, it is natural to If the underlying protocol supports multi-streaming, it is natural to
use this functionality to implement Clone. In that case, Connections use this functionality to implement Clone. In that case, Connections
in a Connection Group are multiplexed together, giving them similar in a Connection Group are multiplexed together, giving them similar
treatment not only inside Endpoints, but also across the end-to-end treatment not only inside Endpoints, but also across the end-to-end
Internet path. Internet path.
Note that calling Clone can result in on-the-wire signaling, e.g., to Note that calling Clone can result in on-the-wire signaling, e.g., to
open a new transport connection, depending on the underlying Protocol open a new transport connection, depending on the underlying Protocol
Stack. When Clone leads to the opening of multiple such connections, Stack. When Clone leads to the opening of multiple such connections,
the Transport Services system will ensure consistency of Connection the Transport Services System will ensure consistency of Connection
Properties by uniformly applying them to all underlying connections Properties by uniformly applying them to all underlying connections
in a group. Even in such a case, it is possible for a Transport in a group. Even in such a case, it is possible for a Transport
Services system to implement prioritization within a Connection Group Services System to implement prioritization within a Connection Group
(see [TCP-COUPLING] and [RFC8699]). (see [TCP-COUPLING] and [RFC8699]).
Attempts to clone a Connection can result in a CloneError: Attempts to clone a Connection can result in a CloneError:
Connection -> CloneError<reason?> Connection -> CloneError<reason?>
A CloneError can also occur later, after Clone was successfully A CloneError can also occur later, after Clone was successfully
called. In this case, it informs the application that the Connection called. In this case, it informs the application that the Connection
that sends the CloneError is no longer a part of any Connection that sends the CloneError is no longer a part of any Connection
Group. For example, this can occur when the Transport Services Group. For example, this can occur when the Transport Services
system is unable to implement entanglement (a Connection Property was system is unable to implement entanglement (a Connection Property was
changed on a different Connection in the Connection Group, but this changed on a different Connection in the Connection Group, but this
change could not be successfully applied to the Connection that sends change could not be successfully applied to the Connection that sends
the CloneError). the CloneError).
The connPriority Connection Property operates on Connections in a The connPriority Connection Property operates on Connections in a
Connection Group using the same approach as that used in Connection Group using the same approach as that used in
Section 9.1.3.2: when allocating available network capacity among Section 9.1.3.2: when allocating available network capacity among
Connections in a Connection Group, sends on Connections with Connections in a Connection Group, sends on Connections with
numerically lower Priority values will be prioritized over sends on numerically lower priority values will be prioritized over sends on
Connections that have numerically higher Priority values. Capacity Connections that have numerically higher priority values. Capacity
will be shared among these Connections according to the connScheduler will be shared among these Connections according to the connScheduler
property (Section 8.1.5). See Section 9.2.6 for more details. Property (Section 8.1.5). See Section 9.2.6 for more details.
7.5. Adding and Removing Endpoints on a Connection 7.5. Adding and Removing Endpoints on a Connection
Transport protocols that are explicitly multipath-aware are expected Transport protocols that are explicitly multipath-aware are expected
to automatically manage the set of Remote Endpoints that they are to automatically manage the set of remote endpoints that they are
communicating with and the paths to those endpoints. A PathChange communicating with and the paths to those endpoints. A PathChange
event, described in Section 8.3.2, will be generated when the path event, described in Section 8.3.2, will be generated when the path
changes. changes.
However, in some cases, it is necessary to explicitly indicate to a However, in some cases, it is necessary to explicitly indicate to a
Connection that a new Remote Endpoint has become available for use or Connection that a new Remote Endpoint has become available for use or
indicate that a Remote Endpoint is no longer available. This is most indicate that a Remote Endpoint is no longer available. This is most
common in the case of peer-to-peer connections using Trickle ICE common in the case of peer-to-peer connections using Trickle ICE
[RFC8838]. [RFC8838].
skipping to change at line 2284 skipping to change at line 2285
selected Protocol Stack(s) backing a Connection. These Connection selected Protocol Stack(s) backing a Connection. These Connection
Properties can be generic (applying regardless of transport protocol) Properties can be generic (applying regardless of transport protocol)
or specific (applicable to a single implementation of a single or specific (applicable to a single implementation of a single
transport Protocol Stack). Generic Connection Properties are defined transport Protocol Stack). Generic Connection Properties are defined
in Section 8.1. in Section 8.1.
Protocol-specific Properties are defined in a way that is specific to Protocol-specific Properties are defined in a way that is specific to
the transport or implementation to permit more specialized protocol the transport or implementation to permit more specialized protocol
features to be used. Too much reliance by an application on features to be used. Too much reliance by an application on
Protocol-specific Properties can significantly reduce the flexibility Protocol-specific Properties can significantly reduce the flexibility
of a Transport Services system to make appropriate selection and of a Transport Services System to make appropriate selection and
configuration choices. Therefore, it is RECOMMENDED that Generic configuration choices. Therefore, it is RECOMMENDED that Generic
Connection Properties be used for properties common across different Connection Properties be used for properties common across different
protocols and that Protocol-specific Connection Properties are only protocols and that Protocol-specific Connection Properties are only
used where specific protocols or properties are necessary. used where specific protocols or properties are necessary.
The application can set and query Connection Properties on a per- The application can set and query Connection Properties on a per-
Connection basis. Connection Properties that are not read-only can Connection basis. Connection Properties that are not read-only can
be set during preestablishment (see Section 6.2), as well as on be set during preestablishment (see Section 6.2), as well as on
Connections directly using the SetProperty action: Connections directly using the SetProperty action:
ErrorCode := Connection.SetProperty(property, value) ErrorCode := Connection.SetProperty(property, value)
If an error is encountered in setting a property (for example, if the If an error is encountered in setting a Property (for example, if the
application tries to set a TCP-specific property on a Connection that application tries to set a TCP-specific Property on a Connection that
is not using TCP), the application MUST be informed about this error is not using TCP), the application MUST be informed about this error
via the ErrorCode Object. Such errors MUST NOT cause the Connection via the ErrorCode object. Such errors MUST NOT cause the Connection
to be terminated. Note that changing one of the Connection to be terminated. Note that changing one of the Connection
Properties on one Connection in a Connection Group will also change Properties on one Connection in a Connection Group will also change
it for all other Connections of that group; see Section 7.4. it for all other Connections of that group; see Section 7.4.
At any point, the application can query Connection Properties. At any point, the application can query Connection Properties.
ConnectionProperties := Connection.GetProperties() ConnectionProperties := Connection.GetProperties()
value := ConnectionProperties.Get(property) value := ConnectionProperties.Get(property)
if ConnectionProperties.Has(boolean_or_preference_property) then... if ConnectionProperties.Has(boolean_or_preference_property) then...
skipping to change at line 2337 skipping to change at line 2338
set to Unidirectional send or if a Message marked as Final was set to Unidirectional send or if a Message marked as Final was
received (see Section 9.3.3.3). The latter is only supported by received (see Section 9.3.3.3). The latter is only supported by
certain transport protocols, e.g., by TCP as a half-closed certain transport protocols, e.g., by TCP as a half-closed
connection. connection.
* For Connections that are Established, Closing, or Closed: * For Connections that are Established, Closing, or Closed:
Connection Properties (Section 8.1) of the actual protocols that Connection Properties (Section 8.1) of the actual protocols that
were selected and instantiated, and Selection Properties that the were selected and instantiated, and Selection Properties that the
application specified on the Preconnection. Selection Properties application specified on the Preconnection. Selection Properties
of type "Preference" will be exposed as Boolean values indicating of type "Preference" will be exposed as Boolean values indicating
whether or not the property applies to the selected transport. whether or not the Property applies to the selected transport.
Note that the instantiated Protocol Stack might not match all Note that the instantiated Protocol Stack might not match all
Protocol Selection Properties that the application specified on Protocol Selection Properties that the application specified on
the Preconnection. the Preconnection.
* For Connections that are Established: Transport Services system * For Connections that are Established: Transport Services
implementations ought to provide information concerning the Implementations ought to provide information concerning the
path(s) used by the Protocol Stack. This can be derived from path(s) used by the Protocol Stack. This can be derived from
local PvD information, measurements by the Protocol Stack, or local PvD information, measurements by the Protocol Stack, or
other sources. For example, a transport system that is configured other sources. For example, a Transport Services System that is
to receive and process PvD information [RFC7556] could also configured to receive and process PvD information [RFC7556] could
provide network configuration information for the chosen path(s). also provide network configuration information for the chosen
path(s).
8.1. Generic Connection Properties 8.1. Generic Connection Properties
Generic Connection Properties are defined independently of the chosen Generic Connection Properties are defined independently of the chosen
Protocol Stack; therefore, they are available on all Connections. Protocol Stack; therefore, they are available on all Connections.
Many Connection Properties have a corresponding Selection Property Many Connection Properties have a corresponding Selection Property
that enables applications to express their preference for protocols that enables applications to express their preference for protocols
providing a supporting transport feature. providing a supporting transport feature.
8.1.1. Required Minimum Corruption Protection Coverage for Receiving 8.1.1. Required Minimum Corruption Protection Coverage for Receiving
Name: recvChecksumLen Name: recvChecksumLen
Type: Integer (non-negative) or Full Coverage Type: Integer (non-negative) or Full Coverage
Default: Full Coverage Default: Full Coverage
If this property is an Integer, it specifies the minimum number of If this Property is an Integer, it specifies the minimum number of
bytes in a received Message that need to be covered by a checksum. A bytes in a received Message that need to be covered by a checksum. A
receiving endpoint will not forward Messages that have less coverage receiving Endpoint will not forward Messages that have less coverage
to the application. The application is responsible for handling any to the application. The application is responsible for handling any
corruption within the non-protected part of the Message [RFC8085]. A corruption within the non-protected part of the Message [RFC8085]. A
special value of 0 means that a received packet might also have a special value of 0 means that a received packet might also have a
zero checksum field, and the enumerated value Full Coverage means zero checksum field, and the enumerated value Full Coverage means
that the entire Message needs to be protected by a checksum. An that the entire Message needs to be protected by a checksum. An
implementation is supposed to express Full Coverage in an implementation is supposed to express Full Coverage in an
environment-typical way, e.g., as a Union type or special value. environment-typical way, e.g., as a Union type or special value.
8.1.2. Connection Priority 8.1.2. Connection Priority
Name: connPriority Name: connPriority
Type: Integer (non-negative) Type: Integer (non-negative)
Default: 100 Default: 100
This property is a non-negative Integer representing the priority of This Property is a non-negative Integer representing the priority of
this Connection relative to other Connections in the same Connection this Connection relative to other Connections in the same Connection
Group. A numerically lower value reflects a higher priority. It has Group. A numerically lower value reflects a higher priority. It has
no effect on Connections not part of a Connection Group. As noted in no effect on Connections not part of a Connection Group. As noted in
Section 7.4, this property is not entangled when Connections are Section 7.4, this Property is not entangled when Connections are
cloned, i.e., changing the Priority on one Connection in a Connection cloned, i.e., changing the priority on one Connection in a Connection
Group does not change it on the other Connections in the same Group does not change it on the other Connections in the same
Connection Group. No guarantees of a specific behavior regarding Connection Group. No guarantees of a specific behavior regarding
Connection Priority are given; a Transport Services system could Connection Priority are given; a Transport Services System could
ignore this property. See Section 9.2.6 for more details. ignore this Property. See Section 9.2.6 for more details.
8.1.3. Timeout for Aborting Connection 8.1.3. Timeout for Aborting Connection
Name: connTimeout Name: connTimeout
Type: Numeric (positive) or Disabled Type: Numeric (positive) or Disabled
Default: Disabled Default: Disabled
If this property is Numeric, it specifies how long to wait before If this Property is Numeric, it specifies how long to wait before
deciding that an active Connection has failed when trying to reliably deciding that an active Connection has failed when trying to reliably
deliver data to the Remote Endpoint. Adjustments to this property deliver data to the Remote Endpoint. Adjustments to this Property
will only take effect if the underlying stack supports reliability. will only take effect if the underlying stack supports reliability.
If this property has the enumerated value Disabled, it means that no If this Property has the enumerated value Disabled, it means that no
timeout is scheduled. A Transport Services API could express timeout is scheduled. A Transport Services API could express
Disabled in an environment-typical way, e.g., as a Union type or Disabled in an environment-typical way, e.g., as a Union type or
special value. special value.
8.1.4. Timeout for Keep-Alive Packets 8.1.4. Timeout for Keep-Alive Packets
Name: keepAliveTimeout Name: keepAliveTimeout
Type: Numeric (positive) or Disabled Type: Numeric (positive) or Disabled
Default: Disabled Default: Disabled
A Transport Services API can request a protocol that supports sending A Transport Services API can request a protocol that supports sending
keep-alive packets (Section 6.2.10). If this property is Numeric, it keep-alive packets (Section 6.2.10). If this Property is Numeric, it
specifies the maximum length of time an idle Connection (one for specifies the maximum length of time an idle Connection (one for
which no transport packets have been sent) ought to wait before the which no transport packets have been sent) ought to wait before the
Local Endpoint sends a keep-alive packet to the Remote Endpoint. Local Endpoint sends a keep-alive packet to the Remote Endpoint.
