Real Time Streaming Protocol 2.0 (RTSP)
draft-ietf-mmusic-rfc2326bis-18.txt

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on November 6, 2008.

Abstract

This memorandum defines RTSP version 2.0 which is a revision of the Proposed Standard RTSP version 1.0 which is defined in RFC 2326.

The Real Time Streaming Protocol, or RTSP, is an application-level protocol for control over the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of real-time data, such as audio and video. Sources of data can include both live data feeds and stored clips. This protocol is intended to control multiple data delivery sessions, provide a means for choosing delivery channels such as UDP, multicast UDP and TCP, and provide a means for choosing delivery mechanisms based upon RTP (RFC 3550).

Table of Contents

1.  Introduction
    1.1.  Scope and Background
    1.2.  RTSP Specificication Update
    1.3.  Notational Conventions
    1.4.  Terminology
    1.5.  Media Properties
        1.5.1.  Random Access
        1.5.2.  Retention
        1.5.3.  Content Modifications
        1.5.4.  Mapping to the Attributes
2.  RTSP Introduction
    2.1.  Protocol Properties
    2.2.  RTSP's Relationship to HTTP
    2.3.  Extending RTSP
    2.4.  Overall Operation
    2.5.  RTSP States
    2.6.  Relationship with Other Protocols
3.  RTSP Use Cases
    3.1.  On-demand Playback of Stored Content
    3.2.  Unicast distribution of Live Content
    3.3.  On-demand Playback using Multicast
    3.4.  Inviting an RTSP server into a conference
    3.5.  Live Content using Multicast
4.  Protocol Parameters
    4.1.  RTSP Version
    4.2.  RTSP IRI and URI
    4.3.  Session Identifiers
    4.4.  SMPTE Relative Timestamps
    4.5.  Normal Play Time
    4.6.  Absolute Time
    4.7.  Feature-tags
    4.8.  Entity Tags
5.  RTSP Message
    5.1.  Message Types
    5.2.  Message Headers
    5.3.  Message Body
    5.4.  Message Length
6.  General Header Fields
7.  Request
    7.1.  Request Line
    7.2.  Request Header Fields
8.  Response
    8.1.  Status-Line
        8.1.1.  Status Code and Reason Phrase
    8.2.  Response Header Fields
9.  Entity
    9.1.  Entity Header Fields
    9.2.  Entity Body
10.  Connections
    10.1.  Reliability and Acknowledgements
    10.2.  Using Connections
    10.3.  Closing Connections
    10.4.  Timing Out Connections and RTSP Messages
    10.5.  Showing Liveness
    10.6.  Use of IPv6
11.  Capability Handling
12.  Pipelining Support
13.  Method Definitions
    13.1.  OPTIONS
    13.2.  DESCRIBE
    13.3.  SETUP
        13.3.1.  Changing Transport Parameters
    13.4.  PLAY
        13.4.1.  General Usage
        13.4.2.  Aggregated Sessions
        13.4.3.  Updating current PLAY Requests
        13.4.4.  Playing On-Demand Media
        13.4.5.  Playing Dynamic On-Demand Media
        13.4.6.  Playing Live Media
        13.4.7.  Playing Live with Recording
        13.4.8.  Playing Live with Time-Shift
    13.5.  PLAY_NOTIFY
        13.5.1.  End-of-Stream
        13.5.2.  Media-Properties-Update
        13.5.3.  Scale-Change
    13.6.  PAUSE
    13.7.  TEARDOWN
    13.8.  GET_PARAMETER
    13.9.  SET_PARAMETER
    13.10.  REDIRECT
14.  Embedded (Interleaved) Binary Data
15.  Status Code Definitions
    15.1.  Success 1xx
        15.1.1.  100 Continue
    15.2.  Success 2xx
        15.2.1.  200 OK
    15.3.  Redirection 3xx
        15.3.1.  300 Multiple Choices
        15.3.2.  301 Moved Permanently
        15.3.3.  302 Found
        15.3.4.  303 See Other
        15.3.5.  304 Not Modified
        15.3.6.  305 Use Proxy
    15.4.  Client Error 4xx
        15.4.1.  400 Bad Request
        15.4.2.  405 Method Not Allowed
        15.4.3.  451 Parameter Not Understood
        15.4.4.  452 reserved
        15.4.5.  453 Not Enough Bandwidth
        15.4.6.  454 Session Not Found
        15.4.7.  455 Method Not Valid in This State
        15.4.8.  456 Header Field Not Valid for Resource
        15.4.9.  457 Invalid Range
        15.4.10.  458 Parameter Is Read-Only
        15.4.11.  459 Aggregate Operation Not Allowed
        15.4.12.  460 Only Aggregate Operation Allowed
        15.4.13.  461 Unsupported Transport
        15.4.14.  462 Destination Unreachable
        15.4.15.  463 Destination Prohibited
        15.4.16.  464 Data Transport Not Ready Yet
        15.4.17.  465 Notification Reason Unknown
        15.4.18.  470 Connection Authorization Required
        15.4.19.  471 Connection Credentials not accepted
        15.4.20.  472 Failure to establish secure connection
    15.5.  Server Error 5xx
        15.5.1.  551 Option not supported
16.  Header Field Definitions
    16.1.  Accept
    16.2.  Accept-Credentials
    16.3.  Accept-Encoding
    16.4.  Accept-Language
    16.5.  Accept-Ranges
    16.6.  Allow
    16.7.  Authorization
    16.8.  Bandwidth
    16.9.  Blocksize
    16.10.  Cache-Control
    16.11.  Connection
    16.12.  Connection-Credentials
    16.13.  Content-Base
    16.14.  Content-Encoding
    16.15.  Content-Language
    16.16.  Content-Length
    16.17.  Content-Location
    16.18.  Content-Type
    16.19.  CSeq
    16.20.  Date
    16.21.  ETag
    16.22.  Expires
    16.23.  From
    16.24.  If-Match
    16.25.  If-Modified-Since
    16.26.  If-None-Match
    16.27.  Last-Modified
    16.28.  Location
    16.29.  Media-Properties
    16.30.  Media-Range
    16.31.  Notify-Reason
    16.32.  Pipelined-Requests
    16.33.  Proxy-Authenticate
    16.34.  Proxy-Authorization
    16.35.  Proxy-Require
    16.36.  Proxy-Supported
    16.37.  Public
    16.38.  Range
    16.39.  Referer
    16.40.  Retry-After
    16.41.  Request-Status
    16.42.  Require
    16.43.  RTP-Info
    16.44.  Scale
    16.45.  Seek-Style
    16.46.  Speed
    16.47.  Server
    16.48.  Session
    16.49.  Supported
    16.50.  Timestamp
    16.51.  Transport
    16.52.  Unsupported
    16.53.  User-Agent
    16.54.  Vary
    16.55.  Via
    16.56.  WWW-Authenticate
17.  Proxies
18.  Caching
19.  Security Framework
    19.1.  RTSP and HTTP Authentication
    19.2.  RTSP over TLS
    19.3.  Security and Proxies
        19.3.1.  Accept-Credentials
        19.3.2.  User approved TLS procedure
20.  Syntax
    20.1.  Base Syntax
    20.2.  RTSP Protocol Definition
        20.2.1.  Generic Protocol elements
        20.2.2.  Message Syntax
        20.2.3.  Header Syntax
    20.3.  SDP extension Syntax
21.  Security Considerations
    21.1.  Remote denial of Service Attack
22.  IANA Considerations
    22.1.  Feature-tags
        22.1.1.  Description
        22.1.2.  Registering New Feature-tags with IANA
        22.1.3.  Registered entries
    22.2.  RTSP Methods
        22.2.1.  Description
        22.2.2.  Registering New Methods with IANA
        22.2.3.  Registered Entries
    22.3.  RTSP Status Codes
        22.3.1.  Description
        22.3.2.  Registering New Status Codes with IANA
        22.3.3.  Registered Entries
    22.4.  RTSP Headers
        22.4.1.  Description
        22.4.2.  Registering New Headers with IANA
        22.4.3.  Registered entries
    22.5.  Transport Header Registries
        22.5.1.  Transport Protocol Specification
        22.5.2.  Transport modes
        22.5.3.  Transport Parameters
    22.6.  Cache Directive Extensions
    22.7.  Accept-Credentials
        22.7.1.  Accept-Credentials policies
        22.7.2.  Accept-Credentials hash algorithms
    22.8.  Range header formats
    22.9.  Media Property Values
        22.9.1.  Description
        22.9.2.  Registration Rules
        22.9.3.  Registered Values
    22.10.  Notify-Reason header
        22.10.1.  Description
        22.10.2.  Registration Rules
        22.10.3.  Registered Values
    22.11.  Seek-Style
        22.11.1.  Description
        22.11.2.  Registration Rules
        22.11.3.  Registered Values
    22.12.  URI Schemes
        22.12.1.  The rtsp URI Scheme
        22.12.2.  The rtsps URI Scheme
        22.12.3.  The rtspu URI Scheme
    22.13.  SDP attributes
    22.14.  Media Type Registration for text/parameters
23.  References
    23.1.  Normative References
    23.2.  Informative References
Appendix A.  Examples
    A.1.  Media on Demand (Unicast)
    A.2.  Media on Demand using Pipelining
    A.3.  Media on Demand (Unicast)
    A.4.  Single Stream Container Files
    A.5.  Live Media Presentation Using Multicast
    A.6.  Capability Negotiation
Appendix B.  RTSP Protocol State Machine
    B.1.  States
    B.2.  State variables
    B.3.  Abbreviations
    B.4.  State Tables
Appendix C.  Media Transport Alternatives
    C.1.  RTP
        C.1.1.  AVP
        C.1.2.  AVP/UDP
        C.1.3.  AVPF/UDP
        C.1.4.  SAVP/UDP
        C.1.5.  SAVPF/UDP
        C.1.6.  RTCP usage with RTSP
    C.2.  RTP over TCP
        C.2.1.  Interleaved RTP over TCP
        C.2.2.  RTP over independent TCP
        C.2.3.  Handling NPT Jumps in the RTP Media Layer
        C.2.4.  Handling RTP Timestamps after PAUSE
        C.2.5.  RTSP / RTP Integration
        C.2.6.  Scaling with RTP
        C.2.7.  Maintaining NPT synchronization with RTP timestamps
        C.2.8.  Continuous Audio
        C.2.9.  Multiple Sources in an RTP Session
        C.2.10.  Usage of SSRCs and the RTCP BYE Message During an RTSP Session
    C.3.  Future Additions
Appendix D.  Use of SDP for RTSP Session Descriptions
    D.1.  Definitions
        D.1.1.  Control URI
        D.1.2.  Media Streams
        D.1.3.  Payload Type(s)
        D.1.4.  Format-Specific Parameters
        D.1.5.  Directionality of media stream
        D.1.6.  Range of Presentation
        D.1.7.  Time of Availability
        D.1.8.  Connection Information
        D.1.9.  Entity Tag
    D.2.  Aggregate Control Not Available
    D.3.  Aggregate Control Available
    D.4.  RTSP external SDP delivery
Appendix E.  Text format for Parameters
Appendix F.  Requirements for Unreliable Transport of RTSP
Appendix G.  Backwards Compatibility Considerations
    G.1.  Play Request in Play mode
    G.2.  Using Persistent Connections
Appendix H.  Open Issues
Appendix I.  Changes
Appendix J.  Acknowledgements
    J.1.  Contributors
Appendix K.  RFC Editor Consideration
§  Authors' Addresses
§  Intellectual Property and Copyright Statements

1.  Introduction

1.1.  Scope and Background

This memo defines version 2.0 of the Real Time Streaming Protocol (RTSP 2.0) which is an application-level protocol for control over the delivery of data with real-time properties, typically streaming media. Streaming media is, for instance, video on demand or audio live streaming. Put simply, RTSP acts as a "network remote control" for multimedia servers, as you know it from your TV set.

The protocol operates between RTSP 2.0 clients and servers, but also supports the usage of RTSP 2.0 proxies between clients and servers. Basically, clients can request information about streaming media from servers, by asking for a description of the media or use media description provided externally. Based on the media description clients can request to play out the media, pause it, or stop it completely, as known from a regular TV remote control. The requested media can consist of multiple audio and video streams that are delivered as a time-synchronized streams from servers to clients.

This memorandum describes the use of RTSP over a reliable connection based transport level protocol, such as TCP. For security, TLS over a connection oriented transport is supported.

There is no dependency on an special RTSP connection in the protocol. Instead, an RTSP server maintains a session labeled by an identifier to associate groups of media streams and their states. An RTSP session is not tied to a transport-level connection such as a TCP connection. During a session, a client may open and close multiple reliable transport connections to the server to issue RTSP requests for that session.

The set of streams to be controlled in an RTSP session is defined by a presentation description. This memorandum does not define a format for the presentation description. However Appendix D (Use of SDP for RTSP Session Descriptions) describes how SDP [RFC4566] (Handley, M., Jacobson, V., and C. Perkins, “SDP: Session Description Protocol,” July 2006.) is used for this purpose. The streams controlled by RTSP may use RTP [RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) for their data transport, but the operation of RTSP does not depend on the transport mechanism used to carry continuous media. RTSP is intentionally similar in syntax and operation to HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) so that extension mechanisms to HTTP may also be applied to RTSP.

The RTSP 2.0 protocol supports the following operations:

Retrieval of media from media server:

The client can either request a presentation description via RTSP DESCRIBE, HTTP or some other method. If the presentation is being multicast, the presentation description contains the multicast addresses and ports to be used for the continuous media. If the presentation is to be sent only to the client via unicast, the client provides the destination.

Invitation of a media server to a conference:

A media server can be "invited" to join an existing conference to play back media into the presentation. This mode is useful, for example, in distributed teaching applications. Several parties in the conference may take turns "pushing the remote control buttons". Note: This functionality will require RTSP external application level functionality.

RTSP requests may be handled by proxies, tunnels and caches as in HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.).

1.2.  RTSP Specificication Update

This memorandum specifies RTSP 2.0 which is an update of RTSP 1.0, a proposed standard defined in [RFC2326] (Schulzrinne, H., Rao, A., and R. Lanphier, “Real Time Streaming Protocol (RTSP),” April 1998.). The goal of this version is to correct the many flaws that have been identified in RTSP 1.0 since its publication. The corrections are such that backwards compatibility was impossible. Thus a new version was deemed the most appropriate solution to get a more functional protocol. There are no plans to revise RTSP 1.0. Appendix I (Changes) catalogs the changes of this version in relation to RTSP 1.0.

RTSP 2.0 as specified in this memo has reduced functionality compared to RTSP 1.0 and aims at specifying the RTSP core, functionality and rules for extensions, and basic interaction with the media delivery protocol RTP (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) [RFC3550].

Any other functionality would need to be published as extension documents. This specification provides rules for such extensions and defines registries to avoid naming collisions.

1.3.  Notational Conventions

Since some of the definitions and syntax are identical to HTTP/1.1, this specification only points to the section where they are defined rather than copying it. For brevity, [HX.Y] is to be taken to refer to Section X.Y of the current HTTP/1.1 specification ([RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.)).

All the mechanisms specified in this document are described in both prose and the Augmented Backus-Naur form (ABNF) described in detail in [RFC5234] (Crocker, D. and P. Overell, “Augmented BNF for Syntax Specifications: ABNF,” January 2008.).

Indented and smaller-type paragraphs are used to provide informative background and motivation. This is intended to give readers who were not involved with the formulation of the specification an understanding of why things are the way they are in RTSP.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).

The word, "unspecified" is used to indicate functionality or features that are not defined in this specification. Such functionality cannot be used in a standardized manner without further definition in an extension specification to RTSP.

1.4.  Terminology

Some of the terminology has been adopted from HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.). Terms not listed here are defined as in HTTP/1.1.

Aggregate control:

The concept of controlling multiple streams using a single timeline, generally maintained by the server. A client, for example, uses aggregate control when it issues a single play or pause message to simultaneously control both the audio and video in a movie. A session which is under aggregate control is referred to as an aggregated session.

Aggregate control URI:

The URI used in an RTSP request to refer to and control an aggregated session. It normally, but not always, corresponds to the presentation URI specified in the session description. See Section 13.3 (SETUP) for more information.

Conference:

A multiparty, multimedia presentation, where "multi" implies greater than or equal to one.

Client:

The client requests media service from the media server.

Connection:

A transport layer virtual circuit established between two programs for the purpose of communication.

Container file:

A file which may contain multiple media streams which often constitutes a presentation when played together. The concept of a container file is not embedded in the protocol. However, RTSP servers may offer aggregate control on the media streams within these files.

Continuous media:

Data where there is a timing relationship between source and sink; that is, the sink needs to reproduce the timing relationship that existed at the source. The most common examples of continuous media are audio and motion video. Continuous media can be real-time (interactive or conversational), where there is a "tight" timing relationship between source and sink, or streaming (playback), where the relationship is less strict.

Entity:

The information transferred as the payload of a request or response. An entity consists of meta-information in the form of entity-header fields and content in the form of an entity-body, as described in Section 9 (Entity).

Feature-tag:

A tag representing a certain set of functionality, i.e. a feature.

IRI:

Internationalized Resource Identifier, is the same as an URI, with the exception that it allows characters from the whole Universal Character Set (Unicode/ISO 10646), rather than the US-ASCII only. See [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.) for more information.

Live:

Normally used to describe a presentation or session with media coming from an ongoing event. This generally results in the session having an unbound or only loosely defined duration, and sometimes no seek operations are possible.

Media initialization:

Datatype/codec specific initialization. This includes such things as clock rates, color tables, etc. Any transport-independent information which is required by a client for playback of a media stream occurs in the media initialization phase of stream setup.

Media parameter:

Parameter specific to a media type that may be changed before or during stream playback.

Media server:

The server providing playback services for one or more media streams. Different media streams within a presentation may originate from different media servers. A media server may reside on the same host or on a different host from which the presentation is invoked.

Media server indirection:

Redirection of a media client to a different media server.

(Media) stream:

A single media instance, e.g., an audio stream or a video stream as well as a single whiteboard or shared application group. When using RTP, a stream consists of all RTP and RTCP packets created by a source within an RTP session.

Message:

The basic unit of RTSP communication, consisting of a structured sequence of octets matching the syntax defined in Section 20 (Syntax) and transmitted over a connection or a connectionless transport.

Non-Aggregated Control:

Control of a single media stream. This is only possible in RTSP sessions with a single media.

Participant:

Member of a conference. A participant may be a machine, e.g., a playback server.

Presentation:

A set of one or more streams presented to the client as a complete media feed and described by a presentation description as defined below. Presentations with more than one media stream are often handled in RTSP under aggregate control.

Presentation description:

A presentation description contains information about one or more media streams within a presentation, such as the set of encodings, network addresses and information about the content. Other IETF protocols such as SDP ([RFC4566] (Handley, M., Jacobson, V., and C. Perkins, “SDP: Session Description Protocol,” July 2006.)) use the term "session" for a presentation. The presentation description may take several different formats, including but not limited to the session description protocol format, SDP.

Response:

An RTSP response. If an HTTP response is meant, that is indicated explicitly.

Request:

An RTSP request. If an HTTP request is meant, that is indicated explicitly.

Request-URI:

The URI used in a request to indicate the resource on which the request is to be performed.

RTSP agent:

Refers to either an RTSP client, an RTSP server, or an RTSP Proxy. In this specification, there are many capabilities that are common to these three entities such as the capability to send requests or receive responses. This term will be used when describing functionality that is applicable to all three of these entities.

RTSP session:

A stateful abstraction upon which the main control methods of RTSP operate. An RTSP session is a server entity; it is created, maintained and destroyed by the server. It is established by an RTSP server upon the completion of a successful SETUP request (when a 200 OK response is sent) and is labelled with a session identifier at that time. The session exists until timed out by the server or explicitly removed by a TEARDOWN request. An RTSP session is a stateful entity; an RTSP server maintains an explicit session state machine (see Appendix A) where most state transitions are triggered by client requests. The existence of a session implies the existence of state about the session's media streams and their respective transport mechanisms. A given session can have one or more media streams associated with it. An RTSP server uses the session to aggregate control over multiple media streams.

Transport initialization:

The negotiation of transport information (e.g., port numbers, transport protocols) between the client and the server.

URI:

Universal Resource Identifier, see [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.). The URIs used in RTSP are generally URLs as they give a location for the resource. As URLs are a subset of URIs, they will be referred to as URIs to cover also the cases when an RTSP URI would not be an URL.

URL:

Universal Resource Locator, is an URI which identifies the resource through its primary access mechanism, rather than identifying the resource by name or by some other attribute(s) of that resource.

1.5.  Media Properties

When RTSP handles media it is important to consider the different properties a media instance for playback can have. This specification considers the below listed media properties in its protocol operations. They are derived from the differencies between a number of supported usages.

On-demand:

Media that has a fixed (given) duration that doesn't change during the life time of the RTSP session and are known at the time of the creation of the session. It is expected that the content of the media will not change, even if the representation, i.e encoding, quality, etc, may change. Generally one can seek within the media i.e. randomly access any range of the media stream to playback.

Dynamic On-demand:

This is a variation of the on-demand case where external methods are used to manipulate the actual content of the media setup for the RTSP session. The main example is where a playlist determines the content of the session.

Live:

Live media represents a progressing content stream (such as broadcast TV) where the duration may or may not be known. It is not seakable, only the content presently being delivered can be accessed.

Live with Recording:

A Live stream that is combined with a server side capability to store and retain the content of the live session for random access playback within the part of the already recorded content. The actual behavior of the media stream is very much depending on the retention policy for the media stream. Either the server will be able to capture the complete media stream, or it will have a limitation in how much will be retained. The media range will dynamically change as the session progress. For servers with a limited amount of storage available for recording, there will be a sliding window that goes forwards while data is made available and content that is older than the limitation will be discarded.

Considering the above usages one get the following media properties and their different instance values.

1.5.1.  Random Access

Random Access, i.e. if one can request that the playback point is moved from one point in the media duration to another. The following different values are considered:

Random Access:

Yes the media are seekable to any out of a large number of points within the media. Due to media encoding limitations a particular point may not be reachable, but seeking to a point close by is enabled. A floating point number of seconds may be provied to express the worst case distance between random access points.

Return To Start:

Seeking is only possible to begining of the content.

No seeking:

Seeking is not possible at all.

1.5.2.  Retention

Media may have different retention policy in place that affect the operation on the media. The following different media retention policies are envisioned and taken into consideration where applicable.

Unlimited:

The media will not be removed as long as the RTSP session are in existence.

Time Limited:

The media will at least not be removed before given wall clock time. After that time it may or may not be available any more.

Duration limited

Each indiviudal unit of the media will be retained for the specified duration.

1.5.3.  Content Modifications

There is also the question of how the content may change during time for a give media resource:

Unmutable:

The content of the media will not change, even if the representation, i.e encoding, quality, etc, may change.

Dynamic:

Between explicit updates the media content will not change, but the content may change due to external methods or triggers, such as playlists.

Time Progressing:

As times progress new content will become available. If the content also is retained it will become longer and longer as everything between the start point and the point in currently being made available can be accessed.

1.5.4.  Mapping to the Attributes

This section exemplifies how one would map the above listed usages to the properties and their values.

On-demand:

Random Access: Random Access=5s, Content Modifications: Unmutable, Retention: unlimted or time limited.

Dynamic On-demand:

Random Access: Random Access=3s, Content Modifications: Dynamic, Retention: unlimted or time limited.

Live:

Random Access: No seeking, Content Modifications: Time Progressing, Retention: Duration limited=0.0s

Live with Recording:

Random Access: Random Access=3s, Content Modifications: Time Progressing, Retention: Duration limited=2H

2.  RTSP Introduction

2.1.  Protocol Properties

RTSP has the following properties:

Extendable:

New methods and parameters can be easily added to RTSP.

Secure:

RTSP re-uses web security mechanisms, either at the transport level (TLS, [RFC4346] (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.1,” April 2006.)) or within the protocol itself. All HTTP authentication mechanisms such as basic ([RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.)) and digest authentication ([RFC2617] (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.)) are directly applicable.

Transport-independent:

RTSP does not preclude the use of unreliable datagram protocol (UDP) ([RFC0768] (Postel, J., “User Datagram Protocol,” August 1980.)) as it would be possible to implement application-level reliability. The use of a connectionless datagram protocol such as UDP requires additional definition that may be provided as extensions to the core RTSP specification. The reliable stream protocol TCP ([RFC0793] (Postel, J., “Transmission Control Protocol,” September 1981.)) and the secured reliable stream protocol TLS over TCP [RFC4346] (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.1,” April 2006.) are the currently defined transport protocols for RTSP messages.

Media-delivery protocol independent:

The operation of RTSP does not depend on the transport mechanism used to carry continuous media. While most real-time media will use RTP as a transport protocol, RTSP does not preclude the use of other protocols such as MPEG-2 [ISO.13818‑1.2000] (International Organization for Standardization, “Information technology - Generic coding of moving pictures and associated audio information: Systems,” December 2000.). The use of other protocols requires additional definition that may be provided as extensions to the core RTSP specification.

Multi-server capable:

Each media stream within a presentation can reside on a different server. The client automatically establishes several concurrent control sessions with the different media servers. Media synchronization in those cases is performed at the transport level.

Separation of stream control and conference initiation:

Stream control is divorced from inviting a media server to a conference. In particular, SIP [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) or H.323 [ITU.H323.1996] (International Telecommunications Union, “Visual telephone systems and equipment for local area networks which provide a non-guaranteed quality of service,” May 1996.) may be used to invite a server to a conference; however, the exact procedures are unspecified.

Suitable for professional applications:

RTSP supports frame- level accuracy through SMPTE time stamps to allow remote digital editing.

Presentation description neutral:

The protocol does not impose a particular presentation description or metafile format and can convey the type of format to be used. However, the presentation description is required to contain at least one RTSP URI.

Proxy and firewall friendly:

The protocol should be readily handled by both application and transport-layer (SOCKS [RFC1961] (McMahon, P., “GSS-API Authentication Method for SOCKS Version 5,” June 1996.)) firewalls. A firewall may need to understand the SETUP method to open a "hole" for the media stream.

HTTP-friendly:

Where sensible, RTSP reuses HTTP concepts, so that the existing infrastructure can be reused. This infrastructure includes PICS (Platform for Internet Content Selection [W3C.REC‑PICS‑services] (Miller, J., Resnick, P., and D. Singer, “Rating services and rating systems (and their machine readable descriptions),” October 1996.) [W3C.REC‑PICS‑labels] (Miller, J., Krauskopf, T., Resnick, P., and W. Treese, “PICS label distribution label syntax and communication protocols,” .)) for associating labels with content. However, RTSP does not just add methods to HTTP since controlling continuous media requires server state in most cases.

Appropriate server control:

If a client can start a stream, it needs to be able to stop a stream. Servers should not start streaming to clients in such a way that clients cannot stop the stream.

Transport negotiation:

The client can negotiate the transport method prior to actually needing to process a continuous media stream.

2.2.  RTSP's Relationship to HTTP

RTSP is intentionally similar in syntax and operation to HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) so that extension mechanisms to HTTP can in some cases also be applied to RTSP. However, RTSP differs in a number of important aspects from HTTP:

• RTSP introduces a number of new methods and has a different protocol identifier.
• RTSP has the notion of a session built into the protocol.
• An RTSP server needs to maintain state in almost all cases, as opposed to the stateless nature of HTTP.
• Both an RTSP server and client can issue requests.
• Data is usually carried out-of-band by a different protocol. Session descriptions returned in a DESCRIBE response (see Section 13.2 (DESCRIBE)) and interleaving of RTP with RTSP over TCP are exceptions to this rule (see Section 14 (Embedded (Interleaved) Binary Data)).
• RTSP is defined to use ISO 10646 (UTF-8) rather than ISO 8859-1, consistent with HTML internationalization efforts [RFC2070] (Yergeau, F., Nicol, G., Adams, G., and M. Duerst, “Internationalization of the Hypertext Markup Language,” January 1997.).
• The Request-URI always contains the absolute URI. Because of backward compatibility with a historical blunder, HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) carries only the absolute path in the request and puts the host name in a separate header field.
  This makes "virtual hosting" easier, where a single host with one IP address hosts several document trees.

2.3.  Extending RTSP

Since not all media servers have the same functionality, media servers by necessity will support different sets of requests. For example:

• A server may not be capable of seeking (absolute positioning) if it is to support live events only.
• Some servers may not support setting stream parameters and thus not support GET_PARAMETER and SET_PARAMETER.
• Some server may support an RTSP extension.

It is up to the creators of presentation descriptions not to ask the impossible of a server. This situation is similar in HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.), where the methods described in [H19.5] are not likely to be supported across all servers.

RTSP can be extended in three ways, listed here in order of the magnitude of changes supported:

• Existing methods can be extended with new parameters, e.g. headers, as long as these parameters can be safely ignored by the recipient. If the client needs negative acknowledgement when a method extension is not supported, a tag corresponding to the extension may be added in the field of the Require or Proxy-Require headers (see Section 16.35 (Proxy-Require)).
• New methods can be added. If the recipient of the message does not understand the request, it MUST respond with error code 501 (Not Implemented) so that the sender can avoid using this method again. A client may also use the OPTIONS method to inquire about methods supported by the server. The server MUST list the methods it supports using the Public response header.
• A new version of the protocol can be defined, allowing almost all aspects (except the position of the protocol version number) to change. A new version of the protocol MUST be registered through an IETF standard track document.

The basic capability discovery mechanism can be used to both discover support for a certain feature and to ensure that a feature is available when performing a request. For detailed explanation of this see Section 11 (Capability Handling).

2.4.  Overall Operation

Each presentation and media stream is identified by an RTSP URI. The overall presentation and the properties of the media the presentation is composed of are defined by a presentation description file, the format of which is outside the scope of this specification. The presentation description file may be obtained by the client using HTTP or other means such as email and may not necessarily be stored on the media server.

For the purposes of this specification, a presentation description is assumed to describe one or more presentations, each of which maintains a common time axis. For simplicity of exposition and without loss of generality, it is assumed that the presentation description contains exactly one such presentation. A presentation may contain several media streams.

