Overview: Real-Time Protocols for Browser-Based Applications
draft-ietf-rtcweb-overview-19

[Ballot comment]
The GENART review contains a number of editorial nits to be addressed.

[Reminder to myself so it doesn't get lost: The reference to ICE needs to be updated to point to the existing RFC, not the -bis draft; this is based on EKR's earlier Discuss]

[Ballot comment]
UPDATE: Removing my discuss. Will let Adam manage this from here.

This document seems rather long on philosophy (justifying MTI,
the freed to innovate material in S 4.) I would remove all this.


S 2.4.
Why do you have two terminology sections? I would merge them.


S 3.
The diagrams here seem to assume a federation model that I
generally don't see used with WebRTC. So, for instance,
the on-the-wire protocols arrow on page 9. Who does that?
This also applies to "a commonly imagined model"

I would say HTTP(S) in this diagram.

You should probably list DTLS, SCTP, and SDP in this section. It's
not like we haven't decided we need them.

"The functionality groups that are needed in the browser can be
specified, more or less from the bottom up, as:
...
Connection management: ... SIP and Jingle/XMPP belong in this category."

As far as I know, nothing in this layer is specified in WebRTC
or implemented in the browser, so this doesn't seem to make
sense.

[Ballot comment]
This topic below was discussed during the IESG telechat:

Reading from the document objectives, from the abstract:

  This document gives an overview and context of a protocol suite
  intended for use with real-time applications that can be deployed in
  browsers - "real time communication on the Web".

  It intends to serve as a starting and coordination point to make sure
  all the parts that are needed to achieve this goal are findable, and
  that the parts that belong in the Internet protocol suite are fully
  specified and on the right publication track.

Reading this, I was thinking: great, I will have the full overview.
With "deployed", "starting and coordination point to make sure that all the parts ..." I will have some  focus on the operational aspects, basically, how should operators operate theses browser-embedded applications.
Now, reading further ...

  This document is intended to serve as the roadmap to the WebRTC
  specifications.  It defines terms used by other parts of the WebRTC
  protocol specifications, lists references to other specifications
  that don't need further elaboration in the WebRTC context, and gives
  pointers to other documents that form part of the WebRTC suite.

... I thought: Ok, if not covered here, at least I will have a pointer to another operational document.
But wait:

  By reading this document and the documents it refers to, it should be
  possible to have all information needed to implement an WebRTC
  compatible implementation.

So is this only about implementation?

I like this document very much as it explains all the RTCWEB pieces in one location. However, there is one important piece missing: the network management considerations. See https://datatracker.ietf.org/doc/html/rfc5706#appendix-A
This is where I'm coming from, discussing some more with Warren (this a cut and past from this ballot):

    [ Edit: So, after more thought (and some discussion) I think that it would be useful for the document to at least note the fact that technologies like this mean that some of the existing operational practices may need to change. For example, many enterprises perform QoS based upon the fact that certain types of devices live in certain subnets (e.g many phones get placed in a specific VLAN using LLDP or CDP). With more real time content coming from browsers, these matching practices break, and so operators may not be able to QoS mark / prioritize traffic accordingly. Perhaps something like: "One of the implications of a solution like WebRTC is that more real-time traffic will be sourced from computers (and not dedicated devices like telephones or videoconferencing devices). This may have implications for operators performing QoS marking and prioritization" ? This isn't really specific to webrtc, but rather to a more general set of solutions like softphones and the like, but is accelerated by WebRTC. ]

In light of the previous discussions about draft-mm-wg-effect-encrypt-11, the operators are used to manage voice, video, gaming a certain way, with their operational current practices. Now, their current practices might not work any longer. What should they do now in term of monitoring, troubleshooting, QoS, SLA monitoring, etc these days with WebRTC?
While we should add this note (or a similar one) in the doc, I'm wondering: where are (should be) those operational aspects discussed, if not here?
I've seen https://tools.ietf.org/html/draft-ietf-tsvwg-rtcweb-qos-18, not sure it's appropriate. Anyway, it's now in a RFC-editor state.
I could have requested a specific manageability doc in the charter. Too late now.

[Ballot discuss]
DISCUSS-DISCUSS: No action for the authors at this point in time.

