IETF-Announce List
New RFCs
New and Revived Drafts
- Signing HTTP Messages (draft-cavage-http-signatures)
By Mark Cavage, Manu Sporny, 2019-04-24 TXT HTML PDF
Abstract: When communicating over the Internet using the HTTP protocol, it can be desirable for a server or client to authenticate the sender of a particular message. It can also be desirable to ensure that the message was not tampered with during transit. This document describes a way for servers and clients to simultaneously add authentication and message integrity to HTTP messages by using a digital signature.
- SLAP quadrant selection options for DHCPv6 (draft-ietf-dhc-slap-quadrant)
By Carlos Bernardos, Alain Mourad, 2019-04-24 TXT HTML PDF
Abstract: The IEEE originally structured the 48-bit MAC address space in such a way that half of it was reserved for local use. Recently, the IEEE has been working on a new specification (IEEE 802c) which defines a new "optional Structured Local Address Plan" (SLAP) that specifies different assignment approaches in four specified regions of the local MAC address space.
- Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Call Home (draft-ietf-dots-signal-call-home)
By Reddy K, Mohamed Boucadair, Jon Shallow, 2019-04-23 TXT HTML PDF
Abstract: This document presents DOTS signal channel Call Home service, which enables a DOTS server to initiate a secure connection to a DOTS client, and to receive the attack traffic information from the DOTS client. The DOTS server in turn uses the attack traffic information to identify the compromised devices launching the outgoing DDoS attack and takes appropriate mitigation action.
- Controlling Filtering Rules Using Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel (draft-ietf-dots-signal-filter-control)
By Kaname Nishizuka, Mohamed Boucadair, Reddy K, Takahiko Nagata, 2019-04-23 TXT HTML PDF
Abstract: This document specifies an extension to the DOTS signal channel so that DOTS clients can control their filtering rules when an attack mitigation is active.
- Layer 3 Discovery and Liveness (draft-ietf-lsvr-l3dl)
By Randy Bush, Rob Austein, Keyur Patel, 2019-04-24 TXT HTML PDF
Abstract: In Massive Data Centers (MDCs), BGP-SPF and similar routing protocols are used to build topology and reachability databases. These protocols need to discover IP Layer 3 attributes of links, such as logical link IP encapsulation abilities, IP neighbor address discovery, and link liveness. The Layer 3 Discovery and Liveness protocol specified in this document collects these data, which are then disseminated using BGP-SPF and similar protocols.
- SRv6 Network Programming (draft-ietf-spring-srv6-network-programming)
By Clarence Filsfils, Pablo Camarillo, John Leddy, daniel.voyer@bell.ca, Satoru Matsushima, Zhenbin Li, 2019-04-24 TXT HTML PDF
Abstract: This document describes the SRv6 network programming concept and its most basic functions.
Updated Drafts
- OAM for Service Programming with Segment Routing (draft-ali-spring-sr-service-programming-oam)
By Zafar Ali, Clarence Filsfils, Nagendra Kumar, Carlos Pignataro, Francois Clad, faiqbal@cisco.com, Xiaohu Xu, 2019-04-24 TXT HTML PDF
Abstract: This document defines the Operations, Administrations and Maintenance (OAM) for service programming in SR-enabled MPLS and IP networks.
- Segment Routing IPv6 for mobile user-plane PoCs (draft-camarillo-dmm-srv6-mobile-pocs)
By Pablo Camarillo, Clarence Filsfils, Lyle Bertz, Arashmid Akhavain, Satoru Matsushima, daniel.voyer@bell.ca, 2019-04-24 TXT HTML PDF
Abstract: This document describes the ongoing proof of concepts of [I-D.ietf-dmm-srv6-mobile-uplane] and their progress.
- BIER Ping and Trace (draft-ietf-bier-ping)
By Nagendra Kumar, Carlos Pignataro, Nobo Akiya, Lianshu Zheng, Mach Chen, Gregory Mirsky, 2019-04-24 TXT HTML PDF
Abstract: Bit Index Explicit Replication (BIER) is an architecture that provides optimal multicast forwarding through a "BIER domain" without requiring intermediate routers to maintain any multicast related per- flow state. BIER also does not require any explicit tree-building protocol for its operation. A multicast data packet enters a BIER domain at a "Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router adds a BIER header to the packet. The BIER header contains a bit-string in which each bit represents exactly one BFER to forward the packet to. The set of BFERs to which the multicast packet needs to be forwarded is expressed by setting the bits that correspond to those routers in the BIER header.
