--- 1/draft-ietf-i2rs-protocol-security-requirements-01.txt 2015-12-31 18:15:10.054290646 -0800 +++ 2/draft-ietf-i2rs-protocol-security-requirements-02.txt 2015-12-31 18:15:10.078291225 -0800 @@ -1,20 +1,20 @@ I2RS working group S. Hares Internet-Draft Huawei Intended status: Standards Track D. Migault -Expires: March 5, 2016 J. Halpern +Expires: July 3, 2016 J. Halpern Ericsson - September 2, 2015 + December 31, 2015 I2RS Security Related Requirements - draft-ietf-i2rs-protocol-security-requirements-01 + draft-ietf-i2rs-protocol-security-requirements-02 Abstract This presents security-related requirements for the I2RS protocol for mutual authentication, transport protocols, data transfer and transactions. Status of This Memo This Internet-Draft is submitted in full conformance with the @@ -23,21 +23,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on March 5, 2016. + This Internet-Draft will expire on July 3, 2016. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -71,21 +71,22 @@ The Interface to the Routing System (I2RS) provides read and write access to information and state within the routing process. The I2RS client interacts with one or more I2RS agents to collect information from network routing systems. This document describes the requirements for the I2RS protocol in the security-related areas of mutual authentication of the I2RS client and agent, the transport protocol carrying the I2RS protocol messages, and the atomicity of the transactions. These requirements align with the description of the I2RS architecture found in - [I-D.ietf-i2rs-architecture] document. + [I-D.ietf-i2rs-architecture] document which solves the problem + described in [I-D.ietf-i2rs-problem-statement]. [I-D.haas-i2rs-ephemeral-state-reqs] discusses I2RS roles-based write conflict resolution in the ephemeral data store using the I2RS Client Identity, I2RS Secondary Identity and priority. The draft [I-D.ietf-i2rs-traceability] describes the traceability framework and its requirements for I2RS. The draft [I-D.ietf-i2rs-pub-sub-requirements] describes the requirements for I2RS to be able to publish information or have a remote client subscribe to an information data stream. @@ -387,61 +388,56 @@ 5. Security Considerations This is a document about security requirements for the I2RS protocol and data modules. The whole document is security considerations. 6. References 6.1. Normative References + [I-D.ietf-i2rs-architecture] + Atlas, A., Halpern, J., Hares, S., Ward, D., and T. + Nadeau, "An Architecture for the Interface to the Routing + System", draft-ietf-i2rs-architecture-12 (work in + progress), December 2015. + [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC4107] Bellovin, S. and R. Housley, "Guidelines for Cryptographic Key Management", BCP 107, RFC 4107, DOI 10.17487/RFC4107, June 2005, . 6.2. Informative References [I-D.haas-i2rs-ephemeral-state-reqs] Haas, J., "I2RS Ephemeral State Requirements", draft-haas- i2rs-ephemeral-state-reqs-00 (work in progress), May 2015. - [I-D.ietf-i2rs-architecture] - Atlas, A., Halpern, J., Hares, S., Ward, D., and T. - Nadeau, "An Architecture for the Interface to the Routing - System", draft-ietf-i2rs-architecture-09 (work in - progress), March 2015. - [I-D.ietf-i2rs-problem-statement] Atlas, A., Nadeau, T., and D. Ward, "Interface to the Routing System Problem Statement", draft-ietf-i2rs- - problem-statement-06 (work in progress), January 2015. + problem-statement-08 (work in progress), December 2015. [I-D.ietf-i2rs-pub-sub-requirements] Voit, E., Clemm, A., and A. Prieto, "Requirements for Subscription to YANG Datastores", draft-ietf-i2rs-pub-sub- - requirements-02 (work in progress), March 2015. - - [I-D.ietf-i2rs-rib-info-model] - Bahadur, N., Folkes, R., Kini, S., and J. Medved, "Routing - Information Base Info Model", draft-ietf-i2rs-rib-info- - model-06 (work in progress), March 2015. + requirements-03 (work in progress), October 2015. [I-D.ietf-i2rs-traceability] Clarke, J., Salgueiro, G., and C. Pignataro, "Interface to the Routing System (I2RS) Traceability: Framework and - Information Model", draft-ietf-i2rs-traceability-03 (work - in progress), May 2015. + Information Model", draft-ietf-i2rs-traceability-05 (work + in progress), December 2015. [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, . [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", RFC 4960, DOI 10.17487/RFC4960, September 2007, . Authors' Addresses