Reading from the document objectives, from the abstract:

  This document gives an overview and context of a protocol suite
  intended for use with real-time applications that can be deployed in
  browsers - "real time communication on the Web".

  It intends to serve as a starting and coordination point to make sure
  all the parts that are needed to achieve this goal are findable, and
  that the parts that belong in the Internet protocol suite are fully
  specified and on the right publication track.

Reading this, I was thinking: great, I will have the full overview.
With "deployed", "starting and coordination point to make sure that all the parts ..." I will have some  focus on the operational aspects, basically, how should operators operate theses browser-embedded applications.
Now, reading further ...

  This document is intended to serve as the roadmap to the WebRTC
  specifications.  It defines terms used by other parts of the WebRTC
  protocol specifications, lists references to other specifications
  that don't need further elaboration in the WebRTC context, and gives
  pointers to other documents that form part of the WebRTC suite.

... I thought: Ok, if not covered here, at least I will have a pointer to another operational document.
But wait:

  By reading this document and the documents it refers to, it should be
  possible to have all information needed to implement an WebRTC
  compatible implementation.

So is this only about implementation?

I like this document very much as it explains all the RTCWEB pieces in one location. However, there is one important piece missing: the network management considerations. See https://datatracker.ietf.org/doc/html/rfc5706#appendix-A
This is where I'm coming from, discussing some more with Warren (this a cut and past from this ballot):

    [ Edit: So, after more thought (and some discussion) I think that it would be useful for the document to at least note the fact that technologies like this mean that some of the existing operational practices may need to change. For example, many enterprises perform QoS based upon the fact that certain types of devices live in certain subnets (e.g many phones get placed in a specific VLAN using LLDP or CDP). With more real time content coming from browsers, these matching practices break, and so operators may not be able to QoS mark / prioritize traffic accordingly. Perhaps something like: "One of the implications of a solution like WebRTC is that more real-time traffic will be sourced from computers (and not dedicated devices like telephones or videoconferencing devices). This may have implications for operators performing QoS marking and prioritization" ? This isn't really specific to webrtc, but rather to a more general set of solutions like softphones and the like, but is accelerated by WebRTC. ]

In light of the previous discussions about draft-mm-wg-effect-encrypt-11, the operators are used to manage voice, video, gaming a certain way, with their operational current practices. Now, their current practices might not work any longer. What should they do now in term of monitoring, troubleshooting, QoS, SLA monitoring, etc these days with WebRTC?
While we should add this note (or a similar one) in the doc, I'm wondering: where are (should be) those operational aspects discussed, if not here?
I've seen https://tools.ietf.org/html/draft-ietf-tsvwg-rtcweb-qos-18, not sure it's appropriate. Anyway, it's now in a RFC-editor state.
I could have requested a specific manageability doc in the charter. Too late now.

[Ballot comment]
I've been waiting for this one, for a while. Thanks for finishing it. I'm a Yes, with comments.

I agree with EKR that there's a lot of general philosophy in this draft. I wouldn't ask that you pull all of it, but perhaps it could be trimmed down a bit.

This is a nit, but in this text,

  Other efforts, for instance the W3C WEBRTC, Web Applications and
  Device API working groups, focus on making standardized APIs and
  interfaces available, within or alongside the HTML5 effort,
 
it would be nice to have the names here match what's on the W3C website. So, "Web Real-Time Communication", "Web Application Security", and "Device and Sensors", unless I'm guessing at the mapping wrong. It's also easy to read that text with "Web Applications and Device API" as a single working group, so using a comma after "Web Application Security" would be helpful.

The term of art "floor control" is likely to be new to many readers in the future. Since it appears in a list of non-niche examples, maybe you don't need it at all?

I'm not sure whether "let a thousand flowers bloom" is a reference to the Hundred Flowers campaign in 1956, but (1) that ended very badly for the bloomers, and (2) I could easily imagine the phrase tripping DPI filtering for a specific part of the Internet community. Maybe there's a better phrase?

I'm not sure how tutorial you want section 4 to be, but I'd at least mention appropriate retransmission and in-order delivery, in addition to congestion control, since you get that with SCTP on the data channel.

4.  Data transport

  Data transport refers to the sending and receiving of data over the
  network interfaces, the choice of network-layer addresses at each end
  of the communication, and the interaction with any intermediate
  entities that handle the data, but do not modify it (such as TURN
  relays).