The presentation description file contains a description of the media streams making up the presentation, including their encodings, language, and other parameters that enable the client to choose the most appropriate combination of media. In this presentation description, each media stream that is individually controllable by RTSP is identified by an RTSP URI, which points to the media server handling that particular media stream and names the stream stored on that server. Several media streams can be located on different servers; for example, audio and video streams can be split across servers for load sharing. The description also enumerates which transport methods the server is capable of.

Besides the media parameters, the network destination address and port need to be determined. Several modes of operation can be distinguished:

Unicast:

The media is transmitted to the source of the RTSP request or the requested destination, with the port number chosen by the client. Alternatively, the media is transmitted on the same reliable stream as RTSP.

Multicast, server chooses address:

The media server picks the multicast address and port. This is the typical case for a live or near-media-on-demand transmission.

Multicast, client chooses address:

If the server is to participate in an existing multicast conference, the multicast address, port and encryption key are given by the conference description, established by means outside the scope of this specification, for example by a SIP created conference.

2.5.  RTSP States

RTSP controls a stream which may be sent via a separate protocol, independent of the control channel. For example, RTSP control may be transported on a TCP connection while the media data is conveyed via UDP. Thus, data delivery continues even if no RTSP requests are received by the media server. Also, during its lifetime a single media stream may be controlled by RTSP requests issued sequentially on different TCP connections. Therefore, the server needs to maintain "session state" to be able to correlate RTSP requests with a stream. The state transitions are described in Appendix A.

Many methods in RTSP do not contribute to state. However, the following play a central role in defining the allocation and usage of stream resources on the server: SETUP, PLAY, PAUSE, REDIRECT, and TEARDOWN.

SETUP:

Causes the server to allocate resources for a stream and create an RTSP session.

PLAY:

Starts data transmission on a stream allocated via SETUP.

PAUSE:

Temporarily halts a stream without freeing server resources.

REDIRECT:

Indicates that the session should be moved to a new server or location

TEARDOWN:

Frees resources associated with the stream. The RTSP session ceases to exist on the server.

RTSP methods that contribute to state use the Session header field (Section 16.49 (Supported)) to identify the RTSP session whose state is being manipulated. The server generates session identifiers in response to SETUP requests (Section 13.3 (SETUP)).

2.6.  Relationship with Other Protocols

RTSP has some overlap in functionality with HTTP. It also may interact with HTTP in that the initial contact with streaming content will often be made through a web page. The current protocol specification aims to allow different hand-off points between a web server and the media server implementing RTSP. For example, the presentation description can be retrieved using HTTP or RTSP, which reduces round trips in web-browser-based scenarios, yet also allows for stand alone RTSP servers and clients which do not rely on HTTP at all. However, RTSP differs fundamentally from HTTP in that most data delivery takes place out-of-band in a different protocol. HTTP is an asymmetric protocol where the client issues requests and the server responds. In RTSP, both the media client and media server can issue requests. RTSP requests are also stateful; they may set parameters and continue to control a media stream long after the request has been acknowledged.

Re-using HTTP functionality has advantages in at least two areas, namely security and proxies. The requirements are very similar, so having the ability to adopt HTTP work on caches, proxies and authentication is valuable.

RTSP assumes the existence of a presentation description format that can express both static and temporal properties of a presentation containing several media streams. Session Description Protocol (SDP) [RFC4566] (Handley, M., Jacobson, V., and C. Perkins, “SDP: Session Description Protocol,” July 2006.) is generally the format of choice; however, RTSP is not bound to it. For data delivery, most real-time media will use RTP as a transport protocol. While RTSP works well with RTP, it is not tied to RTP.

3.  RTSP Use Cases

This section describes the most important and considered use cases for RTSP. They are listed in descending order of importance in regards to ensuring that all necessary functionality is present. This specification only fully supports usage of the two first. Also in these first two cases, there are special cases or exceptions that are not supported without extensions, e.g. the redirection of media to another address than the controlling entity.

3.1.  On-demand Playback of Stored Content

An RTSP capable server stores content suitable for being streamed to a client. A client desiring playback of any of the stored content uses RTSP to set up the media transport required to deliver the desired content. RTSP is then used to initiate, halt and manipulate the actual transmission (playout) of the content. RTSP is also required to provide necessary description and synchronization information for the content.

The above high level description can be broken down into a number of functions that RTSP needs to be capable of.

Presentation Description:

Provide initialization information about the presentation (content); for example, which media codecs are needed for the content. Other information that is important includes the number of media stream the presentation contains, the transport protocols used for the media streams, and identifiers for these media streams. This information is required before setup of the content is possible and to determine if the client is even capable of using the content.
This information need not be sent using RTSP; other external protocols can be used to transmit the transport presentation descriptions. Two good examples are the use of HTTP [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) or email to fetch or receive presentation descriptions like SDP [RFC4566] (Handley, M., Jacobson, V., and C. Perkins, “SDP: Session Description Protocol,” July 2006.)

Setup:

Set up some or all of the media streams in a presentation. The setup itself consist of selecting the protocol for media transport and the necessary parameters for the protocol, like addresses and ports.

Control of Transmission:

After the necessary media streams have been established the client can request the server to start transmitting the content. The client must be allowed to start or stop the transmission of the content at arbitrary times. The client must also be able to start the transmission at any point in the timeline of the presentation.

Synchronization:

For media transport protocols like RTP [RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) it might be beneficial to carry synchronization information within RTSP. This may be due to either the lack of inter-media synchronization within the protocol itself, or the potential delay before the synchronization is established (which is the case for RTP when using RTCP).

Termination:

Terminate the established contexts.

For this use case there are a number of assumptions about how it works. These are:

On-Demand content:

The content is stored at the server and can be accessed at any time during a time period when it is intended to be available.

Independent sessions:

A server is capable of serving a number of clients simultaneously, including from the same piece of content at different points in that presentations time-line.

Unicast Transport:

Content for each individual client is transmitted to them using unicast traffic.

It is also possible to redirect the media traffic to a different destination than that of the entity controlling the traffic. However, allowing this without appropriate mechanisms for checking that the destination approves of this allows for distributed denial of service attacks (DDoS).

3.2.  Unicast distribution of Live Content

This use cases is similar to the above on-demand content case (see Section 3.1 (On-demand Playback of Stored Content)) the difference is the nature of the content itself. Live content is continuously distributed as it becomes available from a source; i.e., the main difference from on-demand is that one starts distributing content before the end of it has become available to the server.

In many cases the consumer of live content is only interested in consuming what is actually happens "now"; i.e., very similar to broadcast TV. However in this case it is assumed that there exist no broadcast or multicast channel to the users, and instead the server functions as a distribution node, sending the same content to multiple receivers, using unicast traffic between server and client. This unicast traffic and the transport parameters are individually negotiated for each receiving client.

Another aspect of live content is that it often has a very limited time of availability, as it is only is available for the duration of the event the content covers. An example of such a live content could be a music concert which lasts 2 hour and starts at a predetermined time. Thus there is need to announce when and for how long the live content is available.

In some cases, the server providing live content may be saving some or all of the content to allow clients to pause the stream and resume it from the paused point, or to "rewind" and play continuously from a point earlier than the live point. Hence, this use case does not necessarily exclude playing from other than the live point of the stream, playing with scales other than 1.0, etc.

3.3.  On-demand Playback using Multicast

It is possible to use RTSP to request that media be delivered to a multicast group. The entity setting up the session (the controller) will then control when and what media is delivered to the group. This use case has some potential for denial of service attacks by flooding a multicast group. Therefore, a mechanism is needed to indicate that the group actually accepts the traffic from the RTSP server.

An open issue in this use case is how one ensures that all receivers listening to the multicast or broadcast receives the session presentation configuring the receivers. This memo has to rely on a external solution to solve this issue.

3.4.  Inviting an RTSP server into a conference

If one has an established conference or group session, it is possible to have an RTSP server distribute media to the whole group. Transmission to the group is simplest when controlled by a single participant or leader of the conference. Shared control might be possible, but would require further investigation and possibly extensions.

This use case assumes that there exists either multicast or a conference focus that redistribute media to all participants.

This use case is intended to be able to handle the following scenario: A conference leader or participant (hereafter called the controller) has some pre-stored content on an RTSP server that he wants to share with the group. The controller sets up an RTSP session at the streaming server for this content and retrieves the session description for the content. The destination for the media content is set to the shared multicast group or conference focus. When desired by the controller, he/she can start and stop the transmission of the media to the conference group.

There are several issues with this use case that are not solved by this core specification for RTSP:

Denial of service:

To avoid an RTSP server from being an unknowing participant in a denial of service attack the server needs to be able to verify the destination's acceptance of the media. Such a mechanism to verify the approval of received media does not yet exist; instead, only policies can be used, which can be made to work in controlled environments.

Distributing the presentation description to all participants in the group:

To enable a media receiver to correctly decode the content the media configuration information needs to be distributed reliably to all participants. This will most likely require support from an external protocol.

Passing control of the session:

If it is desired to pass control of the RTSP session between the participants, some support will be required by an external protocol to exchange state information and possibly floor control of who is controlling the RTSP session.

If there interest in this use case, further work is required on the necessary extensions.

3.5.  Live Content using Multicast

This use case in its simplest form does not require any use of RTSP at all; this is what multicast conferences being announced with SAP (Handley, M., Perkins, C., and E. Whelan, “Session Announcement Protocol,” October 2000.) [RFC2974] and SDP are intended to handle. However in use cases where more advanced features like access control to the multicast session are desired, RTSP could be used for session establishment.

A client desiring to join a live multicasted media session with cryptographic (encryption) access control could use RTSP in the following way. The source of the session announces the session and gives all interested an RTSP URI. The client connects to the server and requests the presentation description, allowing configuration for reception of the media. In this step it is possible for the client to use secured transport and any desired level of authentication; for example, for billing or access control. An RTSP link also allows for load balancing between multiple servers.

If these were the only goals, they could be achieved by simply using HTTP. However, for cases where the sender likes to keep track of each individual receiver of a session, and possibly use the session as a side channel for distributing key-updates or other information on a per-receiver basis, and the full set of receivers is not know prior to the session start, the state establishment that RTSP provides can be beneficial. In this case a client would establish an RTSP session for this multicast group with the RTSP server. The RTSP server will not transmit any media, but instead will point to the multicast group. The client and server will be able to keep the session alive for as long as the receiver participates in the session thus enabling, for example, the server to push updates to the client.

This use case will most likely not be able to be implemented without some extensions to the server-to-client push mechanism. Here the PLAY_NOTIFY method (see Section 13.5 (PLAY_NOTIFY)) with a suitable extension could provide clear benefits.

4.  Protocol Parameters

4.1.  RTSP Version

HTTP specification section [H3.1] applies, with "HTTP" replaced by "RTSP". This specification defines version 2.0 of RTSP.

4.2.  RTSP IRI and URI

RTSP 2.0 defines and registers three URI schemas "rtsp", "rtsps" and "rtspu". The usage of the last, "rtspu", is unspecified in RTSP 2.0, and is defined here to register and reserve the URI scheme that is defined in RTSP 1.0. The "rtspu" scheme indicates undefined transport of the RTSP messages over unreliable transport (UDP). The syntax of "rtsp" and "rtsps" URIs has been changed from RTSP 1.0.

This specification also defines the format of the RTSP IRI [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.) that can be used as RTSP resource identifiers and locators, in web pages, user interfaces, on paper, etc. However, the RTSP request message format only allows usage of the absolute URI format. The RTSP IRI format SHALL use the rules and transformation for IRIs defined in [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.). This way RTSP 2.0 URIs for request can be produced from an RTSP IRI.

The RTSP IRI and URI are both syntax restricted compared to the generic syntax defined in [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) and RFC [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.):

• An absolute URI requires the authority part; i.e., a host identity must be provided.
• Parameters in the path element are prefixed with the reserved separator ";".

The RTSP URI and IRI is case sensitive, with the exception of those parts that [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) and [RFC3987] (Duerst, M. and M. Suignard, “Internationalized Resource Identifiers (IRIs),” January 2005.) defines as case-insensitive; for example, the scheme and host part.

The fragment identifier is used as defined in sections 3.5 and 4.3 of [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.), i.e. the fragment is to be stripped from the URI by the requestor and not included in the request. The user agent also needs to interpret the value of the fragment based on the media type the request relates to; i.e., the media type indicated in Content-Type header in the response to DESCRIBE.

The syntax of any URI query string is unspecified and responder (usually the server) specific. The query is, from the requestor's perspective, an opaque string and needs to be handled as such.

The URI scheme "rtsp" requires that commands are issued via a reliable protocol (within the Internet, TCP), while the scheme "rtsps" identifies a reliable transport using secure transport (TLS [RFC4346] (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.1,” April 2006.), see (Section 19 (Security Framework)).

For the scheme "rtsp", if no port number is provided in the authority part of the URI port number 554 SHALL be used. For the scheme "rtsps", the TCP port 322 is registered and SHALL be assumed.

A presentation or a stream is identified by a textual media identifier, using the character set and escape conventions of URIs [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.). URIs may refer to a stream or an aggregate of streams; i.e., a presentation. Accordingly, requests described in (Section 13 (Method Definitions)) can apply to either the whole presentation or an individual stream within the presentation. Note that some request methods can only be applied to streams, not presentations, and vice versa.

For example, the RTSP URI:

rtsp://media.example.com:554/twister/audiotrack

may identify the audio stream within the presentation "twister", which can be controlled via RTSP requests issued over a TCP connection to port 554 of host media.example.com.

Also, the RTSP URI:

rtsp://media.example.com:554/twister

identifies the presentation "twister", which may be composed of audio and video streams, but could also be something else like a random media redirector.

This does not imply a standard way to reference streams in URIs. The presentation description defines the hierarchical relationships in the presentation and the URIs for the individual streams. A presentation description may name a stream "a.mov" and the whole presentation "b.mov".

The path components of the RTSP URI are opaque to the client and do not imply any particular file system structure for the server.

This decoupling also allows presentation descriptions to be used with non-RTSP media control protocols simply by replacing the scheme in the URI.

4.3.  Session Identifiers

Session identifiers are strings of any arbitrary length but with a minimum length of 8 characters. A session identifier MUST be chosen cryptographically random (see [RFC4086] (Eastlake, D., Schiller, J., and S. Crocker, “Randomness Requirements for Security,” June 2005.)) and MUST be at least 8 characters long (can contain a maximum of 48 bits of entropy) to make guessing it more difficult. It is RECOMMENDED that it contains 128 bits of entropy, i.e. approxamitely 22 characters from a high quality generator. (see Section 21 (Security Considerations).) However, it needs to be noted that the session identifier does not provide any security against session hijacking unless it is kept confidential between client, server and trusted proxies.

4.4.  SMPTE Relative Timestamps

A SMPTE relative timestamp expresses time relative to the start of the clip. Relative timestamps are expressed as SMPTE time codes for frame-level access accuracy. The time code has the format

hours:minutes:seconds:frames.subframes,

with the origin at the start of the clip. The default smpte format is "SMPTE 30 drop" format, with frame rate is 29.97 frames per second. Other SMPTE codes MAY be supported (such as "SMPTE 25") through the use of alternative use of "smpte-type". For SMPTE 30, the "frames" field in the time value can assume the values 0 through 29. The difference between 30 and 29.97 frames per second is handled by dropping the first two frame indices (values 00 and 01) of every minute, except every tenth minute. If the frame and the subframe values are zero, they may be omitted. Subframes are measured in one-hundredth of a frame.

Examples:

  smpte=10:12:33:20-
  smpte=10:07:33-
  smpte=10:07:00-10:07:33:05.01
  smpte-25=10:07:00-10:07:33:05.01

4.5.  Normal Play Time

Normal play time (NPT) indicates the stream absolute position relative to the beginning of the presentation, not to be confused with the Network Time Protocol (NTP) [RFC1305] (Mills, D., “Network Time Protocol (Version 3) Specification, Implementation,” March 1992.). The timestamp consists of a decimal fraction. The part left of the decimal may be expressed in either seconds or hours, minutes, and seconds. The part right of the decimal point measures fractions of a second.

The beginning of a presentation corresponds to 0.0 seconds. Negative values are not defined. The special constant "now" is defined as the current instant of a live event. It MAY only be used for live events, and SHALL NOT be used for on-demand (i.e., non-live) content.

NPT is defined as in DSM-CC [ISO.13818‑6.1995] (International Organization for Standardization, “Information technology - Generic coding of moving pictures and associated audio information - part 6: Extension for digital storage media and control,” November 1995.): "Intuitively, NPT is the clock the viewer associates with a program. It is often digitally displayed on a VCR. NPT advances normally when in normal play mode (scale = 1), advances at a faster rate when in fast scan forward (high positive scale ratio), decrements when in scan reverse (high negative scale ratio) and is fixed in pause mode. NPT is (logically) equivalent to SMPTE time codes."

Examples:

  npt=123.45-125
  npt=12:05:35.3-
  npt=now-

The syntax conforms to ISO 8601 [ISO.8601.2000] (International Organization for Standardization, “Data elements and interchange formats - Information interchange - Representation of dates and times,” December 2000.). The npt-sec notation is optimized for automatic generation, the npt-hhmmss notation for consumption by human readers. The "now" constant allows clients to request to receive the live feed rather than the stored or time-delayed version. This is needed since neither absolute time nor zero time are appropriate for this case.

4.6.  Absolute Time

Absolute time is expressed as ISO 8601 [ISO.8601.2000] (International Organization for Standardization, “Data elements and interchange formats - Information interchange - Representation of dates and times,” December 2000.) timestamps, using UTC (GMT). Fractions of a second may be indicated.

Example for November 8, 1996 at 14h37 and 20 and a quarter seconds UTC:

  19961108T143720.25Z

4.7.  Feature-tags

Feature-tags are unique identifiers used to designate features in RTSP. These tags are used in Require (Section 16.42 (Require)), Proxy-Require (Section 16.35 (Proxy-Require)), Proxy-Supported (Section 16.36 (Proxy-Supported)), and Unsupported (Section 16.52 (Unsupported)) header fields.

A feature-tag definition MUST indicate which combination of clients, servers or proxies they applies to.

The creator of a new RTSP feature-tag should either prefix the feature-tag with a reverse domain name (e.g., "com.example.mynewfeature" is an apt name for a feature whose inventor can be reached at "example.com"), or register the new feature-tag with the Internet Assigned Numbers Authority (IANA) (see IANA Section 22 (IANA Considerations)).

The usage of feature-tags is further described in Section 11 (Capability Handling) that deals with capability handling.

4.8.  Entity Tags

Entity tags are opaque strings that are used to compare two entities from the same resource, for example in caches or to optimize setup after a redirect. Further explanation is present in [H3.11]. For an explanation of how to compare entity tags see [H13.3]. Entity tags can be carried in the ETag header (see Section 16.21 (ETag)) or in SDP (see Appendix D.1.9 (Entity Tag)).

Entity tags are used in RTSP to make some methods conditional. The methods are made conditional through the inclusion of headers, see Section 16.24 (If-Match) and Section 16.26 (If-None-Match). Note that RTSP entity tags apply to the complete presentation; i.e., both the session description and the individual media streams. Thus entity tags can be used to verify at setup time after a redirect that the same session description applies to the media at the new location using the If-Match header.

5.  RTSP Message

RTSP is a text-based protocol and uses the ISO 10646 character set in UTF-8 encoding (RFC 3629 [RFC3629] (Yergeau, F., “UTF-8, a transformation format of ISO 10646,” November 2003.)). Lines SHALL be terminated by CRLF.

Text-based protocols make it easier to add optional parameters in a self-describing manner. Since the number of parameters and the frequency of commands is low, processing efficiency is not a concern. Text-based protocols, if done carefully, also allow easy implementation of research prototypes in scripting languages such as Tcl, Visual Basic and Perl.

The ISO 10646 character set avoids tricky character set switching, but is invisible to the application as long as US-ASCII is being used. This is also the encoding used for RTCP (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) [RFC3550]. ISO 8859-1 translates directly into Unicode with a high-order octet of zero. ISO 8859-1 characters with the most-significant bit set are represented as 1100001x 10xxxxxx. (See RFC 3629 [RFC3629] (Yergeau, F., “UTF-8, a transformation format of ISO 10646,” November 2003.))

Requests contain methods, the object the method is operating upon and parameters to further describe the method. Methods are idempotent unless otherwise noted. Methods are also designed to require little or no state maintenance at the media server.

5.1.  Message Types

RTSP messages consist of requests from client to server or server to client and responses in the reverse direction. Request Section 7 (Request) and Response Section 8 (Response) messages use the generic message format of RFC 822 [9] for transferring entities (the payload of the message). Both types of message consist of a start-line, zero or more header fields (also known as "headers"), an empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the header fields, and possibly a message-body.

generic-message = start-line
                *(message-header CRLF)
                  CRLF
                [ message-body ]
start-line = Request-Line | Status-Line

In the interest of robustness, servers SHOULD ignore any empty line(s) received where a Request-Line is expected. In other words, if the server is reading the protocol stream at the beginning of a message and receives a CRLF first, it should ignore the CRLF.

5.2.  Message Headers

See [H4.2].

5.3.  Message Body

See [H4.3].

Unlike HTTP, the presence of a message-body in either a request or a response MUST be signaled by the inclusion of a Content-Length header field (see Section 16.16 (Content-Length)).

5.4.  Message Length

When a message body is included with a message, the length of that body is determined by one of the following (in order of precedence):

1. Any response message which MUST NOT include a message body (such as the 1xx, 204, and 304 responses) is always terminated by the first empty line after the header fields, regardless of the entity-header fields present in the message. (Note: An empty line is a line with nothing preceding the CRLF.)
2. If a Content-Length header field (Section 16.16 (Content-Length)) is present, its value in bytes represents the length of the message-body. If this header field is not present, a value of zero is assumed.

Unlike an HTTP message, an RTSP message MUST contain a Content-Length header field whenever it contains a message body. Note that RTSP does not support the HTTP/1.1 "chunked" transfer coding (see [H3.6.1]).

Given the moderate length of presentation descriptions returned, the server should always be able to determine its length, even if it is generated dynamically, making the chunked transfer encoding unnecessary.

6.  General Header Fields

See [H4.5], except that the Pragma, Trailer, Transfer-Encoding, Upgrade, and Warning headers are not defined. RTSP further defines the CSeq, Pipelined-Requests, Proxy-Supported and Timestamp headers. The general headers are listed in Table 1 (The general headers used in RTSP):

7.  Request

A request message uses the format outlined below regardless of the direction of a request, client to server or server to client:

• Request line, containing the method to be applied to the resource, the identifier of the resource, and the protocol version in use;
• Zero or more Header lines, that can be of the following types: general (Section 6 (General Header Fields)), request (Section 7.2 (Request Header Fields)), or entity (Section 9.1 (Entity Header Fields));
• One empty line (CRLF) to indicate the end of the header section;
• Optionally a message body (entity), consisting of one or more lines. The length of the message body in bytes is indicated by the Content-Length entity header.

7.1.  Request Line

The request line provides the key information about the request: what method, on what resources and using which RTSP version. The methods that are defined by this specification are listed in Table 2 (The RTSP Methods).

The syntax of the RTSP request line is the following:

<Method> <Request-URI> <RTSP-Version> CRLF

Note: This syntax cannot be freely changed in future versions of RTSP. This line needs to remain parsable by older RTSP implementations since it indicates the RTSP version of the message.

In contrast to HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.), RTSP requests identify the resource through an absolute RTSP URI (scheme, host, and port) (see Section 4.2 (RTSP IRI and URI)) rather than just the absolute path.

HTTP/1.1 requires servers to understand the absolute URI, but clients are supposed to use the Host request header. This is purely needed for backward-compatibility with HTTP/1.0 servers, a consideration that does not apply to RTSP.

An asterisk "*" can be used instead of an absolute URI in the Request-URI part to indicate that the request does not apply to a particular resource, but to the server or proxy itself, and is only allowed when the request method does not necessarily apply to a resource.

For example:

OPTIONS * RTSP/2.0

An OPTIONS in this form will determine the capabilities of the server or the proxy that first receives the request. If the capability of the specific server needs to be determined, without regard to the capability of an intervening proxy, the server should be addressed explicitly with an absolute URI that contains the server's address.

For example:

OPTIONS rtsp://example.com RTSP/2.0

7.2.  Request Header Fields

The RTSP headers in Table 3 (The RTSP request headers) can be included in a request, as request headers, to modify the specifics of the request. Some of these headers may also be used in the response to a request, as response headers, to modify the specifics of a response (Section 8.2 (Response Header Fields)).

New request headers may be defined. If the receiver of the request is required to understand the request header, the request MUST include a corresponding feature tag in a Require or Proxy-Require header to ensure the processing of the header. actually happens.

8.  Response

[H6] applies except that HTTP-Version is replaced by RTSP-Version. Also, RTSP defines additional status codes and does not define some of the HTTP codes. The valid response codes and the methods they can be used with are listed in Table 4 (Status codes and their usage with RTSP methods).

After receiving and interpreting a request message, the recipient responds with an RTSP response message.

8.1.  Status-Line

The first line of a Response message is the Status-Line, consisting of the protocol version followed by a numeric status code and the textual phrase associated with the status code, with each element separated by SP characters. No CR or LF is allowed except in the final CRLF sequence.

<RTSP-Version> SP <Status-Code> SP <Reason-Phrase> CRLF

8.1.1.  Status Code and Reason Phrase

The Status-Code element is a 3-digit integer result code of the attempt to understand and satisfy the request. These codes are fully defined in Section 15 (Status Code Definitions). The Reason-Phrase is intended to give a short textual description of the Status-Code. The Status-Code is intended for use by automata and the Reason-Phrase is intended for the human user. The client is not required to examine or display the Reason-Phrase.

The first digit of the Status-Code defines the class of response. The last two digits do not have any categorization role. There are 5 values for the first digit:

1xx:

Informational - Request received, continuing process

2xx:

Success - The action was successfully received, understood, and accepted

3rr:

Redirection - Further action needs to be taken in order to complete the request

4xx:

Client Error - The request contains bad syntax or cannot be fulfilled

5xx:

Server Error - The server failed to fulfill an apparently valid request

The individual values of the numeric status codes defined for RTSP/2.0, and an example set of corresponding Reason-Phrases, are presented in Table 4 (Status codes and their usage with RTSP methods). The reason phrases listed here are only recommended; they may be replaced by local equivalents without affecting the protocol. Note that RTSP adopts most HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) status codes and adds RTSP-specific status codes starting at x50 to avoid conflicts with newly defined HTTP status codes.

RTSP status codes are extensible. RTSP applications are not required to understand the meaning of all registered status codes, though such understanding is obviously desirable. However, applications MUST understand the class of any status code, as indicated by the first digit, and treat any unrecognized response as being equivalent to the x00 status code of that class, with the exception that an unrecognized response MUST NOT be cached. For example, if an unrecognized status code of 431 is received by the client, it can safely assume that there was something wrong with its request and treat the response as if it had received a 400 status code. In such cases, user agents SHOULD present to the user the entity returned with the response, since that entity is likely to include human-readable information which will explain the unusual status.

8.2.  Response Header Fields

The response-header fields allow the request recipient to pass additional information about the response which cannot be placed in the Status-Line. These header fields give information about the server and about further access to the resource identified by the Request-URI. All headers currently classified as response headers are listed in Table 5 (The RTSP response headers).

9.  Entity

Request and Response messages MAY transfer an entity if not otherwise restricted by the request method or response status code. An entity consists of entity-header fields and an entity-body, although some responses will only include the entity-headers.

The SET_PARAMETER and GET_PARAMETER request and response, and DESCRIBE response MAY have an entity. All 4xx and 5xx responses MAY also have an entity.

In this section, both sender and recipient refer to either the client or the server, depending on who sends and who receives the entity.

9.1.  Entity Header Fields

Entity-header fields define meta-information about the entity-body or, if no body is present, about the resource identified by the request. The entity header fields are listed in Table 6 (The RTSP entity headers).

9.2.  Entity Body

See [H7.2] with the addition that an RTSP message with an entity body MUST include the Content-Type and Content-Length headers.

10.  Connections

RTSP requests can be transmitted using the two different connection scenarios listed below:

• persistent - a transport connection is used for several request/response transactions;
• transient - a transport connection is used for a single request/response transaction.

RFC 2326 attempted to specify an optional mechanism for transmitting RTSP messages in connectionless mode over a transport protocol such as UDP. However, it was not specified in sufficient detail to allow for interoperable implementations. In an attempt to reduce complexity and scope, and due to lack of interest, RTSP 2.0 does not attempt to define a mechanism for supporting RTSP over UDP or other connectionless transport protocols. A side-effect of this is that RTSP requests SHALL NOT be sent to multicast groups since no connection can be established with a specific receiver in multicast environments.

Certain RTSP headers, such as the CSeq header (Section 16.19 (CSeq)), which may appear to be relevant only to connectionless transport scenarios are still retained and must be implemented according to the specification. In the case of CSeq, it is quite useful for matching responses to requests if the requests are pipelined (see Section 12 (Pipelining Support)). It is also useful in proxies for keeping track of the different requests when aggregating several client requests on a single TCP connection.

10.1.  Reliability and Acknowledgements

When RTSP messages are transmitted using reliable transport protocols, they MUST NOT be retransmitted at the RTSP protocol level. Instead, the implementation must rely on the underlying transport to provide reliability. The RTSP implementation may use any indication of reception acknowledgement of the message from the underlying transport protocols to optimize the RTSP behavior.

If both the underlying reliable transport such as TCP and the RTSP application retransmit requests, each packet loss or message loss may result in two retransmissions. The receiver typically cannot take advantage of the application-layer retransmission since the transport stack will not deliver the application-layer retransmission before the first attempt has reached the receiver. If the packet loss is caused by congestion, multiple retransmissions at different layers will exacerbate the congestion.

Lack of acknowledgement of an RTSP request should be handled within the constraints of the connection timeout considerations described below (Section 10.4 (Timing Out Connections and RTSP Messages)).

10.2.  Using Connections

A TCP transport can be used for both persistent connections (for several message exchanges) and transient connections (for a single message exchange). Implementations of this specification MUST support RTSP over TCP. The scheme of the RTSP URI (Section 4.2 (RTSP IRI and URI)) indicates the default port that the server will listen on.