- CLUE Protocol data channel (draft-ietf-clue-datachannel)
By Christer Holmberg, 2019-04-24 TXT HTML PDF
Abstract: This document defines how to use the WebRTC data channel mechanism to realize a data channel, referred to as a CLUE data channel, for transporting CLUE protocol messages between two CLUE entities.
- Information Model of NSFs Capabilities (draft-ietf-i2nsf-capability)
By Liang Xia, John Strassner, Cataldo Basile, Diego Lopez, 2019-04-24 TXT HTML PDF
Abstract: This draft defines the concept of an NSF (Network Security Function) capability, as well as its information model. Capabilities are a set of features that are available from a managed entity, and are represented as data that unambiguously characterizes an NSF. Capabilities enable management entities to determine the set of features from available NSFs that will be used, and simplify the management of NSFs.
- Dissemination of Flow Specification Rules (draft-ietf-idr-rfc5575bis)
By Susan Hares, Christoph Loibl, Robert Raszuk, Danny McPherson, Martin Bacher, 2019-04-24 TXT HTML PDF
Abstract: This document defines a Border Gateway Protocol Network Layer Reachability Information (BGP NLRI) encoding format that can be used to distribute traffic Flow Specifications. This allows the routing system to propagate information regarding more specific components of the traffic aggregate defined by an IP destination prefix.
- Hierarchical Stateful Path Computation Element (PCE). (draft-ietf-pce-stateful-hpce)
By Dhruv Dhody, Young Lee, Daniele Ceccarelli, Jongyoon Shin, Daniel King, Oscar de Dios, 2019-04-24 TXT HTML PDF
Abstract: A Stateful Path Computation Element (PCE) maintains information on the current network state, including: computed Label Switched Path (LSPs), reserved resources within the network, and pending path computation requests. This information may then be considered when computing new traffic engineered LSPs, and for associated and dependent LSPs, received from Path Computation Clients (PCCs).
- Applicability of the QUIC Transport Protocol (draft-ietf-quic-applicability)
By Mirja Kuehlewind, Brian Trammell, 2019-04-24 TXT HTML PDF
Abstract: This document discusses the applicability of the QUIC transport protocol, focusing on caveats impacting application protocol development and deployment over QUIC. Its intended audience is designers of application protocol mappings to QUIC, and implementors of these application protocols.
- Manageability of the QUIC Transport Protocol (draft-ietf-quic-manageability)
By Mirja Kuehlewind, Brian Trammell, 2019-04-24 TXT HTML PDF
Abstract: This document discusses manageability of the QUIC transport protocol, focusing on caveats impacting network operations involving QUIC traffic. Its intended audience is network operators, as well as content providers that rely on the use of QUIC-aware middleboxes, e.g. for load balancing.
- The Use of Maxlength in the RPKI (draft-ietf-sidrops-rpkimaxlen)
By Yossi Gilad, Sharon Goldberg, Kotikalapudi Sriram, Job Snijders, Ben Maddison, 2019-04-24 TXT HTML PDF
Abstract: This document recommends ways to reduce forged-origin attack surface by prudently limiting the address space that is included in Route Origin Authorizations (ROAs). One recommendation is to avoid using the maxLength attribute in ROAs except in some specific cases. The recommendations complement and extend those in RFC 7115. The document also discusses creation of ROAs for facilitating Distributed Denial of Service (DDoS) mitigation services. Considerations related to ROAs and origin validation for the case of destination-based Remote Triggered Black Hole (RTBH) filtering are also highlighted.
- Deterministic Networking Application in Ring Topologies (draft-jiang-detnet-ring)
By Yuanlong Jiang, Norman Finn, Jeong-dong Ryoo, Balazs Varga, Liang Geng, 2019-04-24 TXT HTML PDF
Abstract: Deterministic Networking (DetNet) provides a capability to carry data flows for real-time applications with extremely low data loss rates and bounded latency. This document describes how DetNet can be used in ring topologies to support Point-to-Point (P2P) and Point-to-Multipoint (P2MP) real-time services.
- The length of the prefix of an IPv6 link-local address ranges from 10 to 127 (draft-petrescu-6man-ll-prefix-len)
By Alexandre Petrescu, Loganaden Velvindron, Naveen Kottapalli, 2019-04-24 TXT HTML PDF
Abstract: A rejected Errata to RFC4291 "IPv6 Addr Archi" on the topic of link- local addresses 'needs' a draft. This is an answer to that need.