Adjustments to this property will only take effect if the underlying Adjustments to this Property will only take effect if the underlying
stack supports sending keep-alive packets. Guidance on setting this stack supports sending keep-alive packets. Guidance on setting this
value for connectionless transports is provided in [RFC8085]. A value for connectionless transports is provided in [RFC8085]. A
value greater than the Connection timeout (Section 8.1.3) or the value greater than the Connection timeout (Section 8.1.3) or the
enumerated value Disabled will disable the sending of keep-alive enumerated value Disabled will disable the sending of keep-alive
packets. A Transport Services API could express Disabled in an packets. A Transport Services API could express Disabled in an
environment-typical way, e.g., as a Union type or special value. environment-typical way, e.g., as a Union type or special value.
8.1.5. Connection Group Transmission Scheduler 8.1.5. Connection Group Transmission Scheduler
Name: connScheduler Name: connScheduler
Type: Enumeration Type: Enumeration
Default: Weighted Fair Queueing (see Section 3.6 of [RFC8260]) Default: Weighted Fair Queueing (see Section 3.6 of [RFC8260])
This property specifies which scheduler is used among Connections This Property specifies which scheduler is used among Connections
within a Connection Group to apportion the available capacity within a Connection Group to apportion the available capacity
according to Connection priorities (see Sections 7.4 and 8.1.2). A according to Connection priorities (see Sections 7.4 and 8.1.2). A
set of schedulers is described in [RFC8260]. set of schedulers is described in [RFC8260].
8.1.6. Capacity Profile 8.1.6. Capacity Profile
Name: connCapacityProfile Name: connCapacityProfile
Type: Enumeration Type: Enumeration
Default: Default Profile (Best Effort) Default: Default Profile (Best Effort)
This property specifies the desired network treatment for traffic This Property specifies the desired network treatment for traffic
sent by the application and the trade-offs the application is sent by the application and the trade-offs the application is
prepared to make in path and protocol selection to receive that prepared to make in path and protocol selection to receive that
desired treatment. When the capacity profile is set to a value other desired treatment. When the capacity profile is set to a value other
than Default, the Transport Services system SHOULD select paths and than Default, the Transport Services System SHOULD select paths and
configure protocols to optimize the trade-off between delay, delay configure protocols to optimize the trade-off between delay, delay
variation, and efficient use of the available capacity based on the variation, and efficient use of the available capacity based on the
capacity profile specified. How this is realized is implementation capacity profile specified. How this is realized is implementation
specific. The capacity profile MAY also be used to set markings on specific. The capacity profile MAY also be used to set markings on
the wire for Protocol Stacks supporting this action. Recommendations the wire for Protocol Stacks supporting this action. Recommendations
for use with DSCPs are provided below for each profile; note that for use with DSCPs are provided below for each profile; note that
when a Connection is multiplexed, the guidelines in Section 6 of when a Connection is multiplexed, the guidelines in Section 6 of
[RFC7657] apply. [RFC7657] apply.
The following values are valid for the capacity profile: The following values are valid for the capacity profile:
Default: The application provides no information about its expected Default: The application provides no information about its expected
capacity profile. Transport Services systems that map the capacity profile. Transport Services Systems that map the
requested capacity profile to per-connection DSCP signaling SHOULD requested capacity profile to per-connection DSCP signaling SHOULD
assign the DSCP Default Forwarding Per Hop Behavior (PHB) assign the DSCP Default Forwarding Per Hop Behavior (PHB)
[RFC2474]. [RFC2474].
Scavenger: The application is not interactive. It expects to send Scavenger: The application is not interactive. It expects to send
and/or receive data without any urgency. This can, for example, and/or receive data without any urgency. This can, for example,
be used to select Protocol Stacks with scavenger transmission be used to select Protocol Stacks with scavenger transmission
control and/or to assign the traffic to a lower-effort service. control and/or to assign the traffic to a lower-effort service.
Transport Services systems that map the requested capacity profile Transport Services Systems that map the requested capacity profile
to per-connection DSCP signaling SHOULD assign the DSCP "Less than to per-connection DSCP signaling SHOULD assign the DSCP "Less than
best effort" PHB [RFC8622]. best effort" PHB [RFC8622].
Low Latency/Interactive: The application is interactive and prefers Low Latency/Interactive: The application is interactive and prefers
loss to latency. Response time SHOULD be optimized at the expense loss to latency. Response time SHOULD be optimized at the expense
of delay variation and efficient use of the available capacity of delay variation and efficient use of the available capacity
when sending on this Connection. The Low Latency/Interactive when sending on this Connection. The Low Latency/Interactive
value of the capacity profile can be used by the system to disable value of the capacity profile can be used by the system to disable
the coalescing of multiple small Messages into larger packets the coalescing of multiple small Messages into larger packets
(Nagle algorithm (see Section 4.2.3.4 of [RFC1122])); to prefer (Nagle algorithm (see Section 4.2.3.4 of [RFC1122])); to prefer
immediate acknowledgement from the peer endpoint when supported by immediate acknowledgement from the peer Endpoint when supported by
the underlying transport; and so on. Transport Services systems the underlying transport; and so on. Transport Services Systems
that map the requested capacity profile to per-connection DSCP that map the requested capacity profile to per-connection DSCP
signaling without multiplexing SHOULD assign a DSCP Assured signaling without multiplexing SHOULD assign a DSCP Assured
Forwarding (AF41, AF42, AF43, and AF44) PHB [RFC2597]. Inelastic Forwarding (AF41, AF42, AF43, and AF44) PHB [RFC2597]. Inelastic
traffic that is expected to conform to the configured network traffic that is expected to conform to the configured network
service rate could be mapped to the DSCP Expedited Forwarding PHBs service rate could be mapped to the DSCP Expedited Forwarding PHBs
[RFC3246] or PHBs as discussed in [RFC5865]. [RFC3246] or PHBs as discussed in [RFC5865].
Low Latency/Non-Interactive: The application prefers loss to latency Low Latency/Non-Interactive: The application prefers loss to latency
but is not interactive. Response time SHOULD be optimized at the but is not interactive. Response time SHOULD be optimized at the
expense of delay variation and efficient use of the available expense of delay variation and efficient use of the available
capacity when sending on this Connection. Transport system capacity when sending on this Connection. Transport system
implementations that map the requested capacity profile to per- implementations that map the requested capacity profile to per-
connection DSCP signaling without multiplexing SHOULD assign a connection DSCP signaling without multiplexing SHOULD assign a
DSCP Assured Forwarding (AF21, AF22, AF23, and AF24) PHB DSCP Assured Forwarding (AF21, AF22, AF23, and AF24) PHB
[RFC2597]. [RFC2597].
Constant-Rate Streaming: The application expects to send/receive Constant-Rate Streaming: The application expects to send/receive
data at a constant rate after Connection establishment. Delay and data at a constant rate after Connection establishment. Delay and
delay variation SHOULD be minimized at the expense of efficient delay variation SHOULD be minimized at the expense of efficient
use of the available capacity. This implies that the Connection use of the available capacity. This implies that the Connection
might fail if the Path is unable to maintain the desired rate. A might fail if the path is unable to maintain the desired rate. A
transport can interpret this capacity profile as preferring a transport can interpret this capacity profile as preferring a
circuit breaker [RFC8084] to a rate-adaptive congestion circuit breaker [RFC8084] to a rate-adaptive congestion
controller. Transport system implementations that map the controller. Transport system implementations that map the
requested capacity profile to per-connection DSCP signaling requested capacity profile to per-connection DSCP signaling
without multiplexing SHOULD assign a DSCP Assured Forwarding without multiplexing SHOULD assign a DSCP Assured Forwarding
(AF31, AF32, AF33, and AF34) PHB [RFC2597]. (AF31, AF32, AF33, and AF34) PHB [RFC2597].
Capacity-Seeking: The application expects to send/receive data at Capacity-Seeking: The application expects to send/receive data at
the maximum rate allowed by its congestion controller over a the maximum rate allowed by its congestion controller over a
relatively long period of time. Transport Services systems that relatively long period of time. Transport Services Systems that
map the requested capacity profile to per-connection DSCP map the requested capacity profile to per-connection DSCP
signaling without multiplexing SHOULD assign a DSCP Assured signaling without multiplexing SHOULD assign a DSCP Assured
Forwarding (AF11, AF12, AF13, and AF14) PHB [RFC2597] per Forwarding (AF11, AF12, AF13, and AF14) PHB [RFC2597] per
Section 4.8 of [RFC4594]. Section 4.8 of [RFC4594].
The capacity profile for a selected Protocol Stack may be modified on The capacity profile for a selected Protocol Stack may be modified on
a per-Message basis using the Transmission Profile Message Property; a per-Message basis using the msgCapacityProfile Message Property;
see Section 9.1.3.8. see Section 9.1.3.8.
8.1.7. Policy for Using Multipath Transports 8.1.7. Policy for Using Multipath Transports
Name: multipathPolicy Name: multipathPolicy
Type: Enumeration Type: Enumeration
Default: Handover Default: Handover
This property specifies the local policy for transferring data across This Property specifies the local policy for transferring data across
multiple paths between the same end hosts if Multipath Transport is multiple paths between the same end hosts if the multipath Property
not set to Disabled (see Section 6.2.14). Possible values are as is not set to Disabled (see Section 6.2.14). Possible values are as
follows: follows:
Handover: The Connection ought only to attempt to migrate between Handover: The Connection ought only to attempt to migrate between
different paths when the original path is lost or becomes different paths when the original path is lost or becomes
unusable. The thresholds used to declare a path unusable are unusable. The thresholds used to declare a path unusable are
implementation specific. implementation specific.
Interactive: The Connection ought only to attempt to minimize the Interactive: The Connection ought only to attempt to minimize the
latency for interactive traffic patterns by transmitting data latency for interactive traffic patterns by transmitting data
across multiple paths when this is beneficial. The goal of across multiple paths when this is beneficial. The goal of
skipping to change at line 2581 skipping to change at line 2583
8.1.8. Bounds on Send or Receive Rate 8.1.8. Bounds on Send or Receive Rate
Name: minSendRate / minRecvRate / maxSendRate / maxRecvRate Name: minSendRate / minRecvRate / maxSendRate / maxRecvRate
Type: Numeric (positive) or Unlimited / Numeric (positive) or Type: Numeric (positive) or Unlimited / Numeric (positive) or
Unlimited / Numeric (positive) or Unlimited / Numeric (positive) Unlimited / Numeric (positive) or Unlimited / Numeric (positive)
or Unlimited or Unlimited
Default: Unlimited / Unlimited / Unlimited / Unlimited Default: Unlimited / Unlimited / Unlimited / Unlimited
Numeric values of these properties specify an upper-bound rate that a Numeric values of these Properties specify an upper-bound rate that a
transfer is not expected to exceed (even if flow control and transfer is not expected to exceed (even if flow control and
congestion control allow higher rates) and/or a lower-bound congestion control allow higher rates) and/or a lower-bound
application-layer rate below which the application does not deem it application-layer rate below which the application does not deem it
will be useful. These rate values are measured at the application will be useful. These rate values are measured at the application
layer, i.e., do not consider the header overhead from protocols used layer, i.e., do not consider the header overhead from protocols used
by the Transport Services system. The values are specified in bits by the Transport Services System. The values are specified in bits
per second and assumed to be measured over one-second time intervals. per second and assumed to be measured over one-second time intervals.
For example, specifying a maxSendRate of X bits per second means For example, specifying a maxSendRate of X bits per second means
that, from the moment at which the property value is chosen, not more that, from the moment at which the Property value is chosen, not more
than X bits will be sent in any following second. The enumerated than X bits will be sent in any following second. The enumerated
value Unlimited indicates that no bound is specified. A Transport value Unlimited indicates that no bound is specified. A Transport
Services API could express Unlimited in an environment-typical way, Services API could express Unlimited in an environment-typical way,
e.g., as a Union type or special value. e.g., as a Union type or special value.
8.1.9. Group Connection Limit 8.1.9. Group Connection Limit
Name: groupConnLimit Name: groupConnLimit
Type: Numeric (positive) or Unlimited Type: Numeric (positive) or Unlimited
Default: Unlimited Default: Unlimited
If this property is Numeric, it controls the number of Connections If this Property is Numeric, it controls the number of Connections
that can be accepted from a peer as new members of the Connection's that can be accepted from a peer as new members of the Connection's
group. Similar to SetNewConnectionLimit, this limits the number of group. Similar to SetNewConnectionLimit, this limits the number of
ConnectionReceived events that will occur, but constrained to the ConnectionReceived events that will occur, but constrained to the
group of the Connection associated with this property. For a multi- group of the Connection associated with this Property. For a multi-
streaming transport, this limits the number of allowed streams. A streaming transport, this limits the number of allowed streams. A
Transport Services API could express Unlimited in an environment- Transport Services API could express Unlimited in an environment-
typical way, e.g., as a Union type or special value. typical way, e.g., as a Union type or special value.