A server MUST handle both persistent and transient connections.

Transient connections facilitate mechanisms for fault tolerance. They also allow for application layer mobility. A server and client pair that support transient connections can survive the loss of a TCP connection; e.g., due to a NAT timeout. When the client has discovered that the TCP connection has been lost, it can set up a new one when there is need to communicate again.

A persistent connection MAY be used for all transactions between the server and client, including messages for multiple RTSP sessions. However a persistent connection MAY also be closed after a few message exchanges. For example, a client may use a persistent connection for the initial SETUP and PLAY message exchanges in a session and then close the connection. Later, when the client wishes to send a new request, such as a PAUSE for the session, a new connection would be opened. This connection may either be transient or persistent.

An RTSP agent SHOULD NOT have more than one connection to the server at any given point. If a client or proxy handles multiple RTSP sessions on the same server, it SHOULD use only one connection for managing those sessions.

This saves connection resources on the server. It also reduces complexity by and enabling the server to maintain less state about its sessions and connections.

Unlike HTTP, RTSP allows a server to send requests to a client. However, this can be supported only if a client establishes a persistent connection with the server. In cases where a persistent connection does not exist between a server and its client, due to the lack of a signalling channel the server may be forced to drop an RTSP session without notifying the client. An example of such a case is when the server desires to send a REDIRECT request for an RTSP session to the client but is not able to do so because it cannot reach the client.

Without a persistent connection between the client and the server, the media server has no reliable way of reaching the client. Also, this is the only way that requests from a server to its client are likely to traverse firewalls.

In light of the above, it is RECOMMENDED that clients use persistent connections whenever possible. A client that supports persistent connections MAY "pipeline" its requests (see Section 12 (Pipelining Support)).

10.3.  Closing Connections

The client MAY close a connection at any point when no outstanding request/response transactions exist for any RTSP session being managed through the connection. The server, however, SHOULD NOT close a connection until all RTSP sessions being managed through the connection have been timed out (Section 16.48 (Session)). A server SHOULD NOT close a connection immediately after responding to a session-level TEARDOWN request for the last RTSP session being controlled through the connection. Instead, it should wait for a reasonable amount of time for the client to receive the TEARDOWN response, take appropriate action, and initiate the connection closing. The server SHOULD wait at least 10 seconds after sending the TEARDOWN response before closing the connection.

This is to ensure that the client has time to issue a SETUP for a new session on the existing connection after having torn the last one down. 10 seconds should give the client ample opportunity get its message to the server.

A server SHOULD NOT close the connection directly as a result of responding to a request with an error code.

Certain error responses such as "460 Only Aggregate Operation Allowed" (Section 15.4.12 (460 Only Aggregate Operation Allowed)) are used for negotiating capabilities of a server with respect to content or other factors. In such cases, it is inefficient for the server to close a connection on an error response. Also, such behavior would prevent implementation of advanced/special types of requests or result in extra overhead for the client when testing for new features. On the flip side, keeping connections open after sending an error response poses a Denial of Service security risk (Section 21 (Security Considerations)).

If a server closes a connection while the client is attempting to send a new request, the client will have to close its current connection, establish a new connection and send its request over the new connection.

An RTSP message should not be terminated by closing the connection. Such a message MAY be considered to be incomplete by the receiver and discarded. An RTSP message is properly terminated as defined in Section 5 (RTSP Message).

10.4.  Timing Out Connections and RTSP Messages

Receivers of a request (responder) SHOULD respond to requests in a timely manner even when a reliable transport such as TCP is used. Similarly, the sender of a request (requestor) SHOULD wait for a sufficient time for a response before concluding that the responder will not be acting upon its request.

A responder SHOULD respond to all requests within 5 seconds. If the responder recognizes that processing of a request will take longer than 5 seconds, it SHOULD send a 100 (Continue) response as soon as possible. It SHOULD continue sending a 100 response every 5 seconds thereafter until it is ready to send the final response to the requestor. After sending a 100 response, the receiver MUST send a final response indicating the success or failure of the request.

A requestor SHOULD wait at least 10 seconds for a response before concluding that the responder will not be responding to its request. After receiving a 100 response, the requestor SHOULD continue waiting for further responses. If more than 10 seconds elapses without receiving any response, the requestor MAY assume that the responder is unresponsive and abort the connection.

A requestor SHOULD wait longer than 10 seconds for a response if it is experiencing significant transport delays on its connection to the responder. The requestor is capable of determining the RTT of the request/response cycle using the Timestamp header (Section 16.50 (Timestamp)) in any RTSP request.

10.5.  Showing Liveness

The mechanisms for showing liveness of the client is, any RTSP request with a Session header, if RTP & RTCP is used an RTCP message, or through any other used media protocol capable of indicating liveness of the RTSP client. It is RECOMMENDED that a client does not wait to the last second of the timeout before trying to send a liveness message. The RTSP message may be lost or when using reliable protocols, such as TCP, the message may take some time to arrive safely at the receiver. To show liveness between RTSP request issued to accomplish other things, the following mechanisms can be used, in descending order of preference:

RTCP:

If RTP is used for media transport RTCP SHOULD be used. If RTCP is used to report transport statistics, it SHALL also work as keep alive. The server can determine the client by used network address and port together with the fact that the client is reporting on the servers SSRC(s). A downside of using RTCP is that it only gives statistical guarantees to reach the server. However that probability is so low that it can be ignored in most cases. For example, a session with 60 seconds timeout and enough bitrate assigned to RTCP messages to send a message from client to server on average every 5 seconds. That client have for a network with 5 % packet loss, the probability to fail showing liveness sign in that session within the timeout interval of 2.4*E-16. In sessions with shorter timeout times, or much higher packet loss, or small RTCP bandwidths SHOULD also use any of the mechanisms below.

SET_PARAMETER:

When using SET_PARAMETER for keep alive, no body SHOULD be included. This method is the RECOMMENDED RTSP method to use in request only intended to perform keep-alive.

OPTIONS:

This method does also work. However it causes the server to perform more unnecessary processing and result in bigger responses than necessary for the task. The reason for this is that the server needs to determine what capabilities that are associated with the media resource to correctly populate the Public and Allow headers.

The timeout parameter MAY be included in a SETUP response, and SHALL NOT be included in requests. The server uses it to indicate to the client how long the server is prepared to wait between RTSP commands or other signs of life before closing the session due to lack of activity (see below and Appendix B (RTSP Protocol State Machine)). The timeout is measured in seconds, with a default of 60 seconds. The length of the session timeout SHALL NOT be changed in a established session.

10.6.  Use of IPv6

Explicit IPv6 support was not present in RTSP 1.0 (RFC 2326). RTSP 2.0 has been updated for explicit IPv6 support. Implementations of RTSP 2.0 MUST understand literal IPv6 addresses in URIs and headers.

11.  Capability Handling

This section describes the available capability handling mechanism which allows RTSP to be extended. Extensions to this version of the protocol are basically done in two ways. First, new headers can be added. Secondly, new methods can be added. The capability handling mechanism is designed to handle both cases.

When a method is added, the involved parties can use the OPTIONS method to discover wether it is supported. This is done by issuing a OPTIONS request to the other party. Depending on the URI it will either apply in regards to a certain media resource, the whole server in general, or simply the next hop. The OPTIONS response MUST contain a Public header which declares all methods supported for the indicated resource.

It is not necessary to use OPTIONS to discover support of a method, the client could simply try the method. If the receiver of the request does not support the method it will respond with an error code indicating the the method is either not implemented (501) or does not apply for the resource (405). The choice between the two discovery methods depends on the requirements of the service.

Feature-Tags are defined to handle functionality additions that are not new methods. Each feature-tag represents a certain block of functionality. The amount of functionality that a feature-tag represents can vary significantly. A feature-tag can for example represent the functionality a single RTSP header provides. Another feature-tag can represent much more functionality, such as the "play.basic" feature-tag which represents the minimal playback implementation.

Feature-tags are used to determine wether the client, server or proxy supports the functionality that is necessary to achieve the desired service. To determine support of a feature-tag, several different headers can be used, each explained below:

Supported:

The supported header is used to determine the complete set of functionality that both client and server have. The intended usage is to determine before one needs to use a functionality that it is supported. It can be used in any method, however OPTIONS is the most suitable one as it at the same time determines all methods that are implemented. When sending a request the requestor declares all its capabilities by including all supported feature-tags. This results in that the receiver learns the requestors feature support. The receiver then includes its set of features in the response.

Proxy-Supported:

The Proxy-Supported header is used similar to the Supported header, but instead of giving the supported functionality of the client or server it provides both the requestor and the responder a view of what functionality the proxy chain between the two supports. Proxies are required to add this header whenever the Supported header is present, but proxies may independently of the requestor add it.

Require:

The Require header can be included in any request where the end-point, i.e. the client or server, is required to understand the feature to correctly perform the request. This can, for example, be a SETUP request where the server is required to understand a certain parameter to be able to set up the media delivery correctly. Ignoring this parameter would not have the desired effect and is not acceptable. Therefore the end-point receiving a request containing a Require MUST negatively acknowledge any feature that it does not understand and not perform the request. The response in cases where features are not supported are 551 (Option Not Supported). Also the features that are not supported are given in the Unsupported header in the response.

Proxy-Require:

This method has the same purpose and workings as Require except that it only applies to proxies and not the end-point. Features that needs to be supported by both proxies and end-point needs to be included in both the Require and Proxy-Require header.

Unsupported:

This header is used in a 551 error response, to indicate which feature(s) that was not supported. Such a response is only the result of the usage of the Require and/or Proxy-Require header where one or more feature where not supported. This information allows the requestor to make the best of situations as it knows which features are not supported.

12.  Pipelining Support

Pipelining is a general method to improve performance of request response protocols by allowing the requesting entity to have more than one request outstanding and send them over the same persistent connection. For RTSP where the relative order of requests will matter it is important to maintain the order of the requests. Because of this the the responding entity SHALL process the incoming requests in their sending order. The sending order can be determined by the CSeq header and its sequence number. For TCP the delivery order will be the same as the sending order. The processing of the request SHALL also have been finished before processing the next request from the same entity. The responses MUST be sent in the order the requests was processed.

RTSP 2.0 has extended support for pipelining compared to RTSP 1.0. The major improvement is to allow all requests to setup and initiate media playback to be pipelined after each other. This is accomplished by the utilization of the Pipelined-Requests header (see Section 16.32 (Pipelined-Requests)). This header allows a client to request that two or more requests is to be processed in the same RTSP session context which the first request creates. In other words a client can request that two or more media streams are set-up and then played without needing to wait for a single response. This speeds up the initial startup time for an RTSP session with at least one RTT.

If a pipelined request builds on the succesful completion of one or more prior requests the requestor must verify that all requests were executed as expected. A common example will be two SETUP requests and a PLAY request. In case one of the SETUP fails unexpectedly, the PLAY request can still be succesfully executed. However, not as expected by the requesting client as only a single media instead of two will be played. In this case the client can send a PAUSE request, correct the failing SETUP request and then request it to be played.

13.  Method Definitions

The method indicates what is to be performed on the resource identified by the Request-URI. The method name is case-sensitive. New methods may be defined in the future. Method names SHALL NOT start with a $ character (decimal 24) and MUST be a token as defined by the ABNF [RFC5234] (Crocker, D. and P. Overell, “Augmented BNF for Syntax Specifications: ABNF,” January 2008.) in the syntax chapter Section 20 (Syntax). The methods are summarized in Table 7 (Overview of RTSP methods, their direction, and what objects (P: presentation, S: stream) they operate on. Legend: R=Respond, Sd=Send, Opt: Optional, Req: Required).

Note on Table 7 (Overview of RTSP methods, their direction, and what objects (P: presentation, S: stream) they operate on. Legend: R=Respond, Sd=Send, Opt: Optional, Req: Required): GET_PARAMETER is recommended, but not required. For example, a fully functional server can be built to deliver media without any parameters. SET_PARAMETER is required however due to its usage for keep-alive. PAUSE is now required due to that it is the only way of getting out of the state machines play state without terminating the whole session.

If an RTSP agent does not support a particular method, it MUST return 501 (Not Implemented) and the requesting RTSP agent, in turn, SHOULD NOT try this method again for the given agent / resource combination.

13.1.  OPTIONS

The semantics of the RTSP OPTIONS method is equivalent to that of the HTTP OPTIONS method described in [H9.2]. In RTSP however, OPTIONS is bi-directional, in that a client can request it to a server and vice versa. A client MUST implement the capability to send an OPTIONS request and a server or a proxy MUST implement the capability to respond to an OPTIONS request. The client, server or proxy MAY also implement the converse of their required capability.

An OPTIONS request may be issued at any time. Such a request does not modify the session state. However, it may prolong the session lifespan (see below). The URI in an OPTIONS request determines the scope of the request and the corresponding response. If the Request-URI refers to a specific media resource on a given host, the scope is limited to the set of methods supported for that media resource by the indicated RTSP agent. A Request-URI with only the host address limits the scope to the specified RTSP agent's general capabilities without regard to any specific media. If the Request-URI is an asterisk ("*"), the scope is limited to the general capabilities of the next hop (i.e. the RTSP agent in direct communication with the request sender).

Regardless of scope of the request, the Public header MUST always be included in the OPTIONS response listing the methods that are supported by the responding RTSP agent. In addition, if the scope of the request is limited to a media resource, the Allow header MUST be included in the response to enumerate the set of methods that are allowed for that resource unless the set of methods completely matches the set in the Public header. If the given resource is not available, the RTSP agent SHOULD return an appropriate response code such as 3rr or 4xx. The Supported header MAY be included in the request to query the set of features that are supported by the responding RTSP agent.

The OPTIONS method can be used to keep an RTSP session alive. However, it is not the preferred means of session keep-alive signalling, see Section 16.48 (Session). An OPTIONS request intended for keeping alive an RTSP session MUST include the Session header with the associated session ID. Such a request SHOULD also use the media or the aggregated control URI as the Request-URI.

Example:

  C->S:  OPTIONS * RTSP/2.0
         CSeq: 1
         User-Agent: PhonyClient/1.2
         Require:
         Proxy-Require: gzipped-messages
         Supported: play.basic

  S->C:  RTSP/2.0 200 OK
         CSeq: 1
         Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE
         Supported: play.basic, implicit-play, gzipped-messages
         Server: PhonyServer/1.1

Note that some of the feature-tags in Require and Proxy-Require are fictional features.

13.2.  DESCRIBE

The DESCRIBE method is used to retrieve the description of a presentation or media object from a server. The Request-URI of the DESCRIBE request identifies the media resource of interest. The client MAY include the Accept header in the request to list the description formats that it understands. The server SHALL respond with a description of the requested resource and return the description in the entity of the response. The DESCRIBE reply-response pair constitutes the media initialization phase of RTSP.

Example:

  C->S: DESCRIBE rtsp://server.example.com/fizzle/foo RTSP/2.0
        CSeq: 312
        User-Agent: PhonyClient 1.2
        Accept: application/sdp, application/example

  S->C: RTSP/2.0 200 OK
        CSeq: 312
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Server: PhonyServer 1.1
        Content-Type: application/sdp
        Content-Length: 367

        v=0
        o=mhandley 2890844526 2890842807 IN IP4 192.0.2.46
        s=SDP Seminar
        i=A Seminar on the session description protocol
        u=http://www.example.com/lectures/sdp.ps
        e=seminar@example.com (Seminar Management)
        c=IN IP4 224.2.17.12/127
        t=2873397496 2873404696
        a=recvonly
        m=audio 3456 RTP/AVP 0
        m=video 2232 RTP/AVP 31
        m=application 32416 UDP WB
        a=orient:portrait

The DESCRIBE response SHOULD contain all media initialization information for the resource(s) that it describes. Servers SHOULD NOT use the DESCRIBE response as a means of media indirection by having the description point at another server, instead usage of 3rr responses are recommended.

By forcing a DESCRIBE response to contain all media initialization for the set of streams that it describes, and discouraging the use of DESCRIBE for media indirection, any looping problems can be avoided that might have resulted from other approaches.

Media initialization is a requirement for any RTSP-based system, but the RTSP specification does not dictate that this is required to be done via the DESCRIBE method. There are three ways that an RTSP client may receive initialization information:

• via an RTSP DESCRIBE request
• via some other protocol (HTTP, email attachment, etc.)
• via some form of a user interface

If a client obtains a valid description from an alternate source, the client MAY use this description for initialization purposes without issuing a DESCRIBE request for the same media.

It is RECOMMENDED that minimal servers support the DESCRIBE method, and highly recommended that minimal clients support the ability to act as "helper applications" that accept a media initialization file from a user interface, and/or other means that are appropriate to the operating environment of the clients.

13.3.  SETUP

The SETUP request for an URI specifies the transport mechanism to be used for the streamed media. The SETUP method may be used in two different cases; Create an RTSP session and change the transport parameters of already set up media stream. SETUP can be used in all three states; INIT, and READY, for both purposes and in PLAY to change the transport parameters. There is also a third possibile usage for the SETUP method which is not specified in this memo: adding a media to a session. Using SETUP to add media to an existing session, when the session is in PLAY state, is unspecified.

The Transport header, see Section 16.51 (Transport), specifies the transport parameters acceptable to the client for data transmission; the response will contain the transport parameters selected by the server. This allows the client to enumerate in descending order of preference the transport mechanisms and parameters acceptable to it, while the server can select the most appropriate. It is expected that the session description format used will enable the client to select a limited number possible configurations that are offered to the server to choose from. All transport related parameters shall be included in the Transport header, the use of other headers for this purpose is discouraged due to middleboxes, such as firewalls or NATs.

For the benefit of any intervening firewalls, a client SHALL indicate the known transport parameters, even if it has no influence over these parameters, for example, where the server advertises a fixed multicast address as destination.

Since SETUP includes all transport initialization information, firewalls and other intermediate network devices (which need this information) are spared the more arduous task of parsing the DESCRIBE response, which has been reserved for media initialization.

The client SHALL include the Accept-Ranges header in the request indicating all supported unit formats in the Range header. This allows the server to know which format it may use in future session related responses, such as PLAY response without any range in the request. If the client does not support a time format necessary for the presentation the server SHALL respond using 456 (Header Field Not Valid for Resource) and include the Accept-Ranges header with the range unit formats supported for the resource.

In a SETUP response the server SHALL include the Accept-Ranges header (see Section 16.5 (Accept-Ranges)) to indicate which time formats that are acceptable to use for this media resource.

The SETUP response 200 OK SHALL include the Media-Properties header (see Section 16.29 (Media-Properties) ). The combination of the parameters of the Media-Properties header indicate the nature of the content (see also Section 1.5 (Media Properties)). For example, a live stream with time shifting is indicated by

• Random Access set to Random-Access,
• Content Modifications set to Time Progressing,
• Retention set to Time-Duration (with specific recording window time value).

The SETUP response 200 OK SHALL include the Media-Range header (see Section 16.30 (Media-Range)) if the media is Time-Progressing.

A basic example for SETUP:

  C->S: SETUP rtsp://example.com/foo/bar/baz.rm RTSP/2.0
        CSeq: 302
        Transport: RTP/AVP;unicast;dest_addr=":4588"/":4589",
                   RTP/AVP/TCP;unicast;interleaved=0-1
        Accept-Ranges: NPT, UTC
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 302
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Server: PhonyServer 1.1
        Session: 47112344;timeout=60
        Transport: RTP/AVP;unicast;dest_addr=":4588"/":4589";
                   src_addr="192.0.2.241:6256"/"192.0.2.241:6257";
                   ssrc=2A3F93ED
        Accept-Ranges: NPT
        Media-Properties: Random-Access=3.2, Time-Progressing,
                          Time-Duration=3600.0
        Media-Range: npt=0-2893.23

In the above example the client wants to create an RTSP session containing the media resource "rtsp://example.com/foo/bar/baz.rm". The transport parameters acceptable to the client is either RTP/AVP/UDP (UDP per default) to be received on client port 4588 and 4589 or RTP/AVP interleaved on the RTSP control channel. The server selects the RTP/AVP/UDP transport and adds the ports it will send and received RTP and RTCP from, and the RTP SSRC that will be used by the server.

The server MUST generate a session identifier in response to a successful SETUP request, unless a SETUP request to a server includes a session identifier, in which case the server MUST bundle this setup request into the existing session (aggregated session) or return error 459 (Aggregate Operation Not Allowed) (see Section 15.4.11 (459 Aggregate Operation Not Allowed)). An Aggregate control URI MUST be used to control an aggregated session. This URI MUST be different from the stream control URIs of the individual media streams included in the aggregate. The Aggregate control URI is to be specified by the session description if the server supports aggregated control and aggregated control is desired for the session. However even if aggregated control is offered the client MAY chose to not set up the session in aggregated control. If an Aggregate control URI is not specified in the session description, it is normally an indication that non-aggregated control should be used. The SETUP of media streams in an aggregate which has not been given an aggregated control URI is unspecified.

While the session ID sometimes has enough information for aggregate control of a session, the Aggregate control URI is still important for some methods such as SET_PARAMETER where the control URI enables the resource in question to be easily identified. The Aggregate control URI is also useful for proxies, enabling them to route the request to the appropriate server, and for logging, where it is useful to note the actual resource that a request was operating on.

A session will exist until it is either removed by a TEARDOWN request or is timed-out by the server. The server MAY remove a session that has not demonstrated liveness signs from the client(s) within a certain timeout period. The default timeout value is 60 seconds; the server MAY set this to a different value and indicate so in the timeout field of the Session header in the SETUP response. For further discussion see Section 16.48 (Session). Signs of liveness for an RTSP session are:

• Any RTSP request from a client(s) which includes a Session header with that session's ID.
• If RTP is used as a transport for the underlying media streams, an RTCP sender or receiver report from the client(s) for any of the media streams in that RTSP session. RTCP Sender Reports may for example be received in sessions where the server is invited into a conference session and is as valid for keep-alive.

If a SETUP request on a session fails for any reason, the session state, as well as transport and other parameters for associated streams SHALL remain unchanged from their values as if the SETUP request had never been received by the server.

13.3.1.  Changing Transport Parameters

A client MAY issue a SETUP request for a stream that is already set up or playing in the session to change transport parameters, which a server MAY allow. If it does not allow changing of parameters, it MUST respond with error 455 (Method Not Valid In This State). Reasons to support changing transport parameters, is to allow for application layer mobility and flexibility to utilize the best available transport as it becomes available. If a client receives a 455 when trying to change transport parameters while the server is in play state, it MAY try to put the server in ready state using PAUSE, before issuing the SETUP request again. If also that fails the changing of transport parameters will require that the client performs a TEARDOWN of the affected media and then setting it up again. In aggregated session avoiding tearing down all the media at the same time will avoid the creation of a new session.

All transport parameters MAY be changed. However the primary usage expected is to either change transport protocol completely, like switching from Interleaved TCP mode to UDP or vise versa or change delivery address.

In a SETUP response for a request to change the transport parameters while in Play state, the server SHALL include the Range to indicate from what point the new transport parameters are used. Further, if RTP is used for delivery, the server SHALL also include the RTP-Info header to indicate from what timestamp and RTP sequence number the change has taken place. If both RTP-Info and Range is included in the response the "rtp_time" parameter and range MUST be for the corresponding time, i.e. be used in the same way as for PLAY to ensure the correct synchronization information is available.

If the transport parameters change while in PLAY state results in a change of synchronization related information, for example changing RTP SSRC, the server MUST provide in the SETUP response the necessary synchronization information. However the server is RECOMMENDED to avoid changing the synchronization information if possible.

13.4.  PLAY

This section describes the usage of the PLAY method in general, for aggregated sessions, and in different usage scenarios.

13.4.1.  General Usage

The PLAY method tells the server to start sending data via the mechanism specified in SETUP and which part of the media should be played out. PLAY requests are valid when the session is in READY or PLAY states. A PLAY request MUST include a Session header to indicate which session the request applies to.

Upon receipt of the PLAY request, the server SHALL position the normal play time to the beginning of the range specified in the received Range header and delivers stream data until the end of the range if given, or until a new PLAY request is received, else to the end of the media is reached. To allow for precise composition multiple ranges MAY be specified in one PLAY Request. The range values are valid if all given ranges are part of any media within the aggregate. If a given range value points outside of the media, the response SHALL be the 457 (Invalid Range) error code.

The below example will first play seconds 10 through 15, then, immediately following, seconds 20 to 25, and finally seconds 30 through the end.

  C->S: PLAY rtsp://audio.example.com/audio RTSP/2.0
        CSeq: 835
        Session: 12345678
        Range: npt=10-15, npt=20-25, npt=30-
        Seek-Style: RAP
        User-Agent: PhonyClient/1.2

See the description of the PAUSE request for further examples.

A PLAY request without a Range header is legal. It SHALL start playing a stream from the beginning (npt=0-) unless the stream has been paused or is currently playing. If a stream has been paused via PAUSE, stream delivery resumes at the pause point. If a stream is currently playing, the new PLAY begins at the current stream position. The stream SHALL play until the end of the media. The Range header MUST NOT contain a time parameter. The usage of time in PLAY method has been deprecated. If a request with time parameter is received the server SHOULD respond with a 457 (Invalid Range) to indicate that the time parameter is not supported. If no range is specified in the request, the start position SHALL still be returned in the reply. If the medias that are part of an aggregate has different lengths, the PLAY request SHALL be performed as long as the given range is valid for any media, for example the longest media. Media will be sent whenever it is available for the given play-out point.

A client desiring to play the media from the beginning MUST send a PLAY request with a Range header pointing at the beginning, e.g. npt=0-. If a PLAY request is received without a Range header when media delivery has stopped at the end, the server SHOULD respond with a 457 "Invalid Range" error response. In that response the current pause point in a Range header SHALL be included.

All range specifiers in this specification allow for ranges with unspecified begin times (e.g. "npt=-30"). When used in a PLAY request, the server treats this as a request to start/resume playback from the current pause point, ending at the end time specified in the Range header. If the pause point is located later than the given end value, a 457 (Invalid Range) response SHALL be given.

Server MUST include a "Range" header in any PLAY response. The response MUST use the same format as the request's range header contained. If no Range header was in the request, the format used in any previous PLAY request within the session SHOULD be used. If no format has been indicated in a previous request the server MAY use any time format supported by the media and indicated in the Accept-Ranges header in the SETUP respone. It is RECOMMENDED that NPT is used if supported by the media.

A PLAY response MAY include a header(s) carrying synchronization information. As the information necessary is dependent on the media transport format, further rules specifying the header and its usage is needed. For RTP the RTP-Info header is specified, see Section 16.43 (RTP-Info), and used in the following example.

Here is a simple example for a single audio stream where the client requests the media starting from 3.52 seconds. The server sends a 200 OK response with the actual play time (equal to the requested in this case) and the RTP-Info header that contains the necessary parameters for the RTP stack.

C->S: PLAY rtsp://example.com/audio RTSP/2.0
      CSeq: 836
      Session: 12345678
      Range: npt=3.52-
      User-Agent: PhonyClient/1.2

S->C: RTSP/2.0 200 OK
      CSeq: 836
      Date: Thu, 23 Jan 1997 15:35:06 GMT
      Server: PhonyServer 1.0
      Range: npt=3.52-
      RTP-Info:url="rtsp://example.com/audio"
         ssrc=0D12F123:seq=14783;rtptime=2345962545

S->C: RTP Packet TS=2345962545 => NPT=3.52
      Duration=4.15 seconds

For media with random-access, the server MUST reply with the actual range that will be played back, i.e. for which duration any media (having content at this time) is delivered. This may differ from the requested range if alignment of the requested range to valid frame boundaries is required for the media source. Note that some media streams in an aggregate may need to be delivered from even earlier points. Also, some media format have a very long duration per individual data unit, therefore it might be necessary for the client to parse the data unit, and select where to start. The client can express its desired handling by the server by including the Seek-Style header (Seek-Style) in the PLAY request, if desired.

In the following example the client receives the first media packet that stretches all the way up and past the requested playtime. Thus, it is the client's decision if to render to the user the time between 3.52 and 7.05, or to skip it. In most cases it is probably most suitable to not render that time period.

C->S: PLAY rtsp://example.com/audio RTSP/2.0
      CSeq: 836
      Session: 12345678
      Range: npt=7.05-      User-Agent: PhonyClient/1.2

S->C: RTSP/2.0 200 OK
      CSeq: 836
      Date: Thu, 23 Jan 1997 15:35:06 GMT
      Server: PhonyServer 1.0
      Range: npt=3.52-
      RTP-Info:url="rtsp://example.com/audio"
         ssrc=0D12F123:seq=14783;rtptime=2345962545

S->C: RTP Packet TS=2345962545 => NPT=3.52
      Duration=4.15 seconds

After playing the desired range, the presentation does NOT transition to the READY state, media delivery simply stops. A PAUSE request MUST be issued before the stream enters the READY state. A PLAY request while the stream is still in the PLAYING state is legal, and can be issued without an intervening PAUSE request. Such a request SHALL replace the current PLAY action with the new one requested, i.e. being handle the same as the request was received in ready state. In the case the first time range in Range header has a open start time (-endtime), the server SHALL continue to play from where it currently was until the specified end point. This is useful to change ongoing playback to play another sequence, or end at another point than in the previous request.

The following example plays the whole presentation starting at SMPTE time code 0:10:20 until the end of the clip. Note: The RTP-Info headers has been broken into several lines to fit the page.

C->S: PLAY rtsp://audio.example.com/twister.en RTSP/2.0
      CSeq: 833
      Session: 12345678
      Range: smpte=0:10:20-
      User-Agent: PhonyClient/1.2

S->C: RTSP/2.0 200 OK
      CSeq: 833
      Date: Thu, 23 Jan 1997 15:35:06 GMT
      Server: PhonyServer 1.0
      Range: smpte=0:10:22-0:15:45
      RTP-Info:url="rtsp://example.com/twister.en"
         ssrc=0D12F123:seq=14783;rtptime=2345962545

For playing back a recording of a live presentation, it may be desirable to use clock units:

C->S: PLAY rtsp://audio.example.com/meeting.en RTSP/2.0
      CSeq: 835
      Session: 12345678
      Range: clock=19961108T142300Z-19961108T143520Z
      User-Agent: PhonyClient/1.2

S->C: RTSP/2.0 200 OK
      CSeq: 835
      Date: Thu, 23 Jan 1997 15:35:06 GMT
      Server:PhonyServer 1.0
      Range: clock=19961108T142300Z-19961108T143520Z
      RTP-Info:url="rtsp://example.com/meeting.en"
         ssrc=0D12F123:seq=53745;rtptime=484589019

13.4.2.  Aggregated Sessions

PLAY requests can operate on sessions controlling a single media and on aggregated sessions controlling multiple media.

