IETF-Announce List

• Protocol Action: 'Software-Defined Networking (SDN)-based IPsec Flow Protection' to Proposed Standard (draft-ietf-i2nsf-sdn-ipsec-flow-protection-14.txt)
• Protocol Action: 'The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)' to Proposed Standard (draft-ietf-oauth-jwsreq-34.txt)
• Proposed Process to Conduct Assessment Activity of IETF Administrative Support Activity
• Formal IESG Teleconference WebEx and Dial-in Information: 22 April 2021
• Protocol Action: 'Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS)' to Proposed Standard (draft-ietf-lamps-cms-aes-gmac-alg-05.txt)
• Protocol Action: 'Algorithm Requirements Update to the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)' to Proposed Standard (draft-ietf-lamps-crmf-update-algs-07.txt)
• Document Action: 'Reaction: Indicating Summary Reaction to a Message' to Experimental RFC (draft-crocker-inreply-react-13.txt)
• Last Call: <draft-ietf-bess-datacenter-gateway-10.txt> (Gateway Auto-Discovery and Route Advertisement for Segment Routing Enabled Domain Interconnection) to Proposed Standard

New RFCs

New and Revived Drafts

• TLS DNSSEC Chain Extension (draft-dukhovni-tls-dnssec-chain)

  By Viktor Dukhovni, Shumon Huque, Willem Toorop, Paul Wouters, Melinda Shore, 2021-04-15   TXT HTML PDF

  Abstract: This document describes an experimental TLS extension for in-band transport of the complete set of DNSSEC validated records needed to perform DANE authentication of a TLS server without the need to perform separate out-of-band DNS lookups. When the requisite DNS records do not exist, the extension conveys a validated denial of existence proof.

  Diff from 02 to 03 »
  

• Problem Details for HTTP APIs (draft-ietf-httpapi-rfc7807bis)

  By Mark Nottingham, Erik Wilde, Sanjay Dalal, 2021-04-15   TXT HTML PDF

  Abstract: This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response to avoid the need to define new error response formats for HTTP APIs.

  Document details »
  HTTPAPI WG »
  

• Pros and Cons of IPv6 Transition Technologies for IPv4aaS (draft-ietf-v6ops-transition-comparison)

  By Gabor Lencse, Jordi Martinez, Lee Howard, Richard Patterson, Ian Farrer, 2021-04-15   TXT HTML PDF

  Abstract: Several IPv6 transition technologies have been developed to provide customers with IPv4-as-a-Service (IPv4aaS) for ISPs with an IPv6-only access and/or core network. All these technologies have their advantages and disadvantages, and depending on existing topology, skills, strategy and other preferences, one of these technologies may be the most appropriate solution for a network operator.

  Document details »
  V6OPS WG »
  

Updated Drafts

• PCE for BIER-TE Path (draft-chen-pce-bier-te-path)

  By Huaimo Chen, Mike McBride, Aijun Wang, Gyan Mishra, Yisong Liu, Yanhe Fan, Lei Liu, Xufeng Liu, 2021-04-15   TXT HTML PDF

  Abstract: This document describes extensions to Path Computation Element (PCE) communication Protocol (PCEP) for supporting Bit Index Explicit Replication (BIER) Traffic Engineering (TE) paths.

  Diff from 00 to 01 »
  

• Running an IETF Hackathon (draft-eckel-shmoo-ietf-hackathon)

  By Charles Eckel, 2021-04-15   TXT HTML PDF

  Abstract: IETF Hackathons encourage the IETF community to collaborate on running code related to existing and evolving Internet standards. This document provides a set of practices for running IETF Hackathons.

  Diff from 03 to 04 »
  

• Gateway Auto-Discovery and Route Advertisement for Segment Routing Enabled Domain Interconnection (draft-ietf-bess-datacenter-gateway)

  By Adrian Farrel, John Drake, Eric Rosen, Keyur Patel, Luay Jalil, 2021-04-15   TXT HTML PDF

  Abstract: Data centers are critical components of the infrastructure used by network operators to provide services to their customers. Data centers are attached to the Internet or a backbone network by gateway routers. One data center typically has more than one gateway for commercial, load balancing, and resiliency reasons.

  Diff from 09 to 10 »
  State: In Last Call
  ID Tracker »   ATOM
  Document details »
  BESS WG »
  

• EVPN Operations, Administration and Maintenance Requirements and Framework (draft-ietf-bess-evpn-oam-req-frmwk)

  By Samer Salam, Ali Sajassi, Sam Aldrin, John Drake, Donald Eastlake, 2021-04-15   TXT HTML PDF

  Abstract: This document specifies the requirements and reference framework for Ethernet VPN (EVPN) Operations, Administration and Maintenance (OAM). The requirements cover the OAM aspects of EVPN and PBB-EVPN (Provider Backbone Bridge EVPN). The framework defines the layered OAM model encompassing the EVPN service layer, network layer, underlying Packet Switched Network (PSN) transport layer, and link layer but focuses on the service and network layers.