8.1.10. Isolate Session 8.1.10. Isolate Session
Name: isolateSession Name: isolateSession
Type: Boolean Type: Boolean
Default: false Default: false
When set to true, this property will initiate new Connections using When set to true, this Property will initiate new Connections using
as little cached information (such as session tickets or cookies) as as little cached information (such as session tickets or cookies) as
possible from previous Connections that are not in the same possible from previous Connections that are not in the same
Connection Group. Any state generated by this Connection will only Connection Group. Any state generated by this Connection will only
be shared with Connections in the same Connection Group. Cloned be shared with Connections in the same Connection Group. Cloned
Connections will use saved state from within the Connection Group. Connections will use saved state from within the Connection Group.
This is used for separating Connection Contexts as specified in This is used for separating Connection Contexts as specified in
Section 4.2.3 of [RFC9621]. Section 4.2.3 of [RFC9621].
Note that this does not guarantee that information will not leak Note that this does not guarantee that information will not leak
because implementations might not be able to fully isolate all caches because implementations might not be able to fully isolate all caches
(e.g., RTT estimates). Note that this property could degrade (e.g., RTT estimates). Note that this Property could degrade
Connection performance. Connection performance.
8.1.11. Read-Only Connection Properties 8.1.11. Read-Only Connection Properties
The following generic Connection Properties are read-only, i.e., they The following generic Connection Properties are read-only, i.e., they
cannot be changed by an application. cannot be changed by an application.
8.1.11.1. Connection State 8.1.11.1. Connection State
Name: connState Name: connState
Type: Enumeration Type: Enumeration
This property provides information about the current state of the This Property provides information about the current state of the
Connection. Possible values are Establishing, Established, Closing, Connection. Possible values are Establishing, Established, Closing,
or Closed. For more details on Connection state, see Section 11. or Closed. For more details on Connection state, see Section 11.
8.1.11.2. Can Send Data 8.1.11.2. Can Send Data
Name: canSend Name: canSend
Type: Boolean Type: Boolean
This property can be queried to learn whether the Connection can be This Property can be queried to learn whether the Connection can be
used to send data. used to send data.
8.1.11.3. Can Receive Data 8.1.11.3. Can Receive Data
Name: canReceive Name: canReceive
Type: Boolean Type: Boolean
This property can be queried to learn whether the Connection can be This Property can be queried to learn whether the Connection can be
used to receive data. used to receive data.
8.1.11.4. Maximum Message Size Before Fragmentation or Segmentation 8.1.11.4. Maximum Message Size Before Fragmentation or Segmentation
Name: singularTransmissionMsgMaxLen Name: singularTransmissionMsgMaxLen
Type: Integer (non-negative) or Not applicable Type: Integer (non-negative) or Not applicable
This property, if applicable, represents the maximum Message size This Property, if applicable, represents the maximum Message size
that can be sent without incurring network-layer fragmentation at the that can be sent without incurring network-layer fragmentation at the
sender. It is specified as a number of bytes and is less than or sender. It is specified as a number of bytes and is less than or
equal to the maximum Message Size on Send. It exposes a readable equal to the maximum Message Size on Send. It exposes a readable
value to the application based on the Maximum Packet Size (MPS). The value to the application based on the Maximum Packet Size (MPS). The
value of this property can change over time (and can be updated via value of this Property can change over time (and can be updated via
Datagram Packetization Layer Path MTU Discovery (DPLPMTUD) Datagram Packetization Layer Path MTU Discovery (DPLPMTUD)
[RFC8899]). This value allows a sending stack to avoid unwanted [RFC8899]). This value allows a sending stack to avoid unwanted
fragmentation at the network layer or segmentation by the transport fragmentation at the network layer or segmentation by the transport
layer before choosing the message size and/or after a SendError layer before choosing the Message size and/or after a SendError
occurs indicating an attempt to send a Message that is too large. A occurs indicating an attempt to send a Message that is too large. A
Transport Services API could express Not applicable in an Transport Services API could express Not applicable in an
environment-typical way, e.g., as a Union type or special value environment-typical way, e.g., as a Union type or special value
(e.g., 0). (e.g., 0).
8.1.11.5. Maximum Message Size on Send 8.1.11.5. Maximum Message Size on Send
Name: sendMsgMaxLen Name: sendMsgMaxLen
Type: Integer (non-negative) Type: Integer (non-negative)
This property represents the maximum Message size that an application This Property represents the maximum Message size that an application
can send. It is specified as the number of bytes. A value of 0 can send. It is specified as the number of bytes. A value of 0
indicates that sending is not possible. indicates that sending is not possible.
8.1.11.6. Maximum Message Size on Receive 8.1.11.6. Maximum Message Size on Receive
Name: recvMsgMaxLen Name: recvMsgMaxLen
Type: Integer (non-negative) Type: Integer (non-negative)
This property represents the maximum Message size that an application This Property represents the maximum Message size that an application
can receive. It is specified as the number of bytes. A value of 0 can receive. It is specified as the number of bytes. A value of 0
indicates that receiving is not possible. indicates that receiving is not possible.
8.2. TCP-Specific Properties: User Timeout Option (UTO) 8.2. TCP-Specific Properties: User Timeout Option (UTO)
These properties specify configurations for the TCP User Timeout These Properties specify configurations for the TCP User Timeout
Option (UTO). This is a TCP-specific property that is only used in Option (UTO). This is a TCP-specific Property that is only used in
the case that TCP becomes the chosen transport protocol. It is the case that TCP becomes the chosen transport protocol. It is
useful only if TCP is implemented in the Transport Services system. useful only if TCP is implemented in the Transport Services System.
Protocol-specific options could also be defined for other transport Protocol-specific options could also be defined for other transport
protocols. protocols.
These properties are included here because the feature Suggest These Properties are included here because the feature Suggest
timeout to the peer is part of the minimal set of Transport Services timeout to the peer is part of the minimal set of Transport Services
[RFC8923], where this feature was categorized as "functional". This [RFC8923], where this feature was categorized as "functional". This
means that when a Transport Services system offers this feature, the means that when a Transport Services System offers this feature, the
Transport Services API has to expose an interface to the application. Transport Services API has to expose an interface to the application.
Otherwise, the implementation might violate assumptions by the Otherwise, the implementation might violate assumptions by the
application, which could cause the application to fail. application, which could cause the application to fail.
All of the below properties are optional (e.g., it is possible to All of the below Properties are optional (e.g., it is possible to
specify tcp.userTimeoutValue as true but not specify a specify tcp.userTimeoutValue as true but not specify a
tcp.userTimeoutValue value; in this case, the TCP default will be tcp.userTimeoutValue value; in this case, the TCP default will be
used). These properties reflect the API extension specified in used). These Properties reflect the API extension specified in
Section 3 of [RFC5482]. Section 3 of [RFC5482].
8.2.1. Advertised User Timeout 8.2.1. Advertised User Timeout
Name: tcp.userTimeoutValue Name: tcp.userTimeoutValue
Type: Integer (positive) Type: Integer (positive)
Default: the TCP default Default: the TCP default
skipping to change at line 2752 skipping to change at line 2754
connTimeout (see Section 8.1.3) value. connTimeout (see Section 8.1.3) value.
8.2.2. User Timeout Enabled 8.2.2. User Timeout Enabled
Name: tcp.userTimeoutEnabled Name: tcp.userTimeoutEnabled
Type: Boolean Type: Boolean
Default: false Default: false
This property controls whether the TCP UTO is enabled for a This Property controls whether the TCP UTO is enabled for a
connection. This applies to both sending and receiving. connection. This applies to both sending and receiving.
8.2.3. Timeout Changeable 8.2.3. Timeout Changeable
Name: tcp.userTimeoutChangeable Name: tcp.userTimeoutChangeable
Type: Boolean Type: Boolean
Default: true Default: true
This property controls whether the TCP connTimeout (see This Property controls whether the TCP connTimeout (see
Section 8.1.3) can be changed based on a UTO received from the remote Section 8.1.3) can be changed based on a UTO received from the remote
peer. This Boolean becomes false when connTimeout (see peer. This Boolean becomes false when connTimeout (see
Section 8.1.3) is used. Section 8.1.3) is used.
8.3. Connection Lifecycle Events 8.3. Connection Lifecycle Events
During the lifetime of a Connection there are events that can occur During the lifetime of a Connection there are events that can occur
when configured. when configured.
8.3.1. Soft Errors 8.3.1. Soft Errors
skipping to change at line 2789 skipping to change at line 2791
errors; however, even if the underlying stack supports it, there is errors; however, even if the underlying stack supports it, there is
no guarantee that a soft error will be signaled. no guarantee that a soft error will be signaled.
Connection -> SoftError<> Connection -> SoftError<>
8.3.2. Path Change 8.3.2. Path Change
This event notifies the application when at least one of the paths This event notifies the application when at least one of the paths
underlying a Connection has changed. Changes occur on a single path underlying a Connection has changed. Changes occur on a single path
when the PMTU changes as well as when multiple paths are used and when the PMTU changes as well as when multiple paths are used and
paths are added or removed, the set of local endpoints changes, or a paths are added or removed, the set of Local Endpoints changes, or a
handover has been performed. handover has been performed.
Connection -> PathChange<> Connection -> PathChange<>
9. Data Transfer 9. Data Transfer
Data is sent and received as Messages, which allows the application Data is sent and received as Messages, which allows the application
to communicate the boundaries of the data being transferred. to communicate the boundaries of the data being transferred.
9.1. Messages and Framers 9.1. Messages and Framers
Each Message has an optional MessageContext, which allows adding Each Message has an optional MessageContext, which allows adding
Message Properties, to identify Send events related to a specific Message Properties, to identify Send events related to a specific
Message or to inspect metadata related to the Message sent. Framers Message or to inspect metadata related to the Message sent. Framers
can be used to extend or modify the Message data with additional can be used to extend or modify the Message data with additional
information that can be processed at the receiver to detect message information that can be processed at the receiver to detect Message
boundaries. boundaries.
9.1.1. Message Contexts 9.1.1. Message Contexts
Using the MessageContext object, the application can set and retrieve Using the MessageContext object, the application can set and retrieve
metadata of the Message, including Message Properties (see metadata of the Message, including Message Properties (see
Section 9.1.3) and framing metadata (see Section 9.1.2.2). Section 9.1.3) and framing metadata (see Section 9.1.2.2).
Therefore, a MessageContext object can be passed to the Send action Therefore, a MessageContext object can be passed to the Send action
and is returned by each event related to Send and Receive. and is returned by each event related to Send and Receive.
Message Properties can be set and queried using the MessageContext: Message Properties can be set and queried using the MessageContext:
MessageContext.add(property, value) MessageContext.add(property, value)
PropertyValue := MessageContext.get(property) PropertyValue := MessageContext.get(property)
These Message Properties can be generic properties or Protocol- These Message Properties can be generic Properties or Protocol-
specific Properties. specific Properties.
For MessageContexts returned by Send events (see Section 9.2.2) and For MessageContexts returned by Send events (see Section 9.2.2) and
Receive events (see Section 9.3.2), the application can query Receive events (see Section 9.3.2), the application can query
information about the Local and Remote Endpoint: information about the Local and Remote Endpoint:
RemoteEndpoint := MessageContext.GetRemoteEndpoint() RemoteEndpoint := MessageContext.GetRemoteEndpoint()
LocalEndpoint := MessageContext.GetLocalEndpoint() LocalEndpoint := MessageContext.GetLocalEndpoint()
9.1.2. Message Framers 9.1.2. Message Framers
Although most applications communicate over a network using well- Although most applications communicate over a network using well-
formed Messages, the boundaries and metadata of the Messages are formed Messages, the boundaries and metadata of the Messages are
often not directly communicated by the transport protocol itself. often not directly communicated by the transport protocol itself.
For example, HTTP applications send and receive HTTP messages over a For example, HTTP applications send and receive HTTP Messages over a
byte-stream transport, requiring that the boundaries of HTTP messages byte-stream transport, requiring that the boundaries of HTTP Messages
be parsed from the stream of bytes. be parsed from the stream of bytes.
Message Framers allow extending a Connection's Protocol Stack to Message Framers allow extending a Connection's Protocol Stack to
define how to encapsulate or encode outbound Messages and how to define how to encapsulate or encode outbound Messages and how to
decapsulate or decode inbound data into Messages. Message Framers decapsulate or decode inbound data into Messages. Message Framers
allow message boundaries to be preserved when using a Connection allow Message boundaries to be preserved when using a Connection
object, even when using byte-stream transports. This is designed object, even when using byte-stream transports. This is designed
based on the fact that many of the application protocols in use at based on the fact that many of the application protocols in use at
the time of writing evolved over TCP, which does not provide message the time of writing evolved over TCP, which does not provide Message
boundary preservation; because many of these protocols require boundary preservation; because many of these protocols require
message boundaries to function, each application-layer protocol has Message boundaries to function, each application-layer protocol has
defined its own framing. defined its own framing.