In an aggregated session the PLAY request MUST contain an aggregated control URI. A server SHALL responde with error 460 (Only Aggregate Operation Allowed) if the client PLAY Request-URI is for one of the media. The media in an aggregate SHALL be played in sync. If a client wants individual control of the media it needs to use separate RTSP sessions for each media.

For aggregated sessions where the initial SETUP request (creating a session) is followed by one or more additional SETUP request, a PLAY request MAY be pipelined after those additional SETUP requests without awaiting their responses. This procedure can reduce the delay from start of session establishment until media play-out has started with one round trip time. However an client needs to be aware that using this procedure will result in the playout of the server state established at the time of processing the PLAY, i.e., after the processing of all the requests prior to the PLAY request in the pipeline. This may not be the intended one due to failure of any of the prior requests. However a client easily determine this based on the responses from those requests. In case of failure the client can halt the media playout using PAUSE and try to establish the intended state again before issuing another PLAY request.

13.4.3.  Updating current PLAY Requests

Clients can issue PLAY request while the stream is In PLAYING state and thus updating their request. The possibility to replace a current PLAY request with a new one replaces the following RTSP 1.0 functions based on PLAY in play state:

• The queued play functionality described in RFC 2326 [RFC2326] (Schulzrinne, H., Rao, A., and R. Lanphier, “Real Time Streaming Protocol (RTSP),” April 1998.) is removed and multiple ranges can be used to achieve a similar functionality in combination with the possibility to replace previous play messages.
• The use of PLAY for keep-alive signaling, i.e. PLAY request without a range header in PLAY state, has also been deprecated. Instead a client can use, SET_PARAMETER (recommended) or OPTIONS (allowed) for keep alive.

The important difference compared to a PLAY request in ready state is the handling of the current playpoint and how the range header in request is constructed. The session is actively playing media and the playpoint will be moving making the exact time a request will take action is hard to predict. Depending on how the PLAY header appears two different cases exist: total replacement or continuation. A total replacement is signalled by having the first range specification have an explicit start value, e.g. npt=45- or npt=45-60, in which case the server stops playout at the current playout point and then starts delivering media according to the Range header. This is equivalent to having the client first send a PAUSE and then a new play request that isn't based on the pause point. In the case of continuation the first range specifier has an open start point and a explict stop value (Z), e.g. npt=-60, which indicate that it SHALL convert the range specifier being played prior to this PLAY request (X to Y) into (X to Z) and continue as this was the request originally played. For both total replacement and continuation the PLAY request SHALL remove any additional range specifiers present in the previous request and add any that is present in the new PLAY request.

An example of this behavior. The server has received requests to play ranges 10 to 15 and then 13 to 20 (that is, overlapping ranges). If the new PLAY request arrives at the server 4 seconds after the previous one, it will take effect while the server plays the first range (10-15). Thus changing the behavior of this range to continue to play to 25 seconds, i.e. the equivalent single request would be PLAY with range: npt=10-25. Note that the second range (13-20) is deleted and never comes into effect. If the new PLAY request would arrive as the second range in the first request was playing (13-20 and shown below), then the equivalent single request would be play with range:npt=10-15,npt=13-25.

  C->S: PLAY rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 834
        Session: 12345678
        Range: npt=10-15, npt=13-20
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 834
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Server: PhonyServer 1.0
        Range: npt=10-15, npt=13-20
        RTP-Info:url="rtsp://example.com/fizzle/audiotrack"
                ssrc=0D12F123:seq=5712;rtptime=934207921,
                url="rtsp://example.com/fizzle/videotrack"
                ssrc=789DAF12:seq=57654;rtptime=2792482193
        Session: 12345678

  C->S: PLAY rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 835
        Session: 12345678
        Range: npt=-25
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 835
        Date: Thu, 23 Jan 1997 15:35:09 GMT
        Server: PhonyServer 1.0
        Range: npt=14-25
        RTP-Info:url="rtsp://example.com/fizzle/audiotrack"
                ssrc=0D12F123:seq=5712;rtptime=934239921,
                url="rtsp://example.com/fizzle/videotrack"
                ssrc=789DAF12:seq=57654;rtptime=2792842193
        Session: 12345678

13.4.4.  Playing On-Demand Media

On-demand media is indicated by the content of the Media-Properties header in the SETUP response by (see also Section 16.29 (Media-Properties)):

• Random-Access property is set to Random Acces;
• Content Modifications set to unmutable;
• Retetion set Unlimited or Time-Limited.

Playing on-demand media follows the general usage as described in Section 13.4.1 (General Usage).

13.4.5.  Playing Dynamic On-Demand Media

Dynamic on-demand media is indicated by the content of the Media-Properties header in the SETUP response by (see also Section 16.29 (Media-Properties)):

• Random-Access set to Random Access;
• Content Modifications set to dynamic;
• Retetion set unlimited or Time-Limited.

Playing on-demand media follows the general usage as described in Section 13.4.1 (General Usage) as long as the media has not been changed.

There are ways for the client to get informed about changed of media resources in play state, if the resource was changed. The client will receive a PLAY_NOTIFY request with Notify-Reason header set to media-properties-update (see Section 13.5.2 (Media-Properties-Update). The client can use the value of the Media-Range to decide further actions, if the Media-Range header is present in the PLAY_NOTIFY request. The second way is that the client issues a GET_PARAMETER request without a body but including a Media-Range header. The 200 OK response SHALL include the current Media-Range header (see Section 16.30 (Media-Range)).

13.4.6.  Playing Live Media

Live media is indicated by the content of the Media-Properties header in the SETUP response by (see also Section 16.29 (Media-Properties)):

• Random-Access set to no-seeking;
• Content Modifications set to Time-Progressing;
• Retetion with Time-Duration set to 0.0.

For live media, the SETUP response 200 OK SHALL include the Media-Range header (see Section 16.30 (Media-Range)).

A client MAY send PLAY requests without the Range header, if the request include the Range header it SHALL use a symbolic value representing "now". For NPT that range specification is "npt=now-". The server SHALL include the Range header in the response and it MUST indicate a explict time value and not a symbolic value. In other words npt=now- is not a valid to use in the respone. Instead the time since session start is recommended expressed as an open interval, e.g. "npt=96.23-". An absolute time value (clock) for the corresponding time MAY be given, i.e. "clock=20030213T143205Z-". The UTC clock format SHOULD only be used if client has shown support for it.

13.4.7.  Playing Live with Recording

Certain media server may offer recording services of live sessions to their clients. This recording would normally be from the begining of the media session. Clients can randomly access the media between now and the begining of the media session. This live media with recording is indicated by the content of the Media-Properties header in the SETUP response by (see also Section 16.29 (Media-Properties)):

• Random-Access set to random-access;
• Content Modifications set to Time-Progressing;
• Retetion set to Time-limited or Unlimited

The SETUP response 200 OK SHALL include the Media-Range header (see Section 16.30 (Media-Range)) for this type of media. For live media with recording the Range header indicates the current playback time in the media and the Media Range indicates the currently available media window around the current time. This window can cover recorded content in the past (seen from current time in the media) or recorded content in the future (seen from current time in the media). The server adjusts the play point to the requested border of the window, if the client requests a play point that is located outside the recording windows, e.g., if requested to far in the past, the server selects the oldest range in the recording. The considerations in Section 13.5.3 (Scale-Change) apply, if a client requests playback at Scale (Scale) values other than 1.0 (Normal playback rate) while playing live media with recording.

13.4.8.  Playing Live with Time-Shift

Certain media server may offer time-shift services to their clients. This time shift records a fixed interval in the past, i.e., a sliding window recording mechanism, but not past this interval. Clients can randomly access the media between now and the interval. This live media with recording is indicated by the content of the Media-Properties header in the SETUP response by (see also Section 16.29 (Media-Properties)):

• Random-Access set to random-access;
• Content Modifications set to Time-Progressing;
• Retetion set to Time-Duration and a value indicating the recording interval (>0).

The SETUP response 200 OK SHALL include the Media-Range header (see Section 16.30 (Media-Range)) for this type of media. For live media with recording the Range header indicates the current time in the media and the Media Range indicates a window around the current time. This window can cover recorded content in the past (seen from current time in the media) or recorded content in the future (seen from current time in the media). The server adjusts the play point to the requested border of the window, if the client requests a play point that is located outside the recording windows, e.g., if requested to far in the past, the server selects the oldest range in the recording. The considerations in Section 13.5.3 (Scale-Change) apply, if a client requests playback at Scale (Scale) values other than 1.0 (Normal playback rate) while playing live media with time-shift.

13.5.  PLAY_NOTIFY

The PLAY_NOTIFY method is issued by a server to inform a client about an ansynchronous event for a session in play state. The Session header MUST be presented in a PLAY_NOTIFY request and indicates the scope of the request. Sending of PLAY_NOTIFY requests requires a persistent connection between server and client, otherwise there is no way for the server to send this request method to the client.

PLAY_NOTIFY requests have an end-to-end (i.e. server to client) scope, as they carry the Session header, and apply only to the given session. The client SHOULD immediately return a response to the server.

PLAY_NOTIFY requests MAY be used with a message body, depending on the value of the Notify-Reason header. It is described in the particular section for each Notify-Reason if a message body is used. However, currently there is no Notify-Reason that allows using a message body. There is the need to obey some limitations, when adding new Notify-Reasons that intend to use a message body: The server can send any type of message body, but it is not ensured that the client can understand the received message body. This is related to DESCRIBE (seeSection 13.2 (DESCRIBE) ), but there the client can state its acceptable message bodies by using the Accept header. In case of PLAY_NOTIFY, the server does not know which message bodies are understood by the client.

The Notify-Reason header (see Section 16.31 (Notify-Reason)) specifies the reason why the server sends the PLAY_NOTIFY request. This is extensible and new reasons MAY be added in the future. In case the client does not understand the reason for the notification it SHALL respond with an 465 (Notification Reason Unknown) (465 Notification Reason Unknown) error code. Servers can send PLAY_NOTIFY with these types:

• end-of-stream (see Section 13.5.1 (End-of-Stream));
• media-properties-update (see Section 13.5.2 (Media-Properties-Update));
• and scale-change (see Section 13.5.3 (Scale-Change)).

13.5.1.  End-of-Stream

A PLAY_NOTIFY request with Notify-Reason header set to end-of-stream indicates the end of the media streams has been reached or will be in the near future for the given session aggregate. The request SHALL NOT be issued unless the server is in the playing state. The end of the media stream delivery notification may be for either succesful completion of the PLAY request currently being served or indicate some error resulting in failure to complete the request. The Request-Status header (Request-Status) SHALL be included to indicate which request the notification is for and its completion status. The message response status codes (Status Code and Reason Phrase) are used to indicate how the PLAY request concluded. In case a PLAY_NOTIFY was issues prior to the actual completion and some error occured resulting in that the previosuly sent was in error a new Notification MUST be sent including the correct status for the completion and all additional information.

PLAY_NOTIFY requests with Notify-Reason header set to end-of-stream MUST include a Range header. The Range header indicates the point in the stream or streams where delivery was/are ending with the timescale that has been used by the client in the PLAY request being fulfilled. For normal play time it is not alllowed to use "now" as server do know the real ending time of the media stream and now carries no information to determine what has/will be delivered. When end-of-stream notifications are issued prior to having sent the last media packets, this is evident as the end time in the Range header is beyond the current time in the media being received by the client, e.g., npt=-15, if npt is currently at 14.2 seconds.

If RTP is used as media transport, a RTP-Info header MUST be included, and the RTP-Info header MUST indicate the last sequence number in the seq parameter.

A PLAY_NOTIFY request with Notify-Reason header set to end-of-stream MUST NOT carry a message body.

This example request notifies the client about a future end-of-stream event:

  S->C: PLAY_NOTIFY rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 854
        Notify-Reason: end-of-stream
        Request-Status: cseq=853 status=200 reason="OK"
        Range: npt=-145
        RTP-Info:url="rtsp://example.com/audio"
           ssrc=0D12F123:seq=14783;rtptime=2345962545
        Session: uZ3ci0K+Ld-M

  C->S: RTSP/2.0 200 OK
        CSeq: 854
        User-Agent: PhonyClient/1.2

13.5.2.  Media-Properties-Update

A PLAY_NOTIFY request with Notify-Reason header set to media-properties-update indicates an update of the media properties for the given session (see Section 16.29 (Media-Properties)) and/or the available media range that can be played as indicated by Media-Range (Media-Range). PLAY_NOTIFY requests with Notify-Reason header set to media-properties-update MUST include a Media-Properties and Date header and SHOULD include a Media-Range header.

This notification SHALL be sent for media that are time-progressing every time a event happens that changes the basis for making estimations on how the media range progress. In addition it is RECOMMENDED that the server sends these notification every 5 minutes for time-progressing content to ensure the long term stability of the client estimation and allowing for clock skew detection by the client. Requests for the just mentioned reasons SHALL include Media-Range header to provide current Media duration and the Range header to indicate the current playing point and any remaining parts of the requsted range.

A PLAY_NOTIFY request with Notify-Reason header set to media-properties-update MUST NOT carry a message body.

  S->C: PLAY_NOTIFY rtsp://example.com/fizzle/foo RTSP/2.0
        Date: Tue, 14 Apr 2008 15:48:06 GMT
        CSeq: 854
        Notify-Reason: media-properties-update
        Session: uZ3ci0K+Ld-M
        Media-Properties: Time-Progressing,
              Time-Limited=20080415T153919.36Z, Random-Access=5.0
        Media-Range: npt=0-1:37:21.394
        Range: npt=1:15:49.873-

  C->S: RTSP/2.0 200 OK
        CSeq: 854
        User-Agent: PhonyClient/1.2

13.5.3.  Scale-Change

When a client request playback at Scale (Scale) values other than 1.0 (Normal playback rate) then the server may be forced to changed the rate. For time progressing media with some retention, i.e. the server stores already sent content, a client requesting to play with Scale values larger than 1 may catch up with front end of the media. The server will be unable to continue provide content at Scale larger than 1 as content only made available by the server at Scale=1. Another case is when Scale < 1 and the media retention is time_duration limited. In this case the playback point can reach the the oldest media unit available, and further playback at this scale becomes impossible as there will be no media available. To avoid having the client loose any media, the scale will need to be adjusted to the same rate which the media is removed from the storage buffer, commonly scale=1.0.

To minimize impact on playback in any of the above cases the server SHALL modify the playback properties and set Scale to a supportable value (commonly 1.0) and continue delivery the media. When doing this modification it MUST send a PLAY_NOTIFY message with the Notify-Reason header set to "Scale-Change". The request SHALL contain a Range header with the media time where the change took effect, a Scale header with the new value in use, Session header with the ID for the session it applies to and a Date header with the server wall clock time of the change. For time progressing content also the Media-Range and the Media-Properties at this point in time SHALL be included.

For media streams being delivered using RTP also a RTP-Info header SHALL be included. It MUST contain the rtptime parameter with a value corresponding to the point of change in that media and optionally the sequence number.

A PLAY_NOTIFY request with Notify-Reason header set to "Scale-Change" MUST NOT carry a message body.

  S->C: PLAY_NOTIFY rtsp://example.com/fizzle/foo RTSP/2.0
        Date: Tue, 14 Apr 2008 15:48:06 GMT
        CSeq: 854
        Notify-Reason: scale-change
        Session: uZ3ci0K+Ld-M
        Media-Properties: Time-Progressing,
              Time-Limited=20080415T153919.36Z, Random-Access=5.0
        Media-Range: npt=0-1:37:21.394
        Range: npt=1:37:21.394-
        Scale: 1
        RTP-Info: url="rtsp://example.com/fizzle/foo/audio"
            ssrc=0D12F123:rtptime=2345962545

  C->S: RTSP/2.0 200 OK
        CSeq: 854
        User-Agent: PhonyClient/1.2

13.6.  PAUSE

The PAUSE request causes the stream delivery to immediately be interrupted (halted). A PAUSE request MUST be done either with the aggregated control URI for aggregated sessions, resulting in all media being halted, or the media URI for non-aggregated sessions. Any attempt to do muting of a single media with an PAUSE request in an aggregated session SHALL be responded with error 460 (Only Aggregate Operation Allowed). After resuming playback, synchronization of the tracks MUST be maintained. Any server resources are kept, though servers MAY close the session and free resources after being paused for the duration specified with the timeout parameter of the Session header in the SETUP message.

Example:

  C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 834
        Session: 12345678

        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 834
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Range: npt=45.76-

The PAUSE request causes stream delivery to be interrupted immediately on receipt of the message and the pause point is set to the current point in the presentation. That pause point in the media stream needs to be maintained. A subsequent PLAY request without Range header SHALL resume from the pause point and play until media end.

The pause point after any PAUSE request SHALL be returned to the client by adding a Range header with what remains unplayed of the PLAY request's ranges, i.e. including all the remaining ranges part of multiple range specification. For media with random access properties If one desires to resume playing a ranged request, one simply includes the Range header from the PAUSE response. Any play-request including symbolic values, such as the NPT timescale's "now" MUST be resolved into the actual stream position where the pause point is. For example a Play request with a range specification of "npt=now-" will need to be responded with an explicit value such as "npt=157.321-". For media that is time-progressing and has retention duration=0 the follow-up PLAY request to start media delivery again, will need to use "npt=now-" and not the answer in the pause-respone.

  C->S: PLAY rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 834
        Session: 12345678
        Range: npt=10-30
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 834
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Server: PhonyServer 1.0
        Range: npt=10-30
        RTP-Info:url="rtsp://example.com/fizzle/audiotrack"
                ssrc=0D12F123:seq=5712;rtptime=934207921,
                url="rtsp://example.com/fizzle/videotrack"
                ssrc=4FAD8726:seq=57654;rtptime=2792482193
        Session: 12345678

After 11 seconds, i.e. at 21 seconds into the presentation:
  C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 835
        Session: 12345678
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 835
        Date: 23 Jan 1997 15:35:09 GMT
        Server: PhonyServer 1.0
        Range: npt=21-30
        Session: 12345678

If a client issues a PAUSE request and the server acknowledges and enters the READY state, the proper server response, if the player issues another PAUSE, is still 200 OK. The 200 OK response MUST include the Range header with the current pause point. See examples below:

  C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 834
        Session: 12345678
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 834
        Session: 12345678
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Range: npt=45.76-98.36

  C->S: PAUSE rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 835
        Session: 12345678
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 835
        Session: 12345678
        Date: 23 Jan 1997 15:35:07 GMT
        Range: npt=45.76-98.36

13.7.  TEARDOWN

The TEARDOWN client to server request stops the stream delivery for the given URI, freeing the resources associated with it. A TEARDOWN request MAY be performed on either an aggregated or a media control URI. However some restrictions apply depending on the current state. The TEARDOWN request SHALL contain a Session header indicating what session the request applies to.

A TEARDOWN using the aggregated control URI or the media URI in a session under non-aggregated control (single media session) MAY be done in any state (Ready, and Play). A successful request SHALL result in that media delivery is immediately halted and the session state is destroyed. This SHALL be indicated through the lack of a Session header in the response.

A TEARDOWN using a media URI in an aggregated session MAY only be done in Ready state. Such a request only removes the indicated media stream and associated resources from the session. This may result in that a session returns to non-aggregated control, due to that it only contains a single media after the requests completion. A session that will exist after the processing of the TEARDOWN request SHALL in the response to that TEARDOWN request contain a Session header. Thus the presence of the Session header indicates to the receiver of the response if the session is still existing or has been removed.

Example:

  C->S: TEARDOWN rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 892
        Session: 12345678
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 892
        Server: PhonyServer 1.0

13.8.  GET_PARAMETER

The GET_PARAMETER request retrieves the value of any specified parameter or parameters for a presentation or stream specified in the URI. If the Session header is present in a request, the value of a parameter MUST be retrieved in the specified session context. There exist two ways of specifying the parameters to retrive. The first is by including headers that has been defined such that you can use them for this purpose. Header for this purpose should allow empty, or stripped value parts to avoid having to specify bogus data when indicating the desire to retrive a value. The succesful completion of the request should also be evident from any filled out values in the response. The Media-Range header (Media-Range) is one such header. The other is to specify a body (entity) that lists the parameter(s) that are desirable to retrieve. The Content-Type header (Content-Type) is used to specify which format the entity has.

The method MAY also be used without a body (entity) or any header that request parameters for keep-alive purpose. Any request that is successful, i.e., a 200 OK response is received, then the keep-alive timer has been updated. Any non-required header present in such a request may or may not been processed. Normaly the presence of filled out values in the header will be indication that the header has been processed. However, for cases when this is difficult to determine, it is recommended to use a feature-tag and the Require header. Due to this reason it is usually easier if any parameters to be retrieved are sent in the body, rather than using any header.

Parameters specified within the body of the message must all be understood by the request receiving agent. If one or more parameters are not understood a 451 (Parameter Not Understood) SHALL be sent including a body listing these parameters that wasn't understood. If all parameters are understood their value is filled in and returned in the response message body.

Example:

  S->C: GET_PARAMETER rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 431
        Content-Type: text/parameters
        Session: 12345678
        Content-Length: 26
        User-Agent: PhonyClient/1.2

        packets_received
        jitter

  C->S: RTSP/2.0 200 OK
        CSeq: 431
        Content-Length: 38
        Content-Type: text/parameters

        packets_received: 10
        jitter: 0.3838

13.9.  SET_PARAMETER

This method requests to set the value of a parameter or a set of parameters for a presentation or stream specified by the URI. The method MAY also be used without a body (entity). It is the RECOMMENDED method to use in request sent for the sole purpose of updating the keep-alive timer. If this request is successful, i.e. a 200 OK response is received, then the keep-alive timer has been updated. Any non-required header present in such a request may or may not been processed. To allow a client to determine if any such header has been processed, it is necessary to use a feature tag and the Require header. Due to this reason it is RECOMMENDED that any parameters are sent in the body, rather than using any header.

A request is RECOMMENDED to only contain a single parameter to allow the client to determine why a particular request failed. If the request contains several parameters, the server MUST only act on the request if all of the parameters can be set successfully. A server MUST allow a parameter to be set repeatedly to the same value, but it MAY disallow changing parameter values. If the receiver of the request does not understand or cannot locate a parameter, error 451 (Parameter Not Understood) SHALL be used. In the case a parameter is not allowed to change, the error code is 458 (Parameter Is Read-Only). The response body SHALL contain only the parameters that have errors. Otherwise no body SHALL be returned.

Note: transport parameters for the media stream MUST only be set with the SETUP command.

Restricting setting transport parameters to SETUP is for the benefit of firewalls.

The parameters are split in a fine-grained fashion so that there can be more meaningful error indications. However, it may make sense to allow the setting of several parameters if an atomic setting is desirable. Imagine device control where the client does not want the camera to pan unless it can also tilt to the right angle at the same time.

Example:

  C->S: SET_PARAMETER rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 421
        User-Agent: PhonyClient/1.2
        Content-length: 20
        Content-type: text/parameters

        barparam: barstuff

  S->C: RTSP/2.0 451 Parameter Not Understood
        CSeq: 421
        Content-length: 10
        Content-type: text/parameters

        barparam: barstuff

13.10.  REDIRECT

The REDIRECT method is issued by a server to inform a client that it required to connect to another server location to access the resource indicated by the Request-URI. The presence of the Session header in a REDIRECT request indicates the scope of the request, and determines the specific semantics of the request.

A REDIRECT request with a Session header has end-to-end (i.e. server to client) scope and applies only to the given session. Any intervening proxies SHOULD NOT disconnect the control channel while there are other remaining end-to-end sessions. The OPTIONAL Location header, if included in such a request, SHALL contain a complete absolute URI pointing to the resource to which the client SHOULD reconnect. Specifically, the Location SHALL NOT contain just the host and port. A client may receive a REDIRECT request with a Session header, if and only if, an end-to-end session has been established.

A client may receive a REDIRECT request without a Session header at any time when it has communication or a connection established with a server. The scope of such a request is limited to the next-hop (i.e. the RTSP agent in direct communication with the server) and applies, as well, to the control connection between the next-hop RTSP agent and the server. A REDIRECT request without a Session header indicates that all sessions and pending requests being managed via the control connection MUST be redirected. The OPTIONAL Location header, if included in such a request, SHOULD contain an absolute URI with only the host address and the OPTIONAL port number of the server to which the RTSP agent SHOULD reconnect. Any intervening proxies SHOULD do all of the following in the order listed:

1. respond to the REDIRECT request
2. disconnect the control channel from the requesting server
3. connect to the server at the given host address
4. pass the REDIRECT request to each applicable client (typically those clients with an active session or an unanswered request)

Note: The proxy is responsible for accepting REDIRECT responses from its clients; these responses MUST NOT be passed on to either the original server or the redirected server.

The lack of a Location header in any REDIRECT request is indicative of the server no longer being able to fulfill the current request and having no alternatives for the client to continue with its normal operation. It is akin to a server initiated TEARDOWN that applies both to sessions as well as the general connection associated with that client.

When the Range header is not included in a REDIRECT request, the client SHOULD perform the redirection immediately and return a response to the server. The server can consider the session as terminated and can free any associated state after it receives the successful (2xx) response. The server MAY close the signalling connection upon receiving the response and the client SHOULD close the signalling connection after sending the 2xx response. The exception to this is when the client has several sessions on the server being managed by the given signalling connection. In this case, the client SHOULD close the connection when it has received and responded to REDIRECT requests for all the sessions managed by the signalling connection.

If the OPTIONAL Range header is included in a REDIRECT request, it indicates when the redirection takes effect. The range value MUST be an open ended single value, e.g. npt=59-, indicating the play out time when redirection SHALL occur. Alternatively, a range with a time= parameter indicates the wall clock time by when the redirection MUST take place. When the time= parameter is present in the range, any range value MUST be ignored even though it MUST be syntactically correct. To allow a client to determine that redirect time without being time synchronized with the server, the server SHALL include a Date header in the request. When the indicated redirect point is reached, a client MUST issue a TEARDOWN request and SHOULD close the signalling connection after receiving a 2xx response. The normal connection considerations apply for the server.

The differentiation of REDIRECT requests with and without range headers is to allow for clear and explicit state handling. As the state in the server needs to be kept until the point of redirection, the handling becomes more clear if the client is required to TEARDOWN the session at the redirect point.

If the REDIRECT request times out following the rules in Section 10.4 (Timing Out Connections and RTSP Messages) the server MAY terminate the session or transport connection that would be redirected by the request. This is a safeguard against misbehaving clients that refuses to respond to a REDIRECT request. That should not provide any benefit.

After a REDIRECT request has been processed, a client that wants to continue to send or receive media for the resource identified by the Request-URI will have to establish a new session with the designated host. If the URI given in the Location header is a valid resource URI, a client SHOULD issue a DESCRIBE request for the URI.

Note: The media resource indicated by the Location header can be identical, slightly different or totally different. This is the reason why a new DESCRIBE request SHOULD be issued.

If the Location header contains only a host address, the client MAY assume that the media on the new server is identical to the media on the old server, i.e. all media configuration information from the old session is still valid except for the host address. However the usage of conditional SETUP using ETag identifiers are RECOMMENDED to verify the assumption.

This example request redirects traffic for this session to the new server at the given absolute time:

  S->C: REDIRECT rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 732
        Location: rtsp://s2.example.com:8001
        Range: npt=0- ;time=19960213T143205Z
        Session: uZ3ci0K+Ld-M

  C->S: RTSP/2.0 200 OK
        CSeq: 732
        User-Agent: PhonyClient/1.2

14.  Embedded (Interleaved) Binary Data

In order to fulfill certain requirements on the network side, e.g. in conjunction with network address translators that block RTP traffic over UDP, it may be necessary to interleave RTSP messages and media stream data. This interleaving should generally be avoided unless necessary since it complicates client and server operation and imposes additional overhead. Also head of line blocking may cause problems. Interleaved binary data SHOULD only be used if RTSP is carried over TCP.

Stream data such as RTP packets is encapsulated by an ASCII dollar sign (24 decimal), followed by a one-byte channel identifier, followed by the length of the encapsulated binary data as a binary, two-byte integer in network byte order. The stream data follows immediately afterwards, without a CRLF, but including the upper-layer protocol headers. Each $ block SHALL contain exactly one upper-layer protocol data unit, e.g., one RTP packet.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | "$" = 24      | Channel ID    | Length in bytes               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   : Length number of bytes of binary data                         :
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The channel identifier is defined in the Transport header with the interleaved parameter (Section 16.51 (Transport)).

When the transport choice is RTP, RTCP messages are also interleaved by the server over the TCP connection. The usage of RTCP messages is indicated by including a range containing a second channel in the interleaved parameter of the Transport header, see Section 16.51 (Transport). If RTCP is used, packets SHALL be sent on the first available channel higher than the RTP channel. The channels are bi-directional and therefore RTCP traffic are sent on the second channel in both directions.

RTCP is sometime needed for synchronization when two or more streams are interleaved in such a fashion. Also, this provides a convenient way to tunnel RTP/RTCP packets through the TCP control connection when required by the network configuration and transfer them onto UDP when possible.