- Linkable Identifiers (draft-wood-linkable-identifiers)
By Christopher Wood, 2019-04-24 TXT HTML PDF
Abstract: Rotating public identifiers is encouraged as best practice as a means of protecting endpoint privacy. For example, regular MAC address randomization helps mitigate device tracking across time and space. Other protocols beyond those in the link layer also have public identifiers or parameters that should rotate over time, in unison with coupled protocol identifiers, and perhaps with application level identifiers. This document surveys such privacy-related identifiers exposed by common Internet protocols at various layers in a network stack. It provides advice for rotating linked identifiers such that privacy violations do not occur from rotating one identifier while neglecting to rotate coupled identifiers.
- BATS Coding Scheme for Multi-hop Data Transport (draft-yang-nwcrg-bats)
By Shenghao Yang, Xuan Huang, Raymond Yeung, John Zao, 2019-04-24 TXT HTML PDF
Abstract: This document describes a BATS coding scheme for communication through multi-hop networks. BATS code is a class of efficient linear network coding scheme with a matrix generalization of fountain codes as the outer code, and batch-based linear network coding as the inner code.
- The Standards on a Cloud Service Framework and Protocol for Construction, Migration, Deployment,and Publishing of Internet-Oriented Scalable Web Software Systems in Non-Programming Mode (draft-yangcan-core-web-software-built-in-cloud)
By Can Yang, Shiying Pan, Haibo Sun, Kemin Qu, Guoqiang Han, 2019-04-24 TXT HTML PDF
Abstract: This draft mainly focuses on the scalable architecture and publishing protocol standard of REST-based SAAS cloud model Web software in non- programming mode, stipulates the data structure pattern and data exchange protocol for the construction and release of REST-based scalable Web cloud service software systems. Using the standardized framework and protocol, users can easily and quickly design their own software systems in the cloud, transfer and release data, which may make conventional software development so ease to improve the efficiency of complex database construction and server management. Without having to write codes under the standard framework, users can get consistent style background to create service, rapidly develop web application systems with the function of standard data management and data maintenance, and directly publish the software system to the end users of the Internet for access and use. And provide RESTful APIs to facilitate external access to required service resources. The framework can thus greatly shorten the software development life cycle, and save a great deal of development cost and maintenance overhead.
- EVPN Enhanced Mass Withdraw (draft-yu-bess-evpn-mass-withdraw)
By Tianpeng Yu, 2019-04-24 TXT HTML PDF
Abstract: This document aims to define an enhanced mass withdraw process in case of failure of multiple ESs or vESs. This document also improves the withdraw efficiency of failure of single-homed ES or vES.
Expired Drafts
- IPv6 Marking and Performance and Diagnostic Metrics (MPDM) (draft-fear-ippm-mpdm)
By Nalini Elkins, Giuseppe Fioccola, mackermann@bcbsm.com, Rob Hamilton, 2018-10-21 TXT HTML PDF
Abstract: To assess performance problems, this document describes optional headers embedded in each packet that provide marking, sequence numbers and timing information as a basis for measurements. Such measurements may be interpreted in real-time or after the fact. This document specifies the IPv6 Marking and Performance and Diagnostic Metrics (M-PDM) Hop-byHop and Destination Options extension headers.
- Service Function Chaining Applicability in Industrial Edge Computing (draft-liu-iiot-sfc-edge-computing-applicability)
By Bing Liu, Konstantinos Katsalis, Mingui Zhang, 2018-10-21 TXT HTML PDF
Abstract: Decoupling functions from the industrial hardware enables diverse, migratable, cross-industry replicable applications to be deployed with flexibility at the edge and on the cloud. Users should be free to adjust their business policies in industrial IoT and with low cost. Therefore efficient and dynamic orchestration of the applications is critical. This document describes several use cases that demonstrate the applicability of Service Function Chaining in industrial edge computing to organize the applications and provides extra requirements to support this applicability.
- On-demand DMM control plane orchestration (draft-sun-dmm-ondemand-cp-orchestration)
By Sun Kj, Young-Han Kim, Seil Jeon, 2018-10-21 TXT HTML PDF
Abstract: This document describes the required functionalities of mobility controller in the management and orchestration perspective for the on-demand DMM service.
- TLS/DTLS 1.3 Profiles for the Internet of Things (draft-tschofenig-uta-tls13-profile)
By Hannes Tschofenig, Thomas Fossati, 2018-10-21 TXT HTML PDF
Abstract: This document is a companion to RFC 7925 and defines TLS/DTLS 1.3 profiles for Internet of Things devices.
- I2NSF Security Policy Object YANG Data Model (draft-xia-i2nsf-sec-object-dm)
By Liang Xia, Qiushi Lin, 2018-10-21 TXT HTML PDF
Abstract: This document describes a set of policy objects which are reusable and can be referenced by variable I2NSF policy rules. And the YANG data models of these policy objects are provided.