  It includes necessary functions for congestion control: When not to
  send data.
 
Or maybe you can just chop that sentence, because the next paragraph points to https://tools.ietf.org/html/draft-ietf-rtcweb-transports-06, anyway?

I found the reference to MMUSIC WG in

  3.  When a new codec is specified, and the SDP for the new codec is
      specified in the MMUSIC WG, no other standardization should be
      required for it to be possible to use that in the web browsers.

to be odd. MMUSIC may be around forever, but this work might be refactored at some point in the future. Is the point that

  3.  When SDP for a new codec is specified,
      no other standardization should be
      required for it to be used in the web browsers.
     
Or is there another way to say this?

I'm also wondering if the statement is true for any WebRTC endpoint, not just browsers.

In this text,

  WebRTC endpoints MUST implement the functions described in that
  document that relate to the network layer (for example Bundle
  [I-D.ietf-mmusic-sdp-bundle-negotiation], RTCP-mux [RFC5761] and
  Trickle ICE [I-D.ietf-ice-trickle]), but do not need to support the
  API functionality described there.
 
I would have thought these were related to the transport layer. No?

[Ballot comment]
I've been waiting for this one, for a while. Thanks for finishing it. I'm a Yes, with comments.

I agree with EKR that there's a lot of general philosophy in this draft. I wouldn't ask that you pull all of it, but perhaps it could be trimmed down a bit.

This is a nit, but in this text,

  Other efforts, for instance the W3C WEBRTC, Web Applications and
  Device API working groups, focus on making standardized APIs and
  interfaces available, within or alongside the HTML5 effort,
 
it would be nice to have the names here match what's on the W3C website. So, "Web Real-Time Communication", "Web Application Security", and "Device and Sensors", unless I'm guessing at the mapping wrong. It's also easy to read that text with "Web Applications and Device API" as a single working group, so putting a comma after "Applications" would be helpful.

The term of art "floor control" is likely to be new to many readers in the future. Since it appears in a list of non-niche examples, maybe you don't need it at all?

I'm not sure whether "let a thousand flowers bloom" is a reference to the Hundred Flowers campaign in 1956, but (1) that ended very badly for the bloomers, and (2) I could easily imagine the phrase tripping DPI filtering for a specific part of the Internet community. Maybe there's a better phrase?

I'm not sure how tutorial you want section 4 to be, but I'd at least mention appropriate retransmission and in-order delivery, in addition to congestion control, since you get that with SCTP on the data channel.

4.  Data transport

  Data transport refers to the sending and receiving of data over the
  network interfaces, the choice of network-layer addresses at each end
  of the communication, and the interaction with any intermediate
  entities that handle the data, but do not modify it (such as TURN
  relays).

  It includes necessary functions for congestion control: When not to
  send data.
 
Or maybe you can just chop that sentence, because the next paragraph points to https://tools.ietf.org/html/draft-ietf-rtcweb-transports-06, anyway?

I found the reference to MMUSIC WG in

  3.  When a new codec is specified, and the SDP for the new codec is
      specified in the MMUSIC WG, no other standardization should be
      required for it to be possible to use that in the web browsers.

to be odd. MMUSIC may be around forever, but this work might be refactored at some point in the future. Is the point that

  3.  When SDP for a new codec is specified,
      no other standardization should be
      required for it to be used in the web browsers.
     
Or is there another way to say this?

I'm also wondering if the statement is true for any WebRTC endpoint, not just browsers.

In this text,

  WebRTC endpoints MUST implement the functions described in that
  document that relate to the network layer (for example Bundle
  [I-D.ietf-mmusic-sdp-bundle-negotiation], RTCP-mux [RFC5761] and
  Trickle ICE [I-D.ietf-ice-trickle]), but do not need to support the
  API functionality described there.
 
I would have thought these were related to the transport layer. No?

[Ballot comment]
Thanks for your work on this draft, it's a helpful overview.  I see the reasoning in the shepherd report for standards track (although it reads more like an informational draft), but am curious if the standards track status is needed for other SDOs that might reference this document? 

In reading sections 8 & 9, I would think the presentation and control in section 8 would have the privacy implications of the second bullet in section 9.  As such, it seems odd that normative language is used in this bullet and not in section 8.  I'd be fine with no normative language in either as long as the protocol drafts cover that appropriately.  Some mention of privacy in section 8 could be helpful since it covers more ground than the example in section 9.

Security considerations: I don't see anything listed for security or privacy considerations in respect to the signaling channel to the web/application server.  Should there be considerations listed?  Security of the actual server and content on the server as well as vulnerabilities in listening protocols are just a few of the questions that come to mind.  If it doesn't matter, please let me know.  I appreciate the comment on the browser being target rich as they have been in many attacks to gain entry into networks leveraging established outbound sessions.  Maybe this is covered in I-D.ietf-rtcweb-security and if so (have not had a chance to review it yet), a high-level mention of gateway security here might be helpful.

I agree with Warren's comment about the management aspects being covered here since it is an overview document.  It could be a very helpful consideration for protocol developers that may devise new ways to enable management as a result of understanding the issues.

I had to look up jingle and BOSH, you may want to consider adding references to the XMPP specifications.

[Ballot comment]
Thanks for your work on this draft, it's a helpful overview.  I see the reasoning in the shepherd report for informational, but am curious if the standards track status is needed for other SDOs that might reference this document? 

In reading sections 8 & 9, I would think the presentation and control in section 8 would have the privacy implications of the second bullet in section 9.  As such, it seems odd that normative language is used in this bullet and not in section 8.  I'd be fine with no normative language in either as long as the protocol drafts cover that appropriately.  Some mention of privacy in section 8 could be helpful since it covers more ground than the example in section 9.

Security considerations: I don't see anything listed for security or privacy considerations in respect to the signaling channel to the web/application server.  Should there be considerations listed?  Security of the actual server and content on the server as well as vulnerabilities in listening protocols are just a few of the questions that come to mind.  If it doesn't matter, please let me know.  I appreciate the comment on the browser being target rich as they have been in many attacks to gain entry into networks leveraging established outbound sessions.  Maybe this is covered in I-D.ietf-rtcweb-security and if so (have not had a chance to review it yet), a high-level mention of gateway security here might be helpful.

I agree with Warren's comment about the management aspects being covered here since it is an overview document.  It could be a very helpful consideration for protocol developers that may devise new ways to enable management as a result of understanding the issues.

I had to look up jingle and BOSH, you may want to consider adding references to the XMPP specifications.

[Ballot comment]
Thank you -- I like these sort of overview documents for complex things like WebRTC - they provide a newcomer to the technology a good place to start, and help describe some of the reasons why things look the way they do.

[ Edit: So, after more thought (and some discussion) I think that it would be useful for the document to at least note the fact that technologies like this mean that some of the existing operational practices may need to change. For example, many enterprises perform QoS based upon the fact that certain types of devices live in certain subnets (e.g many phones get placed in a specific VLAN using LLDP or CDP). With more real time content coming from browsers, these matching practices break, and so operators may not be able to QoS mark / prioritize traffic accordingly. Perhaps something like: "One of the implications of a solution like WebRTC is that more real-time traffic will be sourced from computers (and not dedicated devices like telephones or  videoconferencing devices). This may have implications for operators performing QoS marking and prioritization" ? This isn't really specific to webrtc, but rather to a more general set of solutions like softphones and the like, but is accelerated by WebRTC. ]


I do have a few comments on the document itself - there are all minor / bikeshedding and can be ignored if you choose:
1: "Development of The Universal Solution has proved hard, however, for all the usual reasons."
-- this is cute, but leaves people wondering what "all the usual reasons are". Perhaps just "Development of The Universal Solution has, however,  proved hard." (or just cut after the "however in the original").

2: I'm not sure why you have "Protocol" in the terminology section. It doesn't seem like it is useful for the document, and this document doesn't seem like the right place to (re) define it.

3: Acknowledgements:
Funny spacing in "Olle E.    Johansson"

[Ballot comment]
I am balloting "yes", but I have a few minor comments:

Substantive Comments:

-2.2 :
-- Why is a WebRTC gateway assumed to be a "compatible" endpoint rather than a full endpoint? I recognize a gateway is different from a typical end-user endpoint, but are there specific endpoint requirements that a gateway is not likely to meet? (Feel free to say "it's documented in the gateway draft...." :-) )

-- "In this case, similar security considerations as for Javascript may be needed; however, since such APIs are not defined or referenced here, this document cannot give any specific rules for those interfaces."
I am confused by this sentence, since I don't see any security considerations specific to Javascript in this draft, either.