  C->S: SETUP rtsp://example.com/bar.file RTSP/2.0
        CSeq: 2
        Transport: RTP/AVP/TCP;unicast;interleaved=0-1
        Accept-Ranges: NPT, SMPTE, UTC
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 2
        Date: Thu, 05 Jun 1997 18:57:18 GMT
        Transport: RTP/AVP/TCP;unicast;interleaved=5-6
        Session: 12345678
        Accept-Ranges: NPT

  C->S: PLAY rtsp://example.com/bar.file RTSP/2.0
        CSeq: 3
        Session: 12345678
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 3
        Session: 12345678
        Date: Thu, 05 Jun 1997 18:59:15 GMT
        RTP-Info: url="rtsp://example.com/bar.file"
          ssrc=0D12F123:seq=232433;rtptime=972948234
        Range: npt=0-56.8

  S->C: $005{2 byte length}{"length" bytes data, w/RTP header}
  S->C: $005{2 byte length}{"length" bytes data, w/RTP header}
  S->C: $006{2 byte length}{"length" bytes  RTCP packet}

15.  Status Code Definitions

Where applicable, HTTP status [H10] codes are reused. Status codes that have the same meaning are not repeated here. See Table 4 (Status codes and their usage with RTSP methods) for a listing of which status codes may be returned by which requests. All error messages, 4xx and 5xx MAY return a body containing further information about the error.

15.1.  Success 1xx

15.1.1.  100 Continue

See, [H10.1.1].

15.2.  Success 2xx

15.2.1.  200 OK

See, [H10.2.1].

15.3.  Redirection 3xx

The notation "3rr" indicates response codes from 300 to 399 inclusive which are meant for redirection. The response code 304 is excluded from this set, as it is not used for redirection.

See [H10.3] for definition of status code 300 to 305. However comments are given for some to how they apply to RTSP.

Within RTSP, redirection may be used for load balancing or redirecting stream requests to a server topologically closer to the client. Mechanisms to determine topological proximity are beyond the scope of this specification.

A 3rr code MAY be used to respond to any request. It is RECOMMENDED that they are used if necessary before a session is established, i.e. in response to DESCRIBE or SETUP. However in cases where a server is not able to send a REDIRECT request to the client, the server MAY need to resort to using 3rr responses to inform a client with a established session about the need for redirecting the session. If an 3rr response is received for an request in relation to a established session, the client SHOULD send a TEARDOWN request for the session, and MAY reestablish the session using the resource indicated by the Location.

If the the Location header is used in a response it SHALL contain an absolute URI pointing out the media resource the client is redirected to, the URI SHALL NOT only contain the host name.

15.3.1.  300 Multiple Choices

See [H10.3.1].

15.3.2.  301 Moved Permanently

The request resource are moved permanently and resides now at the URI given by the location header. The user client SHOULD redirect automatically to the given URI. This response MUST NOT contain a message-body. The Location header MUST be included in the response.

15.3.3.  302 Found

The requested resource resides temporarily at the URI given by the Location header. The Location header MUST be included in the response. This response is intended to be used for many types of temporary redirects; e.g., load balancing. It is RECOMMENDED that the server set the reason phrase to something more meaningful than "Found" in these cases. The user client SHOULD redirect automatically to the given URI. This response MUST NOT contain a message-body.

This example shows a client being redirected to a different server:

  C->S: SETUP rtsp://example.com/fizzle/foo RTSP/2.0
        CSeq: 2
        Transport: RTP/AVP/TCP;unicast;interleaved=0-1
        Accept-Ranges: NPT, SMPTE, UTC
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 302 Try Other Server
        CSeq: 2
        Location: rtsp://s2.example.com:8001/fizzle/foo

15.3.4.  303 See Other

This status code SHALL NOT be used in RTSP. However, it was allowed to use in RTSP 1.0 (RFC 2326).

15.3.5.  304 Not Modified

If the client has performed a conditional DESCRIBE or SETUP (see Section 16.25 (If-Modified-Since)) and the requested resource has not been modified, the server SHOULD send a 304 response. This response MUST NOT contain a message-body.

The response MUST include the following header fields:

• Date
• ETag and/or Content-Location, if the header(s) would have been sent in a 200 response to the same request.
• Expires, Cache-Control, and/or Vary, if the field-value might differ from that sent in any previous response for the same variant.

This response is independent for the DESCRIBE and SETUP requests. That is, a 304 response to DESCRIBE does NOT imply that the resource content is unchanged (only the session description) and a 304 response to SETUP does NOT imply that the resource description is unchanged. The ETag and If-Match headers may be used to link the DESCRIBE and SETUP in this manner.

15.3.6.  305 Use Proxy

See [H10.3.6].

15.4.  Client Error 4xx

15.4.1.  400 Bad Request

The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications [H10.4.1]. If the request does not have a CSeq header, the server MUST NOT include a CSeq in the response.

15.4.2.  405 Method Not Allowed

The method specified in the request is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. This status code is also to be used if a request attempts to use a method not indicated during SETUP.

15.4.3.  451 Parameter Not Understood

The recipient of the request does not support one or more parameters contained in the request. When returning this error message the sender SHOULD return a entity body containing the offending parameter(s).

15.4.4.  452 reserved

This error code was removed from RFC 2326 [RFC2326] (Schulzrinne, H., Rao, A., and R. Lanphier, “Real Time Streaming Protocol (RTSP),” April 1998.) and is obsolete.

15.4.5.  453 Not Enough Bandwidth

The request was refused because there was insufficient bandwidth. This may, for example, be the result of a resource reservation failure.

15.4.6.  454 Session Not Found

The RTSP session identifier in the Session header is missing, invalid, or has timed out.

15.4.7.  455 Method Not Valid in This State

The client or server cannot process this request in its current state. The response SHALL contain an Allow header to make error recovery possible.

15.4.8.  456 Header Field Not Valid for Resource

The server could not act on a required request header. For example, if PLAY contains the Range header field but the stream does not allow seeking. This error message may also be used for specifying when the time format in Range is impossible for the resource. In that case the Accept-Ranges header SHALL be returned to inform the client of which format(s) that are allowed.

15.4.9.  457 Invalid Range

The Range value given is out of bounds, e.g., beyond the end of the presentation.

15.4.10.  458 Parameter Is Read-Only

The parameter to be set by SET_PARAMETER can be read but not modified. When returning this error message the sender SHOULD return a entity body containing the offending parameter(s).

15.4.11.  459 Aggregate Operation Not Allowed

The requested method may not be applied on the URI in question since it is an aggregate (presentation) URI. The method may be applied on a media URI.

15.4.12.  460 Only Aggregate Operation Allowed

The requested method may not be applied on the URI in question since it is not an aggregate control (presentation) URI. The method may be applied on the aggregate control URI.

15.4.13.  461 Unsupported Transport

The Transport field did not contain a supported transport specification.

15.4.14.  462 Destination Unreachable

The data transmission channel could not be established because the client address could not be reached. This error will most likely be the result of a client attempt to place an invalid dest_addr parameter in the Transport field.

15.4.15.  463 Destination Prohibited

The data transmission channel was not established because the server prohibited access to the client address. This error is most likely the result of a client attempt to redirect media traffic to another destination with a dest_addr parameter in the Transport header.

15.4.16.  464 Data Transport Not Ready Yet

The data transmission channel to the media destination is not yet ready for carrying data. However the responding entity still expects that the data transmission channel will be established at this point in time. Note however that this may result in a permanent failure like 462 "Destination Unreachable".

An example when this error may occur is in the case a client sends a PLAY request to a server prior to ensuring that the TCP connections negotiated for carrying media data was successful established (In violation of this specification). The server would use this error code to indicate that the requested action could not be performed due to the failure of completing the connection establishment.

15.4.17.  465 Notification Reason Unknown

The client has received a PLAY_NOTIFY (PLAY_NOTIFY) with a Notify-Reason header (Notify-Reason) indicates a reson that are unknown to the client.

15.4.18.  470 Connection Authorization Required

The secured connection attempt need user or client authorization before proceeding. The next hops certificate is included in this response in the Accept-Credentials header.

15.4.19.  471 Connection Credentials not accepted

When performing a secure connection over multiple connections, a intermediary has refused to connect to the next hop and carry out the request due to unacceptable credentials for the used policy.

15.4.20.  472 Failure to establish secure connection

A proxy fails to establish a secure connection to the next hop RTSP agent. This is primarily caused by a fatal failure at the TLS handshake, for example due to server not accepting any cipher suits.

15.5.  Server Error 5xx

15.5.1.  551 Option not supported

A feature-tag given in the Require or the Proxy-Require fields was not supported. The Unsupported header SHALL be returned stating the feature for which there is no support.

16.  Header Field Definitions

The general syntax for header fields is covered in Section 5.2 (Message Headers). This section lists the full set of header fields along with notes on meaning, and usage. The syntax definition for header fields are present in Section 20.2.3 (Header Syntax). Throughout this section, we use [HX.Y] to refer to Section X.Y of the current HTTP/1.1 specification RFC 2616 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.). Examples of each header field are given.

Information about header fields in relation to methods and proxy processing is summarized in Table 9 (Overview of RTSP header fields (A-L) related to methods DESCRIBE, OPTIONS, SETUP, PLAY, PAUSE, and TEARDOWN.), Table 10 (Overview of RTSP header fields (P-W) related to methods DESCRIBE, OPTIONS, SETUP, PLAY, PAUSE, and TEARDOWN.), Table 11 (Overview of RTSP header fields (A-P) related to methods GETPARAMETER, SETPARAMETER, PLAY_NOTIFY, and REDIRECT.), and Table 12 (Overview of RTSP header fields (R-W) related to methods GETPARAMETER, SETPARAMETER, PLAY_NOTIFY, and REDIRECT.).

The "where" column describes the request and response types in which the header field can be used. Values in this column are:

R:

header field may only appear in requests;

r:

header field may only appear in responses;

2xx, 4xx, etc.:

A numerical value or range indicates response codes with which the header field can be used;

c:

header field is copied from the request to the response.

An empty entry in the "where" column indicates that the header field may be present in both requests and responses.

The "proxy" column describes the operations a proxy may perform on a header field. An empty proxy column indicates that the proxy SHALL NOT do any changes to that header, all allowed operations are explicitly stated:

a:

A proxy can add or concatenate the header field if not present.

m:

A proxy can modify an existing header field value.

d:

A proxy can delete a header field value.

r:

A proxy needs to be able to read the header field, and thus this header field cannot be encrypted.

The rest of the columns relate to the presence of a header field in a method. The method names when abbreviated, are according to Table 8 (Overview of RTSP methods, their direction, and what objects (P: presentation, S: stream) they operate on. Body notes if a method is allowed to carry body and in which direction, R = Request, r=response. Note: It is allowed for all error messages 4xx and 5xx to have a body):

c:

Conditional; requirements on the header field depend on the context of the message.

m:

The header field is mandatory.

m*:

The header field SHOULD be sent, but clients/servers need to be prepared to receive messages without that header field.

o:

The header field is optional.

*:

The header field is SHALL be present if the message body is not empty. See Section 16.16 (Content-Length), Section 16.18 (Content-Type) and Section 5.3 (Message Body) for details.

-:

The header field is not applicable.

"Optional" means that a Client/Server MAY include the header field in a request or response. The Client/Server behavior when receiving such headers varies, for some it may ignore the header field, in other case it is request to process the header. This is regulated by the method and header descriptions. Example of such headers that require processing are the Require and Proxy-Require header fields discussed in Section 16.42 (Require) and Section 16.35 (Proxy-Require). A "mandatory" header field MUST be present in a request, and MUST be understood by the Client/Server receiving the request. A mandatory response header field MUST be present in the response, and the header field MUST be understood by the Client/Server processing the response. "Not applicable" means that the header field MUST NOT be present in a request. If one is placed in a request by mistake, it MUST be ignored by the Client/Server receiving the request. Similarly, a header field labeled "not applicable" for a response means that the Client/Server MUST NOT place the header field in the response, and the Client/Server MUST ignore the header field in the response.

An RTSP agent SHALL ignore extension headers that are not understood.

The From and Location header fields contain an URI. If the URI contains a comma, or semicolon, the URI MUST be enclosed in double quotas ("). Any URI parameters are contained within these quotas. If the URI is not enclosed in double quotas, any semicolon- delimited parameters are header-parameters, not URI parameters.

16.1.  Accept

The Accept request-header field can be used to specify certain presentation description content types which are acceptable for the response.

See [H14.1] for syntax.

Example of use:

  Accept: application/example q=1.0, application/sdp

16.2.  Accept-Credentials

The Accept-Credentials header is a request header used to indicate to any trusted intermediary how to handle further secured connections to proxies or servers. See Section 19 (Security Framework) for the usage of this header. It SHALL NOT be included in server to client requests.

In a request the header SHALL contain the method (User, Proxy, or Any) for approving credentials selected by the requestor. The method SHALL NOT be changed by any proxy, unless it is "proxy" when a proxy MAY change it to "user" to take the role of user approving each further hop. If the method is "User" the header contains zero or more of credentials that the client accepts. The header may contain zero credentials in the first RTSP request to a RTSP server when using the "User" method. This as the client has not yet received any credentials to accept. Each credential SHALL consist of one URI identifying the proxy or server, the hash algorithm identifier, and the hash over that entity's DER encoded certificate [RFC3280] (Housley, R., Polk, W., Ford, W., and D. Solo, “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,” April 2002.) in Base64 (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.) [RFC4648]. All RTSP clients and proxies SHALL implement the SHA-256[FIPS‑pub‑180‑2] (National Institute of Standards and Technology (NIST), “Federal Information Processing Standards Publications (FIPS PUBS) 180-2: Secure Hash Standard,” Augusti 2002.) algorithm for computation of the hash of the DER encoded certificate. The SHA-256 algorithm is identified by the token "sha-256".

The intention with allowing for other hash algorithms is to enable the future retirement of algorithms that are not implemented somewhere else than here. Thus the definition of future algorithms for this purpose is intended to be extremely limited. A feature tag can be used to ensure that support for the replacement algorithm exist.

Example:

  Accept-Credentials:User
    "rtsps://proxy2.example.com/";sha-256;exaIl9VMbQMOFGClx5rXnPJKVNI=,
    "rtsps://server.example.com/";sha-256;lurbjj5khhB0NhIuOXtt4bBRH1M=

16.3.  Accept-Encoding

See [H14.3].

16.4.  Accept-Language

See [H14.4]. Note that the language specified applies to the presentation description and any reason phrases, not the media content.

16.5.  Accept-Ranges

The Accept-Ranges request and response-header field allows indication of the format supported in the Range header. The client SHALL include the header in SETUP requests to indicate which formats it support to receive in PLAY and PAUSE responses, and REDIRECT requests. The server SHALL include the header in SETUP and 456 error responses to indicate the formats supported for the resource indicated by the request URI.

   Accept-Ranges: NPT, SMPTE

This header has the same syntax as [H14.5] and the syntax is defined in Section 20.2.3 (Header Syntax). However, new range-units are defined.

16.6.  Allow

The Allow entity-header field lists the methods supported by the resource identified by the Request-URI. The purpose of this field is to strictly inform the recipient of valid methods associated with the resource. An Allow header field MUST be present in a 405 (Method Not Allowed) response. See [H14.7] for syntax definition. The Allow header MUST also be present in all OPTIONS responses where the content of the header will not include exactly the same methods as listed in the Public header.

The Allow SHALL also be included in SETUP and DESCRIBE responses, if the methods allowed for the resource is different than the minimal implementation set.

Example of use:

   Allow: SETUP, PLAY, SET_PARAMETER, DESCRIBE

16.7.  Authorization

See [H14.8].

16.8.  Bandwidth

The Bandwidth request-header field describes the estimated bandwidth available to the client, expressed as a positive integer and measured in bits per second. The bandwidth available to the client may change during an RTSP session, e.g., due to mobility, congestion, etc.

Example:

  Bandwidth: 62360

16.9.  Blocksize

The Blocksize request-header field is sent from the client to the media server asking the server for a particular media packet size. This packet size does not include lower-layer headers such as IP, UDP, or RTP. The server is free to use a blocksize which is lower than the one requested. The server MAY truncate this packet size to the closest multiple of the minimum, media-specific block size, or override it with the media-specific size if necessary. The block size MUST be a positive decimal number, measured in octets. The server only returns an error (4xx) if the value is syntactically invalid.

16.10.  Cache-Control

The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain.

Cache directives MUST be passed through by a proxy or gateway application, regardless of their significance to that application, since the directives may be applicable to all recipients along the request/response chain. It is not possible to specify a cache-directive for a specific cache.

Cache-Control should only be specified in a SETUP request and its response. Note: Cache-Control does not govern the caching of responses as for HTTP, instead it applies to the media stream identified by the SETUP request. The RTSP requests are generally not cacheable, for further information see Section 18 (Caching). Below is the description of the cache directives that can be included in the Cache-Control header.

no-cache:

Indicates that the media stream MUST NOT be cached anywhere. This allows an origin server to prevent caching even by caches that have been configured to return stale responses to client requests. Note, there is no security function enforcing that the content can't be cached.

public:

Indicates that the media stream is cacheable by any cache.

private:

Indicates that the media stream is intended for a single user and MUST NOT be cached by a shared cache. A private (non-shared) cache may cache the media streams.

no-transform:

An intermediate cache (proxy) may find it useful to convert the media type of a certain stream. A proxy might, for example, convert between video formats to save cache space or to reduce the amount of traffic on a slow link. Serious operational problems may occur, however, when these transformations have been applied to streams intended for certain kinds of applications. For example, applications for medical imaging, scientific data analysis and those using end-to-end authentication all depend on receiving a stream that is bit-for-bit identical to the original media stream. Therefore, if a response includes the no-transform directive, an intermediate cache or proxy MUST NOT change the encoding of the stream. Unlike HTTP, RTSP does not provide for partial transformation at this point, e.g., allowing translation into a different language.

only-if-cached:

In some cases, such as times of extremely poor network connectivity, a client may want a cache to return only those media streams that it currently has stored, and not to receive these from the origin server. To do this, the client may include the only-if-cached directive in a request. If it receives this directive, a cache SHOULD either respond using a cached media stream that is consistent with the other constraints of the request, or respond with a 504 (Gateway Timeout) status. However, if a group of caches is being operated as a unified system with good internal connectivity, such a request MAY be forwarded within that group of caches.

max-stale:

Indicates that the client is willing to accept a media stream that has exceeded its expiration time. If max-stale is assigned a value, then the client is willing to accept a response that has exceeded its expiration time by no more than the specified number of seconds. If no value is assigned to max-stale, then the client is willing to accept a stale response of any age.

min-fresh:

Indicates that the client is willing to accept a media stream whose freshness lifetime is no less than its current age plus the specified time in seconds. That is, the client wants a response that will still be fresh for at least the specified number of seconds.

must-revalidate:

When the must-revalidate directive is present in a SETUP response received by a cache, that cache MUST NOT use the entry after it becomes stale to respond to a subsequent request without first revalidating it with the origin server. That is, the cache is required to do an end-to-end revalidation every time, if, based solely on the origin server's Expires, the cached response is stale.)

proxy-revalidate:

The proxy-revalidate directive has the same meaning as the must-revalidate directive, except that it does not apply to non-shared user agent caches. It can be used on a response to an authenticated request to permit the user's cache to store and later return the response without needing to revalidate it (since it has already been authenticated once by that user), while still requiring proxies that service many users to revalidate each time (in order to make sure that each user has been authenticated). Note that such authenticated responses also need the public cache control directive in order to allow them to be cached at all.

max-age:

When an intermediate cache is forced, by means of a max-age=0 directive, to revalidate its own cache entry, and the client has supplied its own validator in the request, the supplied validator might differ from the validator currently stored with the cache entry. In this case, the cache MAY use either validator in making its own request without affecting semantic transparency.

However, the choice of validator might affect performance. The best approach is for the intermediate cache to use its own validator when making its request. If the server replies with 304 (Not Modified), then the cache can return its now validated copy to the client with a 200 (OK) response. If the server replies with a new entity and cache validator, however, the intermediate cache can compare the returned validator with the one provided in the client's request, using the strong comparison function. If the client's validator is equal to the origin server's, then the intermediate cache simply returns 304 (Not Modified). Otherwise, it returns the new entity with a 200 (OK) response.

16.11.  Connection

See [H14.10]. The use of the connection option "close" in RTSP messages SHOULD be limited to error messages when the server is unable to recover and therefore see it necessary to close the connection. The reason is that the client has the choice of continuing using a connection indefinitely, as long as it sends valid messages.

16.12.  Connection-Credentials

The Connection-Credentials response header is used to carry the chain of credentials of any next hop that need to be approved by the requestor. It SHALL only be used in server to client responses.

The Connection-Credentials header in an RTSP response SHALL, if included, contain the credential information (in form of a list of certificates providing the chain of certification) of the next hop that an intermediary needs to securely connect to. The header MUST include the URI of the next hop (proxy or server) and a base64 [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.) encoded binary structure containg a sequence of DER encoded X.509v3 certificates[RFC3280] (Housley, R., Polk, W., Ford, W., and D. Solo, “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,” April 2002.) .

The binary structure starts with the number of certificates (NR_CERTS) included as a 16 bit unsigned integer. This is followed by NR_CERTS number of 16 bit unsigned integers providing the size in octets of each DER encoded certificate. This is followed by NR_CERTS number of DER encoded X.509v3 certificates in a sequence (chain). The proxy or server's certificate must come first in the structure. Each following certificate must directly certify the one preceding it. Because certificate validation requires that root keys be distributed independently, the self-signed certificate which specifies the root certificate authority may optionally be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case.

Example:

Connection-Credentials:"rtsps://proxy2.example.com/";MIIDNTCC...

Where MIIDNTCC... is a BASE64 encoding of the following structure:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |  Number of certifcates        | Size of certificate #1        |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Size of certificate #2        | Size of certificate #3        |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    : DER Encoding of Certificate #1                                :
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    : DER Encoding of Certificate #2                                :
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    : DER Encoding of Certificate #3                                :
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

16.13.  Content-Base

The Content-Base entity-header field may be used to specify the base URI for resolving relative URIs within the entity.

Content-Base: rtsp://media.example.com/movie/twister

If no Content-Base field is present, the base URI of an entity is defined either by its Content-Location (if that Content-Location URI is an absolute URI) or the URI used to initiate the request, in that order of precedence. Note, however, that the base URI of the contents within the entity-body may be redefined within that entity-body.

16.14.  Content-Encoding

See [H14.11].

16.15.  Content-Language

See [H14.12].

16.16.  Content-Length

The Content-Length general-header field contains the length of the body (entity) of the message (i.e. after the double CRLF following the last header). Unlike HTTP, it MUST be included in all messages that carry body beyond the header portion of the message. If it is missing, a default value of zero is assumed. It is interpreted according to [H14.13].

16.17.  Content-Location

See [H14.14].

16.18.  Content-Type

See [H14.17]. Note that the content types suitable for RTSP are likely to be restricted in practice to presentation descriptions and parameter-value types.

16.19.  CSeq

The CSeq general-header field specifies the sequence number for an RTSP request-response pair. This field MUST be present in all requests and responses. For every RTSP request containing the given sequence number, the corresponding response will have the same number. Any retransmitted request MUST contain the same sequence number as the original (i.e. the sequence number is not incremented for retransmissions of the same request). For each new RTSP request the CSeq value SHALL be incremented by one. The initial sequence number MAY be any number, however it is RECOMMENDED to start at 0. Each sequence number series is unique between each requester and responder, i.e. the client has one series for its request to a server and the server has another when sending request to the client. Each requester and responder is identified with its network address.

Proxies that aggregate several sessions on the same transport will regularly need to renumber the CSeq header field in requests and responses to fulfill the rules for the header.

Example:

CSeq: 239

16.20.  Date

See [H14.18]. An RTSP message containing a body MUST include a Date header if the sending host has a clock. Servers SHOULD include a Date header in all other RTSP messages.

16.21.  ETag

The ETag response header MAY be included in DESCRIBE or SETUP responses. The entity tags (Section 4.8 (Entity Tags)) returned in a DESCRIBE response, and the one in SETUP refers to the presentation, i.e. both the returned session description and the media stream. This allows for verification that one has the right session description to a media resource at the time of the SETUP request. However it has the disadvantage that a change in any of the parts results in invalidation of all the parts.

If the ETag is provided both inside the entity, e.g. within the "a=etag" attribute in SDP, and in the response message, then both tags SHALL be identical. It is RECOMMENDED that the ETag is primarily given in the RTSP response message, to ensure that caches can use the ETag without requiring content inspection. However for session descriptions that are distributed outside of RTSP, for example using HTTP, etc. it will be necessary to include the entity tag in the session description as specified in Appendix D.1.9 (Entity Tag).

SETUP and DESCRIBE requests can be made conditional upon the ETag using the headers If-Match (Section 16.24 (If-Match)) and If-None-Match ( Section 16.26 (If-None-Match)).

16.22.  Expires

The Expires entity-header field gives a date and time after which the description or media-stream should be considered stale. The interpretation depends on the method:

DESCRIBE response:

The Expires header indicates a date and time after which the presentation description (body) SHOULD be considered stale.

SETUP response:

The Expires header indicate a date and time after which the media stream SHOULD be considered stale.

A stale cache entry may not normally be returned by a cache (either a proxy cache or an user agent cache) unless it is first validated with the origin server (or with an intermediate cache that has a fresh copy of the entity). See Section 18 (Caching) for further discussion of the expiration model.

The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after that time.

The format is an absolute date and time as defined by HTTP-date in [H3.3]; it MUST be in RFC1123-date format:

An example of its use is

  Expires: Thu, 01 Dec 1994 16:00:00 GMT

RTSP/2.0 clients and caches MUST treat other invalid date formats, especially including the value "0", as having occurred in the past (i.e., already expired).

To mark a response as "already expired," an origin server should use an Expires date that is equal to the Date header value. To mark a response as "never expires," an origin server SHOULD use an Expires date approximately one year from the time the response is sent. RTSP/2.0 servers SHOULD NOT send Expires dates more than one year in the future.

The presence of an Expires header field with a date value of some time in the future on a media stream that otherwise would by default be non-cacheable indicates that the media stream is cacheable, unless indicated otherwise by a Cache-Control header field (Section 16.10 (Cache-Control)).

16.23.  From

See [H14.22].

16.24.  If-Match

See [H14.24].

The If-Match request-header field is especially useful for ensuring the integrity of the presentation description, in both the case where it is fetched via means external to RTSP (such as HTTP), or in the case where the server implementation is guaranteeing the integrity of the description between the time of the DESCRIBE message and the SETUP message. By including the ETag given in or with the session description in a SETUP request, the client ensures that resources set up are matching the description. A SETUP request for which the ETag validation check fails, SHALL responde using 412 (Precondition Failed).

This validation check is also very useful if a session has been redirected from one server to another.

16.25.  If-Modified-Since

The If-Modified-Since request-header field is used with the DESCRIBE and SETUP methods to make them conditional. If the requested variant has not been modified since the time specified in this field, a description will not be returned from the server (DESCRIBE) or a stream will not be set up (SETUP). Instead, a 304 (Not Modified) response SHALL be returned without any message-body.

An example of the field is:

  If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT

16.26.  If-None-Match

See [H14.26].

This request header can be used with one or several entity tags to make DESCRIBE requests conditional. A new session description is retrieved only if another entity than the ones already available would be included. If the entity available for delivery is matching the one the client already has, then a 304 (Not Modified) response is given.

16.27.  Last-Modified

The Last-Modified entity-header field indicates the date and time at which the origin server believes the presentation description or media stream was last modified. See [H14.29]. For the methods DESCRIBE, the header field indicates the last modification date and time of the description, for SETUP that of the media stream.

16.28.  Location

See [H14.30].

16.29.  Media-Properties

This general header is used in SETUP response or PLAY_NOTIFY requests to indicate the media's properties that currently are applicable. PLAY_NOTIFY MAY be used to modify these properties at any point. However, the client MUST have received the update prior to any action related to the new media properties take affect.

The header contains a list of property values that are applicable to the currently setup media or aggregate of media as indicated by the RTSP URI in the request. No ordering are enforced within the header. Property values should be grouped into a single group that handles a particular orthogonal property. Values or groups that express multiple properties SHOULD NOT be used. The list of properties that can be expressed MAY be extended at any time. Unknown property values SHALL be ignored.

This specification defines the following 3 groups and their property values:

Random Access:

Random-Access:

Indicates that random access is possible. May optionally include a floating point value in seconds indicating the longest duration between any two random access points in the media.

Begining-Only:

Seeking is limited to the begining only.

No-Seeking:

No seeking is possible.

Content Modifications

Unmutable:

The content will not be changed during the life-time of the RTSP session.

Dynamic:

The content may be changed based on external methods or triggers

Time-Progressing

The media accesible progress as wall clock time progresses.

Retention

Unlimited:

Content will be retained for the duration of the life-time of the RTSP session.

Time-Limited:

Content will be retained at least until the specified wall clock time. The time must be provided in the absolute time format specified in Section Section 4.6 (Absolute Time).

Time-Duration

Each individual media unit is retained for at least the specified time duration. This definition allows for retaining data with a time based sliding window. The time duration is expressed as floating point number in seconds. 0.0 is a valid value as this indicates that no data is retained in a time-progressing session.

An Example of this header for first an on-demand content and then a live stream without recording.

On-demand:
Media-Properties: Random-Acess=2.5s, Unlimited, Unmutable

Live stream without recording/timeshifting:
Media-Properties: No-Seeking, Time-Progressing, Time-Duration=0.0

16.30.  Media-Range

The Media-Range general header is used to give the range of the media at the time of sending the RTSP message. This header SHALL be included in SETUP response, and PLAY and PAUSE response for media that are Time-Progressing, and PLAY and PAUSE response after any change for media that are Dynamic, and in PLAY_NOTIFY request that are sent due to Media-Property-Update. Media-Range header without any range specifications MAY be included in GET_PARAMETER requests to the server to request the current value. The server SHALL in this case include the curent value at the time of sending the response.

The header SHALL include range specification for all time formats supported for the media, as indicated in Accept-Ranges header (Accept-Ranges) when setting up the media. The server MAY include more than one range specification of any given time format to indicate media that has non-continous range.

For media that has the Time-Progressing property, the Media-Range values will only be valid for the particular point in time when it was issued. As wall clock progresses so will also the media range. However it shall be assumed that media time progress in direct relationship to wall clock time (with the exception of clock skew) so that a reasoanbly accurate estiamation of the media range can be calculated.

16.31.  Notify-Reason

The Notify Reason header is solely used in the PLAY_NOTIFY method. It indiciates the reason why the server has sent the asynchronous PLAY-NOTIFY request (see Section 13.5 (PLAY_NOTIFY)).