- Observations on Deploying New DNSSEC Cryptographic Algorithms (draft-york-dnsop-deploying-dnssec-crypto-algs)
By Dan York, Ondrej Sury, Paul Wouters, Olafur Gudmundsson, 2018-10-21 TXT HTML PDF
Abstract: As new cryptographic algorithms are developed for use in DNSSEC signing and validation, this document captures the steps needed for new algorithms to be deployed and enter general usage. The intent is to ensure a common understanding of the typical deployment process and potentially identify opportunities for improvement of operations.
- BIER in IPv6 (draft-zhang-bier-bierin6)
By Zheng(Sandy) Zhang, Tony Przygienda, 2018-10-21 TXT HTML PDF
Abstract: BIER is a new architecture for the forwarding of multicast data packets. This document defines native IPv6 encapsulation for BIER hop-by-hop forwarding or BIERin6 for short.
- Framework on Customer Premises Equipment Control in Optical Transport Networks (draft-zheng-ccamp-cpe-otn-fwk)
By Haomian Zheng, Ruiquan Jing, 2018-10-21 TXT HTML PDF
Abstract: The term Customer Premises Equipment (CPE) describes the terminals that are associated with a carrier's telecommunication network. The CPE provides access between a customer's devices and the network.
|
Drafts Sent to IESG
IESG Progress
- Algorithm Identifiers for the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) (draft-housley-hkdf-oids): Waiting for Writeup » IESG Evaluation
By Russ Housley, 2019-02-05 TXT HTML PDF
Abstract: RFC 5869 specifies the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) algorithm. This document assigns algorithm identifiers to the HKDF algorithm when used with three common one-way hash functions.
- Distributed Denial-of-Service Open Threat Signaling (DOTS) Data Channel Specification (draft-ietf-dots-data-channel): Waiting for Writeup » IESG Evaluation
By Mohamed Boucadair, Reddy K, 2019-03-28 TXT HTML PDF
Abstract: The document specifies a Distributed Denial-of-Service Open Threat Signaling (DOTS) data channel used for bulk exchange of data that cannot easily or appropriately communicated through the DOTS signal channel under attack conditions.
- Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Specification (draft-ietf-dots-signal-channel): Waiting for Writeup » IESG Evaluation
By Reddy K, Mohamed Boucadair, Prashanth Patil, Andrew Mortensen, Nik Teague, 2019-03-28 TXT HTML PDF
Abstract: This document specifies the DOTS signal channel, a protocol for signaling the need for protection against Distributed Denial-of- Service (DDoS) attacks to a server capable of enabling network traffic mitigation on behalf of the requesting client.
- DNS Certification Authority Authorization (CAA) Resource Record (draft-ietf-lamps-rfc6844bis): AD Evaluation::AD Followup » In Last Call
By Phillip Hallam-Baker, Rob Stradling, Jacob Hoffman-Andrews, 2019-02-04 TXT HTML PDF
Abstract: The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain name. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. This document defines the syntax of the CAA record and rules for processing CAA records by certificate issuers.
- CBOR/JSON binding of IODEF (draft-ietf-mile-jsoniodef): Publication Requested » AD Evaluation
By Takeshi Takahashi, Roman Danyliw, Mio Suzuki, 2019-04-01 TXT HTML PDF
Abstract: RFC7970 specified an information model and a corresponding XML data model for exchanging incident and indicator information. This draft provides an alternative data model implementation in CBOR/JSON.
- The secret-token URI Scheme (draft-nottingham-how-did-that-get-into-the-repo): Publication Requested » AD Evaluation
By Mark Nottingham, 2018-11-06 TXT HTML PDF
Abstract: This document registers the "secret-token" URI scheme, to aid in the identification of authentication tokens.
Drafts Sent to RFC Editor
- Updated processing of Control Flags for BGP VPLS (draft-ietf-bess-bgp-vpls-control-flags): Approved-announcement sent » RFC Ed Queue
By Ravi Singh, Kireeti Kompella, Senad Palislamovic, 2019-04-19 TXT HTML PDF
Abstract: This document updates the meaning of the Control Flags field in the Layer2 Info Extended Community used for BGP-VPLS NLRI as defined in RFC4761. This document updates RFC4761.
- E-mail Authentication for Internationalized Mail (draft-ietf-dmarc-eaiauth): IESG Evaluation::AD Followup » RFC Ed Queue
By John Levine, 2019-04-11 TXT HTML PDF
Abstract: SPF (RFC7208), DKIM (RFC6376), and DMARC (RFC7489) enable a domain owner to publish e-mail authentication and policy information in the DNS. In internationalized e-mail, domain names can occur both as U-labels and A-labels. This specification updates the SPF, DKIM, and DMARC specifications to clarify which form of internationalized domain names to use in those specifications.
Other Status Changes
- SLAP quadrant selection options for DHCPv6 (draft-bernardos-dhc-slap-quadrant): Active » Replaced by draft-ietf-dhc-slap-quadrant
By Carlos Bernardos, Alain Mourad, 2019-03-08 TXT HTML PDF
Abstract: The IEEE originally structured the 48-bit MAC address space in such a way that half of it was reserved for local use. Recently, the IEEE has been working on a new specification (IEEE 802c) which defines a new "optional Structured Local Address Plan" (SLAP) that specifies different assignment approaches in four specified regions of the local MAC address space.
- SRv6 Network Programming (draft-filsfils-spring-srv6-network-programming): Active » Replaced by draft-ietf-spring-srv6-network-programming
By Clarence Filsfils, Pablo Camarillo, John Leddy, daniel.voyer@bell.ca, Satoru Matsushima, Zhenbin Li, 2019-02-14 TXT HTML PDF
Abstract: This document describes the SRv6 network programming concept and its most basic functions.
- Link State Over Ethernet (draft-ietf-lsvr-lsoe): Active » Replaced by draft-ietf-lsvr-l3dl
By Randy Bush, Rob Austein, Keyur Patel, 2019-02-17 TXT HTML PDF
Abstract: Used in Massive Data Centers (MDCs), BGP-SPF and similar protocols need link neighbor discovery, link encapsulation data, and Layer 2 liveness. The Link State Over Ethernet protocol provides link discovery, exchanges supported encapsulations (IPv4, IPv6, ...), discovers encapsulation addresses (Layer 3 / MPLS identifiers) over raw Ethernet, and provides layer 2 liveness checking. The interface data are pushed directly to a BGP API (for LSVR), obviating the need for centralized topology distribution architectures. This protocol is intended to be more widely applicable to other upper layer routing protocols which need link discovery and characterisation.
- Network Virtualization Research Challenges (draft-irtf-nfvrg-gaps-network-virtualization): Active » RFC 8568
rfc8568.txt
By Carlos Bernardos, Akbar Rahman, Juan Zuniga, Luis Contreras, Pedro Aranda, Pierre Lynch, 2018-09-02 TXT HTML PDF
Abstract: This document describes open research challenges for network virtualization. Network virtualization is following a similar path as previously taken by cloud computing. Specifically, cloud computing popularized migration of computing functions (e.g., applications) and storage from local, dedicated, physical resources to remote virtual functions accessible through the Internet. In a similar manner, network virtualization is encouraging migration of networking functions from dedicated physical hardware nodes to a virtualized pool of resources. However, network virtualization can be considered to be a more complex problem than cloud computing as it not only involves virtualization of computing and storage functions but also involves abstraction of the network itself. This document describes current research and engineering challenges in network virtualization including guaranteeing quality-of-service, performance improvement, supporting multiple domains, network slicing, service composition, device virtualization, privacy and security, separation of control concerns, network function placement and testing. In addition, some proposals are made for new activities in IETF/IRTF that could address some of these challenges. This document is a product of the Network Function Virtualization Research Group (NFVRG).
- Controlling Filtering Rules Using Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel (draft-nishizuka-dots-signal-control-filtering): Active » Replaced by draft-ietf-dots-signal-filter-control
By Kaname Nishizuka, Mohamed Boucadair, Reddy K, Takahiko Nagata, 2019-04-02 TXT HTML PDF
Abstract: This document specifies an extension to the DOTS signal channel so that DOTS clients can control their filtering rules when an attack mitigation is active.
- Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Call Home (draft-reddy-dots-home-network): Active » Replaced by draft-ietf-dots-signal-call-home
By Reddy K, Mohamed Boucadair, Jon Shallow, 2019-04-01 TXT HTML PDF
Abstract: This document presents DOTS signal channel Call Home service, which enables a DOTS server to initiate a secure connection to a DOTS client, and to receive the attack traffic information from the DOTS client. The DOTS server in turn uses the attack traffic information to identify the compromised devices launching the outgoing DDoS attack and takes appropriate mitigation action.
RFC Editor Status Changes
IPR Disclosures
IESG/IAB/IAOC/Trust Minutes
Liaison Statements
Classified Ads
|