To use a Message Framer, the application adds it to its Preconnection To use a Message Framer, the application adds it to its Preconnection
object. Then, the Message Framer can intercept all calls to Send or object. Then, the Message Framer can intercept all calls to Send or
Receive on a Connection to add Message semantics, in addition to Receive on a Connection to add Message semantics, in addition to
interacting with the setup and teardown of the Connection. A Framer interacting with the setup and teardown of the Connection. A Framer
can start sending data before the application sends data if the can start sending data before the application sends data if the
framing protocol requires a prefix or handshake (see [RFC9329] for an framing protocol requires a prefix or handshake (see [RFC9329] for an
example of such a framing protocol). example of such a framing protocol).
skipping to change at line 2885 skipping to change at line 2887
| | Byte-stream | | | | Byte-stream | |
| +-----------------+ | | +-----------------+ |
| | | | | | | |
+----v----------v---------+----------v-----+ +----v----------v---------+----------v-----+
| Transport Protocol Stack | | Transport Protocol Stack |
+------------------------------------------+ +------------------------------------------+
Figure 1: Protocol Stack Showing a Message Framer Figure 1: Protocol Stack Showing a Message Framer
Note that while Message Framers add the most value when placed above Note that while Message Framers add the most value when placed above
a protocol that otherwise does not preserve message boundaries, they a protocol that otherwise does not preserve Message boundaries, they
can also be used with datagram- or message-based protocols. In these can also be used with datagram- or message-based protocols. In these
cases, they add a transformation to further encode or encapsulate and cases, they add a transformation to further encode or encapsulate and
can potentially support packing multiple application-layer Messages can potentially support packing multiple application-layer Messages
into individual transport datagrams. into individual transport datagrams.
The API to implement a Message Framer can vary, depending on the The API to implement a Message Framer can vary, depending on the
implementation; guidance on implementing Message Framers can be found implementation; guidance on implementing Message Framers can be found
in [RFC9623]. in [RFC9623].
9.1.2.1. Adding Message Framers to Preconnections 9.1.2.1. Adding Message Framers to Preconnections
skipping to change at line 2916 skipping to change at line 2918
framer := NewHTTPMessageFramer() framer := NewHTTPMessageFramer()
Preconnection.AddFramer(framer) Preconnection.AddFramer(framer)
Since Message Framers pass from Preconnection to Listener or Since Message Framers pass from Preconnection to Listener or
Connection, addition of Framers must happen before any operation that Connection, addition of Framers must happen before any operation that
might result in the creation of a Connection. might result in the creation of a Connection.
9.1.2.2. Framing Metadata 9.1.2.2. Framing Metadata
When sending Messages, applications can add Framer-specific When sending Messages, applications can add Framer-specific
properties to a MessageContext (Section 9.1.1) with the add action. Properties to a MessageContext (Section 9.1.1) with the add action.
To avoid naming conflicts, the property names SHOULD be prefixed with To avoid naming conflicts, the Property names SHOULD be prefixed with
a namespace referencing the framer implementation or the protocol it a Namespace referencing the Framer implementation or the protocol it
implements as described in Section 4.1. implements as described in Section 4.1.
This mechanism can be used, for example, to set the type of a Message This mechanism can be used, for example, to set the type of a Message
for a TLV format. The namespace of values is custom for each unique for a TLV format. The Namespace of values is custom for each unique
Message Framer. Message Framer.
messageContext := NewMessageContext() messageContext := NewMessageContext()
messageContext.add(framer, key, value) messageContext.add(framer, key, value)
Connection.Send(messageData, messageContext) Connection.Send(messageData, messageContext)
When an application receives a MessageContext in a Receive event, it When an application receives a MessageContext in a Receive event, it
can also look to see if a value was set by a specific Message Framer. can also look to see if a value was set by a specific Message Framer.
messageContext.get(framer, key) -> value messageContext.get(framer, key) -> value
skipping to change at line 2952 skipping to change at line 2954
9.1.3. Message Properties 9.1.3. Message Properties
Applications needing to annotate the Messages they send with extra Applications needing to annotate the Messages they send with extra
information (for example, to control how data is scheduled and information (for example, to control how data is scheduled and
processed by the transport protocols supporting the Connection) can processed by the transport protocols supporting the Connection) can
include this information in the MessageContext passed to the Send include this information in the MessageContext passed to the Send
action. For other uses of the MessageContext, see Section 9.1.1. action. For other uses of the MessageContext, see Section 9.1.1.
Message Properties are per-Message, not per-Send, if partial Messages Message Properties are per-Message, not per-Send, if partial Messages
are sent (Section 9.2.3). All data blocks associated with a single are sent (Section 9.2.3). All data blocks associated with a single
Message share properties specified in the MessageContexts. For Message share Properties specified in the MessageContexts. For
example, it would not make sense to have the beginning of a Message example, it would not make sense to have the beginning of a Message
expire and then allow the end of the Message to still be sent. expire and then allow the end of the Message to still be sent.
A MessageContext object contains metadata for the Messages to be sent A MessageContext object contains metadata for the Messages to be sent
or received. or received.
messageData := "hello" messageData := "hello"
messageContext := NewMessageContext() messageContext := NewMessageContext()
messageContext.add(parameter, value) messageContext.add(parameter, value)
Connection.Send(messageData, messageContext) Connection.Send(messageData, messageContext)
The simpler form of Send, which does not take any MessageContext, is The simpler form of Send, which does not take any MessageContext, is
equivalent to passing a default MessageContext without adding any equivalent to passing a default MessageContext without adding any
Message Properties. Message Properties.
If an application wants to override Message Properties for a specific If an application wants to override Message Properties for a specific
Message, it can acquire an empty MessageContext object and add all Message, it can acquire an empty MessageContext object and add all
desired Message Properties to that object. It can then reuse the desired Message Properties to that object. It can then reuse the
same MessageContext object for sending multiple Messages with the same MessageContext object for sending multiple Messages with the
same properties. same Properties.
Properties can be added to a MessageContext object only before the Properties can be added to a MessageContext object only before the
context is used for sending. Once a MessageContext has been used context is used for sending. Once a MessageContext has been used
with a Send action, further modifications to the MessageContext with a Send action, further modifications to the MessageContext
object do not have any effect on this Send call. Message Properties object do not have any effect on this Send action. Message
that are not added to a MessageContext object before using the Properties that are not added to a MessageContext object before using
context for sending will either take a specific default value or be the context for sending will either take a specific default value or
configured based on Selection or Connection Properties of the be configured based on Selection or Connection Properties of the
Connection that is associated with the Send call. This Connection that is associated with the Send action. This
initialization behavior is defined per Message Property below. initialization behavior is defined per Message Property below.
The Message Properties could be inconsistent with the properties of The Message Properties could be inconsistent with the properties of
the Protocol Stacks underlying the Connection on which a given the Protocol Stacks underlying the Connection on which a given
Message is sent. For example, a Protocol Stack must be able to Message is sent. For example, a Protocol Stack must be able to
provide ordering if the msgOrdered property of a Message is enabled. provide ordering if the msgOrdered Property of a Message is enabled.
Sending a Message with Message Properties inconsistent with the Sending a Message with Message Properties inconsistent with the
Selection Properties of the Connection yields an error. Selection Properties of the Connection yields an error.
If a Message Property contradicts a Connection Property, and if this If a Message Property contradicts a Connection Property, and if this
per-Message behavior can be supported, it overrides the Connection per-Message behavior can be supported, it overrides the Connection
Property for the specific Message. For example, if reliability is Property for the specific Message. For example, if reliability is
set to Require and a protocol with configurable per-Message set to Require and a protocol with configurable per-Message
reliability is used, setting msgReliable to false for a particular reliability is used, setting msgReliable to false for a particular
Message will allow this Message to be sent without any reliability Message will allow this Message to be sent without any reliability
guarantees. Changing the msgReliable Message Property is only guarantees. Changing the msgReliable Message Property is only
skipping to change at line 3012 skipping to change at line 3014
will result in a SendError event. will result in a SendError event.
The Message Properties in the following subsections are supported. The Message Properties in the following subsections are supported.
9.1.3.1. Lifetime 9.1.3.1. Lifetime
Name: msgLifetime Name: msgLifetime
Type: Numeric (positive) Type: Numeric (positive)
Default: infinite Default: Infinite
The Lifetime specifies how long a particular Message can wait in the The Lifetime specifies how long a particular Message can wait in the
Transport Services system before it is sent to the Remote Endpoint. Transport Services System before it is sent to the Remote Endpoint.
After this time, it is irrelevant and no longer needs to be After this time, it is irrelevant and no longer needs to be
(re-)transmitted. This is a hint to the Transport Services system -- (re-)transmitted. This is a hint to the Transport Services System --
it is not guaranteed that a Message will not be sent when its it is not guaranteed that a Message will not be sent when its
Lifetime has expired. Lifetime has expired.
Setting a Message's Lifetime to infinite indicates that the Setting a Message's Lifetime to Infinite indicates that the
application does not wish to apply a time constraint on the application does not wish to apply a time constraint on the
transmission of the Message, but it does not express a need for transmission of the Message, but it does not express a need for
reliable delivery; reliability is adjustable per Message via the reliable delivery; reliability is adjustable per Message via the
perMsgReliability property (see Section 9.1.3.7). The type and units perMsgReliability Property (see Section 9.1.3.7). The type and units
of Lifetime are implementation specific. of Lifetime are implementation specific.
9.1.3.2. Priority 9.1.3.2. Priority
Name: msgPriority Name: msgPriority
Type: Integer (non-negative) Type: Integer (non-negative)
Default: 100 Default: 100
This property specifies the priority of a Message, relative to other This Property specifies the priority of a Message, relative to other
Messages sent over the same Connection. A numerically lower value Messages sent over the same Connection. A numerically lower value
represents a higher priority. represents a higher priority.
A Message with Priority 2 will yield to a Message with Priority 1, A Message with priority 2 will yield to a Message with priority 1,
which will yield to a Message with Priority 0, and so on. Priorities which will yield to a Message with priority 0, and so on. Priorities
can be used as a sender-side scheduling construct only or be used to can be used as a sender-side scheduling construct only or be used to
specify priorities on the wire for Protocol Stacks supporting specify priorities on the wire for Protocol Stacks supporting
prioritization. prioritization.
Note that this property is not a per-Message override of Note that this Property is not a per-Message override of
connPriority; see Section 8.1.2. The priority properties might connPriority; see Section 8.1.2. The priority Properties might
interact, but they can be used independently and be realized by interact, but they can be used independently and be realized by
different mechanisms; see Section 9.2.6. different mechanisms; see Section 9.2.6.
9.1.3.3. Ordered 9.1.3.3. Ordered
Name: msgOrdered Name: msgOrdered
Type: Boolean Type: Boolean
Default: the queried Boolean value of the Selection Property Default: the queried Boolean value of the Selection Property
preserveOrder (Section 6.2.4) preserveOrder (Section 6.2.4)
The order in which Messages were submitted for transmission via the The order in which Messages were submitted for transmission via the
Send action will be preserved on delivery via Receive events for all Send action will be preserved on delivery via Receive events for all
Messages on a Connection that have this Message Property set to true. Messages on a Connection that have this Message Property set to true.
If false, the Message is delivered to the receiving application If false, the Message is delivered to the receiving application
without preserving the ordering. This property is used for protocols without preserving the ordering. This Property is used for protocols
that support preservation of data ordering (see Section 6.2.4) but that support preservation of data ordering (see Section 6.2.4) but
allow out-of-order delivery for certain Messages, e.g., by allow out-of-order delivery for certain Messages, e.g., by
multiplexing independent Messages onto different streams. multiplexing independent Messages onto different streams.
If it is not configured by the application before sending, this If it is not configured by the application before sending, this
property's default value will be based on the Selection Property Property's default value will be based on the Selection Property
preserveOrder of the Connection associated with the Send action. preserveOrder of the Connection associated with the Send action.
9.1.3.4. Safely Replayable 9.1.3.4. Safely Replayable
Name: safelyReplayable Name: safelyReplayable
Type: Boolean Type: Boolean
Default: false Default: false
If true, safelyReplayable specifies that a Message is safe to send to If true, safelyReplayable specifies that a Message is safe to send to
the Remote Endpoint more than once for a single Send action. It the Remote Endpoint more than once for a single Send action. It
marks the data as safe for certain 0-RTT establishment techniques, marks the data as safe for certain 0-RTT establishment techniques,
where retransmission of the 0-RTT data could cause the remote where retransmission of the 0-RTT data could cause the remote
application to receive the Message multiple times. application to receive the Message multiple times.
For protocols that do not protect against duplicated Messages, e.g., For protocols that do not protect against duplicated Messages, e.g.,
UDP, all Messages need to be marked as "safely replayable" by UDP, all Messages need to be marked as "safely replayable" by
enabling this property. To enable protocol selection to choose such enabling this Property. To enable protocol selection to choose such
a protocol, safelyReplayable needs to be added to the a protocol, safelyReplayable needs to be added to the
TransportProperties passed to the Preconnection. If such a protocol TransportProperties passed to the Preconnection. If such a protocol
was chosen, disabling safelyReplayable on individual Messages MUST was chosen, disabling safelyReplayable on individual Messages MUST
result in a SendError. result in a SendError.
9.1.3.5. Final 9.1.3.5. Final
Name: final Name: final
Type: Boolean Type: Boolean
Default: false Default: false
If true, this indicates a Message is the last that the application If true, this indicates a Message is the last that the application
will send on a Connection. This allows underlying protocols to will send on a Connection. This allows underlying protocols to
indicate to the Remote Endpoint that the Connection has been indicate to the Remote Endpoint that the Connection has been
effectively closed in the sending direction. For example, TCP-based effectively closed in the sending direction. For example, TCP-based
Connections can send a FIN once a Message marked as Final has been Connections can send a FIN once a Message marked as Final has been
completely sent, indicated by marking endOfMessage. Protocols that completely sent, indicated by marking endOfMessage. Protocols that
do not support signaling the end of a Connection in a given direction do not support signaling the end of a Connection in a given direction
will ignore this property. will ignore this Property.
A Final Message must always be sorted to the end of a list of A Final Message must always be sorted to the end of a list of
Messages. The final property overrides Priority and any other Messages. The final Property overrides connPriority, msgPriority,
property that would reorder Messages. If another Message is sent and any other Property that would reorder Messages. If another
after a Message marked as Final has already been sent on a Message is sent after a Message marked as Final has already been sent
Connection, the Send action for the new Message will cause a on a Connection, the Send action for the new Message will cause a
SendError event. SendError event.
9.1.3.6. Sending Corruption Protection Length 9.1.3.6. Sending Corruption Protection Length
Name: msgChecksumLen Name: msgChecksumLen
Type: Integer (non-negative) or Full Coverage Type: Integer (non-negative) or Full Coverage
Default: Full Coverage Default: Full Coverage
If this property is an Integer, it specifies the minimum length of If this Property is an Integer, it specifies the minimum length of
the section of a sent Message, starting from byte 0, that the the section of a sent Message, starting from byte 0, that the
application requires to be delivered without corruption due to lower- application requires to be delivered without corruption due to lower-
layer errors. It is used to specify options for simple integrity layer errors. It is used to specify options for simple integrity
protection via checksums. A value of 0 means that no checksum needs protection via checksums. A value of 0 means that no checksum needs
to be calculated, and the enumerated value Full Coverage means that to be calculated, and the enumerated value Full Coverage means that
the entire Message needs to be protected by a checksum. Only Full the entire Message needs to be protected by a checksum. Only Full
Coverage is guaranteed: any other requests are advisory, which may Coverage is guaranteed: any other requests are advisory, which may
result in Full Coverage being applied. result in Full Coverage being applied.
9.1.3.7. Reliable Data Transfer (Message) 9.1.3.7. Reliable Data Transfer (Message)
Name: msgReliable Name: msgReliable
Type: Boolean Type: Boolean
Default: the queried Boolean value of the Selection Property Default: the queried Boolean value of the Selection Property
reliability (Section 6.2.1) reliability (Section 6.2.1)
When true, this property specifies that a Message should be sent in When true, this Property specifies that a Message should be sent in
such a way that the transport protocol ensures that all data is such a way that the transport protocol ensures that all data is
received by the Remote Endpoint. Changing the msgReliable property received by the Remote Endpoint. Changing the msgReliable Property
on Messages is only possible for Connections that were established on Messages is only possible for Connections that were established
enabling the Selection Property perMsgReliability. When this is not enabling the Selection Property perMsgReliability. When this is not
the case, changing msgReliable will generate an error. the case, changing msgReliable will generate an error.
Disabling this property indicates that the Transport Services system Disabling this Property indicates that the Transport Services System
could disable retransmissions or other reliability mechanisms for could disable retransmissions or other reliability mechanisms for
this particular Message, but such disabling is not guaranteed. this particular Message, but such disabling is not guaranteed.
If it is not configured by the application before sending, this If it is not configured by the application before sending, this
property's default value will be based on the Selection Property Property's default value will be based on the Selection Property
reliability of the Connection associated with the Send action. reliability of the Connection associated with the Send action.
9.1.3.8. Message Capacity Profile Override 9.1.3.8. Message Capacity Profile Override
Name: msgCapacityProfile Name: msgCapacityProfile
Type: Enumeration Type: Enumeration
Default: inherited from the Connection Property connCapacityProfile Default: inherited from the Connection Property connCapacityProfile
(Section 8.1.6) (Section 8.1.6)
This enumerated property specifies the application's preferred trade- This enumerated Property specifies the application's preferred trade-
offs for sending this Message; it is a per-Message override of the offs for sending this Message; it is a per-Message override of the
connCapacityProfile Connection Property (see Section 8.1.6). If it connCapacityProfile Connection Property (see Section 8.1.6). If it
is not configured by the application before sending, this property's is not configured by the application before sending, this Property's
default value will be based on the Connection Property default value will be based on the Connection Property
connCapacityProfile of the Connection associated with the Send connCapacityProfile of the Connection associated with the Send
action. action.
9.1.3.9. No Network-Layer Fragmentation 9.1.3.9. No Network-Layer Fragmentation
Name: noFragmentation Name: noFragmentation
Type: Boolean Type: Boolean
Default: false Default: false
This property specifies that a Message should be sent and received This Property specifies that a Message should be sent and received
without network-layer fragmentation, if possible. It can be used to without network-layer fragmentation, if possible. It can be used to
avoid network-layer fragmentation when transport segmentation is avoid network-layer fragmentation when transport segmentation is
preferred. preferred.
This only takes effect when the transport uses a network layer that This only takes effect when the transport uses a network layer that
supports this functionality. When it does take effect, setting this supports this functionality. When it does take effect, setting this
property to true will cause the sender to avoid network-layer source Property to true will cause the sender to avoid network-layer source
fragmentation. When using IPv4, this will result in the Don't fragmentation. When using IPv4, this will result in the Don't
Fragment (DF) bit being set in the IP header. Fragment (DF) bit being set in the IP header.
Attempts to send a Message with this property that result in a size Attempts to send a Message with this Property that result in a size
greater than the transport's current estimate of its maximum packet greater than the transport's current estimate of its maximum packet
size (singularTransmissionMsgMaxLen) can result in transport size (singularTransmissionMsgMaxLen) can result in transport
segmentation when permitted or in a SendError. segmentation when permitted or in a SendError.
| Note: noSegmentation is used when it is desired to send a | Note: noSegmentation is used when it is desired to send a
| Message within a single network packet. | Message within a single network packet.
9.1.3.10. No Segmentation 9.1.3.10. No Segmentation
Name: noSegmentation Name: noSegmentation
Type: Boolean Type: Boolean
Default: false Default: false
When set to true, this property requests that the transport layer not When set to true, this Property requests that the transport layer not
provide segmentation of Messages larger than the maximum size provide segmentation of Messages larger than the maximum size
permitted by the network layer and that it avoid network-layer source permitted by the network layer and that it avoid network-layer source
fragmentation of Messages. When running over IPv4, setting this fragmentation of Messages. When running over IPv4, setting this
property to true will result in a sending endpoint setting the Don't Property to true will result in a sending Endpoint setting the Don't
Fragment bit in the IPv4 header of packets generated by the transport Fragment bit in the IPv4 header of packets generated by the transport
layer. layer.
An attempt to send a Message that results in a size greater than the An attempt to send a Message that results in a size greater than the
transport's current estimate of its maximum packet size transport's current estimate of its maximum packet size
(singularTransmissionMsgMaxLen) will result in a SendError. This (singularTransmissionMsgMaxLen) will result in a SendError. This
only takes effect when the transport and network layers support this only takes effect when the transport and network layers support this
functionality. functionality.
9.2. Sending Data 9.2. Sending Data
Once a Connection has been established, it can be used for sending Once a Connection has been established, it can be used for sending
Messages. By default, Send enqueues a complete Message and takes Messages. By default, Send enqueues a complete Message and takes
optional per-Message properties (see Section 9.2.1). All Send optional per-Message Properties (see Section 9.2.1). All Send
actions are asynchronous and deliver events (see Section 9.2.2). actions are asynchronous and deliver events (see Section 9.2.2).
Sending partial Messages for streaming large data is also supported Sending partial Messages for streaming large data is also supported
(see Section 9.2.3). (see Section 9.2.3).
Messages are sent on a Connection using the Send action: Messages are sent on a Connection using the Send action:
Connection.Send(messageData, messageContext?, endOfMessage?) Connection.Send(messageData, messageContext?, endOfMessage?)
where messageData is the data object to send and messageContext where messageData is the data object to send and messageContext
allows adding Message Properties, identifying Send events related to allows adding Message Properties, identifying Send events related to
skipping to change at line 3261 skipping to change at line 3263
The most basic form of sending on a Connection involves enqueuing a The most basic form of sending on a Connection involves enqueuing a
single Data block as a complete Message with default Message single Data block as a complete Message with default Message
Properties. Properties.
messageData := "hello" messageData := "hello"
Connection.Send(messageData) Connection.Send(messageData)
The interpretation of a Message to be sent is dependent on the The interpretation of a Message to be sent is dependent on the
implementation and on the constraints on the Protocol Stacks implied implementation and on the constraints on the Protocol Stacks implied
by the Connection's transport properties. For example, a Message by the Connection's transport properties. For example, a Message
could be the payload of a single datagram for a UDP Connection. could be the payload of a single datagram for a UDP connection.
Another example would be an HTTP Request for an HTTP Connection. Another example would be an HTTP Request for an HTTP Connection.
Some transport protocols can deliver arbitrarily sized Messages, but Some transport protocols can deliver arbitrarily sized Messages, but
other protocols constrain the maximum Message size. Applications can other protocols constrain the maximum Message size. Applications can
query the Connection Property sendMsgMaxLen (Section 8.1.11.5) to query the Connection Property sendMsgMaxLen (Section 8.1.11.5) to
determine the maximum size allowed for a single Message. If a determine the maximum size allowed for a single Message. If a
Message is too large to fit in the Maximum Message Size for the Message is too large to fit in the Maximum Message Size for the
Connection, the Send will fail with a SendError event Connection, the Send will fail with a SendError event
(Section 9.2.2.3). For example, it is invalid to send a Message over (Section 9.2.2.3). For example, it is invalid to send a Message over
a UDP connection that is larger than the available datagram sending a UDP connection that is larger than the available datagram sending
skipping to change at line 3296 skipping to change at line 3298
The Transport Services API should allow the application to correlate The Transport Services API should allow the application to correlate
a Send event to the particular call to Send that triggered the event. a Send event to the particular call to Send that triggered the event.
The manner in which this correlation is indicated is implementation The manner in which this correlation is indicated is implementation
specific. specific.
9.2.2.1. Sent 9.2.2.1. Sent
Connection -> Sent<messageContext> Connection -> Sent<messageContext>
The Sent event occurs when a previous Send call has completed, i.e., The Sent event occurs when a previous Send action has completed,
when the data derived from the Message has been passed down or i.e., when the data derived from the Message has been passed down or
through the underlying Protocol Stack and is no longer the through the underlying Protocol Stack and is no longer the
responsibility of the Transport Services API. The exact disposition responsibility of the Transport Services API. The exact disposition
of the Message (i.e., whether it has actually been transmitted, moved of the Message (i.e., whether it has actually been transmitted, moved
into a buffer on the network interface, moved into a kernel buffer, into a buffer on the network interface, moved into a kernel buffer,
and so on) when the Sent event occurs is implementation specific. and so on) when the Sent event occurs is implementation specific.
The Sent event contains a reference to the Message Context of the The Sent event contains a reference to the Message Context of the
Message to which it applies. Message to which it applies.
Sent events allow an application to obtain an understanding of the Sent events allow an application to obtain an understanding of the
amount of buffering it creates. That is, if an application calls the amount of buffering it creates. That is, if an application calls the
Send action multiple times without waiting for a Sent event, it has Send action multiple times without waiting for a Sent event, it has
created more buffer inside the Transport Services system than an created more buffer inside the Transport Services System than an
application that always waits for the Sent event before calling the application that always waits for the Sent event before calling the
next Send action. next Send action.
9.2.2.2. Expired 9.2.2.2. Expired
Connection -> Expired<messageContext> Connection -> Expired<messageContext>
The Expired event occurs when a previous Send action expired before The Expired event occurs when a previous Send action expired before
completion, i.e., when the Message was not sent before its Lifetime completion, i.e., when the Message was not sent before its Lifetime
(see Section 9.1.3.1) expired. This is separate from SendError, as (see Section 9.1.3.1) expired. This is separate from SendError, as
skipping to change at line 3393 skipping to change at line 3395
For application-layer protocols where the Connection initiator also For application-layer protocols where the Connection initiator also
sends the first Message, the InitiateWithSend action combines sends the first Message, the InitiateWithSend action combines
Connection initiation with a first Message sent: Connection initiation with a first Message sent:
Connection := Preconnection.InitiateWithSend(messageData, Connection := Preconnection.InitiateWithSend(messageData,
messageContext?, messageContext?,
timeout?) timeout?)
Whenever possible, a messageContext should be provided to declare the Whenever possible, a messageContext should be provided to declare the
Message passed to InitiateWithSend as "safely replayable" using the Message passed to InitiateWithSend as "safely replayable" using the
safelyReplayable property. This allows the Transport Services system safelyReplayable Property. This allows the Transport Services System
to make use of 0-RTT establishment in case this is supported by the to make use of 0-RTT establishment in case this is supported by the
available Protocol Stacks. When the selected stack or stacks do not available Protocol Stacks. When the selected stack or stacks do not
support transmitting data upon connection establishment, support transmitting data upon connection establishment,
InitiateWithSend is identical to Initiate followed by Send. InitiateWithSend is identical to Initiate followed by Send.
Neither partial sends nor send batching are supported by Neither partial sends nor send batching are supported by
InitiateWithSend. InitiateWithSend.
The events that are sent after InitiateWithSend are equivalent to The events that are sent after InitiateWithSend are equivalent to
those that would be sent by an invocation of Initiate followed those that would be sent by an invocation of Initiate followed
immediately by an invocation of Send, with the caveat that a send immediately by an invocation of Send, with the caveat that a send
failure that occurs because the Connection could not be established failure that occurs because the Connection could not be established
will not result in a SendError separate from the EstablishmentError will not result in a SendError separate from the EstablishmentError
signaling the failure of Connection establishment. signaling the failure of Connection establishment.
9.2.6. Priority and the Transport Services API 9.2.6. Priority and the Transport Services API
The Transport Services API provides two properties to allow a sender The Transport Services API provides two Properties to allow a sender
to signal the relative priority of data transmission: msgPriority to signal the relative priority of data transmission: msgPriority
(see Section 9.1.3.2) and connPriority (see Section 8.1.2). These (see Section 9.1.3.2) and connPriority (see Section 8.1.2). These
properties are designed to allow the expression and implementation of Properties are designed to allow the expression and implementation of
a wide variety of approaches to transmission priority in the a wide variety of approaches to transmission priority in the
transport and application layers, including those that do not appear transport and application layers, including those that do not appear
on the wire (affecting only sender-side transmission scheduling) as on the wire (affecting only sender-side transmission scheduling) as
well as those that do (e.g., [RFC9218]). A Transport Services system well as those that do (e.g., [RFC9218]). A Transport Services System
gives no guarantees about how its expression of relative priorities gives no guarantees about how its expression of relative priorities
will be realized. will be realized.
The Transport Services API does order connPriority over msgPriority. The Transport Services API does order connPriority over msgPriority.
In the absence of other externalities (e.g., transport-layer flow In the absence of other externalities (e.g., transport-layer flow
control), a priority 1 Message on a priority 0 Connection will be control), a priority 1 Message on a priority 0 Connection will be
sent before a priority 0 Message on a priority 1 Connection in the sent before a priority 0 Message on a priority 1 Connection in the
same group. same group.
9.3. Receiving Data 9.3. Receiving Data
Once a Connection is established, it can be used for receiving data Once a Connection is established, it can be used for receiving data
(unless the direction property is set to unidirectional send). As (unless the direction Property is set to unidirectional send). As
with sending, the data is received in Messages. Receiving is an with sending, the data is received in Messages. Receiving is an
asynchronous operation in which each call to Receive enqueues a asynchronous operation in which each call to Receive enqueues a
request to receive new data from the Connection. Once data has been request to receive new data from the Connection. Once data has been
received, or an error is encountered, an event will be delivered to received, or an error is encountered, an event will be delivered to
complete any pending Receive requests (see Section 9.3.2). If complete any pending Receive requests (see Section 9.3.2). If
Messages arrive at the Transport Services system before Receive Messages arrive at the Transport Services System before Receive
requests are issued, ensuing Receive requests will first operate on requests are issued, ensuing Receive requests will first operate on
these Messages before awaiting any further Messages. these Messages before awaiting any further Messages.
9.3.1. Enqueuing Receives 9.3.1. Enqueuing Receives
Receive takes two parameters to specify the length of data that an Receive takes two parameters to specify the length of data that an
application is willing to receive, both of which are optional and application is willing to receive, both of which are optional and
have default values if not specified. have default values if not specified.
Connection.Receive(minIncompleteLength?, maxLength?) Connection.Receive(minIncompleteLength?, maxLength?)
By default, Receive will try to deliver complete Messages in a single By default, Receive will try to deliver complete Messages in a single
event (Section 9.3.2.1). event (Section 9.3.2.1).
The application can set a minIncompleteLength value to indicate the The application can set a minIncompleteLength value to indicate the
smallest partial Message data size in bytes to be delivered in smallest partial Message data size in bytes to be delivered in
response to this Receive. By default, this value is infinite, which response to this Receive. By default, this value is Infinite, which
means that only complete Messages should be delivered. See means that only complete Messages should be delivered. See
Sections 9.3.2.2 and 9.1.2 for more information on how this is Sections 9.3.2.2 and 9.1.2 for more information on how this is
accomplished. If this value is set to some smaller value, the accomplished. If this value is set to some smaller value, the
associated receive event will be triggered only: associated Receive event will be triggered only:
1. when at least that many bytes are available, 1. when at least that many bytes are available,
2. the Message is complete with fewer bytes, or 2. the Message is complete with fewer bytes, or
3. the system needs to free up memory. 3. the system needs to free up memory.
Applications SHOULD always check the length of the data delivered to Applications SHOULD always check the length of the data delivered to
the receive event and not assume it will be as long as the Receive event and not assume it will be as long as
minIncompleteLength in the case of shorter complete Messages or minIncompleteLength in the case of shorter complete Messages or
memory issues. memory issues.
The maxLength argument indicates the maximum size of a Message in The maxLength argument indicates the maximum size of a Message in
bytes that the application is currently prepared to receive. The bytes that the application is currently prepared to receive. The
default value for maxLength is infinite. If an incoming Message is default value for maxLength is Infinite. If an incoming Message is
larger than the minimum of this size and the maximum Message size on larger than the minimum of this size and the maximum Message size on
receive for the Connection's Protocol Stack, it will be delivered via receive for the Connection's Protocol Stack, it will be delivered via
ReceivedPartial events (Section 9.3.2.2). ReceivedPartial events (Section 9.3.2.2).
Note that maxLength does not guarantee that the application will Note that maxLength does not guarantee that the application will
receive that many bytes if they are available; the Transport Services receive that many bytes if they are available; the Transport Services
API could return ReceivedPartial events with less data than maxLength API could return ReceivedPartial events with less data than maxLength
according to implementation constraints. Note also that maxLength according to implementation constraints. Note also that maxLength
and minIncompleteLength are intended only to manage buffering and are and minIncompleteLength are intended only to manage buffering and are
not interpreted as a receiver preference for Message reordering. not interpreted as a receiver preference for Message reordering.
9.3.2. Receive Events 9.3.2. Receive Events
Each call to Receive will be paired with a single Receive event. Each call to Receive will be paired with a single Receive event.
This allows an application to provide backpressure to the transport This allows an application to provide backpressure to the Protocol
stack when it is temporarily not ready to receive Messages. For Stack when it is temporarily not ready to receive Messages. For
example, an application that will later be able to handle multiple example, an application that will later be able to handle multiple
receive events at the same time can make multiple calls to Receive Receive events at the same time can make multiple calls to Receive
without waiting for, or processing, any receive events. An without waiting for, or processing, any Receive events. An
application that is temporarily unable to process received events for application that is temporarily unable to process received events for
a connection could refrain from calling Receive or could delay a connection could refrain from calling Receive or could delay
calling it. This would lead to a buildup of unread data, which, in calling it. This would lead to a buildup of unread data, which, in
turn, could result in backpressure to the sender via a transport turn, could result in backpressure to the sender via a transport
protocol's flow control. protocol's flow control.
The Transport Services API should allow the application to correlate The Transport Services API should allow the application to correlate
a Receive event to the particular call to Receive that triggered the a Receive event to the particular call to Receive that triggered the
event. The manner in which this correlation is indicated is event. The manner in which this correlation is indicated is
implementation specific. implementation specific.
9.3.2.1. Received 9.3.2.1. Received
Connection -> Received<messageData, messageContext> Connection -> Received<messageData, messageContext>
A Received event indicates the delivery of a complete Message. It A Received event indicates the delivery of a complete Message. It
contains two objects: the received bytes as messageData and the contains two objects: the received bytes as messageData and the
metadata and properties of the received Message as messageContext. metadata and Properties of the received Message as messageContext.
The messageData value provides access to the bytes that were received The messageData value provides access to the bytes that were received
for this Message, along with the length of the byte array. The for this Message, along with the length of the byte array. The
messageContext value is provided to enable retrieving metadata about messageContext value is provided to enable retrieving metadata about
the Message and referring to the Message. The MessageContext object the Message and referring to the Message. The MessageContext object
is described in Section 9.1.1. is described in Section 9.1.1.
See Section 9.1.2 regarding how to handle Message framing in See Section 9.1.2 regarding how to handle Message framing in
situations where the Protocol Stack only provides a byte-stream situations where the Protocol Stack only provides a byte-stream
transport. transport.
skipping to change at line 3533 skipping to change at line 3535
Connection -> ReceivedPartial<messageData, messageContext, Connection -> ReceivedPartial<messageData, messageContext,
endOfMessage> endOfMessage>
If a complete Message cannot be delivered in one event, one part of If a complete Message cannot be delivered in one event, one part of
the Message can be delivered with a ReceivedPartial event. To the Message can be delivered with a ReceivedPartial event. To
continue to receive more of the same Message, the application must continue to receive more of the same Message, the application must
invoke Receive again. invoke Receive again.
Multiple invocations of ReceivedPartial deliver data for the same Multiple invocations of ReceivedPartial deliver data for the same
Message by passing the same MessageContext until the endOfMessage Message by passing the same MessageContext until the value of the
flag is delivered or a ReceiveError occurs. All partial blocks of a endOfMessage Property is delivered or a ReceiveError occurs. All
single Message are delivered in order without gaps. This event does partial blocks of a single Message are delivered in order without
not support delivering non-contiguous partial Messages. For example, gaps. This event does not support delivering non-contiguous partial
if Message A is divided into three pieces (A1, A2, and A3), Message B Messages. For example, if Message A is divided into three pieces
is divided into three pieces (B1, B2, and B3), and preserveOrder is (A1, A2, and A3), Message B is divided into three pieces (B1, B2, and
not Require, the ReceivedPartial could deliver them in a sequence B3), and preserveOrder is not Require, the ReceivedPartial could
like this: A1, B1, B2, A2, A3, B3. This is because the deliver them in a sequence like this: A1, B1, B2, A2, A3, B3. This
MessageContext allows the application to identify the pieces as is because the MessageContext allows the application to identify the
belonging to Message A and B, respectively. However, a sequence like pieces as belonging to Message A and B, respectively. However, a
A1, A3 will never occur. sequence like A1, A3 will never occur.
If the minIncompleteLength in the Receive request was set to be If the minIncompleteLength in the Receive request was set to be
infinite (indicating a request to receive only complete Messages), Infinite (indicating a request to receive only complete Messages),
the ReceivedPartial event could still be delivered if one of the the ReceivedPartial event could still be delivered if one of the
following conditions is true: following conditions is true:
* the underlying Protocol Stack supports message boundary * the underlying Protocol Stack supports Message boundary
preservation and the size of the Message is larger than the preservation and the size of the Message is larger than the
buffers available for a single Message; buffers available for a single Message;
* the underlying Protocol Stack does not support message boundary * the underlying Protocol Stack does not support Message boundary
preservation and the Message Framer (see Section 9.1.2) cannot preservation and the Message Framer (see Section 9.1.2) cannot
determine the end of the Message using the buffer space it has determine the end of the Message using the buffer space it has
available; or available; or
* the underlying Protocol Stack does not support message boundary * the underlying Protocol Stack does not support Message boundary
preservation and no Message Framer was supplied by the preservation and no Message Framer was supplied by the
application. application.
Note that, in the absence of message boundary preservation or a Note that, in the absence of Message boundary preservation or a
Message Framer, all bytes received on the Connection will be Message Framer, all bytes received on the Connection will be
represented as one large Message of indeterminate length. represented as one large Message of indeterminate length.
In the following example, an application only wants to receive up to In the following example, an application only wants to receive up to
1000 bytes at a time from a Connection. If a 1500-byte Message 1000 bytes at a time from a Connection. If a 1500-byte Message
arrives, it would receive the Message in two separate ReceivedPartial arrives, it would receive the Message in two separate ReceivedPartial
events. events.
Connection.Receive(1, 1000) Connection.Receive(1, 1000)
skipping to change at line 3601 skipping to change at line 3603
fully retrieved or parsed, and fully retrieved or parsed, and
* it is useful for the application to be notified of such errors. * it is useful for the application to be notified of such errors.
For example, a ReceiveError can indicate that a Message (identified For example, a ReceiveError can indicate that a Message (identified
via the messageContext value) that was being partially received via the messageContext value) that was being partially received
previously, but had not completed, encountered an error and will not previously, but had not completed, encountered an error and will not
be completed. This can be useful for an application, which might be completed. This can be useful for an application, which might
wish to use this error as a hint to remove previously received wish to use this error as a hint to remove previously received
Message parts from memory. As another example, if an incoming Message parts from memory. As another example, if an incoming
Message does not fulfill the recvChecksumLen property (see Message does not fulfill the recvChecksumLen Property (see
Section 8.1.1), an application can use this error as a hint to inform Section 8.1.1), an application can use this error as a hint to inform
the peer application to adjust the msgChecksumLen property (see the peer application to adjust the msgChecksumLen Property (see
Section 9.1.3.6). Section 9.1.3.6).
In contrast, internal protocol reception errors (e.g., loss causing In contrast, internal protocol reception errors (e.g., loss causing
retransmissions in TCP) are not signaled by this event. Conditions retransmissions in TCP) are not signaled by this event. Conditions
that irrevocably lead to the termination of the Connection are that irrevocably lead to the termination of the Connection are
signaled using ConnectionError (see Section 10). signaled using ConnectionError (see Section 10).
9.3.3. Receive Message Properties 9.3.3. Receive Message Properties
Each MessageContext could contain metadata from protocols in the Each MessageContext could contain metadata from protocols in the
Protocol Stack; which metadata is available is Protocol Stack Protocol Stack; which metadata is available is Protocol Stack
dependent. These are exposed through additional read-only Message dependent. These are exposed through additional read-only Message
Properties that can be queried from the MessageContext object (see Properties that can be queried from the MessageContext object (see
Section 9.1.1) passed by the receive event. The metadata values in Section 9.1.1) passed by the Receive event. The metadata values in
the following subsections are supported. the following subsections are supported.
9.3.3.1. Property Specific to UDP and UDP-Lite: ECN 9.3.3.1. Property Specific to UDP and UDP-Lite: ECN
When available, Message metadata carries the value of the Explicit When available, Message metadata carries the value of the Explicit
Congestion Notification (ECN) field. This information can be used Congestion Notification (ECN) field. This information can be used
for logging and debugging as well as building applications that need for logging and debugging as well as building applications that need
access to information about the transport internals for their own access to information about the transport internals for their own
operation. This property is specific to UDP and UDP-Lite, because operation. This Property is specific to UDP and UDP-Lite, because
these protocols do not implement congestion control; hence, they these protocols do not implement congestion control; hence, they
expose this functionality to the application (see [RFC8293], expose this functionality to the application (see [RFC8293],
following the guidance in [RFC8085]). following the guidance in [RFC8085]).
9.3.3.2. Early Data 9.3.3.2. Early Data
In some cases, it can be valuable to know whether data was read as In some cases, it can be valuable to know whether data was read as
part of early data transfer (before Connection establishment has part of early data transfer (before Connection establishment has
finished). This is useful if applications need to treat early data finished). This is useful if applications need to treat early data
separately, e.g., if early data has different security properties separately, e.g., if early data has different security Properties
than data sent after connection establishment. In the case of TLS than data sent after Connection establishment. In the case of TLS
1.3, client early data can be replayed maliciously (see [RFC8446]). 1.3, client early data can be replayed maliciously (see [RFC8446]).
Thus, receivers might wish to perform additional checks for early Thus, receivers might wish to perform additional checks for early
data to ensure that it is safely replayable. If TLS 1.3 is available data to ensure that it is safely replayable. If TLS 1.3 is available
and the recipient Message was sent as part of early data, the and the recipient Message was sent as part of early data, the
corresponding metadata carries a flag indicating as such. If early corresponding metadata carries a flag indicating as such. If early
data is enabled, applications should check this metadata field for data is enabled, applications should check this metadata field for
Messages received during Connection establishment and respond Messages received during Connection establishment and respond
accordingly. accordingly.
9.3.3.3. Receiving Final Messages 9.3.3.3. Receiving Final Messages
The MessageContext can indicate whether or not this Message is the The MessageContext can indicate whether or not this Message is the
last Message on a Connection. For any Message that is marked as last Message on a Connection. For any Message that is marked as
Final, the application can assume that there will be no more Messages Final, the application can assume that there will be no more Messages
received on the Connection once the Message has been completely received on the Connection once the Message has been completely
delivered. This corresponds to the final property that can be marked delivered. This corresponds to the final Property that can be marked
on a sent Message; see Section 9.1.3.5. on a sent Message; see Section 9.1.3.5.
Some transport protocols and peers do not support signaling of the Some transport protocols and peers do not support signaling of the
final property. Therefore, applications SHOULD NOT rely on receiving final Property. Therefore, applications SHOULD NOT rely on receiving
a Message marked Final to know that the sending endpoint is done a Message marked Final to know that the sending Endpoint is done
sending on a Connection. sending on a Connection.
Any calls to Receive once the Final Message has been delivered will Any calls to Receive once the Final Message has been delivered will
result in errors. result in errors.
10. Connection Termination 10. Connection Termination
A Connection can be terminated: A Connection can be terminated:
1. by the Local Endpoint (i.e., the application calls the Close, 1. by the Local Endpoint (i.e., the application calls the Close,
skipping to change at line 3697 skipping to change at line 3699
remote Close causes the Connection to send either a Closed event or a remote Close causes the Connection to send either a Closed event or a
ConnectionError event), but in contrast to local action calls, it is ConnectionError event), but in contrast to local action calls, it is
not guaranteed that such events will indeed be invoked. When an not guaranteed that such events will indeed be invoked. When an
application needs to free resources associated with a Connection, it application needs to free resources associated with a Connection, it
ought not rely on the invocation of such events due to termination ought not rely on the invocation of such events due to termination
calls from the Remote Endpoint; instead, it should use the local calls from the Remote Endpoint; instead, it should use the local
termination actions. termination actions.
Close terminates a Connection after satisfying all the requirements Close terminates a Connection after satisfying all the requirements
that were specified regarding the delivery of Messages that the that were specified regarding the delivery of Messages that the
application has already given to the Transport Services system. Upon application has already given to the Transport Services System. Upon
successfully satisfying all these requirements, the Connection will successfully satisfying all these requirements, the Connection will
send the Closed event. For example, if reliable delivery was send the Closed event. For example, if reliable delivery was
requested for a Message handed over before calling Close, the Closed requested for a Message handed over before calling Close, the Closed
event will signify that this Message has indeed been delivered. This event will signify that this Message has indeed been delivered. This
action does not affect any other Connection in the same Connection action does not affect any other Connection in the same Connection
Group. Group.
An application MUST NOT assume that it can receive any further data An application MUST NOT assume that it can receive any further data
on a Connection for which it has called Close, even if such data is on a Connection for which it has called Close, even if such data is
already in flight. already in flight.
skipping to change at line 3823 skipping to change at line 3825
event will not occur on that Connection. To ensure this ordering, event will not occur on that Connection. To ensure this ordering,
a Closed event will not occur on a Connection while other events a Closed event will not occur on a Connection while other events
on the Connection are still locally outstanding (i.e., known to on the Connection are still locally outstanding (i.e., known to
the Transport Services API and waiting to be dealt with by the the Transport Services API and waiting to be dealt with by the
application). application).
12. IANA Considerations 12. IANA Considerations
This document has no IANA actions. This document has no IANA actions.
Future works might create IANA registries for generic transport Future works might create IANA registries for generic Transport
property names and transport property namespaces (see Section 4.1). Property names and Transport Property Namespaces (see Section 4.1).
13. Privacy and Security Considerations 13. Privacy and Security Considerations
This document describes a generic API for interacting with a This document describes a generic API for interacting with a
Transport Services system. Part of this API includes configuration Transport Services System. Part of this API includes configuration
details for transport security protocols, as discussed in details for transport security protocols, as discussed in
Section 6.3. It does not recommend use (or disuse) of specific Section 6.3. It does not recommend use (or disuse) of specific
algorithms or protocols. Any API-compatible transport security algorithms or protocols. Any API-compatible transport security
protocol ought to work in a Transport Services system. Security protocol ought to work in a Transport Services System. Security
considerations for these protocols are discussed in the respective considerations for these protocols are discussed in the respective
specifications. specifications.
[RFC9621] provides general security considerations and requirements [RFC9621] provides general security considerations and requirements
for any system that implements the Transport Services architecture. for any system that implements the Transport Services Architecture.
These include recommendations of relevance to the API, e.g., These include recommendations of relevance to the API, e.g.,
regarding the use of keying material. regarding the use of keying material.
The described API is used to exchange information between an The described API is used to exchange information between an
application and the Transport Services system. The same authority application and the Transport Services System. The same authority
implementing both systems is not necessarily expected. However, implementing both systems is not necessarily expected. However,
there is an expectation that the Transport Services Implementation there is an expectation that the Transport Services Implementation
would either: would either:
* be provided as a library that is selected by the application from * be provided as a library that is selected by the application from
a trusted party or a trusted party or
* be part of the operating system that the application also relies * be part of the operating system that the application also relies
on for other tasks. on for other tasks.
In either case, the Transport Services API is an internal interface In either case, the Transport Services API is an internal interface
that is used to exchange information locally between two systems. that is used to exchange information locally between two systems.
However, as the Transport Services system is responsible for network However, as the Transport Services System is responsible for network
communication, it is in the position to potentially share any communication, it is in the position to potentially share any
information provided by the application with the network or another information provided by the application with the network or another
communication peer. Most of the information provided over the communication peer. Most of the information provided over the
Transport Services API is useful to configure and select protocols Transport Services API is useful to configure and select protocols
and paths and is not necessarily privacy sensitive. Still, some and paths and is not necessarily privacy sensitive. Still, some
information could be privacy sensitive because it might reveal usage information could be privacy sensitive because it might reveal usage
characteristics and habits of the user of an application. characteristics and habits of the user of an application.
Of course, any communication over a network reveals usage Of course, any communication over a network reveals usage
characteristics, because all packets, as well as their timing and characteristics, because all packets, as well as their timing and
size, are part of the network-visible wire image [RFC8546]. However, size, are part of the network-visible wire image [RFC8546]. However,
the selection of a protocol and its configuration also impacts which the selection of a protocol and its configuration also impacts which
information is visible, potentially in clear text, and which other information is visible, potentially in clear text, and which other
entities can access it. How Transport Services systems ought to entities can access it. How Transport Services Systems ought to
choose protocols -- depending on the security properties required -- choose protocols -- depending on the security Properties required --
is out of scope for this specification, as it is limited to transport is out of scope for this specification, as it is limited to transport
protocols. The choice of a security protocol can be informed by the protocols. The choice of a security protocol can be informed by the
survey provided in [RFC8922]. survey provided in [RFC8922].
In most cases, information provided for protocol and path selection In most cases, information provided for protocol and path selection
does not directly translate to information that can be observed by does not directly translate to information that can be observed by
network devices on the path. However, there might be specific network devices on the path. However, there might be specific
configuration information that is intended for path exposure, e.g., a configuration information that is intended for path exposure, e.g., a
Diffserv codepoint setting that is either provided directly by the Diffserv codepoint setting that is either provided directly by the
application or indirectly configured for a traffic profile. application or indirectly configured for a traffic profile.
Applications should be aware that a single communication attempt can Applications should be aware that a single communication attempt can
lead to more than one connection establishment procedure. For lead to more than one connection establishment procedure. For
example, this is the case when: example, this is the case when:
* the Transport Services system also executes name resolution, * the Transport Services System also executes name resolution,
* support mechanisms such as TURN or ICE are used to establish * support mechanisms such as TURN or ICE are used to establish
connectivity if protocols or paths are raced or if a path fails connectivity if protocols or paths are raced or if a path fails
and fallback or re-establishment is supported in the Transport and fallback or re-establishment is supported in the Transport
Services system. Services System.
Applications should take special care when using 0-RTT session Applications should take special care when using 0-RTT session
resumption (see Section 6.2.5), as early data sent across multiple resumption (see Section 6.2.5), as early data sent across multiple
paths during connection establishment could reveal information that paths during Connection establishment could reveal information that
can be used to correlate endpoints on these paths. can be used to correlate Endpoints on these paths.
Applications should also take care to not assume that all data Applications should also take care to not assume that all data
received using the Transport Services API is always complete or well- received using the Transport Services API is always complete or well-
formed. Specifically, Messages that are received partially (see formed. Specifically, Messages that are received partially (see
Section 9.3.2.2) could be a source of truncation attacks if Section 9.3.2.2) could be a source of truncation attacks if
applications do not distinguish between partial Messages and complete applications do not distinguish between partial Messages and complete
Messages. Messages.
The Transport Services API explicitly does not require the The Transport Services API explicitly does not require the
application to resolve names, though there is a trade-off between application to resolve names, though there is a trade-off between
skipping to change at line 3922 skipping to change at line 3924
potential additional information leakage about application interest potential additional information leakage about application interest
when used with a resolution method (such as DNS without TLS) that when used with a resolution method (such as DNS without TLS) that
does not protect query confidentiality. Names used with the does not protect query confidentiality. Names used with the
Transport Services API SHOULD be FQDNs; not providing an FQDN will Transport Services API SHOULD be FQDNs; not providing an FQDN will
result in the Transport Services Implementation needing to use DNS result in the Transport Services Implementation needing to use DNS
search domains for name resolution, which might lead to inconsistent search domains for name resolution, which might lead to inconsistent
or unpredictable behavior. or unpredictable behavior.