16.32.  Pipelined-Requests

The Pipelined-Requests general header is used to indicate that a request is to be executed in the context created by previous requests. The primary usage of this header is to allow pipelining of SETUP requests so that any additional SETUP request after the first one doesn't need to wait for the session ID to be sent back to the requesting entity. The header contains a unique identifier that is scoped by the persistent connection used to send the requests.

Upon receiving a request with the Pipelined-Requests the responding entity SHALL look up if there exist a binding between this Pipelined-Requests identifier for the current persistent connection and an RTSP session ID. If that exist then the received request is processed the same way as if it did contain the Session header with the looked up session ID. If there doesn't exist a mapping and no Session header is included in the request, the responding entity SHALL create a binding upon the succesful completion of a session creating request, i.e. SETUP. If the request failed to create an RTSP session no binding SHALL be created. In case the request contains both a Session header and the Pipelined-Requests header the Pipelined-Requests SHALL be ignored.

Note: Based on the above definition at least the first request containing a new unique Pipelined-Requests will be required to be a SETUP request (unless the protocol is extended with new methods of creating a session). After that first one, additional SETUP requests or request of any type using the RTSP session context may include the Pipelined-Requests header.

For all responses to request that contained the Pipelined-Requests, the Session header and the Pipelined-Requests SHALL both be included, assuming that it is allowed for that response and that the binding between the header values exist. Pipelined-Requests SHOULD NOT be used in requests after that the client has received the RTSP Session ID. This as using the real session ID allows the request to be used also in cases the persistent connection has been terminated and a new connection is needed.

It is the sender of the request that is responsible for using a previously unused identifier within this transport connection scope when a new RTSP session is to be cretated with this method. A server side binding SHALL be deleted upon the termination of the related RTSP session. Note: Although this definition would allow for reusing previously used pipelining identifiers, this is NOT RECOMMENDED to allow for better error handling and logging.

RTSP Proxies may need to translate Pipelined-Requests identifier values from incoming request to outgoing to allow for aggregation of requests onto a persistent connection.

16.33.  Proxy-Authenticate

See [H14.33].

16.34.  Proxy-Authorization

See [H14.34].

16.35.  Proxy-Require

The Proxy-Require request-header field is used to indicate proxy-sensitive features that MUST be supported by the proxy. Any Proxy-Require header features that are not supported by the proxy MUST be negatively acknowledged by the proxy to the client using the Unsupported header. The proxy SHALL use the 551 (Option Not Supported) status code in the response. Any feature-tag included in the Proxy-Require does not apply to the end-point (server or client). To ensure that a feature is supported by both proxies and servers the tag needs to be included in also a Require header.

See Section 16.42 (Require) for more details on the mechanics of this message and a usage example.

Example of use:

   Proxy-Require: play.basic

16.36.  Proxy-Supported

The Proxy-Supported header field enumerates all the extensions supported by the proxy using feature-tags. The header carries the intersection of extensions supported by the forwarding proxies. The Proxy-Supported header MAY be included in any request by a proxy. It SHALL be added by any proxy if the Supported header is present in a request. When present in a request, the receiver MUST in the response copy the received Proxy-Supported header.

The Proxy-Supported header field contains a list of feature-tags applicable to proxies, as described in Section 4.7 (Feature-tags). The list are the intersection of all feature-tags understood by the proxies. To achieve an intersection, the proxy adding the Proxy-Supported header includes all proxy feature-tags it understands. Any proxy receiving a request with the header, checks the list and removes any feature-tag it do not support. A Proxy-Supported header present in the response SHALL NOT be touched by the proxies.

Example:

  C->P1: OPTIONS rtsp://example.com/ RTSP/2.0
         Supported: foo, bar, blech
		 User-Agent: PhonyClient/1.2

 P1->P2: OPTIONS rtsp://example.com/ RTSP/2.0
         Supported: foo, bar, blech
         Proxy-Supported: proxy-foo, proxy-bar, proxy-blech
         Via: 2.0 prox1.example.com

 P2->S:  OPTIONS rtsp://example.com/ RTSP/2.0
         Supported: foo, bar, blech
         Proxy-Supported: proxy-foo, proxy-blech
         Via: 2.0 prox1.example.com, 2.0 prox2.example.com

  S->C:  RTSP/2.0 200 OK
         Supported: foo, bar, baz
         Proxy-Supported: proxy-foo, proxy-blech
         Public: OPTIONS, SETUP, PLAY, PAUSE, TEARDOWN
         Via: 2.0 prox1.example.com, 2.0 prox2.example.com

16.37.  Public

The Public response header field lists the set of methods supported by the response sender. This header applies to the general capabilities of the sender and its only purpose is to indicate the sender's capabilities to the recipient. The methods listed may or may not be applicable to the Request-URI; the Allow header field (section 14.7) MAY be used to indicate methods allowed for a particular URI.

Example of use:

   Public: OPTIONS, SETUP, PLAY, PAUSE, TEARDOWN

In the event that there are proxies between the sender and the recipient of a response, each intervening proxy MUST modify the Public header field to remove any methods that are not supported via that proxy. The resulting Public header field will contain an intersection of the sender's methods and the methods allowed through by the intervening proxies.

In general proxies should allow all methods to transparently pass through from the sending RTSP agent to the receiving RTSP agent, but there may be cases where this is not desirable for a given proxy. Modification of the Public response header field by the intervening proxies ensures that the request sender gets an accurate response indicating the methods that can be used on the target agent via the proxy chain.

16.38.  Range

The Range header specifies a time range in PLAY (Section 13.4 (PLAY)), PAUSE (Section 13.6 (PAUSE)), SETUP (Section 13.3 (SETUP)), REDIRECT (Section 13.10 (REDIRECT)), and PLAY_NOTIFY (Section 13.5 (PLAY_NOTIFY)) requests and responses.

The range can be specified in a number of units. This specification defines smpte (Section 4.4 (SMPTE Relative Timestamps)), npt (Section 4.5 (Normal Play Time)), and clock (Section 4.6 (Absolute Time)) range units. While byte ranges [H14.35.1] and other extended units MAY be used, their behavior is unspecified since they are not normally meaningful in RTSP. Servers supporting the Range header MUST understand the NPT range format and SHOULD understand the SMPTE range format. If the Range header is sent in a time format that is not understood, the recipient SHOULD return 456 (Header Field Not Valid for Resource) and include an Accept-Ranges header indicating the supported time formats for the given resource.

The Range header MAY contain a time parameter in UTC, specifying the time at which the operation is to be made effective. This functionality SHALL be used only with the REDIRECT method.

Example:

  Range: clock=19960213T143205Z-;time=19970123T143720Z

The notation is similar to that used for the HTTP/1.1 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) byte-range header. It allows clients to select an excerpt from the media object, and to play from a given point to the end as well as from the current location to a given point.

Ranges are half-open intervals, including the first point, but excluding the second point. In other words, a range of A-B starts exactly at time A, but stops just before B. Only the start time of a media unit such as a video or audio frame is relevant. For example, assume that video frames are generated every 40 ms. A range of 10.0-10.1 would include a video frame starting at 10.0 or later time and would include a video frame starting at 10.08, even though it lasted beyond the interval. A range of 10.0-10.08, on the other hand, would exclude the frame at 10.08.

By default, range intervals increase, where the second point is larger than the first point.

Example:

    Range: npt=10-15

However, range intervals can also decrease if the Scale header (see Section 16.44 (Scale)) indicates a negative scale value. For example, this would be the case when a playback in reverse is desired.

Example:

    Scale: -1
    Range: npt=15-10

Decreasing ranges are still half open intervals as described above. Thus, for range A-B, A is closed and B is open. In the above example, 15 is closed and 10 is open. An exception to this rule is the case when B=0 in a decreasing range. In this case, the range is closed on both ends, as otherwise there would be no way to reach 0 on a reverse playback for formats that have such a notion, like NPT and SMPTE.

Example:

    Scale: -1
    Range: npt=15-0

In this range both 15 and 0 are closed.

A decreasing range interval without a corresponding negative Scale header is not valid.

16.39.  Referer

See [H14.36]. The URI refers to that of the presentation description, typically retrieved via HTTP.

16.40.  Retry-After

See [H14.37].

16.41.  Request-Status

This request header is used to indicate the end result for requests that takes time to complete, such a PLAY (PLAY). It is sent in PLAY_NOTIFY (PLAY_NOTIFY) with the end-of-stream reason to report how the PLAY request concluded, either in success or in failure. The header carries a reference to the request is reports on using the CSeq number for the session indicated by the Session header in the request. It provies both a numerical status code (according to Section 8.1.1 (Status Code and Reason Phrase)) and a human readable reason phrase.

Example:
Request-Status: cseq=63 status=500 reason="Media data unavailable"

16.42.  Require

The Require request-header field is used by clients or servers to ensure that the other end-point supports features that are required in respect to this request. It can also be used to query if the other end-point supports certain features, however the use of the Supported (Section 16.49 (Supported)) is much more effective in this purpose. The server MUST respond to this header by using the Unsupported header to negatively acknowledge those feature-tags which are NOT supported. The response SHALL use the error code 551 (Option Not Supported). This header does not apply to proxies, for the same functionality in respect to proxies see Proxy-Require header (Section 16.35 (Proxy-Require)).

This is to make sure that the client-server interaction will proceed without delay when all features are understood by both sides, and only slow down if features are not understood (as in the example below). For a well-matched client-server pair, the interaction proceeds quickly, saving a round-trip often required by negotiation mechanisms. In addition, it also removes state ambiguity when the client requires features that the server does not understand.

Example (Not complete):

C->S:   SETUP rtsp://server.com/foo/bar/baz.rm RTSP/2.0
        CSeq: 302
        Require: funky-feature
        Funky-Parameter: funkystuff

S->C:   RTSP/2.0 551 Option not supported
        CSeq: 302
        Unsupported: funky-feature

In this example, "funky-feature" is the feature-tag which indicates to the client that the fictional Funky-Parameter field is required. The relationship between "funky-feature" and Funky-Parameter is not communicated via the RTSP exchange, since that relationship is an immutable property of "funky-feature" and thus should not be transmitted with every exchange.

Proxies and other intermediary devices SHALL ignore this header. If a particular extension requires that intermediate devices support it, the extension should be tagged in the Proxy-Require field instead (see Section 16.35 (Proxy-Require)).

16.43.  RTP-Info

The RTP-Info response-header field is used to set RTP-specific parameters in the PLAY response. For streams using RTP as transport protocol the RTP-Info header SHOULD be part of a 200 response to PLAY.

The exclusion of the RTP-Info in a PLAY response for RTP transported media will result in that a client needs to synchronize the media streams using RTCP. This may have negative impact as the RTCP can be lost, and does not need to be particulary timely in their arrival. Also functionality as informing the client from which packet a seek has occurred is affected.

The RTP-Info MAY also be included in SETUP responses to provide synchronization information when changing transport parameters, see Section 13.3 (SETUP).

The header can carry the following parameters:

url:

Indicates the stream URI which for which the following RTP parameters correspond, this URI MUST be the same used in the SETUP request for this media stream. Any relative URI SHALL use the Request-URI as base URI. This parameter SHALL be present.

ssrc:

The Synchronization source (SSRC) that the RTP timestamp and sequence number provide applies to. This parameter SHALL be present.

seq:

Indicates the sequence number of the first packet of the stream that is direct result of the request. This allows clients to gracefully deal with packets when seeking. The client uses this value to differentiate packets that originated before the seek from packets that originated after the seek. Note that a client may not receive the packet with the expressed sequence number, and instead packets with a higher sequence number, due to packet loss or reordering. This parameter is RECOMMENDED to be present.

rtptime:

SHALL indicate the RTP timestamp value corresponding to the start time value in the Range response header, or if not explicitly given the implied start point. The client uses this value to calculate the mapping of RTP time to NPT or other media timescale. This parameter SHOULD be present to ensure inter-media synchronization is achieved. There exist no requirement that any received RTP packet will have the same RTP timestamp value as the one in the parameter used to establish synchronization.

A mapping from RTP timestamps to NTP timestamps (wall clock) is available via RTCP. However, this information is not sufficient to generate a mapping from RTP timestamps to media clock time (NPT, etc.). Furthermore, in order to ensure that this information is available at the necessary time (immediately at startup or after a seek), and that it is delivered reliably, this mapping is placed in the RTSP control channel.

In order to compensate for drift for long, uninterrupted presentations, RTSP clients should additionally map NPT to NTP, using initial RTCP sender reports to do the mapping, and later reports to check drift against the mapping.

Example:

Range:npt=3.25-15
RTP-Info:url="rtsp://example.com/foo/audio" ssrc=0A13C760:seq=45102;
         rtptime=12345678,url="rtsp://example.com/foo/video"
         ssrc=9A9DE123:seq=30211;rtptime=29567112

Lets assume that Audio uses a 16kHz RTP timestamp clock and Video
a 90kHz RTP timestamp clock. Then the media synchronization is
depicted in the following way.

NPT    3.0---3.1---3.2-X-3.3---3.4---3.5---3.6
Audio               PA A
Video                  V    PV

X: NPT time value = 3.25, from Range header.
A: RTP timestamp value for Audio from RTP-Info header (12345678).
V: RTP timestamp value for Video from RTP-Info header (29567112).
PA: RTP audio packet carrying an RTP timestamp of 12344878. Which
    corresponds to NPT = (12344878 - A) / 16000 + 3.25 = 3.2
PV: RTP video packet carrying an RTP timestamp of 29573412. Which
    corresponds to NPT = (29573412 - V) / 90000 + 3.25 = 3.32

16.44.  Scale

A scale value of 1 indicates normal play at the normal forward viewing rate. If not 1, the value corresponds to the rate with respect to normal viewing rate. For example, a ratio of 2 indicates twice the normal viewing rate ("fast forward") and a ratio of 0.5 indicates half the normal viewing rate. In other words, a ratio of 2 has normal play time increase at twice the wallclock rate. For every second of elapsed (wallclock) time, 2 seconds of content will be delivered. A negative value indicates reverse direction. For certain media transports this may require certain considerations to work consistent, see Appendix C.1 (RTP) for description on how RTP handles this.

Unless requested otherwise by the Speed parameter, the data rate SHOULD not be changed. Implementation of scale changes depends on the server and media type. For video, a server may, for example, deliver only key frames or selected key frames. For audio, for example, it may time-scale the audio while preserving pitch or, less desirably, deliver fragments of audio.

The server should try to approximate the viewing rate, but may restrict the range of scale values that it supports. The response MUST contain the actual scale value chosen by the server.

If the server does not implement the possibility to scale, it will not return a Scale header. A server supporting Scale operations for PLAY SHALL indicate this with the use of the "play.scale" feature-tags.

When indicating a negative scale for a reverse playback, the Range header MUST indicate a decreasing range as described in Section 16.38 (Range).

Example of playing in reverse at 3.5 times normal rate:

  Scale: -3.5
  Range: npt=15-10

16.45.  Seek-Style

When a client sends a PLAY request with a Range header to perform a random access to the media, the client does not know if the server will pick the first media samples or the first random access point prior to the request range. Depending on use case, the client may have a strong preference. To express this preference and provide the client with information on how the server actually acted on that preference the Seek-Style header is defined.

Seek-Style is a general header that MAY be included in any PLAY request to indicate the client's preference for any media stream that has random access properties. The server SHALL always include the header in any PLAY response for media with random access properties to indicate what policy was applied. A Server that receives a unknown Seek-Style policy SHALL ignore it and select the server default policy.

This specification defines the following seek policies that may be requested:

RAP:

Random Access Point (RAP) is the behavior of requesting the server to locate the closest previous random access point that exist in the media aggregate and deliver from that. By requesting a RAP media quality will be the best possible as all media will be delivered from a point where full media state can be established in the media decoder.

First-Prior:

The first-prior policy will start delivery with the media unit that has a playout time first prior to the requested time. For discrete media that would only include media units that would still be rendered at the request time. For continous media that is media that will be render during the requested start time of the range.

Next:

The next media units after the provided start time of the range. For continous framed media that would mean the first next frame after the provided time. For discrete media the first unit that is to be rendered after the provided time. The main usage is for this case is when the client knows it has all media up to a certain point and would like to continue delivery so that a complete non-interrupted media playback can be achieved. Example of such scenarios include switching from a broadcast/multicast delivery to a unicast based delivery. This policy SHALL only be used on the client's explicit request.

Please note that these expressed preferences exist for optimizing the startup time or the media quality. The "Next" policy breaks the normal definition of the Range header to enable a client to request media with minimal overlap, although some may still occur for aggregated sessions. RAP and First-Prior both fulfill the requirement of providing media from the requested range and forward. However, unless RAP is used, the media quality for many media codecs using predictive methods can be severly degraded unless additional data is available as, for example, already buffered, or through other side channels.

16.46.  Speed

The Speed request-header field requests the server to deliver data to the client at a particular speed, contingent on the server's ability and desire to serve the media stream at the given speed. Implementation by the server is OPTIONAL. The default is the bit rate of the stream.

The parameter value is expressed as a decimal ratio, e.g., a value of 2.0 indicates that data is to be delivered twice as fast as normal. A speed of zero is invalid. All speeds may not be possible to support. Therefore the actual used speed MUST be included in the response. The lack of a response header is indication of lack of support from the server of this functionality. Support of the speed functionality are indicated by the "play.speed" feature-tag.

Example:

  Speed: 2.5

Use of this field changes the bandwidth used for data delivery. It is meant for use in specific circumstances where preview of the presentation at a higher or lower rate is necessary. Implementors should keep in mind that bandwidth for the session may be negotiated beforehand (by means other than RTSP), and therefore re-negotiation may be necessary. When data is delivered over UDP, it is highly recommended that means such as RTCP be used to track packet loss rates. If the data transport is performed over non-dedicated best-effort networks the sender is required to perform congestion control of the stream(s). This can result in that the communicated speed is impossible to maintain.

16.47.  Server

See [H14.38], however the header syntax is corrected in Section 20.2.3 (Header Syntax).

16.48.  Session

The Session request-header and response-header field identifies an RTSP session. An RTSP session is created by the server as a result of a successful SETUP request and in the response the session identifier is given to the client. The RTSP session exist until destroyed by a TEARDOWN or timed out by the server.

The session identifier is chosen by the server (see Section 4.3 (Session Identifiers)) and MUST be returned in the SETUP response. Once a client receives a session identifier, it SHALL be included in any request related to that session. This means that the Session header MUST be included in a request using the following methods: PLAY, PAUSE, and TEARDOWN, and MAY be included in SETUP, OPTIONS, SET_PARAMETER, GET_PARAMETER, and REDIRECT, and SHALL NOT be included in DESCRIBE. In an RTSP response the session header SHALL be included in methods, SETUP, PLAY, and PAUSE, and MAY be included in methods, TEARDOWN, and REDIRECT, and if included in the request of the following methods it SHALL also be included in the response, OPTIONS, GET_PARAMETER, and SET_PARAMETER, and SHALL NOT be included in DESCRIBE.

Note that a session identifier identifies an RTSP session across transport sessions or connections. RTSP requests for a given session can use different URIs (Presentation and media URIs). Note, that there are restrictions depending on the session which URIs that are acceptable for a given method. However, multiple "user" sessions for the same URI from the same client will require use of different session identifiers.

The session identifier is needed to distinguish several delivery requests for the same URI coming from the same client.

The response 454 (Session Not Found) SHALL be returned if the session identifier is invalid.

16.49.  Supported

The Supported header field enumerates all the extensions supported by the client or server using feature tags. The header carries the extensions supported by the message sending entity. The Supported header MAY be included in any request. When present in a request, the receiver MUST respond with its corresponding Supported header. Note, also in 4xx and 5xx responses is the supported header included.

The Supported header field contains a list of feature-tags, described in Section 4.7 (Feature-tags), that are understood by the client or server.

Example:

  C->S:  OPTIONS rtsp://example.com/ RTSP/2.0
         Supported: foo, bar, blech
         User-Agent: PhonyClient/1.2

  S->C:  RTSP/2.0 200 OK
         Supported: bar, blech, baz

16.50.  Timestamp

The Timestamp general-header field describes when the agent sent the request. The value of the timestamp is of significance only to the agent and may use any timescale. The responding agent MUST echo the exact same value and MAY, if it has accurate information about this, add a floating point number indicating the number of seconds that has elapsed since it has received the request. The timestamp is used by the agent to compute the round-trip time to the responding agent so that it can adjust the timeout value for retransmissions. It also resolves retransmission ambiguities for unreliable transport of RTSP.

16.51.  Transport

The Transport request and response header field indicates which transport protocol is to be used and configures its parameters such as destination address, compression, multicast time-to-live and destination port for a single stream. It sets those values not already determined by a presentation description.

Transports are comma separated, listed in order of preference. Parameters may be added to each transport, separated by a semicolon. The server SHOULD return a Transport response-header field in the response to indicate the values actually chosen. The Transport header field MAY also be used to change certain transport parameters. A server MAY refuse to change parameters of an existing stream.

A Transport request header field MAY contain a list of transport options acceptable to the client, in the form of multiple transport-spec entries. In that case, the server MUST return the single (transport-spec) which was actually chosen. The number of transport-spec entries is expected to be limited as the client will get guidance on what configurations that are possible from the presentation description.

A transport-spec transport option may only contain one of any given parameter within it. Parameters MAY be given in any order. Additionally, it may only contain the unicast or the multicast transport type parameter. Unknown parameters SHALL be ignored. The requester need to ensure that the responder understands the parameters through the use of feature tags and the Require header.

Any parameters part of future extensions requires clarification if they are safe to ignore in accordance to this specification, or are required to be understood. If a parameter is required to be understood, then a feature-tag MUST be defined for the functionality and used in the Require or Proxy-Require headers.

The Transport header field is restricted to describing a single media stream. (RTSP can also control multiple streams as a single entity.) Making it part of RTSP rather than relying on a multitude of session description formats greatly simplifies designs of firewalls.

The general syntax for the transport specifier is a list of slash separated tokens:

Value1/Value2/Value3...

Which for RTP transports take the form:

RTP/profile/lower-transport.

The default value for the "lower-transport" parameters is specific to the profile. For RTP/AVP, the default is UDP.

There are two different methods for how to specify where the media should be delivered:

dest_addr:

The presence of this parameter and its values indicates the destination address or addresses (host address and port pairs for IP flows) necessary for the media transport.

No dest_addr:

The lack of the dest_addr parameter indicates that the server SHALL send media to same address for which the RTSP messages originates. Does not work for transports requiring explicitly given destination ports.

The choice of method for indicating where the media is to be delivered depends on the use case. In many case the only allowed method will be to use no explicit address indication and have the server deliver media to the source of the RTSP messages.

An RTSP proxy will need to take care. If the media is not desired to be routed through the proxy, the proxy will need to introduce the destination indication.

Below are the configuration parameters associated with transport:

General parameters:

unicast / multicast:

This parameter is a mutually exclusive indication of whether unicast or multicast delivery will be attempted. One of the two values MUST be specified. Clients that are capable of handling both unicast and multicast transmission needs to indicate such capability by including two full transport-specs with separate parameters for each.

layers:

The number of multicast layers to be used for this media stream. The layers are sent to consecutive addresses starting at the dest_addr address. If the parameter is not included, it defaults to a single layer.

dest_addr:

A general destination address parameter that can contain one or more address specifications. Each combination of Protocol/Profile/Lower Transport needs to have the format and interpretation of its address specification defined. For RTP/AVP/UDP and RTP/AVP/TCP, the address specification is a tuple containing a host address and port. Note, only a single destination entity per transport spec is intended. The usage of multiple destination to distribute a single media to multiple entities is unspecified.
The client originating the RTSP request MAY specify the destination address of the stream recipient with the host address part of the tuple. When the destination address is specified, the recipient may be a different party than the originator of the request. To avoid becoming the unwitting perpetrator of a remote-controlled denial-of-service attack, a server MUST perform security checks (see Section 21.1 (Remote denial of Service Attack)) and SHOULD log such attempts before allowing the client to direct a media stream to a recipient address not chosen by the server. Implementations cannot rely on TCP as reliable means of client identification. If the server does not allow the host address part of the tuple to be set, it SHALL return 463 (Destination Prohibited).

The host address part of the tuple MAY be empty, for example ":58044", in cases when only destination port is desired to be specified.

src_addr:

A general source address parameter that can contain one or more address specifications. Each combination of Protocol/Profile/Lower Transport needs to have the format and interpretation of its address specification defined. For RTP/AVP/UDP and RTP/AVP/TCP, the address specification is a tuple containing a host address and port.
This parameter MUST be specified by the server if it transmits media packets from another address than the one RTSP messages are sent to. This will allow the client to verify source address and give it a destination address for its RTCP feedback packets if RTP is used. The address or addresses indicated in the src_addr parameter SHOULD be used both for sending and receiving of the media streams data packets. The main reasons are threefold: First, indicating the port and source address(s) lets the receiver know where from the packets is expected to originate. Secondly, traversal of NATs are greatly simplified when traffic is flowing symmetrically over a NAT binding. Thirdly, certain NAT traversal mechanisms, needs to know to which address and port to send so called "binding packets" from the receiver to the sender, thus creating a address binding in the NAT that the sender to receiver packet flow can use.

This information may also be available through SDP. However, since this is more a feature of transport than media initialization, the authoritative source for this information should be in the SETUP response.

mode:

The mode parameter indicates the methods to be supported for this session. Valid values are PLAY and RECORD. If not provided, the default is PLAY. The RECORD value was defined in RFC 2326 and is in this specification unspecified but reserved.

interleaved:

The interleaved parameter implies mixing the media stream with the control stream in whatever protocol is being used by the control stream, using the mechanism defined in Section 14 (Embedded (Interleaved) Binary Data). The argument provides the channel number to be used in the $ statement and MUST be present. This parameter MAY be specified as a range, e.g., interleaved=4-5 in cases where the transport choice for the media stream requires it, e.g. for RTP with RTCP. The channel number given in the request are only a guidance from the client to the server on what channel number(s) to use. The server MAY set any valid channel number in the response. The declared channel(s) are bi-directional, so both end-parties MAY send data on the given channel. One example of such usage is the second channel used for RTCP, where both server and client sends RTCP packets on the same channel.

This allows RTP/RTCP to be handled similarly to the way that it is done with UDP, i.e., one channel for RTP and the other for RTCP.

Multicast-specific:

ttl:

multicast time-to-live. When included in requests the value indicate the TTL value that the client desires to use. In response the value actually being used is returned. A server will need to consider what values that are reasonable and also the authority of the user to set this value.

RTP-specific:

These parameters are MAY only be used if the media transport protocol is RTP.

ssrc:

The ssrc parameter, if included in a SETUP response, indicates the RTP SSRC [RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) value(s) that will be used by the media server for RTP packets within the stream. It is expressed as an eight digit hexadecimal value.
The ssrc parameter SHALL NOT be specified in requests. The functionality of specifying the ssrc parameter in a SETUP request is deprecated as it is incompatible with the specification of RTP in RFC 3550[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.). If the parameter is included in the Transport header of a SETUP request, the server MAY ignore it, and choose appropriate SSRCs for the stream. The server MAY set the ssrc parameter in the Transport header of the response.

The parameters defined below MAY only be used if the media transport protocol if the lower-level transport is connection-oriented (such as TCP). However, these parameters MUST NOT be used when interleaving data over the RTSP control connection.

setup:

Clients use the setup parameter on the Transport line in a SETUP request, to indicate the roles it wishes to play in a TCP connection. This parameter is adapted from [RFC4145] (Yon, D. and G. Camarillo, “TCP-Based Media Transport in the Session Description Protocol (SDP),” September 2005.). We discuss the use of this parameter in RTP/AVP/TCP non-interleaved transport in Appendix C.2.2 (RTP over independent TCP); the discussion below is limited to syntactic issues. Clients may specify the following values for the setup parameter: ["active":] The client will initiate an outgoing connection. ["passive":] The client will accept an incoming connection. ["actpass":] The client is willing to accept an incoming connection or to initiate an outgoing connection.
If a client does not specify a setup value, the "active" value is assumed.

In response to a client SETUP request where the setup parameter is set to "active", a server's 2xx reply MUST assign the setup parameter to "passive" on the Transport header line.

In response to a client SETUP request where the setup parameter is set to "passive", a server's 2xx reply MUST assign the setup parameter to "active" on the Transport header line.

In response to a client SETUP request where the setup parameter is set to "actpass", a server's 2xx reply MUST assign the setup parameter to "active" or "passive" on the Transport header line.

Note that the "holdconn" value for setup is not defined for RTSP use, and MUST NOT appear on a Transport line.

connection:

Clients use the setup parameter on the Transport line in a SETUP request, to indicate the SETUP request prefers the reuse of an existing connection between client and server (in which case the client sets the "connection" parameter to "existing"), or that the client requires the creation of a new connection between client and server (in which cast the client sets the "connection" parameter to "new"). Typically, clients use the "new" value for the first SETUP request for a URL, and "existing" for subsequent SETUP requests for a URL.
If a client SETUP request assigns the "new" value to "connection", the server response MUST also assign the "new" value to "connection" on the Transport line.

If a client SETUP request assigns the "existing" value to "connection", the server response MUST assign a value of "existing" or "new" to "connection" on the Transport line, at its discretion.

The default value of "connection" is "existing", for all SETUP requests (initial and subsequent).

The combination of transport protocol, profile and lower transport needs to be defined. A number of combinations are defined in the Appendix C (Media Transport Alternatives).

Below is a usage example, showing a client advertising the capability to handle multicast or unicast, preferring multicast. Since this is a unicast-only stream, the server responds with the proper transport parameters for unicast.