  Diff from 09 to 10 »
  State: IESG Evaluation::AD Followup
  ID Tracker »   ATOM
  Document details »
  BESS WG »
  

• DetNet Bounded Latency (draft-ietf-detnet-bounded-latency)

  By Norman Finn, Jean-Yves Le Boudec, Ehsan Mohammadpour, Jiayi Zhang, Balazs Varga, Janos Farkas, 2021-04-15   TXT HTML PDF

  Abstract: This document references specific queuing mechanisms, defined in other documents, that can be used to control packet transmission at each output port and achieve the DetNet qualities of service. This document presents a timing model for sources, destinations, and the DetNet transit nodes that relay packets that is applicable to all of those referenced queuing mechanisms. Using the model presented in this document, it should be possible for an implementor, user, or standards development organization to select a particular set of queuing mechanisms for each device in a DetNet network, and to select a resource reservation algorithm for that network, so that those elements can work together to provide the DetNet service.

  Diff from 04 to 05 »
  Document details »
  DETNET WG »
  

• DNS Query Name Minimisation to Improve Privacy (draft-ietf-dnsop-rfc7816bis)

  By Stephane Bortzmeyer, Ralph Dolmans, Paul Hoffman, 2021-04-15   TXT HTML PDF

  Abstract: This document describes a technique called "QNAME minimisation" to improve DNS privacy, where the DNS resolver no longer always sends the full original QNAME and original QTYPE to the upstream name server. This document obsoletes RFC 7816.

  Diff from 07 to 08 »
  Document details »
  DNSOP WG »
  

• Registry Maintenance Notifications for the Extensible Provisioning Protocol (EPP) (draft-ietf-regext-epp-registry-maintenance)

  By Tobias Sattler, Roger Carney, Jody Kolker, 2021-04-15   TXT HTML PDF

  Abstract: This document describes an Extensible Provision Protocol (EPP) mapping for registry's maintenance notifications.

  Diff from 12 to 13 »
  Document details »
  REGEXT WG »
  

• Using JSContact in Registration Data Access Protocol (RDAP) JSON Responses (draft-ietf-regext-rdap-jscontact)

  By Mario Loffredo, Gavin Brown, 2021-04-15   TXT HTML PDF

  Abstract: This document describes an RDAP extension which represents entity contact information in JSON responses using JSContact.

  Diff from 00 to 01 »
  Document details »
  REGEXT WG »
  

• Enhanced JWT Claim Constraints for STIR Certificates (draft-ietf-stir-enhance-rfc8226)

  By Russ Housley, 2021-04-15   TXT HTML PDF

  Abstract: RFC 8226 provides a certificate extension to constrain the JWT claims that can be included in the PASSporT as defined in RFC 8225. If the signer includes a JWT claim outside the constraint boundaries, then the recipient will reject the entire PASSporT. This document defines an additional way that the JWT claims can be constrained.

  Diff from 01 to 02 »
  Document details »
  STIR WG »
  

• JWS Clear Text JSON Signature Option (JWS/CT) (draft-jordan-jws-ct)

  By Bret Jordan, Samuel Erdtman, Anders Rundgren, 2021-04-15   TXT HTML PDF

  Abstract: This document describes a method for extending the scope of the JSON Web Signature (JWS) standard, called JWS/CT. By combining the detached mode of JWS with the JSON Canonicalization Scheme (JCS), JWS/CT enables JSON objects to remain in the JSON format after being signed (also known as "Clear Text" signing). In addition to supporting a consistent data format, this arrangement also simplifies documentation, debugging, and logging. The ability to embed signed JSON objects in other JSON objects, makes the use of counter- signatures straightforward.

  Diff from 03 to 04 »
  

• Survey of Domain Verification Techniques using DNS (draft-sahib-domain-verification-techniques)

  By Shivan Sahib, Shumon Huque, 2021-04-15   TXT HTML PDF

  Abstract: Verification of ownership of domains in the Domain Name System (DNS) [RFC1034] [RFC1035] often relies on adding or editing DNS records within the domain. This document surveys various techniques in wide use today, the pros and cons of each, and possible improvements.

  Diff from 00 to 01 »
  

Expired Drafts

Drafts Sent to IESG

IESG Progress

• Gateway Auto-Discovery and Route Advertisement for Segment Routing Enabled Domain Interconnection (draft-ietf-bess-datacenter-gateway): AD Evaluation::Revised I-D Needed » In Last Call

  By Adrian Farrel, John Drake, Eric Rosen, Keyur Patel, Luay Jalil, 2021-04-15   TXT HTML PDF

  Abstract: Data centers are critical components of the infrastructure used by network operators to provide services to their customers. Data centers are attached to the Internet or a backbone network by gateway routers. One data center typically has more than one gateway for commercial, load balancing, and resiliency reasons.

  State: In Last Call
  ID Tracker »   ATOM
  Document details »
  BESS WG »
  

• Nimble out-of-band authentication for EAP (EAP-NOOB) (draft-ietf-emu-eap-noob): Waiting for Writeup » IESG Evaluation

  By Tuomas Aura, Mohit Sethi, Aleksi Peltonen, 2021-03-16   TXT HTML PDF

  Abstract: The Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB message between the peer device and authentication server to authenticate the in-band key exchange. The device must have an input or output interface, such as a display, microphone, speaker or blinking light, which can send or receive dynamically generated messages of tens of bytes in length.

  State: IESG Evaluation
  ID Tracker »   ATOM
  Document details »
  EMU WG »
  

• The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR) (draft-ietf-oauth-jwsreq): Approved-announcement to be sent » Approved-announcement sent

  By Nat Sakimura, John Bradley, Michael Jones, 2021-04-08   TXT HTML PDF

  Abstract: The authorization request in OAuth 2.0 described in RFC 6749 utilizes query parameter serialization, which means that Authorization Request parameters are encoded in the URI of the request and sent through user agents such as web browsers. While it is easy to implement, it means that (a) the communication through the user agents is not integrity protected and thus the parameters can be tainted, (b) the source of the communication is not authenticated, and (c) the communication through the user agents can be monitored. Because of these weaknesses, several attacks to the protocol have now been put forward.

  State: Approved-announcement sent
  ID Tracker »   ATOM
  Document details »
  OAUTH WG »
  

Drafts Sent to RFC Editor

• Reaction: Indicating Summary Reaction to a Message (draft-crocker-inreply-react): IESG Evaluation::AD Followup » RFC Ed Queue

  By Dave Crocker, R. Signes, Ned Freed, 2021-04-14   TXT HTML PDF

  Abstract: The popularity of social media has led to user comfort with easily signaling basic reactions to an author's posting, such as with a 'thumbs up' or 'smiley' graphic. This specification permits a similar facility for Internet Mail.

  State: RFC Ed Queue
  ID Tracker »   ATOM
  RFC Editor Queue »
  

• Software-Defined Networking (SDN)-based IPsec Flow Protection (draft-ietf-i2nsf-sdn-ipsec-flow-protection): Approved-announcement to be sent::AD Followup » RFC Ed Queue

  By Rafael Marin-Lopez, Gabriel Lopez-Millan, Fernando Pereniguez-Garcia, 2021-03-25   TXT HTML PDF

  Abstract: This document describes how to provide IPsec-based flow protection (integrity and confidentiality) by means of an Interface to Network Security Function (I2NSF) controller. It considers two main well- known scenarios in IPsec: (i) gateway-to-gateway and (ii) host-to- host. The service described in this document allows the configuration and monitoring of IPsec Security Associations (IPsec SAs) from a I2NSF Controller to one or several flow-based Network Security Functions (NSFs) that rely on IPsec to protect data traffic.

  State: RFC Ed Queue
  ID Tracker »   ATOM
  Document details »
  I2NSF WG »
  RFC Editor Queue »
  

• Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) (draft-ietf-lamps-cms-aes-gmac-alg): Approved-announcement sent » RFC Ed Queue

  By Russ Housley, 2021-04-02   TXT HTML PDF

  Abstract: This document specifies the conventions for using the AES-GMAC Message Authentication Code algorithms with the Cryptographic Message Syntax (CMS) as specified in RFC 5652.

  State: RFC Ed Queue
  ID Tracker »   ATOM
  Document details »
  LAMPS WG »
  RFC Editor Queue »
  

• Algorithm Requirements Update to the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) (draft-ietf-lamps-crmf-update-algs): Approved-announcement to be sent::AD Followup » RFC Ed Queue

  By Russ Housley, 2021-04-08   TXT HTML PDF

  Abstract: This document updates the cryptographic algorithm requirements for the Password-Based Message Authentication Code in the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) specified in RFC 4211.

  State: RFC Ed Queue
  ID Tracker »   ATOM
  Document details »
  LAMPS WG »
  RFC Editor Queue »
  

Other Status Changes

• draft-ietf-tls-dnssec-chain-extension: Expired » Replaced by draft-dukhovni-tls-dnssec-chain

  No title available; expired document?   TXT HTML PDF

  State: Replaced by draft-dukhovni-tls-dnssec-chain
  Document details »
  TLS WG »
  

• Pros and Cons of IPv6 Transition Technologies for IPv4aaS (draft-lmhp-v6ops-transition-comparison): Active » Replaced by draft-ietf-v6ops-transition-comparison

  By Gabor Lencse, Jordi Martinez, Lee Howard, Richard Patterson, Ian Farrer, 2021-01-09   TXT HTML PDF

  Abstract: Several IPv6 transition technologies have been developed to provide customers with IPv4-as-a-Service (IPv4aaS) for ISPs with an IPv6-only access and/or core network. All these technologies have their advantages and disadvantages, and depending on existing topology, skills, strategy and other preferences, one of these technologies may be the most appropriate solution for a network operator.

  State: Replaced by draft-ietf-v6ops-transition-comparison
  

RFC Editor Status Changes

IPR Disclosures

• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))
• Sorenson IP Holdings LLC's Statement about IPR related to draft-ietf-rum-rue ((System))

IESG/IAB/IAOC/Trust Minutes

Liaison Statements

Classified Ads