These communication activities are not different from what is used at These communication activities are not different from what is used at
the time of writing. However, the goal of a Transport Services the time of writing. However, the goal of a Transport Services
system is to support such mechanisms as a generic service within the System is to support such mechanisms as a generic service within the
transport layer. This enables applications to more dynamically transport layer. This enables applications to more dynamically
benefit from innovations and new protocols in the transport, although benefit from innovations and new protocols in the transport, although
it reduces transparency of the underlying communication actions to it reduces transparency of the underlying communication actions to
the application itself. The Transport Services API is designed such the application itself. The Transport Services API is designed such
that protocol and path selection can be limited to a small and that protocol and path selection can be limited to a small and
controlled set if required by the application to perform a function controlled set if required by the application to perform a function
or to provide security. Further, introspection on the properties of or to provide security. Further, introspection on the Properties of
Connection objects allows an application to determine which Connection objects allows an application to determine which
protocol(s) and path(s) are in use. A Transport Services system protocol(s) and path(s) are in use. A Transport Services System
SHOULD provide a facility logging the communication events of each SHOULD provide a facility logging the communication events of each
Connection. Connection.
14. References 14. References
14.1. Normative References 14.1. Normative References
[ALPN] Friedl, S., Popov, A., Langley, A., and E. Stephan, [ALPN] Friedl, S., Popov, A., Langley, A., and E. Stephan,
"Transport Layer Security (TLS) Application-Layer Protocol "Transport Layer Security (TLS) Application-Layer Protocol
Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301,
skipping to change at line 4236 skipping to change at line 4238
TransportProperties.Prefer(property) TransportProperties.Prefer(property)
TransportProperties.NoPreference(property) TransportProperties.NoPreference(property)
TransportProperties.Avoid(property) TransportProperties.Avoid(property)
TransportProperties.Prohibit(property) TransportProperties.Prohibit(property)
B.2. Transport Property Profiles B.2. Transport Property Profiles
To ease the use of the Transport Services API, implementations can To ease the use of the Transport Services API, implementations can
provide a mechanism to create Transport Property objects (see provide a mechanism to create Transport Property objects (see
Section 6.2) that are preconfigured with frequently used sets of Section 6.2) that are preconfigured with frequently used sets of
properties; the following subsections list those that are in common Properties; the following subsections list those that are in common
use in applications at the time of writing. use in applications at the time of writing.
B.2.1. reliable-inorder-stream B.2.1. reliable-inorder-stream
This profile provides reliable, in-order transport service with This profile provides reliable, in-order transport service with
congestion control. TCP is an example of a protocol that provides congestion control. TCP is an example of a protocol that provides
this service. It should consist of the following properties: this service. It should consist of the following Properties:
+=======================+===============+ +=======================+===============+
| Property | Value | | Property | Value |
+=======================+===============+ +=======================+===============+
| reliability | Require | | reliability | Require |
+-----------------------+---------------+ +-----------------------+---------------+
| preserveOrder | Require | | preserveOrder | Require |
+-----------------------+---------------+ +-----------------------+---------------+
| congestionControl | Require | | congestionControl | Require |
+-----------------------+---------------+ +-----------------------+---------------+
| preserveMsgBoundaries | No Preference | | preserveMsgBoundaries | No Preference |
+-----------------------+---------------+ +-----------------------+---------------+
Table 2: reliable-inorder-stream Table 2: reliable-inorder-stream
Preferences Preferences
B.2.2. reliable-message B.2.2. reliable-message
This profile provides message-preserving, reliable, in-order This profile provides Message-preserving, reliable, in-order
transport service with congestion control. SCTP is an example of a transport service with congestion control. SCTP is an example of a
protocol that provides this service. It should consist of the protocol that provides this service. It should consist of the
following properties: following Properties:
+=======================+=========+ +=======================+=========+
| Property | Value | | Property | Value |
+=======================+=========+ +=======================+=========+
| reliability | Require | | reliability | Require |
+-----------------------+---------+ +-----------------------+---------+
| preserveOrder | Require | | preserveOrder | Require |
+-----------------------+---------+ +-----------------------+---------+
| congestionControl | Require | | congestionControl | Require |
+-----------------------+---------+ +-----------------------+---------+
| preserveMsgBoundaries | Require | | preserveMsgBoundaries | Require |
+-----------------------+---------+ +-----------------------+---------+
Table 3: reliable-message Table 3: reliable-message
Preferences Preferences
B.2.3. unreliable-datagram B.2.3. unreliable-datagram
This profile provides a datagram transport service without any This profile provides a datagram transport service without any
reliability guarantee. An example of a protocol that provides this reliability guarantee. An example of a protocol that provides this
service is UDP. It consists of the following properties: service is UDP. It consists of the following Properties:
+=======================+===============+ +=======================+===============+
| Property | Value | | Property | Value |
+=======================+===============+ +=======================+===============+
| reliability | Avoid | | reliability | Avoid |
+-----------------------+---------------+ +-----------------------+---------------+
| preserveOrder | Avoid | | preserveOrder | Avoid |
+-----------------------+---------------+ +-----------------------+---------------+
| congestionControl | No Preference | | congestionControl | No Preference |
+-----------------------+---------------+ +-----------------------+---------------+
skipping to change at line 4346 skipping to change at line 4348
with these protocols. with these protocols.
* Connect: Initiate action (Section 7.1). * Connect: Initiate action (Section 7.1).
* Listen: Listen action (Section 7.2). * Listen: Listen action (Section 7.2).
* Specify number of attempts and/or timeout for the first * Specify number of attempts and/or timeout for the first
establishment Message: timeout parameter of Initiate (Section 7.1) establishment Message: timeout parameter of Initiate (Section 7.1)
or InitiateWithSend action (Section 9.2.5). or InitiateWithSend action (Section 9.2.5).
* Disable MPTCP: multipath property (Section 6.2.14). * Disable MPTCP: multipath Property (Section 6.2.14).
* Hand over a Message to reliably transfer (possibly multiple times) * Hand over a Message to reliably transfer (possibly multiple times)
before connection establishment: InitiateWithSend action before Connection establishment: InitiateWithSend action
(Section 9.2.5). (Section 9.2.5).
* Change timeout for aborting connection (using retransmit limit or * Change timeout for aborting connection (using retransmit limit or
time value): connTimeout property, using a time value time value): connTimeout Property, using a time value
(Section 8.1.3). (Section 8.1.3).
* Timeout event when data could not be delivered for too long: * Timeout event when data could not be delivered for too long:
ConnectionError event (Section 10). ConnectionError event (Section 10).
* Suggest timeout to the peer: See "TCP-Specific Properties: User * Suggest timeout to the peer: See "TCP-Specific Properties: User
Timeout Option (UTO)" (Section 8.2). Timeout Option (UTO)" (Section 8.2).
* Notification of ICMP error message arrival: softErrorNotify * Notification of ICMP error message arrival: softErrorNotify
(Section 6.2.17) and SoftError event (Section 8.3.1). (Section 6.2.17) and SoftError event (Section 8.3.1).
* Choose a scheduler to operate between streams of an association: * Choose a scheduler to operate between streams of an association:
connScheduler property (Section 8.1.5). connScheduler Property (Section 8.1.5).
* Configure priority or weight for a scheduler: connPriority * Configure priority or weight for a scheduler: connPriority
property (Section 8.1.2). Property (Section 8.1.2).
* "Specify checksum coverage used by the sender" and "Disable * "Specify checksum coverage used by the sender" and "Disable
checksum when sending": msgChecksumLen property (Section 9.1.3.6) checksum when sending": msgChecksumLen Property (Section 9.1.3.6)
and fullChecksumSend property (Section 6.2.7). and fullChecksumSend Property (Section 6.2.7).
* "Specify minimum checksum coverage required by receiver" and * "Specify minimum checksum coverage required by receiver" and
"Disable checksum requirement when receiving": recvChecksumLen "Disable checksum requirement when receiving": recvChecksumLen
property (Section 8.1.1) and fullChecksumRecv property Property (Section 8.1.1) and fullChecksumRecv Property
(Section 6.2.8). (Section 6.2.8).
* Specify DF field: noFragmentation property (Section 9.1.3.9). * Specify DF field: noFragmentation Property (Section 9.1.3.9).
* Get maximum transport-message size that may be sent using a non- * Get maximum transport-message size that may be sent using a non-
fragmented IP packet from the configured interface: fragmented IP packet from the configured interface:
singularTransmissionMsgMaxLen property (Section 8.1.11.4). singularTransmissionMsgMaxLen Property (Section 8.1.11.4).
* Get maximum transport-message size that may be received from the * Get maximum transport-message size that may be received from the
configured interface: recvMsgMaxLen property (Section 8.1.11.6). configured interface: recvMsgMaxLen Property (Section 8.1.11.6).
* Obtain ECN field: This is a read-only Message Property of the * Obtain ECN field: This is a read-only Message Property of the
MessageContext object (see "Property Specific to UDP and UDP-Lite: MessageContext object (see "Property Specific to UDP and UDP-Lite:
ECN" (Section 9.3.3.1)). ECN" (Section 9.3.3.1)).
* "Specify DSCP field", "Disable Nagle algorithm", and "Enable and * "Specify DSCP field", "Disable Nagle algorithm", and "Enable and
configure a Low Extra Delay Background Transfer": as suggested in configure a Low Extra Delay Background Transfer": as suggested in
Section 5.5 of [RFC8923], these transport features are Section 5.5 of [RFC8923], these transport features are
collectively offered via the connCapacityProfile property collectively offered via the connCapacityProfile Property
(Section 8.1.6). Per-Message control ("Request not to bundle (Section 8.1.6). Per-Message control ("Request not to bundle
messages") is offered via the msgCapacityProfile property messages") is offered via the msgCapacityProfile Property
(Section 9.1.3.8). (Section 9.1.3.8).
* Close after reliably delivering all remaining data, causing an * Close after reliably delivering all remaining data, causing an
event informing the application on the other side: this is offered event informing the application on the other side: this is offered
by the Close action with slightly changed semantics in line with by the Close action with slightly changed semantics in line with
the discussion in Section 5.2 of [RFC8923] (see also Section 10). the discussion in Section 5.2 of [RFC8923] (see also Section 10).
* "Abort without delivering remaining data, causing an event * "Abort without delivering remaining data, causing an event
informing the application on the other side" and "Abort without informing the application on the other side" and "Abort without
delivering remaining data, not causing an event informing the delivering remaining data, not causing an event informing the
application on the other side": these are offered by the Abort application on the other side": these are offered by the Abort
action without promising that these are signaled to the other action without promising that these are signaled to the other
side. If they are, a ConnectionError event will be invoked at the side. If they are, a ConnectionError event will be invoked at the
peer (Section 10). peer (Section 10).
* "Reliably transfer data, with congestion control", "Reliably * "Reliably transfer data, with congestion control", "Reliably
transfer a message, with congestion control", and "Unreliably transfer a message, with congestion control", and "Unreliably
transfer a message": data is transferred via the Send action transfer a message": data is transferred via the Send action
(Section 9.2). Reliability is controlled via the reliability (Section 9.2). Reliability is controlled via the reliability
(Section 6.2.1) property and the msgReliable Message Property (Section 6.2.1) Property and the msgReliable Message Property
(Section 9.1.3.7). Transmitting data as a Message or without (Section 9.1.3.7). Transmitting data as a Message or without
delimiters is controlled via Message Framers (Section 9.1.2). The delimiters is controlled via Message Framers (Section 9.1.2). The
choice of congestion control is provided via the congestionControl choice of congestion control is provided via the congestionControl
property (Section 6.2.9). Property (Section 6.2.9).
* Configurable Message Reliability: the msgLifetime Message Property * Configurable Message Reliability: the msgLifetime Message Property
implements a time-based way to configure message reliability implements a time-based way to configure Message reliability
(Section 9.1.3.1). (Section 9.1.3.1).
* "Ordered message delivery (potentially slower than unordered)" and * "Ordered message delivery (potentially slower than unordered)" and
"Unordered message delivery (potentially faster than ordered)": "Unordered message delivery (potentially faster than ordered)":
these two transport features are controlled via the Message these two transport features are controlled via the Message
Property msgOrdered (Section 9.1.3.3). Property msgOrdered (Section 9.1.3.3).
* Request not to delay the acknowledgement (SACK) of a message: * Request not to delay the acknowledgement (SACK) of a message:
should the protocol support it, this is one of the transport should the protocol support it, this is one of the transport
features the Transport Services system can apply when an features the Transport Services System can apply when an
application uses the connCapacityProfile Property (Section 8.1.6) application uses the connCapacityProfile Property (Section 8.1.6)
or the msgCapacityProfile Message Property (Section 9.1.3.8) with or the msgCapacityProfile Message Property (Section 9.1.3.8) with
value Low Latency/Interactive. value Low Latency/Interactive.
* Receive data (with no message delimiting): Receive action * Receive data (with no message delimiting): Receive action
(Section 9.3.1) and Received event (Section 9.3.2.1). (Section 9.3.1) and Received event (Section 9.3.2.1).
* Receive a message: Receive action (Section 9.3.1) and Received * Receive a message: Receive action (Section 9.3.1) and Received
event (Section 9.3.2.1) using Message Framers (Section 9.1.2). event (Section 9.3.2.1) using Message Framers (Section 9.1.2).
 End of changes. 295 change blocks. 
368 lines changed or deleted 370 lines changed or added

This html diff was produced by rfcdiff 1.48.