  C->S: SETUP rtsp://example.com/foo/bar/baz.rm RTSP/2.0
        CSeq: 302
        Transport: RTP/AVP;multicast;mode="PLAY",
            RTP/AVP;unicast;dest_addr="192.0.2.5:3456"/
            "192.0.2.5:3457";mode="PLAY"
        Accept-Ranges: NPT, SMPTE, UTC
        User-Agent: PhonyClient/1.2

  S->C: RTSP/2.0 200 OK
        CSeq: 302
        Date: Thu, 23 Jan 1997 15:35:06 GMT
        Session: 47112344
        Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:3456"/
           "192.0.2.5:3457";src_addr="192.0.2.224:6256"/
           "192.0.2.224:6257";mode="PLAY"
        Accept-Ranges: NPT

16.52.  Unsupported

The Unsupported response-header field lists the features not supported by the server. In the case where the feature was specified via the Proxy-Require field (Section 16.35 (Proxy-Require)), if there is a proxy on the path between the client and the server, the proxy MUST send a response message with a status code of 551 (Option Not Supported). The request SHALL NOT be forwarded.

See Section 16.42 (Require) for a usage example.

16.53.  User-Agent

See [H14.43] for explanation, however the syntax is clarified due to an error in RFC 2616. A Client SHOULD include this header in all RTSP messages it sends.

16.54.  Vary

See [H14.44].

16.55.  Via

See [H14.45].

16.56.  WWW-Authenticate

See [H14.47].

17.  Proxies

RTSP Proxies are RTSP agents that sit in between a client and a server. A proxy can take on both the role as a client and as server depending on what it tries to accomplish. Proxies are also introduced for several different reasons.

Caching Proxy:

This type of proxy is used to reduce the workload on servers and connections. By caching a presentation, both description and media streams the proxy can serve a client content without requesting it from the server once it has been cached and hasn't become stale. See the caching Section 18 (Caching).

Access Proxy:

This type of proxy is used to ensure that a RTSP client get access to servers on an external network. Thus this proxy is placed on the border between two domains, e.g. a private address space and the public internet. The proxy performs the necessary translation, usually addresses, and often also media stream translation or redirection.

Security Proxy:

This type of proxy is used to help facilitate security functions around RTSP. For example when having a firewalled network, the security proxy request that the necessary pinholes in the firewall is opened when a client in the protected network want to access media streams on the external side. It can also provide network owners with a logging and audit point for RTSP sessions, e.g. for corporations that tracks or limits their employees access to certain type of content.

All type of proxies can be used also when using secured communication with TLS as RTSP 2.0 allows the client to approve certificate chains used for connection establishment from a proxy, see Section 19.3.2 (User approved TLS procedure). However that trust model may not be suitable for all type of deployment, and instead secured sessions do by-pass of the proxies.

Access proxies SHOULD NOT be used in equipment like NATs and firewalls that aren't expected to be regularly maintained, like home or small office equipment. In these cases it is better to use the NAT traversal procedures defined for RTSP 2.0 [I‑D.ietf‑mmusic‑rtsp‑nat] (Goldberg, J., Westerlund, M., and T. Zeng, “A Network Address Translator (NAT) Traversal mechanism for media controlled by Real-Time Streaming Protocol (RTSP),” January 2010.). The reason for these recommendations is that any extensions of RTSP resulting in new media transport protocols or profiles, new parameters etc may fail in a proxy that isn't maintained. Thus resulting in blocking further development of RTSP and its usage.

The existence of proxies must always be considered when developing new RTSP extensions. There must be definition of how proxies may handle the extension, if it is required to understand it, thus requiring a feature-tag to be used in the Proxy-Require header.

18.  Caching

In HTTP, response-request pairs are cached. RTSP differs significantly in that respect. Responses are not cacheable, with the exception of the presentation description returned by DESCRIBE. (Since the responses for anything but DESCRIBE and GET_PARAMETER do not return any data, caching is not really an issue for these requests.) However, it is desirable for the continuous media data, typically delivered out-of-band with respect to RTSP, to be cached, as well as the session description.

On receiving a SETUP or PLAY request, a proxy ascertains whether it has an up-to-date copy of the continuous media content and its description. It can determine whether the copy is up-to-date by issuing a SETUP or DESCRIBE request, respectively, and comparing the Last-Modified header with that of the cached copy. If the copy is not up-to-date, it modifies the SETUP transport parameters as appropriate and forwards the request to the origin server. Subsequent control commands such as PLAY or PAUSE then pass the proxy unmodified. The proxy delivers the continuous media data to the client, while possibly making a local copy for later reuse. The exact behavior allowed to the cache is given by the cache-response directives described in Section 16.10 (Cache-Control). A cache MUST answer any DESCRIBE requests if it is currently serving the stream to the requestor, as it is possible that low-level details of the stream description may have changed on the origin-server.

Note that an RTSP cache, unlike the HTTP cache, is of the "cut-through" variety. Rather than retrieving the whole resource from the origin server, the cache simply copies the streaming data as it passes by on its way to the client. Thus, it does not introduce additional latency.

To the client, an RTSP proxy cache appears like a regular media server, to the media origin server like a client. Just as an HTTP cache has to store the content type, content language, and so on for the objects it caches, a media cache has to store the presentation description. Typically, a cache eliminates all transport-references (that is, e.g. multicast information) from the presentation description, since these are independent of the data delivery from the cache to the client. Information on the encodings remains the same. If the cache is able to translate the cached media data, it would create a new presentation description with all the encoding possibilities it can offer.

19.  Security Framework

The RTSP security framework consists of two high level components: the pure authentication mechanisms based on HTTP authentication, and the transport protection based on TLS, which is independent of RTSP. Because of the similarity in syntax and usage between RTSP servers and HTTP servers, the security for HTTP is re-used to a large extent.

19.1.  RTSP and HTTP Authentication

RTSP and HTTP share common authentication schemes, and thus follow the same usage guidelines as specified in[RFC2617] (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) and also in [H15]. Servers SHOULD implement both basic and digest [RFC2617] (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) authentication. Client SHALL implement both basic and digest authentication [RFC2617] (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) so that Server who requires the client to authenticate can trust that the capability is present.

It should be stressed that using the HTTP authentication alone does not provide full control message security. Therefore, in environments requiring tighter security for the control messages, TLS SHOULD be used, see Section 19.2 (RTSP over TLS).

19.2.  RTSP over TLS

RTSP SHALL follow the same guidelines with regards to TLS [RFC4346] (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.1,” April 2006.) usage as specified for HTTP, see [RFC2818] (Rescorla, E., “HTTP Over TLS,” May 2000.). RTSP over TLS is separated from unsecured RTSP both on URI level and port level. Instead of using the "rtsp" scheme identifier in the URI, the "rtsps" scheme identifier MUST be used to signal RTSP over TLS. If no port is given in a URI with the "rtsps" scheme, port 322 SHALL be used for TLS over TCP/IP.

When a client tries to setup an insecure channel to the server (using the "rtsp" URI), and the policy for the resource requires a secure channel, the server SHALL redirect the client to the secure service by sending a 301 redirect response code together with the correct Location URI (using the "rtsps" scheme). A user or client MAY upgrade a non secured URI to a secured by changing the scheme from "rtsp" to "rtsps". A server implementing support for "rtsps" SHALL allow this.

It should be noted that TLS allows for mutual authentication (when using both server and client certificates). Still, one of the more common way TLS is used is to only provide server side authentication (often to avoid client certificates). TLS is then used in addition to HTTP authentication, providing transport security and server authentication, while HTTP Authentication is used to authenticate the client.

RTSP includes the possibility to keep a TCP session up between the client and server, throughout the RTSP session lifetime. It may be convenient to keep the TCP session, not only to save the extra setup time for TCP, but also the extra setup time for TLS (even if TLS uses the resume function, there will be almost two extra roundtrips). Still, when TLS is used, such behavior introduces extra active state in the server, not only for TCP and RTSP, but also for TLS. This may increase the vulnerability to DoS attacks.

In addition to these recommendations, Section 19.3 (Security and Proxies) gives further recommendations of TLS usage with proxies.

19.3.  Security and Proxies

The nature of a proxy is often to act as a "man-in-the-middle", while security is often about preventing the existence of a "man-in-the-middle". This section provides clients with the possibility to use proxies even when applying secure transports (TLS) between the RTSP agents. The TLS proxy mechanism allows for server and proxy identification using certificates. However, the client can not be identified based on certificates. The client needs to select between using the procedure specified below or using a TLS connection directly (by-passing any proxies) to the server. The choice may be dependent on policies.

There are basically two categories of proxies, the transparent proxies (of which the client is not aware) and the non-transparent proxies (of which the client is aware). An infrastructure based on proxies requires that the trust model is such that both client and servers can trust the proxies to handle the RTSP messages correctly. To be able to trust a proxy, the client and server also needs to be aware of the proxy. Hence, transparent proxies cannot generally be seen as trusted and will not work well with security (unless they work only at transport layer). In the rest of this section any reference to proxy will be to a non-transparent proxy, which inspects or manipulate the RTSP messages.

HTTP Authentication is built on the assumption of proxies and can provide user-proxy authentication and proxy-proxy/server authentication in addition to the client-server authentication.

When TLS is applied and a proxy is used, the client will connect to the proxy's address when connecting to any RTSP server. This implies that for TLS, the client will authenticate the proxy server and not the end server. Note that when the client checks the server certificate in TLS, it MUST check the proxy's identity (URI or possibly other known identity) against the proxy's identity as presented in the proxy's Certificate message.

The problem is that for a proxy accepted by the client, the proxy needs to be provided information on which grounds it should accept the next-hop certificate. Both the proxy and the user may have rules for this, and the user have the possibility to select the desired behavior. To handle this case, the Accept-Credentials header (See Section 16.2 (Accept-Credentials)) is used, where the client can force the proxy/proxies to relay back the chain of certificates used to authenticate any intermediate proxies as well as the server. Given the assumption that the proxies are viewed as trusted, it gives the user a possibility to enforce policies to each trusted proxy of whether it should accept the next entity in the chain.

A proxy MUST use TLS for the next hop if the RTSP request includes a "rtsps" URI. TLS MAY be applied on intermediate links (e.g. between client and proxy, or between proxy and proxy), even if the resource and the end server does not require to use it. The proxy SHALL when initiating the next hop TLS connection use the incomming TLS connections CipherSuite list, only modified by removing any cipher suits that the proxy does not support. In case a proxy fails to establish a TLS connection due to cipher suite mismatch between proxy and next hop proxy or server, this is indicated using error code 472 (Failure to establish secure connection).

19.3.1.  Accept-Credentials

The Accept-Credentials header can be used by the client to distribute simple authorization policies to intermediate proxies. The client includes the Accept-Credentials header to dictate how the proxy treats the server/next proxy certificate. There are currently three methods defined:

Any,

which means that the proxy (or proxies) SHALL accept whatever certificate presented. This is of course not a recommended option to use, but may be useful in certain circumstances (such as testing).

Proxy,

which means that the proxy (or proxies) MUST use its own policies to validate the certificate and decide whether to accept it or not. This is convenient in cases where the user has a strong trust relation with the proxy. Reason why a strong trust relation may exist are; personal/company proxy, proxy has a out-of-band policy configuration mechanism.

User,

which means that the proxy (or proxies) MUST send credential information about the next hop to the client for authorization. The client can then decide whether the proxy should accept the certificate or not. See Section 19.3.2 (User approved TLS procedure) for further details.

If the Accept-Credentials header is not included in the RTSP request from the client, then the "Proxy" method SHALL be used as default. If an other method than the "Proxy" is to be used, then the Accept-Credentials header SHALL be included in all of the RTSP request from the client. This is because it cannot be assumed that the proxy always keeps the TLS state or the users previously preference between different RTSP messages (in particular if the time interval between the messages is long).

With the "Any" and "Proxy" methods the proxy will apply the policy as defined for respectively method. If the policy do not accept the credentials of the next hop, the entity SHALL respond with a message using status code 471 (Connection Credentials not accepted).

An RTSP request in the direction server to client MUST NOT include the Accept-Credential header. As for the non-secured communication, the possibility for these request depends on the presence of a client established connection. However if the server to client request is in relation to a session established over a TLS secured channel, if MUST be sent in a TLS secured connection. That secured connection MUST also be the one used by the last client to server request. If no such transport connection exist at the time when the server desire to send the request, it silently fails.

Further policies MAY be defined and registered, but should be done so with caution.

19.3.2.  User approved TLS procedure

For the "User" method each proxy MUST perform the the following procedure for each RTSP request:

• Setup the TLS session to the next hop if not already present (i.e. run the TLS handshake, but do not send the RTSP request).
• Extract the peer certificate chain for the TLS session.
• Check if a matching identity and hash of the peer certificate is present in the Accept-Credentials header. If present, send the message to the next hop, and conclude these procedures. If not, go to the next step.
• The proxy responds to the RTSP request with a 470 or 407 response code. The 407 response code MAY be used when the proxy requires both user and connection authorization from user or client. In this message the proxy SHALL include a Connection-Credentials header, see Section 16.12 (Connection-Credentials) with the next hop's identity and certificate.

The client MUST upon receiving a 470 or 407 response with Connection-Credentials header take the decision on whether to accept the certificate or not (if it cannot do so, the user SHOULD be consulted). If the certificate is accepted, the client has to again send the RTSP request. In that request the client has to include the Accept-Credentials header including the hash over the DER encoded certificate for all trusted proxies in the chain.

Example:

C->P: SETUP rtsps://test.example.org/secret/audio RTSP/2.0
      CSeq: 2
      Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:4588"/
                 "192.0.2.5:4589"
      Accept-Ranges: NPT, SMPTE, UTC
      Accept-Credentials: User

P->C: RTSP/2.0 470 Connection Authorization Required
      CSeq: 2
      Connection-Credentials: "rtsps://test.example.org";
      MIIDNTCCAp...

C->P: SETUP rtsps://test.example.org/secret/audio RTSP/2.0
      CSeq: 2
      Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:4588"/
      "192.0.2.5:4589"
      Accept-Credentials: User "rtsps://test.example.org";sha-256;
      dPYD7txpoGTbAqZZQJ+vaeOkyH4=
      Accept-Ranges: NPT, SMPTE, UTC

P->S: SETUP rtsps://test.example.org/secret/audio RTSP/2.0
      CSeq: 2
      Transport: RTP/AVP;unicast;dest_addr="192.0.2.5:4588"/
      "192.0.2.5:4589"
      Via: RTSP/2.0 proxy.example.org
      Accept-Credentials: User "rtsps://test.example.org";sha-256;
      dPYD7txpoGTbAqZZQJ+vaeOkyH4=
      Accept-Ranges: NPT, SMPTE, UTC

One implication of this process is that the connection for secured RTSP messages may take significantly more round-trip times for the first message. An complete extra message exchange between the proxy connecting to the next hop and the client results because of the process for approval for each hop. However after the first message exchange the remaining message should not be delayed, if each message contains the chain of proxies that the requestor accepts. The procedure of including the credentials in each request rather than building state in each proxy, avoids the need for revocation procedures.

20.  Syntax

The RTSP syntax is described in an Augmented Backus-Naur Form (ABNF) as defined in RFC 5234 [RFC5234] (Crocker, D. and P. Overell, “Augmented BNF for Syntax Specifications: ABNF,” January 2008.). It uses the basic definitions present in RFC 5234.

Please note that ABNF strings, e.g. "Accept", are case insensitive as specified in section 2.3 of RFC 5234.

20.1.  Base Syntax

RTSP header field values can be folded onto multiple lines if the continuation line begins with a space or horizontal tab. All linear white space, including folding, has the same semantics as SP. A recipient MAY replace any linear white space with a single SP before interpreting the field value or forwarding the message downstream. This is intended to behave exactly as HTTP/1.1 as described in RFC 2616 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.). The SWS construct is used when linear white space is optional, generally between tokens and separators.

To separate the header name from the rest of value, a colon is used, which, by the above rule, allows whitespace before, but no line break, and whitespace after, including a linebreak. The HCOLON defines this construct.

OCTET           =  %x00-FF ; any 8-bit sequence of data
CHAR            =  %x01-7F ; any US-ASCII character (octets 1 - 127)
UPALPHA         =  %x41-5A ; any US-ASCII uppercase letter "A".."Z"
LOALPHA         =  %x61-7A ;any US-ASCII lowercase letter "a".."z"
ALPHA           =  UPALPHA / LOALPHA
DIGIT           =  %x30-39 ; any US-ASCII digit "0".."9"
CTL             =  %x00-1F / %x7F  ; any US-ASCII control charac7ter
                   ; (octets 0 - 31) and DEL (127)
CR              =  %x0D ; US-ASCII CR, carriage return (13
LF              =  %x0A  ; US-ASCII LF, linefeed (10)
SP              =  %x20  ; US-ASCII SP, space (32)
HT              =  %x09  ; US-ASCII HT, horizontal-tab (9)
DQ              =  %x22  ; US-ASCII double-quote mark (34)
BACKSLASH       =  %x5C  ; US-ASCII backslash (92)
CRLF            =  CR LF

LWS             =  [CRLF] 1*( SP / HT )
SWS             =  [LWS] ; sep whitespace
HCOLON          =  *( SP / HT ) ":" SWS
TEXT            =  %x20-7E / %x80-FF  ; any OCTET except CTLs
tspecials       =  "(" / ")" / "<" / ">" / "@"
                /  "," / ";" / ":" / BACKSLASH / DQ
                /  "/" / "[" / "]" / "?" / "="
                /  "{" / "}" / SP / HT
token           =  1*(%x21 / %x23-27 / %x2A-2B / %x2D-2E / %x30-39
                /  %x41-5A / %x5E-7A / %x7C / %x7E)
                   ; 1*<any CHAR except CTLs or tspecials>
quoted-string   =  ( DQ *qdtext DQ )
qdtext          =  %x20-21 / %x23-7E / %x80-FF  ; any TEXT except <">
quoted-pair     =  BACKSLASH CHAR
ctext           =  %x20-27 / %x2A-7E
                /  %x80-FF  ; any OCTET except CTLs, "(" and ")"
generic-param   =  token [ EQUAL gen-value ]
gen-value       =  token / host / quoted-string

safe            =  "$" / "-" / "_" / "." / "+"
extra           =  "!" / "*" / "'" / "(" / ")" / ","
rtsp-extra      =  "!" / "*" / "'" / "(" / ")"

HEX             =  DIGIT / "A" / "B" / "C" / "D" / "E" / "F"
                /  "a" / "b" / "c" / "d" / "e" / "f"
LHEX            =  DIGIT / %x61-66 ;lowercase a-f
reserved        =  ";" / "/" / "?" / ":" / "@" / "&" / "="

unreserved      =  ALPHA / DIGIT / safe / extra
rtsp-unreserved  =  ALPHA / DIGIT / safe / rtsp-extra

base64          =  *base64-unit [base64-pad]
base64-unit     =  4base64-char
base64-pad      =  (2base64-char "==") / (3base64-char "=")
base64-char     =  ALPHA / DIGIT / "+" / "/"

SLASH    =  SWS "/" SWS ; slash
EQUAL    =  SWS "=" SWS ; equal
LPAREN   =  SWS "(" SWS ; left parenthesis
RPAREN   =  SWS ")" SWS ; right parenthesis
COMMA    =  SWS "," SWS ; comma
SEMI     =  SWS ";" SWS ; semicolon
COLON    =  SWS ":" SWS ; colon
LDQUOT   =  SWS DQ ; open double quotation mark
RDQUOT   =  DQ SWS ; close double quotation mark
RAQUOT   =  ">" SWS ; right angle quote
LAQUOT   =  SWS "<" ; left angle quote

TEXT-UTF8char    =  %x21-7E / UTF8-NONASCII
UTF8-NONASCII    =  %xC0-DF 1UTF8-CONT
                 /  %xE0-EF 2UTF8-CONT
                 /  %xF0-F7 3UTF8-CONT
                 /  %xF8-FB 4UTF8-CONT
                 /  %xFC-FD 5UTF8-CONT
UTF8-CONT        =  %x80-BF

FLOAT            = ["-"] 1*39DIGIT ["." 1*46DIGIT]
POS-FLOAT        = 1*39DIGIT ["." 1*46DIGIT]

20.2.  RTSP Protocol Definition

20.2.1.  Generic Protocol elements

RTSP-IRI       =  schemes ":" IRI-rest
IRI-rest       =  ihier-part [ "?" iquery ] [ "#" ifragment ]
ihier-part     =  "//" iauthority ipath-abempty
RTSP-IRI-ref   =  RTSP-IRI / irelative-ref
irelative-ref  =  irelative-part [ "?" iquery ] [ "#" ifragment ]
irelative-part =  "//" iauthority ipath-abempty
                  / ipath-absolute
                  / ipath-noscheme
                  / ipath-empty

iauthority     =  < As defined in RFC 3987>
ipath          =  ipath-abempty   ; begins with "/" or is empty
                  / ipath-absolute  ; begins with "/" but not "//"
                  / ipath-noscheme  ; begins with a non-colon segment
                  / ipath-rootless  ; begins with a segment
                  / ipath-empty     ; zero characters

ipath-abempty   =  *( "/" isegment )
ipath-absolute  =  "/" [ isegment-nz *( "/" isegment ) ]
ipath-noscheme  =  isegment-nz-nc *( "/" isegment )
ipath-rootless  =  isegment-nz *( "/" isegment )
ipath-empty     =  0<ipchar>

isegment        =  *ipchar [";" *ipchar]
isegment-nz     =  1*ipchar [";" *ipchar]
                   / ";" *ipchar
isegment-nz-nc  =  (1*ipchar-nc [";" *ipchar-nc])
                   / ";" *ipchar-nc
                   ; non-zero-length segment without any colon ":"

ipchar         =  iunreserved / pct-encoded / sub-delims / ":" / "@"
ipchar-nc      =  iunreserved / pct-encoded / sub-delims / "@"

iquery         =  < As defined in RFC 3987>
ifragment      =  < As defined in RFC 3987>
iunreserved    =  < As defined in RFC 3987>
pct-encoded    =  < As defined in RFC 3987>

RTSP-URI       =  schemes ":" URI-rest
RTSP-URI-Ref   =  RTSP-URI / RTSP-Relative
schemes        =  "rtsp" / "rtsps" / scheme
scheme         =  < As defined in RFC 3986>
URI-rest       =  hier-part [ "?" query ]
hier-part      =  "//" authority path-abempty

RTSP-Relative  =  relative-part [ "?" query ]
relative-part  =  "//" authority path-abempty
                  / path-absolute
                  / path-noscheme
                  / path-empty

authority      =  < As defined in RFC 3986>
query          =  < As defined in RFC 3986>

path           =  path-abempty    ; begins with "/" or is empty
                  / path-absolute ; begins with "/" but not "//"
                  / path-noscheme ; begins with a non-colon segment
                  / path-rootless ; begins with a segment
                  / path-empty    ; zero characters

path-abempty   =  *( "/" segment )
path-absolute  =  "/" [ segment-nz *( "/" segment ) ]
path-noscheme  =  segment-nz-nc *( "/" segment )
path-rootless  =  segment-nz *( "/" segment )
path-empty     =  0<pchar>

segment        =  *pchar [";" *pchar]
segment-nz     =  ( 1*pchar [";" *pchar]) / (";" *pchar)
segment-nz-nc  =  ( 1*pchar-nc [";" *pchar-nc]) / (";" *pchar-nc)
                  ; non-zero-length segment without any colon ":"

pchar          =  unreserved / pct-encoded / sub-delims / ":" / "@"
pchar-nc       =  unreserved / pct-encoded / sub-delims / "@"

sub-delims     =  "!" / "$" / "&" / "'" / "(" / ")"
                  / "*" / "+" / "," / "="

smpte-range  =  smpte-type "=" smpte-range-spec
                ; See section 3.4
smpte-range-spec   =  ( smpte-time "-" [ smpte-time ] )
                   /  ( "-" smpte-time )
smpte-type         =  "smpte" / "smpte-30-drop"
                   /  "smpte-25" / smpte-type-extension
                   ; other timecodes may be added
smpte-type-extension  =  token
smpte-time         =  1*2DIGIT ":" 1*2DIGIT ":" 1*2DIGIT
                     [ ":" 1*2DIGIT [ "." 1*2DIGIT ] ]

npt-range        =  "npt=" npt-range-spec
npt-range-spec   =  ( npt-time "-" [ npt-time ] ) / ( "-" npt-time )
npt-time         =  "now" / npt-sec / npt-hhmmss
npt-sec          =  1*DIGIT [ "." *DIGIT ]
npt-hhmmss       =  npt-hh ":" npt-mm ":" npt-ss [ "." *DIGIT ]
npt-hh           =  1*DIGIT   ; any positive number
npt-mm           =  1*2DIGIT  ; 0-59
npt-ss           =  1*2DIGIT  ; 0-59

utc-range        =  "clock=" utc-range-spec
utc-range-spec   =  ( utc-time "-" [ utc-time ] ) / ( "-" utc-time )
utc-time         =  utc-date "T" utc-clock "Z"
utc-date         =  8DIGIT
utc-clock        =  6DIGIT [ "." fraction ]
fraction         =  1*DIGIT

feature-tag      =  token

session-id      =  1*256( ALPHA / DIGIT / safe )

extension-header  =   header-name HCOLON header-value
header-name       =  token
header-value      =  *(TEXT-UTF8char / UTF8-CONT / LWS)

20.2.2.  Message Syntax

RTSP-message  =  Request / Response  ; RTSP/2.0 messages

Request  =    Request-Line
              *((general-header
                /  request-header
                /  entity-header) CRLF)
              CRLF
              [ message-body ]

Response =   Status-Line
             *((general-header
               /  response-header
               /  entity-header) CRLF)
              CRLF
             [ message-body ]

Request-Line = Method SP Request-URI SP RTSP-Version CRLF

Status-Line  = RTSP-Version SP Status-Code SP Reason-Phrase CRLF

Method  =  "DESCRIBE"
        /  "GET_PARAMETER"
        /  "OPTIONS"
        /  "PAUSE"
        /  "PLAY"
        /  "PLAY_NOTIFY"
        /  "REDIRECT"
        /  "SETUP"
        /  "SET_PARAMETER"
        /  "TEARDOWN"
        /  extension-method

extension-method  =  token

Request-URI  =  "*" / RTSP-URI
RTSP-Version =  "RTSP/" 1*DIGIT "." 1*DIGIT

message-body = 1*OCTET

Status-Code  =  "100"  ; Continue
             /  "200"  ; OK
             /  "300"  ; Multiple Choices
             /  "301"  ; Moved Permanently
             /  "302"  ; Found
             /  "303"  ; See Other
             /  "304"  ; Not Modified
             /  "305"  ; Use Proxy
             /  "400"  ; Bad Request
             /  "401"  ; Unauthorized
             /  "402"  ; Payment Required
             /  "403"  ; Forbidden
             /  "404"  ; Not Found
             /  "405"  ; Method Not Allowed
             /  "406"  ; Not Acceptable
             /  "407"  ; Proxy Authentication Required
             /  "408"  ; Request Time-out
             /  "410"  ; Gone
             /  "411"  ; Length Required
             /  "412"  ; Precondition Failed
             /  "413"  ; Request Entity Too Large
             /  "414"  ; Request-URI Too Large
             /  "415"  ; Unsupported Media Type
             /  "451"  ; Parameter Not Understood
             /  "452"  ; reserved
             /  "453"  ; Not Enough Bandwidth
             /  "454"  ; Session Not Found
             /  "455"  ; Method Not Valid in This State
             /  "456"  ; Header Field Not Valid for Resource
             /  "457"  ; Invalid Range
             /  "458"  ; Parameter Is Read-Only
             /  "459"  ; Aggregate operation not allowed
             /  "460"  ; Only aggregate operation allowed
             /  "461"  ; Unsupported Transport
             /  "462"  ; Destination Unreachable
             /  "463"  ; Destination Prohibited
             /  "464"  ; Data Transport Not Ready Yet
             /  "470"  ; Connection Authorization Required
             /  "471"  ; Connection Credentials not accepted
             /  "472"  ; Failure to establish secure connection
             /  "500"  ; Internal Server Error
             /  "501"  ; Not Implemented
             /  "502"  ; Bad Gateway
             /  "503"  ; Service Unavailable
             /  "504"  ; Gateway Time-out
             /  "505"  ; RTSP Version not supported
             /  "551"  ; Option not supported
             /  extension-code

extension-code  =  3DIGIT

Reason-Phrase   =  *TEXT

general-header  =  Cache-Control
                /  Connection
                /  CSeq
                /  Date
                /  Media-Properties
                /  Media-Range

                /  Pipelined-Requests
                /  Proxy-Supported
                /  Seek-Style
                /  Supported
                /  Timestamp
                /  Via
                /  extension-header

request-header  =  Accept
                /  Accept-Credentials
                /  Accept-Encoding
                /  Accept-Language
                /  Authorization
                /  Bandwidth
                /  Blocksize
                /  From
                /  If-Match
                /  If-Modified-Since
                /  If-None-Match

                /  Notify-Reason
                /  Proxy-Require
                /  Range
                /  Referer
                /  Request-Status
                /  Require
                /  Scale
                /  Session
                /  Speed
                /  Supported
                /  Transport
                /  User-Agent
                /  extension-header

response-header  =  Accept-Credentials
                 /  Accept-Ranges
                 /  Connection-Credentials
                 /  ETag
                 /  Location
                 /  Proxy-Authenticate
                 /  Public
                 /  Range
                 /  Retry-After
                 /  RTP-Info
                 /  Scale
                 /  Session
                 /  Server
                 /  Speed
                 /  Transport
                 /  Unsupported
                 /  Vary
                 /  WWW-Authenticate
                 /  extension-header

entity-header    =  Allow
                  /  Content-Base
                  /  Content-Encoding
                  /  Content-Language
                  /  Content-Length
                  /  Content-Location
                  /  Content-Type
                  /  Expires
                  /  Last-Modified
                  /  extension-header

20.2.3.  Header Syntax

All header syntaxes not defined in this section are defined in section 14 of the HTTP 1.1 specification [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.).

