SCTP Binding

Transport

The most fundamental question may be whether to map the AMQP "Connection" to an SCTP "Association" or to a pair of SCTP streams. SCTP Streams seem to perform much the same functionality as AMQP channels, so there seems to be a strong case to suggest that the AMQP Connection should map to the SCTP Association.

Framing

SCTP provides almost all of the features of the AMQP frame... is there any reason to use AMQP framing on top of SCTP (I suggest not). The only obvious omission is the "extended header" which could be simulated through other mechanisms.

AMQP over TCP uses an unframed header to identify the protocol in use and its version. This must be sent before any other data on a TCP connection.

Sanjay suggested using the Adaptation Layer Indicator to indicate protocol version number.

Connection Open

The Open performative MUST be the first frame sent on a TCP connection.

In SCTP it is theoretically possibly that even if it is the first frame sent in a given direction, it may be overtaken by a different frame on a separate stream. Even if dedicated "control" streams are used for connection management (e.g. using stream 0 in each direction for open/close) this possibility still exists.

Implementations can guard against this by simply buffering messages that arrive on streams before the "open" arrives. This buffering would cleary need to be limitted by the implementation, with a failure mode if the open is not received before the buffer is full.

Connection Close

The close performative has a similar ordering constraint (in the binding to TCP it MUST be the last performative sent). In SCTP this cannot be guaranteed. The behaviour of the receiver of a close in SCTP must be defined.

Security

Encyrption

TLS requires total ordering and bidirectional communication.

DTLS may provide a solution for association level security.

An alternative approach would be to establish separate TLS sessions for each pair of streams (this would require pairing of the uni direction streams into bidrectional communication channels).

SASL encryption layers would likely be subject to the same issues around total ordering.

Authentication

SCTPBinding (last edited 2013-01-30 09:19:41 by rgodfrey)