-7
-- list item 2: Is it an open question whether a signaling gateway is needed for interacting with SIP devices?
-- Last paragraph: This is specifically about non-browser endpoints, right? As written, it seems to weaken the previous paragraph about browser endpoints, since the draft previously said the term "endpoint" includes both browsers and non-browsers.

-9, 2nd bullet: "Privacy concerns MUST be satisfied..."
Is that MAY really intended as normative, or is a statement of fact? If normative, what actor(s) does it constrain? Also, if it is normative, the clause "the APIs should be available" seems to weaken the MUST.

Editorial Comments:

-2.3, last paragraph: The paragraph is a single, convoluted sentence that is hard to parse. (It's also a comma splice). Please consider breaking into multiple simpler sentences.

-3, first paragraph: This is also convoluted and hard to parse.

-7, list item 1: The citiation to [3264] seems misplaced. It describes the offer/answer model, not SIP in general. I suggest moving the citation to after the word "semantics".

[Ballot comment]
One high level comments on normative language:
While I think this document is very useful to explain the relationship between the other webrtc documents and serves a a good starting point for an implementor, I'm not sure if the use of normative language is actually helpful. Most of the language is used to say that a webrtc endpoint MUST implement a certain other document. However, I believe this is inherently necessary to achieve interoperability. So I don't see a need to specify this normatively.

In regard to the shepherd write-up, I just want to note that using normative language does not automatically make the document Standards Track; there are many informational docs that use normative language. As such, I don't want raise a big discussion on status now, but this document sounds more informational to me (giving pointers to other document). However, I don't object to publication on Standards Track.

minor comments:
1) I would not need all the text on the history of Internet communication in this doc (especially all text on page 3 in the intro as well as section 2.3 and the second to last paragraph in 3)... however, I guess it doesn't hurt

2) Agree with Warren that 'Protocol' probably doesn't need to be (re)defined in this doc

3) section 3:
"Data transport: TCP, UDP and the means to securely set up
      connections between entities, as well as the functions for
      deciding when to send data: Congestion management, bandwidth
      estimation and so on."
This seems to implicitly assume that only TCP or something encapsulated over UDP can be used. Even though that might be true, I assume this was not intentionally, maybe:
NEW
"Data transport: such as TCP or UDP and the means to securely set up
      connections between entities, as well as the functions for
      deciding when to send data: Congestion management, bandwidth
      estimation and so on."

nit:
-"massage the signals": not sure if "massage" is actually a meaningful word here…

[Ballot comment]
Thank you -- I like these sort of overview documents for complex things like WebRTC - they provide a newcomer to the technology a good place to start, and help describe some of the reasons why things look the way they do.

I do have a few comments on the document itself - there are all minor / bikeshedding and can be ignored if you choose:
1: "Development of The Universal Solution has proved hard, however, for all the usual reasons."
-- this is cute, but leaves people wondering what "all the usual reasons are". Perhaps just "Development of The Universal Solution has, however,  proved hard." (or just cut after the "however in the original").

2: I'm not sure why you have "Protocol" in the terminology section. It doesn't seem like it is useful for the document, and this document doesn't seem like the right place to (re) define it.

3: Acknowledgements:
Funny spacing in "Olle E.    Johansson"

[Ballot discuss]
Your citation to ICE is to 5245-bis, but at least the JSEP editor consensus was that WebRTC depended on 5245, so this needs to be resolved one way or the other.

[Ballot comment]
This document seems rather long on philosophy (justifying MTI,
the freed to innovate material in S 4.) I would remove all this.


S 2.4.
Why do you have two terminology sections? I would merge them.


S 3.
The diagrams here seem to assume a federation model that I
generally don't see used with WebRTC. So, for instance,
the on-the-wire protocols arrow on page 9. Who does that?
This also applies to "a commonly imagined model"

I would say HTTP(S) in this diagram.

You should probably list DTLS, SCTP, and SDP in this section. It's
not like we haven't decided we need them.

"The functionality groups that are needed in the browser can be
specified, more or less from the bottom up, as:
...
Connection management: ... SIP and Jingle/XMPP belong in this category."

As far as I know, nothing in this layer is specified in WebRTC
or implemented in the browser, so this doesn't seem to make
sense.

[Ballot comment]
Last time I checked the document is referencing normatively 2 expired drafts (security considerations and security architecture). What is the plan for completing them?

[Ballot comment]
Last time I checked the document is referencing normatively 2 expired drafts (security considerations and security architecture). What is the plan to complete them?

(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has reviewed draft-ietf-rtcweb-overview-18.txt, which is currently in Last Call, and has the following comments:

We understand that this document doesn't require any registry actions.

While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object.

If this assessment is not accurate, please respond as soon as possible.

Thank you,

Sabrina Tanamal
IANA Services Specialist
PTI

The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC: rtcweb-chairs@ietf.org, Sean Turner , alissa@cooperw.in, rtcweb@ietf.org, draft-ietf-rtcweb-overview@ietf.org, sean@sn3rd.com
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (Overview: Real Time Protocols for Browser-based Applications) to Proposed Standard


The IESG has received a request from the Real-Time Communication in
WEB-browsers WG (rtcweb) to consider the following document:
- 'Overview: Real Time Protocols for Browser-based Applications'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2017-03-20. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This document gives an overview and context of a protocol suite
  intended for use with real-time applications that can be deployed in
  browsers - "real time communication on the Web".

  It intends to serve as a starting and coordination point to make sure
  all the parts that are needed to achieve this goal are findable, and
  that the parts that belong in the Internet protocol suite are fully
  specified and on the right publication track.

  This document is an Applicability Statement - it does not itself
  specify any protocol, but specifies which other specifications WebRTC
  compliant implementations are supposed to follow.

  This document is a work item of the RTCWEB working group.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-rtcweb-overview/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-rtcweb-overview/ballot/


No IPR declarations have been submitted directly on this I-D.


The document contains these normative downward references.
See RFC 3967 for additional information:
    draft-ietf-rtcweb-jsep: Javascript Session Establishment Protocol (None - IETF stream)
Note that some of these references may already be listed in the acceptable Downref Registry.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

Proposed Standards is the current request.  The WG believes this is the appropriate type of RFC because of the 2119 implementation requirements such as MUST implement rtcweb-transports, REQUIRED support for SRTP, etc.  There are not a lot of them, but enough to warrant PS.

Also note that it's been proposed as PS since Harald's initial personal submission in '11 so there has certainly been plenty of time for those that thought this was targeted at the wrong "type" to point this out to the WG.

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

As its name implies, this document provides and overview and context for a protocol suite that enables real-time applications that can be deployed in browsers - "real time communication on the Web".

This document is an Applicability Statement - it does not itself specify any protocol, but specifies which other specifications WebRTC compliant implementations are supposed to follow.

Working Group Summary

Nothing special to note other than the chairs waffling on whether it was better to send an overview document to the IESG before all of the protocol specifications were completed or after.  We decided that we would get dinged either way and that we should press ahead with this draft whenever it was ready in order to save time because, in the end, we do not want to waste time spinning up a new responsible AD.

Document Quality

There are existing implementations of the RTCweb/WebRTC.
There are no reviews that merit special mention.

Personnel

Sean Turner is the Shepherd.
Alissa Cooper is the responsible AD.

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

I reviewed this draft as it progressed as well as compared the comments received during WGLC to ensure they were addresses appropriately.  I did note two editorial things in my Shepherd review that need to be addressed before final publication and noted them with PRs:
- https://github.com/rtcweb-wg/rtcweb-overview/pull/11
- https://github.com/rtcweb-wg/rtcweb-overview/pull/10

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

No.

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

No.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

I fully expect this document to be held hostage in RFC editor cluster #238 until the normative dependencies catch up.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Hararld confirmed on 2/21 that his BCP 78/79 obligations as an author have been met.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

None have been filed.

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

It's solid.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

No threats of appeal or otherwise.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

-17 needs the 2119 boiler plate and there's a couple of outdated references.  These can be incorporated later in the process.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

N/A.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

Yes - they'll all end up in cluster #238 eventually.

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

No DOWNREFs.

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

No other RFC's status will be harmed as a result of this document.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

There are no IANA considerations so the review was pretty easy ;)

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

N/A

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

N/A