Accept          =  "Accept" HCOLON
                   [ accept-range *(COMMA accept-range) ]
accept-range    =  media-range *(SEMI accept-param)
media-range     =  ( "*/*"
                /  ( m-type SLASH "*" )
                /  ( m-type SLASH m-subtype )
                    ) *( SEMI m-parameter )
accept-param    =  ("q" EQUAL qvalue) / generic-param
qvalue          =  ( "0" [ "." *3DIGIT ] )
                /  ( "1" [ "." *3("0") ] )
Accept-Credentials   =  "Accept-Credentials" HCOLON cred-decision
cred-decision     =  ("User" [LWS cred-info])
                  /  "Proxy"
                  /  "Any"
                  /  token [LWS 1*TEXT] ; For future extensions
cred-info         =  cred-info-data *(COMMA cred-info-data)

cred-info-data    =  DQ RTSP-URI DQ SEMI hash-alg SEMI base64
hash-alg          =  "sha-256" / extension-alg
extension-alg     =  token
Accept-Encoding   =  "Accept-Encoding" HCOLON
                     [ encoding *(COMMA encoding) ]
encoding          =  codings *(SEMI accept-param)
codings           =  content-coding / "*"
content-coding    =  token
Accept-Language   =  "Accept-Language" HCOLON
                     [ language *(COMMA language) ]
language          =  language-range *(SEMI accept-param)
language-range    =  ( ( 1*8ALPHA *( "-" 1*8ALPHA ) ) / "*" )
Accept-Ranges        =  "Accept-Ranges" HCOLON acceptable-ranges
acceptable-ranges    =  (range-unit *(COMMA range-unit))
                     /  "none"
range-unit           =  "NPT" / "SMPTE" / "UTC" / extension-format
extension-format     =  token
Allow                =   "Allow" HCOLON [Method *(COMMA Method)]

Authorization     =  "Authorization" HCOLON credentials
credentials       =  ("Digest" LWS digest-response)
                  /  other-response
digest-response   =  dig-resp *(COMMA dig-resp)
dig-resp          =  username / realm / nonce / digest-uri
                  /  dresponse / algorithm / cnonce
                  /  opaque / message-qop
                  /  nonce-count / auth-param
username          =  "username" EQUAL username-value
username-value    =  quoted-string
digest-uri        =  "uri" EQUAL LDQUOT digest-uri-value RDQUOT
digest-uri-value  =  Request-URI
                     ; by HTTP/1.1
message-qop       =  "qop" EQUAL qop-value
cnonce            =  "cnonce" EQUAL cnonce-value
cnonce-value      =  nonce-value
nonce-count       =  "nc" EQUAL nc-value
nc-value          =  8LHEX
dresponse         =  "response" EQUAL request-digest
request-digest    =  LDQUOT 32LHEX RDQUOT
auth-param        =  auth-param-name EQUAL
                     ( token / quoted-string )
auth-param-name   =  token
other-response    =  auth-scheme LWS auth-param
                     *(COMMA auth-param)
auth-scheme       =  token

Bandwidth         =  "Bandwidth" HCOLON 1*DIGIT

Blocksize         =  "Blocksize" HCOLON 1*DIGIT

Cache-Control     =  "Cache-Control" HCOLON cache-directive
                        *(COMMA cache-directive)
cache-directive   =  cache-rqst-directive
                     /  cache-rspns-directive

cache-rqst-directive   =  "no-cache"
                       /  "max-stale" [EQUAL delta-seconds]
                       /  "min-fresh" EQUAL delta-seconds
                       /  "only-if-cached"
                       /  cache-extension

cache-rspns-directive  =  "public"
                          /  "private"
                          /  "no-cache"
                          /  "no-transform"
                          /  "must-revalidate"
                          /  "proxy-revalidate"
                          /  "max-age" EQUAL delta-seconds
                          /  cache-extension

cache-extension   =  token [EQUAL (token / quoted-string)]
delta-seconds     =  1*DIGIT

Connection-Credentials = "Connection-Credentials" HCOLON cred-chain

cred-chain          =  DQ RTSP-URI DQ SEMI base64

Connection         =  "Connection" HCOLON (connection-token)
                      *(COMMA connection-token)
connection-token   =  token

Content-Base       =  "Content-Base" HCOLON RTSP-URI-Ref
Content-Encoding   =  "Content-Encoding" HCOLON
                      content-coding *(COMMA content-coding)
Content-Language   =  "Content-Language" HCOLON
                      language-tag *(COMMA language-tag)
language-tag       =  primary-tag *( "-" subtag )
primary-tag        =  1*8ALPHA
subtag             =  1*8ALPHA
Content-Length     =  "Content-Length" HCOLON 1*DIGIT
Content-Location   =  "Content-Location" HCOLON RTSP-URI-Ref
Content-Type       =  ( "Content-Type" / "c" ) HCOLON media-type
media-type         =  m-type SLASH m-subtype *(SEMI m-parameter)
m-type             =  discrete-type / composite-type
discrete-type      =  "text" / "image" / "audio" / "video"
                   /  "application" / extension-token
composite-type   =  "message" / "multipart" / extension-token
extension-token  =  ietf-token / x-token
ietf-token       =  token
x-token          =  "x-" token
m-subtype        =  extension-token / iana-token
iana-token       =  token
m-parameter      =  m-attribute EQUAL m-value
m-attribute      =  token
m-value          =  token / quoted-string

CSeq           =  "Cseq" HCOLON cseq-nr
cseq-nr        =  1*9DIGIT
Date           =  "Date" HCOLON RTSP-date
RTSP-date      =  rfc1123-date ; HTTP-date
rfc1123-date   =  wkday "," SP date1 SP time SP "GMT"
date1          =  2DIGIT SP month SP 4DIGIT
                  ; day month year (e.g., 02 Jun 1982)
time           =  2DIGIT ":" 2DIGIT ":" 2DIGIT
                  ; 00:00:00 - 23:59:59
wkday          =  "Mon" / "Tue" / "Wed"
               /  "Thu" / "Fri" / "Sat" / "Sun"
month          =  "Jan" / "Feb" / "Mar" / "Apr"
               /  "May" / "Jun" / "Jul" / "Aug"
               /  "Sep" / "Oct" / "Nov" / "Dec"

ETag           =  "ETag" HCOLON entity-tag
Expires        =  "Expires" HCOLON delta-seconds
From           =  "From" HCOLON from-spec
from-spec      =  ( name-addr / addr-spec ) *( SEMI from-param )
name-addr      =  [ display-name ] LAQUOT addr-spec RAQUOT
addr-spec      =  RTSP-URI / absolute-URI
absolute-URI   =  < As defined in RFC 3986>
display-name   =  *(token LWS)/ quoted-string
from-param     =  tag-param / generic-param
tag-param      =  "tag" EQUAL token
If-Match       =  "If-Match" HCOLON ( "*" / entity-tag-list)
entity-tag-list  =  entity-tag *(COMMA entity-tag)
entity-tag     =  [ weak ] opaque-tag
weak           =  "W/"
opaque-tag     =  quoted-string
If-Modified-Since  =  "If-Modified-Since" HCOLON RTSP-date
If-None-Match    =  "If-None-Match" HCOLON ("*" / entity-tag-list)
Last-Modified    =  "Last-Modified" HCOLON RTSP-date
Location         =  "Location" HCOLON RTSP-URI
Media-Properties = "Media-Properties" HCOLON media-prop-list
media-prop-list  = media-prop-value *(COMMA media-prop-value)
media-prop-value = "Random-Access" EQUAL POS-FLOAT
                 / "Begining-Only"
                 / "No-Seeking"
                 / "Unmutable"
                 / "Dynamic"
                 / "Time-Progressing"
                 / "Unlimited"
                 / "Time-Limited" EQUAL utc-range-spec
                 / "Time-Duration" EQUAL POS-FLOAT
                 / media-prop-ext
media-prop-ext   = token [EQUAL SWS 1*rtsp-unreserved / quoted-string]
Media-Range      = "Media-Range" HCOLON [ranges-list]
Notify-Reason    = "Notify-Reason" HCOLON Notify-Reas-val
Notify-Reas-val  = "end-of-stream"
                 / "media-properties-update"
                 / "scale-change"
                 / Notify-Reason-extension
Notify-Reason-extension  = token
Pipelined-Requests = "Pipelined-Requests" HCOLON startup-id
startup-id  = 1*8DIGIT

Proxy-Authenticate   =  "Proxy-Authenticate" HCOLON challenge
challenge            =  ("Digest" LWS digest-cln *(COMMA digest-cln))
                     / other-challenge
other-challenge      =  auth-scheme LWS auth-param
                       *(COMMA auth-param)
digest-cln           =  realm / domain / nonce
                     /  opaque / stale / algorithm
                     /  qop-options / auth-param
realm                =  "realm" EQUAL realm-value
realm-value          =  quoted-string
domain               =  "domain" EQUAL LDQUOT URI
                       *( 1*SP URI ) RDQUOT
URI                  =  RTSP-URI / RTSP-URI-Ref
nonce                =  "nonce" EQUAL nonce-value
nonce-value          =  quoted-string
opaque               =  "opaque" EQUAL quoted-string
stale                =  "stale" EQUAL ( "true" / "false" )
algorithm            =  "algorithm" EQUAL ("MD5" / "MD5-sess" / token)
qop-options          =  "qop" EQUAL LDQUOT qop-value
                       *("," qop-value) RDQUOT
qop-value            =  "auth" / "auth-int" / token
Proxy-Require        =  "Proxy-Require" HCOLON feature-tag
                       *(COMMA feature-tag)

Proxy-Supported      =  "Proxy-Supported" HCOLON feature-tag
                       *(COMMA feature-tag)

Public               =  "Public" HCOLON Method *(COMMA Method)

Range                =  "Range" HCOLON ranges-list [exec-time]
ranges-list          =  ranges-spec *(COMMA ranges-spec)
exec-time            =  SEMI "time" EQUAL utc-time
ranges-spec          =  npt-range / utc-range / smpte-range
                     /  range-ext
range-ext            =  extension-format "=" range-value
range-value          =  1*(rtsp-unreserved / quoted-string / ":" )

Referer              =  "Referer" HCOLON RTSP-URI-Ref
Request-Status       =  "Request-Status" HCOLON status-info
status-info          =   cseq-info LWS status-info LWS reason-info
cseq-info            =  "cseq" EQUAL cseq-nr
status-info          =  "status" EQUAL Status-Code
reason-info          =  "reason" EQUAL DQ Reason-Phrase DQ
Require              =  "Require" HCOLON feature-tag-list
feature-tag-list     =  feature-tag *(COMMA feature-tag)

RTP-Info         =  "RTP-Info" HCOLON rtsp-info-spec
                    *(COMMA rtsp-info-spec)
rtsp-info-spec   =  stream-url 1*ssrc-parameter
stream-url       =  "url" EQUAL DQ RTSP-URI-Ref DQ
ssrc-parameter   =  LWS "ssrc" EQUAL ssrc HCOLON
                    ri-parameter *(SEMI ri-parameter)
ri-parameter     =  "seq" EQUAL 1*DIGIT
                 /  "rtptime" EQUAL 1*DIGIT

Retry-After      =  "Retry-After" HCOLON delta-seconds
                    [ comment ] *( SEMI retry-param )
retry-param      =  ("duration" EQUAL delta-seconds)
                 /  generic-param

Scale            =  "Scale" HCOLON ["-"] 1*DIGIT [ "." *DIGIT ]
Seek-Style       =  "Seek-Style" HCOLON Seek-S-values
Seek-S-values    =  "RAP"
                 /  "First-Prior"
                 /  "Next"
                 /  Seek-S-value-ext
Seek-S-value-ext =  token
Speed            =  "Speed" HCOLON 1*DIGIT [ "." *DIGIT ]

Server           =  "Server" HCOLON ( product / comment )
                    *(LWS (product / comment))
product          =  token [SLASH product-version]
product-version  =  token
comment          =  LPAREN *( ctext / quoted-pair) RPAREN

Session          =  "Session" HCOLON session-id
                    [ SEMI "timeout" EQUAL delta-seconds ]

Supported        =  "Supported" HCOLON [feature-tag-list]

Timestamp        =  "Timestamp" HCOLON timestamp-value LWS [delay]
timestamp-value  =  *DIGIT [ "." *DIGIT ]
delay            =  *DIGIT [ "." *DIGIT ]

Transport        =  "Transport" HCOLON transport-spec
                    *(COMMA transport-spec)
transport-spec   =  transport-id *tr-parameter
transport-id     =  trans-id-rtp / other-trans
trans-id-rtp     =  "RTP/" profile ["/" lower-transport]
                    ; no LWS is allowed inside transport-id
other-trans      =  token *("/" token)

profile             = "AVP" / "SAVP" / "AVPF" / token
lower-transport     = "TCP" / "UDP" / token
tr-parameter        = SEMI ( "unicast" / "multicast" )
                    / SEMI "interleaved" EQUAL channel [ "-" channel ]
                    / SEMI "append"
                    / SEMI "ttl" EQUAL ttl
                    / SEMI "layers" EQUAL 1*DIGIT
                    / SEMI "ssrc" EQUAL ssrc *(SLASH ssrc)
                    / SEMI "client_ssrc" EQUAL ssrc
                    / SEMI "mode" EQUAL mode-spec
                    / SEMI "dest_addr" EQUAL addr-list
                    / SEMI "src_addr" EQUAL addr-list
                    / SEMI trn-param-ext
                    / SEMI "setup" EQUAL contrans-setup
                    / SEMI "connection" EQUAL contrans-con
contrans-setup      = "active" / "passive" / "actpass"
contrans-con        = "new" / "existing"
trn-param-ext       = par-name [EQUAL trn-par-value]
par-name            = token
trn-par-value       = *(rtsp-unreserved / DQ *TEXT DQ)
ttl                 = 1*3DIGIT ; 0 to 255
ssrc                = 8HEX
channel             = 1*3DIGIT
mode-spec           = ( DQ mode *(COMMA mode) DQ )
mode                = "PLAY" / token
addr-list           = quoted-addr *(SLASH quoted-addr)
quoted-addr         = DQ (host-port / extension-addr) DQ
host-port           = host [":" port]
                    / ":" port
extension-addr      = 1*qdtext
host                = < As defined in RFC 3986>
port                = < As defined in RFC 3986>

Unsupported     = "Unsupported" HCOLON feature-tag-list

User-Agent      = "User-Agent" HCOLON ( product / comment )
                0*(LWS (product / comment))

Vary            = "Vary" HCOLON ( "*" / field-name-list)
field-name-list = field-name *(COMMA field-name)
field-name      = token
Via             = "Via" HCOLON via-parm *(COMMA via-parm)
via-parm        = sent-protocol LWS sent-by *( SEMI via-params )
via-params      = via-ttl / via-maddr
                / via-received / via-branch
                / via-extension
via-ttl         = "ttl" EQUAL ttl
via-maddr       = "maddr" EQUAL host
via-received    = "received" EQUAL (IPv4address / IPv6address)
IPv4address     = < As defined in RFC 3986>
IPv6address     = < As defined in RFC 3986>
via-branch      = "branch" EQUAL token
via-extension   = generic-param
sent-protocol   = protocol-name SLASH protocol-version
                  SLASH transport-prot
protocol-name   = "RTSP" / token
protocol-version = token
transport-prot  = "UDP" / "TCP" / "TLS" / other-transport
other-transport = token
sent-by         = host [ COLON port ]

WWW-Authenticate = "WWW-Authenticate" HCOLON challenge

20.3.  SDP extension Syntax

This section defines in ABNF the SDP extensions defined for RTSP. See Appendix D (Use of SDP for RTSP Session Descriptions) for the definition of the extensions in text.

control-attribute   =  "a=control:" *SP RTSP-URI

a-range-def         =  "a=range:" ranges-spec CRLF

a-etag-def          =  "a=etag:" entity-tag CRLF

21.  Security Considerations

Because of the similarity in syntax and usage between RTSP servers and HTTP servers, the security considerations outlined in [H15] apply. Specifically, please note the following:

Abuse of Server Log Information:

RTSP and HTTP servers will presumably have similar logging mechanisms, and thus should be equally guarded in protecting the contents of those logs, thus protecting the privacy of the users of the servers. See [H15.1.1] for HTTP server recommendations regarding server logs.

Transfer of Sensitive Information:

There is no reason to believe that information transferred or controlled via RTSP may be any less sensitive than that normally transmitted via HTTP. Therefore, all of the precautions regarding the protection of data privacy and user privacy apply to implementors of RTSP clients, servers, and proxies. See [H15.1.2] for further details.

Attacks Based On File and Path Names:

Though RTSP URIs are opaque handles that do not necessarily have file system semantics, it is anticipated that many implementations will translate portions of the Request-URIs directly to file system calls. In such cases, file systems SHOULD follow the precautions outlined in [H15.5], such as checking for ".." in path components.

Personal Information:

RTSP clients are often privy to the same information that HTTP clients are (user name, location, etc.) and thus should be equally sensitive. See [H15.1] for further recommendations.

Privacy Issues Connected to Accept Headers:

Since may of the same "Accept" headers exist in RTSP as in HTTP, the same caveats outlined in [H15.1.4] with regards to their use should be followed.

DNS Spoofing:

Presumably, given the longer connection times typically associated to RTSP sessions relative to HTTP sessions, RTSP client DNS optimizations should be less prevalent. Nonetheless, the recommendations provided in [H15.3] are still relevant to any implementation which attempts to rely on a DNS-to-IP mapping to hold beyond a single use of the mapping.

Location Headers and Spoofing:

If a single server supports multiple organizations that do not trust each another, then it needs to check the values of Location and Content-Location header fields in responses that are generated under control of said organizations to make sure that they do not attempt to invalidate resources over which they have no authority. ([H15.4])

In addition to the recommendations in the current HTTP specification (RFC 2616 [RFC2616] (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.), as of this writing) and also of the previous RFC2068 [RFC2068] (Fielding, R., Gettys, J., Mogul, J., Nielsen, H., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” January 1997.), future HTTP specifications may provide additional guidance on security issues.

The following are added considerations for RTSP implementations.

Concentrated denial-of-service attack:

The protocol offers the opportunity for a remote-controlled denial-of-service attack. See Section 21.1 (Remote denial of Service Attack).

Session hijacking:

Since there is no or little relation between a transport layer connection and an RTSP session, it is possible for a malicious client to issue requests with random session identifiers which would affect unsuspecting clients. The server SHOULD use a large, random and non-sequential session identifier to minimize the possibility of this kind of attack. However, unless the RTSP signalling always are confedentiality protected, e.g. using TLS, an on-path attacker will be able to hijack a session. For real session security, client authentication needs to be performed.

Authentication:

Servers SHOULD implement both basic and digest [RFC2617] (Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, “HTTP Authentication: Basic and Digest Access Authentication,” June 1999.) authentication. In environments requiring tighter security for the control messages, the transport layer mechanism TLS (RFC 4346 [RFC4346] (Dierks, T. and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.1,” April 2006.)) SHOULD be used.

Stream issues:

RTSP only provides for stream control. Stream delivery issues are not covered in this section, nor in the rest of this draft. RTSP implementations will most likely rely on other protocols such as RTP, IP multicast, RSVP and IGMP, and should address security considerations brought up in those and other applicable specifications.

Persistently suspicious behavior:

RTSP servers SHOULD return error code 403 (Forbidden) upon receiving a single instance of behavior which is deemed a security risk. RTSP servers SHOULD also be aware of attempts to probe the server for weaknesses and entry points and MAY arbitrarily disconnect and ignore further requests clients which are deemed to be in violation of local security policy.

Scope of Multicast:

If RTSP is used to control the transmission of media onto a multicast network it is need to consider the scope that delivery has. RTSP supports the TTL Transport header parameter to indicate this scope. However such scope control is risk as it may be set to large and distribute media beyond the intended scope.

TLS through proxies:

If one uses the possibility to connect TLS in multiple legs (Section 19.3 (Security and Proxies) one really needs to be aware of the trust model. That procedure requires full faith and trust in all proxies that one allows to connect through. They are man in the middle and has access to all that goes on over the TLS connection. Thus it is important to consider if that trust model is acceptable in the actual application.

21.1.  Remote denial of Service Attack

The attacker may initiate traffic flows to one or more IP addresses by specifying them as the destination in SETUP requests. While the attacker's IP address may be known in this case, this is not always useful in prevention of more attacks or ascertaining the attackers identity. Thus, an RTSP server MUST only allow client-specified destinations for RTSP-initiated traffic flows if the server has ensured that the specified destination address accepts receiving media through different security mechanisms. Security mechanism that are acceptable in an increased generality are; verification of the client's identity, either against a database of known users using RTSP authentication mechanisms (preferably digest authentication or stronger); a list of addresses that accept to be media destinations, especially considering user identity; and media path based verification.

The server SHOULD NOT allow the destination field to be set unless a mechanism exists in the system to authorize the request originator to direct streams to the recipient. It is preferred that this authorization be performed by the media recipient (destination) itself and the credentials passed along to the server. However, in certain cases, such as when recipient address is a multicast group, or when the recipient is unable to communicate with the server in an out-of-band manner, this may not be possible. In these cases server may chose another method such as a server-resident authorization list to ensure that the request originator has the proper credentials to request stream delivery to the recipient.

One solution that performs the necessary verification of acceptance of media suitable for unicast based delivery is the ICE based NAT traversal method described in [I‑D.ietf‑mmusic‑rtsp‑nat] (Goldberg, J., Westerlund, M., and T. Zeng, “A Network Address Translator (NAT) Traversal mechanism for media controlled by Real-Time Streaming Protocol (RTSP),” January 2010.). By using random passwords and username the probability of unintended indication as a valid media destination is very low. If the server include in its STUN requests a cookie (consisting of random material) that is the destination echo back the solution is also safe against having a off-path attacker being able to spoof the STUN checks. Leaving this solution vulnerable only to on-path attackers that can see the STUN requests go to the target of attack.

For delivery to multicast addresses there is need for another solution which is not specified here.

22.  IANA Considerations

This section sets up a number of registries for RTSP 2.0 that should be maintained by IANA. For each registry there is a description on what it is required to contain, what specification is needed when adding a entry with IANA, and finally the entries that this document needs to register. See also the Section 2.3 (Extending RTSP) "Extending RTSP". There is also an IANA registration of two SDP attributes.

The sections describing how to register an item uses some of the requirements level described in RFC YYYY [I‑D.narten‑iana‑considerations‑rfc2434bis] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” March 2008.), namely "First Come, First Served", "Expert Review, "Specification Required", and "Standards Action".

A registration request to IANA MUST contain the following information:

• A name of the item to register according to the rules specified by the intended registry.
• Indication of who has change control over the feature (for example, IETF, ISO, ITU-T, other international standardization bodies, a consortium, a particular company or group of companies, or an individual);
• A reference to a further description, if available, for example (in decreasing order of preference) an RFC, a published standard, a published paper, a patent filing, a technical report, documented source code or a computer manual;
• For proprietary features, contact information (postal and email address);

22.1.  Feature-tags

22.1.1.  Description

When a client and server try to determine what part and functionality of the RTSP specification and any future extensions that its counter part implements there is need for a namespace. This registry contains named entries representing certain functionality.

The usage of feature-tags is explained in Section 11 (Capability Handling) and Section 13.1 (OPTIONS).

22.1.2.  Registering New Feature-tags with IANA

The registering of feature-tags is done on a first come, first served basis.

The name of the feature MUST follow these rules: The name may be of any length, but SHOULD be no more than twenty characters long. The name MUST NOT contain any spaces, or control characters. The registration SHALL indicate if the feature-tag applies to clients, servers, or proxies only or any combinations of these. Any proprietary feature SHALL have as the first part of the name a vendor tag, which identifies the organization.

22.1.3.  Registered entries

The following feature-tags are in this specification defined and hereby registered. The change control belongs to the IETF.

play.basic:

The minimal implementation for playback operations according to this specification. Applies for both clients, servers and proxies.

play.scale:

Support of scale operations for media playback. Applies only for servers.

play.speed:

Support of the speed functionality for playback. Applies only for servers.

22.2.  RTSP Methods

22.2.1.  Description

What a method is, is described in section Section 13 (Method Definitions). Extending the protocol with new methods allow for totally new functionality.

22.2.2.  Registering New Methods with IANA

A new method MUST be registered through an IETF Standards Action. The reason is that new methods may radically change the protocols behavior and purpose.

A specification for a new RTSP method MUST consist of the following items:

• A method name which follows the ABNF rules for methods.
• A clear specification on what action and response a request with the method will result in. Which directions the method is used, C->S or S->C or both. How the use of headers, if any, modifies the behavior and effect of the method.
• A list or table specifying which of the registered headers that are allowed to use with the method in request or/and response.
• Describe how the method relates to network proxies.

22.2.3.  Registered Entries

This specification, RFCXXXX, registers 10 methods: DESCRIBE, GET_PARAMETER, OPTIONS, PAUSE, PLAY, PLAY_NOTIFY REDIRECT, SETUP, SET_PARAMETER, and TEARDOWN.

22.3.  RTSP Status Codes

22.3.1.  Description

A status code is the three digit numbers used to convey information in RTSP response messages, seeSection 8 (Response). The number space is limited and care should be taken not to fill the space.

22.3.2.  Registering New Status Codes with IANA

A new status code can only be registered by an IETF Standards Action. A specification for a new status code MUST specify the following:

• The requested number.
• A description what the status code means and the expected behavior of the sender and receiver of the code.

22.3.3.  Registered Entries

RFCXXX, registers the numbered status code defined in the ABNF entry "Status-Code" except "extension-code" in Section 20.2.2 (Message Syntax).

22.4.  RTSP Headers

22.4.1.  Description

By specifying new headers a method(s) can be enhanced in many different ways. An unknown header will be ignored by the receiving entity. If the new header is vital for a certain functionality, a feature-tag for the functionality can be created and demanded to be used by the counter-part with the inclusion of a Require header carrying the feature-tag.

22.4.2.  Registering New Headers with IANA

Registrations in the registry can be done following the Expert Review policy. A specification SHOULD be provided, preferable an IETF RFC or other Standards Developing Organization specification. The minimal information in a registration request is the header name and the contact information.

The specification SHOULD contain the following information:

• The name of the header.
• An ABNF specification of the header syntax.
• A list or table specifying when the header may be used, encompassing all methods, their request or response, the direction (C->S or S->C).
• How the header is to be handled by proxies.
• A description of the purpose of the header.

22.4.3.  Registered entries

All headers specified in Section 16 (Header Field Definitions) in RFCXXXX are to be registered.

Furthermore the following RTSP headers defined in other specifications are registered:

• x-wap-profile defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• x-wap-profile-diff defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• x-wap-profile-warning defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• x-predecbufsize defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• x-initpredecbufperiod defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• x-initpostdecbufperiod defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• 3gpp-videopostdecbufsize defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• 3GPP-Link-Char defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• 3GPP-Adaptation defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• 3GPP-QoE-Metrics defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).
• 3GPP-QoE-Feedback defined in [3gpp‑26234] (Third Generation Partnership Project (3GPP), “Transparent end-to-end Packet-switched Streaming Service (PSS); Protocols and codecs; Technical Specification 26.234,” December 2002.).

The use of "x-" is NOT RECOMMENDED but the above headers in the register list was defined prior to the clarification.

22.5.  Transport Header Registries

The transport header contains a number of parameters which have possibilities for future extensions. Therefore registries for these needs to be defined.

22.5.1.  Transport Protocol Specification

A registry for the parameter transport-protocol specification SHALL be defined with the following rules:

• Registering uses the policy of Specification Required.
• A contact person or organization with address and email.
• A value definition that are following the ABNF syntax definition.
• A describing text that explains how the registered value are used in RTSP.

This specification registers the following values:

RTP/AVP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "RTP profile for audio and video conferences with minimal control"[RFC3551] (Schulzrinne, H. and S. Casner, “RTP Profile for Audio and Video Conferences with Minimal Control,” July 2003.) over UDP. The usage is explained in RFC XXXX, appendix Appendix C.1 (RTP).

RTP/AVP/UDP:

the same as RTP/AVP.

RTP/AVPF:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "Extended RTP Profile for RTCP-based Feedback (RTP/AVPF)" [RFC4585] (Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, “Extended RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/AVPF),” July 2006.) over UDP. The usage is explained in RFC XXXX, appendix Appendix C.1 (RTP).

RTP/AVPF/UDP:

the same as RTP/AVPF.

RTP/SAVP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "The Secure Real-time Transport Protocol (SRTP)" [RFC3711] (Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. Norrman, “The Secure Real-time Transport Protocol (SRTP),” March 2004.) over UDP. The usage is explained in RFC XXXX, appendix Appendix C.1 (RTP).

RTP/SAVP/UDP:

the same as RTP/SAVP.

RTP/SAVPF:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "[RFC5124] (Ott, J. and E. Carrara, “Extended Secure RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/SAVPF),” February 2008.) over UDP. The usage is explained in RFC XXXX, appendix Appendix C.1 (RTP).

RTP/SAVPF/UDP:

the same as RTP/SAVPF.

RTP/AVP/TCP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "RTP profile for audio and video conferences with minimal control"[RFC3551] (Schulzrinne, H. and S. Casner, “RTP Profile for Audio and Video Conferences with Minimal Control,” July 2003.) over TCP. The usage is explained in RFC XXXX, appendix Appendix C.2.2 (RTP over independent TCP).

RTP/AVPF/TCP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "Extended RTP Profile for RTCP-based Feedback (RTP/AVPF)"[RFC4585] (Ott, J., Wenger, S., Sato, N., Burmeister, C., and J. Rey, “Extended RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/AVPF),” July 2006.) over TCP. The usage is explained in RFC XXXX, appendix Appendix C.2.2 (RTP over independent TCP).

RTP/SAVP/TCP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "The Secure Real-time Transport Protocol (SRTP)" [RFC3711] (Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. Norrman, “The Secure Real-time Transport Protocol (SRTP),” March 2004.) over TCP. The usage is explained in RFC XXXX, appendix Appendix C.2.2 (RTP over independent TCP).

RTP/SAVPF/TCP:

Use of the RTP[RFC3550] (Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” July 2003.) protocol for media transport in combination with the "[RFC5124] (Ott, J. and E. Carrara, “Extended Secure RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/SAVPF),” February 2008.) over TCP. The usage is explained in RFC XXXX, appendix Appendix C.2.2 (RTP over independent TCP).

22.5.2.  Transport modes

A registry for the transport parameter mode SHALL be defined with the following rules:

• Registering requires an IETF Standards Action.
• A contact person or organization with address and email.
• A value definition that are following the ABNF token definition.
• A describing text that explains how the registered value are used in RTSP.

This specification registers 1 value: